1
0
Fork 0
mirror of https://we.phorge.it/source/phorge.git synced 2025-01-24 21:48:21 +01:00
Commit graph

13453 commits

Author SHA1 Message Date
Valerio Bozzolan
524579fe64 Diffusion: fix missing mobile "Actions" from Manage Repo
Summary:
After this change, the page "/manage/" related to Diffusion
repositories has an "Actions" button for mobile users:

{F276113}

Before this change, that button was missing only from this
specific page, and so it was really difficult for them
(if not impossible) to edit repository's basic information:

{F276115}

Do not confuse the hamburger menu on the sidebar with this
"Actions". The hamburger contains queries like Active Repo,
All Repo, etc. Instead the Actions contains
Edit Basic Info, Allow Dangerous Changes, etc.

It seems the cause of this problem is originated from an
apparently incomplete rollback occurred in Sep 6 2017 from
Phabricator:

e1fd74ddb5

As you can see, the DiffusionRepositoryBasicsManagementPanel
was probably not completely restored from the previous
version, at least for the part related to the method
newActionList():

bb369c7b71

The method newActionList() was restored in every other
panel but no the one related to the Basics Management. So,
a new PhabricatorActionListView object was manually
created, but without generating an ID from the Celerity
utilities.

In short, this change assigns an ID to this Curtain, in
order to correctly generates a related "Actions" menu
again. Otherwise, on mobile the curtain (with all the
actions) is automatically hidden, without any alternative.

Closes T15067

Test Plan:
- Repository > Actions > Manage Repository
- Reduce the page until "Actions" appears (yeeh!)

Reviewers: O1 Blessed Committers, Cigaryno, avivey

Reviewed By: O1 Blessed Committers, Cigaryno, avivey

Subscribers: speck, tobiaswiese, Matthew, Cigaryno

Tags: #diffusion, #mobile

Maniphest Tasks: T15067

Differential Revision: https://we.phorge.it/D25109
2023-04-06 10:58:43 +02:00
Valerio Bozzolan
787a84969f Phriction: clarify its search results as "Wiki page"
Summary:
This patch changes a bit how your search results from Phriction
are described in the autocomplete component (the "Typehead"):

{F276843}

After this change, Phriction search results will also contain the word
"Wiki page" so that users can better understand what the result
actually is. Just like a Diffusion repository mentions that it's
a "Repository", and just like a Project mentions that it's a
"Project" and so on.

Before this change, the Typehead entries were only mentioning
the slug of that wiki page.

| Before    | After     |
| {F274820} | {F272278} |

It's unclear if the previous behavior was a mistake (since the
internal parameter of the Typehead is called "type", and so, it
is supposed to mention the application type, not the slug.

Anyway, as a compromise, the slug is still mentioned.

To be honest this is just an excuse to put the middle dot /
aka interpunct character in this project again. Yeah, here the
middle point was used as separator. The apparent reason is:
because the middle point was already in use elsewhere in Phorge.
The real reason is: I'm a lobbyist in a corporation that sells
interpuncts worldwide as our core business, and so, I designed
thisvil plan to put the following middle point - again - in
Phorge (evil laugh).

Closes T15213

Test Plan:
- Search "Change Log" in the up-right bar (or similar)
- You see "Wiki Page · change_log/" (or similar)

Reviewers: O1 Blessed Committers, Cigaryno, avivey

Reviewed By: O1 Blessed Committers, Cigaryno, avivey

Subscribers: avivey, speck, tobiaswiese, Matthew, Cigaryno

Tags: #phriction

Maniphest Tasks: T15213

Differential Revision: https://we.phorge.it/D25102
2023-04-05 15:39:41 +02:00
Valerio Bozzolan
306ce1c0b7 Fix "Search" Application description
Summary:
This description was somehow broken since 2019:

{F276845}

Probably this was caused by a Remarkup breaking change introduced by this
specific XSS security fix:

{54bcbdaba94a3573e128c6498816dbfa41d3a9cb}

Maybe in the future the backtick operator will be supported again
in Remarkup. Or, maybe not. So, let's just workaround to make that
specific page "less exploded" again.

Closes T15230

Test Plan:
- visit the page /applications/view/PhabricatorSearchApplication/
- check that now the Remarkup is rendered perfectly

Reviewers: O1 Blessed Committers, Cigaryno, avivey

Reviewed By: O1 Blessed Committers, Cigaryno, avivey

Subscribers: avivey, speck, tobiaswiese, Matthew, Cigaryno

Maniphest Tasks: T15230

Differential Revision: https://we.phorge.it/D25110
2023-04-05 15:37:46 +02:00
Valerio Bozzolan
96ae4ba13a PHP 8.1: fixes for strlen() not accepting NULL anymore, part 2
Summary:
This is a fix for PHP 8.1 deprecation of strlen(NULL), for these Phorge components:

- scripts
- aphront
- project

The strlen() was used in Phabricator to check if a generic value was a non-empty string.
For this reason, Phorge adopts phutil_nonempty_string() that checks that.

Note: this may highlight other absurd input values that might be worth correcting
instead of just ignoring. If your phutil_nonempty_string() throws an exception, just
report it to Phorge to evaluate and fix together that specific corner case.

Closes T15223
Ref T15190
Ref T15064

Test Plan: - check with your big eyes that there are no obvious typos

Reviewers: O1 Blessed Committers, avivey

Reviewed By: O1 Blessed Committers, avivey

Subscribers: speck, tobiaswiese, Matthew, Cigaryno

Maniphest Tasks: T15223, T15190, T15064

Differential Revision: https://we.phorge.it/D25105
2023-04-01 15:20:13 +02:00
Valerio Bozzolan
d25d630fe5 PHP 8.2: fixes for strlen() not accepting NULL anymore, part 1
Summary:
This change avoids some unnecessary uses of the strlen() function,
actually fixing some deprecation warnings in PHP 8.2.

In short, this is the suggested universal replace:

    -if(strlen($v))
    +if(phutil_nonempty_string($v))

And, if you know PHP, this is also another adoptable replace, but
only for cases where you are sure that the string "0" is not useful:

    -if(strlen($v))
    +if($v))

As usual the optimal solution depends on the contest.

Other similar patches will probably follow.

Closes T15222
Ref T15190

Test Plan:
- for the first time in my life, with this change, the unit tests are passed in PHP 8.2
- check with your big eyes that there are no obvious typos

Reviewers: O1 Blessed Committers, avivey

Reviewed By: O1 Blessed Committers, avivey

Subscribers: avivey, speck, tobiaswiese, Matthew, Cigaryno

Maniphest Tasks: T15199, T15190, T15222

Differential Revision: https://we.phorge.it/D25104
2023-03-31 22:05:52 +02:00
Valerio Bozzolan
fc9bbb9949 Workboard: fix regression caused by tags= prefiller
Summary:
This change fixes a regression introduced here:

rP5e2b3677157889104a7e540d7772a04f13164037

Thank you to the user @dadalha for auditing that commit
and sharing a stack trace to easily fix the issue.

In short, if you see this exception you are affected:

```
EXCEPTION: (InvalidArgumentException)
Value provided to "replaceQueryParam()" for key "tags" is NULL.
Use "removeQueryParam()" to remove a query parameter.
at [<arcanist>/src/parser/PhutilURI.php:341]
```

This change just fixes that specific problem.

Closes T15221

Test Plan:
1. Create a new Project
2. Create a new Milestone inside
3. Create the Milestone's Workboard
4. Visit the Milestone's Workboard and note that now it works

Reviewers: O1 Blessed Committers, avivey

Reviewed By: O1 Blessed Committers, avivey

Subscribers: speck, tobiaswiese, Matthew, Cigaryno, dadalha

Tags: #workboard

Maniphest Tasks: T15221

Differential Revision: https://we.phorge.it/D25103
2023-03-31 11:05:22 +02:00
Valerio Bozzolan
6036079e88 PHP 8.2: fix deprecated use of "parent" in callables
Summary: Closes T15200

Test Plan:
Test 1:

I was able to run `arc unit --everything` without the error thrown from T15200

Test 2:

I also tried this and it still works:

```
php -a
require 'src/applications/metamta/exception/PhabricatorMetaMTAReceivedMailProcessingException.php';
$asd = new PhabricatorMetaMTAReceivedMailProcessingException("1", "TEST MESSAGE");
var_dump($asd->getMessage());
```

You get:

```
string(12) "TEST MESSAGE"
```

Reviewers: O1 Blessed Committers, Matthew

Reviewed By: O1 Blessed Committers, Matthew

Subscribers: speck, tobiaswiese, Matthew, Cigaryno

Maniphest Tasks: T15200

Differential Revision: https://we.phorge.it/D25099
2023-03-29 20:37:25 +02:00
Valerio Bozzolan
5eac69b79d Ponder: strike code of resolved questions in query results
Summary:
After this change, search results with resolved
questions are striked, just like any Closed Maniphest
Tasks is already striked, etc.

https://we.phorge.it/T15166

There is still the same thing to be done at Remarkup.

Ref T15166

Test Plan: - go in the page /ponder/query/all/ and see that closed questions are now striked

Reviewers: O1 Blessed Committers, avivey

Reviewed By: O1 Blessed Committers, avivey

Subscribers: speck, tobiaswiese, Matthew, Cigaryno

Maniphest Tasks: T15166

Differential Revision: https://we.phorge.it/D25086
2023-03-27 20:55:18 +02:00
Valerio Bozzolan
780e86acf8 Herald Rule Creation Page: fix Back button in some cases
Summary:
If you want to create a new Herald Rule, sometime,
like for new "Object" Herald Rules, the Back button just
sends you to the very same page you already were.

The risk is that an employee could receive a specific
instruction, such as "Hey Alfreda, Go back, now"
and at this point Alfreda goes into an incredible loop
continuing to click the Back button until the duration
of the universe (since Phorge is so stable that it's able
to handle that "Back spike" forever - really).

https://we.phorge.it/T15184

Note that this also tries to avoid to change the base URI
to just go Back. For example, before this change, the Back
button was trying to send from /create/ to /new/, but
apparently they are just aliases.

Closes T15184

Test Plan:
- Visit the page /herald/create/?adapter=commit
- Click on "Object"
- Click on "Back"
- Verify that you only went back one screen, and not just forward in time

Reviewers: O1 Blessed Committers, avivey

Reviewed By: O1 Blessed Committers, avivey

Subscribers: speck, tobiaswiese, Matthew, Cigaryno

Maniphest Tasks: T15184

Differential Revision: https://we.phorge.it/D25087
2023-03-27 20:54:28 +02:00
dylsss
5e2b367715 Workboard: improve the Create Task link to mention the Project slug
Summary:
This expands a specific link in a specific menu of Workboard Columns.

You may never notice this difference unless you like to open links in another tab.

If you go to a Workboard, and you open its context menu, and you hover your mouse on the
Create Task action, you see this URL or a similar one:

    http://example.com/maniphest/task/edit/form/default/

After this change, you see this URL or a similar one:

    http://example.com/maniphest/task/edit/form/default/?tags=test

You see that the PhutilURI class was used to add the Project slug to the 'tags' query param so
that users can still open the URL in a new tab and have the form prefilled with the Project Tag.

Closes T15147

Test Plan:
- visit a Workboard
- open the context menu of a Column (the pencil icon)
- see that the Create Task link has the Project slug is in the URL of its prefilled form

Reviewers: O1 Blessed Committers, valerio.bozzolan

Reviewed By: O1 Blessed Committers, valerio.bozzolan

Subscribers: speck, tobiaswiese, valerio.bozzolan, Matthew, Cigaryno

Maniphest Tasks: T15147

Differential Revision: https://we.phorge.it/D25068
2023-03-27 08:18:48 +02:00
Valerio Bozzolan
d98c47041f PHP 8.2: fix deprecated creation of dynamic properties
Summary:
This change fixes a typo that, in PHP 8.2, causes this exception:

    Creation of dynamic property PhabricatorAuthPasswordException::$confirmError is deprecated

Closes T15201

Test Plan: - I checked that "error" was spelled with two "r"

Reviewers: O1 Blessed Committers, avivey

Reviewed By: O1 Blessed Committers, avivey

Subscribers: speck, tobiaswiese, Matthew, Cigaryno

Maniphest Tasks: T15201

Differential Revision: https://we.phorge.it/D25100
2023-03-27 07:10:04 +02:00
Valerio Bozzolan
03c9bf575e PHP 8.2: fixes for deprecated use of ${var} in strings
Summary:
Note that PHP 8.2 implemented this deprecation:

    Using ${var} in strings is deprecated, use {$var} instead

This change fixes some known cases.

Ref T15196

Test Plan: - I checked with my big eyes that everything is as it should be

Reviewers: O1 Blessed Committers, avivey

Reviewed By: O1 Blessed Committers, avivey

Subscribers: avivey, speck, tobiaswiese, Matthew, Cigaryno

Maniphest Tasks: T15196

Differential Revision: https://we.phorge.it/D25098
2023-03-26 22:08:22 +02:00
Valerio Bozzolan
42a8b73adb Feed Differential retitled: do not repeat the title twice
Summary:
This is a cosmetic modification for a specific Feed.

https://we.phorge.it/T15183

If you retitle a Diff (and you do nothing else), its Feed
is somehow too much verbose:

    ... retitled NEW_TITLE from OLD_TITLE to NEW_TITLE

In this specific case, the Feed now becomes shorter so that
the NEW_TITLE is not repeated twice:

    ... retitled NEW_TITLE from OLD_TITLE

Note that, if the title changes again, the Feed naturally comes
back as before so to mention the change and obviously without
any repetition. Example:

    ... retitled CURRENT_TITLE from OLD_TITLE to NEW_TITLE

Closes T15183

Test Plan:
- take a Diff named "OLD_TITLE" and retitle to "NEW_TITLE"
- visit the homepage and see "retitled NEW_TITLE from OLD_TITLE"
  (this means the new behavior works)
- retitle the Diff from "NEW_TITLE" to "CURRENT_TITLE"
- visit the homepage again and see "retitled CURRENT_TITLE from OLD_TITLE to NEW_TITLE"
  (this means the old behavior still works)

Reviewers: O1 Blessed Committers, avivey

Reviewed By: O1 Blessed Committers, avivey

Subscribers: avivey, speck, tobiaswiese, Matthew, Cigaryno

Maniphest Tasks: T15183

Differential Revision: https://we.phorge.it/D25094
2023-03-25 14:21:10 +01:00
Valerio Bozzolan
9bc3c16b6e Fix information page about Read-only status
Summary:
This change fixes the following page on your Phorge/Phabricator:

    /readonly/config/

If you visit that page (with or without read-only mode), the
following crash will happen:

    Call to undefined method PlatformSymbols::getPlatformServerSymbol()

Fixes T15185

Probably the regression was introduced in this point:

rP4d3f0dc7c727e6fdc0e8cba0e8e8f2b8ef1bd16c

This change also renamed "administrator" to "Administrator" in the messages
from that specific page, both because I have great respect for Administrators
and also because that is how this word is spelled in most other places in Phorge.

Test Plan:
- Visit the page /readonly/config/
- It does not crash anymore and you can see that beautiful message
  that - it seems - no person in the world has ever seen since a
  whole year. Take a good look at this page: it is a precious treasure.

Reviewers: O1 Blessed Committers, avivey

Reviewed By: O1 Blessed Committers, avivey

Subscribers: speck, tobiaswiese, Matthew, Cigaryno

Maniphest Tasks: T15185

Differential Revision: https://we.phorge.it/D25091
2023-03-25 12:06:35 +01:00
Valerio Bozzolan
66192a5b83 Fix "Undefined index: icon" when visiting Search Servers using MySQL
Summary:
Fix "Undefined index: icon" when visiting Search Servers using MySQL

NOTE: This patch just fixes the exception at my best but this section probably deserves more improvement to show a better default.

Closes T15155

Test Plan:
- use the default Search Server configuration (that is MySQL)
- open the page Search Servers (/config/cluster/search/)
- verify that it does not explode anymore but it displays something unuseful

Reviewers: O1 Blessed Committers, avivey

Reviewed By: O1 Blessed Committers, avivey

Subscribers: avivey, speck, tobiaswiese, Matthew, Cigaryno

Maniphest Tasks: T15155

Differential Revision: https://we.phorge.it/D25070
2023-03-03 12:16:51 +01:00
Valerio Bozzolan
36dba82224 Show the API summary on the top of each Conduit API page
Summary:
Show the API summary on the top of each Conduit API page.

Before this change, the summary was only displayed from the Conduit APIs list.

Closes T15141

Test Plan:
I've opened 20 random Conduit API pages from the web
interface and I checked that now there is an amazing
"Summary" field.
I also double-checked that there were not green peppers.

Reviewers: O1 Blessed Committers, avivey

Reviewed By: O1 Blessed Committers, avivey

Subscribers: speck, tobiaswiese, Matthew, Cigaryno

Maniphest Tasks: T15141

Differential Revision: https://we.phorge.it/D25063
2023-02-11 11:11:20 +01:00
Valerio Bozzolan
83672ba949 Allow to prefill name and description fields of a new Passphrase
Summary:
Allow to prefill name and description fields of a new Passphrase

Closes T15142

Test Plan:
I've visited this URL in my local test installation:

/passphrase/edit/?type=password&username=user&name=super&description=mario

And I was able to see the Name and Description fields prefilled,
just like the username.

I also tried to put the query string on an already-existing element
and it was working as expected, so, without any prefilled value from
the query string.

Reviewers: O1 Blessed Committers, avivey

Reviewed By: O1 Blessed Committers, avivey

Subscribers: avivey, speck, tobiaswiese, Matthew, Cigaryno

Maniphest Tasks: T15142

Differential Revision: https://we.phorge.it/D25065
2023-02-11 11:08:12 +01:00
Valerio Bozzolan
02a4f8b0c8 Fix editing a Calendar import ICS URI
Summary:
Before this change it was only possible to create a Calendar import ICS URI.
After this change it's possible to also edit already-existing elements.

This change fixes this specific exception when visiting similar pages:

        /calendar/import/edit/5/

        Argument 2 passed to PhabricatorCalendarImport::initializeNewCalendarImport()
        must be an instance of PhabricatorCalendarImportEngine, null given, called in
        phorge/src/applications/calendar/editor/PhabricatorCalendarImportEditEngine.php
        on line 45

Before this change it was only theorically possible to edit the name, policies, etc.
but not the URI.

This change also introduces the ability to edit the specific ICS URI,
in order to change legitimate parts of the URI, like the secret token.

Closes T15137

Test Plan:
I tested in my own installation with success lints.

To test, visit the Calendar, create an import ICS URI, and then try to edit it again.
It will work only after this change.

I was not able to conclude the "arc diff" since it tries to connect
to an unexisting database owned by root.

Reviewers: O1 Blessed Committers, avivey

Reviewed By: O1 Blessed Committers, avivey

Subscribers: avivey, Cigaryno, speck, tobiaswiese, Matthew

Maniphest Tasks: T15137

Differential Revision: https://we.phorge.it/D25061
2022-12-17 12:17:37 +01:00
k__nard
d5040f9a8f updating twitch to latest api (Helix)
Summary:
api doc : https://dev.twitch.tv/docs/api/reference
oauth2 doc : https://dev.twitch.tv/docs/authentication

Test Plan: I have successfully setup OAuth2 authentication against Twitch

Reviewers: O1 Blessed Committers, avivey

Reviewed By: O1 Blessed Committers, avivey

Subscribers: avivey, speck, tobiaswiese, valerio.bozzolan, Matthew, Cigaryno

Tags: #auth

Maniphest Tasks: T15122

Differential Revision: https://we.phorge.it/D25057
2022-12-08 15:41:09 -07:00
Valerio Bozzolan
dc558b5538 Fix NULL pointer exception in some circumstances from Calendar's homepage
Summary:
After importing specific weird events, for example from Google Calendar (bleah), it can happen that the Calendar's homepage becomes broken.

This was the Exception error shown to video:

    "Call to a member function getEventsBetween() on null"

It was happening since this method can return NULL:

    PhabricatorCalendarEventQuery#newRecurrenceSet()

This changeset verifies this condition from the Calendar's homepage.

Closes T15136

Test Plan: I tried in my server. I've executed the syntax lint. On my local machine I was not able to run "arc diff" since it tries to connect to root@localhost for some reasons.

Reviewers: O1 Blessed Committers, 20after4

Reviewed By: O1 Blessed Committers, 20after4

Subscribers: 0, Cigaryno, 20after4, speck, tobiaswiese, Matthew

Tags: #calendar

Maniphest Tasks: T15136

Differential Revision: https://we.phorge.it/D25060
2022-12-08 15:32:27 -07:00
Thomas Iguchi
a8a38835e1 Fix broken file PHID extraction that causes Pholio uploads to crash
Summary:
A commit earlier this year modified the structure of the file upload transaction data value, by nesting the array of file upload PHIDs in another array.
The `extractFilePHIDs` method was not updated to deal with that change though, therefore new mock uploads via Pholio would crash.
This patch fixes that method so it can process the updated transaction data.

Resolves T15105

Test Plan: Patched my live Phabricator installation with this fix and successfully uploaded new Pholio mockups.

Reviewers: O1 Blessed Committers, Cigaryno, Matthew

Reviewed By: O1 Blessed Committers, Cigaryno, Matthew

Subscribers: Matthew, speck, tobiaswiese, valerio.bozzolan, Cigaryno

Tags: #pholio

Maniphest Tasks: T15105

Differential Revision: https://we.phorge.it/D25058
2022-11-11 13:10:16 -07:00
ekubischta
4aedc206c7 Update PassphraseCredential to support Mentions
Summary:
This revision allows us to see where passphrase credentials are mentioned in other parts of phabricator

This is very useful to "What is this credential for?"  If we can see where it was been mentioned

Test Plan: Mentioned a passphrase and saw it in the transaction list

Reviewers: O1 Blessed Committers, Matthew

Reviewed By: O1 Blessed Committers, Matthew

Subscribers: Matthew, Cigaryno, speck, tobiaswiese, valerio.bozzolan

Differential Revision: https://we.phorge.it/D25032
2022-10-09 03:30:07 -07:00
Vedran Miletić
f8ffa393c4 Added cross-platform default fonts
Summary:
`system-ui` is provided by modern browsers as [a cross-platform default font](https://caniuse.com/font-family-system-ui). Using this font [was a controversial choice back in 2017](https://infinnie.github.io/blog/2017/systemui.html). because it did not address i18n well and therefore it was removed from Bootstrap [twbs/bootstrap#22377](https://github.com/twbs/bootstrap/pull/22377). However, it was added back in Bootstrap v5 [twbs/bootstrap#30561](https://github.com/twbs/bootstrap/pull/30561) since it got better over time.

Fixes T15049.

Test Plan: Tested locally for now.

Reviewers: O1 Blessed Committers, avivey

Reviewed By: O1 Blessed Committers, avivey

Subscribers: Matthew, avivey, Cigaryno, 20after4, Ekubischta, speck, tobiaswiese, valerio.bozzolan

Maniphest Tasks: T15049

Differential Revision: https://we.phorge.it/D25021
2022-10-09 03:30:07 -07:00
Aviv Eyal
dbf7cd2b4a Rebrand: Rename library and update "version" logic
Summary: Make the "version" data in Config show information. Also rename the library.

Test Plan: See version "branched from" information.

Reviewers: O1 Blessed Committers, speck

Reviewed By: O1 Blessed Committers, speck

Subscribers: speck, tobiaswiese, valerio.bozzolan, Matthew

Maniphest Tasks: T15006

Differential Revision: https://we.phorge.it/D25047
2022-08-25 01:26:21 -07:00
Aviv Eyal
c3f0c0b0f7 Merge Phacility/master into phorge 2022-07-25 11:50:26 -07:00
epriestley
9426765a2c Flatten "RemarkupValue" objects when setting field defaults for custom forms
Summary:
Ref T13685. "RemarkupEditField" uses a "RemarkupValue" internally, and it currently attempts to serialize into the database unsuccessfully.

Instead, flatten the value before returning it for storage.

Test Plan:
  - Edited the default description of a task in a custom form.

Maniphest Tasks: T13685

Differential Revision: https://secure.phabricator.com/D21854
2022-06-14 09:37:35 -07:00
epriestley
1fc04e238f Fix repository URI generation for SVN commit identifiers represented with integer types
Summary:
Ref T13588. See PHI2198. Some pathways represent SVN commit identifiers (which are numeric) with integers; these raise an exception in `phutil_nonempty_string()`, which is strict.

(Ideally, commit identifiers wouldn't have mixed types, but that's a dramatically less practical change.)

Test Plan: Will deploy.

Maniphest Tasks: T13588

Differential Revision: https://secure.phabricator.com/D21852
2022-06-03 15:01:04 -07:00
epriestley
944b257d5d Fix a policy issue where permissions were not properly checked when disabling global builtin queries
Summary: See <https://hackerone.com/reports/1573143>. The pathway for disabling global builtin queries is missing a policy check. Add it.

Test Plan:
  - Accessed the "/search/delete/id/.../" URI for a global builtin query as a non-administrator.
  - Before patch: could improperly disable queries.
   -After patch: proper policy exception.

Differential Revision: https://secure.phabricator.com/D21851
2022-05-31 11:00:53 -07:00
epriestley
3052ed1484 Remove obsolete, policy-violating "owners.query" API method
Summary: See <https://hackerone.com/reports/1584409>. This obsolete API method is technically policy-violating: Owners packages have had policies since D15275. See also T10360.

Test Plan: Viewed Conduit API console, no longer saw API method available.

Differential Revision: https://secure.phabricator.com/D21850
2022-05-31 10:44:45 -07:00
epriestley
835cd7f270 Improve remarkup metadata robustness against debris in the database
Summary:
Ref T13682. Versioned drafts may have missing or unexpected metadata:

  - versioned drafts from an older version of Phabricator may be missing metadata;
  - versioned drafts created by an older UI against a newer version of Phabricator may have `null` metadata.

Generally, make these workflows robust to metadata in unexpected formats, so database debris doesn't break the UI.

Test Plan: Simulated debris, interacted with UI.

Maniphest Tasks: T13682

Differential Revision: https://secure.phabricator.com/D21849
2022-05-28 06:29:43 -07:00
epriestley
809ae81752 Update Slowvote poll status to use sensible string constants
Summary: Ref T13682. This prepares for modernizing Slowvote and exposing a more usable API.

Test Plan: Ran migrations, opened and closed polls.

Subscribers: PHID-OPKG-gm6ozazyms6q6i22gyam

Maniphest Tasks: T13682

Differential Revision: https://secure.phabricator.com/D21848
2022-05-27 10:15:01 -07:00
epriestley
c1887f0c1d Separate Slowvote poll status onto a dedicated object
Summary: Ref T13682. Prepares for use of API-friendly string constants rather than opaque integers.

Test Plan: Created and edited polls, opening and closing them. Grepped for affected methods.

Maniphest Tasks: T13682

Differential Revision: https://secure.phabricator.com/D21847
2022-05-27 10:15:01 -07:00
epriestley
03d3d1889d Update Slowvote voting methods to use sensible string constants
Summary: Ref T13682. Use API-friendly string constants instead of opaque integers in Slowvote voting methods.

Test Plan: Created, edited, and voted in polls with various voting methods. Examined database after migrations.

Subscribers: PHID-OPKG-gm6ozazyms6q6i22gyam

Maniphest Tasks: T13682

Differential Revision: https://secure.phabricator.com/D21846
2022-05-26 10:27:01 -07:00
epriestley
9dad49472c Move Slowvote vote types to a separate object
Summary: Ref T13682. Extract Slowvote vote types to a separate object, to prepare for turning them into API-friendly string constants.

Test Plan: Created, edited, and voted in Slowvote polls. Grepped for affected constants.

Maniphest Tasks: T13682

Differential Revision: https://secure.phabricator.com/D21845
2022-05-26 10:17:36 -07:00
epriestley
9f075839a2 Update Slowvote to use sensible string constants for response visibility
Summary: Ref T13682. Migrate and update Slowvote to use API-friendly string constants for response visibility, not opaque integers.

Test Plan: Created and edited slowvotes, changing response visibility.

Subscribers: PHID-OPKG-gm6ozazyms6q6i22gyam

Maniphest Tasks: T13682

Differential Revision: https://secure.phabricator.com/D21844
2022-05-26 09:58:48 -07:00
epriestley
23094b4950 Move Slowvote response visibility to a separate object
Summary: Ref T13682. This change supports modifying these constants to be sensible strings instead of opaque integers.

Test Plan: Created and edited polls.

Maniphest Tasks: T13682

Differential Revision: https://secure.phabricator.com/D21843
2022-05-26 09:58:48 -07:00
epriestley
b1533e5468 Migrate "SlowvotePoll" to modern mailkey storage
Summary:
Ref T13682. Ref T13065. Migrate and update "SlowvotePoll" to use more modern mailkey storage (in the mail application, rather than onboard).

Also make other minor modernization changes.

Test Plan: Created a new poll. Ran migration, verified mail key copied properly in database.

Subscribers: PHID-OPKG-gm6ozazyms6q6i22gyam

Maniphest Tasks: T13682, T13065

Differential Revision: https://secure.phabricator.com/D21842
2022-05-26 09:29:05 -07:00
epriestley
d91727e66c Update nonstandard PHID key on "SlowvotePoll"
Summary: Ref T13682. Use a more modern PHID key name for this key.

Test Plan: Ran `bin/storage adjust`, got a modern key.

Maniphest Tasks: T13682

Differential Revision: https://secure.phabricator.com/D21841
2022-05-26 09:29:05 -07:00
epriestley
7e5f7b9640 Update "Files" attachment table to show more attachment details and support detachment
Summary: Ref T13682. Make the "Attached" list in Files a bit more detailed, and add a "Detach" button.

Test Plan: Tried to detach unrelated, referenced, and attached files. Saw attached files detach.

Maniphest Tasks: T13682

Differential Revision: https://secure.phabricator.com/D21840
2022-05-25 12:56:37 -07:00
epriestley
5aa159a830 Pass "object" to modular transaction methods explicitly
Summary:
Ref T13682. When editing a comment, the edit pathway may invoke file PHID extraction without first formalizing an object on the Editor.

Pass the "object" explicitly to generally improve the robustness of this pathway.

Test Plan: Edited a comment.

Maniphest Tasks: T13682

Differential Revision: https://secure.phabricator.com/D21839
2022-05-25 10:25:18 -07:00
epriestley
8e703c8c35 Provide a default "loadPage()" implementation on "CursorPagedPolicyAwareQuery"
Summary: Ref T13682. Many subclasses of "CursorPagedPolicyAwareQuery" have the same implementation of "loadPage()", and this is a sensible default behavior.

Test Plan: Examined changes to verify that all removed methods have the same behavior.

Subscribers: PHID-OPKG-gm6ozazyms6q6i22gyam

Maniphest Tasks: T13682

Differential Revision: https://secure.phabricator.com/D21838
2022-05-24 10:18:53 -07:00
epriestley
5493f028dc Provide a simple "Attach File" explicit workflow for files referenced but not attached
Summary: Ref T13682. Allow users to manually attach files which are referenced (but not attached) via the UI.

Test Plan: Reference files via `{F...}`, then attached them via the UI workflow.

Maniphest Tasks: T13682

Differential Revision: https://secure.phabricator.com/D21837
2022-05-24 09:49:59 -07:00
epriestley
021e5ab933 Provide a rudimentary "Attached Files" curtain UI panel
Summary: Ref T13682. Provide a basic UI element for showing file attached to an object.

Test Plan: Viewed objects with attached files in the UI.

Maniphest Tasks: T13682

Differential Revision: https://secure.phabricator.com/D21836
2022-05-23 14:08:15 -07:00
epriestley
5033ef6f88 Give "FileAttachment" policy support and a query object
Summary: Ref T13682. This supports an "Attached Files" curtain UI element.

Test Plan: See next change.

Maniphest Tasks: T13682

Differential Revision: https://secure.phabricator.com/D21835
2022-05-23 14:08:15 -07:00
epriestley
631c36aee3 Don't consider file references inside quoted text blocks to grant "attachment intent"
Summary:
Ref T13682. This is a marginal case, but if you quote someone else's text and it has a file reference embedded in it, that isn't good enough to generate "attachment intent".

Since you need both a reference and an explicit attachment, this should never actually affect any user-visible behavior today, but makes the ruleset more thorough.

Test Plan: Dragged and dropped a file, referencing it in either a quoted or unquoted block. Saw it attach only for a quoted block.

Maniphest Tasks: T13682

Differential Revision: https://secure.phabricator.com/D21833
2022-05-23 14:08:15 -07:00
epriestley
2a0feb3de0 Only attach files that are both referenced in Remarkup and attached by explicit metadata
Summary:
Ref T13682. When a user uploads a file, then changes their mind and deletes the reference to the file, we don't actually want to attach the file.

When choosing which files to attach, only attach files which are both referenced in Remarkup and explicitly attached in remarkup metadata.

Test Plan:
  - Dropped a file into a comment, submitted it, saw it attach normally.
  - Dropped a file into a comment, deleted the reference, submitted it, saw no attachment.

Maniphest Tasks: T13682

Differential Revision: https://secure.phabricator.com/D21832
2022-05-23 14:08:14 -07:00
epriestley
8cd02e6727 Provide missing default attachment list for Files transactions
Summary: Ref T13682. This property may not exist, and should defualt to an empty array if not present.

Test Plan: Created a new object.

Maniphest Tasks: T13682

Differential Revision: https://secure.phabricator.com/D21834
2022-05-23 09:24:38 -07:00
epriestley
42876de60d Generate file attachment transactions for explicit Remarkup attachments on common edit pathways
Summary:
Ref T13603. On common edit pathways, extract explicit file attachments from Remarkup. These pathways are affected:

  - Objects that use EditEngine and expose a remarkup area via "RemarkupEditField".
  - Objects that use EditEngine to generate a comment area.

This is the vast majority of pathways, but not entirely exhaustive.

Test Plan: Created and commented on a task, explicitly attaching images. Saw images attach properly.

Maniphest Tasks: T13603

Differential Revision: https://secure.phabricator.com/D21830
2022-05-19 13:21:04 -07:00
epriestley
fee8297121 Remove file attachment edge types, including API access
Summary:
Ref T13603. This removes the file attachment edge types, which no longer have readers or writers.

It does not delete the underlying data.

This indirectly removes API access to this edge. As far as I know, this was only used by one customer (see D21480) who has migrated away from Phabricator.

Test Plan: Grepped for edge constants.

Maniphest Tasks: T13603

Differential Revision: https://secure.phabricator.com/D21823
2022-05-19 13:21:04 -07:00
epriestley
b872640c16 Remove all "FileHasObject" edge reads and writes
Summary: Ref T13603. Removes all reads and writes to the other half of the legacy edge.

Test Plan:
  - Verified I could still see file content accessible only through object attachment.
  - This fixes a unit test broken by removal of only half the edge access in the previous change.

Maniphest Tasks: T13603

Differential Revision: https://secure.phabricator.com/D21820
2022-05-19 13:21:04 -07:00