Page MenuHomePhabricator
Create Task
Maniphest T6849

With policies like "'Users A, B, C' and 'Administrators'", the 'Administrators' part is ignored
Closed, ResolvedPublic
Actions

Description

Just updated.

All items which had a view/edit policy like described in title (or see the picture below), now are either invisible or not editable by 'Administrators'. If user is mentioned by other part of the rule, then it still works for him.

Policy value is like this:

mysql> select rules from phabricator_policy.policy where phid = 'PHID-PLCY-pfmxm43ackwt3eljfny6';
+----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| rules                                                                                                                                                                            |
+----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| [{"action":"allow","rule":"PhabricatorAdministratorsPolicyRule","value":null},{"action":"allow","rule":"PhabricatorUsersPolicyRule","value":["PHID-USER-x5ztyxepdluli5nl4kxm"]}] |
+----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
1 row in set (0.00 sec)

pasted_file (352×557 px, 19 KB)

Have not tested for other groups and/or combinations, though.

I'd like to add that I cannot reproduce that with new projects. That problem appeared only for previously existed projects, repositories, audits, etc.

Rolling back to f1d343111f30162037938dd597c80b20bc6fd060 helps, btw.

Revisions and Commits

rP Phabricator
D11166rPb3e196b69400 Rename `PhabricatorPolicyRule` subclasses for consistency

Related Objects

Event Timeline

dtf created this task.Jan 2 2015, 11:41 AM
dtf raised the priority of this task from to Needs Triage.
dtf updated the task description. (Show Details)
dtf added a subscriber: dtf.
dtf updated the task description. (Show Details)Jan 2 2015, 12:16 PM
dtf updated the task description. (Show Details)
dtf updated the task description. (Show Details)Jan 2 2015, 1:08 PM
fabe mentioned this in rP8b7561776f3f: Rename `PhabricatorPolicyRule` subclasses for consistency.Jan 2 2015, 1:28 PM
Krenair added a project: Policy.Jan 2 2015, 2:32 PM
Krenair added a subscriber: Krenair.
epriestley added a subscriber: epriestley.Jan 2 2015, 2:40 PM

I've reverted rP8b756 in rP7c4de, so updating should fix this.

chad added a subscriber: chad.Jan 2 2015, 5:16 PM

Did you want to keep this around or OK to close?

epriestley claimed this task.Jan 2 2015, 5:44 PM

I'm going to diff out a forward-fix once I dig through everything else in my queue.

joshuaspence added a subscriber: joshuaspence.Jan 2 2015, 9:05 PM
epriestley added a comment.Jan 2 2015, 9:16 PM

@joshuaspence, feel free to steal this -- I'll probably get to it today but am not actively working on it.

joshuaspence claimed this task.Jan 2 2015, 9:18 PM
epriestley added a comment.Jan 2 2015, 9:20 PM

joshuaspence added a revision: D11166: Rename `PhabricatorPolicyRule` subclasses for consistency.Jan 3 2015, 1:06 AM
joshuaspence closed this task as Resolved.Jan 3 2015, 12:52 PM
joshuaspence added a commit: rPb3e196b69400: Rename `PhabricatorPolicyRule` subclasses for consistency.

Closed by commit rPb3e196b69400.

epriestley mentioned this in T6859: It is difficult to keep track of used PhabricatorEdgeType IDs.Jan 4 2015, 4:59 PM
Phabricator · Built by Phacility