1
0
Fork 0
mirror of https://we.phorge.it/source/phorge.git synced 2024-12-26 15:30:58 +01:00
Commit graph

547 commits

Author SHA1 Message Date
epriestley
c2227d3ed2 Fix "acccess" spelling error
Summary: This is misspelled.

Test Plan: Consulted a dictionary.

Reviewers: chad

Reviewed By: chad

Differential Revision: https://secure.phabricator.com/D15827
2016-04-30 09:07:51 -07:00
epriestley
66366137ff Don't apply security.require-https to intracluster requests
Summary:
Ref T10784. Currently, if you terminate SSL at a load balancer (very common) and use HTTP beyond that, you have to fiddle with this setting in your premable or a `SiteConfig`.

On the balance I think this makes stuff much harder to configure without any real security benefit, so don't apply this option to intracluster requests.

Also document a lot of stuff.

Test Plan: Poked around locally but this is hard to test outside of a production cluster, I'll vet it more thoroughly on `secure`.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T10784

Differential Revision: https://secure.phabricator.com/D15696
2016-04-13 12:51:41 -07:00
epriestley
997460f12f When proxying cluster HTTP requests, forward only selected headers
In the live cluster, some subset of the forwarded headers are creating
some issues for HTTP repository operations.
2016-04-09 03:39:17 -07:00
epriestley
60e91d3934 Fix an issue with passing HTTP headers through in proxied cluster requests
Summary:
I think this fixes the Mercurial + HTTP cluster issue. PHP adds `HTTP_` but we were not stripping it, so we would convert an `X-Whatever-Zebra` header into an `Http-X-Whatever-Zebra` header.

I don't think this behavior has changed? So maybe it just never worked? Git is more popular than Mercurial and SSH is easier to configure than HTTP, so it's plausible. I'll keep a careful eye on this when it deploys.

Test Plan:
  - Set up local service-based Mercurial repository.
  - Tried to clone, got similar error to cluster.
  - Applied patch, clean clone.

Reviewers: chad

Reviewed By: chad

Differential Revision: https://secure.phabricator.com/D15660
2016-04-08 11:03:28 -07:00
epriestley
cdec319143 Convert Countdown to EditEngine
Summary: Fixes T10684. Fixes T10520. This primarily implements a date/epoch field, and then does a bunch of standard plumbing.

Test Plan:
  - Created countdowns.
  - Edited countdowns.
  - Used HTTP prefilling.
  - Created a countdown ending on "Christmas Morning", etc.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T10520, T10684

Differential Revision: https://secure.phabricator.com/D15655
2016-04-07 12:34:07 -07:00
epriestley
5664c838fb Reduce thumbnail flickering in comment previews
Summary:
Ref T10262. Currently, we always render a tag like this when you `{F123}` an image in remarkup:

```
<img src="/xform/preview/abcdef/" />
```

This either generates the preview or redirects to an existing preview. This is a good behavior in general, because the preview may take a while to generate and we don't want to wait for it to generate on the server side.

However, this flickers a lot in Safari. We might be able to cache this, but we really shouldn't, since the preview URI isn't a legitimately stable/permanent one.

Instead, do a (cheap) server-side check to see if the preview already exists. If it does, return a direct URI. This gives us a stable thumbnail in Safari.

Test Plan:
  - Dragged a dog picture into comment box.
  - Typed text.
  - Thing didn't flicker like crazy all the time in Safari.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T10262

Differential Revision: https://secure.phabricator.com/D15646
2016-04-06 15:52:52 -07:00
epriestley
439821c7b2 Don't require one-time tokens to view file resources
Summary:
Ref T10262. This removes one-time tokens and makes file data responses always-cacheable (for 30 days).

The URI will stop working once any attached object changes its view policy, or the file view policy itself changes.

Files with `canCDN` (totally public data like profile images, CSS, JS, etc) use "cache-control: public" so they can be CDN'd.

Files without `canCDN` use "cache-control: private" so they won't be cached by the CDN. They could still be cached by a misbehaving local cache, but if you don't want your users seeing one anothers' secret files you should configure your local network properly.

Our "Cache-Control" headers were also from 1999 or something, update them to be more modern/sane. I can't find any evidence that any browser has done the wrong thing with this simpler ruleset in the last ~10 years.

Test Plan:
  - Configured alternate file domain.
  - Viewed site: stuff worked.
  - Accessed a file on primary domain, got redirected to alternate domain.
  - Verified proper cache headers for `canCDN` (public) and non-`canCDN` (private) files.
  - Uploaded a file to a task, edited task policy, verified it scrambled the old URI.
  - Reloaded task, new URI generated transparently.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T10262

Differential Revision: https://secure.phabricator.com/D15642
2016-04-06 14:14:36 -07:00
epriestley
2b02024e23 Use AphrontRequestStream to read request input
Summary:
Ref T10604. This uses the new standalone stream reader introduced in D15483 to read request data, instead of putting the logic in PhabricatorStartup.

It also doesn't read request data until it specifically needs to. This supports, e.g., streaming Git LFS PUT requests, and streaming more types of requests in the future.

Test Plan: See D15483. Made various different types of requests and wasn't immediately able to break anything.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T10604

Differential Revision: https://secure.phabricator.com/D15484
2016-03-17 08:08:18 -07:00
epriestley
9d125b459e Use large text columns to store IP addresses
Summary: Fixes T10259. There was no real reason to do this `ip2long()` stuff in the first place -- it's very slightly smaller, but won't work with ipv6 and the savings are miniscule.

Test Plan:
  - Ran migration.
  - Viewed logs in web UI.
  - Pulled and pushed.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T10259

Differential Revision: https://secure.phabricator.com/D15165
2016-02-02 10:13:14 -08:00
epriestley
23367265e1 Strip "Transfer-Encoding" headers from proxied HTTP responses
This is a likely fix for HTTP clones against proxied repositories in the
cluster, although I'm not 100% sure I'm replicating it correctly.

The issue appears to be that we're proxying all the headers, including the
"Transfer-Encoding" header, although the request will already have stripped
any encoding. This might cause us to emit a "chunked" header without a
chunked body.

Auditors: chad
2016-01-07 16:33:09 -08:00
epriestley
2328e739b7 Fix an issue where Phame could post to the wrong blog
When you `getInt()` an array, PHP decides the array has value `1`. This would
cause us to post to blog #1 incorrectly. I didn't catch this locally because
I happened to be posting to blog #1.

Stop us from interpreting array values as `1`, and fix blog interpretation.

This approach is a little messy (projects has the same issue) but I'll see
if I can clean it up in some future change.

Auditors: chad
2016-01-02 05:20:41 -08:00
epriestley
e869e7df0b When logged-out users hit a "Login Required" dialog, try to choose a better "next" URI
Summary:
Ref T10004. After a user logs in, we send them to the "next" URI cookie if there is one, but currently don't always do a very good job of selecting a "next" URI, especially if they tried to do something with a dialog before being asked to log in.

In particular, if a logged-out user clicks an action like "Edit Blocking Tasks" on a Maniphest task, the default behavior is to send them to the standalone page for that dialog after they log in. This can be pretty confusing.

See T2691 and D6416 for earlier efforts here. At that time, we added a mechanism to //manually// override the default behavior, and fixed the most common links. This worked, but I'd like to fix the //default// beahvior so we don't need to remember to `setObjectURI()` correctly all over the place.

ApplicationEditor has also introduced new cases which are more difficult to get right. While we could get them right by using the override and being careful about things, this also motivates fixing the default behavior.

Finally, we have better tools for fixing the default behavior now than we did in 2013.

Instead of using manual overrides, have JS include an "X-Phabricator-Via" header in Ajax requests. This is basically like a referrer header, and will contain the page the user's browser is on.

In essentially every case, this should be a very good place (and often the best place) to send them after login. For all pages currently using `setObjectURI()`, it should produce the same behavior by default.

I'll remove the `setObjectURI()` mechanism in the next diff.

Test Plan: Clicked various workflow actions while logged out, saw "next" get set to a reasonable value, was redirected to a sensible, non-confusing page after login (the page with whatever button I clicked on it).

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T10004

Differential Revision: https://secure.phabricator.com/D14804
2015-12-17 08:30:03 -08:00
epriestley
dc79d9ea84 Put back "PhabricatorResourceSite"
Auditors: chad
2015-12-11 08:22:16 -08:00
epriestley
8a906b0e18 Remove skins from Phame
Summary:
Ref T9897. Purge a bunch of stuff:

  - Remove skins.
  - Remove all custom sites for skin resources.
  - Remove "framed", "notlive", "preview", separate "live" controllers (see below).
  - Merge "publish" and "unpublish" controllers into one.

New behavior:

  - Blogs and posts have three views:
    - "View": Internal view URI, which is a normal detail page.
    - "Internal Live": Internal view URI which is a little prettier.
    - "External Live": External view URI for an external domain.

Right now, the differences are pretty minor (basically, different crumbs/chrome). This mostly gives us room to put some milder flavor of skins back later (photography or more "presentation" elements, for example).

This removes 9 million lines of code so I probably missed a couple of things, but I think it's like 95% of the way there.

Test Plan:
Here are some examples of what the "view", "internal" and "external" views look like for blogs (posts are similar):

"View": Unchanged

{F1021634}

"Internal": No chrome or footer. Still write actions (edit, post commments). Has crumbs to get back into Phame.

{F1021635}

"External": No chrome or footer. No write actions. No Phabricator crumbs. No policy/status information.

{F1021638}

I figure we'll probably tweak these a bit to figure out what makes sense (like: maybe no actions on "internal, live"? and "external, live" probably needs a way to set a root "Company >" crumb?) but that they're reasonable-ish as a first cut?

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T9897

Differential Revision: https://secure.phabricator.com/D14740
2015-12-11 08:14:12 -08:00
epriestley
c1ae5321d7 Support HTTP parameter prefilling in EditEngine forms for CustomFields
Summary:
Ref T9132. This allows you to prefill custom fields with `?custom.x.y=value`, for most types of custom fields.

Dates (which are substantially more complicated) aren't supported. I'll just do those once the dust settles. Other types should work, I think.

Test Plan:
  - Verified custom fields appear on "HTTP Parameters" help UI.
  - Used `?x=y` to prefill custom fields on edit form.
  - Performed various normal edits.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T9132

Differential Revision: https://secure.phabricator.com/D14634
2015-12-02 09:32:26 -08:00
epriestley
56be700561 Improve code structure of PHID fields in EditEngine
Summary: Ref T9132. I had some hacks in place for dealing with Edge/Subscribers stuff. Clean that up so it's structured a little better.

Test Plan:
  - Edited subscribers and projects.
  - Verified things still show up in Conduit.
  - Made concurrent edits (added a project in one window, removed it in another window, got a clean result with a correct merge of the two edits).

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T9132

Differential Revision: https://secure.phabricator.com/D14601
2015-11-30 09:00:37 -08:00
lkassianik
d8111f828f Allow a domain other than the install domain to serve as a short Phurl domain
Summary: Ref T8995, config option for Phurl short domain to share shortened URL's

Test Plan:
- Configure Phurl short domain to something like "zz.us"
- Navigate to `zz.us`; get 404
- Navigate to `zz.us/u/3` or `zz.us/u/alias` where `U3` is an existing Phurl; redirect to correct destination

Reviewers: #blessed_reviewers, epriestley

Reviewed By: #blessed_reviewers, epriestley

Subscribers: Korvin

Maniphest Tasks: T8995

Differential Revision: https://secure.phabricator.com/D14447
2015-11-09 11:34:20 -08:00
epriestley
621f806e3b Provide formal Users/Projects/Mailable fields for EditEngine
Summary: Ref T9132. This allows you to prefill EditEngine forms with stuff like `?subscribers=epriestley`, and we'll figure out what you mean.

Test Plan:
  - Did `/?subscribers=...` with various values (good, bad, mis-capitalized).
  - Did `/?projects=...` with various values (good, bad, mis-capitalized).
  - Reviewed documentation.
  - Reviewed {nav Config > HTTP Parameter Types}.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T9132

Differential Revision: https://secure.phabricator.com/D14404
2015-11-04 12:05:41 -08:00
epriestley
20e4c3fbd4 Modularize complex HTTP parameter types
Summary:
Ref T9132. We have several places in the code that sometimes need to parse complex types. For example, we accept all of these in ApplicationSearch and now in ApplicationEditor:

> /?subscribers=cat,dog
> /?subscribers=PHID-USER-1111
> /?subscribers[]=cat&subscribers[]=PHID-USER-2222

..etc. The logic to parse this stuff isn't too complex, but it isn't trivial either.

Right now it lives in some odd places. Notably, `PhabricatorApplicationSearchEngine` has some weird helper methods for this stuff. Rather than give `EditEngine` the same set of weird helper methods, pull all this stuff out into "HTTPParameterTypes".

Future diffs will add "Projects" and "Users" types where all the custom parsing/lookup logic can live. Then eventually the Search stuff can reuse these.

Generally, this just breaks the code up into smaller pieces that have more specific responsibilities.

Test Plan: {F944142}

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T9132

Differential Revision: https://secure.phabricator.com/D14402
2015-11-04 12:05:21 -08:00
Michael Krasnow
6e7ceb996b Set a property so that unit tests run on PHP7
Summary: Without this change PHP throws because idx() is passed null as the property is not intialzied

Test Plan: arc unit --everything

Reviewers: #blessed_reviewers, epriestley

Reviewed By: #blessed_reviewers, epriestley

Subscribers: epriestley

Differential Revision: https://secure.phabricator.com/D14345
2015-10-26 21:15:45 +00:00
epriestley
3ff5ca789a Fix /tag/aa%20bb project URIs
Summary:
Ref T9551. To set things up:

  - Name a project `aa bb`. This will have the tag `aa_bb`.
  - Try to visit `/tag/aa%20bb`.

Here's what happens now:

  - You get an Aphront redirect error as it tries to add the trailing `/`. Add `phutil_escape_uri()` so that works again.
  - Then, you 404, even though this tag is reasonably equivalent to the real project tag and could be redirected. Add a fallback to lookup, resolve, and redirect if we can find a hit for the tag.

This also fixes stuff like `/tag/AA_BB/`.

Test Plan: Visited URIs like `/tag/aa%20bb`, `/tag/aa%20bb/`, `/tag/Aa_bB/`, etc. None of them worked before and now they all do.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T9551

Differential Revision: https://secure.phabricator.com/D14260
2015-10-12 17:02:42 -07:00
epriestley
6915011067 Provide an AphrontController implementation of willSendResponse()
Summary: This is required by Aphront now but not given a default implementation in the base class.

Test Plan: CORGI sites now work.

Reviewers: chad

Reviewed By: chad

Differential Revision: https://secure.phabricator.com/D14079
2015-09-07 17:18:35 -07:00
epriestley
1fc60a9a6e Modularize Aphront exception handling
Summary:
Ref T1806. Ref T7173. Depends on D14047.

Currently, all exception handling is in this big messy clump in `AphrontDefaultApplicationConfiguration`.

Split it out into modular classes. This will let a future change add new classes in the Phacility cluster which intercept particular exceptions we care about and replaces the default, generic responses with more useful, tailored responses.

Test Plan:
{F777391}

- Hit a Conduit error (made a method throw).
- Hit an Ajax error (made comment preview throw).
- Hit a high security error (tried to edit TOTP).
- Hit a rate limiting error (added a bunch of email addresses).
- Hit a policy error (tried to look at something with no permission).
- Hit an arbitrary exception (made a randomc ontroller throw).

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T1806, T7173

Differential Revision: https://secure.phabricator.com/D14049
2015-09-03 10:04:42 -07:00
epriestley
20ce1a905f Replace AphrontUsageException with AphrontMalformedRequestException
Summary:
Ref T1806. Ref T7173. Context here is that I want to fix "you can not log in to this instance" being a confusing mess with an opaque error. To do this without hacks, I want to:

  - clean up some exception handling behavior (this diff);
  - modularize exception handling (next diff);
  - replace confusing, over-general exceptions with tailored ones in the Phacility cluster, using the new modular stuff.

This cleans up an awkward "AphrontUsageException" which does some weird stuff right now. In particular, it is extensible and extended in one place in Diffusion, but that extension is meaningless.

Realign this as "AphrontMalformedRequestException", which is a better description of what it is and does: raises errors before we can get as far as normal routing and site handling.

Test Plan: Hit some of these exceptions, saw the expected "abandon all hope" error page.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T1806, T7173

Differential Revision: https://secure.phabricator.com/D14047
2015-09-03 10:04:17 -07:00
epriestley
a13db0a3ec Allow Controllers to return a wider range of "response-like" objects
Summary:
Ref T1806. Ref T5752. Currently, `handleRequest()` needs to return an `AphrontResponse`, but sometimes it's really convenient to return some other object, like a Dialog, and let that convert into a response elsewhere.

Formalize this and clean up some of the existing hacks for it so there's less custom/magical code in Phabricator-specific classes and more general code in Aphront classes.

More broadly, I want to clean up T5752 before pursuing T9132, since I'm generally happy with how `SearchEngine` works except for how it interacts with side navs / application menus. I want to fix that first so a new Editor (which will have a lot in common with SearchEngine in terms of how controllers interact with it) doesn't make the problem twice as bad.

Test Plan:
  - Loaded a bunch of normal pages.
  - Loaded dialogs.
  - Loaded proxy responses (submitted empty comments in Maniphest).

Reviewers: chad

Reviewed By: chad

Subscribers: joshuaspence

Maniphest Tasks: T1806, T5752

Differential Revision: https://secure.phabricator.com/D14032
2015-09-01 15:52:52 -07:00
epriestley
bcc5e55af2 Push construction of routing maps into Sites
Summary:
This enables CORGI.

Currently, `AphrontSite` subclasses can't really have their own routes. They can do this sort of hacky rewriting of paths, but that's a mess and not desirable in the long run.

Instead, let subclasses build their own routing maps. This will let CORP and ORG have their own routing maps.

I was able to get rid of the `PhameBlogResourcesSite` since it can really just share the standard resources site.

Test Plan:
  - With no base URI set, and a base URI set, loaded main page and resources (from main site).
  - With file domain set, loaded resources from main site and file site.
  - Loaded a skinned blog from a domain.
  - Loaded a skinned blog from the main site.
  - Viewed "Request" tab of DarkConsole to see site/controller info.

Reviewers: chad

Reviewed By: chad

Differential Revision: https://secure.phabricator.com/D14008
2015-08-31 04:01:01 -07:00
epriestley
4b1815d6cc Add a "Startup" to DarkConsole
Summary: Ref T8588. It looks like something slow is happening //before// we start DarkConsole. Add some crude reporting to try to narrow it down.

Test Plan: {F743050}

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T8588

Differential Revision: https://secure.phabricator.com/D13956
2015-08-21 14:53:29 -07:00
Joshua Spence
2cf9ded878 Various linter fixes
Summary: Self explanatory.

Test Plan: `arc lint`

Reviewers: epriestley, #blessed_reviewers

Reviewed By: epriestley, #blessed_reviewers

Subscribers: Korvin

Differential Revision: https://secure.phabricator.com/D13863
2015-08-11 22:36:55 +10:00
epriestley
4b298c1c44 Merge branch 'master' into redesign-2015 2015-06-30 11:20:16 -07:00
epriestley
9eda21451a Let PhabricatorPlatformSite catch unconfigured requests
Summary: Fix T8717. If the install didn't configure base-uri, assume they want Phabricator; We'll later show the setup warning about it.

Test Plan: Set base-uri to something else, see short error. Delete it, see Phabricator.

Reviewers: laomoi, #blessed_reviewers, epriestley

Reviewed By: laomoi, #blessed_reviewers, epriestley

Subscribers: laomoi, epriestley, Korvin

Maniphest Tasks: T8717

Differential Revision: https://secure.phabricator.com/D13482
2015-06-30 07:24:06 -07:00
epriestley
262be61ee5 Merge branch 'master' into redesign-2015 2015-06-29 14:07:58 -07:00
epriestley
6b7183a762 Modularize Aphront "sites"
Summary:
Fixes T5702. The path here is long and windy:

  - I want to move `blog.phacility.com` to the new `secure` host.
  - That host has `security.require-https` set, which I want to keep set (before, this was handled in a sort of hacky way at the nginx/preamble level, but I've cleaned up everything else now).
  - Currently, that setting forces blogs to HTTPS too, which won't work.
  - To let blogs be individually configurable, we need to either modularize site config or make things hackier.
  - Modularize rather than increasing hackiness.
  - Also add a little "modules" panel in Config. See T6859. This feels like a reasonable middle ground between putting this stuff in Applications and burying it in `bin/somewhere`.

Test Plan:
  - Visited normal site.
  - Visited phame on-domain site.
  - Visited phame off-domain site.
  - Viewed static resources.

{F561897}

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: epriestley

Maniphest Tasks: T5702

Differential Revision: https://secure.phabricator.com/D13474
2015-06-29 14:04:48 -07:00
Chad Little
626c7bc906 [Redesign] Clean up AphrontDialog
Summary: Ref T8099, Cleans up UI issues, adds `appendList` and renders lists and paragraphs with Remarkup UI.

Test Plan: Test Policy Dialogs, other various dialogs.

Reviewers: btrahan, epriestley

Reviewed By: epriestley

Subscribers: epriestley, Korvin

Maniphest Tasks: T8099

Differential Revision: https://secure.phabricator.com/D13463
2015-06-29 12:49:21 -07:00
epriestley
bb58a123e6 Modularize Celerity postprocessors
Summary: Not sure if we want this, but it seems to work fine.

Test Plan: {F516736}

Reviewers: joshuaspence, chad

Reviewed By: joshuaspence, chad

Subscribers: joshuaspence, epriestley

Differential Revision: https://secure.phabricator.com/D13363
2015-06-20 06:10:42 -07:00
Joshua Spence
e270157fcb Fix a broken class name
Auditors: epriestley
2015-06-18 07:25:41 +10:00
Joshua Spence
4761cb8d73 Use PhutilInvalidStateException
Summary: Use `PhutilInvalidStateException` where appropriate.

Test Plan: Eyeball it.

Reviewers: epriestley, #blessed_reviewers

Reviewed By: epriestley, #blessed_reviewers

Subscribers: epriestley, Korvin

Differential Revision: https://secure.phabricator.com/D13327
2015-06-18 07:09:02 +10:00
epriestley
0fd0f171f1 Fix an undeclared property on AphrontPlainTextResponse
Auditors: joshuaspence
2015-06-15 07:05:03 -07:00
Joshua Spence
b6d745b666 Extend from Phobject
Summary: All classes should extend from some other class. See D13275 for some explanation.

Test Plan: `arc unit`

Reviewers: epriestley, #blessed_reviewers

Reviewed By: epriestley, #blessed_reviewers

Subscribers: epriestley, Korvin

Differential Revision: https://secure.phabricator.com/D13283
2015-06-15 18:02:27 +10:00
Joshua Spence
f47e69c015 Mark some strings for translation
Summary: Add some more `pht`izations.

Test Plan: Eyeball it.

Reviewers: epriestley, #blessed_reviewers

Reviewed By: epriestley, #blessed_reviewers

Subscribers: hach-que, Korvin, epriestley

Differential Revision: https://secure.phabricator.com/D13200
2015-06-09 23:06:52 +10:00
epriestley
e595478f1d Make policy violation dialog more flexible
Summary:
Ref T8424. When users are rejected because they can't see the space an object is in, this isn't really a capability rejection. Don't require a capability when rejecting objects.

This mostly simplifies upcoming changes.

Test Plan:
  - Viewed a capability exception dialog, it looked the same as always.
  - (After additional changes, viewed a space exception dialog.)

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: epriestley

Maniphest Tasks: T8424

Differential Revision: https://secure.phabricator.com/D13155
2015-06-04 17:45:51 -07:00
epriestley
a15444aa79 Remove PhabricatorStartup::getGlobal/setGlobal mechanism
Summary:
Ref T8424. Fixes T7114. This was envisioned as a per-request cache for reusing interpreters, but isn't a good fit for that in modern Phabricator.

In particular, it isn't loaded by the daemons, but they have equal need for per-request caching.

Since I finally need such a cache for Spaces, throw the old stuff away before I built a more modern cache.

Also resolves T7114 by dropping filtering on $_SERVER. I'm pretty sure this is the simplest fix, see D12977 for a bit more discussion.

Test Plan: Called `didFatal()` from somewhere in normal code and verified it was able to use the access log.

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: epriestley

Maniphest Tasks: T7114, T8424

Differential Revision: https://secure.phabricator.com/D13152
2015-06-04 17:26:52 -07:00
Joshua Spence
36e2d02d6e phtize all the things
Summary: `pht`ize a whole bunch of strings in rP.

Test Plan: Intense eyeballing.

Reviewers: #blessed_reviewers, epriestley

Reviewed By: #blessed_reviewers, epriestley

Subscribers: hach-que, Korvin, epriestley

Differential Revision: https://secure.phabricator.com/D12797
2015-05-22 21:16:39 +10:00
Joshua Spence
c896aeb62e Various linter fixes
Summary: Apply various linter fixes.

Test Plan: Unit tests + eyeballing.

Reviewers: #blessed_reviewers, epriestley

Reviewed By: #blessed_reviewers, epriestley

Subscribers: hach-que, Korvin, epriestley

Differential Revision: https://secure.phabricator.com/D12390
2015-05-20 07:27:41 +10:00
epriestley
db1cd65866 Allow setup checks to perform writes
Summary:
Fixes T8198. Currently, if the `policy.locked` configuration setting includes a value which is a user PHID, we may perform a cache fill during setup as a side effect of validating it.

Right now, there is no WriteGuard active during setup, because we don't have a Request object yet so we can't actually perform CSRF validation.

Two possible approaches are:

  # Prevent the write from occuring.
  # Change the code to allow the write.

In the past, I think we've hit similar cases and done (1). However, IIRC those writes were sketchier, more isolated, and easy to remove (I think there was one with PKCS8 keys). This one is pretty legit and not very easy to remove without making a bit of a mess.

There's no techncial reason we can't do (2), we just have to create a no-op WriteGuard for the setup phase.

Test Plan:
  - To reproduce this issue: set some value in `policy.locked` to a user PHID, then wipe out profile caches in the database, then restart the webserver.
  - Reproduced the issue.
  - Added the new dummy write guard, fixed a minor issue with disposal semantics (see D12841).
  - Verified this fixed the issue.
  - Added a `throw` to the real CSRF validator and performed a real write. Verified I got CSRF-blocked.
  - Removed a CSRF token from a form and double-checked that CSRF protection still works.

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: epriestley

Maniphest Tasks: T8198

Differential Revision: https://secure.phabricator.com/D12842
2015-05-14 10:39:28 -07:00
Joshua Spence
acb45968d8 Use __CLASS__ instead of hard-coding class names
Summary: Use `__CLASS__` instead of hard-coding class names. Depends on D12605.

Test Plan: Eyeball it.

Reviewers: #blessed_reviewers, epriestley

Reviewed By: #blessed_reviewers, epriestley

Subscribers: hach-que, Korvin, epriestley

Differential Revision: https://secure.phabricator.com/D12806
2015-05-14 07:21:13 +10:00
epriestley
59416a13e7 Add "request time" event and viewer and context data to Multimeter
Summary: Ref T6930. Only notable thing here is that I prevented non-admins from slicing down by viewing user, since it feels a little creepy to go see what pages you looked at, even though we only show which controllers you invoked. However, it feels important enough to be able to see users destorying the server with crazy requests to let admins see this data.

Test Plan: {F389718}

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: epriestley

Maniphest Tasks: T6930

Differential Revision: https://secure.phabricator.com/D12630
2015-05-01 13:20:30 -07:00
epriestley
7b6c320e15 Skeleton for "Multimeter", a performance sampling application
Summary:
Ref T6930. This application collects and displays performance samples -- roughly, things Phabricator spent some kind of resource on. It will collect samples on different types of resources and events:

  - Wall time (queries, service calls, pages)
  - Bytes In / Bytes Out (requests)
  - Implicit requests to CSS/JS (static resources)

I've started with the simplest case (static resources), since this can be used in an immediate, straghtforward way to improve packaging (look at which individual files have the most requests recently).

There's no aggregation yet and a lot of the data isn't collected properly. Future diffs will add more dimension data (controllers, users), more event and resource types (queries, service calls, wall time), and more display options (aggregation, sorting).

Test Plan: {F389344}

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: epriestley

Maniphest Tasks: T6930

Differential Revision: https://secure.phabricator.com/D12623
2015-05-01 13:19:43 -07:00
Bob Trahan
6aac9f99d7 Quicksand - get the dark console working properly with quicksand
Summary:
Fixes T7700.

This ends up being kind of tricky because

 - the key for a given request is only correct at the time the dark console is rendered
 - the dark console itself should contain every request made, as opposed to being drawn from scratch
 - in the case of a quicksand request, the behavior gets invoked first with the correctly rendered console as part of the `quicksand-redraw` event and then again shortly after as an ajax request would, except this is incorrect relative to when the key should be calculated...

So...

 - assume we can get away with concurrency between the `quicksand-redraw` event and ajax request invocation of the behavior
 - cache the right data as part of the `quicksand-redraw` event and then use it in the subsequent ajax call
   - make sure ajax config gets a 'quicksand' flag

...otherwise its somewhat standard make sure this behavior can be init'd a bunch stuff.

Test Plan: visited '/', visited '/differential/', visited '/DXXX' - observed correctly populating dark console with all sorts of good data stuff. navigated backwards and observed dark console staying the same as expected. navigated by clicking links and console updated again

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: Korvin, epriestley

Maniphest Tasks: T7700

Differential Revision: https://secure.phabricator.com/D12582
2015-04-27 16:10:36 -07:00
Bob Trahan
a903eb2def Quicksand - make things work properly with high security mode
Summary: Fixes T7064. We need to pass the quicksand magic request variable around and then instrument the javascript to handle quicksand page loads.

Test Plan:
Enabled two factor auth on my account and then

 - visited password page
 - filled out 2 factor auth request
 - saw high security bubble
 - clicked about still seeing high security bubble
 - refreshed page and still saw security bubble
 - dismissed bubble by following through workflow after clicking bubble

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: Korvin, epriestley

Maniphest Tasks: T7064

Differential Revision: https://secure.phabricator.com/D12536
2015-04-23 16:37:56 -07:00
Joshua Spence
b2c23d88e8 Implement HTTP response messages
Summary: Fixes T7486. Implement HTTP response messages such as `200 OK` and `404 Not Found`. The status codes were taken from http://www.w3.org/Protocols/rfc2616/rfc2616-sec10.html.

Test Plan: Navigated to `/foo` and saw the response showing `404 Not Found` in the Network tab of Chrome.

Reviewers: #blessed_reviewers, epriestley

Reviewed By: #blessed_reviewers, epriestley

Subscribers: Korvin, epriestley

Maniphest Tasks: T7486

Differential Revision: https://secure.phabricator.com/D12299
2015-04-07 07:41:32 +10:00