1
0
Fork 0
mirror of https://we.phorge.it/source/phorge.git synced 2024-11-30 18:52:42 +01:00
Commit graph

1285 commits

Author SHA1 Message Date
epriestley
4dd87f1ad3 Drive Differential landing page with DifferentialRevisionQuery, simplify UI
Summary:
  - Use DifferentialRevisionQuery, not DifferentialRevisionListData, to select
revisions.
  - Make UI simpler (I hope?) and more flexible, similar to Maniphest. It now
shows "Active", "Revisions", "Reviews" and "Subscribed" instead of a hodge-podge
of miscellaneous stuff. All now really has all revisions, not just open
revisions.
  - Allow views to be filtered and sorted more flexibly.
  - Allow anonymous users to use the per-user views, just don't default them
there.

NOTE: This might have performance implications! I need some help evaluating
them.

@nh / @jungejason / @aran, can one of you run some queries agianst FB's corpus?

The "active revisions" view is built much differently now. Before, we issued two
queries:

  - SELECT (open revisions you authored that need revision) UNION ALL (open
revisions you are reviewing that need review)
  - SELECT (open revisions you authored that need review) UNION ALL (open
revisions you are reviewing that need revision)

These two queries generate the "Action Required" and "Waiting on Others" views,
and are available in P247.

Now, we issue only one query:

  - SELECT (open revisions you authored or are reviewing)

Then we divide them into the two tables in PHP. That query is available in P246.

On the secure.phabricator.com data, this new approach seems to be much better
(like, 10x better). But the secure.phabricator.com data isn't very large. Can
someone run it against Facebook's data (using a few heavy-hitting PHIDs, like
ola or something) to make sure it won't cause a regression?

In particular:

  - Run the queries and make sure the new version doesn't take too long.
  - Run the queries with EXPLAIN and give me the output maybe?

Test Plan:
  - Looked at different filters.
  - Changed "View User" PHID.
  - Changed open/all.
  - Changed sort order.
  - Ran EXPLAIN / select against secure.phabricator.com corpus.

Reviewers: btrahan, nh, jungejason

Reviewed By: btrahan

CC: cpiro, aran, btrahan, epriestley, jungejason, nh

Maniphest Tasks: T586

Differential Revision: 1186
2011-12-16 13:21:54 -08:00
Bob Trahan
b595f8447b Fix comment from D1221 to have updated variable
Test Plan: re-ran D1221 test plan

Reviewers: epriestley
2011-12-15 14:37:44 -08:00
Bob Trahan
ecb0ab4847 Phriction - kill tabs
Summary:
...except that pesky help tab which remains.

Pertinent bits here...
- move "History" into button "View History" that is grey and next to "Edit Page"
- for history page, add breadcrumb similar to the one on "diff" page.  This
unifies the experiencing on history <=> diffs as well as gives the user a link
back to the document, which was a tab on the History page before this diff.

Thoughts for next time...
- I'd like to further unify the breadcrumbs between "View" and "History / Diff".
- The "Document Index" is pretty sweet and feels a bit buried.  I wonder if
unifying breadcrumbs is the key here?

Test Plan: clicked around phriction.   viewed a document, viewed its history.
verified links in breadcrumbs were correct

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, epriestley

Maniphest Tasks: T631

Differential Revision: 1221
2011-12-15 14:35:38 -08:00
Bob Trahan
128b7584da Files - kill tabs
Summary:
kill tabs for Files application.  Technique is the "filter list" on the left
hand side, with separation for "Files" versus "Image Macros".   UI quirks
include:

- the page title does not change for the 3 files filters while it does change
for each of the two image macro filters.
- standalone "file" pages do not have the filter view
- you can visit /file/upload/ standalone and it doesn't have the pretty filter
list on it

Please do give direction on these quirks if you like.  :)

This change also neuters the ?author= functionality for files.  The code is
written such that it can easily be brought back.

Test Plan: clicked around on the filters, liked what I saw.  uploaded files
fancy-like and basic-like and it worked!  made image macros and it worked!

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, btrahan, epriestley

Maniphest Tasks: T631

Differential Revision: 1219
2011-12-15 14:32:12 -08:00
Bob Trahan
0e7049e8aa Countdown - kill tabs
Summary: pretty simple stuff here.   "View" controller had a 'view' tab selected
which DNE.

Test Plan: viewed countdown, noted no tabs

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, epriestley

Maniphest Tasks: T631

Differential Revision: 1222
2011-12-15 14:31:25 -08:00
jungejason
c13b7da290 Add Related Commits for Owners
Summary:
For each commit, find the affected packages, and provide a way to
search by package.

Test Plan:
create commits that touch and don't touch two packages, and verify
that they display correctly in all the UI pages.

Reviewers: epriestley, blair, nh, tuomaspelkonen

Reviewed By: epriestley

CC: benmathews, aran, epriestley, btrahan, jungejason, mpodobnik, prithvi

Maniphest Tasks: T83

Differential Revision: 1208
2011-12-14 22:48:57 -08:00
David Cramer
2677217244 Revised unit display to resemble lint output
Reviewers: epriestley

Test Plan: View a differential with unit results and compare display.

Differential Revision: 1216
2011-12-14 16:11:55 -08:00
epriestley
94e8b947e5 Improve debugging information on ID uniqueness failure in isolated connection
test

Summary: @jungejason reported seeing test failures here. I can't reproduce them
and my read of the code doesn't suggest why they might be happening, but add a
little more debug info in hopes of chasing this down.

Test Plan:
  - Ran test in a loop for a long time, couldn't get it to fail.
  - Changed assertEquals() condition to force test to fail, verified output
message was informative.

Reviewers: jungejason, btrahan

Reviewed By: jungejason

CC: aran, epriestley, jungejason

Differential Revision: 1212
2011-12-14 14:38:07 -08:00
Jason Ge
16f57dce1d Fix library_map for D1198
Summary:
after a class is deleted/added, we need to run
arcanist/scripts/phutil_mapper src to update the library map.

Task ID: #

Test Plan:
run test case testEverythingImplemented and it passes.

Revert Plan:

Tags:

Reviewers: btrahan, epriestley

Reviewed By: btrahan

CC: aran, btrahan

Differential Revision: 1211
2011-12-14 12:46:23 -08:00
Bob Trahan
522b16ed12 Paste - fix N query problem for file URIs
Summary: grab all the files in one big fetch, rather than serially fetching
them.   follow up from D1198.

Test Plan: viewed paste and there were no errors!

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, jungejason, btrahan, epriestley

Differential Revision: 1202
2011-12-14 12:30:10 -08:00
Marek Sapota
4ef18d35ac Fix error introduced with D1195.
Summary:
Not my best commit=/

Reviewers: epriestley

Test plan:
After the change commit parser started working again.

Differential Revision: 1206
2011-12-13 20:37:18 -08:00
epriestley
51b8168253 Fix fatal in commit message parser
Summary:
See D1195, which fataled this daemon.

https://secure.phabricator.com/daemon/log/2966/

Test Plan: Applied this patch to secure.phabricator.com, restarted daemon, it
picked up D1203.

Reviewers: btrahan, jungejason, mareksapota

Reviewed By: btrahan

CC: aran, btrahan, mareksapota

Differential Revision: 1204
2011-12-13 18:56:26 -08:00
epriestley
2efd8fe971 Fix a bad %d for PHID
Summary: D1174 caught this issue -- we mean to load all //your// rules, but
actually load //all// rules. Use %s correctly.

Test Plan: Hit /herald/rule/ without an exception.

Reviewers: fmoo, btrahan, jungejason

Reviewed By: btrahan

CC: aran, epriestley, btrahan

Differential Revision: 1203
2011-12-13 18:30:53 -08:00
Bob Trahan
6f1dfbb658 Paste - kill tabs
Summary:
merge paste create and paste list into a single controller.  Add a "filter list"
to the left hand side and have new "create w/ recent", "my" and "all" views.  UI
wrinkle -- "create w/ recent" does not paginate the recent pastes and instead
upsells the user to the new "all" view.

Also includes a business logic clean up or two for simplicity of code.

Test Plan:
- created a paste from the UI
- tried to create a paste with title and no body
- tried to create a paste with no title and no body
- viewed the paste list on "create" view
- viewed the paste list on "author" view
- viewed the paste list on "all" view
- viewed page 2 of the paste list for "author" and "all" views
- "forked" a given paste through completion

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, epriestley, btrahan

Maniphest Tasks: T631

Differential Revision: 1198
2011-12-13 17:53:41 -08:00
epriestley
4edfd35503 Fix qsprintf() '%nd' conversion
Summary:
I broke this a little bit in my overzealous D1174, since this block validates
both '%nd' (nullable integer) and '%d' (non-nullable integer).

Clean up the conditional checks so we catch the bad case ('%d' on a PHID
converting to 0) but let the good case ('%nd' with null) through.

Test Plan: Unit tests failed; applied patch; unit tests pass.

Reviewers: btrahan, jungejason

Reviewed By: btrahan

CC: aran, btrahan

Maniphest Tasks: T670

Differential Revision: 1201
2011-12-13 17:40:24 -08:00
Marek Sapota
2d232674df Allow customized patterns for marking generated files.
Test Plan:
Created a listener that adds some patterns to $matches array, reloaded
Differential, some changesets were not shown as generated.

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, epriestley, mareksapota

Differential Revision: 1200
2011-12-13 17:14:25 -08:00
jhester
1fec5fd727 Add author to differential.getrevisionfeedback
Summary: Add the author PHID to the differential.getrevisionfeedback conduit api
method

Test Plan: issue differential.getrevisionfeedback query via conduit against a
valid revision and verify author phid is included in results

Reviewers: epriestley

Reviewed By: epriestley

CC: epriestley, aran, jungejason, tuomaspelkonen, jonathanhester

Differential Revision: 1190
2011-12-13 16:35:57 -08:00
Marek Sapota
9292cfd6a3 Recognise better who committed a revision.
Test Plan: Commit as not the author and see what shows up.

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, epriestley, mareksapota, zeeg

Differential Revision: 1195
2011-12-13 14:00:13 -08:00
epriestley
c16c920f94 Remove setTimeout() hacks for Javelin behavior initialization
Summary:
  - Prioritize higher-priority behaviors on the server.
  - Remove setTimeout() hacks.

Test Plan: Loaded Differential, didn't get CSRF races for comment previews.

Reviewers: aran, jg, cpojer

Reviewed By: jg

CC: btrahan, jungejason, aran, epriestley, jg

Differential Revision: 1183
2011-12-13 12:50:00 -08:00
Bob Trahan
4fc37c3dde Add diff view for Maniphest Task "description changed" transactions
Summary:
use the handy DifferentialChangesetParser to do most of the heavy lifting inside
the pertinent view object.   update the controller to be aware of the "show
more" calls coming from the new ui and update the transactionID appropriately.

also snuck in a small change to AprontRequest to all getting all the request
data.  I used it to debug building this.

Test Plan: made a task and entered a bunch of test data.  had descriptions of
various lengths, as well as really long descriptions that i did not change to
much.   verified the diff looked correct and various "show more" links worked as
expected

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, btrahan, epriestley

Differential Revision: 1187
2011-12-08 18:15:19 -08:00
epriestley
682e0aa468 Add "responsible users" and "subscribers" to DifferentialRevisionQuery, plus a
couple bug fixes

Summary:
  - Add the ability to query for "responsible users" (author or reviewer).
  - Add the ability to query for "subscribers" (reviewer or CC).
  - Fix an issue where CC and Reviewer used the same join table alias and were
incompatible.
  - Remove support for 'paths' for the moment, since each path needs a
repository ID. (There are no clients for this.)
  - Remove single withX() methods that have no callsites -- withPath() is
singular because it accepts two arguments and I didn't want to have an ad-hoc
type format, but I think we can get away without these for other conditions.
  - Include GROUP BY in more cases where may need it. This doesn't actually
change program behavior since we uniquify in loadFromArray(), it just means less
data over the wire.

These new query classes are to support rewriting the Differential list view on
top of DifferentialRevisionQuery.

Test Plan:
  - Issued queries via conduit for "responsible users".
  - Issued queries via conduit for "subscribers".
  - Issued queries via conduit for "cc" with "reviewer" at the same time.
  - Issued queries via conduit for "cc", "reviewer", "responsible users" and
"subscribers" at the same time.
  - Issued a "subscribers" and "reviewers" query which returned duplicates;
verified GROUP BY took effect.

Reviewers: nh, btrahan, jungejason

Reviewed By: nh

CC: aran, nh

Differential Revision: 1182
2011-12-08 09:38:52 -08:00
epriestley
bd12a2b839 Fix a final (?) task field issue which slipped through the cracks
Summary:
Derped this one up; while my testing was successful in preventing runaway
attaching I missed the bit where it doesn't actually work.

This resolves the "Unknown Object" link seen on T661.

Test Plan:
  - Created two new revisions, each attached to a local task.
  - Verified that they attached additively, Maniphest and Differential were
linked to the right places, and nothign else bad happened.

Reviewers: btrahan, fratrik

Reviewed By: fratrik

CC: aran, fratrik, btrahan

Differential Revision: 1181
2011-12-07 08:53:19 -08:00
epriestley
d13906ff96 Add "tabindex" to Remarkup reference lists
Summary:
Prevent keyboard focus of these links so we don't disrupt tab order from
comments to "Submit".

Arguably I should make a "function" for this or something but there's nowhere to
really put it that makes any sense right now.

Test Plan: Verified Firefox skips these links in tab order.

Reviewers: fratrik, btrahan, jungejason

Reviewed By: fratrik

CC: aran, fratrik

Maniphest Tasks: T661

Differential Revision: 1180
2011-12-07 08:53:12 -08:00
epriestley
4fd81150be Remove "Updated" view from Differential
Summary:
This landed during my review drama embargo and is a generally good idea but had
some implementation issues.

@elynde reports it has been broken for some time, although it still works on
secure.phabricator.com so I'm guessing it's just taking a zillion years to run
at Facebook. It's up to more than a second for me on secure.phabricator.com:

https://secure.phabricator.com/file/view/PHID-FILE-v4ql4c66u3xnkarmrpm4/

The basic problem is that some of the data architecture around this
implementation is hard to scale. I want to pursue a similar feature eventually,
but drive it off notifications that we'll ship through real-time infrastructure
too.

I'm also trying to get rid of DifferentialRevisionListData and this simplifies
that somewhat.

Test Plan:
  - Grepped for table name, table constant, query constant, and class name; no
hits.
  - Applied SQL patch.
  - Verified that Differential no longer shows "Updated".

Reviewers: elynde, btrahan, jungejason

Reviewed By: elynde

CC: aran, elynde

Differential Revision: 1178
2011-12-07 06:55:03 -08:00
Nick Harper
74f710a437 Add sanity to DifferentialRevisionQuery
Summary:
Changed cc/reviewer search to be a union/or instead of intersection/and within
each list. Also added support to search for multiple authors (same behavior as
cc/reviewer), and updated conduit call to match. (See discussion on D1158.)

Test Plan:
Used the conduit call to search for revisions with one of 2 people on the cc
list, and checked the results to see that it wasn't constraining to requiring
both be on the cc list.

Reviewers: epriestley, jungejason, btrahan

Reviewed By: epriestley

CC: aran, nh, epriestley

Differential Revision: 1179
2011-12-06 14:47:12 -08:00
epriestley
55ff8c5829 Improve documentation around creating extension libraries for Phabricator
Summary: There was some documentation for this but it was kind of buried in a
random, difficult-to-discover file. Separate it into its own file and link to it
from the previous location.

Test Plan: Regenerated documentation and read through it without catching
anything terrible.

Reviewers: btrahan

Reviewed By: btrahan

CC: zeeg, aran, btrahan

Maniphest Tasks: T643

Differential Revision: 1161
2011-12-06 11:05:45 -08:00
epriestley
2797903776 Fix bad query edge condition when updating a revision with no attached tasks. 2011-12-04 13:25:32 -08:00
Bob Trahan
588b959c03 phabricator_format_timestamp => phabricator_datetime
Summary: make the change, kill the function.   be sure to get a good $user or
$viewer variable

Test Plan:
for each controller or view, look at it in the ui.   change timezone, refresh ui
and note change.   i did not test the OAuthSettingsPanelController; not sure how
to get to that badboy and i got a bit lazy

Maniphest Tasks: T222

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, btrahan, epriestley

Maniphest Tasks: T222

Differential Revision: 1166
2011-12-04 08:51:34 -08:00
Jakub Vrana
9c1697383c Add a link to Remarkup Reference below comment
Summary:
To reduce blindness, all textareas with some kind of special syntax should have
an information about this syntax and a link to its documentation. Preview
function is a nice complement but it doesn't replace this information.

I've added this information and the link below the comment field.

Please note that <a target> is a valid attribute in HTML5.

Test Plan:
Go to https://secure.phabricator.com/D1164#comment-content
There should be a link to Remarkup Reference
This link should open Remarkup Reference in a new window (to not discard the
comment)

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, epriestley, vrana

Differential Revision: 1164
2011-12-03 12:28:21 -08:00
Bob Trahan
83efa6e1c5 make arc diff link maniphest tasks with revisions
Summary:
add "Maniphest Task:" or "Maniphest Tasks:" followed by text that has TX in it.
foreach TX the task will be attached to the revision and the revision will be
attached to the task.  parsing is pretty... ummm, robust such that it will pick
up any TX substring and parse that as a Maniphest Task just fine.   it errors
out if there is not an actual task for TX and otherwise churns along pretty
nicely.

Also, make sure the PhabricatorObjectHandle loads the task ID as the alternateID
since we need that here and it should be that way anyhoo.

Test Plan:
made a diff and in the commit message added Maniphest Task(s): TX combination.
Tried various combinations of TX -- single, multiple with commas, multiple many
lines, single bad, multiple bad, multiple mix of bad and good. verified that the
good tasks were attached to the diff and diff was attached to the good tasks.

Maniphest Tasks: T137

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, btrahan, epriestley

Differential Revision: 1165
2011-12-03 11:34:55 -08:00
epriestley
10cc5f2660 Set user on auxiliary fields before validating them on template workflow
Summary: Some fields need this data in some circumstances in order to validate
-- see D1153.

Test Plan: Ran "arc diff" against local, no longer got an exception for access
of this field from the 'Reviewers' validator.

Reviewers: btrahan

Reviewed By: btrahan

CC: aran, btrahan

Differential Revision: 1160
2011-12-02 15:14:39 -08:00
Nick Harper
8f5e28bf59 Add differential.query conduit method
Summary:
Created a differential.query conduit method that is built on top of
DifferentialRevisionQuery. I also added support for querying by author, ccs, and
reviewers to DifferentialRevisionQuery, so feature parity can be brought up to
match differential.find and its backing class DifferentialRevisionListData.

Test Plan:
Tried a few calls to the conduit call using the web interface, and got back
reasonable looking data.

Reviewers: epriestley, jungejason, btrahan

Reviewed By: epriestley

CC: aran, nh, epriestley

Differential Revision: 1158
2011-12-02 13:06:43 -08:00
Bob Trahan
519a443eba kill differential tabs in favor of a create diff button
Summary:
kill the tabs and make it a create button instead.  pertinent notes:
* added a "Filter diffs" button to the form.  optional, but i thought it
necessary with the new green button
* linked to Arcanist user guide on the create diff page.  somewhat unrelated but
i think create diff will get more traffic now so linking to help seemed like a
reasonable add on here.

Test Plan:
viewed differential homepage
* clicked left hand filter elements.  noted "Create Diff" button on filters
within user revisions and no button on filters within all revisions.
* entered another user into Select User UI and viewed their diffs via button and
pressing enter

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, btrahan, epriestley

Differential Revision: 1157
2011-12-02 10:39:36 -08:00
David Reuss
c2054bab09 Support limiting maniphest queries to specific ids
Summary:
This limits a maniphest task query to only contain certain ids set
by the tasks query parameter.

Test Plan:
none yet, i wrote this at a computer with no phabricator
install while bored and eating dinner.

Reviewers: skrul, epriestley

Reviewed By: epriestley

CC: aran, davidreuss, epriestley, skrul

Differential Revision: 1137
2011-12-02 07:30:20 -08:00
epriestley
19f2110e74 Allow "differential.getcommitmessage" to be called without a revision ID in
order to generate a template

Summary: See T614. This allows us to generate an empty template by calling
Conduit, so we can build command-line editing workflows for SVN, Mercurial, and
conservative-Git.

Test Plan: Used web console to invoke Conduit method; got a reasonable empty
template out of it.

Reviewers: btrahan, jungejason

Reviewed By: btrahan

CC: aran, epriestley, btrahan

Differential Revision: 1156
2011-12-02 07:28:55 -08:00
epriestley
462ad4169c Remove obsolete 'error' field from differential.parsecommitmessage
Summary: As of D1154, we don't need this anymore. See that change for context.

Test Plan: See D1154.

Reviewers: btrahan, jungejason

Reviewed By: btrahan

CC: aran, btrahan

Differential Revision: 1155
2011-12-02 07:28:49 -08:00
epriestley
40221feed9 Validate commit message fields on the server side
Summary:
See T643. We have some hard-coded checks in Arcanist for the existence of
'testPlan' and 'title', and don't properly validate those fields on the server.
Add a validation pass in the Conduit-based edit pathway.

In particular, this means that if you disable the "Test Plan" field, Arcanist
won't block you anymore.

Test Plan: Disabled Arcanist checks and ran "arc diff"; got blocked on the
server side.

Reviewers: btrahan, jungejason

Reviewed By: btrahan

CC: aran, btrahan

Differential Revision: 1153
2011-12-02 07:28:43 -08:00
epriestley
315df7c123 Regenerate celerity map to correct suspicious Git merge. 2011-12-01 10:16:53 -08:00
epriestley
bd520076f9 Add optional keystroke support for AphrontPagerView
Summary: This is sort of silly but maybe useful? The real problem is that there
are like 500k conduit call logs and the real solution to that is better
filtering options, but this seems sort of okay.

Test Plan: Used "[" and "]" to switch between pages on the conduit call log.

Reviewers: btrahan, jungejason, nh, aran

Reviewed By: nh

CC: aran, nh, epriestley

Differential Revision: 1145
2011-12-01 10:16:12 -08:00
epriestley
77a5a3ab00 Add a basic Conduit log view
Summary:
The conduit access to Differential kind of sucks and we want to break
back-compat in order to fix it (see D1114).

To make it easier to pull this off, I want to build out the Conduit logging a
bit so administrators can identify which users are making deprecated calls.

We should probably build a little more infrastructure around this too (API
versions?), but this is at least a reasonable step forward which gives us more
insight into the use of Conduit and more tools to smooth the deprecation
process.

This initial commit is super basic but the interface currently says "stuff",
I'll build this out a little more in a bit.

Test Plan: Looked at call logs.

Reviewers: btrahan, nh, jungejason

Reviewed By: btrahan

CC: aran, btrahan

Differential Revision: 1144
2011-12-01 10:15:51 -08:00
epriestley
c53511e9b4 Minor remarkup updates
Summary:
  - Update documentation for changes in D1148.
  - Link to Remarkup documentation from Maniphest.
  - Support "Note:" syntax in Phabricator (previously, it was only supported in
Diviner, but I've found it pretty good and useful).

Test Plan: Regenerated and perused documentation; made a "NOTE:".

Reviewers: btrahan, broofa, fugalh, jungejason, nh, aran

Reviewed By: btrahan

CC: aran, btrahan

Differential Revision: 1149
2011-12-01 10:15:38 -08:00
David Reuss
dfffc78d38 Added mbstring and iconv as required extensions
Test Plan: Obvious.

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, epriestley, davidreuss

Differential Revision: 1138
2011-12-01 08:52:54 -08:00
epriestley
30b578cff6 Preserve original case in @mentions which whiff
Summary: See T632. When we miss a @mention, preserve the original case. This
approach is slightly unwieldy, but preserves backward compatibility (remarkup is
cached in Differential and Maniphest).

Test Plan:
https://secure.phabricator.com/file/view/PHID-FILE-u7z5j73dxrr4vuwkdcy3/

Reviewers: aran, btrahan

Reviewed By: aran

CC: aran, epriestley

Differential Revision: 1141
2011-11-30 11:16:44 -08:00
Bob Trahan
9f201ef897 change '' => null from D1139
Summary: feedback from D1139 i missed before i git pushed.  :/

Test Plan: re-did test plan in d1139

Reviewers: epriestley

CC:
2011-11-30 11:17:14 -08:00
Bob Trahan
d0d33094d6 add projectName to conduit.getdiff
Summary: some ground work for T479

Test Plan:
called up a diff via the conduit api console
it had the right project name and did not error

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, btrahan, epriestley

Differential Revision: 1139
2011-11-30 11:08:15 -08:00
Bob Trahan
0795cd4baa Add cycle detection to celerity mapper
Summary: create CelerityResourceGraph, which extends AbstractDirectedGraph.
since we've done a bunch of work already to load the resource graph into memory
CelerityResourceGraph simply stores a copy and makes loadEdges work off that
stored copy.

Test Plan:
made phabricator-prefab require herald-rule-editor

~/code/phabricator> ./scripts/celerity_mapper.php webroot
Finding static resources...
Processing 154
files..........................................................................................................................................................
[2011-11-22 11:28:29] EXCEPTION: (Exception) Cycle detected in resource graph:
phabricator-prefab => herald-rule-editor => phabricator-prefab at
[/Users/btrahan/Dropbox/code/phabricator/scripts/celerity_mapper.php:173]

fixed phabricator-prefab requiring herald-rule-editor.  re-ran celerity_mapper
and no errors!

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, btrahan, epriestley

Differential Revision: 1132
2011-11-29 12:09:08 -08:00
Bob Trahan
ec8dbfd05f Dedupe DIRECTORY w/ Directory tab in directory header
Summary: the tab is a bit silly right next to DIRECTORY

Test Plan:
viewed phabricator with an admin account
* looks good on load
* clicked Categories and Items; looked good
viewed phabricator with a non-admin account
* looks good on load
* nothing else to click in the header

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, epriestley

Differential Revision: 1131
2011-11-28 13:03:46 -08:00
adonohue
75e1a0d5a8 Fix celerity_mapper.php @generated issue
Summary: Easy

Test Plan: Run ##scripts/celerity_mapper.php webroot/##, verify
src/__celerity_resource_map__.php

Reviewers: epriestley, btrahan

Reviewed By: epriestley

CC: aran, epriestley

Differential Revision: 1133
2011-11-28 11:44:59 -08:00
Bob Trahan
4afe82f3e2 Show MySQL exception when unable to connect during setup
Summary: a well-titled diff this be.  i feel 'meh' about the change; doesn't
seem to help too much imo.

Test Plan:
edited my custom conf file to have errors -

127.0.0.1 => 127.0.0.2
mysql_user => mysql_users

and for phabricator to be in setup mode. for each error i verified that i liked
the display.

Reviewers: epriestley, jungejason

Reviewed By: jungejason

CC: aran, jungejason

Differential Revision: 1129
2011-11-21 17:11:38 -08:00
epriestley
e0a56cb938 Clean up two more sha1 instances
Summary: See T547. One of these I just missed in D1000; the comment change just
makes it easier to audit use of hash functions by cleaning up "grep" output.

Test Plan: Ran isolation unit test.

Reviewers: btrahan, jungejason, nh, tuomaspelkonen, aran

Reviewed By: jungejason

CC: aran, jungejason

Differential Revision: 1124
2011-11-20 14:21:26 -08:00
Brian Pane
5dba8abceb Add a "createcomment" method to Differential
Summary:
Added a new method differential.createcomment

Task ID: #752014

Test Plan:
I created a test diff and called this method via the conduit
from a client PHP script to add comments.  I confirmed that
1) the comment appeared on the revision, 2) URLs within the
comment were turned into hyperlinks, and 3) Phabricator
sent a notification email to the people watching the test
diff.

Reviewers: nh, jungejason, epriestley

Reviewed By: nh

CC: aran, nh

Differential Revision: 1128
2011-11-18 14:53:01 -08:00
Marek Sapota
e9693f25f8 Move event framework from Phabricator to libphutil
Summary:
Move event framework from Phabricator to libphutil so it can be used in other
phutil projects, such as Arcanist.

Test plan:
Use along with path to libphutil, events should work as expected.

Reviewers: epriestley

Differential Revision: 1098
2011-11-16 16:34:45 -08:00
epriestley
98c8e150b0 Prevent delivery of email to disabled objects
Summary: See T625. Facebook's REST-based MTA layer had a check for this so I
overlooked it in porting it out. We should not attempt to deliver email to
disabled users.

Test Plan:
Used MetaMTA console to send email to:

  - No users: received "no To" exception.
  - A disabled user: received "all To disabled" exception.
  - A valid user: received email.
  - A valid user and a disabled user: received email to valid user only.

(Note that you can't easily send to disabled users directly since they don't
appear in the typeahead, but you can prefill it and then disable the user by
hitting "Send".)

Reviewers: btrahan, jungejason, nh, tuomaspelkonen, aran

Reviewed By: aran

CC: skrul, aran, epriestley

Differential Revision: 1120
2011-11-16 11:07:50 -08:00
epriestley
ef020f711e Ensure Maniphest CC PHID list is always a list in maniphest.info
Summary: See T626. Use array_values() to discard keys, for consistency and so
this will always encode as a list (JSON array) over the wire.

Test Plan: Added and removed CCs from a task while calling maniphest.info on it;
CCs worked and I always received a list.

Reviewers: btrahan, jungejason, nh, tuomaspelkonen, aran

Reviewed By: aran

CC: skrul, aran, btrahan, epriestley

Differential Revision: 1118
2011-11-16 11:07:42 -08:00
Jason Ge
42383214ea Enable admin to view and delete other users' herald rules
Summary:
enable admin to delete user's herald rules. This is useful for
managing non-active users' rules. For example, ex-employees' rules. The
code change includes:

 - Added a 'All' tab which is only accessible to admin.
 - Refactor out a HeraldRuleListView which is used by both the home
   controller and the all rule controller

Test Plan:
delete an ex-employee rule as an admin; disable myself as
admin and verified that I don't have access to view other user's rules
and I'am not be able to delete them; also verified that as a non-admin,
I can still view, create and delete my own rules.

Reviewers: epriestley, nh

Reviewed By: epriestley

CC: aran, epriestley, jungejason

Differential Revision: 1064
2011-11-15 16:21:51 -08:00
John Stockdale
501c90bb30 Use Git's encoding flag instead of MBString
Summary:
0d5b0f21ad added string conversion but MBString always needs an argument for endcoding.

It looks like we can get away with doing this in git instead, with the --encoding='UTF-8' flag. Then we should be safe to remove the test for output type, and stay UTF-8 safe.

Test Plan:
Run updaters with change. Verify commits are updated.

Reviewers: epriestley

CC:

Differential Revision: 1108
2011-11-12 01:01:41 +00:00
Bob Trahan
5c21b5345d execx ==> execxLocalCommand for git libraries in diffusion
Summary:
this was fairly mechanical at the end of the day

note that future/exec got removed by the code generation robots
post this change

Test Plan:
clicked around diffusion a bunch looking for errors.

For a given repo (say http://phabricator.dev/diffusion/BOBALIE/)
 - http://phabricator.dev/diffusion/BOBALIE/history/
 - http://phabricator.dev/diffusion/BOBALIE/history/origin:master/.arcconfig
 - http://phabricator.dev/diffusion/BOBALIE/browse/origin:master/
 - http://phabricator.dev/diffusion/BOBALIE/browse/origin:master/.arcconfig
 - http://phabricator.dev/rBOBALIEbfede2e8ea9435644968e2e76c0bac8949fb7d06

For a given file (say
http://phabricator.dev/diffusion/BOBALIE/change/origin:master/.arcconfig;bfede2e8ea9435644968e2e76c0bac8949fb7d06)
 - history view*
 - browse view
 - change view

* found a bug where the history view doesn't have the change view in the left
hand UI
will fix laters

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, epriestley

Differential Revision: 1095
2011-11-09 16:21:59 -08:00
Bob Trahan
1494476d30 Style <h1> -> <h6> for Remarkup
Summary:
most users will notice this makes h1 and h2 bigger.

my design algorithm was to start with h6 and make that the
size of regular text and then gently scale upwards to the mighty
h1.  i used margins so things would collapse nice and first-child /
last-child so there wouldn't be any longer-than-planned spacing.

Test Plan:
made a few docs like

= header =

== sub header ==

=== sub sub header ===

(etc)

in phriction and they looked good to me.  made some comments
in differential like that and they looked good to me.

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, epriestley

Differential Revision: 1094
2011-11-09 14:06:05 -08:00
Marek Sapota
b71a55900a Allow tweaking of Differential mail by using events
Summary: Allow tweaking Differential mail before sending.

Test Plan:
Wrote a listener renaming Differential attachments and it worked without
problems.

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, epriestley, mareksapota, davidreuss

Differential Revision: 1091
2011-11-09 10:13:53 -08:00
epriestley
802dcd4cfb Add attchment support to SendGridAdapter
Summary:
  - Add attachment support for SendGrid.
  - Add attachment support to the MetaMTA test console.

Test Plan:
  - Sent myself a file with Amazon SES via test console.
  - Sent myself a file with SendGrid via test console.

Reviewers: mareksapota, jungejason, nh, tuomaspelkonen, aran

Reviewed By: jungejason

CC: aran, jungejason

Differential Revision: 1089
2011-11-08 14:28:10 -08:00
Emil Hesslow
88dc9c471d Add actAsUser to API
Summary: createrevision creates the revision as the user which certificate is
used. Add a meta parameter to API calls named actAsUser so one user can create
revisions for someone else. Right now there is no authentication.

Test Plan: Called createrevision with one users cert and set actAsUser to
someone else. The revision was created as the actAsUser user.

Reviewers: epriestley, nh, jungejason

Reviewed By: epriestley

CC: aran, epriestley

Differential Revision: 1087
2011-11-08 08:12:31 -08:00
adonohue
7d2a18d883 Examples using JX.View
Summary: Provide a dirt-simple working example of client-side templating and
reactive programming.

Test Plan: Load the examples

Reviewers: epriestley, mroch, tomo

Reviewed By: epriestley

CC: ide, schrockn, aran, rzadorozny, epriestley

Differential Revision: 908
2011-11-06 15:17:00 -08:00
adonohue
d5cb67d8c4 Update Javelin
Summary: Routine administration.

Test Plan: Use a tokenizer and browse around

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, epriestley

Differential Revision: 1083
2011-11-06 15:15:34 -08:00
Jason Ge
f46e12d0ca Refactor some Herald code
Summary:
I was reading herald code for a task and realized that the method was
really long. So I refactor it to shorter methods.

Test Plan:
was still able to create a differential rule and commit rule; and
verified that dry-run still worked.

Reviewers: epriestley, tuomaspelkonen

Reviewed By: epriestley

CC: aran, epriestley

Differential Revision: 1077
2011-11-04 16:32:00 -07:00
epriestley
fbfb263cd9 Provide a configuration flag to disable silliness in the UI
Summary: See comments. A few installs have remarked that their organizations
would prefer buttons labled "Submit" to buttons labeled "Clowncopterize".

Test Plan:
  - In "serious" mode, verified Differential and Maniphest have serious strings,
tasks can not be closed out of spite, and reset/welcome emails are extremely
serious.
  - In unserious mode, verified Differential and Maniphest have normal strings,
tasks can be closed out of spite, and reset/welcome emails are silly.
  - This does not disable the "fax these changes" message in Arcanist (no
reasonable way for it to read the config value) or the rainbow syntax
highlighter (already removable though configuration).

Reviewers: moskov, jungejason, nh, tuomaspelkonen, aran

Reviewed By: moskov

CC: aran, moskov

Differential Revision: 1081
2011-11-04 15:24:54 -07:00
Jason Ge
4cdfc6d1cb Fix exception when encoding is not defined
Summary:
the code tries to access 'encoding' property even when the
repository is empty. The fix is to set it to null in that case.

Test Plan: run the conduit method on my sandbox and it works now.

Reviewers: grglr, epriestley, nh

Reviewed By: grglr

CC: aran, grglr

Differential Revision: 1075
2011-11-02 21:41:29 -07:00
Marek Sapota
f1de90d7ef Mark person that actually runs arc commit as committer instead of the author.
Summary:
`arc commit` and `arc mark-committed` would only add comments <author> committed
this revision, since now everyone can run this commands it makes more sense to
show the actual committer instead of the author.

Test Plan:
Commit (or mark committed) not your revision, Phabricator should add <you>
committed this revision comment instead of <author> committed this revision.

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, epriestley

Differential Revision: 1067
2011-11-01 15:26:56 -07:00
Marek Sapota
874ae4b7ee Allow anonymous access to conduit getdiff method.
Summary:
Allow anonymous access to conduit getdiff method, which is needed for anonymous
`arc patch`.

Test Plan: Running getdiff with an unauthenticated conduit should work.

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, epriestley

Differential Revision: 1068
2011-11-01 15:26:32 -07:00
Nick Harper
fa2911b2b8 Allow word wrapping differential revision property labels
Summary:
Because D1028 caused the column containing differential revision property
labels to have a fixed width, some custom labels are longer than what fits
(and it makes more sense to word wrap them instead of making the column
wider).
I also updated the corresponding maniphest css for consistency.

Test Plan:
Used firebug to remove css property and visually check that is the intended
effect; loaded a page after the revision and saw that the css property is
no longer set, allowing the labels to wrap.

Reviewers: epriestley, jungejason

Reviewed By: jungejason

CC: aran, jungejason, epriestley

Differential Revision: 1066
2011-11-01 15:22:40 -07:00
Marek Sapota
74d1983c68 Move Abandon Revision action to the bottom if it's an admin action.
Test Plan:
Login as admin, look at an open revision you don't own, you should be able to
choose '(Admin) Abandon Revision', the option should be on the bottom and should
abandon the revision after sending the comment.

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, epriestley

Differential Revision: 1060
2011-10-28 09:20:18 -07:00
David Reuss
c724902ca9 Don't fail with no image macros
Summary: .. IN (%Ls) with no file phids fails miserably.

Test Plan:
Went to /file/macro/ with and without patch. An exception is thrown
without it.

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, epriestley

Differential Revision: 1063
2011-10-28 08:06:30 -07:00
David Reuss
0d5b0f21ad Convert author/message encoding if not UTF-8
Test Plan:
used the reparse.php script for reparsing commit messages and saw the
correct author name (and mapped correctly as a phabricator user) in diffusion.

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, epriestley

Differential Revision: 1059
2011-10-28 08:06:03 -07:00
David Reuss
b81231b3dc Corrected manipest reference in exception thrown
Summary: This should hopefully kill off the last of these :P

Test Plan: Should be self explanatory

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, epriestley

Differential Revision: 1043
2011-10-28 08:05:49 -07:00
David Reuss
4e900c096f Convert "falsey" binary hunks if we have a repository encoding
Summary:
This adds an encoding detail to the repository, so we can attempt to
convert hunks previously detected as binary.

We also add the encoding information to the arcanist projectinfo
API so we can pull the information if we have it when uploading changes
via arc.

Test Plan:
Changed encoding through the edit UI, and saw "This is binary file", and
changed it back and saw the correct output from the diff.

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, epriestley

Differential Revision: 1009
2011-10-28 08:04:57 -07:00
David Reuss
c20608f066 use correct key looking for a public author of a task
Test Plan:
Used the scripts/mail_handler.php with and without patch and saw
the maniphest task being created with patch applied.

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, epriestley, davidreuss

Differential Revision: 1041
2011-10-28 08:04:25 -07:00
Marek Sapota
9536e5606c Allow admins to abandon Differential revisions.
Test Plan:
Login as an admin, go to a revision that you don't own - you should be able to
abandon this revision.

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, epriestley

Differential Revision: 1048
2011-10-25 14:32:50 -07:00
Edward Speyer
6737ae4828 Run a commit discovery daemon only once
Summary:
Discover commits then return; useful when initializing new repositories
in unit tests.

By which I mean "when initializing a new repository in my unit test that
I'm working on".

Test Plan: Using this in a PhabricatorTestCase.

Reviewers: epriestley, aran

Reviewed By: epriestley

CC: aran, edward, epriestley

Differential Revision: 948
2011-10-25 14:25:40 -07:00
Evan Priestley
9d4793b27f Merge pull request #76 from mareksapota-fb/master
Pull request for differential revision D1044
2011-10-25 10:43:42 -07:00
Marek Sapota
789dc6cb5e Allow anonymus access to Differential.
Summary:
Add possibility for not logged in users to browse and see Differential
revisions.

Test Plan:
Set 'differential.anonymous-access' config option to true, log out, you should
be able to browse Differential without logging back in.

Reviewers: epriestley, jungejason

Reviewed By: epriestley

CC: aran, epriestley, mareksapota

Differential Revision: 1044
2011-10-25 10:23:08 -07:00
epriestley
88be49fd5f Allow DifferentialDiff to construct proper DifferentialChangeset objects from
diffs which add empty files

Summary:
See T507 and some others. We now parse empty git diffs correctly, but the logic
to build DifferentialDiffs out of them leaves the objects with 'null' for
$changesets, when it should be array().

Further layers later throw, believing we have not loaded the changesets, when we
actually have, there just aren't any.

Test Plan: Viewed rJX05d493e17fbbb29f29e4880be6834d1d7415374e in Diffusion,
which adds an empty README file. No exception thrown.

Reviewers: jungejason, nh, tuomaspelkonen, aran

Reviewed By: nh

CC: aran, nh

Differential Revision: 1038
2011-10-24 23:39:59 -07:00
epriestley
c84cfef16c Actually apply monospacing to the monospaced font preference example
Summary: See T551. We don't apply the default monospacing rules to the example,
so if you don't have a custom font selection you don't see the default
accurately.

Test Plan: Deleted my preference, saw an accurate default. Set my preference to
"14px impact", ensured it was respected in applications.

Reviewers: jungejason, nh, tuomaspelkonen, aran

Reviewed By: nh

CC: aran, nh

Differential Revision: 1035
2011-10-24 23:39:46 -07:00
Nick Harper
0778f35272 Limit width of differential, maniphest properties tables
Summary:
Sometimes, elements in a property table at the top of a differential
revision view or maniphest task detail view will have a minimum width
that is too wide to fit in the table without causing the table's width
to exceed the width of its parent div. This diff changes the table layout
algorithm so that the table's width never exceeds the width of its parent
div. In the case of a code block causing the excess width, it puts a
scrollbar on the block instead of letting content spill out.

Due to the way the fixed table layout algorithm works, the width of the
left column (containing headers) is set to a fixed width. I chose a width
for differential that works with the default headers, but site-specific
headers might not fit.

Test Plan:
Created a task, added a code block in the description that had an
unreasonably long line in it, and visually verified that the <td>
containing the <code> did not expand horizontally past the limit defined
by the <div> containing the <table>. I also loaded a differential revision
view and checked that its table looks sane.

Reviewers: epriestley, jungejason, aran

Reviewed By: epriestley

CC: aran, nh, epriestley

Differential Revision: 1028
2011-10-24 12:50:15 -07:00
epriestley
0669abc5f0 Use a proper entropy source to generate file keys
Summary:
See T549. Under configurations where files are served from an alternate domain
which does not have cookie credentials, we use random keys to prevent browsing,
similar to how Facebook relies on pseudorandom information in image URIs (we
could some day go farther than this and generate file sessions on the alternate
domain or something, I guess).

Currently, we generate these random keys in a roundabout manner. Instead, use a
real entropy source and store the key on the object. This reduces the number of
sha1() calls in the codebase as per T547.

Test Plan: Ran upgrade scripts, verified database was populated correctly.
Configured alternate file domain, uploaded file, verified secret generated and
worked properly. Changed secret, was given 404.

Reviewers: jungejason, benmathews, nh, tuomaspelkonen, aran

Reviewed By: aran

CC: aran, epriestley

Differential Revision: 1036
2011-10-23 14:42:23 -07:00
epriestley
ddce177d81 Add a name token table so on-demand typeaheads can match last names
Summary: See T585. We currently don't match middle/last/nth names in on-demand
tokenizers. Build a table so we can match them.

Test Plan:
Ran upgrade script, verified table looks sensible. Searched for "priestley" in a
tokenizer, got a bunch of test account hits.

  mysql> select * from user_nametoken;
  +-------------------+--------+
  | token             | userID |
  +-------------------+--------+
  | evan              |      1 |
  | priestley         |      1 |
  | epriestley        |      1 |
  | epriestley2       |      2 |
  | ducks             |      4 |
  | epriestley3       |      4 |
  | asdf              |      6 |
  | epriestley99      |      6 |
  ...

Reviewers: bh, nh, jungejason, tuomaspelkonen, aran

Reviewed By: aran

CC: aran

Differential Revision: 1034
2011-10-23 14:25:26 -07:00
epriestley
4156cf6bd9 Add an optional configuration option to set 'Precedence: bulk' headers on
transactional mail

Summary: See T571. SES refuses to deliver mail with this header and there are
various reports of other issues on the internet so I'm defaulting it to off.

Test Plan: Set config to true, tried to send mail, SES rejected it because of
"Precedence: bulk" header.

Reviewers: bmaurer, ola, jungejason, nh, aran

Reviewed By: aran

CC: aran, epriestley, bmaurer

Differential Revision: 1032
2011-10-23 14:25:13 -07:00
epriestley
661f077bf7 Replace callsites to sha1() that use it to asciify entropy with
Filesystem::readRandomCharacters()

Summary: See T547. To improve auditability of use of crypto-sensitive hash
functions, use Filesystem::readRandomCharacters() in place of
sha1(Filesystem::readRandomBytes()) when we're just generating random ASCII
strings.

Test Plan:
  - Generated a new PHID.
  - Logged out and logged back in (to test sessions).
  - Regenerated Conduit certificate.
  - Created a new task, verified mail key generated sensibly.
  - Created a new revision, verified mail key generated sensibly.
  - Ran "arc list", got blocked, installed new certificate, ran "arc list"
again.

Reviewers: jungejason, nh, tuomaspelkonen, aran, benmathews

Reviewed By: jungejason

CC: aran, epriestley, jungejason

Differential Revision: 1000
2011-10-21 11:55:28 -07:00
epriestley
abb39d06a2 Provide a better error message when a user enters a Conduit parameter string
without quotes around it (and similar)

Summary: See D1010. The API uniformly requires JSON, which is good for
strictness and predictablity but can be bad for UEX, especially considering that
we silently continue after failing to decode things. Toss the user a lifeline
when they make this common mistake.

Test Plan: Ran API calls with invalid and valid inputs. Invalid inputs gave me a
reasonable error message.

Reviewers: davidreuss, jungejason, nh, tuomaspelkonen, aran

Reviewed By: nh

CC: aran, nh

Differential Revision: 1012
2011-10-21 11:54:53 -07:00
Jason Ge
13eee1a344 Add test to check all symbols can be loaded
Summary:
make sure all symboles can be loaded to avoid issues like missing
methods in descendants of abstract base class.

Test Plan:
ran it and verified it passes; remove a method in a descendant class
and verified that the test failed.

Reviewers: epriestley, nh

Reviewed By: nh

CC: aran, nh, jungejason

Differential Revision: 1023
2011-10-20 16:43:13 -07:00
Emir Habul
f447e5d709 Allow custom hyperlinks; Pass differential.diff-id into remarkup engine config
Summary: This allows extensions to have more options for generating custom
hyperlinks.

Test Plan:
custom-inline rules are moved before default rules. Test existing products which
implement custom rules.
Make sure you use "$this->getEngine()->storeText()" in rules.

Reviewers: epriestley, jungejason

Reviewed By: jungejason

CC: aran, epriestley, emiraga, jungejason

Differential Revision: 1024
2011-10-20 14:39:18 -07:00
epriestley
e788f0f766 Fix link to Slowvote user guide
Summary: This URI is incorrect.

Test Plan: Clicked "Help" tab.

Reviewers: cpiro

Reviewed By: cpiro

CC: aran, cpiro

Differential Revision: 1026
2011-10-20 14:33:34 -07:00
epriestley
9a4bb3901e Allow bugs@ addresses to blanket-accept tasks
Summary: Allow configuration of a default author for bugs@ emails which don't
correspond to a known system user.

Test Plan: Configured a default author, sent some mails from nonsense addresses,
tasks were created.

Reviewers: davidreuss, jungejason, nh, tuomaspelkonen, aran

Reviewed By: aran

CC: aran, epriestley, ide

Differential Revision: 1013
2011-10-20 14:26:19 -07:00
Evan Priestley
0cb9f3dcf5 Merge pull request #74 from mareksapota-fb/master
Pull request for differential revision D1019
2011-10-19 15:31:22 -07:00
tuomaspelkonen
b63393d056 Remove the <a> tags from author name in 'View as Plain Text with Blame'
Summary: It looked stupid.

Test Plan: It looks better now and other options still work.

Reviewers: epriestley, jungejason

Reviewed By: epriestley

CC: aran, epriestley, tuomaspelkonen

Differential Revision: 1017
2011-10-19 15:28:43 -07:00
tuomaspelkonen
a102c9a0fe Allow to resign from an accepted revision when you didn't accept the diff.
Summary: Girish wants to be able to do this.

Test Plan: Checked that I had the option in my sandbox on an accepted diff.

Reviewers: epriestley, jungejason

Reviewed By: jungejason

CC: aran, jungejason, tuomaspelkonen, epriestley

Differential Revision: 1020
2011-10-19 15:27:36 -07:00
Marek Sapota
a11053d0fa Add possibility to upload a diff file instead of using copy-paste.
Test Plan:
Go to /differential/diff/create and upload a diff file - result should be the
same as pasting the diff into the textarea.

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, epriestley

Differential Revision: 1019
2011-10-19 15:25:25 -07:00
Marek Sapota
5148741ab2 Prevent duplicated emails with send-immedialtely = true and MTA daemon running
Test Plan:
Set 'metamta.send-immediately' to true.  Start up several MTA daemons, without
the patch you'll probably get multiple emails, with the patch you should get
only one.

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, mareksapota, epriestley

Differential Revision: 1021
2011-10-19 14:51:28 -07:00
Marek Sapota
5d377e246a Send patch attachments instead of diff attachments.
Test Plan:
Turn on sending patches, create a new revision - you should get a .patch file in
your mail instead of a .diff file.

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, epriestley

Differential Revision: 1016
2011-10-18 12:20:24 -07:00
Svemir Brkic
d846041b27 If id field is not there, do not attempt to key array on it 2011-10-15 10:17:40 -04:00
epriestley
97f38b4e27 Fix some minor issues with Maniphest file/attachment handling
Summary:
@danielraffel is reporting an issue with file attachments which I can't
reproduce, but I did find a couple of minor things.

  - Elsewhere, we store array() as the value of these PHID dictionaries (the
idea being that we might store metadata there some day). While we may or may not
do this, we should at least be consistent.
  - When you edit a task, there's a file upload control but it doesn't actually
do anything. Just don't show it, there's no real reason to have it there.

Test Plan: Created a new task with attached files, verified they encoded as "[]"
instead of "true" in the database. Edited a task and didn't get a file control.

Reviewers: jungejason, nh, tuomaspelkonen, aran

Reviewed By: aran

CC: danielraffel, aran

Differential Revision: 1003
2011-10-14 12:49:40 -07:00
Marek Sapota
87a2987ad6 Differential mail
Test Plan: EMPTY

Reviewers: aran, epriestley

Reviewed By: epriestley

CC: aran, epriestley, mareksapota

Differential Revision: 1004
2011-10-14 12:12:41 -07:00
Marek Sapota
fee7184350 Phabricator mail
Test Plan: EMPTY

Reviewers: aran, epriestley

Reviewed By: epriestley

CC: aran, mareksapota, epriestley, jungejason, nh, drnikki

Differential Revision: 1002
2011-10-14 12:12:41 -07:00
Marek Sapota
0bf2753b88 PhabricatorMailImplementationPHPMailerLiteAdapter ignores parameter in setIsHTML
function.

Summary: Fix PhabricatorMailImplementationPHPMailerLiteAdapter to actually use
given parameter.

Test Plan: Use setIsHTML with false as parameter, sent mail should be in plain
text.

Reviewers: jungejason

Reviewed By: jungejason

CC: aran, jungejason, epriestley

Differential Revision: 1001
2011-10-14 12:12:41 -07:00
Nicholas Harper
4f365e1527 Clarify instructions for repository remote uri
Summary:
Clarified the instructions when editing a repository for the remote uri to
mention that a local path for the remote uri must be specified as
file:///local/path/to/repo instead of /local/path/to/repo. (The latter used to
work, but stopped functioning for new repositories as of D888.)

Test Plan:
loaded /repository/edit/NN/tracking (where NN is a repo number), and saw the
updated instruction message.

Reviewers: jungejason, epriestley

Reviewed By: epriestley

CC: aran, epriestley

Differential Revision: 1005
2011-10-12 12:25:49 -07:00
epriestley
d625f94c55 Provide a markup protocol whitelist for Phabricator
Summary: See T548 and D996. Makes Phabricator configure the remarkup engine so
http:// and https:// get linked. Also make the "named link" syntax respect the
whitelist.

Test Plan:
  - Whitelisted URIs (they get linked).
  - Other URIs (not linked).
  - Whitelisted, named URIs (linked).
  - Other, named URIs (treated as phriction links).
  - Actual phriction links (work correctly).

Reviewers: jungejason, nh, tuomaspelkonen, aran, benmathews

Reviewed By: jungejason

CC: aran, jungejason

Differential Revision: 997
2011-10-10 13:12:11 -07:00
epriestley
78689df4d4 Fix missing branch component in symbol crossreference URIs. 2011-10-09 18:36:00 -07:00
epriestley
254f606e89 Tie all the pieces for symbol cross-references together
Summary:
This makes symbol cross-references work in Differential. You need to do a little
legwork but I'll document that once the change has baked for a little while.

Basically:

  - Projects are annotated with indexed languages, and "shared library" projects
(for example, symbols in Phabricator should be searched for in Arcanist and
libphutil).
  - When we render a changeset, we check if its language is an indexed one. If
it is, we invoke the decorator Javascript.
  - The Javascript takes you to a lookup page, which either gives you a list of
matching symbols (if several match) or redirects you instantly to the
definition.

Test Plan: Clicked class and function symbols in a diff, got jumped into
sensible sorts of places in Diffusion.

Reviewers: jungejason, nh, tuomaspelkonen, aran

Reviewed By: jungejason

CC: aran, jungejason

Differential Revision: 980
2011-10-09 17:58:17 -07:00
epriestley
0580772805 Add a JS component for crossreferences
Summary: When the user clicks a crossreference, jump them to symbol lookup

Test Plan: Clicked some crossref symbols

Reviewers: jungejason, nh, tuomaspelkonen, aran

Reviewed By: nh

CC: aran, nh, epriestley

Differential Revision: 904
2011-10-09 17:58:01 -07:00
Jason Ge
1e3c10379a Enable typeahead's ondemand on details view page
Summary:
the details pages are using preload instead of ondemand for
typeahead, but the most common actions on the pages are commenting which
would not need the preloaded info. To improve the performance of the
pages, turn on ondemand according to the setting in the config file.

Test Plan: verify it is working with both modes, for both pages.

Reviewers: epriestley, nh

Reviewed By: epriestley

CC: aran, epriestley

Differential Revision: 995
2011-10-09 12:33:08 -07:00
Nicholas Harper
05b73f58ae Fix stupid error in Lisk introduced in D990
Summary:
I added some type checks in D990 to make sure $columns is an array, but was
overzealous and forgot that loadRawDataWhere needs to be able to take null
as $columns.

Test Plan:
Loaded phabricator and saw the error "Argument 1 passed to LiskDAO::loadRawDataWhere() must be an instance of array, null given" go away

Reviewers: epriestley

CC:

Differential Revision: 991
2011-10-07 15:59:21 -07:00
Nicholas Harper
872ac17dbc Selectively load columns for differential typeahead
Summary:
Change the differential typeahead to only load columns that it needs. To do
this, I also enabled partial objects for PhabricatorUser (and made necessary
changes to support this). I also changed the functionality of Lisk's loadColumns
to either accept columns as multiple string arguments or a single array of
strings.

Test Plan:
With tokenizer.ondemand set to false, checked that the typeahead loaded and I
can type multiple people's names. Set tokenizer.ondemand to true and tried
again. In both cases, the typeahead worked.

Reviewers: epriestley

Reviewed By: epriestley

CC: jungejason, aran, epriestley, nh

Differential Revision: 990
2011-10-07 15:47:35 -07:00
Nicholas Harper
c3709c56fc Add functionality to Lisk to only get some columns from the database
Summary:
Added loadColumns, loadColumnsWhere instance methods to Lisk, so when you only
need some fields of your object loaded, you can do so. This will be useful for
places where we fetch a large number of rows, but only care about a few columns.
In that situation, these functions can be used so the db doesn't have to return
as much data.

Test Plan:
Loaded a typeahead to check that the existing lisk functions still work.
Modified typeahead to fetch data using loadColumns instead of loadAll and
checked that it still works.

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, epriestley, nh, jungejason

Differential Revision: 947
2011-10-07 14:55:10 -07:00
epriestley
c29982acb9 Fix phid accumulation for handles
Summary: I goofed this, $phids was already being populated and I changed the
meaning. This causes a fatal if you filter the list by a user who is not an
author or first reviewer for any of the revisions (e.g., no open revisions).

Test Plan: Looked at the list of a user with no revisions.

Reviewers: codeblock, jungejason

Reviewed By: codeblock

CC: aran, codeblock, jungejason

Differential Revision: 989
2011-10-07 12:58:16 -07:00
epriestley
8ce5dd31f6 Show open Differential revisions in Diffusion browse views
Summary:
Still some rough edges, but this adds a table of open revisions to Diffusion.
See T262.

I'll make this a little better (e.g., "see all.." instead of arbitrary 10 cap,
or maybe move to top-level nav?) but I think I have to refactor some other stuff
first. This should let us root out any major issues, at least.

NOTE: You must associate Arcanist Projects with Repositories (in Repositories ->
Arcanist Projects -> Edit) for this to work!

Also made paths include all parent paths so that browse views of directories
will work.

Test Plan: Uploaded a diff which affected "/blah", it appeared when browsing "/"
and "/blah".

Reviewers: jungejason, nh, tuomaspelkonen, aran

Reviewed By: jungejason

CC: aran, jungejason

Differential Revision: 979
2011-10-06 10:27:54 -07:00
epriestley
91bf3e96c9 Provide a Differential Revision query class for affected paths
Summary:
For T262, we need to query for revisions by affected path.

We currently have a class called "DifferentialRevisionListData" but it's sort of
nasty and it would have been really cumbersome to add this query to it.

Instead, this provides a query object more in line with ManiphestTaskQuery,
which I'm pretty happy with. I'd eventually like to get rid of
DifferentialRevisionListData but it's used in a couple of places right now.

Test Plan: Used phpsh to execute queries, got back apparently-sensible result
sets.

Reviewers: jungejason, nh, tuomaspelkonen, aran

Reviewed By: jungejason

CC: aran, jungejason, epriestley

Differential Revision: 978
2011-10-06 10:27:17 -07:00
epriestley
bea4795575 Separate revision list rendering logic into a RevisionListView
Summary: I want to throw this in Diffusion as part of T262, but it's embedded in
the controller right now. Split it out.

Test Plan: Looked at various revision list views, no changes.

Reviewers: jungejason, nh, tuomaspelkonen, aran

Reviewed By: jungejason

CC: aran, jungejason

Differential Revision: 977
2011-10-06 10:26:47 -07:00
Nicholas Harper
abf96dbd59 Change structure of Lisk for custom setters and getters
Summary:
This diff changes the way Lisk should be used for custom setters and getters,
changing it from having subclasses of Lisk implement their custom setter or
getter to having them override the readField and writeField methods (which get
called by the getters and setters). This diff also has a configurable option
to throw an exception if a subclass of Lisk implements a custom setter or
getter.

Test Plan:
Without the config set to throw, tested in sandbox by browsing differential
and playing with the differential typeahead. With the config set to throw,
tried to load a phabricator page and saw in the error log an exception thrown
by Lisk because of custom getters in PhabricatorUser.

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, jungejason, epriestley

Differential Revision: 974
2011-10-05 15:16:52 -07:00
Jason Ge
ce8799176e Add author field to image macro display
Summary:
this is a request from Facebook:
> someone has added macros for common words like 'push', 'lgtm'.
> We want to let he image macro page at least attribute to an owner so
> that we can publicly shame whoever added the 800px 'clowntown' macro.

Test Plan:
test macros with/without author (all macro should have
author. This is just to be safe).

Reviewers: epriestley, nh

Reviewed By: epriestley

CC: hwang, aran, arice, jungejason, epriestley

Differential Revision: 984
2011-10-05 09:51:08 -07:00
epriestley
a8519c6837 Unbreak slop in commit change parser. 2011-10-02 12:37:25 -07:00
epriestley
e4e5c39457 Merge __init_env__.php into __init_script__.php
Summary: There are currently two files, but all scripts require both of them,
which is clearly silly. In the longer term I want to rewrite all of this init
stuff to be more structured (e.g., merge webroot/index.php and __init_script__
better) but this reduces the surface area of the ad-hoc "include files" API we
have now, at least.

Test Plan:
  - Grepped for __init_env__.php (no hits)
  - Ran a unit test (to test unit changes)
  - Ran a daemon (to test daemon changes)

Reviewers: jungejason, nh, tuomaspelkonen, aran

Reviewed By: jungejason

CC: aran, jungejason

Differential Revision: 976
2011-10-02 11:48:09 -07:00
Ricky Elrod
10570635b5 Stop 'stop' from being in phd's list twice, and provide a way to kill one particular PID.
Summary:
This is a pretty bad, but working implmentation of a way to kill one particular PID that
is controlled by Phabricator. Also remove the second 'stop' from the ##phd help## list.

Test Plan:
  [ricky@rhelpad01 phabricator] (phd-stop-twice)$ ./bin/phd status
  PID  	Started                 	Daemon
  30154	Oct 1 2011, 2:38:08 AM  	PhabricatorMetaMTADaemon
  30172	Oct 1 2011, 2:38:09 AM  	PhabricatorMetaMTADaemon
  30190	Oct 1 2011, 2:38:09 AM  	PhabricatorMetaMTADaemon
  30210	Oct 1 2011, 2:38:09 AM  	PhabricatorMetaMTADaemon

  [ricky@rhelpad01 phabricator] (phd-stop-twice)$ ./bin/phd stop 30190
  Stopping daemon 'PhabricatorMetaMTADaemon' (30190)...
  Daemon 30190 exited normally.

  [ricky@rhelpad01 phabricator] (phd-stop-twice)$ ./bin/phd stop 123456
  123456 is not controlled by Phabricator. Not killing.

  [ricky@rhelpad01 phabricator] (phd-stop-twice)$ ./bin/phd stop
  Stopping daemon 'PhabricatorMetaMTADaemon' (30154)...
  Stopping daemon 'PhabricatorMetaMTADaemon' (30172)...
  Stopping daemon 'PhabricatorMetaMTADaemon' (30210)...
  Daemon 30210 exited normally.
  Daemon 30154 exited normally.
  Daemon 30172 exited normally.

Reviewers: epriestley

CC:

Differential Revision: 975
2011-10-01 17:31:20 -04:00
epriestley
1b8562467c Add an "Event" plugin to DarkConsole for event inspection
Summary: Shows events which a page dispatched, plus all the registered
listeners.

Test Plan:
Pretty basic for now, but works OK:

https://secure.phabricator.com/file/view/PHID-FILE-49fcd23081ce55cf9369/

(I also made it dispatch some dummy events to verify they show up.)

Reviewers: aran

Reviewed By: aran

CC: aran

Differential Revision: 973
2011-10-01 08:51:54 -07:00
epriestley
522e5b4779 Build an event dispatch mechanism into Phabricator
Summary:
This is an attempt to satisfy a lot of the one-off requests a little more
generally, by providing a relatively generic piece of event architecture.

Allow the registation of event listeners which can react to various application
events (currently, task editing).

I'll doc this a bit better but I wanted to see if anyone had massive objections
to doing this or the broad approach. The specific problem I want to address is
that one client wants to do a bunch of routing for tasks via email, so it's
either build a hook, or have them override most of ManiphestReplyHandler, or
something slightly more general like this.

Test Plan: Wrote a silly listener that adds "Quack!" to a task every time it is
edited and edited some tasks. I was justly rewarded.

Reviewers: nh, jungejason, tuomaspelkonen, aran

Reviewed By: aran

CC: aran, epriestley

Differential Revision: 881
2011-09-30 12:16:40 -07:00
epriestley
8e8d91a1ff Allow Diffusion to display the initial commit in Git repositories
Summary: See T507. Since you can't do "xxxxxxxx^" where "xxxxxxxx" is the first
commit in a repository, fall back to diffing against the empty tree if we fail
to diff against the parent commit.

Test Plan: Looked at the first commit in libphutil on my local.

Reviewers: edward, jungejason, nh, tuomaspelkonen, aran

Reviewed By: nh

CC: aran, edward, epriestley, nh

Differential Revision: 953
2011-09-30 11:56:19 -07:00
Hua Wang
d41fd4a0fa T494 Image displaye issue
Summary: The display of images pairs is not corresponding to the selected two
image diffs. The fix is to use reference to get the phid for each image.

Test Plan: Create a revision with two diffs of images.
           Test the display between base and diff1/diff2.
           Test the rendering of images between diff1 and diff2.
           Test the inline comments also.

Reviewers: epriestley, jungejason

CC:

Differential Revision: 955
2011-09-30 00:25:33 -07:00
epriestley
07f4772d0b Make all parsers use credentials
Summary:
We need to issue all commands as $repository->junk() so we can pick up
credentials. Some of this stuff predates that change landing.

(I removed the "https" vs "svn+ssh" fallback code since it's specific to
Facebook, affected a tiny number of commits, is basically an SVN bug with UTF-8
handling and HTTP support, and doesn't make sense in the general case. The user
has the tools they need to force it via "reparse.php" if it's really an issue.)

Test Plan: Created new authenticated-remote mercurial and git repositories and
pulled/discovered them with credentials.

Reviewers: Makinde, jungejason, nh, tuomaspelkonen, aran

Reviewed By: Makinde

CC: aran, Makinde

Differential Revision: 970
2011-09-28 11:01:47 -07:00
epriestley
b1e1b1f9bd Basic support for Mercurial in Diffusion
Summary: Change import script plus almost all the view stuff. Still some rough
edges but this seems to mostly work. Blame is currently unsupported but I think
everything else works properly.

Test Plan:
Imported the hg repository itself. It doesn't immediately seem completely
broken. Here are some screens:

https://secure.phabricator.com/file/view/PHID-FILE-1438b71cc7c4a2eb4569/
https://secure.phabricator.com/file/view/PHID-FILE-3cec4f72f39e7de2d041/
https://secure.phabricator.com/file/view/PHID-FILE-2ea4883f160e8e5098f9/
https://secure.phabricator.com/file/view/PHID-FILE-35f751a36ebf65399ade/

All the parsers were able to churn through it without errors.

Ran the new "reparse.php" script in various one-commit and repository modes.

Browsed/imported some git repos for good measure.

NOTE: The hg repository is only 15,000 commits and around 1,000 files.
Performance is okay but hg doesn't provide performant, native APIs to get some
data efficiently so we have to do some dumb stuff. If some of these interfaces
are cripplingly slow or whatever, let me know and we can start bundling some
Mercurial extensions with Arcanist.

Reviewers: Makinde, jungejason, nh, tuomaspelkonen, aran

Reviewed By: Makinde

CC: aran, Makinde, epriestley

Differential Revision: 960
2011-09-27 19:28:57 -07:00
epriestley
46373f2be7 Add a Mercurial message parser
Summary: See D943, this is the second parse stage. This will mark Differential revisions as "Committed" among other things.

Almost all the logic here is shared between VCSes so the implementation itself is straightforward.

Test Plan: Parsed all messages for the official Mercurial repository.

Reviewers: Makinde, jungejason, nh, tuomaspelkonen, aran

CC:

Differential Revision: 944
2011-09-27 19:28:56 -07:00
epriestley
be26c6a5c1 Refactor repository reparse scripts to be more useful
Summary:
Splitting up D960 a bit, see that for context.

We currently have two scripts, "parse_one_commit.php" and
"reparse_all_commit_messages.php", but they're sort of silly and you can't do
certain things with them. Replace them with one script which is more flexible
and can do specific reparse steps on individual commits or entire repos.

I left the old scripts as stubs since I think there are some FB wiki docs and
stuff that mention them. I'll delete them in a month or whenever I remember or
something.

Test Plan: Ran "reparse.php" with various arguments, including vs-one-commit,
vs-repository, with --trace, and against different types of repos.

Reviewers: Makinde, jungejason, nh, tuomaspelkonen, aran

Reviewed By: jungejason

CC: aran, jungejason

Differential Revision: 964
2011-09-27 17:20:04 -07:00
tuomaspelkonen
7b8b469da3 Changed the postponed unit tests warning message
Summary:
Postponed unit tests are not unit tests with problems. The results
just haven't arrived yet.

Test Plan: Tested accepting a diff with unit status 1, 3, 5 (ok, errors,
postponed)

Reviewers: jungejason, epriestley

Reviewed By: epriestley

CC: aran, epriestley, tuomaspelkonen

Differential Revision: 969
2011-09-27 13:00:36 -07:00
epriestley
9155369668 Add a helper function to DiffusionPathIDQuery
Summary:
Just breaking D960 into some smaller parts, this is a standalone method used in
Mercurial parsing.

(There's a bad version of this function in the SVN stuff but I'll get rid of it
the next time I'm in there.)

Test Plan: See D960.

Reviewers: Makinde, jungejason, nh, tuomaspelkonen, aran

Reviewed By: Makinde

CC: aran, Makinde

Differential Revision: 965
2011-09-27 11:05:12 -07:00
epriestley
cd71098110 Detect commits by hash relationships
Summary:
When we discover a new commit and it has a known local commit or tree hash, mark
it committed.

This supports Mercurial and Git-Immutable workflows, and improves
hybrid-Git-Mutable workflows and covers some cases where poeple just make
mistakes or whatever.

Test Plan: Parsed Mercurial, Git and SVN commits.

Reviewers: Makinde

Reviewed By: Makinde

CC: aran, Makinde

Differential Revision: 963
2011-09-27 11:04:56 -07:00
epriestley
3ce0c602ec Improve Diffusion parser linking of author names
Summary: See T502. Under some VCS setups, we get full email addresses instead of
usernames or real names. Try harder to find matches, by falling back to email
address parsing if we don't get hits on the straight-up token parsing.

Test Plan:
This is difficult to test because it depends on the account state and repository
state, and hard to pull out so it's more testable without better mocking
facilities. I just dumped this into the parser to verify the behavior:

  foreach (array(
    'epriestley',
    'Evan Priestley',
    'epriestley@epriestley.com',
    'derp <epriestley@epriestley.com>',
    '"Evan Priestley" <derpderpderp@derpderpderp.com>',
    'quackderp <derpderpderp@derpderpderp.com>',
    ) as $email) {
    echo "{$email} = ".$this->resolveUserPHID($email)."\n";
  }
  die();

  Running PhabricatorRepositoryGitCommitMessageParserWorker...
  epriestley = PHID-USER-79f25616ea2635089a31
  Evan Priestley = PHID-USER-79f25616ea2635089a31
  epriestley@epriestley.com = PHID-USER-1bec59b91be6223f07fd
  derp <epriestley@epriestley.com> = PHID-USER-1bec59b91be6223f07fd
  "Evan Priestley" <derpderpderp@derpderpderp.com> =
PHID-USER-79f25616ea2635089a31
  quackderp <derpderpderp@derpderpderp.com> =

This is expected (all variations of my identity parsed correctly, and the bogus
one failed). There are two different user PHIDs in the result set because I have
like 30 different similar accounts on my local, including one called "derp" and
another one with address "derp@derp.com", which prevented an earlier version of
this test case from working correctly.

Reviewers: zachallia, aran, Makinde, jungejason, nh, tuomaspelkonen

Reviewed By: jungejason

CC: aran, jungejason

Differential Revision: 968
2011-09-27 11:04:49 -07:00
epriestley
2fc3acc969 Improve time localization code
Summary:
  - We throw on a missing date right now, in the DateTime constructor. This can
happen in reasonable cases and this is display code, so handle it more
gracefully (see T520).
  - This stuff is a little slow and we sometimes render many hundreds of dates
per page. I've been seeing it in profiles on and off. Memoize timezones to
improve performance.
  - Some minor code duplication that would have become less-minor with the
constructor change, consolidate the logic.
  - Add some unit tests and a little documentation.

Test Plan:
  - Ran unit tests.
  - Profiled 1,000 calls to phabricator_datetime(), cost dropped from ~49ms to
~19ms with addition of memoization. This is still slower than I'd like but I
don't think there's an easy way to squeeze it down further.

Reviewers: ajtrichards, jungejason, nh, tuomaspelkonen, aran

Reviewed By: ajtrichards

CC: aran, ajtrichards, epriestley

Differential Revision: 966
2011-09-27 09:25:16 -07:00
epriestley
016b060aea Add a relation table for Revisions to local commit hashes
Summary:
This allows us to performantly query for diffs related to a given local hash.
Immediate applications are:

  - Commit detection in Mercurial and Git-Immutable workflows.
  - Some async unit test stuff @mgummelt was doing.

Test Plan:
Diffed locally under SVN/Git/hg, checked the table, got sensible output.

  mysql> select * from differential_revisionhash;
  +------------+------+------------------------------------------+
  | revisionID | type | hash                                     |
  +------------+------+------------------------------------------+
  |         40 | gtcm | 8c6fb2f95598a50f7aac64a5f4cc6c12b5db42f5 |
  |         40 | gttr | 54710e361a465f4ff39565a93b2a221b6e7dd07c |
  |         41 | hgcm | c29cb69aec14                             |
  |         41 | hgcm | e7309be4eabb                             |
  |         41 | hgcm | 4e885caeff60                             |
  |         41 | hgcm | 213ee1cd30ea                             |
  |         41 | hgcm | b4050fb3490f                             |
  |         41 | hgcm | 72a76bd7ffa2                             |
  |         41 | hgcm | 06c2687e63fb                             |
  |         41 | hgcm | 2b464bde6b48                             |
  +------------+------+------------------------------------------+
  10 rows in set (0.00 sec)

NOTE: Mercurial hashes are short-form but I'll shoot out a separate Arcanist
diff to fix this.

Reviewers: Makinde, fratrik, mgummelt, jungejason, nh, tuomaspelkonen, aran

Reviewed By: Makinde

CC: aran, Makinde

Differential Revision: 961
2011-09-26 15:02:37 -07:00
epriestley
d0b6602e29 Add an option to switch tokenizers to use "ondemand" instead of "preloaded"
datasources

Summary:
The open source Phabricator has like 3,500 user accounts now and it takes a
while to pull/render them. Add an option to switch to ondemand for large
installs.

I'll follow up with a patch at some point to address a couple of name things:

  - Denormalize last names into a keyed column (although this evidences some
bias toward the western world).
  - Force all usernames to lowercase (sorry Girish, Makinde).

Also this patch is so clean it's crazy.

Didn't bother with other object types for now, I'm planning to dedicate a few
days to Projects at some point and I'll flesh out some auxiliary features like
this when I do that.

Test Plan: Switched to ondemand, verified data was queried dynamically. Switched
back, verified data was preloaded.

Reviewers: jungejason, nh, tuomaspelkonen, aran

Reviewed By: nh

CC: aran, epriestley, nh

Differential Revision: 923
2011-09-21 14:22:01 -07:00
epriestley
1c1f749eba Add an "arcanist.projectinfo" Conduit call
Summary:
We currently rely on "remote_hooks_enabled" in .arcconfig to determine whether
commands like "arc amend" and "arc merge" should imply "arc mark-committed".

However, this is a historical artifact that is now bad for a bunch of reasons:

  - The option name is confusing, it really means 'repository is tracked'.
  - The option is hard to discover and generally sucks.
  - We can empirically determine the right answer since we now know if a project
is in a tracked repository.

Add a call which arcanist can make on these workflows to figure out if it is
interacting with a project in a tracked repository or not.

Also added an "isTracked()" convenience method to reduce the number of magic
strings all over the place.

Test Plan: Ran "arcanist.projectinfo" for nonexistent, untracked and tracked
projects.

Reviewers: Makinde, jungejason, nh, tuomaspelkonen, aran

Reviewed By: Makinde

CC: aran, epriestley, Makinde

Differential Revision: 945
2011-09-21 14:19:14 -07:00
epriestley
93b3bc8e89 Add a Mercurial message parser
Summary:
See D943, this is the second parse stage. This will mark Differential revisions
as "Committed" among other things.

Almost all the logic here is shared between VCSes so the implementation itself
is straightforward.

Test Plan: Parsed all messages for the official Mercurial repository.

Reviewers: Makinde, jungejason, nh, tuomaspelkonen, aran

Reviewed By: Makinde

CC: aran, Makinde

Differential Revision: 944
2011-09-16 11:09:39 -07:00
epriestley
e0b86cc81b Add a Mercurial commit discovery daemon
Summary:
Repository import has three major steps:

  - Commit discovery (serial)
  - Message parsing (parallel, mostly VCS independent)
  - Change parsing (parallel, highly VCS dependent)

This implements commit discovery for Mercurial, similar to git's parsing:

  - List the heads of all the branches.
  - If we haven't already discovered them, follow them back to their roots (or
the first commit we have discovered).
  - Import all the newly discovered commits, oldest first.

This is a little complicated but it ensures we discover commits in depth order,
so the discovery process is robust against interruption/failure. If we just
inserted commits as we went, we might read the tip, insert it, and then crash.
When we ran again, we'd think we had already discovered commits older than HEAD.

This also allows later stages to rely on being able to find Phabricator commit
IDs which correspond to parent commits.

NOTE: This importer is fairly slow because "hg" has a large startup time
(compare "hg --version" to "git --version" and "svn --version"; on my machine,
hg has 60ms of overhead for any command) and we need to run many commands (see
the whole "hg id" mess). You can expect something like 10,000 per hour, which
means you may need to run overnight to discover a large repository (IIRC, the
svn/git discovery processes are both about an order of magnitude faster). We
could improve this with batching, but I want to keep it as simple as possible
for now.

Test Plan: Discovered all the commits in the main Mercurial repository,
http://selenic.com/repo/hg.

Reviewers: Makinde, jungejason, nh, tuomaspelkonen, aran

Reviewed By: Makinde

CC: aran, Makinde

Differential Revision: 943
2011-09-16 11:08:52 -07:00
epriestley
209179a74a Remove tests for JX.$.NotFound from Phabricator
Summary: See D939. Regardless of what we do there, these will break, and they're
pretty silly anyway (see the giant caveat comments in the second one).

Test Plan: Clicked a direct-jump comment link, did save/cancel for inline
comments.

Reviewers: phil, cpojer, tomo, mroch

Reviewed By: phil

CC: aran, phil

Differential Revision: 940
2011-09-16 00:49:10 -07:00
epriestley
cd4f954b99 Document mercurial and immutable history doctrines
Summary: Explains how to use the immutable history doctrine and mercurial.
Recommends "one idea is one commit".

Test Plan: Read documentation.

Reviewers: fratrik, Makinde, aran, jungejason, tuomaspelkonen, cpiro

Reviewed By: cpiro

CC: aran, cpiro, epriestley, ide

Differential Revision: 861
2011-09-15 07:45:22 -07:00
epriestley
b64f252f8b Fix a dirname() edge case in Diffusion
Summary:
dirname('x') returns '.', not '/'; this caused some issues for repositories with
files at the root.

There are some cases in the parsers where I should probably swap this out too
but I'll wait until I'm doing some more rigorous testing since that stuff is a
bit fragile and this fixes an immediate issue.

Test Plan: Ran unit tests. Viewed a file at root level in a test repository.

Reviewers: jungejason, nh, tuomaspelkonen, aran

Reviewed By: nh

CC: aran, nh

Differential Revision: 932
2011-09-15 07:45:15 -07:00
epriestley
43a3f4d234 Build an "affected path" index when attaching diffs to revisions
Summary: See T262. This creates the index on the Differential side which we need in order to execute this query efficiently on the Diffusion side.

Also renames "DiffusionGitPathIDQuery" to "DiffusionPathIDQuery", this query object has nothing to do with git.

Test Plan: Attached top-level and sub-level diffs to revisions and verified they populated the table with sensible data.

Reviewers: bmaurer, aravindn, fmoo, jungejason, nh, tuomaspelkonen, aran

CC:

Differential Revision: 931
2011-09-15 07:45:14 -07:00
Nick Harper
6a93029288 Merge branch 'doc' 2011-09-14 10:50:46 -07:00
Jason Ge
5284053c0e Add X-Frame-Options for all response
Summary:
we use to only add X-Frame-Options for AphrontWebpageResponse.
There some security concern about it. Example of a drag-drop attack:
http://sites.google.com/site/tentacoloviola/. The fix is to add it to
all AphrontResponse.

Test Plan:
View page which disalble this option still works (like the
xhpast tree page); verify that the AphrontAjaxResponse contains the
X-Frame-Options in the header.

Reviewers: epriestley, benmathews

Reviewed By: epriestley

CC: nh, aran, jungejason, epriestley

Differential Revision: 926
2011-09-14 10:43:24 -07:00
epriestley
2f218ac745 Provide more thorough defaults in the configuration guide template
Summary: Feedback from @makinde. These are easy (and necessary) to configure so
we might as well give the user a heads up.

Test Plan: Regenerated the documentation and read "Configuration Guide".

Reviewers: Makinde, jungejason, nh, tuomaspelkonen, aran

Reviewed By: Makinde

CC: aran, Makinde

Differential Revision: 929
2011-09-14 09:52:19 -07:00
epriestley
a42f116749 Allow "!accept" to be enabled through configuration
Summary: For reasons explained in the config I've omitted this from the default
action set, but it's trivial to support it. See D916.

Test Plan: Commented on a revision, was informed I could "!accept" in the email.
Used "!accept" to accept the revision.

Reviewers: Makinde, jungejason, nh, tuomaspelkonen, aran

Reviewed By: Makinde

CC: aran, Makinde

Differential Revision: 928
2011-09-14 09:52:13 -07:00
epriestley
9215d330ad Fix generateChronologicalKey() for 32-bit machines
Summary: This method relies on 64-bit math being available, which isn't a safe
assumption. Use the builtin bc functions instead for arbitrarily large integers.

Test Plan: @skrul, can you apply this locally and let me know if it works?

Reviewers: skrul, hunterbridges, jungejason, nh, tuomaspelkonen, aran

Reviewed By: skrul

CC: aran, skrul, epriestley

Differential Revision: 912
2011-09-14 09:03:45 -07:00
epriestley
4bec2579d5 Some documentation updates. 2011-09-14 08:02:31 -07:00
epriestley
1620bce842 Add Google as an OAuth2 provider (BETA)
Summary:
This is pretty straightforward, except:

  - We need to request read/write access to the address book to get the account
ID (which we MUST have) and real name, email and account name (which we'd like
to have). This is way more access than we should need, but there's apparently no
"get_loggedin_user_basic_information" type of call in the Google API suite (or,
at least, I couldn't find one).
  - We can't get the profile picture or profile URI since there's no Plus API
access and Google users don't have meaningful public pages otherwise.
  - Google doesn't save the fact that you've authorized the app, so every time
you want to login you need to reaffirm that you want to give us silly amounts of
access. Phabricator sessions are pretty long-duration though so this shouldn't
be a major issue.

Test Plan:
  - Registered, logged out, and logged in with Google.
  - Registered, logged out, and logged in with Facebook / Github to make sure I
didn't break anything.
  - Linked / unlinked Google accounts.

Reviewers: Makinde, jungejason, nh, tuomaspelkonen, aran

Reviewed By: aran

CC: aran, epriestley, Makinde

Differential Revision: 916
2011-09-14 07:32:04 -07:00
epriestley
4da43b31a3 Add Mercurial repository configuration and local pull support
Summary: No actual parsing/import yet, but now you can define and pull Mercurial
repositories. I merged most of the local pull code so we can share it between
hg/git.

Test Plan:
  - Created a new Mercurial repository to track Codeigniter off Bitbucket
  - Edited / saved / etc.
  - Launched the mercurial pull daemon, it pulled the repo. Killed and
relaunched, it updated the repo.
  - Launched the git fetch deamon, it still works correctly.

Reviewers: Makinde, aran, jungejason, tuomaspelkonen

Reviewed By: Makinde

CC: aran, Makinde

Differential Revision: 793
2011-09-14 07:28:22 -07:00
Nick Harper
96d58d8ad3 Fixed documentation in PhabricatorProjectSubproject
Summary:
Changed the documentation to describe the project-subproject join table
instead of the task-project join table.

Test Plan:
none

Reviewers:
epriestley, cadamo

CC:

Differential Revision: 927
2011-09-13 21:21:12 -07:00
epriestley
03fb1887d3 Fix file URI perf regression
Summary:
The CSRF changes meant that we can't generate a file URI with just its PHID
anymore, and converted a mathematical function into a service call.
Unfortunately, this caused massive perf problems in some parts of the
application, critically handles, where loading N users became N single gets.
Derp derp derp. Remedy this by doing a single multiget. This substantially
improves performance of many interfaces, particularly the Maniphest task list.

I need to go through the rest of the PhabricatorFileURI callsites and get rid of
them, but I think this is the most substantive one.

Test Plan: Profiled Maniphest task list, queries went from >100 to a handful.
Explosion of multiderp. :/ Looked at some views with profile photos to verify
they still render accurately.

Reviewers: jungejason, nh, tuomaspelkonen, aran

Reviewed By: aran

CC: aran

Differential Revision: 921
2011-09-13 10:33:56 -07:00
epriestley
888af7309a Add a simple symbol lookup interface for cross-references
Summary: This will get fancier, but here's a basic interface for doing symbol
lookups. Still all pretty tentative.

Test Plan: Looked up various things, got some sensible results.

Reviewers: jungejason, nh, tuomaspelkonen, aran

Reviewed By: tuomaspelkonen

CC: aran, tuomaspelkonen

Differential Revision: 900
2011-09-13 08:49:45 -07:00
epriestley
77ed7ade66 Add symbol import scripts for crossref features
Summary: Adds a script to import symbols from a ctags-like format, and another
to generate that format for PHP files.

Test Plan:
Ran it on Phabricator:

  mysql> select * from repository_symbol limit 200, 20;

+-------------------+---------------------------------------------------+------------+----------------+--------+------------+
  | arcanistProjectID | symbolName                                        |
symbolType | symbolLanguage | pathID | lineNumber |

+-------------------+---------------------------------------------------+------------+----------------+--------+------------+
  |                 1 | DifferentialDiffViewController                    |
class      | php            |     52 |         19 |
  |                 1 | DifferentialInlineCommentEditController           |
class      | php            |    308 |         19 |
  |                 1 | DifferentialInlineCommentPreviewController        |
class      | php            |  10543 |         19 |
  |                 1 | DifferentialRevisionEditController                |
class      | php            |  10544 |         19 |
  |                 1 | DifferentialRevisionListController                |
class      | php            |  10545 |         19 |
  |                 1 | DifferentialRevisionViewController                |
class      | php            |    142 |         19 |
  |                 1 | DifferentialSubscribeController                   |
class      | php            |  10546 |         19 |
  |                 1 | DifferentialRevisionListData                      |
class      | php            |     58 |         19 |
  |                 1 | DifferentialCommentEditor                         |
class      | php            |     39 |         19 |
  |                 1 | DifferentialRevisionEditor                        |
class      | php            |     42 |         24 |
  |                 1 | DifferentialFieldSpecificationIncompleteException |
class      | php            |  10547 |         19 |
  |                 1 | DifferentialFieldDataNotAvailableException        |
class      | php            |  10548 |         19 |
  |                 1 | DifferentialFieldParseException                   |
class      | php            |  10549 |         19 |
  |                 1 | DifferentialFieldValidationException              |
class      | php            |  10550 |         19 |
  |                 1 | DifferentialFieldSelector                         |
class      | php            |  10551 |         19 |
  |                 1 | DifferentialDefaultFieldSelector                  |
class      | php            |  10552 |         19 |
  |                 1 | DifferentialApplyPatchFieldSpecification          |
class      | php            |  10553 |         19 |
  |                 1 | DifferentialArcanistProjectFieldSpecification     |
class      | php            |  10554 |         19 |
  |                 1 | DifferentialAuthorFieldSpecification              |
class      | php            |  10555 |         19 |
  |                 1 | DifferentialFieldSpecification                    |
class      | php            |  10556 |         35 |

+-------------------+---------------------------------------------------+------------+----------------+--------+------------+
  20 rows in set (0.00 sec)

Reviewers: jungejason, nh, tuomaspelkonen, aran

Reviewed By: tuomaspelkonen

CC: aran, tuomaspelkonen

Differential Revision: 898
2011-09-13 08:49:44 -07:00
epriestley
cd05c960ff Add storage for repository symbol tracking
Summary: See T315 for an extensive description of this feature. Adds the
descibed storage table.

Test Plan: Used phpsh to read/write symbol objects.

Reviewers: jungejason, nh, tuomaspelkonen, aran

Reviewed By: tuomaspelkonen

CC: aran, epriestley, tuomaspelkonen

Differential Revision: 897
2011-09-13 08:49:44 -07:00
epriestley
63e96703d8 Fix CSRF issue with image proxying
Summary: This got caught in the CSRF filter but is a safe write.

Test Plan: Pasted the URI for a picture of a goat into a diff, saw a goat.

Reviewers: aran, jungejason

Reviewed By: aran

CC: aran

Differential Revision: 910
2011-09-13 08:49:16 -07:00
epriestley
8f772929ac Use a password input for HTTP Basic Auth in repositories
Summary: See D902. As @abdul notes, a password input is probably more
appropraite here.

Test Plan: Mashed stuff into it, got bullets instead of text.

Reviewers: abdul, jungejason, nh, tuomaspelkonen, aran

Reviewed By: nh

CC: aran, nh

Differential Revision: 913
2011-09-13 08:49:07 -07:00
epriestley
0366936d4c Set default content to "" (empty string), not null, in PhrictionDocumentEditor
Summary: phriction.edit allows you to omit the content string, meaning "don't
edit content". If you're also creating the page, we currently break in a
terrible, horrible, no-good, very-bad way because 'content' can't be null.
Default to empty string instead so phriction.edit creates an empty page instead
of a broken mess.

Test Plan: Called phriction.edit on a new page with no content.

Reviewers: skrul, jungejason, nh, tuomaspelkonen, aran

Reviewed By: skrul

CC: aran, skrul

Differential Revision: 920
2011-09-13 08:48:56 -07:00
Jaap Weel
bd778b4c8e Allow Diffusion to display PDF files
Summary:
When Diffusion encounters an image file, it displays it as an
image, but when it encounters a PDF file, it currently shows only some
gibberish. This fixes that.

Test Plan:
I tried it. Embedding a large PDF in a data URL is a little
bit slow, but it works.

Reviewers: tuomaspelkonen, epriestley, gc3, waltermundt, jungejason, nh

Reviewed By: epriestley

CC: aran, tuomaspelkonen, epriestley, jaapweel

Differential Revision: 915
2011-09-09 13:14:49 -07:00
mgummelt
7f601a78d3 Merge branch 'master' of github.com:facebook/phabricator into unit_status 2011-09-08 18:24:54 -07:00
mgummelt
40b8e352ad Include the unit status in the getdiff conduit method
Summary:
We need to query the unit status in order to determine if
there are postponed unit tests to update after running "arc unit"

Test Plan:
1) set my conduit uri to a server running the new code
2) ensured unitStatus existed when retrieving a diff

Reviewers: epriestley

Reviewed By: epriestley

CC: dpepper, aran, epriestley

Differential Revision: 918
2011-09-08 18:24:13 -07:00
epriestley
87309734cc Nuke sessions from the database when users logout
Summary:
@tomo ran into an issue where he had some non-SSL-only cookie or whatever, so
"Logout" had no apparent effect. Make sure "Logout" really works by destroying
the session.

I originally kept the sessions around to be able to debug session stuff, but we
have a fairly good session log now and no reprorted session bugs except for all
the cookie stuff. It's also slightly more secure to actually destroy sessions,
since it means "logout" breaks any cookies that attackers somehow stole (e.g.,
by reading your requests off a public wifi network).

Test Plan: Commented out the cookie clear and logged out. I was logged out and
given a useful error message about clearing my cookies.

Reviewers: jungejason, nh, tuomaspelkonen, aran

Reviewed By: aran

CC: tomo, aran, epriestley

Differential Revision: 911
2011-09-08 14:30:16 -07:00
Abdul Qabiz
6355b291ed - Added getRemoteCommandFuture(..) and getLocalCommand Future(..) methods to PhabricatorRepository
- Removed irrelevant csprintf(..)
  - Updated code to use $repository->getRemoteURI()
  - Updated code to use getRemoteCommandFuture(..) in Diffusion code
  - Updated code to use $repository->getRemoteURI()
2011-09-09 01:16:48 +05:30
epriestley
e3a9d73fe1 Add keyfile and HTTP Basic auth support to repositories
Summary: I still need to go through all the daemon and Diffusion code and change
the bare execx() calls to $repository->execxXXX() to actually make this work,
but we're getting close.

Test Plan: Configured repositories with various HTTP / SVN setups and ran the
test_connection.php script to verify keys were located and added and
username/password information was supplied.

Reviewers: jungejason, nh, tuomaspelkonen, aran

Reviewed By: nh

CC: aran, nh, jungejason

Differential Revision: 902
2011-09-07 13:22:08 -07:00
epriestley
40c1450129 Add an explicit test for the availablility of 'php' from the command line during
setup

Summary: See T481. We'll fail the pcntl test if we don't have this, in a
potentially confusing way. Test and detect missing 'php' explicitly before we
try the pcntl test, so we can give the user a better error message.

Test Plan: In setup mode, did a good run and then faked it to execute 'phpx'
instead to get a failure.

Reviewers: johnduhart, jungejason, tuomaspelkonen, aran

Reviewed By: tuomaspelkonen

CC: aran, epriestley, tuomaspelkonen

Differential Revision: 878
2011-09-07 13:20:39 -07:00
Hua Wang
cd6eb836f6 Enable comments for image
Summary: Added line number 1 for each image and added code to display the
comments for each image.

Test Plan: Adding an image in my local directory and create a revision for it.
Click line number 1, and the comment window prompts.  Adding and save the
comment. The comment shows in the differential comment list and in the inline
comment.  Submit the comment.  Create more comments for the image and the
"Previous" and "Next" buttons all work well.

Reviewers: epriestley, jungejason

CC:

Differential Revision: 901
2011-09-06 18:11:41 -07:00
epriestley
cd7ba81d83 Use "Best" URI when linking to files from Maniphest file previews
Summary: Previously, this code accidentally did not use the best URI. Instead,
use the best URI. It's the best, obviously.

Test Plan: Uploaded a binary file and then clicked the preview.

Reviewers: hunterbridges, jungejason, nh, tuomaspelkonen, aran

Reviewed By: tuomaspelkonen

CC: aran, tuomaspelkonen

Differential Revision: 905
2011-09-06 15:35:30 -07:00
epriestley
1df7d4039e Store repository credentials with repositories
Summary:
Move toward storing credentials in configuration so it's easier to get the
daemons working. This should eventually solve all the key juggling junk you have
to do right now.

This only gets us part of the way to actually using these credentials in the
daemons since I have to go swap everything for $repository->execBlah().

I tried to write a web "Test Connection" button but it was too much of a mess to
get git to work since git doesn't give you access to its SSH command and SSH has
a bunch of interactive prompts which you can't really do anything about without
it or a bunch of ~/.ssh/config editing. This is what Git recommends:

https://git.wiki.kernel.org/index.php/GitFaq#How_do_I_specify_what_ssh_key_git_should_use.3F

..but it's not a great match for this use case.

Test Plan:
  - Only partial.
  - Ran "test_connection.php" on a Git repo with and without SSH, and with and
without valid credentials. This part works properly.
  - Ran "test_connection.php" on a public SVN repo, but I don't have private or
WEBDAV repos set up at the moment.
  - Mercurial doesn't work yet.
  - Daemons haven't been converted yet.

Reviewers: jungejason, tuomaspelkonen, aran

Reviewed By: jungejason

CC: aran, abdul, nmalcolm, epriestley, jungejason

Differential Revision: 888
2011-09-06 08:58:00 -07:00
epriestley
e875c81f6d Remove blameRevision and revertPlan from the DifferentialRevision schema
Summary:
These fields use auxiliary storage now. Migrate the data and get rid of the
columns in the main table.

  - This might take a little while to run, although there are <500k rows so
probably not too long.
  - Maybe grab a backup of the table first, if I screwed something up this will
delete the data in these fields.

Test Plan:
  - Ran migration locally.
  - Browsed Differential.
  - Grepped for "revertPlan" and "blameRevision".

Reviewers: jungejason, tuomaspelkonen, aran

Reviewed By: jungejason

CC: aran, jungejason, epriestley

Differential Revision: 832
2011-09-04 16:19:12 -07:00
epriestley
8f3b342287 Improve several Diffusion UI error states
Summary:
Give users better errors and UI:

  - For subpath SVN repositories, default the path to the subdirectory, not to
"/". This makes the home screen useful and things generally less confusing.
  - For unparsed commits, show a more descriptive error message without the
"blah blah" silliness.
  - For paths outside of the subpath parse tree, short circuit into an
appropriate error message.
  - For foreign SVN stub commits (see D892), show an explicit message.

Test Plan: Looked at unparsed commits, subpath repositories, foreign stub
commits, and paths outside of the subpath parse tree. Received sensible error
messages.

Reviewers: jungejason, nh, tuomaspelkonen, aran

Reviewed By: jungejason

CC: aran, jungejason

Differential Revision: 894
2011-09-04 16:18:28 -07:00
Nick Harper
8b06d7d1c6 Merge branch 'master' of github.com:facebook/phabricator 2011-09-04 15:23:53 -07:00
epriestley
628082d427 Don't flag "EXPLAIN" as a write
Summary: These queries are safe to run without a CSRF token, and we need them
for the query analyzer in DarkConsole.

Test Plan: "Analyze Query Plans" works again.

Reviewers: jungejason, nh, tuomaspelkonen, aran

Reviewed By: nh

CC: aran, epriestley, nh

Differential Revision: 895
2011-09-04 15:20:39 -07:00
Nick Harper
2db912e859 Add change password settings panel
Summary:
In password-based auth environments, there is now a user settings
panel to allow them to change their password.

Test Plan:
Click settings, choose password from the left:
* enter current password, new password (twice), log out, and log in with
  new password
* enter current password, non-matching passwords, and get error
* enter invalid old password, and get error
* use firebug to change csrf token and verify that it does not save with
  and invalid token
Changed config to disable password auth, loaded settings panel and saw
that password was no longer visible. Tried loading the panel anyway and
got redirected.

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, epriestley

Differential Revision: 890
2011-09-04 15:07:04 -07:00
epriestley
ae045a9cf2 When doing partial subdirectory parses in Subversion, stub out foreign commit
references

Summary:
See T325. We tentatively support doing partial subdirectory parses in
Phabricator for Subversion, so you can elect to import only "trunk/local/" or
similar. We do this by importing only some of the commits (those commits which
affected that directory).

In Subversion, you can also "svn cp
svn+ssh://example.com/svnroot/trunk/foreign/example.c@13 local.c". This means
that commits which reference "trunk/local/" may themselves reference foreign
commits.

Currently, we break in this case and can't find the commit reference. Instead,
generate a foreign commit stub so we can at least point at some reasonable
object.

Test Plan: Successfully imported trunk/a/ of the test repo in T325 without
errors. Verified commit 3 in that repo is imported as a foreign stub.

Reviewers: jungejason, nh, tuomaspelkonen, aran

Reviewed By: jungejason

CC: aran, jungejason, epriestley

Differential Revision: 892
2011-09-04 14:10:03 -07:00
epriestley
ed508247ba Fix a bug in the SVN parser which causes it to find commit refs in other SVN
repositories

Summary:
This query isn't scoped correctly to the repository ID, so we may identify
commits from other repositories.

This causes a somewhat subtle issue since we only use it to manage file
copies/moves, so you end up with a file "copied from" the same revision in
another repository. I think the UI probably even renders correctly.

Once I finish T325 and better understand what's going on here, I'll see how much
work is involved in writing an SQL patch to fix this.

Test Plan: Parsed the test repo from T325 with the expected error.

Reviewers: jungejason, nh, tuomaspelkonen, aran

Reviewed By: jungejason

CC: aran, jungejason

Differential Revision: 891
2011-09-04 14:10:02 -07:00
Nicholas Harper
3ecd11a634 Tweak width of differential-panel to match aphront-panels on differential
Summary:
The differential panels at the top of the differential revision view page
were 2px smaller than the divs on the bottom of the page (everything below
the table of contents). This diff makes differential-panel 2px wider so it
matches.

Test Plan: viewed a differential revision and checked that the divs lined up

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, epriestley

Differential Revision: 887
2011-09-02 17:25:36 -07:00
epriestley
f4c8525a9a Add "Fax" content source
Summary: Can't believe I missed this.

Test Plan: !!!

Reviewers: isaac, ola, g, jungejason

Reviewed By: ola

CC: aran, ola

Differential Revision: 886
2011-09-01 12:27:45 -07:00
epriestley
c2fef51b3d Refine error messages for CSRF exceptions
Summary: See T489. Provide slightly more detail so we can figure out if there's
a real issue here.

Test Plan:
Hit URIs like:

 /differential/comment/preview/29/
 /differential/comment/preview/29/?__ajax__=1
 /differential/comment/preview/29/?__csrf__=1

..and got appropriate error messages.

Reviewers: jungejason

Reviewed By: jungejason

CC: aran, jungejason

Differential Revision: 884
2011-09-01 12:04:15 -07:00
epriestley
83f1140785 Use text, not icons, to indicate content sources
Summary:
oh god everyone hates this

revert revert

https://www.facebook.com/photo.php?fbid=787360256660&set=p.787360256660&type=1&theater

(I left the icons themselves since I have some plans to do other things with
them.)

Test Plan: I am not good at designer

Reviewers: ola, elynde, bh, ashwin, jungejason, kdelong, zrait, tomo, aran

Reviewed By: aran

CC: aran, epriestley, tomo

Differential Revision: 885
2011-09-01 10:07:16 -07:00
mgummelt
a1d1c69506 diff dict API bug fix
Summary:
I didn't realize createDiffDict was a public method when I
modified it, and I broke the API call in getrevision.  This moves the
modification inside the method and reverts the method header back to
it's original form.

Test Plan: none

Reviewers: epriestley

Reviewed By: epriestley

CC: edward, aran, epriestley

Differential Revision: 883
2011-08-31 23:16:32 -07:00
epriestley
76ac8b4196 Display local commit information in Differential
Summary:
After D857, we try to attach local commit information to revisions. If this
information is available, display it on the revision.

Design on this is a little rough, I might try to combine this into the revision
update view or something like that since we're starting to take up a lot of real
estate for metadata.

Test Plan: Local diffed this and got some commit info.

Reviewers: jungejason, tuomaspelkonen, aran

Reviewed By: jungejason

CC: aran, epriestley, jungejason

Differential Revision: 872
2011-08-31 13:49:50 -07:00
epriestley
5908a63dfe Add a custom lint name hook to Phabricator
Summary: Allow Conduit method so they stop raising lint warnings. See D874.

Test Plan: Ran "arc lint" on conduit files and was no longer given frivolous
warnings.

Reviewers: nh, jungejason, tuomaspelkonen, aran

Reviewed By: nh

CC: aran, nh, epriestley

Differential Revision: 875
2011-08-31 13:49:30 -07:00
epriestley
0e40b3c5b2 Allow Phriction [[links]] to link to non-Phriction URIs
Summary: If the link text is a URI, just treat it as a nameable (and possibly
relative) URI link. See tasks.

Test Plan: Copy/pasted the doc example into Phriction, links worked.

Reviewers: skrul, hunterbridges, jungejason, tuomaspelkonen, aran

Reviewed By: jungejason

CC: aran, jungejason

Differential Revision: 882
2011-08-31 13:48:58 -07:00
epriestley
c544f78015 When a user hits "Reply", then "Cancel" on an inline comment (without typing),
don't show "Undo"

Summary: When a user hits "Reply" on an inline comment, doesn't type anything,
and then hits "Cancel", we incorrectly store the text of the comment the user is
replying to as the "original" text, and then detect that they've changed it when
they immediately cancel. Instead, store empty string as the original text.

Test Plan:
  - Hit "Reply" and then "Cancel" on an inline comment. No undo now.
  - Hit "Reply", typed some text, and then hit "Cancel". Got an undo which
restored my text.

Reviewers: tomo, jungejason, tuomaspelkonen, aran

Reviewed By: aran

CC: aran, tomo

Differential Revision: 879
2011-08-31 12:04:17 -07:00
epriestley
b2b677d446 Fix some sloppiness with definition of $slug. 2011-08-31 12:00:34 -07:00
epriestley
de170bf001 Fix autoload map. 2011-08-30 18:09:02 -07:00
epriestley
0996697810 Remove 4-way cookie purge logic
Summary: HPHP has behaviorial differences from PHP which make this logic
problematic and we provide a good error message to users when there's a cookie
issue now, so unsplit the cookie logic and just clear the same cookie we'd
otherwise set, as per ssl / base domain.

Test Plan: Logged in and out of my local install.

Reviewers: jungejason

Reviewed By: jungejason

CC: aran, jungejason

Differential Revision: 876
2011-08-30 16:52:33 -07:00
epriestley
701bf8317f Provide access to Phriction via Conduit
Summary:
Provide three Phriction methods for programmatic access to Phriction:

  - phriction.info: get information about a document
  - phriction.history: get change history for a document
  - phriction.edit: create or update a document

I moved all the editing/creation logic into a new PhrictionDocumentEditor to
share code between the Conduit and Web edit pathways.

Test Plan: Got info and history via conduit. Edited and created new pages via
conduit and web.

Reviewers: hsb, jungejason, tuomaspelkonen, aran, hunterbridges

Reviewed By: hunterbridges

CC: skrul, aran, hunterbridges

Differential Revision: 866
2011-08-30 15:52:45 -07:00
mgummelt
ee6c24b98d Add two new conduit methods: createlintresults and getdiffproperty
Summary:
We need createlintresults because we are doing extended
static analysis offline, and thus we need to be able to update the
lint results associated with a diff.  This is similar to
updateunitresults, but "create" is more accurate than "update" since
we never need to change existing lint results.

getdiffproperty is used by the client to ensure it isn't creating any
duplicates lint results.  It's the symmetric operation to
setdiffproperty, which already exists.

Test Plan:
We have a new offline linter that I used to test.  This
linter calls getdiffproperty on every run.

1. Tested updating an existing set of lint results by first running
"arc diff" with lint errors caught by the local linter, then later
running offline analysis which catches one other error and updates via
createlintresults.  Ensured the differential lint results were as
expected.

2. Tested the creation of an entirely new diff property through
createlintresults.  I first ran "arc diff --nolint" to skip all lint
results, then ran offline analysis which caught an error and updated
through createlintresults.  Ensured differential lint results were as
expected.

Reviewers: epriestley

Reviewed By: epriestley

CC: dpepper, aran, mgummelt, jungejason, epriestley

Differential Revision: 868
2011-08-30 15:14:27 -07:00
epriestley
39ca1e7e39 Add user.info and phid.info Conduit methods
Summary: Allow user and arbitrary object lookup by PHID.

Test Plan: Executed user.whoami, user.info, user.find and phid.info via Conduit
console.

Reviewers: jungejason, tuomaspelkonen, aran, nh

Reviewed By: nh

CC: skrul, aran, nh, jungejason, epriestley

Differential Revision: 870
2011-08-30 12:46:02 -07:00
epriestley
f7e136ecd2 Remove accidental double-rendering of content sources from Differential
Summary: Oops, I left this in from an earlier version and missed it since I was
mostly looking at Maniphest for testing. We already render this information in
the header, don't additionally render it under the comments.

Test Plan: derp derp, loaded any revision with sourced comments

Reviewers: jungejason, tuomaspelkonen, aran

Reviewed By: jungejason

CC: aran, jungejason

Differential Revision: 871
2011-08-30 12:16:43 -07:00
epriestley
76c11ea32e Add "maniphest.find" to Conduit
Summary: Execute searches like the primary Maniphest task list. Let me know what
else you guys need from this API.

Test Plan: Executed "maniphest.info" and "maniphest.find"

Reviewers: jungejason, tuomaspelkonen, aran, nh

Reviewed By: nh

CC: blair, skrul, aran, jungejason, epriestley, nh, tuomaspelkonen

Differential Revision: 867
2011-08-30 11:09:08 -07:00
epriestley
69445222f7 Track content sources (email, web, conduit, mobile) for replies
Summary:
When an object is updated, record the content source for the update. This mostly
isn't terribly useful but one concrete thing I want to do with it is let admins
audit via-email replies more easily since there are a bunch of options which let
you do hyjinx if you intentionally configure them insecurely. I think having a
little more auditability around this feature is generally good. At some point
I'm going to turn this into a link admins can click to see details.

It also allows us to see how frequently different mechanisms are used, and lets
you see if someone is at their desk or on a mobile or whatever, at least
indirectly.

The "tablet" and "mobile" sources are currently unused but I figured I'd throw
them in anyway. SMS support should definitely happen at some point.

Not 100% sure about the design for this, I might change it to plain text at some
point.

Test Plan: Updated objects and saw update sources rendered.

Reviewers: jungejason, tuomaspelkonen, aran

Reviewed By: jungejason

CC: aran, epriestley, jungejason

Differential Revision: 844
2011-08-30 11:08:27 -07:00
epriestley
764d3d1c65 Make "pcntl" script error more explicit
Summary: This may make it easier to debug problems with CLI + pcntl

Test Plan: Added a syntax error to the script and got more useful output

Reviewers: johnduhart, jungejason, tuomaspelkonen, aran

Reviewed By: johnduhart

CC: aran, johnduhart

Differential Revision: 869
2011-08-29 10:07:25 -07:00
epriestley
0334a92621 Save empty fields as no row, not an empty row
Summary: When a user stores the empty string in an auxiliary field, simply don't
store it, and delete it if it already exists.

Test Plan: Edited a revision with an empty "Quack" field, got an empty row in
the DB. Applied patch, edited empty again, row went away. Edited empty again,
still no row. Edited and put something in the field, got a row.

Reviewers: jungejason, tuomaspelkonen, aran

Reviewed By: jungejason

CC: aran, jungejason

Differential Revision: 865
2011-08-26 16:26:02 -07:00
epriestley
99b9ceb6d7 Fix arcanist documentation to include "set -e" in example SVN hooks
Summary: "set -e" causes the script to exit if any command returns nonzero.
Without it, we incorrectly discard the failure code. At Facebook everything runs
in "set -e" or some equivalent so I never picked this up in testing.

Test Plan:
Added the hook to my svn local, it blocked bad commits and allowed good ones.

  >>> orbital:~/devtools/svnroot $ svn commit -m "quaa"
  Sending        test.php
  Transmitting file data .svn: Commit failed (details follow):
  svn: Commit blocked by pre-commit hook (exit code 1) with output:

  LINT ERRORS

  This changeset has lint errors. You must fix all lint errors before you can
  commit.

  You can add '@bypass-lint' to your commit message to disable lint checks for
  this commit, or '@nolint' to the file with errors to disable lint for that
  file.

  >>> Lint for test.php:

     Error  (XHP1) PHP Syntax Error!
      This file contains a syntax error: XHPAST Parse Error: syntax error,
      unexpected '}' on line 1

      >>>        1 <?php asdddddd;!}}

Reviewers: svemir, jungejason, tuomaspelkonen, aran

Reviewed By: svemir

CC: aran, svemir, epriestley

Differential Revision: 864
2011-08-26 11:51:38 -07:00
epriestley
f4e25b7a35 Sync Phabricator to Javelin HEAD
Summary: cpiro reported a cache inconsistency issue from a push a while ago
which this should fix (see #?????), and we haven't sync'd in a while anyway.

Test Plan: Poked some interfaces very gently.

Reviewers: cpiro, cpojer, tomo, jungejason, tuomaspelkonen, aran

Reviewed By: tomo

CC: aran, epriestley, tomo, cpiro

Differential Revision: 859
2011-08-25 18:14:47 -07:00
Nicholas Harper
8c0e5e1c58 Turn off write guard when saving differential comment cache
Summary:
It is possible to view a comment that has no cache; when viewing such a comment
the request doesn't have a csrf token and there is no need for one, so we turn
off the write guard.

Test Plan:
loaded an old diff that had no cache, and the page loaded instead of throwing
an AphrontCSRFException.

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, epriestley

Differential Revision: 858
2011-08-25 15:45:16 -07:00
moos3
69f7581582 Fixed the missing space after the : for vote 2011-08-23 22:03:56 -04:00
moos3
003694458b fixes 2011-08-23 21:21:00 -04:00
moos3
dd9b15600a added the support for slowvote links from the bot 2011-08-23 21:17:27 -04:00
Evan Priestley
556531cb1c Merge pull request #59 from hwang36/delete_line
Delete one line
2011-08-23 14:34:16 -07:00
epriestley
d1134810d6 Allow insecure mail auth with "Reply-To" header
Summary: Quora wants to handle some moderation tasks with Phabricator, but want
to lower the barrier to entry for the install and let moderators adopt it
gradually. One request is to allow auth rules to be relaxed so we can auth based
on Reply-To to make things easier. This is insecure if configured but not really
a big deal and the patch isn't big or complicated.

Test Plan: Sent a test email with bogus "From" but valid "Reply-To". It was
rejected with this setting off, and allowed with this setting on.

Reviewers: jungejason, tuomaspelkonen, aran

Reviewed By: jungejason

CC: aran, jungejason

Differential Revision: 842
2011-08-23 14:13:04 -07:00
epriestley
04b4f04cb9 Render internal stack frames more reasonably
Summary: Some stack frames do not have file/line information, e.g. __autoload
triggers. Render these as "Internal".

Test Plan: Reloaded a trace with an internal __autoload() frame, got
"(Internal)" instead of ": 0" with warnings.

Reviewers: jungejason, tuomaspelkonen, aran

Reviewed By: jungejason

CC: aran, jungejason

Differential Revision: 843
2011-08-23 14:12:41 -07:00
epriestley
fd0f4d9c52 Delay sending JOIN command until after MOTD finishes for IRC bot
Summary: Do JOIN in the protocol handler, after we receive 376 ("end of motd").

Test Plan: Ran bot, it joined a channel after receieving a 376 command.

Reviewers: moos3, codeblock, aran, jungejason, tuomaspelkonen

Reviewed By: moos3

CC: aran, moos3

Differential Revision: 855
2011-08-23 14:12:30 -07:00
Hua Wang
e903b82fff Delete one line
Summary: Delete one line which has no effect.

Test Plan: Open revision page to make sure it still works.

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, epriestley

Differential Revision: 852
2011-08-23 00:45:43 -07:00
epriestley
30024a8d86 Render full close status, not just "Closed", in Maniphest list view
Summary: Instead of just saying a task is "Closed", say "Resolved", "Wontfix",
etc.

Test Plan: Looked at task list view, saw "Resolved", "Wontfix", etc.

Reviewers: skrul, hunterbridges, jungejason, tuomaspelkonen, aran

Reviewed By: skrul

CC: aran, skrul, jungejason, epriestley

Differential Revision: 851
2011-08-22 18:27:03 -07:00
epriestley
6cae153569 Allow CommitTask daemon to recover from deleted repositories
Summary: If a user partially discovers a repository and then deletes it, the
timeline will have events from the old repository which this daemon won't be
able to parse.

Test Plan: @ajtrichards, can you apply this locally and restart your daemons
(##phd stop##, then relaunch them) and let me know if it fixes the issue?

Reviewers: ajtrichards, jungejason, tuomaspelkonen, aran

Reviewed By: ajtrichards

CC: aran, epriestley, ajtrichards

Differential Revision: 845
2011-08-22 15:41:27 -07:00
Evan Priestley
3dbe60b388 Merge pull request #55 from svemir/patch1
SVN error message may also be "File not found"
2011-08-22 15:22:24 -07:00
Richard
9192a0ecf8 Added the ability for SSL to be fined in the irc_config.json file, if not there we assume that its false and continue on our way. if "ssl":true is in the config then we are going to use ssl:// to make the connection use openssl. 2011-08-22 15:20:57 -07:00
moos3
2d677d3992 added the ability for the irc nick to have a identify password. just add "nickpass":"password" to your irc_config.json file and it will identify on connect" 2011-08-22 15:20:57 -07:00
Svemir Brkic
e4093e8013 SVN error message may also be "File not found" 2011-08-22 17:34:37 -04:00
Nicholas Harper
bd2b557b42 Mark diffusion browse result as empty directory when appropriate
Summary:
When selecting children of a directory, it is possible that none of its
children exist anymore even though the directory still exists. After fetching
the children but before returning them, we should check whether there are any,
and if there are no children, set the reason as empty directory.

Test Plan:
In sandbox, browsed in diffusion to a directory that exists but has no
files and saw that it has a useful message instead of a vague exception.

Reviewers: epriestley, tuomaspelkonen, jungejason

Reviewed By: tuomaspelkonen

CC: aran, tuomaspelkonen

Differential Revision: 846
2011-08-22 14:28:36 -07:00
Richard
fbef90c4c6 Added the ability to support Irc Bots that need to login into private IRC Servers. Requires the following to be added to the config.json file
"user":"authenticationusername",
"pass":"thisuserspassowrd",

This will allow people with internal irc servers to use this if they control access from ldap for irc.
2011-08-22 11:12:34 -07:00
David Reuss
c236e4ad72 Enable support for a single reply-handler for outbound emails
Summary:
This allows you to configure a single mailbox for all mail sent by phabricator,
so you
can keep a mailaddress like bugs@example.com and don't need a catchall on your
domain/subdomain.

Test Plan:
Enabled and disabled suffix. Saw mails generated have to correct prefix. Also
piped raw mails
into the scripts/mail/mail_handler.php and ensured comments went into
phabricator for both maniphest
and differential.

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, epriestley

Differential Revision: 815
2011-08-22 10:20:49 +02:00
epriestley
5bf28498c8 Provide a basic maniphest.createtask method via Conduit
Summary: This could be a lot fancier but let's see what else we need. Also fixed
some bugs with maniphest.info.

Test Plan: Used the Conduit web console to create some tasks with different
values.

Reviewers: jungejason, tuomaspelkonen, aran

Reviewed By: jungejason

CC: aran, jungejason, epriestley

Differential Revision: 824
2011-08-21 14:04:01 -07:00
epriestley
57208dfd52 Strip port numbers from HTTP host headers before comparing them for cookie
purposes

Summary:
Browsers send port numbers (like ":443" or proxy ports) in the Host header and
we'll currently reject them with a message like:

> Blah is configured on "x.y.com" but you are accessing it on "x.y.com:443".

Instead, examine only the host part.

Test Plan: Had my local listen on port 81 and accessed Phabricator before/after
the change; it now works without throwing.

Reviewers: jungejason, tuomaspelkonen, aran

Reviewed By: jungejason

CC: aran, epriestley, abdul, jungejason

Differential Revision: 841
2011-08-21 11:47:28 -07:00
Jason Ge
c04805cde4 Open AphrontWriteGuard for user login
Summary: Open AphrontWriteGuard for user login.

Test Plan: verified that the user can log in.

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, epriestley

Differential Revision: 840
2011-08-19 21:30:10 -07:00
epriestley
411e16771a Make detection/recovery for bad cookies more strict
Summary: When a user has bad cookies, try to clear everything and tell them they
might need to manually clear things.

Test Plan: Added "&& false" to the valid branch and got the exception message.

Reviewers: jungejason

Reviewed By: jungejason

CC: aran, jungejason

Differential Revision: 839
2011-08-19 15:45:35 -07:00
epriestley
67de714a2f Remove (most) support for 'differential.attach-task-class'
Summary:
After D814 and D829, you should be able to implement this logic in the
didWriteRevision() method of the field.

Note that the attacher is still referenced in
ConduitAPI_differential_updatetaskrevisionassoc_Method. This method should
probably be moved to facebook/ since it's pretty Facebook-specific.

No rush on any of this, it's not hurting anything.

Test Plan:
  - Hit differential.getcommitmessage
  - Ran 'arc diff'

Reviewers: jungejason, tuomaspelkonen, aran

Reviewed By: jungejason

CC: aran, jungejason

Differential Revision: 830
2011-08-19 14:10:30 -07:00
epriestley
ed33e59c5a Fix login issue with stale HTTP vs HTTPS cookies
Summary:
In D758, I tightened the scope for which we issue cookies. Instead of setting
them on the whole domain we set them only on the subdomain, and we set them as
HTTPS only if the install is HTTPS.

However, this can leave the user with a stale HTTP cookie which the browser
sends and which never gets cleared. Handle this situation by:

  - Clear all four <domain, https> pairs when clearing cookies ("nuke it from
orbit").
  - Clear 'phsid' cookies when they're invalid.

Test Plan: Applied a hackier version of this patch to secure.phabricator.com and
was able to login with a stale HTTP cookie.

Reviewers: jungejason, tuomaspelkonen, aran

Reviewed By: jungejason

CC: aran, jungejason

Differential Revision: 838
2011-08-19 14:09:41 -07:00
Ricky Elrod
638bb7ae3f Allow files to be attached to Maniphest tasks while the task is being created.
Summary:
This commit lets users who are filing Maniphest tasks to attache files to them
right off the bat.

Test Plan:
{F3545}

and

{F3546}

Reviewers: epriestley, fmoo, aran

CC:

Differential Revision: 837
2011-08-19 12:44:01 -04:00
epriestley
dc39571d63 Simplify default field loadout for Differential
Summary:
Remove the blame revision, revert plan and lines fields from the default field
loadout. (After D829 this doesn't cause issues where we have bogus dictionary
entries.)

You should add these back to the Facebook configuration since Facebook wants
these fields. However, I want to keep the default stack very light and I never
saw a huge amount of value in these fields at Facebook so I don't think they
make the cut. Sorry, tomo. ;_;

Test Plan: Ran "arc diff" locally.

Reviewers: jungejason, tuomaspelkonen, aran

Reviewed By: aran

CC: aran, tomo, epriestley

Differential Revision: 831
2011-08-18 19:51:32 -07:00
epriestley
ebdd6d3d11 Fix a variable typo which prevents metadata from attaching to @mention
Differential comments

Summary: If you @mention several users, at least one of which is already CC'd,
we unset all the CCs and don't attach the "Added CCs: ..." block to the comment.

Test Plan: @mentioned two users, one of whom was already CC'd.

Reviewers: jungejason, tuomaspelkonen, aran

Reviewed By: jungejason

CC: aran, jungejason

Differential Revision: 827
2011-08-18 19:49:52 -07:00
epriestley
0be3db03ee Drive Differential commit message parsing through extensible fields
Summary:
I think this is the last major step -- use the fields to parse commit messages,
not a hard-coded list of stuff. This adds two primary methods to fields, one to
get all the labels they'll parse (so we can do "CC" and "CCs" and treat them as
the same field) and one to parse the string into a canonical representation
(e.g., lookup reviewers and such).

You'll need to impelement the one block of task-specific stuff I removed in
Facebook's task field:

  list($pre_comment) = split(' -- ', $data);
  $data = array_filter(preg_split('/[^\d]+/', $pre_comment));
  foreach ($data as $k => $v) {
    $data[$k] = (int)$v;
  }
  $data = array_unique($data);
  break;

Otherwise I think this is clean.

Test Plan:
  - Called the conduit method with various commit messages, parsed fields/errors
seemed correct.
  - "arc diff"'d this diff onto localhost, then updated it.
  - "arc amend"'d this diff.

Reviewers: jungejason, tuomaspelkonen, aran

Reviewed By: jungejason

CC: aran, jungejason, epriestley

Differential Revision: 829
2011-08-18 19:49:39 -07:00
epriestley
735120b842 Fix bug where CC value is ignored on intial parse from commit message
Summary: While I thought this was complicated, there was nothing subtle or
tricky here -- I just misnamed a variable.

Test Plan: Created a revision with default CCs, got CCs instead of nothing.

Reviewers: aran, jungejason, tuomaspelkonen

Reviewed By: aran

CC: aran

Differential Revision: 834
2011-08-18 13:08:28 -07:00
Jason Ge
4693ffa82b Deprecate generateProperties
Summary:
deprecate generateProperties() from class
DifferentialRevisionDetailRenderer. Custom fields now provides a much
more powerful version of generateProperties().

Depends on D814.

Test Plan:
implemented facebook task field with custom field and
verified it worked.

Reviewers: epriestley, tuomaspelkonen

Reviewed By: epriestley

CC: aran, jungejason, epriestley

Differential Revision: 826
2011-08-18 11:33:10 -07:00
epriestley
2bb4cf149e Fix SendGrid adapter for HTTPSFuture changes. 2011-08-18 09:55:35 -07:00
epriestley
6dc193d3d9 Fully update library map. 2011-08-18 09:52:36 -07:00
epriestley
a67ce60d67 Unguard two external POST endpoints from CSRF. 2011-08-18 07:25:45 -07:00
epriestley
ae7488f710 Drive commit message rendering from field specifications
Summary:
When rendering commit messages, drive all the logic through field specification
classes instead of the hard-coded DifferentialCommitMessageData class. This
removes DifferentialCommitMessageData and support classes.

Note that this effectively reverts D546, and will cause a minor break for
Facebook (Task IDs will no longer render in commit messages generated by "arc
amend", and will not be editable via "arc diff --edit"). This can be resolved by
implementing the feature as a custom field. While I've been able to preserve the
task ID functionality elsewhere, I felt this implementation was too complex to
reasonably leave hooks for, and the break is pretty minor.

Test Plan:
  - Made numerous calls to differential.getcommitmessage across many diffs in
various states, with and without 'edit' and with and without various field
overrides.
  - General behavior seems correct (messages look accurate, and have the
expected information). Special fields like "Reviewed By" and "git-svn-id" seem
to work correctly.
  - Edit behavior seems correct (edit mode shows all editable fields, hides
fields like "Reviewed By").
  - Field overwrite behavior seems correct (overwritable fields show the correct
values when overwritten, ignore provided values otherwise).

Reviewed By: jungejason
Reviewers: jungejason, tuomaspelkonen, aran
CC: aran, jungejason
Differential Revision: 814
2011-08-18 07:20:20 -07:00
epriestley
966778c2bd Improve unhandled exception dialogs
Summary:
Make the unhandled exception dialogs slightly more useful:

  - Make them easier to read.
  - Link to files from Phabricator libraries.
  - Don't show traces by default.
  - Show traces in development mode.
  - Rename button from "Cancel" to "Close" and only show it for Ajax.

Test Plan: Rigged DirectoryHomeController to throw, loaded home page. Changed
stack trace setting in config. Clicked some files in the trace.
Reviewed By: aran
Reviewers: aran, jungejason, tuomaspelkonen, codeblock
CC: aran, epriestley
Differential Revision: 823
2011-08-17 16:23:11 -07:00
epriestley
b291ad9807 Unguard thumbnail generation from CSRF. 2011-08-17 14:39:00 -07:00
epriestley
46b85ab212 Unguard conduit.getcertificate() so it can execute logging writes. 2011-08-17 12:26:30 -07:00
epriestley
0e6bc7c939 Unguard the DarkConsole XHProf profile write. 2011-08-17 12:21:35 -07:00
epriestley
b42b78f65c Unguard another safe write in Conduit token generation. 2011-08-17 12:00:35 -07:00
epriestley
cd3a3bf759 Make Herald Rules sticky in X-Herald-Rules
Summary:
See T354. List every rule which has ever been applied in X-Herald-Rules, not
just the ones which most recently triggered.

Also some random fixes while I was debugging this:

  - When conduit methods throw non-conduit exceptions, make sure they get
logged.
  - Trigger the Facebook "tasks" backcompat block only if we were going to fail
(this should reduce the shakniess of the transition).
  - Fix some log spew from the new field stuff.

Test Plan:
  - Created a rule (ID #3) "No Zebras" which triggers for revisions without
"zebra" in the title.
  - Created a revision without "zebra" in the title, got X-Herald-Rules: <2>,
<3>
  - Updated revision to have "zebra" in the title, verified rule did not trigger
in Herald transcript.
  - Verified X-Herald-Rules is still: <2>, <3>

Reviewed By: aran
Reviewers: aran, jungejason, tuomaspelkonen
CC: aran, epriestley
Differential Revision: 817
2011-08-17 10:38:29 -07:00
epriestley
90be65f6ec This write should also be unguarded, it is not vulnerable to CSRF. 2011-08-17 10:12:30 -07:00
epriestley
88eb6410b3 This is also an unguarded but CSRF-safe cache write. 2011-08-16 14:44:13 -07:00
epriestley
30abed8b05 Fix minor CSRF-patch issues. 2011-08-16 14:39:01 -07:00
epriestley
a3700022a8 Defer initial preview until CSRF header for JX.Request loads. 2011-08-16 14:31:52 -07:00
epriestley
2d22226ff0 Unguard the Differential update time write on GET. 2011-08-16 13:50:47 -07:00
epriestley
74f3112b1c Allow daemons to perform writes unconditionally. 2011-08-16 13:43:51 -07:00
epriestley
0964a9123f These conduit methods SHOULD allow unguarded writes. 2011-08-16 13:38:14 -07:00
epriestley
39b4d20ce5 Create AphrontWriteGuard, a backup mechanism for CSRF validation
Summary:
Provide a catchall mechanism to find unprotected writes.

  - Depends on D758.
  - Similar to WriteOnHTTPGet stuff from Facebook's stack.
  - Since we have a small number of storage mechanisms and highly structured
read/write pathways, we can explicitly answer the question "is this page
performing a write?".
  - Never allow writes without CSRF checks.
  - This will probably break some things. That's fine: they're CSRF
vulnerabilities or weird edge cases that we can fix. But don't push to Facebook
for a few days unless you're prepared to deal with this.
  - **>>> MEGADERP: All Conduit write APIs are currently vulnerable to CSRF!
<<<**

Test Plan:
  - Ran some scripts that perform writes (scripts/search indexers), no issues.
  - Performed normal CSRF submits.
  - Added writes to an un-CSRF'd page, got an exception.
  - Executed conduit methods.
  - Did login/logout (this works because the logged-out user validates the
logged-out csrf "token").
  - Did OAuth login.
  - Did OAuth registration.

Reviewers: pedram, andrewjcg, erling, jungejason, tuomaspelkonen, aran,
codeblock
Commenters: pedram
CC: aran, epriestley, pedram
Differential Revision: 777
2011-08-16 13:29:57 -07:00
epriestley
68c30e1a71 Provide a setting which forces all file views to be served from an alternate
domain

Summary:
See D758, D759.

  - Provide a strongly recommended setting which permits configuration of an
alternate domain.
  - Lock cookies down better: set them on the exact domain, and use SSL-only if
the configuration is HTTPS.
  - Prevent Phabriator from setting cookies on other domains.

This assumes D759 will land, it is not effective without that change.

Test Plan:
  - Attempted to login from a different domain and was rejected.
  - Logged out, logged back in normally.
  - Put install in setup mode and verified it revealed a warning.
  - Configured an alterate domain.
  - Tried to view an image with an old URI, got a 400.
  - Went to /files/ and verified links rendered to the alternate domain.
  - Viewed an alternate domain file.
  - Tried to view an alternate domain file without the secret key, got a 404.

Reviewers: andrewjcg, erling, aran, tuomaspelkonen, jungejason, codeblock
CC: aran
Differential Revision: 760
2011-08-16 13:21:46 -07:00
epriestley
355b753df7 Prevent file download without POST + CSRF
Summary: This prevents <applet /> attacks unless the attacker can upload an
applet which has a viewable MIME type as detected by `file`. I'm not sure if
this is possible or not. It should, at least, narrow the attack window. There
are no real tradeoffs here, this is probably a strictly better application
behavior regardless of the security issues.
Test Plan:
  - Tried to download a file via GET, got redirected to info.
  - Downloaded a file via POST + CSRF from the info page.

Reviewers: andrewjcg, erling, aran, jungejason, tuomaspelkonen
CC: aran
Differential Revision: 759
2011-08-16 13:19:16 -07:00
epriestley
3aa17c7443 Prevent CSRF uploads via /file/dropupload/
Summary:
We don't currently validate CSRF tokens on this workflow. This allows an
attacker to upload arbitrary files on the user's behalf. Although I believe the
tight list of servable mime-types means that's more or less the end of the
attack, this is still a vulnerability.

In the long term, the right solution is probably to pass CSRF tokens on all Ajax
requests in an HTTP header (or just a GET param) or something like that.
However, this endpoint is unique and this is the quickest and most direct way to
close the hole.

Test Plan:
  - Drop-uploaded files to Files, Maniphest, Phriction and Differential.
  - Modified CSRF vaidator to use __csrf__.'x' and verified uploads and form
submissions don't work.

Reviewers: andrewjcg, aran, jungejason, tuomaspelkonen, erling
Commenters: andrewjcg, pedram
CC: aran, epriestley, andrewjcg, pedram
Differential Revision: 758
2011-08-16 13:19:10 -07:00
epriestley
735847865c Improve error messages when hitting PHP file upload issues
Summary: See T429. When you hit certain errors, you get less-than-helpful
messages like "upload error 3". Instead, produce human-readable errors.
Test Plan: Simulated errors, verified user receives decent error messages.
Reviewed By: aran
Reviewers: jungejason, tuomaspelkonen, aran, startupguy
CC: aran
Differential Revision: 816
2011-08-16 13:16:41 -07:00
epriestley
ec0d91a3ff Drive revision update from Conduit via custom fields
Summary:
When we create or update a revision, we use a parsed commit message dictionary
to edit its fields. Drive consumption of the dictionary through custom fields
instead of hardcoding.

This requires adding some fields which don't really do anything right now to
cover fields which appear only in the commit message.

Test Plan: "arc diff"'d this revision against localhost, "arc diff"'d again to
update.
Reviewed By: jungejason
Reviewers: jungejason, tuomaspelkonen, aran
CC: aran, jungejason
Differential Revision: 811
2011-08-15 10:25:54 -07:00