1
0
Fork 0
mirror of https://we.phorge.it/source/phorge.git synced 2024-12-27 16:00:59 +01:00
Commit graph

284 commits

Author SHA1 Message Date
vrana
4eb84149c2 Convert everything to safe HTML
Summary: Sgrepped for `"=~/</"` and manually changed every HTML.

Test Plan: This doesn't work yet but it is hopefully one of the last diffs before Phabricator will be undoubtedly HTML safe.

Reviewers: epriestley

CC: aran, Korvin

Maniphest Tasks: T2432

Differential Revision: https://secure.phabricator.com/D4927
2013-02-13 12:35:40 -08:00
vrana
868ca71451 Fix some HTML problems
Summary: I'm too lazy to attaching them for diffs where they were introduced.

Test Plan:
/
/D1, wrote comment with code snippet
DarkConsole
commit detail, wrote comment
task detail, wrote comment

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, Korvin

Maniphest Tasks: T2432

Differential Revision: https://secure.phabricator.com/D4911
2013-02-11 18:18:26 -08:00
vrana
8c71815028 Merge renderChildren() and renderHTMLChildren()
Summary: `renderChildren()` now returns array which isn't ideal but I prefer it to having two methods.

Test Plan: None.

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, Korvin

Differential Revision: https://secure.phabricator.com/D4910
2013-02-11 18:18:23 -08:00
vrana
c9ab1fe505 Return safe HTML from all render()
Summary:
This is pretty brutal and it adds some `phutil_safe_html()`.
But it is a big step in the right direction.

Test Plan: None.

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, Korvin

Maniphest Tasks: T2432

Differential Revision: https://secure.phabricator.com/D4905
2013-02-11 18:18:18 -08:00
epriestley
0f8984f5a7 Move XHProf sampling code out of index.php
Summary:
  - Separate the ideas of "requested" (explicit user request) vs "started" (user request or sampling).
  - Move this code out of index.php into the XHProf stuff (general effort to make index.php smaller).

Test Plan:
Verified that profiling still works, and profiling extends to ajax requests.

Set sampling rate to 2, saw 50% samples.

Looked at database, saw sampling data populating properly.

Reviewers: vrana, nh

Reviewed By: vrana

CC: aran

Differential Revision: https://secure.phabricator.com/D4891
2013-02-09 15:47:55 -08:00
epriestley
879c14e13a Consolidate HTTP header access
Summary: Route all `$_SERVER['HTTP_...']` stuff through AphrontRequest (it would be nice to make this non-static, but the stack is a bit tangled right now...)

Test Plan: Verified CSRF and cascading profiling. `var_dump()`'d User-Agent and Referer and verified they are populated and returned correct values when accessed. Restarted server to trigger setup checks.

Reviewers: vrana

Reviewed By: vrana

CC: aran

Differential Revision: https://secure.phabricator.com/D4888
2013-02-09 15:01:57 -08:00
epriestley
f5827871d5 When a page is profiled, profile all AJAX requests too
Summary: If a page is profiled, add an "X-Phabricator-Profiler" header to all Ajax requests, and profile those too.

Test Plan: Profiled a page, checked Darkconsole, saw profiles for everything.

Reviewers: vrana, btrahan

Reviewed By: vrana

CC: aran

Differential Revision: https://secure.phabricator.com/D4885
2013-02-09 13:29:47 -08:00
vrana
d817dfa8fc Convert some phutil_escape_html() to hsprintf()
Summary: Found by `sgrep_php -e '"...".phutil_escape_html(...)'`.

Test Plan:
/
/D1
/uiexample/
/countdown/1/
/herald/transcript/1/all/

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, Korvin

Maniphest Tasks: T2432

Differential Revision: https://secure.phabricator.com/D4869
2013-02-08 15:59:02 -08:00
epriestley
0f1bdbe147 Merge branch 'master' into phutil_tag
(Sync.)
2013-02-04 06:19:52 -08:00
epriestley
5a2be27045 Minor, fix loged out pages. 2013-02-03 23:25:48 -08:00
epriestley
30dedb2251 Allow PhabricatorMenuView to have items inserted in the middle
Summary:
Make `PhabricatorMenuView` more flexible, so callers can add items to the beginning/end/middle.

In particular, this allows event handlers to receive a $menu and call `addMenuItemToLabel('activity', ...)` or similar, for D4708.

Test Plan: Unit tests. Browsed site. Home page, Conpherence, and other pages with menus look correct.

Reviewers: btrahan

Reviewed By: btrahan

CC: aran

Differential Revision: https://secure.phabricator.com/D4792
2013-02-03 10:02:35 -08:00
epriestley
87dc464159 render_tag -> tag: misc views
Summary: See inlines.

Test Plan: See inlines.

Reviewers: vrana

Reviewed By: vrana

CC: aran

Maniphest Tasks: T2432

Differential Revision: https://secure.phabricator.com/D4768
2013-02-02 06:12:36 -08:00
epriestley
2ce4d2c53a Minor, unbreak the world. 2013-02-01 10:38:08 -08:00
Bryan Cuccioli
c105a5bde0 Refactor developer options to specific developer-mode option.
Summary: Refactor options related to verbose error reporting and forcing disk reads into a single developer option.

Test Plan: Run Phabricator with the developer-mode option set and check that errors print stack traces, static assets are always reloaded, etc.

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, Korvin

Differential Revision: https://secure.phabricator.com/D4780
2013-02-01 10:12:17 -08:00
epriestley
f705c978b5 render_tag -> tag: phabricator_render_form -> phabricator_form
Summary: Convert most phabricator_render_form callsites. In the case of the "headsup view", it converts it by deleting the element entirely (this is the very old Maniphest/Differential header which we no longer use).

Test Plan: Poked around a bit.

Reviewers: vrana

Reviewed By: vrana

CC: aran

Maniphest Tasks: T2432

Differential Revision: https://secure.phabricator.com/D4726
2013-01-30 11:30:38 -08:00
epriestley
39221b1d3f Merge branch 'master' into phutil_tag
(Synchronizing.)
2013-01-29 11:05:02 -08:00
epriestley
114ed6c7fe DarkConsole: fix rendering, move request log, load over ajax
Summary:
This accomplishes three major goals:

  # Fixes phutil_render_tag -> phutil_tag callsites in DarkConsole.
  # Moves the Ajax request log to a new panel on the left. This panel (and the tabs panel) get scrollbars when they get large, instead of making the page constantly scroll down.
  # Loads the panel content over ajax, instead of dumping it into the page body / ajax response body. I've been planning to do this for about 3 years, which is why the plugins are architected the way they are. This should make debugging easier by making response bodies not be 50%+ darkconsole stuff.

Additionally, load the plugins dynamically (the old method predates library maps and PhutilSymbolLoader).

Test Plan:
{F30675}

  - Switched between requests and tabs, reloaded page, saw same tab.
  - Used "analyze queries", "profile page", triggered errors.
  - Verified page does not load anything by default if dark console is closed with Charles.
  - Generally banged on it a bit.

Reviewers: vrana, btrahan, chad

Reviewed By: vrana

CC: aran

Maniphest Tasks: T2432

Differential Revision: https://secure.phabricator.com/D4692
2013-01-28 18:45:32 -08:00
epriestley
820c6279f3 More render_tag -> tag (misc, form inset view)
Summary: Converts some callsites.

Test Plan: Grepped; looked -- see inlines.

Reviewers: vrana

Reviewed By: vrana

CC: aran

Maniphest Tasks: T2432

Differential Revision: https://secure.phabricator.com/D4688
2013-01-28 18:42:57 -08:00
epriestley
08bcb8c30a Simplify form/lightbox stuff
Summary:
I broke this a bit a few revisions ago by making `phabricator_render_csrf_magic()` return array instead of string without actually grepping for callsites.

Instead of building a form in JS, build it in PHP and just change its action in JS. This is simpler and doesn't require us to expose CSRF magic in more places.

This change triggered a rather subtle bug: if we rendered a normal form on the page (and thus installed the "disable forms when submitted" behavior), the download button would incorrectly disable after being clicked. This doesn't currently happen in Files because we don't put a form on the same page as the download button.

Instead, make the "disable" behavior check if the form is downloading stuff, and not disable stuff if it is. Then mark the lightbox and Files form as both download forms.

Test Plan: Used lightbox; used Files. Verified download buttons download the right stuff and behave correctly. Grepped for other download forms, but all the other places where we write "download" don't appear to actually be download links.

Reviewers: vrana, btrahan

Reviewed By: vrana

CC: aran

Maniphest Tasks: T2432

Differential Revision: https://secure.phabricator.com/D4685
2013-01-28 18:12:09 -08:00
Bryan Cuccioli
15e284caa9 Add loading state to notification menu.
Summary: Notification menu shows a loading message before the menu is populated with the actual response.

Test Plan: Checked by having the function sleep between getting the response and populating the menu.

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, Korvin

Differential Revision: https://secure.phabricator.com/D4696
2013-01-28 17:35:17 -08:00
epriestley
f9030885c4 Merge branch 'master' into phutil_tag
(Just synchronizing master into the tag branch.)
2013-01-27 06:02:06 -08:00
Chad Little
dca2048bab Notifcation icons for Conpherence
Summary: Adds notification icons for Conpherence and re-writes the CSS a bit for the new icons and states. I removed the background bubble here and went straight CSS. I also seem to have a JS error and the notification menu doesn't display, but I'm tired and wanted to look at this in Differential. Will update after JS fix.

Test Plan: Turned on notification numbers and conpherence numbers, turned them off. Made them big. Checked FF and IE.

Reviewers: epriestley, btrahan

Reviewed By: btrahan

CC: aran, Korvin

Maniphest Tasks: T2415

Differential Revision: https://secure.phabricator.com/D4666
2013-01-26 17:04:18 -08:00
epriestley
3093d1663d Add javelin_tag(), convert easy callsites
Summary:
  - Implements `javelin_tag()`, which is `javelin_render_tag()` on top of `phutil_tag()` instead of `phutil_render_tag()`.
  - Manually converts all or almost all of the trivial callsites.

Test Plan:
  - Site does not seem any more broken than before.

Reviewers: vrana

Reviewed By: vrana

CC: aran

Differential Revision: https://secure.phabricator.com/D4639
2013-01-25 12:57:17 -08:00
epriestley
3e147dd61c Fix some easy phutil_render_tag()
Summary:
  - Grepped for phutil_render_tag().
  - Fixed some easy ones.

Test Plan:
  - Browsed around; site didn't seem more broken than it was before.

Reviewers: vrana

Reviewed By: vrana

CC: aran

Differential Revision: https://secure.phabricator.com/D4638
2013-01-25 11:39:23 -08:00
vrana
9670f0c636 Convert phutil_render_tag(X, Y, phutil_render_tag(...)) to phutil_render_html
Summary:
Created with spatch:

  lang=diff
  - phutil_render_tag
  + phutil_render_html
    (X, Y, phutil_render_tag(...))

  - phutil_render_tag
  + phutil_render_html
    (X, Y, phutil_render_html(...))

Test Plan: Loaded homepage

Reviewers: epriestley

CC: aran, Korvin

Differential Revision: https://secure.phabricator.com/D4502
2013-01-24 19:35:51 -08:00
vrana
3c1b8df8ae Convert simple phutil_render_tag() to phutil_tag()
Summary: Done manually.

Test Plan: Loaded homepage.

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, Korvin

Differential Revision: https://secure.phabricator.com/D4509
2013-01-24 19:30:50 -08:00
vrana
20768d65d5 Convert phutil_render_tag(X, Y, '...') to phutil_tag
Summary:
Created with spatch:

  lang=diff
  - phutil_render_tag
  + phutil_tag
    (X, Y, '...')

Then searched for `&` and `<` in the output and replaced them.

Test Plan: Loaded homepage.

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, Korvin

Differential Revision: https://secure.phabricator.com/D4503
2013-01-24 19:20:27 -08:00
vrana
48561a8b1f Convert phutil_render_tag(X, Y, phutil_escape_html(Z)) to phutil_tag
Summary:
Created with spatch:

  lang=diff
  - phutil_render_tag
  + phutil_tag
    (X, Y,
  - phutil_escape_html(
    Z
  - )
    )

Test Plan: Loaded homepage

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, Korvin

Differential Revision: https://secure.phabricator.com/D4501
2013-01-24 19:08:55 -08:00
vrana
f8dbfdd59d Convert phutil_render_tag(X, Y) to phutil_tag
Summary:
Created with spatch:

  lang=diff
  - phutil_render_tag
  + phutil_tag
    (X, Y)

(and null manually)

Test Plan: Loaded homepage

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, Korvin

Differential Revision: https://secure.phabricator.com/D4500
2013-01-24 19:08:54 -08:00
epriestley
7a9c28d2d8 Delete the footer completely
Summary: Fixes T2330. Deletes the last traces of the footer.

Test Plan: Looked at several pages, saw no footer. Grepped for footer function and CSS class.

Reviewers: DeedyDas, chad

Reviewed By: chad

CC: aran

Maniphest Tasks: T2330

Differential Revision: https://secure.phabricator.com/D4554
2013-01-19 19:55:37 -08:00
Andrei Antonescu
f919f000e7 Created a preference pane for DarkConsole, instead of link
Summary: Just removed the link and created a new field under preferences. Now the setting is under Display Preferences.

Test Plan: Enablied/Disabled dark console to see if it works.

Reviewers: epriestley

Reviewed By: epriestley

CC: irinav, aran, Korvin

Maniphest Tasks: T2344

Differential Revision: https://secure.phabricator.com/D4549

Conflicts:

	src/view/page/PhabricatorStandardPageView.php
2013-01-19 17:42:54 -08:00
Debarghya Das
2888d58034 Moved Version Footer from Footer to /config/all
Summary: Fixed T2349

Test Plan:
Could not visibly see version at footer any more. Appeared in the top of /config.
Does not appear as a config option in /config.

Reviewers: epriestley

CC: aran, Korvin

Maniphest Tasks: T2349

Differential Revision: https://secure.phabricator.com/D4539
2013-01-19 10:27:59 -08:00
epriestley
14c6df0605 Migrate local disk storage setup check
Summary:
Migrate to the new hotness. Also:

  - Remove a string test, which is now impossible since the config will repair itself and raise a type error.
  - Restore the header even in /config/ -- this check is kind of hacky and it feels a bit more natural now that it's above the menu.

Test Plan: Set my local disk path to something invalid, verified I got a setup error.

Reviewers: btrahan, vrana

Reviewed By: btrahan

CC: aran

Maniphest Tasks: T2228

Differential Revision: https://secure.phabricator.com/D4497
2013-01-19 08:39:27 -08:00
Debarghya Das
721071e5b3 Remove Report A Bug
Summary: Removed the 'Report a Bug' link from the footer

Test Plan: Tried looking through all the phabricator pages but didn't quite get around to it.

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, Korvin

Differential Revision: https://secure.phabricator.com/D4528
2013-01-18 18:38:35 -08:00
epriestley
2d74f9ec76 Show a warning banner to administrators when there are unresolved setup warnings
Summary: We now issue only valid setup warnings, so we can let administrators know when we detect problems.

Test Plan:
Banner:

{F29568}

Created a fake issue; saw banner. No banner inside /config/. Resovled the issue, banner went away.

Reviewers: btrahan, chad

Reviewed By: chad

CC: aran

Maniphest Tasks: T2221

Differential Revision: https://secure.phabricator.com/D4493
2013-01-17 16:25:47 -08:00
Ricky Elrod
3b3808c476 Add the rest of the "Debug/Developer" config group.
Summary:
- Adds the rest of the group as per T2255.
- Adds a pht() around the `$developer_warning` in `PhabricatorStandardPageView`.

Test Plan:
- Viewed new config options.
- Triggered a fake warning to make sure I didn't break error callouts.

Reviewers: epriestley, btrahan

Reviewed By: epriestley

CC: aran, Korvin

Maniphest Tasks: T2255

Differential Revision: https://secure.phabricator.com/D4333
2013-01-03 05:48:21 -08:00
epriestley
5897b4a116 Remove "preview.viewport-meta-tag" config
Summary: This is obsolete with the 'device' => true stuff, which is more granular and generally better.

Test Plan: grep

Reviewers: btrahan, codeblock

Reviewed By: btrahan

CC: aran

Maniphest Tasks: T2255

Differential Revision: https://secure.phabricator.com/D4309
2013-01-01 14:09:10 -08:00
epriestley
923dc42e1a Move all CSS "z-index" rules to "z-index.css", fix Differential z-index problem
Summary: We have enough z-index rules that they're fairly hard to visualize with "git grep". Consolidate them. Then fix T2253 (missing z-index on left menu background).

Test Plan: Made a Differential window really narrow, then scrolled it horizontally.

Reviewers: btrahan, chad, ender

Reviewed By: chad

CC: aran

Maniphest Tasks: T2253

Differential Revision: https://secure.phabricator.com/D4302
2012-12-30 09:30:21 -08:00
vrana
ef214e94ce Move setUser() to AphrontView
Summary: This is used in every other view.

Test Plan: Browsed around.

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, Korvin

Differential Revision: https://secure.phabricator.com/D4248
2012-12-20 14:49:52 -08:00
epriestley
26dd2a0eef Allow ApplicationTransaction comments to be edited and deleted
Summary:
Allows you to edit or delete comments in appplications which support ApplicationTransactions.

UI/UX stuff:

  - The dialogs are rough but I want to do a dialog design pass more generally, @chad has some mocks.
  - When you add new mentions via edit, they don't currently count as mentions. I'm not sure what I want to do about this.
  - When you edit or delete a comment, we do not publish any notifications about it. I think this is reasonable.
  - I didn't separate "delete" out versus "edit"; I assume it will be reasonably intuitive that deleting all the text deletes effectively deletes the comment. I also want to discourage deletion somewhat (we still show the transaction, just show that the comment has been deleted).

Test Plan:
Transaction view, note "Edit" and "Edited" links:

{F26914}

Edit view, has some design issues but I want to do a pass on dialogs in general:

{F26915}

History view:

{F26913}

Reviewers: vrana, btrahan, chad

Reviewed By: vrana

CC: aran

Maniphest Tasks: T1082

Differential Revision: https://secure.phabricator.com/D4149
2012-12-11 14:01:51 -08:00
epriestley
bf9bc885b7 Enable notifications by default
Summary: I think we've sorted out enough of the problems with these to turn them on for everyone. The real-time component remains configuration-dependent.

Test Plan: Turned off "notification.enabled", still saw notifications.

Reviewers: btrahan, chad

Reviewed By: btrahan

CC: aran

Differential Revision: https://secure.phabricator.com/D4120
2012-12-07 16:27:01 -08:00
epriestley
2763d0fe61 Minor, unfatal the 404 page after new menu stuff. 2012-12-07 15:29:41 -08:00
epriestley
7b5dea94d2 Clean up some more sprite stuff
Summary:
  - Remove unused CSS rules and non-sprite images.
  - Sprite the logo.

Test Plan: Looked at site, looked good.

Reviewers: chad

Reviewed By: chad

CC: aran

Differential Revision: https://secure.phabricator.com/D4113
2012-12-07 14:29:09 -08:00
epriestley
54fe74d621 WIP 2012-12-07 13:43:11 -08:00
epriestley
f306cab653 Use application icons for "Eye" menu and Crumbs
Summary:
Issues here:

  - Need an application-sized "eye", or a "home" icon for "Phabricator Home".
  - Some of the "apps_lb_2x" sliced images are the "_dark_" versions, not the light versions.
  - If you slice an application-sized "logout" (power off) icon and application-sized "help" (questionmark in circle) icon I can replace the current menu icons and nearly get rid of "autosprite".
  - To replace the icons on /applications/, the non-retina size is "4x", so we'd need "8x" for retina. Alternatively I can reduce the icon sizes by 50%.
  - The "Help", "Settings" and "Logout" items currently have a "glowing" hover state, which needs a variant (or we can drop it).
  - The /applications/ icons have a white hover state (or we can drop it).
  - The 1x application (14x14) icons aren't used anywhere right now, should they be? Maybe in the feed in the future, etc?
  - The "apps-2x" and "apps-large" sheets are the same image, but getting them to actually use the same file is a bit tricky, so I just left them separate for now.

Test Plan:
{F26698}
{F26699}

Reviewers: chad

Reviewed By: chad

CC: aran

Maniphest Tasks: T1960

Differential Revision: https://secure.phabricator.com/D4108
2012-12-07 13:37:28 -08:00
epriestley
8bcdf42762 Simplify ".device-phone X, .device-tablet X { ... }" rules
Summary: Add a ".device" rule which means "phone or tablet". Simplify about 5000 rules which were written ".device-phone X, device-tablet X { ... }".

Test Plan: Browsed the site a bit without incident.

Reviewers: chad

Reviewed By: chad

CC: aran

Maniphest Tasks: T1960

Differential Revision: https://secure.phabricator.com/D4103
2012-12-07 13:37:10 -08:00
epriestley
8cff6ea9cb Add eye icon to left menu button
Summary: Do we have an icon with 2x for the right menu?

Test Plan: {F26590}

Reviewers: chad

Reviewed By: chad

CC: aran

Maniphest Tasks: T1960

Differential Revision: https://secure.phabricator.com/D4101
2012-12-07 13:36:35 -08:00
epriestley
1c9d1d6ad1 Add some textures/gradients to crumbs and menu
Summary:
This doesn't lay in everything, but:

  - Break the buttons gradient apart into components and rebuild it (along with other gradients) into a single gradient sprite (possible after {D4099}).
  - Use the sliced gradient for the crumbs background.
  - Use the sliced image for the crumb divider.
  - Adds the black/white app sheets, but I'm not generating them quite yet.

Test Plan: {F26537} {F26540}

Reviewers: chad, btrahan

Reviewed By: chad

CC: aran

Maniphest Tasks: T1960

Differential Revision: https://secure.phabricator.com/D4100
2012-12-07 13:35:49 -08:00
epriestley
f910e38ecc Provide a mobile application menu
Summary:
Adds a right-hand-side application menu, based roughly on `frame_v3.png`.

This has the same icon as the left menu until we get real design in, but is functionally reasonable.

Test Plan: {F26170} {F26169}

Reviewers: chad

Reviewed By: chad

CC: aran

Maniphest Tasks: T1960

Differential Revision: https://secure.phabricator.com/D4061
2012-12-07 13:34:44 -08:00
epriestley
e3f6bbfff8 Refactor the main menu in preparation for a mobile application menu
Summary:
As per discussion, this primes the existing mobile menu / menu button for "phabricator" and "application" menus.

Design here is very rough, I'm just trying to get everything laid in functionally first. It's based on `frame_v3.png` but missing a lot of touches.

Test Plan:
{F26143}
{F26144}

Reviewers: chad

Reviewed By: chad

CC: aran

Maniphest Tasks: T1960

Differential Revision: https://secure.phabricator.com/D4058
2012-12-07 13:33:03 -08:00
epriestley
71c170661b Use "flame" notification icon and bubble instead of lightning bolt
Summary: Switch to the final versions of these

Test Plan: Will add screenshots...

Reviewers: chad

Reviewed By: chad

CC: aran

Differential Revision: https://secure.phabricator.com/D4032
2012-11-27 14:03:25 -08:00
Bob Trahan
1e743c9138 fix lightbox for when we have no $user or $request
Summary: defensive program wins all battles

Test Plan: lightbox still worked

Reviewers: vrana, epriestley

Reviewed By: vrana

CC: aran, Korvin

Differential Revision: https://secure.phabricator.com/D3975
2012-11-19 17:05:10 -08:00
vrana
ef85f49adc Delete license headers from files
Summary:
This commit doesn't change license of any file. It just makes the license implicit (inherited from LICENSE file in the root directory).

We are removing the headers for these reasons:

- It wastes space in editors, less code is visible in editor upon opening a file.
- It brings noise to diff of the first change of any file every year.
- It confuses Git file copy detection when creating small files.
- We don't have an explicit license header in other files (JS, CSS, images, documentation).
- Using license header in every file is not obligatory: http://www.apache.org/dev/apply-license.html#new.

This change is approved by Alma Chao (Lead Open Source and IP Counsel at Facebook).

Test Plan: Verified that the license survived only in LICENSE file and that it didn't modify externals.

Reviewers: epriestley, davidrecordon

Reviewed By: epriestley

CC: aran, Korvin

Maniphest Tasks: T2035

Differential Revision: https://secure.phabricator.com/D3886
2012-11-05 11:16:51 -08:00
Bob Trahan
3ffc764141 Introduce lightbox view for images
Summary:
images attached to maniphest tasks and mentioned in remarkup anywhere now invoke a lightbox control that lets the user page through all the images.

lightbox includes a download button, next / prev buttons, and if we're not at the tippy toppy of hte page an "X" or close button.

we also respond to left, right, and esc for navigating.

next time we should get non-images working in here...!

Test Plan:
played with maniphest - looks good
made comments with images. looks good.
made sure multiple image comments worked.

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, Korvin, chad

Maniphest Tasks: T1896

Differential Revision: https://secure.phabricator.com/D3705
2012-10-22 19:06:56 -07:00
epriestley
9fa4c2d406 Separate "PhabricatorBarePageView" out of "PhabricatorStandardPageView"
Summary:
For Phame, we really want more than a chromeless page -- it shouldn't have Javelin or Phabricator styles on it.

Pull the bare infrastructure out of StandardPageView and make it available as BarePageView.

Test Plan: Viewed bare page in UIExamples, various non-bare pages.

Reviewers: btrahan

Reviewed By: btrahan

CC: aran

Differential Revision: https://secure.phabricator.com/D3711
2012-10-16 10:33:47 -07:00
epriestley
c02a588b4e Remove "admin page" color/styles
Summary: These haven't had any effect since the redesign, and we're moving to a more granular policy model so it probably doesn't make sense to ever restore them.

Test Plan: Grepped for "admin" and removed all relevant code.

Reviewers: btrahan

Reviewed By: btrahan

CC: aran

Differential Revision: https://secure.phabricator.com/D3710
2012-10-16 10:33:37 -07:00
epriestley
c4ed47929c Make the top nav non-fixed-position
Summary:
See some discussion in D1673.

  - There's a concrete (if minor) problem with this in Firefox with wrapping search.
  - People complain about how we're stealing all their pixels.
  - There isn't much of a functional purpose to it since all the operations are fairly rare.
  - This addresses the aesthetic purpose of the fixed-position nav (not making the side nav ugly) by making the side nav scroll up 44px and then stop.

Test Plan: Scrolled in desktop, tablet modes.

Reviewers: vrana

Reviewed By: vrana

CC: aran

Differential Revision: https://secure.phabricator.com/D3412
2012-08-30 18:58:51 -07:00
Alan Huang
f8e28fae01 Do something cooler
Summary: It seemed like a good idea at the time.

Test Plan: Uh huh.

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, Korvin

Differential Revision: https://secure.phabricator.com/D3352
2012-08-22 08:20:23 -07:00
vrana
801a176274 Link Phabricator from footer
Summary:
I need to visit Phabricator homepage (usually to read the docs) quite often.
This is also kind of a signature.

Test Plan: Clicked it.

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, Korvin

Differential Revision: https://secure.phabricator.com/D3335
2012-08-19 09:28:45 -07:00
epriestley
70a8e8b6e8 Modernize Paste
Summary:
  - Add a PhabricatorApplication.
  - Make most of the views work well on tablets / phones. The actual "Create" form doesn't, but everything else is good -- need to make device-friendly form layouts before I can do the form.

Test Plan: Will attach screenshots.

Reviewers: btrahan, chad, vrana

Reviewed By: btrahan

CC: aran

Maniphest Tasks: T1569

Differential Revision: https://secure.phabricator.com/D3293
2012-08-15 10:45:06 -07:00
epriestley
47b96fdebe Use sprites for all the menu icons
Summary:
See D3277, D3278.

  - Sprite all the menu icons.
  - Delete the unsprited versions.
  - Notification bolt now uses the same style as everything else.

Test Plan: Looked at page, hovered, clicked things.

Reviewers: btrahan, chad, vrana

Reviewed By: vrana

CC: aran

Maniphest Tasks: T1569

Differential Revision: https://secure.phabricator.com/D3279
2012-08-14 14:20:01 -07:00
epriestley
66cee129b6 Remove all code referencing old tab navigation
Summary:
  - Add getHelpURI() to PhabricatorApplication for application user guides.
  - Add a new "help" icon menu item and skeletal Diviner application.
  - Move help tabs to Applications where they exist, document the other ones that don't exist yet.
  - Grep for all tab-related stuff and delete it.

Test Plan: Clicked "help" for some apps. Clicked around randomly in a bunch of other apps.

Reviewers: btrahan, vrana

Reviewed By: btrahan

CC: aran

Differential Revision: https://secure.phabricator.com/D3267
2012-08-13 15:28:41 -07:00
epriestley
81f8b507fe Use shinier menu icons
Summary:
  - Use @chad's nice gradient overlay icons.
  - Show selected states.
  - Use profile picture for profile item (not sure about this treatment?)
  - Workflow the logout link

Test Plan: Will add screenshots.

Reviewers: alanh, btrahan, chad

Reviewed By: btrahan

CC: aran

Differential Revision: https://secure.phabricator.com/D3225
2012-08-10 12:11:24 -07:00
epriestley
314c25365d Drive menu icons from Applications
Summary:
This makes no changes, it just moves the menu icons to the applications instead of hard-coded on the page.

I'm going to try to address some of the angst in T1593 next...

Test Plan: Loaded logged-in / logged out pages. Clicked menu items. Looked at /applications/.

Reviewers: vrana, btrahan

Reviewed By: vrana

CC: aran

Maniphest Tasks: T1593, T1569

Differential Revision: https://secure.phabricator.com/D3146
2012-08-05 14:12:43 -07:00
epriestley
852ecc2102 Add a basic search typeahead
Summary:
This needs a bunch of refinement but pretty much works. Currently shows only users and applications. Plans:

  - Show actual search results too.
  - Clean up the datasource endpoint so it's less of a mess.
  - Make other typeaheads look more like this one.
  - Improve sorting.
  - Make object names hit the named objects as the first match.

Test Plan: Will attach screenshots.

Reviewers: btrahan, vrana, chad

Reviewed By: vrana

CC: aran

Maniphest Tasks: T1569

Differential Revision: https://secure.phabricator.com/D3110
2012-07-31 17:58:21 -07:00
epriestley
d2031d3296 Minor, use a spacer instead of top margin to prevent margin collapse. 2012-07-31 07:04:26 -07:00
epriestley
9eb6d4dded Minor, fix a resource include order issue. 2012-07-31 06:37:19 -07:00
epriestley
3c7944d297 Switch to new menubar
Summary:
  - Looks better (can probably still use some tweaks), especially search.
  - Moves logout from weird footer location to main menu.
  - Reactive: on tablets and phones, the menu adjusts to remain useful.
  - Fixed position on desktops for future side nav changes.
  - Adds an icon header thing that's currently hard-coded but will be application-driven soon.

Test Plan: Used menu on desktop, tablet, phone, logged in / logged out, toggled darkconsole. Will add some screenshots.

Reviewers: btrahan, chad

Reviewed By: btrahan

CC: aran

Maniphest Tasks: T1569

Differential Revision: https://secure.phabricator.com/D3105
2012-07-30 16:09:14 -07:00
epriestley
998d43e828 Add a "toggle-class" behavior
Summary: The new menu stuff needs this but it was easy to pull out on its own.

Test Plan: Cliked UI example buttons.

Reviewers: btrahan, chad

Reviewed By: btrahan

CC: aran

Maniphest Tasks: T1569

Differential Revision: https://secure.phabricator.com/D3104
2012-07-30 16:08:42 -07:00
epriestley
0cc3cb7559 Remove support for custom logos
Summary:
  - These don't fit anywhere in the new design.
  - Even if we figure out how to fit them in, 220px logos definitely won't fit on the 320px iPhone screen so anyone who has a custom logo will have to rework them anyway.
  - Kill it for now, and once we get the new design in and working maybe we can restore it somehow.

Test Plan: Loaded local install, no logo. Grepped for config.

Reviewers: btrahan, vrana

Reviewed By: vrana

CC: aran

Maniphest Tasks: T1569

Differential Revision: https://secure.phabricator.com/D3101
2012-07-30 11:09:28 -07:00
epriestley
59949bf811 Add "device" JS/CSS for reactive stuff
Summary:
As we work through @chad's redesign, one thing I want to do is improve the tablet/mobile experience.

Add a "device" behavior which sets a "device-phone", "device-tablet" or "device-desktop" class on the root div. The behavior (device names, width triggers) is mostly based on Bootstrap.

Also adds a preview viewport=meta tag, which makes the iPhone not scale the page like crazy and is a desirable end state, but currently makes the app less usable since things get cut off.

Test Plan:
Added some classes like this:

	.device-desktop {
	  background: blue;
	}
	.device-tablet {
	  background: orange;
	}
	.device-phone {
	  background: yellow;
	}

...and loaded the site on a desktop, iPad and iPhone. Resized the window. Got the right background color in all cases.

Reviewers: btrahan, chad

Reviewed By: chad

CC: aran

Differential Revision: https://secure.phabricator.com/D3063
2012-07-25 11:51:27 -07:00
vrana
23f2ffb81c Add footer link to report a bug
Summary:
According to http://www.phabricator.com/docs/phabricator/article/Give_Feedback!_Get_Support!.html, we love feedback.
But there is no way to provide it without reading the docs.

Test Plan: Clicked the link.

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, Korvin, ldemailly

Differential Revision: https://secure.phabricator.com/D2975
2012-07-16 09:37:27 -07:00
epriestley
18cfab0c36 Allow configuration of the default monospaced font style
Summary: This is a fairly contentious default that we can easily move to configuration.

Test Plan: Changed the default, changed my user setting, reverted my user setting, verified the "settings" page.

Reviewers: btrahan

Reviewed By: btrahan

CC: aran

Differential Revision: https://secure.phabricator.com/D2935
2012-07-06 15:39:43 -07:00
epriestley
5e184ee593 Improve debug support for notifications
Summary: Add a `notification.debug` setting that shows debug info in the browser. Also improve some logging/error handling stuff and fix a bug with host names.

Test Plan: {F13098}

Reviewers: jungejason, btrahan, vrana

Reviewed By: btrahan

CC: aran

Maniphest Tasks: T944

Differential Revision: https://secure.phabricator.com/D2810
2012-06-20 13:20:47 -07:00
epriestley
7a4ca85d67 Show only one "reload" popup, use 'alert' style, click to reload
Summary: Use the features from D2758.

Test Plan: Updated T1 with two browser windows pointing at it, verified reload appeared, only one reload, and it appeared with 'alert' style.

Reviewers: jungejason, vrana

Reviewed By: jungejason

CC: aran

Maniphest Tasks: T944

Differential Revision: https://secure.phabricator.com/D2781
2012-06-18 14:07:45 -07:00
epriestley
513abf00cf Add a server status page for notification server
Summary:
  - Add a /notification/status/ page which shows server status.
  - Remove various test controllers and routes.
  - Make the "no notifications" message look better.
  - Move port/URI configuration to config file.

Test Plan: Started server, hit /notification/status/, saw server status.

Reviewers: allenjohnashton, ddfisher, keebuhm, jungejason

Reviewed By: jungejason

CC: aran

Maniphest Tasks: T944

Differential Revision: https://secure.phabricator.com/D2756
2012-06-17 11:35:18 -07:00
epriestley
14648d6d7a Provide more informative messages when autoclosing revisions
Summary: This has been a point of some confusion, make the messages more explicit.

Test Plan:
Added var_dump() stuff and ran on some commits:

  $ ./scripts/repository/reparse.php --message rP9fc54f4dfb61f7338cb1cfe819bc72d2a3404264
  Running 'PhabricatorRepositoryGitCommitMessageParserWorker'...
  string(58) "Closed by commit rP9fc54f4dfb61 (authored by @epriestley)."
  $ ./scripts/repository/reparse.php --message rP444c634b6c6612fc7b36ddffab8023ef67372ab9
  Running 'PhabricatorRepositoryGitCommitMessageParserWorker'...
  string(83) "Closed by commit rP444c634b6c66 (authored by Ben Rogers, committed by @epriestley)."
  $ ./scripts/repository/reparse.php --message rP22d12fe499e3ecb62392397f2ac2a91768c974aa
  Running 'PhabricatorRepositoryGitCommitMessageParserWorker'...
  string(52) "Closed by commit rP22d12fe499e3 (authored by vrana)."
  $ ./scripts/repository/reparse.php --message rPe51958159483cd0acf00adcff51edf8717b4a23b
  Running 'PhabricatorRepositoryGitCommitMessageParserWorker'...
  string(85) "Closed by commit rPe51958159483 (authored by David Fisher, committed by @epriestley)."

Reviewers: csilvers, vrana

Reviewed By: csilvers

CC: aran

Differential Revision: https://secure.phabricator.com/D2765
2012-06-15 17:00:08 -07:00
epriestley
2d7705ea30 Apply AMAZING DESIGN SKILLS to notification menu
Summary:
I am a fancy designer!

{F12665} {F12666}

Test Plan: Opened/closed menu. Viewed with-notification-count and without-notification count states.

Reviewers: allenjohnashton, ddfisher, keebuhm

Reviewed By: ddfisher

CC: aran, chad, joe

Maniphest Tasks: T974

Differential Revision: https://secure.phabricator.com/D2735
2012-06-14 06:13:53 -07:00
epriestley
86040227b0 Improve Aphlict server
Summary:
  - Move to port 22280 by default.
  - Warn when running as non-root.
  - Allow subscription and publish/admin ports to be configured.
  - Allow server to drop root after binding to 843.
  - Allow log path to be configured.
  - Add /status/ admin URI which shows server status.
  - Return HTTP 400 Bad Request for other requests, instead of hanging.
  - Minor formatting cleanup.

Test Plan:
Ran without root:

  $ node aphlict_server.js

...got a good error message. Ran with --user:

  $ sudo node aphlict_server.js --user=epriestley

...verified server dropped permissions. Ran with --port / --admin. Hit /status/ with GET, got status. Hit other URLs with GET, got 400.

Reviewers: allenjohnashton, ddfisher, keebuhm

Reviewed By: ddfisher

CC: aran

Differential Revision: https://secure.phabricator.com/D2737
2012-06-14 06:12:54 -07:00
David Fisher
e519581594 "Please Refresh" Notifications
Summary:
Based off D2704. Adds humane.js and a bit of plumbing. Currently does
not seem to load notification.css (which causes notifications not to display)
for reasons entirely opaque to me.

Test Plan:
tried locally. currently works except for the actual display due to
css loading difficulties

Reviewers: epriestley

Reviewed By: epriestley

CC: allenjohnashton, keebuhm, aran, Korvin

Differential Revision: https://secure.phabricator.com/D2705
2012-06-13 17:28:58 -07:00
David Fisher
f8f195b329 Make Notifications Realtime
Summary:
Adds the node.js Aphlict server, the flash Aphlict client, and some
supporting javascript. Built on top of - and requires - D2703 (which is still
in progress).  Will likely work with no modification on top of the final
version, though.

The node server is currently run with

   sudo node support/aphlict/server/aphlict_server.js

Test Plan: tested locally

Reviewers: epriestley

Reviewed By: epriestley

CC: allenjohnashton, keebuhm, aran, Korvin

Differential Revision: https://secure.phabricator.com/D2704
2012-06-11 17:51:12 -07:00
David Fisher
2bade93b76 Notification dropdown fixes
Summary: dropdown now displays properly and without flicker

Test Plan: tested locally

Reviewers: epriestley

Reviewed By: epriestley

CC: allenjohnashton, keebuhm, aran, Korvin

Differential Revision: https://secure.phabricator.com/D2708
2012-06-11 17:17:48 -07:00
John-Ashton Allen
a11deec4d4 Adds the UI dropdown panel
Summary:
Add a dropdown to display notificaitons.  Right now
there is nothing real time about it, but we do update the panel
when the user clicks.  This panel is only displayed if the
install has notifications enabled and you have them enabled in
your preferences (not using them by default).

Test Plan: Turn off notifications for user1, left them on for user2.  Did things from user1 and from user2 on task both were cc'd on.  user2 recieved all notifications, user1 recieved nothing.  Made new user, made sure everything was switched off by default.

Reviewers: epriestley, btrahan

Reviewed By: epriestley

CC: keebuhm, ddfisher, aran, Korvin

Differential Revision: https://secure.phabricator.com/D2703
2012-06-11 09:42:55 -07:00
vrana
6cc196a2e5 Move files in Phabricator one level up
Summary:
- `kill_init.php` said "Moving 1000 files" - I hope that this is not some limit in `FileFinder`.
- [src/infrastructure/celerity] `git mv utils.php map.php; git mv api/utils.php api.php`
- Comment `phutil_libraries` in `.arcconfig` and run `arc liberate`.

NOTE: `arc diff` timed out so I'm pushing it without review.

Test Plan:
/D1234
Browsed around, especially in `applications/repository/worker/commitchangeparser` and `applications/` in general.

Auditors: epriestley

Maniphest Tasks: T1103
2012-06-01 12:32:44 -07:00
epriestley
09c8af4de0 Upgrade phabricator to libphutil v2
Summary: Mechanical changes from D2588. No "Class.php" moves yet.

Test Plan: See D2588.

Reviewers: vrana, btrahan, jungejason

Reviewed By: vrana

CC: aran

Maniphest Tasks: T1103

Differential Revision: https://secure.phabricator.com/D2591
2012-05-30 14:26:29 -07:00
Bob Trahan
f5e842ebd9 dark console - introduce "request log" section
Summary: this section gets updated for each and every request. clicking a given entry updates the larger dark-console area to have the information from that request

Test Plan: clicked around in maniphest and observed request log populating correctly. clicked a few entries in request log and saw it updated properly. clicked a different tab in the dark-console and it worked. clicked a different request log entry and it opened the dark console to the proper request on the proper tab.

Reviewers: epriestley, vrana

Reviewed By: epriestley

CC: aran, Koolvin

Maniphest Tasks: T1136

Differential Revision: https://secure.phabricator.com/D2574
2012-05-25 10:14:17 -07:00
epriestley
944049d871 Add a paginated list of all repository tags to Diffusion
Summary: Now supports more than 25 tags!

Test Plan: Set page size to 1, paginated. Verified SVN / Hg don't break/explode.

Reviewers: davidreuss, vrana, btrahan

Reviewed By: btrahan

CC: aran

Maniphest Tasks: T1130

Differential Revision: https://secure.phabricator.com/D2268
2012-04-19 09:39:19 -07:00
epriestley
ae9d1bf9ae Allow installs to add a custom corp/org header link
Summary: A bunch of installs are doing this to varying degrees of success anyway, make it easier and nudge them toward a more consistent approach.

Test Plan: Set a custom logo, viewed normal and admin pages.

Reviewers: btrahan

Reviewed By: btrahan

CC: aran, epriestley

Maniphest Tasks: T700

Differential Revision: https://secure.phabricator.com/D2019
2012-03-26 09:29:31 -07:00
David Fisher
1c9a8ccb7c Added Search Box Preferences
Summary:
Resolves T989
- users can now disable the '/' keyboard shortcut which focuses the
  search box
- users can now disable the jump nav functionality of the search box

Test Plan:
- verified that the '/' keyboard shortcut works with preference enabled
  or unset
- verified that '/' no longer has any effect and disappears from
  keyboard shortcuts help overlay with preference disabled
- verified that search boxes have jump nav capabilities with jump nav
  functionality preference unset or enabled
- verified that search boxes do not jump with jump nav preference
  disabled
- verified that the jump nav still works as a jump nav with jump nav
  preference disabled

Reviewers: epriestley

Reviewed By: epriestley

CC: simpkins, aran, epriestley, vrana

Maniphest Tasks: T989

Differential Revision: https://secure.phabricator.com/D1902
2012-03-14 20:47:41 -07:00
epriestley
d0af617818 Add "final" to (almost) everything else
Summary: Last of the big final patches. Left a few debatable classes (12 out of about 400) that I'll deal with individually eventually.

Test Plan: Ran testEverythingImplemented.

Reviewers: btrahan

Reviewed By: btrahan

CC: aran, epriestley

Maniphest Tasks: T795

Differential Revision: https://secure.phabricator.com/D1881
2012-03-13 16:21:04 -07:00
David Fisher
639ed0faa6 Change All Search Boxes into Jump Navs
Summary:
- all search boxes are now jump navs (old functionality retained if none
  of the jump nav patterns match)
- added global keyboard shortcut '/' to focus the search box in the upper
  right

Test Plan:
- pressed '/' and noticed the search box gains keyboard focus
- triggered jump nav functionality from search box and saw it worked
- did a search which did not match a jump nav pattern and saw it worked
  (and searched in the selected context)
NOTE: The search box on the /search/ page is also changed to have jump
nav functionality. Old functionality is not impared. Still, this may not
be desirable.

Reviewers: epriestley, btrahan

Reviewed By: epriestley

CC: aran, epriestley

Differential Revision: https://secure.phabricator.com/D1794
2012-03-05 19:52:26 -08:00
epriestley
cd651001b6 Add a contextual "scope" dropdown for searches
Summary: Add a "Search for ... in (document group)" thing that picks the current
scope based on the current application.

Test Plan: Conducted searches in several browsers.

Reviewers: btrahan, skrul

Reviewed By: btrahan

CC: aran, epriestley

Maniphest Tasks: T858

Differential Revision: https://secure.phabricator.com/D1610
2012-02-14 17:00:12 -08:00
vrana
2ff36b7cad Move tail to <body>
Summary:
Prevents invalid HTML.
Discussion at D1561#6.

Test Plan:
http://validator.w3.org/check?uri=https%3A%2F%2Fsecure.phabricator.com

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, epriestley

Differential Revision: https://secure.phabricator.com/D1563
2012-02-03 11:33:38 -08:00
vrana
c0efecb561 Specify encoding in <meta>
Summary: Phabricator sends information about encoding in Content-Type header but
when I save the HTML page then this information is lost.

Test Plan: /

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, epriestley

Differential Revision: https://secure.phabricator.com/D1561
2012-02-03 10:16:12 -08:00
epriestley
d43dec1d12 Make it harder to miss errors and warnings while developing Phabricator
Summary:
If a page generates warnings or errors, you only get a little red dot in
DarkConsole which is hard to see. DarkConsole is also fairly big and there are
plenty of reasons not to leave it open all the time.

Instead, unconditionally show a big message to developers if there are errors or
warnings.

We could make this more sophisticated eventually, but the value is just that you
see it.

Test Plan: Browsed pages with and without warnings, got the right banner state.

Reviewers: nh, btrahan, jungejason

Reviewed By: btrahan

CC: aran, btrahan

Maniphest Tasks: T734

Differential Revision: https://secure.phabricator.com/D1307
2012-01-04 10:21:00 -08:00
Marek Sapota
789dc6cb5e Allow anonymus access to Differential.
Summary:
Add possibility for not logged in users to browse and see Differential
revisions.

Test Plan:
Set 'differential.anonymous-access' config option to true, log out, you should
be able to browse Differential without logging back in.

Reviewers: epriestley, jungejason

Reviewed By: epriestley

CC: aran, epriestley, mareksapota

Differential Revision: 1044
2011-10-25 10:23:08 -07:00
epriestley
3aa17c7443 Prevent CSRF uploads via /file/dropupload/
Summary:
We don't currently validate CSRF tokens on this workflow. This allows an
attacker to upload arbitrary files on the user's behalf. Although I believe the
tight list of servable mime-types means that's more or less the end of the
attack, this is still a vulnerability.

In the long term, the right solution is probably to pass CSRF tokens on all Ajax
requests in an HTTP header (or just a GET param) or something like that.
However, this endpoint is unique and this is the quickest and most direct way to
close the hole.

Test Plan:
  - Drop-uploaded files to Files, Maniphest, Phriction and Differential.
  - Modified CSRF vaidator to use __csrf__.'x' and verified uploads and form
submissions don't work.

Reviewers: andrewjcg, aran, jungejason, tuomaspelkonen, erling
Commenters: andrewjcg, pedram
CC: aran, epriestley, andrewjcg, pedram
Differential Revision: 758
2011-08-16 13:19:10 -07:00
epriestley
15ef2fced0 Fix conservative CSRF token cycling limit
Summary:
We currently cycle CSRF tokens every hour and check for the last two valid ones.
This means that a form could go stale in as little as an hour, and is certainly
stale after two.

When a stale form is submitted, you basically get a terrible heisen-state where
some of your data might persist if you're lucky but more likely it all just
vanishes. The .js file below outlines some more details.

This is a pretty terrible UX and we don't need to be as conservative about CSRF
validation as we're being. Remedy this problem by:

  - Accepting the last 6 CSRF tokens instead of the last 1 (i.e., pages are
valid for at least 6 hours, and for as long as 7).
  - Using JS to refresh the CSRF token every 55 minutes (i.e., pages connected
to the internet are valid indefinitely).
  - Showing the user an explicit message about what went wrong when CSRF
validation fails so the experience is less bewildering.

They should now only be able to submit with a bad CSRF token if:

  - They load a page, disconnect from the internet for 7 hours, reconnect, and
submit the form within 55 minutes; or
  - They are actually the victim of a CSRF attack.

We could eventually fix the first one by tracking reconnects, which might be
"free" once the notification server gets built. It will probably never be an
issue in practice.

Test Plan:
  - Reduced CSRF cycle frequency to 2 seconds, submitted a form after 15
seconds, got the CSRF exception.
  - Reduced csrf-refresh cycle frequency to 3 seconds, submitted a form after 15
seconds, got a clean form post.
  - Added debugging code the the csrf refresh to make sure it was doing sensible
things (pulling different tokens, finding all the inputs).

Reviewed By: aran
Reviewers: tuomaspelkonen, jungejason, aran
CC: aran, epriestley
Differential Revision: 660
2011-07-14 08:09:40 -07:00
epriestley
c33eecf438 Improve DarkConsole "Services" and "XHProf" plugins
Summary:

  - Services: Show summary panel of total service call costs and relative page weight.
  - Services: Add "Analyze Query Plans" button, which issues EXPLAIN for each query and flags problems.
  - XHPRof: iframe the profile.

Test Plan: Used the new query plan analysis to find missing keys causing table scans, see D627.

Reviewers: jungejason, tuomaspelkonen, aran

CC:

Differential Revision: 628
2011-07-11 12:51:58 -07:00
epriestley
aa86cf0ed8 Countdown tweaks
Summary:
A few tweaks to hsb's Countdown implementation:

  - Allow the page to be rendered "chromeless", suitable for display on one of
the dozens of monitors everyone has laying around.
  - Show title of countdown in deletion dialog.
  - When creating a new countdown default to time(), not Dec 31, 1969.
  - Add extra "/" after editing to avoid needless redirect.
  - Tweak some page titles.
  - Show countdown author in list view.
  - Highlight tab in list view.
  - Tweak menu copy.
  - Link countdown title in list view, separate buttons into different columns
so they pick up padding.

Test Plan:
Created, edited and deleted a timer. Viewed a timer and toggled chrome mode.
Viewed timer list.

Reviewed By: hsb
Reviewers: hsb, aran, jungejason, tuomaspelkonen
CC: aran, hsb, epriestley
Differential Revision: 454
2011-06-13 18:53:43 -07:00
epriestley
1c5b31d397 Keep menubar from spazzing out in narrow screens
Summary:
If you resize your window to be very narrow, the menu bar spazzes out right now.
Prevent it from developing all sorts of weird internal linewrapping.

Test Plan:
Narrowed my browser window, header didn't spaz out.

Reviewed By: jungejason
Reviewers: aran, jungejason, tuomaspelkonen
CC: aran, jungejason
Differential Revision: 428
2011-06-11 16:01:04 -07:00
epriestley
48ec1f6d98 Provide basic structure for keyboard shortcuts
Summary: Implements a simple infrastructure for keyboard shortcuts, see T184, and a "help" shortcut.

There's a lot of room for refinement here but I think it basically works. Each shortcut can also provide a "tooltip" handler which allows it to show help when the alt/option key is held down.

Test Plan: Pressed "?" and got help. Pressed "?" in various contexts where it should not activate (modifier keys, text input focused) and didn't get help.

Reviewers: aran, tuomaspelkonen, jungejason

CC: moskov

Differential Revision: 362
2011-06-07 11:23:19 -07:00
epriestley
c7ff835073 Replace "Phabricator" menu text with phabricator logo
Summary:
I ran a 99designs contest and this gear-eye thing was actually pretty okay. All
this stuff needs tweaks but at least it won't render with a big square on
windows anymore.

Test Plan:
Looked at menu, it seemed slightly more legitimate and designey than before?

Reviewed By: jungejason
Reviewers: tuomaspelkonen, jungejason, aran
CC: aran, epriestley, jungejason
Differential Revision: 363
2011-05-29 02:48:14 -07:00
epriestley
f9f8ef0e6e Admin and disabled flags for users
Summary:
Provide an "isAdmin" flag for users, to designate administrative users.

Restore the account editing interface and allow it to set role flags and reset
passwords.

Provide an "isDisabled" flag for users and shut down all system access for them.

Test Plan:
Created "admin" and "disabled" users. Did administrative things with the admin
user. Tried to do stuff with the disabled user and was rebuffed. Tried to access
administrative interfaces with a normal non-admin user and was denied.

Reviewed By: aran
Reviewers: tuomaspelkonen, jungejason, aran
CC: ccheever, aran
Differential Revision: 278
2011-05-12 11:17:50 -07:00
epriestley
2a39fd09eb Bring Javelin into Phabricator via git submodule, not copy-and-paste
Summary:
Javelin is currently embedded in Phabricator via copy-and-paste of prebuilt
packages. This is not so great.

Pull it in as a submodule instead and make all the Phabriator resources declare
proper dependency trees. Add Javelin linting.

Test Plan:
I tried to run through pretty much all the JS functionality on the site. This is
still a high-risk change, but I did a pretty thorough test

Differential: inline comments, revealing diffs, list tokenizers, comment
preview, editing/deleting comments, add review action.
Maniphest: list tokenizer, comment actions
Herald: rule editing, tokenizers, add/remove rows

Reviewed By: tomo
Reviewers: aran, tomo, mroch, jungejason, tuomaspelkonen
CC: aran, tomo, epriestley
Differential Revision: 223
2011-05-08 13:20:10 -07:00
tuomaspelkonen
d5ee8c792c Modified DarkConsole Error Log to show more detailed information.
Summary:
When function phlog() is called, stacktrace and detailed log information
is shown in DarkConsole.

Test Plan:
Called 'phlog' function from various places in Phabricator and checked that
the debug information was available in DarkConsole.

Reviewed By: epriestley
Reviewers: epriestley
CC: jungejason, epriestley
Differential Revision: 101
2011-04-06 14:30:54 -07:00
epriestley
8f5d01d451 Get rid of +x on a bunch of nonexecutable files because I failed to set
"create mask" on SMB. :/
2011-04-02 16:47:20 -07:00
tuomaspelkonen
28fe9f4eca User preferences ported from tools
Summary:

Internal tools, e.g., differential and diffusion  have user defined
preferences for monospaced font and the option for showing either the
name of the tool or the glyph of the tool in the title.

These preferences were ported to phabricator. These preferences can be
modified in /preferences/ and they both affect diffusion and differential
at the moment.

Test Plan:

* Created an empty database
* Loaded /preferences/ and modified the monospaced font and clicked save
* Confirmed that the same page was loaded with the message that preferences
  have been saved and that the example text used the user defined font

* in /preferences/ changed the option to show tool names as plain text and
  clicked save
* Confirmed that the same page was loaded with '[Preferences]' in the title
  instead of a glyph

* These same tests were also executed for differential and diffusion

Reviewers: epriestley
CC: jungejason

Differential Revision: 91
2011-03-31 13:44:20 -07:00
epriestley
eccc76dae6 Fix some issues caught by HipHop, and work around some issues
caused by HipHop.
2011-02-26 21:01:42 -08:00
epriestley
d0ea1f1c7b Restore profile links to OAuth resources.
Summary:

Test Plan:

Reviewers:

CC:
2011-02-22 11:06:37 -08:00
epriestley
8fe3c80b6c Make header alignment/layout less horrible.
Summary: <table />s repruhsent

Test Plan:

Reviewers:

CC:
2011-02-20 10:00:29 -08:00
epriestley
0b1450c5f9 Add framebusting to Phabricator.
Summary:
Technically we didn't have it in the first place, but should. Also
add in X-Frame-Options for double-plus-good.

Test Plan:
Created a page with Phabricator in an <iframe />, got busted out
of it. Added in the X-Frame-Options, got an empty iframe.

Differential Revision: 38
Reviewed By: tomo
Reviewers: mroch, tomo
2011-02-16 22:58:44 -08:00
epriestley
147d2e2e3d Rought cut of search.
Summary: Botched this pretty badly in git so we'll see how much I broke. :/

Test Plan:

Reviewers:

CC:
2011-02-14 15:34:20 -08:00
epriestley
91fb157253 Use the task title as the page title for Maniphest task detail views.
Summary: Instead of "Create Task", show the task's ID and name in the page
title.

Test Plan: Looked at a task. Also double-cheked XSS junk and plugged a hole.

Reviewers: cpiro

CC:

Differential Revision: 27
2011-02-09 16:38:51 -08:00
epriestley
6ec5e682f4 Maniphest wireframes
Summary:

Test Plan:

Reviewers:

CC:
2011-02-08 20:39:56 -08:00
epriestley
de2a9c634c Differential lazyweb diff create workflow. 2011-02-05 12:20:18 -08:00
epriestley
addfe3aa79 DarkConsole toggle, workflow behavior. 2011-02-05 11:45:13 -08:00
epriestley
94dd5c6917 Slightly declown my stunning "design" skills. 2011-02-04 18:24:03 -08:00
epriestley
759eec3a77 Very rough cut of DarkConsole + XHProf 2011-02-02 13:48:52 -08:00
epriestley
9dac0ed9f1 Bring in JX.Workflow and the inline commenting behavior, plus sync Javelin. 2011-02-01 15:52:04 -08:00
epriestley
03fec6e911 PhabricatorEnv
'infratructure' -> 'infrastructure' (rofl)
Recaptcha
Email Login / Forgot Password
Password Reset
2011-01-31 11:55:26 -08:00
epriestley
29f7219a49 CSRF / Logout 2011-01-30 18:52:29 -08:00
epriestley
c55b1ed9bb Basic Differential revision feedback view. 2011-01-30 10:37:58 -08:00
epriestley
406a14ebe5 Make 404 page somewhat prettier. 2011-01-30 09:15:01 -08:00
epriestley
de1fb8ac7d DifferentialRevisionEditor 2011-01-26 17:17:49 -08:00
epriestley
ccf7df6093 Authentication 2011-01-26 15:34:20 -08:00
epriestley
16ad2386d8 Javelin integration. 2011-01-25 12:41:55 -08:00
epriestley
e284d5b5dc Distribute Celerity includes. 2011-01-25 11:32:46 -08:00
epriestley
7bb0db1365 Celerity, a Haste-style static resource management system. 2011-01-25 10:18:44 -08:00
epriestley
fed4c583c5 Add Javelin. 2011-01-25 08:18:27 -08:00
epriestley
52126c5479 Add proper syntax highlighting with Phutil. 2011-01-24 17:39:14 -08:00
Evan Priestley
eecc003a62 More phabricator organizational stuff. 2011-01-22 18:00:19 -08:00
epriestley
85198b3d06 Distinguish between aphront and phabricator. 2011-01-22 17:45:28 -08:00
epriestley
76258ce0e1 Import some code, some of which may be relevant to the project. 2011-01-17 19:31:39 -08:00