Page MenuHomePhabricator

PolicyPolicy
ActivePublic

Watchers (1)

Details

Description

Access policies for content within Phabricator.

Recent Activity

Fri, Jun 5

sshannin added a comment to T3820: Implement top-level "Spaces" that provide policy isolation to groups of objects.

Spaces have been working great for my install. The only real place where they're lacking I think arises from their coarseness/mutual-exclusivity.

Fri, Jun 5, 9:00 PM · Spaces, Policy, Wikimedia

Feb 20 2020

epriestley added a comment to T13381: Policy explanations for some extended policy objects with "open" default policy plus constraints are misleading.

In T13493, PhabricatorExternalAccountIdentifier could also benefit from this null policy behavior.

Feb 20 2020, 9:41 PM · Policy

Feb 3 2020

epriestley added a revision to T13484: Allow the policy layer to mark objects as damaged when filtering them: D20963: Fix an issue where loading a mangled project graph could fail too abruptly.
Feb 3 2020, 4:45 PM · Policy
epriestley triaged T13484: Allow the policy layer to mark objects as damaged when filtering them as Wishlist priority.
Feb 3 2020, 4:40 PM · Policy

Jan 17 2020

epriestley renamed T13478: Fix various policy issues with project member materialization around interactions between "Project Members" policies and Subprojects/Milestones from Fix various policy issues issues with project member materialization around interactions between "Project Members" policies and Subprojects/Milestones to Fix various policy issues with project member materialization around interactions between "Project Members" policies and Subprojects/Milestones.
Jan 17 2020, 5:19 PM · Policy, Projects

Jan 16 2020

epriestley triaged T13478: Fix various policy issues with project member materialization around interactions between "Project Members" policies and Subprojects/Milestones as Low priority.
Jan 16 2020, 6:49 PM · Policy, Projects

Nov 19 2019

epriestley closed T13462: Correct some policy/membership issues in milestone creation as Resolved.
Nov 19 2019, 7:13 AM · Projects, Policy
epriestley added a comment to T13462: Correct some policy/membership issues in milestone creation.

We materialize some members into the milestone? This causes no real problems, but we shouldn't materialize members into milestones.

Nov 19 2019, 6:53 AM · Projects, Policy
epriestley added a revision to T13462: Correct some policy/membership issues in milestone creation: D20920: When predicting project membership during edits, predict milestones will have parent membership.
Nov 19 2019, 6:52 AM · Projects, Policy
epriestley added a comment to T13462: Correct some policy/membership issues in milestone creation.

We predict the wrong set of members for the milestone when testing policies: we predict "no members", but should predict "exactly the same as the members of the parent project"?

Nov 19 2019, 6:42 AM · Projects, Policy
epriestley added a revision to T13462: Correct some policy/membership issues in milestone creation: D20919: When predicting object policies for project milestones, adjust objects so they behave like milestones.
Nov 19 2019, 6:29 AM · Projects, Policy
epriestley added a comment to T13462: Correct some policy/membership issues in milestone creation.

We check the wrong edit policy when testing if you can create a milestone: we check the default application policy, but should check the parent project policy?

Nov 19 2019, 6:13 AM · Projects, Policy
epriestley triaged T13462: Correct some policy/membership issues in milestone creation as Normal priority.
Nov 19 2019, 6:09 AM · Projects, Policy
epriestley closed T13461: Remove policy tag coloration in object header UI as Resolved by committing rPde66a8ece185: Remove "stronger/weaker" policy color hints from object headers.
Nov 19 2019, 6:05 AM · Policy
epriestley updated the task description for T13461: Remove policy tag coloration in object header UI.
Nov 19 2019, 6:04 AM · Policy
epriestley added a revision to T13461: Remove policy tag coloration in object header UI: D20918: Remove "stronger/weaker" policy color hints from object headers.
Nov 19 2019, 6:00 AM · Policy
epriestley closed T13460: Restore "Owner can view/edit task" policy hint in Task policy explanation dialogs as Resolved by committing rP1996b0cd55c5: Update the "owner can always view/edit" policy exception rule.
Nov 19 2019, 5:54 AM · Policy, Maniphest
epriestley triaged T13461: Remove policy tag coloration in object header UI as Low priority.
Nov 19 2019, 5:49 AM · Policy
epriestley added a revision to T13460: Restore "Owner can view/edit task" policy hint in Task policy explanation dialogs: D20917: Update the "owner can always view/edit" policy exception rule.
Nov 19 2019, 5:41 AM · Policy, Maniphest
epriestley triaged T13460: Restore "Owner can view/edit task" policy hint in Task policy explanation dialogs as Low priority.
Nov 19 2019, 5:38 AM · Policy, Maniphest

Sep 12 2019

epriestley added a revision to T13411: Improve "Custom Policy" behavior in policy dialogs: D20811: Fix a straggling callsite to "renderApplicationPolicy()".
Sep 12 2019, 11:21 PM · Policy
epriestley closed T13411: Improve "Custom Policy" behavior in policy dialogs as Resolved by committing rP4f845d8f8c77: When users encounter a policy exception for a non-view capability with a custom….
Sep 12 2019, 4:49 PM · Policy
epriestley added a revision to T13411: Improve "Custom Policy" behavior in policy dialogs: D20807: When users encounter a policy exception for a non-view capability with a custom policy, inline the policy rules.
Sep 12 2019, 4:30 PM · Policy
epriestley closed T6802: "Custom policy" for editing/viewing does not link to details as Resolved.

Here's the fate of the various issues discussed here:

Sep 12 2019, 4:04 PM · Design, Policy
epriestley closed T6802: "Custom policy" for editing/viewing does not link to details, a subtask of T13411: Improve "Custom Policy" behavior in policy dialogs, as Resolved.
Sep 12 2019, 4:03 PM · Policy
epriestley added a revision to T13411: Improve "Custom Policy" behavior in policy dialogs: D20806: When users fail a "CAN_SEE" check, give them an "opaque" policy explanation.
Sep 12 2019, 3:57 PM · Policy
epriestley added a revision to T13411: Improve "Custom Policy" behavior in policy dialogs: D20805: Inline custom policy rules inside policy capability explanation dialogs.
Sep 12 2019, 3:39 PM · Policy
epriestley added a parent task for T6802: "Custom policy" for editing/viewing does not link to details: T13411: Improve "Custom Policy" behavior in policy dialogs.
Sep 12 2019, 3:13 PM · Design, Policy
epriestley added a subtask for T13411: Improve "Custom Policy" behavior in policy dialogs: T6802: "Custom policy" for editing/viewing does not link to details.
Sep 12 2019, 3:13 PM · Policy
epriestley added a revision to T13411: Improve "Custom Policy" behavior in policy dialogs: D20804: Give policy name rendering explicit "text name", "capability link", and "transaction link" pathways.
Sep 12 2019, 2:46 PM · Policy
epriestley added a comment to T13411: Improve "Custom Policy" behavior in policy dialogs.

This should be reworked some day (perhaps partly here) into some more cohesive API, perhaps newLink().

Sep 12 2019, 2:15 PM · Policy
epriestley added a revision to T13411: Improve "Custom Policy" behavior in policy dialogs: D20803: Remove unused "icon" parameter from policy name rendering.
Sep 12 2019, 2:08 PM · Policy
epriestley added a revision to T13411: Improve "Custom Policy" behavior in policy dialogs: D20802: Remove "Editable By" description fields in Passphrase, Phame, and Spaces.
Sep 12 2019, 2:06 PM · Policy
epriestley added a revision to T13411: Improve "Custom Policy" behavior in policy dialogs: D20801: Update rendering of policy edit transactions in Applications.
Sep 12 2019, 2:03 PM · Policy
epriestley added a comment to T13411: Improve "Custom Policy" behavior in policy dialogs.

One other thing is that PhabricatorApplicationPolicyChangeTransaction->renderApplicationPolicy() has unconventional behaviors which are not very helpful and not consistent with normal CAN_EDIT / CAN_VIEW transactions. This is somewhat perplexing because ModularTransactions has renderPolicy() already, which has better behavior. I think it didn't exist yet when Applications modularized in D17757, and when it was introduced in D19829 I just overlooked the opportunity to update it.

Sep 12 2019, 4:47 AM · Policy
epriestley added a comment to T13411: Improve "Custom Policy" behavior in policy dialogs.

In Applications(Pick Something), if an application policy is set to "Custom Policy", the policy is not linked.

Sep 12 2019, 4:39 AM · Policy

Sep 9 2019

epriestley closed T8808: Policy menu should show actual project icon next to project as Resolved by committing rPd2e1c4163a3b: When a project has a custom icon, use that icon to label the project policy in….
Sep 9 2019, 8:38 PM · Policy
epriestley added a revision to T8808: Policy menu should show actual project icon next to project: D20799: When a project has a custom icon, use that icon to label the project policy in the policy dropown.
Sep 9 2019, 8:35 PM · Policy
epriestley moved T6802: "Custom policy" for editing/viewing does not link to details from Backlog to Next on the Policy board.
Sep 9 2019, 5:07 PM · Design, Policy
epriestley moved T8808: Policy menu should show actual project icon next to project from Backlog to Next on the Policy board.
Sep 9 2019, 5:07 PM · Policy
epriestley moved T13411: Improve "Custom Policy" behavior in policy dialogs from Backlog to Next on the Policy board.
Sep 9 2019, 5:06 PM · Policy
epriestley triaged T13411: Improve "Custom Policy" behavior in policy dialogs as Low priority.
Sep 9 2019, 5:06 PM · Policy

Aug 16 2019

epriestley added a comment to T13381: Policy explanations for some extended policy objects with "open" default policy plus constraints are misleading.

A related issue is that when object A returns object B as an extended policy check and the user fails the extended policy check, the "PolicyException" dialog is misleading. It reads like this:

Aug 16 2019, 5:27 PM · Policy
epriestley triaged T13381: Policy explanations for some extended policy objects with "open" default policy plus constraints are misleading as Wishlist priority.
Aug 16 2019, 5:04 PM · Policy

Aug 2 2019

epriestley closed T13364: Clarify that deleting repositories (and users?) from the web UI is explicitly not supported, not a resource limitation as Resolved by committing rP1fe631116771: Modernize user and repository "delete" workflows and improve documentation.
Aug 2 2019, 4:30 PM · Diffusion, Policy, Documentation
epriestley added a revision to T13364: Clarify that deleting repositories (and users?) from the web UI is explicitly not supported, not a resource limitation: D20694: Modernize user and repository "delete" workflows and improve documentation.
Aug 2 2019, 4:23 PM · Diffusion, Policy, Documentation

Aug 1 2019

epriestley triaged T13364: Clarify that deleting repositories (and users?) from the web UI is explicitly not supported, not a resource limitation as Low priority.
Aug 1 2019, 9:53 PM · Diffusion, Policy, Documentation

Jun 20 2019

epriestley created T13323: Remove the "CAN_EDIT on a parent project implies CAN_EDIT on a child project" policy rule.
Jun 20 2019, 5:20 PM · Policy, Projects

Jun 19 2019

epriestley added a comment to T4411: Adding a CC to a Maniphest Task should give View rights for that user.

See also T13317.

Jun 19 2019, 6:20 PM · Wikimedia, Policy

May 3 2019

epriestley closed T7703: Policy checks may execute incompletely for non-viewers as Resolved.

Although I'm not entirely confident that 100% of objects which should implement ExtendedPolicyInterface actually do today, I think we've gotten pretty much all of them. This approach also seems stable.

May 3 2019, 4:53 AM · Policy, Herald, Flags