Homec4science

Use modern UI and policies in OAuth client editing

Authored by epriestley <git@epriestley.com> on Mar 18 2014, 21:30.

Description

Use modern UI and policies in OAuth client editing

Summary:
Updates this stuff a bit:

  • Add a global create permission for OAuth applications. The primary goal is to reduce attack surface area by making it more difficult for an adversary to do anything which requires that they create and configure an OAuth application/client. Normal users shouldn't generally need to create applications, OAuth is complex, and doing things with user accounts is inherently somewhat administrative.
  • Use normal policies to check create and edit permissions, now that we have infrastructure for it.
  • Use modern UI kit.

Test Plan:

  • Created a client.
  • Edited a client.
  • Tried to create a client as a non-admin.
  • Tried to edit a client I don't own.

{F131511}

{F131512}

{F131513}

{F131514}

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: epriestley

Differential Revision: https://secure.phabricator.com/D8562

Details

Committed
epriestley <git@epriestley.com>Mar 18 2014, 21:30
Pushed
aubortJan 31 2017, 17:16
Parents
rPH995a890565f3: Make OAuth client authorizations a Settings panel
Branches
Unknown
Tags
Unknown

Event Timeline

epriestley <git@epriestley.com> committed rPH34c890b7e1a8: Use modern UI and policies in OAuth client editing (authored by epriestley <git@epriestley.com>).Mar 18 2014, 21:30