HomePhabricator
Diffusion Phabricator ff98f6f522b1

Make the remote address rules for Settings > Activity Logs more consistent
ff98f6f522b1
Actions

Description

Make the remote address rules for Settings > Activity Logs more consistent

Summary:
Depends on D18971. Ref T13049. The rule is currently "you can see IP addresses for actions which affect your account".

There's some legitimate motivation for this, since it's good if you can see that someone you don't recognize has been trying to log into your account.

However, this includes cases where an administrator disables/enables your account, or promotes/demotes you to administrator. In these cases, their IP is shown!

Make the rule:

  • Administrators can see it (consistent with everything else).
  • You can see your own actions.
  • You can see actions which affected you that have no actor (these are things like login attempts).
  • You can't see other stuff: usually, administrators changing your account settings.

Test Plan: Viewed activity log as a non-admin, no longer saw administrator's IP address disclosed in "Demote from Admin" log.

Reviewers: amckinley

Reviewed By: amckinley

Maniphest Tasks: T13049

Differential Revision: https://secure.phabricator.com/D18972

Details

Provenance
epriestleyAuthored on Jan 30 2018, 8:13 PM
epriestleyPushed on Jan 30 2018, 11:45 PM
Reviewer
amckinley
Differential Revision
D18972: Make the remote address rules for Settings > Activity Logs more consistent
Parents
rP8a2863e3f7f8: Change the "can see remote address?" policy to "is administrator?" everywhere
Branches
Unknown
Tags
Unknown
Tasks
T13049: Plans: Data Exporters (Excel, JSON, CSV, etc.)
Build Status
Buildable 19292
Build 26069: Run Core Tests

Changes (2)

PathSize
src/
applications/
people/
view/
settings/
panel/

rPff98f6f522b1

View Options

src/applications/people/view/PhabricatorUserLogView.php

Loading...
View Options

src/applications/settings/panel/PhabricatorActivitySettingsPanel.php

Loading...
Phabricator ยท Built by Phacility