Improve consistency of file access policies, particularly for LFS
ab20f243b341
Actions

Description

Improve consistency of file access policies, particularly for LFS

Summary:
Ref T7789. Currently, we use different viewers if you have security.alternate-file-domain configured vs if you do not.

This is largely residual from the days of one-time-tokens, and can cause messy configuration-dependent bugs like the one in T7789#172057.

Instead, always use the omnipotent viewer. Knowledge of the secret key alone is sufficient to access a file.

Test Plan:

Disabled security.alternate-file-domain.
Reproduced an issue similar to the one described on T7789.
Applied change.
Clean LFS interaction.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T7789

Differential Revision: https://secure.phabricator.com/D15784

Details

Provenance

epriestley	Authored on Apr 22 2016, 11:40 AM
epriestley	Pushed on Apr 22 2016, 3:12 PM

Reviewer

chad

Differential Revision

D15784: Improve consistency of file access policies, particularly for LFS

Parents

rP711f13660e54: Synchronize working copies before doing a "bypassCache" commit read

Branches

Unknown

Tags

Unknown

Tasks

T7789: Support Git Large File Storage

Build Status

Buildable 11902
Build 14953: Run Core Tests

Event Timeline

epriestley committed rPab20f243b341: Improve consistency of file access policies, particularly for LFS (authored by epriestley).Apr 22 2016, 3:12 PM

epriestley added a task: T7789: Support Git Large File Storage.

Harbormaster completed building B11902: rPab20f243b341: Improve consistency of file access policies, particularly for LFS.Apr 22 2016, 3:14 PM

Changes (1)

Path

Size

src/

applications/

files/

controller/

PhabricatorFileDataController.php

rPab20f243b341

View Options

src/applications/files/controller/PhabricatorFileDataController.php