1
0
Fork 0
mirror of https://we.phorge.it/source/phorge.git synced 2024-11-14 19:02:41 +01:00
Commit graph

7610 commits

Author SHA1 Message Date
Bob Trahan
d83a9c606b Emails - fix duplicate email error
Summary: $email => $e_email. Fixes T5933.

Test Plan: Added an email that was already on another account and got the proper "Duplicate" UI with the duplicate email address still entered

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: epriestley, Korvin

Maniphest Tasks: T5933

Differential Revision: https://secure.phabricator.com/D10334
2014-08-21 16:07:14 -07:00
epriestley
4a566f9e5d Allow passwords to be edited even if account.editable is false
Summary:
Fixes T5900. We have some very old code here which does not let you update your password if the `account.editable` flag is set.

This was approximately introduced in D890, and I think it was mostly copy/pasted at that point. I'm not sure this ever really made sense. The option is not documented as affecting this, for example. In the modern environment of auth providers, it definitely does not make sense.

Instead, always allow users to change passwords if the install has a password provider configured.

Test Plan:
  - Set `account.editable` to false.
  - Used a password reset link.

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: epriestley

Maniphest Tasks: T5900

Differential Revision: https://secure.phabricator.com/D10331
2014-08-21 15:35:43 -07:00
epriestley
05eb77c0a7 Mark redirects to php.net from symbols as external
Summary: Fixes T5942. These are external but currently unmarked.

Test Plan: Visited link, got redirected.

Reviewers: btrahan, chad

Reviewed By: chad

Subscribers: epriestley

Maniphest Tasks: T5942

Differential Revision: https://secure.phabricator.com/D10332
2014-08-21 14:45:51 -07:00
epriestley
79c837d505 Make file handles have "/Fxxx" as the URI
Summary:
Primarily, this fixes searching for `F123` in global search.

The info URI is now a better URI than the "best" URI for files, and doesn't have redirect issues.

Test Plan: Searched for `F123` in global search.

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: epriestley

Differential Revision: https://secure.phabricator.com/D10330
2014-08-21 12:21:10 -07:00
epriestley
f43355855c Add bin/files compact for sharing file data storage
Summary:
Fixes T5912. When we write files, we attempt to share storage if two files have the same content.

In some cases, we may not share storage. Examples include:

  - Files migrated with `bin/files migrate` (it's simpler not to try to dedupe them).
  - Old files, from before storage was sharable (the mechanism did not exist).
  - Files broken by the bug fixed in T5912.

Add a script to compact files by pointing files with the same content hash at the same file contnet.

In the particular case of files broken by the bug in T5912, we know the hash of the file's content and will only point them at a file that we can load the data for, so this fixes them.

Compaction is not hugely useful in general, but this script isn't too complex and the ability to fix damage from the bug in T5912 is desirable. We could remove this capability eventually.

Test Plan:
  - Ran `files compact --all --dry-run` and sanity checked a bunch of the duplicates for actually being duplicates.
  - Migrated individual files with `files compact Fnnn --trace` and verified the storage compacted and all files survived the process.
  - Verified unused storage was correctly destroyed after removing the last reference to it.

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: epriestley

Maniphest Tasks: T5912

Differential Revision: https://secure.phabricator.com/D10327
2014-08-21 11:47:59 -07:00
epriestley
fca8b5ab1b Improve UX for repository updates
Summary:
Fixes T5926. Fixes T5830. Ref T4767. Users currently sometimes have a hard time understanding repository update frequencies. This is compounded by aggressive backoff and incorrect backoff while importing repositories.

  - Don't back off while importing repositories. This prevents us from hanging at 99.99% for inactive repositories while waiting for the next update.
  - Back off less aggressively in general, and even more gradually during the first 3 days. This should make behavior around weekends better.
  - Show update frequency in the UI.
  - Provide an explicit "update now" button to call `diffusion.looksoon` in a more user-friendly way.
  - Document how backoff policies work and how to adjust behavior.

Test Plan:
  - Ran `bin/phd debug pulllocal` and verified backoff worked correctly from debugging output.
  - Clicked "Update Now" to get a hint, reloaded page to see it update.
  - Read documentation.

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: epriestley

Maniphest Tasks: T4767, T5830, T5926

Differential Revision: https://secure.phabricator.com/D10323
2014-08-21 11:30:12 -07:00
epriestley
d122d9ec86 Allow users to recover from a missing password hasher
Summary:
Fixes T5934. If you hash a password with, e.g., bcrypt, and then lose the bcrypt hasher for some reason, we currently fatal when trying to figure out if we can upgrade.

Instead, detect that the current hasher implementation has vanished and let the user reset their password (for account passwords) or choose a new one (for VCS passwords)>

Test Plan:
Account password:

  - Artifically disabled bcrypt hasher.
  - Viewed password panel, saw warnings about missing hasher.
  - Used password reset workflow to change password, saw iterated MD5 hashed password get set.
  - Enabled bcrypt hasher again.
  - Saw upgrade warning.
  - Upgraded password to bcrypt.

VCS password:

  - Artificially disabled bcrypt hasher.
  - Viewed password panel, saw warnings about missing hasher.
  - Reset password.
  - Saw iterated md5 password.
  - Reenabled bcrypt.
  - Upgraded to bcrypt.

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: epriestley

Maniphest Tasks: T5934

Differential Revision: https://secure.phabricator.com/D10325
2014-08-21 11:30:05 -07:00
epriestley
241cfc2e83 Don't leave temporary files around when trying to use credentials with destroyed secrets
Summary: Ref T4284. This fixes at least one problem which can cause the observed behavior.

Test Plan:
  - Before applying patch, used `PHABRICATOR_CREDENTIAL=PHID-CDTL-... bin/ssh-connect` + debugging prints to verify the keyfile was written and cleaned up normally.
  - Destroyed the credental, verified the temporary file was not cleand up correctly.
  - Applied patch, verified temporary file was not written and command exited with sensible error.

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: epriestley

Maniphest Tasks: T4284

Differential Revision: https://secure.phabricator.com/D10328
2014-08-21 11:26:02 -07:00
epriestley
7d31ea7c55 Minor tweaks to bin/mail send-test
Summary: Clean up some arg handling stuff.

Test Plan: Used this while debugging.

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: epriestley

Differential Revision: https://secure.phabricator.com/D10314
2014-08-21 11:25:44 -07:00
epriestley
f50ba4fb07 Fix herald "Repository" rule for Revisions and Diffs
Summary: This was broken by rP5ac36e8 by a derpy typo.

Test Plan: Ran dry run against a revision with a a repository, saw the field fill in on the transcript.

Reviewers: nickz, btrahan, chad

Reviewed By: chad

Subscribers: epriestley

Differential Revision: https://secure.phabricator.com/D10326
2014-08-21 10:54:07 -07:00
epriestley
3273874744 Fix an issue with build generations not being set for strict MySQL
Summary: Target creation fatals otherwise ('buildGeneration' may not be NULL)

Auditors: hach-que
2014-08-21 09:23:48 -07:00
cburroughs
fd45f64e47 Include all audit states in audit.query
Summary:
Additional audit states were made queryable for T5871.
Include them in Conduit's audit.query as well.  In doing so corrects
references from "status-foo" to "audit-status-foo".

Depends on D10271

Test Plan: with an api, issues queries and got sensible results

Reviewers: #blessed_reviewers, epriestley

Reviewed By: #blessed_reviewers, epriestley

Subscribers: Korvin, epriestley

Differential Revision: https://secure.phabricator.com/D10290
2014-08-21 06:14:23 -07:00
James Rhodes
efadfbbc97 Implement build generations in Harbormaster
Summary:
Ref T5932.  Ref T5936.  This implements build generations in Harbormaster, which provides the infrastructure required to both show users the previous states of restarted builds and to allow users to forcefully abort builds (and their targets).

You can view previous generations of a build by adding `?g=<n>` to the URI, but this isn't exposed in the UI anywhere yet.

Test Plan: Ran a build plan with a Sleep step in it.  Reconfigured it for various sleep times and viewed previous generations of the build after restarting it.

Reviewers: epriestley, #blessed_reviewers

Reviewed By: epriestley, #blessed_reviewers

Subscribers: epriestley, Korvin

Maniphest Tasks: T5932, T5936

Differential Revision: https://secure.phabricator.com/D10321
2014-08-21 22:55:24 +10:00
James Rhodes
a2a0f002f0 Fix security.require-https by marking redirect as external
Summary:
Resolves T5937.  HTTPS redirects caused by `security.require-https` use a full scheme, domain and port in the URI.  Consequently, this causes invocation of the new external redirect logic and prevents redirection from occurring properly when accessing the HTTP version of Phabricator that has `security.require-https` turned on.

I've also fixed the automatic slash redirection logic to add the external flag where appropriate.

Test Plan: Configured SSL on my local machine and turned on `security.require-https`.  Observed the "Refusing to redirect" exception on master, while the redirect completed successfully with this patch.

Reviewers: #blessed_reviewers, epriestley

Reviewed By: #blessed_reviewers, epriestley

Subscribers: epriestley, Korvin

Maniphest Tasks: T5937

Differential Revision: https://secure.phabricator.com/D10318
2014-08-21 21:35:29 +10:00
James Rhodes
1ffa16aa6b Fix invalid redirect when issuing actions on buildables
Summary: Caught this with the new redirect validation logic.  The `$return_uri` was being set as just `B123` which is not valid.  Prefixing it with `/` (like is done in `HarbormasterBuildActionController` already) gives the correct result of reloading the buildable's page.

Test Plan: Restarted all builds on a buildable, saw the page reload correctly.

Reviewers: epriestley, #blessed_reviewers

Reviewed By: epriestley, #blessed_reviewers

Subscribers: epriestley, Korvin

Differential Revision: https://secure.phabricator.com/D10320
2014-08-21 21:34:57 +10:00
epriestley
b7ad48aa50 Minor, also update PHPMailerLite to use quoted-printable
Summary: See T5927.

Auditors: btrahan
2014-08-20 17:18:49 -07:00
Bob Trahan
d1c3915e3a SSH Keys - allow viewer to download the private key
Summary: ...cuz otherwise this is pretty pointless. Fixes T5931.

Test Plan: generated a key, downloaded the key. previously download failed.

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: epriestley, Korvin

Maniphest Tasks: T5931

Differential Revision: https://secure.phabricator.com/D10311
2014-08-20 16:22:06 -07:00
epriestley
66fa59d04d Fix an issue where migrating files could prematurely destroy duplicates
Summary:
Fixes T5912. When migrating files, we try to clean up the old data. However, this code isn't aware of reference counting, and unconditionally destroys the old data.

For example, if you migrate files `F1` and `F2` and they have the same data, we'll delete the shared data when we migrate `F1`. Then you'll get an error when you migrate `F2`.

Since this only affects duplicate files, it primarily hits default profile pictures, which are the most numerous duplicate files on most installs.

Test Plan:
  - Verified that the theory was correct by uploading two copies of a file and migrating the first one, before applying the patch. The second one's data was nuked and it couldn't be migrated.
  - Applied patch.
  - Uploaded two copies of a new file, migrated the first one (no data deletion), migrated the second one (data correctly deleted).
  - Uploaded two copies of another new file, `bin/remove destory'd` the first one (no data deletion), then did it to the second one (data correctly deleted).

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: epriestley

Maniphest Tasks: T5912

Differential Revision: https://secure.phabricator.com/D10312
2014-08-20 15:32:32 -07:00
epriestley
e5acdd85e6 When destroying an object, destroy its Herald transcripts too
Summary: Ref T5915. Make `bin/remove destroy` a bit more thorough, since Herald transcripts can have field information in them.

Test Plan: Used `bin/remove destroy` to nuke revisions, saw their transcripts vanish too.

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: epriestley

Maniphest Tasks: T5915

Differential Revision: https://secure.phabricator.com/D10306
2014-08-20 15:04:34 -07:00
epriestley
5ac36e8f77 Allow Herald "diff" rules to reject content before it is written
Summary: Fixes T5915. Occasionally, users derp up and diff private key material. Adding a pre-write Herald phase enables configuration of a partial layer of protection that will reject these changes before they hit disk, provided they can be detected by, e.g., filename.

Test Plan:
  - Added a rule with checks on every field, verified they looked fine in the transcript.
  - Created some revisions to test those changes (I have a bunch of revision rules locally).
  - Verified rejects don't write transcripts to the database.

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: epriestley

Maniphest Tasks: T5915

Differential Revision: https://secure.phabricator.com/D10305
2014-08-20 14:26:29 -07:00
epriestley
15385e1fe9 Don't SIGINT ourselves on bad daemon data
Summary:
If daemon data is mangled, `bin/phd restart` will SIGINT process `0`, which kills it.

uh oh T.T so sad

Test Plan: Used `bin/phd start` to start daemons; removed PID information from one; saw `bin/phd stop` shut down cleanly and not kill itself.

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: mholden, epriestley

Differential Revision: https://secure.phabricator.com/D10308
2014-08-20 13:18:17 -07:00
Bob Trahan
8dd4d5cfe5 Files - make file info page public
Summary: and for bonus, finesse some URIs a tad. Fixes T5922.

Test Plan: viewed F1 logged out and it worked! viewed the ugly URI for F1 and got redirected to the pretty URI.

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: epriestley, Korvin

Maniphest Tasks: T5922

Differential Revision: https://secure.phabricator.com/D10309
2014-08-20 13:18:21 -07:00
Bob Trahan
20d6c7a048 Login to Comment - kill intermediary dialogue
Summary: its not necessary. Fixes T5906

Test Plan: clicked "Login to Comment" and went straight to the login form, sans intermediary dialogue

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: epriestley, Korvin

Maniphest Tasks: T5906

Differential Revision: https://secure.phabricator.com/D10295
2014-08-20 13:17:14 -07:00
epriestley
a46d1f1cd8 Flag meme redirect as external
Summary: Fixes T5918.

Test Plan: Verified memes work again.

Reviewers: hach-que, btrahan, chad

Reviewed By: chad

Subscribers: epriestley

Maniphest Tasks: T5918

Differential Revision: https://secure.phabricator.com/D10307
2014-08-20 06:59:08 -07:00
epriestley
5449200972 Send SMTP mail using quoted-printable encoding in all cases
Summary: See D10278. This works around a bug (?) in SendGrid, see http://stackoverflow.com/questions/6276181/extra-newlines-in-plain-text-emails-sent-via-sendgrid

Test Plan: @nickz confirmed this resolved his issue. See also D10278.

Reviewers: nickz, btrahan, chad

Reviewed By: chad

Subscribers: nickz, epriestley

Differential Revision: https://secure.phabricator.com/D10303
2014-08-19 17:36:38 -07:00
epriestley
94cdddc211 Cover redirects to files in more cases
Summary: Ref T5894. We have a couple more similar cases. Make them all do a decision-based redirect for now.

Test Plan: Did "View Raw File" and such, and also made sure thumbnails still work.

Reviewers: btrahan, chad

Reviewed By: chad

Subscribers: epriestley

Maniphest Tasks: T5894

Differential Revision: https://secure.phabricator.com/D10301
2014-08-19 15:53:15 -07:00
epriestley
e8ece70ee0 Support bin/remove destroy Fnnn for files
Summary: Straightforward (this is the one object type we do let you delete from the web UI) implemetation of `PhabricatorDestructibleInterface`.

Test Plan: Used `bin/remove destroy` to destory several files. Used `--trace` to verify they wiped file data.

Reviewers: btrahan, chad

Reviewed By: chad

Subscribers: epriestley

Differential Revision: https://secure.phabricator.com/D10300
2014-08-19 15:44:27 -07:00
James Rhodes
df7fb09845 Remove localhost Drydock allocator
Summary: This has never been enabled by default, and isn't safe.  Remove it since people can use preallocated or EC2 hosts.

Test Plan: Removed it; didn't see it appear on the "Create Blueprint" page.

Reviewers: epriestley, #blessed_reviewers

Reviewed By: epriestley, #blessed_reviewers

Subscribers: epriestley, Korvin

Differential Revision: https://secure.phabricator.com/D10287
2014-08-20 08:29:32 +10:00
Chad Little
0057cf17e9 Clean up image file diffs UI
Summary: Uses AphrontTable now, cleans up interactions. Fixes T5874, Fixes T4910

Test Plan:
tested a large image

{F192585}

Reviewers: btrahan, epriestley

Reviewed By: epriestley

Subscribers: epriestley, Korvin

Maniphest Tasks: T4910, T5874

Differential Revision: https://secure.phabricator.com/D10296
2014-08-19 14:46:37 -07:00
epriestley
e8c51cd934 Fix external redirect flagging issue with image thumbnails
Summary: Fixes T5894. This needs some improvement when we lay in real CDN stuff, but should get all the cases right for now.

Test Plan: Thumbnails work properly again.

Reviewers: btrahan, chad

Reviewed By: chad

Subscribers: epriestley

Maniphest Tasks: T5894

Differential Revision: https://secure.phabricator.com/D10299
2014-08-19 14:21:32 -07:00
Bob Trahan
ed98a1cc84 Paste - fix caching mechanism for S3-stored files
Summary: Fixes T5798. We basically weren't using the caching mechanism. Also adds service calls for S3 stuff, and support for seeing a little info like you can for conduit.

Test Plan: uploaded a paste, looked at paste list - no s3 service calls. edited the paste, looked at paste list - no s3 service calls and edited content properly shown

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: epriestley, Korvin

Maniphest Tasks: T5798

Differential Revision: https://secure.phabricator.com/D10294
2014-08-19 12:01:17 -07:00
Bob Trahan
59b626d2c1 Audit - allow queries for "partial" and "accepted" audits
Summary: Fixes T5871. These queries get to use the actual column on the commit table since they are about the "aggregate" state of different audits.

Test Plan: issues queries and got sensible results.

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: epriestley, Korvin

Maniphest Tasks: T5871

Differential Revision: https://secure.phabricator.com/D10271
2014-08-19 10:43:52 -07:00
epriestley
df361470c1 Be more strict about "Location:" redirects
Summary:
Via HackerOne. Chrome (at least) interprets backslashes like forward slashes, so a redirect to "/\evil.com" is the same as a redirect to "//evil.com".

  - Reject local URIs with backslashes (we never generate these).
  - Fully-qualify all "Location:" redirects.
  - Require external redirects to be marked explicitly.

Test Plan:
  - Expanded existing test coverage.
  - Verified that neither Diffusion nor Phriction can generate URIs with backslashes (they are escaped in Diffusion, and removed by slugging in Phriction).
  - Logged in with Facebook (OAuth2 submits a form to the external site, and isn't affected) and Twitter (OAuth1 redirects, and is affected).
  - Went through some local redirects (login, save-an-object).
  - Verified file still work.

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: epriestley

Differential Revision: https://secure.phabricator.com/D10291
2014-08-18 14:11:06 -07:00
epriestley
1652e07b4d Provide a purchase detail view in Phortune
Summary: Ref T2787. This provides a purchase detail screen (which has nothing useful on it yet) and converts a bunch of PHIDs into slightly more useful links.

Test Plan: Browsed around my account.

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: epriestley

Maniphest Tasks: T2787

Differential Revision: https://secure.phabricator.com/D10284
2014-08-18 13:15:21 -07:00
epriestley
211a93529b Implement DestructibleInterface for dashboards and panels
Summary: Fixes T5471.

Test Plan: Used `bin/remove destroy` to destroy a dashboard and a panel.

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: epriestley

Maniphest Tasks: T5471

Differential Revision: https://secure.phabricator.com/D10283
2014-08-18 13:15:13 -07:00
Chad Little
cd82b90c15 Modernize DatePicker
Summary: Fixes T5893. Uses more standard colors / spacing / shadows / icons.

Test Plan:
pick dates

{F191310}

Reviewers: btrahan, epriestley

Reviewed By: epriestley

Subscribers: epriestley, Korvin

Maniphest Tasks: T5893

Differential Revision: https://secure.phabricator.com/D10285
2014-08-16 14:55:22 -07:00
epriestley
fce43179e7 Move notifications to ApplicationSearch
Summary: Ref T5891. This just modernizes infrastructure.

Test Plan: Viewed "All" and "Unread" notifications.

Reviewers: btrahan, chad

Reviewed By: chad

Subscribers: epriestley

Maniphest Tasks: T5891

Differential Revision: https://secure.phabricator.com/D10281
2014-08-16 11:14:32 -07:00
epriestley
98a847a36c Don't render a grip on tasks returned over AJAX to non-draggable UIs
Summary:
Fixes T5140. When you ajax-edit a task and we send back a full-size card, we currently always put a drag grip on it.

If you clicked the "edit" thing from a priority-ordered list, this is appropriate. However, if you clicked it from some other type of list, it is not.

Pass the expected grippableness through the call.

Test Plan:
  - Edited a task from a reorderable (priority-ordered) view, got grip.
  - Edited a task from a nonreorderable (author-ordered) view, got no grip.

Reviewers: btrahan, chad

Reviewed By: chad

Subscribers: epriestley

Maniphest Tasks: T5140

Differential Revision: https://secure.phabricator.com/D10282
2014-08-16 11:12:43 -07:00
James Rhodes
26f283fe21 Implement passphrase.query for querying credentials
Summary: Resolves T5868.  This implements `passphrase.query` and a mechanism for allowing Conduit access to credentials.

Test Plan: Tested locally.

Reviewers: epriestley, #blessed_reviewers

Reviewed By: epriestley, #blessed_reviewers

Subscribers: talshiri, epriestley, Korvin

Maniphest Tasks: T5868

Differential Revision: https://secure.phabricator.com/D10262
2014-08-16 22:41:03 +10:00
epriestley
300910f462 Allow columns to have a point limit
Summary:
Fixes T5885. This implements optional soft point limits for workboard columns, per traditional Kanban.

  - Allow columns to have a point limit set.
  - When a column has a point limit, show it in the header.
  - If a column has too many points in it, show the column and point count in red.

@chad, this could probably use some design tweaks. In particular:

  - I changed the color of "hidden" columns to avoid confusion with "overfull" columns. We might be able to find a better color.
  - UI hints for overfull columns might need adjustment.

(After T4427, we'll let you sum some custom field instead of total number of tasks, which is why this is called "points" rather than "number of tasks".)

Test Plan:
{F190914}

Note that:

  - "Pre-planning" has a limit, so it shows "4/12".
  - "Planning" has a limit and is overfull, so it shows "5 / 4".
  - Other columns do not have limits.
  - "Post-planning" is a hidden column. This might be too muted now.

Transactions:

{F190915}

Error messages / edit screen:

{F190916}

Reviewers: btrahan, chad

Reviewed By: btrahan

Subscribers: chad, epriestley

Maniphest Tasks: T5885

Differential Revision: https://secure.phabricator.com/D10276
2014-08-15 11:16:08 -07:00
epriestley
eaacb4a511 Replace ActionHeader minicons with Font icons
Summary:
Ref T5885. See D10276.

Currently, ActionHeaders can only have minicons, and we don't use them anywhere and they probably don't make much sense in the product anymore.

Instead, allow them to have font icons. Remove minicons, which have no callsites and probably won't in the future.

Test Plan:
{F190925}

  - Grepped for `minicons`.
  - Grepped for `setHeaderIcon()`.

Reviewers: btrahan, chad

Reviewed By: chad

Subscribers: epriestley

Maniphest Tasks: T5885

Differential Revision: https://secure.phabricator.com/D10277
2014-08-15 11:08:28 -07:00
epriestley
f9de495d0b Use file.download to retrieve macro images in the IRC macro bot
Summary: Fixes T5884. Macro images are no longer public on most installs. We could generate tokens for them, but this (using Conduit to pull the file data) is easier and more correct.

Test Plan: Logged a bot into IRC and had it spam part of a macro before being killed for flooding.

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: epriestley

Maniphest Tasks: T5884

Differential Revision: https://secure.phabricator.com/D10274
2014-08-15 11:08:11 -07:00
epriestley
607e99490b Migrate "cancdn" to "canCDN" in the database
Summary: Ref T5884. We migrated with "canCDN" and then had live writes with "cancdn". Move everything to "canCDN" for consistency.

Test Plan: Ran migration, verified DB only has "canCDN" afterward.

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: epriestley

Maniphest Tasks: T5884

Differential Revision: https://secure.phabricator.com/D10273
2014-08-15 11:07:40 -07:00
epriestley
8403812e15 Make HTML email a little easier to debug
Summary:
Ref T992.

  - Format text/HTML bodies explicitly in `bin/mail show-outbound`.
  - Provide `bin/mail show-outbound --dump-html` so you can do something like `bin/mail show-outbound --dump-html > dump.html; open dump.html` to get a browser preview somewhat easily.

Test Plan: Ran `bin/mail show-outbound` with and without `--dump-html` flag.

Reviewers: talshiri, btrahan

Reviewed By: btrahan

Subscribers: epriestley

Maniphest Tasks: T992

Differential Revision: https://secure.phabricator.com/D10272
2014-08-15 11:07:33 -07:00
Manuel Klimek
eb3ed9bbc9 Add an option to put comment context into emails.
Summary:
When enabled, this will show the full history of review comments in an
email-compatible threading-view.

Test Plan: Sending emails with the option on and off.

Reviewers: epriestley, #blessed_reviewers

Reviewed By: epriestley, #blessed_reviewers

Subscribers: epriestley, Korvin

Differential Revision: https://secure.phabricator.com/D10146
2014-08-15 10:14:09 -07:00
epriestley
baa0a71e55 Show task counts in column headers on Workboards
Summary: Ref T4427. This always counts 1 task = 1 point. The tricky bit is making this update in JS.

Test Plan: {F190900}

Reviewers: btrahan, chad

Reviewed By: chad

Subscribers: epriestley

Maniphest Tasks: T4427

Differential Revision: https://secure.phabricator.com/D10275
2014-08-15 09:28:08 -07:00
Tal Shiri
4c57e6d34d HTML emails
Summary:
Added support for side-by-side HTML and plaintext email building.

We can control if the HTML stuff is sent by by a new config, metamta.html-emails

Test Plan:
Been running this in our deployment for a few months now.

====Well behaved clients====
 - Gmail
 - Mail.app

====Bad clients====

- [[ http://airmailapp.com/ | Airmail ]]. They confuse Gmail too, though.

====Need testing====
 - Outlook (Windows + Mac)

Reviewers: chad, #blessed_reviewers, epriestley

Reviewed By: #blessed_reviewers, epriestley

Subscribers: webframp, taoqiping, chad, epriestley, Korvin

Maniphest Tasks: T992

Differential Revision: https://secure.phabricator.com/D9375
2014-08-15 08:12:21 -07:00
Chad Little
dc69c4e58c Touch up notification/messages panels
Summary: Fixes T5575. Moves "All" links into title/header. Mark all read floats left, and connection status sits in footer. Also added hints to enable notifications (it's a cool feature).

Test Plan:
Tested locally both menus.

{F190630}

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: epriestley, Korvin

Maniphest Tasks: T5575

Differential Revision: https://secure.phabricator.com/D10269
2014-08-14 17:19:01 -07:00
Bob Trahan
ff51a1a451 Remarkup - add a regex to blacklist what objects get link
Summary: Fixes T5453.

Test Plan: made a remarkup comment that "Q1 is dumb and Q10 is awesome" and only Q10 was linked. changed the new setting to have the value " " and the Q1 also started linking.

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: epriestley, Korvin

Maniphest Tasks: T5453

Differential Revision: https://secure.phabricator.com/D10270
2014-08-14 15:20:45 -07:00
Bob Trahan
f8af89a99e DiffusionCommitQuery - move phid to id mapping
Summary: Ref T5862. makes the exception work better

Test Plan: issued some queries from audit ui with and without repos - they worked

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: epriestley, Korvin

Maniphest Tasks: T5862

Differential Revision: https://secure.phabricator.com/D10268
2014-08-14 13:04:38 -07:00
Bob Trahan
644e950ea3 Audit - add ability to query by repositories
Summary: Fixes T5862. The Diffusion table uses `id` but all the other infrastructure uses `phid` so just do a quick load of the repositories to get the ids. Long term, we should re-key the table by phid I think.

Test Plan: made a query with a repository and got a proper result set

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: epriestley, Korvin

Maniphest Tasks: T5862

Differential Revision: https://secure.phabricator.com/D10245
2014-08-14 12:40:47 -07:00
Bob Trahan
ea3aeb4962 Add "View Email" action to application transactions
Summary: Should help with debugging. In the web UI there is now a link to "View Email". This uses the same debugging output that `./bin/mail show-outbound` uses. Fixes T5768. Code is very defensive as I think these tables may be truncated eventually?

Test Plan: viewed some emails and it worked!

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: epriestley, Korvin

Maniphest Tasks: T5768

Differential Revision: https://secure.phabricator.com/D10244
2014-08-14 12:28:28 -07:00
Bob Trahan
0b7bae29c8 Projects - tokenize projects more aggressively with respect to '-'
Summary:
Fixes T5727. Updates the regexes to split on '-'. Also changes the editor such that tokens are updated by the larger search process. (Note this means we update this data more often then we need to - for every project transaction.)

Users will need to make an edit to a project -or- run `bin/search index "#project-tag"` to make this actually work.

Test Plan: Made "Frontend-Engineering", "Engineering", and "Backend-Enginering". They all showed up in the typeahead!

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: epriestley, Korvin

Maniphest Tasks: T5727

Differential Revision: https://secure.phabricator.com/D10247
2014-08-14 12:28:11 -07:00
epriestley
cebbca9e08 Add a "USERS" section to audit emails listing commit authors and committers
Summary: Fixes T5872. This won't show up in the initial email until T4896 is further along.

Test Plan:
```
RECIPIENTS
  discoball (Disco Ball)

BODY
epriestley added a comment.

ffkn

USERS
  epriestley (Author)

COMMIT
  http://local.aphront.com:8080/rPOEMS165b6c54f487
```

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: epriestley

Maniphest Tasks: T5872

Differential Revision: https://secure.phabricator.com/D10266
2014-08-14 12:14:02 -07:00
epriestley
40a4eeec77 Make bot macro handler more graceful in the face of failure
Summary: Fixes T5883. The first time we hit an error we'll continue forward; we only bail after the second time. Instead, check for an error immediately

Test Plan: HA HA HA DID NOT TEST HA HA HA HA

Reviewers: btrahan, cburroughs

Reviewed By: cburroughs

Subscribers: epriestley

Maniphest Tasks: T5883

Differential Revision: https://secure.phabricator.com/D10265
2014-08-14 12:13:43 -07:00
epriestley
ae1a821b65 Fix cancdn vs canCDN flag
Summary:
Ref T5884. We migrated to add a `canCDN` flag, but the code looks for a `cancdn` flag.

If this fixes the issue, I'll migrate `cancdn` to `canCDN` in the next diff.

Test Plan: Viewed some files, including old files, and saw the cacheability I expected.

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: epriestley

Maniphest Tasks: T5884

Differential Revision: https://secure.phabricator.com/D10264
2014-08-14 12:13:26 -07:00
epriestley
5d62f56c8f Provide a setup warning about ft_min_word_len
Summary: Fixes T4130. Adds a setup warning when ft_min_word_len is set to the default value.

Test Plan: Hit setup warning; resovled setup warning. Searched for "DOS".

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: epriestley

Maniphest Tasks: T4130

Differential Revision: https://secure.phabricator.com/D10259
2014-08-13 15:37:45 -07:00
epriestley
ef0460c1ff Surface a better warning when the LDAP extension is not installed
Summary:
Fixes T3347. We can't really do this one as a config thing since we don't know if the user wants to use LDAP.

Instead, just give them a better message than they otherwise get when they try to install/configure/use LDAP.

Test Plan: Faked it and got a reasonable message.

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: epriestley

Maniphest Tasks: T3347

Differential Revision: https://secure.phabricator.com/D10260
2014-08-13 15:37:30 -07:00
epriestley
e616f166ae Provide a setup warning about using the default MySQL stopword file
Summary:
Fixes T2605.

  - Add a setup warning about the stopword file.
  - Provide a simpler stopword file.

Test Plan:
  - Hit setup warning.
  - Resolved it according to instructions.
  - Added "various" to a task, then searched for it, found the task.

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: epriestley

Maniphest Tasks: T2605

Differential Revision: https://secure.phabricator.com/D10258
2014-08-13 15:34:09 -07:00
epriestley
f1889aa942 Use a custom quit message when gracefully shutting down the IRC bot
Summary: Fixes T3173. This doesn't actually fix T3173 but I'm going to redirect that. It does make the bot quit IRC gracefully, with a nicer quit message, which can be customized.

Test Plan: Got a bot to quit IRC with nice messages.

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: epriestley

Maniphest Tasks: T3173

Differential Revision: https://secure.phabricator.com/D10257
2014-08-13 15:33:38 -07:00
epriestley
1ad0e84518 Show image dimensions and some other metadata in Differential
Summary: Fixes T2101. When viewing an image change, show image dimensions, MIME type, and filesize.

Test Plan:
{F190189}

{F190190}

very utility

such wow

Reviewers: mailson, btrahan, chad

Reviewed By: chad

Subscribers: epriestley, Korvin, aran

Maniphest Tasks: T2101

Differential Revision: https://secure.phabricator.com/D5206
2014-08-13 14:41:06 -07:00
epriestley
df28d751f5 Add an X-Phabricator-Projects header to outbound mail
Summary: Fixes T4973. For `PhabricatorProjectInterface` objects, add a header to let clients do mail filtering.

Test Plan: Saw `X-Phabricator-Projects: <#goat_farm>` in outbound mail.

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: rush898, epriestley

Maniphest Tasks: T4973

Differential Revision: https://secure.phabricator.com/D10256
2014-08-13 14:40:54 -07:00
epriestley
a37dc68b0a Show projects on feed stories
Summary: Fixes T1922. When a story is about a primary object associated with projects, show those projects on the feed story.

Test Plan: {F190171}

Reviewers: btrahan, chad

Reviewed By: chad

Subscribers: epriestley

Maniphest Tasks: T1922

Differential Revision: https://secure.phabricator.com/D10255
2014-08-13 11:24:56 -07:00
epriestley
bcdadf5947 Add autocomplete=off to all non-login password forms
Summary: Fixes T5579. Modern browsers aggressively autofill credentials, but at least Firefox still behaves slightly better with this flag. Hopefully other browsers will follow suit.

Test Plan: Browsed various interfaces, verifying that login interfaces allow autocomplete while non-login interfaces do not.

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: epriestley

Maniphest Tasks: T5579

Differential Revision: https://secure.phabricator.com/D10253
2014-08-13 10:06:48 -07:00
epriestley
a5d2460974 Probably fix bad method call in Diffusion
Summary: Fixes T5869. Ref T4896. This `setID()` method no longer exists.

Test Plan: (WARNING) This is a pain to reproduce locally so I'm just winging it. I'm 99% sure this ID is only used to generate an anchor link. This is a hack to start with, and T4896 will eventualy clean it up properly.

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: epriestley

Maniphest Tasks: T4896, T5869

Differential Revision: https://secure.phabricator.com/D10254
2014-08-13 10:06:41 -07:00
James Rhodes
e07011d37d Disable known hosts when SSH'ing through Drydock
Summary: This prevents SSH from saving the host key into known_hosts; StrictHostKeyChecking only prevents it from prompting for unknown hosts, but it will still verify hosts against what it has previously saved.

Test Plan: N/A

Reviewers: epriestley, #blessed_reviewers

Reviewed By: epriestley, #blessed_reviewers

Subscribers: epriestley, Korvin

Differential Revision: https://secure.phabricator.com/D10252
2014-08-13 15:03:10 +10:00
James Rhodes
ca8f7cdaa5 Execute commands under Powershell on Windows for Harbormaster
Summary:
Resolves T5831.  This modifies the Drydock SSH interface to execute commands under Powershell when the target host platform is Windows.  Powershell is far more featured than cmd.exe, and more closely resembles a UNIX shell.

Currently Powershell outputs stderr as an XML blob on a line, and while this code currently doesn't use that, it will allow us in the future (planned next week) to redirect that output to the stderr log instead of having it all merged in with stdout under cmd (where there is no way to distinguish it).

Test Plan:
Ran various native commands and PowerShell commands from a Harbormaster build, including things like:

```
Write-Host ("my test" + ${build.id})
```

and saw:

```
my test679
```

in the output.

Reviewers: epriestley, #blessed_reviewers

Reviewed By: epriestley, #blessed_reviewers

Subscribers: epriestley, Korvin

Maniphest Tasks: T5831

Differential Revision: https://secure.phabricator.com/D10248
2014-08-13 12:48:52 +10:00
epriestley
8ef1ea63dd Add "unblock" and "column" mail tags to Maniphest
Summary: Fixes T5769. Fixes T5861. Add mail tags for "unblock" and "column change".

Test Plan: Did unblocks and column changes, verified the mail got the right mailtags and recipient nondelivery flags.

Reviewers: chad, btrahan

Reviewed By: btrahan

Subscribers: epriestley

Maniphest Tasks: T5861, T5769

Differential Revision: https://secure.phabricator.com/D10241
2014-08-12 14:07:37 -07:00
cpettet
0420754d73 allow setting view and edit policy with maniphest.createtask
Summary: allowing explicit maniphest policy on api creation

Test Plan:
tested with arc cli

Example:

> echo '{"title": "mc6", "editPolicy": "users", "viewPolicy": "users"}' | \
> arc call-conduit maniphest.createtask

Reviewers: epriestley, #blessed_reviewers

Reviewed By: epriestley, #blessed_reviewers

Subscribers: epriestley, Korvin

Differential Revision: https://secure.phabricator.com/D10243
2014-08-12 14:07:27 -07:00
epriestley
5183bf3c49 Detect macros more strictly in bot handler
Summary: Fixes T5863. Like Remarkup, only identify macros if the entire chat line is the macro.

Test Plan: https://secure.phabricator.com/chatlog/channel/6/?at=158229

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: epriestley

Maniphest Tasks: T5863

Differential Revision: https://secure.phabricator.com/D10242
2014-08-12 14:07:23 -07:00
epriestley
c443913c0b Allow users to set notifications to "Email", "Notification", or "Ignore"
Summary:
Ref T5861. Ref T5769. If users don't care at all about something, allow them to ignore it.

We have some higher-volume notifications either built now (column changes) or coming (mentions) which users might reasonably want to ignore completely.

Test Plan:
Ignored some notifications, then took appropraite actions. Saw my user culled from the notification subscriber list.

{F189531}

Reviewers: chad, btrahan

Reviewed By: btrahan

Subscribers: epriestley

Maniphest Tasks: T5769, T5861

Differential Revision: https://secure.phabricator.com/D10240
2014-08-12 12:29:03 -07:00
epriestley
f6f9d78f3a Modularize mail tags
Summary:
Ref T5861. Currently, mail tags are hard-coded; move them into applications. Each Editor defines its own tags.

This has zero impact on the UI or behavior.

Test Plan:
  - Checked/unchecked some options, saved form.
  - Swapped back to `master` and saw exactly the same values.

Reviewers: chad, btrahan

Reviewed By: btrahan

Subscribers: epriestley

Maniphest Tasks: T5861

Differential Revision: https://secure.phabricator.com/D10238
2014-08-12 12:28:41 -07:00
epriestley
d011f8fdc6 Add a setting to disable all notification email
Summary: Ref T5861. Adds an option to opt out of all notification email. We'll still send you password resets, email verifications, etc.

Test Plan:
{F189484}

  - Added unit tests.
  - With preference set to different things, tried to send myself mail. Mail respected preferences.
  - Sent password reset email, which got through the preference.

Reviewers: btrahan, chad

Reviewed By: chad

Subscribers: rush898, epriestley

Maniphest Tasks: T5861

Differential Revision: https://secure.phabricator.com/D10237
2014-08-12 12:28:29 -07:00
epriestley
0196f53f9d Separate email formatting options into a new panel
Summary:
Ref T5861. These two options are complex, rarely useful, and not directly related to controlling what mail you receive.

Move them to a separate panel to make way for more stuff on the preferences panel. We'll probably add an "HTML" option to this new panel eventually, too.

Test Plan:
{F189474}

  - Used both panels.
  - Tested with multiplexing off.

Reviewers: btrahan, chad

Reviewed By: chad

Subscribers: epriestley

Maniphest Tasks: T5861

Differential Revision: https://secure.phabricator.com/D10236
2014-08-12 12:28:17 -07:00
epriestley
500506bfef Persist excluded recipients when saving mail
Summary:
Fixes T5185. The fundamental issue is that this `excludePHIDs` property was not saved, so the logic went like this:

  - Generate `excludePHIDs` correctly.
  - Pass `excludePHIDs` through the stack.
  - Perform some other computations correctly.
  - Queue the mail for the daemons, throwing it away. {icon bomb}
  - Daemons process mail with empty `excludePHIDs` list.

Store it in the persistent properties array instead.

Also remove the "override self mail" thing, since it's only used by `bin/mail send-test` and suffers from the same issue. I think it's too useless to fix, since even if you get caught by it, `bin/mail` makes it clear why the message was dropped.

Test Plan:
Notable:

  - `exclude` present in properties
  - Exclusion reason under RECIPIENTS header

{P1229}

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: epriestley

Maniphest Tasks: T5185

Differential Revision: https://secure.phabricator.com/D10234
2014-08-12 12:28:07 -07:00
epriestley
c9835c4492 Publish stories about objects in projects as related to projects
Summary:
Fixes T5456. We lost this logic in the transition to applicationtransactions.

When publishing a feed story, mark all of the object's projects as related, so the project filter in feed works.

Test Plan: Made a comment on a task associated with a project, saw the story in filtered feed.

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: timor, epriestley

Maniphest Tasks: T5456

Differential Revision: https://secure.phabricator.com/D10233
2014-08-12 12:27:24 -07:00
epriestley
e4049e8797 Fix verbose email addresses being passed to mail adapters
Summary:
Fixes T5233.

  - The mail adapter API currently expects plain addresses (like `a@b.com`) in `addTos()`, and some adapters can not accept fancy verbose addresses (like `"name" <a@b.com>`).
  - When we try to send error email, we pass the entire "From" header into the API. This is incorrect.
  - Since it would be nice to make this just work in the future, fix it inside the API.
  - Specifically, this is reached with: send email -> generates error -> we try to send you an email back -> we send it to your "From" -> some mailers choke on the fancy name if you have one.

Test Plan: Processed an errorneous email with a fancy "From", got a response error.

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: epriestley

Maniphest Tasks: T5233

Differential Revision: https://secure.phabricator.com/D10232
2014-08-12 12:27:13 -07:00
epriestley
dedcfd0c91 Fix broken handle rendering in Ponder
Summary: Ref T5817. This just fixes the markup in emails, the overall behavior still isn't great. I don't want to spend to much time on Ponder until it ends up somewhere nearer the top of the priority queue.

Test Plan: Viewed feed stories and emails, no stray/clearly-broken HTML.

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: epriestley

Maniphest Tasks: T5817

Differential Revision: https://secure.phabricator.com/D10231
2014-08-12 12:25:58 -07:00
epriestley
a3a72c1c7d Use transactions properly when building tasks from email
Summary: Fixes T5859. This doesn't change much, but makes the transaction record a little more accurate and activates stuff like `#hashtags` and `{F123}` causing policy associations.

Test Plan: Used `bin/mail receive-test` and mail receiver script to send bug mail, saw hashtags imply projects.

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: epriestley

Maniphest Tasks: T5859

Differential Revision: https://secure.phabricator.com/D10229
2014-08-12 12:25:47 -07:00
epriestley
ec9eaabfbd Allow repo updates to recover after force push + garbage collection
Summary:
Fixes T5839. If a repository has been force pushed and garbage collected, we might have a ref cursor in the database which still points at the old commit (which no longer exists).

We'll then run a command like `git log <new hash> --not <old hash>` to figure out which commits are newly pushed, and this will bomb out because `<old hash>` is invalid.

Instead, validate all the `<old hash>` values before we try to make use of them.

Test Plan:
  - Forced a repository into a bad state by mucking with the datbase, generating a reproducible failure similar to the one in T5839.
  - Applied patch.
  - `bin/repository update <callsign> --trace` filtered the bad commit and put the repository into the right state.
  - Saw new commits recognized correctly.
  - Ran `bin/repository update <callsign>` for a Mercurial and SVN repo as a sanity check.

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: epriestley

Maniphest Tasks: T5839

Differential Revision: https://secure.phabricator.com/D10226
2014-08-12 12:25:24 -07:00
epriestley
394250397e Improve "unblock task" feed stories
Summary:
Fixes T5184. Fixes T5008. Three issues with stories/notifications about changing the status of tasks which block other tasks:

**Bad Feed Stories**

  - Problem: Feed story rendering was confusing (T5184).
  - Solution: fix it to provide context.

**Too Many Feed Stories**

  - Problem: Feed gets a story for the original task's close ("a closed x"), and a story for each blocked task ("a closed x, a task blocking y").
  - "Solution": Punt. These are redundant in the full feed but not in filtered feeds. Right solution is display-time aggregation. No users have really complained about this.

**Too Many Notifications**

  - Problem: Users subscribed to both tasks get notified about the clsoe, and also about the unblocked task. These notifications are redundant.
  - "Solution": Punt. This is easy to fix by silencing notifications for the sub-editor, but I'm worried it would be confusing. Users haven't complained. Display-time aggregation might be a better fix.

Test Plan: {F189463}

Reviewers: btrahan, chad

Reviewed By: chad

Subscribers: epriestley

Maniphest Tasks: T5008, T5184

Differential Revision: https://secure.phabricator.com/D10235
2014-08-12 09:27:26 -07:00
epriestley
94389fcd9f Allow projects to be filtered by icon and color
Summary: Ref T5819. Implements basic icon and color filtering for projects.

Test Plan: {F189350}

Reviewers: btrahan, chad

Reviewed By: chad

Subscribers: epriestley

Maniphest Tasks: T5819

Differential Revision: https://secure.phabricator.com/D10230
2014-08-12 08:04:38 -07:00
epriestley
9309723ac4 Send graceful shutdown signals to daemons in Phabricator
Summary:
Fixes T5855. Adds a `--graceful N` flag to `phd stop` and `phd restart`.

`phd` will send SIGINT, wait `N` seconds, SIGTERM, wait 15 seconds, and SIGKILL. By default, `N` is 15.

Test Plan:
  - Ran `bin/phd debug ...` and used `^C` to interrupt daemons. Saw graceful shutdown behavior, and abrupt termination on multiple `^C`.
  - Ran `bin/phd start`, `bin/phd stop` and `bin/phd restart` with `--graceful` set to various things, notably `0`. Saw graceful shutdowns on the CLI and in the web UI. With `0`, abrupt shutdowns.

Reviewers: btrahan, hach-que

Reviewed By: hach-que

Subscribers: epriestley

Maniphest Tasks: T5855

Differential Revision: https://secure.phabricator.com/D10228
2014-08-11 20:18:31 -07:00
James Rhodes
aab0ed1c50 Implement artifact release for Harbormaster
Summary: Resolves T5836.  This automatically releases artifacts when Harbormaster builds finish (either passing or failing).  This allows Harbormaster to release the Drydock leases it has for hosts.

Test Plan: Tested it with a build plan that passes and fails; tested it with lots of builds running in parallel.

Reviewers: #blessed_reviewers, epriestley

Reviewed By: #blessed_reviewers, epriestley

Subscribers: epriestley, Korvin

Maniphest Tasks: T5836

Differential Revision: https://secure.phabricator.com/D10208
2014-08-12 09:15:16 +10:00
James Rhodes
d2111214f2 Allow timeouts to be specified on Drydock SSH connections
Summary: This allows timeouts to be specified on SSH connections that Drydock makes.  Used in the EC2 allocator to poll for the SSH server starting.

Test Plan: Used in EC2 allocator diff.

Reviewers: epriestley, #blessed_reviewers

Reviewed By: epriestley, #blessed_reviewers

Subscribers: epriestley, Korvin

Differential Revision: https://secure.phabricator.com/D10225
2014-08-12 09:14:47 +10:00
James Rhodes
e48aaa563a Allow Drydock blueprints to define and use custom fields
Summary: This allows Drydock blueprints to define custom fields for blueprint settings.

Test Plan: Pulled out of EC2 allocator diff.

Reviewers: epriestley, #blessed_reviewers

Reviewed By: epriestley, #blessed_reviewers

Subscribers: epriestley, Korvin

Differential Revision: https://secure.phabricator.com/D10224
2014-08-12 08:39:00 +10:00
James Rhodes
efc82c727b Measure how long build targets take in Harbormaster
Summary:
Ref T1049.  This keeps track of how long a build target takes to execute in Harbormaster and displays it in the build view page.  I'm not sure whether "Started" is really that useful once the target has completed?

Also, I change the name of the time taken depending on whether or not the target has completed; if it's still in progress it's called "Elapsed" and if it's completed then it's "Duration".  The primary reason for this is that "Duration" sounds like post tense, whereas "Elapsed" is current tense.  I'm not sure whether this is okay or not?

Test Plan: Ran a Sleep build step and saw the target dates / times appear correctly.

Reviewers: epriestley, #blessed_reviewers

Reviewed By: epriestley, #blessed_reviewers

Subscribers: talshiri, epriestley, Korvin

Maniphest Tasks: T5824, T1049

Differential Revision: https://secure.phabricator.com/D10174
2014-08-12 08:34:43 +10:00
Caleb Anderson
60fca1d7f4 Updated PhabricatorManiphestTaskTestDataGenerator to assign projects to the generated tasks.
Summary: To assist with {T5245}, I have added projects back into the lipsum maniphest generator with the edge infrastructure.

Test Plan: Run the lipsum script for PhabricatorManiphestTaskTestDataGenerator and make sure it generates project data.

Reviewers: #blessed_reviewers, epriestley

Reviewed By: #blessed_reviewers, epriestley

Subscribers: epriestley, Korvin

Differential Revision: https://secure.phabricator.com/D10202
2014-08-11 13:27:33 -07:00
epriestley
0292793d4d Account for preempting events on the Phrequent list view
Summary: Fixes T5850. Also fixes some logic where the wrong preempting events could be attached during a bulk query.

Test Plan: Phrequent list now shows preemption-aware times.

Reviewers: hach-que, btrahan

Reviewed By: btrahan

Subscribers: epriestley

Maniphest Tasks: T5850

Differential Revision: https://secure.phabricator.com/D10223
2014-08-11 12:30:48 -07:00
epriestley
fc814647e6 Improve usability of Phrequent "Stop Time" dialog
Summary:
Fixes T5848.

  - Disallow tracking negative time.
  - Preserve note if there's an error with the time selection.
  - Show start time and duration.
  - Slightly better error messages.

Test Plan: Started and stopped time. Tried to select future/negative ranges.

Reviewers: hach-que, btrahan

Reviewed By: btrahan

Subscribers: epriestley

Maniphest Tasks: T5848

Differential Revision: https://secure.phabricator.com/D10218
2014-08-11 12:30:01 -07:00
epriestley
98cd2cd799 Move object monogram rules later in the parse order
Summary:
Fixes T5837. The problem is that the hash is being recognized as a commit hash. We currently fire the object monogram rules fairly early, but there's no real reason to do this. Move them after all of the hyperlink rules:

    0 PhutilRemarkupEscapeRemarkupRule
    100 PhutilRemarkupMonospaceRule
    150 PhutilRemarkupDocumentLinkRule
    175 PhrictionRemarkupRule

  <<< OLD OBJECT RULE POSITION

    200 PhabricatorIconRemarkupRule
    200 PhabricatorMemeRemarkupRule
    200 DivinerSymbolRemarkupRule
    350 DoorkeeperRemarkupRuleJIRA
    350 PhabricatorYoutubeRemarkupRule
    350 DoorkeeperRemarkupRuleAsana
    400 PhutilRemarkupHyperlinkRule

  >>> NEW OBJECT RULE POSITION

    500 PhabricatorImageMacroRemarkupRule
    500 CustomInlineJIRA5Rule
    500 PhabricatorMentionRemarkupRule
    500 CustomInlineCodeRule
    1000 PhutilRemarkupDelRule
    1000 PhutilRemarkupBoldRule
    1000 PhutilRemarkupItalicRule
    1000 PhutilRemarkupUnderlineRule

  - The disadvantage of this approach is that `{F123, alt=go look at http://lol.com/ omg}` will parse the URL first, and then fail to resolve the object embed. This seems very rare / unusual.
  - The advantage is that all URLs which happen to have monograms in them work.

In the future, we could refine this by separating the rules, so the embed (`{...}`) versions fired at priority 200, while the normal versions fired at priority 450. We can wait for use cases, though. This is a little messy because the same code implements both rules.

Test Plan:
  - Verified example in T5837.
  - Marked up object rules like `F123` (works), `[[ asdf | F123 ]]` (works), `{F123, alt=http://example.com}` (does not work).

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: epriestley

Maniphest Tasks: T5837

Differential Revision: https://secure.phabricator.com/D10212
2014-08-11 12:29:23 -07:00
epriestley
448020a573 Rename Lisk internal getProperties() methods to avoid collisions
Summary:
See some discussion here:

24a6eeb8d8 (commitcomment-7334892)

The `protected $properties;` storage parameter added to `ProjectColumn` is shadowed by `getProperties()` in the base class.

Although this works correctly for me, it's ambiguous and worth fixing. Make the base class methods explicit.

Test Plan: Used `grep` to find callers for both methods and renamed them.

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: epriestley

Differential Revision: https://secure.phabricator.com/D10210
2014-08-11 12:24:41 -07:00
epriestley
2b909fb3a1 Minor, fix one more Actor -> Acting As PHID
Summary: See D10221, I missed one of these callsites.

Auditors: btrahan
2014-08-11 12:20:25 -07:00
epriestley
6232e9676c Don't send reset links to unverified addresses on accounts with verified addresses
Summary:
Via HackerOne. If a user adds an email address and typos it, entering `alinculne@gmailo.com`, and it happens to be a valid address which an evil user controls, the evil user can request a password reset and compromise the account.

This strains the imagination, but we can implement a better behavior cheaply.

  - If an account has any verified addresses, only send to verified addresses.
  - If an account has no verified addresses (e.g., is a new account), send to any address.

We've also received several reports about reset links not being destroyed as aggressively as researchers expect. While there's no specific scenario where this does any harm, revoke all outstanding reset tokens when a reset link is used to improve the signal/noise ratio of the reporting channel.

Test Plan:
  - Tried to send a reset link to an unverified address on an account with a verified address (got new error).
  - Tried to send a reset link to a verified adddress on an account with a verified address (got email).
  - Tried to send a reset link to an invalid address (got old error).
  - Tried to send a reset link to an unverified address on an account with only unverified addresses -- a new user (got email).
  - Requested several reset links, used one, verified all the others were revoked.

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: epriestley

Differential Revision: https://secure.phabricator.com/D10206
2014-08-11 12:13:09 -07:00
epriestley
7513c70e2c Show a very basic purchase history in Phortune
Summary: Ref T2787. This is very basic and just helps me know that the data is inserting correctly.

Test Plan: {F187765}

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: epriestley

Maniphest Tasks: T2787

Differential Revision: https://secure.phabricator.com/D10205
2014-08-11 12:10:09 -07:00
epriestley
d38e89ef6b Fix several issues with application interactions while importing commits
Summary:
  - Fixes T5851. Currently, if a commit has `Fixes T123`, we generate an email with just that before generating the commit email. Don't send/publish transactions about a commit before it imports (this is a tiny bit hacky, but well-contained and I don't think it causes any problems).
  - Fixes T4864. Currently, we try to parse Differential information even if Differential is not installed. Instead, do this only if Differential is installed.
  - Fixes T5771. Currently, if we can't figure out who the committer/author of a commit is, we don't publish a `Fixes T123` transaction. Instead, fall back to acting as "Diffusion" if we can't find a better actor. Most of this diff expands the role of application actors. The existing application actors (Herald and Harbormaster) seem to be working well.

Test Plan:
  - Pushed a commit with `Fixes T123` and verified it did not generate email directly. (The task half of the transaction still does, correctly.)
  - Uninstalled Differential and pushed a commit, got a clean import instead of an exception.
  - Commented out author/committer PHIDs and pushed stuff, saw a "Diffusion" actor.

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: epriestley

Maniphest Tasks: T5771, T4864, T5851

Differential Revision: https://secure.phabricator.com/D10221
2014-08-11 12:08:24 -07:00
epriestley
d09d7ffe1f Fix string construction in Conduit exceptions
Summary:
Fixes T5838.

  - We currently try to use a `ConduitAPIMethod` object as a string.
  - We then pass that string to the parent's `__construct()` method as `$message`.

Test Plan: Uninstalled Maniphest, then tried to execute `maniphest.createtask`. Got a useful exception message instead of an error during message construction.

Reviewers: joshuaspence, btrahan

Reviewed By: btrahan

Subscribers: epriestley

Maniphest Tasks: T5838

Differential Revision: https://secure.phabricator.com/D10211
2014-08-11 12:08:06 -07:00
epriestley
aa67a5ffc8 Make payment method management somewhat more reasonable in Phortune
Summary: Ref T2787. Shows somewhat-useful information, allows payment methods to be disabled and renamed.

Test Plan: Created, renamed, disabled payment methods.

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: epriestley

Maniphest Tasks: T2787

Differential Revision: https://secure.phabricator.com/D10203
2014-08-11 12:07:35 -07:00
epriestley
eb9dcd6fba Consolidate handling of special properties for newly uploaded files
Summary:
Fixes T5849. When a new file is created, we might have to actually write the data to a storage engine, or we might be able to just point at data which is already there.

Currently, these two paths handle `$params` with different code and mild behavioral differences. Instead, have them call the same code so they get the same behavior.

Test Plan:
  - Uploaded the same file multiple times to home page.
  - Uploaded the same file multiple times as profile picture.
  - Generated files via Diffusion.
  - All the files got the expected properties, whether they were reusing data or not.

Reviewers: btrahan, 20after4

Reviewed By: 20after4

Subscribers: epriestley

Maniphest Tasks: T5849

Differential Revision: https://secure.phabricator.com/D10216
2014-08-11 09:39:40 -07:00
epriestley
a9f2c07345 Generate a 403 page with a nice dialog when a file token is invalid
Summary:
Ref T5685. Currently we just 403 on an invalid token, but we can be a little more helpful.

The issues here are:

  - If we **do** redirect you on this page and something goes wrong, you might get stuck in a redirect loop.
  - If we **don't** redirect you, copy/pasting the link to someone (or reloading the page) gives them a pretty confusing result, since the link doesn't work any more. Prior to this diff, they get a 403.

To mitigate this, do a little better than a bare 403: give them a link to auth and generate a new URI for the file.

If this is still confusing, the next best thing I can come up with is something like this:

  - Put some modulous of the timestamp in the URI.
  - If the current time is within 2 seconds of the generation time, show this dialog.
  - Otherwise, redirect.

That seems like it would be okay, but I worry that "2" has to be small (so links you copy/paste -> chat -> click still work) and a small value means that a small amount of clock skew breaks things. We could use the database clock, but ehhh.

Other ideas:

  - Put a hash of the remote IP in the URI, redirect if it doesn't match. Fails for companies behind a NAT gateway but should work in a lot of other cases.
  - Just redirect always, there's no reason it should ever loop and browsers don't really do anything bad when there's a loop (they'll show an error after too many redirects).

I'm leaning toward letting this stabilize in the wild for a bit, then trying "always redirect".

Test Plan: {F188914}

Reviewers: btrahan, 20after4

Reviewed By: 20after4

Subscribers: epriestley

Maniphest Tasks: T5685

Differential Revision: https://secure.phabricator.com/D10215
2014-08-11 09:39:25 -07:00