1
0
Fork 0
mirror of https://we.phorge.it/source/phorge.git synced 2024-11-13 10:22:42 +01:00
Commit graph

383 commits

Author SHA1 Message Date
epriestley
a22bea2a74 Apply lint rules to Phabricator
Summary: Mostly applies a new call spacing rule; also a few things that have slipped through via pull requests and such

Test Plan: `find src/ -type f -name '*.php' | xargs -n16 arc lint --output summary --apply-patches`

Reviewers: chad

Reviewed By: chad

CC: aran

Differential Revision: https://secure.phabricator.com/D5002
2013-02-19 13:33:10 -08:00
Evan Priestley
dea1a9585c Merge pull request #237 from dmrenie/master
Fix 'View Full Commit History' link
2013-02-14 07:25:47 -08:00
Evan Priestley
60cb9e1cfb Merge pull request #267 from taichi/escape_file_path
escape svn repository file paths.
2013-02-14 07:00:29 -08:00
epriestley
ef7f16180c Restore merge of phutil_tag. 2013-02-13 14:51:18 -08:00
epriestley
73cce6e131 Revert "Promote phutil-tag again"
This reverts commit 8fbabdc06d, reversing
changes made to 2dab1c1e42.
2013-02-13 14:08:57 -08:00
epriestley
4bd2ad9270 Merge branch 'master' into phutil_tag
Auditors: vrana
2013-02-13 12:42:57 -08:00
vrana
718d22d607 Convert Remarkup to safe HTML
Test Plan: None.

Reviewers: epriestley

CC: aran, Korvin

Maniphest Tasks: T2432

Differential Revision: https://secure.phabricator.com/D4919
2013-02-13 12:34:49 -08:00
vrana
5ad526942b Convert AphrontPanelView to safe HTML (except children)
Summary: Fixes some double escaping and potential XSS.

Test Plan: Looked at homepage.

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, Korvin

Maniphest Tasks: T2432

Differential Revision: https://secure.phabricator.com/D4917
2013-02-13 10:30:32 -08:00
taichi
21ddd3a73f escape svn repository file paths. 2013-02-13 19:30:11 +09:00
vrana
80fb84bd94 Convert PhabricatorTransactionView to safe HTML
Test Plan: Looked at revision detail with comments.

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, Korvin

Differential Revision: https://secure.phabricator.com/D4915
2013-02-11 19:01:20 -08:00
vrana
868ca71451 Fix some HTML problems
Summary: I'm too lazy to attaching them for diffs where they were introduced.

Test Plan:
/
/D1, wrote comment with code snippet
DarkConsole
commit detail, wrote comment
task detail, wrote comment

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, Korvin

Maniphest Tasks: T2432

Differential Revision: https://secure.phabricator.com/D4911
2013-02-11 18:18:26 -08:00
vrana
c9ab1fe505 Return safe HTML from all render()
Summary:
This is pretty brutal and it adds some `phutil_safe_html()`.
But it is a big step in the right direction.

Test Plan: None.

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, Korvin

Maniphest Tasks: T2432

Differential Revision: https://secure.phabricator.com/D4905
2013-02-11 18:18:18 -08:00
vrana
37b98450a5 Replace array_interleave() by phutil_implode_html()
Summary:
I like this abstraction better.
Result of `phutil_implode_html()` may be also used as a param of `hsprintf()`.

Test Plan: None.

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, Korvin

Differential Revision: https://secure.phabricator.com/D4904
2013-02-11 15:27:43 -08:00
vrana
a22ef4e9b4 Kill most of phutil_escape_html()
Summary:
This resolves lots of double escaping.
We changed most of `phutil_render_tag(, , $s)` to `phutil_tag(, , $s)` which means that `$s` is now auto-escaped.
Also `pht()` auto escapes if it gets `PhutilSafeHTML`.

Test Plan: None.

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, Korvin

Maniphest Tasks: T2432

Differential Revision: https://secure.phabricator.com/D4889
2013-02-11 15:27:38 -08:00
epriestley
ca0d6aca10 Add separate exception for when the repository clone is unreadable.
Summary: Show a more specific exception when the local clone cannot be read because of permission issues.

Test Plan: Create a repository in an unreadable location and check for the right exception.

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, Korvin

Maniphest Tasks: T2368

Differential Revision: https://secure.phabricator.com/D4868
2013-02-11 08:35:00 -08:00
vrana
9b8da73765 Convert AphrontTableView to safe HTML
Summary:
Lots of killed `phutil_escape_html()`.

Done by searching for `AphrontTableView` and then `$rows` (usually) backwards.

Test Plan:
Looked at homepage.

  echo id(new AphrontTableView(array(array('<'))))->render();

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, Korvin

Differential Revision: https://secure.phabricator.com/D4884
2013-02-09 15:11:38 -08:00
vrana
059920c2da Convert AphrontErrorView to safe HTML
Summary: Done by searching for `AphrontErrorView` and then `appendChild()`.

Test Plan:
Looked at Commit Detail.
Looked at Revision Detail.

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, Korvin

Maniphest Tasks: T2432

Differential Revision: https://secure.phabricator.com/D4843
2013-02-07 17:26:01 -08:00
epriestley
11bb8db970 Merge branch 'master' into phutil_tag
(Sync.)
2013-02-07 08:08:01 -08:00
vrana
2f508bf0dc Delete some phutil_safe_html()
Test Plan: Displayed revision.

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, Korvin

Maniphest Tasks: T2432

Differential Revision: https://secure.phabricator.com/D4829
2013-02-05 15:52:48 -08:00
Bob Trahan
1d0058abcf Update PeopleMenu to only show integration with applications if they are installed
Summary: do so via event engine. note different order now...

Test Plan: toggled "show beta applications" to off and noted that Conpherence disappeared. Otherwise noted that links showed.

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, Korvin

Maniphest Tasks: T2424

Differential Revision: https://secure.phabricator.com/D4708
2013-02-05 13:46:02 -08:00
epriestley
8f1311bbc1 Merge branch 'master' into phutil_tag
(Final sync.)
2013-02-05 10:23:16 -08:00
epriestley
af1f57b37a Add a preference to completely disable the file tree
Summary:
See D4812.

  - This preference disables the file tree completely.
  - It defaults off, so users who want it will have to go turn it on.
  - Maybe slightly cleaner would be doing this if the tree was hidden and then ajaxing it in if you press "F", but that's complicated and I don't want to bother.
  - Generally, I think this element is useful to something like 5% of users and not useful to 95%.

Test Plan: Enabled and disabled file tree. Looked at commits and revisions; verified they reflected the setting correctly.

Reviewers: vrana

Reviewed By: vrana

CC: aran

Differential Revision: https://secure.phabricator.com/D4813
2013-02-04 17:00:27 -08:00
vrana
34c51a61b5 Delete preference for Diffusion symbols
Summary:
We are doing a better job in 1) of D3069#3 and 2) is just dumb.
Let's see if someone notices this change.

Test Plan: /settings/panel/display/

Reviewers: nh, epriestley

Reviewed By: epriestley

CC: aran, Korvin

Differential Revision: https://secure.phabricator.com/D4789
2013-02-04 11:38:22 -08:00
epriestley
0f1bdbe147 Merge branch 'master' into phutil_tag
(Sync.)
2013-02-04 06:19:52 -08:00
vrana
5459af3bdd Fix dynamic string usage as safe input
Test Plan:
  $ arc lint

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, Korvin

Differential Revision: https://secure.phabricator.com/D4796
2013-02-02 16:20:29 -08:00
vrana
6e95901161 Convert phutil_render_tag() to phutil_tag() for inline comments
Test Plan:
Looked at file with lint errors in Diffusion.

I've also tried inline comments in Differential but it failed.
I'll try it again after you land all your diffs.

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, Korvin

Maniphest Tasks: T2432

Differential Revision: https://secure.phabricator.com/D4755
2013-02-02 05:15:30 -08:00
vrana
01236dcaf0 Use PhutilNumber in translations
Summary: It's a little bit confusing that you couldn't use %d but kind of expected taken that the number will be formatted so it's not a number anymore.

Test Plan: /paste/

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, Korvin

Differential Revision: https://secure.phabricator.com/D4764
2013-01-31 09:11:01 -08:00
epriestley
7f43826854 render_tag -> tag: fix more callsites (more view, misc)
Summary: Fixes even more callsites.

Test Plan: See inlines.

Reviewers: vrana

Reviewed By: vrana

CC: aran

Maniphest Tasks: T2432

Differential Revision: https://secure.phabricator.com/D4749
2013-01-31 09:08:02 -08:00
epriestley
5256731262 Don't show changes for commits which affect more than 1,000 files
Summary: @nh, does this do something reasonable on merges? We can refine the behavior ('click to show all 92 million files'), but I want to make sure it's at least feasible before we pursue it.

Test Plan: Set 1000 to "3" and looked at a change which touched 6 files.

Reviewers: nh, vrana, zjwsoft

Reviewed By: nh

CC: aran

Differential Revision: https://secure.phabricator.com/D4730
2013-01-30 12:01:49 -08:00
epriestley
c1bcccb227 Always render comment panel in Diffusion commit view
Summary: I'm going to stop showing changes for commits which touch 30,000 files, but still want to show the comment panel.

Test Plan: Looked at commits, saw comments. Mashed "Z"; haunted mode worked.

Reviewers: nh, vrana

Reviewed By: nh

CC: aran

Differential Revision: https://secure.phabricator.com/D4729
2013-01-30 12:01:07 -08:00
epriestley
40547030a5 render_tag -> tag: PropertyListView
Summary: Converts callsites in PropertyListView (addDetail() and setTextContent()).

Test Plan: Grepped for PhabricatorPropertyListView, addDetail() and setTextContent().

Reviewers: vrana

Reviewed By: vrana

CC: aran

Maniphest Tasks: T2432

Differential Revision: https://secure.phabricator.com/D4695
2013-01-29 11:01:47 -08:00
epriestley
edfcd7bd2d render_tag -> tag: phame, remarkup
Summary: Converts various callsites from render_tag variants to tag variants.

Test Plan: See inlines.

Reviewers: vrana, btrahan

Reviewed By: vrana

CC: aran

Maniphest Tasks: T2432

Differential Revision: https://secure.phabricator.com/D4689
2013-01-28 18:44:15 -08:00
epriestley
fb6dbd7d3a Convert more render_tag -> tag
Summary: Mostly straightforward.

Test Plan: Browsed most of the affected interfaces.

Reviewers: vrana, btrahan

Reviewed By: vrana

CC: aran

Maniphest Tasks: T2432

Differential Revision: https://secure.phabricator.com/D4687
2013-01-28 18:41:43 -08:00
epriestley
a1ff679f41 Fix AphrontCrumbView (phutil_tag)
Summary: Proper fix is to do some layout work in Diffusion. Short of that, make this escape properly.

Test Plan: Viewed various crumbs, no more overescaping for non-diffusion crumbs.

Reviewers: vrana

Reviewed By: vrana

CC: aran

Differential Revision: https://secure.phabricator.com/D4641
2013-01-25 17:07:07 -08:00
epriestley
3093d1663d Add javelin_tag(), convert easy callsites
Summary:
  - Implements `javelin_tag()`, which is `javelin_render_tag()` on top of `phutil_tag()` instead of `phutil_render_tag()`.
  - Manually converts all or almost all of the trivial callsites.

Test Plan:
  - Site does not seem any more broken than before.

Reviewers: vrana

Reviewed By: vrana

CC: aran

Differential Revision: https://secure.phabricator.com/D4639
2013-01-25 12:57:17 -08:00
vrana
fc6838b890 Fix double escaping after D4638
Auditors: epriestley
2013-01-25 12:05:03 -08:00
vrana
3c1b8df8ae Convert simple phutil_render_tag() to phutil_tag()
Summary: Done manually.

Test Plan: Loaded homepage.

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, Korvin

Differential Revision: https://secure.phabricator.com/D4509
2013-01-24 19:30:50 -08:00
vrana
20768d65d5 Convert phutil_render_tag(X, Y, '...') to phutil_tag
Summary:
Created with spatch:

  lang=diff
  - phutil_render_tag
  + phutil_tag
    (X, Y, '...')

Then searched for `&` and `<` in the output and replaced them.

Test Plan: Loaded homepage.

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, Korvin

Differential Revision: https://secure.phabricator.com/D4503
2013-01-24 19:20:27 -08:00
vrana
48561a8b1f Convert phutil_render_tag(X, Y, phutil_escape_html(Z)) to phutil_tag
Summary:
Created with spatch:

  lang=diff
  - phutil_render_tag
  + phutil_tag
    (X, Y,
  - phutil_escape_html(
    Z
  - )
    )

Test Plan: Loaded homepage

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, Korvin

Differential Revision: https://secure.phabricator.com/D4501
2013-01-24 19:08:55 -08:00
vrana
f8dbfdd59d Convert phutil_render_tag(X, Y) to phutil_tag
Summary:
Created with spatch:

  lang=diff
  - phutil_render_tag
  + phutil_tag
    (X, Y)

(and null manually)

Test Plan: Loaded homepage

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, Korvin

Differential Revision: https://secure.phabricator.com/D4500
2013-01-24 19:08:54 -08:00
vrana
c9870b12ae Don't add trailing slash to Search Owners link
Test Plan: Clicked it.

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, Korvin

Differential Revision: https://secure.phabricator.com/D4609
2013-01-24 10:33:13 -08:00
vrana
b3fa5492b4 Allow blaming of seemingly binary files in SVN
Summary:
Fixes T2388.
We check for binarity later.

Test Plan: Blamed file with 'application/x-shellscript' MIME type.

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, Korvin

Maniphest Tasks: T2388

Differential Revision: https://secure.phabricator.com/D4605
2013-01-23 15:22:03 -08:00
vrana
ffd46df597 Avoid error in blaming empty file
Summary: Fixes T2389, resolves TODO.

Test Plan: Blamed seemingly binary file.

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, Korvin

Maniphest Tasks: T2389

Differential Revision: https://secure.phabricator.com/D4604
2013-01-23 15:21:08 -08:00
epriestley
70a2a653ff Revert D4359 and apply a better fix
Summary:
In D4359 I fixed an error with 'lint' in SVN repositories, but created an error with the 'lint' column in Javascript. Specifically, when we load the column information over Ajax, we now always include a 'lint' key, even if there is no lint column.

Instead, access the 'lint' property conditionally (so SVN works) but don't include the key if there's no data (so Javascript works).

Test Plan: Loaded SVN, non-SVN non-lint, non-SVN+lint repositories. Everything appeared to work correctly.

Reviewers: asherkin, codeblock

Reviewed By: codeblock

CC: aran

Differential Revision: https://secure.phabricator.com/D4578
2013-01-22 12:26:52 -08:00
epriestley
1f7e9bcadd Don't throw an exception for partially imported commits
Summary: Fixes T2243. We recently added the FileTreeView to Diffusion commits. However, if the page doesn't have any changesets (e.g., it has an error message instead, like "this commit hasn't imported yet"), we fail to build a file tree. In this case, don't try to build one.

Test Plan: Looked at not-imported and imported commits in Diffusion, saw proper rendering/crumbs and no exceptions.

Reviewers: btrahan, chad, vrana

Reviewed By: chad

CC: aran

Maniphest Tasks: T2243

Differential Revision: https://secure.phabricator.com/D4562
2013-01-21 07:45:42 -08:00
Debarghya Das
b801ca8e6f Author Can Close Audit Option
Summary: Fixes T2339

Test Plan: Close Audit button does not appear if audit.can-author-close-audit option is disabled

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, Korvin

Maniphest Tasks: T2339

Differential Revision: https://secure.phabricator.com/D4525
2013-01-18 17:54:26 -08:00
vrana
00f730d6e9 Delete unused code in Diffusion browse file
Test Plan: Browsed a file.

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, Korvin

Differential Revision: https://secure.phabricator.com/D4508
2013-01-18 08:37:52 -08:00
epriestley
0e612c910b Sort repositories in Diffusion by name, not creation order
Summary: Ref T2298. This seems like the least complicated reasonable order to implement.

Test Plan: Looked at repositories, saw them ordered by name.

Reviewers: vrana, btrahan, brennantaylor

Reviewed By: btrahan

CC: aran

Maniphest Tasks: T2298

Differential Revision: https://secure.phabricator.com/D4395
2013-01-16 10:51:08 -08:00
epriestley
b04a6a1999 Diffusion / MetaMTA options
Summary: Implement Diffusion MetaMTA options. Also make the fake '{{config.option}}' rule work, and use Remarkup to render summaries as well as descriptions.

Test Plan: Looked at Diffusion rules, edited some, looked at setup issues, verified '{{config.option}}' linked to the right option.

Reviewers: codeblock, btrahan

Reviewed By: codeblock

CC: aran

Maniphest Tasks: T2255

Differential Revision: https://secure.phabricator.com/D4466
2013-01-16 09:08:13 -08:00
vrana
f74c2bb138 Optimize displaying info about lint messages
Summary:
Log of some FB paths takes over 10 seconds.
We query two logs only to get accurate message about lint info which is not that important.

Test Plan: Displayed and clicked on it.

Reviewers: nh, epriestley

Reviewed By: epriestley

CC: aran, Korvin

Differential Revision: https://secure.phabricator.com/D4429
2013-01-15 17:59:06 -08:00