1
0
Fork 0
mirror of https://we.phorge.it/source/phorge.git synced 2024-12-04 20:52:43 +01:00
Commit graph

2961 commits

Author SHA1 Message Date
Chad Little
3d6500823c Modernize People
Summary: Adds Crumbs, pht's, and checkout out mobile.

Test Plan: Added, removed people. Changed roles, checked iOS and Chrome.

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, Korvin

Differential Revision: https://secure.phabricator.com/D5052
2013-02-21 14:10:22 -08:00
Matt Robenolt
e6281c3db0 Add the ability to create a macro from a url
Test Plan: Enter in a url and create a macro. :)

Reviewers: epriestley

Reviewed By: epriestley

CC: epriestley, aran, dctrwatson, Korvin

Differential Revision: https://secure.phabricator.com/D5039
2013-02-21 12:51:28 -08:00
vrana
3c989590bf Remove object name from header
Summary: It's displayed right above it in the breadcrumbs including a link.

Test Plan: Looked at the pages.

Reviewers: chad, epriestley

Reviewed By: epriestley

CC: aran, epriestley, s.o.butler

Differential Revision: https://secure.phabricator.com/D5045
2013-02-21 11:00:22 -08:00
vrana
fbd41e4219 Move revisions without reviewers to author's queue
Summary:
If the revision doesn't have reviewers then it's really not waiting on someone else and the author must take an action.
An improvement would be to check if the reviewers are not disabled but that would require loading their handles.

Test Plan:
/
/differential/

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, Korvin, s.o.butler

Differential Revision: https://secure.phabricator.com/D5046
2013-02-21 10:13:40 -08:00
vrana
4f5e57283f Fix dynamic string usage as safe input
Summary: I somehow missed it.

Test Plan: /diffusion/PF/lint/master/

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, Korvin

Differential Revision: https://secure.phabricator.com/D4801
2013-02-21 00:53:34 -08:00
kwadwo
762ace810d Allow files to TTL and and be garbage collected
Summary: Added ttl field to files. Gabage collect files with expired ttl

Test Plan: created file with a ttl. Let garbage collector run

Reviewers: epriestley

CC: aran, Korvin

Differential Revision: https://secure.phabricator.com/D4987
2013-02-20 13:38:36 -08:00
epriestley
41b9752ba8 Fix an OAuthServer issue where an attacker could make a link function over HTTP when it should be HTTPS-only
Summary:
Two behavioral changes:

  - If the redirect URI for an application is "https", require HTTPS always.
  - According to my reading of http://tools.ietf.org/html/draft-ietf-oauth-v2-23#section-3.1.2 we need to check both names //and values// for parameters. Add value checking. I think this makes more sense in general? No one uses this, soooo...

iiam

Test Plan: This has good coverage already; added some tests for the new cases.

Reviewers: vrana

Reviewed By: vrana

CC: cbg, aran, btrahan

Differential Revision: https://secure.phabricator.com/D5022
2013-02-19 16:09:36 -08:00
vrana
2191e99b49 Delete unused variable 2013-02-19 16:08:04 -08:00
vrana
ee663afdeb Initialize variable in Next Step
Test Plan: None.

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, Korvin

Differential Revision: https://secure.phabricator.com/D5020
2013-02-19 16:07:09 -08:00
epriestley
2f66138464 Fix an open redirect issue in Phame with "View Live"
Summary: Currently, you can set a blog URI to "evil.com" and then the live controller will issue a redirect. Instead, require a CSRF check. If it fails, pop a "this blog has moved" dialog.

Test Plan:
  - Clicked "View Live" for in-app and on-domain blogs and posts.
  - Hit URI directly.

{F33302}

Reviewers: vrana

Reviewed By: vrana

CC: cbg, aran

Differential Revision: https://secure.phabricator.com/D5021
2013-02-19 16:04:54 -08:00
epriestley
17cabea1bc I am not good at computer
Auditors: vrana
2013-02-19 15:25:44 -08:00
epriestley
fb90d5ffed Add implicit CC rules to ApplicationTransactions
Summary: When you make a comment on an object (or take certain other actions), we want to automatically CC you. Build this into ApplicationTransactions since it's a common behavior shared across multiple apps. Fixes T2215.

Test Plan: Made a comment on a macro, got cc'd.

Reviewers: chad

Reviewed By: chad

CC: aran

Maniphest Tasks: T2215

Differential Revision: https://secure.phabricator.com/D5019
2013-02-19 15:20:28 -08:00
epriestley
db2c32acdf Don't fatal for diffs with no VCS
Auditors: vrana
2013-02-19 15:19:28 -08:00
Lauri-Henrik Jalonen
f1bd1da062 Moved rendering to PholioInlineCommentView
Summary:
Rendering of inline comments has now been moved to PholioInlineCommentView controller.
Delete almost deletes and edit... well not so much, but replaced google.fi with amazing popup.

Test Plan: Verified that inline comments still show up. Verified that delete almost deletes.

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, Korvin

Maniphest Tasks: T2446

Differential Revision: https://secure.phabricator.com/D4994

Conflicts:

	src/applications/pholio/controller/PholioInlineController.php
2013-02-19 14:14:40 -08:00
vrana
8eb404aea7 Avoid HTML escaping in plain text e-mails
Summary: Seen in e-mail from T2016.

Test Plan: None.

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, Korvin

Maniphest Tasks: T2432

Differential Revision: https://secure.phabricator.com/D5016
2013-02-19 14:02:35 -08:00
epriestley
0d38bca11f Fix function/method declaration lint in Phabricator. Automatic patches.
Auditors: vrana
2013-02-19 13:47:03 -08:00
epriestley
a22bea2a74 Apply lint rules to Phabricator
Summary: Mostly applies a new call spacing rule; also a few things that have slipped through via pull requests and such

Test Plan: `find src/ -type f -name '*.php' | xargs -n16 arc lint --output summary --apply-patches`

Reviewers: chad

Reviewed By: chad

CC: aran

Differential Revision: https://secure.phabricator.com/D5002
2013-02-19 13:33:10 -08:00
vrana
63f35ee94f Suggest branch name in Next Step
Summary: Is this correct for Mercurial?

Test Plan: Saw it.

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, Korvin

Differential Revision: https://secure.phabricator.com/D4957
2013-02-19 12:58:16 -08:00
vrana
9a3d0f71a3 Decrease commit identifier display length
Summary: We are running out of horizontal space, this should help a bit.

Test Plan: Homepage, revision.

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, Korvin

Differential Revision: https://secure.phabricator.com/D4518
2013-02-19 12:43:57 -08:00
epriestley
a5f031835c Notify users when an object they created gets awarded a token
Summary:
  - Publish feed/notification.
  - I think this is too lightweight for an email?
  - We don't tell them which token right now. Laziness? Or intentional aura of mystery?!
  - For tasks, notify both author and current owner.
  - Fixes T2562.

Test Plan: {F33187}

Reviewers: chad

Reviewed By: chad

CC: aran

Maniphest Tasks: T2562

Differential Revision: https://secure.phabricator.com/D5007
2013-02-18 17:44:45 -08:00
epriestley
50efcf1043 Fix double nav on Maniphest reports
Summary: Fixes T2311.

Test Plan: {F33161}

Reviewers: chad

Reviewed By: chad

CC: aran

Maniphest Tasks: T2311

Differential Revision: https://secure.phabricator.com/D5005
2013-02-18 11:44:42 -08:00
epriestley
cd41b834f7 Improve Diviner linking
Summary:
Do this somewhat reasonably:

  - For links to the same documentation book (the common case), go look up that the thing you're linking to actualy exists. If it doesn't, render a <span> which we can make have a red background and warn about later.
  - For links to some other book, just generate a link and hope it hits something. We can improve and augment this later.
  - For non-documentation links (links in comments, e.g.) just generate a query link into the Diviner app. We'll do a query and figure out where to send the user after they click the link. We could pre-resolve these later.

Test Plan: Generated documentation, saw it build mostly-correct links when objects were referenced correctly. Used preview to generate various `@{x:y|z}` things and made sure they ended up reasonable-looking.

Reviewers: chad

Reviewed By: chad

CC: aran

Maniphest Tasks: T988

Differential Revision: https://secure.phabricator.com/D5001
2013-02-18 09:44:43 -08:00
Edward Speyer
16accb591c STRICT_ALL_TABLES fix for a Herald column
Summary: Casting a PHP bool to a MySQL `TINYINT(1)`!

Test Plan: This broke during arc diff; with this patch, arc diff now works!

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, Korvin

Differential Revision: https://secure.phabricator.com/D4999
2013-02-18 16:58:35 +00:00
epriestley
4f2aa99248 Add "serviceName" and "serviceType" to bot and chat logger
Summary:
Make each adapter provide a "serviceType" (campfire, flowdock, IRC) and "serviceName" (irc network / chat server) so that we can disambiguate between, e.g., "#phabricator on EFNet" and "#phabricator on FreeNode".

Make the chatlog handler ship them over Conduit.

Also fix some "policy can not be null" bugs with chatlog recording.

Test Plan:
Verified data inserted correctly:

  mysql> select * from chatlog_channel;
  +----+------------------+-------------+--------------+------------+------------+-------------+--------------+
  | id | serviceName      | serviceType | channelName  | viewPolicy | editPolicy | dateCreated | dateModified |
  +----+------------------+-------------+--------------+------------+------------+-------------+--------------+
  |  1 | irc.freenode.net | IRC         | #phabricator | users      | users      |  1361201689 |   1361201689 |
  +----+------------------+-------------+--------------+------------+------------+-------------+--------------+
  1 row in set (0.00 sec)

  mysql> select * from chatlog_event where channelID = 1;
  +----+--------------+------------+------------+------+---------------+--------------------------------+-----------+
  | id | channel      | epoch      | author     | type | message       | loggedByPHID                   | channelID |
  +----+--------------+------------+------------+------+---------------+--------------------------------+-----------+
  | 45 | #phabricator | 1361201689 | epriestley | mesg | blip blip     | PHID-USER-5bt2phfepag4cdvjtzg5 |         1 |
  | 46 | #phabricator | 1361201700 | epriestley | mesg | boop boop bip | PHID-USER-5bt2phfepag4cdvjtzg5 |         1 |
  +----+--------------+------------+------------+------+---------------+--------------------------------+-----------+
  2 rows in set (0.00 sec)

Reviewers: Afaque_Hussain, indiefan

Reviewed By: Afaque_Hussain

CC: aran

Maniphest Tasks: T837

Differential Revision: https://secure.phabricator.com/D4996
2013-02-18 07:50:41 -08:00
epriestley
57a9c3f07c Improve Diviner handling of paths and remarkup
Summary:
  - Currently, the atomizers don't emit atoms with the right file in all cases. Make them always emit it correctly.
  - Currently, we use absolute paths in some cases and relative paths in other cases. Use them consistently: relative when storing/presenting, absolute when accessing data.
  - Don't preserve linebreaks when marking up documentation (documentation is generally wrapped at 80col, but should not be wrapped in this way when displayed).
  - Markup Diviner link rules (albeit uselesly).

Test Plan:
Before:

{F33044}

After:

{F33045}

Reviewers: chad

Reviewed By: chad

CC: aran

Maniphest Tasks: T988

Differential Revision: https://secure.phabricator.com/D4992
2013-02-17 15:40:44 -08:00
epriestley
dba42ec5c7 Allow Diviner to render quasi-documentation
Summary: Take a few more steps forward toward usability.

Test Plan: {F33040}

Reviewers: chad

Reviewed By: chad

CC: aran

Maniphest Tasks: T988

Differential Revision: https://secure.phabricator.com/D4991
2013-02-17 15:40:24 -08:00
epriestley
a5fb482a00 Add a ref cache and index construction to Diviner
Summary: Cache refs in a single large index; rebuild the main index from them.

Test Plan: {F32334}

Reviewers: btrahan, vrana, chad

Reviewed By: chad

CC: aran

Maniphest Tasks: T988

Differential Revision: https://secure.phabricator.com/D4900
2013-02-17 15:40:11 -08:00
epriestley
c7e12c6a85 Add a publish cache for the Diviner static publisher
Summary: Keep track of what we've written to disk, and regenerate only new documents.

Test Plan: Changed a small number of files, saw that number of files get regenerated. Ran with "--clean" and saw everything regenerate.

Reviewers: btrahan, vrana, chad

Reviewed By: chad

CC: aran

Maniphest Tasks: T988

Differential Revision: https://secure.phabricator.com/D4897
2013-02-17 15:40:00 -08:00
epriestley
bcc082a01e Move Diviner further toward usability
Summary:
  - Complete the "project" -> "book" stuff. This is cleaner conceptually and keeps us from having yet another meaning for the word "project".
  - Normalize symbols during atomization. This simplifies publishing a great deal, and allows static documentation to link to dynamic documentation and vice versa, because the canonical names of symbols are agreed upon (we can tweak the actual algorithm).
  - Give articles a specifiable name distinct from the title, and default to something like "support" instead of "Get Help! Get Support!" so URIs end up more readable (not "Get_Help!_Get_Support!").
  - Have the atomizers set book information on atoms.
  - Implement very basic publishers. Publishers are basically glue code between the atomization process and the rendering process -- the two we'll have initially are "static" (publish to files on disk) and "phabricator" (or similar -- publish into the database).
  - Handle duplicate symbol definitions in the atomize and publish pipelines. This fixes the issue where a project defines two functions named "idx()" and we currently tell them not to do that and break. Realistically, this is common in the real world and we should just roll our eyes and do the legwork to generate documentation as best we can.
  - Particularly, dirty all atoms with the same name as a dirty atom (e.g., if 'function f()' is updated, regnerate the documentation for all functions named f() in the book).
  - When publishing, we publish these at "function/f/@1", "function/f/@2". The base page will offer to disambiguate ("There are 8 functions named 'f' in this codebase, which one do you want?").
  - Implement a very very basic renderer. This generates the actual HTML (or text, or XML, or whatever else) for the documentation, which the publisher dumps onto disk or into a database or whatever.
  - The atomize workflow actually needs to depend on books, at least sort of, so make it load config and use it properly.
  - Propagate multilevel dirties through the graph. If "C extends B" and "B extends A", we should regenerate C when A changes. Prior to this diff, we would regnerate B only.

Test Plan: Generated some documentation. Named two articles "feedback", generated docs, saw "article/feedback/@1/" and "article/feedback/@2/" created.

Reviewers: btrahan, vrana, chad

Reviewed By: chad

CC: aran

Maniphest Tasks: T988

Differential Revision: https://secure.phabricator.com/D4896
2013-02-17 15:39:36 -08:00
epriestley
c2642c8a40 Remove redundant translations
Summary:
  - Remove some redundant copies of translations after D4985.
  - Make some %d more grammatical, "run this command" reads better than "run this 1 command". In context, these numbers are always very small, so counting them even in the >1 variants aren't useful.
  - Fix subscriber(s).

Test Plan: Looked at an unsubscribe story, saw translation.

Reviewers: chad

Reviewed By: chad

CC: aran

Differential Revision: https://secure.phabricator.com/D4989
2013-02-17 09:13:40 -08:00
epriestley
0ca7c77c10 Integrate subscriptions with ApplicationTransactions
Summary: Fixes T2214. For objects which support ApplicationTransaction, use ApplicationTransactions to apply subscription action changes. Principally, this makes clicking "Subscribe" / "Unsubscribe" appear correctly in the transaction log.

Test Plan: Clicked "Subscribe" and "Unsubscribe" a on Macros and Mocks.

Reviewers: chad

Reviewed By: chad

CC: aran

Maniphest Tasks: T2214

Differential Revision: https://secure.phabricator.com/D4986
2013-02-17 06:37:09 -08:00
epriestley
2231e5200a Implement basic transaction detail blocks
Summary:
Some transactions (like editing configuration values, task descriptions, or Conpherence images) can't be simply explained and need an additional larger element to show them fully (like a text diff).

Support change details like this in ApplicationTransactions. Implements the element in Config, so you can see changes.

Test Plan: {F32974}

Reviewers: chad

Reviewed By: chad

CC: aran

Maniphest Tasks: T2213

Differential Revision: https://secure.phabricator.com/D4984
2013-02-17 06:37:02 -08:00
epriestley
dad7c65bf5 Fix some bot issues
Summary:
  - Deprecate differentialnotification in favor of feednotification; it's strictly better.
  - Fix feed notification + channels.
  - Fix rendering of new-style stories (pholio, macro), which currently fatal.

Test Plan: See chatlog.

Reviewers: codeblock, indiefan

Reviewed By: codeblock

CC: aran

Differential Revision: https://secure.phabricator.com/D4981
2013-02-15 17:10:51 -08:00
epriestley
02f7ece868 Fix overescaping in Paste
Summary:
Two issues:

  - When we read the content out of cache, it has lost its "safe html" flag, since the cache is raw-string oriented. Restore it.
  - explode() isn't safe-html-safe. Use phutil_split_lines() instead, which is.

Test Plan: Looked at /paste/

Reviewers: codeblock, chad

Reviewed By: codeblock

CC: aran

Differential Revision: https://secure.phabricator.com/D4980
2013-02-15 16:38:46 -08:00
Afaque Hussain
6c1043cf58 Populating Channel Id's
Summary: Modified the conduitAPI_chatlog_record method to populate channel Id's

Test Plan: Check if the new chatlog channel table is getting populated with entries

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, Korvin

Differential Revision: https://secure.phabricator.com/D4979
2013-02-15 16:01:06 -08:00
Deedy
638d1b4447 Renders the last 100 conpherence transactions only
Summary: Fixed T2428 a little bit

Test Plan: On trial, only the last n transactions loaded as hardcoded in ConpherenceViewController.php. Button was rendered.

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, Korvin

Maniphest Tasks: T2428

Differential Revision: https://secure.phabricator.com/D4898
2013-02-15 14:06:41 -08:00
Chad Little
9da0a460b6 Add 'My Mocks' filter to Pholio
Summary: Add the ability to filter Pholio on Mocks I added.

Test Plan: Went to test user account, no mocks, went to my account, saw mocks.

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, Korvin

Differential Revision: https://secure.phabricator.com/D4974
2013-02-15 10:52:41 -08:00
Chad Little
b80f5e9105 Pholio touchups
Summary: Added crumbs, phts some things, made mobile menus work.

Test Plan: Review Pholio in sb and ios.

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, Korvin

Maniphest Tasks: T2531

Differential Revision: https://secure.phabricator.com/D4973
2013-02-15 10:17:31 -08:00
epriestley
ef7cc5df24 Increase pholio thumb size
Summary: Fixes T2548.

Test Plan: {F32894}

Reviewers: chad

Reviewed By: chad

CC: aran

Maniphest Tasks: T2548

Differential Revision: https://secure.phabricator.com/D4972
2013-02-15 08:19:24 -08:00
epriestley
6124865c56 Minor phutil_tag/HTML fixes
Summary:

  - In stack traces, a `,` should clearly be a `.`.
  - In Calendar, a 'td' got swapped with a 'p' somewhere.
  - In old-style transaction views, strlen() is no longer a sufficient test.

Test Plan:

  - Verified stack traces render correctly.
  - Verified calendar renders correctly.
  - Verified Maniphest transactions with no comment no longer have a little empty div a few pixels high.

Reviewers: chad

Reviewed By: chad

CC: aran

Differential Revision: https://secure.phabricator.com/D4971
2013-02-15 08:14:31 -08:00
kwadwo
d8d16ece5e data in PhabricatorFile hashed using sha1
Summary: Hash file content using sha1

Test Plan: None provided

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, Korvin

Differential Revision: https://secure.phabricator.com/D4969
2013-02-15 07:47:50 -08:00
epriestley
49c40d209d Tokens v1
Summary:
Features!

  - Giving tokens.
  - Taking tokens back.
  - Not giving tokens.

Test Plan: See screenshots.

Reviewers: chad, vrana

Reviewed By: chad

CC: aran, btrahan

Maniphest Tasks: T2541

Differential Revision: https://secure.phabricator.com/D4964
2013-02-15 07:47:14 -08:00
Chad Little
2c5c6f5915 Fix layout when no project blurb exists.
Summary: If no description, just move other attributes up.

Test Plan: Add a Project with no description, layout looks normal now.

Reviewers: epriestley, btrahan

Reviewed By: epriestley

CC: aran, Korvin

Differential Revision: https://secure.phabricator.com/D4962
2013-02-14 13:55:48 -08:00
epriestley
f5aa92ecda Fix Phame escaping issue
Summary: Fixes blog.phacility.com, etc. There's bascially no plausible way we can do better here, especially once we get the Wordpress "API" up and running.

Test Plan: patched secure.phabricator.com live

Reviewers: vrana

Reviewed By: vrana

CC: aran

Differential Revision: https://secure.phabricator.com/D4958
2013-02-14 13:09:47 -08:00
Chad Little
fb32a64d84 Convert Projects to use ObjectItemList
Summary: Converts the old table to a new item list, also added ability to link icons on right side of item stack.

Test Plan: Tested adding removing, sorting of projects both active and inactive.

Reviewers: epriestley, btrahan

Reviewed By: epriestley

CC: aran, Korvin

Differential Revision: https://secure.phabricator.com/D4960
2013-02-14 13:07:35 -08:00
Afaque Hussain
73991bb262 Added channel ID to events
Summary: Added a column channelID column to phabricator_chatlog.chatlog_event

Test Plan: Checked through mysql to see if table is updated

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, Korvin

Differential Revision: https://secure.phabricator.com/D4956
2013-02-14 12:27:18 -08:00
Evan Priestley
dea1a9585c Merge pull request #237 from dmrenie/master
Fix 'View Full Commit History' link
2013-02-14 07:25:47 -08:00
Evan Priestley
60cb9e1cfb Merge pull request #267 from taichi/escape_file_path
escape svn repository file paths.
2013-02-14 07:00:29 -08:00
Afaque Hussain
7b133b8bf2 Added a new storage object
Summary: Added a new storage object. Created PhabricatorChagLogChannel

Test Plan: Will be specified by Evan :P

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, Korvin

Differential Revision: https://secure.phabricator.com/D4943
2013-02-14 05:07:36 -08:00
Chad Little
a05ee0d743 Moderize Slowvote
Summary: phts everywhere, crumbs, and mobile views.

Test Plan: Created Questions, Voted, tested Chrome and iOS, Looked at ALLCAPS

Reviewers: epriestley, btrahan

Reviewed By: epriestley

CC: aran, Korvin

Differential Revision: https://secure.phabricator.com/D4938
2013-02-13 16:47:24 -08:00
vrana
6ae4066d18 Kill phutil_render_tag()
Summary: Fixes some double escaping.

Test Plan: None.

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, Korvin

Maniphest Tasks: T2432

Differential Revision: https://secure.phabricator.com/D4945
2013-02-13 16:32:13 -08:00
epriestley
4f42d85c1c Use a serialize()-based cache instead of a JSON-based cache for changesets
Summary: These are full of PhutilSafeHTML objects now, which are destroyed by JSON serialization.

Test Plan: Dropped cache, then reloaded pages.

Reviewers: vrana

Reviewed By: vrana

CC: aran

Differential Revision: https://secure.phabricator.com/D4942
2013-02-13 14:45:57 -08:00
epriestley
262abd39bc Fix undefined variable "none"
Summary: Assuming this is right?

Test Plan: No more exception error when viewing a revision.

Reviewers: vrana

Reviewed By: vrana

CC: aran

Differential Revision: https://secure.phabricator.com/D4937
2013-02-13 13:40:46 -08:00
vrana
b08cdf4599 Add missing hsprintf() after merge
Summary: rP4bd2ad

Test Plan: None.

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, Korvin

Differential Revision: https://secure.phabricator.com/D4939
2013-02-13 13:30:13 -08:00
epriestley
4bd2ad9270 Merge branch 'master' into phutil_tag
Auditors: vrana
2013-02-13 12:42:57 -08:00
vrana
4eb84149c2 Convert everything to safe HTML
Summary: Sgrepped for `"=~/</"` and manually changed every HTML.

Test Plan: This doesn't work yet but it is hopefully one of the last diffs before Phabricator will be undoubtedly HTML safe.

Reviewers: epriestley

CC: aran, Korvin

Maniphest Tasks: T2432

Differential Revision: https://secure.phabricator.com/D4927
2013-02-13 12:35:40 -08:00
vrana
718d22d607 Convert Remarkup to safe HTML
Test Plan: None.

Reviewers: epriestley

CC: aran, Korvin

Maniphest Tasks: T2432

Differential Revision: https://secure.phabricator.com/D4919
2013-02-13 12:34:49 -08:00
Afaque Hussain
2dab1c1e42 Made conduit permanently installed
Summary: Made conduit permanently installed

Test Plan: Tried to uninstall conduit from applications app and I couldn't :)

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, Korvin

Differential Revision: https://secure.phabricator.com/D4935
2013-02-13 12:21:50 -08:00
Chad Little
2591b4bc77 pht for Paste
Summary: Fill in missing pht's for Paste

Test Plan: Review Paste in ALLCAPS.

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, Korvin

Differential Revision: https://secure.phabricator.com/D4934
2013-02-13 11:47:31 -08:00
vrana
5ad526942b Convert AphrontPanelView to safe HTML (except children)
Summary: Fixes some double escaping and potential XSS.

Test Plan: Looked at homepage.

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, Korvin

Maniphest Tasks: T2432

Differential Revision: https://secure.phabricator.com/D4917
2013-02-13 10:30:32 -08:00
Chad Little
b4d69800f9 Moderize Projects
Summary: Add mobile menus, PHTs and clean up panels. There is a litle more to do, but will tackle feed, etc in another diff.

Test Plan: Test Project filters on Chrome and iOS browser.

Reviewers: epriestley, btrahan

Reviewed By: epriestley

CC: aran, Korvin

Differential Revision: https://secure.phabricator.com/D4931
2013-02-13 09:22:14 -08:00
Afaque Hussain
829fa6664f Created Chat log application class
Summary: Created a chat log application which displays on the home page.

Test Plan: Loaded the home page to see if the chat log application really shows up on the home page.

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, Korvin

Differential Revision: https://secure.phabricator.com/D4930
2013-02-13 07:28:14 -08:00
Lauri-Henrik Jalonen
29d6180e35 Show drafts and inline comments
Summary:
Show drafts for users that made them.
Show inline comments beside image, highlights them when user mouseovers selection.
Allow users that can view mock to add inline comment instead of only allowing users that can edit mock to add inline comment.

Test Plan:
Verified that inline comments are shown beside image. Verified that only drafts for current user are shown. Verified that inline comment is
highlithed when user mouseovers their selection.

Reviewers: epriestley

CC: aran, Korvin

Maniphest Tasks: T2446

Differential Revision: https://secure.phabricator.com/D4929
2013-02-13 07:23:51 -08:00
taichi
21ddd3a73f escape svn repository file paths. 2013-02-13 19:30:11 +09:00
vrana
5a9e834658 Dont display empty other locations of lint errors 2013-02-12 14:01:27 -08:00
vrana
80fb84bd94 Convert PhabricatorTransactionView to safe HTML
Test Plan: Looked at revision detail with comments.

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, Korvin

Differential Revision: https://secure.phabricator.com/D4915
2013-02-11 19:01:20 -08:00
vrana
868ca71451 Fix some HTML problems
Summary: I'm too lazy to attaching them for diffs where they were introduced.

Test Plan:
/
/D1, wrote comment with code snippet
DarkConsole
commit detail, wrote comment
task detail, wrote comment

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, Korvin

Maniphest Tasks: T2432

Differential Revision: https://secure.phabricator.com/D4911
2013-02-11 18:18:26 -08:00
vrana
8c71815028 Merge renderChildren() and renderHTMLChildren()
Summary: `renderChildren()` now returns array which isn't ideal but I prefer it to having two methods.

Test Plan: None.

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, Korvin

Differential Revision: https://secure.phabricator.com/D4910
2013-02-11 18:18:23 -08:00
vrana
ae4e5807d6 Merge renderSingleView() and renderHTMLView()
Summary: They are same because render() returns safe HTML and raw strings are automatically escaped.

Test Plan: None.

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, Korvin

Differential Revision: https://secure.phabricator.com/D4909
2013-02-11 18:18:21 -08:00
vrana
c9ab1fe505 Return safe HTML from all render()
Summary:
This is pretty brutal and it adds some `phutil_safe_html()`.
But it is a big step in the right direction.

Test Plan: None.

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, Korvin

Maniphest Tasks: T2432

Differential Revision: https://secure.phabricator.com/D4905
2013-02-11 18:18:18 -08:00
epriestley
edaff9e2a3 Improve description of "Show Filetree"
Summary: Clearer?

Test Plan: Read it.

Reviewers: nh

Reviewed By: nh

CC: aran

Differential Revision: https://secure.phabricator.com/D4908
2013-02-11 15:58:32 -08:00
vrana
37b98450a5 Replace array_interleave() by phutil_implode_html()
Summary:
I like this abstraction better.
Result of `phutil_implode_html()` may be also used as a param of `hsprintf()`.

Test Plan: None.

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, Korvin

Differential Revision: https://secure.phabricator.com/D4904
2013-02-11 15:27:43 -08:00
vrana
a22ef4e9b4 Kill most of phutil_escape_html()
Summary:
This resolves lots of double escaping.
We changed most of `phutil_render_tag(, , $s)` to `phutil_tag(, , $s)` which means that `$s` is now auto-escaped.
Also `pht()` auto escapes if it gets `PhutilSafeHTML`.

Test Plan: None.

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, Korvin

Maniphest Tasks: T2432

Differential Revision: https://secure.phabricator.com/D4889
2013-02-11 15:27:38 -08:00
epriestley
ca0d6aca10 Add separate exception for when the repository clone is unreadable.
Summary: Show a more specific exception when the local clone cannot be read because of permission issues.

Test Plan: Create a repository in an unreadable location and check for the right exception.

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, Korvin

Maniphest Tasks: T2368

Differential Revision: https://secure.phabricator.com/D4868
2013-02-11 08:35:00 -08:00
kwadwo
76aee9985a Conduit file upload method that takes in the files content hash and name. Returns the file phid if successful. Updates to phutil library map.
Summary: Conduit method to upload a a new file using a hash

Test Plan: Try uploading a file using its content hash

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, Korvin

Differential Revision: https://secure.phabricator.com/D4899
2013-02-11 06:30:02 -08:00
vrana
b72e7969a1 Move Pygments handling to libphutil
Test Plan: None.

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, Korvin

Differential Revision: https://secure.phabricator.com/D4875
2013-02-09 15:19:55 -08:00
vrana
9b8da73765 Convert AphrontTableView to safe HTML
Summary:
Lots of killed `phutil_escape_html()`.

Done by searching for `AphrontTableView` and then `$rows` (usually) backwards.

Test Plan:
Looked at homepage.

  echo id(new AphrontTableView(array(array('<'))))->render();

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, Korvin

Differential Revision: https://secure.phabricator.com/D4884
2013-02-09 15:11:38 -08:00
vrana
58b6e2cac6 Convert AphrontDialogView to safe HTML
Summary:
Done by searching for `AphrontDialogView` and then `appendChild()`.

Also added some `pht()`.

Test Plan: None.

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, Korvin

Differential Revision: https://secure.phabricator.com/D4882
2013-02-09 15:11:35 -08:00
vrana
e4736bf977 Avoid double escaping in error view title
Summary: Searched for `AphrontErrorView` and then for `setTitle()`.

Test Plan: None.

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, Korvin

Maniphest Tasks: T2432

Differential Revision: https://secure.phabricator.com/D4880
2013-02-09 15:11:33 -08:00
epriestley
879c14e13a Consolidate HTTP header access
Summary: Route all `$_SERVER['HTTP_...']` stuff through AphrontRequest (it would be nice to make this non-static, but the stack is a bit tangled right now...)

Test Plan: Verified CSRF and cascading profiling. `var_dump()`'d User-Agent and Referer and verified they are populated and returned correct values when accessed. Restarted server to trigger setup checks.

Reviewers: vrana

Reviewed By: vrana

CC: aran

Differential Revision: https://secure.phabricator.com/D4888
2013-02-09 15:01:57 -08:00
epriestley
27a537c15f When viewing a thread with no picture, load no images instead of all images
Summary:
Currently, we select every file when looking at a thread with no splash image.

(Possibly the Query stuff should try to catch this.)

Test Plan: No more `SELECT * FROM files` query.

Reviewers: chad, btrahan, vrana

Reviewed By: vrana

CC: aran

Differential Revision: https://secure.phabricator.com/D4887
2013-02-09 13:28:51 -08:00
epriestley
4a3a4fdea3 Make Conpherence a lot faster
Summary: Remove a sleep().

Test Plan: Thread cost dropped from ~1s to ~70ms for a test thread based on profiling after D4885.

Reviewers: btrahan, chad, vrana

Reviewed By: chad

CC: aran

Differential Revision: https://secure.phabricator.com/D4886
2013-02-09 13:00:06 -08:00
Nick Pellegrino
628bef0771 Default to right status when viewing a config 'class' option
Summary: T2361

Test Plan:
Set value to metamta.mail-adapter and reload page.  Defaults to assigned value.
Performed same test with metamta.can-send-as-user to check that functionality is not broken for config 'boolean' options.

Reviewers: epriestley

Reviewed By: epriestley

CC: kwadwon, aran, Korvin

Maniphest Tasks: T2361

Differential Revision: https://secure.phabricator.com/D4881
2013-02-09 11:03:57 -08:00
Chad Little
2cc1da20e7 Mobile-ize Phriction
Summary: Walk through using Phriction on mobile, cleaned up missing conversion.

Test Plan: View History, edit document, create document, delete document.

Reviewers: epriestley, btrahan

Reviewed By: epriestley

CC: aran, Korvin

Differential Revision: https://secure.phabricator.com/D4872
2013-02-09 08:36:28 -08:00
kwadwo
9d031a51df Files now share storage. New files are written only if no other files have the same contentHash. Storage is only deleted if no other file is sharing it.
Summary: Storage is shared between files in a smart way. When uploading files, if other file have the same contentHash, then share storage. On delete, storage is permanently deleted only if no other files are sharing it

Test Plan: Upload multiple copies of the same file, while tracking database. Delete copies of files and check to see that the storage is only deleted if no other files are using it

Reviewers: epriestley

CC: aran, Korvin

Maniphest Tasks: T2454

Differential Revision: https://secure.phabricator.com/D4775
2013-02-09 07:03:58 -08:00
epriestley
3dd5d693c8 Fix double escaping in Pholio subscribers
Summary:
Fallout from D4822. We now escape text by default, and imploding links causes double-escaping. See here for details:

http://www.phabricator.com/docs/phabricator/article/Rendering_HTML.html

Test Plan: {F32100}

Reviewers: ljalonen, chad, btrahan, vrana

Reviewed By: ljalonen

CC: aran

Differential Revision: https://secure.phabricator.com/D4878
2013-02-09 06:51:47 -08:00
epriestley
7ec8e885e1 Merge branch 'master' into phutil_tag
(Final final sync.)
2013-02-08 17:29:32 -08:00
vrana
d817dfa8fc Convert some phutil_escape_html() to hsprintf()
Summary: Found by `sgrep_php -e '"...".phutil_escape_html(...)'`.

Test Plan:
/
/D1
/uiexample/
/countdown/1/
/herald/transcript/1/all/

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, Korvin

Maniphest Tasks: T2432

Differential Revision: https://secure.phabricator.com/D4869
2013-02-08 15:59:02 -08:00
epriestley
51947ac332 Make diviner documentation generation book-oriented
Summary:
I want to allow a single project to generate multiple "books" of documentation, so we can separate user-facing documentation from technical documentation and such.

Generalize the ".divinerconfig" file into a "diviner book" configuration file.

Since only the "generate" workflow actually reads any of this stuff, move it all down into the generate workflow.

Also, namespace the cache.

Test Plan: Ran `bin/diviner generate --book src/docs/user.book`, saw appropriate output. Verified cache generated in a namespace in `.divinercache/`.

Reviewers: btrahan, indiefan

Reviewed By: btrahan

CC: aran

Maniphest Tasks: T988

Differential Revision: https://secure.phabricator.com/D4857
2013-02-08 10:48:30 -08:00
Chad Little
51dfeb7950 pht for phriction
Summary: Scan all phriction app files for text to pht

Test Plan: Use phriction in ALL CAPS, seems reasonably usable.

Reviewers: epriestley, btrahan

Reviewed By: epriestley

CC: aran, Korvin

Differential Revision: https://secure.phabricator.com/D4862
2013-02-08 09:54:27 -08:00
Afaque Hussain
9c19e9b7d8 Preserving the Animation of Gif Images
Summary: Preserving animation of GIF profile Pictures

Test Plan: Uploaded Animated images as profile pictures to check if the animation of gif images is preserved and it does :) somewhat !

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, Korvin

Differential Revision: https://secure.phabricator.com/D4833
2013-02-08 09:42:28 -08:00
Chad Little
cc084822da Remove panel background in Phriction
Summary: For consistency, remove panel backgrounds on forms.

Test Plan: Reload pages

Reviewers: btrahan, epriestley

Reviewed By: epriestley

CC: aran, Korvin

Differential Revision: https://secure.phabricator.com/D4863
2013-02-08 08:00:17 -08:00
Lauri-Henrik Jalonen
bed728f23e Show saved inline comments
Summary: Saved inline comments are now shown for images.

Test Plan: Verified that inline comments are loaded and shown.

Reviewers: epriestley

CC: aran, Korvin

Maniphest Tasks: T2446

Differential Revision: https://secure.phabricator.com/D4866
2013-02-08 07:40:55 -08:00
vrana
7063ee638e Pass actor to revision unsubscriber editor
Summary: I wonder how I tested this.

Test Plan: Subscribed, unsubscribed.

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, Korvin

Differential Revision: https://secure.phabricator.com/D4860
2013-02-07 18:19:19 -08:00
vrana
138da5a279 Kill some PhutilSafeHTML
Summary: Also couple of unrelated Ponder changes.

Test Plan: /Q5

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, Korvin

Differential Revision: https://secure.phabricator.com/D4858
2013-02-07 18:01:01 -08:00
vrana
7dd19ba93f Convert AphrontFormLayoutView to safe HTML
Summary: Searched for `AphrontFormLayoutView` and then `appendChild()`.

Test Plan: /V1

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, Korvin

Maniphest Tasks: T2432

Differential Revision: https://secure.phabricator.com/D4856
2013-02-07 18:01:00 -08:00
vrana
afc5333bb3 Convert AphrontFormView to safe HTML
Summary: Searched for `AphrontFormView` and then for `appendChild()`.

Test Plan: /login/

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, Korvin

Maniphest Tasks: T2432

Differential Revision: https://secure.phabricator.com/D4855
2013-02-07 18:01:00 -08:00
vrana
85961c8eca Convert AphrontFormInsetView to safe HTML
Summary: Done by searching for `AphrontFormInsetView` and verifying all method calls.

Test Plan: /repository/edit/1/tracking/

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, Korvin

Maniphest Tasks: T2432

Differential Revision: https://secure.phabricator.com/D4845
2013-02-07 18:00:59 -08:00
vrana
059920c2da Convert AphrontErrorView to safe HTML
Summary: Done by searching for `AphrontErrorView` and then `appendChild()`.

Test Plan:
Looked at Commit Detail.
Looked at Revision Detail.

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, Korvin

Maniphest Tasks: T2432

Differential Revision: https://secure.phabricator.com/D4843
2013-02-07 17:26:01 -08:00
Nick Harper
714a3cc536 Catch exception in differential
Summary:
This masks possible configuration issues and slightly degrades functionality
with the tradeoff of having differential work when phabricator isn't quite
configured correctly.

Test Plan:
remove directory for a repository, load differential revision from that repo,
and see differential load.

Reviewers: epriestley, vrana

Reviewed By: epriestley

CC: aran, Korvin

Maniphest Tasks: T2512

Differential Revision: https://secure.phabricator.com/D4859
2013-02-07 16:59:14 -08:00
Bob Trahan
275f708f14 Conpherence - make messages to btrahan@metamta.domain start conpherences
Summary: I'm not super happy with the prettiness of the code, but I wasn't able to come up with a good way to clean it up. Happy for suggestions.

Test Plan: sent message to btrahan@phabricator.dev from gmail. Copied raw email and piped it to mail_handler.php -- it created a conpherence! Repeated but sent to btrahan and xerxes and noted that the conpherence was created for both users

Reviewers: epriestley, chad

Reviewed By: epriestley

CC: aran, Korvin

Maniphest Tasks: T2431

Differential Revision: https://secure.phabricator.com/D4854
2013-02-07 15:17:11 -08:00
Chad Little
4cafbbc525 Fix IE7 and IE8 issues.
Summary: Resolves submit issues in IE7, scrollbars in IE7 and homepage layout issues in IE7 and IE8.

Test Plan: used IE7 and IE8. Logged in, bounced around. Checked Chrome as well.

Reviewers: epriestley, btrahan

Reviewed By: epriestley

CC: aran, Korvin

Maniphest Tasks: T2469, T2470

Differential Revision: https://secure.phabricator.com/D4853
2013-02-07 13:41:46 -08:00
Bob Trahan
07f72cf463 Fix conpherence name clearing bug
Summary: pre-patch, when you upload a photo if the conphernece has a name it gets cleared. Post patch this no longer happens. Patch also makes the case where you delete the conpherence name have more sensical text.

Test Plan: named a conpherence, uploaded an image, verified the name stayed the same. Deleted a conpherence name by changing the text to nothing and verified it work correctly, including having good transaction text.

Reviewers: epriestley, chad

Reviewed By: epriestley

CC: aran, Korvin

Maniphest Tasks: T2399

Differential Revision: https://secure.phabricator.com/D4852
2013-02-07 11:17:20 -08:00
epriestley
11bb8db970 Merge branch 'master' into phutil_tag
(Sync.)
2013-02-07 08:08:01 -08:00
Lauri-Henrik Jalonen
3ce3f5d368 Drafts are saved as inline comments for images when user comments mock
Summary: Drafts are saved as inline comments for images when user comments mock.

Test Plan: Verified that drafts receive transactionphid when user comments mock.

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, Korvin

Maniphest Tasks: T2446

Differential Revision: https://secure.phabricator.com/D4850
2013-02-07 08:02:52 -08:00
epriestley
5b39bbe71b Batch Conpherence access to markup cache
Summary: Bulk process markup instead of doing them one at a time. Fixes T2504.

Test Plan: Viewed service profile, saw a single call for all the cache entries.

Reviewers: btrahan

Reviewed By: btrahan

CC: aran

Maniphest Tasks: T2504

Differential Revision: https://secure.phabricator.com/D4844
2013-02-06 17:53:51 -08:00
vrana
f864d9e611 Fix double escaping in phutil_tag
Summary:
I wasn't able to reproduce the "recursion detected" in real web request but I saw lots of 1073741824 refcounts in `debug_zval_dump()` of $object.
I'm not sure how that happens.

Test Plan: D4807#4

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, Korvin

Maniphest Tasks: T2432

Differential Revision: https://secure.phabricator.com/D4839
2013-02-06 15:21:05 -08:00
Bob Trahan
1cde41b994 Conpherence - add crop
Summary:
mainly, this adds the image cropper - yay!

 - also removes the file image from the handle stuff I added in V1. now we do all this crazy photo stuff.

Test Plan:
 - uploaded a photo by dragging to header and noted 120 x 80 showed up on reload
 - uploaded a photo by dragging to edit dialogue spot and noted 120 x 80 showed up on reload
 - cropped a photo - noted it cropped right
 - cropped a photo again and again and again - seems like it crops okay

Reviewers: epriestley, chad

Reviewed By: epriestley

CC: aran, Korvin

Maniphest Tasks: T2418, T2399

Differential Revision: https://secure.phabricator.com/D4790
2013-02-06 14:03:52 -08:00
epriestley
361ce491f2 Make file storage more testable
Summary: Fixes T2474. Adds a storage dummy storage engine for unit tests, and adds a couple of simple tests for basic file storage.

Test Plan: Ran `arc unit` to execute unit tests.

Reviewers: kwadwon

Reviewed By: kwadwon

CC: aran

Maniphest Tasks: T2474

Differential Revision: https://secure.phabricator.com/D4777
2013-02-06 13:37:42 -08:00
epriestley
e518135dfb Improve STRICT_ALL_TABLES warning
Summary:
  - Make the warning describe rationale and point at the MySQL manual explicitly.
  - Add a reference to the developer mode config, in case the user wants to resolve the probelm by disabling developer mode.
  - Now that the message is huge, provide a summary.
  - Move from "Database" to "MySQL" setup checks -- this is kind of arbitrary, but the former is used for fatals (pre-install) and the latter for warnings (post-install) right now. This has no practical impact on anything and is purely stylistic.

Test Plan:
{F31798}

{F31799}

Reviewers: edward, blc

Reviewed By: edward

CC: aran

Differential Revision: https://secure.phabricator.com/D4835
2013-02-06 13:37:31 -08:00
Lauri-Henrik Jalonen
57c001f522 Select portions from mock
Summary: Comment draft is now saved

Test Plan: Verified that draft is saved

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, Korvin, chad

Maniphest Tasks: T2446

Differential Revision: https://secure.phabricator.com/D4831
2013-02-06 11:28:04 -08:00
Toby Hughes
1188876ea9 Fix exception in OAuthServerAuthController
Summary:
We've been building a Jenkins plugin that allows you to use your Phabricator login details in Jenkins using the inbuilt OAuthServer. I noticed that when making a request to /oauthserver/auth/?client_id=&response_type=code I get an error back from the server.

I've traced this down to two bugs in PhabricatorOAuthServerAuthController, the first causes a null value error on $access_token_uri, and the second fails on userHasAuthorizedClient without a $scope array.

Test Plan: Go to /oauthserver/auth/?client_id=<client_id>&response_type=code and get a valid authorization code back

Reviewers: epriestley, btrahan

Reviewed By: btrahan

CC: aran, Korvin

Differential Revision: https://secure.phabricator.com/D4808
2013-02-06 09:00:01 -08:00
epriestley
24ced7e7bd Expose commit information via conduit instead of user information
Summary:
After D4825, this information is often available to us in a safe way. Provide it explictly.

This removes or reduces functionality in some cases, but I think we can plug those holes with Conpherence addresses and/or explicit user acknowledgement/config.

Test Plan: Patched a commit with `arc patch` and got the original address out.

Reviewers: btrahan, edward, vrana

Reviewed By: btrahan

CC: aran

Differential Revision: https://secure.phabricator.com/D4828
2013-02-05 20:10:57 -08:00
vrana
2f508bf0dc Delete some phutil_safe_html()
Test Plan: Displayed revision.

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, Korvin

Maniphest Tasks: T2432

Differential Revision: https://secure.phabricator.com/D4829
2013-02-05 15:52:48 -08:00
vrana
6bb7a282b1 Convert AphrontFormControl to safe HTML
Summary: Everything here now should properly handle plain strings and safe HTML.

Test Plan: /settings/panel/display/

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, Korvin

Maniphest Tasks: T2432

Differential Revision: https://secure.phabricator.com/D4826
2013-02-05 15:52:46 -08:00
vrana
be4662e667 Convert setCaption() to safe HTML
Test Plan: /settings/panel/display/

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, Korvin

Maniphest Tasks: T2432

Differential Revision: https://secure.phabricator.com/D4824
2013-02-05 15:52:43 -08:00
vrana
bcf9b9d4a7 Convert some phutil_escape_html() to hsprintf()
Summary:
In the second phase, I want to get rid of the most of `phutil_escape_html()` calls in favor of plain strings or `PhutilSafeHTML`.
This is an example of how it could look.

Test Plan: /api/user.whoami

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, Korvin

Maniphest Tasks: T2432

Differential Revision: https://secure.phabricator.com/D4823
2013-02-05 15:52:41 -08:00
Bob Trahan
cb38ab27ce fix find / replace error from addressing feedback in D4708. now links to tasks work again. 2013-02-05 13:48:31 -08:00
Bob Trahan
1d0058abcf Update PeopleMenu to only show integration with applications if they are installed
Summary: do so via event engine. note different order now...

Test Plan: toggled "show beta applications" to off and noted that Conpherence disappeared. Otherwise noted that links showed.

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, Korvin

Maniphest Tasks: T2424

Differential Revision: https://secure.phabricator.com/D4708
2013-02-05 13:46:02 -08:00
Bob Trahan
34b6c32d2e fix conpherence menu selection
Summary: i think the DOM changed in conpherence with the menu upgrades. just noticed that when you select a new conpherence the old one is not de-selected. this fixes it by updating the javascript to ascend one node higher and then use DOM.scry with the right data sigil to get the nodes

Test Plan: read some messages, noted only the one I was reading had the entry highlighted in the left.

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, Korvin

Maniphest Tasks: T2399

Differential Revision: https://secure.phabricator.com/D4819
2013-02-05 11:58:19 -08:00
epriestley
8f1311bbc1 Merge branch 'master' into phutil_tag
(Final sync.)
2013-02-05 10:23:16 -08:00
epriestley
742ee44960 Fix show/hide applications on homepage
Summary:
Fixes T2482. After D4792, menus have more formal structure, but previously we were just shoving some `<div>` into the middle of the thing. This no longer works correctly, since we end up with `<div class="nice-formal-div"><div></div>`.

Just put IDs on all the items we're going to show/hide instead so we don't have to render any half-tags.

Test Plan: Home page show/hide works again.

Reviewers: btrahan, chad

Reviewed By: btrahan

CC: aran

Maniphest Tasks: T2482

Differential Revision: https://secure.phabricator.com/D4810
2013-02-05 07:43:58 -08:00
Bob Trahan
e4a0c17079 fix Conpherence sorting
Summary: this broke when I moved sorting to the editor. Turns out you can't have custom hooks for the comment transaction, and thus I couldn't update participation inside the editor. This fixes this by removing the empty switch statement for the transaction type inside the parent class editor. This should have no effect other than fixing Conpherence. Note that conpherences will need another message, etc for a given conphernece to fix itself.

Test Plan: Conpherence threads were updated properly!

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, Korvin

Maniphest Tasks: T2399

Differential Revision: https://secure.phabricator.com/D4817
2013-02-04 19:05:50 -08:00
Bob Trahan
a211f97737 Conpherence - some widget and display stuff
Summary:
this was originally "just" adding the icons like I had bundled into D4790. It morphed a bit though and does a few things

 - adds the icons
 - cleans up widget CSS generally a bit so scrolling always works
 - phutil_tag -- probably was a bad idea but I wanted to play with it. I think its harder to not break conpherence when you land the branch now maybs. Still up for fixing it immediately post land though.

Test Plan: played with conphernece a bit. Used FF and Chrome to verify CSS was looking okay-ish.

Reviewers: epriestley, chad

Reviewed By: epriestley

CC: aran, Korvin

Maniphest Tasks: T2399

Differential Revision: https://secure.phabricator.com/D4814
2013-02-04 19:01:46 -08:00
Bob Trahan
112c2ebfbe make sort controls only show up if sorting will work
Summary: T2326 tells the tale. this is the fix.

Test Plan: verified that queries that shouldn't be sortable weren't. also had a phlog in there a bit to sanity check things faster

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, Korvin

Maniphest Tasks: T2326

Differential Revision: https://secure.phabricator.com/D4816
2013-02-04 18:59:46 -08:00
epriestley
94f6b6ca4e Fix every HTML issue I could find
Summary:
I attempted to test every interface. I probably missed some stuff, but I at least have some level of confidence that the `phutil_tag` branch is fairly stable.

Fixed these issues:

[1] Fixed a Herald issue with object links in transcripts. Some actions return
links; this was previously hard-coded.
[2] DarkConsole refactoring created an issue where the "`" event handler registered too many times.
[3] Fixed a bug where `strlen($value)` was being checked, but fields may now return array(). Possibly we should implement phutil_is_empty_html() or similar.
[4] Fixed a undefined variable issue for image edit transactions.
[5] Fixed an issue with rendering participant transactions. This required phutil_safe_html() because `pht()` can't handle `array()` for `%s`.
[6] Fixed an issue where feed was entirely overescaped by reverting an overly ambitious render_tag -> tag.
[7] Fixed an issue with strict tables and inserting `''` instead of `0` into an integer column.
[8] Fixed an issue where &bull; was shown escaped.
[9] Fixed an issue where "no data" was overescaped.
[10] Fixed an issue with strict tables and inserting `''` instead of `0` into an integer column.
[11] Fixed an issue with strict tables and inserting `''`.
[12] Fixed an issue with missing space after ":" for mini panels.

Encountered (but did not fix) these issues:

[X1] "e" works incorrectly on comments you are not allowed to edit. Did not fix.
[X2] Coverage currently interacts incorrectly with "--everything" for Phutil tests.

Test Plan:
  - Viewed Differential.
  - Created a diff via copy/paste.
  - Viewed standalone diff.
  - Jumped to diff via changeset table.
  - Created a revision.
  - Updated revision.
  - Added a comment.
  - Edited revision dependencies.
  - Edited revision tasks.
  - Viewed MetaMTA transcripts.
  - Viewed Herald transcripts [1].
  - Downloaded raw diff.
  - Flagged / unflagged revision.
  - Added/edited/deleted inline comment.
  - Collapsed/expanded file.
  - Did show raw left.
  - Did show raw right.
  - Checked previews for available actions.
  - Clicked remarkup buttons
  - Used filetree view.
  - Used keyboard: F, j, k, J, K, n, p, t, h, "?" [2] [X1].
  - Created a meme.
  - Uploaded a file via drag and drop.
  - Viewed a revision with no reviewers.
  - Viewed a revision with >100 files.
  - Viewed various other revisions [3].
  - Viewed an image diff.
  - Added image diff inline comments.
  - Viewed Maniphest.
  - Ran various queries.
  - Created task.
  - Created similar task.
  - Added comments to tasks.
  - Ran custom query.
  - Saved custom query.
  - Edited custom queries.
  - Drag-reordered tasks.
  - Batch edited tasks.
  - Exported tasks to excel.
  - Looked at reports (issue in T2311 notwithstanding).
  - Viewed Diffusion.
  - Browsed Git, SVN, HG repositories.
  - Looked at history, browse, change, commit views.
  - Viewed audit.
  - Performed various audit searches.
  - Viewed Paste.
  - Performed paste searches.
  - Created, edited, forked paste.
  - Viewed Phriction.
  - Edited a page.
  - Viewed edit history.
  - Used search typeahead to search for user / application.
  - Used search to search for text.
  - Viewed Phame.
  - Viewed Blog, Post.
  - Viewed live post.
  - Published/unpublished post.
  - Previewed post.
  - Viewed Pholio.
  - Edited/commented mock.
  - Viewed ponder.
  - Viewed question.
  - Added answer/comment.
  - Viewed Diviner.
  - Viewed Conpherence [4] [5].
  - Made Conpherence updates.
  - Viewed calendar.
  - Created status.
  - Viewed status.
  - Viewed Feed [6].
  - Viewed Projects.
  - Viewed project detail.
  - Edited project.
  - Viewed Owners.
  - Viewed package detail.
  - Edited package [7].
  - Viewed flags.
  - Edited flag.
  - Deleted flag.
  - Viewed Herald.
  - Viewed rules.
  - Created rule.
  - Edited rule.
  - Viewed edit log.
  - Viewed transcripts.
  - Inspected a transcript.
  - Viewed People.
  - Viewed list.
  - Administrated user.
  - Checked username/delete stuff.
  - Looked at create/import LDAP/activity logs.
  - Looked at a user profile.
  - Looked at user about page.
  - Looked at Repositories.
  - Edited repository.
  - Edited arcanist project.
  - Looked at daemons.
  - Looked at all daemons [8].
  - Viewed combined log.
  - Looked at configuration.
  - Edited configuration.
  - Looked at setup issues [9].
  - Looked at current settings.
  - Looked at application list.
  - Installed / uninstalled applications [10].
  - Looked at mailing lists.
  - Created a mailing list.
  - Edited a mailing list.
  - Looked at sent mail.
  - Looked at received mail.
  - Looked at send/receive tests.
  - Looked at settings.
  - Clicked through all the panels.
  - Looked at slowvote.
  - Created a slowvote [11].
  - Voted in a slowvote.
  - Looked at Macro.
  - Created a macro.
  - Edited a macro.
  - Commented on a macro.
  - Looked at Countdown.
  - Created a Countdown.
  - Looked at it.
  - Looked at Drydock.
  - Poked around a bit.
  - Looked at Fact.
  - Poked around a bit.
  - Looked at files.
  - Looked at a file.
  - Uploaded a file.
  - Looked at Conduit.
  - Made a Conduit call.
  - Looked at UIExamples.
  - Looked at PHPAST.
  - Looked at PHIDs.
  - Looked at notification menu.
  - Looked at notification detail.
  - Logged out.
  - Logged in.
  - Looked at homepage [12].
  - Ran `arc unit --everything --no-coverage` [X2].

Reviewers: vrana, btrahan

Reviewed By: vrana

CC: aran

Maniphest Tasks: T2432

Differential Revision: https://secure.phabricator.com/D4807
2013-02-04 17:06:34 -08:00
epriestley
af1f57b37a Add a preference to completely disable the file tree
Summary:
See D4812.

  - This preference disables the file tree completely.
  - It defaults off, so users who want it will have to go turn it on.
  - Maybe slightly cleaner would be doing this if the tree was hidden and then ajaxing it in if you press "F", but that's complicated and I don't want to bother.
  - Generally, I think this element is useful to something like 5% of users and not useful to 95%.

Test Plan: Enabled and disabled file tree. Looked at commits and revisions; verified they reflected the setting correctly.

Reviewers: vrana

Reviewed By: vrana

CC: aran

Differential Revision: https://secure.phabricator.com/D4813
2013-02-04 17:00:27 -08:00
vrana
0bb62d0c31 Make collapsed navigation sticky
Summary: This is the most requested feature in FB by far.

Test Plan:
Toggled, verified that data are saved.
Reloaded, toggled, toggled, toggled, verified that data are saved.
Reloaded.

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, Korvin

Differential Revision: https://secure.phabricator.com/D4812
2013-02-04 16:35:46 -08:00
Brennan Taylor
1322e9eda2 Implement import profile picture from Gravatar
Summary: Add a field where you can put the gravatar email address to pull an image for the profile picture from

Test Plan: Tried uploading a file, replacing with default, and various combinations and they all still work.

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, Korvin

Maniphest Tasks: T2105

Differential Revision: https://secure.phabricator.com/D4809
2013-02-04 15:29:33 -08:00
vrana
34c51a61b5 Delete preference for Diffusion symbols
Summary:
We are doing a better job in 1) of D3069#3 and 2) is just dumb.
Let's see if someone notices this change.

Test Plan: /settings/panel/display/

Reviewers: nh, epriestley

Reviewed By: epriestley

CC: aran, Korvin

Differential Revision: https://secure.phabricator.com/D4789
2013-02-04 11:38:22 -08:00
epriestley
ebc2937dc8 render_tag -> tag: final block
Summary:
Convert a final few `render_tag()` calls to `tag()` calls. This leaves us with 36 calls:

  - 9 are in Conpherence, and will be converted after merging. Using Views makes the most sense here, to get access to renderHTMLView() and such.
  - 2 are the definition and its library map entry.
  - 3 are in the documentation.
  - I believe the remaining 22 are too difficult to convert pre-merge. About half are in code which is slated for destruction; the other half are in the base implementations of very common classes (like PhabricatorStandardPageView) and can only be converted by converting the entire codebase.

My plan at this point is:

  - Test the branch thoroughly.
  - Merge to master.
  - Over time, resolve the remaining issues: lint means things shouldn't get any worse.

Test Plan: See inlines.

Reviewers: vrana

Reviewed By: vrana

CC: aran, edward

Maniphest Tasks: T2432

Differential Revision: https://secure.phabricator.com/D4802
2013-02-04 11:38:04 -08:00
vrana
8c99938aad Convert revision unsubscribers to edges
Test Plan: Ran the migration on a single revision, verified DB, called `loadUnsubscribedPHIDs()`.

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, Korvin

Differential Revision: https://secure.phabricator.com/D4786
2013-02-04 11:36:55 -08:00
Debarghya Das
ccb206e984 Added a Disable Macros function that can be called in some contexts where Macros are unsuitable
Summary: Semi Fixed T2397

Test Plan: Can disable the meme button on manually toggling the class variable.

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, Korvin

Maniphest Tasks: T2397

Differential Revision: https://secure.phabricator.com/D4781
2013-02-04 09:54:03 -08:00
Bryan Cuccioli
39afb3fedb Suggest STRICT_ALL_TABLES during setup. Improve dev-mode comments.
Summary: Suggest the MySQL mode STRICT_ALL_TABLES during setup if it is not set. Small improvement to the phabricator.developer-mode comments.

Test Plan: Set the global sql_mode to include or exclude STRICT_ALL_TABLES and check for desired behavior.

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, Korvin

Differential Revision: https://secure.phabricator.com/D4803
2013-02-04 09:03:26 -08:00
epriestley
0f1bdbe147 Merge branch 'master' into phutil_tag
(Sync.)
2013-02-04 06:19:52 -08:00
epriestley
30dedb2251 Allow PhabricatorMenuView to have items inserted in the middle
Summary:
Make `PhabricatorMenuView` more flexible, so callers can add items to the beginning/end/middle.

In particular, this allows event handlers to receive a $menu and call `addMenuItemToLabel('activity', ...)` or similar, for D4708.

Test Plan: Unit tests. Browsed site. Home page, Conpherence, and other pages with menus look correct.

Reviewers: btrahan

Reviewed By: btrahan

CC: aran

Differential Revision: https://secure.phabricator.com/D4792
2013-02-03 10:02:35 -08:00
epriestley
57ff0a80aa Return applications in application order
Summary:
By default, order applications in application order. See discussion in D4708.

Principally, this is intended to make sure that application event handlers are registered in order, and thus fire in order.

Test Plan:
Looked at /applications/, homepage tiles, verified they both still work.

I didn't actually test the event handler bit since it's fairly complicated to test blind; D4708 should provide a test case.

Reviewers: btrahan, Afaque_Hussain

Reviewed By: Afaque_Hussain

CC: aran

Differential Revision: https://secure.phabricator.com/D4791
2013-02-03 09:26:25 -08:00
vrana
5459af3bdd Fix dynamic string usage as safe input
Test Plan:
  $ arc lint

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, Korvin

Differential Revision: https://secure.phabricator.com/D4796
2013-02-02 16:20:29 -08:00
vrana
8e7af64dd6 Fix dynamic string usage as safe input in phutil_tag
Test Plan:
  $ arc lint

Reviewers: epriestley

CC: aran, Korvin

Differential Revision: https://secure.phabricator.com/D4797
2013-02-02 16:10:09 -08:00
epriestley
87dc464159 render_tag -> tag: misc views
Summary: See inlines.

Test Plan: See inlines.

Reviewers: vrana

Reviewed By: vrana

CC: aran

Maniphest Tasks: T2432

Differential Revision: https://secure.phabricator.com/D4768
2013-02-02 06:12:36 -08:00
vrana
6e95901161 Convert phutil_render_tag() to phutil_tag() for inline comments
Test Plan:
Looked at file with lint errors in Diffusion.

I've also tried inline comments in Differential but it failed.
I'll try it again after you land all your diffs.

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, Korvin

Maniphest Tasks: T2432

Differential Revision: https://secure.phabricator.com/D4755
2013-02-02 05:15:30 -08:00
vrana
a808133bc8 Not require confirmation for revision subscribe and unsubscribe
Summary: Regression to original behavior.

Test Plan: Clicked on it twice, didn't see confirmation dialog.

Reviewers: epriestley, codeblock

Reviewed By: codeblock

CC: aran, Korvin

Differential Revision: https://secure.phabricator.com/D4788
2013-02-02 03:52:24 -08:00
Lauri-Henrik Jalonen
8ae7de51f9 Select portions from mock
Summary: Applied fixes for issues mentioned in D4737#1&2

Test Plan: Verified that scripts seem to work as intended.

Reviewers: epriestley

CC: aran, Korvin

Maniphest Tasks: T2446

Differential Revision: https://secure.phabricator.com/D4782
2013-02-01 11:07:54 -08:00
Bryan Cuccioli
c105a5bde0 Refactor developer options to specific developer-mode option.
Summary: Refactor options related to verbose error reporting and forcing disk reads into a single developer option.

Test Plan: Run Phabricator with the developer-mode option set and check that errors print stack traces, static assets are always reloaded, etc.

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, Korvin

Differential Revision: https://secure.phabricator.com/D4780
2013-02-01 10:12:17 -08:00
epriestley
384244fa30 Improve meme text outlining
Summary: Fixed T2398

Test Plan: Ran a local test. It looked a tad better.

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, Korvin

Maniphest Tasks: T2398

Differential Revision: https://secure.phabricator.com/D4779
2013-02-01 08:47:34 -08:00
Debarghya Das
f4971b0858 Impact Font Used If Available
Summary: Fixed T2395

Test Plan: When impact.ttf was added to resources/font, it was being used. When renamed, tuffy was.

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, Korvin

Maniphest Tasks: T2395

Differential Revision: https://secure.phabricator.com/D4700
2013-02-01 08:19:40 -08:00
vrana
b7e10831a6 Use PhutilNumber instead of number_format()
Summary: Also convert to `phutil_tag()`.

Test Plan: Displayed revision with hidden comments.

Reviewers: epriestley

CC: aran, Korvin

Differential Revision: https://secure.phabricator.com/D4772
2013-01-31 17:12:12 -08:00
epriestley
1c64b40a22 Minor improvements to Applications application
Summary:
I missed these in review, but here are a couple of tweaks:

  - Call `setWorkflow(true)` on the actions. This makes the dialogs pop up on the same page with Javascript if it's available.
  - When the user installs/uninstalls an application, send them back to the application's detail page, not the application list.

Test Plan:
  - Uninstalled an application (saw dialog, got sent back to detail page).
  - Installed an application (saw dialog, got sent back to detail page).
  - Canceled an application uninstall.

Reviewers: Afaque_Hussain

Reviewed By: Afaque_Hussain

CC: aran

Differential Revision: https://secure.phabricator.com/D4762
2013-01-31 11:49:52 -08:00
vrana
01236dcaf0 Use PhutilNumber in translations
Summary: It's a little bit confusing that you couldn't use %d but kind of expected taken that the number will be formatted so it's not a number anymore.

Test Plan: /paste/

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, Korvin

Differential Revision: https://secure.phabricator.com/D4764
2013-01-31 09:11:01 -08:00
epriestley
7f43826854 render_tag -> tag: fix more callsites (more view, misc)
Summary: Fixes even more callsites.

Test Plan: See inlines.

Reviewers: vrana

Reviewed By: vrana

CC: aran

Maniphest Tasks: T2432

Differential Revision: https://secure.phabricator.com/D4749
2013-01-31 09:08:02 -08:00