I'm not sure whether to file this as two things, guessing you guys will sort me out :)
When I respond to a ticket with a reply and attach a file I see the comment appear and the file is associated. The file does not mimic the behavior of drag and drop policy wise. It is public. Where if I were to perform the same action via the UI it would be set to viewPolicy: myPHID and the task mention would allow task viewers to access it. This has bitten us a few times in that the difference in outcome depending the medium is hard to communicate to users and I think is not least suprise.
Can we have files via email mimic their drag and drop counterparts for policy?
When I send that reply with an attached file it gets associated with the task and the policy is public (as noted), but the additional bummer is authorPHID seems to be set to NULL. I can only confirm this on our install, but the behavior seems to translate to this instance. That means when I send in a file via email to a restricted task it is uploaded, made public, and I am restricted from editing/deleting it as //not the author//.
This is a file I have attached to a reply on our instance.
https://phabricator.wikimedia.org/F107471
In the DB:
```
id: 107471
phid: PHID-FILE-haeskypsdagxvvunrfoq
name: 76HA09d.jpg
mimeType: image/jpeg
byteSize: 89971
storageEngine: blob
storageFormat: raw
storageHandle: 20426
dateCreated: 1427819095
dateModified: 1427819095
authorPHID: NULL
secretKey: foryourprotection
contentHash: 4b9c8b42eab462fbf41ae7d753402b047a1dad45
metadata: {"width":633,"height":859}
ttl: NULL
isExplicitUpload: 0
mailKey: foryourprotection
viewPolicy: public
```
So I see:
{F355153}
File I have sent into this instance:
https://secure.phabricator.com/T6872#104582
https://secure.phabricator.com/F355135
{F355156}
I think here it was intended to set the author on attachment handling via replyhandler (which is to say I think this used to work?):
https://secure.phabricator.com/rP0238f260df0292667267c2b293af324633e28c8e