1
0
Fork 0
mirror of https://we.phorge.it/source/phorge.git synced 2024-12-28 00:10:57 +01:00
Commit graph

758 commits

Author SHA1 Message Date
epriestley
4a7499f230 Fix credential upgrade issue after introduction of isLocked column
Summary: Fixes T5035. This migration isn't forward compatible after schema mutation.

Test Plan: Ran locally, will get reporting user to confirm.

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: gera, epriestley

Maniphest Tasks: T5035

Differential Revision: https://secure.phabricator.com/D9101
2014-05-13 12:14:27 -07:00
Chad Little
5b31a17c96 Fix mobile menus
Summary: The multiple icons are causing layout issues. This hides the unsused div (the real icon gets appended). We should probably clean this up next redesign.

Test Plan: test mobile layouts in Chrome, test main menu and application menu. Go to Differential, check those menus to.

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: epriestley, Korvin

Differential Revision: https://secure.phabricator.com/D9086
2014-05-12 20:11:45 -07:00
epriestley
77b4c3145a Simplify Diffusion main view
Summary:
Currently, Diffusion has very complex views. After three years I'm not really used to them and rarely use many of these options.

Simplify the browse and history views:

  - Put the browse view on top.
  - Move dates to the right.
  - Remove "History" and "Edit" links from the browse view. You can access these actions by clicking the file/path.
  - Remove "Browse" link from the history view. You can access this action by clicking the commit.
  - Remove "Change Type", which is essentially never useful, from the history view.
  - Add some tweaks for mobile.

Test Plan: {F153931}

Reviewers: btrahan, chad

Reviewed By: chad

Subscribers: epriestley, zeeg

Differential Revision: https://secure.phabricator.com/D9085
2014-05-12 19:57:12 -07:00
epriestley
91eb751d6f Use k in map, not array.indexOf, in Event.js
Summary: See T5023.

Test Plan: Dragged stuff.

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: epriestley

Maniphest Tasks: T5023

Differential Revision: https://secure.phabricator.com/D9082
2014-05-12 14:29:58 -07:00
Chad Little
315ac6aab7 Remove white app icons
Summary: Remove white app icons, no longer in use as far as grep/memory serve. These were for list hover states.

Test Plan: Rebuild sprites, celerity. Grep for appIcon use (only feed). Verify all action lists are driven by FontAwesome.

Reviewers: btrahan, epriestley

Reviewed By: epriestley

Subscribers: epriestley, Korvin, hach-que

Differential Revision: https://secure.phabricator.com/D9078
2014-05-12 13:34:00 -07:00
epriestley
c88f5f0759 Vegetables have vitamins. 2014-05-12 11:53:36 -07:00
epriestley
95eab2f3b0 Record parent relationships when discovering commits
Summary:
Ref T4455. This adds a `repository_parents` table which stores `<childCommitID, parentCommitID>` relationships.

For new commits, it is populated when commits are discovered.

For older commits, there's a `bin/repository parents` script to rebuild the data.

Right now, there's no UI suggestion that you should run the script. I haven't come up with a super clean way to do this, and this table will only improve performance for now, so it's not important that we get everyone to run the script right away. I'm just leaving it for the moment, and we can figure out how to tell admins to run it later.

The ultimate goal is to solve T2683, but solving T4455 gets us some stuff anyway (for example, we can serve `diffusion.commitparentsquery` faster out of this cache).

Test Plan:
  - Used `bin/repository discover` to discover new commits in Git, SVN and Mercurial repositories.
  - Used `bin/repository parents` to rebuild Git and Mercurial repositories (SVN repos just exit with a message).
  - Verified that the table appears to be sensible.

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: jhurwitz, epriestley

Maniphest Tasks: T4455

Differential Revision: https://secure.phabricator.com/D9044
2014-05-12 11:47:22 -07:00
Chad Little
b2f3001ec4 Replace Sprite-Icons with FontAwesome
Summary: The removes the sprite sheet 'icons' and replaces it with FontAwesome fonts.

Test Plan:
- Grep for SPRITE_ICONS and replace
- Grep for sprite-icons and replace
- Grep for PhabricatorActionList and choose all new icons
- Grep for Crumbs and fix icons
- Test/Replace PHUIList Icon support
- Test/Replace ObjectList Icon support (foot, epoch, etc)
- Browse as many pages as I could get to
- Remove sprite-icons and move remarkup to own sheet
- Review this diff in Differential

Reviewers: btrahan, epriestley

Reviewed By: epriestley

Subscribers: epriestley, Korvin, hach-que

Differential Revision: https://secure.phabricator.com/D9052
2014-05-12 10:08:32 -07:00
Bob Trahan
e96c363eef Add SMS support
Summary:
Provides a working SMS implementation with support for Twilio.

This version doesn't really retry if we get any gruff at all. Future versions should retry.

Test Plan: used bin/sms to send messages and look at them.

Reviewers: chad, epriestley

Reviewed By: epriestley

Subscribers: aurelijus, epriestley, Korvin

Maniphest Tasks: T920

Differential Revision: https://secure.phabricator.com/D8930
2014-05-09 12:47:21 -07:00
Chad Little
094026f64a Add overflow: hidden back to obj-list
Summary: Long titles tend to break some of the layout. I removed this fixing another bug, but ultimately we changed directions on boards and it doesn't repro anymore.

Test Plan: Test workboards with tasks on and off the screen. All are drawn. Test the homepage with lots of overflowing information. Make sure objects don't break the 'card'.

Reviewers: btrahan, epriestley

Reviewed By: epriestley

Subscribers: epriestley, Korvin

Differential Revision: https://secure.phabricator.com/D9020
2014-05-08 17:41:48 -07:00
Ashish SHUKLA
0da22abdb5 WordPress.com OAuth2 plugin
Summary:
This plugin provides an OAuth authentication provider to authenticate users using WordPress.com Connect.

This diff corresponds to github pull request https://github.com/facebook/phabricator/pull/593/ and had its libphutil counterpart reviewed in D9004.

Test Plan: Configured WordPress.com as an authentication provider, saw it show up on the login screen, registered a new account, got expected defaults for my username/name/email/profile picture.

Reviewers: chad, #blessed_reviewers, epriestley

Reviewed By: #blessed_reviewers, epriestley

Subscribers: epriestley

Differential Revision: https://secure.phabricator.com/D9019
2014-05-08 14:23:19 -07:00
Chad Little
38739755c6 Make workboards truly 'fixed' in display
Summary:
**WIP**

This sets a shadow fixed to the full screen of the browser for which panels to live in. I have some minor things to fix, but play with it.

Specifically I haven't been able to dig up when stuff that overflowwed, doesn't always render even after scroll.

Test Plan: Test on a board with many tasks, many panels, small screens. Test on mobile too!

Reviewers: epriestley, btrahan

Reviewed By: btrahan

Subscribers: qgil, epriestley, Korvin

Differential Revision: https://secure.phabricator.com/D9005
2014-05-08 14:21:32 -07:00
Bob Trahan
7f13e8a5c5 Workboards - remove 7 column restriction
Summary: Fixes T4914. We currently have a finite limit on column displays which caused T4914. This fixes T4914 by no longer using a fluid layout. Rather, we use a fixed column width layout which does not have a 7 column limit. Future work - see T4054 for an example - will likely make the fluid layout thing work with infinite columns, and / or other work may re-jigger project workboards directly.

Test Plan: had a project like in T4914 that wouldn't load and it loaded post this change! added more columns and using javascript inspector noted proper width being set

Reviewers: epriestley, chad

Reviewed By: epriestley

Subscribers: joshuaspence, epriestley, Korvin

Maniphest Tasks: T4054, T4914

Differential Revision: https://secure.phabricator.com/D8942
2014-05-07 09:38:29 -07:00
lkassianik
b618531451 Fix cursor on mock card hover in pholio
Summary: Fixes T4888, make seemingly actionable area in Pholio "Mocks List" actually actionable

Test Plan: Open pholio, create a mock, return to list of all mocks, hover over mock, only image in mock should switch to pointer on hover.

Reviewers: chad, #blessed_reviewers, epriestley

Reviewed By: #blessed_reviewers, epriestley

Subscribers: epriestley, Korvin

Maniphest Tasks: T4888

Differential Revision: https://secure.phabricator.com/D8986
2014-05-05 17:06:12 -07:00
epriestley
2b4c551b0e Provide a global router for Ajax requests
Summary:
Fixes T430. Fixes T4834. Obsoletes D7641. Currently, we do some things less-well than we could:

  - We just let the browser queue and prioritize requests, so if you load a revision with 50 changes and then click "Award Token", the action blocks until the changes load in most/all browsers. It would be better to prioritize this action and queue it immediately.
  - Similarly, changes tend to load in order, even if the user has clicked to a specific file. When the user expresses a preference for a specific file, we should prioritize it.
  - We show a spinning GIF when waiting on requests. This is appropriate for some types of reuqests, but distracting for others.

To fix this:

  - Queue all (or, at least, most) requests into a new queue in JX.Router.
  - JX.Router handles prioritizing the requests. Principally:
    - You can submit a request with a specific priority (500 = general content loading, 1000 = default, 2000 = explicit user action) and JX.Router will get the higher stuff fired off sooner.
    - You can name requests and then adjust their prorities later, if the user expresses an interest in specific results.
  - Only use the spinner gif for "workflow" requests, which is bascially when the user clicked something and we're waiting on the server. I think it's useful and not-annoying in this case.
  - Don't show any status for draft requests.
  - For content requests, show a subtle hipster-style top loading bar.

Test Plan:
  - Viewed a diff with 93 changes, and clicked award token.
    - Prior to this patch, the action took many many seconds to resolve.
    - After this patch, it resolves quickly.
  - Viewed a diff with 93 changes and saw a pleasant subtle hipster-style loading bar.
  - Viewed a diff with 93 changes and typed some draft text. Previews populated fairly quickly and there was no spinner.
  - Viewed a diff with 93 changes and clicked something with workflow, saw a spinner after a moment.
  - Viewed a diff with 93 changes and clicked a file in the table of contents near the end of the list.
    - Prior to this patch, it took a long time to show up.
    - After this patch, it loads directly.

Reviewers: chad, btrahan

Reviewed By: btrahan

Subscribers: epriestley

Maniphest Tasks: T430, T4834

Differential Revision: https://secure.phabricator.com/D8979
2014-05-05 10:57:42 -07:00
epriestley
bfc1ccfdf1 Move all comment management junk into a dropdown menu
Summary:
man I sure hate Javascript

I removed the ajax-edit and ajax-remove interactions, becuase they were prohibitively complex to get working given that the entire menu has to change too. Instead, the page just reloads. This works perfectly fine in practice.

If we want to restore these in the future, we should have the server re-render the entire transaction group or something. I think very little is lost here, though.

Test Plan:
  - Took all the actions.
  - Used existing dropdown menus.

{F150196}

Reviewers: chad, btrahan

Reviewed By: btrahan

Subscribers: epriestley

Differential Revision: https://secure.phabricator.com/D8966
2014-05-05 10:57:23 -07:00
epriestley
5a5a1ca444 Delete all old dropdown menu code
Summary: Everything is on PHUIX now, so get rid of the old stuff which had standalone CSS.

Test Plan: `grep`

Reviewers: chad, btrahan

Reviewed By: btrahan

Subscribers: epriestley

Differential Revision: https://secure.phabricator.com/D8977
2014-05-05 10:57:08 -07:00
epriestley
cb44531751 Use ActionList-based dropdowns in Policy
Summary: See previous diffs. These mostly look reasonable with shared CSS.

Test Plan: {F150431}

Reviewers: chad, btrahan

Reviewed By: btrahan

Subscribers: epriestley

Differential Revision: https://secure.phabricator.com/D8975
2014-05-05 10:56:57 -07:00
epriestley
9b66f00484 Make tokens more accessible to assitive technologies
Summary:
Ref T4843.

  - The token award buttons are just icons.
  - The tokens themselves are just icons.
  - Also spread the tokens out a tiny bit, they feel a little tight to me right now.

Test Plan: Used VoiceOver to read out tokens and token actions. Looked at an object with several token awards.

Reviewers: chad, btrahan

Reviewed By: btrahan

Subscribers: epriestley

Maniphest Tasks: T4843

Differential Revision: https://secure.phabricator.com/D8982
2014-05-05 10:54:34 -07:00
epriestley
bd7420c4bb Allow pastes to be edited
Summary: Fixes T4814.

Test Plan: Edited pastes from the web UI.

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: epriestley

Maniphest Tasks: T4814

Differential Revision: https://secure.phabricator.com/D8970
2014-05-04 11:11:46 -07:00
epriestley
7fb89686d4 Upstream a patch to cover a migration issue
Summary: Fixes T4928. I'm not sure how this column was missing, but this patch can't hurt.

Test Plan: Reasoned about behavior.

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: epriestley

Maniphest Tasks: T4928

Differential Revision: https://secure.phabricator.com/D8967
2014-05-04 10:48:25 -07:00
lkassianik
d7b7b19337 Add a "Lock Permanently" action to Passphrase
Summary: Fixes T4931. Each new credential should come with the ability to lock the credential permanently, so that no one can ever edit again. Each existing credential must allow user to lock existing credential.

Test Plan: Create new credential, verify that you can lock it before saving it. Open existing unlocked credential, verify that option to lock it exists. Once credential is locked, the option to reveal it should be disabled, and editing the credential won't allow username/password updates.

Reviewers: #blessed_reviewers, epriestley

Reviewed By: #blessed_reviewers, epriestley

Subscribers: epriestley, Korvin

Maniphest Tasks: T4931

Differential Revision: https://secure.phabricator.com/D8947
2014-05-02 18:21:51 -07:00
Bob Trahan
c995e93bc1 Transactions - make ctrl + enter submit ajax-style
Summary: We were correctly invoked a didSyntheticSubmit event on the form, but nothing was listening to it. Re-jigger the workflow submit code a tad so an onsyntheticsubmit event handler can be written to fill this gap. Fixes T4669.

Test Plan: edited comments, submitting both via clicking the button and apple + enter LIKE A BOSS

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: epriestley, Korvin

Maniphest Tasks: T4669

Differential Revision: https://secure.phabricator.com/D8961
2014-05-02 18:01:16 -07:00
Bob Trahan
bfa8803287 Search - making clicking the search button not submit placeholder text
Summary: Need to wire up the button to have a click handler that clears out the placeholder text. Fixes T4847.

Test Plan: Clicked the search button and got results for nothing as opposed to "Search." Typed a search and clicked button and got expected results.

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: epriestley, Korvin

Maniphest Tasks: T4847

Differential Revision: https://secure.phabricator.com/D8960
2014-05-02 17:57:01 -07:00
Chad Little
83dc10f6ac Fix minor design nits, Herald
Summary:
 - Personal Rules display like globals
 - Remove "boxy" look around transcripts
 - Fix Property list widths, breaks, on mobile
 - Add proper blank state for no actions

Test Plan: Tested Herald on mobile and desktop, used simulator in Chrome

Reviewers: btrahan, epriestley

Reviewed By: epriestley

Subscribers: epriestley, Korvin

Differential Revision: https://secure.phabricator.com/D8958
2014-05-02 14:25:58 -07:00
Chad Little
2be4127f5a Fix Aphront Filter on mobile
Summary: Some of this CSS causes fake margins on mobile devices. Fixes the margin and widths for consistency.

Test Plan:
Test a number of filter interfaces on iOS, Maniphest, Differential, etc.

{F150024}

Reviewers: btrahan, epriestley

Reviewed By: epriestley

Subscribers: epriestley, Korvin

Differential Revision: https://secure.phabricator.com/D8959
2014-05-02 14:25:05 -07:00
Chad Little
0376373ee0 Use standard colors for timeline anchor target
Summary: Still highlighted, less brightly

Test Plan:
{F149972}

{F149973}

test minor and major events.

Reviewers: btrahan, epriestley

Reviewed By: epriestley

Subscribers: epriestley, Korvin

Differential Revision: https://secure.phabricator.com/D8956
2014-05-02 10:46:24 -07:00
Chad Little
f9c1bf9266 Reduce loudness of Inline Comments
Summary: Initially the intent was to mimic the property list headers but in practice this wasn't really needed. Reduced the caps and font weight. Left the icon for easy deliniation.

Test Plan:
Review inline comments before and after change

{F149749}

{F149750}

Reviewers: btrahan, epriestley

Reviewed By: epriestley

Subscribers: epriestley, Korvin

Differential Revision: https://secure.phabricator.com/D8936
2014-05-01 21:59:59 -07:00
epriestley
2022a70e16 Implement bin/remove, for structured destruction of objects
Summary:
Ref T4749. Ref T3265. Ref T4909. Several goals here:

  - Move user destruction to the CLI to limit the power of rogue admins.
  - Start consolidating all "destroy named object" scripts into a single UI, to make it easier to know how to destroy things.
  - Structure object destruction so we can do a better and more automatic job of cleaning up transactions, edges, search indexes, etc.
  - Log when we destroy objects so there's a record if data goes missing.

Test Plan: Used `bin/remove destroy` to destroy several users.

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: epriestley

Maniphest Tasks: T3265, T4749, T4909

Differential Revision: https://secure.phabricator.com/D8940
2014-05-01 18:23:31 -07:00
epriestley
1876bef404 Add CSS and docs for remarkup checkbox list styles
Summary: See D8931. Ref T3945. CSS for the checkmark styles.

Test Plan: {F149713}

Reviewers: btrahan, chad

Reviewed By: chad

Subscribers: epriestley

Maniphest Tasks: T3945

Differential Revision: https://secure.phabricator.com/D8932
2014-05-01 17:53:34 -07:00
epriestley
50376aad04 Require multiple auth factors to establish web sessions
Summary:
Ref T4398. This prompts users for multi-factor auth on login.

Roughly, this introduces the idea of "partial" sessions, which we haven't finished constructing yet. In practice, this means the session has made it through primary auth but not through multi-factor auth. Add a workflow for bringing a partial session up to a full one.

Test Plan:
  - Used Conduit.
  - Logged in as multi-factor user.
  - Logged in as no-factor user.
  - Tried to do non-login-things with a partial session.
  - Reviewed account activity logs.

{F149295}

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: epriestley

Maniphest Tasks: T4398

Differential Revision: https://secure.phabricator.com/D8922
2014-05-01 10:23:02 -07:00
Chad Little
1e6b2f26e9 Change spacing, layout of ObjectItem states
Summary:
A few tweaks:

 - Height in box is consistent now at 50px an Object
 - Divider/rule extends full width of box
 - Icon centers inside rule, box area.

Test Plan:
Test UIExamples, check spacing with 4px grid in Photoshop. Test mobile/desktop layout of Harbormaster.

{F149599}

Reviewers: btrahan, epriestley

Reviewed By: epriestley

Subscribers: epriestley, Korvin

Differential Revision: https://secure.phabricator.com/D8929
2014-05-01 09:35:14 -07:00
epriestley
e8cebb7da5 Add support for aural-only and visual-only elements
Summary:
Ref T4843. This adds support to `javelin_tag()` for an `aural` attribute. When specified, `true` values mean "this content is aural-only", while `false` values mean "this content is not aural".

  - I've attempted to find the best modern approaches for marking this content, but the `aural` attribute should let us change the mechanism later.
  - Make the "beta" markers on application navigation visual only (see T4843). This information is of very low importance, the application navigation is accessed frequently, and the information is available on the application list.
  - Partially convert the main navigation. This is mostly to test things, since I want to get more concrete feedback about approaches here.
  - Add a `?__aural__=1` attribute, which renders the page with aural-only elements visible and visual-only elements colored.

Test Plan: {F146476}

Reviewers: btrahan, scp, chad

Reviewed By: chad

Subscribers: aklapper, qgil, epriestley

Maniphest Tasks: T4843

Differential Revision: https://secure.phabricator.com/D8830
2014-05-01 07:18:18 -07:00
epriestley
23e654ec2b Rate limit multi-factor actions
Summary: Ref T4398. Prevent users from brute forcing multi-factor auth by rate limiting attempts. This slightly refines the rate limiting to allow callers to check for a rate limit without adding points, and gives users credit for successfully completing an auth workflow.

Test Plan: Tried to enter hisec with bad credentials 11 times in a row, got rate limited.

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: epriestley

Maniphest Tasks: T4398

Differential Revision: https://secure.phabricator.com/D8911
2014-04-30 14:30:31 -07:00
epriestley
941f0ba7ae Allow panels to appear on dashboards
Summary:
Ref T3583. Adds edges, query relationships, etc. Lots of debugging/temporary UI.

My general intent here is to use edges to track where panels appear, and then put additional data on the dashboard itself to control layout, positioning, etc.

Dashboards don't actually render yet so this is still pretty boring.

Test Plan:
{F149175}

{F149176}

{F149177}

Reviewers: chad, btrahan

Reviewed By: btrahan

Subscribers: epriestley

Maniphest Tasks: T3583

Differential Revision: https://secure.phabricator.com/D8916
2014-04-30 14:28:55 -07:00
epriestley
ea954c37e4 Add dashboard panel types
Summary: Ref T3583. These will be the primary class carrying panel implementations.

Test Plan:
{F149125}

{F149126}

Reviewers: chad, btrahan

Reviewed By: btrahan

Subscribers: epriestley

Maniphest Tasks: T3583

Differential Revision: https://secure.phabricator.com/D8912
2014-04-30 14:28:20 -07:00
Bob Trahan
5f02ed5bbb Phame - add some application polish.
Summary:
Fixes T4880. More specifically

 - adds an "edit" pencil to post lists iff you can edit the post
   - style change so this has no text-decoration
 - adds a "no data" box if you have no posts in a given view
   - style change to crush some margins so it formats like posts do
 - adds some validation that your configuration is correct if you are specifying a custom domain
 - updates docs about custom domains

Test Plan: clicked around and it was better! (see screenshots) read doc changes carefully

Reviewers: epriestley, chad

Reviewed By: epriestley

Subscribers: epriestley, Korvin

Maniphest Tasks: T4880

Differential Revision: https://secure.phabricator.com/D8918
2014-04-30 13:19:14 -07:00
Bob Trahan
bcdef099c2 Notifications - add a "Clear All Notifications" link to dropdown
Summary: Fixes T2576. Also hyperlinks "Notifications" and "Messages" for easier quick navigation to those areas. Maybe we could get rid of the "See All X" UI at the bottom and use these links?

Test Plan: cleared all notifications from new UI - it worked! observed new linked "Notifications" and "Messages" headers

Reviewers: chad, epriestley

Reviewed By: epriestley

Subscribers: epriestley, Korvin

Maniphest Tasks: T2576

Differential Revision: https://secure.phabricator.com/D8894
2014-04-29 10:43:38 -07:00
Chad Little
cafd2dd6cb Add Success/Fail states to PHUIObjectList
Summary:
A number of interfaces could use a more consice looking ObjectItemList for showing pass/fail/warn states.

 - Added a new "State" for PHUIObjectItemListView
 - Updated UIExamples
 - Implemented in Herald (next Harmormaster)

Test Plan: UIExamples / Herald, desktop and mobile

Reviewers: btrahan, epriestley

Reviewed By: epriestley

Subscribers: epriestley, Korvin

Differential Revision: https://secure.phabricator.com/D8893
2014-04-29 10:14:18 -07:00
Bob Trahan
94a2cfbe44 Policy Transactions - add a details view for custom policy
Summary: 'cuz those can be complicated. Fixes T4738. I needed to do a fair amount of heavy lifting to get the policy stuff rendering correctly. For now, I made this end point very one purpose and tried to make that clear.

Test Plan: looked at some custom policies. see screenshots.

Reviewers: chad, epriestley

Reviewed By: epriestley

Subscribers: epriestley, Korvin

Maniphest Tasks: T4738

Differential Revision: https://secure.phabricator.com/D8890
2014-04-29 09:42:54 -07:00
Chad Little
3bc2db199a Add a Stacked view for PropertyList
Summary: Turns a Property List into a stacked view like on tablet/mobile. Useful for where text is longer.

Test Plan:
Test a Herald Transcript page

{F148438}

{F148439}

Reviewers: btrahan, epriestley

Reviewed By: epriestley

Subscribers: epriestley, Korvin

Differential Revision: https://secure.phabricator.com/D8891
2014-04-29 07:04:22 -07:00
Chad Little
a46ead7980 Update inline-comment styles in Differential
Summary:
Moderize Inline Comment Display

 - Use standard colors
 - Better display with/without comment
 - OMG Icons

Test Plan:
{F148256}

Test with and without main comment, test with many for few comments on 1-3 files.

Reviewers: epriestley, btrahan

Reviewed By: btrahan

Subscribers: epriestley, Korvin

Differential Revision: https://secure.phabricator.com/D8885
2014-04-28 19:43:00 -07:00
epriestley
17709bc167 Add multi-factor auth and TOTP support
Summary:
Ref T4398. This is still pretty rough and isn't exposed in the UI yet, but basically works. Some missing features / areas for improvement:

  - Rate limiting attempts (see TODO).
  - Marking tokens used after they're used once (see TODO), maybe. I can't think of ways an attacker could capture a token without also capturing a session, offhand.
  - Actually turning this on (see TODO).
  - This workflow is pretty wordy. It would be nice to calm it down a bit.
  - But also add more help/context to help users figure out what's going on here, I think it's not very obvious if you don't already know what "TOTP" is.
  - Add admin tool to strip auth factors off an account ("Help, I lost my phone and can't log in!").
  - Add admin tool to show users who don't have multi-factor auth? (so you can pester them)
  - Generate QR codes to make the transfer process easier (they're fairly complicated).
  - Make the "entering hi-sec" workflow actually check for auth factors and use them correctly.
  - Turn this on so users can use it.
  - Adding SMS as an option would be nice eventually.
  - Adding "password" as an option, maybe? TOTP feels fairly good to me.

I'll post a couple of screens...

Test Plan:
  - Added TOTP token with Google Authenticator.
  - Added TOTP token with Authy.

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: epriestley

Maniphest Tasks: T4398

Differential Revision: https://secure.phabricator.com/D8875
2014-04-28 09:27:11 -07:00
Chad Little
b3d07ba0a9 Fix mobile search background color
Summary: Currently, clicking search on mobile, the background gradient is bleeding.

Test Plan: Click search icon on mobile, see black and not a pony color.

Reviewers: btrahan, epriestley

Reviewed By: epriestley

Subscribers: epriestley, Korvin

Differential Revision: https://secure.phabricator.com/D8878
2014-04-27 17:47:15 -07:00
epriestley
320be1a1b8 Modernize user activity logs (ApplicationSearch, policies)
Summary:
Ref T4398. Ref T4842. I want to let users review their own account activity, partly as a general security measure and partly to make some of the multi-factor stuff easier to build and debug.

To support this, implement modern policies and application search.

I also removed the "old" and "new" columns from this output, since they had limited utility and revealed email addresses to administrators for some actions. We don't let administrators access email addresses from other UIs, and the value of doing so here seems very small.

Test Plan: Used interface to issue a bunch of queries against user logs, got reasonable/expected results.

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: keir, epriestley

Maniphest Tasks: T4842, T4398

Differential Revision: https://secure.phabricator.com/D8856
2014-04-27 17:31:35 -07:00
epriestley
f42ec84d0c Add "High Security" mode to support multi-factor auth
Summary:
Ref T4398. This is roughly a "sudo" mode, like GitHub has for accessing SSH keys, or Facebook has for managing credit cards. GitHub actually calls theirs "sudo" mode, but I think that's too technical for big parts of our audience. I've gone with "high security mode".

This doesn't actually get exposed in the UI yet (and we don't have any meaningful auth factors to prompt the user for) but the workflow works overall. I'll go through it in a comment, since I need to arrange some screenshots.

Test Plan: See guided walkthrough.

Reviewers: chad, btrahan

Reviewed By: btrahan

Subscribers: epriestley

Maniphest Tasks: T4398

Differential Revision: https://secure.phabricator.com/D8851
2014-04-27 17:31:11 -07:00
Chad Little
c453e98c40 Moderize Herald UI
Summary: Removes many tables and uses PropertyLists and ObjectItemList when possible. Adds cleaner CSS, makes mobile editing more possible.

Test Plan: Test new UI on desktop and mobile. Verify all functionality still exists.

Reviewers: btrahan, epriestley

Reviewed By: epriestley

Subscribers: epriestley, Korvin

Maniphest Tasks: T4272

Differential Revision: https://secure.phabricator.com/D8860
2014-04-27 11:18:48 -07:00
Chad Little
3d2739aa51 Fix Android/Chrome issues in Crumbs/Timeline
Summary: Android/Chrome seems to run Blink and not WebKit. Unclear if these bugs are temporary or "correct". Fixing in any case, can investigate if more come in.

Test Plan: Used Chrome Developer tether to a Nexus 7, fixed CSS by hand.

Reviewers: epriestley, btrahan

Reviewed By: btrahan

Subscribers: epriestley, Korvin

Maniphest Tasks: T4907

Differential Revision: https://secure.phabricator.com/D8874
2014-04-27 09:48:31 -07:00
Chad Little
fc74ad4443 Workboard and Aphlict application icons
Summary: The adds Workboard and Aphlict icons

Test Plan:
TERMS AND CONDITIONS

Acceptance of this Differential Revisions entitles the original author to pursue his dream of making Workboards a phull phledged applicaiton within Phabricator.

Reviewers: btrahan, epriestley

Reviewed By: epriestley

Subscribers: epriestley, Korvin

Differential Revision: https://secure.phabricator.com/D8870
2014-04-26 15:16:06 -07:00
Chad Little
7492bbeff7 Improve clarity around Remarkup blockquote display
Summary: This provides a little more separation/clarify around the blockquote design.

Test Plan:
Find a verbose passage from @epriestley, apply style.

{F147692}

{F147693}

Reviewers: btrahan, epriestley

Reviewed By: epriestley

Subscribers: Korvin, epriestley

Differential Revision: https://secure.phabricator.com/D8867
2014-04-26 12:32:46 -07:00