Summary: Is this an appropriate place to say "herp derp?"
Test Plan: Check for Resign as Reviewer for the following table
waiting for review | accepted | committed
Am actually reviewer
Am not reviewer but CC'ed
Unrelated
Reviewers: epriestley
CC:
Differential Revision: 140
Summary:
There's an OAuth diagnostics page at /oauth/facebook/diagnose/, which
shows some diagnostic information. Currently, it attempts to establish an
application token session and shows the token if it is successful. An attacker
could use this to do vaguely nefarious things (retreive application statistics,
I think?).
This interface was originally admin-only but then I threw out the very silly
admin mode patch I had at the time and we currently have no admin mode, and
thus this interface is public. This token isn't useful in diagnosis anyway,
so don't reveal it.
Test Plan:
Visited oauth diagnostics page, no token revealed
Reviewed By: tuomaspelkonen
Reviewers: tuomaspelkonen, jungejason
CC: tuomaspelkonen
Differential Revision: 136
Summary: See D133. Workers can also be subject to the same race, invert the
row relationship in the same way.
Test Plan: Launched repository master daemons and some taskmasters and used
the Daemon console to veify that they were able to process tasks. Manually
checked the database to make sure data got linked correctly and that new data
was inserted correctly.
Reviewers: jungejason
CC: tuomaspelkonen
Differential Revision: 135
Summary: While I should fix the transactional stuff, that patch is going to be
tricky and transactions have some performance implications. This is a simple
fix which prevents the race.
Instead of having the data point at the event ID, have the event point at a
data ID. Insert the data first, then insert the event with the right data
pointer. This is super simple and prevents the race issue.
Test Plan:
- Ran the schema upgrade script, verified that the database was
correctly upgraded. Was also prompted to stop daemons.
- Ran 'repository-launch-master', verified that the discovery daemons were
able to discover new commits and insert events for them. Verified the
committask daemon was consuming events and converting them into tasks.
- Verified new tasks looked correct in the database.
- Browsed web interface.
Reviewers: jungejason
CC: tuomaspelkonen
Differential Revision: 133
Summary:
Added long waited image macro support for differential and others.
Test Plan:
Tried a couple of different macros and made sure they appear nicely
in the comment preview. Made sure that the normal comments are shown
correctly.
Reviewed By: epriestley
Reviewers: epriestley
CC: jungejason, tuomaspelkonen, epriestley
Differential Revision: 129
Summary:
There's no reason to default-reject clients since they can just
pretend to be arc anyway. If they're speaking the right protocol, let them
communicate over Conduit.
Test Plan:
Changed arc to identify as 'arczsdba', ran an arc command.
Reviewed By: simpkins
Reviewers: simpkins
CC: simpkins
Differential Revision: 132
Summary:
Old differential allowed users to plan changes for their own revisions.
This feature is now available in Phabricator version of differential.
Test Plan:
Tested by selecting "Plan Changes" for one of my own aceepted revisions.
Reviewed By: epriestley
Reviewers: epriestley
CC: jungejason, epriestley
Differential Revision: 130
Summary:
No workflow dialog when subscribing or unsubscribing from a Differential
Revision
Test Plan:
Repeatedly subscribe and unsubscribe to a revision. Enter refractory period due
to
speed of page gen.
Reviewed By: epriestley
Reviewers: epriestley
CC: epriestley
Differential Revision: 128
Summary:
There was a need to add old facebook specific action links and properties
back to differential.
Test Plan:
Tested that all the facebook specific links work for multiple
different revisions.
Reviewed By: epriestley
Reviewers: epriestley
CC: jungejason, tuomaspelkonen, epriestley
Differential Revision: 127
Summary:
We were showing all kinds of information about the object in object
transcript, but there was no link to the actual object.
Test Plan:
Checked that links were working correctly for both differential and
commit objects.
Reviewed By: epriestley
Reviewers: epriestley
CC: jungejason, epriestley
Differential Revision: 125
Summary:
Documentation describes how to use the script to upgrade schema.
Test Plan:
Generated the documentation and it looked good.
Reviewed By: epriestley
Reviewers: epriestley
CC: jungejason, epriestley
Differential Revision: 124
Summary:
Like the title says.
Test Plan:
grep for ': ' didn't reveal any other similar problems.
Reviewed By: jungejason
Reviewers: epriestley, jungejason
CC: jungejason
Differential Revision: 121
Summary:
Enable "Resign as Reviewer" from Differential Revision View UI
Test Plan:
Look at revision that I am a reviewer on and that I am not.
Reviewed By: epriestley
Reviewers: epriestley
CC: epriestley
Differential Revision: 120
performance (e.g., for profile images) and you need to know a highly entropic
PHID to access a file in the first place, plus installs should generally be
doing HTTPS.
Summary:
Created a script the runs all the necessary patches for db schema.
Stores information in the db about the latest patch that was applied.
Test Plan:
Created two test files '024.test.sql' and '023.test.sql' in this order.
'023' creates a database and '024' creates a table in this db. First ran
'./upgrade_schema.php 23' and made sure that patches were applied in order.
Then ran './upgrade_schema.php' to make sure db was up-to-date. Checked
manually from the db that the database and table exists.
Reviewed By: epriestley
Reviewers: epriestley
CC: jungejason, epriestley, tuomaspelkonen
Differential Revision: 115
Summary:
add filtering for MetaMTA transcripts, add Herald
transcripts, also fixed PhabricatorObjectHandleData to support commits.
Note that paging in the transcripts pages will be in a different diff.
Test Plan:
test the transcripts for both MetaMTA and Herald.
Reviewed By: epriestley
Reviewers: epriestley, tuomaspelkonen
CC: jungejason, epriestley
Differential Revision: 114
Summary:
Users were able to accidentally update revisions they didn't own. Now
it is impossible to update a revision that belongs to someone else or
has been marked as committed.
Test Plan:
Tested that normal workflow works as previously, but after running
'arc amend', running 'arc diff' fails.
Manually changed the revision number in the git commit message and tried
to update something that belongs to Jason -> Failed.
Reviewed By: epriestley
Reviewers: epriestley
CC: jungejason, epriestley, tuomaspelkonen
Differential Revision: 112