1
0
Fork 0
mirror of https://we.phorge.it/source/phorge.git synced 2024-12-30 01:10:58 +01:00
Commit graph

9221 commits

Author SHA1 Message Date
Bob Trahan
1d72a5f683 Differential - finesse Differential diff view controller
Summary:
Fixes T7229. Some usability issues around this controller - basically you can't leave comments with it and its not particular useful compared to the revision page.

Ergo, if there is a revision associated with a given diff, just re-direct back to the revision page with the proper diff loaded.

Test Plan: Tried to view a diff on the standalone controller attached to a revision and instead was re-directed to the revision view page with the proper diff loaded.

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: Korvin, epriestley

Maniphest Tasks: T7229

Differential Revision: https://secure.phabricator.com/D11811
2015-02-19 10:55:56 -08:00
epriestley
f6915a7975 Add a heursitic for initial pushes which are really imports
Summary:
Fixes T7298. There are two ways to import a repository that you want to host, today:

  - Create it as "hosted", then push everything to it.
  - Create it as "imported", let it import, then switch it to "hosted".
  - (Neither of these work with SVN.)

We don't specifically recommend one or the other, although I believe both should work, and most users seem to go with the first one.

In the first workflow, the new empty repository imports completely and gets marked "imported", so our default behavior is then to publish commits. This can generate a lot of email/notification/feed spam.

If you're a fancy expert you might turn off "publish" before pushing, but normal users will frequently miss this.

Instead, when we receive an "import-like" push to an empty repository, put the repository back into "importing" after we accept the changes.

This has to be heuristic since we can't know for sure if a push is an import or new commits, but here's a simple rule that should do pretty well. We can refine it if necessary.

Test Plan:
  - Created a new empty repository.
  - Added some debugging code; verified the "commit count" and "empty" rules were calculated properly.
  - Pushed 8+ commits and saw the repo go into "importing", import, and leave "importing".
  - Pushed 8+ commits again and saw them publish.

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: epriestley

Maniphest Tasks: T7298

Differential Revision: https://secure.phabricator.com/D11827
2015-02-19 10:38:16 -08:00
epriestley
8599145b5e Implement more consistent publishing rules for repositories
Summary:
Ref T7298. We are currently inconsistent about when we publish feed, email, notifications, audits and Herald rules.

Specifically, there are two settings which impact these things:

  - The "importing" flag, which is set when we're importing old commits.
  - The "herald-disabled" flag, which was expanded in scope some time ago and now actually means "disable publishing".

Various parts of the pipeline were checking only one of these flags. Instead, all of them should check both.

(For example, we should never email users about importing repositories, nor trigger audits on them.)

Test Plan: See next revision.

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: epriestley

Maniphest Tasks: T7298

Differential Revision: https://secure.phabricator.com/D11826
2015-02-19 10:38:05 -08:00
epriestley
29fd3f136b Allow columns to be marked as nonmutable (so save() will not change them)
Summary:
Ref T6840. This feels a little dirty; open to alternate suggestions.

We currently have a race condition where multiple daemons may load a commit and then save it at the same time, when processing "reverts X" text. Prior to this feature, two daemons would never load a commit at the same time.

The "reverts X" load/save has no effect (doesn't change any object properties), but it will set the state back to the loaded state on save(). This overwrites any flag updates made to the commit in the meantime, and can produce the race in T6840.

In other cases (triggers, harbormaster, repositories) we deal with this kind of problem with "append-only-updates + single-consumer", or a bunch of locking. There isn't really a good place to add a single consumer for commits, since a lot of daemons need to access them. We could move the flags column to a separate table, but this feels pretty complicated. And locking is messy, also mostly because we have so many consumers.

Just exempting this column (which has unusual behavior) from `save()` feels OK-ish? I don't know if we'll have other use cases for this, and I like it even less if we never do, but this patch is pretty small and feels fairly understandable (that said, I also don't like that it can make some properties just silently not update if you aren't on the lookout).

So, this is //a// fix, and feels simplest/least-bad for the moment to me, I thiiink.

Test Plan: Added and executed unit tests.

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: epriestley

Maniphest Tasks: T6840

Differential Revision: https://secure.phabricator.com/D11822
2015-02-19 10:37:17 -08:00
epriestley
6a60b8cb6f Set "importStatus" as nonmutable on save()
Summary: Fixes T6840. Depends on D11822, which is a little iffy.

Test Plan:
Verified all references to `importStatus` are either:

  - SQL patches creating the column;
  - reads;
  - writes immediately before an insert; or
  - explicit updates of the column.

That is, I identified no cases of `setImportStatus(X)->save()` on a Commit which may already exist. This //would// break that.

In general, almost all writes go through `$commit->writeImportStatusFlag()`, which is an explicit update.

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: epriestley

Maniphest Tasks: T6840

Differential Revision: https://secure.phabricator.com/D11823
2015-02-19 10:36:36 -08:00
epriestley
751ffe123d Support HTTP Strict Transport Security
Summary:
Ref T4340. The attack this prevents is:

  - An adversary penetrates your network. They acquire one of two capabilities:
    - Your server is either configured to accept both HTTP and HTTPS, and they acquire the capability to observe HTTP traffic.
    - Or your server is configured to accept only HTTPS, and they acquire the capability to control DNS or routing. In this case, they start a proxy server to expose your secure service over HTTP.
  - They send you a link to `http://secure.service.com` (note HTTP, not HTTPS!)
  - You click it since everything looks fine and the domain is correct, not noticing that the "s" is missing.
  - They read your traffic.

This is similar to attacks where `https://good.service.com` is proxied to `https://good.sorvace.com` (i.e., a similar looking domain), but can be more dangerous -- for example, the browser will send (non-SSL-only) cookies and the attacker can write cookies.

This header instructs browsers that they can never access the site over HTTP and must always use HTTPS, defusing this class of attack.

Test Plan:
  - Configured HTTPS locally.
  - Accessed site over HTTP (got application redirect) and HTTPS.
  - Enabled HSTS.
  - Accessed site over HTTPS (to set HSTS).
  - Tore down HTTPS part of the server and tried to load the site over HTTP. Browser refused to load "http://" and automatically tried to load "https://". In another browser which had not received the "HSTS" header, loading over HTTP worked fine.
  - Brought the HTTPS server back up, things worked fine.
  - Turned off the HSTS config setting.
  - Loaded a page (to set HSTS with expires 0, diabling it).
  - Tore down the HTTPS part of the server again.
  - Tried to load HTTP.
  - Now it worked.

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: epriestley

Maniphest Tasks: T4340

Differential Revision: https://secure.phabricator.com/D11820
2015-02-19 10:33:48 -08:00
epriestley
35c55f7ddf Improve visibility of repository credential errors
Summary:
Fixes T7310. We have a whole mechanism for surfacing update errors, but only surface actual update errors, not pull errors.

Instead, surface pull errors too.

Then format them a little more nicely.

Test Plan: {F309769}

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: epriestley

Maniphest Tasks: T7310

Differential Revision: https://secure.phabricator.com/D11821
2015-02-19 10:32:25 -08:00
Chad Little
f47033f74e Make Segoe default font for Windows
Summary: Helvetica on modern Windows systems doesn't display very well, bolds are fairly not bold and leading between characters is all over the place. This change picks Segoe as the default Windows font which is easier to read, and the bolds are much crisper. There is even a slight improvement in text density with the improved leading.

Test Plan:
I've been using this locally for a few months, overall it's fairly similiar to Source Sans which people seem to enjoy.

{F309851}

{F309852}

Reviewers: btrahan, epriestley

Reviewed By: epriestley

Subscribers: hach-que, Korvin, epriestley

Differential Revision: https://secure.phabricator.com/D11825
2015-02-19 09:10:27 -08:00
Chad Little
08e67e0db7 Minor, touch up Exception rendering
Summary: Cleans up spacing, hides footer if nothing present, uses common colors.

Test Plan:
Write some typical for a designer code.

{F309840}

Reviewers: btrahan, epriestley

Reviewed By: epriestley

Subscribers: Korvin, epriestley

Differential Revision: https://secure.phabricator.com/D11824
2015-02-19 08:45:37 -08:00
Chad Little
4c2e36f561 Have DifferentialRevisionListView return ObjectBoxView
Summary: Uses PHUIObjectBoxView to display lists of diffs in Differential and Diffusion, unless embedded on a dashboard.

Test Plan:
Test Dashboard panel, Differential home, Commit, and Diff

{F282173}

{F282174}

Reviewers: btrahan, epriestley

Reviewed By: epriestley

Subscribers: Korvin, epriestley

Differential Revision: https://secure.phabricator.com/D11659
2015-02-19 08:11:17 -08:00
Chad Little
f59a382189 Consilidate blue links in source-sans documents
Summary: We had two different blues for links here, cleaning that up.

Test Plan: Read a few Diviner documents

Reviewers: btrahan, epriestley

Reviewed By: epriestley

Subscribers: Korvin, epriestley

Differential Revision: https://secure.phabricator.com/D11818
2015-02-19 07:03:38 -08:00
Chad Little
e2fcc3c187 Touch up Audit/Commit List UI
Summary: Fixes a few issues. The author of the commit is more prominent / not cut off. Auditors is in a more consistent location. More space is available for reasons. Commits by themselves look much less janky. Only downside is actual Audits are now 3 lines vs. 2, but the extra space is used well.

Test Plan:
Test list of audits and commits.

{F309237}

Reviewers: btrahan, epriestley

Reviewed By: epriestley

Subscribers: Korvin, epriestley

Differential Revision: https://secure.phabricator.com/D11817
2015-02-19 07:03:18 -08:00
Chad Little
b1ed68b8fe Set Header on XHProf ObjectBox
Summary: Third times the charm?

Test Plan: pray

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: Korvin, epriestley

Differential Revision: https://secure.phabricator.com/D11816
2015-02-18 16:03:02 -08:00
Chad Little
7cd7ee4543 Fix fatal in XHProf
Summary: derp, fixed method call

Test Plan: Looked up PHUIHeaderView, checked method.

Reviewers: btrahan, epriestley

Reviewed By: epriestley

Subscribers: Korvin, epriestley

Differential Revision: https://secure.phabricator.com/D11815
2015-02-18 15:54:25 -08:00
Bob Trahan
a77127ab63 Projects - fix translation strings in watcher edge class
Summary: Fixes T7319. These need a "%s" for the count where they had a "%d"

Test Plan: plan in D11812 is no longer a lie! (watcher added / removed strings render correctly)

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: Korvin, epriestley

Maniphest Tasks: T7319

Differential Revision: https://secure.phabricator.com/D11813
2015-02-18 15:44:54 -08:00
Chad Little
4e348bb04d Remove extra space under PHUIActionPanel
Summary: If we don't have a state in PHUIActionPanelView, don't set the extra padding to display it.

Test Plan: Review in UIExamples.

Reviewers: epriestley, btrahan

Reviewed By: btrahan

Subscribers: Korvin, epriestley

Differential Revision: https://secure.phabricator.com/D11814
2015-02-18 15:43:09 -08:00
Bob Trahan
7ef5c52934 Projects - add translation for watcher strings
Summary: Fixes T7319. ...except I can't get this working in my sandbox? Changes to the translation file don't seem to show up. TEST PLAN IS A LIE

Test Plan: became a watcher, un became a watcher - saw sensical translated strings

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: Korvin, epriestley

Maniphest Tasks: T7319

Differential Revision: https://secure.phabricator.com/D11812
2015-02-18 15:33:52 -08:00
Bob Trahan
17e5f7ff31 Legalpad - make "Cancel" button "Log Out" button for required signature documents
Summary: Fixes T7299. Also re-direct the user to the initial request uri if the signature was required.

Test Plan: made a signature required legalpad doc. visit the instance at a specific uri, signed the document, and ended up at that specific uri

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: Korvin, epriestley

Maniphest Tasks: T7299

Differential Revision: https://secure.phabricator.com/D11809
2015-02-18 13:19:07 -08:00
epriestley
dd96967306 Only increment status message cursor if we're going to consume the message
Summary:
Fixes the long uptake we saw on `meta.phacility.com`. I regressed this in D11795.

We make three calls to this method, but only one actually consumes the messages. The other two are just checking to see if there are any messages.

Only move the cursor up if we're actually going to process the messages.

Test Plan: Sort of tricky to test convincingly since it's inherently race-prone, but ran `debug pulllocal` and pushed update messages and saw it pick them up.

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: epriestley

Differential Revision: https://secure.phabricator.com/D11808
2015-02-18 12:53:37 -08:00
Joshua Spence
6a8f31a0ec Fix undefined variable
Summary:
I am hitting this error when generating Diviner documentation:

```
COMMAND
'/usr/src/phabricator/bin/diviner' atomize --ugly --book $SOME_BOOK --atomizer 'DivinerPHPAtomizer' -- $SOME_PATHS

STDOUT
(empty)

STDERR
[2015-02-18 23:05:01] EXCEPTION: (RuntimeException) Undefined variable: type at [<phutil>/src/error/PhutilErrorHandler.php:210]
  #0 PhutilErrorHandler::handleError(integer, string, string, integer, array) called at [<phabricator>/src/applications/diviner/atomizer/DivinerPHPAtomizer.php:315]
  #1 DivinerPHPAtomizer::parseReturnType(DivinerAtom, XHPASTNode) called at [<phabricator>/src/applications/diviner/atomizer/DivinerPHPAtomizer.php:116]
  #2 DivinerPHPAtomizer::executeAtomize(string, string) called at [<phabricator>/src/applications/diviner/atomizer/DivinerAtomizer.php:23]
  #3 DivinerAtomizer::atomize(string, string, array) called at [<phabricator>/src/applications/diviner/workflow/DivinerAtomizeWorkflow.php:109]
  #4 DivinerAtomizeWorkflow::execute(PhutilArgumentParser) called at [<phutil>/src/parser/argument/PhutilArgumentParser.php:396]
  #5 PhutilArgumentParser::parseWorkflowsFull(array) called at [<phutil>/src/parser/argument/PhutilArgumentParser.php:292]
  #6 PhutilArgument... (87 more bytes) ... at [<phutil>/src/future/exec/ExecFuture.php:416]
  #0 ExecFuture::resolvex(NULL) called at [<phutil>/src/future/exec/ExecFuture.php:438]
  #1 ExecFuture::resolveJSON() called at [<phabricator>/src/applications/diviner/workflow/DivinerGenerateWorkflow.php:349]
  #2 DivinerGenerateWorkflow::resolveAtomizerFutures(array, array) called at [<phabricator>/src/applications/diviner/workflow/DivinerGenerateWorkflow.php:209]
  #3 DivinerGenerateWorkflow::buildAtomCache() called at [<phabricator>/src/applications/diviner/workflow/DivinerGenerateWorkflow.php:170]
  #4 DivinerGenerateWorkflow::generateBook(string, PhutilArgumentParser) called at [<phabricator>/src/applications/diviner/workflow/DivinerGenerateWorkflow.php:74]
  #5 DivinerGenerateWorkflow::execute(PhutilArgumentParser) called at [<phutil>/src/parser/argument/PhutilArgumentParser.php:396]
  #6 PhutilArgumentParser::parseWorkflowsFull(array) called at [<phutil>/src/parser/argument/PhutilArgumentParser.php:292]
  #7 PhutilArgumentParser::parseWorkflows(array) called at [<phabricator>/scripts/diviner/diviner.php:21]
```

Test Plan: N/A

Reviewers: #blessed_reviewers, epriestley

Reviewed By: #blessed_reviewers, epriestley

Subscribers: Korvin, epriestley

Differential Revision: https://secure.phabricator.com/D11807
2015-02-19 07:23:01 +11:00
Chad Little
11f0c1a47d Modernize XHProf
Summary: Use modern components, pht

Test Plan: I have no data locally, expect @epriestley to commandeer

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: Korvin, epriestley

Differential Revision: https://secure.phabricator.com/D11805
2015-02-18 11:51:12 -08:00
Bob Trahan
7f1914540f Phortune - require high security sessions for subscription edits
Summary: Ref T7202.

Test Plan: Visited edit subscription page and it worked. Clicked edit link from subscription view page and got to the right place.

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: Korvin, epriestley

Maniphest Tasks: T7202

Differential Revision: https://secure.phabricator.com/D11803
2015-02-18 11:37:30 -08:00
Chad Little
eefead7721 Make icons in tags more floaty, less absoluty
Summary: This change wraps the icon inline with the text, so smaller width icons have equal spacing between the border and text.

Test Plan:
review a number of different tag with icons, also UIExamples.

{F309048}

Reviewers: btrahan, epriestley

Reviewed By: epriestley

Subscribers: Korvin, epriestley

Differential Revision: https://secure.phabricator.com/D11802
2015-02-18 11:28:11 -08:00
Chad Little
f9638edf37 Allow public on list of subscribers
Summary: Fixes T7317, allows public to be set on this list controller.

Test Plan: Tested a list of subscribers on a logged in and logged out Diff.

Reviewers: btrahan, epriestley

Reviewed By: epriestley

Subscribers: Korvin, epriestley

Maniphest Tasks: T7317

Differential Revision: https://secure.phabricator.com/D11801
2015-02-18 11:11:12 -08:00
epriestley
02b174c2af Allow a different SSH host to be set in Diffusion
Summary:
Ref T6941. In the cluster (and in other reasonable setups) we've separated SSH load balancers from HTTP load balancers.

In particular, ELBs will not let you load balance port 22, so this is likely a reasonable/common issue in larger clusters in AWS.

Allow users to specify an alternate host for SSH traffic.

Test Plan: Set host to someting different, saw it reflected in UI.

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: epriestley

Maniphest Tasks: T6941

Differential Revision: https://secure.phabricator.com/D11800
2015-02-18 10:51:14 -08:00
Chad Little
0b2697bb92 Add ability to query dashboard panels by paneltype
Summary: Pretty basic, but you can now search panels by type (query, text, tab).

Test Plan: Searched for a few different types of panels, results look correct

Reviewers: btrahan, epriestley

Reviewed By: epriestley

Subscribers: Korvin, epriestley

Differential Revision: https://secure.phabricator.com/D11782
2015-02-18 10:50:37 -08:00
Chad Little
b4d03bb26c Remove side spacing on code remarkup
Summary: Sets everything up flush, I think this is the only indented block left.

Test Plan:
Write some code.

{F289438}

Reviewers: btrahan, epriestley

Reviewed By: epriestley

Subscribers: Korvin, epriestley, #design

Differential Revision: https://secure.phabricator.com/D11721
2015-02-18 09:08:51 -08:00
epriestley
894025778c Force Aphlict server connections to HTTP
Summary: This port is always HTTP, so use HTTP even if users have set the URI to "https".

Test Plan: Launched server and hit status page, status good.

Reviewers: btrahan, chad

Reviewed By: chad

Subscribers: epriestley

Differential Revision: https://secure.phabricator.com/D11799
2015-02-18 07:07:26 -08:00
epriestley
3469265e17 Improve config option documentation for Imagemagick
Summary: Fixes T7306. Fixes a typo and improves the text.

Test Plan: reading

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: epriestley

Maniphest Tasks: T7306

Differential Revision: https://secure.phabricator.com/D11797
2015-02-17 15:31:20 -08:00
epriestley
6a3824a61d Fix an issue where PullLocal daemon could spin in an error loop
Summary: Fixes T7106. If you have bad credentials AND you've pushed an "update this repository" message into the queue, the loop above this level ends up resetting the timer every time we go through it, so the daemon spins in a loop failing forever.

Test Plan:
  - Created a repo with bad credentials.
  - Clicekd "updated now" to queue an update message.
  - Saw daemon run in a loop.
  - Applied patch, no loop.

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: epriestley

Maniphest Tasks: T7106

Differential Revision: https://secure.phabricator.com/D11795
2015-02-17 15:23:24 -08:00
Bob Trahan
52f724e6cf Project - don't create the empty tag on create anymore
Summary: Fixes T7284. We were initialized the project name to the empty string, which was making things work like a rename, including automagically adding the old slug.

Test Plan: made a project and no more "empty" tag being made. also don't have that bad transaction story anymore.

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: Korvin, epriestley

Maniphest Tasks: T7284

Differential Revision: https://secure.phabricator.com/D11794
2015-02-17 15:03:57 -08:00
epriestley
b6031a721f Fix a minor issue with killing daemons
Summary: Even if you --force, we can't kill PID 0. This sends the process itself the signal, and terminates it.

Test Plan: See D11786.

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: epriestley

Differential Revision: https://secure.phabricator.com/D11787
2015-02-17 14:20:57 -08:00
Bob Trahan
17ced84ace OAuth - make sure users know they are exposing their primary email address
Summary: Fixes T7263. Last bit there was to upgrade this dialogue to let users know they are letting their primary email address be exposed in these flows. Depends on D11791, D11792, at least in terms of being accurate to the user as the code ended up strangely decoupled.

Test Plan: wordsmithin'

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: Korvin, epriestley

Maniphest Tasks: T7263

Differential Revision: https://secure.phabricator.com/D11793
2015-02-17 14:19:33 -08:00
Bob Trahan
d6bbbcb620 Conduit - return primary email if its verified in user methods
Summary: Ref T7263. We need this in the oauth case and otherwise it makes sense to include.

Test Plan: used the conduit console and saw my email address included in the results!

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: Korvin, epriestley

Maniphest Tasks: T7263

Differential Revision: https://secure.phabricator.com/D11791
2015-02-17 14:13:49 -08:00
Bob Trahan
81d2f2686c Diffusion - clean up catching ConduitException
Summary: Ref T7123. Turns out that we might throw ConduitClientException now in proxied scenarios. For all but one callsite remove the try / catch bit and don't issue the call for SVN. For the remaining callsite, also don't issue the call for SVN but keep in the exception logic since its renders a pretty error message in the non-proxied case?

Test Plan: played around with diffusion and things looked okay.

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: Korvin, epriestley

Maniphest Tasks: T7123

Differential Revision: https://secure.phabricator.com/D11789
2015-02-17 14:01:17 -08:00
Bob Trahan
3fcc3fdedf Diffusion - be sure to properly unserialize result from conduit query
Summary: Fixes T7256.

Test Plan: Looked at rXPRF0a7a5f69f5d7 in a local instance. things looked great both pre and post patch.

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: Korvin, epriestley

Maniphest Tasks: T7256

Differential Revision: https://secure.phabricator.com/D11790
2015-02-17 13:54:59 -08:00
Bob Trahan
733a9c40ee Legalpad - add "no one" signature type
Summary: Fixes T7294. This lets legalpad store other documents that don't need signatures but conceptually belong in legalpad.

Test Plan: made a document with signature type "no one" and it saved. viewed the document and noted no signing UI was present.

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: Korvin, epriestley

Maniphest Tasks: T7294

Differential Revision: https://secure.phabricator.com/D11788
2015-02-17 11:45:20 -08:00
epriestley
e946e7cebc Add a "--gently" flag to phd stop and phd restart
Summary:
In the cluster, the box has a ton of stuff that "looks like a daemon" beacuse it is some other instance's daemon.

Stop `phd restart` from complaining about this if given a "--gently" flag, which is like the opposite of "--force".

(I'll make it `stop --force` at the beginning of a whole-box restart to kill stragglers.)

Test Plan: Ran `bin/phd restart --gently`, etc.

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: epriestley

Differential Revision: https://secure.phabricator.com/D11784
2015-02-17 11:14:34 -08:00
epriestley
267ff7fbc9 Add a policy restricting mailing list management
Summary:
Fixes T7291. There are a class of spam/annoyance attacks here that we should be more strict about preventing, since you can add an individual's address as a mailing list.

This application is likely on the way out so I didn't bother trying to do per-object policies.

Test Plan: Set policy restrictively and could no longer create or edit mailing lists.

Reviewers: joshuaspence, btrahan

Reviewed By: btrahan

Subscribers: epriestley

Maniphest Tasks: T7291

Differential Revision: https://secure.phabricator.com/D11783
2015-02-17 11:14:26 -08:00
Bob Trahan
82f47f9689 Legalpad - fix requires signature transaction from always being saved
Summary: Fixes T7295. Humbling debugging experience but I got it.

Test Plan: saved a legalpad doc without edits over and over and saw no "requires signature" transaction. toggled "requires signature", saved, and saw the transaction.

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: Korvin, epriestley

Maniphest Tasks: T7295

Differential Revision: https://secure.phabricator.com/D11785
2015-02-17 11:07:14 -08:00
Bob Trahan
e100961453 workboards - make errors from filtering show up
Summary: Fixes T7252. The UI is slightly different than in Maniphest - in Maniphest the error shows up at the bottom and here it shows up the top - but I think the UI here makes sense as you see the error right away on the newly returned dialogue?

Test Plan: set "created after" to "assdaasds" and got an error back. set filter to something that should work and it worked

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: Korvin, epriestley

Maniphest Tasks: T7252

Differential Revision: https://secure.phabricator.com/D11760
2015-02-17 11:06:21 -08:00
epriestley
ebcab8edb6 Namespace Aphlict clients by request path, plus other fixes
Summary:
Fixes T7130. Fixes T7041. Fixes T7012.

Major change here is partitioning clients. In the Phacility cluster, being able to get a huge pile of instances on a single server -- without needing to run a process per instance -- is desirable.

To accomplish this, just bucket clients by the path they connect with. This will let us set client URIs to `/instancename/` and then route connections to a small set of servers. This degrades cleanly in the common case and has no effect on installs which don't do instancing.

Also fix two unrelated issues:

  - Fix the timeouts, which were incorrectly initializing in `open()` (which is called during reconnect, causing them to reset every time). Instead, initialize in the constructor. Cap timeout at 5 minutes.
  - Probably fix subscriptions, which were using a property with an object definition. Since this is by-ref, all concrete instances of the object share the same property, so all users would be subscribed to everything. Probably.

Test Plan:
  - Hit notification status page, saw version bump and instance/path name.
  - Saw instance/path name in client and server logs.
  - Stopped server, saw reconnects after 2, 4, 16, ... seconds.
  - Sent test notification; received test notification.
  - Didn't explicitly test the subscription thing but it should be obvious by looking at `/notification/status/` shortly after a push.

Reviewers: joshuaspence, btrahan

Reviewed By: btrahan

Subscribers: epriestley

Maniphest Tasks: T7041, T7012, T7130

Differential Revision: https://secure.phabricator.com/D11769
2015-02-16 11:31:15 -08:00
epriestley
9a9c4afe59 Improve error messaging for empty Conpherence threads
Summary: Fixes T7275. This makes the error stuff a little more consistent with other modern UIs.

Test Plan: {F307286}

Reviewers: chad, btrahan

Reviewed By: btrahan

Subscribers: epriestley

Maniphest Tasks: T7275

Differential Revision: https://secure.phabricator.com/D11778
2015-02-16 11:31:00 -08:00
epriestley
2cd77b5b58 Improve taskmaster behavior on empty queues
Summary:
Right now, taskmasters on empty queues sleep for 30 seconds. With a default setup (4 taskmasters), this averages out to 7.5 seconds between the time you do anything that queues something and the time that the taskmasters start work on it.

On instances, which currently launch a smaller number of taskmasters, this wait is even longer.

Instead, sleep for the number of seconds that there are taskmasters, with a random offset. This makes the average wait to start a task from an empty queue 1 second, and the average maximum load of an empty queue also one query per second.

On loaded instances this doesn't matter, but this should dramatically improve behavior for less-loaded instances without any real tradeoffs.

Test Plan: Started several taskmasters, saw them jitter out of sync and then use short sleeps to give an empty queue about a 1s delay.

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: epriestley

Differential Revision: https://secure.phabricator.com/D11772
2015-02-16 11:30:49 -08:00
epriestley
3a8cd60bab When cluster.instance is defined, use it to namespace S3 objects
Summary: Ref T7163. This isn't //technically// necessary but seems generally desirable.

Test Plan: Will deploy S3 in production.

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: epriestley

Maniphest Tasks: T7163

Differential Revision: https://secure.phabricator.com/D11770
2015-02-16 11:30:37 -08:00
epriestley
5a9d70707b Fix bad Phortune Subscriptions query
Summary:
Fixes T7285. If the user tries to view a subscription they don't have permission to view, we may filter all the subscriptions out, then still try to load related data. This can fatal because it's invalid.

Instead, bail if we filtered everything.

Test Plan: Subscritption detail page of another user's subscription is now 404 instead of fatal.

Reviewers: btrahan, chad

Reviewed By: chad

Subscribers: epriestley

Maniphest Tasks: T7285

Differential Revision: https://secure.phabricator.com/D11780
2015-02-16 11:17:51 -08:00
epriestley
f206da2dbf Increase height of message box on invite workflow
Summary:
At least one user wanted to type more text here, and it seems reasonable that administrators may want to write a couple of paragraphs.

I didn't make this short for any particular reason, I just wasn't sure what the workflow would look like as I was building it.

Test Plan: Loaded page, saw normal height text area.

Reviewers: btrahan, chad

Reviewed By: chad

Subscribers: epriestley

Differential Revision: https://secure.phabricator.com/D11779
2015-02-16 11:09:07 -08:00
epriestley
557c22e9df Update feature requests doc
Summary:
This mentions "like GitHub", but we purged all the issues and no longer accept them.

Generally, feature requests should be coming to the upstream only nowadays.

Also, don't overpromise IRC.

Test Plan: Read documentation.

Reviewers: btrahan, chad

Reviewed By: chad

Subscribers: epriestley

Differential Revision: https://secure.phabricator.com/D11777
2015-02-16 08:26:39 -08:00
Chad Little
2bccbe4543 Clean up blank states on Phriction
Summary: Removes odd margin. Also removes min-height on content.

Test Plan: Test a fresh Phriction, and a deleted page.

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: Korvin, epriestley

Differential Revision: https://secure.phabricator.com/D11775
2015-02-15 18:14:41 -08:00
Chad Little
e3594e0a61 Restrict font-smoothing to actual buttons
Summary: We use font-smoothing to make better looking buttons, but it makes text buttons look bad.

Test Plan: Test a button in an actionlist, font looks same as other action list items.

Reviewers: btrahan, epriestley

Reviewed By: epriestley

Subscribers: Korvin, epriestley

Differential Revision: https://secure.phabricator.com/D11776
2015-02-15 18:13:54 -08:00