In T15948#21505, @Cigaryno wrote:

In T15948#21503, @Cigaryno wrote:

There must be a function that allows Conduit methods to be used by logged-out users. It's just that there are hardly any methods using that function.

There must be a function that allows Conduit methods to be used by logged-out users. It's just that there are hardly any methods using that function.

Thanks. I see, from this page is not possible:

Also, I'm OK with the change also because of GDPR's principle of minimization. I mean, Phorge avoids to collect unnecessary data, and this is nice.

As a side note, it's possible that somebody in the world was using the Phone number feature in a way that was then integrated with their custom management system, accessing this information via plain SQL.

Also, this mashes up Diffusion and Repositories to add confusion

I don't get the code.
src/applications/diffusion/controller/DiffusionIdentityViewController.php (note the View in its name) includes stuff like
$edit_uri = $this->getApplicationURI("identity/edit/{$id}/") defining ->setName(pht('Edit Identity')) (note the Edit here).
Also, this mashes up Diffusion and Repositories to add confusion (DiffusionIdentityEditController calls PhabricatorRepositoryIdentityEditEngine?).
I think I give up.

It's important to restrict the ability to create Diffusion IDs.

Patch in P13 is incomplete, policy does not cover going to /diffusion/identity/edit/1/ and setting Assigned To to another user but should.

In T15443#9918, @avivey wrote:

It also might make sense to hide the actual list from the general public (it's a mapping of emails to users).

The "Create Identity" button on /diffusion/identity/ should be guarded by this new policy access, though currently that form is not functional - see T15453