HomePhabricator
Diffusion Phabricator d2df3064bcc3

Allow Almanac services to be locked
d2df3064bcc3
Actions

Description

Allow Almanac services to be locked

Summary:
Fixes T6741. This allows Almanac services to be locked from the CLI. Locked services (and their bindings, interfaces and devices) can not be edited. This serves two similar use cases:

  • For normal installs, you can protect cluster configuration from an attacker who compromises an account (or generally harden services which are intended to be difficult to edit).
  • For Phacility, we can lock externally-managed instance cluster configuration without having to pull any spooky tricks.

Test Plan:

  • Locked and unlocked services.
  • Verified locking a service locks connected properties, bindings, binding properties, interfaces, devices, and device properties.

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: epriestley

Maniphest Tasks: T6741

Differential Revision: https://secure.phabricator.com/D11006

Details

Provenance
epriestleyAuthored on
epriestleyPushed on Dec 18 2014, 10:31 PM
Reviewer
btrahan
Differential Revision
D11006: Allow Almanac services to be locked
Parents
rPcd6f67ef95a3: When repository services are available, use them when creating a new repository
Branches
Unknown
Tags
Unknown
Tasks
T6741: Lock Almanac networks, and allow Almanac domain namespaces to be locked

Changes (24)

PathSize
resources/
sql/
autopatches/
src/
applications/
almanac/
application/
controller/
editor/
management/
query/
servicetype/
storage/
view/
docs/
user/
configuration/
userguide/

rPd2df3064bcc3

View Options

resources/sql/autopatches/20141217.almanacdevicelock.sql

Loading...
View Options

resources/sql/autopatches/20141217.almanaclock.sql

Loading...
View Options

src/__phutil_library_map__.php

Loading...
View Options

src/applications/almanac/application/PhabricatorAlmanacApplication.php

Loading...
View Options

src/applications/almanac/controller/AlmanacBindingViewController.php

Loading...
View Options

src/applications/almanac/controller/AlmanacController.php

Loading...
View Options

src/applications/almanac/controller/AlmanacDeviceViewController.php

Loading...
View Options

src/applications/almanac/controller/AlmanacServiceViewController.php

Loading...
View Options

src/applications/almanac/editor/AlmanacServiceEditor.php

Loading...
View Options

src/applications/almanac/management/AlmanacManagementLockWorkflow.php

Loading...
View Options

src/applications/almanac/management/AlmanacManagementUnlockWorkflow.php

Loading...
View Options

src/applications/almanac/management/AlmanacManagementWorkflow.php

Loading...
View Options

src/applications/almanac/query/AlmanacServiceQuery.php

Loading...
View Options

src/applications/almanac/query/AlmanacServiceSearchEngine.php

Loading...
View Options

src/applications/almanac/servicetype/AlmanacClusterServiceType.php

Loading...
View Options

src/applications/almanac/servicetype/AlmanacServiceType.php

Loading...
View Options

src/applications/almanac/storage/AlmanacBinding.php

Loading...
View Options

src/applications/almanac/storage/AlmanacDevice.php

Loading...
View Options

src/applications/almanac/storage/AlmanacInterface.php

Loading...
View Options

src/applications/almanac/storage/AlmanacService.php

Loading...
View Options

src/applications/almanac/storage/AlmanacServiceTransaction.php

Loading...
View Options

src/applications/almanac/view/AlmanacInterfaceTableView.php

Loading...
View Options

src/docs/user/configuration/cluster.diviner

Loading...
View Options

src/docs/user/userguide/almanac.diviner

Loading...
Phabricator ยท Built by Phacility