Maniphest T6956

Give PhabricatorDestructionEngine a getViewer() method to reduce omnipotence calls
Closed, ResolvedPublic
Actions

Assigned To

Authored By

	epriestley
	Jan 13 2015, 2:17 PM

Tags

Referenced Files

None

Subscribers

Description

A routine use of PhabricatorUser::getOmnipotentUser() is loading related objects inside destroyObjectPermanently(), so they can also be destroyed.

This is correct, but makes it more difficult to audit calls to getOmnipotentUser() because it adds several of them to many applications. It seems desirable to organize these calls as much as possible, as their misuse can cause major policy violations.

It would be cleaner to provide a getViewer() method on the $engine (which just returns the omnipotent user), then call that. This would leave us with fewer hits for git grep -i getOmnipotentUser and generally better organization of access to omnipotence.

Revisions and Commits

rP Phabricator
	D12866	rP3ef0721adacc Reduce PhabricatorUser::getOmnipotentUser calls by adding a getViewer method…

Event Timeline

epriestley created this task.Jan 13 2015, 2:17 PM

epriestley raised the priority of this task from to Wishlist.

epriestley updated the task description. (Show Details)

epriestley added a project: Infrastructure.

epriestley added a subscriber: epriestley.

joshuaspence added a subscriber: joshuaspence.Feb 14 2015, 1:13 PM

btrahan added a revision: D12866: Reduce PhabricatorUser::getOmnipotentUser calls by adding a getViewer method to PhbaricatorDestructionEngine.May 15 2015, 9:02 PM

btrahan claimed this task.May 15 2015, 9:02 PM

btrahan closed this task as Resolved by committing rP3ef0721adacc: Reduce PhabricatorUser::getOmnipotentUser calls by adding a getViewer method….May 15 2015, 9:07 PM

btrahan added a commit: rP3ef0721adacc: Reduce PhabricatorUser::getOmnipotentUser calls by adding a getViewer method….