1
0
Fork 0
mirror of https://we.phorge.it/source/phorge.git synced 2024-11-25 00:02:41 +01:00
Commit graph

6619 commits

Author SHA1 Message Date
epriestley
b3394c53d8 Detect goofy sudo -n output under OSX
Summary: See rP2fedb6f941d8. We might need a more general version of this since we do some `sudo` stuff elsewhere, but at least on my machine `sudo -n` exits with code 0 when the target user exists but needs a password.

Test Plan:
  - Tried to run daemons as root, with no automatic sudo to root. Got a bad result before (phd believed it had executed the daemons) and a good result afterward (phd recognized that sudo failed).
  - Tried to run daemons from root, as a non-root user. Got a good result in both cases.

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: fabe, epriestley

Differential Revision: https://secure.phabricator.com/D11041
2014-12-23 14:45:07 -08:00
epriestley
f35a38b086 Allow public access to the project edit/history page
Summary: Fixes T6807. This page shows edit history and has edit options, but is not an edit interface itself per se. Allowing public access is consistent with other interfaces/applications.

Test Plan: Viewed a public project's history page as a public user.

Reviewers: btrahan, chad

Reviewed By: chad

Subscribers: epriestley

Maniphest Tasks: T6807

Differential Revision: https://secure.phabricator.com/D11039
2014-12-23 10:00:12 -08:00
Fabian Stelzer
2fedb6f941 Start phd daemons as the correctly configured user and refuse otherwise
Summary:
Fixes T5196
If no phd.user is configured the behaviour is unchanged besides printing a warning when run as root (Usually i would add an exit(1) here but that would break existing installs who do that).
If phd.user is set and the current user is root it will run the daemon as: su USER -c "command" (I'm not sure if this works for every platform needed)
Otherwise it will refuse to start if configured and current user mismatch.

Test Plan: Stopped & Started phd daemon with various users and different phd.user settings including root

Reviewers: #blessed_reviewers, epriestley

Reviewed By: #blessed_reviewers, epriestley

Subscribers: vinzent, epriestley

Maniphest Tasks: T5196

Differential Revision: https://secure.phabricator.com/D11036
2014-12-23 08:15:51 -08:00
Fabian Stelzer
6132d8012b show the current size limit when a file upload fails
Summary: Show the php.ini setting for max upload or alterantively the in phabricator configured one. Fixes T6663

Test Plan: changed php.ini and alternatively phabricator file upload size settings to minimal values and try to upload a larger file

Reviewers: #blessed_reviewers, epriestley

Reviewed By: #blessed_reviewers, epriestley

Subscribers: Korvin, btrahan, chad, epriestley

Maniphest Tasks: T6663

Differential Revision: https://secure.phabricator.com/D11031
2014-12-23 05:17:16 -08:00
Chad Horohoe
a366f85c11 Properly create Elasticsearch index
Summary:
When the index does not exist and auto_create_index isn't
enabled, running ./bin/index results in a failure. That's
T5990

Instead create an index properly. This also allows us to do
nice things like do a proper mapping and analysis like for
substring matching like outlined by @fabe in T6552.

Test Plan:
Deleted and created index multiple times to verify
proper index creation and usage.

Reviewers: epriestley, #blessed_reviewers

Reviewed By: epriestley, #blessed_reviewers

Subscribers: Korvin, manybubbles, chasemp, fabe, epriestley

Differential Revision: https://secure.phabricator.com/D10955
2014-12-22 13:10:52 -08:00
Chad Horohoe
c953c0fedc Switch normal query from match to simple_query_string
Summary:
It's like query_string but fails a little nicer on bad
input. It also allows for limited Lucene syntax; notably
exact string matches with quotation marks.

Fixes T6780

Test Plan:
Tested multiple query constructions, including exact string
matching.

Reviewers: #blessed_reviewers, epriestley

Reviewed By: #blessed_reviewers, epriestley

Subscribers: epriestley

Maniphest Tasks: T6780

Differential Revision: https://secure.phabricator.com/D11011
2014-12-22 13:00:33 -08:00
Austin Kelleher
bdda61184b Fixing typo unautorized -> unauthorized.
Summary: Fixing small typo unautorized -> unauthorized.

Test Plan: N/A

Reviewers: epriestley, #blessed_reviewers

Reviewed By: epriestley, #blessed_reviewers

Subscribers: chad, Korvin, epriestley

Differential Revision: https://secure.phabricator.com/D11029
2014-12-22 12:57:49 -08:00
Fabian Stelzer
853ce5e927 setup warning for mysql with default boolean syntax
Summary: Ref: T6747 add a setup warning if mysql is configured with the default boolean syntax

Test Plan: Run setup checks with default mysql config and then add the desired config option, restart and check again.

Reviewers: #blessed_reviewers, epriestley

Reviewed By: #blessed_reviewers, epriestley

Subscribers: epriestley

Maniphest Tasks: T6747

Differential Revision: https://secure.phabricator.com/D11030
2014-12-22 12:57:15 -08:00
epriestley
340373f7bb Almanac: forced interface PHIDs, prefix/suffix device query, DestructibleInterface
Summary: Ref T5833. Ref T6238. These are general capabilities which are particularly useful for synchronizing cluster specifications to instances.

Test Plan:
  - Synchronized networks, devices, interfaces, services, bindings and properties to a managed instance.
  - Used typeahead.
  - Destroyed networks, devices, and services. Saw interfaces and bindings destroyed.

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: epriestley

Maniphest Tasks: T6238, T5833

Differential Revision: https://secure.phabricator.com/D11024
2014-12-22 12:50:44 -08:00
Bob Trahan
e76499bbbb Maniphest - kill TYPE_PROJECTS
Summary: Fixes T5245. Migrate old TYPE_PROJECTS transaction to new style edge transactions. Kill remaining rendering code.

Test Plan:
issued some fun queries to get some old-style transaction in my install:

```
// go from nothing to 1
INSERT INTO maniphest_transaction (phid, authorPHID, objectPHID, viewPolicy, editPolicy, commentVersion, transactionType, oldValue, newValue, contentSource, metadata, dateCreated, dateModified)
VALUES ('PHID-XACT-TASK-000000000000000', 'PHID-USER-zo35vxnoi4bxqak6yqhc', 'PHID-TASK-hb5wphctibxxqryo6ssi', 'users', 'users', 0, 'projects', '[]', '["PHID-PROJ-4teaxbjk5okv7mdz2qlx"]', '', '{}', 1419274578, 1419274578)

// go from 1 to 2
INSERT INTO maniphest_transaction (phid, authorPHID, objectPHID, viewPolicy, editPolicy, commentVersion, transactionType, oldValue, newValue, contentSource, metadata, dateCreated, dateModified)
VALUES ('PHID-XACT-TASK-111111111111111', 'PHID-USER-zo35vxnoi4bxqak6yqhc', 'PHID-TASK-hb5wphctibxxqryo6ssi', 'users', 'users', 0, 'projects', '["PHID-PROJ-4teaxbjk5okv7mdz2qlx"]', '["PHID-PROJ-4teaxbjk5okv7mdz2qlx", "PHID-PROJ-a7giqlyyfirqswg6gn6x"]', '', '{}', 1419274580, 1419274580)

// swap 1 for 1 with 2 in set
INSERT INTO maniphest_transaction (phid, authorPHID, objectPHID, viewPolicy, editPolicy, commentVersion, transactionType, oldValue, newValue, contentSource, metadata, dateCreated, dateModified)
VALUES ('PHID-XACT-TASK-222222222222222', 'PHID-USER-zo35vxnoi4bxqak6yqhc', 'PHID-TASK-hb5wphctibxxqryo6ssi', 'users', 'users', 0, 'projects', '["PHID-PROJ-4teaxbjk5okv7mdz2qlx", "PHID-PROJ-a7giqlyyfirqswg6gn6x"]', '["PHID-PROJ-4teaxbjk5okv7mdz2qlx", "PHID-PROJ-cety4gr55gpxzhwtrkhx"]', '', '{}', 1419274582, 1419274582)

// go from 2 to 1
INSERT INTO maniphest_transaction (phid, authorPHID, objectPHID, viewPolicy, editPolicy, commentVersion, transactionType, oldValue, newValue, contentSource, metadata, dateCreated, dateModified)
VALUES ('PHID-XACT-TASK-333333333333333', 'PHID-USER-zo35vxnoi4bxqak6yqhc', 'PHID-TASK-hb5wphctibxxqryo6ssi', 'users', 'users', 0, 'projects', '["PHID-PROJ-4teaxbjk5okv7mdz2qlx", "PHID-PROJ-cety4gr55gpxzhwtrkhx"]', '["PHID-PROJ-4teaxbjk5okv7mdz2qlx"]', '', '{}', 1419274584, 1419274584)
```

took a screenshot. ran the migration script and compared the screenshots and things looked correctly migrated...!

old style:

{F255408}

new style:

{F255407}

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: Korvin, epriestley

Maniphest Tasks: T5245

Differential Revision: https://secure.phabricator.com/D11032
2014-12-22 11:54:02 -08:00
Chad Little
b925f42c55 Remove docs sprite, replace with FontAwesome
Summary: Removes the docs sprite in Conpherence with FontAwesome, adds additional icons. Unsure what happens if someone customized this config option.

Test Plan: Added images and files to a Conpherence, saw new icons.

Reviewers: btrahan, epriestley

Reviewed By: epriestley

Subscribers: Korvin, epriestley

Differential Revision: https://secure.phabricator.com/D11028
2014-12-20 20:59:24 -08:00
Chad Little
194d33e4bd Missed a call to Conpherence sprite
Summary: Fixes an exception on Conpherence.

Test Plan: Use Conpherence. Grep for other locations.

Reviewers: epriestley

Subscribers: Korvin, epriestley

Differential Revision: https://secure.phabricator.com/D11027
2014-12-20 13:08:07 -08:00
Chad Little
1e0f1f4936 Remove payments sprite
Summary: Removes unused payments sprite and code, also some unused conpherence generated images. We use images in login (and could use FontAwesome, maybe).

Test Plan: grep codebase, pull up uiexamples icons page

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: Korvin, epriestley

Differential Revision: https://secure.phabricator.com/D11025
2014-12-20 09:44:53 -08:00
Chad Little
f07f7bfaa4 Remove unused Conpherence sprites
Summary: These were refactored out a while ago

Test Plan: Grep codebase, use Conpherence on desktop, mobile.

Reviewers: btrahan, epriestley

Reviewed By: epriestley

Subscribers: Korvin, epriestley

Differential Revision: https://secure.phabricator.com/D11023
2014-12-20 07:44:50 -08:00
epriestley
0ce08b4d27 Work around lack of PKCS8 support in OSX ssh-keygen
Summary:
Ref T4209. Ref T6240. Ref T6238. See D10401 for original discussion.

On OSX, `ssh-keygen` doesn't support PKCS8:

  - When we hit an issue with this, raise a more tailored message about it.
  - Allow the user to work around the problem with `auth cache-pkcs8 ...`, providing reasonable guidance / warnings.

In practice, this only really matters very much for one key, which I'm just going to make the services extension cache automatically. So it's sort of moot, but good to have around for weird cases and to make testing easier.

Test Plan: Hit error, cached key, got clean asymmetric auth.

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: epriestley

Maniphest Tasks: T4209, T6240, T6238

Differential Revision: https://secure.phabricator.com/D11021
2014-12-19 16:36:40 -08:00
Bob Trahan
8ac73b2bf3 Differential - tighten up access of Differential data from other applications
Summary: Fixes T6790. Turn the old method into "new" (old signature) and "newEphemeral". Deploy "newEphemeral" as many places as possible; basically places we are not in the Differential application *and* have no intentions of ever saving the diff. These callsites are also all places we are just trying to get some changesets at the end of the day.

Test Plan: set differential application policy to 'administrators only'. viewed a commit in diffusion and it worked without any errors! i'm just using my thinkin' noodle on the other code paths.

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: Korvin, epriestley

Maniphest Tasks: T6790

Differential Revision: https://secure.phabricator.com/D11020
2014-12-19 14:54:15 -08:00
epriestley
e0f4e19c3f Add an Almanac service typeahead datasource
Summary: Ref T5833. Ref T6238. This will probably be useful somewhere in the upstream eventually, and is materially useful in the Instances application right now.

Test Plan: tippy typey typey

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: epriestley

Maniphest Tasks: T6238, T5833

Differential Revision: https://secure.phabricator.com/D11016
2014-12-19 12:36:14 -08:00
Chad Little
9c6467d867 Fix typo in people controller 2014-12-19 09:48:55 -08:00
Bob Trahan
9141da84c8 Maniphest - convert old CC transactions to modern SUBSCRIBER transactions
Summary: database migration + drop old view code. Fixes T5604.

Test Plan: grepped src/ for TYPE_CCS (no hits); viewed some tasks with old cc transactions and noted they still rendered correctly post data conversion

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: Korvin, epriestley

Maniphest Tasks: T5604

Differential Revision: https://secure.phabricator.com/D11015
2014-12-18 14:42:46 -08:00
epriestley
d2df3064bc Allow Almanac services to be locked
Summary:
Fixes T6741. This allows Almanac services to be locked from the CLI. Locked services (and their bindings, interfaces and devices) can not be edited. This serves two similar use cases:

  - For normal installs, you can protect cluster configuration from an attacker who compromises an account (or generally harden services which are intended to be difficult to edit).
  - For Phacility, we can lock externally-managed instance cluster configuration without having to pull any spooky tricks.

Test Plan:
  - Locked and unlocked services.
  - Verified locking a service locks connected properties, bindings, binding properties, interfaces, devices, and device properties.

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: epriestley

Maniphest Tasks: T6741

Differential Revision: https://secure.phabricator.com/D11006
2014-12-18 14:31:36 -08:00
epriestley
cd6f67ef95 When repository services are available, use them when creating a new repository
Summary:
Ref T2783. When creating a new repository, test for cluster services. If cluster services are available, allocate on a random open service.

Show the service that repositories are allocated on.

Test Plan: Created a new repository, saw it allocate onto an available cluster service.

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: epriestley

Maniphest Tasks: T2783

Differential Revision: https://secure.phabricator.com/D11003
2014-12-18 14:31:22 -08:00
Bob Trahan
10f2cfec5b Maniphest - remove references to deprecated transaction type TYPE_PROJECTS from code
Summary:
...except the transaction class itself, which still needs some knowledge of these transactions for older installs.

Ref T5245. T5604 and T5245 are now in a similar place -- there's an unknown set of bugs introduced from my changes and there's still old display code lying around with some old transactions in the database. I'll stomp out the bugs if / when they surface and data migration is up next.

This revision also adds a "TransactionPreviewString" method to the edge objects so that we can have a prettier "Bob edited associated projects." preview of this transaction.

Test Plan: added a project from task detail and saw correct preview throughout process with correct project added. bulk removed a project from some tasks. added a project from the edit details pane.

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: Korvin, epriestley

Maniphest Tasks: T5245

Differential Revision: https://secure.phabricator.com/D11013
2014-12-18 14:17:16 -08:00
Chad Little
2d3f5dae3c Have app tooltips align east with more width
Summary: I find this easier to read

Test Plan: Hover over tooltip area

Reviewers: btrahan, epriestley

Reviewed By: epriestley

Subscribers: Korvin, epriestley

Differential Revision: https://secure.phabricator.com/D11012
2014-12-18 14:03:13 -08:00
Bob Trahan
83db5965ab Maniphest - introduce needProjectPHIDs
Summary: Ref T5245. This is some of the associated cleanup there.

Test Plan:
foreach ManiphestTaskQuery site, I made the change (or not) and tested as follows:

=== Call sites where added needProjectPHIDs ===

- PhabricatorHomeMainController - loaded the home page
- ManiphestBatchEditController - batch edited some tasks (added a project)
- ManiphestConduitAPIMethod - tested implicitly when tested ManiphestUpdateConduitAPIMethod
- ManiphestInfoConduitAPIMethod - used the method via conduit console with input id : 1
- ManiphestQueryConduitAPIMethod - used the method via conduit console with input ids : [1, 2]
- ManiphestUpdateConduitAPIMethod - used the method via conduit with input id : 1 and comment : “asdasds"
- ManiphestReportController - viewed “By User” and “By Project”
- ManiphestSubpriorityController - changed the priority of a task via a drag on manphest home
- ManiphestTaskMailReceiver - updated Task 1 via bin/mail receive-test with a comment that is the README
- ManiphestTaskSearchEngine - loaded Manifest home page
- ManiphestTaskEditController - edited a task
- ManiphestTransactionEditor - closed a blocking task
- ManiphestTransactionSaveController - commented on a task
- PhabricatorProjectProfileController - viewed project with id of 1 that has a few tasks in it
- PhabricatorSearchAttachController - merged tasks together
- DifferentialTransactionEditor - submit a diff that references a task; commit the diff (thus closing the diff) and the task gets updated
- PhabricatorRepositoryCommitMessageParserWorker - submit a diff that references a task; commit the diff (thus closing the diff) and the task gets updated

=== Calls sites where *did not* add needProjectPHIDs (they do not appear in this revision) ===

- PhabricatorManiphestApplication - loaded the home page
- ManiphestGetTaskTransactionsConduitAPIMethod - used the method via conduit console with input ids : [1, 2] ManiphestTaskDetailController - viewed a task with and without associated projects; finished workflow creating a task with a parent
- ManiphestTransactionPreviewController - verified transaction preview showed up properly
- PhabricatorProjectBoardViewController - viewed a board
- PhabricatorProjectMoveController - moved a task around
- ManiphestRemarkupRule - made a task reference like {T123}
- ManiphestTaskQuery - executed a custom query for all tasks with page size of 2 and paginated through some tasks
- ManiphestTaskPHIDType - nothing random seems broken? =D

=== Call sites where had to do something funky ===

- ManiphestHovercardEventListener - loaded hover cards from task mentions

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: Korvin, epriestley

Maniphest Tasks: T5245

Differential Revision: https://secure.phabricator.com/D11004
2014-12-18 13:53:45 -08:00
Chad Little
7361e605dc Add mobile app menu to Project Lists
Summary: Using Project lists on mobile is missing the query menu, this adds it.

Test Plan: test mobile layout, click menu, see query list

Reviewers: btrahan, epriestley

Reviewed By: epriestley

Subscribers: Korvin, epriestley

Differential Revision: https://secure.phabricator.com/D11010
2014-12-18 11:07:40 -08:00
Chad Little
05c13857af Link search query to Dashboard header title
Summary: Makes the header text clickable to the full results.

Test Plan: Click on a few queries.

Reviewers: btrahan, epriestley

Reviewed By: epriestley

Subscribers: Korvin, epriestley

Differential Revision: https://secure.phabricator.com/D11008
2014-12-18 08:40:50 -08:00
epriestley
f5600acb16 Don't skip policy checks on ObjectQuery if special capabilities are required
Summary: Ref T6741. As an optimization, we omit policy checks on ObjectQuery, but need to retain them if the query requests non-view permissions. This primarily affected Almanac properties.

Test Plan: Almanac properties now do full policy checks on ObjectQuery loads.

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: epriestley

Maniphest Tasks: T6741

Differential Revision: https://secure.phabricator.com/D11005
2014-12-17 17:04:12 -08:00
epriestley
d8739459f6 Rename "Local" settings in Diffusion to "Storage"
Summary: Ref T2783. In Diffusion -> Edit Repository, we currently have a section called "Local" with options about where the repository is stored. The current name is misleading in a cluster environment, where storage may not actually be local. Shortly, this will also have an option for cluster storage. Call this "Storage" instead.

Test Plan: Edited a repository and poked around.

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: epriestley

Maniphest Tasks: T2783

Differential Revision: https://secure.phabricator.com/D11001
2014-12-17 11:13:49 -08:00
epriestley
3fa519da74 Allow Almanac service types to define default properties
Summary:
Ref T5833. This allows Almanac ServiceTypes to define default properties for a service, which show up in the UI and are more easily editable.

Overall, this makes it much easier to make structured/usable/consistent service records: you can check a checkbox that says "prevent new allocations" instead of needing to know the meaning of a key.

Test Plan: {F251593}

Reviewers: chad, btrahan

Reviewed By: btrahan

Subscribers: epriestley

Maniphest Tasks: T5833

Differential Revision: https://secure.phabricator.com/D10996
2014-12-17 11:10:50 -08:00
epriestley
c85327ca3e Give AlmanacServices a service type
Summary:
Ref T5833. This allows services to be typed, to distinguish between different kinds of services. This makes a few things easier:

  - It's easier for clients to select the services they're interested in (see note in T5873 about Phacility). This isn't a full-power solution, but gets is some of the way there.
  - It's easier to set appropriate permissions around when modifications to the Phabricator cluster are allowed. These service nodes need to be demarcated as special in some way no matter what (see T6741). This also defines a new policy for users who are permitted to create services.
  - It's easier to browse/review/understand services.
  - Future diffs will allow ServiceTypes to specify more service structure (for example, default properties) to make it easier to configure services correctly. Instead of a free-for-all, you'll get a useful list of things that consumers of the service expect to read.

The "custom" service type allows unstructured/freeform services to be created.

Test Plan:
  - Created a new service (and hit error cases).
  - Edited an existing service.
  - Saw service types on list and detail views.
  - Poked around new permission stuff.
  - Ran `almanac.queryservices` with service class specification.

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: epriestley

Maniphest Tasks: T5833

Differential Revision: https://secure.phabricator.com/D10995
2014-12-17 11:10:27 -08:00
Bob Trahan
f24ae96bb6 Pholio - fix show older transactions for if there are inline comments
Summary: We didn't load enough data for this case for the custom view class Pholio uses. Fixes T6770. Re-jiggers the signature of the loadImages function in the PholioMockQuery to get there so as to not duplicate any business logic.

Test Plan: made a pholio mock with lots of inline comments. pre-patch "show older" fatals and post-patch "show older" works

Reviewers: chad, epriestley

Reviewed By: epriestley

Subscribers: Korvin, epriestley

Maniphest Tasks: T6770

Differential Revision: https://secure.phabricator.com/D11002
2014-12-17 09:42:37 -08:00
Joshua Spence
ed4c7893e9 Fix a exception being thrown from Diviner
Summary: If no Diviner groups are defined that this line currently throws a fatal exception... make this a little more safe.

Test Plan: Applied to our install, no more exceptions.

Reviewers: epriestley, #blessed_reviewers

Reviewed By: epriestley, #blessed_reviewers

Subscribers: Korvin, epriestley

Differential Revision: https://secure.phabricator.com/D10999
2014-12-17 18:10:31 +11:00
epriestley
f18ee5c237 Generate and use "cluster" Conduit API tokens
Summary:
Ref T5955. Ref T2783.

  - Removes the "temporary" type. I was going to use this for T3628 but it started taking more time than I wanted to spend on it.
  - Add a "cluster" type, which is an internal-only token type used within a cluster. This token value is never shown to the user.
  - Automatically generate, use, and cycle cluster tokens.

Test Plan:
  - Diffusion (mostly) works with a repository configured to use a remote service.
  - Saw cluster tokens generate; terminated a cluster token and saw it regenerate.
  - Viewed cluster token in settings panel and saw nice explanatory text instead, as expected (we might just hide these eventually).

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: epriestley

Maniphest Tasks: T2783, T5955

Differential Revision: https://secure.phabricator.com/D10990
2014-12-15 11:15:14 -08:00
epriestley
288498f8d0 Add conduit.getcapabilities and a modern CLI handshake workflow
Summary:
Ref T5955.

  - Add `conduit.getcapabilities` to help arc (and other clients) determine formats, protocols, etc., the server supports.
  - Fixes T3117. Add a more modern version of the handshake workflow that allows all generated tokens to remain valid for an hour.
  - Generally, add a CLI token type. This token type expires after an hour when generated, then becomes permanent if used.

Test Plan:
  - See D10988.
  - Ran `conduit.getcapabilities` and inspected output.

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: epriestley

Maniphest Tasks: T3117, T5955

Differential Revision: https://secure.phabricator.com/D10989
2014-12-15 11:14:53 -08:00
epriestley
0507626f01 Accept Conduit tokens as an authentication mechanism
Summary:
  - Ref T5955. Accept the tokens introduced in D10985 as an authentication token.
  - Ref T3628. Permit simple `curl`-compatible decoding of parameters.

Test Plan:
  - Ran some sensible `curl` API commands:

```
epriestley@orbital ~/dev/phabricator $ curl -g "http://local.phacility.com/api/user.whoami?api.token=api-f7dfpoyelk4mmz6vxcueb6hcbtbk" ; echo
{"result":{"phid":"PHID-USER-cvfydnwadpdj7vdon36z","userName":"admin","realName":"asdf","image":"http:\/\/local.phacility.com\/res\/1410737307T\/phabricator\/3eb28cd9\/rsrc\/image\/avatar.png","uri":"http:\/\/local.phacility.com\/p\/admin\/","roles":["admin","verified","approved","activated"]},"error_code":null,"error_info":null}
```

```
epriestley@orbital ~/dev/phabricator $ curl -g "http://local.phacility.com/api/differential.query?api.token=api-f7dfpoyelk4mmz6vxcueb6hcbtbk&ids[]=1" ; echo
{"result":[{"id":"1","phid":"PHID-DREV-v3a67ixww3ccg5lqbxee","title":"zxcb","uri":"http:\/\/local.phacility.com\/D1","dateCreated":"1418405590","dateModified":"1418405590","authorPHID":"PHID-USER-cvfydnwadpdj7vdon36z","status":"0","statusName":"Needs Review","branch":null,"summary":"","testPlan":"zxcb","lineCount":"6","activeDiffPHID":"PHID-DIFF-pzbtc5rw6pe5j2kxtlr2","diffs":["1"],"commits":[],"reviewers":[],"ccs":[],"hashes":[],"auxiliary":{"phabricator:projects":[],"phabricator:depends-on":[],"organization.sqlmigration":null},"arcanistProjectPHID":null,"repositoryPHID":null,"sourcePath":null}],"error_code":null,"error_info":null}
```

  - Ran older-style commands like `arc list` against the local install.
  - Ran commands via web console.
  - Added and ran a unit test to make sure nothing is using forbidden parameter names.
  - Terminated a token and verified it no longer works.

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: epriestley

Maniphest Tasks: T3628, T5955

Differential Revision: https://secure.phabricator.com/D10986
2014-12-15 11:14:41 -08:00
epriestley
39f2bbaeea Add Conduit Tokens to make authentication in Conduit somewhat more sane
Summary:
Ref T5955. Summary of intended changes:

**Improve Granularity of Authorization**: Currently, users have one Conduit Certificate. This isn't very flexible, and means that you can't ever generate an API token with limited permissions or IP block controls (see T6706). This moves toward a world where you can generate multiple tokens, revoke them individually, and assign disparate privileges to them.

**Standardize Token Management**: This moves Conduit to work the same way that sessions, OAuth authorizations, and temporary tokens already work, instead of being this crazy bizarre mess.

**Make Authentication Faster**: Authentication currently requires a handshake (conduit.connect) to establish a session, like the web UI. This is unnecessary from a security point of view and puts an extra round trip in front of all Conduit activity. Essentially no other API anywhere works like this.

**Make Authentication Simpler**: The handshake is complex, and involves deriving hashes. The session is also complex, and creates issues like T4377. Handshake and session management require different inputs.

**Make Token Management Simpler**: The certificate is this huge long thing right now, which is not necessary from a security perspective. There are separate Arcanist handshake tokens, but they have a different set of issues. We can move forward to a token management world where neither of these problems exist.

**Lower Protocol Barrier**: The simplest possible API client is very complex right now. It should be `curl`. Simplifying authentication is a necessary step toward this.

**Unblock T2783**: T2783 is blocked on nodes in the cluster making authenticated API calls to other nodes. This provides a simpler way forward than the handshake mess (or enormous-hack-mess) which would currently be required.

Test Plan:
  - Generated tokens.
  - Generated tokens for a bot account.
  - Terminated tokens (and for a bot account).
  - Terminated all tokens (and for a bot account).
  - Ran GC and saw it reap all the expired tokens.

NOTE: These tokens can not actually be used to authenticate yet!

{F249658}

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: epriestley

Maniphest Tasks: T5955

Differential Revision: https://secure.phabricator.com/D10985
2014-12-15 11:14:23 -08:00
epriestley
2c7be52fc2 Lock phabricator.show-prototypes
Summary:
Two goals:

  - If an attacker compromises an administrator account (without compromising the host itself), they can currently take advantage of vulnerabilities in prototype applications by enabling the applications, then exploiting the vulnerability. Locking this option requires CLI access to enable prototypes, so installs which do not have prototypes enabled have no exposure to security issues in prototype applications.
  - Making this very slightly harder to enable is probably a good thing, given the state of the world and support.

Test Plan: Verified that web UI shows the value is locked and instructs the user to update via the CLI.

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: epriestley

Differential Revision: https://secure.phabricator.com/D10993
2014-12-15 11:00:20 -08:00
epriestley
2037979142 Prevent Phame blogs from using invalid skins
Summary: Via HackerOne. An attacker with access to both Phame and the filesystem could potentially load a skin that lives outside of the configured skin directories, because we had insufficient checks on the actual skin at load time.

Test Plan: Attempted to build a blog with an invalid skin; got an exception instead of a mis-load of a sketchy skin.

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: epriestley

Differential Revision: https://secure.phabricator.com/D10992
2014-12-15 10:41:49 -08:00
epriestley
2a9db94ba6 Restore Maniphest subscriber transaction mail tag
Summary: Fixes T6748. This just didn't get aligned when CCs became a modern transaction.

Test Plan: Added a CC to a task, used `bin/mail show-outbound` to verify it showed up as a CC tag.

Reviewers: btrahan, chad

Reviewed By: chad

Subscribers: epriestley

Maniphest Tasks: T6748

Differential Revision: https://secure.phabricator.com/D10991
2014-12-14 07:49:30 -08:00
epriestley
4505724cc4 Allow repositories to be bound to an AlmanacService
Summary:
Ref T2783. This is primarily exploratory and just figuring out what we're blocked on:

  - Allow a Repository to be bound to a Service. The Service may eventually define multiple read/write nodes, etc.
    - There's no UI to do this binding yet, you have to touch the database manually.
  - If a repository is bound to a Service, effect Conduit calls via calls to the remote service instead of executing them in-process.
    - These don't actually work yet since there's no authentication (see T5955).

Test Plan:
  - Made a nice Service with a nice Binding to a nice Interface on a nice Device.
  - Force-associated a repository with the service using a raw MySQL query.
  - Saw Phabricator try to make a remote call to the service (on localhost) and fail because of missing auth stuff.
  - Also ran `almanac.queryservices`.

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: epriestley

Maniphest Tasks: T2783

Differential Revision: https://secure.phabricator.com/D10982
2014-12-12 12:07:11 -08:00
Bob Trahan
2b99b4add8 Home - limit "status" queries to 100 and show 99+ if we hit that
Summary: Fixes T6595. This diff has two issues as is... 1) the differential data fetching is pretty cheesey, but it looks like we can't just issue three separate databases to get the right data? 2) the translations break, since I am turning this into a string (and not an int) so the whole pluralization bit fails. I think 1 is okay as is and 2 needs to be fixed though I am not sure how to best do that...

Test Plan: loaded home page and it looked nice...!

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: Korvin, epriestley

Maniphest Tasks: T6595

Differential Revision: https://secure.phabricator.com/D10979
2014-12-12 12:02:25 -08:00
Bob Trahan
905fc217b8 Phriction - validateTransactions that need parent ancestry to complete successfully
Summary:
Fixes T6651, T6682. Since policy is defined by ancestry, you can't make things outside the core tree.

An alternative fix would be to automagically stub everything in these cases. This has potential negative policy implications - consider making a public document with several levels of depth that automagically stubs out its ancestry as public - and additionally the PhabricatorApplicationTransactionEditor framework would make this very tricky code (i.e. you are expected to validateTransactions in said hook *and* return an error if things aren't valid and not do some automagic stubbing, etc.)

Test Plan: tried to move a doc from location/that/exists to locationz/thatz/dontz/existz/ and got an error message with links to each missing doc. tried to create a doc at locatonz/thatz/dontz/existsz/ and got an error message with links to each missing doc.

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: Korvin, epriestley

Maniphest Tasks: T6682, T6651

Differential Revision: https://secure.phabricator.com/D10978
2014-12-12 11:35:43 -08:00
Bob Trahan
dda8e64a3e Maniphest - load subscribers in getApplicationTransactionsObject
Summary: Fixes T6734. This is a very generic fix, which basically attaches the subscribers if necessary. This seems like a good idea given there's some crazy generic code doing this sort of thing? This would end up being a new pattern for these types of objects that may be loaded by a general object query but then get some editor action against them.

Test Plan: I can't actually reproduce this in my sandbox so I'll verify live again.

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: Korvin, epriestley

Maniphest Tasks: T6734

Differential Revision: https://secure.phabricator.com/D10976
2014-12-11 11:30:33 -08:00
epriestley
bc5598865f Fix a stray comma on File previews
Summary:
There's a comma to the lower-left of my profile picture here:

{F248962}

This is on a page like https://secure.phabricator.com/F248948

What's happening is that some `render()` method is returning a valid result like `array($stuff, null)`. This is getting passed to JS as an array, which is implicitly `join()`'ing it into a string, adding a comma.

Instead, make sure we render these to strings on the server side before shipping them to the client.

Test Plan: No more comma on file previews.

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: epriestley

Differential Revision: https://secure.phabricator.com/D10974
2014-12-11 11:10:52 -08:00
Bob Trahan
a2126631f3 Maniphest - fix bug updating tasks with blocked relationships
Summary: Ref T5604. Found this trying to open T5604 live. Basically this internal query needs the needSubscriberPHID set to true.

Test Plan: doing it live

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: Korvin, epriestley

Maniphest Tasks: T5604

Differential Revision: https://secure.phabricator.com/D10975
2014-12-11 10:31:14 -08:00
Bob Trahan
b718b429af Transactions - make quotes work for older transactions
Summary: Fixes T6731. I don't really understand the intent behind the two view classes here, but to get this to work I need to pass yet more data to the lower-level class.

Test Plan: Viewed a task with many comments. Clicked "show older". Quoted everything I could. Verified for each quote that it quoted correctly, inlcuding linking to the prior transaction.

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: Korvin, epriestley

Maniphest Tasks: T6731

Differential Revision: https://secure.phabricator.com/D10973
2014-12-11 10:27:28 -08:00
Chad Little
f5301e8e94 Move 'Query' in Maniphest Search to be above the fold
Summary: (Needed a clean branch). Moves the field up and renames to Query

Test Plan: Visit Maniphest Search, see new field, test a query

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: Korvin, epriestley

Differential Revision: https://secure.phabricator.com/D10971
2014-12-11 08:57:31 -08:00
epriestley
5050389fce Don't run Herald when applying inverse edge transactions
Summary: Fixes T6727. Repro is: mention a task on another task, in a comment.

The inverse edge editor applying the "alincoln mentioned this in <other task>" transaction doesn't have enough data to execute Herald rules.

Just don't try to execute the rules, since they don't make much sesne from a product perspective and are tricky from a technical perspective.

Test Plan: Commented on `T1` with `T2` in comment body and a Herald rule that examines subscribers.

Reviewers: btrahan

NOTE: Cowboy committing this since any task mention fatals.
2014-12-10 16:53:44 -08:00
Bob Trahan
7d96870570 Maniphest - use subscribers framework properly
Summary: Fixes T5604. This should fix some random bugs, lets us move forward more easily, and all that good stuff about killing code debt.

Test Plan:
- Conduit method maniphest.createtask
  - verified creating user subscribed
  - verified subscription transaction
- Conduit method maniphest.update
  - verified subscribers set as specified to ccPHIDs parameter
  - verified subscription transaction
- Herald
  - verified herald rule to add subscriber worked
  - verified no subscribers removed accidentally
- edit controller
  - test create and verify author gets added IFF they put themselves in subscribers control box
  - test update gets set to exactly what user enters
- lipsum generator'd tasks work
- bulk add subscribers works
- bulk remove subscriber works
- detail controller
  - added myself by leaving a comment
  - added another user via explicit action
  - added another user via implicit mention
- task merge via search attach controller
- mail reply handler
  - add subscriber via ./bin/mail receive-test
  - unsubscribe via ./bin/mail receive-test

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: Korvin, epriestley

Maniphest Tasks: T5604

Differential Revision: https://secure.phabricator.com/D10965
2014-12-10 16:27:30 -08:00
lkassianik
aeb4267b95 Don't show "Primary Hashtag" when creating a project
Summary: Fixes T6598, "Primary Hashtag" field should only be visible in edit mode of existing projects.

Test Plan: Create project, "Primary Hashtag" field should be hidden. Edit an existing project, "Primary Hashtag" field should appear above "Additional Hashtags" as before.

Reviewers: epriestley, #blessed_reviewers

Reviewed By: epriestley, #blessed_reviewers

Subscribers: Korvin, epriestley

Maniphest Tasks: T6598

Differential Revision: https://secure.phabricator.com/D10964
2014-12-10 15:33:13 -08:00
epriestley
db51d7d92a Make ConduitCall always local/in-process
Summary:
Ref T2783. ConduitCall currently has logic to pick a random remote server, but this is ultimately not appropriate: we always want to send requests to a specific server. For example, we want to send repository requests to a server which has that repository locally. The repository tier is not homogenous, so we can't do this below the call level.

Make ConduitCall always-local; logic above it will select ConduitCall for an in-process request or do service selection for an off-host request via ConduitClient.

Test Plan:
  - Browsed some pages using ConduitCall, everything worked.
  - Grepped for removed stuff.

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: epriestley

Maniphest Tasks: T2783

Differential Revision: https://secure.phabricator.com/D10959
2014-12-10 15:27:07 -08:00
epriestley
d151c88040 Add some missing capability checks for repository mirror edits
Summary: Via HackerOne. These endpoints have insufficient policy checks.

Test Plan: Verified endpoints now check policies correctly.

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: epriestley

Differential Revision: https://secure.phabricator.com/D10957
2014-12-10 15:23:55 -08:00
Chad Little
08bd383aae Add title to PHUIObjectItemView's name for hover display
Summary: This adds back the title to the header link and scans through the codebase for instances where

Test Plan: Tested as many ObjectItemLists as I could find (each app homepage), there may be outliers, but can resolve those individually.

Reviewers: btrahan, epriestley

Reviewed By: epriestley

Subscribers: Korvin, epriestley

Differential Revision: https://secure.phabricator.com/D10961
2014-12-10 10:26:55 -08:00
lkassianik
edc4c219ca Title/Description quering for Passphrase credential
Summary: Fixes T6562, Title/Description querying for Passphrase

Test Plan: Open Passphrase, open advanced queries, enter a title and/or description. Search results should show credentials matching the search.

Reviewers: #blessed_reviewers, epriestley

Reviewed By: #blessed_reviewers, epriestley

Subscribers: Korvin, epriestley

Maniphest Tasks: T6562

Differential Revision: https://secure.phabricator.com/D10953
2014-12-09 16:23:09 -08:00
Bob Trahan
d5e7cd5590 Conpherence - fix add participant / remove participant form
Summary: Ref T6713. We were dropping latest transaction ID. This should fix the "easy" part of T6713.

Test Plan: tried to add participants and it worked! (removing participants only allows yourself, but that worked too.)

Reviewers: chad, epriestley

Reviewed By: epriestley

Subscribers: Korvin, epriestley

Maniphest Tasks: T6713

Differential Revision: https://secure.phabricator.com/D10952
2014-12-09 11:29:21 -08:00
Bob Trahan
5b59a81ab9 Projects - fix missing subscriber handling code in the editor
Summary: Fixes T6719. At some point, we added automagical subscriptions via @mentions, and these were failing in project descriptions from a lack of an implementation in the editor. Said "implementation" is to do nothing, but it needs to be there nonetheless.

Test Plan: updated a project mentioning someone in the description and it worked. also saw a 'subscriber added' transaction

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: Korvin, epriestley

Maniphest Tasks: T6719

Differential Revision: https://secure.phabricator.com/D10951
2014-12-09 10:14:14 -08:00
Joshua Spence
54f8aa8cd9 Minor linter fixes
Summary: Self explanatory

Test Plan: `arc lint`

Reviewers: epriestley, #blessed_reviewers

Reviewed By: epriestley, #blessed_reviewers

Subscribers: Korvin, epriestley

Differential Revision: https://secure.phabricator.com/D10946
2014-12-09 18:37:32 +11:00
Chad Little
34fb98da66 Update message and notification icons to use fonts
Summary: Cleans up spacing, updates to fonts instead of images. Fixed some mobile issues.

Test Plan:
Test with and without counts on desktop, tablet, mobile. Test layout in FF, Chrome, IE.

{F246745}

{F246746}

Reviewers: btrahan, epriestley

Reviewed By: epriestley

Subscribers: Korvin, epriestley

Differential Revision: https://secure.phabricator.com/D10948
2014-12-08 13:53:29 -08:00
lkassianik
4506018339 Clicking the search icon in empty search field should link to advanced search
Summary: Fixes T6664, clicking search icon in empty search field should link to advanced search

Test Plan: navigate to home page, click search icon or click into search box and hit enter. Advanced search page should open.

Reviewers: #blessed_reviewers, epriestley

Reviewed By: #blessed_reviewers, epriestley

Subscribers: Korvin, epriestley

Maniphest Tasks: T6664

Differential Revision: https://secure.phabricator.com/D10947
2014-12-08 11:27:15 -08:00
Joshua Spence
9e54e6e886 Fix an undefined variable
Summary:
The `$timeline` variable is undefined. I was seeing the following error in the logs:

```
EXCEPTION: (RuntimeException) Undefined variable: timeline at [<phutil>/src/error/PhutilErrorHandler.php:210]
   #0 PhutilErrorHandler::handleError(integer, string, string, integer, array) called at [<phabricator>/src/applications/harbormaster/controller/HarbormasterStepEditController.php:205]
   #1 HarbormasterStepEditController::processRequest() called at [<phabricator>/src/aphront/AphrontController.php:33]
   #2 AphrontController::handleRequest(AphrontRequest) called at [<phabricator>/webroot/index.php:103]
```

Test Plan: Created a build step without a fatal error.

Reviewers: btrahan, hach-que, epriestley, #blessed_reviewers

Reviewed By: epriestley, #blessed_reviewers

Subscribers: Korvin, epriestley

Differential Revision: https://secure.phabricator.com/D10941
2014-12-08 04:11:12 -08:00
epriestley
9a7383121d Move cancel/retry/free task queue actions to bin/worker
Summary:
Fixes T6702. Ref T3554. Currently, tasks can be cancelled, retried and freed from the web UI by any logged in user.

This isn't appreciably dangerous (I can't come up with a way that a user could do anything security-affecting), but I think I probably intended this to be admin-only, but these actions should move to the CLI anyway.

Move them to the CLI. Lay some groundwork for some future `bin/worker cancel --class SomeTaskClass`, but don't implement that yet.

Test Plan: Used `cancel`, `retry` and `free` from the CLI. Hit all the error/success states.

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: epriestley

Maniphest Tasks: T3554, T6702

Differential Revision: https://secure.phabricator.com/D10939
2014-12-06 09:14:16 -08:00
Chad Little
a0907819cd Add addtional hints you haven't submitted comments on a Diff
Summary: Ref T3669. Probably. Adds a yellow warning at the top of the Diff View and makes the comment draft icon yellow on lists of revisions.

Test Plan:
Test a diff with many warnings, see warning. Test a diff with draft comments, see warning. Test new icon in list view.

{F230133}

{F230134}

Reviewers: btrahan, epriestley

Reviewed By: epriestley

Subscribers: Korvin, epriestley

Maniphest Tasks: T3669

Differential Revision: https://secure.phabricator.com/D10789
2014-12-05 16:38:32 -08:00
Bob Trahan
ac1c955986 Transactions - fix bug in differential where older inlines weren't appearing
Summary: Fixes T6699. We need to "loadInlineComments" consistently, though for an unexpected reason - this mutates the $changesets to include all $changesets that have an associated inline comment, which is necessary to make them render properly.

Test Plan: Took a diff with inline comments and updated it, noting the inline comments disappeared. applied this patch and the inlines reappeared.

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: Korvin, epriestley

Maniphest Tasks: T6699

Differential Revision: https://secure.phabricator.com/D10935
2014-12-05 11:15:46 -08:00
Chad Little
0c37f8db4b Make settings a wrench, not a cog
Summary: Change icon for Settings app to more match previous. Also align plus icon a little better.

Test Plan: Lots of staring.

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: Korvin, epriestley

Differential Revision: https://secure.phabricator.com/D10934
2014-12-04 17:36:15 -08:00
Bob Trahan
a1a8083b93 Transactions - fix pagination bug
Summary: Fixes T6694. Ref T4712. Turns out the logic here was slightly incorrect; we don't want to use the id of the last thing we hid but rather the first thing we show. I had garbage test data ("asdsadsadsa", etc) I guess so I didn't notice this.

Test Plan: made a new task where user a and user b alternated 3 comments each, cooperatively numbering them from 1 - 20. as both users, showed older transactions. pre-patch the issue described in T6694 occurred and post patch I saw the entire counting sequence.

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: Korvin, epriestley

Maniphest Tasks: T4712, T6694

Differential Revision: https://secure.phabricator.com/D10933
2014-12-04 17:21:36 -08:00
Bob Trahan
6ab3f06b6e Transactions - adding willRenderTimeline to handle tricky cases
Summary: Fixes T6693.

Test Plan:
Made a bunch of comments on a diff with differential, being sure to leave inlines here and there. This reproduced the issue in T6693. With this patch this issue no longer reproduces!

Successfully "showed older changes" in Maniphest too.

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: Korvin, epriestley

Maniphest Tasks: T6693

Differential Revision: https://secure.phabricator.com/D10931
2014-12-04 13:58:52 -08:00
Chad Little
20035fe9a8 Update Phabricator header to use FontAwesome
Summary: Updates header to use font-icons instead of images.

Test Plan: Test desktop and mobile layouts, Chrome, FF, Safari, IE.

Reviewers: btrahan, epriestley

Reviewed By: epriestley

Subscribers: Korvin, epriestley

Differential Revision: https://secure.phabricator.com/D10930
2014-12-04 13:01:23 -08:00
Bob Trahan
a9f0bd9b8f Transactions - don't bother checking for fancy transactions on comment create
Summary: Only necessary for edits, only bother if the comment version is greater than 1. Ref T6690. This is another way to fix T6690 -- this check will never run since you can't edit a conpherence comment -- **but** the fix already applied should happen too to future proof Conpherence.

Test Plan: made a comment on a diff - success. edited the comment and mentions were generated.

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: Korvin, epriestley

Maniphest Tasks: T6690

Differential Revision: https://secure.phabricator.com/D10928
2014-12-04 12:04:49 -08:00
Bob Trahan
49e53d5709 Conpherence - fix permissions issue creating new Conpherences
Summary: Fixes T6690. The editor innards end up loading the conpherence object, whose policy is dictated by these participation objects.

Test Plan: pre patch could not create new conpherences. post patch I can create conpherences! i can also add people to conpherences and it works.

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: Korvin, epriestley

Maniphest Tasks: T6690

Differential Revision: https://secure.phabricator.com/D10927
2014-12-04 11:54:17 -08:00
Bob Trahan
f6e635c8d2 Transactions - deploy buildTransactionTimeline to remaining applications
Summary:
Ref T4712. Specifically...

- Differential
 - needed getApplicationTransactionViewObject() implemented
- Audit
 - needed getApplicationTransactionViewObject() implemented
- Repository
 - one object needed PhabricatorApplicationTransactionInterface implemented
 - setShouldTerminate(true)
- Ponder
 - BONUS BUG FIX - leaving a comment on an answer had a bad redirect URI
 - both PonderQuestion and PonderAnswer needed PhabricatorApplicationTransactionInterface implemented
 - setShouldTerminate(true) on both "history" controllers
 - left a "TODO" on buildAnswers on the question view controller, which is non-standard and should be re-written eventually
- Phortune
 - BONUS BUG FIX - fix new user "createNewAccount" code to not fatal
 - PhortuneAccount, PhortuneMerchant, and PhortuneCart needed PhabricatorApplicationTransactionInterface implemented
 - setShouldTerminate(true) on Account view, merchant view, and cart view controller
- Fund
- Legalpad
- Nuance
  - NuanceSource needed PhabricatorApplicationTransactionInterface implemented
- Releeph (this product is kind of a mess...)
  - HACKQUEST - had to manually create an arcanist project to even be able to make a "product" and get started...!
  - BONUS BUG FIX - make sure to "setName" on product edit
  - ReleephProject (should be ReleepProduct...?), ReleephBranch, and ReleepRequest needed PhabricatorApplicationTransactionInterface implemented
- Harbormaster
  - HarbormasterBuildable, HarbormasterBuild, HarbormasterBuildPlan, and HarbormasterBuildStep all needed PhabricatorApplicationTransactionInterface implemented
  - setShouldTerminate(true) all over the place

Test Plan: foreach application, viewed the timeline(s) and made sure they still rendered

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: Korvin, epriestley

Maniphest Tasks: T4712

Differential Revision: https://secure.phabricator.com/D10925
2014-12-03 15:35:47 -08:00
Bob Trahan
5e8600442d Transactions - land buildTransactionTimeline in a bunch more apps
Summary:
Ref T4712. Specifically...

 - Dashboards
  - two objects needed PhabricatorApplicationTransactionInterface
 - Macros
 - Paste
 - Phlux
  - one object needed PhabricatorApplicationTransactionInterface
  - added setShouldTerminate(true)
 - Files
  - one object needed PhabricatorApplicationTransactionInterface
 - Passphrase
  - one object needed PhabricatorApplicationTransactionInterface
  - added setShouldTerminate(true)
 - Drydock
  - one object needed PhabricatorApplicationTransactionInterface
  - added setShouldTerminate(true)

Test Plan: foreach application, verify that the timeline(s) showed up correctly, including with appropriate setShouldTerminate-ness

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: Korvin, epriestley

Maniphest Tasks: T4712

Differential Revision: https://secure.phabricator.com/D10924
2014-12-03 13:16:15 -08:00
Bob Trahan
c2522a89b9 Transactions - deploy buildTransactionTimeline against Config, Pholio, and Projects
Summary: Ref T4712. These are a bit time consuming to test so might as well send off a batch now and again.

Test Plan: foreach impacted controller, made sure the timeline rendered as it did before. for project column and config, noted the "should terminate" UI was also rendered unlike before.

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: Korvin, epriestley

Maniphest Tasks: T4712

Differential Revision: https://secure.phabricator.com/D10923
2014-12-03 12:28:53 -08:00
Bob Trahan
798be00fc3 Transactions - make sure to do fancy remarkup stuff on edit too
Summary: Fixes T6648. We do some automagical hotness based on the text you enter in remarkup textareas - e.g. adding projects or mentioning other objects. Refine the code here so that even when just editing a comment we build these transactions and apply them.

Test Plan: edited a comment and noted new mentions and projects showed up appropriately...!

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: Korvin, epriestley

Maniphest Tasks: T6648

Differential Revision: https://secure.phabricator.com/D10922
2014-12-02 17:03:04 -08:00
Bob Trahan
69cc5df645 Transactions - deploy buildTransactionTimeline against a few more applications
Summary:
Ref T4712. Thus far, it seems that most "non-standard" things can be done pretty easily in the controller. Aside from deploying, this diff had to fix a few bugs / missing implementations of stuff.

(Notably, PhabricatorAuthProviderConfig, HeraldRule, PhabricatorSlowvotePoll, and AlmanacNetwork needed to implement PhabricatorApplicationTransactionInterface, PhabricatorAuthAuthProviderPHIDType had to be added, and a rendering bug in transactions of type PhabricatorOAuth2AuthProvider had to be fixed.)

Test Plan: Almanac - looked at binding, device, network, and service view controllers and verified timeline displayed properly. Herald - looked at a rule and verified timeline. Slowvote - looked at a vote and verified timeline. Auth - looked at an auth provider (Facebook) and verified proper display of transactions within timeline.

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: Korvin, epriestley

Maniphest Tasks: T4712

Differential Revision: https://secure.phabricator.com/D10921
2014-12-02 14:33:59 -08:00
Chad Little
f88b8a4520 Mobile ready Audit/Diffusion
Summary: These have all been modernized.

Test Plan: Browse Diffusion on a narrow screen.

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: Korvin, epriestley

Differential Revision: https://secure.phabricator.com/D10920
2014-12-02 13:36:19 -08:00
Bob Trahan
d6341cfffe Transactions - add pagination to application transactions
Summary: Ref T4712. This adds pagination. Future diffs will need to deploy `buildTransactionTimeline` everywhere and massage this stuff as necessary if we hit any special cases.

Test Plan: Set page size to "5" to make it need to paginate often. Verified proper transactions loaded in and the javascript actions worked.

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: Korvin, epriestley

Maniphest Tasks: T4712

Differential Revision: https://secure.phabricator.com/D10887
2014-12-02 13:10:29 -08:00
epriestley
a8be733e5f Fix an issue with tail parsing in object embeds in remarkup
Summary:
Fixes T6619. In `{Xnnn key=value, key=value}` we did not require a separator between the object and the key-value part. This could lead to `{rX11aaa}` being parsed as `{rX11 aaa}`, i.e. a reference to `rX11` with parameter `aaa` set.

Instead, require a space or comma before we'll parse key-value parts of embedded objects.

Test Plan:
Added and executed unit tests.

{F242002}

Reviewers: chad, btrahan

Reviewed By: btrahan

Subscribers: epriestley

Maniphest Tasks: T6619

Differential Revision: https://secure.phabricator.com/D10915
2014-12-01 18:48:20 -08:00
Bob Trahan
1716861ad8 Differential - fix bug destroying diffs
Summary: I think this was a "hacked" sub thing that never got updated when we switched to a real editor? I am not 100% sure how these methods are used, so please let me know if I should expand my test plan. Fixes T6659.

Test Plan: made a diff from the web ui, looked up the phid from mysql, ran bin/remove destroy <phid>, and it worked!

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: Korvin, epriestley

Maniphest Tasks: T6659

Differential Revision: https://secure.phabricator.com/D10911
2014-12-01 14:46:25 -08:00
Bob Trahan
6081370391 Differential - fix "transaction has no effect error" on diff create
Summary: Fixes T6658.

Test Plan: made a diff with no repository and default policy and it worked!

Reviewers: epriestley, chad

Reviewed By: chad

Subscribers: Korvin, epriestley

Maniphest Tasks: T6658

Differential Revision: https://secure.phabricator.com/D10910
2014-12-01 12:13:04 -08:00
epriestley
10b86c2aa3 Don't show meme Remarkup hint button if Macro application is not usable
Summary: See <https://phabricator.wikimedia.org/T906>. This behavior is a bug; we should remove the button if the user can't use the application.

Test Plan:
- With Macro uninstalled, did these things verifying the button vanished:
  - Sent a user a message.
  - Edited a revision.
  - Edited repository basic information.
  - Edited an initiative.
  - Edited a Harbormaster build step.
  - Added task comments.
  - Edited profile blurb.
  - Edited blog description.
  - Commented on Pholio mock.
  - Uploaded Pholio image.
  - Edited Phortune merchant.
  - Edited Phriction document.
  - Edited Ponder answer.
  - Edited Ponder question.
  - Edited Slowvote poll.
  - Edited a comment.
- Reinstalled Macro and saw button come back.
- Used button to put silly text on a funny picture.

Reviewers: btrahan, chad

Reviewed By: chad

Subscribers: epriestley

Differential Revision: https://secure.phabricator.com/D10900
2014-11-24 15:25:25 -08:00
epriestley
e5777cc849 Expose transaction PHID in maniphest.gettasktransactions
Summary: Fixes T6629.

Test Plan: {F238271}

Reviewers: btrahan, chad, 20after4

Reviewed By: 20after4

Subscribers: 20after4, epriestley

Maniphest Tasks: T6629

Differential Revision: https://secure.phabricator.com/D10898
2014-11-24 14:59:52 -08:00
Chad Little
895b5580f2 Clean up UITooltips
Summary: Fixes positioning issues by creating another container to hold the abs. positioned arrows. (Issues primarily presented on Workboards).

Test Plan: Test UI arrows on a workboard, applciation launcher, and in UIExamples.

Reviewers: btrahan, epriestley

Reviewed By: epriestley

Subscribers: Korvin, epriestley

Differential Revision: https://secure.phabricator.com/D10897
2014-11-24 11:57:29 -08:00
Chad Little
12f3f6d3a9 Add Project to quick create menu
Summary: Helpful shortcut, I make quite a few at least

Test Plan: Click on dropdown, then Project. Get to Project Create page

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: Korvin, epriestley

Differential Revision: https://secure.phabricator.com/D10893
2014-11-22 12:49:16 -08:00
Chad Little
32b1ffdf89 Add default View, Edit, and Join Policies to Projects
Summary: Fixes T6567, lets admins set a default policy for new Projects.

Test Plan: Changed the default Policy, created a new Project. Project had correct defaults.

Reviewers: btrahan, epriestley

Reviewed By: epriestley

Subscribers: Korvin, epriestley

Maniphest Tasks: T6567

Differential Revision: https://secure.phabricator.com/D10890
2014-11-21 11:22:17 -08:00
Chad Little
1a8d87699c Add default policy to Files application
Summary: **WIP** This adds default capability to the Files application

Test Plan: Set default to public, go to Files page, see public preset. Upload File. Doesn't work.

Reviewers: btrahan, epriestley

Reviewed By: epriestley

Subscribers: Korvin, epriestley

Maniphest Tasks: T6564

Differential Revision: https://secure.phabricator.com/D10888
2014-11-21 11:17:20 -08:00
Dereckson
c07425c534 Handle SSH generated keys in Conduit passphrase.query
Summary: Fixes T6601

Test Plan: echo '{"ids":["71"],"needPublicKeys":true,"needSecrets":false}' | arc call-conduit passphrase.query

Reviewers: #blessed_reviewers, epriestley

Reviewed By: #blessed_reviewers, epriestley

Subscribers: epriestley

Maniphest Tasks: T6601

Differential Revision: https://secure.phabricator.com/D10885
2014-11-21 11:09:03 -08:00
epriestley
5e0f218fe4 Allow device SSH keys to be trusted
Summary:
Ref T6240. Some discussion in that task. In instance/cluster environments, daemons need to make Conduit calls that bypass policy checks.

We can't just let anyone add SSH keys with this capability to the web directly, because then an adminstrator could just add a key they own and start signing requests with it, bypassing policy checks.

Add a `bin/almanac trust-key --id <x>` workflow for trusting keys. Only trusted keys can sign requests.

Test Plan:
  - Generated a user key.
  - Generated a device key.
  - Trusted a device key.
  - Untrusted a device key.
  - Hit the various errors on trust/untrust.
  - Tried to edit a trusted key.

{F236010}

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: epriestley

Maniphest Tasks: T6240

Differential Revision: https://secure.phabricator.com/D10878
2014-11-20 17:33:30 -08:00
lkassianik
c2f0955e9b Add workboard link to emails about workboard changes
Summary: Fixes T4652, adding workboard link to emails

Test Plan: Move a task in a workboard from one column to another. Email notification should contain "WORKBOARD" section with link to that workboard

Reviewers: chad, epriestley, #blessed_reviewers

Reviewed By: epriestley, #blessed_reviewers

Subscribers: Korvin, epriestley

Maniphest Tasks: T4652

Differential Revision: https://secure.phabricator.com/D10889
2014-11-20 17:27:04 -08:00
Chad Little
d908e76733 Add ReallyMajorEvent to PHUITimelineView
Summary: For actions like "Close" that are in theory stopping the timeline, we should display some disruption to the line itself.

Test Plan:
Tested in UIExamples

{F236077}

Reviewers: btrahan, epriestley

Reviewed By: epriestley

Subscribers: Korvin, epriestley

Differential Revision: https://secure.phabricator.com/D10884
2014-11-20 16:33:31 -08:00
lkassianik
f7aa87311a Add email preference links to email footers
Summary: Ref T1217, Add link to email preferences to email template

Test Plan: Add comment to object like Maniphest task, check that email has a footer with a link to email preferences.

Reviewers: epriestley, #blessed_reviewers

Reviewed By: epriestley, #blessed_reviewers

Subscribers: Korvin, epriestley

Maniphest Tasks: T1217

Differential Revision: https://secure.phabricator.com/D10883
2014-11-19 17:06:33 -08:00
Chad Little
6dc29724e7 Closing as a duplicate should use "closed" iconography
Summary: Uses the check icon for closed, which is the primary action taken.

Test Plan:
Close as a duplicate, seen new icon.

{F236048}

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: Korvin, epriestley

Differential Revision: https://secure.phabricator.com/D10882
2014-11-19 15:37:47 -08:00
Chad Little
385ae2a787 Clean up Maniphest Batch Editor UI
Summary: Finishes up work on PHUIInsetForm, cleans up the UI a bit when editing multiple tasks

Test Plan:
Edit multiple tasks, apply some new projects, still works as expected.

{F236044}

Reviewers: btrahan, epriestley

Reviewed By: epriestley

Subscribers: Korvin, epriestley

Differential Revision: https://secure.phabricator.com/D10881
2014-11-19 15:23:37 -08:00
epriestley
15ab2141da Fix almanac.queryservices for no results
Summary: Ref T5833. We try to load bindings even if we get no services back.

Test Plan: Queried invalid results.

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: epriestley

Maniphest Tasks: T5833

Differential Revision: https://secure.phabricator.com/D10880
2014-11-19 15:19:49 -08:00
Bob Trahan
a414fc497f Diffusion - make projects work properly with commits
Summary: Fixes T3189. Now if you say #projects in a commit message they will associate nicely with the commit. Also we record transactions about all this project editing fun.

Test Plan: tested migration by associating some projects with commits and verifying they still showed up post migration. tested adding / removing projects by doing so from the UI, noting transactions written nicely as well

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: Korvin, epriestley

Projects: #projects

Maniphest Tasks: T3189

Differential Revision: https://secure.phabricator.com/D10877
2014-11-19 14:43:59 -08:00
epriestley
cd406948fe Don't compute a nonsensical assigned task count for logged-out users
Summary:
When a logged-out user views the home page, we currently compute a meaningless "assigned tasks" count which just counts every open task. Don't do this.

Ideally `ManiphestTaskQuery` should get some tightening up too (that is, `withOwners(array(null))` should not select every task), but that might affect other stuff and the performance implications of counting every open task are affecting WMF, so just fix the immediate issue for now.

Test Plan:
  - Viewed homepage as a logged out user, no assigned task count.
  - Viewed homepage as a logged-in user, still saw assigned task count.

Reviewers: btrahan, chad, chasemp

Reviewed By: chasemp

Subscribers: 20after4, epriestley

Differential Revision: https://secure.phabricator.com/D10876
2014-11-19 13:05:43 -08:00
Bob Trahan
4350858628 Differential - allow setting viewPolicy from web ui during diff creation process
Summary: Fixes T6152, T6237. This introduces a viewPolicy column to the DifferentialDiff, and re-jiggers the DifferentialDiff policy implementation such that things behave as before once associated with a revision, else use the DifferentialDiff policy column value.

Test Plan: made a diff with a non-standard view policy and noted that policy was still selected in the revision step. arc lint.

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: Korvin, epriestley

Maniphest Tasks: T6237, T6152

Differential Revision: https://secure.phabricator.com/D10875
2014-11-19 12:16:07 -08:00
Bob Trahan
7ef236c9a6 Differential - refine selecting a repository diff --> revision workflow
Summary: Fixes T6200. Ref T6237. When creating a diff from the web view, allow the user to select the repository at that time. When viewing a diff that has no associated revision and then creating a revision, pass along the repository phid to the create revision controller. Within the create revision controller, default the repository selector to this repository phid. Finally, in the editor, stop aggressively resetting the repository phid for every TYPE_UPDATE; rather, do so if its not a new object -- the diff should reign supreme in that case -- or if there's no repository -- let the diff be the guide.

Test Plan:
- made a diff with an associated repo, made a revision from the diff, saw the associated repo and it stuck on save!
- made a diff with an associated repo, made a revision from the diff but changed the repo and it stuck on save!
- made a diff with an associated repo, made a revision from the diff but changed the repo to nothing and it stuck on save!

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: Korvin, epriestley

Maniphest Tasks: T6237, T6200

Differential Revision: https://secure.phabricator.com/D10872
2014-11-19 11:11:09 -08:00
Bob Trahan
ffe0765b50 Differential - make DifferentialDiffEditor into a real transaction editor.
Summary: Ref T6237. This sets us up for some future work like T6152, T6200 and generally cleaning up this workflow a bit. Tried to do as little as possible so not exposing transaction view yet. (Though that timeline is going to be a little funky in the common case of just the lone create transaction.)

Test Plan: made a diff from web ui and it worked. made a herald rule to block certain diffs then tried to make such a diff and saw UI letting me know i was blocked

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: Korvin, epriestley

Maniphest Tasks: T6237

Differential Revision: https://secure.phabricator.com/D10869
2014-11-18 15:32:23 -08:00
epriestley
edf88225f5 Don't show "View Wiki" reminder link if viewer has no access to Phriction
Summary: Fixes T6581.

Test Plan:
  - Loaded project page with Phriction accessible, saw link.
  - Loaded project page with Phriction uninstalled, no link.

Reviewers: btrahan, chad

Reviewed By: chad

Subscribers: epriestley

Maniphest Tasks: T6581

Differential Revision: https://secure.phabricator.com/D10868
2014-11-18 11:41:31 -08:00
epriestley
ffc8a7edc7 Minor, correct spelling of PKCS8 key format
Summary: I faked this out locally because of the OSX stuff and goofed the
key format spelling.

Auditors: btrahan
2014-11-17 19:54:17 -08:00