Page MenuHomePhabricator

Phriction document titles are visible even if you can't see the document
Closed, ResolvedPublic

Description

When viewing the tree underneath a Phriction document, you can see children you don't have permission to view.

This is a holdover from long ago, but we should probably lock it down for consistency. One quick fix would be to pull all the handles after loading the documents and then use the handles to render the links, so we get "Restricted Document" for the ones you can't see.

A more complex fix would be to turn the ad-hoc hierarchical query into a real Query but I don't think this gets us anything today.

Event Timeline

epriestley raised the priority of this task from to Normal.
epriestley updated the task description. (Show Details)
epriestley added projects: Phriction, Policy.
epriestley added subscribers: epriestley, btrahan.

I'm done-ish for today but I figure I should slap this on the ole queue.

Implementation wise, I think the handle fix is the way to go, mainly because....

A related question - we have the crumbs show in the document hierarchy - what's the fix there? Same thing?

i.e. if you can't see x/y but can see x/y/z we will leak the document titles of "x" and "y" in the crumbs.

To see x/y/z/ you have to be able to see x/ and x/y/, so it should be moot I think.