The Policy App implements policy controls for other apps
Details
Details
Description
Sat, Jan 25
Sat, Jan 25
Cigaryno updated the task description for T15128: Differential: Allow to change "Default Edit Policy".
Cigaryno updated the task description for T15128: Differential: Allow to change "Default Edit Policy".
Fri, Jan 17
Fri, Jan 17
Tue, Jan 14
Tue, Jan 14
Cigaryno renamed T15128: Differential: Allow to change "Default Edit Policy" from Differential: Allow to change "Can Edit Revisions" to Differential: Allow to change "Default Edit Policy".
Cigaryno renamed T15128: Differential: Allow to change "Default Edit Policy" from Allow users to change the default edit policy of revisions to Differential: Allow to change "Can Edit Revisions".
Cigaryno added a project to T15948: Allow public API access when equivalent public web access exists: Policy.
Dec 28 2024
Dec 28 2024
Cigaryno moved T15128: Differential: Allow to change "Default Edit Policy" from Backlog to Feature Requests on the Differential board.
Dec 26 2024
Dec 26 2024
Cigaryno added a project to T15128: Differential: Allow to change "Default Edit Policy": Spam mitigation.
Dec 18 2024
Dec 18 2024
Cigaryno moved T15277: Nameable, reusable Policies from Backlog to New Features on the Feature Requests board.
Cigaryno moved T15128: Differential: Allow to change "Default Edit Policy" from Backlog to New Features on the Feature Requests board.
Cigaryno added a project to T15128: Differential: Allow to change "Default Edit Policy": Feature Requests.
Dec 14 2024
Dec 14 2024
taavi closed T15970: phurl: Allow setting default edit policy for URLs as Resolved by committing rP18336f0b9a98: Allow customizing default Phurl view and edit policies.
Dec 11 2024
Dec 11 2024
valerio.bozzolan attached a referenced file: F2669861: AFTER.png.
valerio.bozzolan attached a referenced file: F2669862: BEFORE.png.
valerio.bozzolan updated the task description for T15970: phurl: Allow setting default edit policy for URLs.
Dec 10 2024
Dec 10 2024
Dec 8 2024
Dec 8 2024
valerio.bozzolan added a project to T15970: phurl: Allow setting default edit policy for URLs: Policy.
Thanks. I see, from this page is not possible:
Nov 20 2023
Nov 20 2023
valerio.bozzolan moved T15672: Allow to tune "Invite Users" policy from Backlog to Code Sprint Candidate on the User-valerio.bozzolan board.
valerio.bozzolan updated the task description for T15672: Allow to tune "Invite Users" policy.
Nov 13 2023
Nov 13 2023
valerio.bozzolan added a comment to T15486: Do not expose "Contact Numbers" in user settings when no SMS support is set up in Phorge.
Also, I'm OK with the change also because of GDPR's principle of minimization. I mean, Phorge avoids to collect unnecessary data, and this is nice.
valerio.bozzolan added a comment to T15486: Do not expose "Contact Numbers" in user settings when no SMS support is set up in Phorge.
As a side note, it's possible that somebody in the world was using the Phone number feature in a way that was then integrated with their custom management system, accessing this information via plain SQL.
Nov 11 2023
Nov 11 2023
Oct 27 2023
Oct 27 2023
Oct 26 2023
Oct 26 2023
aklapper renamed T15443: Add Diffusion policy capability "Can Edit and View Identities" from Add Diffusion policy capability "Can create and edit Identities" to Add Diffusion policy capability "Can Edit and View Identities".
Jul 2 2023
Jul 2 2023
avivey added a comment to T15443: Add Diffusion policy capability "Can Edit and View Identities".
Also, this mashes up Diffusion and Repositories to add confusion
aklapper added a comment to T15443: Add Diffusion policy capability "Can Edit and View Identities".
I don't get the code.
src/applications/diffusion/controller/DiffusionIdentityViewController.php (note the View in its name) includes stuff like
$edit_uri = $this->getApplicationURI("identity/edit/{$id}/") defining ->setName(pht('Edit Identity')) (note the Edit here).
Also, this mashes up Diffusion and Repositories to add confusion (DiffusionIdentityEditController calls PhabricatorRepositoryIdentityEditEngine?).
I think I give up.
Jun 29 2023
Jun 29 2023
Cigaryno added a project to T15443: Add Diffusion policy capability "Can Edit and View Identities": Diffusion.
It's important to restrict the ability to create Diffusion IDs.
aklapper added a comment to T15443: Add Diffusion policy capability "Can Edit and View Identities".
Patch in P13 is incomplete, policy does not cover going to /diffusion/identity/edit/1/ and setting Assigned To to another user but should.
aklapper added a comment to T15443: Add Diffusion policy capability "Can Edit and View Identities".
Jun 23 2023
Jun 23 2023
Jun 19 2023
Jun 19 2023
valerio.bozzolan added a project to T15438: Add policy capability "Can create Dashboards": Dashboards.
aklapper closed T15438: Add policy capability "Can create Dashboards" as Resolved by committing rP1c59b6542136: Dashboards: add capability who can create Dashboards.
Jun 7 2023
Jun 7 2023
speck added a comment to T15443: Add Diffusion policy capability "Can Edit and View Identities".
The "Create Identity" button on /diffusion/identity/ should be guarded by this new policy access, though currently that form is not functional - see T15453
smith added a comment to T15443: Add Diffusion policy capability "Can Edit and View Identities".
It also might make sense to hide the actual list from the general public
I agree. Wouldn't it make sense to put it behind repository.identity.view?
It turns out that this is a duplicate:
T15443: Add Diffusion policy capability "Can Edit and View Identities"
avivey added a comment to T15443: Add Diffusion policy capability "Can Edit and View Identities".
Would it make sense to put creating identities behind the existing Edit policy of the repository?
aklapper added a comment to T15443: Add Diffusion policy capability "Can Edit and View Identities".
Would it make sense to put creating identities behind the existing Edit policy of the repository?
smith added a comment to T15451: Implement Diffusion identity reassignment access control.
But, they identities probably should be editable only for:
- people who can edit the repository (people who administer it)
- you, if the email matches yours (since you somehow pushed in the repository)
valerio.bozzolan added a project to T15451: Implement Diffusion identity reassignment access control: Policy.
Jun 3 2023
Jun 3 2023
speck added a comment to T15443: Add Diffusion policy capability "Can Edit and View Identities".
As an approach this seems good to me. Would it make sense to put creating identities behind the existing Edit policy of the repository?
aklapper added a comment to T15443: Add Diffusion policy capability "Can Edit and View Identities".
Cannot properly test locally (too many exceptions on PHP8.2 trying to create a local Git repo and commits to be indexed in Diffusion) how much this change would actually affect both editing and creating (or not) so I dumped an untested patch into P13