1
0
Fork 0
mirror of https://we.phorge.it/source/phorge.git synced 2024-11-16 11:52:40 +01:00
Commit graph

4703 commits

Author SHA1 Message Date
Ricky Elrod
908253f1db Fix two bugs with Config's Edit controller.
Summary:
* When we restored to the default value, we did, in fact delete the row from the
  database, but then a few lines later down, we saved it again. This patch causes
  the controller to return early on delete, like it was supposed to do to begin
  with.
* When checking the user's input value for `null` (since PHP's JSON encoder will
  return `null` on failure), check the value that the user gave, not the value
  that we default to (which is often `null` anyway). Oops.

Test Plan:
* Saved an empty text field and saw the delete work properly and NOT get
  re-added.
* Put `null` in the text field, and saved successfully.

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, Korvin

Differential Revision: https://secure.phabricator.com/D4300
2012-12-30 06:15:51 -08:00
Mailson Menezes
250fe7fb77 Fix tokenizer placeholder issue
Summary:
The placeholder property remains null despite it is set to a custom
value.

Test Plan:
Use a custom placeholder in `AphrontFormTokenizerControl`

```
id(new AphrontFormTokenizerControl())
  ->setPlaceholder('My custom placeholder...')
  ->setDatasource('/typeahead/common/projects/');
```

The placeholder should be set to "My custom placeholder..."

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, Korvin

Differential Revision: https://secure.phabricator.com/D4297
2012-12-29 13:11:42 -08:00
Chad Little
dbae9452f9 Add a setup icon.
Summary: Adds a setup icon, sprites, and new CSS maps.

Test Plan: Photoshop

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, Korvin

Differential Revision: https://secure.phabricator.com/D4299
2012-12-28 14:21:41 -08:00
Ricky Elrod
a9aedc64e4 Show the default value in Config.
Summary:
As mentioned by @epriestley in an inline on D4290, we should show what happens
if the user leaves the box blank.

Test Plan: Went to edit a setting and saw the default below the text box.

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, Korvin, asherkin

Differential Revision: https://secure.phabricator.com/D4293
2012-12-28 11:38:05 -08:00
Ricky Elrod
a774620042 Start of a config web interface.
Summary:
This is somewhat clowny, particularly in how it handles JSON encode/decode, but
I've commented why I did things the way I did. The goal is to store minified JSON
but show pretty-printed JSON where possible, to the user editing it.

Test Plan:
* Went to /config/ and saw a list of keys from the `default` config.
* Clicked on one of them, submitted the default value successfully.
* Changed the value to invalid JSON and got a decent error.
* Changed the value to valid JSON and checked the DB to confirm it saved.
* Confirmed the DB values were minified.
* Confirmed the user-facing values were pretty-printed where they could be.
* Confirmed that PHIDs were getting assigned properly and that isDeleted
  properly defaulted to false/0.

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, Korvin

Maniphest Tasks: T2246

Differential Revision: https://secure.phabricator.com/D4290
2012-12-27 15:21:21 -08:00
epriestley
1e2dfb5b6b Minor, prevent double-initialization of EventEngine. This happens in PhabricatorEnv now.
Auditors: btrahan
2012-12-26 17:41:56 -08:00
Ricky Elrod
ec57678f70 Mark deleted Phriction pages as closed.
Summary:
This replaces D4042 and gives you the option to search for existing Phrication
documents only.

Test Plan:
# Reindexed ALL THE THINGS, saw existing documents show up in search in all cases.
# Deleted a document and saw it only show up when "Open and Closed Documents" are
shown.

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, Korvin

Differential Revision: https://secure.phabricator.com/D4289
2012-12-26 17:10:38 -08:00
epriestley
19b2c3d3d0 Formalize configuration sources and source stacks
Summary: Currently, we have a configuration stack for unit tests, but they're built in to `PhabricatorEnv`. Pull them out and formalize them, so we can add more configuration sources (e.g., database).

Test Plan: Ran unit tests, web requests, scripts. This code had fairly good existing test coverage.

Reviewers: btrahan, vrana

Reviewed By: btrahan

CC: aran

Maniphest Tasks: T2223, T2221

Differential Revision: https://secure.phabricator.com/D4284
2012-12-25 06:44:29 -08:00
epriestley
3eb370a533 Share more HTTPSink code
Summary:
In the past, we did some additional magic on `$response_string` (adding profiling headers? Or DarkConsole?), so we could not share the pathway with HTTPSink. We no longer do this; share the pathways.

Also remove error handler initialization (duplicated in PhabricatorEnv), and move $sink initialization earlier. My general goal here is to allow PhabricatorSetup to emit a normal Response object and share as much code as possible with normal pages.

Test Plan: Loaded page.

Reviewers: btrahan, vrana

Reviewed By: btrahan

CC: aran

Maniphest Tasks: T2228

Differential Revision: https://secure.phabricator.com/D4285
2012-12-25 06:17:45 -08:00
epriestley
9e6d59829c Consolidate environmental initialization
Summary:
We have a bunch of code duplication now between __init_script__.php and webroot/index.php. Consoldiate these methods and move them into PhabricatorEnv.

Merge PhabricatorRequestOverseer into PhabricatorStartup.

Test Plan: Loaded page, ran script. Wiped PHABRICATOR_ENV; loaded page, ran script; got errors.

Reviewers: btrahan, vrana

Reviewed By: btrahan

CC: aran

Maniphest Tasks: T2223

Differential Revision: https://secure.phabricator.com/D4283
2012-12-25 06:15:28 -08:00
epriestley
ed58f6c5f4 Move a lot of pre-request checks to PhabricatorStartup
Summary:
We have a lot of mess to get through before we can load libphutil and enter Phabricator code properly. Move it to a dedicated class.

I'm probably going to merge PhabricatorRequestOverseer into this, although the check that lives there now is kind of weird. It also does not really need to be a pre-load check and could be handled better.

I stopped shoving stuff in here once I got to ENV stuff, I'm going to tackle that next.

Test Plan: Ran phabricator normally; introduced fatals and misconfigurations. Grepped for changed symbols.

Reviewers: btrahan, vrana

Reviewed By: btrahan

CC: aran, asherkin

Maniphest Tasks: T2223

Differential Revision: https://secure.phabricator.com/D4282
2012-12-25 06:11:39 -08:00
epriestley
a88b69a4b6 Add a "setup" cache
Summary:
See T2062. This cache allows us to essentially implement this sort of block:

  if (this_code_has_not_run_since_the_last_server_restart()) {
    ...
  }

This will let us do setup checks automatically (i.e., without a specialized setup mode) without imposing hundreds of milliseconds of `git submodule status` and similar checks on every page load, even if an install does not have APC.

Broadly, the major goals here are:

  - Reduce user errors and support costs related to misconfiguration (e.g., failure to update submodules).
  - Simplify setup and configuration (remove 'phabricator.setup', remove/reduce PHABRICATOR_ENV).
  - Move as much configuration to the web as possible (required for SaaS).

Test Plan:
Added this block to webroot/index.php:

  $cache = PhabricatorCaches::getSetupCache();
  $result = $cache->getKeys(array('x'));
  if (empty($result['x'])) {
    phlog('Cache miss + set.');
    $cache->setKeys(array('x' => 'y'));
  } else {
    phlog('Cache hit.');
  }

Verified it used APC correctly.
Disabled APC and verified it degraded to a reasonable disk-based behavior.

If we miss both of these we end up with no actual caching, but that's the best we can do. This code will also run too early in setup for it to be appropriate to raise exceptions out of this pathway -- later on, we can raise a warning that APC is not installed.

Reviewers: btrahan, vrana

Reviewed By: btrahan

CC: aran

Maniphest Tasks: T2227, T2062

Differential Revision: https://secure.phabricator.com/D4281
2012-12-25 06:09:51 -08:00
vrana
e05d8d7061 Let datepicker jump one month forward
Test Plan: Clicked on next month, didn't see year 20121.

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, Korvin

Differential Revision: https://secure.phabricator.com/D4277
2012-12-21 16:54:48 -08:00
vrana
f2639e528c Fix displaying of user status
Summary:
This fixes two separate issues:

# `getTextStatus()` is used for machine readable data in handles and user.info method. Broken since D3810.
# Status may contain date. Broken since beginning but masked by the fact that CSS ignores unknown class names.

Test Plan:
Displayed revision with reviewer away.
Called `user.addstatus`.
Edited status in calendar.

Reviewers: btrahan, epriestley

Reviewed By: epriestley

CC: nh, aran, Korvin

Differential Revision: https://secure.phabricator.com/D4275
2012-12-21 16:30:36 -08:00
vrana
1264e38541 Fix double escaping in calendar
Test Plan: Used `<img` as status description.

Reviewers: btrahan, epriestley

Reviewed By: epriestley

CC: aran, Korvin

Maniphest Tasks: T139

Differential Revision: https://secure.phabricator.com/D4276
2012-12-21 16:25:33 -08:00
vrana
1c2e7e5daa Fix Paste translation
Summary: This syntax is extremely stupid, I'll probably rewrite it later.

Test Plan:
  pht('%s Line(s)', number_format(1000));

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, Korvin

Differential Revision: https://secure.phabricator.com/D4272
2012-12-21 15:39:25 -08:00
epriestley
8f0bab73ef Support search indexing in ApplicationTransaction
Summary: Hook D4261 into ApplicationTransaction

Test Plan: Edited a mock; searched for it.

Reviewers: btrahan, vrana

Reviewed By: btrahan

CC: aran

Maniphest Tasks: T2104

Differential Revision: https://secure.phabricator.com/D4262
2012-12-21 14:21:50 -08:00
epriestley
f6b1964740 Improve Search architecture
Summary:
The search indexing API has several problems right now:

  - Always runs in-process.
    - It would be nice to push this into the task queue for performance. However, the API currently passses an object all the way through (and some indexers depend on preloaded object attributes), so it can't be dumped into the task queue at any stage since we can't serialize it.
    - Being able to use the task queue will also make rebuilding indexes faster.
    - Instead, make the API phid-oriented.
  - No uniform indexing API.
    - Each "Editor" currently calls SomeCustomIndexer::indexThing(). This won't work with AbstractTransactions. The API is also just weird.
    - Instead, provide a uniform API.
  - No uniform CLI.
    - We have `scripts/search/reindex_everything.php`, but it doesn't actually index everything. Each new document type needs to be separately added to it, leading to stuff like D3839. Third-party applications can't provide indexers.
    - Instead, let indexers expose documents for indexing.
  - Not application-oriented.
    - All the indexers live in search/ right now, which isn't the right organization in an application-orietned view of the world.
    - Instead, move indexers to applications and load them with SymbolLoader.

Test Plan:
  - `bin/search index`
    - Indexed one revision, one task.
    - Indexed `--type TASK`, `--type DREV`, etc., for all types.
    - Indexed `--all`.
  - Added the word "saboteur" to a revision, task, wiki page, and question and then searched for it.
    - Creating users is a pain; searched for a user after indexing.
    - Creating commits is a pain; searched for a commit after indexing.
    - Mocks aren't currently loadable in the result view, so their indexing is moot.

Reviewers: btrahan, vrana

Reviewed By: btrahan

CC: 20after4, aran

Maniphest Tasks: T1991, T2104

Differential Revision: https://secure.phabricator.com/D4261
2012-12-21 14:21:31 -08:00
epriestley
aae5f9efd3 Implement a more compact, general database-backed key-value cache
Summary:
See discussion in D4204. Facebook currently has a 314MB remarkup cache with a 55MB index, which is slow to access. Under the theory that this is an index size/quality problem (the current index is on a potentially-384-byte field, with many keys sharing prefixes), provide a more general index with fancy new features:

  - It implements PhutilKeyValueCache, so it can be a component in cache stacks and supports TTL.
  - It has a 12-byte hash-based key.
  - It automatically compresses large blocks of data (most of what we store is highly-compressible HTML).

Test Plan:
  - Basics:
    - Loaded /paste/, saw caches generate and save.
    - Reloaded /paste/, saw the page hit cache.
  - GC:
    - Ran GC daemon, saw nothing.
    - Set maximum lifetime to 1 second, ran GC daemon, saw it collect the entire cache.
  - Deflate:
    - Selected row formats from the database, saw a mixture of 'raw' and 'deflate' storage.
    - Used profiler to verify that 'deflate' is fast (12 calls @ 220us on my paste list).
  - Ran unit tests

Reviewers: vrana, btrahan

Reviewed By: vrana

CC: aran

Differential Revision: https://secure.phabricator.com/D4259
2012-12-21 14:17:56 -08:00
epriestley
62bc3373e5 Fix error with inline comments on images
Summary: This data structure is a `dict<int, list<Comment>>` now, where the `int` is the line number.

Test Plan:
  - Created a diff changing an image.
  - Added inline comments on the left and right sides of the diff.
  - Saw some exceptions and general sadness.
  - Applied patch.
  - Reloaded page.
  - Everything worked great.

Reviewers: btrahan

Reviewed By: btrahan

CC: aran

Differential Revision: https://secure.phabricator.com/D4264
2012-12-21 14:16:00 -08:00
vrana
394340fd8f Rename setViewer() to setUser() in feed.query
Summary: D4270 missed a spot I think.

Test Plan: Called it.

Reviewers: btrahan, epriestley

Reviewed By: epriestley

CC: aran, Korvin

Differential Revision: https://secure.phabricator.com/D4271
2012-12-21 14:04:11 -08:00
Bob Trahan
479ed08ee1 fix fatal - setViewer => setUser
Summary: D4249 missed a spot I think.

Test Plan: no more fatal

Reviewers: vrana, epriestley

Reviewed By: vrana

CC: aran, Korvin

Differential Revision: https://secure.phabricator.com/D4270
2012-12-21 13:59:27 -08:00
Bob Trahan
2b0526e9f9 one more phame tweak for better social sharing -- make sure $uri is the full uri
Summary: basically when we're on a page we have a URIPath so set that and pass it over. I wasn't super duper happy with this but it seems to be the best way to pass this data.

Test Plan: verified the og:url was correct on my dev instance of phacility blog for both the main blog and individual post view

Reviewers: epriestley

Reviewed By: epriestley

CC: chad, aran, Korvin

Differential Revision: https://secure.phabricator.com/D4269
2012-12-21 13:46:23 -08:00
vrana
2cc7f82ece Move Conduit methods inside applications
Test Plan:
/conduit/
/conduit/method/arcanist.projectinfo/
Call method

  $ echo '{}' | arc call-conduit user.whoami

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, Korvin

Differential Revision: https://secure.phabricator.com/D4268
2012-12-21 12:21:59 -08:00
vrana
96e5264f05 Rename setViewer() to setUser() in views
Summary: I prefer consistency.

Test Plan: /paste/

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, Korvin

Differential Revision: https://secure.phabricator.com/D4249
2012-12-21 12:18:55 -08:00
Bob Trahan
9c27c7ab60 tweak phame blog template a bit for better Facebook integration
Summary: this makes it more sensical when you hit "share" from a bookmarklet or cut and paste a link into FB, basically by having post-specific data when sharing a post.

Test Plan: looked at generated HTML on my test blog

Reviewers: epriestley

Reviewed By: epriestley

CC: chad, aran, Korvin

Differential Revision: https://secure.phabricator.com/D4266
2012-12-21 11:29:31 -08:00
Chad Little
9e28d12c57 Status events from others were not clearly visible.
Summary: Sets any event text color to white, reguardless if its an anchor or not.

Test Plan: Have events from multiple people in the calendar, view events.

Reviewers: btrahan, epriestley

Reviewed By: epriestley

CC: aran, Korvin

Differential Revision: https://secure.phabricator.com/D4263
2012-12-21 10:15:48 -08:00
epriestley
a2367ddf75 Minor, fix a bad merge on my part.
Auditors: btrahan
2012-12-21 07:58:31 -08:00
epriestley
b116861b16 Add draft support to ApplicationTransactions
Summary:
When previewing, save drafts. When loading objects, restore drafts if they are available.

Depends on: D665

Test Plan:
  - Viewed a Mock.
  - Typed text into the comment box.
  - Reloaded the page.
  - Text still there.
  - Hit submit, got my comment.
  - Reloaded the page.
  - Draft correctly deleted.
  - Repeated for Macros.

Reviewers: btrahan, chad, vrana

Reviewed By: btrahan

CC: aran

Maniphest Tasks: T2104

Differential Revision: https://secure.phabricator.com/D4252
2012-12-21 05:57:14 -08:00
epriestley
0fd77783a4 Add previews to ApplicationTransaction
Summary:
Implements previews for Macros and Pholio.

(Design is nonfinal -- kind of split the difference between `diff_full_view.png`, laziness, and space concerns. Next couple diffs will add more stuff here.)

Test Plan: {F28055}

Reviewers: btrahan, chad

Reviewed By: btrahan

CC: aran, vrana

Maniphest Tasks: T2104

Differential Revision: https://secure.phabricator.com/D4246
2012-12-21 05:51:33 -08:00
epriestley
4af2e3c4e2 Add PhabricatorHash::digestForIndex()
Summary: Does this seem reasonable? It's a bit more compact than digest() (6 bits / byte instead of 4 bits / byte) and 72 bits of entropy @ 12 bytes instead of 128 bits of entropy @ 32 bytes. I feel like it's important to preserve the printability, though, and this seemed like a fairly good balance of concerns.

Test Plan: unit tests

Reviewers: vrana

Reviewed By: vrana

CC: aran, yemao932

Differential Revision: https://secure.phabricator.com/D4253
2012-12-21 05:43:33 -08:00
epriestley
141318fd01 Fix a Maniphest issue where multiple saved copies of a query break the menu
Summary: Fixes T2210. Recently, we require unique keys on menu items, but it's currently possible in Maniphest to save the same custom query under multiple names. Avoid exploding in this case (we'll hide the duplicates). This isn't a great fix, but makes Maniphest usable again.

Test Plan: Saved the same query twice, laoded page, got exception, applied patch, loaded page, saw duplicate query stripped.

Reviewers: btrahan, vrana

Reviewed By: btrahan

CC: aran

Maniphest Tasks: T2210

Differential Revision: https://secure.phabricator.com/D4247
2012-12-21 05:42:38 -08:00
vrana
9358b08b46 Use "Diff <id>" instead of "D<id>" in changeset view
Summary: We use "D<id>" for revisions.

Test Plan: Looked at revision.

Reviewers: btrahan, epriestley

Reviewed By: epriestley

CC: aran, Korvin

Differential Revision: https://secure.phabricator.com/D4258
2012-12-20 18:28:34 -08:00
Bob Trahan
a652ca462e finish implementing N and W tooltips and use W in differential
Summary: 'cuz new fluid layouts require the westerlyness. Looks like D4126 started the N and W implementation but didn't finish it...? note I had to do the shifting of the 5 pixels in javascript; using the CSS didn't work for me in chrome.

Test Plan: uiexample, and hoping it goes well when deployed in prod for differential case

Reviewers: epriestley

Reviewed By: epriestley

CC: chad, aran, Korvin

Maniphest Tasks: T2211

Differential Revision: https://secure.phabricator.com/D4257
2012-12-20 18:23:35 -08:00
vrana
3452315c7c Save absolute path when linting git-svn repo
Test Plan: Dumped `$this->svnRoot` in git-svn repo.

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, Korvin

Differential Revision: https://secure.phabricator.com/D4255
2012-12-20 18:13:44 -08:00
vrana
800be357e8 Order repositories in Diffusion from oldest
Summary: Same to ordering in Repository List.

Test Plan: /diffusion/

Reviewers: epriestley, nh

Reviewed By: epriestley

CC: aran, Korvin

Differential Revision: https://secure.phabricator.com/D4251
2012-12-20 15:49:37 -08:00
vrana
ebe2a58f8a Use user's timezone in repo history
Test Plan: Looked at repo overview, repo history and commit detail.

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, Korvin

Differential Revision: https://secure.phabricator.com/D4250
2012-12-20 15:16:05 -08:00
vrana
ef214e94ce Move setUser() to AphrontView
Summary: This is used in every other view.

Test Plan: Browsed around.

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, Korvin

Differential Revision: https://secure.phabricator.com/D4248
2012-12-20 14:49:52 -08:00
Nick Harper
45b66be96d Fix paste (again)
Summary:
I messed up D4244 (and didn't test it properly) - this change should load
the raw content so we can use it.

Test Plan: use the conduit console and actually test the paste conduit methods

Reviewers: vrana, epriestley, btrahan

Reviewed By: epriestley

CC: aran, Korvin

Differential Revision: https://secure.phabricator.com/D4245
2012-12-20 13:14:18 -08:00
Nick Harper
2f32aebf6f Fix paste
Summary:
The caching introduced by rP7e37eb48273eef87e6e6811703fb5d85a3e07a81
broke the use of PhabricatorPaste::getContent() for forking/editing
pastes and downloading pastes with arc paste. I think this fixes all
the appropriate callsites.

Test Plan: fork a paste in the web ui

Reviewers: vrana, epriestley, btrahan

Reviewed By: epriestley

CC: aran, Korvin

Differential Revision: https://secure.phabricator.com/D4244
2012-12-20 12:24:34 -08:00
epriestley
eeb97db283 Fix EncodeQ implementation in PHPMailer, and provide SSL/TLS options
Summary:
See f5c2a2ab4b (commitcomment-2333247)

Copy of working implementation from PHPMailerLite.

Also expose the SSL/TLS options.

Test Plan: Switched to this mailer, configured Gmail SMTP, sent email. Verified email arrived intact.

Reviewers: btrahan, vrana

Reviewed By: btrahan

CC: aran, mbeck

Differential Revision: https://secure.phabricator.com/D4239
2012-12-20 11:11:15 -08:00
Nick Harper
53115007ff Make bin/aphlict behave slightly better when forking
Summary:
Due to how file descriptors get inherited when a process forks and the way
our script to start/restart stuff works, having bin/aphlict not close
STDOUT caused our script to hang. This diff provides a solution; however,
something like https://secure.phabricator.com/diffusion/PHU/browse/master/src/daemon/PhutilDaemonOverseer.php;b45eea975f6d9afc$127-129
may be better or more robust.

Test Plan:
Run our script that calls bin/aphlict in passthru() and see that it no
longer hangs.

Reviewers: epriestley, vrana

Reviewed By: epriestley

CC: aran, Korvin

Differential Revision: https://secure.phabricator.com/D4240
2012-12-20 10:38:13 -08:00
vrana
776a240870 Let Aphlict listen on the specified host
Summary: We allow user to specify the host to listen to but we listen on 127.0.0.1 instead.

Test Plan:
Hardcoded the path and verified that I can connect to the host from other machine.

Verified that `localhost` still doesn't allow remote connections.

Reviewers: ddfisher, epriestley, nh

Reviewed By: epriestley

CC: aran, Korvin

Differential Revision: https://secure.phabricator.com/D4238
2012-12-19 15:44:17 -08:00
epriestley
6dd0169873 Fix various issues with SSH receivers
Summary:
  - Original command is in SSH_ORIGINAL_COMMAND, not normal argv.
  - Use PhutilShellLexer to parse it.
  - Fix a protocol encoding issue with ConduitSSHWorkflow. I think I'm going to make this protocol accept multiple commands anyway because SSH pipes are crazy expensive to build (even locally, they're ~300ms).

Test Plan: With other changes, successfully executed "arc list --conduit-uri=ssh://localhost:2222".

Reviewers: btrahan, vrana

Reviewed By: btrahan

CC: aran

Maniphest Tasks: T550

Differential Revision: https://secure.phabricator.com/D4232
2012-12-19 11:11:32 -08:00
epriestley
e78898970a Implement SSHD glue and Conduit SSH endpoint
Summary:
  - Build "sshd-auth" (for authentication) and "sshd-exec" (for command execution) binaries. These are callable by "sshd-vcs", located [[https://github.com/epriestley/sshd-vcs | in my account on GitHub]]. They are based on precursors [[https://github.com/epriestley/sshd-vcs-glue | here on GitHub]] which I deployed for TenXer about a year ago, so I have some confidence they at least basically work.
    - The problem this solves is that normally every user would need an account on a machine to connect to it, and/or their public keys would all need to be listed in `~/.authorized_keys`. This is a big pain in most installs. Software like Gitosis/Gitolite solve this problem by giving you an easy way to add public keys to `~/.authorized_keys`, but this is pretty gross.
    - Roughly, instead of looking in `~/.authorized_keys` when a user connects, the patched sshd instead runs `echo <public key> | sshd-auth`. The `sshd-auth` script looks up the public key and authorizes the matching user, if they exist. It also forces sshd to run `sshd-exec` instead of a normal shell.
    - `sshd-exec` receives the authenticated user and any command which was passed to ssh (like `git receive-pack`) and can route them appropriately.
    - Overall, this permits a single account to be set up on a server which all Phabricator users can connect to without any extra work, and which can safely execute commands and apply appropriate permissions, and disable users when they are disabled in Phabricator and all that stuff.
  - Build out "sshd-exec" to do more thorough checks and setup, and delegate command execution to Workflows (they now exist, and did not when I originally built this stuff).
  - Convert @btrahan's conduit API script into a workflow and slightly simplify it (ConduitCall did not exist at the time it was written).

The next steps here on the Repository side are to implement Workflows for Git, SVN and HG wire protocols. These will mostly just proxy the protocols, but also need to enforce permissions. So the approach will basically be:

  - Implement workflows for stuff like `git receive-pack`.
  - These workflows will implement enough of the underlying protocol to determine what resource the user is trying to access, and whether they want to read or write it.
  - They'll then do a permissons check, and kick the user out if they don't have permission to do whatever they are trying to do.
  - If the user does have permission, we just proxy the rest of the transaction.

Next steps on the Conduit side are more simple:

  - Make ConduitClient understand "ssh://" URLs.

Test Plan: Ran `sshd-exec --phabricator-ssh-user epriestley conduit differential.query`, etc. This will get a more comprehensive test once I set up sshd-vcs.

Reviewers: btrahan, vrana

Reviewed By: btrahan

CC: aran

Maniphest Tasks: T603, T550

Differential Revision: https://secure.phabricator.com/D4229
2012-12-19 11:08:07 -08:00
epriestley
db89e23761 Make Repositories partially policy-aware
Summary: Small step toward repository hosting. No user-visible changes.

Test Plan: Looked at repositories in Diffusion.

Reviewers: btrahan

Reviewed By: btrahan

CC: aran

Maniphest Tasks: T603

Differential Revision: https://secure.phabricator.com/D4227
2012-12-19 11:07:06 -08:00
Bob Trahan
fcc5366eff fix differential + diffusion for showing generated files
Summary: in the re-factor quest this got broken. Turns out NewLines (aka $this->new in the parser) gets updated right up until the very end for showing text changes so instead pass over the total line count to the renderer to get this codepath right.

Test Plan: showed content of some generated files in diffusion and all was well

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, Korvin

Maniphest Tasks: T2204

Differential Revision: https://secure.phabricator.com/D4237
2012-12-19 10:56:00 -08:00
Nick Harper
b8d372c4bc Fix bugs when saving package changes due to commit changes
Summary:
Because of the way PhabricatorOwnersPackage works, the code to save package
changes when parsing commit changes was raising a few undefined index errors,
and was throwing an exception trying to call a method on null (because not
all of the phids related to the package had their handles loaded). This fix
doesn't load the missing handles, it just avoids trying to use them.

Test Plan:
./scripts/repository/reparse.php on a commit with path changes that triggered
a package change

Reviewers: epriestley, vrana

Reviewed By: epriestley

CC: aran, Korvin

Differential Revision: https://secure.phabricator.com/D4236
2012-12-19 10:53:04 -08:00
Ricky Elrod
93c4030732 Fix IRC bot Dxxx Conduit call.
Summary: Some fallout from D4191.

Test Plan: Sent "D12" in IRC and got a response.

Reviewers: epriestley, vrana, zeeg

Reviewed By: epriestley

CC: aran, Korvin

Differential Revision: https://secure.phabricator.com/D4235
2012-12-18 20:41:52 -08:00
vrana
8816f08765 Throw instead of log for invalid properties
Summary: Continue work started at D3601.

Test Plan:
Commented declaration `AphrontController::$request`, saw exception.
Brought it back, didn't see exception.

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, Korvin

Differential Revision: https://secure.phabricator.com/D4233
2012-12-18 16:15:01 -08:00