1
0
Fork 0
mirror of https://we.phorge.it/source/phorge.git synced 2024-11-18 04:42:40 +01:00
Commit graph

6269 commits

Author SHA1 Message Date
epriestley
be26c6a5c1 Refactor repository reparse scripts to be more useful
Summary:
Splitting up D960 a bit, see that for context.

We currently have two scripts, "parse_one_commit.php" and
"reparse_all_commit_messages.php", but they're sort of silly and you can't do
certain things with them. Replace them with one script which is more flexible
and can do specific reparse steps on individual commits or entire repos.

I left the old scripts as stubs since I think there are some FB wiki docs and
stuff that mention them. I'll delete them in a month or whenever I remember or
something.

Test Plan: Ran "reparse.php" with various arguments, including vs-one-commit,
vs-repository, with --trace, and against different types of repos.

Reviewers: Makinde, jungejason, nh, tuomaspelkonen, aran

Reviewed By: jungejason

CC: aran, jungejason

Differential Revision: 964
2011-09-27 17:20:04 -07:00
tuomaspelkonen
7b8b469da3 Changed the postponed unit tests warning message
Summary:
Postponed unit tests are not unit tests with problems. The results
just haven't arrived yet.

Test Plan: Tested accepting a diff with unit status 1, 3, 5 (ok, errors,
postponed)

Reviewers: jungejason, epriestley

Reviewed By: epriestley

CC: aran, epriestley, tuomaspelkonen

Differential Revision: 969
2011-09-27 13:00:36 -07:00
epriestley
9155369668 Add a helper function to DiffusionPathIDQuery
Summary:
Just breaking D960 into some smaller parts, this is a standalone method used in
Mercurial parsing.

(There's a bad version of this function in the SVN stuff but I'll get rid of it
the next time I'm in there.)

Test Plan: See D960.

Reviewers: Makinde, jungejason, nh, tuomaspelkonen, aran

Reviewed By: Makinde

CC: aran, Makinde

Differential Revision: 965
2011-09-27 11:05:12 -07:00
epriestley
cd71098110 Detect commits by hash relationships
Summary:
When we discover a new commit and it has a known local commit or tree hash, mark
it committed.

This supports Mercurial and Git-Immutable workflows, and improves
hybrid-Git-Mutable workflows and covers some cases where poeple just make
mistakes or whatever.

Test Plan: Parsed Mercurial, Git and SVN commits.

Reviewers: Makinde

Reviewed By: Makinde

CC: aran, Makinde

Differential Revision: 963
2011-09-27 11:04:56 -07:00
epriestley
3ce0c602ec Improve Diffusion parser linking of author names
Summary: See T502. Under some VCS setups, we get full email addresses instead of
usernames or real names. Try harder to find matches, by falling back to email
address parsing if we don't get hits on the straight-up token parsing.

Test Plan:
This is difficult to test because it depends on the account state and repository
state, and hard to pull out so it's more testable without better mocking
facilities. I just dumped this into the parser to verify the behavior:

  foreach (array(
    'epriestley',
    'Evan Priestley',
    'epriestley@epriestley.com',
    'derp <epriestley@epriestley.com>',
    '"Evan Priestley" <derpderpderp@derpderpderp.com>',
    'quackderp <derpderpderp@derpderpderp.com>',
    ) as $email) {
    echo "{$email} = ".$this->resolveUserPHID($email)."\n";
  }
  die();

  Running PhabricatorRepositoryGitCommitMessageParserWorker...
  epriestley = PHID-USER-79f25616ea2635089a31
  Evan Priestley = PHID-USER-79f25616ea2635089a31
  epriestley@epriestley.com = PHID-USER-1bec59b91be6223f07fd
  derp <epriestley@epriestley.com> = PHID-USER-1bec59b91be6223f07fd
  "Evan Priestley" <derpderpderp@derpderpderp.com> =
PHID-USER-79f25616ea2635089a31
  quackderp <derpderpderp@derpderpderp.com> =

This is expected (all variations of my identity parsed correctly, and the bogus
one failed). There are two different user PHIDs in the result set because I have
like 30 different similar accounts on my local, including one called "derp" and
another one with address "derp@derp.com", which prevented an earlier version of
this test case from working correctly.

Reviewers: zachallia, aran, Makinde, jungejason, nh, tuomaspelkonen

Reviewed By: jungejason

CC: aran, jungejason

Differential Revision: 968
2011-09-27 11:04:49 -07:00
epriestley
2fc3acc969 Improve time localization code
Summary:
  - We throw on a missing date right now, in the DateTime constructor. This can
happen in reasonable cases and this is display code, so handle it more
gracefully (see T520).
  - This stuff is a little slow and we sometimes render many hundreds of dates
per page. I've been seeing it in profiles on and off. Memoize timezones to
improve performance.
  - Some minor code duplication that would have become less-minor with the
constructor change, consolidate the logic.
  - Add some unit tests and a little documentation.

Test Plan:
  - Ran unit tests.
  - Profiled 1,000 calls to phabricator_datetime(), cost dropped from ~49ms to
~19ms with addition of memoization. This is still slower than I'd like but I
don't think there's an easy way to squeeze it down further.

Reviewers: ajtrichards, jungejason, nh, tuomaspelkonen, aran

Reviewed By: ajtrichards

CC: aran, ajtrichards, epriestley

Differential Revision: 966
2011-09-27 09:25:16 -07:00
epriestley
016b060aea Add a relation table for Revisions to local commit hashes
Summary:
This allows us to performantly query for diffs related to a given local hash.
Immediate applications are:

  - Commit detection in Mercurial and Git-Immutable workflows.
  - Some async unit test stuff @mgummelt was doing.

Test Plan:
Diffed locally under SVN/Git/hg, checked the table, got sensible output.

  mysql> select * from differential_revisionhash;
  +------------+------+------------------------------------------+
  | revisionID | type | hash                                     |
  +------------+------+------------------------------------------+
  |         40 | gtcm | 8c6fb2f95598a50f7aac64a5f4cc6c12b5db42f5 |
  |         40 | gttr | 54710e361a465f4ff39565a93b2a221b6e7dd07c |
  |         41 | hgcm | c29cb69aec14                             |
  |         41 | hgcm | e7309be4eabb                             |
  |         41 | hgcm | 4e885caeff60                             |
  |         41 | hgcm | 213ee1cd30ea                             |
  |         41 | hgcm | b4050fb3490f                             |
  |         41 | hgcm | 72a76bd7ffa2                             |
  |         41 | hgcm | 06c2687e63fb                             |
  |         41 | hgcm | 2b464bde6b48                             |
  +------------+------+------------------------------------------+
  10 rows in set (0.00 sec)

NOTE: Mercurial hashes are short-form but I'll shoot out a separate Arcanist
diff to fix this.

Reviewers: Makinde, fratrik, mgummelt, jungejason, nh, tuomaspelkonen, aran

Reviewed By: Makinde

CC: aran, Makinde

Differential Revision: 961
2011-09-26 15:02:37 -07:00
epriestley
d0b6602e29 Add an option to switch tokenizers to use "ondemand" instead of "preloaded"
datasources

Summary:
The open source Phabricator has like 3,500 user accounts now and it takes a
while to pull/render them. Add an option to switch to ondemand for large
installs.

I'll follow up with a patch at some point to address a couple of name things:

  - Denormalize last names into a keyed column (although this evidences some
bias toward the western world).
  - Force all usernames to lowercase (sorry Girish, Makinde).

Also this patch is so clean it's crazy.

Didn't bother with other object types for now, I'm planning to dedicate a few
days to Projects at some point and I'll flesh out some auxiliary features like
this when I do that.

Test Plan: Switched to ondemand, verified data was queried dynamically. Switched
back, verified data was preloaded.

Reviewers: jungejason, nh, tuomaspelkonen, aran

Reviewed By: nh

CC: aran, epriestley, nh

Differential Revision: 923
2011-09-21 14:22:01 -07:00
epriestley
1c1f749eba Add an "arcanist.projectinfo" Conduit call
Summary:
We currently rely on "remote_hooks_enabled" in .arcconfig to determine whether
commands like "arc amend" and "arc merge" should imply "arc mark-committed".

However, this is a historical artifact that is now bad for a bunch of reasons:

  - The option name is confusing, it really means 'repository is tracked'.
  - The option is hard to discover and generally sucks.
  - We can empirically determine the right answer since we now know if a project
is in a tracked repository.

Add a call which arcanist can make on these workflows to figure out if it is
interacting with a project in a tracked repository or not.

Also added an "isTracked()" convenience method to reduce the number of magic
strings all over the place.

Test Plan: Ran "arcanist.projectinfo" for nonexistent, untracked and tracked
projects.

Reviewers: Makinde, jungejason, nh, tuomaspelkonen, aran

Reviewed By: Makinde

CC: aran, epriestley, Makinde

Differential Revision: 945
2011-09-21 14:19:14 -07:00
epriestley
93b3bc8e89 Add a Mercurial message parser
Summary:
See D943, this is the second parse stage. This will mark Differential revisions
as "Committed" among other things.

Almost all the logic here is shared between VCSes so the implementation itself
is straightforward.

Test Plan: Parsed all messages for the official Mercurial repository.

Reviewers: Makinde, jungejason, nh, tuomaspelkonen, aran

Reviewed By: Makinde

CC: aran, Makinde

Differential Revision: 944
2011-09-16 11:09:39 -07:00
epriestley
e0b86cc81b Add a Mercurial commit discovery daemon
Summary:
Repository import has three major steps:

  - Commit discovery (serial)
  - Message parsing (parallel, mostly VCS independent)
  - Change parsing (parallel, highly VCS dependent)

This implements commit discovery for Mercurial, similar to git's parsing:

  - List the heads of all the branches.
  - If we haven't already discovered them, follow them back to their roots (or
the first commit we have discovered).
  - Import all the newly discovered commits, oldest first.

This is a little complicated but it ensures we discover commits in depth order,
so the discovery process is robust against interruption/failure. If we just
inserted commits as we went, we might read the tip, insert it, and then crash.
When we ran again, we'd think we had already discovered commits older than HEAD.

This also allows later stages to rely on being able to find Phabricator commit
IDs which correspond to parent commits.

NOTE: This importer is fairly slow because "hg" has a large startup time
(compare "hg --version" to "git --version" and "svn --version"; on my machine,
hg has 60ms of overhead for any command) and we need to run many commands (see
the whole "hg id" mess). You can expect something like 10,000 per hour, which
means you may need to run overnight to discover a large repository (IIRC, the
svn/git discovery processes are both about an order of magnitude faster). We
could improve this with batching, but I want to keep it as simple as possible
for now.

Test Plan: Discovered all the commits in the main Mercurial repository,
http://selenic.com/repo/hg.

Reviewers: Makinde, jungejason, nh, tuomaspelkonen, aran

Reviewed By: Makinde

CC: aran, Makinde

Differential Revision: 943
2011-09-16 11:08:52 -07:00
epriestley
209179a74a Remove tests for JX.$.NotFound from Phabricator
Summary: See D939. Regardless of what we do there, these will break, and they're
pretty silly anyway (see the giant caveat comments in the second one).

Test Plan: Clicked a direct-jump comment link, did save/cancel for inline
comments.

Reviewers: phil, cpojer, tomo, mroch

Reviewed By: phil

CC: aran, phil

Differential Revision: 940
2011-09-16 00:49:10 -07:00
epriestley
8396c879b1 Support Mercurial in test_connection.php
Summary: Add Mercurial support to this script.

Test Plan: Connected to public and private Bitbucket mercurial repos,
successfully (with valid credentials) and unsuccessfully (without valid
credentials).

Reviewers: Makinde, jungejason, nh, tuomaspelkonen, aran

Reviewed By: jungejason

CC: aran, jungejason

Differential Revision: 938
2011-09-15 14:50:29 -07:00
epriestley
cd4f954b99 Document mercurial and immutable history doctrines
Summary: Explains how to use the immutable history doctrine and mercurial.
Recommends "one idea is one commit".

Test Plan: Read documentation.

Reviewers: fratrik, Makinde, aran, jungejason, tuomaspelkonen, cpiro

Reviewed By: cpiro

CC: aran, cpiro, epriestley, ide

Differential Revision: 861
2011-09-15 07:45:22 -07:00
epriestley
b64f252f8b Fix a dirname() edge case in Diffusion
Summary:
dirname('x') returns '.', not '/'; this caused some issues for repositories with
files at the root.

There are some cases in the parsers where I should probably swap this out too
but I'll wait until I'm doing some more rigorous testing since that stuff is a
bit fragile and this fixes an immediate issue.

Test Plan: Ran unit tests. Viewed a file at root level in a test repository.

Reviewers: jungejason, nh, tuomaspelkonen, aran

Reviewed By: nh

CC: aran, nh

Differential Revision: 932
2011-09-15 07:45:15 -07:00
epriestley
43a3f4d234 Build an "affected path" index when attaching diffs to revisions
Summary: See T262. This creates the index on the Differential side which we need in order to execute this query efficiently on the Diffusion side.

Also renames "DiffusionGitPathIDQuery" to "DiffusionPathIDQuery", this query object has nothing to do with git.

Test Plan: Attached top-level and sub-level diffs to revisions and verified they populated the table with sensible data.

Reviewers: bmaurer, aravindn, fmoo, jungejason, nh, tuomaspelkonen, aran

CC:

Differential Revision: 931
2011-09-15 07:45:14 -07:00
Nick Harper
6a93029288 Merge branch 'doc' 2011-09-14 10:50:46 -07:00
Jason Ge
5284053c0e Add X-Frame-Options for all response
Summary:
we use to only add X-Frame-Options for AphrontWebpageResponse.
There some security concern about it. Example of a drag-drop attack:
http://sites.google.com/site/tentacoloviola/. The fix is to add it to
all AphrontResponse.

Test Plan:
View page which disalble this option still works (like the
xhpast tree page); verify that the AphrontAjaxResponse contains the
X-Frame-Options in the header.

Reviewers: epriestley, benmathews

Reviewed By: epriestley

CC: nh, aran, jungejason, epriestley

Differential Revision: 926
2011-09-14 10:43:24 -07:00
epriestley
2f218ac745 Provide more thorough defaults in the configuration guide template
Summary: Feedback from @makinde. These are easy (and necessary) to configure so
we might as well give the user a heads up.

Test Plan: Regenerated the documentation and read "Configuration Guide".

Reviewers: Makinde, jungejason, nh, tuomaspelkonen, aran

Reviewed By: Makinde

CC: aran, Makinde

Differential Revision: 929
2011-09-14 09:52:19 -07:00
epriestley
a42f116749 Allow "!accept" to be enabled through configuration
Summary: For reasons explained in the config I've omitted this from the default
action set, but it's trivial to support it. See D916.

Test Plan: Commented on a revision, was informed I could "!accept" in the email.
Used "!accept" to accept the revision.

Reviewers: Makinde, jungejason, nh, tuomaspelkonen, aran

Reviewed By: Makinde

CC: aran, Makinde

Differential Revision: 928
2011-09-14 09:52:13 -07:00
epriestley
9215d330ad Fix generateChronologicalKey() for 32-bit machines
Summary: This method relies on 64-bit math being available, which isn't a safe
assumption. Use the builtin bc functions instead for arbitrarily large integers.

Test Plan: @skrul, can you apply this locally and let me know if it works?

Reviewers: skrul, hunterbridges, jungejason, nh, tuomaspelkonen, aran

Reviewed By: skrul

CC: aran, skrul, epriestley

Differential Revision: 912
2011-09-14 09:03:45 -07:00
epriestley
4bec2579d5 Some documentation updates. 2011-09-14 08:02:31 -07:00
epriestley
1620bce842 Add Google as an OAuth2 provider (BETA)
Summary:
This is pretty straightforward, except:

  - We need to request read/write access to the address book to get the account
ID (which we MUST have) and real name, email and account name (which we'd like
to have). This is way more access than we should need, but there's apparently no
"get_loggedin_user_basic_information" type of call in the Google API suite (or,
at least, I couldn't find one).
  - We can't get the profile picture or profile URI since there's no Plus API
access and Google users don't have meaningful public pages otherwise.
  - Google doesn't save the fact that you've authorized the app, so every time
you want to login you need to reaffirm that you want to give us silly amounts of
access. Phabricator sessions are pretty long-duration though so this shouldn't
be a major issue.

Test Plan:
  - Registered, logged out, and logged in with Google.
  - Registered, logged out, and logged in with Facebook / Github to make sure I
didn't break anything.
  - Linked / unlinked Google accounts.

Reviewers: Makinde, jungejason, nh, tuomaspelkonen, aran

Reviewed By: aran

CC: aran, epriestley, Makinde

Differential Revision: 916
2011-09-14 07:32:04 -07:00
epriestley
4da43b31a3 Add Mercurial repository configuration and local pull support
Summary: No actual parsing/import yet, but now you can define and pull Mercurial
repositories. I merged most of the local pull code so we can share it between
hg/git.

Test Plan:
  - Created a new Mercurial repository to track Codeigniter off Bitbucket
  - Edited / saved / etc.
  - Launched the mercurial pull daemon, it pulled the repo. Killed and
relaunched, it updated the repo.
  - Launched the git fetch deamon, it still works correctly.

Reviewers: Makinde, aran, jungejason, tuomaspelkonen

Reviewed By: Makinde

CC: aran, Makinde

Differential Revision: 793
2011-09-14 07:28:22 -07:00
Nick Harper
96d58d8ad3 Fixed documentation in PhabricatorProjectSubproject
Summary:
Changed the documentation to describe the project-subproject join table
instead of the task-project join table.

Test Plan:
none

Reviewers:
epriestley, cadamo

CC:

Differential Revision: 927
2011-09-13 21:21:12 -07:00
epriestley
03fb1887d3 Fix file URI perf regression
Summary:
The CSRF changes meant that we can't generate a file URI with just its PHID
anymore, and converted a mathematical function into a service call.
Unfortunately, this caused massive perf problems in some parts of the
application, critically handles, where loading N users became N single gets.
Derp derp derp. Remedy this by doing a single multiget. This substantially
improves performance of many interfaces, particularly the Maniphest task list.

I need to go through the rest of the PhabricatorFileURI callsites and get rid of
them, but I think this is the most substantive one.

Test Plan: Profiled Maniphest task list, queries went from >100 to a handful.
Explosion of multiderp. :/ Looked at some views with profile photos to verify
they still render accurately.

Reviewers: jungejason, nh, tuomaspelkonen, aran

Reviewed By: aran

CC: aran

Differential Revision: 921
2011-09-13 10:33:56 -07:00
epriestley
888af7309a Add a simple symbol lookup interface for cross-references
Summary: This will get fancier, but here's a basic interface for doing symbol
lookups. Still all pretty tentative.

Test Plan: Looked up various things, got some sensible results.

Reviewers: jungejason, nh, tuomaspelkonen, aran

Reviewed By: tuomaspelkonen

CC: aran, tuomaspelkonen

Differential Revision: 900
2011-09-13 08:49:45 -07:00
epriestley
77ed7ade66 Add symbol import scripts for crossref features
Summary: Adds a script to import symbols from a ctags-like format, and another
to generate that format for PHP files.

Test Plan:
Ran it on Phabricator:

  mysql> select * from repository_symbol limit 200, 20;

+-------------------+---------------------------------------------------+------------+----------------+--------+------------+
  | arcanistProjectID | symbolName                                        |
symbolType | symbolLanguage | pathID | lineNumber |

+-------------------+---------------------------------------------------+------------+----------------+--------+------------+
  |                 1 | DifferentialDiffViewController                    |
class      | php            |     52 |         19 |
  |                 1 | DifferentialInlineCommentEditController           |
class      | php            |    308 |         19 |
  |                 1 | DifferentialInlineCommentPreviewController        |
class      | php            |  10543 |         19 |
  |                 1 | DifferentialRevisionEditController                |
class      | php            |  10544 |         19 |
  |                 1 | DifferentialRevisionListController                |
class      | php            |  10545 |         19 |
  |                 1 | DifferentialRevisionViewController                |
class      | php            |    142 |         19 |
  |                 1 | DifferentialSubscribeController                   |
class      | php            |  10546 |         19 |
  |                 1 | DifferentialRevisionListData                      |
class      | php            |     58 |         19 |
  |                 1 | DifferentialCommentEditor                         |
class      | php            |     39 |         19 |
  |                 1 | DifferentialRevisionEditor                        |
class      | php            |     42 |         24 |
  |                 1 | DifferentialFieldSpecificationIncompleteException |
class      | php            |  10547 |         19 |
  |                 1 | DifferentialFieldDataNotAvailableException        |
class      | php            |  10548 |         19 |
  |                 1 | DifferentialFieldParseException                   |
class      | php            |  10549 |         19 |
  |                 1 | DifferentialFieldValidationException              |
class      | php            |  10550 |         19 |
  |                 1 | DifferentialFieldSelector                         |
class      | php            |  10551 |         19 |
  |                 1 | DifferentialDefaultFieldSelector                  |
class      | php            |  10552 |         19 |
  |                 1 | DifferentialApplyPatchFieldSpecification          |
class      | php            |  10553 |         19 |
  |                 1 | DifferentialArcanistProjectFieldSpecification     |
class      | php            |  10554 |         19 |
  |                 1 | DifferentialAuthorFieldSpecification              |
class      | php            |  10555 |         19 |
  |                 1 | DifferentialFieldSpecification                    |
class      | php            |  10556 |         35 |

+-------------------+---------------------------------------------------+------------+----------------+--------+------------+
  20 rows in set (0.00 sec)

Reviewers: jungejason, nh, tuomaspelkonen, aran

Reviewed By: tuomaspelkonen

CC: aran, tuomaspelkonen

Differential Revision: 898
2011-09-13 08:49:44 -07:00
epriestley
cd05c960ff Add storage for repository symbol tracking
Summary: See T315 for an extensive description of this feature. Adds the
descibed storage table.

Test Plan: Used phpsh to read/write symbol objects.

Reviewers: jungejason, nh, tuomaspelkonen, aran

Reviewed By: tuomaspelkonen

CC: aran, epriestley, tuomaspelkonen

Differential Revision: 897
2011-09-13 08:49:44 -07:00
epriestley
63e96703d8 Fix CSRF issue with image proxying
Summary: This got caught in the CSRF filter but is a safe write.

Test Plan: Pasted the URI for a picture of a goat into a diff, saw a goat.

Reviewers: aran, jungejason

Reviewed By: aran

CC: aran

Differential Revision: 910
2011-09-13 08:49:16 -07:00
epriestley
8f772929ac Use a password input for HTTP Basic Auth in repositories
Summary: See D902. As @abdul notes, a password input is probably more
appropraite here.

Test Plan: Mashed stuff into it, got bullets instead of text.

Reviewers: abdul, jungejason, nh, tuomaspelkonen, aran

Reviewed By: nh

CC: aran, nh

Differential Revision: 913
2011-09-13 08:49:07 -07:00
epriestley
0366936d4c Set default content to "" (empty string), not null, in PhrictionDocumentEditor
Summary: phriction.edit allows you to omit the content string, meaning "don't
edit content". If you're also creating the page, we currently break in a
terrible, horrible, no-good, very-bad way because 'content' can't be null.
Default to empty string instead so phriction.edit creates an empty page instead
of a broken mess.

Test Plan: Called phriction.edit on a new page with no content.

Reviewers: skrul, jungejason, nh, tuomaspelkonen, aran

Reviewed By: skrul

CC: aran, skrul

Differential Revision: 920
2011-09-13 08:48:56 -07:00
Jaap Weel
bd778b4c8e Allow Diffusion to display PDF files
Summary:
When Diffusion encounters an image file, it displays it as an
image, but when it encounters a PDF file, it currently shows only some
gibberish. This fixes that.

Test Plan:
I tried it. Embedding a large PDF in a data URL is a little
bit slow, but it works.

Reviewers: tuomaspelkonen, epriestley, gc3, waltermundt, jungejason, nh

Reviewed By: epriestley

CC: aran, tuomaspelkonen, epriestley, jaapweel

Differential Revision: 915
2011-09-09 13:14:49 -07:00
mgummelt
7f601a78d3 Merge branch 'master' of github.com:facebook/phabricator into unit_status 2011-09-08 18:24:54 -07:00
mgummelt
40b8e352ad Include the unit status in the getdiff conduit method
Summary:
We need to query the unit status in order to determine if
there are postponed unit tests to update after running "arc unit"

Test Plan:
1) set my conduit uri to a server running the new code
2) ensured unitStatus existed when retrieving a diff

Reviewers: epriestley

Reviewed By: epriestley

CC: dpepper, aran, epriestley

Differential Revision: 918
2011-09-08 18:24:13 -07:00
epriestley
87309734cc Nuke sessions from the database when users logout
Summary:
@tomo ran into an issue where he had some non-SSL-only cookie or whatever, so
"Logout" had no apparent effect. Make sure "Logout" really works by destroying
the session.

I originally kept the sessions around to be able to debug session stuff, but we
have a fairly good session log now and no reprorted session bugs except for all
the cookie stuff. It's also slightly more secure to actually destroy sessions,
since it means "logout" breaks any cookies that attackers somehow stole (e.g.,
by reading your requests off a public wifi network).

Test Plan: Commented out the cookie clear and logged out. I was logged out and
given a useful error message about clearing my cookies.

Reviewers: jungejason, nh, tuomaspelkonen, aran

Reviewed By: aran

CC: tomo, aran, epriestley

Differential Revision: 911
2011-09-08 14:30:16 -07:00
Evan Priestley
206546a6e3 Merge pull request #62 from abdul/master
Differential Revision: D909
2011-09-08 13:56:12 -07:00
Abdul Qabiz
6355b291ed - Added getRemoteCommandFuture(..) and getLocalCommand Future(..) methods to PhabricatorRepository
- Removed irrelevant csprintf(..)
  - Updated code to use $repository->getRemoteURI()
  - Updated code to use getRemoteCommandFuture(..) in Diffusion code
  - Updated code to use $repository->getRemoteURI()
2011-09-09 01:16:48 +05:30
epriestley
e3a9d73fe1 Add keyfile and HTTP Basic auth support to repositories
Summary: I still need to go through all the daemon and Diffusion code and change
the bare execx() calls to $repository->execxXXX() to actually make this work,
but we're getting close.

Test Plan: Configured repositories with various HTTP / SVN setups and ran the
test_connection.php script to verify keys were located and added and
username/password information was supplied.

Reviewers: jungejason, nh, tuomaspelkonen, aran

Reviewed By: nh

CC: aran, nh, jungejason

Differential Revision: 902
2011-09-07 13:22:08 -07:00
epriestley
40c1450129 Add an explicit test for the availablility of 'php' from the command line during
setup

Summary: See T481. We'll fail the pcntl test if we don't have this, in a
potentially confusing way. Test and detect missing 'php' explicitly before we
try the pcntl test, so we can give the user a better error message.

Test Plan: In setup mode, did a good run and then faked it to execute 'phpx'
instead to get a failure.

Reviewers: johnduhart, jungejason, tuomaspelkonen, aran

Reviewed By: tuomaspelkonen

CC: aran, epriestley, tuomaspelkonen

Differential Revision: 878
2011-09-07 13:20:39 -07:00
Jun Ge
9dde79a732 Merge pull request #61 from hwang36/imageLineNum
Enable comments for image
2011-09-06 18:45:32 -07:00
Hua Wang
cd6eb836f6 Enable comments for image
Summary: Added line number 1 for each image and added code to display the
comments for each image.

Test Plan: Adding an image in my local directory and create a revision for it.
Click line number 1, and the comment window prompts.  Adding and save the
comment. The comment shows in the differential comment list and in the inline
comment.  Submit the comment.  Create more comments for the image and the
"Previous" and "Next" buttons all work well.

Reviewers: epriestley, jungejason

CC:

Differential Revision: 901
2011-09-06 18:11:41 -07:00
epriestley
cd7ba81d83 Use "Best" URI when linking to files from Maniphest file previews
Summary: Previously, this code accidentally did not use the best URI. Instead,
use the best URI. It's the best, obviously.

Test Plan: Uploaded a binary file and then clicked the preview.

Reviewers: hunterbridges, jungejason, nh, tuomaspelkonen, aran

Reviewed By: tuomaspelkonen

CC: aran, tuomaspelkonen

Differential Revision: 905
2011-09-06 15:35:30 -07:00
epriestley
1df7d4039e Store repository credentials with repositories
Summary:
Move toward storing credentials in configuration so it's easier to get the
daemons working. This should eventually solve all the key juggling junk you have
to do right now.

This only gets us part of the way to actually using these credentials in the
daemons since I have to go swap everything for $repository->execBlah().

I tried to write a web "Test Connection" button but it was too much of a mess to
get git to work since git doesn't give you access to its SSH command and SSH has
a bunch of interactive prompts which you can't really do anything about without
it or a bunch of ~/.ssh/config editing. This is what Git recommends:

https://git.wiki.kernel.org/index.php/GitFaq#How_do_I_specify_what_ssh_key_git_should_use.3F

..but it's not a great match for this use case.

Test Plan:
  - Only partial.
  - Ran "test_connection.php" on a Git repo with and without SSH, and with and
without valid credentials. This part works properly.
  - Ran "test_connection.php" on a public SVN repo, but I don't have private or
WEBDAV repos set up at the moment.
  - Mercurial doesn't work yet.
  - Daemons haven't been converted yet.

Reviewers: jungejason, tuomaspelkonen, aran

Reviewed By: jungejason

CC: aran, abdul, nmalcolm, epriestley, jungejason

Differential Revision: 888
2011-09-06 08:58:00 -07:00
epriestley
e875c81f6d Remove blameRevision and revertPlan from the DifferentialRevision schema
Summary:
These fields use auxiliary storage now. Migrate the data and get rid of the
columns in the main table.

  - This might take a little while to run, although there are <500k rows so
probably not too long.
  - Maybe grab a backup of the table first, if I screwed something up this will
delete the data in these fields.

Test Plan:
  - Ran migration locally.
  - Browsed Differential.
  - Grepped for "revertPlan" and "blameRevision".

Reviewers: jungejason, tuomaspelkonen, aran

Reviewed By: jungejason

CC: aran, jungejason, epriestley

Differential Revision: 832
2011-09-04 16:19:12 -07:00
epriestley
8f3b342287 Improve several Diffusion UI error states
Summary:
Give users better errors and UI:

  - For subpath SVN repositories, default the path to the subdirectory, not to
"/". This makes the home screen useful and things generally less confusing.
  - For unparsed commits, show a more descriptive error message without the
"blah blah" silliness.
  - For paths outside of the subpath parse tree, short circuit into an
appropriate error message.
  - For foreign SVN stub commits (see D892), show an explicit message.

Test Plan: Looked at unparsed commits, subpath repositories, foreign stub
commits, and paths outside of the subpath parse tree. Received sensible error
messages.

Reviewers: jungejason, nh, tuomaspelkonen, aran

Reviewed By: jungejason

CC: aran, jungejason

Differential Revision: 894
2011-09-04 16:18:28 -07:00
Nick Harper
8b06d7d1c6 Merge branch 'master' of github.com:facebook/phabricator 2011-09-04 15:23:53 -07:00
epriestley
628082d427 Don't flag "EXPLAIN" as a write
Summary: These queries are safe to run without a CSRF token, and we need them
for the query analyzer in DarkConsole.

Test Plan: "Analyze Query Plans" works again.

Reviewers: jungejason, nh, tuomaspelkonen, aran

Reviewed By: nh

CC: aran, epriestley, nh

Differential Revision: 895
2011-09-04 15:20:39 -07:00
Nick Harper
2db912e859 Add change password settings panel
Summary:
In password-based auth environments, there is now a user settings
panel to allow them to change their password.

Test Plan:
Click settings, choose password from the left:
* enter current password, new password (twice), log out, and log in with
  new password
* enter current password, non-matching passwords, and get error
* enter invalid old password, and get error
* use firebug to change csrf token and verify that it does not save with
  and invalid token
Changed config to disable password auth, loaded settings panel and saw
that password was no longer visible. Tried loading the panel anyway and
got redirected.

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, epriestley

Differential Revision: 890
2011-09-04 15:07:04 -07:00
epriestley
ae045a9cf2 When doing partial subdirectory parses in Subversion, stub out foreign commit
references

Summary:
See T325. We tentatively support doing partial subdirectory parses in
Phabricator for Subversion, so you can elect to import only "trunk/local/" or
similar. We do this by importing only some of the commits (those commits which
affected that directory).

In Subversion, you can also "svn cp
svn+ssh://example.com/svnroot/trunk/foreign/example.c@13 local.c". This means
that commits which reference "trunk/local/" may themselves reference foreign
commits.

Currently, we break in this case and can't find the commit reference. Instead,
generate a foreign commit stub so we can at least point at some reasonable
object.

Test Plan: Successfully imported trunk/a/ of the test repo in T325 without
errors. Verified commit 3 in that repo is imported as a foreign stub.

Reviewers: jungejason, nh, tuomaspelkonen, aran

Reviewed By: jungejason

CC: aran, jungejason, epriestley

Differential Revision: 892
2011-09-04 14:10:03 -07:00