HomePhabricator

Use modern UI and policies in OAuth client editing

Description

Use modern UI and policies in OAuth client editing

Summary:
Updates this stuff a bit:

  • Add a global create permission for OAuth applications. The primary goal is to reduce attack surface area by making it more difficult for an adversary to do anything which requires that they create and configure an OAuth application/client. Normal users shouldn't generally need to create applications, OAuth is complex, and doing things with user accounts is inherently somewhat administrative.
  • Use normal policies to check create and edit permissions, now that we have infrastructure for it.
  • Use modern UI kit.

Test Plan:

  • Created a client.
  • Edited a client.
  • Tried to create a client as a non-admin.
  • Tried to edit a client I don't own.

Screen_Shot_2014-03-18_at_6.49.47_AM.png (867×1 px, 113 KB)

Screen_Shot_2014-03-18_at_6.49.40_AM.png (953×1 px, 110 KB)

Screen_Shot_2014-03-18_at_6.49.50_AM.png (867×1 px, 109 KB)

Screen_Shot_2014-03-18_at_6.49.55_AM.png (953×1 px, 96 KB)

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: epriestley

Differential Revision: https://secure.phabricator.com/D8562

Details

Provenance
epriestleyAuthored on
epriestleyPushed on Mar 18 2014, 8:30 PM
Reviewer
btrahan
Differential Revision
D8562: Use modern UI and policies in OAuth client editing
Parents
rP995a890565f3: Make OAuth client authorizations a Settings panel
Branches
Unknown
Tags
Unknown

Event Timeline