2011-02-02 01:42:36 +01:00
|
|
|
<?php
|
|
|
|
|
|
|
|
/*
|
2012-01-04 18:10:37 +01:00
|
|
|
* Copyright 2012 Facebook, Inc.
|
2011-02-02 01:42:36 +01:00
|
|
|
*
|
|
|
|
* Licensed under the Apache License, Version 2.0 (the "License");
|
|
|
|
* you may not use this file except in compliance with the License.
|
|
|
|
* You may obtain a copy of the License at
|
|
|
|
*
|
|
|
|
* http://www.apache.org/licenses/LICENSE-2.0
|
|
|
|
*
|
|
|
|
* Unless required by applicable law or agreed to in writing, software
|
|
|
|
* distributed under the License is distributed on an "AS IS" BASIS,
|
|
|
|
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
|
|
* See the License for the specific language governing permissions and
|
|
|
|
* limitations under the License.
|
|
|
|
*/
|
|
|
|
|
|
|
|
final class DifferentialInlineCommentView extends AphrontView {
|
|
|
|
|
|
|
|
private $inlineComment;
|
|
|
|
private $onRight;
|
|
|
|
private $buildScaffolding;
|
|
|
|
private $handles;
|
|
|
|
private $markupEngine;
|
2011-02-02 19:10:25 +01:00
|
|
|
private $editable;
|
2011-06-09 20:09:54 +02:00
|
|
|
private $preview;
|
2011-02-02 01:42:36 +01:00
|
|
|
|
Add inline comments to Diffusion/Audit
Summary:
- Add inline comments to Audits, like Differential.
- Creates new storage for the comments in the Audits database.
- Creates a new PhabricatorAuditInlineComment class, similar to DifferentialInlineComment.
- Defines an Interface which Differential and Audit comments conform to.
- Makes consumers of DifferentialInlineComments consume objects which implement that interface instead.
- Adds save
NOTE: Some features are still missing! Wanted to cut this off before it got crazy:
- Inline comments aren't shown in the main comment list.
- Inline comments aren't shown in the emails.
- Inline comments aren't previewed.
I'll followup with those but this was getting pretty big.
@vrana, does the SQL change look correct?
Test Plan:
- Created, edited, deleted, replied to, reloaded and saved inline comments in Diffusion, on the left and right side of diffs.
- Created, edited, deleted, replied to, reloaded and saved inline comments in Differentila, on the left and right side of primary and diff-versus-diff diffs.
Reviewers: btrahan, vrana
Reviewed By: btrahan
CC: aran, epriestley
Maniphest Tasks: T904
Differential Revision: https://secure.phabricator.com/D1898
2012-03-14 20:56:01 +01:00
|
|
|
public function setInlineComment(PhabricatorInlineCommentInterface $comment) {
|
2011-02-02 01:42:36 +01:00
|
|
|
$this->inlineComment = $comment;
|
|
|
|
return $this;
|
|
|
|
}
|
|
|
|
|
|
|
|
public function setOnRight($on_right) {
|
|
|
|
$this->onRight = $on_right;
|
|
|
|
return $this;
|
|
|
|
}
|
|
|
|
|
|
|
|
public function setBuildScaffolding($scaffold) {
|
|
|
|
$this->buildScaffolding = $scaffold;
|
|
|
|
return $this;
|
|
|
|
}
|
2011-02-02 22:48:52 +01:00
|
|
|
|
2011-02-02 01:42:36 +01:00
|
|
|
public function setHandles(array $handles) {
|
|
|
|
$this->handles = $handles;
|
|
|
|
return $this;
|
|
|
|
}
|
2011-02-02 22:48:52 +01:00
|
|
|
|
2011-02-02 01:42:36 +01:00
|
|
|
public function setMarkupEngine(PhutilMarkupEngine $engine) {
|
|
|
|
$this->markupEngine = $engine;
|
|
|
|
return $this;
|
|
|
|
}
|
|
|
|
|
2011-02-02 19:10:25 +01:00
|
|
|
public function setEditable($editable) {
|
|
|
|
$this->editable = $editable;
|
|
|
|
return $this;
|
|
|
|
}
|
|
|
|
|
2011-06-09 20:09:54 +02:00
|
|
|
public function setPreview($preview) {
|
|
|
|
$this->preview = $preview;
|
|
|
|
}
|
|
|
|
|
2011-02-02 01:42:36 +01:00
|
|
|
public function render() {
|
2011-02-02 22:48:52 +01:00
|
|
|
|
2011-02-02 01:42:36 +01:00
|
|
|
$inline = $this->inlineComment;
|
2011-02-02 22:48:52 +01:00
|
|
|
|
2011-02-02 01:42:36 +01:00
|
|
|
$start = $inline->getLineNumber();
|
|
|
|
$length = $inline->getLineLength();
|
|
|
|
if ($length) {
|
|
|
|
$end = $start + $length;
|
|
|
|
$line = 'Lines '.number_format($start).'-'.number_format($end);
|
|
|
|
} else {
|
|
|
|
$line = 'Line '.number_format($start);
|
|
|
|
}
|
2011-02-02 22:48:52 +01:00
|
|
|
|
2011-02-02 01:42:36 +01:00
|
|
|
$metadata = array(
|
2011-02-02 19:10:25 +01:00
|
|
|
'id' => $inline->getID(),
|
2011-02-02 01:42:36 +01:00
|
|
|
'number' => $inline->getLineNumber(),
|
|
|
|
'length' => $inline->getLineLength(),
|
2011-02-02 19:10:25 +01:00
|
|
|
'on_right' => $this->onRight,
|
Add "Undo" for editing Differential inline comments
Summary:
When a user hits 'cancel' on a 'new', 'edit', or 'reply' operation, add a little
"Changes discarded. __Undo__" insert so they can get their change back. No undo
for delete since there's an explicit prompt. Once this lands we can make
'escape' work again to close dialogs.
This change started feeling really good when I was merging all the duplicate
code and making things more consistent, but by the time I started writing client
rendering it felt gross. I'm not really thrilled with it but I guess it's a step
forward? The feature seems pretty OK in practice. Let me know how much barfing
this causes and I can try to remedy the most acute concerns.
This also fixes a bug where replies always (?) appear on the 'new' side of the
diff (I think?).
Test Plan:
Applied 'new', 'edit', 'delete' and 'reply' operations, pressed 'cancel' and
'okay' in each case, with and without changing text where relevant. All
behaviors seem to conform with expectations, except that canceling out of 'edit'
without changing the text gives you an option to undo when it shouldn't really.
There's no super easy way to get at the original text right now.
Reviewed By: aran
Reviewers: aran, jungejason, tuomaspelkonen
CC: simpkins, aran, epriestley
Differential Revision: 406
2011-06-08 01:11:10 +02:00
|
|
|
'original' => $inline->getContent(),
|
2011-02-02 01:42:36 +01:00
|
|
|
);
|
2011-02-02 22:48:52 +01:00
|
|
|
|
2011-02-02 01:42:36 +01:00
|
|
|
$sigil = 'differential-inline-comment';
|
2011-02-02 22:48:52 +01:00
|
|
|
|
2011-02-02 01:42:36 +01:00
|
|
|
$content = $inline->getContent();
|
|
|
|
$handles = $this->handles;
|
2011-02-02 22:48:52 +01:00
|
|
|
|
2011-02-02 19:10:25 +01:00
|
|
|
$links = array();
|
2011-04-15 03:08:10 +02:00
|
|
|
|
2012-01-04 18:10:37 +01:00
|
|
|
$is_synthetic = false;
|
|
|
|
if ($inline->getSyntheticAuthor()) {
|
|
|
|
$is_synthetic = true;
|
|
|
|
}
|
|
|
|
|
2011-06-14 21:42:27 +02:00
|
|
|
$is_draft = false;
|
Add inline comments to Diffusion/Audit
Summary:
- Add inline comments to Audits, like Differential.
- Creates new storage for the comments in the Audits database.
- Creates a new PhabricatorAuditInlineComment class, similar to DifferentialInlineComment.
- Defines an Interface which Differential and Audit comments conform to.
- Makes consumers of DifferentialInlineComments consume objects which implement that interface instead.
- Adds save
NOTE: Some features are still missing! Wanted to cut this off before it got crazy:
- Inline comments aren't shown in the main comment list.
- Inline comments aren't shown in the emails.
- Inline comments aren't previewed.
I'll followup with those but this was getting pretty big.
@vrana, does the SQL change look correct?
Test Plan:
- Created, edited, deleted, replied to, reloaded and saved inline comments in Diffusion, on the left and right side of diffs.
- Created, edited, deleted, replied to, reloaded and saved inline comments in Differentila, on the left and right side of primary and diff-versus-diff diffs.
Reviewers: btrahan, vrana
Reviewed By: btrahan
CC: aran, epriestley
Maniphest Tasks: T904
Differential Revision: https://secure.phabricator.com/D1898
2012-03-14 20:56:01 +01:00
|
|
|
if ($inline->isDraft() && !$is_synthetic) {
|
2011-06-23 01:29:07 +02:00
|
|
|
$links[] = 'Not Submitted Yet';
|
2011-06-14 21:42:27 +02:00
|
|
|
$is_draft = true;
|
|
|
|
}
|
|
|
|
|
2011-06-09 20:09:54 +02:00
|
|
|
if (!$this->preview) {
|
|
|
|
$links[] = javelin_render_tag(
|
|
|
|
'a',
|
|
|
|
array(
|
|
|
|
'href' => '#',
|
|
|
|
'mustcapture' => true,
|
|
|
|
'sigil' => 'differential-inline-prev',
|
|
|
|
),
|
|
|
|
'Previous');
|
2011-05-11 21:25:29 +02:00
|
|
|
|
2011-06-09 20:09:54 +02:00
|
|
|
$links[] = javelin_render_tag(
|
|
|
|
'a',
|
|
|
|
array(
|
|
|
|
'href' => '#',
|
|
|
|
'mustcapture' => true,
|
|
|
|
'sigil' => 'differential-inline-next',
|
|
|
|
),
|
|
|
|
'Next');
|
2011-05-11 21:25:29 +02:00
|
|
|
|
2012-01-04 18:10:37 +01:00
|
|
|
if (!$is_synthetic) {
|
|
|
|
|
|
|
|
// NOTE: No product reason why you can't reply to these, but the reply
|
|
|
|
// mechanism currently sends the inline comment ID to the server, not
|
|
|
|
// file/line information, and synthetic comments don't have an inline
|
|
|
|
// comment ID.
|
|
|
|
|
|
|
|
$links[] = javelin_render_tag(
|
|
|
|
'a',
|
|
|
|
array(
|
|
|
|
'href' => '#',
|
|
|
|
'mustcapture' => true,
|
|
|
|
'sigil' => 'differential-inline-reply',
|
|
|
|
),
|
|
|
|
'Reply');
|
|
|
|
}
|
2011-06-09 20:09:54 +02:00
|
|
|
}
|
2011-04-15 03:08:10 +02:00
|
|
|
|
2011-06-09 20:09:54 +02:00
|
|
|
if ($this->editable && !$this->preview) {
|
2011-02-02 19:10:25 +01:00
|
|
|
$links[] = javelin_render_tag(
|
|
|
|
'a',
|
|
|
|
array(
|
|
|
|
'href' => '#',
|
|
|
|
'mustcapture' => true,
|
|
|
|
'sigil' => 'differential-inline-edit',
|
|
|
|
),
|
|
|
|
'Edit');
|
|
|
|
$links[] = javelin_render_tag(
|
|
|
|
'a',
|
|
|
|
array(
|
|
|
|
'href' => '#',
|
|
|
|
'mustcapture' => true,
|
|
|
|
'sigil' => 'differential-inline-delete',
|
|
|
|
),
|
|
|
|
'Delete');
|
|
|
|
}
|
|
|
|
|
2011-02-02 01:42:36 +01:00
|
|
|
if ($links) {
|
2011-02-02 22:48:52 +01:00
|
|
|
$links =
|
2011-02-02 01:42:36 +01:00
|
|
|
'<span class="differential-inline-comment-links">'.
|
2011-02-02 19:10:25 +01:00
|
|
|
implode(' · ', $links).
|
2011-02-02 01:42:36 +01:00
|
|
|
'</span>';
|
2011-02-02 19:10:25 +01:00
|
|
|
} else {
|
|
|
|
$links = null;
|
2011-02-02 01:42:36 +01:00
|
|
|
}
|
2011-02-02 22:48:52 +01:00
|
|
|
|
2011-02-03 04:38:43 +01:00
|
|
|
$cache = $inline->getCache();
|
|
|
|
if (strlen($cache)) {
|
|
|
|
$content = $cache;
|
|
|
|
} else {
|
|
|
|
$content = $this->markupEngine->markupText($content);
|
|
|
|
if ($inline->getID()) {
|
|
|
|
$inline->setCache($content);
|
Create AphrontWriteGuard, a backup mechanism for CSRF validation
Summary:
Provide a catchall mechanism to find unprotected writes.
- Depends on D758.
- Similar to WriteOnHTTPGet stuff from Facebook's stack.
- Since we have a small number of storage mechanisms and highly structured
read/write pathways, we can explicitly answer the question "is this page
performing a write?".
- Never allow writes without CSRF checks.
- This will probably break some things. That's fine: they're CSRF
vulnerabilities or weird edge cases that we can fix. But don't push to Facebook
for a few days unless you're prepared to deal with this.
- **>>> MEGADERP: All Conduit write APIs are currently vulnerable to CSRF!
<<<**
Test Plan:
- Ran some scripts that perform writes (scripts/search indexers), no issues.
- Performed normal CSRF submits.
- Added writes to an un-CSRF'd page, got an exception.
- Executed conduit methods.
- Did login/logout (this works because the logged-out user validates the
logged-out csrf "token").
- Did OAuth login.
- Did OAuth registration.
Reviewers: pedram, andrewjcg, erling, jungejason, tuomaspelkonen, aran,
codeblock
Commenters: pedram
CC: aran, epriestley, pedram
Differential Revision: 777
2011-08-03 20:49:27 +02:00
|
|
|
|
|
|
|
$unguarded = AphrontWriteGuard::beginScopedUnguardedWrites();
|
2011-02-03 04:38:43 +01:00
|
|
|
$inline->save();
|
Create AphrontWriteGuard, a backup mechanism for CSRF validation
Summary:
Provide a catchall mechanism to find unprotected writes.
- Depends on D758.
- Similar to WriteOnHTTPGet stuff from Facebook's stack.
- Since we have a small number of storage mechanisms and highly structured
read/write pathways, we can explicitly answer the question "is this page
performing a write?".
- Never allow writes without CSRF checks.
- This will probably break some things. That's fine: they're CSRF
vulnerabilities or weird edge cases that we can fix. But don't push to Facebook
for a few days unless you're prepared to deal with this.
- **>>> MEGADERP: All Conduit write APIs are currently vulnerable to CSRF!
<<<**
Test Plan:
- Ran some scripts that perform writes (scripts/search indexers), no issues.
- Performed normal CSRF submits.
- Added writes to an un-CSRF'd page, got an exception.
- Executed conduit methods.
- Did login/logout (this works because the logged-out user validates the
logged-out csrf "token").
- Did OAuth login.
- Did OAuth registration.
Reviewers: pedram, andrewjcg, erling, jungejason, tuomaspelkonen, aran,
codeblock
Commenters: pedram
CC: aran, epriestley, pedram
Differential Revision: 777
2011-08-03 20:49:27 +02:00
|
|
|
unset($unguarded);
|
2011-02-03 04:38:43 +01:00
|
|
|
}
|
|
|
|
}
|
2011-02-02 22:48:52 +01:00
|
|
|
|
2012-01-06 01:36:59 +01:00
|
|
|
$anchor_name = 'inline-'.$inline->getID();
|
|
|
|
|
2011-02-14 01:00:21 +01:00
|
|
|
$anchor = phutil_render_tag(
|
|
|
|
'a',
|
|
|
|
array(
|
2012-01-06 01:36:59 +01:00
|
|
|
'name' => $anchor_name,
|
|
|
|
'id' => $anchor_name,
|
2011-02-14 01:00:21 +01:00
|
|
|
),
|
|
|
|
'');
|
|
|
|
|
2011-06-14 21:42:27 +02:00
|
|
|
$classes = array(
|
|
|
|
'differential-inline-comment',
|
|
|
|
);
|
|
|
|
if ($is_draft) {
|
|
|
|
$classes[] = 'differential-inline-comment-unsaved-draft';
|
|
|
|
}
|
2012-01-04 18:10:37 +01:00
|
|
|
if ($is_synthetic) {
|
|
|
|
$classes[] = 'differential-inline-comment-synthetic';
|
|
|
|
}
|
2011-06-14 21:42:27 +02:00
|
|
|
$classes = implode(' ', $classes);
|
|
|
|
|
2012-01-04 18:10:37 +01:00
|
|
|
if ($is_synthetic) {
|
|
|
|
$author = $inline->getSyntheticAuthor();
|
|
|
|
} else {
|
|
|
|
$author = $handles[$inline->getAuthorPHID()]->getName();
|
|
|
|
}
|
|
|
|
|
2011-02-02 01:42:36 +01:00
|
|
|
$markup = javelin_render_tag(
|
|
|
|
'div',
|
|
|
|
array(
|
2011-06-14 21:42:27 +02:00
|
|
|
'class' => $classes,
|
2011-02-02 01:42:36 +01:00
|
|
|
'sigil' => $sigil,
|
|
|
|
'meta' => $metadata,
|
|
|
|
),
|
|
|
|
'<div class="differential-inline-comment-head">'.
|
2011-02-14 01:00:21 +01:00
|
|
|
$anchor.
|
2011-02-02 01:42:36 +01:00
|
|
|
$links.
|
2012-03-15 13:40:23 +01:00
|
|
|
' <span class="differential-inline-comment-line">'.$line.'</span> '.
|
2012-01-04 18:10:37 +01:00
|
|
|
phutil_escape_html($author).
|
2011-02-02 01:42:36 +01:00
|
|
|
'</div>'.
|
2012-02-19 18:07:35 +01:00
|
|
|
'<div class="differential-inline-comment-content">'.
|
|
|
|
'<div class="phabricator-remarkup">'.
|
|
|
|
$content.
|
|
|
|
'</div>'.
|
2011-03-30 06:38:05 +02:00
|
|
|
'</div>');
|
2011-02-02 22:48:52 +01:00
|
|
|
|
2011-02-02 01:42:36 +01:00
|
|
|
return $this->scaffoldMarkup($markup);
|
|
|
|
}
|
|
|
|
|
|
|
|
private function scaffoldMarkup($markup) {
|
|
|
|
if (!$this->buildScaffolding) {
|
|
|
|
return $markup;
|
|
|
|
}
|
2011-02-02 22:48:52 +01:00
|
|
|
|
2011-04-15 03:08:10 +02:00
|
|
|
$left_markup = !$this->onRight ? $markup : '';
|
|
|
|
$right_markup = $this->onRight ? $markup : '';
|
|
|
|
|
|
|
|
return
|
|
|
|
'<table>'.
|
|
|
|
'<tr class="inline">'.
|
|
|
|
'<th></th>'.
|
|
|
|
'<td>'.$left_markup.'</td>'.
|
|
|
|
'<th></th>'.
|
|
|
|
'<td>'.$right_markup.'</td>'.
|
|
|
|
'</tr>'.
|
|
|
|
'</table>';
|
2011-02-02 01:42:36 +01:00
|
|
|
}
|
2011-02-02 22:48:52 +01:00
|
|
|
|
2011-02-02 01:42:36 +01:00
|
|
|
}
|