1
0
Fork 0
mirror of https://we.phorge.it/source/phorge.git synced 2024-12-27 07:50:57 +01:00
Commit graph

8974 commits

Author SHA1 Message Date
Bob Trahan
3cb5cac018 Conpherence - fix bad query from D12222
Summary: D12222 did an evil thing. This correctly scopes this to just the threads you are participating in and not all threads which then get filtered from policy later, super slowly...

Test Plan: still 'works' and probably wont kill prod

Reviewers: chad, epriestley

Reviewed By: epriestley

Subscribers: Korvin, epriestley

Differential Revision: https://secure.phabricator.com/D12223
2015-03-31 13:02:45 -07:00
Bob Trahan
f75248de6f Conpherence - refine menu interactions with respect to "Show More"
Summary:
Ref T7566. Prior to this diff, we had a broken mess in the "Messages" section. Now, "Messages" behave like rooms in that whatever is loaded at page load time is at the top of the list.

Additionally, refine "show more" behavior such that it simply shows the next X, but if there exists X + 1 then we have another "show more" that kicks you to application search. Theoretically, there are still corner cases where users are in a ton of rooms or a ton of messages respectively, but this feels pretty good.

Consolidates title rendering code so we always render the list of participants and no more "No Title".

Also remove the policy icons for messages consistently, helping to differentiate them from rooms at a glance.

Test Plan: clicked around in conpherence main - looked good. tried "show more" and it worked! played around in durable column and things seemed reasonable there too.

Reviewers: chad, epriestley

Reviewed By: epriestley

Subscribers: Korvin, epriestley

Maniphest Tasks: T7566

Differential Revision: https://secure.phabricator.com/D12222
2015-03-31 12:45:32 -07:00
Chad Little
d81d8caa93 Hide Search text better
Summary: Previously, this text was transparent, moved it to a new span and set visibility on it.

Test Plan: review search in FF, Chrome. Text no longer displays.

Reviewers: btrahan, epriestley

Reviewed By: epriestley

Subscribers: Korvin, epriestley

Maniphest Tasks: T7710

Differential Revision: https://secure.phabricator.com/D12219
2015-03-31 09:59:09 -07:00
epriestley
64dddc76c5 Remove Controller->getHandle() and Controller->loadHandles()
Summary: Ref T7689. Modernize all callsites of these methods.

Test Plan:
- Poked at dashboards.
  - Pretty sure this code is technically unreachable right now.
- Viewed commit; viewed "Audit Status".
- Viewed a fund; viewed "Payable to"; viewed "Owner".
- Viewed herald rules; viewed "Author"; viewed "Applies To".
- Viewed a Legalpad document; viewed "Contributors".
- Viewed Phame post list; viewed blog; viewed post (viewed "Blog", viewed "Blogger").
- Viewed a macro; viewed "Audio".
- Viewed a Phriction page; viewed "Last Author".
- Viewed a Ponder question; viewed "Author".
- Viewed a Ponder answer; viewed header.
  - Behavior changed very slightly here; whatevs.
- Viewed a Countdown; viewed "Author".

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: epriestley

Maniphest Tasks: T7689

Differential Revision: https://secure.phabricator.com/D12210
2015-03-31 05:48:20 -07:00
epriestley
0f52fc771d Remove implode_selected_handle_links()
Summary: Ref T7689. Use the newer, less-janky stuff for rendering handles.

Test Plan:
- Viewed a revision hovercard; viewed "Author", viewed "Reviewers", viewed "Tasks".
- Viewed a task hovercard; viewed "Assigned To"; viewed "Projects"; viewed other edge fields.

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: epriestley

Maniphest Tasks: T7689

Differential Revision: https://secure.phabricator.com/D12209
2015-03-31 05:48:20 -07:00
epriestley
e1eafd784e Remove Controller->renderHandlesForPHIDs()
Summary: Ref T7689. Remove all remaining callsites for this method.

Test Plan:
- Viewed a custom policy; viewed handles in the policy rules.
- Viewed a Releeph product; viewed "Pushers".
- Viewed a project; viewed "Watchers"; viewed "Members"; viewed "Looks Like".
- Viewed repository edit; viewed "Credential"; viewed "Storage Service"; viewed "Projects".
- Viewed repository detail; viewed "Projects".
- Viewed commit; viewed (faked) "Reverts"; viewed (faked) "Reverted By".
  - These are kind of a pain to generate so I faked 'em.

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: epriestley

Maniphest Tasks: T7689

Differential Revision: https://secure.phabricator.com/D12208
2015-03-31 05:48:19 -07:00
epriestley
a8271ecd40 Remove most callsites to Controller->renderHandlesForPHIDs()
Summary: Ref T7689. This moves most of the easy/testable callsites off `Controller->renderHandlesForPHIDs()`.

Test Plan:
- Viewed a file; viewed author; viewed "attached" tab.
- Viewed a mock; viewed attached tasks.
- Viewed a credential; viewed "Used By".
- Viewed a paste; viewed author; viewed forks; viewed forked from.
- Viewed a dashboard; viewed panel list.
- Viewed a dashboard panel; viewed "Appears On".
- Viewed a Phortune account; viewed "Members"; viewed payment methods.
- Viewed a Phortune merchant account; viewed "Members".
- Viewed Phortune account switcher; viewed "Accounts".
  - I just removed "Members:" here since it felt kind of out-of-place anyway.
- Viewed a Phragment fragment, viewed "Latest Version", viewed "Snapshots".
- Viewed a Phargment snapshot, viewed "Fragment".

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: hach-que, epriestley

Maniphest Tasks: T7689

Differential Revision: https://secure.phabricator.com/D12207
2015-03-31 05:48:19 -07:00
epriestley
dec03cf076 Prepare a replacement for Controller->renderHandlesForPHIDs()
Summary:
Ref T7689. This gives HandleLists `renderList()` and `renderHandle()` methods, which return views that can perform just-in-time data fetching and generally look and feel like other rendering code, instead of being odd pseudo-functional methods on `Controller`.

Also converts callsites on the Maniphest detail page to use these methods.

Next changes will wipe out more of the callsites.

Test Plan:
  - Viewed Maniphest detail page with many relevant handles.
  - Created a new subtask.

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: epriestley

Maniphest Tasks: T7689

Differential Revision: https://secure.phabricator.com/D12205
2015-03-31 05:48:19 -07:00
epriestley
580590fcc9 Remove Controller->getLoadedHandles()
Summary: Ref T7689. Removes this part of the `Controller->loadHandles()` + `Controller->getLoadedHandles()` mechanism.

Test Plan:
  - Viewed Herald transcripts.
  - Viewed Maniphest tasks with attached revisions and commits.

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: epriestley

Maniphest Tasks: T7689

Differential Revision: https://secure.phabricator.com/D12204
2015-03-31 05:48:19 -07:00
epriestley
1752be630c Improve handle semantics with HandlePool / HandleList
Summary:
Ref T7689, which discusses some of the motivation here. Briefly, these methods are awkward:

  - Controller->loadHandles()
  - Controller->loadViewerHandles()
  - Controller->renderHandlesForPHIDs()

This moves us toward better semantics, less awkwardness, and a more reasonable attack on T7688 which won't double-fetch a bunch of data.

Test Plan:
  - Added unit tests.
  - Converted one controller to the new stuff.
    - Viewed countdown lists, saw handles render.

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: epriestley

Maniphest Tasks: T7689

Differential Revision: https://secure.phabricator.com/D12202
2015-03-31 05:48:19 -07:00
Bob Trahan
3f738e1935 Conpherence - fix see more link
Summary: Fixes T7705.

Test Plan: link works

Reviewers: chad, epriestley

Reviewed By: epriestley

Subscribers: Korvin, epriestley

Maniphest Tasks: T7705

Differential Revision: https://secure.phabricator.com/D12217
2015-03-30 16:53:54 -07:00
Bob Trahan
b200c3bd78 Conpherence - actually remove route from feedback in D12215
Summary: pebkac issue of some sort and I didn't actually commit removing the defunct /conpherence/room/ uri route

Test Plan: made a new room and it worked

Reviewers: chad, epriestley

Reviewed By: epriestley

Subscribers: Korvin, epriestley

Differential Revision: https://secure.phabricator.com/D12216
2015-03-30 16:29:08 -07:00
Bob Trahan
89fe35cb0e Conpherence - add application search in a few more places.
Summary: Ref T7584. In Conpherence main view, this adds a "search" link right in the "Rooms" header. This piece addresses an outstanding item on T7584. This diff also adds a search button in the durable column that takes you to the application search. This kind of a big product bet that rooms are going to be dominating things and its most useful to find another room quickly from this view. That said, I think the application search should get massaged slightly to allow searching threads and this won't be much of a trade off at all.

Test Plan: verified new search links took me to correct place and displayed reasonably.

Reviewers: chad, epriestley

Reviewed By: epriestley

Subscribers: Korvin, epriestley

Maniphest Tasks: T7584

Differential Revision: https://secure.phabricator.com/D12215
2015-03-30 16:25:24 -07:00
epriestley
a03527f440 Fix an issue where redirects would work incorrectly in Quicksand
Summary: Ref T7061. Quicksand still needs an ajax-style response here.

Test Plan: Clicked a file detail page (this redirects) with column open, ended up in the right place.

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: epriestley

Maniphest Tasks: T7061

Differential Revision: https://secure.phabricator.com/D12206
2015-03-30 13:02:51 -07:00
epriestley
c8529787f3 Provide TERM=dumb for Mercurial commit hooks
Summary: Fixes T7119.

Test Plan: Will make someone test.

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: cspeckmim, epriestley

Maniphest Tasks: T7119

Differential Revision: https://secure.phabricator.com/D12182
2015-03-30 13:02:43 -07:00
Chad Little
97cc3b1588 Use FontAwesome for search icon
Summary: Swaps out search icon for font-awesome. Tweaks colors a bit for different color headers.

Test Plan: Test a number of colors in the search box. Click on button and still go to advanced search.

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: Korvin, epriestley

Differential Revision: https://secure.phabricator.com/D12200
2015-03-29 16:20:50 -07:00
Chad Little
12b2257371 Grid spacing for full Conpherence thread list
Summary: Moves to 4px grid / alignment.

Test Plan: Tested per photoshop gridlines, spacing measurements.

Reviewers: btrahan, epriestley

Reviewed By: epriestley

Subscribers: Korvin, epriestley

Differential Revision: https://secure.phabricator.com/D12197
2015-03-28 19:28:02 -07:00
epriestley
29beb174d3 Don't treat Quicksand requests as isWorkflow() or isAjax()
Summary:
Fixes T7061. Although it's very simple, I think this is a complete fix.

Quicksand technically is Ajax and uses Workflow as a transport mechanism, but the server should always pretend the user clicked a normal link when rendering.

Test Plan: Links that were autoconverting into dialogs (like "Edit Task") or otherwise making the wrong behavioral choices now work as expected.

Reviewers: btrahan, chad

Reviewed By: chad

Subscribers: epriestley

Maniphest Tasks: T7061

Differential Revision: https://secure.phabricator.com/D12194
2015-03-28 15:45:52 -07:00
epriestley
21454842bf Fix comment previews in Quicksand
Summary:
Fixes T7063. Fixes T7059. We were running some extra unnecessary behaviors. In particular, we would render the menu but not actually send it over the wire, so some behaviors would execute, fail to find the nodes they expected, and throw. This cascaded into some other failures.

Do less work and don't activate behaviors which won't be able to run.

Test Plan: Clicked around, no more errors on page transition. Comment previews work.

Reviewers: btrahan, chad

Reviewed By: chad

Subscribers: epriestley

Maniphest Tasks: T7059, T7063

Differential Revision: https://secure.phabricator.com/D12188
2015-03-28 06:54:04 -07:00
Chad Little
637974a190 Polish up Done Button UI States
Summary:
Improves the UI quite a bit.

 - `dashed` borders //everywhere// to denote **Unsubmitted**
 - `$sky` sprinkled everywhere to denote **Done**
 - Consilidate `inline-state-is-draft` to simply styles.

Test Plan:
Sent myself test comments, logged out, read comments on new account. Marked as done, submitted.

{F352240}

{F352242}

{F352245}

{F352246}

Reviewers: btrahan, epriestley

Reviewed By: epriestley

Subscribers: Korvin, epriestley

Differential Revision: https://secure.phabricator.com/D12187
2015-03-27 18:30:09 -07:00
epriestley
a17542ab28 Touch up PHP/JS interactions for inline comments
Summary:
Ref T1460. Overall:

  - Pass `objectOwnerPHID` consistently.
  - Pass viewer consistently.
  - Set the correct draft state for checkboxes on the client.

Test Plan:
  - Made inline comments in Differential.
  - Made inline comments in Diffusion.

Reviewers: chad

Reviewed By: chad

Subscribers: epriestley

Maniphest Tasks: T1460

Differential Revision: https://secure.phabricator.com/D12186
2015-03-27 17:08:31 -07:00
Chad Little
b560014577 Revamp inline commenting UI
Summary:
Rebuilds the UI in Differential commenting. Specifically we look at the following design patterns:

**To the author:**
 - The author of the diff should be able to easily identify what comments are done and not done.
 - We keep undone comments yellow
 - Clicking done turns comment block into 'unsubmitted state'

**To the reviewer:**
 - Easier understanding of unsubmitted states
 - All conversations to be yellow/important

**Todo**
 - Not all color CSS states correct
 - Unpulished checkbox support

Test Plan:
Test leaving comments, published and unpublished. Checking Done, unpublished and published. Check delete states.

From the Diff Author's perspective:
{F352094}

For a Diff commenter's perspective:
{F352095}

Reviewers: btrahan, epriestley

Reviewed By: epriestley

Subscribers: Korvin, epriestley

Maniphest Tasks: T1460, T7660, T7503

Differential Revision: https://secure.phabricator.com/D12171
2015-03-27 16:00:09 -07:00
epriestley
174cf82398 Provide getObjectOwnerPHID() on inline comment views
Summary:
This returns the PHID of the current revision owner, or the commit author, if one exists.

NOTE: For drafts, we currently return `null`; I'll fix that in a future change. Should be correct for submitted comments.

Test Plan: Added an inline, nothing seemed broken.

Reviewers: chad

Reviewed By: chad

Subscribers: epriestley

Differential Revision: https://secure.phabricator.com/D12185
2015-03-27 11:23:10 -07:00
epriestley
52a4c821f5 Specifically describe "local.json" in backup/migration config documentation
Summary: Fixes T7648. The existence of this file is not necessarily obvious and is important to backup, transfer, and restore.

Test Plan: Read documentation.

Reviewers: btrahan, chad

Reviewed By: chad

Subscribers: epriestley

Maniphest Tasks: T7648

Differential Revision: https://secure.phabricator.com/D12183
2015-03-27 09:20:51 -07:00
Bob Trahan
a428bb8ad4 Conpherence - fix bug with possible null value
Summary: Fixes T7675. epriestley caught this in code review and I didn't implement it all the way

Test Plan: logicypoo

Reviewers: epriestley

Subscribers: Korvin, epriestley

Maniphest Tasks: T7675

Differential Revision: https://secure.phabricator.com/D12181
2015-03-27 06:32:23 -07:00
epriestley
0dda809da6 Fix a translation string
Summary: Fixes T7672. This had two `%d` conversions but only one parameter.

Test Plan: Adjusted limit to 0, viewed a merge, saw proper message.

Reviewers: chad, btrahan

Reviewed By: btrahan

Subscribers: epriestley

Maniphest Tasks: T7672

Differential Revision: https://secure.phabricator.com/D12180
2015-03-26 17:12:00 -07:00
Bob Trahan
22501ab31e Conpherence - unit tests for T7670
Summary: Ref T7670. Add a few unit tests to make sure deleting everyone works. Also change remaining processRequest to handleRequest while in there.

Test Plan: `arc unit` passed

Reviewers: chad, epriestley

Reviewed By: epriestley

Subscribers: Korvin, epriestley

Maniphest Tasks: T7670

Differential Revision: https://secure.phabricator.com/D12179
2015-03-26 16:46:47 -07:00
Bob Trahan
39fa190c15 Conpherence - get lots of rooms stuff hooked up nicely
Summary:
Ref T7566. This does a big chunk of what's left

 - Main view
  - "Rooms" sub header
    - 5 Rooms shown at a time, with room you're looking at in the top on page load
      - e.g. viewing /conpherence/x/ the room x is at top always
      - solves corner case of when you have yet to "join" the room
    - "See More" link takes you to application search for rooms you have participated in
    - if no rooms, there is a "Create Room" and "Find Rooms" links.
  - "Messages" sub header
    - same as before
  - policy icons showing up in the menu
 - Durable column view - still just the latest N, no changes really there
 - Transactions - special cased rendering to try to say room vs thread as appropos
 - Bug fix - we weren't recording the initial participants transaction post D12177 / D12163. This fixes that.

Should probably test pagination, and if you want to show more than 5 rooms of have it behave more like messages (where you can wind up in the middle of a paginated list) that will be more work. Also, if lots of messages / rooms (100 is the limit) we might not display rooms if we're supposed to. Yay whale usage! :D

Test Plan: made a new room - success. made a new message - success.  viewed a room from /conpherenece/room/ i wasn't a participant in and noted it showed up at the top of the five rooms. clicked around rooms and stuff loaded nicely.

Reviewers: chad, epriestley

Reviewed By: epriestley

Subscribers: Korvin, epriestley

Maniphest Tasks: T7566

Differential Revision: https://secure.phabricator.com/D12178
2015-03-26 16:37:32 -07:00
Bob Trahan
d2e59b2289 Conpherence - fix missing method
Summary: Fixes T7669. Broken by D12163 re-factoring and foolihardiness of test coverage. Notably / interestingly, this was broken before D12163 from not implementing policy correctly, so Conpherence has been broken for a bit with few reports.

Test Plan: had user send himself a message

Reviewers: chad, epriestley

Reviewed By: chad, epriestley

Subscribers: Korvin, epriestley

Maniphest Tasks: T7669

Differential Revision: https://secure.phabricator.com/D12177
2015-03-26 13:35:48 -07:00
Chad Little
6b74873358 Update icon color in Durable Column header-text
Summary: Moving to an rgba color here to work better with all the various header colors.

Test Plan: Reload sandbox, see new icon color.

Reviewers: epriestley, btrahan

Reviewed By: btrahan

Subscribers: Korvin, epriestley

Differential Revision: https://secure.phabricator.com/D12176
2015-03-26 13:34:34 -07:00
Chad Little
c4799b2c45 Basic touchups to Phortune UI
Summary: This is just a quick pass to fix a few bugs and spacing issues, Phortune itself could probably use some more custom UI, but that'll require some thought and abstraction. This also adds a new taller table CSS, which I mayyyy make automatic on tables with few rows, we'll see.

Test Plan: Browsed my Phortune account, tested new spacing on `admin` for 'full effect'

Reviewers: epriestley, btrahan

Reviewed By: btrahan

Subscribers: Korvin, epriestley

Differential Revision: https://secure.phabricator.com/D12115
2015-03-26 13:16:09 -07:00
Bob Trahan
871c06ab4e Calendar - error better with invalid time values
Summary: Fixes T7665. Unfortunately when the user messes this up its not easy to partially recover so we just reset that time to the default.

Test Plan: set time to "00:00 AM" and got a sensible error.

Reviewers: chad, epriestley

Reviewed By: epriestley

Subscribers: Korvin, epriestley

Maniphest Tasks: T7665

Differential Revision: https://secure.phabricator.com/D12174
2015-03-26 13:02:49 -07:00
Chad Little
4ae28837fd Update Conpherence CSS to handle multiple edits better
Summary: Fixes T7655. We'll set tighter spacing around edit clusters. Also darkened up the date marker and remove unused `phabricator-transaction-view` CSS that was still scattered around the site.

Test Plan: Test a full and column multi-edit spam. Visited Ponder and Diffusion, noticed no issues using those apps. Grepped for other users of `phabricator-transaction-view`

Reviewers: epriestley, btrahan

Reviewed By: btrahan

Subscribers: Korvin, epriestley

Maniphest Tasks: T7655

Differential Revision: https://secure.phabricator.com/D12148
2015-03-26 12:56:58 -07:00
Bob Trahan
e4b7263bf8 Conpherence - Differentiate audience of Threads/Rooms with icon
Summary:
Fixes T7629 plus an un filed bug that's breaking creating new threads since we need to add participants EVEN EARLIER than we were doing it now that policy is actually enforced.

Back to the main thrust of this, there is one UI corner case - in the main view if you go from 1:1 to 1:1:1 (i.e. add a 3rd recipient, or Nth in a row) the icon only updates on page reload. I figure this will get sorted out at a later refactor as we make the client better / share more code with durable column.

One other small behavioral oddity is in the main view sometime we start loading with no conpherence. in that case, rather than show some incorrect icon, we show no icon (and "no title") and then things change at load. Seems okay-ish.

Finally, @chad - the CSS is a very work-man-like "use the built in stuff you can specify from PHP" so I'm sure it needs some love.

Test Plan: made all sorts of rooms and threads and liked the icons. noted smooth loading action as i switched around

Reviewers: chad, epriestley

Reviewed By: epriestley

Subscribers: Korvin, chad, epriestley

Maniphest Tasks: T7629

Differential Revision: https://secure.phabricator.com/D12163
2015-03-26 12:24:29 -07:00
epriestley
ffe654e5e3 Fix directory moves and copies in Subversion hosted repositories
Summary: Fixes T6490.

Test Plan:
```
$ svn mv dir/ dir2
A         dir2
D         dir
D         dir/list.txt

$ svn commit -m 'Move dir/ to dir2/'
Deleting       dir
Adding         dir2

Committed revision 3.

$ svn cp dir2/ dir3
A         dir3

$ svn commit -m 'Copy dir2/ to dir3/'
Adding         dir3

Committed revision 4.
```

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: epriestley

Maniphest Tasks: T6490

Differential Revision: https://secure.phabricator.com/D12173
2015-03-26 11:13:41 -07:00
epriestley
a4bfed8415 Censor response bodies from Mercurial error messages
Summary:
Ref T6755. In Git and Subversion, running `git clone http://google.com/` or `svn checkout http://google.com/` does not echo the response body.

In Mercurial, it does. Censor it from the output of `hg pull` and `hg clone`. This prevents an attacker from:

  - Creating a Mercurial remote repository with URI `http://10.0.0.1/secrets/`; and
  - reading the secrets out of the error message after the clone fails.

Test Plan: Set a Mercurial remote URI to a non-Mercurial repository, ran `repository update`, saw censored error message.

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: epriestley

Maniphest Tasks: T6755

Differential Revision: https://secure.phabricator.com/D12170
2015-03-26 11:13:17 -07:00
epriestley
40fb0f98df Mostly defuse DNS rebinding attack for outbound requests
Summary: Ref T6755. I'll add some notes there about specifics.

Test Plan:
  - Made connections to HTTP and HTTPS URIs.
  - Added some debugging code to verify that HTTP URIs were pre-resolved.

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: epriestley

Maniphest Tasks: T6755

Differential Revision: https://secure.phabricator.com/D12169
2015-03-26 11:12:22 -07:00
epriestley
2e72e9ff31 Rate limit outbound requests in Macros
Summary:
Ref T6755. Although we do not return response bodies, it is possible to perform crude portscanning if you can execute a DNS rebinding attack (which, for now, remains theoretical).

Limit users to 60 requests / hour to make it less feasible. This would require ~30 years to portscan all ports on a `/32` netblock.

Users who can guess that services may exist can confirm their existence more quickly than this, but if the attacker already had a very small set of candidate services it seems unlikely that portscanning would be of much use in executing the attack.

This protection should eventually be applied to T4190, too (that task also has other considerations).

Test Plan: Set rate limit very low, hit rate limit.

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: epriestley

Maniphest Tasks: T6755

Differential Revision: https://secure.phabricator.com/D12168
2015-03-26 11:11:52 -07:00
epriestley
cce6d06fa5 Move abandoned revisions to "needs review" when updated
Summary:
Fixes T7602. This is similar to the existing behavior for "changes planned" and "needs revision" revisions.

Also fix the "Update Diff" workflow so it correctly selects closed revisions as attachable.

Test Plan: Updated an abandoned revision, saw it change to "Needs Review".

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: epriestley

Maniphest Tasks: T7602

Differential Revision: https://secure.phabricator.com/D12167
2015-03-26 11:11:33 -07:00
epriestley
731404445f Improve task subpriority movement algorithm for homogenous blocks
Summary:
Fixes T7664. When there are a large number of tasks (400+) with the same subpriority (which can happen if the subpriority features are rarely used), it may take more than 30 seconds to rebalance them.

Make the algorithm more aggressive about rebalancing homogenous blocks of tasks.

This may need to get even fancier, but I'd guess it can process blocks 1-2 orders of magnitude larger, which should be ~all installs.

(If someone still hits issues with this, I'll make it fancier.)

Once a block is rebalanced, it doesn't need to be rebalanced again (at least, not as a whole block) so we basically just need to get over the initial hurdle here and then we're good.

In the worst case, we can provide `bin/maniphest rebalance` or similar and do the rebalance step offline.

And, in any case, we have more test coverage here now.

Test Plan:
  - Existing tests.
  - New tests.

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: epriestley

Maniphest Tasks: T7664

Differential Revision: https://secure.phabricator.com/D12166
2015-03-26 11:11:23 -07:00
Chad Little
4bdc51237a Add ability to have tooltips on buttons
Summary: Enables a basic tooltip when using icon buttons and a convenience method for setting an icon.

Test Plan: Built a UIExample.

Reviewers: btrahan, epriestley

Reviewed By: epriestley

Subscribers: Korvin, epriestley

Differential Revision: https://secure.phabricator.com/D12172
2015-03-26 11:09:20 -07:00
Elan Kugelmass
fe89d67663 Fixes spelling error in settings log on auth provider pages
Summary: The settings logs on auth provider pages shows "enabled accont linking" instead of "enabled account linking."

Test Plan: Checked the copy on the settings log.

Reviewers: epriestley, #blessed_reviewers

Reviewed By: epriestley, #blessed_reviewers

Subscribers: Korvin, epriestley

Differential Revision: https://secure.phabricator.com/D12164
2015-03-26 03:49:58 -07:00
Chad Little
47114513b0 More SIMPLE button styles for buttons and button bars
Summary: Ref T1460, this adds additional buttons colors and styles for use in inline comments. Will also backport to Calendar and PHUIInfoView

Test Plan:
Review new buttons and hover states in UI Examples.

{F350549}

{F350550}

Reviewers: btrahan, epriestley

Reviewed By: epriestley

Subscribers: Korvin, epriestley

Maniphest Tasks: T1460

Differential Revision: https://secure.phabricator.com/D12162
2015-03-25 12:51:54 -07:00
Bob Trahan
42a0229a52 Conpherence - Implement edit rules for rooms
Summary: Fixes T7586. If you can't edit a room, the pertinent UI is greyed out. One exception is the title of the room in the full viewer; this crumb is not disabled as it would be hard to read. Otherwise though, everything is disabled nicely.

Test Plan: tried to add participants when I wasn't allowed to and got an error. added participants otherwise okay. tried to edit title when i wasn't allowed and got an error. otherwise okay. left conpherence threads / rooms successfully.

Reviewers: epriestley, chad

Reviewed By: epriestley

Subscribers: Korvin, epriestley

Maniphest Tasks: T7586

Differential Revision: https://secure.phabricator.com/D12161
2015-03-25 11:48:22 -07:00
epriestley
1fd163d097 Mostly provide CSS for "done" states
Summary: Ref T7660. I'm not toggling "inline-state-is-draft" correctly in JS yet since it's a little tricky (you can reload to see it) but the main state should work.

Test Plan:
  - Clicked "done", saw comment opacity fade with placeholder style.

Reviewers: chad

Reviewed By: chad

Subscribers: epriestley

Maniphest Tasks: T7660

Differential Revision: https://secure.phabricator.com/D12160
2015-03-25 10:57:08 -07:00
epriestley
e5445de163 Show only recent open revisions affecting the same files
Summary: Fixes T5658. Over a long period of time, some cruft can build up here. Only show revisions which have been updated in the last 30 days.

Test Plan:
  - Viewed panel in Differential and Diffusion.
  - Changed limit from 30 days to 30 seconds and saw no revisions.

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: epriestley

Maniphest Tasks: T5658

Differential Revision: https://secure.phabricator.com/D12158
2015-03-25 10:21:56 -07:00
epriestley
6ce4044bfa Lock MIME type configuration
Summary:
Ref T6755. This mitigates an attack where you:

  - compromise an administrative account;
  - configure "text/plain" as an "image" MIME type; and
  - create a new macro sourced from a sensitive resource which is locally accessible over HTTP GET, using DNS rebinding.

You can then view the content of the resource in Files. By preventing the compromised account from reconfiguring the MIME types, the server will instead destroy the response and prevent the attacker from seeing it.

In general, these options should change very rarely, and they often sit just beyond the edge of security vulnerabilities anyway.

For example, if you ignore the warnings about an alternate file domain and elect to serve content from the primary domain, it's still somewhat difficult for an attacker to exploit the vulnerability. If they can add "text/html" or "image/svg+xml" as image MIME types, it becomes trivial. In this case not having an alternate domain is the main issue, but easy modification of this config increases risk/exposure.

Test Plan: Viewed affected config and saw that it is locked.

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: epriestley

Maniphest Tasks: T6755

Differential Revision: https://secure.phabricator.com/D12154
2015-03-25 10:16:22 -07:00
epriestley
17e1e7a65a Document the need to purge caches after updating differential.generated-paths
Summary: Fixes T6378.

Test Plan: Set config to `/.*/`, created a new diff, everything was collapsed as generated.

Reviewers: btrahan, chad

Reviewed By: chad

Subscribers: epriestley

Maniphest Tasks: T6378

Differential Revision: https://secure.phabricator.com/D12159
2015-03-25 07:29:09 -07:00
epriestley
4f8147dbb8 Improve protection against SSRF attacks
Summary:
Ref T6755. This improves our resistance to SSRF attacks:

  - Follow redirects manually and verify each component of the redirect chain.
  - Handle authentication provider profile picture fetches more strictly.

Test Plan:
  - Tried to download macros from various URIs which issued redirects, etc.
  - Downloaded an actual macro.
  - Went through external account workflow.

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: epriestley

Maniphest Tasks: T6755

Differential Revision: https://secure.phabricator.com/D12151
2015-03-24 18:49:01 -07:00
epriestley
22b2b8eb89 Fix a bad call in file chunk destruction
Summary: This signature changed at some point after I tested things and I didn't catch it.

Test Plan: Destroyed a chunked large file with `bin/remove`.

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: epriestley

Differential Revision: https://secure.phabricator.com/D12152
2015-03-24 18:48:51 -07:00
Bob Trahan
25767096c9 Conpherence - implement join / view rules for rooms
Summary:
Ref T7585. This implements everything specified, with a few caveats

- since rooms you have yet to join can't be viewed in the column yet, the column view has some bugs and isn't expected to work.
- the room you're looking at is just pre-pending to the top of the "recent" list

Test Plan: made a room that no one could join. verified when viewing that there was no comment ui. made a room that others could join. verified folks who had yet to join had a "join" button with an area for text. tried joining with / without message text and it worked in both cases

Reviewers: chad, epriestley

Reviewed By: epriestley

Subscribers: Korvin, epriestley

Maniphest Tasks: T7585

Differential Revision: https://secure.phabricator.com/D12149
2015-03-24 18:38:16 -07:00
epriestley
aa310230b6 Detect moves and copies with some unchanged lines as moves or copies
Summary:
Ref T1266. We won't detect a move/copy if fewer than 3 lines are changed.

However, you may move a block like:

  Complicated Line A
  Trivial Line B
  Complicated Line C

...where "Trivial Line B" is something like a curly brace. If you move this block somewhere that happened to previously have a similar trivial curly brace line, we won't be able to find 3 contiguous added lines in order to detect the copy/move.

Instead, consider both changed and unchanged lines when trying to find contiguous blocks. This allows us to detect across gaps where lines were not actually changed.

This new algorithm may be too liberal (for example, we may end up incorrectly identifying moved/copied code before or after changed lines, not just between changed lines), but we can keep an eye on it and tweak it. The algorithm is better factored and better covered, now.

Test Plan:
  - Added a unit test for this case.
  - Spot-checked a handful of diffs and generally saw behavior that made sense and looked better than before.

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: epriestley

Maniphest Tasks: T1266

Differential Revision: https://secure.phabricator.com/D12146
2015-03-24 13:12:24 -07:00
epriestley
373aaa643a Clean up copy detection code a bit
Summary:
Ref T1266. This doesn't change any behaviors, but some of this code has a lot of really complicated conditionals and I tried to break that up a bit.

Also, reexpress this stuff in terms of the "structured" parser in D12144.

Test Plan: Unit tests still pass. They aren't hugely comprehensive but did reliably fail when I screwed stuff up.

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: epriestley

Maniphest Tasks: T1266

Differential Revision: https://secure.phabricator.com/D12145
2015-03-24 13:12:09 -07:00
epriestley
74a4c2cf0b Provide better parsing primitives for hunks
Summary:
Ref T1266. This prepares to fix case (2) on T1266 by improving the robustness of hunk parsing.

In particular, the copy detection code abuses this API because it isn't currently expressive or flexible enough.

Make it more flexible and cover it exhaustively.

I'll move callsites to the new stuff in upcoming revisions.

Test Plan: Unit tests.

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: epriestley

Maniphest Tasks: T1266

Differential Revision: https://secure.phabricator.com/D12144
2015-03-24 13:11:37 -07:00
Bob Trahan
dcaafd6159 Conpherence - grey out username mentions if they aren't in the conpherence
Summary: Fixes T7578. This was pretty easy because conpherence funnels all transacton stuff through this spot

Test Plan: made a new room so only my user was a participant. wrote "@myself will work and @anotherguy will be greyed out" and so it was as expected

Reviewers: chad, epriestley

Reviewed By: epriestley

Subscribers: Korvin, epriestley

Maniphest Tasks: T7578

Differential Revision: https://secure.phabricator.com/D12114
2015-03-24 13:08:53 -07:00
Bob Trahan
014bb72050 Conpherence - add "room" search UI and create UI
Summary: Ref T7584. This hits all the major bullets there. Next step on T7584 is figuring out how it integrates into the full UI and column UI. That said, this is a bit buggy feeling right now since Conpherence as is assumes you are a participant all over the place and rooms make no such assumption. I'll probably this bit up next.

Test Plan:
viewed /conpherence/room/ and saw stuff. viewed the "participant" query as two different users and saw different correct result sets. made a room via the button and it worked. tried to view a room I wasn't a participant in and it failed horribly, which is something to fix in a future diff

created a thread via "send message" on a user profile and it worked

Reviewers: chad, epriestley

Reviewed By: epriestley

Subscribers: Korvin, epriestley

Maniphest Tasks: T7584

Differential Revision: https://secure.phabricator.com/D12113
2015-03-24 13:04:33 -07:00
epriestley
86404a1a18 Fix handling of notifications with project members
Summary: Fixes T7377. We don't expand projects into members when sending notifications right now. Instead, expand them.

Test Plan:
  - Added a project as a reviewer to a revision, made a comment, saw project members receive a read notification + email (with appropriate preferences).
  - There's meaningful test coverage on the core mail stuff.

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: epriestley

Maniphest Tasks: T7377

Differential Revision: https://secure.phabricator.com/D12142
2015-03-24 12:47:38 -07:00
epriestley
0efae2858e Don't syntax highlight codebase pattern search results
Summary:
Ref T5644. Ref T7472. Currently, we highlight each line of pattern search results in Diffusion.

  - This is incredibly slow for non-PHP languages which need to shell out to Pygments.
  - A lot of this highlighting isn't very useful anyway, because it doesn't have any context.

Instead, try to highlight pattern matches but don't highlight the source itself.

Test Plan: {F349637}

Reviewers: chad, btrahan

Reviewed By: btrahan

Subscribers: epriestley

Maniphest Tasks: T7472, T5644

Differential Revision: https://secure.phabricator.com/D12141
2015-03-24 12:47:28 -07:00
epriestley
21826ed7b3 Don't highlight very large files by default
Summary:
Ref T5644. See some discussion in D8040.

When a file is very large (more than 64KB of text), don't activate syntax highlighting by default. This should prevent us from wasting resources running `pygmentize` on enormous files.

Users who want the file highlighted can still select "Highlight As...".

The tricky part of this diff is separating the headers into "changeset" headers and "undershield" (rendering) headers. Specifically, a file might have these headers/shields:

  - "This file is newly added."
  - "This file is generated. Show Changes"
  - "Highlighting is disabled for this large file."

In this case, I want the user to see "added" and "generated" when they load the page, and only see "highlighting disabled" after they click "Show Changes". So there are several categories:

  - "Changeset" headers, which discuss the changeset as a whole (binary file, image file, moved, added, deleted, etc.)
  - "Property" headers, which describe metadata changes (not relevant here).
  - "Shields", which hide files from view by default.
  - "Undershield" headers, which provide rendering information that is only relevant if there is no shield on the file.

Test Plan:
  - Viewed a diff with the library map, clicked "show changes", got a "highlighting disabled" header back with highlighting disabled.
  - Enabled highlighting explicitly (this currently restores the shield, which it probably shouldn't, but that feels out of scope for this change). The deshielded file is highlighted per the user's request.
  - Loaded context on normal files.

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: joshuaspence, epriestley

Maniphest Tasks: T5644

Differential Revision: https://secure.phabricator.com/D12132
2015-03-24 05:26:39 -07:00
epriestley
dd3afe2aa2 Lift inline comment state transactions into core (in Differential)
Summary: Ref T1460. Follows D12129 and reduces code duplication.

Test Plan: Changed inline state in Differential.

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: epriestley

Maniphest Tasks: T1460

Differential Revision: https://secure.phabricator.com/D12130
2015-03-24 05:26:16 -07:00
epriestley
8c053f02a7 Lift inline state transactions into core (in Diffusion)
Summary:
Ref T1460. Ref T6403. Replace `Diffusion::INLINEDONE` with `Transactions::INLINESTATE` and generalize things enough that we can lift it into core.

The next change will lift Differential's similar implementation into the core.

Also start implementing a fix for T6403, providing an alternate hook for optional builtin transactions.

Test Plan: Changed inline state in Diffusion.

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: epriestley

Maniphest Tasks: T6403, T1460

Differential Revision: https://secure.phabricator.com/D12129
2015-03-24 05:26:14 -07:00
epriestley
cbb5a297d5 Publish "done" inline comment checkbox state in Diffusion
Summary:
Ref T1460. See D12126. This is essentially the same change, but for Diffusion.

This is a bit copy/pastey. I'm going to make an effort to lift inline handling into the core before pushing this in, so hopefully that will clean things up a bit.

Test Plan: Submitted stuff in Diffusion and got checkmarks to publish.

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: epriestley

Maniphest Tasks: T1460

Differential Revision: https://secure.phabricator.com/D12128
2015-03-24 05:26:13 -07:00
epriestley
9f3210c883 Publish draft "done" status when submitting comments/updates/actions/inlines
Summary:
Ref T1460. When a revision author updates/comments/etc on a revision, publish all their checkmarks.

This doesn't handle Diffusion/audits yet.

Test Plan: {F346870}

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: yelirekim, epriestley

Maniphest Tasks: T1460

Differential Revision: https://secure.phabricator.com/D12126
2015-03-24 05:26:12 -07:00
epriestley
4310c4ed53 Track a "Done" state on inline comments
Summary:
Ref T1460. This just barely works, but throwing it up in case any of it sounds mechanically crazy before we build integrations/UI/etc.

Specifically, these are the behaviors:

  - You can mark your own draft comments as "done" before you submit them. The intent is to let reviewers mark their stuff advisory/minor/not-important before they submit it, to hint to authors that they don't expect the feedback to necessarily be addressed (maybe it's a joke, maybe it's just discussion, maybe it's "consider..").
  - You can mark others' published comments as "done" if you're the revision/commit author. The intent is to keep this lightweight by not requiring an audit trail of who marked what done when. If anyone could mark anything done, we'd have to have some way to show who marked stuff.
  - When you mark stuff done (or unmark it), it goes into a "draft" state, where you see the change but others don't see it yet. The intent is twofold:
    - Be consistent with how inlines work.
    - Allow us to publish a "epriestley updated this revision + epriestley marked 15 inlines as done" story later if we want. This seems more useful than publishing 15 "epriestley marked one thing as done" stories.
  - The actual bit where done-ness publishes isn't implemented.
  - UI is bare bones.
  - No integration with the rest of the UI yet.

Test Plan: Clicked some checkboxes.

Reviewers: chad, btrahan

Reviewed By: btrahan

Subscribers: paulshen, chasemp, epriestley

Maniphest Tasks: T1460

Differential Revision: https://secure.phabricator.com/D12033
2015-03-24 05:26:11 -07:00
epriestley
d0b3f199bb Provide a smoother "update diff" web workflow
Summary:
Fixes T1102. If you don't use `arc`, the web workflow requires some extra needless steps when updating diffs.

Provide a more streamlined "Update Diff" workflow.

Test Plan: {F347750}

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: epriestley

Maniphest Tasks: T1102

Differential Revision: https://secure.phabricator.com/D12131
2015-03-23 10:44:33 -07:00
epriestley
1c32c9b965 Improve granluarity and defaults of security.allow-outbound-http
Summary:
Ref T6755. This is a partial fix, but:

  - Allow netblocks to be blacklisted instead of making the feature all-or-nothing.
  - Default to disallow requests to all reserved private/local/special IP blocks. This should generally be a "safe" setting.
  - Explain the risks better.
  - Improve the errors rasied by Macro when failing.
  - Removed `security.allow-outbound-http`, as it is superseded by this setting and is somewhat misleading.
    - We still make outbound HTTP requests to OAuth.
    - We still make outbound HTTP requests for repositories.

From a technical perspective:

  - Separate URIs that are safe to link to or redirect to (basically, not "javascript://") from URIs that are safe to fetch (nothing in a private block).
  - Add the default blacklist.
  - Be more careful with response data in Macro fetching, and don't let the user see it if it isn't ultimately valid.

Additionally:

  - I want to do this check before pulling repositories, but that's enough of a mess that it should go in a separate diff.
  - The future implementation of T4190 needs to perform the fetch check.

Test Plan:
  - Fetched a valid macro.
  - Fetched a non-image, verified it didn't result in a viewable file.
  - Fetched a private-ip-space image, got an error.
  - Fetched a 404, got a useful-enough error without additional revealing response content (which is usually HTML anyway and not useful).
  - Fetched a bad protocol, got an error.
  - Linked to a local resource, a phriction page, a valid remote site, all worked.
  - Linked to private IP space, which worked fine (we want to let you link and redierect to other private services, just not fetch them).
  - Added and executed unit tests.

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: epriestley

Maniphest Tasks: T6755

Differential Revision: https://secure.phabricator.com/D12136
2015-03-23 10:44:03 -07:00
epriestley
c7178b7e7b Move property transaction construction to Almanac
Summary: Ref T7627. This centralizes this transaction construction code so the unit tests and Instances can both use it.

Test Plan: See D12116.

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: epriestley

Maniphest Tasks: T7627

Differential Revision: https://secure.phabricator.com/D12118
2015-03-23 09:10:42 -07:00
epriestley
6eadfe6a6f Allow repositories to be ordered by commit count
Summary: Fixes T7640.

Test Plan: {F346553}

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: epriestley

Maniphest Tasks: T7640

Differential Revision: https://secure.phabricator.com/D12122
2015-03-23 09:10:34 -07:00
epriestley
ae03733378 Fix matching of very short project hashtags ending in a digit
Summary: Fixes T7625. The way the regexp worked, "unusual" terminal characters required at least one character as a prefix in order to match. Allow 0 instead, so `#a1` matches.

Test Plan: Added and executed unit test.

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: epriestley

Maniphest Tasks: T7625

Differential Revision: https://secure.phabricator.com/D12123
2015-03-23 09:10:26 -07:00
epriestley
5001aadf46 Throw a more helpful error for bad Differential actions
Summary: Ref T7611. This should let us figure out the root cause, hopefully.

Test Plan: iiam

Reviewers: joshuaspence, btrahan

Reviewed By: btrahan

Subscribers: epriestley

Maniphest Tasks: T7611

Differential Revision: https://secure.phabricator.com/D12124
2015-03-23 09:10:18 -07:00
epriestley
08aefafef7 Remove redundant administrator requirement from application edit policy page
Summary:
Fixes T7485. Before applications had proper policies, we gated access by requiring the viewer be an administrator.

This is now redundant (CAN_EDIT on applications has the same effect, and performs the same check), and may some day be wrong (we might let administrators configure a different policy to control who can configure applications). Today, it gets the policy dialog wrong.

Test Plan:
Clicked "Edit Policies" as a non-administrator, was unable to, got nice error:

{F346598}

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: epriestley

Maniphest Tasks: T7485

Differential Revision: https://secure.phabricator.com/D12125
2015-03-23 09:10:10 -07:00
epriestley
c7dc59f9c4 Don't call flush() when emitting responses
Summary: Fixes T7620. I don't fully understand exactly what's going on here, but we don't actually need to call `flush()`.

Test Plan:
  - Put timing code around the `echo`.
  - Made a fake page that emitted a lot of data.
  - Saw the `echo` block proportionate to data size under `curl --limit-rate ...`.
  - See T7620.
  - Downloaded a large file, got a reasonable progress bar and no obvious memory use issues.

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: jlarouche, rbalik, epriestley

Maniphest Tasks: T7620

Differential Revision: https://secure.phabricator.com/D12127
2015-03-23 09:09:45 -07:00
Chad Little
c4d2fb087e Clear floats around conpherence-edited transactions
Summary: Fixes T7647. We float both the time and description here and want the fluidity.

Test Plan: Review a new Conpherence in FF, Safari, Chrome.

Reviewers: btrahan, epriestley

Reviewed By: epriestley

Subscribers: Korvin, epriestley

Maniphest Tasks: T7647

Differential Revision: https://secure.phabricator.com/D12137
2015-03-23 09:09:04 -07:00
Povilas Balzaravicius Pawka
b4d0de6b96 T7646: Fix buildplan ac on Herald.
Summary: Fixes T7646.

Test Plan: Repeat steps described in T7646 and expect disabled build plans not displayed.

Reviewers: epriestley, #blessed_reviewers

Reviewed By: epriestley, #blessed_reviewers

Subscribers: Korvin, epriestley

Maniphest Tasks: T7646

Differential Revision: https://secure.phabricator.com/D12133
2015-03-23 06:19:17 -07:00
epriestley
5aca529980 Fix literally thousands of drag-to-reorder priority bugs
Summary:
Fixes T7563. Fixes T5201. Reframe this as two separate operations:

  - Move before or after a task.
  - Move to the beginning or end of a priority.

Then:

  - Make all the order queries unambiguous and properly reversible, with an explicit `id` order.
  - Just reuse `ManiphestTask` to get results in the correct order.
  - Simplify the actual transaction apply logic.
  - Detect and recover from cases where tasks have identical or similar subpriorities.

Test Plan:
  - Wrote and executed unit tests.
  - Dragged and dropped tasks within priorities and between priorities in the main Maniphest view.
  - Dragged and dropped tasks within priorities in the workboard view, when ordered by priority.
  - Also poked at the "natural" order, but that shouldn't be affected.

Reviewers: btrahan, chad

Reviewed By: chad

Subscribers: chad, epriestley

Maniphest Tasks: T5201, T7563

Differential Revision: https://secure.phabricator.com/D12121
2015-03-20 17:38:25 -07:00
epriestley
ac029d0a50 Fix a self-XSS hole in Diffusion
Summary:
Via HackerOne. We aren't correctly escaping the date, so a user can XSS themselves by setting their date format creatively.

This construction is very unusual and I don't think we do anything similar elsewhere, so I can't come up with a systematic change which would prevent this in the general case.

Test Plan: Set date format to tag junk, got self-XSS before patch and proper escaping after the patch.

Reviewers: btrahan, chad

Reviewed By: chad

Subscribers: epriestley

Differential Revision: https://secure.phabricator.com/D12117
2015-03-20 14:54:35 -07:00
epriestley
80b8dc521d Fix Mercurial command injection vulnerability
Summary: See <http://chargen.matasano.com/chargen/2015/3/17/this-new-vulnerability-mercurial-command-injection-cve-2014-9462.html>.

Test Plan: Crafted bad remote URL; got error instead of code execution.

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: epriestley

Differential Revision: https://secure.phabricator.com/D12112
2015-03-20 09:26:32 -07:00
epriestley
b7fa55ff93 Fix improper selection of the chunk engine as a writable engine
Summary:
Fixes T7621. The engine selection code started out making sense, but didn't make as much sense by the time I was done with it.

Specifically, from the vanilla file upload, we may incorrectly try to write directly to the chunk storage engine. This is incorrect, and produces a confusing/bad error.

Make chunk storage engines explicit and don't try to do single-file one-shot writes to them.

Test Plan:
  - Tried to upload a large file with vanilla uploader, got better error message.
  - Uploaded small and large files with drag and drop.
  - Viewed {nav Files > Help/Options}.

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: epriestley

Maniphest Tasks: T7621

Differential Revision: https://secure.phabricator.com/D12110
2015-03-18 19:06:39 -07:00
epriestley
bd2eaad04f Add "phabricator.silent" for stopping all outbound events from an install
Summary:
Ref T7522. This is mostly useful in the cluster, but could be useful for external installs too.

If you want to import an instance into a test/dry-run state (in the cluster, to test an import; in the general case, to do something like test new hardware or configuration), you currently risk spamming users with a lot of duplicate notifications. In particular, if Phabricator tracks remotes, both instances will continue importing commits and sending email about them. Both instances will try to publish to mirrors, too, which could be bad news, and both instances will try to update linked services.

Instead, provide a flag to let an instance run in "silent mode", which disables all outbound messaging and data.

We need to remember to support this flag on any new outbound channels, but we add about one of those per year so I think that's reasonable.

Test Plan:
  - Flipped config.
  - Saw it void email, feed and mirroring.
  - Didn't test SMS since it's not really in use yet and not convenient to test.
  - (Can you think of any publishing I missed?)

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: epriestley

Maniphest Tasks: T7522

Differential Revision: https://secure.phabricator.com/D12109
2015-03-18 07:09:43 -07:00
epriestley
b5238dc080 Fix bad button construction in Owners
Summary: Fixes T7618. The "button" needs to be a PHUIButtonView later on.

Test Plan: Forced condition, loaded page, saw button instead of fatal.

Reviewers: chad, btrahan

Reviewed By: btrahan

Subscribers: epriestley

Maniphest Tasks: T7618

Differential Revision: https://secure.phabricator.com/D12108
2015-03-18 07:08:50 -07:00
Seth
1e4be36484 Make pink flags pink
Summary:
Indigo apparently used to be pink and was fixed in D10707.

This looks like it never got changed

Test Plan: Flag was purple, then it was pink

Reviewers: chad, #blessed_reviewers

Reviewed By: chad, #blessed_reviewers

Subscribers: epriestley, #flags

Differential Revision: https://secure.phabricator.com/D12101
2015-03-17 18:29:07 -07:00
epriestley
924b135d31 Add a storage renamespace for mangling SQL dumpfiles into a new namespace
Summary:
Ref T7149. When users give us dumpfiles for import, they will almost inevitably use the `phabricator` namespace. They need to be renamed to use an instance namespace.

We can do this either by:

  - importing the data first, then renaming; or
  - renaming first, then importing.

This implements the second one, basically `storage renamespace --in dump.sql --from phabricator --to instancename > instance.sql`.

Renaming first is a little hackier since we have to `preg_match()` a SQL dump file, but I think it's better overall:

  - With only one database, it lets you dump/import without downtime.
  - If you have development stuff in a development environment in the `phabricator` namespace, you don't have to move it aside to do an import.
  - No possibility that two people doing an import at the same time on the same box will collide with each other.
  - You can do the rename once and then repeat the import process with the renamed dump more easily.
  - No tricky stuff with modern Phabricator running against an old dump and the database names not matching up.

None of this is super important, but it just makes large dumps a bit easier to work with, and the dumpfile format is regular enough that this seems unlikely to ever really not work.

Test Plan: Renamespaced a dump, did a `diff -u`, saw all the relevant parts changed (and only those parts changed).

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: epriestley

Maniphest Tasks: T7149

Differential Revision: https://secure.phabricator.com/D12105
2015-03-17 18:29:01 -07:00
Bob Trahan
85de4419a5 Conpherence - add storage for view / edit / join policy
Summary: Ref T7582. Also adds the basic logic for "rooms" implementation. Also makes sure we use the initializeNewThread method as appropriate.

Test Plan: made a new conpherence and it worked!

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: Korvin, epriestley

Maniphest Tasks: T7582

Differential Revision: https://secure.phabricator.com/D12103
2015-03-17 17:04:44 -07:00
Bob Trahan
9bda03dbce Conpherence - add isRoom column to thread table
Summary: Fixes T7583. We also add `key_room`, which uses isRoom and dateModified since a very common view of rooms is going to be ordered by last updated.

Test Plan: made the conpherence view controller query specify `withIsRoom(true)` and `withIsRoom(false)`. The former made the controller correctly 404 while the latter had no change in functionality.

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: Korvin, epriestley

Maniphest Tasks: T7583

Differential Revision: https://secure.phabricator.com/D12102
2015-03-17 15:37:09 -07:00
epriestley
66075708d0 Allow MetaMTAMail to send with a raw "From" address
Summary:
Ref T7607. Ref T7522.

  - For the import tools, I want to send from "Phacility Support <support@phacility.com>".
  - In the general case, I want to send billing mail from merchants (T7607) later on.

Test Plan: Sent an email and saw the desired "From" address.

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: epriestley

Maniphest Tasks: T7607, T7522

Differential Revision: https://secure.phabricator.com/D12100
2015-03-17 14:43:21 -07:00
epriestley
827c0ce081 Allow LiskDAO to be forced to use a specific connection
Summary:
Ref T7522. This seems like the least-bad approach to a messy issue:

  - When backfilling accounts from an imported instance, I need to write ExternalAccount rows to the instance to link instance accounts with upstream accounts.
  - We do this in the daemons in some other cases, which lets us run all the code in the context of the instance. However, I really want to do this in-process here because it's way way simpler and we need to do writes to //both// the instance and the upstream, and they're interleaved, and they depend on one another.
  - I can hard-code the query with `qsprintf()` but that feels like 100x worse than this.

This allows me to do this:

```
id(new PhabricatorExternalAccount())
  ->setForcedConnnection($instance_conn)
  ->...
  ->save();
```

...and get a write to the instance database, which is at least not completely a minefield.

Test Plan: Backfilled instance accounts and got interleaved instance and upstream writes as expected.

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: epriestley

Maniphest Tasks: T7522

Differential Revision: https://secure.phabricator.com/D12098
2015-03-17 14:43:08 -07:00
Chad Little
6fc867d382 Update Conpherence full for common colors / styles
Summary: Conpherence Full modernize pass, setting standard space and colors on all widget panels. Moved menu back to 240px as the narrow column wasn't really usefull. Removed 'subtitle' on menu, seems simpler but almost under-designed. Subtitle isn't particularly useful and I plan on adding audience icons next (single, group, project, public) so I think this is the right direction.

Test Plan:
Tested with and without number columns on the menu, test with files, calendar dates, removing participants.

{F337941}

{F337942}

{F337943}

Reviewers: epriestley, btrahan

Reviewed By: btrahan

Subscribers: Korvin, epriestley

Differential Revision: https://secure.phabricator.com/D12078
2015-03-17 14:01:45 -07:00
epriestley
7a93b443c3 Make file upload policies more consistent
Summary:
Ref T7149. Currently, global drag and drop always uses the most open visibility policy on the install. This was appropriate before the application preference was introduced, but default to the application preference now.

In particular, this supports a default value of "Administrators" in the Phacility cluster.

Also simplify/clean up some code.

Test Plan:
  - Set application default policy to "Adminstrators".
  - Uploaded file via drag-and-drop, saw "administrators" policy.
  - Uploaded file via `arc upload`, saw "administrators" policy.
    - Saw better URI for a text file upload after patch.
  - Uploaded file via drag-and-drop-to-textarea, saw "only viewer" policy.

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: epriestley

Maniphest Tasks: T7149

Differential Revision: https://secure.phabricator.com/D12093
2015-03-17 06:33:30 -07:00
Joshua Spence
ca042df6de Minor change to suppress linter warning
Summary: Rewrite this expression so that the second parameter to `qsprintf` is a scalar.

Test Plan: `arc lint`

Reviewers: epriestley, #blessed_reviewers

Reviewed By: epriestley, #blessed_reviewers

Subscribers: Korvin, epriestley

Differential Revision: https://secure.phabricator.com/D11913
2015-03-17 22:19:03 +11:00
Bob Trahan
98899c822e Conpherence - kill race conditions around update
Summary:
Fixes T6713. The idea is to keep checking what's going on in the update paths that touch the DOM. If we're doing an update or should be doing a different update, then we bail early.

This is the type of code + testing that makes me dizzy after awhile, but I think it works...

Test Plan:
added a "forceStall" parameter to the column view controller, which when specified sleeps for seconds before returning. I then augmented the JS such that the "send message" code for the durable column would specifiy this parameter.

For actual testing, I then spammed the heck out of the durable column channel and saw each message only once. I also spammed the column, switched browsers to a user on the same thread in the normal "speedy" view, sent messages there, and also only received one copy

Reviewers: chad, epriestley

Reviewed By: epriestley

Subscribers: Korvin, epriestley

Maniphest Tasks: T6713

Differential Revision: https://secure.phabricator.com/D12092
2015-03-16 16:35:05 -07:00
Bob Trahan
c21301d153 Conpherence - fix 0 messages in header race condition
Summary:
Fixes T7545. Turns out we had the right logic to handle this basically, and just needed to variablize the CSS class that gets added / removed as appropos.

Note the new behavior is to keep the icon highlighted just with no number. This emulates how it would work if e.g. there was no unread message in the first place and you just clicked the message icon to invoke the message menu.

Test Plan: had a durable conpherence open for user A with user B. used a separate browser to send message as user B. reloaded as user A - saw new message in conpherence durable column and the "1" unread icon. I then clicked the "1" and saw it disappear as expected

Reviewers: chad, epriestley

Reviewed By: epriestley

Subscribers: Korvin, epriestley

Maniphest Tasks: T7545

Differential Revision: https://secure.phabricator.com/D12091
2015-03-16 14:28:25 -07:00
epriestley
cc7a9660b6 Don't workflow the "add payment method" button from carts
This doesn't work with the auto-select code.
2015-03-15 13:52:46 -07:00
epriestley
aadec98d43 Correct use of "trigger.this-epoch" vs "trigger.next-epoch"
These parameters were set inconsistently. Use the value that the storage task uses.
Also, allow `bin/phortune invoice` to invoice in the past and future to aid testing.
2015-03-15 13:32:15 -07:00
epriestley
6b86f81fe4 Increase the visibility of permanent task failures in task queue
Make permanent failures always reach the log.
Make `bin/worker execute` report exceptions properly.
2015-03-15 13:27:05 -07:00
epriestley
8a6acf88e0 Fix a debugging value value for post_max_size
Although 3200MB is nice, 32MB is plenty.
2015-03-15 11:57:50 -07:00
epriestley
7482d260b0 Rewrite file documentation to be chunk-aware
Summary:
Ref T7149. We can simplify configuration somewhat by removing the upload limit setting, now that we support arbitrarily large files.

  - Merge configuration documentation.
  - Tell users to set things to at least 32MB. This is 8MB maximum one-shot file + 4x headroom. Chunk sizes are 4MB.

Test Plan:
  - Faked all the setup warnings.
  - Read documentation.
  - Uploaded some files.

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: epriestley

Maniphest Tasks: T7149

Differential Revision: https://secure.phabricator.com/D12083
2015-03-15 11:37:47 -07:00
epriestley
21aa086b69 Improve translation of some file strings
Summary: Ref T7149. hue hue hue hue

Test Plan: hue hue

Reviewers: chad

Reviewed By: chad

Subscribers: epriestley

Maniphest Tasks: T7149

Differential Revision: https://secure.phabricator.com/D12080
2015-03-15 11:37:30 -07:00
epriestley
1773af6ada Enable the chunk storage engine
Summary: Ref T7149. This works now, so enable it.

Test Plan:
  - Uploaded large and small files in Firefox, Safari and Chrome.
  - Uploaded large files with `arc upload`.
  - Stopped/resumed large files with all clients.

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: epriestley

Maniphest Tasks: T7149

Differential Revision: https://secure.phabricator.com/D12079
2015-03-15 11:37:05 -07:00
epriestley
6b69bc3fbb Delete all "force chunking" file upload code
Summary: Ref T7149. This was just to make testing easier, but chunking substantially works now.

Test Plan: `grep`

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: epriestley

Maniphest Tasks: T7149

Differential Revision: https://secure.phabricator.com/D12076
2015-03-15 11:32:18 -07:00
epriestley
bc28b2c3a8 Examine fewer daemons for variant config
Summary:
Right now, if a daemon dies it can leave the setup warning around for like 10 minutes or something until we reap it.

Tighten the warning so we only care about actively running daemons.

Test Plan: Checked setup issues.

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: epriestley

Differential Revision: https://secure.phabricator.com/D12088
2015-03-15 11:31:07 -07:00
epriestley
106ca70acb Fix an issue where subpriority paging could be truncated
Ref T7548. Subpriority is a float, but we're truncating it to an int, which can cause reselection of the same row while paging.
2015-03-14 13:42:06 -07:00
epriestley
77e0a4abba Guarantee that Maniphest paging clauses strictly progress
Ref T7548. Some of these clauses are not guaranteed to select only rows following the cursor.
2015-03-14 13:29:05 -07:00
epriestley
c431d91f58 Fail explicitly instead of looping if we can't build a paging clause
Ref T7548. This isn't a complete fix but hopefully will give me more debugging information.
2015-03-14 13:23:48 -07:00
epriestley
c19bb57730 Stream chunks when sending chunked files
Summary: Ref T7149. Return a real iterator from the Chunk engine, which processes chunks sequentially.

Test Plan:
This is a bit hard to read, but shows the underlying chunks being accessed one at a time and only some being accessed when requesting a range of a file:

```
$ ./bin/files cat F878 --trace --begin 100 --end 256
...
>>> [10] <query> SELECT * FROM `file_storageblob` WHERE `id` = 85
<<< [10] <query> 240 us
 better software.

Phabricat>>> [11] <query> SELECT * FROM `file_storageblob` WHERE `id` = 84
<<< [11] <query> 205 us
or includes applications for:

 >>> [12] <query> SELECT * FROM `file_storageblob` WHERE `id` = 83
<<< [12] <query> 226 us
 - reviewing and auditing source>>> [13] <query> SELECT * FROM `file_storageblob` WHERE `id` = 82
<<< [13] <query> 203 us
 code;
  - hosting and browsing >>> [14] <query> SELECT * FROM `file_storageblob` WHERE `id` = 81
<<< [14] <query> 231 us
repositories;
  - tracking bugs;
```

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: joshuaspence, epriestley

Maniphest Tasks: T7149

Differential Revision: https://secure.phabricator.com/D12073
2015-03-14 08:29:30 -07:00
epriestley
81d88985a0 Prepare file responses for streaming chunks
Summary:
Ref T7149. This still buffers the whole file, but is reaaaaal close to not doing that.

Allow Responses to be streamed, and rewrite the range stuff in the FileResponse so it does not rely on having the entire content available.

Test Plan:
  - Artificially slowed down downloads, suspended/resumed them (works in chrome, not so much in Safari/Firefox?)
  - Played sounds in Safari/Chrome.
  - Viewed a bunch of pages and files in every browser.

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: joshuaspence, epriestley

Maniphest Tasks: T7149

Differential Revision: https://secure.phabricator.com/D12072
2015-03-14 08:29:12 -07:00
epriestley
2aefb43843 Support a file data iteration interface for large files
Summary: Ref T7149. A couple diffs down the line, this will let us emit chunked files without doing all the work up front or holding the entire file in RAM.

Test Plan:
(Some newlines added for clarity.)

```
$ ./bin/files cat F942
ABCDEFGHIJKLMNOPQRSTUVWXYZ
$ ./bin/files cat F942 --begin 1
BCDEFGHIJKLMNOPQRSTUVWXYZ
$ ./bin/files cat F942 --end 10
ABCDEFGHIJ
$ ./bin/files cat F942 --begin 3 --end 5
DE
$
```

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: joshuaspence, epriestley

Maniphest Tasks: T7149

Differential Revision: https://secure.phabricator.com/D12071
2015-03-14 08:28:59 -07:00
epriestley
32d8d67535 Support resuming JS uploads of chunked files
Summary: Ref T7149. We can't compute hashes of large files efficiently, but we can resume uploads by the same author, with the same name and file size, which are only partially completed. This seems like a reasonable heuristic that is unlikely to ever misfire, even if it's a little magical.

Test Plan:
  - Forced chunking on.
  - Started uploading a chunked file.
  - Closed the browser window.
  - Dropped it into a new window.
  - Upload resumed //(!!!)//
  - Did this again.
  - Downloaded the final file, which successfully reconstructed the original file.

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: joshuaspence, chad, epriestley

Maniphest Tasks: T7149

Differential Revision: https://secure.phabricator.com/D12070
2015-03-14 08:28:46 -07:00
Chad Little
aa909ba072 Shorten buttons on Leaving High Security Page
Summary: Changes the text to just "Stay", which is still obvious what it means, with less copy. Fixes T7027

Test Plan: Now works on mobile.

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: Korvin, epriestley

Maniphest Tasks: T7027

Differential Revision: https://secure.phabricator.com/D12075
2015-03-14 07:35:01 -07:00
epriestley
7d69d8ae6a Remove support for Balanced payments
Summary: See <https://www.balancedpayments.com/stripe>. Just get rid of support since Phortune is a prototype anyway.

Test Plan: `grep`, poked around Phortune.

Reviewers: btrahan, chad

Reviewed By: chad

Subscribers: aurelijus, epriestley

Differential Revision: https://secure.phabricator.com/D12074
2015-03-13 15:47:37 -07:00
epriestley
135280be9e Support HTML5 / Javascript chunked file uploads
Summary:
Ref T7149. This adds chunking support to drag-and-drop uploads. It never activates right now unless you hack things up, since the chunk engine is still hard-coded as disabled.

The overall approach is the same as `arc upload` in D12061, with some slight changes to the API return values to avoid a few extra HTTP calls.

Test Plan:
  - Enabled chunk engine.
  - Uploaded some READMEs in a bunch of tiny 32 byte chunks.
  - Worked out of the box in Safari, Chrome, Firefox.

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: epriestley

Maniphest Tasks: T7149

Differential Revision: https://secure.phabricator.com/D12066
2015-03-13 11:30:36 -07:00
epriestley
aa4adf3ab8 Add support for partially uploaded files
Summary:
Ref T7149. This flags allocated but incomplete files and doesn't explode when trying to download them.

Files are marked complete when the last chunk is uploaded.

I added a key on `<authorPHID, isPartial>` so we can show you a list of partially uploaded files and prompt you to resume them at some point down the road.

Test Plan: Massaged debugging settings and uploaded README.md very slowly in 32b chunks. Saw the file lose its "Partial" flag when the last chunk finished.

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: joshuaspence, epriestley

Maniphest Tasks: T7149

Differential Revision: https://secure.phabricator.com/D12063
2015-03-13 11:30:24 -07:00
epriestley
6c3552f939 Add bin/files cat to print a file to stdout
Summary:
Ref T7149. This makes debugging some of this stuff a bit easier by removing the HTTP part in the middle.

Particularly, I anticipate having this stream data chunk-by-chunk in the near future.

Test Plan: Ran `files cat F23`, got output.

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: joshuaspence, epriestley

Maniphest Tasks: T7149

Differential Revision: https://secure.phabricator.com/D12062
2015-03-13 11:30:13 -07:00
epriestley
4aed453b06 Add a chunking storage engine for files
Summary:
Ref T7149. This isn't complete and isn't active yet, but does basically work. I'll shore it up in the next few diffs.

The new workflow goes like this:

> Client, file.allocate(): I'd like to upload a file with length L, metadata M, and hash H.

Then the server returns `upload` (a boolean) and `filePHID` (a PHID). These mean:

| upload | filePHID | means |
|---|---|---|
| false | false | Server can't accept file.
| false | true | File data already known, file created from hash.
| true | false | Just upload normally.
| true | true | Query chunks to start or resume a chunked upload.

All but the last case are uninteresting and work like exising uploads with `file.uploadhash` (which we can eventually deprecate).

In the last case:

> Client, file.querychunks(): Give me a list of chunks that I should upload.

This returns all the chunks for the file. Chunks have a start byte, an end byte, and a "complete" flag to indicate that the server already has the data.

Then, the client fills in chunks by sending them:

> Client, file.uploadchunk(): Here is the data for one chunk.

This stuff doesn't work yet or has some caveats:

  - I haven't tested resume much.
  - Files need an "isPartial()" flag for partial uploads, and the UI needs to respect it.
  - The JS client needs to become chunk-aware.
  - Chunk size is set crazy low to make testing easier.
  - Some debugging flags that I'll remove soon-ish.
  - Downloading works, but still streams the whole file into memory.
  - This storage engine is disabled by default (hardcoded as a unit test engine) because it's still sketchy.
  - Need some code to remove the "isParital" flag when the last chunk is uploaded.
  - Maybe do checksumming on chunks.

Test Plan:
  - Hacked up `arc upload` (see next diff) to be chunk-aware and uploaded a readme in 18 32-byte chunks. Then downloaded it. Got the same file back that I uploaded.
  - File UI now shows some basic chunk info for chunked files:

{F336434}

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: joshuaspence, epriestley

Maniphest Tasks: T7149

Differential Revision: https://secure.phabricator.com/D12060
2015-03-13 11:30:02 -07:00
Bob Trahan
e137d0a0c5 Conpherence - finesse global upload vs conpherence durable column upload
Summary: Fixes T7539. We need to set the "with-column" css class on the document body to make things like the jx-mask style-able. Also, make the global upload control only do it for the standard phabrcator page and not the document body.

Test Plan: dragged a file to conpherence column and it worked! uploaded a file to homepage with column open and it worked! uploaded a file to /file/ with column open and it worked!

Reviewers: chad, epriestley

Reviewed By: epriestley

Subscribers: Korvin, epriestley

Maniphest Tasks: T7539

Differential Revision: https://secure.phabricator.com/D12055
2015-03-12 13:40:06 -07:00
epriestley
e2296a0ff7 Modernize file storage engine selection
Summary:
Fixes T5843. File storage engines use a very old "selector" mechanism which makes them difficult to extend.

This mechanism predates widespread use of `PhutilSymbolLoader` to discover available implementations at runtime. Runtime discovery has generally proven more flexible and easier to use than explicit selection (although it sometimes needs more UI to support it in cases where order or enabled/disabled flags can not be directly determined).

Use a modern runtime discovery mechanism instead of an explicit selector. This might break any installs which subclassed the `Selector`, but I believe almost no such installs exist, and they'll receive a meaningful exception upon upgrading (any custom engines will no longer implement all of the required methods).

Looking forward, this modernizes infrastructure to prepare for new "virtual" chunked-storage engines, with the eventual goal of supporting very large file uploads and data import into the Phacility cluster.

This uses D12051 to add UI to make it easier to understand the state of storage engines.

Test Plan:
Used new UI panel to assess storage engines:

{F336270}

  - Uploaded a small file, saw it go to MySQL engine.
  - Uploaded a larger file, saw it go to S3 engine.

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: epriestley

Maniphest Tasks: T5843

Differential Revision: https://secure.phabricator.com/D12053
2015-03-12 13:28:53 -07:00
epriestley
973079a7da Modularize application configuration panels
Summary:
Ref T7149. This is a few steps away, but:

  - Generally, I'd like to reduce the amount of "Config" configuration we have.
  - One good way to do this is to move it into UIs in Application configuration. We did this with email recently.
  - I think this was a great change and I'd like to keep moving in this direction.
  - T7149 touches configuration related to file storage engines. Although I'm not planning to fully move configuration into applications yet, it would be easier to debug and test if I could drop a read-only panel there to show engines.
  - So, modularize the config stuff so I can add a new panel without hard-coding it.

Test Plan:
  - Added, edited, and deleted application emails.
  - Viewed non-email application detail pages.

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: epriestley

Maniphest Tasks: T7149

Differential Revision: https://secure.phabricator.com/D12051
2015-03-12 13:28:37 -07:00
Chad Little
c1bd1d1b9a Fix 2 minor issues with Durable Column
Summary: I left in an opacity change by mistake, and fix language on threads.

Test Plan: review in sandbox

Reviewers: epriestley, btrahan

Reviewed By: btrahan

Subscribers: Korvin, epriestley

Differential Revision: https://secure.phabricator.com/D12054
2015-03-12 13:23:50 -07:00
Chad Little
f77c5c514b Show shorter time in Conpherence, revisit spacing/colors
Summary: This adds a parameter for time only on Conpherence Transactions, although grepping around, Conpherence might be the only user of this View at this point. Since we have the date markers separately, we can use just the timestamp for a cleaner feel. Also updated a bit of the spacing and colors to match Conpherence Full. Ref T7531

Test Plan:
A lot of Photoshop, and different types of chats.

{F336204}

Reviewers: btrahan, epriestley

Reviewed By: epriestley

Subscribers: Korvin, epriestley

Maniphest Tasks: T7531

Differential Revision: https://secure.phabricator.com/D12049
2015-03-12 11:21:12 -07:00
Chad Little
bcc6d90e7b Add tooltips to Conphrence Chatroom switcher icons
Summary: I don't know the names of all the Conpherences I have ongoing and all my test icons are Psyducks. haha ha ...

Test Plan: Hover over icons, now it's all Psyduck and [No Title].

Reviewers: epriestley, btrahan

Subscribers: Korvin, epriestley

Differential Revision: https://secure.phabricator.com/D12050
2015-03-12 11:13:28 -07:00
Chad Little
6a036f32b2 Move Macro image height/width to CSS
Summary: This makes macros and memes grow to 100% of their container //at most//, instead of showing a scrollbar. This is useful for overly large macros, smaller spaces like Feed and Conpherences, and Inline Comments. Fixes T7528

Test Plan: Tested a very large macro, a very large meme, and a very very tiny macro. It looks like memes get cached though, unsure if we should clean them up or just leave them

Reviewers: btrahan, epriestley

Reviewed By: epriestley

Subscribers: Korvin, epriestley

Maniphest Tasks: T7528

Differential Revision: https://secure.phabricator.com/D12045
2015-03-11 17:35:55 -07:00
Bob Trahan
7d7deaf698 Conpherence - fix "pop in" effect
Summary: Ref T7014. This got broken in today's action. For whatever reason the only way I can get the CSS to show up correctly is to move the require statement to where it was before rP5ef99dba2afc9f9ed3ca77707366a78be15f4871. Otherwise, this feature massages the UI a bit to make sure the "loading" stuff is set correctly in this state.

Test Plan: toggled conpherence open and it looked good. reloaded and it looked good.

Reviewers: chad, epriestley

Reviewed By: epriestley

Subscribers: Korvin, epriestley

Maniphest Tasks: T7014

Differential Revision: https://secure.phabricator.com/D12047
2015-03-11 16:20:13 -07:00
Bob Trahan
d9adedd9d6 Conpherence - smooth out user interaction switching threads in the durable column
Summary: Ref T7014. This changes the title and selected icon right as the user clicks it. This could //maybe// be in the "willLoadThread" callback hook, but it doesn't happen every time we load a thread, just **this** time so keep it right in the listener for now.

Test Plan: switched some threads and liked what I saw

Reviewers: epriestley, chad

Subscribers: Korvin, epriestley

Maniphest Tasks: T7014

Differential Revision: https://secure.phabricator.com/D12043
2015-03-11 15:55:35 -07:00
Bob Trahan
194a183ea6 Conpherence - add draft support to column and refine sending message user workflow
Summary: Ref T7014. This diff adds draft support.

Test Plan: made many comments and they submitted nicely.

Reviewers: chad, epriestley

Reviewed By: epriestley

Subscribers: Korvin, epriestley

Maniphest Tasks: T7014

Differential Revision: https://secure.phabricator.com/D12046
2015-03-11 15:54:07 -07:00
Bob Trahan
c85c07012e Conpherence - make Hide Column action save user preference
Summary: Fixes T7532.

Test Plan: clicked it, reloaded it, still closed

Reviewers: epriestley, chad

Reviewed By: chad

Subscribers: Korvin, epriestley

Maniphest Tasks: T7532

Differential Revision: https://secure.phabricator.com/D12044
2015-03-11 12:58:51 -07:00
Bob Trahan
116f4625b6 Conpherence - add support for users with no conpherences in durable column view
Summary: Ref T7014. This just makes it so there's almost no UI and a simple "You have no messages. <button>Send a message.</button>" UI

Test Plan: hacked the code such that should_404 and conpherence were false and null respectively. verified i got the right ui in the durable column. verified send a message button worked, ending up with me in main conpherence view on the right message

Reviewers: chad, epriestley

Reviewed By: epriestley

Subscribers: Korvin, epriestley

Maniphest Tasks: T7014

Differential Revision: https://secure.phabricator.com/D12042
2015-03-11 11:55:18 -07:00
Chad Little
5ef99dba2a Visual update to Conpherence Durable Column
Summary: Numerous visual updates to the Durable Column, mostly to emulate current Conpherence look and feel.

Test Plan: Lots of little pixel chasing. Also Chrome, Firefox.

Reviewers: epriestley, btrahan

Reviewed By: btrahan

Subscribers: Korvin, epriestley

Differential Revision: https://secure.phabricator.com/D12041
2015-03-11 11:52:27 -07:00
epriestley
a1820ecf6e Remove Konami code easter egg
Summary:
This is cool in theory, but has broken like 5 times and is broken now too. The CSS magic just isn't robust enough to keep up with CSS changes.

Just strip it out for now; if we come up with some more durable replacement we can put that back in its place.

Test Plan: Typed konami code, page didn't break horribly.

Reviewers: chad, btrahan

Reviewed By: btrahan

Subscribers: epriestley

Differential Revision: https://secure.phabricator.com/D12039
2015-03-10 18:46:28 -07:00
epriestley
88b46063b4 Make durable column sticky across requests
Summary: When you open the column, keep it open on future requests.

Test Plan: Opened column, clicked to Conpherence (no column), clicked elsewhere (column again), reloaded page (column), closed column, clicked something (no column).

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: epriestley

Differential Revision: https://secure.phabricator.com/D12038
2015-03-10 18:46:16 -07:00
epriestley
6fa507987d Generalize URI pattern blacklist for Quicksand
Summary:
Fixes T7060. Removes some hard-coding.

This assumes that "pages with no durable column" and "pages with no Quicksand" are the same, but that's correct today and I can't come up with a use case where they'd be different offhand.

Test Plan:
  - Clicked a revision with column open, got Quicksand navigation.
  - Clicked into Conpherence with column open, got real navigation.

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: epriestley

Maniphest Tasks: T7060

Differential Revision: https://secure.phabricator.com/D12036
2015-03-10 15:32:15 -07:00
Bob Trahan
4674a5eab9 Conpherence - add icon-based room switcher to durable column view
Summary: Ref T7380. This does the most basic thing ever and sticks up to 6 icons in there.

Test Plan: clicked the icons and noted new conpherences loaded in nicely

Reviewers: epriestley, chad

Reviewed By: epriestley

Subscribers: Korvin, epriestley

Maniphest Tasks: T7380

Differential Revision: https://secure.phabricator.com/D12037
2015-03-10 15:30:49 -07:00
epriestley
5afa2c3b62 Add support for playing sounds
Summary:
Ref T5369. New HTML5 version without flash dependencies.

This doesn't play any sounds.

Test Plan: Did not play any sounds.

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: joshuaspence, epriestley

Maniphest Tasks: T5369

Differential Revision: https://secure.phabricator.com/D9535
2015-03-10 14:20:00 -07:00
Bob Trahan
10f1692b1b Conpherence - more threadManager stuff and get scrolling working
Summary: Ref T7014. The main conpherence view is kind of broken without this in subtle ways because of /conpherence/ versus /conpherence/x/ init'ing things differently; this fixes that. Moves more normal view conpherence logic into threadManager. Makes all the display code happen outside of threadManager, setting us up for some display manager later maybe.

Test Plan: sent messages, updated title, etc and the messages pane auto scrolled correctly!

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: Korvin, epriestley

Maniphest Tasks: T7014

Differential Revision: https://secure.phabricator.com/D12035
2015-03-10 13:53:30 -07:00
Bob Trahan
2373185e9b Conpherence - introduce ConpherenceThreadManager
Summary:
Ref T7014. Fixes T7473. This adds a class to handle thread state about what thread is loaded and what transaction we've seen last. It is deployed 100% in the durable column and only partially deployed in the regular view. Future diff(s) should clean up regular view. Note ConpherenceThreadManager API might change a bit at that time.

Also includes a bonus bug fix so logged out users can't toggle this column

Test Plan: tried to use durable column while logged out and nothing happened. sent messages, aphlict-received messages, added people, and changed title from both views

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: Korvin, epriestley

Maniphest Tasks: T7473, T7014

Differential Revision: https://secure.phabricator.com/D12029
2015-03-10 12:20:29 -07:00
epriestley
dd501117e8 When deleting inline comments, offer "undo" instead of prompting
Summary:
Ref T2009. Ref T1460.

Fixes T2618. When users hit "Delete" on inline comments, delete immediately and offer them "Undo". If they delete indirectly (e.g., by clicking "Delete" from the preview at the bottom of the page), we still prompt them, because the "Undo" action either won't be available or may not be easy to find. This is a "refdelete".

Fixes T6464. This was just a mess. Make it not as much of a mess. It should work now. Pretty sure.

Fixes T4999. We did not refresh these links often enough to find targets for them, so they could race with content. Reevaluate them after loading new changes.

Test Plan:
  - Deleted and undid deletion of inlines from main view and preview.
  - Clicked "View" on inlines.

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: epriestley

Maniphest Tasks: T6464, T4999, T2618, T1460, T2009

Differential Revision: https://secure.phabricator.com/D12032
2015-03-09 17:27:51 -07:00
epriestley
daa893e508 Extend TransactionCommentQuery for Diffusion
Summary: Ref T2009. Ref T1460. Reduces the amount of garbage involved in loading inline comments and routes more pathways through the proper Query layer.

Test Plan: Viewed, edited, previewed, submitted inline comments in Diffusion.

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: epriestley

Maniphest Tasks: T2009, T1460

Differential Revision: https://secure.phabricator.com/D12028
2015-03-09 14:11:22 -07:00
epriestley
7427a6e648 Extend TransactionCommentQuery for Differential
Summary: Ref T2009. Ref T1460. Replace hard-coded garbage with a real Query-layer query.

Test Plan: Submitted inline comments in Differential.

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: epriestley

Maniphest Tasks: T2009, T1460

Differential Revision: https://secure.phabricator.com/D12027
2015-03-09 14:11:20 -07:00
epriestley
4d86d51125 Prepare TransactionCommentQuery for extension
Summary:
Ref T2009. Ref T1460. The way Diffusion and Differential load inlines is horrible garbage right now:

  - Differential does an ad-hoc query to get the PHIDs, then does a real load to policy check.
  - Diffusion completely fakes things. In practice this is not a policy violation, but it's dangerous.

Make TransactionCommentQuery extensible so we can subclass it and get the query building correctly in the right Query layer.

Specifically, the Diffusion and Differential subclasses of this Query will add appropriate `withX()` methods to let us express the query in SQL.

Test Plan: Loaded, previewed, edited, and submitted inlines in Differential and Diffusion

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: epriestley

Maniphest Tasks: T2009, T1460

Differential Revision: https://secure.phabricator.com/D12026
2015-03-09 14:11:18 -07:00
epriestley
2972894a4d Write "hasReplies" to database for inline comments
Summary:
Ref T1460. Ref T2618.

When publishing a draft inline, mark the inline it replies to (if any) as replied to.

Also, don't load deleted comments as drafts (sets the stage for T2618).

I'll make an effort to clean up the loading mess here in the next revision, and find some more appropriate home for the shared code.

Test Plan: Made and replied to comments in Differential and Diffusion. Saw comments get marked as "Has Replies" and "Is Reply".

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: epriestley

Maniphest Tasks: T2618, T1460

Differential Revision: https://secure.phabricator.com/D12025
2015-03-09 14:11:16 -07:00
epriestley
f66edccf62 Respect outbound HTTP setting in macro generation
Summary: We respect this when adding inputs to the form, but not when guarding the actual fetch.

Test Plan: Reading

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: epriestley

Differential Revision: https://secure.phabricator.com/D12030
2015-03-09 14:10:34 -07:00
epriestley
f1f2c5d01d Reduce code duplication in inline right/left side tracking
Summary: Ref T2009. These subclasses have a mixture of similar methods, move them all to the base class.

Test Plan: Created/edited/undo/submitted comments on the left and right sides of a diff.

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: epriestley

Maniphest Tasks: T2009

Differential Revision: https://secure.phabricator.com/D12024
2015-03-09 12:53:40 -07:00
Bob Trahan
9b9a8001fa Conpherence - add ability to change title in the durable column
Summary: Ref T7014.

Test Plan: changed the conpherence title from the column. since i can't get scrolling to work, i inspect the dom to verify the title change transaction showed up properly

Reviewers: epriestley, chad

Reviewed By: epriestley

Subscribers: Korvin, epriestley

Maniphest Tasks: T7014

Differential Revision: https://secure.phabricator.com/D12002
2015-03-09 12:09:43 -07:00
epriestley
10a84d66db Show a more tailored message when adding empty files
Summary: Fixes T6695. Tailor this message.

Test Plan: {F333305}

Reviewers: btrahan, chad

Reviewed By: chad

Subscribers: epriestley

Maniphest Tasks: T6695

Differential Revision: https://secure.phabricator.com/D12022
2015-03-09 10:27:18 -07:00
epriestley
b7be4ccca1 Hide revision content if author has not signed required legal documents
Summary: Fixes T7446.

Test Plan: {F333301}

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: epriestley

Maniphest Tasks: T7446

Differential Revision: https://secure.phabricator.com/D12021
2015-03-09 10:26:54 -07:00
epriestley
56a9709008 Reduce code duplication for inline "Undo"
Summary:
Ref T2009. This is another almost-identical copy of the row scaffolding, which has the same 1up/2up bugs as the 8 other copies of this code.

Turn the "undo" element into an InlineCommentView so we can scaffold it.

Then, scaffold it with the same code as everything else.

Test Plan: Hit "Undo", swapped from 1up to 2up, hit "undo" again, swapped back, tried left/right, everything rendered with proper scaffolding.

Reviewers: btrahan, chad

Reviewed By: chad

Subscribers: epriestley

Maniphest Tasks: T2009

Differential Revision: https://secure.phabricator.com/D12019
2015-03-09 10:26:53 -07:00
epriestley
355142fcbf Reduce code duplication on comment editing UI
Summary: Ref T2009. This has two more copies of the scaffolding.

Test Plan: Created, edited, deleted, replied to inline comments.

Reviewers: btrahan, chad

Reviewed By: chad

Subscribers: epriestley

Maniphest Tasks: T2009

Differential Revision: https://secure.phabricator.com/D12018
2015-03-09 10:26:51 -07:00
epriestley
082b7f95e6 Explicitly track inline comment reply threading
Summary:
Ref T1460. Track and store which comments are threaded replies to other comments, vs merely appearing on the same lines.

This doesn't actually write `hasReplies` yet, since that needs to happen when we un-draft comments on submission.

Test Plan: Made inline comments in Differential and Diffusion, including replies. Replies were marked as "Is Reply".

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: epriestley

Maniphest Tasks: T1460

Differential Revision: https://secure.phabricator.com/D12017
2015-03-09 10:26:50 -07:00
epriestley
7a9768fc79 Respect unified view in Diffusion
Summary: Ref T2009. Respect preference and make 1up/2up options work properly.

Test Plan: Toggled 1up vs 2up in Diffusion.

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: epriestley

Maniphest Tasks: T2009

Differential Revision: https://secure.phabricator.com/D12015
2015-03-09 10:26:49 -07:00
epriestley
100760fb31 Use ChangesetListView in Phriction
Summary: Ref T2009. Upgrade this from DetailView to ListView so we get "Highlight As", "View Unified", etc., and respect the unified diff prefernce.

Test Plan: Viewed diffs in Phriction.

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: epriestley

Maniphest Tasks: T2009

Differential Revision: https://secure.phabricator.com/D12013
2015-03-09 10:26:48 -07:00
epriestley
c35cafda2c Use ChangesetListView on Differential standalone view
Summary:
Fixes T4452. Ref T2009. There's a hierarchy of changeset rendering power: only low-level calls, use of ChangesetDetailView, then use of ChangesetListView (a list of DetailViews).

Prior to work here, the various changeset rendering controllers got their hands dirty to varying degrees, with some using only the lowest-level rendering pipeline:

  - Phriction: no view (lowest level)
  - Diffusion: DetailView
  - Differential Changeset: DetailView
  - Differential Diff: ListView
  - Differential Revision: ListView

I brought Phriction up to use DetailView, but want to bring everything all the way up to use ListView. Each composition layer adds more features to diff browsing. In particular, this change enables "Highlight As", switching 1up vs 2up, adding inlines, etc., on the standalone view.

Test Plan:
  - Viewed a changeset standalone. Could change highlighting, switch 1up vs 2up, add and edit inlines, etc.
  - Viewed a revision; no behavioral changes.

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: epriestley

Maniphest Tasks: T4452, T2009

Differential Revision: https://secure.phabricator.com/D12012
2015-03-09 10:26:47 -07:00
Chad Little
6608eea91d Fix a few minor bugs in Auth Providers
Summary: Fixes T7496, T7511. Sets text for registration is not enabled, sets can_manage on add_provider button.

Test Plan: Test with a logged in admin and logged in normal joe user.

Reviewers: btrahan, epriestley

Reviewed By: epriestley

Subscribers: Korvin, epriestley

Maniphest Tasks: T7496, T7511

Differential Revision: https://secure.phabricator.com/D12014
2015-03-08 11:04:57 -07:00
epriestley
1df321bf00 Fix left/right detection of inline comments in unified view
Summary:
Ref T2009. Currently, the code figures out if a comment is on the left or right by looking at the `<th />` preceeding the enclosing `<td />`.

This gets the right result in 2-up, but in 1-up rows are always `<th />`, `<th />`, `<td />`, so it always detects every inline as being in the new file.

Because "old" and "new" cells aren't inherently distingushable in the 1up view, we can't use a DOM test for this at all. Instead, just track this state explicitly.

Test Plan:
  - Made left/right comments in 1up view and 2up view.
  - Viewed them in 1up and 2up views.
  - Hovered in 1up and 2up views.
  - Diff-of-diff'd and reviewed old/new comments, then made some more.

Reviewers: btrahan, chad

Reviewed By: chad

Subscribers: epriestley

Maniphest Tasks: T2009

Differential Revision: https://secure.phabricator.com/D12011
2015-03-07 14:37:57 -08:00
epriestley
b8ed980d3d Fix scrollbar being cut off at end of gutter
Summary:
The "mlb" on the left nav creates a phantom bottom margin which gives the content measurable height but not scrollable height. Replace it with "plb" (padding) instead.

The 2px-spacer calculation was also not quite correct.

Test Plan:
  - Viewed pages with navs; padding vs margin didn't seem to make any other differences.
  - Scrollbar now stops in the right place in Safari, Chrome, Firefox.

Reviewers: btrahan, chad

Reviewed By: chad

Subscribers: epriestley

Differential Revision: https://secure.phabricator.com/D12007
2015-03-07 09:53:58 -08:00
Chad Little
076cc6ed7e Change setErrorView to setInfoView in PHUIObjectBoxView
Summary: Renames the method in PHUIObjectBoxView to match the new PHUIInfoView class.

Test Plan: grepped codebase. Went to Calendar and tried a new status.

Reviewers: btrahan, epriestley

Reviewed By: epriestley

Subscribers: Korvin, epriestley

Differential Revision: https://secure.phabricator.com/D12005
2015-03-06 17:03:18 -08:00
Chad Little
8da5b6255d Remove AphrontPanelView
Summary: Removes AphrontPanelView, and most of it's CSS - it seems some old previews still call it.

Test Plan: grep for AphrontPanelView, no callsites left. Verify CSS left is minimal needed.

Reviewers: btrahan, epriestley

Reviewed By: epriestley

Subscribers: Korvin, epriestley

Maniphest Tasks: T7427

Differential Revision: https://secure.phabricator.com/D12004
2015-03-06 16:44:18 -08:00
Chad Little
6909e6206e Remove AphrontPanelView from Diffusion
Summary: Removes remaining AphrontPanelView calls in Diffusion for UI Consistency.

Test Plan: Tested each page except lint details, which I couldn't quite find a path to. Everything looks right.

Reviewers: epriestley, btrahan

Reviewed By: btrahan

Subscribers: Korvin, epriestley

Maniphest Tasks: T7427

Differential Revision: https://secure.phabricator.com/D12001
2015-03-06 15:32:12 -08:00
epriestley
68fa70eacb Make images work in the unified diff view
Summary: Ref T2009. Still a touch glitch-ish but essentially functional now.

Test Plan: Viewed image diffs in 1up and 2up views. Made inline comments on them.

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: epriestley

Maniphest Tasks: T2009

Differential Revision: https://secure.phabricator.com/D12003
2015-03-06 15:03:38 -08:00
epriestley
f9cb366f00 Remove duplicate inline scaffold in 2up renderer
Summary: Ref T2009. Remove the 4 (!!) copies of this code.

Test Plan:
  - Added, edited, and removed inline comments in 2up view.
  - Stacked a bunch of comments on the same line and saw the JS place them correctly.
  - Created an image diff and added, edited and removed inlines on it.

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: epriestley

Maniphest Tasks: T2009

Differential Revision: https://secure.phabricator.com/D12000
2015-03-06 15:00:43 -08:00
epriestley
ac60b23ef9 Remove duplicate inline row scaffold in 1up renderer
Summary: Ref T2009. This can now be removed.

Test Plan: Added, edited and deleted an inline comment in 1up view.

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: epriestley

Maniphest Tasks: T2009

Differential Revision: https://secure.phabricator.com/D11998
2015-03-06 15:00:39 -08:00
epriestley
1352be827e Begin separating inline comment scaffolding from other renderers
Summary:
Ref T2009. Inline comments have "scaffolding", which is basically some empty table cells/rows around them to get the layout correct.

The scaffolding depends on the renderer, since the cells are different for side-by-side vs unified diffs.

This is currently duplicated all over the place:

  - Edit view has 1up/2up.
  - Detail view has 1up/2up.
  - 1up renderer has 1up.
  - 2up renderer has four separate copies of the 2up logic.

These all have subtle differences, which are mostly bugs. Start making the scaffolding more composable so we can get rid of that mess.

Test Plan: Added, edited, and removed inline comments on unified and side-by-side diffs.

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: epriestley

Maniphest Tasks: T2009

Differential Revision: https://secure.phabricator.com/D11997
2015-03-06 15:00:33 -08:00
epriestley
1088d34e58 Rename inline comment views to "PHUIDiff" and give them a base class
Summary:
Ref T2009. These classes are "Differential" now, but are used elsewhere in diff infrastructure (e.g., Diffusion).

  - Rename them to "PHUIDiff".
  - Move them to "src/infrastructure/".
  - Give them a base class.

Test Plan: Interacted with inlines in unified and side-by-side views.

Reviewers: btrahan

Subscribers: epriestley

Maniphest Tasks: T2009

Differential Revision: https://secure.phabricator.com/D11996
2015-03-06 15:00:14 -08:00
epriestley
0af80c1d90 Further improve line grouping in unified views
Summary:
Ref T2009. This tweaks things a bit more to improve consecuitive groups of added and removed lines.

Generally, it gives us "old, old, old, new, new, new" intead of "old, new, old, new, old, new".

Feelin' real good about having unit tests for this stuff.

Test Plan: Unit tests, looked at diffs in web UI.

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: epriestley

Maniphest Tasks: T2009

Differential Revision: https://secure.phabricator.com/D11994
2015-03-06 09:58:26 -08:00
Chad Little
85f4bdc2ac Update Conpherence Main UI
Summary: Uses standard sidenav width, more spacing in labels, added background around textarea, make background work in Firefox.

Test Plan:
Test Desktop, Mobile, and Tablet break points. Test Firefox and Chrome.

{F331201}

Reviewers: btrahan, epriestley

Reviewed By: epriestley

Subscribers: Korvin, epriestley

Differential Revision: https://secure.phabricator.com/D11993
2015-03-05 17:09:07 -08:00
epriestley
b3d1ecebc7 Fix another issue with line order on unified diffs
Summary: This improves some cases with interleaved added and removed lines, and adds test coverage.

Test Plan:
  - Added and executed unit tests.
  - Viewed raw diff and saw sensible/expected output.

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: epriestley

Differential Revision: https://secure.phabricator.com/D11992
2015-03-05 16:24:04 -08:00
Bob Trahan
c97040de47 Conpherence - get the durable column header actions working correctly
Summary:
Ref T7014. This diff addresses

 - getting it to be the right set of options
   - add participant
   - view in conpherence
   - close window
 - making those options work
 - make it so if you are on /conpherence/ you can't toggle the durable column

Test Plan: inspected dom via chrome tools and found last transaction. added a participant and inspected the single new transactin added for accuracy. used view in conpherence action to view in conpherence. used close window action to close window

Reviewers: chad, epriestley

Reviewed By: epriestley

Subscribers: Korvin, epriestley

Maniphest Tasks: T7014

Differential Revision: https://secure.phabricator.com/D11991
2015-03-05 15:32:42 -08:00
epriestley
9564b0a40e Improve behavior of inline rendering with unified views
Summary:
Ref T2009. This reduces how buggy inlines are. They're still buggy.

Specifically, the inline endpoint didn't know how to scaffold inlines before, so some of them ended up rendering in the wrong rows or breaking layouts.

This passes the current renderer through to the inline editor endpoint, so it can at least get the layout correct.

Test Plan: Interacted with inlines in unified and side-by-side views.

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: epriestley

Maniphest Tasks: T2009

Differential Revision: https://secure.phabricator.com/D11988
2015-03-05 14:11:51 -08:00
epriestley
bd5985e67d Add "Copy" and "Coverage" columns to unified view
Summary:
These aren't being populated yet; they mostly fix some JS errors with inlines.

For example, the inline hover reticle relies on adjusting its width to account for the "copy" column, and failed when the column did not exist.

Test Plan:
  - Hovering inlines in unified now works, mostly.
  - Interacted with inlines in side-by-side.

Reviewers: chad, btrahan

Reviewed By: btrahan

Subscribers: epriestley

Differential Revision: https://secure.phabricator.com/D11985
2015-03-05 14:11:36 -08:00
epriestley
a8c9f2e8b0 Fix an issue where inlines appear in the wrong place in one-up views
Summary: Ref T2009. Unchanged lines should always go above inlines; we get nonsense results otherwise.

Test Plan: Inline now shows in correct place in unified view.

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: epriestley

Maniphest Tasks: T2009

Differential Revision: https://secure.phabricator.com/D11987
2015-03-05 14:04:21 -08:00
epriestley
35c1dbf1f8 Unify changeset line ID rendering and bring it to unified diffs
Summary:
Ref T2009. Currently, lines don't get their "C123NL456" IDs set in the unified view. This is the major way that inlines are glued to changesets.

Simplify this rendering and bring it into the HTML renderer, then use it in the OneUp renderer.

Test Plan:
  - Interacted with side-by-side inlines (hovered, added, edited, deleted), saw unchanged behavior.
  - Interacted with unified inlines. They still don't work, but the error that breaks them is deeper in the stack.

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: epriestley

Maniphest Tasks: T2009

Differential Revision: https://secure.phabricator.com/D11983
2015-03-05 14:03:57 -08:00
epriestley
cb886eb60e Share code for context link rendering on side-by-side diffs
Summary: Ref T2009. I've clicked these links like 200 times in testing now, so I'm feeling pretty good about them.

Test Plan: Viewed links in side-by-side diff, clicked them.

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: epriestley

Maniphest Tasks: T2009

Differential Revision: https://secure.phabricator.com/D11981
2015-03-05 14:03:26 -08:00
epriestley
aa98d9e5f8 Merge behavior-show-more into behavior-populate
Summary: Ref T2009. It doesn't make sense to have these as separate behaviors. We require a ChangesetViewManager to track view parameter state.

Test Plan: Interacted with changesets in Phriction, Differential and Diffusion.

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: epriestley

Maniphest Tasks: T2009

Differential Revision: https://secure.phabricator.com/D11979
2015-03-05 14:03:15 -08:00
epriestley
ad3c94dd45 Make "Show Context" persist rendering, whitespace, encoding, etc
Summary:
Ref T2009. Currently, we do not persist view parameters when making context rendering requests.

The big one is the renderer (1up vs 2up). This makes context on unified diffs come in with too many columns.

However, it impacts other parameters too. For example, at HEAD, if you change highlighting to "rainbow" and then load more context, the context uses the original highlighter instead of the rainbow highlighter.

This moves context loads into ChangesetViewManager, which maintains view parameters and can provide them correctly.

  - This removes "ref"; it is no longer required, as the ChangesetViewManager tracks it.
  - This removes URI management from `behavior-show-more`; it is no longer required, since the ChangesetViewManager knows how to render.
  - This removes "whitespace" since this is handled properly by the view manager.

Test Plan:
  - Used "Show Top" / "Show All" / "Show Bottom" in 1-up and 2-up views.
  - Changed file highlighting to rainbow, loaded stuff, saw rainbow stick.
  - Used "Show Entire File" in 1-up and 2-up views.
    - Saw loading chrome.
    - No loading chrome normally.
  - Made inlines, verified `copyRows()` code runs.
  - Poked around Diffusion -- it is missing some parameter handling, but works OK.

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: epriestley

Maniphest Tasks: T2009

Differential Revision: https://secure.phabricator.com/D11977
2015-03-05 14:03:00 -08:00
epriestley
df661eca35 Always run "behavior-populate" before "behavior-show-more"
Summary:
Ref T2009. This clears the stage for D11977.

Specifically, D11977 moves "show context" logic into ChangesetViewManager, but those objects won't exist if we don't run "behavior-populate" first.

Generally, this increases consistency across changeset views -- which is still very low overall, but getting slightly better.

Both of these should probably move up more and use ChangesetListView, but we don't need to do that quite yet.

Test Plan:
  - Took changeset actions in Phriction diff view.
  - Took changeset actions in Differential standalone view.
  - Took changeset actions in normal Differential view.

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: epriestley

Maniphest Tasks: T2009

Differential Revision: https://secure.phabricator.com/D11978
2015-03-05 14:02:45 -08:00
epriestley
06df75ebbd Render "Show Context" blocks in unified view
Summary:
Ref T2009. This basically copy/pastes them for now. Plans is:

  - Make this actually work all the way.
  - Add test coverage after D11970.
  - Move 2-up here after test coverage.

Clicking the links does not work yet, because they use the 2-up renderer. I'll fix this in the next diff.

Test Plan: Viewed diffs in unified, saw links to show more.

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: chad, epriestley

Maniphest Tasks: T2009

Differential Revision: https://secure.phabricator.com/D11976
2015-03-05 14:02:29 -08:00
epriestley
79cb47116e Provide "diff-1up" and "diff-2up" classes and tweak some styles
Summary: Ref T2009. Remove forced min-width of 780px in 1-up mode, and tweak a few other things to look better.

Test Plan: Looks better on mobile.

Reviewers: btrahan, chad

Reviewed By: chad

Subscribers: epriestley

Maniphest Tasks: T2009

Differential Revision: https://secure.phabricator.com/D11974
2015-03-05 14:01:52 -08:00
epriestley
17702f3984 Improve display of "Context not available" in 1-up view
Summary: Ref T2009. Makes "Context not available" render and behave correctly.

Test Plan: Viewed diff with missing context in 1-up view, looked marginally better.

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: epriestley

Maniphest Tasks: T2009

Differential Revision: https://secure.phabricator.com/D11973
2015-03-05 14:01:39 -08:00
epriestley
33d7034276 Add a preference for always using unified diffs
Summary: Ref T2009. These aren't good enough to actually use so I won't land this yet, but it makes testing changes a lot easier.

Test Plan:
  - Swapped setting.
  - Loaded revisions.
  - Saw setting respected.

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: epriestley

Maniphest Tasks: T2009

Differential Revision: https://secure.phabricator.com/D11972
2015-03-05 14:01:15 -08:00
epriestley
c82066408d Expand Differential test coverage to include moves, shields, and more
Summary:
See D11468 and D11465. Fixes T5163. Fixes T4105. This makes it practical to test shields, unshielding, moves, etc.

This fixes the issue in D11468, where line maps from whitespace-ignored hunks could have fewer lines than line maps from whitespace-respected hunks, causing a warning.

This encodes the behavior which D11465 changed, making it the canon behavior. Specifically, we do **not** show a shield. I think this is correct. It seems misleading to show "the contents of this file were not changed", because they were changed in both the sense that the file was completely removed, and also changed in the sense that the content itself was (or may have been) changed at the destination. Instead, we just show nothing.

Test Plan:
  - Added test coverage.
  - Ran tests.
  - Used `arc diff --raw --browse` to verify that web behavior was consistent with CLI/test behavior.

Reviewers: joshuaspence, btrahan

Reviewed By: btrahan

Subscribers: epriestley

Maniphest Tasks: T4105, T5163

Differential Revision: https://secure.phabricator.com/D11970
2015-03-05 14:00:26 -08:00
epriestley
8df36b8f0c Fix bad method signature
Summary: This ended up having a different signature; the discrepancy can cause a warning.

Test Plan: No more warning.

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: epriestley

Differential Revision: https://secure.phabricator.com/D11971
2015-03-05 10:43:26 -08:00
cpettet
a43e7b292c phd.verbose config key description typo
Summary: Miniscule typo patch.

Test Plan: None really!

Reviewers: #blessed_reviewers, epriestley

Reviewed By: #blessed_reviewers, epriestley

Subscribers: epriestley

Differential Revision: https://secure.phabricator.com/D11986
2015-03-05 10:41:19 -08:00
Bob Trahan
27a60bdb3c Conpherence - make the durable column kind of work and stuff
Summary:
Ref T7014. This hooks up the durable column such that when you open it up it loads your most recent Conpherence. You can then switch amongst the various widgets and stuff and everything works nicely.

Except...

 - scroll bar does not work
   - also doesn't work at HEAD when I add a ton of text to the UI with no changes? (wrapped $copy in array_fill(0, 1000, $copy))
 - "widget selector" does not collapse when you select something else
   - this part wasn't really specified so I used the aphlict dropdown stuff. didn't want to keep working on that if this was the wrong UI choice
 - can not edit title
   - do we still want that to be done by clicking on the title, which pops a dialogue?
 - can not add participants or calendar events
   - what should this UI be? maybe just a button on the top for "participants" and a button on the bottom for calendar? both on top?
 - this is not pixel perfect to the mock or two I've seen around. Aside from generally being bad at that, I definitely didn't get the name + timestamps formatting correctly, because the standard DOM of that has timestamp FIRST which appears second due to a "float right". Seemed like a lot of special-casing for what might not even be that important in the UI so I punted. (And again, there's likely many unknown ways in which this isn't pixel perfect)

There's also code quality issues

 - `ConpherenceWidgetConfigConstants` is hopefully temporary or at least gets more sleek as we keep progressing here
 - copied some CSS from main Conpherence app
   - DOM structure is pretty different
   - there's some minor CSS tweaks too given the different width (not to mention the DOM structure being different)
 - copied some JS from behavior-pontificate.js to sync threads relative to aphlict updates
 - JS in general is like a better version of existing JS; these should collapse I'd hope?
 - maybe the aphlict-behavior-dropdown change was badsauce?

...but all that said, this definitely feels really nice and I feel like adding stuff is going to be really easy compared to how normal Conpherence is.

Also includes a bonus bug fix - we now correctly update participation. The user would encounter this issue if they were in a conpherence that got some updates and then they went to a different page; they would have unread status for the messages that were ajax'd in. This patch fixes that by making sure we mark participation up to date with the proper transaction in all cases.

Test Plan: hit "\" to invoke the column and saw nice loading UI and my latest conpherence load. sent messages and verified they received A-OK by looking in DOM console. toggled various widges and verified they rendered correctly. opened up a second browser with a second user on the thread, sent a message, and it was received in a nice asynchronous fashion

Reviewers: chad, epriestley

Reviewed By: epriestley

Subscribers: Korvin, epriestley

Maniphest Tasks: T7014

Differential Revision: https://secure.phabricator.com/D11968
2015-03-05 10:33:39 -08:00
Chad Little
386a517c14 Modernize Repositories a bit
Summary: Switch to modern components, crumbs, pht, object boxes.

Test Plan:
Test browsing a list, click edit, click new repository, click delete, verify all work as expected.

{F330864}

Reviewers: btrahan, epriestley

Reviewed By: epriestley

Subscribers: Korvin, epriestley

Maniphest Tasks: T7427

Differential Revision: https://secure.phabricator.com/D11984
2015-03-05 09:43:13 -08:00
Chad Little
19f2468753 Remove AprhontPanelView from LDAP search
Summary: Makes this just a plain box (we don't have UI for table-in-form just yet).

Test Plan: Faked some connection data to view the display.

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: Korvin, epriestley

Maniphest Tasks: T7427

Differential Revision: https://secure.phabricator.com/D11982
2015-03-05 08:48:18 -08:00
Chad Little
f9dc4ef6d8 Set device true on all XHProf pages
Summary: Pass this as true when building XHProf pages

Test Plan: Verify setDeviceReady exists in class PhabricatorBarePageView

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: Korvin, epriestley

Differential Revision: https://secure.phabricator.com/D11980
2015-03-05 08:45:51 -08:00
epriestley
803a050824 Fix an issue with creating new Conpherences
Summary: The participant list can sometimes be `null`, which fails when we try to `array_fuse()` it.

Test Plan: Created a new thread cleanly.

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: epriestley

Differential Revision: https://secure.phabricator.com/D11969
2015-03-04 14:36:13 -08:00
epriestley
174dd220df Disable mentions in nonpublishing repositories
Summary:
Ref T6516. Although this behavior is somewhat-arguable as desirable, I think it's less surprising and more consistent to disable mentions when a repository is publishing.

In particular, if you import a repository developed on another Phabricator install, this stops all the `T123` in commit messages from creating mentions on your unrelated `T123` tasks.

We already disable autoclose, so `Closes T123` and `Ref T123` already have no effect, but a bare `T123` would generate a mention. Likewise, `@epriestley` would generate a mention.

If you import such a repository and then update it periodically, updates will activate autoclose and publishing (if you didn't disable them), but presumably this will hit a couple of tasks and you'll go change the settings if you forgot.

At some point, we may have some kind of use case for separating the "publish" setting into a "publish" setting and a "this is a local repository" setting. For example, if you work at Widget Corp, want to import Phabricator locally, //and// want to write Herald rules against it, you can't currently configure the repository to let you do all of this. But we haven't actually seen a use case for this yet.

Test Plan:
  - Pushed some commits with bare `T11`, saw mentions.
  - Disabled publishing for the repository, pushed some commits with
  - Imported a bunch of commits without seeing pipeline failures.

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: epriestley

Maniphest Tasks: T6516

Differential Revision: https://secure.phabricator.com/D11966
2015-03-04 10:36:38 -08:00
epriestley
46e5e79c4f Include custom header PHID in header logo cache key
Summary: Ref T4214. Reduce the need for installs to purge caches.

Test Plan:
{F329350}

  - Changed header twice.
  - New one showed up without dirtying cache.

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: epriestley

Maniphest Tasks: T4214

Differential Revision: https://secure.phabricator.com/D11965
2015-03-04 10:36:19 -08:00
epriestley
027d4ffd8b Set "importing" flag on repositories created via API
Summary: Ref T6516. We incorrectly fail to set this flag on repositories created via Conduit, which activates too many actions on old commits.

Test Plan:
  - Created a new repository via Conduit, verified it was "importing" after creation.
  - Created a new repostiory via web UI, verified it was "importing" after creation.

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: epriestley

Maniphest Tasks: T6516

Differential Revision: https://secure.phabricator.com/D11964
2015-03-04 10:36:09 -08:00
epriestley
b09168e689 Show "Show Older" for transactions the user has not interacted with
Summary: Fixes T7454. We weren't triggering "Show Older" unless there were hidden events because of a previous interaction.

Test Plan:
  - Set page size to 3.
  - Viewed a task with ~10 transactions.
  - Before patch:
    - Only 3 most recent transactions visible, no way to see older ones.
    - Saw "show older" appear, paged backward through transaction histroy.
  - Also, interacted with task and then viewed it, made sure "show older" still works.

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: epriestley

Maniphest Tasks: T7454

Differential Revision: https://secure.phabricator.com/D11963
2015-03-04 10:36:01 -08:00
epriestley
85cc15b56d Recognize merchant authority in Fund initiatives
Summary: Update fund for new merchant authority stuff.

Test Plan:
  - Created a secret initiative.
  - Could see related activity as merchant.
  - Could not see it not-as-merchant.

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: epriestley

Differential Revision: https://secure.phabricator.com/D11959
2015-03-04 10:35:53 -08:00
Bob Trahan
05510aa41f Maniphest - fix blocking / blocked task queries
Summary: Fixes T7392. I kind of stink at SQL so my approach here was to "start over" conceptually and this way makes the most sense to me - we basically do one join on the dependency table and then a second join back from the dependency table to the main task table. In the where clause we filter the resulting rows, first checking the data from dependency join for existence as appropros and then checking the second join for main task table for the proper "open" task values.

Test Plan: made a task X be blocked by task Y. closed task y. search for "not blocked" tasks and saw task X.

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: Korvin, epriestley

Maniphest Tasks: T7392

Differential Revision: https://secure.phabricator.com/D11962
2015-03-03 15:53:08 -08:00
Chad Little
1e5f96e773 Modernize Owners a bit
Summary: Update Owners per current UI standards, add crumbs at each level, removed AphrontPanels, check spacing.

Test Plan: Tested a list of owner packages, editing a package, creating a package, and various filters.

Reviewers: btrahan, epriestley

Reviewed By: epriestley

Subscribers: Korvin, epriestley

Differential Revision: https://secure.phabricator.com/D11961
2015-03-03 13:51:28 -08:00
Chad Little
972c363a21 Modernize Fact a bit
Summary: Remove AphrontPanels, use standard UI, test for mobile, add phts

Test Plan: Faked a few facts for layout purposes.

Reviewers: btrahan, epriestley

Reviewed By: epriestley

Subscribers: Korvin, epriestley

Differential Revision: https://secure.phabricator.com/D11960
2015-03-03 13:48:30 -08:00
Chad Little
0ceb30af86 Moderize Daemons a little
Summary: Swaps out to modern UI components, update for mobile, fix some phts.

Test Plan: Test each Daemon page on desktop and mobile. Verify modern layout.

Reviewers: btrahan, epriestley

Reviewed By: epriestley

Subscribers: Korvin, epriestley

Maniphest Tasks: T7427

Differential Revision: https://secure.phabricator.com/D11958
2015-03-03 11:11:26 -08:00
Chad Little
423180430e Modernize Conduit app a bit
Summary: Remove some AphrontPanels, add some phts, fix some table layouts.

Test Plan: Browse many Conduit pages, test a few calls.

Reviewers: btrahan, epriestley

Reviewed By: epriestley

Subscribers: Korvin, epriestley

Maniphest Tasks: T7427

Differential Revision: https://secure.phabricator.com/D11957
2015-03-03 11:09:59 -08:00
epriestley
024a01abe8 Move Conpherence to "Z" monogram instead of "E"
Summary:
Ref T7439. Fixes T7438. This is only used in email right now.

Remain backward compatible.

Test Plan:
  - Sent a message, saw a "Z" reply address.
  - Checked the PHIDType.
  - Grepped for `"E"` and `'E'`.

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: epriestley

Maniphest Tasks: T7439, T7438

Differential Revision: https://secure.phabricator.com/D11956
2015-03-03 10:40:09 -08:00
epriestley
47b54389e5 Forbid adding non-users to Conpherence threads
Summary: Fixes T6724. Adds validation that participants are users.

Test Plan:
  - Tried to add non-users, got an error.
  - Added users normally.

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: epriestley

Maniphest Tasks: T6724

Differential Revision: https://secure.phabricator.com/D11955
2015-03-03 10:40:00 -08:00
epriestley
f391364bb7 Don't match parentheses as a hashtag character
Summary: Fixes T6818.

Test Plan: Added and ran unit tests.

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: epriestley

Maniphest Tasks: T6818

Differential Revision: https://secure.phabricator.com/D11954
2015-03-03 10:39:52 -08:00
epriestley
6b65c578c7 Forbid construction of dashboard panels on various Phortune objects
Summary:
Fixes T7102. These panels don't work, aren't meaningful, and don't seem very useful.

We could eventually support providing context to dashboards somehow ("merchant dashboard") but don't have much of an apparent need for this.

Test Plan:
  - Tried to create cart/subscription/charge dashboard panels.
  - Unable to create new ones.
  - The ones from before the change show a relevant error now.

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: epriestley

Maniphest Tasks: T7102

Differential Revision: https://secure.phabricator.com/D11953
2015-03-03 10:39:43 -08:00
epriestley
e1d09fd035 Show change details for "Remarkup" standard custom field edits
Summary: Fixes T7436.

Test Plan: {F328222}

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: epriestley

Maniphest Tasks: T7436

Differential Revision: https://secure.phabricator.com/D11952
2015-03-03 10:39:32 -08:00
epriestley
bb342c60e2 Don't require payment review by default in Phortune
Summary: We've processed some payments without anything going wrong now, and in the Phacility case we control all the payment amounts and the goods are essentially-virtual and billed-after-delivery anyway, so abuse is fairly difficult/pointless and presumably unlikely.

Test Plan: Paid an invoice and saw it go to completed immediately.

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: epriestley

Differential Revision: https://secure.phabricator.com/D11951
2015-03-03 10:39:00 -08:00
epriestley
2d9206a904 Update remaining Phortune merchant views to use Merchant Authority
Summary: See discussion in D11945. This finishes the rest of the merchant views to respect/use merchant authority in order to interact with objects.

Test Plan:
  - As a merchant: accepted, refunded, updated, browsed orders.
  - As a non-merchant: couldn't do any of that stuff for orders I don't own.

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: epriestley

Differential Revision: https://secure.phabricator.com/D11950
2015-03-03 10:38:47 -08:00
epriestley
ab4743b216 Improve Phortune policy behavior
Summary:
Currently, PhortuneAccounts have a very open default policy to allow merchants to see and interact with them.

This has the undesirable side effect of leaking their names in too many places, because all users are allowed to load the handles for the accounts. Although this information is not super sensitive, we shouldn't expose it.

I went through about 5 really messy diffs trying to fix this. It's very complicated because there are a lot of objects and many of them are related to PhortuneAccounts, but PhortuneAccounts are not bound to a specific merchant. This lead to a lot of threading viewers and merchants all over the place through the call stack and some really sketchy diffs with OmnipotentUsers that weren't going anywhere good.

This is the cleanest approach I came up with, by far:

  - Introduce the concept of an "Authority", which gives a user more powers as a viewer. For now, since we only have one use case, this is pretty open-ended.
  - When a viewer is acting as a merchant, grant them authority through the merchant.
  - Have Accounts check if the viewer is acting with merchant authority. This lets us easily implement the rule "merchants can see this stuff" without being too broad.

Then update the Subscription view to respect Merchant Authority.

I partially updated the Cart views to respect it. I'll finish this up in a separate diff, but this seemed like a good checkpoint that introduced the concept without too much extra baggage.

This feels pretty good/clean to me, overall, even ignoring the series of horrible messes I made on my way here.

Test Plan:
  - Verified I can see everything I need to as a merchant (modulo un-updated Cart UIs).
  - Verified I can see nothing when acting as a normal user.

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: epriestley

Differential Revision: https://secure.phabricator.com/D11945
2015-03-03 10:38:25 -08:00
Chad Little
a2ece038c6 Convert search results to use PHUIObjectItemView
Summary: This moves global search results to use standard UI, and hopefully allow us to easily add more information.

Test Plan:
Tested a number of open and closed task queries, tried a few users and projects. All seem to work well.

{F328075}

{F328078}

Reviewers: btrahan, epriestley

Reviewed By: epriestley

Subscribers: Korvin, epriestley

Differential Revision: https://secure.phabricator.com/D11948
2015-03-03 07:18:40 -08:00
Chad Little
de13f39847 Remove some AphrontPanels
Summary: Removes AphrontPanelViews from UIExamples

Test Plan: Tested new layouts in each of the pages.

Reviewers: btrahan, epriestley

Reviewed By: epriestley

Subscribers: Korvin, epriestley

Maniphest Tasks: T7427

Differential Revision: https://secure.phabricator.com/D11947
2015-03-03 07:07:26 -08:00
epriestley
5952b0a31b Stop mangling filenames when downloading them
Summary: Fixes T6990. We unnecessarily mangle filenames when downloading them.

Test Plan:
  - Reviewed "quoted-string" grammar in HTTP spec (http://www.w3.org/Protocols/rfc2616/rfc2616-sec2.html)
  - Downloaded some non-latin binaries.

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: epriestley

Maniphest Tasks: T6990

Differential Revision: https://secure.phabricator.com/D11940
2015-03-03 03:27:42 -08:00
epriestley
d866af32e0 Don't prompt users to autopay with disabled cards
Summary: Also exclude non-merchant cards.

Test Plan: Loaded subscription, saw better options in dropdown.

Reviewers: btrahan, chad

Reviewed By: chad

Subscribers: epriestley

Differential Revision: https://secure.phabricator.com/D11943
2015-03-02 18:25:49 -08:00
epriestley
c56ac11bd2 Don't link payment methods to nowhere
Summary: This page doesn't actually exist and we don't really have any content to put on it right now.

Test Plan: No longer saw bogus link in subscriptions.

Reviewers: btrahan, chad

Reviewed By: chad

Subscribers: epriestley

Differential Revision: https://secure.phabricator.com/D11942
2015-03-02 18:17:52 -08:00
epriestley
26268c6362 Clarify that NOTE, etc., are separate block level elements
Summary: Fixes T6965.

Test Plan: Read documentation.

Reviewers: btrahan, chad

Reviewed By: chad

Subscribers: epriestley

Maniphest Tasks: T6965

Differential Revision: https://secure.phabricator.com/D11941
2015-03-02 18:17:41 -08:00
epriestley
a76049abd4 Fix not blocking / not blocked queries
Summary: Fixes T7434. We need to LEFT JOIN, not JOIN here, because we still want result rows where the value is `null`.

Test Plan: Issued blocked/not-blocked + blocking/not-blocking queries, got results in all cases.

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: epriestley

Maniphest Tasks: T7434

Differential Revision: https://secure.phabricator.com/D11939
2015-03-02 17:00:20 -08:00
epriestley
e651169879 Improve exception when creating a cyclic dependency in Maniphest
Summary: Fixes T6815. This was overlooked in D9838. This could be prettier, but does the job.

Test Plan: {F327790}

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: epriestley

Maniphest Tasks: T6815

Differential Revision: https://secure.phabricator.com/D11937
2015-03-02 16:36:44 -08:00
Chad Little
e5e3eb357f New Admin Welcome Screen
Summary: Somewhat easier to parse and present information, with ICONS.

Test Plan:
Rebuilt current view with new layout. Tested toggling on and off some of the entries.

{F327816}

Reviewers: btrahan, epriestley

Reviewed By: epriestley

Subscribers: Korvin, epriestley

Differential Revision: https://secure.phabricator.com/D11938
2015-03-02 15:42:25 -08:00
epriestley
a6ec787df5 Remove magic "help" in global search
Summary: Fixes T7425. Overall, this is surprising and confusing after jump nav was merged with global search.

Test Plan: Searched for "help", got documents matching the word "help".

Reviewers: chad, btrahan

Reviewed By: btrahan

Subscribers: chasemp, epriestley

Maniphest Tasks: T7425

Differential Revision: https://secure.phabricator.com/D11936
2015-03-02 14:32:08 -08:00
epriestley
b170d1c15f Make it easier to add payment methods for subscription autopay
Summary:
Fixes T7424. Ref T6308.

Currently, there's no option to just add a card directly from the autopay UI. Add a button so this works.

Also, chip away at T6308 a bit. This isn't perfect but looks a little less out of place.

Test Plan:
{F327637}

- Added a payment method, then set it as autopay.

Reviewers: chad, btrahan

Reviewed By: btrahan

Subscribers: epriestley

Maniphest Tasks: T6308, T7424

Differential Revision: https://secure.phabricator.com/D11935
2015-03-02 13:01:08 -08:00
Chad Little
2d50712aad Add fluid-view as an option for PHUIDocumentView
Summary: Fixes some UIExample UI issues, adds a new full-width setting for DocumentView

Test Plan:
Test UIExamples at desktop and mobile breakpoints

{F327446}

Reviewers: btrahan, epriestley

Reviewed By: epriestley

Subscribers: Korvin, epriestley

Maniphest Tasks: T7431

Differential Revision: https://secure.phabricator.com/D11933
2015-03-02 12:08:04 -08:00
epriestley
184619730f Fix an issue with collation construction on "sort" columns for old MySQL
Summary:
Fixes T7422. We'll currently choose a "binary" charset with a "utf8_general_ci" collation on "sort" columns on older MySQL, which seems to be causing problems.

Choose "utf8" in this case instead.

(I attempted to simplify the logic, too, but that's the only actual change.)

Test Plan: Went back and forth with `--disable-utf8mb4` on `storage adjust`, but this is version dependent so I'm not 100% sure it's the right fix.

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: epriestley

Maniphest Tasks: T7422

Differential Revision: https://secure.phabricator.com/D11928
2015-03-02 09:57:55 -08:00
epriestley
a65667443b Fix quickstart.sql for old MySQL
Summary:
Fixes T7422. After the recent fix for "sort" columns, we can end up with invalid SQL in some cases when running quickstart.

In particular, we do "COLLATE binary CHARACTER SET utf8_general_ci" (which is invalid).

Preprocess these so we get "COLLATE utf8 CHARACTER SET utf8_general_ci" (which is valid and correct).

Test Plan: Ran `bin/storage upgrade -f --namespace blahblhbaba` with and without `--disable-utf8mb4`.

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: epriestley

Maniphest Tasks: T7422

Differential Revision: https://secure.phabricator.com/D11929
2015-03-02 09:57:38 -08:00
epriestley
8fd77ff4f8 Support ssh-ed25519 SSH keys
Summary: Fixes T7121.

Test Plan: Used `ssh-keygen -t ed25519` on an Ubuntu 14 box to generate a key; verified this is the header on the corresponding public key.

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: epriestley

Maniphest Tasks: T7121

Differential Revision: https://secure.phabricator.com/D11930
2015-03-02 09:57:26 -08:00
Chad Little
c6a7bf8729 Make similar/subtask actions clickable
Summary: Adding better CSS and set correct tag and examples.

Test Plan: Test UIExamples, creating and click on similar task, empty task in Maniphest.

Reviewers: btrahan, epriestley

Reviewed By: epriestley

Subscribers: Korvin, epriestley

Maniphest Tasks: T7423

Differential Revision: https://secure.phabricator.com/D11932
2015-03-02 09:01:04 -08:00
epriestley
a0e9762968 Restore "Query:" to page title in application search
Summary: Fixes T7055. Omitting this from the crumbs is an improvement, but page titles like "New" seem better with a little more context.

Test Plan: Saw "Query:" in page titles only.

Reviewers: chad

Reviewed By: chad

Subscribers: epriestley

Maniphest Tasks: T7055

Differential Revision: https://secure.phabricator.com/D11931
2015-03-02 08:50:36 -08:00
epriestley
a9b4197f93 Fix lispum generation of Pholio mocks
Summary: Fixes T7406. Unbreak this oldschool code.

Test Plan:
```
GENERATING: PhabricatorPholioMockTestDataGenerator
Generated Mock: M8: Ipsum est eu enim magna do; reprehenderit.
Generated Mock: M9: Dolor est culpa esse cillum ullamco.
Generated Mock: M10: Lorem do cillum sint mollit: minim, in, aliqua esse.
```

Also created a mock normally, worked/looked fine.

Reviewers: joshuaspence, btrahan

Reviewed By: btrahan

Subscribers: epriestley

Maniphest Tasks: T7406

Differential Revision: https://secure.phabricator.com/D11924
2015-03-02 08:15:32 -08:00
epriestley
d69a6b8490 Improve error messages when specifying bad set or list to bin/config
Summary: Fixes T7308. Multiple users have encountered confusion around how they should specify a set or list in JSON; provide examples.

Test Plan:
```
epriestley@orbital ~/dev/phabricator $ ./bin/config set files.image-mime-types true
Usage Exception: Config key 'files.image-mime-types' is of type 'set'. Specify it in JSON. For example:

    ./bin/config set '{"value1": true, "value2": true}'

epriestley@orbital ~/dev/phabricator $ ./bin/config set cluster.addresses true
Usage Exception: Config key 'cluster.addresses' is of type 'list<string>'. Specify it in JSON. For example:

    ./bin/config set '["a", "b", "c"]'

epriestley@orbital ~/dev/phabricator $
```

Reviewers: btrahan, chad

Reviewed By: chad

Subscribers: epriestley

Maniphest Tasks: T7308

Differential Revision: https://secure.phabricator.com/D11925
2015-03-02 07:51:19 -08:00
epriestley
2387c1e918 Allow un-ToS'd users to view other Legalpad documents
Summary:
Fixes T7420. On Phacility, our ToS currently links to some policy documents, but users who haven't signed the ToS can't see them.

I've just created a blanket exemption and documented it; I //think// this is reasonable in all cases.

Test Plan: As an un-ToS'd user, viewed some other documents.

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: epriestley

Maniphest Tasks: T7420

Differential Revision: https://secure.phabricator.com/D11923
2015-03-02 07:39:16 -08:00
epriestley
c99d84793b Don't show "View Raw" for removed comments
Summary: Fixes T7232.

Test Plan: Saw "View Raw" gone for removed comment, still present and functional for non-removed comment.

Reviewers: btrahan, chad

Reviewed By: chad

Subscribers: epriestley

Maniphest Tasks: T7232

Differential Revision: https://secure.phabricator.com/D11926
2015-03-02 07:07:13 -08:00
epriestley
bb6eb9bfcf Fix ambiguous column names in Maniphest blocking queries
Summary: Fixes T7421. Now that we join the task table again to ignore //closed// blockers, all the column names are ambiguous. Make them unambiguous.

Test Plan: Issued some searches with various different parameters.

Reviewers: btrahan, joshuaspence, chad

Reviewed By: chad

Subscribers: epriestley

Maniphest Tasks: T7421

Differential Revision: https://secure.phabricator.com/D11922
2015-03-02 06:43:52 -08:00
epriestley
18340d9cef Fix edit URI for Phortune subscriptions
Summary: This generates not-quite-correctly.

Test Plan: Clicked "Edit Subscription" on a Phortune subscription.

Reviewers: btrahan, chad

Reviewed By: chad

Subscribers: epriestley

Differential Revision: https://secure.phabricator.com/D11921
2015-03-01 18:20:56 -08:00
Chad Little
89dbe8a995 Replace context bar in Maniphest with PHUIInfoView
Summary: Removes AphrontContext bar and uses PHUIInfoView instead. This also attaches to the ObjectBox instead for cleaner UI. Also moved phui-error-view.css which was missed.

Test Plan: Test creating a subtask or a new task, see updated info bar and action buttons.

Reviewers: btrahan, epriestley

Reviewed By: epriestley

Subscribers: Korvin, epriestley

Differential Revision: https://secure.phabricator.com/D11920
2015-03-01 16:07:04 -08:00
Chad Little
c038c643f4 Move PHUIErrorView to PHUIInfoView
Summary: Since this element isn't strictly about errors, re-label as info view instead.

Test Plan: Grepped for all callsites, tested UIExamples and a few other random pages.

Reviewers: btrahan, epriestley

Reviewed By: epriestley

Subscribers: hach-que, Korvin, epriestley

Differential Revision: https://secure.phabricator.com/D11867
2015-03-01 14:45:56 -08:00
Joshua Spence
5b104e291a Fix a missing parameter
Summary: Add a missing parameter to a `pht` call

Test Plan: `arc lint`

Reviewers: epriestley, #blessed_reviewers

Reviewed By: epriestley, #blessed_reviewers

Subscribers: Korvin, epriestley

Differential Revision: https://secure.phabricator.com/D11912
2015-03-02 08:15:02 +11:00
epriestley
ed49b41e91 When redirecting to acquire file access tokens, retain 'download' parameter
Summary: Fixes T7398. Previously, we would redirect to get a token and then redirect back to make use of it, but lose "download" in the process, and thus not get the correct "Content-Disposition" header.

Test Plan: Clicked "Download" on a lightboxed file.

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: epriestley

Maniphest Tasks: T7398

Differential Revision: https://secure.phabricator.com/D11915
2015-03-01 12:12:45 -08:00
epriestley
d1eda610fa Identify builtin files and give them open policies
Summary:
Fixes T7379. Currently, builtin files generate with a "users" view policy even if an install is public.

Because these files TTL after 7 days, there's no migration here. Installs won't see the fix actually happen for up to 7 days after updating, though.

Test Plan:
  - Deleted a builtin.
  - Loaded projects page to regenerate it.
  - Saw new builtin had most open policy and was marked as a builtin.

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: epriestley

Maniphest Tasks: T7379

Differential Revision: https://secure.phabricator.com/D11917
2015-03-01 12:12:38 -08:00
Joshua Spence
eec2d145df Add abstract getGroup() method
Summary: In D11722, a `getGroup()` method was added to all subclasses of `PhabricatorApplicationConfigOptions`, but no abstract method was added to the base class. This will fail if a custom `*ConfigOptions` class does not provide a `getGroup()` method, in which case `$group->getGroup()` (in `PhabricatorConfigListController`) will fatal.

Test Plan: N/A

Reviewers: epriestley, #blessed_reviewers

Reviewed By: epriestley, #blessed_reviewers

Subscribers: epriestley

Differential Revision: https://secure.phabricator.com/D11756
2015-03-01 09:47:10 +11:00
Joshua Spence
ea337abafb Minor tidying of lipsum generate workflow
Summary: Just modernizing this a bit.

Test Plan: Ran `./bin/lipsum generate`.

Reviewers: #blessed_reviewers, epriestley

Reviewed By: #blessed_reviewers, epriestley

Subscribers: Korvin, epriestley

Differential Revision: https://secure.phabricator.com/D11907
2015-03-01 09:41:52 +11:00
Joshua Spence
644b05ec08 Minor fix for lipsum generate
Summary:
I was hitting the following error when attempting to use `./bin/lipsum generate`:

```
[2015-02-28 21:55:00] ERROR 2: array_rand(): Second argument has to be between 1 and the number of elements in the array at [/usr/src/phabricator/src/applications/pholio/lipsum/PhabricatorPholioMockTestDataGenerator.php:93]
arcanist(head=master, ref.master=d8182cf55d50), phabricator(head=master, ref.master=658175925931), phutil(head=master, ref.master=260e6105dee5)
  #0 array_rand(array, integer) called at [<phabricator>/src/applications/pholio/lipsum/PhabricatorPholioMockTestDataGenerator.php:93]
  #1 PhabricatorPholioMockTestDataGenerator::generateImages() called at [<phabricator>/src/applications/pholio/lipsum/PhabricatorPholioMockTestDataGenerator.php:30]
  #2 PhabricatorPholioMockTestDataGenerator::generate() called at [<phabricator>/src/applications/lipsum/management/PhabricatorLipsumGenerateWorkflow.php:67]
  #3 PhabricatorLipsumGenerateWorkflow::infinitelyGenerate(array) called at [<phabricator>/src/applications/lipsum/management/PhabricatorLipsumGenerateWorkflow.php:36]
  #4 PhabricatorLipsumGenerateWorkflow::execute(PhutilArgumentParser) called at [<phutil>/src/parser/argument/PhutilArgumentParser.php:396]
  #5 PhutilArgumentParser::parseWorkflowsFull(array) called at [<phutil>/src/parser/argument/PhutilArgumentParser.php:292]
  #6 PhutilArgumentParser::parseWorkflows(array) called at [<phabricator>/scripts/lipsum/manage_lipsum.php:21]
```

Test Plan: Ran `./bin/lipsum generate` and received less errors.

Reviewers: #blessed_reviewers, epriestley

Reviewed By: #blessed_reviewers, epriestley

Subscribers: Korvin, epriestley

Differential Revision: https://secure.phabricator.com/D11908
2015-03-01 09:41:40 +11:00
Joshua Spence
96f6fb585e phtize a few strings
Summary: Self-explanatory.

Test Plan: Eyeball it.

Reviewers: epriestley, #blessed_reviewers

Reviewed By: epriestley, #blessed_reviewers

Subscribers: Korvin, epriestley

Differential Revision: https://secure.phabricator.com/D11909
2015-03-01 09:41:00 +11:00
Joshua Spence
130aa755bb Exclude closed tasks from blocked/blocking filter
Summary: Fixes T7392. When filtering blocked/blocking Maniphest tasks, don't consider closed tasks.

Test Plan:
# Created `T1` and `T2` with `T2 depends on T1`.
# Marked `T1` as resolved.
# Searched for tasks "blocked by other tasks" and noted that `T2` wasn't in the result set.

Reviewers: btrahan, #blessed_reviewers, epriestley

Reviewed By: #blessed_reviewers, epriestley

Subscribers: Korvin, epriestley

Maniphest Tasks: T7392

Differential Revision: https://secure.phabricator.com/D11911
2015-03-01 09:39:34 +11:00
Chad Little
0a8eee37a1 Bump monospace font +1px when using Source Sans Pro
Summary: This diff moves the default monospace font from a Global Default config value to CSS. What this will allow is some flexibility in changing this font in other areas (like Diviner and DocumentView) without changing the defaults globally. However if the admin sets a config value or a user sets a config value, that value will trump all settings in the CSS files with an !important declaration in the page head.

Test Plan:
Currently tested:

- Setting no value
- Setting an admin value
- Setting a user value

Verify remarkup blocks in Differential, Diviner, Conpherence, and Diffusion look as expected.

Reviewers: btrahan, epriestley

Reviewed By: epriestley

Subscribers: Korvin, epriestley

Differential Revision: https://secure.phabricator.com/D11597
2015-02-28 14:37:31 -08:00
Joshua Spence
6581759259 Create the Aphlict PID directory
Summary: Fixes T6944. Create the Aphlict PID directory if it does not exist. See also D11387.

Test Plan: Started Aphlict... saw PID directory created.

Reviewers: anton.vladimirov, epriestley, #blessed_reviewers

Reviewed By: epriestley, #blessed_reviewers

Subscribers: Korvin, epriestley

Maniphest Tasks: T6944

Differential Revision: https://secure.phabricator.com/D11906
2015-02-28 21:53:10 +11:00
cburroughs
6f21cfbe10 trivial typo
Summary: There is a typo in one of the example mail test commands.

Test Plan: Read the command, maybe even paste it.

Reviewers: #blessed_reviewers, epriestley

Reviewed By: #blessed_reviewers, epriestley

Subscribers: joshuaspence, epriestley

Differential Revision: https://secure.phabricator.com/D10072
2015-02-27 16:42:44 -08:00
Joshua Spence
2bc6986720 Fix a typo
Summary: Self-explanatory.

Test Plan: Eyeball it.

Reviewers: #blessed_reviewers, epriestley

Reviewed By: #blessed_reviewers, epriestley

Subscribers: Korvin, epriestley

Differential Revision: https://secure.phabricator.com/D11902
2015-02-28 08:52:01 +11:00
Chad Little
36b049c7cc Add a noDataString function to FeedBuilder
Summary: Feed currently returns nothing is there are no stories, we can present a better view here by allowing a base and customizable set of errors. Fixes T7383

Test Plan:
Test a Project feed with no noDataSting and People with a noDataSting

{F321700}

{F321701}

Reviewers: btrahan, epriestley

Reviewed By: epriestley

Subscribers: Korvin, epriestley

Maniphest Tasks: T7383

Differential Revision: https://secure.phabricator.com/D11897
2015-02-27 11:49:56 -08:00
epriestley
e27c1a4868 Add phd reload to send SIGHUP to overseers
Summary: Ref T7384. This just sends SIGHUP to specified overseers in a nice package.

Test Plan: See D11898.

Reviewers: hach-que, btrahan

Reviewed By: btrahan

Subscribers: joshuaspence, epriestley

Maniphest Tasks: T7384

Differential Revision: https://secure.phabricator.com/D11899
2015-02-27 11:38:42 -08:00
Chad Little
4ccd653cc7 Shrink side-nav on home when durable column is open
Summary: This still needs some fine tuning, but wanted to get opinions. Using it on a laptop feels pretty good. This also moves `durable-column.css` into its own file since it'll likely continue to grow. Minor CSS tweaks to the near perfect rendition of durable column from pixel based mockups.

Test Plan:
Press \ on my laptop. Having issues with Chrome however, but FF and Safari work as expected.

{F322506}

Reviewers: epriestley, btrahan

Reviewed By: btrahan

Subscribers: Korvin, epriestley

Differential Revision: https://secure.phabricator.com/D11901
2015-02-27 11:38:33 -08:00
Chad Little
2476cfba3d Move ui.custom_header to UI Config
Summary: Moves the setting from Core to UI, also adds a link to the task for further instructions.

Test Plan: Load up config in sandbox, see new instructions.

Reviewers: btrahan, epriestley

Reviewed By: epriestley

Subscribers: Korvin, epriestley

Maniphest Tasks: T4214

Differential Revision: https://secure.phabricator.com/D11900
2015-02-26 17:36:07 -08:00
epriestley
a5426221b1 Improve "Host" header check
Summary: See IRC. This check is somewhat misleading right now because it could arise from a mangled/broken Host header rather than a bad `phabricator.base-uri` configuration.

Test Plan: Faked this to trip, read all the text.

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: epriestley

Differential Revision: https://secure.phabricator.com/D11894
2015-02-26 14:37:48 -08:00
Chad Little
59a35af395 Minor touchup to Paste Embed UI
Summary: Consolidate colors / spacing.

Test Plan:
Test embedding a paste, a list of pastes, and a PasteView for new colors, space.

{F321622}

{F321623}

Reviewers: btrahan, epriestley

Reviewed By: epriestley

Subscribers: Korvin, epriestley

Differential Revision: https://secure.phabricator.com/D11896
2015-02-26 11:09:10 -08:00
Chad Little
3003b293d8 Fix footer display when IconNav is present
Summary: Fixes T7382, specifically we were drawing double navs, removed those from each page and added the correct CSS rule.

Test Plan: Test a number of people and profile pages with a footer set.

Reviewers: btrahan, epriestley

Reviewed By: epriestley

Subscribers: Korvin, epriestley

Maniphest Tasks: T7382

Differential Revision: https://secure.phabricator.com/D11895
2015-02-26 10:27:28 -08:00
epriestley
9e82cfcc21 Use utf8_general_ci for "sort" columns in old MySQL
Summary:
Fixes T7287. This trades off 4-byte character support for case insensitivity in these columns, which is a much better trade on the balance.

Also adds more warnings about old MySQL. Note that we already issue a warning when you run "storage adjust" (which I've made stronger) and already "strongly recommend" MySQL 5.5 or newer in the install documentation.

Test Plan:
  - Ran `storage adjust --disable-utf8mb4` to go to old definitions, then ran `storage adjust` to get back to the new ones. Everything seemed OK in both cases.
  - Verified that utf8mb4 data can be migrated out of these colums with `--unsafe` (which will truncate).
  - Verified that manual explains this.
  - Faked my way into the setup warning.

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: epriestley

Maniphest Tasks: T7287

Differential Revision: https://secure.phabricator.com/D11893
2015-02-26 10:18:54 -08:00
Chad Little
1236043472 Make base font a Celerity CSS variable
Summary: For consistency, we switch back to base font in a few places when using alternate fonts like source-sans or monospace, this makes sure the base font is consistently reset.

Test Plan: Review a Document, a Diff, and a Legalpad form

Reviewers: btrahan, epriestley

Reviewed By: epriestley

Subscribers: Korvin, epriestley

Differential Revision: https://secure.phabricator.com/D11891
2015-02-26 09:26:36 -08:00
Chad Little
64be155551 Set Payment Methods list to flush in Phortune
Summary: Slighlty tidier display.

Test Plan: Go to Phortune, see flush spacing on Payment Methods

Reviewers: btrahan, epriestley

Reviewed By: epriestley

Subscribers: Korvin, epriestley

Differential Revision: https://secure.phabricator.com/D11887
2015-02-25 12:57:58 -08:00
Bob Trahan
315aa4b000 UI - add ability to customize header logo
Summary: Fixes T7165. Let users specify a file phid in config, and then use that file via an inline style tag. Also, cache the URI so that we don't have to query the file on every page load.

Test Plan: {F319050}

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: Korvin, epriestley

Maniphest Tasks: T7165

Differential Revision: https://secure.phabricator.com/D11886
2015-02-25 12:00:36 -08:00
epriestley
33a06c97d3 Use disabled style when viewing flags if the underlying object is closed
Summary: See IRC. This regressed at some point, probably when we fixed these rendering links-inside-links.

Test Plan: Viewed a flagged, closed task.

Reviewers: btrahan, chad

Reviewed By: chad

Subscribers: epriestley

Differential Revision: https://secure.phabricator.com/D11885
2015-02-25 11:49:38 -08:00
epriestley
d306765da4 Add alamanc.querydevices Conduit API method
Summary: See D11882 for context and rationale.

Test Plan:
  - Ran `almanac.querydevices`.
  - Ran `almanac.queryserices`.

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: epriestley

Differential Revision: https://secure.phabricator.com/D11883
2015-02-25 11:16:35 -08:00
epriestley
7294512411 Expose devicePHIDs on almanac.queryservices
Summary:
This already exists on the Query, just expose it via API.

For context, I want to fix `bin/remote restart` so it actually identifies the services on a box rather than faking it.

To do this, I'll look up the device PHID of the box, then look up all the services which are bound to it, then look up all the instances attached to those services. This allows me to do the second step.

Test Plan: Called method from web UI, got expected result.

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: epriestley

Differential Revision: https://secure.phabricator.com/D11882
2015-02-25 11:16:25 -08:00
epriestley
4e41e164e5 Skip captcha when redeeming an invite
Summary: This wasn't actually being skipped for invites; really skip it.

Test Plan:
  - Registered without invite, captcha.
  - Registered with invite, no captcha.

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: epriestley

Differential Revision: https://secure.phabricator.com/D11877
2015-02-24 15:07:44 -08:00
Chad Little
e7e67e4481 Fix mobile Maniphest Create link
Summary: Fixes T7367

Test Plan: I guess noone every used this? Click on mobile menu, get not a 404.

Reviewers: btrahan, epriestley

Reviewed By: epriestley

Subscribers: Korvin, epriestley

Maniphest Tasks: T7367

Differential Revision: https://secure.phabricator.com/D11880
2015-02-24 14:52:57 -08:00
epriestley
38636a39cf Allow modern phd stop to stop old daemons cleanly
Summary:
Ref T7352. Make sure modern `phd stop` can still read the old PID file format and stop the daemons, at least for now.

Without this, `stop` still detects them and tells you to `stop --force`, which works, but this makes things a good deal cleaner.

Test Plan: Ran `phd stop` from master, then `phd stop` from this revision. Saw old daemons stop cleanly.

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: epriestley

Maniphest Tasks: T7352

Differential Revision: https://secure.phabricator.com/D11873
2015-02-24 14:50:40 -08:00
epriestley
a3518e19a5 Merge GC daemon into Trigger daemon
Summary:
Fixes T7352. This reduces the memory footprint for instances by combining these two similar daemons into one daemon which handles the responsibilities of both.

The fit isn't 100% perfect here but it's pretty close, and the GC daemon is fairly trivial.

Test Plan:
  - Adjusted all the numbers to small numbers (5 second sleep, 120 second GC length).
  - Added a ton of logging.
  - Started trigger daemon.
    - Saw it run a GC cycle.
    - Saw it reschedule another cycle after 120 seconds (adjusted down from 4 hours).
  - Reverted all the logging/small numbers.
  - Ran `bin/phd start`, saw stable trigger daemon running.
  - Grepped for removed daemon class name.

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: epriestley

Maniphest Tasks: T7352

Differential Revision: https://secure.phabricator.com/D11872
2015-02-24 14:50:39 -08:00
epriestley
af303f458b Convert taskmasters to use an autoscale pool
Summary: Ref T7352. This is pretty straightforward. I renamed `phd.start-taskmasters` to `phd.taskmasters` for clarity.

Test Plan:
  - Ran `phd start`, `phd start --autoscale-reserve 0.25`, `phd restart --autoscale-reserve 0.25`, etc.
  - Examined PID file to see options were passed.
  - I'm defaulting this off (0 reserve) and making it a flag rather than an option because it's a very advanced feature which is probably not useful outside of instancing.

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: epriestley

Maniphest Tasks: T7352

Differential Revision: https://secure.phabricator.com/D11871
2015-02-24 14:50:38 -08:00
epriestley
a354e5fa6b Track daemon unique IDs in Phabricator daemon logs
Summary:
Ref T7352. We were previously identifying things by `<daemonClass, overseerPID, startTime>` but that's not unique in a world where one overseer can run multiple daemons.

We already have an internal "daemonID", it just doesn't get written into the DB right now.

Start writing it, then use it to clean up `phd status`.

Test Plan: Ran `phd status`, got more accurate/useful output than previously.

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: epriestley

Maniphest Tasks: T7352

Differential Revision: https://secure.phabricator.com/D11865
2015-02-24 14:50:37 -08:00
epriestley
ef22fe1e74 Add a --force command to phd start
Summary:
Ref T7352. This isn't wildly useful for us but seems generally reasonable, can be helpful with testing, and @hach-que has a use case for it.

The only reason we issue this warning is to prevent user error; you can still launch all the daemons with `phd launch` manually and daemons all use locks to protect critical regions.

Test Plan: Ran `phd start --force` a bunch, saw zillions of daemons.

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: epriestley, hach-que

Maniphest Tasks: T7352

Differential Revision: https://secure.phabricator.com/D11861
2015-02-24 14:50:35 -08:00
epriestley
48fc3126a1 Support autoscaling daemons in phd
Summary: Ref T7352. This supports passing autoscaling configuration to daemons, and adds `debug --autoscale`.

Test Plan: See D11711.

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: epriestley

Maniphest Tasks: T7352

Differential Revision: https://secure.phabricator.com/D11860
2015-02-24 14:50:34 -08:00
epriestley
f0f2b2cbeb Start all daemons under a single overseer
Summary:
Ref T7352. This moves all the daemons under one overseer. The primary goal is to reduce the minimum footprint of an instance in the Phacility cluster, by reducing the number of processes each instance needs to run on daemon-tier hosts.

This improves scalability by roughly a factor of 2.

Test Plan:
  - Ran `phd debug`, `phd launch, `phd start`. Saw normal behavior, with only one total overseer.
  - Fataled dameons and saw the overseer restar them normally.
  - Used `phd status` and `phd stop` and got reasonable results (`phd status` is still a touch off).

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: epriestley

Maniphest Tasks: T7352

Differential Revision: https://secure.phabricator.com/D11857
2015-02-24 14:50:33 -08:00
epriestley
c2d66f29cd Make phd more aware of multiple daemons under a single overseer
Summary: Ref T7352. This makes `phd stop` and `phd status` produce more reasonable output with the new PID file format.

Test Plan: Ran `phd stop`, `phd status`, etc.

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: epriestley

Maniphest Tasks: T7352

Differential Revision: https://secure.phabricator.com/D11856
2015-02-24 14:50:32 -08:00
epriestley
09f3d0bb7e Pass overseer configuration over stdin
Summary:
Ref T7352. This changes `phd` to pass configuration to overseers over stdin. We still run one overseer per daemon.

The "status" stuff needs some cleanup, but it's mostly just UI/cosmetic.

Test Plan:
  - Ran `phd debug`, `phd launch`, `phd start`, `phd status`, `phd stop`, etc.
  - Verified PID files write in a reasonable format.

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: epriestley

Maniphest Tasks: T7352

Differential Revision: https://secure.phabricator.com/D11855
2015-02-24 14:50:30 -08:00
epriestley
6771a70499 Update Phabricator for DaemonOverseer vs DaemonHandle split
Summary: Ref T7352. A couple of the APIs changed slightly with D11851.

Test Plan: See D11851.

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: epriestley

Maniphest Tasks: T7352

Differential Revision: https://secure.phabricator.com/D11852
2015-02-24 14:50:25 -08:00
Chad Little
2518a5eaff Fix exception on /project/
Summary: I missed testing this case when re-doing the navigation.

Test Plan: Test /project/, don't see fatal. Test mobile menu, works as expected.

Reviewers: btrahan, epriestley

Reviewed By: epriestley

Subscribers: Korvin, epriestley

Differential Revision: https://secure.phabricator.com/D11868
2015-02-23 12:45:59 -08:00
Chad Little
b070ed5019 Make Project Mobile menu more resilient
Summary: This sets $project at the controller level so it's available to building the icon nav and mobile menu, instead of guessing the $id. Fixes T7289

Test Plan: Test a project and its mobile menu when it does and does not have a workboard initialized. Also tested coming in via a slug and an id.

Reviewers: epriestley, btrahan

Reviewed By: btrahan

Subscribers: Korvin, epriestley

Maniphest Tasks: T7289

Differential Revision: https://secure.phabricator.com/D11848
2015-02-23 11:27:19 -08:00
Chad Little
7d4ec48a0e Add SUCCESS state and buttons to PHUIErrorView
Summary: I'm looking at beefing up PHUIErrorView for additional use cases as I remove some older AphrontViews. This will likely morph into PHUIInfoView and be a more lightweight version of PHUIObjectBox.

Test Plan:
UIExamples, mobile and desktop layouts. Have actual use cases coming in next diffs (may tweak design more then)

{F311943}

Reviewers: epriestley, btrahan

Reviewed By: btrahan

Subscribers: Korvin, epriestley

Differential Revision: https://secure.phabricator.com/D11849
2015-02-23 11:03:09 -08:00
Chad Little
15824bd516 Fix People mobile menu URLs
Summary: The mobile menu on people profiles has the incorrect order in the URLs and thus, 404s.

Test Plan: Went to a profile on a mobile display, click on feed and calendar links, got to correct place.

Reviewers: epriestley, btrahan

Reviewed By: btrahan

Subscribers: Korvin, epriestley

Differential Revision: https://secure.phabricator.com/D11847
2015-02-23 09:23:30 -08:00
epriestley
59ae91a5ce Disable caching of remarkup previews
Summary:
We currently cache previews, but the vast majority of previews are never rendered again (e.g., they're a preview of someone partway through typing a comment).

Especially when editing large documents (Legalpad, Phriction), this can bloat the markup cache with data that will never be read and won't get purged for 30 days.

In particular, most of the data on `admin.phacility.com` is currently 1,000 previews of legalpad documents as I made minor edits to them over the course of several hours.

This isn't a big concern, but it's a very easy fix.

Test Plan:
  - Previewed a legalpad document, verified that cache rows were not written as I mashed the keyboard.
  - Saved the document, verified a new cache row was written.

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: epriestley

Differential Revision: https://secure.phabricator.com/D11832
2015-02-22 05:39:25 -08:00
epriestley
ed7823f577 Allow subscriptions to decline to generate an invoice
Summary: This is a useful capability in Phacility for disabled/suspended instances.

Test Plan: Used `bin/phortune invoice` to invoice a disabled instance, saw it decline to invoice.

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: epriestley

Differential Revision: https://secure.phabricator.com/D11837
2015-02-22 05:39:17 -08:00
Chad Little
750595333b Remove unneeded br in UIExamples
Summary: This extra space isn't needed

Test Plan: Visit most UIExample pages

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: Korvin, epriestley

Differential Revision: https://secure.phabricator.com/D11845
2015-02-21 06:38:50 -08:00
Chad Little
1d5825c695 Correct logic in PHUIActionPanelView
Summary: We should only be adding space then a status is set, not a state.

Test Plan: Test on UIExamples, still renders as expected.

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: Korvin, epriestley

Differential Revision: https://secure.phabricator.com/D11844
2015-02-21 06:38:27 -08:00
Chad Little
7c9e73b31d Remove AphrontMiniPanelView
Summary: Swaps out AphrontMiniPanelView usage with PHUIErrorView. Only used on homepage.

Test Plan:
Grepped for usage, only home. Revisit a new home, see modern componant.

{F310934}

Reviewers: btrahan, epriestley

Reviewed By: epriestley

Subscribers: Korvin, epriestley

Differential Revision: https://secure.phabricator.com/D11842
2015-02-20 16:00:39 -08:00
Chad Little
3304d7a341 Fix fatal in XHProf
Summary: 4th times the charm? There is some confusion with Headers that could be simplified, obviously.

Test Plan: Read PHUIObjectBoxView and select correct method.

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: Korvin, epriestley

Differential Revision: https://secure.phabricator.com/D11841
2015-02-20 15:01:38 -08:00
Chad Little
53d959a755 Tweak alert states in header a bit more
Summary: The sky blue colors in the alerts was problematic in other color headers (not black). Rather than hand tweak each color, just going with white seems best. There is also a small animation now, which you may or may not like. It is playful and enjoyable to me at least.

Test Plan: Tested various header colors with and without alert notifications.

Reviewers: btrahan, epriestley

Reviewed By: epriestley

Subscribers: Korvin, epriestley

Differential Revision: https://secure.phabricator.com/D11838
2015-02-20 12:39:41 -08:00
Bob Trahan
0a0ac11429 Phriction - clarify error message when trying to delete already deleted content
Summary: Fixes T7325, T7326, T7328. When you have deleted a document already you have to specify content; this makes this more clear to the user in this specific delete pathway. Also, includes bonus bug fix for T7326 where we weren't moving the title of the wiki page with the rest of the page.

Test Plan: moved a wiki doc and verified it had the title I had specified. tried to delete an already deleted doc via setting the content to blank (i.e. hitting save after making some other edits) and got more clear error UI state

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: Korvin, epriestley

Maniphest Tasks: T7328, T7325, T7326

Differential Revision: https://secure.phabricator.com/D11829
2015-02-20 08:22:52 -08:00
epriestley
543cb1c900 Make legalpad document list a little nicer for unsignable documents
Summary:
This just cleans things up a little:

  - Don't show signature status if the document isn't signable.
  - Show "Not Signable" instead of "No One" to make the meaning more clear in this context, where we don't have a "Who should sign:" sort of cue.

Test Plan: {F310538}

Reviewers: btrahan, chad

Reviewed By: chad

Subscribers: epriestley

Differential Revision: https://secure.phabricator.com/D11834
2015-02-20 07:26:45 -08:00
epriestley
9c23a74fb7 Minor wordsmith on prototypes doc
Summary: This reads better?

Test Plan: reading

Reviewers: btrahan, chad

Reviewed By: chad

Subscribers: epriestley

Differential Revision: https://secure.phabricator.com/D11833
2015-02-20 07:26:34 -08:00
Bob Trahan
84d4142b06 Search - fix external redirect issue for "help" search
Summary: Fixes T7335. "help" gets you to a specific diviner doc which is an external link, so make sure the code sets is external for the redirect response in this case.

Test Plan: typed "help" and got some

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: Korvin, epriestley

Maniphest Tasks: T7335

Differential Revision: https://secure.phabricator.com/D11830
2015-02-19 16:23:01 -08:00
Chad Little
fb361f206c Increase height of logo
Summary: This increases the transparent space around the Phabricator logo. The logo itself is the same size. This allows for adding of other logos more easily without needing to alter the space provided. (Like Phacility)

Test Plan:
Reload page, screenshot logo, pull into Photoshop and verify spacing top and bottom.

{F309985}

Reviewers: btrahan, epriestley

Reviewed By: epriestley

Subscribers: Korvin, epriestley

Differential Revision: https://secure.phabricator.com/D11828
2015-02-19 14:43:33 -08:00
Bob Trahan
1d72a5f683 Differential - finesse Differential diff view controller
Summary:
Fixes T7229. Some usability issues around this controller - basically you can't leave comments with it and its not particular useful compared to the revision page.

Ergo, if there is a revision associated with a given diff, just re-direct back to the revision page with the proper diff loaded.

Test Plan: Tried to view a diff on the standalone controller attached to a revision and instead was re-directed to the revision view page with the proper diff loaded.

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: Korvin, epriestley

Maniphest Tasks: T7229

Differential Revision: https://secure.phabricator.com/D11811
2015-02-19 10:55:56 -08:00
epriestley
f6915a7975 Add a heursitic for initial pushes which are really imports
Summary:
Fixes T7298. There are two ways to import a repository that you want to host, today:

  - Create it as "hosted", then push everything to it.
  - Create it as "imported", let it import, then switch it to "hosted".
  - (Neither of these work with SVN.)

We don't specifically recommend one or the other, although I believe both should work, and most users seem to go with the first one.

In the first workflow, the new empty repository imports completely and gets marked "imported", so our default behavior is then to publish commits. This can generate a lot of email/notification/feed spam.

If you're a fancy expert you might turn off "publish" before pushing, but normal users will frequently miss this.

Instead, when we receive an "import-like" push to an empty repository, put the repository back into "importing" after we accept the changes.

This has to be heuristic since we can't know for sure if a push is an import or new commits, but here's a simple rule that should do pretty well. We can refine it if necessary.

Test Plan:
  - Created a new empty repository.
  - Added some debugging code; verified the "commit count" and "empty" rules were calculated properly.
  - Pushed 8+ commits and saw the repo go into "importing", import, and leave "importing".
  - Pushed 8+ commits again and saw them publish.

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: epriestley

Maniphest Tasks: T7298

Differential Revision: https://secure.phabricator.com/D11827
2015-02-19 10:38:16 -08:00
epriestley
8599145b5e Implement more consistent publishing rules for repositories
Summary:
Ref T7298. We are currently inconsistent about when we publish feed, email, notifications, audits and Herald rules.

Specifically, there are two settings which impact these things:

  - The "importing" flag, which is set when we're importing old commits.
  - The "herald-disabled" flag, which was expanded in scope some time ago and now actually means "disable publishing".

Various parts of the pipeline were checking only one of these flags. Instead, all of them should check both.

(For example, we should never email users about importing repositories, nor trigger audits on them.)

Test Plan: See next revision.

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: epriestley

Maniphest Tasks: T7298

Differential Revision: https://secure.phabricator.com/D11826
2015-02-19 10:38:05 -08:00
epriestley
29fd3f136b Allow columns to be marked as nonmutable (so save() will not change them)
Summary:
Ref T6840. This feels a little dirty; open to alternate suggestions.

We currently have a race condition where multiple daemons may load a commit and then save it at the same time, when processing "reverts X" text. Prior to this feature, two daemons would never load a commit at the same time.

The "reverts X" load/save has no effect (doesn't change any object properties), but it will set the state back to the loaded state on save(). This overwrites any flag updates made to the commit in the meantime, and can produce the race in T6840.

In other cases (triggers, harbormaster, repositories) we deal with this kind of problem with "append-only-updates + single-consumer", or a bunch of locking. There isn't really a good place to add a single consumer for commits, since a lot of daemons need to access them. We could move the flags column to a separate table, but this feels pretty complicated. And locking is messy, also mostly because we have so many consumers.

Just exempting this column (which has unusual behavior) from `save()` feels OK-ish? I don't know if we'll have other use cases for this, and I like it even less if we never do, but this patch is pretty small and feels fairly understandable (that said, I also don't like that it can make some properties just silently not update if you aren't on the lookout).

So, this is //a// fix, and feels simplest/least-bad for the moment to me, I thiiink.

Test Plan: Added and executed unit tests.

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: epriestley

Maniphest Tasks: T6840

Differential Revision: https://secure.phabricator.com/D11822
2015-02-19 10:37:17 -08:00
epriestley
6a60b8cb6f Set "importStatus" as nonmutable on save()
Summary: Fixes T6840. Depends on D11822, which is a little iffy.

Test Plan:
Verified all references to `importStatus` are either:

  - SQL patches creating the column;
  - reads;
  - writes immediately before an insert; or
  - explicit updates of the column.

That is, I identified no cases of `setImportStatus(X)->save()` on a Commit which may already exist. This //would// break that.

In general, almost all writes go through `$commit->writeImportStatusFlag()`, which is an explicit update.

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: epriestley

Maniphest Tasks: T6840

Differential Revision: https://secure.phabricator.com/D11823
2015-02-19 10:36:36 -08:00
epriestley
751ffe123d Support HTTP Strict Transport Security
Summary:
Ref T4340. The attack this prevents is:

  - An adversary penetrates your network. They acquire one of two capabilities:
    - Your server is either configured to accept both HTTP and HTTPS, and they acquire the capability to observe HTTP traffic.
    - Or your server is configured to accept only HTTPS, and they acquire the capability to control DNS or routing. In this case, they start a proxy server to expose your secure service over HTTP.
  - They send you a link to `http://secure.service.com` (note HTTP, not HTTPS!)
  - You click it since everything looks fine and the domain is correct, not noticing that the "s" is missing.
  - They read your traffic.

This is similar to attacks where `https://good.service.com` is proxied to `https://good.sorvace.com` (i.e., a similar looking domain), but can be more dangerous -- for example, the browser will send (non-SSL-only) cookies and the attacker can write cookies.

This header instructs browsers that they can never access the site over HTTP and must always use HTTPS, defusing this class of attack.

Test Plan:
  - Configured HTTPS locally.
  - Accessed site over HTTP (got application redirect) and HTTPS.
  - Enabled HSTS.
  - Accessed site over HTTPS (to set HSTS).
  - Tore down HTTPS part of the server and tried to load the site over HTTP. Browser refused to load "http://" and automatically tried to load "https://". In another browser which had not received the "HSTS" header, loading over HTTP worked fine.
  - Brought the HTTPS server back up, things worked fine.
  - Turned off the HSTS config setting.
  - Loaded a page (to set HSTS with expires 0, diabling it).
  - Tore down the HTTPS part of the server again.
  - Tried to load HTTP.
  - Now it worked.

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: epriestley

Maniphest Tasks: T4340

Differential Revision: https://secure.phabricator.com/D11820
2015-02-19 10:33:48 -08:00
epriestley
35c55f7ddf Improve visibility of repository credential errors
Summary:
Fixes T7310. We have a whole mechanism for surfacing update errors, but only surface actual update errors, not pull errors.

Instead, surface pull errors too.

Then format them a little more nicely.

Test Plan: {F309769}

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: epriestley

Maniphest Tasks: T7310

Differential Revision: https://secure.phabricator.com/D11821
2015-02-19 10:32:25 -08:00
Chad Little
08e67e0db7 Minor, touch up Exception rendering
Summary: Cleans up spacing, hides footer if nothing present, uses common colors.

Test Plan:
Write some typical for a designer code.

{F309840}

Reviewers: btrahan, epriestley

Reviewed By: epriestley

Subscribers: Korvin, epriestley

Differential Revision: https://secure.phabricator.com/D11824
2015-02-19 08:45:37 -08:00
Chad Little
4c2e36f561 Have DifferentialRevisionListView return ObjectBoxView
Summary: Uses PHUIObjectBoxView to display lists of diffs in Differential and Diffusion, unless embedded on a dashboard.

Test Plan:
Test Dashboard panel, Differential home, Commit, and Diff

{F282173}

{F282174}

Reviewers: btrahan, epriestley

Reviewed By: epriestley

Subscribers: Korvin, epriestley

Differential Revision: https://secure.phabricator.com/D11659
2015-02-19 08:11:17 -08:00
Chad Little
e2fcc3c187 Touch up Audit/Commit List UI
Summary: Fixes a few issues. The author of the commit is more prominent / not cut off. Auditors is in a more consistent location. More space is available for reasons. Commits by themselves look much less janky. Only downside is actual Audits are now 3 lines vs. 2, but the extra space is used well.

Test Plan:
Test list of audits and commits.

{F309237}

Reviewers: btrahan, epriestley

Reviewed By: epriestley

Subscribers: Korvin, epriestley

Differential Revision: https://secure.phabricator.com/D11817
2015-02-19 07:03:18 -08:00
Chad Little
b1ed68b8fe Set Header on XHProf ObjectBox
Summary: Third times the charm?

Test Plan: pray

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: Korvin, epriestley

Differential Revision: https://secure.phabricator.com/D11816
2015-02-18 16:03:02 -08:00
Chad Little
7cd7ee4543 Fix fatal in XHProf
Summary: derp, fixed method call

Test Plan: Looked up PHUIHeaderView, checked method.

Reviewers: btrahan, epriestley

Reviewed By: epriestley

Subscribers: Korvin, epriestley

Differential Revision: https://secure.phabricator.com/D11815
2015-02-18 15:54:25 -08:00
Bob Trahan
a77127ab63 Projects - fix translation strings in watcher edge class
Summary: Fixes T7319. These need a "%s" for the count where they had a "%d"

Test Plan: plan in D11812 is no longer a lie! (watcher added / removed strings render correctly)

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: Korvin, epriestley

Maniphest Tasks: T7319

Differential Revision: https://secure.phabricator.com/D11813
2015-02-18 15:44:54 -08:00
Chad Little
4e348bb04d Remove extra space under PHUIActionPanel
Summary: If we don't have a state in PHUIActionPanelView, don't set the extra padding to display it.

Test Plan: Review in UIExamples.

Reviewers: epriestley, btrahan

Reviewed By: btrahan

Subscribers: Korvin, epriestley

Differential Revision: https://secure.phabricator.com/D11814
2015-02-18 15:43:09 -08:00
Bob Trahan
7ef5c52934 Projects - add translation for watcher strings
Summary: Fixes T7319. ...except I can't get this working in my sandbox? Changes to the translation file don't seem to show up. TEST PLAN IS A LIE

Test Plan: became a watcher, un became a watcher - saw sensical translated strings

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: Korvin, epriestley

Maniphest Tasks: T7319

Differential Revision: https://secure.phabricator.com/D11812
2015-02-18 15:33:52 -08:00
Bob Trahan
17e5f7ff31 Legalpad - make "Cancel" button "Log Out" button for required signature documents
Summary: Fixes T7299. Also re-direct the user to the initial request uri if the signature was required.

Test Plan: made a signature required legalpad doc. visit the instance at a specific uri, signed the document, and ended up at that specific uri

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: Korvin, epriestley

Maniphest Tasks: T7299

Differential Revision: https://secure.phabricator.com/D11809
2015-02-18 13:19:07 -08:00
epriestley
dd96967306 Only increment status message cursor if we're going to consume the message
Summary:
Fixes the long uptake we saw on `meta.phacility.com`. I regressed this in D11795.

We make three calls to this method, but only one actually consumes the messages. The other two are just checking to see if there are any messages.

Only move the cursor up if we're actually going to process the messages.

Test Plan: Sort of tricky to test convincingly since it's inherently race-prone, but ran `debug pulllocal` and pushed update messages and saw it pick them up.

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: epriestley

Differential Revision: https://secure.phabricator.com/D11808
2015-02-18 12:53:37 -08:00
Joshua Spence
6a8f31a0ec Fix undefined variable
Summary:
I am hitting this error when generating Diviner documentation:

```
COMMAND
'/usr/src/phabricator/bin/diviner' atomize --ugly --book $SOME_BOOK --atomizer 'DivinerPHPAtomizer' -- $SOME_PATHS

STDOUT
(empty)

STDERR
[2015-02-18 23:05:01] EXCEPTION: (RuntimeException) Undefined variable: type at [<phutil>/src/error/PhutilErrorHandler.php:210]
  #0 PhutilErrorHandler::handleError(integer, string, string, integer, array) called at [<phabricator>/src/applications/diviner/atomizer/DivinerPHPAtomizer.php:315]
  #1 DivinerPHPAtomizer::parseReturnType(DivinerAtom, XHPASTNode) called at [<phabricator>/src/applications/diviner/atomizer/DivinerPHPAtomizer.php:116]
  #2 DivinerPHPAtomizer::executeAtomize(string, string) called at [<phabricator>/src/applications/diviner/atomizer/DivinerAtomizer.php:23]
  #3 DivinerAtomizer::atomize(string, string, array) called at [<phabricator>/src/applications/diviner/workflow/DivinerAtomizeWorkflow.php:109]
  #4 DivinerAtomizeWorkflow::execute(PhutilArgumentParser) called at [<phutil>/src/parser/argument/PhutilArgumentParser.php:396]
  #5 PhutilArgumentParser::parseWorkflowsFull(array) called at [<phutil>/src/parser/argument/PhutilArgumentParser.php:292]
  #6 PhutilArgument... (87 more bytes) ... at [<phutil>/src/future/exec/ExecFuture.php:416]
  #0 ExecFuture::resolvex(NULL) called at [<phutil>/src/future/exec/ExecFuture.php:438]
  #1 ExecFuture::resolveJSON() called at [<phabricator>/src/applications/diviner/workflow/DivinerGenerateWorkflow.php:349]
  #2 DivinerGenerateWorkflow::resolveAtomizerFutures(array, array) called at [<phabricator>/src/applications/diviner/workflow/DivinerGenerateWorkflow.php:209]
  #3 DivinerGenerateWorkflow::buildAtomCache() called at [<phabricator>/src/applications/diviner/workflow/DivinerGenerateWorkflow.php:170]
  #4 DivinerGenerateWorkflow::generateBook(string, PhutilArgumentParser) called at [<phabricator>/src/applications/diviner/workflow/DivinerGenerateWorkflow.php:74]
  #5 DivinerGenerateWorkflow::execute(PhutilArgumentParser) called at [<phutil>/src/parser/argument/PhutilArgumentParser.php:396]
  #6 PhutilArgumentParser::parseWorkflowsFull(array) called at [<phutil>/src/parser/argument/PhutilArgumentParser.php:292]
  #7 PhutilArgumentParser::parseWorkflows(array) called at [<phabricator>/scripts/diviner/diviner.php:21]
```

Test Plan: N/A

Reviewers: #blessed_reviewers, epriestley

Reviewed By: #blessed_reviewers, epriestley

Subscribers: Korvin, epriestley

Differential Revision: https://secure.phabricator.com/D11807
2015-02-19 07:23:01 +11:00
Chad Little
11f0c1a47d Modernize XHProf
Summary: Use modern components, pht

Test Plan: I have no data locally, expect @epriestley to commandeer

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: Korvin, epriestley

Differential Revision: https://secure.phabricator.com/D11805
2015-02-18 11:51:12 -08:00