1
0
Fork 0
mirror of https://we.phorge.it/source/phorge.git synced 2024-12-01 19:22:42 +01:00
Commit graph

49 commits

Author SHA1 Message Date
vrana
4eb84149c2 Convert everything to safe HTML
Summary: Sgrepped for `"=~/</"` and manually changed every HTML.

Test Plan: This doesn't work yet but it is hopefully one of the last diffs before Phabricator will be undoubtedly HTML safe.

Reviewers: epriestley

CC: aran, Korvin

Maniphest Tasks: T2432

Differential Revision: https://secure.phabricator.com/D4927
2013-02-13 12:35:40 -08:00
vrana
a22ef4e9b4 Kill most of phutil_escape_html()
Summary:
This resolves lots of double escaping.
We changed most of `phutil_render_tag(, , $s)` to `phutil_tag(, , $s)` which means that `$s` is now auto-escaped.
Also `pht()` auto escapes if it gets `PhutilSafeHTML`.

Test Plan: None.

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, Korvin

Maniphest Tasks: T2432

Differential Revision: https://secure.phabricator.com/D4889
2013-02-11 15:27:38 -08:00
vrana
d817dfa8fc Convert some phutil_escape_html() to hsprintf()
Summary: Found by `sgrep_php -e '"...".phutil_escape_html(...)'`.

Test Plan:
/
/D1
/uiexample/
/countdown/1/
/herald/transcript/1/all/

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, Korvin

Maniphest Tasks: T2432

Differential Revision: https://secure.phabricator.com/D4869
2013-02-08 15:59:02 -08:00
vrana
48561a8b1f Convert phutil_render_tag(X, Y, phutil_escape_html(Z)) to phutil_tag
Summary:
Created with spatch:

  lang=diff
  - phutil_render_tag
  + phutil_tag
    (X, Y,
  - phutil_escape_html(
    Z
  - )
    )

Test Plan: Loaded homepage

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, Korvin

Differential Revision: https://secure.phabricator.com/D4501
2013-01-24 19:08:55 -08:00
John Watson
d67b42dcc0 Missing verb in StoryPhriction renderText
Test Plan: Get feed.query with a Phriction story

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, Korvin

Differential Revision: https://secure.phabricator.com/D4417
2013-01-13 12:50:26 -08:00
John Watson
1f58185f89 Add renderText to FeedStory for simple text repr of story
Summary:
This pushes the rendering of feed stories out of IRCDifferentialNotificationHandler and into feed.query

Also fixes bug in feed.query that broke attachment of related objects to stories.

Test Plan: echo '{"view": "text", "limit": 10}' | arc call-conduit feed.query

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, Korvin, codeblock

Differential Revision: https://secure.phabricator.com/D4390
2013-01-10 11:11:18 -08:00
epriestley
92678eb050 Improve style of notifications
Summary:
  - Gets about 25% of the way toward @chad's notification mocks.
    - YES: Hover states, entire notification is a click target, border, header, footer.
    - NO: Profile pictures (lazy), timestamps (want to refactor time code before introducing a new formatting style), app icons (they'd look funny without timestamps I think)
  - Deletes some old files.
  - Mostly trying to get this good enough to turn on by default.

Test Plan: Looked at notifications. Clicked some notifications.

Reviewers: chad, btrahan

Reviewed By: btrahan

CC: aran

Differential Revision: https://secure.phabricator.com/D4119
2012-12-07 16:26:43 -08:00
epriestley
0bd3f3c53e Simplify notification code
Summary:
Currently we have two different feed story classes, one for notifications and one for feed stories. However, we never actually do anything different with them -- the notification is always the same as the feed story, just shown differently. Delete the notification special case to reduce the amount of code we have supporting feed and notifications.

This is a precursor to @chad's notification designs.

Test Plan: Viewed notifications and feed, saw exactly the same result before and after the patch (but less, simpler code).

Reviewers: btrahan

Reviewed By: btrahan

CC: chad, aran

Differential Revision: https://secure.phabricator.com/D4114
2012-12-07 16:25:23 -08:00
vrana
ef85f49adc Delete license headers from files
Summary:
This commit doesn't change license of any file. It just makes the license implicit (inherited from LICENSE file in the root directory).

We are removing the headers for these reasons:

- It wastes space in editors, less code is visible in editor upon opening a file.
- It brings noise to diff of the first change of any file every year.
- It confuses Git file copy detection when creating small files.
- We don't have an explicit license header in other files (JS, CSS, images, documentation).
- Using license header in every file is not obligatory: http://www.apache.org/dev/apply-license.html#new.

This change is approved by Alma Chao (Lead Open Source and IP Counsel at Facebook).

Test Plan: Verified that the license survived only in LICENSE file and that it didn't modify externals.

Reviewers: epriestley, davidrecordon

Reviewed By: epriestley

CC: aran, Korvin

Maniphest Tasks: T2035

Differential Revision: https://secure.phabricator.com/D3886
2012-11-05 11:16:51 -08:00
epriestley
696a1b22ba Make feed stories properly respect object policies
Summary:
  - When a feed story's primary object is a Policy object, use its visibility policy to control story visibility. Leave an exception for
  - Augment PhabricatorPolicyAwareQuery so queries may do pre-policy filtering without the need to handle their own buffering/cursor code. (We could slightly improve this: if a query returns less than a page of pre-filtered results we could keep getting pre-filtered results until we had at least a page's worth and then filter them all at once.)
  - Load and attach "required objects" to feed stories. We need this for policies anyway, and it will let us simplify story implementations by sourcing data directly from the object when we don't have some need to denormalize it (e.g., "title was changed from X to Y" needs to save the values of X and Y from when we published the story, but "user asked question X" can reflect the current version of the question).

Test Plan: Loaded main feed, project feed, notification menu / dropdown, notificaiton list, paginated things.

Reviewers: btrahan, vrana

Reviewed By: btrahan

CC: aran

Differential Revision: https://secure.phabricator.com/D3783
2012-10-23 12:01:59 -07:00
Alan Huang
1b7f6655c9 Aggregate Differential notifications
Summary:
Just a bunch of copy-pasta from D2884. I suppose this calls for
a refactoring at some point...

Test Plan:
Make a bunch of updates, some from different users; check
notifications dropdown and list.

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, Korvin

Differential Revision: https://secure.phabricator.com/D3361
2012-08-22 08:19:38 -07:00
vrana
6e63674b2d Use class_exists() before is_subclass_of()
Summary: HPHP doesn't autoload without it.

Test Plan: /p/vrana/feed/

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, Korvin

Differential Revision: https://secure.phabricator.com/D3009
2012-07-18 19:57:39 -07:00
epriestley
310cf00fc3 Consolidate feed query code
Summary: Simplify FeedQuery by making it extend from PhabricatorIDPagedPolicyQuery

Test Plan: Looked at feed on home, projects, user profile, and called `feed.query`.

Reviewers: btrahan

Reviewed By: btrahan

CC: aran

Differential Revision: https://secure.phabricator.com/D2905
2012-07-02 15:41:19 -07:00
epriestley
d49b06c322 Consolidate PhabricatorFeedStory construction code
Summary: This code is duplicated in two places; share it.

Test Plan: Looked at feed and notifications.

Reviewers: btrahan

Reviewed By: btrahan

CC: aran

Differential Revision: https://secure.phabricator.com/D2901
2012-07-02 10:37:22 -07:00
epriestley
fc45398ba9 Support basic notification aggregation
Summary: This is both only partially complete (supports Maniphest only) and somewhat overcomplicated (includes support for applying similar algorithms to Feed), but provides runtime aggregation of notifications.

Test Plan: {F13502}

Reviewers: btrahan, jungejason

Reviewed By: btrahan

CC: aran

Differential Revision: https://secure.phabricator.com/D2884
2012-07-01 11:08:59 -07:00
epriestley
f666c3d559 Minor, fix wording for some maniphest stories 2012-06-30 06:53:11 -07:00
epriestley
bedc9acf98 Minor, fix XSS in task description change notifications. 2012-06-24 15:15:34 -07:00
epriestley
8ddfdb26e9 Publish feed stories about commits
Summary: When stuff gets committed, publish feed stories about it.

Test Plan: {F13061}

Reviewers: jungejason, vrana, voldern

Reviewed By: jungejason

CC: aran

Maniphest Tasks: T1322

Differential Revision: https://secure.phabricator.com/D2805
2012-06-20 06:03:44 -07:00
epriestley
76df7970ec Show notification text for non-reload notifications
Summary:
Show all notifications, but make the non-reload ones transient.

Depends on D2781, D2780

Test Plan: {F12986}

Reviewers: jungejason, vrana

Reviewed By: jungejason

CC: aran

Maniphest Tasks: T944

Differential Revision: https://secure.phabricator.com/D2782
2012-06-18 14:08:10 -07:00
David Fisher
a57f5d1562 fixed overlong differential feed story titles
Summary:
Previously, the comment and/or summary would be added to the title. This
is incorrect behavior.

Test Plan: observed change

Reviewers: epriestley

Reviewed By: epriestley

CC: allenjohnashton, keebuhm, aran, Korvin

Differential Revision: https://secure.phabricator.com/D2701
2012-06-10 17:38:30 -07:00
John-Ashton Allen
1f3b058daa Implemented fallback for unimplemented notifications with silly message.
Summary:
Most notifications are not implemented, a fallback message should
be displayed for these cases.

Test Plan: Commented out renderNotificationView in PhabricatorFeedStoryManiphest and watched the notifications render.

Reviewers: epriestley, btrahan

Reviewed By: epriestley

CC: ddfisher, keebuhm, aran, Korvin

Differential Revision: https://secure.phabricator.com/D2700
2012-06-08 20:25:00 -07:00
epriestley
b695558223 Minor, remove abstract method until subclasses implement it. 2012-06-08 19:47:02 -07:00
Keebuhm Park
284d7b6a46 Minor fixes to maniphest feed/notification
Summary:
Added `renderNotificationView()` abstract function to `PhabricatorFeedStory` base class.
Fixed duplicate line in `PhabricatorFeedStoryManiphest` class.
Fixed spacing/formatting in `ManiphestTransactionEditor`.

Test Plan: No functional changes

Reviewers: epriestley, btrahan

Reviewed By: epriestley

CC: allenjohnashton, ddfisher, aran, Korvin

Differential Revision: https://secure.phabricator.com/D2698
2012-06-08 19:11:53 -07:00
Keebuhm Park
c67f45734d Notification implementation for Differential
Summary: The notification implementation has been extended to Differential. Appropriate changes have been made to the Differential editors and Differential feed story.

Test Plan: Tested out various actions available for Differential and confirmed that the notifications get delivered correctly and feed is generated.

Reviewers: epriestley, btrahan

Reviewed By: epriestley

CC: allenjohnashton, ddfisher, aran, Korvin

Differential Revision: https://secure.phabricator.com/D2696
2012-06-08 18:45:40 -07:00
Keebuhm Park
be0e16ff7d Fixed losing full size feed for maniphest task creation
Summary: After D2571, feed for maniphest task creation was being generated non-full-size. Fixed this by properly getting the maniphest action from story data.

Test Plan: Feed seems to work fine and the feed for task creation is full-sized.

Reviewers: epriestley, btrahan

Reviewed By: epriestley

CC: allenjohnashton, ddfisher, aran, Korvin

Differential Revision: https://secure.phabricator.com/D2691
2012-06-08 14:31:10 -07:00
John-Ashton Allen
ec37ce3db7 Add more detailed story actions for maniphest.
Summary:
TransactionType gives us more information than
update, open, close, assign.  We can display those in feed/notifications along with and comments on the actions.

Test Plan: did on local machine tested out.

Reviewers: epriestley, btrahan

Reviewed By: epriestley

CC: ddfisher, keebuhm, aran, Korvin

Differential Revision: https://secure.phabricator.com/D2683
2012-06-08 11:28:49 -07:00
John-Ashton Allen
3a6ee79190 Adds base notification application
Summary: First diff in a series of diffs to add notifications to Phabricator. This is the notification application ONLY. This commit does not include the changes to other applications that makes them add notifications. As such, no notifications will be generated beyond the initial database import.

Test Plan: This is part of the notifications architecture which has been running on http://theoryphabricator.com for the past several months.

Reviewers: epriestley, btrahan, ddfisher

Reviewed By: epriestley

CC: allenjohnashton, keebuhm, aran, Korvin, jungejason, nh

Maniphest Tasks: T974

Differential Revision: https://secure.phabricator.com/D2571
2012-06-08 06:32:02 -07:00
vrana
6cc196a2e5 Move files in Phabricator one level up
Summary:
- `kill_init.php` said "Moving 1000 files" - I hope that this is not some limit in `FileFinder`.
- [src/infrastructure/celerity] `git mv utils.php map.php; git mv api/utils.php api.php`
- Comment `phutil_libraries` in `.arcconfig` and run `arc liberate`.

NOTE: `arc diff` timed out so I'm pushing it without review.

Test Plan:
/D1234
Browsed around, especially in `applications/repository/worker/commitchangeparser` and `applications/` in general.

Auditors: epriestley

Maniphest Tasks: T1103
2012-06-01 12:32:44 -07:00
epriestley
09c8af4de0 Upgrade phabricator to libphutil v2
Summary: Mechanical changes from D2588. No "Class.php" moves yet.

Test Plan: See D2588.

Reviewers: vrana, btrahan, jungejason

Reviewed By: vrana

CC: aran

Maniphest Tasks: T1103

Differential Revision: https://secure.phabricator.com/D2591
2012-05-30 14:26:29 -07:00
epriestley
20a5c9b261 Use "closed", not "committed", in Differential
Summary: "Committed" is SVN-specific language, and confusing in Git and Mercurial. Use neutral language instead.

Test Plan: Inspection.

Reviewers: btrahan, Makinde, vrana, jungejason

Reviewed By: vrana

CC: aran

Maniphest Tasks: T909

Differential Revision: https://secure.phabricator.com/D2087
2012-04-23 17:40:57 -07:00
vrana
8813c7be0e Use assert_instances_of() everywhere but Differential and Diffusion
Summary: NOTE: This is not produced by a script so there might be errors. Please review carefully.

Test Plan: Browse around.

Reviewers: epriestley

Reviewed By: epriestley

CC: aran

Differential Revision: https://secure.phabricator.com/D2091
2012-04-03 14:53:20 -07:00
vrana
5623abecbf Don't set NULL values in array returned from loadObjects()
Summary: Delete some dead code in Feed along the way.

Test Plan:
/feed/
/search/

Reviewers: epriestley

Reviewed By: epriestley

CC: aran

Differential Revision: https://secure.phabricator.com/D2092
2012-04-03 14:46:39 -07:00
epriestley
11cccb98c2 Add "final" to more classes
Summary: No big surprises here, delted the unused "DarkConsole" class.

Test Plan: Ran 'testEverythingImplemented' to verify I wasn't finalizing anything we extend.

Reviewers: btrahan

Reviewed By: btrahan

CC: aran, epriestley

Maniphest Tasks: T795

Differential Revision: https://secure.phabricator.com/D1876
2012-03-13 11:18:11 -07:00
epriestley
053d576ad6 Integrate Audit into feed
Summary: When a user posts an action in the audit tool, publish it to feed.

Test Plan: Made some comments, saw them show up in feed.

Reviewers: btrahan, jungejason

Reviewed By: jungejason

CC: aran, epriestley

Maniphest Tasks: T904

Differential Revision: https://secure.phabricator.com/D1695
2012-02-27 09:49:01 -08:00
epriestley
29acc848c1 Add a "feed" filter to the home page; align things; allow browsing older stories
Summary:
Pretty straightforward; see title. Kind of gross but I have a bunch
more iterations in mind here (like filtering). Paging this is a little tricky
since we can't easily use AphrontPagerView, as it relies on OFFSET, and I think
that's sort of sketchy to use here for UX reasons (query performance and view
consistency as feed updates).

Test Plan: Looked at feed, paged through feed.

Reviewers: btrahan

Reviewed By: btrahan

CC: aran, epriestley

Differential Revision: https://secure.phabricator.com/D1616
2012-02-15 17:48:14 -08:00
epriestley
4caa684724 Simplify Project status field
Summary:
This was a sort of speculative feature added by a contributor some time ago and
just serves as a label; for now, simplify it into "active" and "archived" and
remove "archived" projects from the "active" list.

  - Fix a bug where we'd publish a "renamed from X to X" transaction that had no
effect.
  - Publish stories about status changes.
  - Remove the "edit affiliation" controller, which has no links in the UI
(effectively replaced by join/leave links).
  - Add query/conduit support.

Test Plan: Edited the status of several projects.

Reviewers: btrahan

Reviewed By: btrahan

CC: aran, epriestley

Maniphest Tasks: T681

Differential Revision: https://secure.phabricator.com/D1573
2012-02-07 14:59:38 -08:00
David Reuss
c3281c8757 Add conduit feed.query method
Summary: This is not totally done yet, and i'm submitting for feedback.

Test Plan: Played with various settings in local conduit console.

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, epriestley

Maniphest Tasks: T790

Differential Revision: https://secure.phabricator.com/D1555
2012-02-02 16:44:13 -08:00
epriestley
780397aa71 Resolve link framing issue for public feed
Summary:
  - Use $this->linkTo($phid) to render all links.
  - Simplify code.

Test Plan: Public feed renders with 'target="_top"' links. Nonpublic feed
doesn't. Looked at a bunch of feed stories, none seem broken.

Reviewers: btrahan, aran, nh, jungejason, ide

Reviewed By: btrahan

CC: aran, epriestley

Maniphest Tasks: T453

Differential Revision: https://secure.phabricator.com/D1514
2012-01-30 04:12:15 -08:00
epriestley
cb0bb8165d Add a Join / Leave button to Projects
Summary: Make it easy to join or leave (well, slightly less easy) a project.
Publish join/leave to feed. Fix a couple of membership editor bugs.

Test Plan: Joined, left a project.

Reviewers: btrahan, jungejason

Reviewed By: btrahan

CC: aran, epriestley

Maniphest Tasks: T681

Differential Revision: https://secure.phabricator.com/D1485
2012-01-25 11:51:20 -08:00
epriestley
b43eb5aa7c Add transaction-oriented editing to projects
Summary:
  - Make some editing operations transaction-oriented, like Maniphest. (This
seems to be a good model, particularly for extensibility.) I'll move the rest of
the editing operations to transactions in future diffs.
  - Make transaction-oriented operations publish feed stories.

Test Plan:
  - Created a new project.
  - Edited an existing project.
  - Created a new project via quick create flow from Maniphest.
  - Verified feed stories publish correctly.

Reviewers: btrahan, jungejason

Reviewed By: btrahan

CC: aran, epriestley

Maniphest Tasks: T681

Differential Revision: https://secure.phabricator.com/D1477
2012-01-24 09:44:35 -08:00
Bob Trahan
84ea5c53e4 Kill PhabricatorFileURI
Summary:
we used to need this function for security purposes, but no longer need
it.   remove it so that some call sites can be optimized via smarter data
fetching, and so the whole codebase can have one less thing in it.

Test Plan:
verified the images displayed properly for each of the following
- viewed a diff with added images.
- viewed a user feed
- viewed a user profile
- viewed all image macros
- viewed a paste and clicked through "raw link"
weakness in testing around proxy files and transformed files.  not sure what
these are.  changes here are very programmatic however.

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, btrahan, epriestley

Maniphest Tasks: T672

Differential Revision: https://secure.phabricator.com/D1354
2012-01-10 15:21:39 -08:00
epriestley
ec1df21bef Add getStrList() to AphrontRequest
Summary:
  - We have a few places where we do some kind of ad-hoc comma list tokenizing,
and I'm adding another one in D1290. Add a helper to the request object.
  - Add some unit tests.

Test Plan:
  - Ran unit tests.
  - Used PHID manager, Maniphest custom view, and Repository project editor.

Reviewers: btrahan, fratrik, jungejason

Reviewed By: btrahan

CC: aran, btrahan, epriestley

Differential Revision: https://secure.phabricator.com/D1302
2012-01-04 10:18:46 -08:00
Evan Priestley
71e1911dfc Lock down MetaMTA functionality to administrators
Summary:
We have a debug interface for sending various sorts of email, but normal users
don't really need to use it. In particular, they can:

  - Send arbitrary email to other users;
  - Discover other users' email addresses fairly easily (CC everyone);
  - Send arbitrary email to arbitrary addresses in conjunction with "Mailing
Lists"

In fact, normal users don't need to get to the MetaMTA web interface at all and
it has some somewhat-sensitive things beacuse it has a lot of detailed
information about mail. For instance, users can look at mail records to discover
things like password reset links and per-user object email addresses.

We should smooth out the UI here but I think I can do something about T21 fairly
soon and cover it then.

Test Plan:
Went to /mail/ with a non-admin, got 404'd. Went to /mail/ with an
admin, everything works, got a red admin header.

Reviewers: jungejason, btrahan

Reviewed By: btrahan

CC: aran, btrahan, jungejason

Maniphest Tasks: T718

Differential Revision: https://secure.phabricator.com/D1292
2011-12-30 14:37:13 -08:00
epriestley
2cec36d858 Minor style/layout tweaks to Project profiles and feed
Summary: Just trying to improve the design/layout a little here.

Test Plan:
https://secure.phabricator.com/file/view/PHID-FILE-xglufh3wxy34evec4o4u/

Reviewers: btrahan, jungejason

Reviewed By: jungejason

CC: aran, jungejason

Differential Revision: https://secure.phabricator.com/D1265
2011-12-22 17:47:43 -08:00
epriestley
ee620bde6d Publish feed stories from Maniphest
Summary: I didn't get around to this earlier; add Feed/Maniphest integration.
This is partly motivated by wanting Projects to not be terrible. Pretty
straightforward.

Test Plan:
  - Created, updated, reassigned and closed a task.
  - Verified feed stories render reasonably.

Reviewers: btrahan, jungejason

Reviewed By: btrahan

CC: aran, btrahan

Maniphest Tasks: T681

Differential Revision: 1232
2011-12-20 09:55:29 -08:00
epriestley
f761ee91d3 Publish Phriction edits to feed
Summary: Basic integration between Phriction and feed.
Test Plan: Created and edited some documents, they published to feed.
Reviewed By: hsb
Reviewers: hsb, codeblock, jungejason, tuomaspelkonen, aran
CC: aran, hsb
Differential Revision: 653
2011-07-12 16:36:17 -07:00
epriestley
f55c082e65 Publish Differential stories into feed
Summary: Basic hookup for Differential -> Feed. Also introduces "one-line"
stories for less-important stuff.
Test Plan: Interacted with some revisions, got feed stories out of it.
Reviewed By: jungejason
Reviewers: jungejason, aran, tuomaspelkonen, codeblock
CC: aran, jungejason
Differential Revision: 632
2011-07-09 17:39:17 -07:00
epriestley
d665268074 Improve feed stories with "style", and build basic status update stories.
Summary: Straightfoward iteration on feed.
Test Plan:
https://secure.phabricator.com/file/view/PHID-FILE-d07077119dc834e76618/
Reviewed By: codeblock
Reviewers: jungejason, aran, tuomaspelkonen, codeblock
CC: aran, codeblock, epriestley
Differential Revision: 631
2011-07-09 13:53:49 -07:00
epriestley
ece9d792b2 Build basic infrastructure for an activity feed
Summary: This defines an extremely basic version of an activity feed, like
Facebook's news feed. It doesn't do much of interest yet.
Test Plan: Published some feed stories:
https://secure.phabricator.com/file/view/PHID-FILE-5061aa72105bbdc05b21/
Reviewed By: tuomaspelkonen
Reviewers: jungejason, tuomaspelkonen, aran
Commenters: codeblock, jungejason
CC: aran, epriestley, codeblock, tuomaspelkonen, jungejason
Differential Revision: 593
2011-07-06 16:19:29 -07:00