phab: auth providers
Tim Flink
tflink at redhat.com
Wed Jan 22 15:40:57 UTC 2014
On Wed, 22 Jan 2014 09:01:21 -0500 (EST)
Martin Krizek <mkrizek at redhat.com> wrote:
> I wonder if we should enable authentication through providers like
> GitHub instead of just username/password (and FAS in the future).
> This would make it easier for non-fas users to report bugs or
> contribute to the project.
The problem with doing this is usernames. If we allow multiple auth
mechanisms, how do we know which users came from where? How do we
handle username collisions when someone from github takes another
person's FAS username?
> I also noticed that anonymous access to
> view tickets is possible but one need to know the link, is there a
> way to fix this?
As far as I know, anonymous access is possible to most of phabricator.
The notable exceptions are to the landing page and the wiki (but there
has been discussion upstream on whether to change that last part).
Tickets are discover-able anonymously by using the Maniphest app:
https://phab.qadevel.cloud.fedoraproject.org/maniphest/
Tim
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 490 bytes
Desc: not available
URL: <http://lists.fedoraproject.org/pipermail/qa-devel/attachments/20140122/f8c3d796/attachment.sig>
More information about the qa-devel
mailing list