1
0
Fork 0
mirror of https://we.phorge.it/source/phorge.git synced 2024-12-21 04:50:55 +01:00
Commit graph

12528 commits

Author SHA1 Message Date
epriestley
0fad384727 Fix minor section formatting mishap in SSH key email
Summary: Ref T10917. This is getting added as a link right now, which causes it to get `<a href>`'d in HTML mail. Add it as text instead.

Test Plan: Edited a key, examined HTML mail body carefully.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T10917

Differential Revision: https://secure.phabricator.com/D15952
2016-05-19 15:20:19 -07:00
epriestley
6f6ca0102d Send forced mail on SSH key edits
Summary:
Ref T10917. This cheats fairly heavily to generate SSH key mail:

  - Generate normal transaction mail.
  - Force it to go to the user.
  - Use `setForceDelivery()` to force it to actually be delivered.
  - Add some warning language to the mail body.

This doesn't move us much closer to Glorious Infrastructure for this whole class of events, but should do what it needs to for now and doesn't really require anything sketchy.

Test Plan: Created and edited SSH keys, got security notice mail.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T10917

Differential Revision: https://secure.phabricator.com/D15948
2016-05-19 15:01:25 -07:00
epriestley
da6b3de65c Use transactions to apply web UI SSH key edits
Summary:
Ref T10917. Converts web UI edits to transactions.

This is about 95% "the right way", and then I cheated on the last 5% instead of building a real EditEngine. We don't need it for anything else right now and some of the dialog workflows here are a little weird so I'm just planning to skip it for the moment unless it ends up being easier to do after the next phase (mail notifications) or something like that.

Test Plan: {F1652160}

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T10917

Differential Revision: https://secure.phabricator.com/D15947
2016-05-19 15:00:18 -07:00
epriestley
9385ddaf82 Fix bad documentation link in clustering intro doc
Summary: Fixes T10991.

Test Plan: Previewed harder, clicked link.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T10991

Differential Revision: https://secure.phabricator.com/D15949
2016-05-19 14:59:50 -07:00
epriestley
08bea1d363 Add ViewController and SearchEngine for SSH Public Keys
Summary:
Ref T10917. This primarily prepares these for transactions by giving us a place to:

  - review old deactivated keys; and
  - review changes to keys.

Future changes will add transactions and a timeline so key changes are recorded exhaustively and can be more easily audited.

Test Plan:
{F1652089}

{F1652090}

{F1652091}

{F1652092}

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T10917

Differential Revision: https://secure.phabricator.com/D15946
2016-05-19 09:48:46 -07:00
epriestley
36006bcb8f Prevent locked credentials from being made accessible via conduit
Summary:
Via HackerOne. Currently, you can use "Lock Permanently" to lock a credential permanently, but you can still enable Conduit API access to it. This directly contradicts both intent of the setting and its description as presented to the user.

Instead:

  - When a credential is locked, revoke Conduit API access.
  - Prevent API access from being enabled for locked credentials.
  - Prevent API access to locked credentials, period.

Test Plan:
  - Created a credential.
  - Enabled API access.
  - Locked credential.
  - Saw API access become disabled.
  - Tried to enable API access; was rebuffed.
  - Queried credential via API, wasn't granted access.

Reviewers: chad

Reviewed By: chad

Differential Revision: https://secure.phabricator.com/D15944
2016-05-18 14:54:44 -07:00
epriestley
0308d580d7 Deactivate SSH keys instead of destroying them completely
Summary:
Ref T10917. Currently, when you delete an SSH key, we really truly delete it forever.

This isn't very consistent with other applications, but we built this stuff a long time ago before we were as rigorous about retaining data and making it auditable.

In partiular, destroying data isn't good for auditing after security issues, since it means we can't show you logs of any changes an attacker might have made to your keys.

To prepare to improve this, stop destoying data. This will allow later changes to become transaction-oriented and show normal transaction logs.

The tricky part here is that we have a `UNIQUE KEY` on the public key part of the key.

Instead, I changed this to `UNIQUE (key, isActive)`, where `isActive` is a nullable boolean column. This works because MySQL does not enforce "unique" if part of the key is `NULL`.

So you can't have two rows with `("A", 1)`, but you can have as many rows as you want with `("A", null)`. This lets us keep the "each key may only be active for one user/object" rule without requiring us to delete any data.

Test Plan:
- Ran schema changes.
- Viewed public keys.
- Tried to add a duplicate key, got rejected (already associated with another object).
- Deleted SSH key.
- Verified that the key was no longer actually deleted from the database, just marked inactive (in future changes, I'll update the UI to be more clear about this).
- Uploaded a new copy of the same public key, worked fine (no duplicate key rejection).
- Tried to upload yet another copy, got rejected.
- Generated a new keypair.
- Tried to upload a duplicate to an Almanac device, got rejected.
- Generated a new pair for a device.
- Trusted a device key.
- Untrusted a device key.
- "Deleted" a device key.
- Tried to trust a deleted device key, got "inactive" message.
- Ran `bin/ssh-auth`, got good output with unique keys.
- Ran `cat ~/.ssh/id_rsa.pub | ./bin/ssh-auth-key`, got good output with one key.
- Used `auth.querypublickeys` Conduit method to query keys, got good active keys.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T10917

Differential Revision: https://secure.phabricator.com/D15943
2016-05-18 14:54:28 -07:00
epriestley
49eb6403a4 Send HTML email by default
Summary: Ref T10694. Switch default mode to HTML since it has a number of significant advantages and we haven't seen reports of significant problems.

Test Plan:
  - Switched preference to default (saw "HTML" in UI).
  - Sent myself some mail.
  - Got HTML mail.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T10694

Differential Revision: https://secure.phabricator.com/D15885
2016-05-18 14:53:57 -07:00
Chad Little
5bb3cbe239 Add a "View Revision" button to HTML email
Summary:
Ref T10694. If this feels good, I'd plan to eventually add something similar to other applications ("View Task", etc).

Not sure if we should keep the object link later in the mail body or not. I left it for now.

Test Plan: {F1307256, size=full}

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: Korvin

Maniphest Tasks: T10694

Differential Revision: https://secure.phabricator.com/D15884
2016-05-18 14:25:16 -07:00
epriestley
9d029519f6 Two-for-one deal on typos
Summary: Wow! Real value here.

Test Plan: No more red underlines.

Reviewers: chad

Reviewed By: chad

Differential Revision: https://secure.phabricator.com/D15941
2016-05-18 09:53:39 -07:00
epriestley
7b50eef27a Special case the "added projects" transaction in mail when creating objects
Summary: Fixes T10493. See that task and inline comments for discussion.

Test Plan:
Created an object with some projects, saw the transaction in resulting mail:

{F1600496}

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T10493

Differential Revision: https://secure.phabricator.com/D15942
2016-05-18 07:09:39 -07:00
epriestley
3aed39b8b0 Fix an issue with serializing reviewers over the wire
Fixes T10981. Ref T10939. `arc` currently has some odd, hard-coded checks
(missing reviewers, all reviewers away) that depend on the field value being
in a certain format.

The recent changes swapped the field value from scalars (PHIDs) to
dictionaries and broke this workflow. It worked fine in testing because we
apply these checks very inconsistently (not on update or `--edit`).

To get around this for now, serialize into "PHID!" and then unserialize on
the other side. This is icky but keeps us from needing to require an `arc`
upgrade.

These checks are generally bad news and should move to the server side in the
long run (T4631).

(This probably prevents clean `arc diff`, so I'm just cowboy committing it.)

Auditors: chad
2016-05-17 17:44:13 -07:00
epriestley
de1a30efc7 Improve audit behavior for "uninteresting" auditors
Summary:
Ref T10939. Fixes T10174. We can currently trigger "uninteresting" auditors in two ways:

  - Packages with auditing disabled ("NONE" audits).
  - Packages with auditing enabled, but they don't need an audit (e.g., author is a pacakge owner; "NOT REQUIRED" audits).

These audits aren't interesting (we only write them so we can list "commits in this package" from other UIs) but right now they take up the audit slot. In particular:

  - They show in the UI, but are generally useless/confusing nowadays. The actual table of contents does a better job of just showing "which packages do these paths belong to" now, and shows all packages for each path.
  - They block Herald from adding real auditors.

Change this:

  - Don't show uninteresting auditors.
  - Let Herald upgrade uninteresting auditors into real auditors.

Test Plan:
  - Ran `bin/repository reparse --owners <commit> --force`, and `--herald` to trigger Owners and Herald rules.
  - With a package with auditing disabled, triggered a "None" audit and saw it no longer appear in the UI with the patch applied.
  - With a package with auditing disabled, added a Herald rule to trigger an audit. With the patch, saw it go through and upgrade the audit to "Audit Required".

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T10174, T10939

Differential Revision: https://secure.phabricator.com/D15940
2016-05-17 13:47:33 -07:00
epriestley
9c24798e64 Update Owners auditing rules for multiple reviewers
Summary:
Ref T10939. Fixes T10181. This slightly simplifies, then documents the auditing rules, which haven't been updated for a while. In particular:

  - If an owner authored the change, never audit.
  - Examine all reviewers to determine reviewer audit status, not just the first reviewer.
  - Simplify some of the loading code a bit.

Test Plan:
  - Ran `bin/repository reparse --owners <commit> --force` to trigger this stuff.
  - Verified that the web UI did reasonable things with resulting audits.
  - Read documentation.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T10181, T10939

Differential Revision: https://secure.phabricator.com/D15939
2016-05-17 13:46:06 -07:00
epriestley
809c7bf996 Allow users to manage package dominion rules
Summary: Ref T10939. This adds UI, transactions, etc, to adjust dominion rules.

Test Plan:
  - Read documentation.
  - Changed dominion rules.
  - Created packages on `/` ("A") and `/x` ("B") with "Auto Review: Review".
  - Touched `/x`.
  - Verified that A and B were added with strong dominion.
  - Verified that only B was added when A was set to weak dominion.
  - Viewed file in Diffusion, saw correct ownership with strong/weak dominion rules.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T10939

Differential Revision: https://secure.phabricator.com/D15936
2016-05-17 10:57:43 -07:00
epriestley
6cb2bde48d Add "Dominion" rules for Owners Packages
Summary:
Ref T10939. This supports two settings for packages (although they can't be configured yet):

  - **Strong Dominion**: If the package owns `a/`, it always owns every subpath, even if another package also owns the subpath. For example, if I own `src/differential/`, I always own it even if someone else claims `src/differential/js/` as part of the "Javascript" package. This is the current behavior, and the default.
  - **Weak Dominion**: If the package owns `a/`, but another package owns `a/b/`, the package gives up control of those paths and no longer owns paths in `a/b/`. This is a new behavior which can make defining some types of packages easier.

In the next change, I'll allow users to switch these modes and document what they mean.

Test Plan:
  - Ran existing unit tests.
  - Added new unit tests.

Reviewers: chad

Reviewed By: chad

Subscribers: joel

Maniphest Tasks: T10939

Differential Revision: https://secure.phabricator.com/D15935
2016-05-17 10:57:06 -07:00
epriestley
29a060d7f1 Allow blocking reviewers to be added via the CLI
Summary: Ref T10939. Fixes T4887. Supports "username!" to add a reviewer as blocking.

Test Plan: Added and removed blocking and non-blocking reviewers via CLI.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T4887, T10939

Differential Revision: https://secure.phabricator.com/D15934
2016-05-17 10:56:29 -07:00
epriestley
afec01129a Allow blocking reviewers to be added via the web UI
Summary:
Ref T10939. Adds a `blocking(...)` token.

This code is pretty iffy and going to get worse before it gets better, but the fix (T10967 + EditEngine) is going to be a fair chunk of work down the road.

Test Plan: {F1426966}

Reviewers: chad

Reviewed By: chad

Subscribers: scode

Maniphest Tasks: T10939

Differential Revision: https://secure.phabricator.com/D15933
2016-05-17 10:56:12 -07:00
epriestley
875b866715 Add missing "oauth_server_edge" tables
Summary: Fixes T10975. The "scramble attached file permissions when an object is saved" code is misfiring here too. See T10778 + D15803 for prior work.

Test Plan:
  - Ran `bin/storage upgrade -f`.
  - Edited the view policy of an OAuth server (prepatch: fatal; postpatch: worked great).

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T10975

Differential Revision: https://secure.phabricator.com/D15938
2016-05-17 08:50:27 -07:00
epriestley
f930a43f91 Remove "Used By" from Passphrase
Summary: Fixes T10972. Nothing actually updates this anymore, and only repositories ever did (e.g., Harbormaster and Drydock have never tracked it). Keeping track of this is more trouble than it's worth.

Test Plan: Grepped for constants, viewed a passphrase credential.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T10972

Differential Revision: https://secure.phabricator.com/D15932
2016-05-16 16:38:52 -07:00
Luka Kladaric
174f3f6d23 docs: fix setup instructions for Mailgun and S3
Summary: The S3 fields are mandatory and if you only enter the ones in the docs you will immediately encounter a "Amazon S3 is Only Partially Configured" error. For Mailgun the error is more difficult to figure out - emails get stuck on Mailgun's side but the error is illegible. On Phabricator's side you have to go trawling through nginx logs to find "Mail signature is not valid. Check your Mailgun API key."

Test Plan: Deploy a new standalone instance, follow old instructions, fail. Deploy another one, follow updated instructions, win.

Reviewers: epriestley, #blessed_reviewers

Reviewed By: epriestley, #blessed_reviewers

Subscribers: Korvin

Differential Revision: https://secure.phabricator.com/D15931
2016-05-16 22:11:37 +02:00
epriestley
bf5437212c When a revision is accepted but has open dependencies, show a note in the list UI
Summary:
Ref T10939. I don't think this is hugely important, but it doesn't clutter things up much and it's nice as a hint.

T4055 was the original request specifically asking for this. It wanted a separate bucket, but I think this use case isn't common/strong enough to justify that.

I would like to improve Differential's "X depends on Y" feature in the long term. We don't tend to use/need it much, but it could easily do a better and more automatic job of supporting review of a group of revisions.

Test Plan: {F1426636}

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T10939

Differential Revision: https://secure.phabricator.com/D15930
2016-05-16 12:11:52 -07:00
epriestley
c5853b4f48 Put revisions you're a reviewer on which need review and which you've commented on in "Should Review"
Summary: Ref T10939. These poor stragglers got left out in the rain. Didn't catch any issues otherwise.

Test Plan: {F1426604}

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T10939

Differential Revision: https://secure.phabricator.com/D15929
2016-05-16 11:39:35 -07:00
epriestley
6e9828c743 Fix a dashboard bucketing bug
Summary: Ref T10939. For various historical reasons, revision status is a numeric string. This comparison fails because it's `(string) !== (int)`. Just use `!=` so this will still work if we turn it into a real string in the future.

Test Plan: Tried a more specific test case locally, got better looking results in "Must Review" and "Should Review".

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T10939

Differential Revision: https://secure.phabricator.com/D15928
2016-05-16 11:07:10 -07:00
epriestley
8a98868bfb Remove "days fresh" / "days stale" indictator in Differential revision list
Summary:
Ref T10939. I'm not //totally// opposed to the existence of this element, but I think it's the kind of thing that would never make it upstream today. I think this should just be a T418 custom sort of thing in the long run, not a mainline upstream feature.

Overall, I think this thing is nearly useless and just adds visual clutter. My dashboard is about 100% red. This also sort of teaches users that it's fine to let revisions sit for a couple of days, which isn't what I'd like the UI to teach. Finally, removing it helps the UI feel a little less cluttered after the visually busy changes in D15926.

Test Plan: Grepped for removed config. Viewed revision list.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T10939

Differential Revision: https://secure.phabricator.com/D15927
2016-05-16 10:47:19 -07:00
epriestley
d46378df20 Modernize "Responsible Users" tokenizer and add "exact(user)" token
Summary:
Ref T10939. Fixes T9263. Ref T4144.

First, this resolves users (converting users into all packages and projects they are responsible for) earlier, so bucketing can act on that data correctly. Previously, your own blocking reviews would appear in "Must Review" but your packages/projects' would not. Now, all of them will.

Second, this adds `exact(username)` to mean "just me, not my packages/projects". You can use this along with "Bucket: By Required Action" to create a personal view of "Active Revisions" if you'd like, and ignore all your project/package reviews.

Test Plan: Queried by "me" and "exact(me)", got reasonable looking results.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T4144, T9263, T10939

Differential Revision: https://secure.phabricator.com/D15925
2016-05-16 10:46:26 -07:00
epriestley
42d49be47b Change Differential revision buckets to focus on "next required action"
Summary:
Ref T10939. Ref T4144. This splits the existing buckets ("Blocking Others", "Action Required", "Waiting on Others") into 6-7 buckets with a stronger focus on what the next action you need to take is.

See T10939#175423 for some discussion.

Overall, I think some of the root problems here are caused by reviewer laziness and shotgun review workflows (where a ton of people get automatically added to everything, probably unnecessarily), but these buckets haven't been updated since the introduction of blocking reviewers or project/package reviewers and I think splitting the 3 buckets into 6 buckets isn't unreasonable, even though it's kind of a lot of buckets and the root problem here is approximately "I want to ignore a bunch of stuff on my dashboard".

I didn't remove the old bucketing code yet since it's still in use on the default homepage.

This also isn't quite right until I fix the tokenizer to work properly, since it won't bucket project/package reviewers accurately.

Test Plan: {F1395972}

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T4144, T10939

Differential Revision: https://secure.phabricator.com/D15924
2016-05-16 10:45:20 -07:00
epriestley
eade206625 Introduce search result buckets
Summary:
Ref T10939. Currently, Differential hard-codes some behaviors for the "active" filter. This introduces "buckets" to make this grouping behavior more general/flexible.

The buckets don't actually do any grouping yet, this just gets rid of the `$query === 'active'` stuff so far.

These buckets change the page size to a large value, becuase pagination won't currently work with bucketing.

The problem is that we normally paginate by selecting one more result than we need: so if we're building a page of size 10, we'll select 11 results. This is fast, and if we get 11 back, we know there's a next page with at least one result on it.

With buckets, we can't do this, since our 11 results might come back in these buckets:

  - A, B, C, A, C, C, A, A, B, B, (B)

So we know there are more results, and we know that bucket B has more results, but we have no clue if bucket A and bucket C have more results or not (or if there's anything in bucket D, etc).

We might need to select a thousand more results to get the first (D) or the next (A).

So we could render something like "Some buckets have more results, click here to go to the next page", but users would normally expect to be able to see "This specific bucket, A, has more results.", and we can't do that without a lot more work.

It doesn't really matter for revisions, because almost no one has 1K of them, but this may need to be resolved eventually.

(I have some OK-ish ideas for resolving it but nothing I'm particularly happy with.)

Test Plan: {F1376542}

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T10939

Differential Revision: https://secure.phabricator.com/D15923
2016-05-16 10:44:42 -07:00
epriestley
3a727c31e2 Modernize DifferentialRevisionSearchEngine
Summary:
Ref T10939. Ref T4144. This moves the revision SearchEngine to modern code so I can add some kind of bucketing layer on top of it.

This seems to have worked pretty cleanly. One thing is that I removed the ability to search for "pending drafts":

  - This was added in D1927 from a bootcamp task, was an indirect solution to a questionable problem, and almost certainly would not meet the bar today.
  - Later, in D3324, we added the icons to the list. I think this is a better solution in general. In particular, it specifically addressed the query being kind of junky.
  - At the time, Differential had a prebuilt "Drafts" filter. This was removed in D6347 with the move to ApplicationSearch, which simplified the large number of prebuilt filters. Although we got a lot of feedback about that, none requested that the drafts filter be restored.

Test Plan: Searched for responsible users, subscribers, orders, projects, repositories.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T4144, T10939

Differential Revision: https://secure.phabricator.com/D15921
2016-05-16 10:44:11 -07:00
Chad Little
03a1deba23 Remove hard-coding of diff line height
Summary: Fixes T10959. This is the smallest/simplest fix that I could come up with, and I wasn't able to break it. Basically, I removed "line-height" and then adjusted other rules until the defaults looked reasonable again.

Test Plan:
Here's `24px / 48px impact` or something like it:

{F1310445}

{F1310446}

Here's normal stuff working properly without weird artifacts on the highlighting:

{F1310447}

Also tested Firefox and Chrome and got similar results.

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: wxm20073527, Korvin

Maniphest Tasks: T10959

Differential Revision: https://secure.phabricator.com/D15905
2016-05-16 10:21:37 -07:00
Austin Seipp
1567f07e3c Fix some broken links in the cluster documentation
Summary:
Looks like some copy pasta snuck in. Also fixes a missed
parenthesis.

Test Plan: Eyeball it.

Reviewers: #blessed_reviewers, epriestley

Reviewed By: #blessed_reviewers, epriestley

Subscribers: Korvin

Differential Revision: https://secure.phabricator.com/D15920
2016-05-15 07:15:34 +00:00
epriestley
c9365e48d8 Don't trigger "Auto Review" if the author is already an owner; document "Auto Review"
Summary:
Ref T10939. If you already own a package, don't trigger the subscribe/review rules.

Document how these rules work.

Test Plan:
  - Read documentation.
  - Removed reviewers, updated a revision, got autoreviewed.
  - Joined package.
  - Removed reveiwers, updated a revision, no more autoreview.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T10939

Differential Revision: https://secure.phabricator.com/D15918
2016-05-13 17:24:33 -07:00
epriestley
92b9fa47d0 Allow Herald to add package reviewers
Summary: Ref T10939. Packages are valid reviewers, so let Herald "Add Reviewers" and "Add Blocking Reviewers" actions add them.

Test Plan:
  - Wrote a rule to add package reviewers.
  - Hit the rule, saw a package reviewer added, viewed transcript.

{F1311731}

{F1311732}

{F1311733}

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T10939

Differential Revision: https://secure.phabricator.com/D15917
2016-05-13 17:23:07 -07:00
epriestley
332d787dc8 Support "Review Changes" and "Block Changes" settings for Owners package "Auto Review"
Summary:
Ref T10939. Fixes T8887. This enables and implements the "review" and "blocking review" options for packages.

This is a bit copy-pastey from `DifferentialReviewersHeraldAction`, which doesn't feel awesome. I think the right fix is Glorious Infrasturcture, though -- I filed T10967 to track that.

Test Plan:
  - Set package autoreveiw to "Review".
  - Updated, got a reveiwer.
  - Set autoreview to "blocking".
  - Updated, got a blocking reviewer.

{F1311720}

{F1311721}

{F1311722}

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T8887, T10939

Differential Revision: https://secure.phabricator.com/D15916
2016-05-13 17:22:36 -07:00
epriestley
52ac242eb3 Implement "Auto Review" in packages with a "Subscribe" option
Summary:
Ref T10939. Ref T8887. This moves toward letting packages automatically become reviewers or blocking reviewers of owned code.

This change adds an "Auto Review" option to packages. Because adding reviewers/blocking reviewers is a little tricky, it doesn't actually have these options yet -- just a "subscribe" option. I'll do the reviewer work in the next update.

Test Plan:
Created a revision in a package with "Auto Review: Subscribe to Changes". The package got subscribed.

{F1311677}

{F1311678}

{F1311679}

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T8887, T10939

Differential Revision: https://secure.phabricator.com/D15915
2016-05-13 17:21:58 -07:00
epriestley
70ddb1c45f Allow packages to be added as revision reviewers via the UI
Summary:
Ref T10939. This lets you add packages as reviewers manually.

"Project Reviewers" now lists both projects and packages. I have renamed this to "Coalition Reviewers" but that's probably horrible and confusing. I'm not sure "Group Reviewers" is much better.

Test Plan:
  - Added a package as a reviewer manually.
  - Joined it, got authority over it.
  - Saw the review on my dashboard.
  - Accepted the revision, got authority extended to the package review.

{F1311652}

{F1311653}

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T10939

Differential Revision: https://secure.phabricator.com/D15914
2016-05-13 17:20:09 -07:00
epriestley
4ba4cb9711 Use "fa-shopping-bag" instead of "fa-list-alt" for Owners package icon
Summary:
Ref T10939. These appear in "Subscribers" tokenizers now and we got a maybe slightly better icon in the last FA update: {icon shopping-bag} instead of {icon list-alt}.

(I don't feel strongly about this, the old icon just doesn't seem very evocative.)

Test Plan:
o.( O___O ).o

{F1311641}

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T10939

Differential Revision: https://secure.phabricator.com/D15913
2016-05-13 17:19:20 -07:00
epriestley
547abfe873 Make packages mailable and subscribable
Summary:
Ref T10939. Fixes T7834.

  - Make packages into mailable objects, like projects and users.
  - Packages resolve recipients by resolving project and user owners into recipients.

Test Plan:
  - Added a comment to a revision with a package subscriber.
  - Used `bin/mail show-outbound` to see that owners got mail.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T7834, T10939

Differential Revision: https://secure.phabricator.com/D15912
2016-05-13 17:18:57 -07:00
epriestley
3ea47d967a Allow monogrammed objects to be parsed from the arc command line in "Reviewers" and similar fields
Summary:
Ref T10939. This allows the CLI to parse reviewers and subscribers like this:

```Reviewers: epriestley, O123 Some Package Name```

The rule goes:

  - If a reviewer or subscriber starts with a monogram (like `X111`), just look that up and ignore everything until the next comma.
  - Otherwise, split it on spaces and look up each part.

This means that these are valid:

```
alincoln htaft
alincoln, htaft
#a #b epriestley
O123 Some Package, epriestley, #b
```

I think the only real downside is that this:

```
O123 Some Package epriestley
```

...ignores the "epriestley" part. However, I don't expect users to be typing package monograms manually -- they just need to be representable by `arc land` and `arc diff --edit` and such. Those flows will always add commas and make the parse unambiguous.

Test Plan:
  - Added test coverage.
  - `amend --show`'d a revision with a package subscriber (this isn't currently possible to produce using the web UI, it came from a future change) and saw `Subscribers: O123 package name, usera, userb`.
  - Updated a revision with a package subscriber.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T10939

Differential Revision: https://secure.phabricator.com/D15911
2016-05-13 17:18:35 -07:00
epriestley
9abc16df4d Give Owners packages the "O" monogram
Summary:
Ref T10939. This isn't ideal because it's easy to confuse with zero ("O" vs "0") but I think this will mostly be read-only so it's probably one of the least-bad uses we could make of "O". We haven't really gotten into trouble with "I" (vs "1") for initiatives. Still, open to better ideas.

The goal here is to allow commit messages to include packages in some reasonable way, like `Reviewers: O123 Package Name, epriestley, alincoln`. The parser will ignore the "Package Name" part, that's just for humans. And I don't expect humans to type this, but when the use `arc diff --edit` or similar to update an //existing// revision, the reviewer needs to be represented somehow. It also needs to appear in the commit messages that `arc land` finalizes somehow.

I didn't hook up `/O123` as a URI, but this should do everything else I think.

Test Plan:
  - Viewed package list.
  - Viewed package detail.
  - Did global search for `O12`.
  - Used `O12` and `{O12}` remarkup rules.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T10939

Differential Revision: https://secure.phabricator.com/D15910
2016-05-13 17:18:15 -07:00
epriestley
44057ad269 Consider packages when calculating Differential authority
Summary:
Ref T10939. This has no effect yet since packages can not actually become reviewers, I'm just inching toward support.

  - When searching for "responsible users", include revisions that need review by packages you have authority over.
  - When calculating review authority, include authority over packages you are a member of (these currently never exist).

Test Plan:
This isn't reachable so I just `var_dump()`'d stuff and looked at the generated queries, which appeared correct/reasonable.

I'll vet this more thoroughly once packages can actually become reviewers.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T10939

Differential Revision: https://secure.phabricator.com/D15909
2016-05-13 17:17:50 -07:00
epriestley
1793e2f945 Use ye new Englishe in ye docs
Summary: Ah, a fine thing it be.

Test Plan: Pip pip cheerio.

Reviewers: chad

Reviewed By: chad

Differential Revision: https://secure.phabricator.com/D15919
2016-05-13 13:55:57 -07:00
epriestley
dc2d87059b Fix an issue with URI index updates from the daemons
Summary:
Ref T10923. This extension needs to load a little more data (with `needURIs`) to function correctly now.

(There's a recent migration does this, so indexes got updated correctly when it ran, so it hasn't been obvious that they weren't getting updated properly after that.)

Test Plan: Made an arbitrary edit to a repository, observed no more error in daemon logs.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T10923

Differential Revision: https://secure.phabricator.com/D15908
2016-05-13 06:51:31 -07:00
epriestley
e5f2ccc57f Don't trigger audits for archived packages
Summary:
Ref T10939. This is just a bug. I thought this was what was described in T10174 but that's actually talking about something completely different.

Also make a `<select />` slightly easier to use.

Test Plan:
  - Created a package with auditing enabled.
  - Pushed a change.
  - Saw audit trigger.
  - Disabled the package, pushed a change.
    - Before patch: saw audit trigger improperly.
    - After patch: restarted daemons, then saw audit correctly not trigger.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T10939

Differential Revision: https://secure.phabricator.com/D15907
2016-05-13 06:49:42 -07:00
epriestley
1c73ad6a1b Make repository daemon locks more granular and forgiving
Summary:
Ref T4292. Currently, we hold one big lock around the whole `bin/repository update` workflow.

When running multiple daemons on different hosts, this lock can end up being contentious. In particular, we'll hold it during `git fetch` on every host globally, even though it's only useful to hold it locally per-device (that is, it's fine/good/expected if `repo001` and `repo002` happen to be fetching from a repository they are observing at the same time).

Instead, split it into two locks:

  - One lock is scoped to the current device, and held during pull (usually `git fetch`). This just keeps multiple daemons accidentally running on the same host from making a mess when trying to initialize or update a working copy.
  - One lock is scoped globally, and held during discovery. This makes sure daemons on different hosts don't step on each other when updating the database.

If we fail to acquire either lock, assume some other process is legitimately doing the work and bail more quietly instead of fataling. In approximately 100% of cases where users have hit this lock contention, that was the case: some other daemon was running somewhere doing the work and the error didn't actually represent an issue.

If there's an actual problem, we still raise a diagnostically useful message if you run `bin/repository update` manually, so there are still tools to figure out that something is hung or whatever.

Test Plan:
  - Ran `bin/repository update`, `pull`, `discover`.
  - Added `sleep(5)`, forced processes to contend, got lock exceptions and graceful exit with diagnostic message.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T4292

Differential Revision: https://secure.phabricator.com/D15903
2016-05-13 05:17:27 -07:00
epriestley
8cdafb0032 Allow users to set a line-height in their monospaced font preference
Summary: Ref T10959. This does not fix the problem because the `.differential-diff td` rule is still stronger, but it does let you choose a more compact or breezy style for remarkup blocks and pastes.

Test Plan:
  - Set font to `24px / 48px impact`.
  - Viewed a paste, saw lovely readable text.
  - Viewed an inline code block which was very easy on the eyes.

{F1310420}

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T10959

Differential Revision: https://secure.phabricator.com/D15904
2016-05-13 05:10:27 -07:00
epriestley
984dff0ae3 Provide a more consistent, mostly relaxed severity for updating non-cluster repositories on cluster devices
Summary:
Fixes T10940. Two issues currently:

First, `PullLocal` deamon refuses to update non-cluster repositories on cluster devices. However, this is surprising/confusing/bad because as soon as you enroll a repository host in the cluster, most of the repositories on it stop working until you `clusterize` them. This is especially confusing because the documentation gives you a very nice, gradual walkthrough about going through things slowly and being able to check your work at every step, but we really drop you off a bit of a cliff here. The workflow implied by the documentation is a desirable one.

This operation is generally only unsafe/problematic if the daemon would be creating a //new// working copy. If a working copy already exists, we can reasonably guess that it's almost certainly because you've enrolled a previously un-clustered host into a new cluster. This allows the nice, gradual workflow the documentation describes to proceed as expected, without any weird surprises.

Instead of refusing to update these repositories, only refuse to update them if updating would create a new working copy. This should make transitioning much smoother without any meaningful reduction in safety.

Second, the lower-level `bin/repository update`, `refs`, `mirror`, etc., commands don't apply this same check. However, these commands are potentially just as dangerous. Use the same code to do a similar check there, making sure we only operate on repositories that are either expected to be on the current device, or which already exist here.

Test Plan:
  - Ran `bin/phd debug pull`, saw diagnostic information choose to update most repositories (including some non-cluster repositories) but properly skip non-cluster repositories that do not exist locally.
  - Ran `bin/repository update`, etc., saw the command apply consistent rules to the rules applied by `PullLocal` and refuse to update non-local repositories it would need to create.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T10940

Differential Revision: https://secure.phabricator.com/D15902
2016-05-12 15:51:14 -07:00
epriestley
bd9bcaa8ff Improve HTML mail rendering of inline patches
Summary: Fixes T9790. This uses a simple renderer, like the inline context renderer, that emphasizes getting a quick glance at small changes and working reasonably on mobile devices.

Test Plan:
  - Set `inline` setting to `9999`.
  - Created a diff.
  - Saw it render reasonably in HTML mail.
  - Also tested text mail to make sure I didn't break that.

{F1310137, size=full}

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T9790

Differential Revision: https://secure.phabricator.com/D15901
2016-05-12 12:13:40 -07:00
epriestley
9d196648f5 Prevent users from disabling repository builtin URIs
Summary:
Ref T10923. Currently, users can disable or enable builtin URIs, but this doesn't actually do anything.

The behavior of "disable" has changed a bit over time and might need some further refinement, but it's currently meaningless for builtin URIs. Prevent adjustment of it. If users want to hide a URI, they should set "Display: Hidden" instead.

Test Plan:
  - Disabled/enabled a non-builtin URI.
  - Tried to disable a builtin URI, saw greyed out UI and got a helpful error message.

Reviewers: chad

Reviewed By: chad

Subscribers: eadler

Maniphest Tasks: T10923

Differential Revision: https://secure.phabricator.com/D15899
2016-05-12 12:09:23 -07:00
epriestley
5162f81095 Provide SSH host documentation, tweak/supplement cluster documentation
Summary: Ref T10751. I think this mostly brings us up to date with the state of the world.

Test Plan: Read documentation.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T10751

Differential Revision: https://secure.phabricator.com/D15897
2016-05-12 12:09:04 -07:00