1
0
Fork 0
mirror of https://we.phorge.it/source/phorge.git synced 2024-11-29 10:12:41 +01:00
Commit graph

13592 commits

Author SHA1 Message Date
Valerio Bozzolan
6fe942a8f9 Add support for FIDO2-backed SSH keys
Summary:
U2F/FIDO are open standards for inexpensive two-factor authentication hardware that are widely used for website authentication.

These keys are available since OpenSSH 8.2 (2020-02-14).

https://www.openssh.com/txt/release-8.2

https://security.stackexchange.com/q/240991/260234

Ref Q96

Test Plan: Check the added keys. They exactly match the output of the command 'ssh -Q key'.

Reviewers: O1 Blessed Committers, antonia, avivey

Reviewed By: O1 Blessed Committers, antonia, avivey

Subscribers: avivey, tobiaswiese, Matthew, Cigaryno

Differential Revision: https://we.phorge.it/D25508
2024-01-08 19:07:54 +01:00
Andre Klapper
d92ed9ce0c Hide "Packages" field in Diffusion Commits query form when application uninstalled
Summary: Fixes T15698

Test Plan:
1. Uninstall Packages via `/applications/view/PhabricatorPackagesApplication/`
2. Go to `/diffusion/commit/`, expand the Query form, and see that `Packages` is not shown anymore

Reviewers: O1 Blessed Committers, 20after4

Reviewed By: O1 Blessed Committers, 20after4

Subscribers: tobiaswiese, valerio.bozzolan, Matthew, Cigaryno

Maniphest Tasks: T15698

Differential Revision: https://we.phorge.it/D25506
2024-01-06 16:26:01 +01:00
Andre Klapper
428f9686c4 Composing a custom project picture: Remove misaligned empty icon
Summary:
Do not assume that all items under `/resources/builtin/projects/` are image files (some can be subdirectories). Only add PNG files to the map.

Could be nicer to use `is_file()` or `is_dir()` but we are dealing only with string representations of files and folders.

Closes T15696

Test Plan: Go to `/project/picture/1/` and click the `Choose Icon and Color...` button; check last icon shown under "Choose Icon".

Reviewers: O1 Blessed Committers, valerio.bozzolan

Reviewed By: O1 Blessed Committers, valerio.bozzolan

Subscribers: tobiaswiese, valerio.bozzolan, Matthew, Cigaryno

Maniphest Tasks: T15696

Differential Revision: https://we.phorge.it/D25499
2023-12-27 17:39:28 +01:00
Kuba Orlik
be763d90ce Fix typo
Summary: This typo appeared in the docs and I thought I'd fix it

Test Plan: See that the typo at src/applications/config/option/PhabricatorCoreConfigOptions.php is gone

Reviewers: O1 Blessed Committers, speck

Reviewed By: O1 Blessed Committers, speck

Subscribers: speck, tobiaswiese, valerio.bozzolan, Matthew, Cigaryno

Differential Revision: https://we.phorge.it/D25496
2023-12-18 10:50:35 +01:00
Andre Klapper
fe1122bd4d Catch RuntimeException: mb_convert_encoding(): Illegal character encoding specified at PhabricatorTextDocumentEngine.php:73
Summary:
When given `$encoding` is invalid, catch the exception to show a proper error message and make the server logs provide more hints.

```
EXCEPTION: (RuntimeException) mb_convert_encoding(): Illegal character encoding specified at [<arcanist>/src/error/PhutilErrorHandler.php:261]
#0 <#2> PhutilErrorHandler::handleError(integer, string, string, integer, array) called at [<arcanist>/src/error/PhutilErrorHandler.php:261]
#1 <#2> mb_convert_encoding(string, string, string) called at [<phabricator>/src/applications/files/document/PhabricatorTextDocumentEngine.php:73]
```

Closes T15624

Test Plan: Open a URL which passes a bogus encoding value as parameter, like `/source/somerepository/browse/master/README.md?as=source&encode=TROLOLOL`

Reviewers: O1 Blessed Committers, valerio.bozzolan

Reviewed By: O1 Blessed Committers, valerio.bozzolan

Subscribers: Sten, tobiaswiese, valerio.bozzolan, Matthew, Cigaryno

Maniphest Tasks: T15624

Differential Revision: https://we.phorge.it/D25418
2023-12-17 11:42:21 +01:00
Aviv Eyal
2ba2cbaf9b Show Deprecation Warnings as Setup Warnings
Summary:
Capture Deprecation Warnings, collect them into cache, and show them as a Setup Issue for admins to see and report back to us.

This only captures a sample of the traces, so not to overwhelm users (and RAM. and us) with reports.

Requires D25388. Refs T15554.

Test Plan: Run some flows that are known to bring up Deprecation Warnings. See them as a Setup Issue! Click little triangles to see details.

Reviewers: O1 Blessed Committers, Matthew

Reviewed By: O1 Blessed Committers, Matthew

Subscribers: revi, Sten, tobiaswiese, valerio.bozzolan, Matthew, Cigaryno

Maniphest Tasks: T15554

Differential Revision: https://we.phorge.it/D25440
2023-12-08 17:55:18 +02:00
Waldir Pimenta
c49eeb235e Improve command line prompts in setup issue pages
Summary:
This is a follow-up to D25425, where these improvements to the CLI prompt markers were discussed.

Changes included in this revision:

- Build all prompts the same way
- Remove space after the prompt marker (add it via CSS instead)
- Add server path prefix
- Make the prompt unselectable

Test Plan:
- Visit any of the setup issue pages, e.g. <PHORGE_URL>/config/issue/auth.config-unlocked/ (after ensuring that the corresponding issue is present — in this case, by doing `./bin/auth unlock`)
- For example, Deactivate all PHP extensions to trigger each /config/issue/extension.gd/ etc.
- For example, update at least up to `dc10a7e69ea3` to see the database upgrade tip etc.
- Confirm that the command line prompts now include the path prefix
- Confirm that selecting the command via double-click (or click-and-drag) does not select the prompt

Reviewers: O1 Blessed Committers, valerio.bozzolan

Reviewed By: O1 Blessed Committers, valerio.bozzolan

Subscribers: tobiaswiese, valerio.bozzolan, Matthew, Cigaryno

Tags: #ux, #config

Differential Revision: https://we.phorge.it/D25466
2023-12-07 16:22:24 +00:00
Mukunda Modell
6c8329fb66 Include 'published' date of posts in Phame Atom feeds
Summary:
Metadata of Phame blog posts includes the 'updated' date of a blog post. Make them also include the original 'published' date.

Patch written by @20after4 from:

https://phabricator.wikimedia.org/rPHAB3de500bfc845759d6da82180df0adfc12f973463

Closes T15686

Test Plan:
* Go to the Atom feed of blog 1 at `/phame/blog/feed/1/` and look at this `<feed>`'s source
* Apply patch and do the same, see additional `<published>` entry just like the `<updated>`
* Edit the last blog post in blog 1, then check Atom feed and verify that the published and updated date stamp differ as expected

Reviewers: O1 Blessed Committers, valerio.bozzolan

Reviewed By: O1 Blessed Committers, valerio.bozzolan

Subscribers: tobiaswiese, valerio.bozzolan, Matthew, 20after4, Cigaryno

Maniphest Tasks: T15686

Differential Revision: https://we.phorge.it/D25490
2023-12-06 11:34:38 -08:00
Andre Klapper
acedbd022d Fix exception in Transaction Log after renaming Pholio Mock image: Call to undefined method PholioImageSequenceTransaction::renderHandleLink()
Summary:
Replace call to undefined `renderHandleLink()` with `renderHandle()`.

Additionally, pass `head_key($new)` instead of `key($new)`. This might not be needed strictly speaking for this very issue but should not harm either as several images in a mock can be renamed at once.

```
EXCEPTION: (Error) Call to undefined method PholioImageSequenceTransaction::renderHandleLink() at [<phorge>/src/applications/pholio/xaction/PholioImageSequenceTransaction.php:32]
```

Closes T15680

Test Plan:
* Rename the title of an image in a Pholio mock.
* Go to `/feed/transactions/query/all/` which now renders instead of showing an error, and shows two entries:
* `user renamed an image (newname.jpg) from oldname.jpg to newname.jpg.` and `user updated an image's (newname.jpg) sequence.`
(However, separate T15679 will still show up in the error log after this change.)

Reviewers: O1 Blessed Committers, speck

Reviewed By: O1 Blessed Committers, speck

Subscribers: speck, tobiaswiese, valerio.bozzolan, Matthew, Cigaryno

Maniphest Tasks: T15680

Differential Revision: https://we.phorge.it/D25482
2023-12-04 19:32:01 -08:00
Christopher Speck
99ee9357ef Updates for Mercurial's HTTP protocol
Summary:
While testing https://secure.phabricator.com/D21864 I ran into some issues getting mercurial HTTP access working. Using wireshark I confirmed that my local mercurial 6.4 was not including command arguments as HTTP headers but in the querystring.

I didn't dig too deep into understanding when/why this started happening. The protocol documents this in [[ https://repo.mercurial-scm.org/hg/file/tip/mercurial/helptext/internals/wireprotocol.txt | wireprotocol.txt ]].

>Command arguments can be sent multiple ways. The simplest is part of the URL query string using ``x-www-form-urlencoded`` encoding (see Python's ``urllib.urlencode()``. However, many servers impose length limitations on the URL. So this mechanism is typically only used if the server doesn't support other mechanisms.

Based on that either the mercurial on the server is really old (it's 6.1.1 tho) or maybe some other parsing/info passing in Phab's handling of the wire protocol is causing the client to downgrade the wire protocol support.

Cherry-picked from:

https://secure.phabricator.com/D21867

https://secure.phabricator.com/rP0b6e758978a9691bd5ad25db4aa4c4301640a9a9

Test Plan: Host mercurial repo using HTTP, test push/pull.

Reviewers: O1 Blessed Committers, valerio.bozzolan

Reviewed By: O1 Blessed Committers, valerio.bozzolan

Subscribers: tobiaswiese, Matthew, Cigaryno

Differential Revision: https://we.phorge.it/D25471
2023-11-30 20:16:03 -05:00
Andre Klapper
c3850a3c15 Fix PHP 8.1 "strlen(null)" exception removing custom alt text from image file
Summary:
`strlen()` was used in Phabricator to check if a generic value is a non-empty string.
This behavior is deprecated since PHP 8.1. Phorge adopts `phutil_nonempty_string()` as a replacement.

Note: this may highlight other absurd input values that might be worth correcting
instead of just ignoring. If phutil_nonempty_string() throws an exception in your
instance, report it to Phorge to evaluate and fix that specific corner case.

```
ERROR 8192: strlen(): Passing null to parameter #1 ($string) of type string is deprecated at [/var/www/html/phorge/phorge/src/applications/files/xaction/PhabricatorFileAltTextTransaction.php:59]
```

Closes T15678

Test Plan: Add and remove alt text on an image file; then go to `/feed/query/all/`

Reviewers: O1 Blessed Committers, speck

Reviewed By: O1 Blessed Committers, speck

Subscribers: tobiaswiese, valerio.bozzolan, Matthew, Cigaryno

Maniphest Tasks: T15678

Differential Revision: https://we.phorge.it/D25481
2023-11-28 14:52:00 +01:00
Matthew Bowker
4d4712b58d Remove Chatlog entirely
Summary:
This commit removes ChatLog entirely.  All of the application files are removed, and the migrations used are stubbed out. I stubbed the migrations as that allows for existing installs to make no changes, but new installs will not create the database.

Fixes T15126

Test Plan: Loaded up http://phorge.local/chatlog and confirmed the 404.  Loaded up http://phorge.local/applications/view/PhabricatorChatLogApplication and confirmed the 404.  Created a new database prefix and ran `bin/storage upgrade` against it, confirmed that the chatlog database was not created.  Restored another prefix (an old one) and ran `bin/storage upgrade` and confirmed database was not deleted.

Reviewers: O1 Blessed Committers, avivey

Reviewed By: O1 Blessed Committers, avivey

Subscribers: avivey, tobiaswiese, valerio.bozzolan, Cigaryno

Maniphest Tasks: T15126

Differential Revision: https://we.phorge.it/D25480
2023-11-27 11:38:37 -07:00
bob
cf8d5d60a5 Fix a PHP 8.1 deprecated use of strlen with a NULL argument in commit parser
Summary:
With PHP 8.1+ it is not possible to import a commit if the commiter field is not properly defined
Indeed, if the committer is not properly defined, strlen(null) is called, causing a deprecation warning, elevated to exception.
Using strlen() to check string validity is deprecated since PHP 8.1. Phorge adopts phutil_nonempty_string() as a replacement.

Fix T15629

Test Plan:
- Push a commit to an observed subversion repository
- Import it via the phorge/bin/repository reparse COMMIT_ID --importing
- The commit should be properly imported and available in Diffusion

Reviewers: O1 Blessed Committers, Sten, valerio.bozzolan

Reviewed By: O1 Blessed Committers, Sten, valerio.bozzolan

Subscribers: Sten, tobiaswiese, valerio.bozzolan, Matthew, Cigaryno

Maniphest Tasks: T15629

Differential Revision: https://we.phorge.it/D25423
2023-11-22 16:56:20 +01:00
bob
acfb44d667 Fix a PHP 8.1 deprecated use of strlen with a NULL argument on commit page
Summary:
With PHP 8.1+ it is not possible to view a commit if the author field is not properly defined
Indeed, if the commit author is not properly defined, strlen(null) is called, causing a deprecation warning, elevated to exception.
Using strlen() to check string validity is deprecated since PHP 8.1. Phorge adopts phutil_nonempty_string() as a replacement.

Fix T15628

Test Plan:
- Push a new commit on a subversion repository (since T15629 is not yet addressed)
- Visualize the commit
- You should not get a RuntimeException

Reviewers: O1 Blessed Committers, Sten, valerio.bozzolan

Reviewed By: O1 Blessed Committers, Sten, valerio.bozzolan

Subscribers: Sten, tobiaswiese, valerio.bozzolan, Matthew, Cigaryno

Maniphest Tasks: T15628

Differential Revision: https://we.phorge.it/D25422
2023-11-22 16:55:32 +01:00
bob
5bd5266461 Fix a PHP 8.1 deprecated use of strlen with a NULL argument
Summary:
This call prevents users to view a commit in subversion repositories
Indeed, if commiter and/or author field is not properly defined strlen is call with a NULL argument.
Using strlen to check string validity is deprecated since PHP 8.1, phorge adopts phutil_nonempty_string() as a replacement.

Note: this may highlight other absurd input values that might be worth correcting
instead of just ignoring. If phutil_nonempty_string() throws an exception in your
instance, report it to Phorge to evaluate and fix that specific corner case.

Fix T15610

Test Plan:
- Sign in (if needed)
- Open a diffusion SVN repository
- Open a commit without user name and or email
- You should be able to view the commit

Reviewers: O1 Blessed Committers, valerio.bozzolan

Reviewed By: O1 Blessed Committers, valerio.bozzolan

Subscribers: tobiaswiese, valerio.bozzolan, Matthew, Cigaryno

Maniphest Tasks: T15610

Differential Revision: https://we.phorge.it/D25400
2023-11-22 16:54:29 +01:00
Matthew Bowker
1b49165ddd Show more in Application Detail and List view
Summary:
Update the Application Detail view and List View to show a unified set of Badges (Deprecated, etc.), show PHIDs and Monograms on the Application Detail view, allow Applications to register Monograms.

Example of the page /applications/view/PhabricatorDiffusionApplication/:

{F393393}

T15568

Test Plan:
1. Visit /applications/ and see Deprecated badges etc.
2. Visit various Configure buttons from that list and see Monograms, Badges, PHIDs etc.
3. Enjoy screenshots in the comments of this Diff

Reviewers: O1 Blessed Committers, valerio.bozzolan, avivey, speck

Reviewed By: O1 Blessed Committers, valerio.bozzolan, avivey, speck

Subscribers: avivey, speck, tobiaswiese, valerio.bozzolan, Cigaryno

Differential Revision: https://we.phorge.it/D25362
2023-11-21 11:22:23 -07:00
Waldir Pimenta
a741f5d65c Change some instances of "phabricator" to "phorge"
Summary:
Just a small set of replacements in locations that seem innocuous (user-facing messages, documentation, etc.)

Ref T15006

Test Plan:
Nothing should change in terms of behavior. The places where these changes were made should now say "phorge".

Example tests:

- Manage a single User and click on Delete User and see the popup
- Run a test email and check the output
  ./bin/mail send-test --to username
- Visit /maniphest/, shift+click on at least 1 Task, click on Bulk Edit Selected,
  Continue, see the popup
- See the mentioned documentation with your big eyes. Eyes do not explode \o/

Reviewers: O1 Blessed Committers, valerio.bozzolan

Reviewed By: O1 Blessed Committers, valerio.bozzolan

Subscribers: tobiaswiese, valerio.bozzolan, Matthew, Cigaryno

Maniphest Tasks: T15006

Differential Revision: https://we.phorge.it/D25473
2023-11-18 22:14:15 +00:00
Andre Klapper
05f4d5071f Disallow webcrawlers to index Diffusion commits
Summary:
Phorge already sets `Disallow: /diffusion/` and `Disallow: /source/`.
Thus consequently also disallow accessing specific commits via `/r*`.
See https://secure.phabricator.com/T4610 for previous discussions.

Closes T15670

Test Plan:
Go to `/robots.txt` in the web browser.
Cross fingers that more webcrawlers abide by RFC 9309.

Reviewers: O1 Blessed Committers, speck

Reviewed By: O1 Blessed Committers, speck

Subscribers: tobiaswiese, valerio.bozzolan, Matthew, Cigaryno

Maniphest Tasks: T15670

Differential Revision: https://we.phorge.it/D25474
2023-11-17 08:45:30 +01:00
Andre Klapper
76ed0c7ff7 Disallow webcrawlers to follow Paste line number anchor links
Summary:
Paste provides line anchor links in every single line of a paste.
If webcrawlers follow these links, they index the very same Paste again.
Thus disallow in robots.txt to reduce unneeded traffic and indexing time.

Closes T15662

Test Plan:
Go to `/robots.txt` in the web browser.
Cross fingers that more webcrawlers abide by RFC 9309.

Reviewers: O1 Blessed Committers, valerio.bozzolan

Reviewed By: O1 Blessed Committers, valerio.bozzolan

Subscribers: tobiaswiese, valerio.bozzolan, Matthew, Cigaryno

Maniphest Tasks: T15662

Differential Revision: https://we.phorge.it/D25461
2023-11-16 11:00:32 +01:00
Andre Klapper
f42dd5819e Fix possible array to string conversion renaming Pholio Mockup image
Summary:
Premising that the `$old` and `$new` variables are 1-element arrays defined as PHID=>title,
this can cause `renderValue()` repeatedly fail when passing an array instead of its value.

Thus pass `head($old)` instead, to get the first value - that is the only one, even if you rename
multiple images (since this Transaction is about a single Mockup image).

Closes T15646

Test Plan:
* Have `phd` running
* Create a Pholio mockup with at least one image

Edit the Pholio mockup and:

1. rename the Titles of an image
2. rename a single Image
3. rename no image

No nuclear implosions. You still see a lovely Feed mentioning each rename.

Reviewers: O1 Blessed Committers, valerio.bozzolan

Reviewed By: O1 Blessed Committers, valerio.bozzolan

Subscribers: speck, tobiaswiese, valerio.bozzolan, Matthew, Cigaryno

Maniphest Tasks: T15646

Differential Revision: https://we.phorge.it/D25441
2023-11-16 10:42:15 +01:00
Valerio Bozzolan
775d141fe6 Audit Feed: less verbose when the author is the committer
Summary:
If the author and the committer are the same person, do not show them twice.

From:

    UsernameFoo committed <commit hash>: <commit msg> (authored by UsernameFoo).

To:

    UsernameFoo committed <commit hash>: <commit msg>

This only affects the feed.

| Before    | After  |
|-----------|-----------|
| {F342758} | {F342764} |

Closes T15528

Test Plan: Do some mixed commits and visit /feed/query/all/. No nuclear implosions.

Reviewers: O1 Blessed Committers, speck

Reviewed By: O1 Blessed Committers, speck

Subscribers: speck, tobiaswiese, Matthew, Cigaryno

Maniphest Tasks: T15528

Differential Revision: https://we.phorge.it/D25421
2023-11-15 13:57:16 +01:00
Andre Klapper
282e37aaf6 Do not expose Contact Numbers settings panel when no SMS support configured
Summary:
It's useless without SMS support and only exposed to the user themselves.

Closes T15486

Test Plan:
Before and after applying this patch,
* Try to access the list of your contact numbers at `/settings/panel/contact/`
* Try to access an existing, previously created contact number at `/auth/contact/1/`
* Try to add a contact number at `/auth/contact/edit/`
* Go to e.g. `/settings/panel/datetime` and check the "Authentication" section in the left sidebar for {nav icon=hashtag, name=Contact Numbers}

Reviewers: O1 Blessed Committers, speck

Reviewed By: O1 Blessed Committers, speck

Subscribers: speck, tobiaswiese, valerio.bozzolan, Matthew, Cigaryno

Maniphest Tasks: T15486

Differential Revision: https://we.phorge.it/D25452
2023-11-13 14:04:16 +01:00
Zero King
361fcd0cac Initialize static variable to make linter happy
Summary: Uninitialized variable defaults to 0 in this context. Make it explicit.

Test Plan: None. No functional change.

Reviewers: O1 Blessed Committers, speck

Reviewed By: O1 Blessed Committers, speck

Subscribers: tobiaswiese, valerio.bozzolan, Matthew, Cigaryno

Differential Revision: https://we.phorge.it/D25470
2023-11-13 08:52:00 +08:00
Zero King
4535e8753c Fix typo in DiffusionLowLevelGitRefQuery
Summary: $refs_types is undefined.

Test Plan: None. PhabricatorRepositoryRefCursor::TYPE_REF is not used with DiffusionLowLevelGitRefQuery.

Reviewers: O1 Blessed Committers, speck

Reviewed By: O1 Blessed Committers, speck

Subscribers: tobiaswiese, valerio.bozzolan, Matthew, Cigaryno

Differential Revision: https://we.phorge.it/D25468
2023-11-13 08:50:41 +08:00
Zero King
16d9cc12af Enforce viewable MIME types config on PDF documents
Summary:
Let instance admins decide whether to allow PDFs to be viewable as a Web page. See <5ec132bf9e>.

    MOZILLA: Instead of always allowing PDFs to be viewable in the web UI, [...]
    This checks that the PDF mimetype is viewable according to the system
    configuration.

Ref Q83.

Test Plan:
1. Set `files.viewable-mime-types` to exclude application/pdf.
2. Upload a pdf file.
3. See "No document engine can render the contents of this file." in web UI.

Reviewers: O1 Blessed Committers, speck

Reviewed By: O1 Blessed Committers, speck

Subscribers: speck, tobiaswiese, valerio.bozzolan, Matthew, Cigaryno

Differential Revision: https://we.phorge.it/D25464
2023-11-13 00:12:50 +08:00
David Lawrence
005fea5a14 Fix view policy inheritance on image transforms
Summary:
Inherit viewPolicy from original image in image transforms and warn about Profile transform making transformed images public. Details:

https://hackerone.com/reports/1984060

8358b435a9

Closes T15663

Test Plan:
1. Click {nav View Transforms} on an image file with restrictive view policy.
2. See (Image will be Public) warning on Profile transform.
3. Click on Workcard transform.
4. Go back to {nav View Transforms} page and visit the Workcard transformed file.
5. Check if its view policy matches the original file.

Reviewers: O1 Blessed Committers, speck

Reviewed By: O1 Blessed Committers, speck

Subscribers: speck, tobiaswiese, valerio.bozzolan, Matthew, Cigaryno

Maniphest Tasks: T15663

Differential Revision: https://we.phorge.it/D25462

Signed-off-by: Zero King <l2dy@icloud.com>
2023-11-12 07:09:10 +08:00
Andre Klapper
90f651d669 Add Diffusion policy capability "Can Edit and View Identities"
Summary:
Make it possible not to allow anyone to edit Diffusion identities.
Make it possible not to allow anyone to view other users' email addresses.

Closes T15443

Test Plan:
* As an admin, go to `/applications/view/PhabricatorDiffusionApplication/` and see new policy "Can Edit and View Identities" set to "All Users" (as implicitly before)
* As an admin, go to `/applications/view/PhabricatorDiffusionApplication/` and change "Can Edit and View Identities" from "All Users" to "Administrators"
* As a non-admin, go to `/diffusion/identity/` and try to select the disabled "Create Identity" button; get an error message clicking it due to lack of permissions
* Given there is at least one identity defined, as a non-admin, go directly to `/diffusion/identity/view/1/` and get "You do not have permission to view this object."
* Given there is at least one identity defined, as a non-admin, go directly to `/diffusion/identity/edit/1/` and get "You do not have permission to view this object."
* As a non-admin, go directly to `/diffusion/identity/edit/form/default/` and get "You do not have permission to edit this object."
* As a non-admin, go directly to `/diffusion/identity/` and get "No Identities found." instead of seeing the existing identities listed.
* As an admin, go to `/diffusion/identity/` and still see the existing identities listed.
* As an admin, go to `/diffusion/identity/`, select "Create Identity" to go to `/diffusion/identity/edit/` and see the "Create Identity" page (though broken; see T15453)
* As an admin, go to `/diffusion/identity/view/1/` and still see the existing identity.
* As an admin, go to `/diffusion/identity/edit/1/` and successfully edit the existing identity.

Reviewers: O1 Blessed Committers, speck, valerio.bozzolan

Reviewed By: O1 Blessed Committers, speck, valerio.bozzolan

Subscribers: speck, tobiaswiese, valerio.bozzolan, Matthew, Cigaryno

Maniphest Tasks: T15443

Differential Revision: https://we.phorge.it/D25450
2023-11-11 13:27:11 +01:00
Andre Klapper
87e9c936ad Make "git cat-file" exception messages include repository monogram/slug
Summary:
When throwing an exception related to output provided by `git cat-file`, include the repository monogram to allow potentially debugging in Git.

Closes T15661

Test Plan:
Unclear. Basically: "have a broken Git repository in Diffusion".
(However this patch changes a message only shown in case of an exception, so in the worst case we'd break the exception via an exception.)

Reviewers: O1 Blessed Committers, speck

Reviewed By: O1 Blessed Committers, speck

Subscribers: speck, tobiaswiese, valerio.bozzolan, Matthew, Cigaryno

Maniphest Tasks: T15661

Differential Revision: https://we.phorge.it/D25460
2023-11-10 11:40:04 +01:00
Waldir Pimenta
0729aa574b Remove mention of Phabricator in the Auth setup check
Summary:
The authentication setup check, available at <PHORGE_URL>/config/issue/auth.config-unlocked/,
contained a reference to Phabricator in the prompt of the command line hint to resolve the issue.
Similar checks only showed the prompt symbol, not the directory, so this one was changed to match.

Ref T15006

Test Plan:
- Run `./bin/auth unlock`
- Visit <PHORGE_URL>/config/issue/auth.config-unlocked/
- Notice that, with this patch, "phabricator" no longer appears in the prompt prefix
  for the suggested fix command at the end of the page.

Reviewers: O1 Blessed Committers, valerio.bozzolan, speck

Reviewed By: O1 Blessed Committers, valerio.bozzolan, speck

Subscribers: avivey, tobiaswiese, Matthew, valerio.bozzolan, Cigaryno

Maniphest Tasks: T15006

Differential Revision: https://we.phorge.it/D25425
2023-11-10 09:13:38 +00:00
Waldir Pimenta
8092d90c79 Adjust message in timezone conflict form
Summary:
This applies a suggestion initially proposed in
https://we.phorge.it/D25420#12264

Test Plan:
- Change your browser/system timezone to differ from your Phorge profile timezone
- Click the notice that Phorge shows at the bottom left about the timezone mismatch
- Confirm that the form text has been changed as per the diff in this revision

Reviewers: O1 Blessed Committers, valerio.bozzolan

Reviewed By: O1 Blessed Committers, valerio.bozzolan

Subscribers: aklapper, tobiaswiese, valerio.bozzolan, Matthew, Cigaryno

Differential Revision: https://we.phorge.it/D25458
2023-11-10 09:03:30 +00:00
Valerio Bozzolan
8507d3a950 Fix Exception in Chat room when you are not a Participant
Summary:
After this change you can lurk in public chats, and receive notifications, without crashing your planet.

Fix exception "Undefined index: PHID-USER-..." shown to newcomers when they are receiving messages
from a public Chat they are not members of.

Closes T15497

Test Plan:
- Have the Notification server (Aphlict) enabled and running.
  https://we.phorge.it/book/phorge/article/notifications/
- Be user Alice and visit a Conpherence Room. Alice must be not a participant.
- Be user Bob and send a message in that Room.

Now Alice does not see a crash anymore, but the message from Bob.

Reviewers: O1 Blessed Committers, speck

Reviewed By: O1 Blessed Committers, speck

Subscribers: speck, tobiaswiese, Matthew, Cigaryno

Maniphest Tasks: T15497

Differential Revision: https://we.phorge.it/D25408
2023-11-09 21:05:56 +01:00
Andre Klapper
dfa15726ea Fix cursor paging issue in Given Token query call
Summary:
The "Query" class for Given Token is missing a "withIDs()" method.

`Call to undefined method PhabricatorTokenGivenQuery::withIDs() at [PhabricatorCursorPagedPolicyAwareQuery.php:120]`

Closes T15652

Test Plan: Go to the Token page and pass a URL parameter, such as `/token/given/?after=3`

Reviewers: O1 Blessed Committers, speck

Reviewed By: O1 Blessed Committers, speck

Subscribers: speck, tobiaswiese, valerio.bozzolan, Matthew, Cigaryno

Maniphest Tasks: T15652

Differential Revision: https://we.phorge.it/D25455
2023-11-09 21:01:02 +01:00
Zero King
ce5e0f3e33 Fix doc link to Restarting Phorge
Summary: See Q81. Link to /diviner/find/ could not find the documentation because it was renamed to "Restarting Phorge".

Test Plan:
1. Uninstall optional PHP extension zip and restart Phorge
2. Vist /config/issue/ and click on a missing extension issue
3. Click on the documentation link to Restarting

Reviewers: O1 Blessed Committers, valerio.bozzolan, speck

Reviewed By: O1 Blessed Committers, valerio.bozzolan, speck

Subscribers: speck, tobiaswiese, valerio.bozzolan, Matthew, Cigaryno

Differential Revision: https://we.phorge.it/D25459
2023-11-09 19:33:59 +08:00
roberto.urbani
37ecdf2336 Improving UX for ignoring timezone conflicts
Summary:
When there is a new timezone conflict, you will be able to ignore it with a checkbox.
Fix T15349

Preview:

{F343198}

Test Plan: Having a conflicting timezone, click the notification so the usual popup appears. There is a checkbox, leave it checked to ignore the current conflict, uncheck to manually resolve the conflict by selecting one of the available timezones.

Reviewers: O1 Blessed Committers, valerio.bozzolan, avivey

Reviewed By: O1 Blessed Committers, valerio.bozzolan, avivey

Subscribers: speck, waldyrious, avivey, tobiaswiese, valerio.bozzolan, Matthew, Cigaryno

Maniphest Tasks: T15349

Differential Revision: https://we.phorge.it/D25420
2023-11-07 09:29:12 +01:00
Andre Klapper
887e344c19 Fix project page 404 after rename and removing new name from alias slugs
Summary:
When renaming a project to a slug already listed under Additional hashtags and explicitly also removing that to-become slug, accessing the project via the URL `/tag/projectname/` returned a 404 until someone added the current project name explicitly under "Additional hashtags" again.

In that case, do not remove the alternative hashtag to avoid the 404.

Closes T15636

Test Plan: See steps in https://we.phorge.it/T15636

Reviewers: O1 Blessed Committers, speck

Reviewed By: O1 Blessed Committers, speck

Subscribers: speck, tobiaswiese, valerio.bozzolan, Matthew, Cigaryno

Maniphest Tasks: T15636

Differential Revision: https://we.phorge.it/D25453
2023-11-05 13:18:15 +01:00
Andre Klapper
222a6fea0a Fix PHP 8.1 "strlen(null)" exception on Diffusion repo URIs page after repo creation
Summary:
`strlen()` was used in Phabricator to check if a generic value is a non-empty string.
This behavior is deprecated since PHP 8.1. Phorge adopts `phutil_nonempty_string()` as a replacement.

Note: this may highlight other absurd input values that might be worth correcting
instead of just ignoring. If phutil_nonempty_string() throws an exception in your
instance, report it to Phorge to evaluate and fix that specific corner case.

```
ERROR 8192: strlen(): Passing null to parameter #1 ($string) of type string is deprecated at [/var/www/html/phorge/phorge/src/applications/repository/storage/PhabricatorRepository.php:348]
```

Closes T15658

Test Plan: Create an empty new Git repository, go to its URIs management page.

Reviewers: O1 Blessed Committers, speck

Reviewed By: O1 Blessed Committers, speck

Subscribers: tobiaswiese, valerio.bozzolan, Matthew, Cigaryno

Maniphest Tasks: T15658

Differential Revision: https://we.phorge.it/D25454
2023-11-04 19:35:01 +01:00
Andre Klapper
d4b110af26 Remove unused variable $info in DiffusionCloneController.php
Summary:
Left-over from rPa6b550ba0394284441ee55d11e276a05eb568ad9

Closes T15655

Test Plan: Carefully read the source code file to look out for another appearance; after hours of fruitless searching get slightly disappointed.

Reviewers: O1 Blessed Committers, avivey

Reviewed By: O1 Blessed Committers, avivey

Subscribers: tobiaswiese, valerio.bozzolan, Matthew, Cigaryno

Maniphest Tasks: T15655

Differential Revision: https://we.phorge.it/D25451
2023-10-27 11:34:54 +02:00
Valerio Bozzolan
629fa368cb Calendar: fix creation of ICS Files
Summary:
It seems that, in an attempt to make ICS URI(s) editable, we broke the ability
to manually import ICS files. Whops.

The cause is, the URI needs to be put inside its dedicated import engine,
and not the general one.

Since the intention of T15137 was to be able to edit this field, we have done
that in the right way this time. So, you see the field, not just in creation mode.

Thanks to the kind aklapper for reporting.

Ref      T15137
Closes   T15619
Rollback 02a4f8b0c8

Test Plan:
- visit /calendar/import/ and:
- create/edit an ICS File Import (now works again)
- create/edit an ICS URI Import (still work)
- try looking at an "ICS Import page" as author (URI still visible)
- try looking at an "ICS Import page" without Edit permissions (URI still omitted correctly)

Reviewers: aklapper, O1 Blessed Committers, 20after4

Reviewed By: aklapper, O1 Blessed Committers, 20after4

Subscribers: 20after4, tobiaswiese, Matthew, Cigaryno

Maniphest Tasks: T15619, T15137

Differential Revision: https://we.phorge.it/D25448
2023-10-25 19:09:11 +02:00
sten
318d7a61fe Fix PhabricatorAuthCSRFEngine.php strncmp(null) PHP 8.1 error
Summary:
Update PhabricatorAuthCSRFEngine.php such that it doesn't fall over when provided with a null CSRF token under PHP 8.1

Fixes T15654

Test Plan: Do a POST request to phorge.

Reviewers: O1 Blessed Committers, valerio.bozzolan

Reviewed By: O1 Blessed Committers, valerio.bozzolan

Subscribers: tobiaswiese, valerio.bozzolan, Matthew, Cigaryno

Maniphest Tasks: T15654

Differential Revision: https://we.phorge.it/D25449
2023-10-25 11:03:39 +01:00
Andre Klapper
7b0021a03c Fix "Undefined index" exception setting Meme text
Summary:
`strlen()` was used in Phabricator to check if a generic value is a non-empty string.
This behavior is deprecated since PHP 8.1. Phorge adopts `phutil_nonempty_string()` as a replacement.

Note: this may highlight other absurd input values that might be worth correcting
instead of just ignoring. If phutil_nonempty_string() throws an exception in your
instance, report it to Phorge to evaluate and fix that specific corner case.

```
EXCEPTION: (RuntimeException) Undefined index: above at [<arcanist>/src/error/PhutilErrorHandler.php:251]
 arcanist(), phorge()
   #0 <#2> PhutilErrorHandler::handleError(integer, string, string, integer, array) called at [<phorge>/src/applications/macro/engine/PhabricatorMemeEngine.php:276]
```

Closes T15637

Test Plan:
Create a meme called "angrycat" from the /macro/ page, and try a comment like this, expecting no nuclear implosion:

    {meme, src=angrycat, below=}
    {meme, src=angrycat, above=}
    {meme, src=angrycat, below=, above=}
    {meme, src=angrycat, below=  , above=  }
    {meme, src=angrycat, below=asd}
    {meme, src=angrycat, above=asd}
    {meme, src=angrycat, above=asd, below=dsa}
    {meme, src=angrycat, above=   asd   , below=   dsa  }

Also carefully read the code with your big eyes, keeping in mind that strlen does not accept passing `null` in PHP 8, and looking at what we did in rPb4cfe56f03b44615ac9251aed8d74bf13b085051.

Reviewers: O1 Blessed Committers, valerio.bozzolan

Reviewed By: O1 Blessed Committers, valerio.bozzolan

Subscribers: tobiaswiese, valerio.bozzolan, Matthew, Cigaryno

Maniphest Tasks: T15637

Differential Revision: https://we.phorge.it/D25437
2023-10-24 09:58:36 +02:00
Valerio Bozzolan
2d635fb76e Dashboard Panel: fix first tab sometime not opened anymore
Summary:
After this change the first Tab ID is always selected, so we don't risk
to have no tabs opened by default under some corner cases.

This is vaguely better than the original logic that relied on the fact that
(0=="0") is true. Besides being a vaguely weird emoticon as well, now that
I look at it better.

Original logic:

https://we.phorge.it/source/phorge/browse/master/src/applications/dashboard/paneltype/PhabricatorDashboardTabsPanelType.php;c43618a3a8bb021936fad687f04cb1a95faa23e4$289

This fixes a regression that appeared in the cute Wikimedia Phabricator
(that now is really Wikimedia Phorge). Their homepage should be gorgeous again,
without blank space due to unopened silly tabs.

Closes T15651

Test Plan:
- Have a Tab Panel (/dashboard/panel/).
- Be sure that the first Tab is automatically selected (again?)

Reviewers: aklapper, O1 Blessed Committers, avivey

Reviewed By: O1 Blessed Committers, avivey

Subscribers: tobiaswiese, Matthew, Cigaryno

Maniphest Tasks: T15651

Differential Revision: https://we.phorge.it/D25447
2023-10-16 08:44:45 +02:00
Valerio Bozzolan
f727f17bc2 Fix regression in DiffusionDiffQueryConduitAPIMethod
Summary:
Fix the following error you may encounter in production:

    Too few arguments to function DiffusionDiffQueryConduitAPIMethod::getDefaultParser(), 0 passed in /var/www/phorge/src/applications/diffusion/conduit/DiffusionDiffQueryConduitAPIMethod.php on line 156 and exactly 1 expected

It was caused by the lack of a new mandatory parameter in a method.

Closes T15649

Test Plan: Check with your big eyes that a ConduitAPIRequest is passed to getDefaultParser().

Reviewers: avivey, O1 Blessed Committers, speck

Reviewed By: O1 Blessed Committers, speck

Subscribers: speck, tobiaswiese, Matthew, Cigaryno

Maniphest Tasks: T15649

Differential Revision: https://we.phorge.it/D25444
2023-10-10 07:16:15 +02:00
Andre Klapper
03afb97ff2 Correct Transaction text when changing Diffusion URI I/O type
Summary:
After changing the I/O type of a Diffusion repository URI, the transaction history incorrectly shows a message which talks about changing the URI's Display type instead.

Closes T15648

Test Plan: Change the I/O type of a Diffusion repo URI and look at that URIs history.

Reviewers: O1 Blessed Committers, avivey

Reviewed By: O1 Blessed Committers, avivey

Subscribers: tobiaswiese, valerio.bozzolan, Matthew, Cigaryno

Maniphest Tasks: T15648

Differential Revision: https://we.phorge.it/D25443
2023-09-28 09:19:55 +02:00
Valerio Bozzolan
903d71e67d Workboard: Milestone Name easily editable (instead of surfing 3 pages)
Summary:
After this change, a new input field "Milestone Name" appears in the "Edit" menu of a Milestone:

| Before    | After     |
|-----------|-----------|
| {F314008} | {F314005} |

So you can quickly change the name of your Milestones, from a Workboard.

Before this change, from a Workboard, this was the way to rename a Milestone:

1. click on the Milestone name (yes, that is a link)
2. click on Manage
3. click on Edit Details
4. rename
5. Save
6. Manually visit again the Project's Workboard

After this change, from a Workboard, you just need to:

1. click on Milestone > Edit
2. click on Edit Column
3. rename
4. Save

Example usage:

{F314015}

This does not change the level of permissions needed: if you have not enough
permissions to see or edit a Milestone, you cannot access this feature indeed.

In short, this is just a frontend change, keeping current policies as-is.

Closes T15143

Test Plan:
Create a Project or use an existing editable one.

Create a Milestone called "Test Milestone". You can create Milestones visiting the Project's menu {nav icon=sitemap,name=Subprojects > icon=plus,name=Create next milestone}

Visit the Project's Workboard. Find the column "Test Milestone". Click the Edit button on a Milestone, and:

- try to save another name: it must work
- try to save an empty name: nice error message shown
- try to save both the score points and the name: it must work
- try to save "FOO" as Points: you still see the error message

Also:

- do the same for the Backlog column: it still works (name still allowed to be empty)
- do the same for a "normal" Column (not the Backlog): it still work (name still __not__ allowed to be empty)

Reviewers: O1 Blessed Committers, Cigaryno, 20after4, waldyrious

Reviewed By: O1 Blessed Committers, Cigaryno, 20after4, waldyrious

Subscribers: waldyrious, brennen, aklapper, 20after4, speck, tobiaswiese, Matthew, Cigaryno

Maniphest Tasks: T15143

Differential Revision: https://we.phorge.it/D25066
2023-09-25 08:17:51 +02:00
sten
a0fb344b94 Fix PHP 8.1 auth view strlen(null) error
Summary:
Trying to view a Jira auth provider from https://my.phorge.site/auth/ results in strlen(): Passing null to parameter #1 ($string) of type string is deprecated

This change fixes it

Fixes T15634

Test Plan:
Go to https://my.phorge.site/auth/ and have a Jira already setup.
Click on Jira auth provider
Confirm the page is displayed and no error is generated.

Reviewers: O1 Blessed Committers, valerio.bozzolan

Reviewed By: O1 Blessed Committers, valerio.bozzolan

Subscribers: tobiaswiese, valerio.bozzolan, Matthew, Cigaryno

Maniphest Tasks: T15634

Differential Revision: https://we.phorge.it/D25432
2023-09-11 11:57:35 +01:00
sten
f7d9d95b79 Fix Diviner strlen(null) error when clicking on a link
Summary:
Fix issue whereby clicking on a link in Diviner (eg https://my.phorge.site/diviner/find/?name=Differential_User_Guide&type=article&jump=1) results in a strlen(null) error under PHP 8.1

Fixes T15635

Test Plan:
* Go into the Diviner differential page /book/phorge/article/differential/
* Click on the link to Differential User Guide: Inline Comments

Reviewers: O1 Blessed Committers, valerio.bozzolan

Reviewed By: O1 Blessed Committers, valerio.bozzolan

Subscribers: tobiaswiese, valerio.bozzolan, Matthew, Cigaryno

Maniphest Tasks: T15635

Differential Revision: https://we.phorge.it/D25433
2023-09-06 12:23:42 +01:00
sten
1720209f16 Various PHP 8.1 strlen(null) fixes for Dashboard Panels
Summary:
In the dashboard application (https://my.phorge.site/dashboard/), when creating panels, adding panels to tab panels, and viewing query panels, we get a variety of strlen(null) errors under PHP 8.1.

This fixes all the ones seen.

Fixes T15574

Test Plan: See T15574

Reviewers: O1 Blessed Committers, avivey

Reviewed By: O1 Blessed Committers, avivey

Subscribers: avivey, speck, tobiaswiese, valerio.bozzolan, Matthew, Cigaryno

Maniphest Tasks: T15574

Differential Revision: https://we.phorge.it/D25367
2023-09-05 17:33:11 +01:00
Benjamin Kausch
dc10a7e69e Implement ferret engine in typeahead datasource query for repos
Summary:
This broadens the typeahead datasource search for repos. Before this patch a repository named "Alligator Simulator" would not be found with the search string "simu...". This is patched with the ferret engine search and indexing features.

See T15583

Test Plan: Create repositories with titles with 2 or more words. Search for these repos with the global typeahead search. The search term should begin with the second/third/n-th word of the repo title.

Reviewers: O1 Blessed Committers, avivey

Reviewed By: O1 Blessed Committers, avivey

Subscribers: avivey, tobiaswiese, valerio.bozzolan, Matthew, Cigaryno

Maniphest Tasks: T15583

Differential Revision: https://we.phorge.it/D25430
2023-09-04 09:48:41 +02:00
Andre Klapper
68c687affd Fix call to undefined method PhutilJSON::encodeAsObject()
Summary:
Replace call to undefined method `PhutilJSON::encodeAsObject()` with existing `PhutilJSON::encodeFormatted()`

```
EXCEPTION: (Error) Call to undefined method PhutilJSON::encodeAsObject() at [<phabricator>/src/applications/transactions/xaction/PhabricatorEditEngineDefaultTransaction.php:68]
```

Closes T15603

Test Plan: Grep and read the code in https://we.phorge.it/source/arcanist/browse/master/src/parser/PhutilJSON.php

Reviewers: O1 Blessed Committers, valerio.bozzolan

Reviewed By: O1 Blessed Committers, valerio.bozzolan

Subscribers: tobiaswiese, valerio.bozzolan, Matthew, Cigaryno

Maniphest Tasks: T15603

Differential Revision: https://we.phorge.it/D25391
2023-09-02 11:13:06 +02:00
Aviv Eyal
69c64c1e83 Teach Commit View about Encoding
Summary:
If the user specifies a text encoding via the "View Options" dropdown, respect this choice.
Ref Q68.

Test Plan: Play with the Encoding button in the view

Reviewers: O1 Blessed Committers, valerio.bozzolan

Reviewed By: O1 Blessed Committers, valerio.bozzolan

Subscribers: tinloaf, speck, tobiaswiese, valerio.bozzolan, Matthew, Cigaryno

Differential Revision: https://we.phorge.it/D25360
2023-08-31 11:00:11 -07:00