1
0
Fork 0
mirror of https://we.phorge.it/source/phorge.git synced 2024-11-29 02:02:41 +01:00
Commit graph

14 commits

Author SHA1 Message Date
epriestley
4077ef2555 Show lint issues inline in Differential
Summary:
Take lint information and use it to render synthetic inline comments in
Differential.

Test Plan:
https://secure.phabricator.com/file/view/PHID-FILE-2uapwmf5tqhgscbuty3b/

Reviewers: btrahan, jungejason

Reviewed By: btrahan

CC: aran, btrahan, epriestley, pad

Maniphest Tasks: T24

Differential Revision: https://secure.phabricator.com/D1309
2012-01-04 14:17:33 -08:00
epriestley
39b4d20ce5 Create AphrontWriteGuard, a backup mechanism for CSRF validation
Summary:
Provide a catchall mechanism to find unprotected writes.

  - Depends on D758.
  - Similar to WriteOnHTTPGet stuff from Facebook's stack.
  - Since we have a small number of storage mechanisms and highly structured
read/write pathways, we can explicitly answer the question "is this page
performing a write?".
  - Never allow writes without CSRF checks.
  - This will probably break some things. That's fine: they're CSRF
vulnerabilities or weird edge cases that we can fix. But don't push to Facebook
for a few days unless you're prepared to deal with this.
  - **>>> MEGADERP: All Conduit write APIs are currently vulnerable to CSRF!
<<<**

Test Plan:
  - Ran some scripts that perform writes (scripts/search indexers), no issues.
  - Performed normal CSRF submits.
  - Added writes to an un-CSRF'd page, got an exception.
  - Executed conduit methods.
  - Did login/logout (this works because the logged-out user validates the
logged-out csrf "token").
  - Did OAuth login.
  - Did OAuth registration.

Reviewers: pedram, andrewjcg, erling, jungejason, tuomaspelkonen, aran,
codeblock
Commenters: pedram
CC: aran, epriestley, pedram
Differential Revision: 777
2011-08-16 13:29:57 -07:00
epriestley
451b0e07dc Improve langauge for "Unsaved Draft"
Summary:
Although I think the recent changes here improved things, the "Unsaved Draft"
language is continuing to confuse new users. Try to find some less-confusing
langauge. Open to suggestions here, too.

Test Plan:
Viewed unsubmitted inline comments.

Reviewed By: jungejason
Reviewers: aran, jungejason, gregprice
CC: aran, epriestley, jungejason
Differential Revision: 501
2011-06-26 12:01:41 -07:00
epriestley
0a749ad51b Give unposted comments a distinct visual style
Summary:
See attached tasks. See D459 for the ability to merge tasks.

Test Plan:
Looked at posted and unposted inline comments.

Reviewed By: aran
Reviewers: edward, viyer, aran, jungejason, tuomaspelkonen
CC: aran, epriestley
Differential Revision: 461
2011-06-14 20:42:59 -07:00
epriestley
4d3ef5ee0b Remove nonfunctional links from Differential inline comment previews
Summary:
They currently have "Next", "Previous" and "Reply" links which don't work. Don't
render these links.

Test Plan:
Looked at inline previews, didn't see any silly/nonfunctional links.

Reviewed By: tuomaspelkonen
Reviewers: aran, jungejason, tuomaspelkonen
CC: aran, epriestley, tuomaspelkonen
Differential Revision: 419
2011-06-09 11:22:07 -07:00
epriestley
94d0adb140 Add "Undo" for editing Differential inline comments
Summary:
When a user hits 'cancel' on a 'new', 'edit', or 'reply' operation, add a little
"Changes discarded. __Undo__" insert so they can get their change back. No undo
for delete since there's an explicit prompt. Once this lands we can make
'escape' work again to close dialogs.

This change started feeling really good when I was merging all the duplicate
code and making things more consistent, but by the time I started writing client
rendering it felt gross. I'm not really thrilled with it but I guess it's a step
forward? The feature seems pretty OK in practice. Let me know how much barfing
this causes and I can try to remedy the most acute concerns.

This also fixes a bug where replies always (?) appear on the 'new' side of the
diff (I think?).

Test Plan:
Applied 'new', 'edit', 'delete' and 'reply' operations, pressed 'cancel' and
'okay' in each case, with and without changing text where relevant. All
behaviors seem to conform with expectations, except that canceling out of 'edit'
without changing the text gives you an option to undo when it shouldn't really.
There's no super easy way to get at the original text right now.

Reviewed By: aran
Reviewers: aran, jungejason, tuomaspelkonen
CC: simpkins, aran, epriestley
Differential Revision: 406
2011-06-08 10:44:01 -07:00
tuomaspelkonen
43f6cc75f6 Added 'Next' and 'Previous' links to differential
Summary:
Browsing comments was a bit difficult without the possibllity to jump
between comments. These links will make the browsing easier.

Test Plan:
Tested on multiple diffs that the links were working correctly.

Reviewed By: epriestley
Reviewers: epriestley
CC: jungejason, aran, tuomaspelkonen, epriestley
Differential Revision: 266
2011-05-11 14:46:00 -07:00
adonohue
acd1cc8d22 "Reply" for inline comments
Summary:
"Reply" for inline comments

Test Plan:
Add consecutive and overlapping new inline comments and replies.

Reviewed By: epriestley
Reviewers: epriestley
CC: aran, epriestley
Differential Revision: 143
2011-04-14 18:31:21 -07:00
epriestley
f249ffc882 Fix Remarkup styling in Maniphest and Differential
Summary:
This makes some of the line spacing, paragraph spacing and layout
less terrible. In particular, fixes code blocks inside Differential inline
comments.

Test Plan:
Looked at Maniphest Tasks, Differential Revisions and Differential
inline comments with various flavors of remarkup in them.

Reviewed By: jungejason
Reviewers: tuomaspelkonen, jungejason
CC: jungejason
Differential Revision: 89
2011-03-29 22:02:02 -07:00
epriestley
fcc467fe5e Fix some derp with Differential revision formatting.
Summary:
  - Prevent long comments from expanding the inline box.
  - Make anchor links to inlines work properly.
  - Get rid of "pre" white-space formatting in inline comments.

Test Plan: Viewed a revision with crazy comments in it.

Reviewers:

CC:
2011-02-13 16:00:21 -08:00
epriestley
4aa72aa5ff Inline comment-related fixes. 2011-02-02 19:38:43 -08:00
epriestley
c5ce156e71 Edit/Delete for inline comments 2011-02-02 13:51:45 -08:00
epriestley
759eec3a77 Very rough cut of DarkConsole + XHProf 2011-02-02 13:48:52 -08:00
epriestley
246cba2bf0 InlineComments 2011-02-01 21:09:28 -08:00