1
0
Fork 0
mirror of https://we.phorge.it/source/phorge.git synced 2024-11-28 17:52:43 +01:00
Commit graph

1372 commits

Author SHA1 Message Date
David Fisher
639ed0faa6 Change All Search Boxes into Jump Navs
Summary:
- all search boxes are now jump navs (old functionality retained if none
  of the jump nav patterns match)
- added global keyboard shortcut '/' to focus the search box in the upper
  right

Test Plan:
- pressed '/' and noticed the search box gains keyboard focus
- triggered jump nav functionality from search box and saw it worked
- did a search which did not match a jump nav pattern and saw it worked
  (and searched in the selected context)
NOTE: The search box on the /search/ page is also changed to have jump
nav functionality. Old functionality is not impared. Still, this may not
be desirable.

Reviewers: epriestley, btrahan

Reviewed By: epriestley

CC: aran, epriestley

Differential Revision: https://secure.phabricator.com/D1794
2012-03-05 19:52:26 -08:00
epriestley
831133e880 Minor, fix some obvious derp from the attachment patch. 2012-03-05 16:44:24 -08:00
epriestley
fa1d886864 Maniphest CSS changes
Summary:
  - Remove "0.5%" padding which makes Safari flip out and render every row differently sometimes.
  - Remove list padding from ManiphestTaskListView, put it in the controller composition instead.

Test Plan: Viewed all places where task lists appear.

Reviewers: btrahan

Reviewed By: btrahan

CC: aran, epriestley

Differential Revision: https://secure.phabricator.com/D1788
2012-03-05 13:51:35 -08:00
vrana
aa00e2b2e4 Respect Status and Order in Filter Revisions
Summary:
Filter Revisions button currently resets Status and Order fields.
I've rewritten it to GET form because it doesn't perform any action.
It fixed the problem along the way.

Test Plan:
/differential/filter/revisions/
Status: Open.
Filter Revisions.

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, epriestley

Differential Revision: https://secure.phabricator.com/D1771
2012-03-05 13:32:59 -08:00
Bob Trahan
8f2c426ff2 Fix OAuth Client Authorization bugs
Summary: ajtrichards reported an error creating a brand new authorization. fixed that and generally made this flow work well

Test Plan:
- created a fresh test client
-- noted "new=<PHID>" with appropriate highlighting
- visited http://phabricator.dev/oauthserver/auth/?client_id=PHID-OASC-jwgdrqdpzomtxyg3q3yf&response_type=code&scope=offline_access
-- clicked "cancel", verified result
-- clicked "approve", verfied result
- visited http://phabricator.dev/oauthserver/auth/?client_id=PHID-OASC-jwgdrqdpzomtxyg3q3yf&response_type=code&scope=whoami
-- noted got the dialog
-- noted that it had the union of desired and existing so user could update it properly! (NB - its up to the client to react to whatever specific scope(s) the user decides to grant)
-- noted it actually updated when I hit "approve"

Reviewers: epriestley, ajtrichards

Reviewed By: epriestley

CC: aran, epriestley

Maniphest Tasks: T933

Differential Revision: https://secure.phabricator.com/D1775
2012-03-05 13:27:20 -08:00
epriestley
d94129b739 Migrate "PhabricatorOwnersPackageCommitRelationship" to "PhabricatorRepositoryAuditRequest"
Summary:
  - Move table to Repository, since we have no Owners joins in the application anymore but would like to do a Repository join.
  - Rename "packagePHID" to "auditorPHID", since this column may contain package, project, or user PHIDs.

Test Plan:
  - Browsed Owners, Audit, and Differential interfaces to the Audit tool.
  - Made comments and state changes.
  - Ran "reparse.php --herald --owners" on several commits.

Reviewers: btrahan, jungejason

Reviewed By: btrahan

CC: aran, epriestley, nh, vrana

Maniphest Tasks: T904

Differential Revision: https://secure.phabricator.com/D1787
2012-03-05 13:17:29 -08:00
Nick Harper
6ddb98f804 Add retry count to meta mta view
Summary:
Show the retry count in the meta mta view (in addition to the list of
messages) - I find this info useful when I'm trying to debug what's going on
with mail failures.

Task ID: #

Blame Rev:

Test Plan:
loaded /mail/view/NNNNN/ and saw the retry count

Revert Plan:

Tags:

Reviewers: epriestley, btrahan, jungejason

Reviewed By: epriestley

CC: aran, epriestley

Differential Revision: https://secure.phabricator.com/D1782
2012-03-05 11:36:55 -08:00
Nick Harper
8f27f4272c Provide a way to view MetaMTA messages by status
Summary:
Added a query option of status for the MetaMTA list controller. There currently
isn't a ui for accessing this.

Task ID: #

Blame Rev:

Test Plan:
loaded /mail/, /mail/?status=queued, /mail?phid=PHID...&status=...
each request returned a sane list of data

Revert Plan:

Tags:

Reviewers: epriestley, btrahan, jungejason

Reviewed By: epriestley

CC: aran, epriestley

Differential Revision: https://secure.phabricator.com/D1784
2012-03-05 11:36:38 -08:00
vrana
f5f7987013 Revert rP87c60abbd02d, apply D1772
Test Plan:
Apply SQL patch.
Visit /differential/.

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, epriestley

Differential Revision: https://secure.phabricator.com/D1781
2012-03-05 11:04:55 -08:00
vrana
87c60abbd0 Display Reviewed By instead of first Reviewer in revisions overview
Summary:
Displaying reviewer who was by coincidence listed first is quite confusing, especially for committed revisions.
This displays the one who really reviewed the revision if available.

This implementation is pretty bad from performance perspective - O(N) queries to retrieve all comments.
The page load still feels quite fast.

Test Plan: /differential/filter/revisions/

Reviewers: epriestley

CC: aran, epriestley

Differential Revision: https://secure.phabricator.com/D1772
2012-03-05 10:30:36 -08:00
epriestley
f2caa6888e Simplify Owners interfaces to Audit
Summary:
  - Owners has "by user" commit views, but these are supplanted by the Audit views. Just nuke them.
  - Owners has "by package" commit views; consolidate these onto the package detail pages and link into Audit for full details.

Test Plan: Browsed all the Owners interfaces, clicked "View All ... Commits" buttons.

Reviewers: btrahan, jungejason

Reviewed By: btrahan

CC: aran, epriestley

Maniphest Tasks: T904

Differential Revision: https://secure.phabricator.com/D1764
2012-03-05 09:57:46 -08:00
epriestley
5590515007 Make Diffusion Herald emails thread with Audit emails
Summary:
  - Users may elect to receive an initial notification about a commit; allow it to be replied to in order to interact with the object.
  - Share thread headers between emails.
  - Add the "REPLY HANDLER ACTIONS" section to both emails.

Test Plan:
  - Used "reparse.php --herald" to trigger herald emails, verified reply-to and email body.
  - Made audit comments, verified body.

Reviewers: btrahan

Reviewed By: btrahan

CC: aran, epriestley

Maniphest Tasks: T904

Differential Revision: https://secure.phabricator.com/D1762
2012-03-05 09:54:45 -08:00
epriestley
dd7eb969b3 Minor, fix redirect on /active/ to avoid view//username. 2012-03-04 15:58:36 -08:00
vrana
34efbc8eb4 Unify terminology in Differential overview
Summary:
Deja vu: D1472

Blame Rev: rP92f3ff

Test Plan: /differential/filter/revisions/

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, epriestley

Differential Revision: https://secure.phabricator.com/D1770
2012-03-04 03:17:22 -08:00
epriestley
0962980fef Add an option to inline diffs up to a certain size in emails
Summary:
We already generate patches, but currently attach them. Allow them to be inlined instead (optionally, up to a certain size).

Also allow selection between unified and git patches.

Test Plan: Set these options in my local config, sent out a diff.

Reviewers: btrahan, Makinde

Reviewed By: Makinde

CC: aran, epriestley

Maniphest Tasks: T874

Differential Revision: https://secure.phabricator.com/D1759
2012-03-03 11:05:19 -08:00
vrana
58712c7b89 Don't corrupt commit message in arc amend
Summary:
I use a smart editor which wraps words by itself so that I don't need them to be
wrapped by actual newlines.
Curent state disallows me adding or removing words later without uglying the
formatting.
Also the wordwrapped message looks ugly in Phabricator.
I am not sure how the commit message would look like on other places (such as
GitHub) but all reasonable tools should be able to wrap the text by itself.

Test Plan: arc amend --show # on a diff with long lines

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, epriestley

Differential Revision: https://secure.phabricator.com/D1755
2012-03-01 22:09:49 -08:00
vrana
1febd32a76 Don't hide columns with stats from previous age, hide columns with no data
Summary:
This does two things:

- don't fill '-' for columns where there are data from previous week
- completele hide columns if there are now new data so that noobs don't have a
55 years of history

Test Plan:
View my commits stats.
View my requested changes stats.
View epriestley FB stats.

Reviewers: vii, epriestley

Reviewed By: epriestley

CC: aran, epriestley

Differential Revision: https://secure.phabricator.com/D1750
2012-03-01 22:09:24 -08:00
Nick Harper
d8c601f21b Move functionality of PhabricatorMetaMTADaemon to a worker task
Summary:
This will allow sending mail to be done by task workers. See T750.

Task ID: #

Blame Rev:

Test Plan:
- started taskmaster daemon in test env
- used "send new test message" feature in MetMTA (with send now unchecked)
- confirmed receipt of 1 email
- repeated 2 & 3 with send now checked

Revert Plan:

Tags:

Reviewers: epriestley, jungejason

Reviewed By: epriestley

CC: aran, epriestley

Maniphest Tasks: T388, T750

Differential Revision: https://secure.phabricator.com/D1723
2012-03-01 22:01:55 -08:00
vrana
03a108e121 Don't throw exception in diff versus file removed from revision
Test Plan: Display a revision where a file was removed compared to previous
diffs, like https://secure.phabricator.com/D1724?vs=3008&id=3009.

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, epriestley

Differential Revision: https://secure.phabricator.com/D1754
2012-03-01 18:01:47 -08:00
Bob Trahan
cd30946d60 OAuth Server -- add a doc and link to it in a few places
Summary: add a big ole HELP tab and make "scope" link to the specific
sub-section about scope

Test Plan:
read my doc a few times, it basically english
verified links looked correct and should work right once this is all in
production

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, epriestley

Maniphest Tasks: T910

Differential Revision: https://secure.phabricator.com/D1752
2012-03-01 17:27:52 -08:00
epriestley
b5da96f67a Use PHPExcel, not Spreadsheet_Excel_Writer, to export Excel sheets
Summary: Sandra had trouble opening the Spreadsheet_Excel_Writer ones so use
PHPExcel, which is way better, just a bit more complicated.

Test Plan:
  - Generated modern Excel 2007 .xslx sheets.
  - Opened them in Excel in Office Mac 2011.
  - Opened them in Apple Numbers from the app store.

Reviewers: btrahan, jungejason

Reviewed By: jungejason

CC: aran, epriestley

Maniphest Tasks: T911

Differential Revision: https://secure.phabricator.com/D1744
2012-03-01 17:23:29 -08:00
epriestley
b18fa48c89 Move documentation about X-Herald-Rules to an article
Summary:
  - We have a lot of headers now; document them.
  - Remove the one random protip from like 3 years ago from all Differential
mail.

Test Plan: generated; read documentation

Reviewers: btrahan

Reviewed By: btrahan

CC: aran, epriestley

Maniphest Tasks: T931

Differential Revision: https://secure.phabricator.com/D1748
2012-03-01 17:23:18 -08:00
epriestley
41a265b464 Update Javelin and packaging
Summary:
  - Update the Javelin submodule to pick up recent fixes (like D1749).
  - Update the package definitions do do a slightly better job of packaging
resources.

Test Plan:
Up and down work in tokenizers now. Pages load slightly fewer
resources.

Reviewers: vrana, btrahan

Reviewed By: btrahan

CC: aran, epriestley

Maniphest Tasks: T927

Differential Revision: https://secure.phabricator.com/D1751
2012-03-01 17:23:00 -08:00
Bob Trahan
0327a5fc69 OAuthServer polish and random sauce
Summary:
This diff makes the OAuthServer more compliant with the spec by
- making it return well-formatted error codes with error types from the spec.
- making it respect the "state" variable, which is a transparent variable the
client passes and the server passes back
- making it be super, duper compliant with respect to redirect uris
-- if specified in authorization step, check if its valid relative to the client
registered URI and if so save it
-- if specified in authorization step, check if its been specified in the access
step and error if it doesn't match or doesn't exist
-- note we don't make any use of it in the access step which seems strange but
hey, that's what the spec says!
This diff makes the OAuthServer suck less by
- making the "cancel" button do something in the user authorization flow
- making the client list view and client edit view be a bit more usable around
client secrets
- fixing a few bugs I managed to introduce along the way

Test Plan:
- create a test phabricator client, updated my conf, and then linked and
unlinked phabricator to itself
- wrote some tests for PhabricatorOAuthServer -- they pass!
-- these validate the various validate URI checks
- tried a few important authorization calls
--
http://phabricator.dev/oauthserver/auth/?client_id=X&state=test&redirect_uri=http://www.evil.com
--- verified error'd from mismatching redirect uri's
--- verified state parameter in response
--- verified did not redirect to client redirect uri
-- http://phabricator.dev/oauthserver/auth/?client_id=X w/ existing
authorization
--- got redirected to proper client url with error that response_type not
specified
-- http://phabricator.dev/oauthserver/auth/?client_id=X&response_type=code w/
existing authorization
--- got redirected to proper client url with pertinent code!
- tried a few important access calls
-- verified appropriate errors if missing any required parameters
-- verified good access code with appropriate other variables resulted in an
access token
- verified that if redirect_uri set correctly in authorization required for
access and errors if differs at all / only succeeds if exactly the same

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, epriestley, ajtrichards

Maniphest Tasks: T889, T906, T897

Differential Revision: https://secure.phabricator.com/D1727
2012-03-01 14:46:18 -08:00
epriestley
e9dedb0c88 Iterate on Maniphest reports
Summary:
  - These are still slow, awkward and hideous -- but slightly better than
before.
  - Allow "open" reports to be sorted.
  - Add a "burn" chart/table for assessing project volatility.
  - Add navigation.

Test Plan: Looked at reports.

Reviewers: btrahan

Reviewed By: btrahan

CC: aran, epriestley

Maniphest Tasks: T923

Differential Revision: https://secure.phabricator.com/D1737
2012-03-01 14:19:11 -08:00
vrana
c0c5b9bb64 Add Edit All link to Differential revision
Summary:
Some text editors support opening multiple files at once.
I've used space as paths separator which may be compatible with some other
editors (I didn't tried any other though).
Note: This approach is incompatible with spaces in paths.
I am fine with changing it to anything else to support such paths or more
editors.
Probably the cleanest solution (yet still incompatible with most editors) would
be to use something like ##editor://open/?file=A&line=1&file=B&line=2## but it
would require also changing the way how it's configured and I think it's not
worth it.
BTW, I've used a hacky bookmarklet for this feature before.

Deleted or added paths may not exist in users filesystem but we don't know which
so the button tries to open everything.

Test Plan:
Click Edit All.
Delete Editor Link in settings, verify that the button is missing.
View diff without revision, verify that the button is missing.

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, epriestley

Differential Revision: https://secure.phabricator.com/D1741
2012-03-01 10:09:32 -08:00
Nick Harper
5042667b96 Improved warning message when accepting diff with skipped lint or unit
Summary:
Some people find the current message stating "This diff has Lint/Unit Test
Problems" confusing if the unit tests or lint was skipped. This revision
clarifies those messages.

Test Plan:
Started to accept a revision with skipped lint and unit tests, and saw the new
message.

Reviewers: epriestley, btrahan, jungejason

Reviewed By: epriestley

CC: aran, epriestley

Differential Revision: https://secure.phabricator.com/D1738
2012-02-29 22:39:37 -08:00
vrana
4c8f405fcc Use wide links only for line and blame-prev in Diffusion
Summary: D1701 disallowed me selecting authors and revisions by mouse, grrr.

Test Plan: View file, hover over <th>, click.

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, epriestley

Differential Revision: https://secure.phabricator.com/D1736
2012-02-29 18:22:04 -08:00
vrana
040f934adf Allow blaming of empty file in Diffusion
Summary: Blame of empty call currently throws AphrontQueryParameterException.

Test Plan: Blame empty file.

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, epriestley

Differential Revision: https://secure.phabricator.com/D1734
2012-02-29 16:32:34 -08:00
epriestley
94daf63ca5 Add an explicit "this mail came from Phabricator" header
Summary:
See T926. If you want to write a mail rule that, e.g., captures Differential
mail but ignores people replying to it, it's kind of tricky right now. You can
use the 'X-Mail-Transport-Agent' header but that's not obvious and it's not
necessarily stable.

Add a nice, obvious "X-Phabricator-Sent-This-Message" header.

Test Plan: Sent myself some mail, verified the header appeared.

Reviewers: vrana, btrahan, fugalh, jungejason

Reviewed By: jungejason

CC: aran, epriestley

Maniphest Tasks: T926

Differential Revision: https://secure.phabricator.com/D1732
2012-02-29 15:30:56 -08:00
vrana
f6d4cc4896 Send custom headers for author, reviewer and cc in Differential e-mails
Summary:
I want to flag messages which require an immediate action from me in e-mail
client.
It is currently not possible because Author and Reviewers fields are both in
To:.
So the filtering rule cannot recognize if I am the person who should take the
action.

This diff adds these headers:

- X-Differential-Author
- X-Differential-Reviewers
- X-Differential-CCs

Test Plan:
Send comment to the diff.
Verify X-Differential-* headers.

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, epriestley

Maniphest Tasks: T808

Differential Revision: https://secure.phabricator.com/D1724
2012-02-29 14:33:18 -08:00
epriestley
21f0aba701 Use an inline dialog element for inline comments in Differential
Summary:
The current approach of using a modal overlay dialog to create/edit inline
comments is pretty silly. Use an inline textarea instead.

This element isn't perfect and we have some mild modalness issues, but I think
it's better than the silly thing we've got going on right now. We can keep
poking it as people break it.

Test Plan:
  - Created comments; submitted and undid them in empty and nonempty states.
Used undo for nonempty states + cancel.
  - Edited comments; saved and canceled them. Used undo for changed state.
  - Replied to comments; yada yada as above.
  - Deleted comments.
  - Did various modal trickery where I clicked "Reply" on something else with a
dialog already up, this very mildly glitches but I think it's not a big issue.

Reviewers: vrana, btrahan, Makinde, nh

Reviewed By: vrana

CC: aran, epriestley

Maniphest Tasks: T431

Differential Revision: https://secure.phabricator.com/D1716
2012-02-29 14:28:48 -08:00
epriestley
93152a9719 Minor, fix Maniphest defualt user selection. 2012-02-28 22:00:03 -08:00
epriestley
d7bb686a47 Minor, actually update commit author field when it is parsed by the worker. 2012-02-28 21:25:15 -08:00
epriestley
28f5d9f227 Remove old audit edit form in favor of Diffusion form
Summary: Since we embed comments/audits into Diffusion now, we don't need the
old edit interface.

Test Plan: Grepped for links to old interface.

Reviewers: btrahan, jungejason

Reviewed By: btrahan

CC: aran, epriestley

Maniphest Tasks: T904

Differential Revision: https://secure.phabricator.com/D1714
2012-02-28 21:13:14 -08:00
epriestley
1eeaeb62e4 Remove commit list from Diffusion in favor of Audit commit list
Summary:
We can drive this query better from the Audit tool now; get rid of the Diffusion
version.

Preserve usernames in URIs as per T900.

Test Plan: Clicked "Commits" from profile. Browsed audit commit filters.

Reviewers: btrahan, jungejason

Reviewed By: btrahan

CC: aran, epriestley

Maniphest Tasks: T904

Differential Revision: https://secure.phabricator.com/D1713
2012-02-28 21:12:08 -08:00
epriestley
f3549bb2d3 Show commits in /audit/
Summary:
The general idea here is to build a Differential-like dashboard which shows all
the things you need to audit and all the things that other people have raised
issues with, so you have a one-stop "what do I need to deal with?" interface.

  - Add problem commits to the "active" view of /audit/.
  - Add problem commits to homepage.
  - Add commit browsing interfaces to /audit/.
  - Add an "Audit" app button.

Test Plan: Looked at homepage, commit filters. Audited commits, verified state
changes reflected properly.

Reviewers: btrahan, jungejason

Reviewed By: btrahan

CC: aran, epriestley

Maniphest Tasks: T904

Differential Revision: https://secure.phabricator.com/D1712
2012-02-28 21:10:39 -08:00
epriestley
4117cdbdfb Enhance Maniphest custom queries
Summary:
Improve the custom query interface:

  - Allow search for tasks not in projects.
  - Allow search for tasks with no projects.
  - Allow custom search to include author/owner constraints.

Test Plan: Searched for various sorts of tasks.

Reviewers: btrahan

Reviewed By: btrahan

CC: aran, epriestley

Maniphest Tasks: T911

Differential Revision: https://secure.phabricator.com/D1722
2012-02-28 21:08:02 -08:00
epriestley
280d7cd294 Add excel export to Maniphest
Summary:
Allow Maniphest result sets to be exported to Excel.

Spreadsheet_Excel_Writer is awful but comparatively easy to get working. There's
also a "PHPExcel" package but it has some autoload conflicts right now and this
seems good-enough.

Test Plan: Exported a bunch of tasks to Excel.

Reviewers: btrahan

Reviewed By: btrahan

CC: aran, epriestley

Maniphest Tasks: T923

Differential Revision: https://secure.phabricator.com/D1721
2012-02-28 21:07:12 -08:00
epriestley
8a0a00f118 Make PhabricatorRepositoryCommmit schema changes for audit
Summary:
  - Add a proper mailKey field to make these things mailable. Backfill all
existing objects.
  - Denormalize authorPHID to the commit object so we can query by it
efficiently in a future diff. We currently use the search engine to drive
"commits by author" but that's not so good for audit, which needs more
constraints.
  - Add an overall audit status field so we can efficiently query "commits that
needs your attention".
  - Add enough code to convince myself that these fields are basically
reasonable and work correctly.

Test Plan:
  - Ran schema upgrades. Checked database state afterward.
  - Ran "reparse.php --owners --herald" to verify worker changes.
  - Looked at a commit, altered aggregate status via audits / reparse.php,
verified it responded correctly.

Reviewers: btrahan, jungejason

Reviewed By: jungejason

CC: aran, epriestley, nh

Maniphest Tasks: T904

Differential Revision: https://secure.phabricator.com/D1706
2012-02-28 21:06:34 -08:00
epriestley
07d75e35a4 Merge branch 'arcpatch-D1726' 2012-02-28 21:04:10 -08:00
David Fisher
e846a1747e Fix Feed Times on 32 Bit Servers
Summary:
The feed time is stored as the upper 32 bits of
PhabricatorFeedStoryData::chronologicalKey. These bits were previously accessed
by right shifting, which does not work properly on 32 bit machines (the result
is PHP_INT_MAX). We now attempt to use the bc extension (if available) and fall
back on mysql math otherwise. (See T500, D912).

Test Plan:
The calculation is unchanged for 64 bit machines. I checked both
paths on a 32 bit machine with bc extension available by setting the appropriate
if-condition to false and true.

Reviewers: epriestley

Reviewed By: epriestley

CC: ddfisher, aran, epriestley

Differential Revision: https://secure.phabricator.com/D1726
2012-02-28 21:04:02 -08:00
epriestley
6f4665756d Make Conduit parsers more flexible for 'arc diff --create'
Summary:
Adds softer parse modes with less validation for doing partial parses
during the "arc diff --create" flow.

Test Plan:
Ran "arc diff --create" and got sensible results for inputs like bad
reviewers but a good title/summary.

Reviewers: btrahan

Reviewed By: btrahan

CC: aran, epriestley

Maniphest Tasks: T614

Differential Revision: https://secure.phabricator.com/D1720
2012-02-28 16:56:19 -08:00
epriestley
fe05a63736 Minor, address feedback from D1705. 2012-02-27 19:22:59 -08:00
epriestley
67abac5201 Improve Audit tool filters
Summary: Add more filters/options to the /audit/ interface (By User, By Package,
By Project...)

Test Plan: Looked at audits via /audit/.

Reviewers: btrahan, jungejason

Reviewed By: jungejason

CC: aran, epriestley

Maniphest Tasks: T904

Differential Revision: https://secure.phabricator.com/D1705
2012-02-27 19:21:41 -08:00
epriestley
37a1db6fe1 Use HGPLAIN for local hg commands in Phabricator
Summary: See D1707 -- just in case the Phabricator server is configured
suspiciously.

Test Plan: Cursory inspection.

Reviewers: Makinde, btrahan

Reviewed By: Makinde

CC: aran, epriestley

Maniphest Tasks: T922

Differential Revision: https://secure.phabricator.com/D1708
2012-02-27 19:21:03 -08:00
epriestley
800aa92fd9 Refine "Tactical Command" layout and styling
Summary:
  - Move the buttons in the jump nav to iOS-style "application" buttons in the
header. These are sort of ugly right now, but I think serviceable enough. Some
day we will hire a designer whose entire job is to pick up after me.
    - This gives us more room (allowing us to restore "Maniphest" and
"Differential").
    - This also disassociates the app buttons from the jump nav, which was a
point of confusion (user expectation that the text input is related to the
buttons).
  - Allow "Active Revisions" and "Assigned Tasks" to collapse completely. They
didn't completely collapse before because the top-level "Active Tasks" / "Active
Revisions" was sort of overloaded as quick nav to apps. Now we have app buttons.
  - Reduce overall size of jump nav.

Test Plan: Looked at homepage in various states of need-for-attention.

Reviewers: btrahan

Reviewed By: btrahan

CC: aran, epriestley

Differential Revision: https://secure.phabricator.com/D1694
2012-02-27 13:14:32 -08:00
epriestley
c7094d2def Add preview and drafts to audits
Summary: Add comment previews and saved drafts to audits, like Maniphest /
Differential.

Test Plan: Typed stuff into the box. Got a preview. Reloaded page. Stuff was
still there. Submitted comment. Stuff is gone.

Reviewers: btrahan, jungejason

Reviewed By: btrahan

CC: aran, epriestley

Maniphest Tasks: T904

Differential Revision: https://secure.phabricator.com/D1699
2012-02-27 13:00:23 -08:00
epriestley
3289059452 Unify "toggle buttons" controls
Summary: This control is a very thin shell right now with Maniphest/Differential
code duplication; unify the implemenations better for use in Audit.

Test Plan: Clicked toggle buttons in Differential and Maniphest.

Reviewers: btrahan, jungejason

Reviewed By: btrahan

CC: aran, epriestley

Differential Revision: https://secure.phabricator.com/D1700
2012-02-27 12:59:05 -08:00
epriestley
d7a7bca85c Enable email for audits
Summary:
When users submit an audit, send email to relevant parties informing them.

Allow email to be replied to. Just basic support so far; no "!raise" stuff and
no threading with the Herald commit notification.

Test Plan: Made comments, got email. Replied to email, got comments.

Reviewers: btrahan, jungejason

Reviewed By: btrahan

CC: aran, epriestley

Maniphest Tasks: T904

Differential Revision: https://secure.phabricator.com/D1698
2012-02-27 12:57:57 -08:00
epriestley
cfbec38fbe When a user makes an audit comment, retroactively trigger an audit
Summary:
If a user comments on a commit but they don't currently have any audits they're
authoritative on, create a new one.

This makes it easier to handle other things more consistently, like figuring out
the overall audit status of a commit and who should get emails.

Test Plan: Made comments on commits I had authority on and did not have
authority on.

Reviewers: btrahan, jungejason

Reviewed By: jungejason

CC: aran, epriestley

Maniphest Tasks: T904

Differential Revision: https://secure.phabricator.com/D1697
2012-02-27 09:53:49 -08:00
epriestley
25fade5008 Add audits to search
Summary: Add audit information to the commit search index.

Test Plan: Updated a commit, searched for terms in its comments, got hits.

Reviewers: btrahan, jungejason

Reviewed By: jungejason

CC: aran, epriestley

Maniphest Tasks: T904

Differential Revision: https://secure.phabricator.com/D1696
2012-02-27 09:51:00 -08:00
epriestley
053d576ad6 Integrate Audit into feed
Summary: When a user posts an action in the audit tool, publish it to feed.

Test Plan: Made some comments, saw them show up in feed.

Reviewers: btrahan, jungejason

Reviewed By: jungejason

CC: aran, epriestley

Maniphest Tasks: T904

Differential Revision: https://secure.phabricator.com/D1695
2012-02-27 09:49:01 -08:00
epriestley
26599e6192 Show pending audits on home page
Summary: When a user has pending audits, show them on the homepage.

Test Plan: Looked at my homepage with and without pending audits.

Reviewers: btrahan, jungejason

Reviewed By: jungejason

CC: aran, epriestley

Maniphest Tasks: T904

Differential Revision: https://secure.phabricator.com/D1692
2012-02-27 09:48:18 -08:00
epriestley
1094527072 Allow Herald to trigger audits for users or projects
Summary:
Allows you to write a commit rule that triggers an audit by a user (personal
rules) or a project (global rules).

Mostly this is trying to make auditing more lightweight and accessible in
environments where setting up Owners packages doesn't make sense.

For instance, Disqus wants a rule like "trigger an audit for everything that
didn't have a Differential revision". While not necessarily scalable, this is a
perfectly reasonable rule for a small company, but a lot of work to implement
with Owners (and you'll get a lot of collateral damage if you don't make every
committer a project owner).

Instead, they can create a project called 'Unreviewed Commits' and write a rule
like:

	- When: Differential revision does not exist
 	- Action: Trigger an Audit for project: "Unreviewed Commits"

Then whoever cares can join that project and they'll see those audits in their
queue, and when they approve/raise on commits their actions will affect the
project audit.

Similarly, if I want to look at all commits that match some other rule (say,
XSS) but only want to do it like once a month, I can just set up an audit rule
and go through the queue when I feel like it.

NOTE: This abuses the 'packagePHID' field to also store user and project PHIDs.
Through the magic of handles, this (apparently) works fine for now; I'll do a
big schema patch soon but have several other edits I want to make at the same
time.

Also:

	- Adds an "active" fiew for /audit/, eventually this will be like the
Differential "active" view (stuff that is relevant to you right now).
	- On commits, highlight triggered audits you are responsible for.

Test Plan: Added personal and global audit triggers to Herald, reparsed some
commits with --herald, got audits. Browsed all audit interfaces to make sure
nothing exploded. Viewed a commit where I was responsible for only some audits.
Performed audits and made sure the triggers I am supposed to be responsible for
updated properly.

Reviewers: btrahan, jungejason

Reviewed By: jungejason

CC: aran, epriestley

Maniphest Tasks: T904

Differential Revision: https://secure.phabricator.com/D1690
2012-02-27 09:36:30 -08:00
John-Ashton Allen
08dd3bc1d9 Fixed jump nav repo functionality to not mess with other jump nav functionality
Summary: just changed the regex to only look at the beginning of the string

Test Plan: works with: s PhabricatorDAO, rP, r,
rPda892bde7c6e9c8f08572fde2d55c934f26dbb86

Reviewers: epriestley

Reviewed By: epriestley

CC: ddfisher, aran, epriestley

Differential Revision: https://secure.phabricator.com/D1703
2012-02-27 09:30:36 -08:00
vrana
991fee2118 Use wide links instead of fake cursor in Differential
Summary:
Current approach has several problems:

- if there is no link in the cell then it still shows a link cursor
- if there is a link then it is clickable only on the text

Test Plan:
Display file in Differential, hover over cell with link.
Repeat for Paste.

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, epriestley

Differential Revision: https://secure.phabricator.com/D1701
2012-02-26 13:12:07 -08:00
Korvin Szanto
e24a6acf58 Multiline Highlighting in Diffusion
Summary:
I added multiline highlighting with the syntax:

  http://site/path/to/file$from-to

NOTE: you can reverse the from and to

Test Plan: Open a file in diffusion and attempt to highlight multiple lines

Reviewers: epriestley

CC: aran, epriestley

Differential Revision: https://secure.phabricator.com/D1693
2012-02-25 12:32:59 -08:00
Nick Harper
913510a9a9 Update location for "Related Commits" link in owners tool list
Summary:
D1631 updated the url for related commits, but missed the link here. This
rev updates the link in the owners tool list.

Task ID: #

Blame Rev:

Test Plan:
clicked the link, and it worked

Revert Plan:

Tags:

Reviewers: epriestley, jungejason

Reviewed By: jungejason

CC: aran, epriestley

Differential Revision: https://secure.phabricator.com/D1691
2012-02-24 16:20:42 -08:00
Natthu Bharambe
a22827865f Merge branch 'master' of github.com:facebook/phabricator 2012-02-24 15:29:04 -08:00
Natthu Bharambe
ed1928eee2 Show lint/unit failure explanation in Phabricator
Summary:
Tweaked lint/unit field specifications to introduce the failure
explanation read from arc:[lint|unit]-excuse.

Task ID: #

Blame Rev:

Test Plan:
Create dumb diffs with errors - run modified 'arc' and change
conduit_url to http://phabricator.dev1020.facebook.com/api/ - verified
that explanation shows up with proper formatting.

Revert Plan:

Tags:

Reviewers: epriestley, nh

Reviewed By: epriestley

CC: Girish, akramer, blair, aran, epriestley, andreygoder

Differential Revision: https://secure.phabricator.com/D1689
2012-02-24 15:28:06 -08:00
epriestley
e5f3ad14e1 Allow audit comments to be added from Diffusion
Summary:
This is intended to supplant the existing "audit edit" interface. I've changed
them to both drive down the same write pathway, but the UIs are still different.
I'll fully merge them in a future diff.

Add a comment box (like Maniphest and Differential) to Diffusion. When users
make comments, their comments appear on the commit. Any audits triggers they are
responsible for are updated to reflect actions they take, as well.

Currently, audits can only be triggered by packages, but I intend to allow them
to be triggered by users and projects (via herald rules) in an upcoming diff.
Thus some of the language like "projects, users or packages" when the code is
clearly dealing only with "packagePHID".

Test Plan: Made audit updates via commit interface and via existing edit
interface. Verified both interfaces updated correctly, and that audit
responsibility rules were applied properly.

Reviewers: btrahan, jungejason

Reviewed By: btrahan

CC: aran, epriestley

Maniphest Tasks: T904

Differential Revision: https://secure.phabricator.com/D1688
2012-02-24 15:04:53 -08:00
Bob Trahan
3c4070a168 OAuth Server -- add controllers to RUD client authorizations and CRUD clients
Summary:
beyond the title, this diff tweaks the test console to have a bit more
functionality.  also makes a small change to CSS for AphrontFormControlMarkup,
which IMO fixes a display issue on
https://secure.phabricator.com/settings/page/profile/ where the Profile URI is
all up in the air and whatnot

I think this is missing pagination.  I am getting tired of the size though and
will add later.  See T905.

Test Plan:
viewed, updated and deleted client authorizations.  viewed, created,
updated and deleted clients

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, epriestley

Maniphest Tasks: T849, T850, T848

Differential Revision: https://secure.phabricator.com/D1683
2012-02-24 14:56:18 -08:00
epriestley
5f46a61e6d Show audit comments on the Diffusion commit view
Summary: We already allow you to create comments, but we don't show them on the
commit page. After style / view unification this is easy; show comments on the
commit page.

Test Plan: Made comments on a commit using the audit too, saw them show up in
Diffusion.

Reviewers: btrahan, jungejason

Reviewed By: btrahan

CC: aran, epriestley

Maniphest Tasks: T904

Differential Revision: https://secure.phabricator.com/D1687
2012-02-24 14:14:39 -08:00
epriestley
282d6e5ffa Unify Maniphest + Differential comment styles
Summary:
I want to add comments to commits, and they should obviously share code with the
nearly-identical comments in Maniphest and Differential. Unify code/style as
much as possible.

This program made possible by a generous grant from D1513.

Test Plan:
  - Looked at a bunch of different Differential and Maniphest comments; they
appeared to render identically to how they looked before.
  - Tested some edge cases like anchors and "show details" on description edits
in Maniphest.

Reviewers: btrahan, jungejason

Reviewed By: btrahan

CC: aran, epriestley

Maniphest Tasks: T904

Differential Revision: https://secure.phabricator.com/D1686
2012-02-24 13:02:35 -08:00
epriestley
97ea6ea619 Add a basic first-class audit UI
Summary:
Currently, audits are only accessible through the Owners tool. Start moving them
to their own first-class tool in preparation for broader audit integration.

  - Lay some infrastructure groundwork (e.g. AuditQuery).
  - Build a basic /audit/ view.
  - Show audits on the commit page in Diffusion.

This has some code duplication with stuff we've already got, but I'll merge
everything together as we move forward on this.

Test Plan: Looked at /audit/ and a commit.

Reviewers: btrahan, jungejason

Reviewed By: btrahan

CC: aran, epriestley

Maniphest Tasks: T904

Differential Revision: https://secure.phabricator.com/D1685
2012-02-24 13:02:14 -08:00
epriestley
386dcfff7e Rough batch editor for Maniphest
Summary:
First stab at a batch editor for Maniphest. Basically, you can select a group of
tasks and then import them into the "batch" interface, where you can edit all of
them at once.

High level goal is to make it easier for users in PM/filer/support/QA roles to
deal with large numbers of tasks quickly.

This implementation has a few major limitations:

  - The only available actions are "add projects" and "remove projects".
  - There is no review / undo / log stuff.
  - All the changes are applied in-process, which may not scale terribly well.

However, the immediate need is just around projects and this seemed like a
reasonable place to draw the line for a minimal useful version of the tool.

Test Plan: Used batch editor to add and remove projects from groups of tasks.

Reviewers: btrahan, yairlivne

Reviewed By: btrahan

CC: aran, epriestley, sandra

Maniphest Tasks: T441

Differential Revision: https://secure.phabricator.com/D1680
2012-02-24 13:00:48 -08:00
vrana
48ab6aa465 Display //no name// for files without name to make the link clickable
Test Plan: /file/

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, epriestley

Differential Revision: https://secure.phabricator.com/D1679
2012-02-23 13:23:04 -08:00
epriestley
bf3dd8663c Add "buoyant" headers to Differential
Summary:
As you scroll through a diff, add a fixed-position header to the top of the
document to provide context. This is particularly useful with keyboard
navigation.

The technical implementation is that we seed the document with invisible
markers. When the user scrolls past one, we show a header with that text until
they scroll past another.

Test Plan:
Scrolled through a revision, was presented with context.

https://secure.phabricator.com/file/data/5xhh2jmoon6ukr5qjkh3/PHID-FILE-463ituscyhyw7utnox7m/Screen_Shot_2012-02-22_at_2.48.19_PM.png

Reviewers: btrahan

Reviewed By: btrahan

CC: aran, epriestley

Maniphest Tasks: T696

Differential Revision: https://secure.phabricator.com/D1673
2012-02-23 12:26:14 -08:00
blair
913c931cb0 [mailing list] add paging
Summary:
The mailing list page in MetaMTA only showed the first 100
sorted by ID, so it made it seem like lists were missing. Changed it to
do paging and short by name, so it has some user-understandable order.

Test Plan:
 - Go to /mail/lists/
 - Step through pager, confirm ordering.

Reviewers: nh, epriestley

Reviewed By: epriestley

CC: aran, epriestley

Differential Revision: https://secure.phabricator.com/D1670
2012-02-22 12:47:13 -08:00
epriestley
17965cc8be Improve display of "Added Reviewers" and "Added CCs" in Differential, link diffs
Summary:
When a comments add reviewers or CCs, we just dump that sort of nastily into the
body. Put it in the header like Maniphest instead.

Also, record the diff associated with "update" actions and link to it (T871).

Test Plan: {F8546} {F8547}

Reviewers: btrahan, davidreuss

Reviewed By: davidreuss

CC: aran, epriestley

Maniphest Tasks: T871

Differential Revision: https://secure.phabricator.com/D1659
2012-02-22 08:03:48 -08:00
Nick Harper
07e5591015 [diffusion] Fix pending differential revisions list
Summary:
DifferentialRevisionListView requires setFields to be called before
calling getRequiredHandlePHIDs; this adds that call for DiffusionController

Test Plan:
loaded diffusion and saw the "Pending Differential Revisions" section
populated, and no errors in the darkconsole

Reviewers: epriestley, btrahan, jungejason

Reviewed By: epriestley

CC: aran, epriestley

Differential Revision: https://secure.phabricator.com/D1665
2012-02-21 22:47:36 -08:00
Bob Trahan
af295e0b26 OAuth Server enhancements -- more complete access token response and groundwork
for scope

Summary:
this patch makes the access token response "complete" relative to spec by
returning when it expires AND that the token_type is in fact 'Bearer'.

This patch also lays the groundwork for scope by fixing the underlying data
model and adding the first scope checks for "offline_access" relative to expires
and the "whoami" method.   Further, conduit is augmented to open up individual
methods for access via OAuth generally to enable "whoami" access.   There's also
a tidy little scope class to keep track of all the various scopes we plan to
have as well as strings for display (T849 - work undone)

Somewhat of a hack but Conduit methods by default have SCOPE_NOT_ACCESSIBLE.  We
then don't even bother with the OAuth stuff within conduit if we're not supposed
to be accessing the method via Conduit.   Felt relatively clean to me in terms
of additional code complexity, etc.

Next up ends up being T848 (scope in OAuth) and T849 (let user's authorize
clients for specific scopes which kinds of needs T850).  There's also a bunch of
work that needs to be done to return the appropriate, well-formatted error
codes.  All in due time...!

Test Plan:
verified that an access_token with no scope doesn't let me see
anything anymore.  :(  verified that access_tokens made awhile ago expire.  :(

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, epriestley

Maniphest Tasks: T888, T848

Differential Revision: https://secure.phabricator.com/D1657
2012-02-21 16:33:06 -08:00
epriestley
1caa812172 Move feed off home page to just /feed/
Summary:
I haven't actually been using this as much as I thought, and am more interested
in the full view than the per-project view.

Let's try moving it off /home/ and then maybe adding some filtering options at
some point.

Test Plan: Looked at "all" and "my projects" in feed. Looked at home page.

Reviewers: btrahan

Reviewed By: btrahan

CC: aran, epriestley

Differential Revision: https://secure.phabricator.com/D1658
2012-02-21 15:10:11 -08:00
John Fremlin VII
583cca0d7c Various statistics about revisions at /differential/stats/revisions/
Summary:
Show some statistics, like number of revisions, number of
revisions per week, lines per revision, etc. for phrivolous amusement.

Test Plan:
 - Went to /differential/stats/revisions/
Numbers seem right
 - Clicked 'Accepted'
Again
 - Changed to another user with long history
Load time was not too long though delay noticeable
 - Clicked 'Requested changes to'
User was preserved, looks good

Reviewers: epriestley, btrahan

Reviewed By: epriestley

CC: aran, epriestley

Differential Revision: https://secure.phabricator.com/D1643
2012-02-21 12:13:18 -08:00
David Fisher
fc4e23c50f Added Additional Fuctionality to Jump Nav: Jump to users, projects, symbols, or
create new tasks

Summary: see title

Test Plan: Tested jump nav and found the correct urls were being loaded. Old
functionality was not effected.

Reviewers: epriestley, btrahan

Reviewed By: epriestley

CC: ddfisher, allenjohnashton, kpark517, aran, epriestley

Differential Revision: https://secure.phabricator.com/D1642
2012-02-20 10:23:51 -08:00
Bob Trahan
be66a52050 Make conduit read access_token and login the pertinent $user
Summary: This makes the oauth server a bunch more useful.

Test Plan:
- used /oauth/phabricator/diagnose/ and it actually passed!
- played around with conduit via hacking URL to include access_token on a logged
out browser
- linked my account to itself by going to /settings/page/phabricator/, clicking
"link" account, then cutting and pasting the pertinent ?code=X into
/oauth/phabricator/login/.

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, epriestley

Maniphest Tasks: T852

Differential Revision: https://secure.phabricator.com/D1644
2012-02-20 10:21:23 -08:00
epriestley
92f3ffd811 Drive differential revision list with custom fields
Summary:
Build the revision list table out of custom fields instead of hard-coding it, so
installs can add all sorts of zany things to it.

NOTE: You may need to implement sortFieldsForRevisionList() if you have a custom
DifferentialFieldSelector, or some fields might show up out of order.

This implementation will preserve the expected behavior:

  public function sortFieldsForRevisionList(array $fields) {
    $default = new DifferentialDefaultFieldSelector();
    return $default->sortFieldsForRevisionList($fields);
  }

Test Plan:
  - Loaded differential revision list, identical to old list.
  - Profiled page to verify the cost increase isn't significant (it's quite
small).

Reviewers: jungejason, btrahan

Reviewed By: btrahan

CC: aran, btrahan, davidreuss, epriestley

Maniphest Tasks: T773, T729

Differential Revision: https://secure.phabricator.com/D1388
2012-02-20 05:38:21 -08:00
Bob Trahan
7a3f33b5c2 OAuth - Phabricator OAuth server and Phabricator client for new Phabricator OAuth Server
Summary:
adds a Phabricator OAuth server, which has three big commands:
 - auth - allows $user to authorize a given client or application.  if $user has already authorized, it hands an authoization code back to $redirect_uri
 - token - given a valid authorization code, this command returns an authorization token
 - whoami - Conduit.whoami, all nice and purdy relative to the oauth server.
Also has a "test" handler, which I used to create some test data.  T850 will
delete this as it adds the ability to create this data in the Phabricator
product.

This diff also adds the corresponding client in Phabricator for the Phabricator
OAuth Server.  (Note that clients are known as "providers" in the Phabricator
codebase but client makes more sense relative to the server nomenclature)

Also, related to make this work well
 - clean up the diagnostics page by variabilizing the provider-specific
information and extending the provider classes as appropriate.
 - augment Conduit.whoami for more full-featured OAuth support, at least where
the Phabricator client is concerned

What's missing here...   See T844, T848, T849, T850, and T852.

Test Plan:
- created a dummy client via the test handler.   setup development.conf to have
have proper variables for this dummy client.  went through authorization and
de-authorization flows
- viewed the diagnostics page for all known oauth providers and saw
provider-specific debugging information

Reviewers: epriestley

CC: aran, epriestley

Maniphest Tasks: T44, T797

Differential Revision: https://secure.phabricator.com/D1595
2012-02-19 14:00:13 -08:00
epriestley
9748520b0e Add "overflow: auto" to all comment boxes
Summary: Set these all to "overflow: auto".

Test Plan:
Made comments like "MMMMMMM..." in:

  - Differential comment preview.
  - Differential comment (saved).
  - Maniphest comment preview.
  - Maniphest comment (saved).
  - Differential inline comment draft.
  - Differential inline comment preview.
  - Differential inline comment (saved).

Also tested code blocks.

Reviewers: nh, btrahan, jungejason

Reviewed By: jungejason

CC: aran, epriestley

Maniphest Tasks: T883

Differential Revision: https://secure.phabricator.com/D1641
2012-02-19 09:07:35 -08:00
epriestley
bfea830d09 Add email preferences to receive fewer less-important notifications
Summary:
A few similar requests have come in across several tools and use cases that I
think this does a reasonable job of resolving.

We currently send one email for each update an object receives, but these aren't
always appreciated:

  - Asana does post-commit review via Differential, so the "committed" mails are
useless.
  - Quora wants to make project category edits to bugs without spamming people
attached to them.
  - Some users in general are very sensitive to email volumes, and this gives us
a good way to reduce the volumes without incurring the complexity of
delayed-send-batching.

The technical mechanism is basically:

  - Mail may optionally have "mail tags", which indicate content in the mail
(e.g., "maniphest-priority, maniphest-cc, maniphest-comment" for a mail which
contains a priority change, a CC change, and a comment).
  - If a mail has tags, remove any recipients who have opted out of all the
tags.
  - Some tags can't be opted out of via the UI, so this ensures that important
email is still delivered (e.g., cc + assign + comment is always delivered
because you can't opt out of "assign" or "comment").

Test Plan:
  - Disabled all mail tags in the web UI.
  - Used test console to send myself mail with an opt-outable tag, it was
immediately dropped.
  - Used test console to send myself mail with an opt-outable tag and a custom
tag, it was delivered.
  - Made Differential updates affecting CCs with and without comments, got
appropriate delivery.
  - Made Maniphest updates affecting project, priority and CCs with and without
comments, got appropriate delivery.
  - Verified mail headers in all cases.

Reviewers: btrahan

Reviewed By: btrahan

CC: aran, epriestley, moskov

Maniphest Tasks: T616, T855

Differential Revision: https://secure.phabricator.com/D1635
2012-02-17 22:57:07 -08:00
Nick Harper
2cf26d8036 Remove links to maniphest, phriction in tactical command, jump nav
Summary:
We don't use maniphest or phriction in our install, so the links/references to
them in tactical command and jump nav can be confusing for users. This hides
these elements if they aren't enabled.

Test Plan: loaded the front page of phabricator in my sandbox, saw they went
away

Reviewers: epriestley, btrahan, jungejason

Reviewed By: epriestley

CC: aran, epriestley

Differential Revision: https://secure.phabricator.com/D1636
2012-02-17 16:45:39 -08:00
Nick Harper
89128a70d5 Remove references to nonexistent PhabricatorOAuthProviderPhabricator
Summary:
This gets added in D1595 (which hasn't landed yet), but was referred to in
D1632 (already committed). This unbreaks master for me.

Test Plan: I no longer get an error trying to load
PhabricatorOAuthProviderPhabricator

Reviewers: btrahan, epriestley

Reviewed By: epriestley

CC: jungejason, aran, epriestley

Differential Revision: https://secure.phabricator.com/D1633
2012-02-17 12:28:17 -08:00
Bob Trahan
5ba9edff51 OAuth -- generalize / refactor providers and diagnostics page
Summary: split out from D1595

Test Plan: oauth/facebook/diagnose still looks good!

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, epriestley

Differential Revision: https://secure.phabricator.com/D1632
2012-02-17 11:13:51 -08:00
epriestley
7200040479 Add a basic chatlog
Summary:
This is pretty simple and unpolished, but it's getting pretty big and it seems
like a reasonable starting point.

  - Log chat in various "channels".
  - Conduit record and query methods.
  - IRCBot integration for IRC logging

Major TODO:

  - Web UI is really unpolished and has no search, paging, anchor-linking, etc.
Basically all presentation stuff, though.
  - I think the bot should have a map of channels to log with channel aliases?
  - The "channels" should probably be in a separate table.
  - The "authors" should probably be correlated to Phabricator accounts somehow,
where possible.

Test Plan: Used phabotlocal to log #phabricator.

Reviewers: kdeggelman, btrahan, Koolvin

Reviewed By: btrahan

CC: aran, epriestley

Maniphest Tasks: T837

Differential Revision: https://secure.phabricator.com/D1625
2012-02-17 10:21:38 -08:00
jungejason
50363695bb Support searching for Related Commits by package owner
Summary:
add support for searching by package owner for Related Commits
and commits that Need Attention.

Test Plan:
verified that

- searching by package still works when there is or there is no commits
  found
- searching by package owner works when there is or there is no commits
  found

Reviewers: epriestley, nh

Reviewed By: epriestley

CC: aran, epriestley, prithvi, dihde14, Girish

Differential Revision: https://secure.phabricator.com/D1631
2012-02-17 10:15:54 -08:00
jungejason
fb9d48f38b Refactor Owners pages and Improve the Nav Filter
Summary:
Getting ready to support searching for the related commits by
package owner (D1631):

- Add 'relative' option to the Nav Filter
- Refactor Owners page

Test Plan: - owners page still renders with the filter displayed correctly.

Reviewers: epriestley, nh

Reviewed By: epriestley

CC: aran, epriestley

Differential Revision: https://secure.phabricator.com/D1630
2012-02-17 08:56:19 -08:00
epriestley
ff4c67d207 Minor, fix help URI for jump nav. 2012-02-15 17:52:47 -08:00
epriestley
965a4da042 Add a "jump nav" element to the homepage, for quick tool/object navigation
Summary:
  - Restore quick methods for getting to common features (upload file, create
task, etc.)
  - Provide a flexible cli-like navigation element similar to stuff used at
Facebook (bunny1 / lolbunny).

Test Plan: Used jump nav and nav buttons.

Reviewers: btrahan, fratrik

Reviewed By: btrahan

CC: aran, epriestley

Differential Revision: https://secure.phabricator.com/D1619
2012-02-15 17:49:23 -08:00
epriestley
29acc848c1 Add a "feed" filter to the home page; align things; allow browsing older stories
Summary:
Pretty straightforward; see title. Kind of gross but I have a bunch
more iterations in mind here (like filtering). Paging this is a little tricky
since we can't easily use AphrontPagerView, as it relies on OFFSET, and I think
that's sort of sketchy to use here for UX reasons (query performance and view
consistency as feed updates).

Test Plan: Looked at feed, paged through feed.

Reviewers: btrahan

Reviewed By: btrahan

CC: aran, epriestley

Differential Revision: https://secure.phabricator.com/D1616
2012-02-15 17:48:14 -08:00
epriestley
4bd336cedc Add a "group by priority" to the homepage revision query
Summary: The effect of this is just to order tasks by (priority, modified)
instead of (modified), i.e. in the same default order as Maniphest, so the top
10 tasks here are the top 10 tasks in your assigned list.

Test Plan: Looked at "Assigned Tasks" on the homepage.

Reviewers: fratrik, btrahan

Reviewed By: btrahan

CC: aran, epriestley

Differential Revision: https://secure.phabricator.com/D1621
2012-02-15 13:57:50 -08:00
epriestley
eb4256b97d When a user is a member of no projects, show them no triage tasks, not all
triage tasks

Summary: The "with projects ... " query boils down to "all triage tasks" when
you don't belong to any projects. Just render the "no needs triage in projects
you are a member of" element unconditionally in this case.

Test Plan: Looked at homepage as a user with no project memberships but some
triage-requiring tasks before and after this change. Prior to this change, all
triage tasks show; afterwards, none.

Reviewers: fratrik, btrahan

Reviewed By: fratrik

CC: aran, epriestley

Differential Revision: https://secure.phabricator.com/D1620
2012-02-15 13:06:10 -08:00
Nick Harper
0b9d0c9d08 [conduit] create phid.query method
Summary:
Provide a phid.query method that returns the same information as phid.info,
but allows querying for multiple phids at once.

Test Plan: Called the method from the web conduit console.

Reviewers: btrahan, epriestley, jungejason

Reviewed By: epriestley

CC: aran, epriestley

Differential Revision: https://secure.phabricator.com/D1617
2012-02-15 11:17:20 -08:00
epriestley
da1d57b60a When viewing raw file content in Differential, cache it into the File tool
before displaying it

Summary:
@alok reported a vulnerability where Flash will run carefully-crafted plain text
files.

When the user requests a raw file, cache it into Files if it isn't already
there. Then redirect them to Files. This solves the problem by executing the
SWF/TXT with CDN-domain permissions, not content-domain permissions, provided
the install is correctly configured. (Followup diff coming to make this more
universally true.)

NOTE: We'll still show raw data in Diffusion. The barrier to XSS here is much
higher (you need commit access) but I'll do something similar there. We aren't
vulnerable in Paste, since we already use Files.

Test Plan: Clicked "View Old File", "View New File" in an alt-domain
configuration, got redirected to a cookie-free domain before being delivered the
response.

Reviewers: btrahan, alok

Reviewed By: btrahan

CC: aran, epriestley

Differential Revision: https://secure.phabricator.com/D1607
2012-02-14 17:00:20 -08:00
epriestley
cd651001b6 Add a contextual "scope" dropdown for searches
Summary: Add a "Search for ... in (document group)" thing that picks the current
scope based on the current application.

Test Plan: Conducted searches in several browsers.

Reviewers: btrahan, skrul

Reviewed By: btrahan

CC: aran, epriestley

Maniphest Tasks: T858

Differential Revision: https://secure.phabricator.com/D1610
2012-02-14 17:00:12 -08:00
epriestley
6e48bfcb0a Use Filesystem::getMimeType() instead of file
Summary: The `file` binary doesn't exist everywhere, use the more flexible
wrapper introduce in D1609.

Test Plan: Uploaded a file via drag-and-drop, it got MIME'd correctly.

Reviewers: btrahan, davidreuss, Koolvin

Reviewed By: btrahan

CC: aran, epriestley

Maniphest Tasks: T869

Differential Revision: https://secure.phabricator.com/D1615
2012-02-14 17:00:05 -08:00
epriestley
6a11d8d0d1 Reduce size of "Unbreak Now" and "Needs Triage" panels when no action is
required

Summary: Make these things like 1/4th the size if they aren't actionable.

Test Plan: Loaded home page with actionable, unactionable panels.

Reviewers: btrahan

Reviewed By: btrahan

CC: aran, epriestley

Differential Revision: https://secure.phabricator.com/D1613
2012-02-14 16:23:53 -08:00
epriestley
ba05ac595c Minor, fix a fatal on Herald Admin controller
Summary:
Just a bad merge for the edit history, I think. We need to pass $user or we
fatal trying to render timestamps.

https://secure.phabricator.com/herald/all/view/differential/

Test Plan: Looked at Herald admin view.

Reviewers: jungejason, xela, nh, btrahan, fratrik

Reviewed By: fratrik

CC: aran, epriestley

Differential Revision: https://secure.phabricator.com/D1611
2012-02-14 15:40:04 -08:00
vrana
6a17de65df Ability to add reviewers while requesting review
Summary: It makes perfect sense to add more reviewers while requesting review.

Test Plan:
Request review. Verify that Add Reviewers field shows and works.
Add some reviewer. Verify that comment preview works.
Submit. Verify that reviewers are saved and displayed.

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, epriestley

Differential Revision: https://secure.phabricator.com/D1473
2012-02-14 15:14:12 -08:00
epriestley
549146bc7c Move ALL files to serve from the alternate file domain, not just files without
"Content-Disposition: attachment"

Summary:
We currently serve some files off the primary domain (with "Content-Disposition:
attachment" + a CSRF check) and some files off the alternate domain (without
either).

This is not sufficient, because some UAs (like the iPad) ignore
"Content-Disposition: attachment". So there's an attack that goes like this:

	- Alice uploads xss.html
	- Alice says to Bob "hey download this file on your iPad"
        - Bob clicks "Download" on Phabricator on his iPad, gets XSS'd.

NOTE: This removes the CSRF check for downloading files. The check is nice to
have but only raises the barrier to entry slightly. Between iPad / sniffing /
flash bytecode attacks, single-domain installs are simply insecure. We could
restore the check at some point in conjunction with a derived authentication
cookie (i.e., a mini-session-token which is only useful for downloading files),
but that's a lot of complexity to drop all at once.

(Because files are now authenticated only by knowing the PHID and secret key,
this also fixes the "no profile pictures in public feed while logged out"
issue.)

Test Plan: Viewed, info'd, and downloaded files

Reviewers: btrahan, arice, alok

Reviewed By: arice

CC: aran, epriestley

Maniphest Tasks: T843

Differential Revision: https://secure.phabricator.com/D1608
2012-02-14 14:52:27 -08:00
epriestley
c8b4bfdcd1 Encode "<" and ">" in JSON/Ajax responses to prevent content-sniffing attacks
Summary:
Some browsers will still sniff content types even with "Content-Type" and
"X-Content-Type-Options: nosniff". Encode "<" and ">" to prevent them from
sniffing the content as HTML.

See T865.

Also unified some of the code on this pathway.

Test Plan: Verified Opera no longer sniffs the Conduit response into HTML for
the test case in T865. Unit tests pass.

Reviewers: cbg, btrahan

Reviewed By: cbg

CC: aran, epriestley

Maniphest Tasks: T139, T865

Differential Revision: https://secure.phabricator.com/D1606
2012-02-14 14:51:51 -08:00
vrana
8da4f981fb Always display Branch in revision
Summary:
I, as an author, sometimes forget branch associated with a revision.
Plus setting ##differential.show-host-field## makes a false sense of security
that branch will stay hidden so that I can name it
//finally_solve_this_crap_which_makes_no_sense//. But it is published in
Accepted and Request Changes e-mails anyway.

Test Plan: Display revision with disabled ##differential.show-host-field##.

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, epriestley

Differential Revision: https://secure.phabricator.com/D1602
2012-02-13 11:02:46 -08:00
jungejason
5b8577db59 Add documentation for the Owners tool
Summary:
As title.

Please help me to improve the wording!

Test Plan:
generate the documentation from the diviner file; read it; spell
check

Reviewers: epriestley, nh

Reviewed By: nh

CC: aran, dihde14, mpodobnik, prithvi, TomL, epriestley

Differential Revision: https://secure.phabricator.com/D1395
2012-02-11 16:42:18 -08:00
vrana
95feb31fbf Whitespace parameter on Show Raw File is useless
Test Plan: Show Raw File

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, epriestley

Differential Revision: https://secure.phabricator.com/D1600
2012-02-11 09:13:19 -08:00
vrana
63fbd5db04 Avoid double '/' in Phriction URL
Test Plan:
/project/view/11/
Hover Wiki.

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, epriestley

Differential Revision: https://secure.phabricator.com/D1601
2012-02-11 08:48:24 -08:00
Nick Harper
f2636fcb04 Fix spelling mistake in PhabricatorOwnerRelatedListController
Summary: selected was misspelled

Test Plan: none

Reviewers: epriestley, jungejason

Reviewed By: epriestley

CC: aran, epriestley

Differential Revision: https://secure.phabricator.com/D1586
2012-02-10 16:48:14 -08:00
vrana
cd22d837cb Revive added reviewers and ccs
Test Plan: Display revision with added reviewers.

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, epriestley

Differential Revision: https://secure.phabricator.com/D1598
2012-02-10 11:48:57 -08:00
epriestley
ecd4b03a4e Unbreak OAuth Registration
Summary:
@vrana patched an important external-CSRF-leaking hole recently (D1558), but
since we are sloppy in building this form it got caught in the crossfire.

We set action to something like "http://this.server.com/oauth/derp/", but that
triggers CSRF protection by removing CSRF tokens from the form. This makes OAuth
login not work.

Instead, use the local path only so we generate a CSRF token.

Test Plan: Registered locally via oauth.

Reviewers: vrana, btrahan

Reviewed By: vrana

CC: aran, epriestley, demo

Maniphest Tasks: T853

Differential Revision: https://secure.phabricator.com/D1597
2012-02-08 13:42:48 -08:00
vrana
8482569a47 Add line link to Paste
Summary: Better something than nothing.

Test Plan: View paste, click on line number.

Reviewers: codeblock, epriestley

Reviewed By: epriestley

CC: aran, epriestley

Differential Revision: https://secure.phabricator.com/D1596
2012-02-08 10:54:57 -08:00
epriestley
a1c20638fa Add very very basic reporting to Maniphest
Summary: Rough cut for Quora, we want this too eventually but it's super basic
right now so I'm not linking it anywhere. Once we get a couple more iterations
I'll put it in the UI.

Test Plan: Looked at stats for test data.

Reviewers: btrahan

Reviewed By: btrahan

CC: anjali, aran, epriestley

Differential Revision: https://secure.phabricator.com/D1594
2012-02-08 09:47:14 -08:00
epriestley
7a5ec015d9 Split "Create Another Task" button into "Similar Task" and "Empty Task"
Summary: Looping on this interface is pretty useful but you don't always want to
keep the projects/owners.

Test Plan: Clicked both buttons.

Reviewers: btrahan

Reviewed By: btrahan

CC: anjali, aran, epriestley

Differential Revision: https://secure.phabricator.com/D1593
2012-02-08 09:44:22 -08:00
epriestley
3f46d30e8f Replace home directory list with a dashboard
Summary:
Rough cut that still needs a lot of polish, but replace the directory list with
more of a dashboard type thing:

  - Show "Unbreak Now", triage-in-your-projects, and other stuff that you're
supposed to deal with, then feed.
  - Move tools a click a way behind nav -- this also lets us put more stuff
there and subtools, etc., later.
  - Remove tabs.
  - Merge the category/item editing views.
  - I also added a light blue wash to the side nav, not sure if I like that or
not.

Test Plan:
  - Viewed all elements in empty and nonempty states.
  - Viewed applications, edited items/categories.

Reviewers: btrahan, aran

Reviewed By: btrahan

CC: aran, epriestley, davidreuss

Maniphest Tasks: T21, T631

Differential Revision: https://secure.phabricator.com/D1574
2012-02-07 16:04:48 -08:00
vrana
3e3f73235c Break all old differential comment anchors
Test Plan: Display revision, verify text, click on links.

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, epriestley

Maniphest Tasks: T845

Differential Revision: https://secure.phabricator.com/D1591
2012-02-07 15:19:39 -08:00
epriestley
4caa684724 Simplify Project status field
Summary:
This was a sort of speculative feature added by a contributor some time ago and
just serves as a label; for now, simplify it into "active" and "archived" and
remove "archived" projects from the "active" list.

  - Fix a bug where we'd publish a "renamed from X to X" transaction that had no
effect.
  - Publish stories about status changes.
  - Remove the "edit affiliation" controller, which has no links in the UI
(effectively replaced by join/leave links).
  - Add query/conduit support.

Test Plan: Edited the status of several projects.

Reviewers: btrahan

Reviewed By: btrahan

CC: aran, epriestley

Maniphest Tasks: T681

Differential Revision: https://secure.phabricator.com/D1573
2012-02-07 14:59:38 -08:00
epriestley
a5f8846f47 Use a unique random key to identify queries, not a sequential ID
Summary:
We save search information and then redirect to a "/search/<query_id>/" URI in
order to make search URIs short and bookmarkable, and save query data for
analysis/improvement of search results.

Currently, there's a vague object enumeration security issue with using
sequential IDs to identify searches, where non-admins can see searches other
users have performed. This isn't really too concerning but we lose nothing by
using random keys from a large ID space instead.

  - Drop 'authorPHID', which was unused anyway, so searches can not be
personally identified, even by admins.
  - Identify searches by random hash keys, not sequential IDs.
  - Map old queries' keys to their IDs so we don't break any existing bookmarked
URIs.

Test Plan: Ran several searches, got redirected to URIs with random hashes from
a large ID space rather than sequential integers.

Reviewers: arice, btrahan

Reviewed By: arice

CC: aran, epriestley

Differential Revision: https://secure.phabricator.com/D1587
2012-02-07 14:58:46 -08:00
epriestley
47631530a5 Remove admin requirement from MetaMTASendGridReceiveController
Summary:
This got caught in the crossfire when we admin-only'd the whole MetaMTA tool. It
should not be admin only.

(Generally, we should probably separate this out better at some point.)

Test Plan: Hit /mail/sendgrid/ as a logged-out, non-admin user (like SendGrid
does).

Reviewers: s, btrahan

Reviewed By: s

CC: aran, epriestley

Differential Revision: https://secure.phabricator.com/D1588
2012-02-06 19:31:20 -08:00
vrana
18ba5fa0ad Separate field for branch in revision
Summary:
The main purpose of this change is to allow selecting the branch by
triple-click.
Plus it is not perfectly clear that the text in brackets means branch.

Test Plan: Display revision.

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, epriestley

Differential Revision: https://secure.phabricator.com/D1585
2012-02-06 17:28:46 -08:00
epriestley
36e72639de Reduce visibility of "Host" and "Path" Differential fields by default
Summary:
See discussion in T838. These fields expose information which it isn't necessary
or useful to expose in the general case.

  - Disable fields by default, allow them to be enabled in config (these fields
were useful for me at Facebook when I had access to all the machines).
  - Remove 'sourcePath' from Conduit methods other than differential.query.
  - Condition 'sourcePath' field in Conduit on the caller being the revision
author. This is a bit hacky but not so awful.

Test Plan:
  - Verified fields are gone by default and restored by configuration.
  - Verified Conduit no longer returns these fields other than
differential.query.
  - Verified field presence/absence according to authorship in
differential.query.
  - Grepped around in arcanist to make sure we aren't relying on sourcePath.
There's a workflow in "arc merge" that technically might hit it, but I think
it's unreachable, definitely irrelvant (we never use source path as a
distinguisher under git/hg, and can't 'arc merge' in SVN) and it's going away
Real Soon Now anyway.

Reviewers: btrahan, arice

Reviewed By: arice

CC: aran, epriestley

Maniphest Tasks: T838

Differential Revision: https://secure.phabricator.com/D1582
2012-02-06 12:14:07 -08:00
vrana
15f6216634 Fix displaying of raw files in Differential
Summary:
See D1533#5.
Also deduplicates logic of what is stored to blob in ArcanistDiffWorkflow.

Blame Rev: D1533

Test Plan:
Display raw version of text file.
Display raw version of image.

Reviewers: epriestley, nh

Reviewed By: epriestley

CC: aran, epriestley

Differential Revision: https://secure.phabricator.com/D1583
2012-02-06 12:05:37 -08:00
vrana
d65f62d055 Use constants in DifferentialRevisionUpdateHistoryView
Test Plan: Display diff with whitespace changes.

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, epriestley

Differential Revision: https://secure.phabricator.com/D1581
2012-02-06 11:24:06 -08:00
vrana
1ab2a88605 Reorganize escaping in DifferentialRevisionUpdateHistoryView
Summary:
Escaped $id is compared with non-escaped $max_id.
Escaped $id is escaped again in phutil_render_tag().

Note: $id is numeric :-).

Test Plan: Display diff.

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, epriestley

Differential Revision: https://secure.phabricator.com/D1580
2012-02-06 11:22:43 -08:00
vrana
4ee714d404 Use hsprintf() in lint message
Test Plan: Display revision with lint problems

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, epriestley

Differential Revision: https://secure.phabricator.com/D1578
2012-02-06 10:10:13 -08:00
vrana
be424bf381 Utilize hsprintf() in OAuth
Test Plan: /oauth/facebook/login/?error=<a>

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, epriestley

Differential Revision: https://secure.phabricator.com/D1577
2012-02-04 21:14:06 -08:00
vrana
7a0337054b Add Owners search to Diffusion
Test Plan:
/diffusion/X/browse/:/file
Click Search Owners.

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, epriestley

Differential Revision: https://secure.phabricator.com/D1572
2012-02-04 10:23:36 -08:00
vrana
0f2d2201ce Search owners by repository
Summary: I've chosen passing callsign even if it is more complicated because it
is nicer than PHID and can be written by hand.

Test Plan:
Search without repository.
Search with repository.

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, epriestley

Differential Revision: https://secure.phabricator.com/D1571
2012-02-04 10:22:38 -08:00
vrana
6cb5db60d5 Display compatible inline comments (usually synthetic) on the same row
Summary:
This just looks silly:
{F8088, size=full}

It runs in O(N*N) but it's not a big deal because there are usually only few
comments per line.
I didn't implement it for images.

Test Plan:
View revision with compatible inline comments in two diffs.
View revision with different inline comments on same line in two diffs.

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, epriestley

Differential Revision: https://secure.phabricator.com/D1570
2012-02-04 10:20:37 -08:00
epriestley
de7aa2186c Resolve great internal confusion about left vs right inline comments
Summary:
This code was just all kinds of wrong, but got all the common cases anyone cares
about correct.

  - In edit-inline-comments.js, if isOnRight() is true, use data.right, not
data.left (derp).
  - Set data.left correctly, not to the same value as data.right (derp derp).
  - Set "isNewFile" based on $is_new, not $on_right (derp derp derp).

Test Plan:
 - Added JS debugging code to print "OLD" vs "NEW" and "LEFT" vs "RIGHT".
Clicked the left and right sides of diff-vs-base and diff-vs-diff diffs,
verified output was accurate in all cases.
 - Added comments to the left-display-side of a diff-of-diffs, saved them, they
showed up where I put them.

Reviewers: btrahan, vrana

Reviewed By: btrahan

CC: aran, epriestley

Maniphest Tasks: T543

Differential Revision: https://secure.phabricator.com/D1567
2012-02-03 15:26:47 -08:00
Bob Trahan
e15b3fc6f3 Clean up initialization of Differential Show More Behavior in Maniphest
Summary:
add a static variable to the method and use it so we don't init more
than once!

Test Plan:
add a "phlog" and noted only init'd one time.   verified "show more"
links worked correctly.

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, epriestley

Maniphest Tasks: T666

Differential Revision: https://secure.phabricator.com/D1553
2012-02-03 13:58:58 -08:00
vrana
b7e0f97d33 Use GET form in Owners search
Summary:
The form doesn't perform any action, only displays data.
URL wouldn't exceed its maximum length.
Bookmarking results can be useful.
Linking from other pages can be even more useful.
Also browsing through history is more fluent.

Test Plan:
Search by path.
Search by owner.

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, epriestley

Differential Revision: https://secure.phabricator.com/D1559
2012-02-03 09:32:31 -08:00
vrana
67ea5a0b61 Search by full path in Owners
Summary:
Search tool currently allows only searching by substring which is useful.
But searching by the full path (for packages in which the path is contained) is
probably even more useful.

NOTE: I used a trick to perform the search by superstring.

Packages containing path '/' are found always which could seem strange but it is
correct after all.

Test Plan:
Search for /src/x/a.php. Found package with path /src/x/.
Search for /src/. Found package with path /src/x/.

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, epriestley

Differential Revision: https://secure.phabricator.com/D1560
2012-02-03 09:32:12 -08:00
vrana
17b6649552 Add link to path in Owners package list
Summary: Also changes rCALL in package detail to bold CALL.

Test Plan:
/owners/view/all/, click on link
/owners/package/1/

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, epriestley

Differential Revision: https://secure.phabricator.com/D1550
2012-02-02 18:36:19 -08:00
vrana
fe4d717cc7 Escape result of PhabricatorOAuthProvider::getProviderName()
Test Plan: /settings/page/facebook/

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, epriestley

Differential Revision: https://secure.phabricator.com/D1556
2012-02-02 18:35:45 -08:00
vrana
339369dc36 Github is actually GitHub
Test Plan: none

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, epriestley

Differential Revision: https://secure.phabricator.com/D1557
2012-02-02 17:47:04 -08:00
David Reuss
c3281c8757 Add conduit feed.query method
Summary: This is not totally done yet, and i'm submitting for feedback.

Test Plan: Played with various settings in local conduit console.

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, epriestley

Maniphest Tasks: T790

Differential Revision: https://secure.phabricator.com/D1555
2012-02-02 16:44:13 -08:00
David Reuss
8df14b8505 Add remarkup.process conduit method
Summary: This exposes a few remarkup engines over conduit.

Test Plan:
Local conduit console, and playing with

  'cat example.json | arc call-conduit remarkup.process'

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, epriestley

Differential Revision: https://secure.phabricator.com/D1551
2012-02-02 16:43:37 -08:00
epriestley
a15130b47c Add a maintenance script for reconciling repositories to disk state
Summary:
@rguerin ran into an issue in his install where Phabricator appears to have
discovered commits which no longer exist, and thus is failing to proceed with
its repository import.

It's not clear how we got into this state. Previously, it was possible by, e.g.,
parsing a different repository's working copy and then switching them back, but
there are now safeguards against that.

I'm taking a three-pronged approach to try to sort this out:

  - Provide a script to get out of this state (this script) and reconcile
Phabricator's view of a repository with an authoritative copy of it. This
basically "un-discovers" any discovered commits which don't actually exist (any
queued tasks to parse them will fail permanently when they fail to load the
commit object).
  - Add more logging to the discovery daemon so we can figure out where commits
came from.
  - Improve Diffusion's UI when stuff is partially discovered (T776).

(This script should also clean up some nonsense on secure.phabricator.com from a
botched Diviner import.)

Test Plan: Ran "reconcile.php" with bogus commits and bogus differential/commit
links, had them expunged. Will work with @rguerin to see if this resolves
things.

Reviewers: btrahan, rguerin

Reviewed By: btrahan

CC: aran, epriestley

Differential Revision: https://secure.phabricator.com/D1552
2012-02-02 16:03:50 -08:00
epriestley
c86dfd84d9 Wrap basic diff/revision association in a transaction
Summary:
This doesn't cover every case exhaustively (see comments) but should cover like
98% of the practical cases.

This makes one workflow modification: willWriteRevision() was previously
guaranteed to have a revisionID / revisionPHID and no longer is. I verified that
no field implementations depend on this behavior. Fields which depend on IDs
should be using didWriteRevision() instead.

Test Plan: Inserted a "throw" into the middle of the transactions and created
revisions; they didn't orphan. Created revisions normally, they worked
correctly.

Reviewers: btrahan, nh

Reviewed By: btrahan

CC: aran, epriestley

Maniphest Tasks: T605

Differential Revision: https://secure.phabricator.com/D1541
2012-02-02 16:03:44 -08:00
vrana
33fb7117ae XSS in Owners
Test Plan: Display /owners/view/search/ for repository with callsign <i>hack</i>

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, epriestley

Differential Revision: https://secure.phabricator.com/D1549
2012-02-02 12:31:23 -08:00
Nick Harper
c3543c80cd Fix conduit host check
Summary:
conduit was using getProductionURI instead of getURI for checking that the
request was sent to the correct host, which causes problems in some dev
environments

Test Plan:
  echo '{}' | arc call-conduit --conduit-uri=mydevserver

where my dev server is configured with phabricator.production-uri pointing to
prod instead of my devserver

Reviewers: epriestley, btrahan, jungejason

Reviewed By: epriestley

CC: aran, epriestley

Differential Revision: https://secure.phabricator.com/D1543
2012-02-02 11:38:14 -08:00
vrana
82c6f275bd Add links to empty result in Diffusion
Summary: I think that these are the only links that are useful - commit which
deleted the path and last version of the path.

Test Plan: Display deleted path, click on links.

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, epriestley

Differential Revision: https://secure.phabricator.com/D1536
2012-02-01 11:57:48 -08:00
epriestley
29337a9b3a Minor, add "cov" class to inline comment <td /> so new files with lint in them do not go crazy. 2012-01-31 18:30:22 -08:00
Nick Harper
28c9607fd0 Provide better UX when trying to view binary file from differential
Summary:
When a user selects "show raw file (right)" from the dropdown of a binary file
in differential, they should get more than a blank page.

Test Plan: Loaded a raw binary file from differential

Reviewers: tuomaspelkonen, epriestley, jungejason

Reviewed By: epriestley

CC: aran, epriestley

Differential Revision: https://secure.phabricator.com/D1533
2012-01-31 17:24:21 -08:00
epriestley
8b4c057c75 Disable personal Herald rules from invalid owners
Summary: Since mailing list rules are now "global", don't run "personal" rules
for disabled/invalid users.

Test Plan: Added a personal rule that matches every revision for a test user.
Created a revision, checked transcript, rule matched. Disabled user, updated
revision, checked transcript, rule got auto-disabled.

Reviewers: btrahan, jungejason, nh, xela

Reviewed By: btrahan

CC: aran, epriestley

Differential Revision: https://secure.phabricator.com/D1517
2012-01-31 12:11:31 -08:00
epriestley
5954ae84aa Improve Herald personal/global UI/UX
Summary:
  - Default "personal" vs "global" choice to "personal".
  - Don't show global rules under "My Rules".
  - After editing or creating a global rule, redirect back to global rule list.
  - Use radio buttons for "personal" vs "global" and add captions explaining the
difference.
  - For "global" rules, don't show the owner/author in the rule detail view --
they effectively have no owner (see also D1387).
  - For "global" rules, don't show the owner/author in the rule list view, as
above.
  - For admin views, show rule type (global vs personal).

Test Plan:
  - Created and edited new global and personal rules.
  - Viewed "my", "global" and "admin" views.

Reviewers: btrahan, jungejason, nh, xela

Reviewed By: btrahan

CC: aran, epriestley

Differential Revision: https://secure.phabricator.com/D1518
2012-01-31 12:09:29 -08:00
epriestley
1e9492f8c2 Show coverage information in Differential
Summary:
Render coverage information in the right gutter, if available.

We could render some kind of summary report deal too but this seems like a good
start.

Test Plan:
  - Looked at diffs with coverage.
  - Looked at diffs without coverage.
  - Used inline comments, diff-of-diff, "show more", "show entire file", "show
generated file", "undo". Nothing seemed disrupted by the addition of a 5th
column.

Reviewers: btrahan, tuomaspelkonen, jungejason

Reviewed By: btrahan

CC: zeeg, aran, epriestley

Maniphest Tasks: T140

Differential Revision: https://secure.phabricator.com/D1527
2012-01-31 12:07:47 -08:00
epriestley
3d7a1d936c Fix issue where all rows in "Revision Update History" render the same base
Summary: We were not correctly updating $diff as we iterated through the loop.

Test Plan: Viewed a revision several diffs that had differing base revision.

Reviewers: fratrik, btrahan

Reviewed By: fratrik

CC: aran, epriestley

Differential Revision: https://secure.phabricator.com/D1523
2012-01-31 12:07:41 -08:00
Bob Trahan
2c3a08b37b Owners -- kill tabs
Summary:
pretty standard MO, but a little tricky in that we dynamically pre-pend
filters for "new", "edit", "search results" and "details" use cases.

Test Plan:
clicked around owners a bunch and verified proper filters showed up
and that when clicked they worked as expected

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, epriestley

Maniphest Tasks: T631

Differential Revision: https://secure.phabricator.com/D1516
2012-01-31 11:06:20 -08:00
vrana
deed4ffed0 Don't output empty summary in e-mails
Summary:
Reviews with empty summary are rendered like this:

  Reviewers: ...

  TEST PLAN

Test Plan:
Use empty summary.
Use non-empty summary.

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, epriestley

Differential Revision: https://secure.phabricator.com/D1528
2012-01-31 10:41:31 -08:00
epriestley
7bee68a763 Document configuration of external editor links
Summary: Provide some documentation for this feature since it's not super
obvious how it works.

Test Plan: Generated documentation, read documentation.

Reviewers: btrahan, vrana, jungejason, nh

Reviewed By: vrana

CC: aran, epriestley

Differential Revision: https://secure.phabricator.com/D1521
2012-01-30 15:56:42 -08:00
awyler
56df2bc7be Add basic edit history to herald rules
Summary:
Add a very basic edit history table to herald rules.  This table is updated
whenever saving a herald rule.  The contents of the save are not examined, and
the edit history contains no information about the rule itself *yet*.  Edit
history can be viewed by anyone through /herald/history/<rule id>/.

Task ID: #

Blame Rev:

Test Plan:
Made a test rule, saved some stuff.

Revert Plan:

Tags:

Reviewers: epriestley, jungejason

Reviewed By: epriestley

CC: zizzy, aran, xela, epriestley

Differential Revision: https://secure.phabricator.com/D1387
2012-01-30 11:52:44 -08:00
epriestley
780397aa71 Resolve link framing issue for public feed
Summary:
  - Use $this->linkTo($phid) to render all links.
  - Simplify code.

Test Plan: Public feed renders with 'target="_top"' links. Nonpublic feed
doesn't. Looked at a bunch of feed stories, none seem broken.

Reviewers: btrahan, aran, nh, jungejason, ide

Reviewed By: btrahan

CC: aran, epriestley

Maniphest Tasks: T453

Differential Revision: https://secure.phabricator.com/D1514
2012-01-30 04:12:15 -08:00
Bob Trahan
5755830faa Make Differential comments be styled similarly to Maniphest comments
Summary:
This diff restructures the DOM and alters some CSS within differential.
Original goal was to unify these codepaths more fully into a base class or
classes, but they have quite a bit of custom code such that didn't feel too
compelling in practice.   It also felt related to feed stories as I thought
about the more general version(s) of this code...

Also deleted some CSS from maniphest that wasn't doing anything.

Test Plan:
looked at a differential diff and liked what I saw.   spent a bunch
of time trying out different types of comments and etc.

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, epriestley

Maniphest Tasks: T803

Differential Revision: https://secure.phabricator.com/D1513
2012-01-29 16:18:10 -08:00
Bob Trahan
5caf9fb6da Conduit -- kill tabs
Summary:
this has a single side nav now.   added a Utilites section below the methods
which houses Logs and Token.

On logs I ended up deleting this whole concept of "view" and the existing side
nav -- I think there were plans to add a way to filter down to subset of the
conduit calls.  For logs, I envision that being a separate first class tool when
/ if we think we need additional complexity.

On token I made the form FULL so it was like the rest of the views in this page.

Test Plan:
looks good!   clicked on a few methods and it worked!  clicked on the
logs and they were there!  clicked on the pager within the logs and it worked!
checked out the token page and it looked good too.

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, epriestley

Maniphest Tasks: T631

Differential Revision: https://secure.phabricator.com/D1499
2012-01-29 13:41:10 -08:00
epriestley
76dac260e7 Fix iframe issue for XHProf DarkConsole plugin
Summary:
While sort of gross, this seems fairly reasonable overall? I guess?

(This patch clearly does more good than harm, although it could just do the good
without the harm.)

Test Plan: Clicked XHProf links from the frame and from the /xhprof/ tool.

Reviewers: btrahan, aran, jungejason, ide

Reviewed By: btrahan

CC: aran, epriestley

Maniphest Tasks: T453

Differential Revision: https://secure.phabricator.com/D1498
2012-01-28 11:17:19 -08:00
vrana
073b80c505 Add title="" for Blame previous revision glyph
Summary: Adds 7th parameter :-(.

Test Plan: Display blame.

Reviewers: jungejason, epriestley

Reviewed By: epriestley

CC: aran, epriestley

Differential Revision: https://secure.phabricator.com/D1509
2012-01-27 14:09:10 -08:00
epriestley
bbf69309c0 Remove the "arc export" field from Differential revisions by default
Summary: This is kind of confusing (you need to specify an export format) and
not very useful now that "arc patch" has gotten pretty good. I'm leaving the
field itself in case installs want to add it back or otherwise depend on it.

Test Plan: Looked at a revision, wasn't told to export it.

Reviewers: nh, btrahan, jungejason

Reviewed By: nh

CC: aran, epriestley

Differential Revision: https://secure.phabricator.com/D1507
2012-01-27 13:02:11 -08:00
epriestley
f009d5cdcb Minor, silence a type warning for differential.getcommitmessage on --create workflow. 2012-01-26 11:33:25 -08:00
Jason Ge
b4053190ec Fix two issues in owners worker
Summary:
Fix two issues in PhabricatorRepositoryCommitOwnersWorker:

- if a commit was reviewed by some owner of the package, it should not be
  marked as needing audit
- do not run herald worker when it is not needed (for example, when the
  worker is executed from reparse.php)

Test Plan:
reparse a commit which is reviewed by the owner of a package
and verify that it is not marked as needing audit, and herald is not
executed.

Reviewers: nh, epriestley

Reviewed By: epriestley

CC: aran, epriestley

Differential Revision: https://secure.phabricator.com/D1496
2012-01-26 11:02:42 -08:00
epriestley
dbd91d6818 Allow differential.query to find accepted and committed revisions; fix a fatal
Summary:
  - Expose existing 'committed' filter.
  - Add an 'accepted' filter.
  - Fix a fatal where $repository may not be defined (for diffs not linked to a
repository).

Test Plan: Ran accepted / committed queries. Viewed a previously fataling diff.

Reviewers: btrahan, vrana, Makinde

Reviewed By: Makinde

CC: Koolvin, aran, epriestley

Differential Revision: https://secure.phabricator.com/D1490
2012-01-25 14:50:34 -08:00
epriestley
5b463e634c Write fewer "applied" rows and clean up excess historical rows
Summary:
  - Only write the <ruleID, phid> row if the rule is a one-time rule.
  - Delete all the rows for rules which aren't one-time.

NOTE: This is probably like several million rows for Facebook and could take a
while.

Test Plan:
Added some one-time and every-time rules, ran them against objects, verified
only relevant rows were inserted.
Ran upgrade script against a database with one-time and every-time "ruleapplied"
rows, got the irrelevant rows removed.

Reviewers: nh, btrahan, jungejason

Reviewed By: btrahan

CC: aran, epriestley

Differential Revision: https://secure.phabricator.com/D1484
2012-01-25 11:53:39 -08:00
epriestley
cb0bb8165d Add a Join / Leave button to Projects
Summary: Make it easy to join or leave (well, slightly less easy) a project.
Publish join/leave to feed. Fix a couple of membership editor bugs.

Test Plan: Joined, left a project.

Reviewers: btrahan, jungejason

Reviewed By: btrahan

CC: aran, epriestley

Maniphest Tasks: T681

Differential Revision: https://secure.phabricator.com/D1485
2012-01-25 11:51:20 -08:00
epriestley
add1ae945d Use setConcreteOnly() in Phabricator and only list/launch concrete Daemons
Summary: We currently allow you to launch abstract daemons; use
setConcreteOnly() to only list/launch concrete daemons.

Test Plan: Ran "phd list" (no abstract daemons listed), "phd launch
PhabricatorRepositoryCommitDiscoveryDaemon" (reasonable error message).

Reviewers: btrahan, jungejason

Reviewed By: btrahan

CC: aran, epriestley

Maniphest Tasks: T801

Differential Revision: https://secure.phabricator.com/D1487
2012-01-25 11:50:59 -08:00
Bob Trahan
16bcd5112a Add a description preview to maniphest create / edit panel
Summary: also fixes a small bug where the page title was always "Create Task".
switch it to the header name which is much more descriptive / correct IMO.

Test Plan:
created a new task and watched the description preview update.
edited an old task and saw the description preview populate with the correct
existing data.
edited an old task and edited the description and saw the description preview
update

Reviewers: epriestley

CC: aran, epriestley

Differential Revision: https://secure.phabricator.com/D1489
2012-01-25 11:28:08 -08:00
epriestley
3142fe4419 Remove massive "rule applied" query
Summary:
Herald rules may be marked as "one-time". We track this by writing a row with
<ruleID, phid> when we apply a rule.

However, the current test for rule application involves loading every <ruleID,
*> pair. We also always write this row even for rules which are not one-time, so
if there are 100 rules, we'll load 1,000,000 rows after processing 10,000
objects.

Instead, load only the <phid, *> pairs, which are guaranteed to be bounded to at
most the number of rules.

I'll follow up with a diff that causes us to write rows only for one-time rules,
and deletes all historic rows which are not associated with one-time rules.

Test Plan:
Grepped for callsites to loadAllByContentTypeWithFullData(). Ran
rules in test console.

Reviewers: nh, btrahan, jungejason

Reviewed By: nh

CC: aran, epriestley

Differential Revision: https://secure.phabricator.com/D1483
2012-01-24 19:29:54 -08:00
vrana
067c7f8a74 Display links to editor in Differential and Diffusion
Summary:
It is possible to open a file in editor by registering a custom URI scheme
(pseudo-protocol). Some editors register it by default.
Having links to open the file in external editor is productivity booster
although it is a little bit harder to set up.
There are several other tools using file_link_format configuration directive
(XDebug, Symfony) to bind to this protocol.
I've added the example with editor: protocol which can be used as a proxy to
actual editor (used by Nette Framework:
http://wiki.nette.org/en/howto-editor-link).

Test Plan:
Configure Editor Link in User Preferences.
Register URI scheme in OS.
Open a file in Diffusion. Click on the Edit button.
Open a revision in Differential. Click on the Edit button.

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, epriestley

Differential Revision: https://secure.phabricator.com/D1422
2012-01-24 10:42:33 -08:00
vrana
79218b6e47 Factor out DifferentialDiffTableOfContentsView::renderChangesetLink()
Summary:
Links from lint errors for large diffs don't work.
This diff adds TODO for it because I am not sure how to do it.
Move of changeset links rendering to a separate method would be still useful.

Test Plan:
Display ToC of large diff, verify link.
Repeat for small diff.

Reviewers: tuomaspelkonen, epriestley

Reviewed By: epriestley

CC: aran, epriestley

Differential Revision: https://secure.phabricator.com/D1476
2012-01-24 10:42:01 -08:00
vrana
28a5f9f44d Display comment title as title instead of body with inline comments
Test Plan: Display revision containing comments with no content but with inline
comments.

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, epriestley

Differential Revision: https://secure.phabricator.com/D1474
2012-01-24 10:41:47 -08:00
vrana
32fc92bdb9 Display title for lint and unit stars in Revision Update History
Test Plan:
Display revision with different lint and unit results.
Hover over the stars.

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, epriestley

Differential Revision: https://secure.phabricator.com/D1475
2012-01-24 10:41:31 -08:00
epriestley
97820b2ff7 Add branch queries to differential.query
Summary: This enables some improvements in D1478. Allow revisons to be queried
by the branch which they appear on.

Test Plan: Queried revisions by branch. Ran "arc which" branch queries in SVN
and Mercurial.

Reviewers: btrahan, cpiro, jungejason

Reviewed By: btrahan

CC: aran, epriestley

Maniphest Tasks: T787

Differential Revision: https://secure.phabricator.com/D1479
2012-01-24 09:44:59 -08:00
epriestley
b43eb5aa7c Add transaction-oriented editing to projects
Summary:
  - Make some editing operations transaction-oriented, like Maniphest. (This
seems to be a good model, particularly for extensibility.) I'll move the rest of
the editing operations to transactions in future diffs.
  - Make transaction-oriented operations publish feed stories.

Test Plan:
  - Created a new project.
  - Edited an existing project.
  - Created a new project via quick create flow from Maniphest.
  - Verified feed stories publish correctly.

Reviewers: btrahan, jungejason

Reviewed By: btrahan

CC: aran, epriestley

Maniphest Tasks: T681

Differential Revision: https://secure.phabricator.com/D1477
2012-01-24 09:44:35 -08:00
epriestley
3c8bb8a608 Fix comment anchor jump highlighting
Summary: I accidentally broke the feature where we highlight comments which are
jumped to via anchor in D1327. We now test that the jump was sucessful by
looking for an item with the anchor ID, but we were only setting 'name'.
Instead, set 'id' as well so the highlighting code detects that the jump was
successful and adds the highlight class.

Test Plan: Clicked "Comment D1234#7" or whatever, got a nice yellow background.

Reviewers: btrahan, nh, jungejason

Reviewed By: btrahan

CC: aran, epriestley

Maniphest Tasks: T796

Differential Revision: https://secure.phabricator.com/D1471
2012-01-24 09:44:20 -08:00
epriestley
7d1f62409d Move resource allocation to task queue
Summary: Run the actual resource allocation for Drydock out-of-process via the
task queue.

Test Plan: Ran "drydock_control.php", saw it insert a task and wait for task
completion. Ran "phd debug taskmaster" and saw it run the task.

Reviewers: btrahan, jungejason

Reviewed By: btrahan

CC: aran, epriestley

Differential Revision: https://secure.phabricator.com/D1470
2012-01-24 09:44:14 -08:00
epriestley
7a9e6af008 Add buttons to delete or free tasks from the queue
Summary: See T709. I also ran into a case in Drydock where this is useful for
testing/development.

Test Plan: Freed lease of a task; deleted a task.

Reviewers: btrahan, jungejason

Reviewed By: btrahan

CC: aran, epriestley

Maniphest Tasks: T709

Differential Revision: https://secure.phabricator.com/D1469
2012-01-24 09:14:06 -08:00
epriestley
51bc18e93f Improve "next steps" text in Differential
Summary:
  - Even for immutable-history Git workflows, we suggest "arc amend". Instead,
suggest "arc amend" or "arc merge" (ideally we'd know which, but we can't
currently get that information).
  - We suggest "arc amend --revision X", but this is less safe and less simple
than "arc amend", especially after D1480.
  - For Mercurial, suggest "arc merge".

Test Plan: Looked at some "Accepted" revisions.

Reviewers: btrahan, jungejason

CC: aran, epriestley

Maniphest Tasks: T662

Differential Revision: https://secure.phabricator.com/D1481
2012-01-24 09:14:04 -08:00
vrana
58f4dc0369 Unify terminology in Differential overview
Summary: You can order by Modified but the table has Updated column.

Test Plan: /differential/filter/reviews/

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, epriestley

Differential Revision: https://secure.phabricator.com/D1472
2012-01-23 17:39:49 -08:00
Nick Harper
76dd84e307 Replace HeraldActionConfig::getActionMap() in HeraldTranscriptController
Summary:
D1449 removed HeraldActionConfig::getActionMap(), but it was still used in
HeraldTranscriptController. This fixes the controller to use the method that
replaced getActionMap.

Test Plan: loaded a herald transcript

Reviewers: epriestley, xela

Reviewed By: epriestley

CC: aran

Differential Revision: https://secure.phabricator.com/D1466
2012-01-23 13:29:44 -08:00
vrana
854ed4ea53 Display link in commit ToC for directories
Summary:
They are present in the document so there is no reason to omit the links to
them.
Similar to D1412.

Test Plan: Display commit.

Reviewers: epriestley

Reviewed By: epriestley

CC: aran

Differential Revision: https://secure.phabricator.com/D1464
2012-01-23 13:23:17 -08:00
vrana
e142c7e26c Improve <title> on Diffusion pages
Test Plan:
Visit /rX123.
Visit /diffusion/X/.

Reviewers: epriestley

Reviewed By: epriestley

CC: aran

Differential Revision: https://secure.phabricator.com/D1463
2012-01-21 01:33:41 -08:00
epriestley
27f52efd37 Minor, fix spelling issues detected by linter. 2012-01-20 07:39:55 -08:00
epriestley
d1ee08b2df Drydock Rough Cut
Summary:
Rough cut of Drydock. This is very basic and doesn't do much of use yet (it
//does// allocate EC2 machines as host resources and expose interfaces to them),
but I think the overall structure is more or less reasonable.

== Interfaces

Vision: Applications interact with Drydock resources through DrydockInterfaces,
like **command**, **filesystem** and **httpd** interfaces. Each interface allows
applications to perform some kind of operation on the resource, like executing
commands, reading/writing files, or configuring a web server. Interfaces have a
concrete, specific API:

  // Filesystem Interface
  $fs = $lease->getInterface('filesystem'); // Constants, some day?
  $fs->writeFile('index.html', 'hello world!');

  // Command Interface
  $cmd = $lease->getInterface('command');
  echo $cmd->execx('uptime');

  // HTTPD Interface
  $httpd = $lease->getInterface('httpd');
  $httpd->restart();

Interfaces are mostly just stock, although installs might add new interfaces if
they expose different ways to interact with resources (for instance, a resource
might want to expose a new 'MongoDB' interface or whatever).

Currently: We have like part of a command interface.

== Leases

Vision: Leases keep track of which resources are in use, and what they're being
used for. They allow us to know when we need to allocate more resources (too
many sandcastles on the existing hosts, e.g.) and when we can release resources
(because they are no longer being used). They also give applications something
to hold while resources are being allocated.

  // EXAMPLE: How this should work some day.
  $allocator = new DrydockAllocator();
  $allocator->setResourceType('sandcastle');
  $allocator->setAttributes(
    array(
      'diffID' => $diff->getID(),
    ));
  $lease = $allocator->allocate();
  $diff->setSandcastleLeaseID($lease->getID());

  // ...

  if ($lease->getStatus() == DrydockLeaseStatus::STATUS_ACTIVE) {
    $sandcastle_link = $lease->getInterface('httpd')->getURI('/');
  } else {
    $sandcastle_link = 'Still building your sandcastle...';
  }
  echo "Sandcastle for this diff: ".$sandcastle_link;

  // EXAMPLE: How this actually works now.
  $allocator = new DrydockAllocator();
  $allocator->setResourceType('host');
  // NOTE: Allocation is currently synchronous but will be task-driven soon.
  $lease = $allocator->allocate();

Leases are completely stock, installs will not define new lease types.

Currently: Leases exist and work but are very very basic.

== Resources

Vision: Resources represent some actual thing we've put somewhere, whether it's
a host, a block of storage, a webroot, or whatever else. Applications interact
through resources by acquiring leases to them, and then getting interfaces
through these leases. The lease acquisition process has a side effect of
allocating new resources if a lease can't be acquired on existing resources
(e.g., the application wants storage but all storage resources are full) and
things are configured to autoscale.

Resources may themselves acquire leases in order to allocate. For instance, a
storage resource might first acquire a lease to a host resource. A 'test
scaffold' resource might lease a storage resource and a mysql resource.

Not all resources are auto-allocate: the entry-level version of Drydock is that
you manually allocate a couple boxes and configure them through the web console.
Then, e.g.,  'storage' / 'webroot' resources allocate on top of them, but the
host pool itself does not autoscale.

Resources are completely stock, they are abstract shells representing any
arbitrary thing.

Currently: Resource exist ('host' only) but are very very basic.

== Blueprints

Vision: Blueprints contain instructions for building interfaces to, (possibly)
allocating, updating, managing, and destroying a specific type of resource in a
specific location. One way to think of them is that they are scripts for
creating and deleting resources. For example, the LocalHost, RemoteHost and
EC2Host blueprints can all manage 'host' resources.

Eventually, we will support more types of resources (storage, webroot,
sandcastle, test scaffold, phacility deployment) and more providers for resource
types, some of which will be in the Phabricator mainline and some of which will
be custom.

Blueprints are very custom and specific to application types, so installs will
define new blueprints if they are making significant use of Drydock.

Currently: They exist but have few capabilities. The stock blueprints do nearly
nothing useful. There is a technically functional blueprint for host allocation
in EC2.

== Allocator

This is just the actual code to execute the lease acquisition process.

Test Plan: Ran "drydock_control.php" script, it allocated a machine in EC2,
acquired a lease on it, interfaced with it, and then released the lease. Ran it
again, got a fresh lease on the existing resource.

Reviewers: btrahan, jungejason

Reviewed By: btrahan

CC: aran

Differential Revision: https://secure.phabricator.com/D1454
2012-01-19 21:12:57 -08:00
epriestley
8b4b614d15 Show all branches a commit appears on
Summary:
We show the contextual branch (always the repository default branch) when
viewing a commit. Instead, show all branches the commit appears on.

Also pull some of the duplicated DiffusionXQuery stuff into a DiffusionQuery
base class, I'll do a followup to reduce more duplication.

Test Plan: Looked at a commit in Git. My HG and SVN setups are a little borked
so I kind of faked tests in them -- I'm fixing them now.

Reviewers: btrahan, jungejason, fratrik

Reviewed By: btrahan

CC: aran

Maniphest Tasks: T768

Differential Revision: https://secure.phabricator.com/D1458
2012-01-19 21:12:44 -08:00
epriestley
008461a395 Use getBestURI() to set file handle URIs
Summary: getBestURI() = best URI

Test Plan:
It says "best" in the name so it must be the best!

Also in Maniphest emails we'll link you to /view/ even for binaries and other
non-viewable content.

Reviewers: btrahan, jungejason

Reviewed By: btrahan

CC: anjali, aran

Differential Revision: https://secure.phabricator.com/D1461
2012-01-19 17:16:30 -08:00
awyler
6080d74112 Created personal vs. global herald rule distingtion
Summary:
A personal rule only has actions targeting the owner.  Likewise, only they can
edit the rule. OTOH, a global may affect any target and is editable by anyone.

There are no new action types.  Instead, type of the rule modifies the available
targets and the messaging in the ui.  This is beneficial because herald rule
adapters don't need to be aware of the difference between emailing the owner of
a personal rule and emailing an arbitrary user.

This diff sets up the logic and ui for creating personal/global rules.  All
existing rules have been defaulted to global.

TODO: Filter all existing rules into personal/global
TODO: Create a UI for surfacing (relevant?) global rules.

Test Plan:
1. Created a personal rule to email myself.  Created a dumby revision satisfying
the conditions of that rule.  Verified that I recieved a herald email.
2. Removed my adminship, change the owner of a personal rule. verified that I
couldn't edit the rule.
3.Changed rule type to global. verified that I could edit the rule.
4. Verified that admins can edit both global and personal rules.

Reviewers: epriestley, jungejason

Reviewed By: epriestley

CC: aran, zizzy

Differential Revision: https://secure.phabricator.com/D1449
2012-01-19 11:21:49 -08:00
Dave Ingram
3edf60627d Add support for marking files as "generated" by regexp against path
Summary:
Not all auto-generated files can include the magical
"generated" annotation for one reason or another, but they may follow
path rules. This patch allows files to be marked as automatically
generated by matching the path with a regular expression.

Test Plan:
Alter 'differential.generated-paths' setting in config.
Create a new diff that affects a file matching one of those regular
expressions. Verify that Differential marks it as automatically
generated and therefore probably not worth reviewing (in the same way as
the magical "generated" annotation.

Reviewers: epriestley

CC: aran

Differential Revision: https://secure.phabricator.com/D1455
2012-01-19 18:30:19 +00:00
tuomaspelkonen
7f9fb3597d Make updating postponed tests work again for Facebook.
Summary: It was broken by D!352

Test Plan: Praying that it works.

Reviewers: nh, epriestley, andrewjcg

Reviewed By: epriestley

CC: aran

Differential Revision: https://secure.phabricator.com/D1453
2012-01-18 20:46:16 -08:00
epriestley
ad36865e50 Add optional "Re:" prefix to all threaded mail and allow disabling mail about
your own actions

Summary:
  - Mail.app on Lion has cumbersome threading rules, see T782. Add an option to
stick "Re: " in front of all threaded mail so it behaves. This is horrible, but
apparently the least-horrible option.
  - While I was in there, I added an option for T228.

Test Plan:
  - Sent a bunch of threaded and unthreaded mail with varous "Re:" settings,
seemed to get "Re:" in the right places.
  - Disabled email about my stuff, created a task with just me, got voided mail,
added a CC, got mail to just the CC.

Reviewers: btrahan, jungejason

Reviewed By: btrahan

CC: aran, mkjones

Maniphest Tasks: T228, T782

Differential Revision: https://secure.phabricator.com/D1448
2012-01-18 15:20:50 -08:00
awyler
14d16eab17 Enable Phabricator admin to change the owner of a herald rule
Summary:
Added a typeahead in the edit herald rule page that allows an admin or
owner to change the current owner of a rule.  If the typeahead is emptied, the
current owner will remain owner.

Test Plan:
Created a test rule.  Changed the owner.  Deleted the owner in the
typahead. Verified expected behavior.

Reviewers: jungejason, epriestley

Reviewed By: epriestley

CC: aran, jungejason, epriestley, xela

Differential Revision: https://secure.phabricator.com/D1322
2012-01-18 11:59:35 -08:00
epriestley
42ddad1bc8 Add project.query to Conduit
Summary: Add a conduit method to query project information.

Test Plan: Ran method from API test console.

Reviewers: bill, btrahan, jungejason

Reviewed By: btrahan

CC: aran

Maniphest Tasks: T681

Differential Revision: https://secure.phabricator.com/D1444
2012-01-18 09:57:26 -08:00
vrana
6472dbe168 Change fileName to filename
Summary: There are lots of callsites to $changeset->getFilename() so it seemed
easier to rename getFileName() to getFilename() even if it includes database
change. Plus I think that getFilename() is better.

Test Plan:
Alter database.
Open revision.

Reviewers: epriestley

Reviewed By: epriestley

CC: aran

Differential Revision: https://secure.phabricator.com/D1437
2012-01-17 10:50:14 -08:00
epriestley
ef768f9694 Use phutil_utf8_hard_wrap() in Phabricator
Summary: See D1433.

Test Plan: Created a new diff with a line >80chars, observed it wrapping
correctly.

Reviewers: btrahan, jungejason

Reviewed By: btrahan

CC: aran

Differential Revision: https://secure.phabricator.com/D1438
2012-01-17 09:48:58 -08:00
epriestley
e2c75d5dc2 Improve Differential handling of disabled users
Summary:
We currently allow you to assign code review to disabled users, but
should not.

Test Plan:
  - Created revisions with no reviewers and only disabled reviewers, was
appropriately warned.
  - Looked at a disabled user handle link, was clearly informed.
  - Tried to create a new revision with a disabled reviewer, was rebuffed.

Reviewers: btrahan, jungejason

Reviewed By: btrahan

CC: aran

Differential Revision: https://secure.phabricator.com/D1429
2012-01-17 09:27:19 -08:00
jungejason
4faab06c3c Enable herald rule for commits that need auditing
Summary:
enable herald commit rules to have access to auditing info.

Note that the new herald condition I added contains info for the
packages. I thought about using a simpler herald condition like
"Requires audit is true or false" and let it work together with the
existing "Affected package contains any of the package". It doesn't work
because we need the info about the package to decide if the commit
requires audit, but the herald conditions work separately.

Test Plan:
- A commit requiring auditing was detected by a herald rule that checks
  the auditing status
- A commit not requiring auditing was not detected by a herald rule
  which checks auditing status, but was detected by a rule which doesn't
  check the auditing status

Reviewers: epriestley, nh

Reviewed By: epriestley

CC: aran, epriestley

Differential Revision: https://secure.phabricator.com/D1399
2012-01-17 09:13:07 -08:00
epriestley
05ee317555 Remove "parsedHunk" property
Summary: This is never read anywhere and clearly has no effect.

Test Plan: grep

Reviewers: vrana, btrahan, jungejason

Reviewed By: vrana

CC: aran

Differential Revision: https://secure.phabricator.com/D1434
2012-01-17 08:09:56 -08:00
epriestley
8f1c7dc663 Remove some unused nonsense
Summary: These blocks do nothing. end() produces a side effect on the internal
array pointer, but the code does not depend on it.

Test Plan: Reasoned about the code? Also viewed some diffs.

Reviewers: vrana, btrahan, jungejason

Reviewed By: vrana

CC: aran

Differential Revision: https://secure.phabricator.com/D1432
2012-01-17 08:09:45 -08:00
epriestley
2d8b35db93 Remove getDisplayLine()
Summary: No callsites anywhere. Unclear what this method is even supposed to do.

Test Plan: grep

Reviewers: vrana, btrahan, jungejason

Reviewed By: vrana

CC: aran

Differential Revision: https://secure.phabricator.com/D1435
2012-01-17 08:09:38 -08:00
epriestley
96c08a4f37 Put file name in view URI, so downloading it with option-return creates a
usefully-named file

Summary:
If you Command-L + Option-Return to download stuff off, e.g., Paste,
you get "PHID-FILE-ad98abg9bsd9ashbs.txt" in your download folder. Put the file
name in the URI instead, so you get a reasonably named file.

Test Plan: Downloaded some files, got reasonable results.

Reviewers: btrahan, jungejason

Reviewed By: btrahan

CC: aran

Differential Revision: https://secure.phabricator.com/D1427
2012-01-16 17:38:10 -08:00
vrana
f94c05a5bb Declare property
Test Plan: Display revision

Reviewers: epriestley

Reviewed By: epriestley

CC: aran

Differential Revision: https://secure.phabricator.com/D1430
2012-01-16 17:36:11 -08:00
vrana
8bed2f4387 Utilize phutil_render_tag()
Test Plan: Display diff with lint error.

Reviewers: pad, epriestley

Reviewed By: epriestley

CC: aran

Differential Revision: https://secure.phabricator.com/D1428
2012-01-16 17:08:21 -08:00
epriestley
b35ea500cc Allow files to be deleted
Summary:
A couple of people mentioned that they've had users accidentally upload
sensitive files. Allow files to be deleted.

(At some point it might be nice to keep the file handle around and log who
deleted it, but this addresses the immediate problem without needing too much
work.)

Test Plan: Deleted some files.

Reviewers: btrahan, jungejason

Reviewed By: btrahan

CC: aran

Maniphest Tasks: T780

Differential Revision: https://secure.phabricator.com/D1423
2012-01-16 16:15:18 -08:00
vrana
c0592b55d7 Use generic URIs
Summary:
/diffusion/X/history/?copies=0 is same as /diffusion/X/history/
/countdown/1/?chrome=1 is same as /countdown/1/

Test Plan:
Visit /diffusion/X/history/, click on Show/Hide Copies/Branches twice.
Visit /countdown/1/, click on Disable/Enable Chrome twice.

Reviewers: epriestley, tuomaspelkonen

Reviewed By: epriestley

CC: aran

Differential Revision: https://secure.phabricator.com/D1424
2012-01-16 14:53:05 -08:00
epriestley
82c0795e54 Unify logic for username validation
Summary: Revisit of D1254. Don't require lowercase, just standardize the logic.
The current implementation has nonuniform logic -- PeopleEditController forbids
uppercase.

Test Plan: Ran unit tests, see also D1254.

Reviewers: btrahan, jungejason, aran

Reviewed By: btrahan

CC: aran

Differential Revision: https://secure.phabricator.com/D1415
2012-01-16 11:52:59 -08:00
epriestley
f81021fa7f Improve error message for Conduit path problems
Summary:
A few people in IRC have been having issues here recently. If you misconfigure
the IRC bot, e.g., you get a 200 response back with a bunch of login HTML in it.
This is unhelpful.

Try to detect that a conduit request is going to the wrong path and raise a
concise, explicit error which is comprehensible from the CLI.

Also created a "PlainText" response and moved the IE nosniff header to the base
response object.

Test Plan: As a logged-out user, hit various nonsense with "?__conduit__=true"
in the URI. Got good error messages. Hit nonsense without it, got login screens.

Reviewers: btrahan, jungejason

Reviewed By: btrahan

CC: aran

Maniphest Tasks: T775

Differential Revision: https://secure.phabricator.com/D1407
2012-01-16 11:48:21 -08:00
vrana
f109342a7a Display link in Revision ToC for copied or moved files
Summary:
They are present in the document so there is not reason to omit the links to
them.
They sometimes contains changed lines so the link could be actualy useful.

Test Plan: Display ToC of revision with moved and copied files.

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, epriestley, nh

Differential Revision: https://secure.phabricator.com/D1412
2012-01-16 09:10:17 -08:00
vrana
c7997e0a7c Display Show Raw File links in Differential only if the file exists
Test Plan:
Open menu for added file
Open menu for deleted file
Open menu for changed file

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, epriestley

Differential Revision: https://secure.phabricator.com/D1410
2012-01-16 09:08:40 -08:00
epriestley
025cc1376e Fix a fatal on the file info screen
Summary: D1354 added a query for a possibly-empty list -- only show the table if
there are transformations.

Test Plan: Reloaded a previously-fataling page, no fatals. Viewed a file with
transformations, got a list.

Reviewers: davidreuss, btrahan, jungejason

Reviewed By: davidreuss

CC: aran, davidreuss

Differential Revision: https://secure.phabricator.com/D1414
2012-01-16 07:01:23 -08:00
vrana
49a59bd885 Fix XSS in Differential
Test Plan: Display a revision with file copied to ##<b>hack</b>##.

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, epriestley

Differential Revision: https://secure.phabricator.com/D1411
2012-01-15 22:36:14 -08:00
vrana
9ba4f24e93 Send 403 for admin pages without being admin
Summary: I've also moved the response generation for 404 from
##AphrontDefaultApplicationConfiguration## to ##buildResponseString()##

Test Plan:
Visit /
Visit /mail/
Visit /x/

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, epriestley, vrana

Differential Revision: https://secure.phabricator.com/D1406
2012-01-15 17:30:23 -08:00
epriestley
d8bbf55959 Improve behavior when user submits a no-op action in Differential
Summary:
See T730 and the slightly-less-pretty version of this in D1398.

When a user takes an action in Differential that has no effect (for instance,
accepting an already-accepted revision), prompt them:

  Action Has No Effect

  You can not accept this revision because it has already been accepted.

  Do you want to post the feedback anyway, as a normal comment?

                        [Cancel] [Post as Comment]

If they have no comment text, the dialog only says "Cancel".

I think this is probably the best way to balance all the concerns here -- it
might occasionally be a little annoying, but that should be rare, and it should
never be confusing (the current workflow is extremely confusing).

This also fixes the issue where you can add all sorts of CCs who are already
part of the revision, either explicitly or via mentions.

Test Plan:
Posted some has-effect and has-no-effect comments, made different
choices in the dialog, everything seems to work OK?

Reviewers: vrana, btrahan, jungejason

Reviewed By: vrana

CC: aran, vrana

Maniphest Tasks: T730

Differential Revision: https://secure.phabricator.com/D1403
2012-01-15 03:44:09 -08:00
vrana
4cff02dcc0 Add BRANCH to Accepted and Needs Revision e-mails
Summary:
I always forget a branch which I used for the diff so that I must open
my browser which takes some time. This diff adds the name of the branch to the
sent e-mails. But only if the diff is in the state Accepted or Needs Revision to
not pollute other e-mails.

Test Plan:
Comment
Request changes
Accept
Look at the e-mails

Reviewers: epriestley

Reviewed By: epriestley

CC: olivier, aran, epriestley, vrana

Differential Revision: https://secure.phabricator.com/D1396
2012-01-14 11:12:28 -08:00
vrana
c6febdfc52 Add link from lint error to code
Test Plan:
Display diff with lint errors
Click on a line number in lint errors overview

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, epriestley

Differential Revision: https://secure.phabricator.com/D1400
2012-01-14 11:11:17 -08:00
vrana
5cf6d788ce Don't add author and reviewers to CCs
Summary:
Commenting on a diff causes adding the writer to the CCs. It doesn't make much
sense if the writer is author or reviewer who get all the copies anyway.

I've also moved the decision to DifferentialCommentEditor.

Test Plan:
Comment on a diff where I am author
Comment on a diff where I am reviewer
Comment on a diff where I am neither
Explicitely Add CCs where I am author

Reviewers: epriestley

Reviewed By: epriestley

CC: jungejason, aran, epriestley

Differential Revision: https://secure.phabricator.com/D1397
2012-01-14 11:10:40 -08:00
epriestley
cedb0c045a Lock down accepted next URI values for redirect after login
Summary:
I locked this down a little bit recently, but make
double-extra-super-sure that we aren't sending the user anywhere suspicious or
open-redirecty. This also locks down protocol-relative URIs (//evil.com/path)
although I don't think any browsers do bad stuff with them in this context, and
header injection URIs (although I don't think any of the modern PHP runtimes are
vulnerable).

Test Plan:
  - Ran tests.
  - Hit redirect page with valid and invalid next URIs; was punted to / for
invalid ones and to the right place for valid ones.

Reviewers: btrahan, jungejason

Reviewed By: btrahan

CC: arice, aran, epriestley, btrahan

Differential Revision: https://secure.phabricator.com/D1369
2012-01-13 11:58:45 -08:00
Bob Trahan
cf61f0e32d Adding an "ssh" client for conduit
Summary: ..."ssh" is in quotes 'cuz this is step 1 and there's no ssh in sight
at the moment.

Test Plan:
ran api.php PHID-USER-xee4ju2teq7mflitwfcs differential.query a few times...
 - tried valid input, it worked!
 - tried bad input, it worked in that it failed and told me so!
ran api.php crap_user differential.query a few times...
 - verified error message with respect to crap_user
ran api.php PHID-USER-xee4ju2teq7mflitwfcs crap_method a few times...
 - verified error message with respect to crap_method
visited http://phabricator.dev/conduit/method/differential.query a few times...
 - tried valid input, it worked!

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, btrahan, epriestley

Maniphest Tasks: T550

Differential Revision: https://secure.phabricator.com/D1357
2012-01-13 11:54:13 -08:00
epriestley
04eb1f98e2 Always mark revisions as "updated" when users comment on them
Summary: See T773 and the explanatory inline comment.

Test Plan: Made no-action comments and comments that did something (reject, plan
changes) to revisions. Saw them always jump to the top of the action list.

Reviewers: jungejason, simpkins, btrahan

Reviewed By: jungejason

CC: aran, jungejason

Maniphest Tasks: T773

Differential Revision: https://secure.phabricator.com/D1386
2012-01-12 20:08:26 -08:00
epriestley
f5e1e3377c Add basic draft support to Phriction
Summary:
  - When a user is creating a Phriction document, save a draft as
"phriction:<slug>".
  - When a user is editing a Phriction document, save a draft as "<document
phid>:<document version>".
  - If a user has an available draft, use that instead of the native content.
  - If using a draft, tell the user and give them an option to discard it.
  - If a page is updated, your draft is lost (we show new page content
unconditionally) but this should be rare and is the simplest way to resolve this
issue in a realtively consistent way.

Test Plan:
  - Recovered drafts for new and edited pages.
  - Used "nodraft" to discard drafts.

Reviewers: davidreuss, btrahan, jungejason

Reviewed By: davidreuss

CC: aran, davidreuss

Maniphest Tasks: T769

Differential Revision: https://secure.phabricator.com/D1378
2012-01-12 18:04:20 -08:00
Jason Ge
cf35a640ec Enable filtering for committed revisions
Summary:
engineers requested to supporting filtering by 'committed'
revisions, and I think it makes sense.

Test Plan: verified that all the three options worked

Reviewers: epriestley, btrahan, nh

Reviewed By: nh

CC: nh, wolffiex, aran

Differential Revision: https://secure.phabricator.com/D1383
2012-01-12 17:02:20 -08:00
epriestley
bfbe6ec594 Prevent login brute forcing with captchas
Summary: If a remote address has too many recent login failures, require they
fill out a captcha before they can attempt to login.

Test Plan: Tried to login a bunch of times, then submitted the CAPTHCA form with
various combinations of valid/invalid passwords and valid/invalid captchas.

Reviewers: btrahan, jungejason

Reviewed By: jungejason

CC: aran, epriestley, jungejason

Maniphest Tasks: T765

Differential Revision: https://secure.phabricator.com/D1379
2012-01-12 15:22:05 -08:00
epriestley
7f7710a24d Add @phutil-external-symbol declarations to Phabricator
Summary: See D1381.

Test Plan: Ran "arc liberate src/ --all" and got a clean rebuild.

Reviewers: btrahan, jungejason

Reviewed By: jungejason

CC: aran, jungejason

Maniphest Tasks: T762

Differential Revision: https://secure.phabricator.com/D1382
2012-01-12 15:20:18 -08:00
epriestley
d84c0a5be5 Validate all fields in differential.parsecommitmessage
Summary:
  - We currently run ##parseValueFromCommitMessage()## on all fields present in
the message, but not ##validateField()##.
  - This detects value errors (e.g., an invalid reviewer) but not higher-level
errors (e.g., a missing field).
  - This can break the stacked-commits Git mutable history workflow by
recognizing too many commit messages as valid ("multiple valid commit messages,
this is ambiguous").
  - This also gives you some errors ("Missing test plan") too late in "arc diff
--create" (after the diff has been built).

Test Plan:
  - Grepped for validateField() calls, removed a couple of calls that had the
same implementation as the base class.
  - Grepped for other calls to this to make sure I'm not stumbling into
unintended side effects, but it only runs from the diff workflow.
  - Ran "arc diff --create" with an invalid test plan, got a good error early in
the process.
  - Ran "arc diff master" with stacked local commits, got a correct selection of
the intended message.

Reviewers: cpiro, btrahan, jungejason

Reviewed By: cpiro

CC: aran, cpiro

Differential Revision: https://secure.phabricator.com/D1373
2012-01-12 15:20:11 -08:00
epriestley
02fb5fea89 Allow configuration of a minimum password length, unify password reset
interfaces

Summary:
  - We have a hard-coded minimum length of 3 right now (and 1 in the other
interface), which is sort of silly.
  - Provide a more reasonable default, and allow it to be configured.
  - We have two password reset interfaces, one of which no longer actually
requires you to verify you own the account. This is more than a bit derp.
  - Merge the interfaces into one, using either an email token or the account's
current password to let you change the password.

Test Plan:
  - Reset password on an account.
  - Changed password on an account.
  - Created a new account, logged in, set the password.
  - Tried to set a too-short password, got an error.

Reviewers: btrahan, jungejason, nh

Reviewed By: jungejason

CC: aran, jungejason

Maniphest Tasks: T766

Differential Revision: https://secure.phabricator.com/D1374
2012-01-12 07:39:13 -08:00
epriestley
8b3ab97d64 Fix fatal on project list
Summary:
Until T605 gets fixed, you might end up with a Project without a Profile if the
Profile insert failed. This fatals the list view; instead, don't fatal if a
profile is missing.

(At some point we should probably just merge this field into the Project object,
I was just mimicking the user/profile separation but we have partial-field
object support now and Projects aren't super heavily used or very big.)

Test Plan:
  - Viewed list view including a project with a missing profile.
  - Edited the project, creating its profile.

Reviewers: btrahan, jungejason

Reviewed By: btrahan

CC: arice, aran, btrahan

Differential Revision: https://secure.phabricator.com/D1368
2012-01-12 06:52:24 -08:00
epriestley
65a56c6ce0 Improve mailing list edit form
Summary:
  - Add some captions to make it more clear what these fields mean.
  - Require "name", since tokenizers use it exclusively.
  - Limit URI to allowed protocols, since admins can currently XSS users by
entering a "javascript:" URI and then tricking the user into clicking the
mailing list name. This exploit is dumb, but technically privilege escallation.

Test Plan:
  - Created a new mailing list.
  - Edited a mailing list.
  - Tested URI: valid, invalid, omitted.
  - Tested name: valid, omitted.

Reviewers: btrahan, jungejason, davidreuss

Reviewed By: btrahan

CC: aran, btrahan

Differential Revision: https://secure.phabricator.com/D1365
2012-01-11 15:48:21 -08:00
kevin
beaee478d3 Added conduit method to get maniphest transactions
Summary:
Added a Conduit API method to return all transactions for a
given set of task_ids. This will be used to comments and other important
information about the tasks.

Test Plan:
Use Conduit to execute ##maniphest.gettasktransactions## and
visually verify that transaction information is returned.

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, epriestley

Differential Revision: https://secure.phabricator.com/D1361
2012-01-11 09:13:59 -08:00
epriestley
b10fa8023f Support Git implicit file:// URIs
Summary: @s reported an issue with implicit file:// URIs in Git, see P270.
Recognize and handle URIs in this format. For URIs we don't understand, raise an
exception.

Test Plan:
  - Added failing tests.
  - Fixed code.
  - Tests pass.

Reviewers: btrahan, jungejason, s

Reviewed By: s

CC: aran, epriestley, s

Differential Revision: https://secure.phabricator.com/D1362
2012-01-11 09:00:18 -08:00
epriestley
d75007cf42 Validate logins, and simplify email password resets
Summary:
  - There are some recent reports of login issues, see T755 and T754. I'm not
really sure what's going on, but this is an attempt at getting some more
information.
  - When we login a user by setting 'phusr' and 'phsid', send them to
/login/validate/ to validate that the cookies actually got set.
  - Do email password resets in two steps: first, log the user in. Redirect them
through validate, then give them the option to reset their password.
  - Don't CSRF logged-out users. It technically sort of works most of the time
right now, but is silly. If we need logged-out CSRF we should generate it in
some more reliable way.

Test Plan:
  - Logged in with username/password.
  - Logged in with OAuth.
  - Logged in with email password reset.
  - Sent bad values to /login/validate/, got appropriate errors.
  - Reset password.
  - Verified next_uri still works.

Reviewers: btrahan, jungejason

Reviewed By: btrahan

CC: aran, btrahan, j3kuntz

Maniphest Tasks: T754, T755

Differential Revision: https://secure.phabricator.com/D1353
2012-01-11 08:25:55 -08:00
Andrew Gallagher
840eb46d03 Match unittest results by name or file
Summary:
Just talked to @tuomaspelkonen, and turns out there is a case where
postponed tests results use the filepath for both the name and file
parameters.  Then, after the tests have completed, the unittest
results are updated with the class name as the test name.  To handle
this, this diff matches the stored unittest results name against
either the name or file component of the updated unittest info.

Not sure of great way to generally handle these situations.  Perhaps,
long term, we can just use a placeholder unittest result, mark that
as passed (or delete it?) then add a new test result with the correct
name.

Test Plan: updated unittest result with new name (but file was the same).

Reviewers: epriestley, tuomaspelkonen

Reviewed By: epriestley

CC: aran, epriestley, andrewjcg

Differential Revision: https://secure.phabricator.com/D1356
2012-01-10 16:51:14 -08:00
Andrew Gallagher
48f53ba095 Allow updating diff with results for new unit tests
Summary:
When using postponed unittests to make 'arc diff' faster, there
are some situations where it is difficult to know exactly how
many unittests will be run.  This is the case for many of our
C++ unittests, which we can't really know until we compile the
tests (which is slow, and probably isn't reasonable to be done
before posting the diff).  I suppose we could make sure we
explicitly which tests a C++ unittest will run in some way, but
this would require a lot of change to our backend test infra.
Also, it seems that this is a pretty general issue of not knowing
how many unittests will be run until they actually run.

This diff adds an optional "create" parameter to updateunitresults
which wil create a new unit tests result rather than updating an
existing one.  I am not sure if this really fits here or should
be its own method, but there is a lot of code re-use between them
so I consolidated.

Test Plan: updated a diff with a new unit test result

Reviewers: epriestley, jungejason

Reviewed By: epriestley

CC: aran, epriestley, andrewjcg, tuomaspelkonen

Differential Revision: https://secure.phabricator.com/D1352
2012-01-10 16:18:50 -08:00
Bob Trahan
84ea5c53e4 Kill PhabricatorFileURI
Summary:
we used to need this function for security purposes, but no longer need
it.   remove it so that some call sites can be optimized via smarter data
fetching, and so the whole codebase can have one less thing in it.

Test Plan:
verified the images displayed properly for each of the following
- viewed a diff with added images.
- viewed a user feed
- viewed a user profile
- viewed all image macros
- viewed a paste and clicked through "raw link"
weakness in testing around proxy files and transformed files.  not sure what
these are.  changes here are very programmatic however.

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, btrahan, epriestley

Maniphest Tasks: T672

Differential Revision: https://secure.phabricator.com/D1354
2012-01-10 15:21:39 -08:00
Bob Trahan
2a29a51080 Deploy new ArcanistManyWordsAboutDifferentialConstants class from D1328 into
Phabricator

Summary: ...this breaks without D1328.   Used good ole "codemod" to do this
work, with lots of manual edits around 80 chars.

Test Plan: clicked around phabricator tool suite, particular differential, a
bunch

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, epriestley

Differential Revision: https://secure.phabricator.com/D1351
2012-01-10 11:49:20 -08:00
epriestley
a4ceba9101 Add more information to differential.getdiff
Summary: We need some additional fields to heuristically match revisions to the
working copy in arc.

Test Plan: Executed conduit method, got correct values in fields

Reviewers: btrahan, jungejason

Reviewed By: jungejason

CC: aran, jungejason

Differential Revision: https://secure.phabricator.com/D1347
2012-01-10 10:40:57 -08:00
epriestley
5f8711ebf8 Minor, fix CSRF error caused by D1329. 2012-01-09 13:47:33 -08:00
Jason Ge
79d6d252b7 Display base correctly for git-svn in update history
Summary:
for a git repo which is using git-svn, we should show the
revisioni number. For example, it is show "svn+ssh" if the git url
starts with "svn+ssh". Show the svn revision number instead.

Before fix:
https://secure.phabricator.com/file/view/PHID-FILE-j5rogyqjkgifoxtpwzcu/

After fix:
https://secure.phabricator.com/file/view/PHID-FILE-4vsnptcjzuzuyj4zo25x/

Test Plan:
- verified a diff with git-svn worked
- verified a pure git diff still worked

Reviewers: epriestley, nh

Reviewed By: epriestley

CC: aran, epriestley

Differential Revision: https://secure.phabricator.com/D1344
2012-01-08 12:18:22 -08:00
epriestley
79205481e6 Minor, fix \n in MetaMTA headers. 2012-01-08 10:26:16 -08:00
Jason Ge
3a142c8788 Fix undefined index header.generate-toc in Differential
Summary:
getMarkupEngineDefaultConfiguration() is not setting
header.generate-toc. This is causing "undefined index" in Differential
page.

Test Plan:
  - Differential reviion page renders correctly
  - Phriction page renders correctly

Reviewers: epriestley, tuomaspelkonen, nh

Reviewed By: nh

CC: aran, nh

Differential Revision: https://secure.phabricator.com/D1342
2012-01-06 23:52:39 -08:00
Nick Harper
13d930b232 Fix table layout bug for inline comments
Summary:
The filename header for inline comments used to span 2 columns - the line number
and the comment. With the addition of a column for the diff (to link to inline
comments on previous diffs), the filename header should now span 3 columns
instead of just the line number and diff, leaving the comment squished to the
right.

Test Plan:
Opened a differential revision with an inline comment from a previous diff, and
saw that the filename header continued across the comment. Also checked an
inline comment on a current diff, and saw that it looks fine.

Reviewers: epriestley, btrahan, jungejason

Reviewed By: epriestley

CC: aran, epriestley

Differential Revision: https://secure.phabricator.com/D1340
2012-01-06 14:55:18 -08:00
epriestley
5e486db59d Enable Table of Contents in Phriction
Summary: Use the TOC stuff introduced in D1334.

Test Plan:
https://secure.phabricator.com/file/view/PHID-FILE-lttr6jszx2y2rqjpalr6/

Reviewers: btrahan, jungejason, davidreuss

Reviewed By: btrahan

CC: aran, btrahan

Differential Revision: https://secure.phabricator.com/D1335
2012-01-06 11:52:50 -08:00
epriestley
4579f23f63 Add a "maniphest.update" Conduit method
Summary:
  - Add maniphest.update
  - Add support for auxiliary fields to maniphest.createtask

Test Plan:
  - Created tasks with maniphest.createtask
  - Updated tasks with maniphest.update

Reviewers: btrahan, jungejason, zeeg

Reviewed By: btrahan

CC: aran, btrahan

Differential Revision: https://secure.phabricator.com/D1330
2012-01-06 11:52:00 -08:00
epriestley
3c9551e96d Add "Reveal Entire File" option to Diffusion
Summary: Clicks all the "Show All" links for you at the touch of a button.

Test Plan:
  - Used "reveal entire file" on revealable files.
  - Opened on already-visible files, got "entire file shown".
  - Used other menu options.
  - Used normal "show more" links.

Reviewers: btrahan, jungejason

Reviewed By: btrahan

CC: aran, epriestley, btrahan

Maniphest Tasks: T497

Differential Revision: https://secure.phabricator.com/D1331
2012-01-06 11:51:10 -08:00
epriestley
e5c0bfc8e3 Link to undisplayed inline comments
Summary:
We currently don't link to comments which aren't visible. Link to the
appropriate diff in a new window, indicating where the comment lives.

Test Plan: Clicked visible, not-so-visible comments.

Reviewers: btrahan, jungejason, davidreuss

Reviewed By: btrahan

CC: aran, btrahan, epriestley

Maniphest Tasks: T555, T449

Differential Revision: https://secure.phabricator.com/D1333
2012-01-06 11:50:59 -08:00
epriestley
58f2cb2509 Provide a script for batch creating user accounts
Summary: Make it a little easier to create a bunch of accounts if your company
has more than like 5 employees.

Test Plan: Ran "add_user.php" to create new users. Created new users from the
web console.

Reviewers: btrahan, jungejason, rguerin

Reviewed By: btrahan

CC: aran, btrahan, rguerin

Differential Revision: https://secure.phabricator.com/D1336
2012-01-06 11:50:51 -08:00
epriestley
d16454d45d Improve a race condition in session establishment code
Summary:
If you try to establish several sessions quickly (e.g., by running several
copies of "arc" at once, as in "arc x | arc y"), the current logic has a high
chance of making them all pick the same conduit session to refresh (since it's
the oldest one when each process selects the current sessions). This means they
all issue updates against "conduit-3" (or whatever) and one ends up with a bogus
session.

Instead, do an update against the table with the session key we read, so only
one process wins the race. If we don't win the race, try again until we do or
have tried every session slot.

Test Plan:
  - Wiped conduit sessions, ran arc commands to verify the fresh session case.
  - Ran a bunch of arc piped to itself, e.g. "arc list | arc list | arc list |
...". It succeeds up to the session limit, and above that gets failures as
expected.
  - Manually checked the session table to make sure things seemed reasonable
there.
  - Generally ran a bunch of arc commands.
  - Logged out and logged in on the web interface.

Reviewers: btrahan, jungejason

Reviewed By: btrahan

CC: aran, btrahan

Maniphest Tasks: T687

Differential Revision: https://secure.phabricator.com/D1329
2012-01-06 11:33:03 -08:00
epriestley
1903bb80bb Add a link from Differential to Diffusion
Summary:
Provide an easy way to jump to Diffusion from Differential if we have
the data we need to connect them.

Test Plan: Tested menu in linked and unlinked diffs. Used menu item.

Reviewers: btrahan, jungejason

Reviewed By: btrahan

CC: aran, epriestley, btrahan

Maniphest Tasks: T309

Differential Revision: https://secure.phabricator.com/D1326
2012-01-05 18:03:08 -08:00
epriestley
da3a972400 Retry failed page anchor navigation
Summary:
When the user loads a page with an anchor on it like #thing, or clicks a link to
#thing, and #thing doesn't exist, keep trying to navigate to #thing for a few
seconds.

This allows anchors to work when the target is in content which is later ajaxed
in. In particular, this affects inline comments in Differential.

Test Plan: Opened inline comment links in a new tab, was in the right place when
I switched tabs.

Reviewers: nh, btrahan, jungejason

Reviewed By: btrahan

CC: aran, btrahan, epriestley

Maniphest Tasks: T492

Differential Revision: https://secure.phabricator.com/D1327
2012-01-05 18:02:02 -08:00
epriestley
9c5a6601d6 Remove some Mercurial and Google caveats
Summary: These seem to work relatively reasonably and don't have any known
deal-breaking failures.

Test Plan: shrug~

Reviewers: btrahan, jungejason

Reviewed By: btrahan

CC: aran, btrahan

Differential Revision: https://secure.phabricator.com/D1324
2012-01-05 14:14:06 -08:00
Bob Trahan
e478c0074c Add support for querying by commit hashes to DifferentialRevisionQuery class and
corresponding ConduitAPI

Summary: reasonable title...  also made this new functionality used by the
repository worker for parsing diffs

Test Plan:
- looked at the conduit console and queried for various types of hashes,
including hashes with no match.  got correct results.
- identified a reasonable diff from a local git repo.  set the revision status
to 2 (ACCEPTED) in the database.  augmented the worker parser code to var_dump
and die after finding revision id.   ran scripts/repository/reparse.php
--message rX and verified my var_dumps.  removed var_dumps and die and ran
reparse.php again with same paramters.  verified revision looked good in
diffusion and there were no errors.
- repeated the above reparse.php jonx for a mercurial repo.  note svn isn't in
this hash game so that test was particularly exciting no-op'dness i did not
bother with

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, btrahan, epriestley

Differential Revision: https://secure.phabricator.com/D1315
2012-01-05 13:51:51 -08:00
epriestley
7abdf3afe0 Add a dropdown menu for Differential view options
Summary:
There are several open Differential tasks that are basically blocked on not
having reasonable places in the UI to put things. Replace the "View Standalone /
Raw" button with a "View Options" dropdown menu so we can shove things like
"Expand All", "Fold / Unfold File", and "View in Diffusion" in there.

This doesn't change any behavior, just puts the existing options in a menu.

Test Plan:
  - Toggled menu open by clicking button.
  - Clicked menu items.
  - Toggled menu closed by clicking button.
  - Toggled menu closed by clicking document.
  - Toggled menu closed by opening another menu.
  - Toggled menu closed by selecting an item.

Reviewers: btrahan, jungejason

Reviewed By: btrahan

CC: aran, btrahan

Maniphest Tasks: T497, T309

Differential Revision: https://secure.phabricator.com/D1316
2012-01-05 12:58:38 -08:00
epriestley
275472d70f Fix appearance of "Differential Revision" on edit interfaces
Summary: The recent change to the field causes us to render "http://junk.com/D"
in some cases, just null the field if there's no data.

Test Plan: Ran "arc diff --create".

Reviewers: btrahan, jungejason

Reviewed By: btrahan

CC: aran, btrahan

Differential Revision: https://secure.phabricator.com/D1321
2012-01-05 12:57:40 -08:00
epriestley
1cb81936e7 Minor, fix array_merge() issue. 2012-01-05 09:11:49 -08:00
vrana
460efc4489 Include added reviewers and ccs in preview
Summary: Preview of Add Reviewers looks silly without actually showing them

Test Plan:
Go to any diff
Leap into action: Add Reviewers
Add some reviewers
Write some comment
Preview including Added reviewers should be displayed
Change action to Comment
Added reviewers should disappear
Repeat with Add CCs

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, epriestley, vrana

Differential Revision: https://secure.phabricator.com/D1276
2012-01-04 17:08:13 -08:00
epriestley
4077ef2555 Show lint issues inline in Differential
Summary:
Take lint information and use it to render synthetic inline comments in
Differential.

Test Plan:
https://secure.phabricator.com/file/view/PHID-FILE-2uapwmf5tqhgscbuty3b/

Reviewers: btrahan, jungejason

Reviewed By: btrahan

CC: aran, btrahan, epriestley, pad

Maniphest Tasks: T24

Differential Revision: https://secure.phabricator.com/D1309
2012-01-04 14:17:33 -08:00