Summary:
Ref T4986. This one needs `getApplicationURI()` so make it a little beefier to deal with that.
(It would be vaguely nice to somehow share the handle and application stuff between Controllers and Engine classes like this, but I don't immediately see a clean way to do it without traits. Not a big deal, in any case.)
Test Plan:
- Viewed Calendar.
- Made a Calendar panel.
- Viewed feed.
Reviewers: btrahan
Reviewed By: btrahan
Subscribers: epriestley
Maniphest Tasks: T4986
Differential Revision: https://secure.phabricator.com/D9012
Summary:
Ref T4986. Updates audit.
Slightly tweaks on method visibility.
Just used a HandleQuery since we have to rebuild the whole view thing otherwise; this is an unusual case.
Test Plan:
- Checked Audit.
- Checked Feed.
- Checked Slowvote.
{F151555}
Reviewers: btrahan
Reviewed By: btrahan
Subscribers: epriestley
Maniphest Tasks: T4986
Differential Revision: https://secure.phabricator.com/D9011
Summary:
Ref T4986. This adds a bit of structure for handles, since we used to have Controller utilities but no longer do.
Hopefully these will start going faster soon...
Test Plan:
- Checked feed for collateral damage.
- Checked slowvote for collateral damage.
- Made a slowvote panel.
{F151550}
Reviewers: btrahan
Reviewed By: btrahan
Subscribers: epriestley
Maniphest Tasks: T4986
Differential Revision: https://secure.phabricator.com/D9010
Summary:
Ref T4986. We need to introduce alternate views to make this more pleasant, but let rendering move to engines so it can be shared between panels and controllers.
I also moved some of the pagination logic in to avoid duplicating that.
So far, only Feed works. I'm going to do these gradually since we have ~40-50 of them.
Test Plan:
- Used global search to check for collateral damage.
- Used not-global search too.
- Used normal feed.
{F151541}
Reviewers: btrahan
Reviewed By: btrahan
Subscribers: chad, epriestley
Maniphest Tasks: T4986
Differential Revision: https://secure.phabricator.com/D9008
Summary: Ref T4986. This isn't pretty/usable yet (I need to move rendering out of ListController classes and into SearchEngine classes, I think) but does pull the correct results.
Test Plan: {F151537}
Reviewers: btrahan
Reviewed By: btrahan
Subscribers: epriestley
Maniphest Tasks: T4986
Differential Revision: https://secure.phabricator.com/D9007
Summary:
This plugin provides an OAuth authentication provider to authenticate users using WordPress.com Connect.
This diff corresponds to github pull request https://github.com/facebook/phabricator/pull/593/ and had its libphutil counterpart reviewed in D9004.
Test Plan: Configured WordPress.com as an authentication provider, saw it show up on the login screen, registered a new account, got expected defaults for my username/name/email/profile picture.
Reviewers: chad, #blessed_reviewers, epriestley
Reviewed By: #blessed_reviewers, epriestley
Subscribers: epriestley
Differential Revision: https://secure.phabricator.com/D9019
Summary:
**WIP**
This sets a shadow fixed to the full screen of the browser for which panels to live in. I have some minor things to fix, but play with it.
Specifically I haven't been able to dig up when stuff that overflowwed, doesn't always render even after scroll.
Test Plan: Test on a board with many tasks, many panels, small screens. Test on mobile too!
Reviewers: epriestley, btrahan
Reviewed By: btrahan
Subscribers: qgil, epriestley, Korvin
Differential Revision: https://secure.phabricator.com/D9005
Summary: Ref D8930. My "send test" for SMS was failing before this patch, and now it works nicely.
Test Plan: Used new code in D8930 that uses $this->queueTask() to get some work done and it got done in process
Reviewers: epriestley
Reviewed By: epriestley
Subscribers: epriestley, Korvin
Differential Revision: https://secure.phabricator.com/D9018
Summary: Fixes T4995. This uses commas so it shouldn't have `[]`. I think I just derped this a while ago.
Test Plan: fiddled
Reviewers: btrahan, chad
Reviewed By: chad
Subscribers: epriestley
Maniphest Tasks: T4995
Differential Revision: https://secure.phabricator.com/D9009
Summary: Was bad, now good.
Test Plan: Observed goodness.
Reviewers: btrahan, chad
Reviewed By: chad
Subscribers: epriestley
Differential Revision: https://secure.phabricator.com/D9003
Summary: Fixes T4914. We currently have a finite limit on column displays which caused T4914. This fixes T4914 by no longer using a fluid layout. Rather, we use a fixed column width layout which does not have a 7 column limit. Future work - see T4054 for an example - will likely make the fluid layout thing work with infinite columns, and / or other work may re-jigger project workboards directly.
Test Plan: had a project like in T4914 that wouldn't load and it loaded post this change! added more columns and using javascript inspector noted proper width being set
Reviewers: epriestley, chad
Reviewed By: epriestley
Subscribers: joshuaspence, epriestley, Korvin
Maniphest Tasks: T4054, T4914
Differential Revision: https://secure.phabricator.com/D8942
Summary: There was a typo.
Test Plan: Now there is no typo.
Reviewers: btrahan, chad
Reviewed By: chad
Subscribers: aran, epriestley
Differential Revision: https://secure.phabricator.com/D8995
Summary: D1239 got it mostly right, but some versions of Outlook apparently put a '> ' in front of the 'Original Message' marker, which the parser couln't grok.
Test Plan: Added a test case to the unit tests, applied the patch to my install and asked one of my heathen Outlook using colleagues to reply to a Conpherence post.
Reviewers: epriestley, #blessed_reviewers
Reviewed By: epriestley, #blessed_reviewers
Subscribers: epriestley, Korvin
Differential Revision: https://secure.phabricator.com/D8998
Summary: Fixes T4970.
Test Plan: left a comment on a paste
Reviewers: epriestley
Subscribers: epriestley, Korvin
Maniphest Tasks: T4970
Differential Revision: https://secure.phabricator.com/D8996
Summary:
Ref T4119.
- Trim newlines off the quoted text before quoting it; otherwise we can end up with a staircase of ">" at the end of a quote.
- Allow image macros to have leading whitespace, so multiple consecuitive quoted macros work properly.
Test Plan: I QUOTED MACROS A LOT OF TIMES
Reviewers: btrahan, chad
Reviewed By: chad
Subscribers: epriestley
Maniphest Tasks: T4119
Differential Revision: https://secure.phabricator.com/D8983
Summary:
man I sure hate Javascript
I removed the ajax-edit and ajax-remove interactions, becuase they were prohibitively complex to get working given that the entire menu has to change too. Instead, the page just reloads. This works perfectly fine in practice.
If we want to restore these in the future, we should have the server re-render the entire transaction group or something. I think very little is lost here, though.
Test Plan:
- Took all the actions.
- Used existing dropdown menus.
{F150196}
Reviewers: chad, btrahan
Reviewed By: btrahan
Subscribers: epriestley
Differential Revision: https://secure.phabricator.com/D8966
Summary:
See D8966, D8973. Replace PhabricatorDropdownMenu with PHUIXDropdownMenu.
These new menus look weird on mobile because all action lists pick up a bunch of weird styles on mobile and we're now reusing the CSS.
Test Plan:
{F150425}
{F150426}
Reviewers: btrahan, chad
Reviewed By: btrahan
Subscribers: epriestley
Differential Revision: https://secure.phabricator.com/D8974
Summary:
Ref T4119. This is ugly for now, but technically works.
The comment area and transaction log don't realy know about each other, so for the moment the linking is a bit manual. Differential/Maniphest are special cases anyway.
Test Plan: {F149992}
Reviewers: chad, btrahan
Reviewed By: btrahan
Subscribers: epriestley
Maniphest Tasks: T4119
Differential Revision: https://secure.phabricator.com/D8957
Summary: Ref T4119. Adds the block rule and makes a faint effort at CSS.
Test Plan: See D8953 for a screenshot.
Reviewers: chad, btrahan
Reviewed By: btrahan
Subscribers: epriestley
Maniphest Tasks: T4119
Differential Revision: https://secure.phabricator.com/D8955
Summary:
Fixes T4909. Adds a "remove" link next to the edit link, which permanently hides a comment. Addresses two use cases:
- Allowing administrators to clean up spam.
- Allowing users to try to put the genie back in the bottle if they post passwords or sensitive links, etc.
The user who removed the comment is named in the removal text to enforce some level of administrative accountability.
No data is deleted, but there's currently no method to restore these comments. We'll see if we need one.
This is cheating a little bit by storing "removed" as "2" in the isDeleted field. This doesn't seem tooooo bad for now.
Test Plan:
- Removed some of my comments.
- As an administrator, removed other users' comments.
- Failed to view history of a removed comment.
- Failed to edit a removed comment.
- Failed to remove a removed comment.
- Verified feed doesn't show the old comment after comment removal.
Reviewers: btrahan
Reviewed By: btrahan
Subscribers: qgil, chad, epriestley
Maniphest Tasks: T4909
Differential Revision: https://secure.phabricator.com/D8945
Summary:
Fixes T4960. Users `chmod +x` this, and then bash chokes on it.
Phabricator "owns" this file anyway, so there is no real ambiguity here: this should never be a hook script.
Test Plan:
- Did `chmod +x README`.
- Made a commit.
- Added `z.sh`, got blocked.
Reviewers: btrahan, chad
Reviewed By: chad
Subscribers: epriestley
Maniphest Tasks: T4960
Differential Revision: https://secure.phabricator.com/D8981
Summary: A user in IRC hit this; this looks like a typo.
Test Plan: Created a new blog with a public view policy, a non-public join policy, and a custom domain.
Reviewers: btrahan
Reviewed By: btrahan
Subscribers: legien, epriestley
Differential Revision: https://secure.phabricator.com/D8980
Summary:
Ref T4843.
- The token award buttons are just icons.
- The tokens themselves are just icons.
- Also spread the tokens out a tiny bit, they feel a little tight to me right now.
Test Plan: Used VoiceOver to read out tokens and token actions. Looked at an object with several token awards.
Reviewers: chad, btrahan
Reviewed By: btrahan
Subscribers: epriestley
Maniphest Tasks: T4843
Differential Revision: https://secure.phabricator.com/D8982
Summary: Ref T4843. Chips away at a few more things.
Test Plan: Used VoiceOver and got a generally more sensible-seeming result.
Reviewers: btrahan, chad
Reviewed By: chad
Subscribers: epriestley
Maniphest Tasks: T4843
Differential Revision: https://secure.phabricator.com/D8978
Summary:
Ref T4814. Although this approach made sense at one point, we have more file infrastructure now and T4814 will be easier if we just pass a PHID in.
Also swap Conduit over to use the Editor.
Test Plan:
- Created a paste.
- Created a paste via Conduit.
- Verified that files had correct permissions and appropriate object links in Files.
Reviewers: btrahan
Reviewed By: btrahan
Subscribers: epriestley
Maniphest Tasks: T4814
Differential Revision: https://secure.phabricator.com/D8969
Summary:
Fixes T4941. If a diff has had trailing whitespace stripped, we will fail to handle empty lines correctly (previously, these lines had a leading space when the original tool emitted them).
(This probably stopped working around the time we began retaining newlines.)
Test Plan: The diff in T4941 now parses and renders correctly.
Reviewers: asherkin, btrahan
Reviewed By: btrahan
Subscribers: epriestley
Maniphest Tasks: T4941
Differential Revision: https://secure.phabricator.com/D8968
Summary: Fixes T4931. Each new credential should come with the ability to lock the credential permanently, so that no one can ever edit again. Each existing credential must allow user to lock existing credential.
Test Plan: Create new credential, verify that you can lock it before saving it. Open existing unlocked credential, verify that option to lock it exists. Once credential is locked, the option to reveal it should be disabled, and editing the credential won't allow username/password updates.
Reviewers: #blessed_reviewers, epriestley
Reviewed By: #blessed_reviewers, epriestley
Subscribers: epriestley, Korvin
Maniphest Tasks: T4931
Differential Revision: https://secure.phabricator.com/D8947
Summary: Need to wire up the button to have a click handler that clears out the placeholder text. Fixes T4847.
Test Plan: Clicked the search button and got results for nothing as opposed to "Search." Typed a search and clicked button and got expected results.
Reviewers: epriestley
Reviewed By: epriestley
Subscribers: epriestley, Korvin
Maniphest Tasks: T4847
Differential Revision: https://secure.phabricator.com/D8960
Summary:
- Personal Rules display like globals
- Remove "boxy" look around transcripts
- Fix Property list widths, breaks, on mobile
- Add proper blank state for no actions
Test Plan: Tested Herald on mobile and desktop, used simulator in Chrome
Reviewers: btrahan, epriestley
Reviewed By: epriestley
Subscribers: epriestley, Korvin
Differential Revision: https://secure.phabricator.com/D8958
Summary:
tracing this a bit, in core/behavior-form.js we end up doing form.submit() on this form. Before this patch, the form had no submitURI set so it ended up doing a page load. Now, we set the submitURI and (at least) the form is actually submitted and data is saved. Ref T4669.
Not sure how come the syntheticSubmit even isn't getting picked up though?
Test Plan: hit apple + enter to submit comment edit. page reloaded and my edit persisted!
Reviewers: epriestley
Reviewed By: epriestley
Subscribers: epriestley, Korvin
Maniphest Tasks: T4669
Differential Revision: https://secure.phabricator.com/D8952
Summary: forgot to update this with new application search.
Test Plan: verified "View Commits" took me to my commits and the commits of another user from respective profile pages.
Reviewers: epriestley
Reviewed By: epriestley
Subscribers: epriestley, Korvin
Differential Revision: https://secure.phabricator.com/D8951
Summary:
Ref T4749. Ref T3265. Ref T4909. Several goals here:
- Move user destruction to the CLI to limit the power of rogue admins.
- Start consolidating all "destroy named object" scripts into a single UI, to make it easier to know how to destroy things.
- Structure object destruction so we can do a better and more automatic job of cleaning up transactions, edges, search indexes, etc.
- Log when we destroy objects so there's a record if data goes missing.
Test Plan: Used `bin/remove destroy` to destroy several users.
Reviewers: btrahan
Reviewed By: btrahan
Subscribers: epriestley
Maniphest Tasks: T3265, T4749, T4909
Differential Revision: https://secure.phabricator.com/D8940
Summary: See D8931. Ref T3945. CSS for the checkmark styles.
Test Plan: {F149713}
Reviewers: btrahan, chad
Reviewed By: chad
Subscribers: epriestley
Maniphest Tasks: T3945
Differential Revision: https://secure.phabricator.com/D8932
Summary: Ref T4938. `arc close` needs to know about custom statuses and this conduit method is step 1 of letting it know
Test Plan: See next diff, which works!
Reviewers: epriestley
Reviewed By: epriestley
Subscribers: epriestley, Korvin
Maniphest Tasks: T4938
Differential Revision: https://secure.phabricator.com/D8937
Summary: we need set flush on the home display
Test Plan: checked home and audit home, both cards, proper spacing
Reviewers: btrahan, epriestley
Reviewed By: epriestley
Subscribers: epriestley
Differential Revision: https://secure.phabricator.com/D8939
Summary: For general consistency with Differential / other application searches. May look at "Cards" as the default view for everything.
Test Plan: Reload my Audit page, easier to read and find status colors.
Reviewers: epriestley, btrahan
Reviewed By: btrahan
Subscribers: epriestley, Korvin
Differential Revision: https://secure.phabricator.com/D8935
Summary:
This is just a general review of config options, to reduce the amount of damage a rogue administrator (without host access) can do. In particular:
- Fix some typos.
- Lock down some options which would potentially let a rogue administrator do something sketchy.
- Most of the new locks relate to having them register a new service account, then redirect services to their account. This potentially allows them to read email.
- Lock down some general disk stuff, which could be troublesome in combination with other vulnerabilities.
Test Plan:
- Read through config options.
- Tried to think about how to do evil things with each one.
Reviewers: btrahan
Reviewed By: btrahan
Subscribers: epriestley
Differential Revision: https://secure.phabricator.com/D8928
Summary: Ref T4398. This has a few lies (in the sense of "features that don't work yet") but should describe behavior accurately after a few more patches.
Test Plan: Read it.
Reviewers: btrahan
Reviewed By: btrahan
Subscribers: epriestley
Maniphest Tasks: T4398
Differential Revision: https://secure.phabricator.com/D8910
