Page MenuHomePhabricator

Diffs do not use extended policies, so object policies evaluate in the wrong context
Closed, ResolvedPublic

Description

On our install, I was added as a reviewer to a differential revision. The diff had a very restrictive view policy of "Subscribers only". I could see the differential revision on the /differential/ page, but upon clicking on it I hit an exception:

Event Timeline

joshuaspence raised the priority of this task from to Needs Triage.
joshuaspence updated the task description. (Show Details)
joshuaspence added a subscriber: joshuaspence.

I received an email regarding the revision:

REDACTED changed the visibility from "All Users" to "Subscribers".
REDACTED changed the edit policy from "All Users" to "Subscribers".

OK, I have asked the author to add me as a subscriber... but I still can't load the page.

mysql> SELECT id, phid, status, authorPHID, lastReviewerPHID, dateCreated, dateModified, attached, viewPolicy, editPolicy, repositoryPHID FROM phabricator_differential.differential_revision WHERE id = 27030;
+-------+--------------------------------+--------+--------------------------------+------------------+-------------+--------------+----------+-------------------------------+-------------------------------+--------------------------------+
| id    | phid                           | status | authorPHID                     | lastReviewerPHID | dateCreated | dateModified | attached | viewPolicy                    | editPolicy                    | repositoryPHID                 |
+-------+--------------------------------+--------+--------------------------------+------------------+-------------+--------------+----------+-------------------------------+-------------------------------+--------------------------------+
| 27030 | PHID-DREV-bdeb6h6c4yj32nqfnz7y | 0      | PHID-USER-hfenohlvucsbthy2su73 | NULL             |  1445973949 |   1445982060 | []       | obj.subscriptions.subscribers | obj.subscriptions.subscribers | PHID-REPO-rgnn364lembo2emt5622 |
+-------+--------------------------------+--------+--------------------------------+------------------+-------------+--------------+----------+-------------------------------+-------------------------------+--------------------------------+
1 row in set (0.00 sec)

mysql> SELECT id, phid, revisionID, authorPHID, repositoryPHID, dateCreated, dateModified, viewPolicy FROM phabricator_differential.differential_diff WHERE revisionID = 27030;
+--------+--------------------------------+------------+--------------------------------+--------------------------------+-------------+--------------+------------+
| id     | phid                           | revisionID | authorPHID                     | repositoryPHID                 | dateCreated | dateModified | viewPolicy |
+--------+--------------------------------+------------+--------------------------------+--------------------------------+-------------+--------------+------------+
| 579426 | PHID-DIFF-czvpmjpj23wtl2th2h6a |      27030 | PHID-USER-hfenohlvucsbthy2su73 | PHID-REPO-rgnn364lembo2emt5622 |  1445973947 |   1445973949 | users      |
+--------+--------------------------------+------------+--------------------------------+--------------------------------+-------------+--------------+------------+
1 row in set (0.00 sec)
mysql> SELECT * FROM phabricator_differential.edge WHERE src IN ('PHID-DREV-bdeb6h6c4yj32nqfnz7y', 'PHID-DIFF-czvpmjpj23wtl2th2h6a');
+--------------------------------+------+--------------------------------+-------------+-----+--------+
| src                            | type | dst                            | dateCreated | seq | dataID |
+--------------------------------+------+--------------------------------+-------------+-----+--------+
| PHID-DREV-bdeb6h6c4yj32nqfnz7y |   12 | PHID-TASK-shfyd2sba6htlrzybqp5 |  1445973949 |   0 |   NULL |
| PHID-DREV-bdeb6h6c4yj32nqfnz7y |   21 | PHID-USER-abzwhc667osh5mwd4gk7 |  1445981511 |   2 |   NULL |
| PHID-DREV-bdeb6h6c4yj32nqfnz7y |   21 | PHID-USER-inwz7rtaiuxgmjduhmmq |  1445981511 |   1 |   NULL |
| PHID-DREV-bdeb6h6c4yj32nqfnz7y |   21 | PHID-USER-mw6ockgrrgytq3d3yywa |  1445981511 |   0 |   NULL |
| PHID-DREV-bdeb6h6c4yj32nqfnz7y |   35 | PHID-USER-abzwhc667osh5mwd4gk7 |  1445973949 |   2 | 104425 |
| PHID-DREV-bdeb6h6c4yj32nqfnz7y |   35 | PHID-USER-inwz7rtaiuxgmjduhmmq |  1445973949 |   1 | 104424 |
| PHID-DREV-bdeb6h6c4yj32nqfnz7y |   35 | PHID-USER-mw6ockgrrgytq3d3yywa |  1445973949 |   0 | 104423 |
| PHID-DREV-bdeb6h6c4yj32nqfnz7y |   51 | PHID-TASK-shfyd2sba6htlrzybqp5 |  1445974513 |   0 |   NULL |
+--------------------------------+------+--------------------------------+-------------+-----+--------+

Can you see the repository? (PHID-REPO-rgnn364lembo2emt5622)?

Can you see the repository? (PHID-REPO-rgnn364lembo2emt5622)?

Yeah, I can.

For now, I just asked him to change the policy to a custom policy consisting of users X, Y, Z.

epriestley renamed this task from This revision has no diffs. Something has gone quite wrong. to Diffs do not use extended policies, so object policies evaluate in the wrong context.Jan 1 2017, 4:38 PM
epriestley triaged this task as Normal priority.
epriestley added a project: Policy.