1
0
Fork 0
mirror of https://we.phorge.it/source/phorge.git synced 2024-11-16 11:52:40 +01:00
Commit graph

3756 commits

Author SHA1 Message Date
John Watson
204d6481e4 Fix PhabricatorBot ignore messages from senders
Summary:
PhabricatorBotMessage->getSender returns a PhabricatorBotUser object (which potentially can be null)
So check null and then use getName to get actual name of the sender

Test Plan: Run phabot and add myself to ignore list

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, Korvin

Differential Revision: https://secure.phabricator.com/D5036
2013-02-20 12:30:54 -08:00
epriestley
28bdeb6d3e Document YYYYMMDD.name.ext format for SQL patches
Summary: This isn't currently documented anywhere.

Test Plan: Read text

Reviewers: kwadwon

Reviewed By: kwadwon

CC: aran

Differential Revision: https://secure.phabricator.com/D4988
2013-02-20 12:18:41 -08:00
epriestley
41b9752ba8 Fix an OAuthServer issue where an attacker could make a link function over HTTP when it should be HTTPS-only
Summary:
Two behavioral changes:

  - If the redirect URI for an application is "https", require HTTPS always.
  - According to my reading of http://tools.ietf.org/html/draft-ietf-oauth-v2-23#section-3.1.2 we need to check both names //and values// for parameters. Add value checking. I think this makes more sense in general? No one uses this, soooo...

iiam

Test Plan: This has good coverage already; added some tests for the new cases.

Reviewers: vrana

Reviewed By: vrana

CC: cbg, aran, btrahan

Differential Revision: https://secure.phabricator.com/D5022
2013-02-19 16:09:36 -08:00
vrana
2191e99b49 Delete unused variable 2013-02-19 16:08:04 -08:00
vrana
ee663afdeb Initialize variable in Next Step
Test Plan: None.

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, Korvin

Differential Revision: https://secure.phabricator.com/D5020
2013-02-19 16:07:09 -08:00
epriestley
2f66138464 Fix an open redirect issue in Phame with "View Live"
Summary: Currently, you can set a blog URI to "evil.com" and then the live controller will issue a redirect. Instead, require a CSRF check. If it fails, pop a "this blog has moved" dialog.

Test Plan:
  - Clicked "View Live" for in-app and on-domain blogs and posts.
  - Hit URI directly.

{F33302}

Reviewers: vrana

Reviewed By: vrana

CC: cbg, aran

Differential Revision: https://secure.phabricator.com/D5021
2013-02-19 16:04:54 -08:00
epriestley
17cabea1bc I am not good at computer
Auditors: vrana
2013-02-19 15:25:44 -08:00
epriestley
fb90d5ffed Add implicit CC rules to ApplicationTransactions
Summary: When you make a comment on an object (or take certain other actions), we want to automatically CC you. Build this into ApplicationTransactions since it's a common behavior shared across multiple apps. Fixes T2215.

Test Plan: Made a comment on a macro, got cc'd.

Reviewers: chad

Reviewed By: chad

CC: aran

Maniphest Tasks: T2215

Differential Revision: https://secure.phabricator.com/D5019
2013-02-19 15:20:28 -08:00
epriestley
db2c32acdf Don't fatal for diffs with no VCS
Auditors: vrana
2013-02-19 15:19:28 -08:00
Lauri-Henrik Jalonen
f1bd1da062 Moved rendering to PholioInlineCommentView
Summary:
Rendering of inline comments has now been moved to PholioInlineCommentView controller.
Delete almost deletes and edit... well not so much, but replaced google.fi with amazing popup.

Test Plan: Verified that inline comments still show up. Verified that delete almost deletes.

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, Korvin

Maniphest Tasks: T2446

Differential Revision: https://secure.phabricator.com/D4994

Conflicts:

	src/applications/pholio/controller/PholioInlineController.php
2013-02-19 14:14:40 -08:00
vrana
8eb404aea7 Avoid HTML escaping in plain text e-mails
Summary: Seen in e-mail from T2016.

Test Plan: None.

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, Korvin

Maniphest Tasks: T2432

Differential Revision: https://secure.phabricator.com/D5016
2013-02-19 14:02:35 -08:00
epriestley
0d38bca11f Fix function/method declaration lint in Phabricator. Automatic patches.
Auditors: vrana
2013-02-19 13:47:03 -08:00
epriestley
a22bea2a74 Apply lint rules to Phabricator
Summary: Mostly applies a new call spacing rule; also a few things that have slipped through via pull requests and such

Test Plan: `find src/ -type f -name '*.php' | xargs -n16 arc lint --output summary --apply-patches`

Reviewers: chad

Reviewed By: chad

CC: aran

Differential Revision: https://secure.phabricator.com/D5002
2013-02-19 13:33:10 -08:00
vrana
63f35ee94f Suggest branch name in Next Step
Summary: Is this correct for Mercurial?

Test Plan: Saw it.

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, Korvin

Differential Revision: https://secure.phabricator.com/D4957
2013-02-19 12:58:16 -08:00
vrana
9a3d0f71a3 Decrease commit identifier display length
Summary: We are running out of horizontal space, this should help a bit.

Test Plan: Homepage, revision.

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, Korvin

Differential Revision: https://secure.phabricator.com/D4518
2013-02-19 12:43:57 -08:00
vrana
4f5123e253 Make PhabricatorLintEngine extensible
Summary:
It makes sense for Phabricator customizations to use all the Phabricator linters and maybe add some more or delete some.
Doing this as proxy would be PITA as there are lots of methods that would need to be proxied.

Test Plan: Extended it.

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, Korvin

Differential Revision: https://secure.phabricator.com/D4954
2013-02-19 11:37:25 -08:00
epriestley
a5f031835c Notify users when an object they created gets awarded a token
Summary:
  - Publish feed/notification.
  - I think this is too lightweight for an email?
  - We don't tell them which token right now. Laziness? Or intentional aura of mystery?!
  - For tasks, notify both author and current owner.
  - Fixes T2562.

Test Plan: {F33187}

Reviewers: chad

Reviewed By: chad

CC: aran

Maniphest Tasks: T2562

Differential Revision: https://secure.phabricator.com/D5007
2013-02-18 17:44:45 -08:00
epriestley
8d79c7282d Accommodate long daemon command lines
Summary: Fixes T2559 with an incredibly original patch which I came up with myself.

Test Plan:
  $ ./bin/storage upgrade -f
  Applying patch 'phabricator:20130218.longdaemon.sql'...
  Storage is up to date. Use 'storage status' for details.

Reviewers: edward

Reviewed By: edward

CC: aran

Maniphest Tasks: T2559

Differential Revision: https://secure.phabricator.com/D5006
2013-02-18 11:51:42 -08:00
epriestley
50efcf1043 Fix double nav on Maniphest reports
Summary: Fixes T2311.

Test Plan: {F33161}

Reviewers: chad

Reviewed By: chad

CC: aran

Maniphest Tasks: T2311

Differential Revision: https://secure.phabricator.com/D5005
2013-02-18 11:44:42 -08:00
Afaque Hussain
61c26463bc Php schema patch to update channel id's of past events.
Summary: Php schema patch to update channel id's of past events.

Test Plan: Having some proxy issues here due to which connection is timing out and bot is not able to log into IRC. Bot connects to IRC in my home though ! So I wasn't able to quite to test this by running storage upgrade.

Reviewers: epriestley

CC: aran, Korvin

Differential Revision: https://secure.phabricator.com/D5000
2013-02-18 10:53:53 -08:00
epriestley
cd41b834f7 Improve Diviner linking
Summary:
Do this somewhat reasonably:

  - For links to the same documentation book (the common case), go look up that the thing you're linking to actualy exists. If it doesn't, render a <span> which we can make have a red background and warn about later.
  - For links to some other book, just generate a link and hope it hits something. We can improve and augment this later.
  - For non-documentation links (links in comments, e.g.) just generate a query link into the Diviner app. We'll do a query and figure out where to send the user after they click the link. We could pre-resolve these later.

Test Plan: Generated documentation, saw it build mostly-correct links when objects were referenced correctly. Used preview to generate various `@{x:y|z}` things and made sure they ended up reasonable-looking.

Reviewers: chad

Reviewed By: chad

CC: aran

Maniphest Tasks: T988

Differential Revision: https://secure.phabricator.com/D5001
2013-02-18 09:44:43 -08:00
Edward Speyer
16accb591c STRICT_ALL_TABLES fix for a Herald column
Summary: Casting a PHP bool to a MySQL `TINYINT(1)`!

Test Plan: This broke during arc diff; with this patch, arc diff now works!

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, Korvin

Differential Revision: https://secure.phabricator.com/D4999
2013-02-18 16:58:35 +00:00
epriestley
4f2aa99248 Add "serviceName" and "serviceType" to bot and chat logger
Summary:
Make each adapter provide a "serviceType" (campfire, flowdock, IRC) and "serviceName" (irc network / chat server) so that we can disambiguate between, e.g., "#phabricator on EFNet" and "#phabricator on FreeNode".

Make the chatlog handler ship them over Conduit.

Also fix some "policy can not be null" bugs with chatlog recording.

Test Plan:
Verified data inserted correctly:

  mysql> select * from chatlog_channel;
  +----+------------------+-------------+--------------+------------+------------+-------------+--------------+
  | id | serviceName      | serviceType | channelName  | viewPolicy | editPolicy | dateCreated | dateModified |
  +----+------------------+-------------+--------------+------------+------------+-------------+--------------+
  |  1 | irc.freenode.net | IRC         | #phabricator | users      | users      |  1361201689 |   1361201689 |
  +----+------------------+-------------+--------------+------------+------------+-------------+--------------+
  1 row in set (0.00 sec)

  mysql> select * from chatlog_event where channelID = 1;
  +----+--------------+------------+------------+------+---------------+--------------------------------+-----------+
  | id | channel      | epoch      | author     | type | message       | loggedByPHID                   | channelID |
  +----+--------------+------------+------------+------+---------------+--------------------------------+-----------+
  | 45 | #phabricator | 1361201689 | epriestley | mesg | blip blip     | PHID-USER-5bt2phfepag4cdvjtzg5 |         1 |
  | 46 | #phabricator | 1361201700 | epriestley | mesg | boop boop bip | PHID-USER-5bt2phfepag4cdvjtzg5 |         1 |
  +----+--------------+------------+------------+------+---------------+--------------------------------+-----------+
  2 rows in set (0.00 sec)

Reviewers: Afaque_Hussain, indiefan

Reviewed By: Afaque_Hussain

CC: aran

Maniphest Tasks: T837

Differential Revision: https://secure.phabricator.com/D4996
2013-02-18 07:50:41 -08:00
epriestley
57a9c3f07c Improve Diviner handling of paths and remarkup
Summary:
  - Currently, the atomizers don't emit atoms with the right file in all cases. Make them always emit it correctly.
  - Currently, we use absolute paths in some cases and relative paths in other cases. Use them consistently: relative when storing/presenting, absolute when accessing data.
  - Don't preserve linebreaks when marking up documentation (documentation is generally wrapped at 80col, but should not be wrapped in this way when displayed).
  - Markup Diviner link rules (albeit uselesly).

Test Plan:
Before:

{F33044}

After:

{F33045}

Reviewers: chad

Reviewed By: chad

CC: aran

Maniphest Tasks: T988

Differential Revision: https://secure.phabricator.com/D4992
2013-02-17 15:40:44 -08:00
epriestley
dba42ec5c7 Allow Diviner to render quasi-documentation
Summary: Take a few more steps forward toward usability.

Test Plan: {F33040}

Reviewers: chad

Reviewed By: chad

CC: aran

Maniphest Tasks: T988

Differential Revision: https://secure.phabricator.com/D4991
2013-02-17 15:40:24 -08:00
epriestley
a5fb482a00 Add a ref cache and index construction to Diviner
Summary: Cache refs in a single large index; rebuild the main index from them.

Test Plan: {F32334}

Reviewers: btrahan, vrana, chad

Reviewed By: chad

CC: aran

Maniphest Tasks: T988

Differential Revision: https://secure.phabricator.com/D4900
2013-02-17 15:40:11 -08:00
epriestley
c7e12c6a85 Add a publish cache for the Diviner static publisher
Summary: Keep track of what we've written to disk, and regenerate only new documents.

Test Plan: Changed a small number of files, saw that number of files get regenerated. Ran with "--clean" and saw everything regenerate.

Reviewers: btrahan, vrana, chad

Reviewed By: chad

CC: aran

Maniphest Tasks: T988

Differential Revision: https://secure.phabricator.com/D4897
2013-02-17 15:40:00 -08:00
epriestley
bcc082a01e Move Diviner further toward usability
Summary:
  - Complete the "project" -> "book" stuff. This is cleaner conceptually and keeps us from having yet another meaning for the word "project".
  - Normalize symbols during atomization. This simplifies publishing a great deal, and allows static documentation to link to dynamic documentation and vice versa, because the canonical names of symbols are agreed upon (we can tweak the actual algorithm).
  - Give articles a specifiable name distinct from the title, and default to something like "support" instead of "Get Help! Get Support!" so URIs end up more readable (not "Get_Help!_Get_Support!").
  - Have the atomizers set book information on atoms.
  - Implement very basic publishers. Publishers are basically glue code between the atomization process and the rendering process -- the two we'll have initially are "static" (publish to files on disk) and "phabricator" (or similar -- publish into the database).
  - Handle duplicate symbol definitions in the atomize and publish pipelines. This fixes the issue where a project defines two functions named "idx()" and we currently tell them not to do that and break. Realistically, this is common in the real world and we should just roll our eyes and do the legwork to generate documentation as best we can.
  - Particularly, dirty all atoms with the same name as a dirty atom (e.g., if 'function f()' is updated, regnerate the documentation for all functions named f() in the book).
  - When publishing, we publish these at "function/f/@1", "function/f/@2". The base page will offer to disambiguate ("There are 8 functions named 'f' in this codebase, which one do you want?").
  - Implement a very very basic renderer. This generates the actual HTML (or text, or XML, or whatever else) for the documentation, which the publisher dumps onto disk or into a database or whatever.
  - The atomize workflow actually needs to depend on books, at least sort of, so make it load config and use it properly.
  - Propagate multilevel dirties through the graph. If "C extends B" and "B extends A", we should regenerate C when A changes. Prior to this diff, we would regnerate B only.

Test Plan: Generated some documentation. Named two articles "feedback", generated docs, saw "article/feedback/@1/" and "article/feedback/@2/" created.

Reviewers: btrahan, vrana, chad

Reviewed By: chad

CC: aran

Maniphest Tasks: T988

Differential Revision: https://secure.phabricator.com/D4896
2013-02-17 15:39:36 -08:00
epriestley
26aac16346 Garbage collect TTL'd cache entries from the general cache
Summary: We currently garbage collect general cache entries after a set period of time (30 days by default), but the recent changes to DarkConsole have left us writing a lot of large, short-TTL data to the cache. In addition to a maximum age, GC cache entires after they TTL out.

Test Plan: Ran GC daemon, saw TTL'd entries get collected. Inserted a TTL'd entry, saw it get collected by GC. Saw non-ttl'd entries not get collected.

Reviewers: chad

Reviewed By: chad

CC: aran

Differential Revision: https://secure.phabricator.com/D4990
2013-02-17 09:13:49 -08:00
epriestley
c2642c8a40 Remove redundant translations
Summary:
  - Remove some redundant copies of translations after D4985.
  - Make some %d more grammatical, "run this command" reads better than "run this 1 command". In context, these numbers are always very small, so counting them even in the >1 variants aren't useful.
  - Fix subscriber(s).

Test Plan: Looked at an unsubscribe story, saw translation.

Reviewers: chad

Reviewed By: chad

CC: aran

Differential Revision: https://secure.phabricator.com/D4989
2013-02-17 09:13:40 -08:00
epriestley
0ca7c77c10 Integrate subscriptions with ApplicationTransactions
Summary: Fixes T2214. For objects which support ApplicationTransaction, use ApplicationTransactions to apply subscription action changes. Principally, this makes clicking "Subscribe" / "Unsubscribe" appear correctly in the transaction log.

Test Plan: Clicked "Subscribe" and "Unsubscribe" a on Macros and Mocks.

Reviewers: chad

Reviewed By: chad

CC: aran

Maniphest Tasks: T2214

Differential Revision: https://secure.phabricator.com/D4986
2013-02-17 06:37:09 -08:00
epriestley
2231e5200a Implement basic transaction detail blocks
Summary:
Some transactions (like editing configuration values, task descriptions, or Conpherence images) can't be simply explained and need an additional larger element to show them fully (like a text diff).

Support change details like this in ApplicationTransactions. Implements the element in Config, so you can see changes.

Test Plan: {F32974}

Reviewers: chad

Reviewed By: chad

CC: aran

Maniphest Tasks: T2213

Differential Revision: https://secure.phabricator.com/D4984
2013-02-17 06:37:02 -08:00
indiefan
5fb56f859c Added Flowdock protocol adapter for the bot. Refactored campfire bot into a base streaming protocol adapter for common functionality.
Summary: First pass. Flowdock supports interesting message types (like replies to messages), but for now implementing a standard messaging interface.

Test Plan: Ran both a Flowdock bot and a Campfire bot. Made sure both still connected and responded properly to the Object Handler.

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, Korvin

Differential Revision: https://secure.phabricator.com/D4983
2013-02-15 20:24:24 -08:00
epriestley
0e7382b102 Fix conpherence sprites
Summary:
The map had "conph" but everything else refers to "conpher". The "conph" sprite thing won when I regenerated sprites for tokens.

I should just fix this so it can't happen, but unbreak for now. Renamed "conph" -> "conpher", regenerated sprites, nuked all the "conph" stuff.

Test Plan: Looked at Conpherence, saw icons.

Reviewers: chad

Reviewed By: chad

CC: aran

Differential Revision: https://secure.phabricator.com/D4982
2013-02-15 19:04:25 -08:00
epriestley
dad7c65bf5 Fix some bot issues
Summary:
  - Deprecate differentialnotification in favor of feednotification; it's strictly better.
  - Fix feed notification + channels.
  - Fix rendering of new-style stories (pholio, macro), which currently fatal.

Test Plan: See chatlog.

Reviewers: codeblock, indiefan

Reviewed By: codeblock

CC: aran

Differential Revision: https://secure.phabricator.com/D4981
2013-02-15 17:10:51 -08:00
epriestley
02f7ece868 Fix overescaping in Paste
Summary:
Two issues:

  - When we read the content out of cache, it has lost its "safe html" flag, since the cache is raw-string oriented. Restore it.
  - explode() isn't safe-html-safe. Use phutil_split_lines() instead, which is.

Test Plan: Looked at /paste/

Reviewers: codeblock, chad

Reviewed By: codeblock

CC: aran

Differential Revision: https://secure.phabricator.com/D4980
2013-02-15 16:38:46 -08:00
Afaque Hussain
6c1043cf58 Populating Channel Id's
Summary: Modified the conduitAPI_chatlog_record method to populate channel Id's

Test Plan: Check if the new chatlog channel table is getting populated with entries

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, Korvin

Differential Revision: https://secure.phabricator.com/D4979
2013-02-15 16:01:06 -08:00
Deedy
638d1b4447 Renders the last 100 conpherence transactions only
Summary: Fixed T2428 a little bit

Test Plan: On trial, only the last n transactions loaded as hardcoded in ConpherenceViewController.php. Button was rendered.

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, Korvin

Maniphest Tasks: T2428

Differential Revision: https://secure.phabricator.com/D4898
2013-02-15 14:06:41 -08:00
Chad Little
9da0a460b6 Add 'My Mocks' filter to Pholio
Summary: Add the ability to filter Pholio on Mocks I added.

Test Plan: Went to test user account, no mocks, went to my account, saw mocks.

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, Korvin

Differential Revision: https://secure.phabricator.com/D4974
2013-02-15 10:52:41 -08:00
Chad Little
b80f5e9105 Pholio touchups
Summary: Added crumbs, phts some things, made mobile menus work.

Test Plan: Review Pholio in sb and ios.

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, Korvin

Maniphest Tasks: T2531

Differential Revision: https://secure.phabricator.com/D4973
2013-02-15 10:17:31 -08:00
epriestley
ef7cc5df24 Increase pholio thumb size
Summary: Fixes T2548.

Test Plan: {F32894}

Reviewers: chad

Reviewed By: chad

CC: aran

Maniphest Tasks: T2548

Differential Revision: https://secure.phabricator.com/D4972
2013-02-15 08:19:24 -08:00
epriestley
6124865c56 Minor phutil_tag/HTML fixes
Summary:

  - In stack traces, a `,` should clearly be a `.`.
  - In Calendar, a 'td' got swapped with a 'p' somewhere.
  - In old-style transaction views, strlen() is no longer a sufficient test.

Test Plan:

  - Verified stack traces render correctly.
  - Verified calendar renders correctly.
  - Verified Maniphest transactions with no comment no longer have a little empty div a few pixels high.

Reviewers: chad

Reviewed By: chad

CC: aran

Differential Revision: https://secure.phabricator.com/D4971
2013-02-15 08:14:31 -08:00
kwadwo
d8d16ece5e data in PhabricatorFile hashed using sha1
Summary: Hash file content using sha1

Test Plan: None provided

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, Korvin

Differential Revision: https://secure.phabricator.com/D4969
2013-02-15 07:47:50 -08:00
epriestley
49c40d209d Tokens v1
Summary:
Features!

  - Giving tokens.
  - Taking tokens back.
  - Not giving tokens.

Test Plan: See screenshots.

Reviewers: chad, vrana

Reviewed By: chad

CC: aran, btrahan

Maniphest Tasks: T2541

Differential Revision: https://secure.phabricator.com/D4964
2013-02-15 07:47:14 -08:00
Chad Little
f9f29253e4 Tweak pinboard styles
Summary: Curves, gradients, black and white designs. Some of those are in here.

Test Plan: Tested Macro and Pholio, better, tighter spacing. We could probably use bigger images. Checked iOS and Chrome.

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, Korvin

Differential Revision: https://secure.phabricator.com/D4970
2013-02-15 07:45:50 -08:00
Chad Little
2c5c6f5915 Fix layout when no project blurb exists.
Summary: If no description, just move other attributes up.

Test Plan: Add a Project with no description, layout looks normal now.

Reviewers: epriestley, btrahan

Reviewed By: epriestley

CC: aran, Korvin

Differential Revision: https://secure.phabricator.com/D4962
2013-02-14 13:55:48 -08:00
epriestley
f5aa92ecda Fix Phame escaping issue
Summary: Fixes blog.phacility.com, etc. There's bascially no plausible way we can do better here, especially once we get the Wordpress "API" up and running.

Test Plan: patched secure.phabricator.com live

Reviewers: vrana

Reviewed By: vrana

CC: aran

Differential Revision: https://secure.phabricator.com/D4958
2013-02-14 13:09:47 -08:00
epriestley
176ee9a889 Fix {Fnnn} rule in Remarkup
Summary:
Remarkup rule callbacks now get SafeHTML matches instead of string matches. If they call:

  $some_lisk_dao->load($matches[1]);

..as is the case with the `{F123}` rule, we reject the SafeHTML as an invalid ID and return null.

Allow load() to string convert any object (which will either succeed or fatal in an obviously-broken way).

(Long ago we threw instead of returning null here, but it meant we had to do a lot of redundant checks.)

Test Plan: `{F123}` shows an image again. `{C1}` embeds a countdown.

Reviewers: vrana, chad

Reviewed By: vrana

CC: aran

Differential Revision: https://secure.phabricator.com/D4961
2013-02-14 13:09:19 -08:00
Chad Little
fb32a64d84 Convert Projects to use ObjectItemList
Summary: Converts the old table to a new item list, also added ability to link icons on right side of item stack.

Test Plan: Tested adding removing, sorting of projects both active and inactive.

Reviewers: epriestley, btrahan

Reviewed By: epriestley

CC: aran, Korvin

Differential Revision: https://secure.phabricator.com/D4960
2013-02-14 13:07:35 -08:00
epriestley
1e5d1f6534 Improve some documentation/examples for bot stuff
Summary: This doesn't fully update the docs, but at least removes the most blatant lies.

Test Plan: looked at the document with my eyeballs

Reviewers: indiefan, staticshock

Reviewed By: staticshock

CC: aran

Differential Revision: https://secure.phabricator.com/D4959
2013-02-14 12:47:39 -08:00
Afaque Hussain
73991bb262 Added channel ID to events
Summary: Added a column channelID column to phabricator_chatlog.chatlog_event

Test Plan: Checked through mysql to see if table is updated

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, Korvin

Differential Revision: https://secure.phabricator.com/D4956
2013-02-14 12:27:18 -08:00
Afaque Hussain
9baada1571 Schema Patch to Add a New Table
Summary: Added 20130214.chatlogchannel.sql in resources/sql/patches to add a new table

Test Plan: Hmmmmm .......

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, Korvin

Differential Revision: https://secure.phabricator.com/D4952
2013-02-14 11:37:05 -08:00
Evan Priestley
dea1a9585c Merge pull request #237 from dmrenie/master
Fix 'View Full Commit History' link
2013-02-14 07:25:47 -08:00
Evan Priestley
60cb9e1cfb Merge pull request #267 from taichi/escape_file_path
escape svn repository file paths.
2013-02-14 07:00:29 -08:00
epriestley
0a8b0d1392 Merge IRCProtocolHandler into IRCAdapter
Summary:
Clearly silly to have a separate handler for this. I also made most of the protocol stuff direct writes so we don't need to ship them through handlers, and made the adapter ignore message it does not understand by default instead of sending them to IRC, and added PASTE "support".

We could still let handlers react to these messages by emitting them all as 'RAWIRC' or similar, but there's currently no need for that so I didn't bother.

Also fix an issue in D4924 with nickpass.

Test Plan: Had bot join IRC, talked to it.

Reviewers: indiefan

Reviewed By: indiefan

CC: aran

Differential Revision: https://secure.phabricator.com/D4925
2013-02-14 05:13:55 -08:00
epriestley
d5995d574d Formalize targets (users and channel) into objects
Summary:
Make users/channels/rooms into objects, so we can later sort out stuff like Campfire user IDs, Phabricator vs chat accounts, etc.

The only change here is that I removed output buffering from the macro handler. We should move throttling/buffering to adapters instead and have it apply globally.

Test Plan: Ran IRC and Campfire bots and interacted with them.

Reviewers: indiefan

Reviewed By: indiefan

CC: aran

Differential Revision: https://secure.phabricator.com/D4924
2013-02-14 05:13:38 -08:00
epriestley
ec306497f5 Lock down bot adapter API slightly
Summary:
  - Reduce visibiliy of config.
  - Add a typehint.

Test Plan: Ran campfire/irc bots and chatted with them.

Reviewers: indiefan

Reviewed By: indiefan

CC: aran, amerigomasini

Differential Revision: https://secure.phabricator.com/D4923
2013-02-14 05:07:50 -08:00
Afaque Hussain
7b133b8bf2 Added a new storage object
Summary: Added a new storage object. Created PhabricatorChagLogChannel

Test Plan: Will be specified by Evan :P

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, Korvin

Differential Revision: https://secure.phabricator.com/D4943
2013-02-14 05:07:36 -08:00
Chad Little
a05ee0d743 Moderize Slowvote
Summary: phts everywhere, crumbs, and mobile views.

Test Plan: Created Questions, Voted, tested Chrome and iOS, Looked at ALLCAPS

Reviewers: epriestley, btrahan

Reviewed By: epriestley

CC: aran, Korvin

Differential Revision: https://secure.phabricator.com/D4938
2013-02-13 16:47:24 -08:00
vrana
6ae4066d18 Kill phutil_render_tag()
Summary: Fixes some double escaping.

Test Plan: None.

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, Korvin

Maniphest Tasks: T2432

Differential Revision: https://secure.phabricator.com/D4945
2013-02-13 16:32:13 -08:00
epriestley
4f42d85c1c Use a serialize()-based cache instead of a JSON-based cache for changesets
Summary: These are full of PhutilSafeHTML objects now, which are destroyed by JSON serialization.

Test Plan: Dropped cache, then reloaded pages.

Reviewers: vrana

Reviewed By: vrana

CC: aran

Differential Revision: https://secure.phabricator.com/D4942
2013-02-13 14:45:57 -08:00
epriestley
262abd39bc Fix undefined variable "none"
Summary: Assuming this is right?

Test Plan: No more exception error when viewing a revision.

Reviewers: vrana

Reviewed By: vrana

CC: aran

Differential Revision: https://secure.phabricator.com/D4937
2013-02-13 13:40:46 -08:00
vrana
b08cdf4599 Add missing hsprintf() after merge
Summary: rP4bd2ad

Test Plan: None.

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, Korvin

Differential Revision: https://secure.phabricator.com/D4939
2013-02-13 13:30:13 -08:00
epriestley
4bd2ad9270 Merge branch 'master' into phutil_tag
Auditors: vrana
2013-02-13 12:42:57 -08:00
vrana
4eb84149c2 Convert everything to safe HTML
Summary: Sgrepped for `"=~/</"` and manually changed every HTML.

Test Plan: This doesn't work yet but it is hopefully one of the last diffs before Phabricator will be undoubtedly HTML safe.

Reviewers: epriestley

CC: aran, Korvin

Maniphest Tasks: T2432

Differential Revision: https://secure.phabricator.com/D4927
2013-02-13 12:35:40 -08:00
vrana
718d22d607 Convert Remarkup to safe HTML
Test Plan: None.

Reviewers: epriestley

CC: aran, Korvin

Maniphest Tasks: T2432

Differential Revision: https://secure.phabricator.com/D4919
2013-02-13 12:34:49 -08:00
Afaque Hussain
2dab1c1e42 Made conduit permanently installed
Summary: Made conduit permanently installed

Test Plan: Tried to uninstall conduit from applications app and I couldn't :)

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, Korvin

Differential Revision: https://secure.phabricator.com/D4935
2013-02-13 12:21:50 -08:00
Chad Little
2591b4bc77 pht for Paste
Summary: Fill in missing pht's for Paste

Test Plan: Review Paste in ALLCAPS.

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, Korvin

Differential Revision: https://secure.phabricator.com/D4934
2013-02-13 11:47:31 -08:00
vrana
5ad526942b Convert AphrontPanelView to safe HTML (except children)
Summary: Fixes some double escaping and potential XSS.

Test Plan: Looked at homepage.

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, Korvin

Maniphest Tasks: T2432

Differential Revision: https://secure.phabricator.com/D4917
2013-02-13 10:30:32 -08:00
Chad Little
b4d69800f9 Moderize Projects
Summary: Add mobile menus, PHTs and clean up panels. There is a litle more to do, but will tackle feed, etc in another diff.

Test Plan: Test Project filters on Chrome and iOS browser.

Reviewers: epriestley, btrahan

Reviewed By: epriestley

CC: aran, Korvin

Differential Revision: https://secure.phabricator.com/D4931
2013-02-13 09:22:14 -08:00
Afaque Hussain
829fa6664f Created Chat log application class
Summary: Created a chat log application which displays on the home page.

Test Plan: Loaded the home page to see if the chat log application really shows up on the home page.

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, Korvin

Differential Revision: https://secure.phabricator.com/D4930
2013-02-13 07:28:14 -08:00
Lauri-Henrik Jalonen
29d6180e35 Show drafts and inline comments
Summary:
Show drafts for users that made them.
Show inline comments beside image, highlights them when user mouseovers selection.
Allow users that can view mock to add inline comment instead of only allowing users that can edit mock to add inline comment.

Test Plan:
Verified that inline comments are shown beside image. Verified that only drafts for current user are shown. Verified that inline comment is
highlithed when user mouseovers their selection.

Reviewers: epriestley

CC: aran, Korvin

Maniphest Tasks: T2446

Differential Revision: https://secure.phabricator.com/D4929
2013-02-13 07:23:51 -08:00
taichi
21ddd3a73f escape svn repository file paths. 2013-02-13 19:30:11 +09:00
vrana
5a9e834658 Dont display empty other locations of lint errors 2013-02-12 14:01:27 -08:00
indiefan
eb942f3e1e Updated Campfire adapter to be able to post sound messages and paste messages.
Test Plan: Ran the bot with a handler that sends sound commands.

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, Korvin

Differential Revision: https://secure.phabricator.com/D4922
2013-02-12 11:30:21 -08:00
vrana
80fb84bd94 Convert PhabricatorTransactionView to safe HTML
Test Plan: Looked at revision detail with comments.

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, Korvin

Differential Revision: https://secure.phabricator.com/D4915
2013-02-11 19:01:20 -08:00
vrana
868ca71451 Fix some HTML problems
Summary: I'm too lazy to attaching them for diffs where they were introduced.

Test Plan:
/
/D1, wrote comment with code snippet
DarkConsole
commit detail, wrote comment
task detail, wrote comment

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, Korvin

Maniphest Tasks: T2432

Differential Revision: https://secure.phabricator.com/D4911
2013-02-11 18:18:26 -08:00
vrana
8c71815028 Merge renderChildren() and renderHTMLChildren()
Summary: `renderChildren()` now returns array which isn't ideal but I prefer it to having two methods.

Test Plan: None.

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, Korvin

Differential Revision: https://secure.phabricator.com/D4910
2013-02-11 18:18:23 -08:00
vrana
ae4e5807d6 Merge renderSingleView() and renderHTMLView()
Summary: They are same because render() returns safe HTML and raw strings are automatically escaped.

Test Plan: None.

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, Korvin

Differential Revision: https://secure.phabricator.com/D4909
2013-02-11 18:18:21 -08:00
vrana
c9ab1fe505 Return safe HTML from all render()
Summary:
This is pretty brutal and it adds some `phutil_safe_html()`.
But it is a big step in the right direction.

Test Plan: None.

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, Korvin

Maniphest Tasks: T2432

Differential Revision: https://secure.phabricator.com/D4905
2013-02-11 18:18:18 -08:00
epriestley
edaff9e2a3 Improve description of "Show Filetree"
Summary: Clearer?

Test Plan: Read it.

Reviewers: nh

Reviewed By: nh

CC: aran

Differential Revision: https://secure.phabricator.com/D4908
2013-02-11 15:58:32 -08:00
vrana
37b98450a5 Replace array_interleave() by phutil_implode_html()
Summary:
I like this abstraction better.
Result of `phutil_implode_html()` may be also used as a param of `hsprintf()`.

Test Plan: None.

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, Korvin

Differential Revision: https://secure.phabricator.com/D4904
2013-02-11 15:27:43 -08:00
vrana
c3ae8286db Configure PhutilXHPAST linter
Test Plan:
  $ arc lint src/applications/audit/controller/PhabricatorAuditListController.php

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, Korvin

Maniphest Tasks: T2432

Differential Revision: https://secure.phabricator.com/D4895
2013-02-11 15:27:41 -08:00
vrana
a22ef4e9b4 Kill most of phutil_escape_html()
Summary:
This resolves lots of double escaping.
We changed most of `phutil_render_tag(, , $s)` to `phutil_tag(, , $s)` which means that `$s` is now auto-escaped.
Also `pht()` auto escapes if it gets `PhutilSafeHTML`.

Test Plan: None.

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, Korvin

Maniphest Tasks: T2432

Differential Revision: https://secure.phabricator.com/D4889
2013-02-11 15:27:38 -08:00
epriestley
1e74c05ac6 Add timestamps to development-mode static resource URIs
Summary:
When a developer changes CSS, it is normally sufficient to reload the page to get changes to show up, because browsers revalidate resources on reload.

However, if you reload the page and then an Ajax request adds new CSS to the page, this CSS does not trigger revalidation. The developer must currently clear their cache or re-run `scripts/celerity_mapper.php webroot`, to get this request to skip cache. We rarely use CSS over Ajax right now, so this hasn't cropped up much, but Conpherence does use this and clearing the resource is a big pain.

This seems to work fine normally, but I'm worried it might break some of the extra-celerity-resources stuff Facebook is doing.

Test Plan: In development mode, changed `conpherence/message-pane.css` and saw changes reflected on reload. Verified normal page loads do not cause additional HTTP requests. This change has no effect in production mode.

Reviewers: edward, vrana, btrahan

Reviewed By: vrana

CC: aran

Maniphest Tasks: T2428

Differential Revision: https://secure.phabricator.com/D4902
2013-02-11 11:06:41 -08:00
epriestley
ca0d6aca10 Add separate exception for when the repository clone is unreadable.
Summary: Show a more specific exception when the local clone cannot be read because of permission issues.

Test Plan: Create a repository in an unreadable location and check for the right exception.

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, Korvin

Maniphest Tasks: T2368

Differential Revision: https://secure.phabricator.com/D4868
2013-02-11 08:35:00 -08:00
kwadwo
76aee9985a Conduit file upload method that takes in the files content hash and name. Returns the file phid if successful. Updates to phutil library map.
Summary: Conduit method to upload a a new file using a hash

Test Plan: Try uploading a file using its content hash

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, Korvin

Differential Revision: https://secure.phabricator.com/D4899
2013-02-11 06:30:02 -08:00
indiefan
eaa72c6155 Fixing a bug in the bot ignore logic to use sender.
Summary: Also added sender to the campfire adapter. This isn't extremely useful as it's just a numeric id, but it allows us to add ignores (specifically having the bot ignore itself).

Test Plan: Ran the bot, ignored itself.

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, Korvin

Differential Revision: https://secure.phabricator.com/D4893
2013-02-09 16:10:33 -08:00
epriestley
0f8984f5a7 Move XHProf sampling code out of index.php
Summary:
  - Separate the ideas of "requested" (explicit user request) vs "started" (user request or sampling).
  - Move this code out of index.php into the XHProf stuff (general effort to make index.php smaller).

Test Plan:
Verified that profiling still works, and profiling extends to ajax requests.

Set sampling rate to 2, saw 50% samples.

Looked at database, saw sampling data populating properly.

Reviewers: vrana, nh

Reviewed By: vrana

CC: aran

Differential Revision: https://secure.phabricator.com/D4891
2013-02-09 15:47:55 -08:00
vrana
b72e7969a1 Move Pygments handling to libphutil
Test Plan: None.

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, Korvin

Differential Revision: https://secure.phabricator.com/D4875
2013-02-09 15:19:55 -08:00
vrana
9b8da73765 Convert AphrontTableView to safe HTML
Summary:
Lots of killed `phutil_escape_html()`.

Done by searching for `AphrontTableView` and then `$rows` (usually) backwards.

Test Plan:
Looked at homepage.

  echo id(new AphrontTableView(array(array('<'))))->render();

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, Korvin

Differential Revision: https://secure.phabricator.com/D4884
2013-02-09 15:11:38 -08:00
vrana
58b6e2cac6 Convert AphrontDialogView to safe HTML
Summary:
Done by searching for `AphrontDialogView` and then `appendChild()`.

Also added some `pht()`.

Test Plan: None.

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, Korvin

Differential Revision: https://secure.phabricator.com/D4882
2013-02-09 15:11:35 -08:00
vrana
e4736bf977 Avoid double escaping in error view title
Summary: Searched for `AphrontErrorView` and then for `setTitle()`.

Test Plan: None.

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, Korvin

Maniphest Tasks: T2432

Differential Revision: https://secure.phabricator.com/D4880
2013-02-09 15:11:33 -08:00
epriestley
879c14e13a Consolidate HTTP header access
Summary: Route all `$_SERVER['HTTP_...']` stuff through AphrontRequest (it would be nice to make this non-static, but the stack is a bit tangled right now...)

Test Plan: Verified CSRF and cascading profiling. `var_dump()`'d User-Agent and Referer and verified they are populated and returned correct values when accessed. Restarted server to trigger setup checks.

Reviewers: vrana

Reviewed By: vrana

CC: aran

Differential Revision: https://secure.phabricator.com/D4888
2013-02-09 15:01:57 -08:00
epriestley
f5827871d5 When a page is profiled, profile all AJAX requests too
Summary: If a page is profiled, add an "X-Phabricator-Profiler" header to all Ajax requests, and profile those too.

Test Plan: Profiled a page, checked Darkconsole, saw profiles for everything.

Reviewers: vrana, btrahan

Reviewed By: vrana

CC: aran

Differential Revision: https://secure.phabricator.com/D4885
2013-02-09 13:29:47 -08:00
epriestley
27a537c15f When viewing a thread with no picture, load no images instead of all images
Summary:
Currently, we select every file when looking at a thread with no splash image.

(Possibly the Query stuff should try to catch this.)

Test Plan: No more `SELECT * FROM files` query.

Reviewers: chad, btrahan, vrana

Reviewed By: vrana

CC: aran

Differential Revision: https://secure.phabricator.com/D4887
2013-02-09 13:28:51 -08:00
epriestley
4a3a4fdea3 Make Conpherence a lot faster
Summary: Remove a sleep().

Test Plan: Thread cost dropped from ~1s to ~70ms for a test thread based on profiling after D4885.

Reviewers: btrahan, chad, vrana

Reviewed By: chad

CC: aran

Differential Revision: https://secure.phabricator.com/D4886
2013-02-09 13:00:06 -08:00
Nick Pellegrino
628bef0771 Default to right status when viewing a config 'class' option
Summary: T2361

Test Plan:
Set value to metamta.mail-adapter and reload page.  Defaults to assigned value.
Performed same test with metamta.can-send-as-user to check that functionality is not broken for config 'boolean' options.

Reviewers: epriestley

Reviewed By: epriestley

CC: kwadwon, aran, Korvin

Maniphest Tasks: T2361

Differential Revision: https://secure.phabricator.com/D4881
2013-02-09 11:03:57 -08:00
epriestley
1190e0516f Fix double escaping on PhabricatorFileLinkListView
Summary: Fallout from D4822.

Test Plan: {F32108}

Reviewers: chad, btrahan, vrana

Reviewed By: chad

CC: aran

Differential Revision: https://secure.phabricator.com/D4879
2013-02-09 08:43:37 -08:00
Chad Little
2cc1da20e7 Mobile-ize Phriction
Summary: Walk through using Phriction on mobile, cleaned up missing conversion.

Test Plan: View History, edit document, create document, delete document.

Reviewers: epriestley, btrahan

Reviewed By: epriestley

CC: aran, Korvin

Differential Revision: https://secure.phabricator.com/D4872
2013-02-09 08:36:28 -08:00