1
0
Fork 0
mirror of https://we.phorge.it/source/phorge.git synced 2024-12-22 13:30:55 +01:00
Commit graph

11574 commits

Author SHA1 Message Date
Nick Zheng
8eec9e2c0e Provide a more straightforward way to revoke SSH keys by finding and destroying the objects
Summary: Ref T9967

Test Plan:
Ran migrations.
Verified database populated properly with PHIDs (SELECT * FROM auth_sshkey;).
Ran auth.querypublickeys conduit method to see phids show up
Ran bin/remove destroy <phid>.
Viewed the test key was gone.

Reviewers: #blessed_reviewers, epriestley

Reviewed By: #blessed_reviewers, epriestley

Subscribers: Korvin

Maniphest Tasks: T9967

Differential Revision: https://secure.phabricator.com/D14823
2015-12-19 11:52:26 -08:00
epriestley
aeae0e7028 Prepare Projects schema for subprojects
Summary:
Ref T10010. This does some cleanups on the schema:

  - `viewPolicy`, `editPolicy` and `joinPolicy` were nullable, but should never be `null`. Set them to defaults if they're null, then make the column non-nullable.
  - Rename `phrictionSlug` to `primarySlug` and stop adding and removing trailing slashes from it.
  - Add new columns to support milestones and non-milestone subprojects.
  - Drop very old subprojectPHIDs column. This hasn't done anything in the UI for years and years, and isn't particularly realistic to migrate forward.

The new columns aren't reachable from the UI.

Test Plan:
  - Applied patches.
  - Grepped for `phrictionSlug`.
  - Grepped for `subprojectPHIDs`.
  - Created tasks.
  - Edited tasks.
  - Verified existing tasks still had primary slugs.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T10010

Differential Revision: https://secure.phabricator.com/D14825
2015-12-19 09:21:36 -08:00
epriestley
3f8e5c9620 Straighten out reorder permissions on form configurations
Summary:
Fixes T10012. The permissions here are little weird: you need edit permission on the //configurations//, not the //engines//. I was checking edit permission on the engines only.

I should possibly make this a bit more consistent, the engine edit permission is just very convenient to use to enforce object create permission right now. I'll likely clean this up after T9789.

Test Plan:
  - Tried to reorder forms as a less-privileged user, got proper policy errors.
  - Reordered forms normally as a regular user.

Reviewers: chad

Reviewed By: chad

Subscribers: Luke081515.2

Maniphest Tasks: T10012

Differential Revision: https://secure.phabricator.com/D14824
2015-12-19 07:36:00 -08:00
epriestley
a1a8b9ba65 Clean up "HTTP Parameters" view a bit for EditEngine forms
Summary: Ref T10004. This lost a couple of fields when I rearranged how descriptions work. Restore them.

Test Plan:
  - Viewed "Using HTTP Parameters".
  - Everything had nice descriptions.
  - No more weird phantom/misleading 'comment' transaction in UI.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T10004

Differential Revision: https://secure.phabricator.com/D14822
2015-12-18 12:00:38 -08:00
epriestley
46e690b2fd Fix value reading in custom Text and Remarkup fields in EditEngine
Summary: Ref T10004. I missed these previously, so they didn't work quite right. Restore them to glory.

Test Plan: Edited remarkup and text custom fields on an Owners package.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T10004

Differential Revision: https://secure.phabricator.com/D14821
2015-12-18 11:57:44 -08:00
epriestley
5cb0de1efc Restore "Create" transactions
Summary:
Ref T10004. This restores "alice created this task." transactions, but in a generic way so we don't have to special case one of the other edits with an old `null` value.

In most cases, creating an object now shows only an "alice created this thing." transaction, unless nonempty defaults (usually, policy or spaces) were adjusted.

Test Plan: Created pastes, tasks, blogs, packages, and forms. Saw a single "alice created this thing." transaction.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T10004

Differential Revision: https://secure.phabricator.com/D14820
2015-12-18 11:56:03 -08:00
epriestley
7168d8edd9 Make Drydock reclaim unused resources when it reaches a resource limit
Summary:
Fixes T9994. Currently, when Drydock can't allocate a new resource because some limit has been reached, it waits patiently for a resource to become available.

It is possible that no resource will ever become available. Particularly with "Working Copy" resources, the new lease may want a copy of `rB`, but the resource may already be maxed out on `rA`.

Right now, no process exists to automatically reclaim the unused `rA`.

When we encounter this situation, try to reclaim one of the other resources if it is just sitting there unused.

Specifically:

  - Add a "reclaim" command which means "release this resource //if// it is completely unused".
  - Add a `bin/drydock reclaim` to send this command to every active resource.
  - When we try to acquire a resource and can't, but only because of some kind of limit / utilization problem, try to release an unused resource to free up some room.

Test Plan:
  - Set "Working Copy" resource limit to 1.
  - Ran "Test Configuration" in `rA`, which worked.
  - Ran "Test Configuration" in `rB`, which hung forever.
  - Applied patch.
  - Ran "Test Configuration" in `rB`, saw it reclaim the `rA` resource, use the slot, then succeed.
  - Ran "Test Configuration" in `rA` again, saw it grab the slot back.
  - Ran `bin/drydock reclaim` and saw it reclaim a bunch of old orphaned resources.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T9994

Differential Revision: https://secure.phabricator.com/D14819
2015-12-18 11:55:51 -08:00
epriestley
e9af4f8970 Fix an issue where Drydock followup tasks would not queue if the main task failed
Summary:
Ref T9994. This fixes the first issue discussed on that task, which is that when a merge fails after "arc land", we would not clean up all the leases properly.

Specifically, when a merge fails, we use `queueTask()` to schedule a followup task. This followup destroys the lease and frees the underlying resource.

However, the default behavior of `queueTask()` is to //not queue tasks// if the parent task fails. This is a reasonable, safe behavior that was originally introduced in D8774, where it kept us from sending too much mail if a task did "send some mail" and then failed a little later on and got retried.

Since I think the default behavior is correct, I just special cased the behavior for Drydock to make it queue even on failure. These are the only types of followup tasks we currently want to queue on main task failure.

(It's possible that future Blueprints might want some kind of more specialized behavior, where some tasks queue only on success, but we can cross that bridge when we come to it.)

Test Plan:
  - See T9994#149878 for test case setup.
  - I ran that test case again with this patch, and saw the followup task queue properly in the `--trace` log, a correspoinding update task show up in `/daemon/`, and the lease get destroyed when I ran it a moment later.

{F1029915}

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T9994

Differential Revision: https://secure.phabricator.com/D14818
2015-12-18 08:17:04 -08:00
epriestley
5bbf0ba132 Add a setup warning about deprecated Maniphest policy configuration
Summary: Ref T10003. Give installs more warning about these changes.

Test Plan: Changed configuration, saw warning. Reset configuration, no warning.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T10003

Differential Revision: https://secure.phabricator.com/D14817
2015-12-18 08:16:53 -08:00
epriestley
76a59b0bbf Update the Celerity map. 2015-12-17 15:38:03 -08:00
epriestley
a3bdce9680 Indent multiple items from the same application in Quick Create menu
Summary: Ref T10004. Happy to take another approach here or just not bother, this just struck me as a little ambiguous/confusing.

Test Plan:
Before, not necessarily clear that the "Create Task" header only applies to the first few items.

{F1029126}

After, more clear:

{F1029127}

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T10004

Differential Revision: https://secure.phabricator.com/D14815
2015-12-17 15:24:46 -08:00
epriestley
a07a06ab08 Give custom controls passable disabled states
Summary: Fixes T9871. Ref T10004. These won't win any awards but it fixes them being incredibly weird and confusing.

Test Plan:
{F1029090}

  - Tried to use controls, got reasonable behavior.
  - Used normal controls to make sure I didn't break anything.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T9871, T10004

Differential Revision: https://secure.phabricator.com/D14814
2015-12-17 15:13:28 -08:00
epriestley
ed43b31cb1 Prevent "Spaces" field from being set to inconsistent values
Summary:
At least for now, the "Space" field is just a subfield of the "Visible To" field, so:

  - it doesn't get any separate settings; and
  - it always uses the "Visible To" settings.

Test Plan:
  - Created a form with a hidden view policy field.
  - Created stuff with no "you must pick a space" errors.
  - Created stuff with a normal form.
  - Prefilled "Space" on a noraml form.
  - Verified that trying to prefill "Space" on a form with "Visible To" hidden does nothing.

Reviewers: chad

Reviewed By: chad

Differential Revision: https://secure.phabricator.com/D14812
2015-12-17 11:22:32 -08:00
epriestley
bd7981c750 Improve the clarity of transactions that affect policies and spaces during object creation
Summary:
Ref T10004. Fixes T9527. Currently, we render two kinds of bad policy/space transactions during object creation.

First, we render a transaction showing a change from the default policy/space to the selected policy/space:

> alice shifted this object from space S1 Default to space S2 Secret.

This is a //good transaction// (it's showing that the default was changed, which could be important for policy stuff!) but it's confusing because it makes it sound like the object briefly existed in space S1, when it did not.

Instead, render this:

> alice created this object in space S2 Secret.

This retains the value (show that the object was created in an unusual space) without the confusion.

Second, when you create a "New Bug Report", we render a transaction like this:

> alice changed the visibility of this task from "All Users" to "Community".

This is distracting and not useful, becasue it's a locked default of the form. This was essentially fixed by D14810. The new behavior is to show this, //only// if the value was changed from the form value:

> alice created this object with visibility "Administrators".

This should reduce confusion, reduce fluff in the default cases, and do a better job of calling out important changes (basically, unusual spaces/policies).

Test Plan:
  - Created an edit form with a default space and policies.
  - Used that form to create task with:
    - same values as form;
    - different values from form.

When I changed the form value, I got transactions. When I left it the same, I didn't.

The transactions rendered in the non-confusing "created with ..." variant.

Editing the values created normal transactions with "changed policy from X to Y".

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T9527, T10004

Differential Revision: https://secure.phabricator.com/D14811
2015-12-17 10:45:53 -08:00
epriestley
6146aefcd4 Show fewer useless transactions when creating objects, especially with EditEngine forms
Summary:
Fixes T7661. Ref T9527.

When you create a task, especially with an EditEngine form, you currently get more noise than is useful. For example:

> alice created this task.
> alice changed the edit policy from "All Users" to "Community (Project)".
> alice added projects: Feature Request, Differential.
> alice added a subscriber: alice.

Transaction (1) is a little useful, since it saves us from a weird empty state and shows the object creation time.

Transaction (2) is totally useless (and even misleading) because that's the default policy for the form.

Transaction (3) isn't //completely// useless but isn't very interesting, and probably not worth the real-estate.

Transaction (4) is totally useless.

(These transactions are uniquely useless when creating objects -- when editing them later, they're fine.)

This adds two new rules to hide transactions:

  - Hide transactions from object creation if the old value is empty (e.g., set title, set projects, set subscribers).
  - Hide transactions from object creation if the old value is the same as the form default value (e.g., set policy to default, set priorities to default, set status to default).

NOTE: These rules also hide the "created this object" transaction, since it's really one of those transaction types in all cases. I want to keep that around in the long term, but just have it be a separate `TYPE_CREATE` action -- currently, it is this weird, inconsistent action where we pick some required field (like title) and special-case the rendering if the old value is `null`. So fixing that is a bit more involved. For now, I'm just dropping these transactions completely, but intend to restore them later.

Test Plan:
  - Created objects.
  - Usually saw no extra create transactions.
  - Saw extra create transactions when making an important change away from form defaults (e.g., overriding form policy).

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T7661, T9527

Differential Revision: https://secure.phabricator.com/D14810
2015-12-17 10:45:01 -08:00
epriestley
8a0dfa94d4 Make configured and EditEngine defaults work correctly for custom fields
Summary:
Ref T10004. Fixes T5158. There was a long-standing issue with defaults not working properly, but EditEngine has made it more obvious because it's a lot easier to set defaults now.

The issue is basically that the defaults are getting set as the field's real value early on, so when we go to generate the transaction "old value" later, we build a transaction that uses the //new// value as both the "new value" and "old value". Then the engine says "you didn't change anything, so I'm going to ignore this" and drops it.

To fix this, return `null` as the "old value" by default, and add a call to overwrite that after we load a legitimate old value.

This fix is a touch iffy, but I have some grand plans to clean up the CustomField stuff more broadly later on.

Test Plan:
  - Set config defaults on select/typeahead fields, created and edited tasks.
  - Set form defaults on select/typehaead fields, created and edited tasks.
  - In all cases, transactions and state accurately reflected edits.
  - Set defaults on //hidden// fields, verified forms respected them correctly.
  - This does generate some fluffy transactions, but I'll deal with those in T7661.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T5158, T10004

Differential Revision: https://secure.phabricator.com/D14809
2015-12-17 10:44:41 -08:00
epriestley
38e31375ea Improve UX for customizing EditEngine forms a little bit
Summary:
Ref T10004. Tweaks some of the UX a little to be more intuitive/inviting?

  - Button says "Configure Form" instead of "Actions".
  - Root list is less "developer-ey" and more "explain what this is for-ey".

Test Plan:
{F1028928}

{F1028929}

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T10004

Differential Revision: https://secure.phabricator.com/D14808
2015-12-17 08:40:00 -08:00
epriestley
5d76a4b0a2 Improve handling of multiple edit forms when logged out
Summary:
Ref T10004. Currently, when a logged-out user visits an application like Maniphest, we show them a disabled "Create Task" button with no dropdown menu.

This is technically correct in some sense because none of the items in the menu will work, but we can be more helpful and show the items, just in a disabled state:

{F1028903}

When the user clicks these, they'll be pushed through the login flow and (after D14804) end up on the same page they were on when they selected the item. From here, they can proceed normally.

I changed "...to continue." to "...to take this action." to hopefully be a little more clear. In particular, we do not //continue// the action after you log in: you end up back on the same page you started on. For example, if you clicked "Create New Bug" from the list view, you end up back on the list view and need to click "Create New Bug" again. If you clicked "Edit Task" from some task detail page, you end up on the task detail page and have to click "Edit Task" again.

I think this behavior is always very good. I think it is often the best possible behavior: for actions like "Edit Blocking Tasks" and "Merge Duplicates In", the alternatives I can see are:

  - Send user back to task page (best?)
  - Send user to standalone page with weird dialog on it and no context (underlying problem behavior all of this is tackling, clearly not good)
  - Send user back to task page, but with dialog open (very complicated, seems kind of confusing/undesirable?)

For actions like "Create New Bug" or "Edit Task", we have slightly better options:

  - Send user back to task page (very good?)
  - Send user to edit/create page (slightly better?)

However, we have no way to tell if a Workflow "makes sense" to complete in a standalone way. That is, we can't automatically determine which workflows are like "Edit Task" and which workflows are like "Merge Duplicates In".

Even within an action, this distinction is not straightforward. For example, "Create Task" can standalone from the Maniphest list view, but should not from a Workboard. "Edit Task" can standalone from the task detail page, but should not from an "Edit" pencil action on a list or a workboard.

Since the simpler behavior is easy, very good in all cases, often the best behavior, and never (I think?) confusing or misleading, I don't plan to puruse the "bring you back to the page, with the dialog open" behavior at any point. I'm theoretically open to discussion here if you REALLY want the dialogs to pop open magically but I think it's probably a lot of work.

Test Plan: As a logged out user, clicked "Create Task". Got a dropdown showing the options available to me if I log in. Clicked one, logged in, ended up in a reasonable place (the task list page where I'd started).

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T10004

Differential Revision: https://secure.phabricator.com/D14806
2015-12-17 08:30:54 -08:00
epriestley
2868a69f65 Remove all setObjectURI() from ActionListViews
Summary:
Ref T10004. After D14804, we get this behavior by default and no longer need to set it explicitly.

(If some endpoint did eventually need to set it explicitly, it could just change what it passes to `setHref()`, but I believe we currently have no such endpoints and do not foresee ever having any.)

Test Plan:
  - As a logged out user, clicked various links in Differential, Maniphest, Files, etc., always got redirected to a sensible place after login.
  - Grepped for `setObjectURI()`, `getObjectURI()` (there are a few remaining callsites, but to a different method with the same name in Doorkeeper).

Reviewers: chad

Reviewed By: chad

Subscribers: hach-que

Maniphest Tasks: T10004

Differential Revision: https://secure.phabricator.com/D14805
2015-12-17 08:30:22 -08:00
epriestley
e869e7df0b When logged-out users hit a "Login Required" dialog, try to choose a better "next" URI
Summary:
Ref T10004. After a user logs in, we send them to the "next" URI cookie if there is one, but currently don't always do a very good job of selecting a "next" URI, especially if they tried to do something with a dialog before being asked to log in.

In particular, if a logged-out user clicks an action like "Edit Blocking Tasks" on a Maniphest task, the default behavior is to send them to the standalone page for that dialog after they log in. This can be pretty confusing.

See T2691 and D6416 for earlier efforts here. At that time, we added a mechanism to //manually// override the default behavior, and fixed the most common links. This worked, but I'd like to fix the //default// beahvior so we don't need to remember to `setObjectURI()` correctly all over the place.

ApplicationEditor has also introduced new cases which are more difficult to get right. While we could get them right by using the override and being careful about things, this also motivates fixing the default behavior.

Finally, we have better tools for fixing the default behavior now than we did in 2013.

Instead of using manual overrides, have JS include an "X-Phabricator-Via" header in Ajax requests. This is basically like a referrer header, and will contain the page the user's browser is on.

In essentially every case, this should be a very good place (and often the best place) to send them after login. For all pages currently using `setObjectURI()`, it should produce the same behavior by default.

I'll remove the `setObjectURI()` mechanism in the next diff.

Test Plan: Clicked various workflow actions while logged out, saw "next" get set to a reasonable value, was redirected to a sensible, non-confusing page after login (the page with whatever button I clicked on it).

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T10004

Differential Revision: https://secure.phabricator.com/D14804
2015-12-17 08:30:03 -08:00
epriestley
a5d23c9f3e Allow custom fields to be ordered ascending or descending
Summary:
Fixes T6864. This creates a sort of busy menu but I think that's proably fine -- users are opting into activating these fields for search anyway.

In the future, we could refine this as, e.g.:

  - don't show these options in the dropdown;
  - do show them on some new "http prefilling" sort of page;
  - then you access them as an advanced user with `?order=secret-magic`.

But I'm not going to bother for now.

Test Plan: Ordered by an int field, then reversed the order.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T6864

Differential Revision: https://secure.phabricator.com/D14800
2015-12-16 12:59:22 -08:00
Chad Little
36bfff3898 Give PhameBlog an EditEngine
Summary: This seems to work, but I couldn't figure out how to pass over a Caption for a text field.

Test Plan: New blog, Edit blog.

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: Korvin

Differential Revision: https://secure.phabricator.com/D14770
2015-12-16 11:56:53 -08:00
epriestley
5e182180a9 Provide a "PHUIFormIconSetControl"
Summary:
Ref T9992. This is a step on the path to getting EditEngine working in Badges, Projects and Calendar.

This doesn't add a new `EditField` for icons yet, just standardizes the old stuff. New stuff is more general and I saved 150 lines of code.

I put the endpoint in Files because the similar "choose a profile picture" endpoint will definitely go there, and this endpoint might eventually feature, like, "draw your own icon~~" or something.

Test Plan:
  - Created events, projects and badges with custom icons.
  - Edited events, projects and badges, changing their icons.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T9992

Differential Revision: https://secure.phabricator.com/D14799
2015-12-16 08:46:51 -08:00
epriestley
57cc30d0c4 Continue hammering new *.search / *.edit documentation into shape
Summary: Ref T9964. Create some docuemntation for this stuff, and clean up the *.edit endpoints a bit.

Test Plan: Read documentation.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T9964

Differential Revision: https://secure.phabricator.com/D14798
2015-12-16 08:46:05 -08:00
epriestley
161ebad56d Improve Conduit type handling for *.edit endpoints
Summary:
Ref T9964. Three goals here:

  - Make it easier to supply Conduit documentation.
  - Make automatic documentation for `*.edit` endpoints more complete, particularly for custom fields.
  - Allow type resolution via Conduit types, so you can pass `["alincoln"]` to "subscribers" instead of needing to use PHIDs.

Test Plan:
  - Viewed and used all search and edit endpoints, including custom fields.
  - Used parameter type resolution to set subscribers to user "dog" instead of "PHID-USER-whatever".
  - Viewed HTTP parameter documentation.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T9964

Differential Revision: https://secure.phabricator.com/D14796
2015-12-16 08:45:46 -08:00
epriestley
1d72c97fc9 Fix overzealous subscribing in EditEngine
Summary:
See T9905#148799. The CommentEditField generated empty comment transactions; these are dropped later, but before they are dropped they would trigger implicit CCs.

The implicit CC rule should probably be narrower, but we shouldn't be generating these transactions in the first place.

Test Plan: No longer implicitly CC'd on a task when doing something minor like changing projects.

Reviewers: chad

Reviewed By: chad

Subscribers: avivey

Differential Revision: https://secure.phabricator.com/D14795
2015-12-15 16:17:26 -08:00
epriestley
4b3dcd5500 Add some documentation about how to set paths with owners.edit
Summary:
Ref T9964.

  - New mechanism for rich documentation on unusual/complicated edits.
  - Add some docs to `paths.set` since it's not self-evident what you're supposed to pass in.

Test Plan: {F1027177}

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T9964

Differential Revision: https://secure.phabricator.com/D14791
2015-12-15 15:04:16 -08:00
epriestley
b0a5eee238 Support editing statuses and paths in Owners via Conduit API
Summary: Ref T9964. Fixes T9752. Provides API access to enable/disable packages and change their paths.

Test Plan:
  - Changed status via Conduit.
  - Changed paths via Conduit.
  - Tried to change a path use a nonsense/bogus repository PHID, got an error.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T9752, T9964

Differential Revision: https://secure.phabricator.com/D14790
2015-12-15 15:04:00 -08:00
epriestley
d7693a93b3 Provide "Change Projects" and "Change Subscribers" (instead of "Add ...") in comment actions
Summary:
Ref T9908. Fixes T6205.

This is largely some refactoring to improve the code. The new structure is:

  - Each EditField has zero or one "submit" (normal edit form) controls.
  - Each EditField has zero or one "comment" (stacked actions) controls.
    - If we want more than one in the future, we'd just add two fields.
  - Each EditField can have multiple EditTypes which provide Conduit transactions.
  - EditTypes are now lower-level and less involved on the Submit/Comment pathways.

Test Plan:
  - Added and removed projects and subscribers.
  - Changed task statuses.
  - In two windows: added some subscribers in one, removed different ones in the other. The changes did not conflict.
  - Applied changes via Conduit.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T6205, T9908

Differential Revision: https://secure.phabricator.com/D14789
2015-12-15 15:03:34 -08:00
epriestley
6c4c93a091 Allow login to be disabled for authentication providers
Summary:
Fixes T9997. This was in the database since v0, I just never hooked up the UI since it wasn't previously meaningful.

However, it now makes sense to have a provider like Asana with login disabled and use it only for integrations.

Test Plan: Disabled login on a provider, verified it was no longer available for login/registration but still linkable.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T9997

Differential Revision: https://secure.phabricator.com/D14794
2015-12-15 15:03:06 -08:00
epriestley
2d588715bc Always automatically generate Phame slugs
Summary:
Fixes T9995. I think letting users customize slugs is not a hugely compelling as a product feature, and this fixes the issue with slugs that have "/" characters in them and makes the move to EditEngine easier since I don't have to deal with the weird JS thing.

Instead, just generate slugs automatically. No more JS, no more separate field, things automatically update if you rename a blog, and now that URIs have IDs in them the old URI will still work after a rename.

Test Plan:
  - Applied migration.
  - Created new posts.
  - Edited existing posts.
  - Visited various posts.
  - Created a post with a bunch of "/" in the title, things still worked fine.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T9995

Differential Revision: https://secure.phabricator.com/D14792
2015-12-15 14:18:56 -08:00
epriestley
a8b402aa14 Allow pastes to be activated/archived via Conduit
Summary: Ref T9964. Add a `setIsConduitOnly()` method so we can mark a field as API-only.

Test Plan:
  - Created and edited pastes via web UI (no status field).
  - Adjusted status via web UI action.
  - Adjusted status via Conduit API.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T9964

Differential Revision: https://secure.phabricator.com/D14788
2015-12-15 06:46:05 -08:00
epriestley
ab748e522a Fix an issue with the Spaces EditField not reading values properly
Summary: Fixes T9988. This logic got inverted by accident at some point.

Test Plan:
  - Edited a task, shifting spaces.
  - Created a task in default space.
  - Created a task in custom space.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T9988

Differential Revision: https://secure.phabricator.com/D14787
2015-12-15 06:45:54 -08:00
epriestley
39206fcbc6 Fix a bad method call in EditEngine
Summary: Ref T9983. This method is spelled wrong.

Test Plan: Hit this case, got a dialog instead of a fatal.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T9983

Differential Revision: https://secure.phabricator.com/D14786
2015-12-14 17:04:35 -08:00
epriestley
29e2acd525 Have "limit=1" tokenizers replace tokens instead of disabling "Browse"
Summary:
Fixes T9984. When a tokenizer only allows one selection (like "Task Owner:" or "Land Onto Branch:"), keep the browse button active but have it //replace// values.

Also, have "Create Subtask" default to the system default status, so subtasks of closed tasks are not also closed.

Test Plan:
  - Browsed an empty limit=1 tokenizer.
  - Replaced a full limit=1 tokenizer.
  - Browsed an empty no-limit tokenizer.
  - Browsed more tokens into the no-limit tokenizer.
  - Typed some tokens normally.
  - Created a subtask of a closed task.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T9984

Differential Revision: https://secure.phabricator.com/D14785
2015-12-14 15:29:42 -08:00
epriestley
c19654db16 Write some basic "dealing with Conduit changes" documentation
Summary:
Ref T9980. No magic here, just write a little bit about how to find outdated callers. Update the technical doc.

Also:

  - Fix an unrelated bug where you couldn't leave comments if an object had missing, required, custom fields.
  - Restore the ConduitConnectionLog table so `bin/storage adjust` doesn't complain.

Test Plan: Read docs.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T9980

Differential Revision: https://secure.phabricator.com/D14784
2015-12-14 15:26:24 -08:00
epriestley
81ae9f8fb6 Clean up an issue with meta-editing of edit engines
Summary:
Ref T9908. These meta-edit-engines are used to generate the main editengine UIs, but they're also editable.

Fix an exception when trying to edit the meta editengine.

Test Plan: Edited editengineconfiguration editengine.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T9908

Differential Revision: https://secure.phabricator.com/D14783
2015-12-14 15:26:03 -08:00
epriestley
2805ba6f42 Add by-caller lookup to call logs, plus viewer calls
Summary:
Ref T9980. By default, show the viewer //their// calls.

Make it easy to find their own deprecated calls.

I don't like the word "My" but couldn't come up with anything better that didn't feel like a big loss of clarity.

The permissions on this log are also a little weird: non-admins can see everyone else's calls.

I think we should eventually lock that down, but plan to keep it this way for now:

First, a lot of your calls end up with no caller set right now, because we don't set the caller early enough in the process so a lot differnet types of errors can leave us with no user on the log. Fixing that isn't trivial, and users may reasonably want to access to these "no caller" logs to check for errors or debug stuff.

Second, none of it is really that sensitive?

Third, it's reasonable for users to want to look at bots?

I'd plan to maybe do this eventually:

  - Make the caller get populated more often after auth code is simplified.
  - Only let users look at their calls and maybe bot calls and anonymous calls.
  - Let admins look at everything.

But for now everyone can see everything.

Test Plan: {F1025867}

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T9980

Differential Revision: https://secure.phabricator.com/D14782
2015-12-14 15:25:49 -08:00
epriestley
6580bbdf39 Make it easy to find deprecated calls in the Conduit call log
Summary: Ref T9980. This makes it much easier to look for calls to deprecated methods.

Test Plan: {F1025851}

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T9980

Differential Revision: https://secure.phabricator.com/D14781
2015-12-14 15:25:28 -08:00
epriestley
0692115953 Remove all references to the Conduit ConnectionLog
Summary:
Ref T5955, T9980, T9982.

We currently store two types of Conduit logs: //connection// logs and //method// logs.

Originally, Conduit worked like web logins: you'd call `conduit.connect` and then get a session back. This approach still works, but new clients don't use it and it will probably stop working eventually after T5955 is further along.

There was no real reason for things to work like this and no other API in the world does, I think it was just slightly easier to implement back in 2011.

This table was used to group up related calls in a UI long ago, I think, but that got deleted at some point. In any case, it serves no purpose in modern Phabricator.

Test Plan: `grep`

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T5955, T9980, T9982

Differential Revision: https://secure.phabricator.com/D14780
2015-12-14 15:25:11 -08:00
epriestley
4a147dcbfb Move ConduitLogs to ApplicationSearch
Summary:
Ref T9980. Start making this UI more useful and powerful so we can give administrators a better toolset for reacting to API changes.

Fixes T9755. We were logging the caller, just not rendering it properly.

Test Plan: {F1025799}

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T9755, T9980

Differential Revision: https://secure.phabricator.com/D14779
2015-12-14 14:45:08 -08:00
epriestley
00bd824781 Remove the "deprecated calls in the last 30 days" setup warning
Summary: Ref T9980. I don't think this is actually useful, and plan to give users and administrators more powerful tools instead.

Test Plan: Loaded setup warnings.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T9980

Differential Revision: https://secure.phabricator.com/D14778
2015-12-14 14:41:43 -08:00
epriestley
eb8835b15e Provide more API information about Maniphest task statuses and priorities
Summary: Ref T9964. Priorities and statuses have metadata (colors, names, etc) which we can reasonably just return from API callers. This is so ligthweight that I think it doesn't really make sense to put in an attachment. We also use this information in `arc tasks`.

Test Plan: Called API, got sensible looking status and priority data back.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T9964

Differential Revision: https://secure.phabricator.com/D14777
2015-12-14 11:54:48 -08:00
epriestley
0a50219f1b Formalize custom Conduit fields on objects
Summary: Ref T9964. This just adds more structure to application fields, to make it harder to make typos and easier to validate them later.

Test Plan: Viewed APIs, called some APIs, saw good documentation and correct results.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T9964

Differential Revision: https://secure.phabricator.com/D14776
2015-12-14 11:54:13 -08:00
epriestley
10cdc55cf7 Give "owners.search" a "paths" attachment and a default "owners" value
Summary:
Ref T9964.

  - Add a "paths" attachment for fetching paths.
  - Always load owners. We will need this to do policy checks in the future, anyway, and this data is not large, is very useful, and is reasonable to load unconditionally.

Test Plan:
  - Queried packages via API.
  - Edited packages (paths, owners).
  - Created a package.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T9964

Differential Revision: https://secure.phabricator.com/D14775
2015-12-14 11:53:50 -08:00
epriestley
3db175f79d Add a "content" attachment for Pastes for Conduit API
Summary: Ref T9964. Builds on D14772. Allows callers to get the raw content of pastes as an attachment.

Test Plan:
  - Read docs.
  - Executed attachment query.
  - Saw raw paste content.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T9964

Differential Revision: https://secure.phabricator.com/D14774
2015-12-14 11:53:32 -08:00
epriestley
c0e20a11c1 Add a "projects" Search attachment for Conduit APIs
Summary: Ref T9964. Builds on D14772. Allows callers to request project PHIDs for objects.

Test Plan: {F1025468}

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T9964

Differential Revision: https://secure.phabricator.com/D14773
2015-12-14 11:53:17 -08:00
epriestley
2160c45619 Implement an "Attachments" behavior for Conduit Search APIs
Summary:
Ref T9964. We have various kinds of secondary data on objects (like subscribers, projects, paste content, Owners paths, file attachments, etc) which is somewhat slow, or somewhat large, or both.

Some approaches to handling this in the API include:

  - Always return all of it (very easy, but slow).
  - Require users to make separate API calls to get each piece of data (very simple, but inefficient and really cumbersome to use).
  - Implement a hierarchical query language like GraphQL (powerful, but very complex).
  - Kind of mix-and-match a half-power query language and some extra calls? (fairly simple, not too terrible?)

We currently mix-and-match internally, with `->needStuff(true)`. This is not a general-purpose, full-power graph query language like GraphQL, and it occasionally does limit us.

For example, there is no way to do this sort of thing:

  $conpherence_thread_query = id(new ConpherenceThreadQuery())
    ->setViewer($viewer)
    // ...
    ->setNeedMessages(true)
    ->setWhenYouLoadTheMessagesTheyNeedProfilePictures(true);

However, we almost never actually need to do this and when we do want to do it we usually don't //really// want to do it, so I don't think this is a major limit to the practical power of the system for the kinds of things we really want to do with it.

Put another way, we have a lot of 1-level hierarchical queries (get pictures or repositories or projects or files or content for these objects) but few-to-no 2+ level queries (get files for these objects, then get all the projects for those files).

So even though 1-level hierarchies are not a beautiful, general-purpose, fully-abstract system, they've worked well so far in practice and I'm comfortable moving forward with them in the API.

If we do need N-level queries in the future, there is no technical reason we can't put GraphQL (or something similar) on top of this eventually, and this would represent a solid step toward that. However, I suspect we'll never need them.

Upshot: I'm pretty happy with "->needX()" for all practical purposes, so this is just adding a way to say "->needX()" to the API.

Specifically, you say:

```
{
  "attachments": {
    "subscribers": true,
  }
}
```

...and get back subscriber data. In the future (or for certain attachments), `true` might become a dictionary of extra parameters, if necessary, and could do so without breaking the API.

Test Plan:
- Ran queries to get attachments.

{F1025449}

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T9964

Differential Revision: https://secure.phabricator.com/D14772
2015-12-14 11:53:00 -08:00
epriestley
8ec413b972 Clean up "ids" and "phids" handling in SearchEngines
Summary:
Ref T9964. I added several hacks to get these working. Clean them up and pull this into a proper extension.

The behavior in the web UI is:

  - they work in all applications; but
  - they only show up in the UI if a value is specified.

So if you visit `/view/?ids=1,2` you get the field, but normally it's not present. We could refine this later. I'm going to add documentation about how to prefill these forms regardless, which should make this discoverable by reading the documentation.

There's one teensey weensey hack: in the API, I push these fields to the top of the table. That one feels OK, since it's purely a convenience/display adjustment.

Test Plan: Queried by IDs, reviewed docs.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T9964

Differential Revision: https://secure.phabricator.com/D14769
2015-12-14 04:24:54 -08:00
epriestley
fdd2d802d2 Clean up "*.search" API method documentation pages
Summary:
Ref T9964. Building tables in Remarkup is kind of neat-ish but ends up feeling kind of hacky, and requires weird workarounds if any of the values have `|` in them.

Switch to normal elements instead.

Also move the magic "ids" and "phids" to be more like real fields. I'll clean this up fully in a diff or two, it's just a little tricky because Maniphest has an "ids" field.

Test Plan: {F1024294}

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T9964

Differential Revision: https://secure.phabricator.com/D14768
2015-12-14 04:24:39 -08:00