1
0
Fork 0
mirror of https://we.phorge.it/source/phorge.git synced 2024-11-25 00:02:41 +01:00
Commit graph

175 commits

Author SHA1 Message Date
epriestley
2f138d0501 Add a "roles" array to user.query
Summary:
  - Add "role" information, so clients can identify disabled users.
  - Formally deprecate `user.info`

Test Plan: Ran "user.query" and "user.whoami", inspected output. Verified "user.info" appears as deprecated in method list and console.

Reviewers: csilvers, btrahan

Reviewed By: csilvers

CC: aran

Differential Revision: https://secure.phabricator.com/D2565
2012-05-24 12:10:47 -07:00
Nick Harper
e4e56bb431 Return partial differential fields when there's an error parsing
Summary:
If someone typos one name in a cc or reviewer list, it would be nice if we
display all of the valid names in the field when running arc diff (in addition
to the error message).

Test Plan:
used the conduit console to check that calling differential.parsecommitmessage
with a list of some valid and some invalid ccs returns a result with both an
error and a list of some ccs. Also ran arc diff with that list of ccs to check
for the correct user experience.

Reviewers: epriestley, jungejason, vrana

Reviewed By: epriestley

CC: aran, Koolvin

Differential Revision: https://secure.phabricator.com/D2542
2012-05-22 18:12:41 -07:00
mkedia
787c95abd8 Add owners.query method
Summary:
Allow callers to find all packages/paths owned by a given
user/project.

Test Plan:
Used conduit api page with --
user owner: PHID-USER-6ce1c976b86e5f3c34f6 (tried both loadPackagesFromProjects
true/false)

proj owner: PHID-PROJ-r5wnmmaawqsn4tvjmqm4

repo/path: E, /tfb/trunk/www/flib/privacy. Checked both path.getowners
and owners.query

(all of these are defined internally at fb)

Reviewers: epriestley, btrahan, nh

Reviewed By: btrahan

CC: aran, Koolvin

Differential Revision: https://secure.phabricator.com/D2482
2012-05-22 10:19:58 -07:00
epriestley
8bbc724210 Bump Conduit server version
Summary:
We introduced a "user.query" call recently which is only about two weeks old. Bump versions so users get a forced upgrade.

Also, we raise a fairly confusing message when the user calls a nonexistent method. This is not the intent; `class_exists()` throws. Tailor this exception more carefully.

Test Plan:
  - Ran `echo {} | arc call-conduit derp.derp`, got a better exception.
  - Bumped version, ran `arc list`, got told to upgrade.

Reviewers: indiefan, nh, vrana, btrahan, jungejason, Makinde

Reviewed By: vrana

CC: aran

Differential Revision: https://secure.phabricator.com/D2527
2012-05-21 16:43:43 -07:00
Bob Trahan
912e414013 Update Conduit Maniphest CRUD API(s) to not accept crud
Summary: see T1241, T1242, T1244 for some examples of crud getting saved

Test Plan: threw some crud in my conduit console and got reasonable errors back

Reviewers: mikaaay, epriestley

Reviewed By: epriestley

CC: aran, Koolvin

Maniphest Tasks: T1241, T1242, T1244

Differential Revision: https://secure.phabricator.com/D2487
2012-05-19 16:18:13 -07:00
vrana
fa36dd513c Integrate user.getcurrentstatus into user.query
Summary: D2492#6

Test Plan:
`user.query` of user which is away.
`user.query` of user which is not away.
`user.whoami` - no information there.

Reviewers: epriestley

Reviewed By: epriestley

CC: btrahan, aran, Koolvin

Differential Revision: https://secure.phabricator.com/D2502
2012-05-19 13:11:14 -07:00
vrana
8dca5cdb5a Add Conduit method to disable user
Summary: There's no method for enabling users somewhat intentionally.

Test Plan: Disable myself (oops, this is probably my last diff ever).

Reviewers: btrahan

Reviewed By: btrahan

CC: aran, epriestley

Differential Revision: https://secure.phabricator.com/D2497
2012-05-18 16:29:36 -07:00
vrana
9f35a3ba45 Highlight away and sporadic users in revision list
Summary:
This is not so general as `getRequiredHandlePHIDs()`.
It allows bulk loading of user statuses only in revision list.

It also loads data in `render()`. I'm not sure if it's OK.

Maybe we can use the colorful point here.
Or maybe some unicode symbol?

Test Plan: {F11451, size=full}

Reviewers: btrahan, epriestley

Reviewed By: btrahan

CC: aran, Koolvin

Differential Revision: https://secure.phabricator.com/D2484
2012-05-18 14:28:41 -07:00
vrana
2476c872ff Add Conduit method for querying user status
Summary:
I want to use this to warn user if he specifies reviewers that are away.

We can also implement a general query method but I think that this usage is the
most useful not only for me but also in general case.

Test Plan:
Call the method for user which is away and which is not away.
Add user status through Conduit.

Reviewers: btrahan

Reviewed By: btrahan

CC: aran, epriestley

Differential Revision: https://secure.phabricator.com/D2492
2012-05-17 23:58:50 -07:00
vrana
70e5ef92cf Use transactions in user status Conduit methods
Test Plan:
Add status, verify DB.
Remove status, verify DB.

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, Koolvin

Differential Revision: https://secure.phabricator.com/D2397
2012-05-10 11:49:39 -07:00
epriestley
ed34402313 "arc upgrade" (server changes)
Summary: When the server version is ahead of the client version, send a more exciting error!!!

Test Plan: omg~~~

Reviewers: nh, Makinde, btrahan, jungejason

Reviewed By: nh

CC: aran

Differential Revision: https://secure.phabricator.com/D2436
2012-05-09 10:01:46 -07:00
Bob Trahan
c58bd95842 Conduit user.query method
Summary: also includes a PhabricatorPeopleQuery object

Test Plan: queried for various combinations username, realname, id, phid, and email. verified correct results.

Reviewers: epriestley

Reviewed By: epriestley

CC: zeeg, aran, Koolvin

Maniphest Tasks: T1075

Differential Revision: https://secure.phabricator.com/D2416
2012-05-07 13:35:09 -07:00
epriestley
87207b2f4e Allow users to have multiple email addresses, and verify emails
Summary:
  - Move email to a separate table.
  - Migrate existing email to new storage.
  - Allow users to add and remove email addresses.
  - Allow users to verify email addresses.
  - Allow users to change their primary email address.
  - Convert all the registration/reset/login code to understand these changes.
  - There are a few security considerations here but I think I've addressed them. Principally, it is important to never let a user acquire a verified email address they don't actually own. We ensure this by tightening the scoping of token generation rules to be (user, email) specific.
  - This should have essentially zero impact on Facebook, but may require some minor changes in the registration code -- I don't exactly remember how it is set up.

Not included here (next steps):

  - Allow configuration to restrict email to certain domains.
  - Allow configuration to require validated email.

Test Plan:
This is a fairly extensive, difficult-to-test change.

  - From "Email Addresses" interface:
    - Added new email (verified email verifications sent).
    - Changed primary email (verified old/new notificactions sent).
    - Resent verification emails (verified they sent).
    - Removed email.
    - Tried to add already-owned email.
  - Created new users with "accountadmin". Edited existing users with "accountadmin".
  - Created new users with "add_user.php".
  - Created new users with web interface.
  - Clicked welcome email link, verified it verified email.
  - Reset password.
  - Linked/unlinked oauth accounts.
  - Logged in with oauth account.
  - Logged in with email.
  - Registered with Oauth account.
  - Tried to register with OAuth account with duplicate email.
  - Verified errors for email verification with bad tokens, etc.

Reviewers: btrahan, vrana, jungejason

Reviewed By: btrahan

CC: aran

Maniphest Tasks: T1184

Differential Revision: https://secure.phabricator.com/D2393
2012-05-07 10:29:33 -07:00
epriestley
2d9d2f1aed Allow "Differential Revision ID" field appear on create/edit messages
Summary:
  - In practice, 'edit' has two modes, 'create' and 'edit'. These seem like they should map to "create a revision" and "update a revision", but they are completely different.
    - We use the "create" mode:
      - When creating a message from the working copy.
      - When creating a message from a file.
      - When creating a message from a commit.
      - When creating a message from a user template.
      - When creating a message from an "--edit"!
    - We use the "edit" mode:
      - ONLY when updating a revision with `arc diff --verbatim`.
  - The only difference is in which fields may be overwritten. Under "create", all fields may be overwritten. Under "edit", only safe fields may be overwritten.
  - The "Differential Revision" field currently does not render in either edit mode. This is wrong. Even though it can not be updated in the "edit" mode, it should still render in both modes. This is the only material change this revision makes.
  - Without this change, when we "create" a new message from a working copy and the working copy has a "Differential Revision" field, we incorrectly discard it.
  - The only field which does not render on edit modes now is "Reviewed by" (not "Reviewers"), which is correct, since we do not read the value.

Test Plan: Ran "arc diff" to create/update revisions. Ran "arc diff --verbatim" to create/update revisions with implicit edits (with D2411). Ran "arc diff --edit" to update revisions with explicit edits.

Reviewers: jungejason, btrahan

Reviewed by: jungejason

CC: vrana, aran

Differential Revision: https://secure.phabricator.com/D2412
2012-05-07 08:14:16 -07:00
epriestley
db20c74044 Add a missing (string) cast to repository.query
Summary: The method returns a PhutilURI object, which json_encode() encodes as "{}" since all the properties are private.

Test Plan:
Examined the output of "repository.query" more carefully:

  "0" : {
    "name"      : "Phabricator",
    "callsign"  : "P",
    "vcs"       : "git",
    "uri"       : "http:\/\/local.aphront.com:8080\/diffusion\/P\/",
    "remoteURI" : "git:\/\/github.com\/facebook\/phabricator.git",
    "tracking"  : true
  },

Reviewers: csilvers, btrahan, vrana, jungejason

Reviewed By: csilvers

CC: aran

Differential Revision: https://secure.phabricator.com/D2402
2012-05-04 17:08:42 -07:00
epriestley
049048765d Add "repository.create" and "repository.query" methods to Conduit
Summary: Primarily for @csilvers who has 92 million repositories or something. This is a touch hacky, but movitated by pragmatism.

Test Plan:
  - Ran "repository.create" to create repositories, "repository.query" to list them.
  - Tested most or maybe all of the error conditions, probably.

Reviewers: btrahan, vrana, csilvers

Reviewed By: csilvers

CC: aran

Differential Revision: https://secure.phabricator.com/D2396
2012-05-04 16:16:22 -07:00
vrana
e4f4b6a3fe Add conduit method for deleting user status
Test Plan: All four eventualities.

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, Koolvin

Differential Revision: https://secure.phabricator.com/D2383
2012-05-04 13:03:02 -07:00
vrana
8745374cb5 Mark optional conduit parameter 2012-05-04 00:33:00 -07:00
vrana
416e4e7b67 Allowing setting user status
Summary:
I will use it for highlighting users which are not currently available.

Maybe I will also use it in the nagging tool.

I don't plan creating a UI for it as API is currently enough for us.
Maybe I will visualize it at /calendar/ later.

I plan creating `user.deletestatus` method when this one will be done.

Test Plan:
`storage upgrade`
Call Conduit `user.addstatus`.
Verify DB.

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, Koolvin

Differential Revision: https://secure.phabricator.com/D2382
2012-05-03 18:24:30 -07:00
epriestley
8ed48a89f4 Use a disk-based default avatar, not a database-based one
Summary:
This is mostly in an effort to simplify D2323. Currently, we load one image into the database by default. This is a weird special case that makes things more complicated than necessary.

Instead, use a disk-based default avatar.

Test Plan: Verified that a user without an image appears with the default avatar as a handle, in profile settings, and on their person page.

Reviewers: btrahan, vrana, edward, jungejason

Reviewed By: vrana

CC: aran

Maniphest Tasks: T345

Differential Revision: https://secure.phabricator.com/D2331
2012-04-27 17:44:10 -07:00
epriestley
20a5c9b261 Use "closed", not "committed", in Differential
Summary: "Committed" is SVN-specific language, and confusing in Git and Mercurial. Use neutral language instead.

Test Plan: Inspection.

Reviewers: btrahan, Makinde, vrana, jungejason

Reviewed By: vrana

CC: aran

Maniphest Tasks: T909

Differential Revision: https://secure.phabricator.com/D2087
2012-04-23 17:40:57 -07:00
vrana
1f2cf78c1b Display committed date in Revision Status field
Summary:
This is slightly more complicated for this reason:

- We don't set `dateCommitted` for normal commits, only for markcommitted.
-- We need to add this date to old revisions now.

Test Plan:
Reparse a revision - commit date was set.
Conduit `markcommitted` - commit date was set.
Run SQL script.
Display closed revision.

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, Koolvin

Differential Revision: https://secure.phabricator.com/D2282
2012-04-19 15:05:09 -07:00
epriestley
bdcba43f21 Formalize a mechanism for marking Conduit methods deprecated/unstable
Summary:
This is better than writing "(UNSTABLE!!!)" in front of the text description.

I'll add a wiki to keep track of API changes, too.

See also D2087, which motivates this.

Test Plan: Browsed console, saw "deprecated" and "unstable" on appropriate methods.

Reviewers: btrahan, vrana, jungejason

Reviewed By: vrana

CC: aran

Maniphest Tasks: T909

Differential Revision: https://secure.phabricator.com/D2271
2012-04-18 14:25:27 -07:00
20after4
1ff68376f5 New maniphest event TYPE_MANIPHEST_DIDEDITTASK
Summary:
This event is fired after a task is created and assigned with an id.
Use case is sending an email notification to everyone in a project when a new task is
submitted to said project.

Test Plan:
Implement the event listener, submit a new task to a project, see if the project members
receive an email notification. I will submit the event handler in a separate diff once it's a bit
prettier and tested more thoroughly.

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, jungejason

Differential Revision: https://secure.phabricator.com/D2159
2012-04-17 12:09:58 -07:00
vrana
cec641a81e Don't mark diff as "Unit Tests Skipped" when posponed test was skipped
Summary:
Following logic at https://secure.phabricator.com/diffusion/ARC/browse/master/src/workflow/unit/ArcanistUnitWorkflow.php;ea0f737e85644d5a$242-255.

Also unrequire coverage.

Test Plan:
  echo '{"diff_id": 1, "file": "empty", "name": "name", "result": "skip", "message": "test"}' | arc call-conduit differential.updateunitresults

Reviewers: nh, epriestley

Reviewed By: epriestley

CC: aran, epriestley

Differential Revision: https://secure.phabricator.com/D2231
2012-04-14 21:42:40 -07:00
Bob Trahan
1175784d5d PhabricatorSlug
Summary:
This is to be used in Phame so the logic is shared where possible. The change has three main things going on

- broke out functionality from PhrictionDocument that isn't Phriction specific.
- swept up code base to use new PhabricatorSlug class.
- altered the regex ever so slightly per discussion and http://stackoverflow.com/questions/2028022/javascript-how-to-convert-unicode-string-to-ascii

I think maybe we should punt on unicode here for quite a bit -- http://www.456bereastreet.com/archive/201006/be_careful_with_non-ascii_characters_in_urls/ -- but we'll be well-positioned to add it with the code here.

Test Plan: used phriction to create, edit, view documents. used a tool (codemod) for the codebase sweeping

Reviewers: epriestley

Reviewed By: epriestley

CC: aran

Differential Revision: https://secure.phabricator.com/D2195
2012-04-10 14:18:20 -07:00
epriestley
fe9ba6bc67 Improve DifferentialRevisionQuery and add the ability to query by arcanist project
Summary:
  - We currently post-filter by branches, but should do this in SQL. See T799.
  - We currently identify branch-name-matches as being in the working copy even if they belong to a different project (e.g., two different projects with commits on the branch "master"). See T1100.
  - Denormalize branch and project information into DifferentialRevision.
  - Expose project information in the API.

Test Plan: Ran conduit API queries with branches and arc project IDs, got reasonable results.

Reviewers: btrahan, vrana, jungejason

Reviewed By: btrahan

CC: aran

Maniphest Tasks: T1100, T799

Differential Revision: https://secure.phabricator.com/D2190
2012-04-10 12:51:34 -07:00
vrana
8813c7be0e Use assert_instances_of() everywhere but Differential and Diffusion
Summary: NOTE: This is not produced by a script so there might be errors. Please review carefully.

Test Plan: Browse around.

Reviewers: epriestley

Reviewed By: epriestley

CC: aran

Differential Revision: https://secure.phabricator.com/D2091
2012-04-03 14:53:20 -07:00
vrana
5623abecbf Don't set NULL values in array returned from loadObjects()
Summary: Delete some dead code in Feed along the way.

Test Plan:
/feed/
/search/

Reviewers: epriestley

Reviewed By: epriestley

CC: aran

Differential Revision: https://secure.phabricator.com/D2092
2012-04-03 14:46:39 -07:00
epriestley
fcec4c368c Allow users to add flags via Herald rules
Summary: Add "Mark with flag" rules to Herald.

Test Plan: Created / edited a "Mark with flag" rule. Parsed revisions / commits, got flags added.

Reviewers: btrahan, jungejason

Reviewed By: btrahan

CC: aran, epriestley, vrana

Maniphest Tasks: T1041

Differential Revision: https://secure.phabricator.com/D2060
2012-03-30 13:51:54 -07:00
vrana
813329c0a5 Don't trim indentation in arc amend
Summary:
When there is a single line Test Plan (or anything else) then `arc amend` puts it on the same line as label.
It is a problem with indented line (as in this diff) because next run of `arc diff` will trim the leading spaces.

Test Plan:   arc amend

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, epriestley

Differential Revision: https://secure.phabricator.com/D2054
2012-03-29 12:23:58 -07:00
vrana
280b852922 Don't trim indentation in arc amend
Summary:
When there is a single line Test Plan (or anything else) then `arc amend` puts it on the same line as label.
It is a problem with indented line (as in this diff) because next run of `arc diff` will trim the leading spaces.

Test Plan:   arc amend

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, epriestley

Differential Revision: https://secure.phabricator.com/D2054
2012-03-29 12:16:24 -07:00
epriestley
7ad68e63e4 Add "Flags" to allow users to collect the things they love
Summary:
Flags are a personal collection of things you want to take a look at later. You can use several different colors and add notes.

Not really sure if this is actually a good idea or not but it was easy to build.

Planned features:

  - Allow Herald rules to add flags.
  - In the "edit flag" dialog, have a "[x] Subscribe Me" checkbox that CCs you.
  - Support Diffusion.
  - Support Phriction.
  - Always show flags on an object if you have them (in every view)?
  - Edit dialog feels a little heavy?
  - More filtering in /flag/ tool.
  - Add a top-level links somewhere?

Test Plan: Added, edited and removed flags from things. Viewed flags in flag view.

Reviewers: aran, btrahan

Reviewed By: btrahan

CC: aran, epriestley, Koolvin

Maniphest Tasks: T1041

Differential Revision: https://secure.phabricator.com/D2024
2012-03-27 16:22:40 -07:00
vrana
9622dcd98a Check instance of differential.attach-task-class
Test Plan: Attach Facebook task to revision

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, epriestley

Differential Revision: https://secure.phabricator.com/D1991
2012-03-22 11:10:49 -07:00
epriestley
30ae22bfcf Fix many encoding and architecture problems in Diffusion request and URI handling
Summary:
Diffusion request/uri handling is currently a big, hastily ported mess. In particular, it has:

  - Tons and tons of duplicated code.
  - Bugs with handling unusual branch and file names.
  - An excessively large (and yet insufficiently expressive) API on DiffusionRequest, including a nonsensical concrete base class.
  - Other tools were doing hacky things like passing ":" branch names.

This diff attempts to fix these issues.

  - Make the base class abstract (it was concrete ONLY for "/diffusion/").
  - Move all URI generation to DiffusionRequest. Make the core static. Add unit tests.
  - Delete the 300 copies of URI generation code throughout Diffusion.
  - Move all URI parsing to DiffusionRequest. Make the core static. Add unit tests.
  - Add an appropriate static initializer for other callers.
  - Convert all code calling `newFromAphrontRequestDictionary` outside of Diffusion to the new `newFromDictionary` API.
  - Refactor static initializers to be sensibly-sized.
  - Refactor derived DiffusionRequest classes to remove duplicated code.
  - Properly encode branch names (fixes branches with "/", see <https://github.com/facebook/phabricator/issues/100>).
  - Properly encode path names (fixes issues in D1742).
  - Properly escape delimiter characters ";" and "$" in path names so files like "$100" are not interpreted as "line 100".
  - Fix a couple warnings.
  - Fix a couple lint issues.
  - Fix a bug where we would not parse filenames with spaces in them correctly in the Git browse query.
  - Fix a bug where Git change queries would fail unnecessarily.
  - Provide or improve some documentation.

This thing is pretty gigantic but also kind of hard to split up. If it's unreasonably difficult to review, let me know and I can take a stab at it though.

This supplants D1742.

Test Plan:
  - Used home, repository, branch, browse, change, history, diff (ajax), lastmodified (ajax) views of Diffusion.
  - Used Owners typeaheads and search.
  - Used diffusion.getrecentcommitsbypath method.
  - Pushed a change to an absurdly-named file on an absurdly-named branch, everything worked properly.

{F9185}

Reviewers: nh, vrana, btrahan

Reviewed By: btrahan

CC: aran, epriestley

Differential Revision: https://secure.phabricator.com/D1921
2012-03-19 19:52:14 -07:00
epriestley
11cccb98c2 Add "final" to more classes
Summary: No big surprises here, delted the unused "DarkConsole" class.

Test Plan: Ran 'testEverythingImplemented' to verify I wasn't finalizing anything we extend.

Reviewers: btrahan

Reviewed By: btrahan

CC: aran, epriestley

Maniphest Tasks: T795

Differential Revision: https://secure.phabricator.com/D1876
2012-03-13 11:18:11 -07:00
epriestley
366c59f805 Add coverage access to differential.updateunitresults
Summary: We now support an optional coverage parameter.

Test Plan: ??? iiam

Reviewers: tuomaspelkonen, btrahan

Reviewed By: tuomaspelkonen

CC: aran, epriestley

Differential Revision: https://secure.phabricator.com/D1850
2012-03-09 15:45:23 -08:00
epriestley
6712dbb709 Bring macros to IRC
Summary:
Adds a macro handler that spams your channel with macros. Config is:

  - macro.size: scale macros to this size before rasterizing
  - macro.sleep: sleep this many seconds between lines (evade flood protection)

Test Plan: derpderp

Reviewers: kdeggelman, btrahan

Reviewed By: btrahan

CC: aran, epriestley

Differential Revision: https://secure.phabricator.com/D1838
2012-03-09 12:40:03 -08:00
epriestley
f0396b2f06 Provide an audit.query method for Conduit
Summary: Conduit access for open audits.

Test Plan: Used test console to run some queries.

Reviewers: btrahan

Reviewed By: btrahan

CC: aran, epriestley

Maniphest Tasks: T904

Differential Revision: https://secure.phabricator.com/D1792
2012-03-06 15:12:27 -08:00
vrana
58712c7b89 Don't corrupt commit message in arc amend
Summary:
I use a smart editor which wraps words by itself so that I don't need them to be
wrapped by actual newlines.
Curent state disallows me adding or removing words later without uglying the
formatting.
Also the wordwrapped message looks ugly in Phabricator.
I am not sure how the commit message would look like on other places (such as
GitHub) but all reasonable tools should be able to wrap the text by itself.

Test Plan: arc amend --show # on a diff with long lines

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, epriestley

Differential Revision: https://secure.phabricator.com/D1755
2012-03-01 22:09:49 -08:00
epriestley
6f4665756d Make Conduit parsers more flexible for 'arc diff --create'
Summary:
Adds softer parse modes with less validation for doing partial parses
during the "arc diff --create" flow.

Test Plan:
Ran "arc diff --create" and got sensible results for inputs like bad
reviewers but a good title/summary.

Reviewers: btrahan

Reviewed By: btrahan

CC: aran, epriestley

Maniphest Tasks: T614

Differential Revision: https://secure.phabricator.com/D1720
2012-02-28 16:56:19 -08:00
Bob Trahan
af295e0b26 OAuth Server enhancements -- more complete access token response and groundwork
for scope

Summary:
this patch makes the access token response "complete" relative to spec by
returning when it expires AND that the token_type is in fact 'Bearer'.

This patch also lays the groundwork for scope by fixing the underlying data
model and adding the first scope checks for "offline_access" relative to expires
and the "whoami" method.   Further, conduit is augmented to open up individual
methods for access via OAuth generally to enable "whoami" access.   There's also
a tidy little scope class to keep track of all the various scopes we plan to
have as well as strings for display (T849 - work undone)

Somewhat of a hack but Conduit methods by default have SCOPE_NOT_ACCESSIBLE.  We
then don't even bother with the OAuth stuff within conduit if we're not supposed
to be accessing the method via Conduit.   Felt relatively clean to me in terms
of additional code complexity, etc.

Next up ends up being T848 (scope in OAuth) and T849 (let user's authorize
clients for specific scopes which kinds of needs T850).  There's also a bunch of
work that needs to be done to return the appropriate, well-formatted error
codes.  All in due time...!

Test Plan:
verified that an access_token with no scope doesn't let me see
anything anymore.  :(  verified that access_tokens made awhile ago expire.  :(

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, epriestley

Maniphest Tasks: T888, T848

Differential Revision: https://secure.phabricator.com/D1657
2012-02-21 16:33:06 -08:00
Bob Trahan
7a3f33b5c2 OAuth - Phabricator OAuth server and Phabricator client for new Phabricator OAuth Server
Summary:
adds a Phabricator OAuth server, which has three big commands:
 - auth - allows $user to authorize a given client or application.  if $user has already authorized, it hands an authoization code back to $redirect_uri
 - token - given a valid authorization code, this command returns an authorization token
 - whoami - Conduit.whoami, all nice and purdy relative to the oauth server.
Also has a "test" handler, which I used to create some test data.  T850 will
delete this as it adds the ability to create this data in the Phabricator
product.

This diff also adds the corresponding client in Phabricator for the Phabricator
OAuth Server.  (Note that clients are known as "providers" in the Phabricator
codebase but client makes more sense relative to the server nomenclature)

Also, related to make this work well
 - clean up the diagnostics page by variabilizing the provider-specific
information and extending the provider classes as appropriate.
 - augment Conduit.whoami for more full-featured OAuth support, at least where
the Phabricator client is concerned

What's missing here...   See T844, T848, T849, T850, and T852.

Test Plan:
- created a dummy client via the test handler.   setup development.conf to have
have proper variables for this dummy client.  went through authorization and
de-authorization flows
- viewed the diagnostics page for all known oauth providers and saw
provider-specific debugging information

Reviewers: epriestley

CC: aran, epriestley

Maniphest Tasks: T44, T797

Differential Revision: https://secure.phabricator.com/D1595
2012-02-19 14:00:13 -08:00
epriestley
7200040479 Add a basic chatlog
Summary:
This is pretty simple and unpolished, but it's getting pretty big and it seems
like a reasonable starting point.

  - Log chat in various "channels".
  - Conduit record and query methods.
  - IRCBot integration for IRC logging

Major TODO:

  - Web UI is really unpolished and has no search, paging, anchor-linking, etc.
Basically all presentation stuff, though.
  - I think the bot should have a map of channels to log with channel aliases?
  - The "channels" should probably be in a separate table.
  - The "authors" should probably be correlated to Phabricator accounts somehow,
where possible.

Test Plan: Used phabotlocal to log #phabricator.

Reviewers: kdeggelman, btrahan, Koolvin

Reviewed By: btrahan

CC: aran, epriestley

Maniphest Tasks: T837

Differential Revision: https://secure.phabricator.com/D1625
2012-02-17 10:21:38 -08:00
Nick Harper
0b9d0c9d08 [conduit] create phid.query method
Summary:
Provide a phid.query method that returns the same information as phid.info,
but allows querying for multiple phids at once.

Test Plan: Called the method from the web conduit console.

Reviewers: btrahan, epriestley, jungejason

Reviewed By: epriestley

CC: aran, epriestley

Differential Revision: https://secure.phabricator.com/D1617
2012-02-15 11:17:20 -08:00
epriestley
4caa684724 Simplify Project status field
Summary:
This was a sort of speculative feature added by a contributor some time ago and
just serves as a label; for now, simplify it into "active" and "archived" and
remove "archived" projects from the "active" list.

  - Fix a bug where we'd publish a "renamed from X to X" transaction that had no
effect.
  - Publish stories about status changes.
  - Remove the "edit affiliation" controller, which has no links in the UI
(effectively replaced by join/leave links).
  - Add query/conduit support.

Test Plan: Edited the status of several projects.

Reviewers: btrahan

Reviewed By: btrahan

CC: aran, epriestley

Maniphest Tasks: T681

Differential Revision: https://secure.phabricator.com/D1573
2012-02-07 14:59:38 -08:00
epriestley
36e72639de Reduce visibility of "Host" and "Path" Differential fields by default
Summary:
See discussion in T838. These fields expose information which it isn't necessary
or useful to expose in the general case.

  - Disable fields by default, allow them to be enabled in config (these fields
were useful for me at Facebook when I had access to all the machines).
  - Remove 'sourcePath' from Conduit methods other than differential.query.
  - Condition 'sourcePath' field in Conduit on the caller being the revision
author. This is a bit hacky but not so awful.

Test Plan:
  - Verified fields are gone by default and restored by configuration.
  - Verified Conduit no longer returns these fields other than
differential.query.
  - Verified field presence/absence according to authorship in
differential.query.
  - Grepped around in arcanist to make sure we aren't relying on sourcePath.
There's a workflow in "arc merge" that technically might hit it, but I think
it's unreachable, definitely irrelvant (we never use source path as a
distinguisher under git/hg, and can't 'arc merge' in SVN) and it's going away
Real Soon Now anyway.

Reviewers: btrahan, arice

Reviewed By: arice

CC: aran, epriestley

Maniphest Tasks: T838

Differential Revision: https://secure.phabricator.com/D1582
2012-02-06 12:14:07 -08:00
David Reuss
c3281c8757 Add conduit feed.query method
Summary: This is not totally done yet, and i'm submitting for feedback.

Test Plan: Played with various settings in local conduit console.

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, epriestley

Maniphest Tasks: T790

Differential Revision: https://secure.phabricator.com/D1555
2012-02-02 16:44:13 -08:00
David Reuss
8df14b8505 Add remarkup.process conduit method
Summary: This exposes a few remarkup engines over conduit.

Test Plan:
Local conduit console, and playing with

  'cat example.json | arc call-conduit remarkup.process'

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, epriestley

Differential Revision: https://secure.phabricator.com/D1551
2012-02-02 16:43:37 -08:00
Nick Harper
c3543c80cd Fix conduit host check
Summary:
conduit was using getProductionURI instead of getURI for checking that the
request was sent to the correct host, which causes problems in some dev
environments

Test Plan:
  echo '{}' | arc call-conduit --conduit-uri=mydevserver

where my dev server is configured with phabricator.production-uri pointing to
prod instead of my devserver

Reviewers: epriestley, btrahan, jungejason

Reviewed By: epriestley

CC: aran, epriestley

Differential Revision: https://secure.phabricator.com/D1543
2012-02-02 11:38:14 -08:00