1
0
Fork 0
mirror of https://we.phorge.it/source/phorge.git synced 2025-01-01 02:10:59 +01:00
Commit graph

3847 commits

Author SHA1 Message Date
epriestley
42ee1d0ed6 Fix XSS in Ponder
Summary: See rP883829e6676fc3412b83b6ab16f7bf5b56b174b8

Test Plan: Verified no XSS with a title like `<b>!</b>`.

Reviewers: vrana, btrahan

Reviewed By: vrana

CC: aran

Differential Revision: https://secure.phabricator.com/D4534
2013-01-19 09:42:18 -08:00
vrana
dd5da0fedb Handle errors in reading cache
Summary: I've stored `PhutilSafeHTML` instance to cache on devbox and then wasn't able to read it in production.

Test Plan: Displayed revision with unreadable cache, saw error in error log but not fatal.

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, Korvin

Differential Revision: https://secure.phabricator.com/D4520
2013-01-19 09:32:38 -08:00
Nick Pellegrino
3802007082 A closed commit can be reopened, if allowed by the config file.
Summary: Fixes T2316

Test Plan:
When the config file allows reopening,
navigate to a closed revision and reopen it in the user interface,
and verify that the revision now "needs review."
Also checks that the reopen option is unavailable when disallowed
by the config file.

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, Korvin

Maniphest Tasks: T2316

Differential Revision: https://secure.phabricator.com/D4526
2013-01-19 09:10:18 -08:00
epriestley
a8bd1f4998 Move Facebook setup checks to post-install
Summary: Technically we should have these for all the OAuth providers but I don't think anyone really has trouble with them and it can probably be done generically after T1536. Preserve the functionality, at least.

Test Plan: Broke my config, verified warnings appeared.

Reviewers: btrahan, vrana

Reviewed By: btrahan

CC: aran

Maniphest Tasks: T2228

Differential Revision: https://secure.phabricator.com/D4506
2013-01-19 08:42:15 -08:00
epriestley
e6b7ad2e00 Migrate max_allowed_packet and GD checks to new setup stuff
Summary: These are nonblocking warnings and can move to post-install.

Test Plan: Broke my environment and observed the warnings.

Reviewers: btrahan, vrana

Reviewed By: vrana

CC: aran, asherkin

Maniphest Tasks: T2228

Differential Revision: https://secure.phabricator.com/D4505
2013-01-19 08:41:45 -08:00
epriestley
14c6df0605 Migrate local disk storage setup check
Summary:
Migrate to the new hotness. Also:

  - Remove a string test, which is now impossible since the config will repair itself and raise a type error.
  - Restore the header even in /config/ -- this check is kind of hacky and it feels a bit more natural now that it's above the menu.

Test Plan: Set my local disk path to something invalid, verified I got a setup error.

Reviewers: btrahan, vrana

Reviewed By: btrahan

CC: aran

Maniphest Tasks: T2228

Differential Revision: https://secure.phabricator.com/D4497
2013-01-19 08:39:27 -08:00
epriestley
d5c29e1135 Make timezone configuration impossible to get wrong
Summary: Fixes T2269. If the user manages to mess up both the PHP and Phabricator configurations, set the timezone to UTC. We basically never use this anyway (we always render into the user's time), PHP just gets angry at us if we don't set it. (We do use it for logged-out users, I suppose.)

Test Plan: Set PHP and Phabricator timezones to goofy nonsense, verified we recover sensibly from it.

Reviewers: btrahan, vrana

Reviewed By: btrahan

CC: aran

Maniphest Tasks: T2228, T2269

Differential Revision: https://secure.phabricator.com/D4496
2013-01-19 08:38:37 -08:00
Asher Baker
da9315b145 Read default values of custom config options
Summary: Because the Default configuration provider is loaded before custom libraries, any config options specified in them don't get a default values.

Test Plan: Looked at /config/

Reviewers: epriestley, codeblock, btrahan

Reviewed By: epriestley

CC: aran, Korvin

Differential Revision: https://secure.phabricator.com/D4532
2013-01-19 08:36:08 -08:00
John Watson
ff53b7942a Initial PhabricatorIRCFeedNotificationHandler
Summary:
Follows Phabricator's feed and puts notifications into channels
that are configured.

~~notification.all - bool - 1:1 stories to messages~~
notification.types - array - Specific story types to notify for - ["differential", "maniphest"]
notification.verbosity - int - Range of 0-3 for verbosity
notification.max_pages - int - Maximum number of pages to go back per poll
notification.page_size - int - Size of pages (limit) to poll
~~notification.channels - array - Array of channels to send messages to~~
~~notification.sleep - int - Seconds to sleep between polls~~

Test Plan: Run phabot with various configuration options

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, Korvin, asherkin

Differential Revision: https://secure.phabricator.com/D4418
2013-01-19 05:45:17 -08:00
Debarghya Das
721071e5b3 Remove Report A Bug
Summary: Removed the 'Report a Bug' link from the footer

Test Plan: Tried looking through all the phabricator pages but didn't quite get around to it.

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, Korvin

Differential Revision: https://secure.phabricator.com/D4528
2013-01-18 18:38:35 -08:00
Chad Little
f7cc0886a0 Use panels for spacing in Maniphest.
Summary: Trying to move move content areas to panelview for consistency in spacing.

Test Plan: Reload Maniphest pages, see equal spacing like on Differential.

Reviewers: epriestley, btrahan

Reviewed By: epriestley

CC: aran, Korvin

Differential Revision: https://secure.phabricator.com/D4527
2013-01-18 18:19:56 -08:00
vrana
6c44e704b5 Delete differential.updatetaskrevisionassoc
Summary: Used only by Facebook.

Test Plan: Moved to Facebook repo and verified it still works.

Reviewers: nh, epriestley

Reviewed By: epriestley

CC: aran, Korvin

Differential Revision: https://secure.phabricator.com/D4515
2013-01-18 18:20:53 -08:00
Chad Little
ca34580123 Touch up Flags
Summary: Normalizes the sidebar, add pht, remove filter panel.

Test Plan: Reload

Reviewers: epriestley, btrahan

Reviewed By: epriestley

CC: aran, Korvin

Differential Revision: https://secure.phabricator.com/D4522
2013-01-18 18:17:01 -08:00
Chad Little
34076fae38 Config style updates.
Summary: Minor spacing tweaks to Config app. Added label for consistency.

Test Plan: Review pages in the Config app for spacing.

Reviewers: epriestley, btrahan

Reviewed By: epriestley

CC: aran, Korvin

Differential Revision: https://secure.phabricator.com/D4523
2013-01-18 18:08:06 -08:00
Debarghya Das
b801ca8e6f Author Can Close Audit Option
Summary: Fixes T2339

Test Plan: Close Audit button does not appear if audit.can-author-close-audit option is disabled

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, Korvin

Maniphest Tasks: T2339

Differential Revision: https://secure.phabricator.com/D4525
2013-01-18 17:54:26 -08:00
Debarghya Das
ed2c050bd5 Make JumpNav work with Paste
Summary: Fixes T2336

Test Plan: Searched for Pastes successfully.

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, Korvin

Maniphest Tasks: T2336

Differential Revision: https://secure.phabricator.com/D4521
2013-01-18 15:55:42 -08:00
vrana
760ab135eb Delete license header 2013-01-18 14:45:58 -08:00
epriestley
08bca2a87e Move mail-related setup issues to setup checks
Summary: Ports mail stuff from the existing setup process to the more modular setup checks.

Test Plan: Configured my local install to have all these errors, verified setup raised them.

Reviewers: btrahan, vrana

Reviewed By: btrahan

CC: aran

Maniphest Tasks: T2228

Differential Revision: https://secure.phabricator.com/D4494
2013-01-18 13:28:30 -08:00
Chad Little
2e589ebddc Update side counters to blue, inset.
Summary: Changes the side number counts to blue with a subtle inset, less straining on the eyes, yet very visible.

Test Plan: Tested short and long numbers in wide and normal button areas. FF, Chrome

Reviewers: epriestley, vrana, btrahan

Reviewed By: vrana

CC: aran, Korvin

Differential Revision: https://secure.phabricator.com/D4513
2013-01-18 12:36:45 -08:00
epriestley
9e2ec82094 Minor, fix initialization order so config initialization does not fatal on phlog(). 2013-01-18 11:29:18 -08:00
vrana
00f730d6e9 Delete unused code in Diffusion browse file
Test Plan: Browsed a file.

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, Korvin

Differential Revision: https://secure.phabricator.com/D4508
2013-01-18 08:37:52 -08:00
epriestley
0e36c802c5 Apply a hack to unbreak bin/storage upgrade across the DB config boundary
Summary: This is gross, but fixes an issue where `bin/storage upgrade` tries to access DB config which doesn't exist yet. We need a version of this for `bin/config` anyway. I'll sort this out into a proper sequenced startup process in a followup.

Test Plan: `bin/storage upgrade` no longer fatals when upgrading across the config boundary.

Reviewers: asherkin, codeblock, btrahan, vrana

Reviewed By: codeblock

CC: aran

Differential Revision: https://secure.phabricator.com/D4512
2013-01-18 07:50:52 -08:00
Asher Baker
27e2198e11 Fix displaying non-image files.
Summary: The Files application currently tries to render all browser-viewable files in an img tag, not taking into account if they're an image or not.

Test Plan: Looked at various image and non-image files.

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, Korvin

Differential Revision: https://secure.phabricator.com/D4511
2013-01-18 06:20:33 -08:00
epriestley
656a6f9b55 Fix editing of JSON config values via web UI
Summary: We should set the value if it's valid, not if it's invalid. derpp~

Test Plan: Set `files.viewable-mime-types`.

Reviewers: asherkin, codeblock, btrahan, vrana

Reviewed By: asherkin

CC: aran

Differential Revision: https://secure.phabricator.com/D4510
2013-01-18 05:47:34 -08:00
Chad Little
dc62433d17 Reduce home nav to 300px.
Summary: Based on loose feedback, reduce the width of the navigation.

Test Plan: Test, reload. Chrome and FF.

Reviewers: epriestley, vrana, btrahan

Reviewed By: epriestley

CC: aran, Korvin

Differential Revision: https://secure.phabricator.com/D4507
2013-01-17 21:01:46 -08:00
epriestley
5beaafb952 Load libraries before adding database config
Summary:
If your configuration overrides the connection adapter, we need to load libraries before we can setup the database config source.

Also lock this since it won't work when edited from the web anymore, and so sneaky users can't upload stuff and then edit their config to run arbitrary code.

Test Plan: See chatlog in #phabricator. This is a problem for Facebook only.

Reviewers: vrana, btrahan

Reviewed By: vrana

CC: aran

Differential Revision: https://secure.phabricator.com/D4498
2013-01-17 18:59:58 -08:00
epriestley
68083c4693 Remove $view; statement with no effect
Summary: See rP96839d35f49c76e8e266af69bbbdcb4c013b9af9.

Test Plan: No effect.

Reviewers: vrana

Reviewed By: vrana

CC: aran

Differential Revision: https://secure.phabricator.com/D4495
2013-01-17 18:59:47 -08:00
epriestley
0560f58167 Minor, Celerity map update. 2013-01-17 16:26:39 -08:00
epriestley
2d74f9ec76 Show a warning banner to administrators when there are unresolved setup warnings
Summary: We now issue only valid setup warnings, so we can let administrators know when we detect problems.

Test Plan:
Banner:

{F29568}

Created a fake issue; saw banner. No banner inside /config/. Resovled the issue, banner went away.

Reviewers: btrahan, chad

Reviewed By: chad

CC: aran

Maniphest Tasks: T2221

Differential Revision: https://secure.phabricator.com/D4493
2013-01-17 16:25:47 -08:00
epriestley
b0d815d157 Repair invalid configuration by setting values back to defaults
Summary:
When configuration is set incorrectly (e.g., of the wrong type), detect and repair it by setting it to the default value. A setup warning will be raised separately.

Notably, this removes the need to hard-code all the class types.

This runs separately from the "invalid config" check because we need to run it on every page, but do setup checks only once per restart (some of them are slow).

Also dirty setup when we edit configuration.

Test Plan: Set config incorrectly on purpose, saw Phabricator correct it on restart and on every subsequent page load until it was fixed.

Reviewers: btrahan, vrana

Reviewed By: vrana

CC: aran

Maniphest Tasks: T2292

Differential Revision: https://secure.phabricator.com/D4492
2013-01-17 16:25:38 -08:00
epriestley
b180a5f599 Minor, update celerity map. 2013-01-17 15:12:23 -08:00
epriestley
74cb7a8971 Add database configuration source to the source stack
Summary:
Read configuration from the new database source.

This adds an extra MySQL connect + query to every page. They're very cheap so I think we can suffer them for now, but I'd like to put cache in front of this at some point. The difficulties are:

  - If we use APC, multi-frontend installs (Facebook) can't dirty it (major problem), and the CLI can't dirty it (fine for now, maybe a major problem later).
  - If we use Memcache, we need to add config stuff.
  - We could use APC in all non-Facebook installs if we can make it dirtyable from the CLI, but I don't see a reasonable way to do that.
  - We don't have any other caches which are faster than the database.

So I'll probably implement Memcache support at some point, although this is a lame excuse for it.

Test Plan: Added some config values via web UI, saw them active on the install.

Reviewers: btrahan, codeblock, vrana

Reviewed By: codeblock

CC: aran

Maniphest Tasks: T2221

Differential Revision: https://secure.phabricator.com/D4296
2013-01-17 15:10:21 -08:00
epriestley
141d479104 Restore some title glyphs to new-style applications
Summary: Not all applications' glyphs survived the migration. Restore them.

Test Plan: Looked at Differential, Phriction, Ponder. Saw title glyphs in page titles.

Reviewers: lesha, btrahan

Reviewed By: btrahan

CC: aran

Differential Revision: https://secure.phabricator.com/D4489
2013-01-17 15:04:57 -08:00
epriestley
5a65bffe21 Disable Differential 1up views in all cases for now
Summary: They're buggy and I'm not going to get to fixing them for a bit and they trigger on Macbook Airs and such.

Test Plan: Reloaded a revision in a narrow window.

Reviewers: btrahan, chad

Reviewed By: chad

CC: aran

Differential Revision: https://secure.phabricator.com/D4490
2013-01-17 15:04:44 -08:00
Chad Little
e53244d1da Minor homepage re-format
Summary: Cleans up homepage layout. Removes panels, moves 'mini panels' under panels with information.

Test Plan: Test out my homepage, ask Evan to test his.

Reviewers: epriestley, btrahan

Reviewed By: epriestley

CC: aran, Korvin

Differential Revision: https://secure.phabricator.com/D4491
2013-01-17 14:02:18 -08:00
Chad Little
7ac5cd7628 Minor tweaks to Maniphest
Summary: A bit better spacing on tasks and matching the styles of Differential. Should help normalize the homepage.

Test Plan: Review a list of tasks, fake some data.

Reviewers: epriestley, btrahan

Reviewed By: epriestley

CC: aran, Korvin

Differential Revision: https://secure.phabricator.com/D4487
2013-01-17 12:36:31 -08:00
vrana
e10fdbe77e Use write connection and transactions in SQL patches
Summary:
Patches often read from slaves (possibly stale data) and use that information to write on master.
It causes problems when applying more patches quickly after each other because data created in previous patch may not be replicated yet.

Test Plan:
  $ bin/storage upgrade

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, Korvin

Differential Revision: https://secure.phabricator.com/D4483
2013-01-17 12:07:16 -08:00
vrana
f896696fde Don't pop invalid test environment
Summary: If `unset($env)` throws then we pop some other environment instead which is impossible to pop later.

Test Plan:
  $ arc unit src/infrastructure/env/__tests__ src/applications/calendar/storage/__tests__

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, Korvin

Differential Revision: https://secure.phabricator.com/D4488
2013-01-17 12:01:46 -08:00
vrana
09ad34c34b Update quickstart.sql
Summary: It's faster a bit than applying patches.

Test Plan:
  $ bin/storage --trace upgrade --namespace x

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, Korvin

Differential Revision: https://secure.phabricator.com/D4481
2013-01-17 11:00:56 -08:00
vrana
aa3e95cbeb Cache connection in bin/storage
Summary: Connection takes .3s from dev server to master.

Test Plan:
  $ bin/storage --trace upgrade --namespace x
  $ bin/storage --trace destroy --namespace x

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, Korvin

Differential Revision: https://secure.phabricator.com/D4480
2013-01-17 11:00:36 -08:00
Tristan Pemble
c7c25e141a Added support for STARTTLS with LDAP
New config value 'ldap.start-tls' (defaults to false) for STARTTLS
support over LDAP
2013-01-17 09:51:13 -08:00
Ricky Elrod
da6296a176 LDAP STARTTLS option.
Summary: For GitHub PR 246.

Test Plan: Looked at the option.

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, Korvin

Maniphest Tasks: T2255

Differential Revision: https://secure.phabricator.com/D4485
2013-01-17 09:50:01 -08:00
epriestley
1b4369056e Remove unnecessary $nav
Summary: See D4451.

Test Plan: Looked at Maniphest, saw it unchanged.

Reviewers: edward, btrahan

Reviewed By: edward

CC: aran

Differential Revision: https://secure.phabricator.com/D4484
2013-01-17 08:33:34 -08:00
vrana
df8d0a578b Correctly handle unset generated paths 2013-01-16 16:57:09 -08:00
epriestley
83f5452d53 Implement all remaining config options
Summary: Resolves T2255.

Test Plan: Looked at mail options. Saw no remaining "Setup Issues".

Reviewers: codeblock, btrahan

Reviewed By: codeblock

CC: aran

Maniphest Tasks: T2255

Differential Revision: https://secure.phabricator.com/D4477
2013-01-16 15:06:39 -08:00
epriestley
482f6ea56b Remove "Flags" from homepage
Summary: Flags have a large red count on the homepage now, which I think is a sufficient reminder of flagged stuff. This element was nice at first to raise awareness of the app, but it's fairly well integrated now and enjoys moderate use. This is also a sort of feeler for how much people use it / the homepage in general.

Test Plan: Looked at homepage, no flags.

Reviewers: chad, btrahan

Reviewed By: btrahan

CC: aran

Differential Revision: https://secure.phabricator.com/D4479
2013-01-16 15:06:19 -08:00
epriestley
99847da3aa Mask remaining config values, and implement set type
Summary: The remaining hash/key values are already-migrated, I am just bad at grep. Also implement a "set" type.

Test Plan: Looked at set, edited set.

Reviewers: codeblock, btrahan

Reviewed By: codeblock

CC: aran

Maniphest Tasks: T2255

Differential Revision: https://secure.phabricator.com/D4476
2013-01-16 15:06:07 -08:00
vrana
9f549ba75e Fix whitespace around else 2013-01-16 12:16:37 -08:00
epriestley
e3cfcc4a46 Sort options by key on "all config"
Summary: Oops, missed this -- alphabetical is probably a better sort order than by-group-then-by-definition.

Test Plan: Looked at alphabetical options.

Reviewers: codeblock, btrahan

Reviewed By: codeblock

CC: aran

Maniphest Tasks: T2255

Differential Revision: https://secure.phabricator.com/D4474
2013-01-16 11:39:13 -08:00
epriestley
6e69523efc Move "show all config" from DarkConsole to /config/
Summary:
Currently, we have a "config" panel in DarkConsole. It's useful to have a table of all effective config values, but it doesn't need to be in DarkConsole. Move it to Config instead. Basically:

  - You don't need to activate DarkConsole to see it anymore;
  - now visible only to admins;
  - respects config mask/hide;
  - somewhat prettier;
  - links to config edit;
  - no longer ships down on every DarkConsole request with a giant table of rarely-used data.

Test Plan: Looked at the table. Looked at lack of table in darkconsole.

Reviewers: codeblock, btrahan

Reviewed By: codeblock

CC: aran

Maniphest Tasks: T2255

Differential Revision: https://secure.phabricator.com/D4473
2013-01-16 11:10:41 -08:00