1
0
Fork 0
mirror of https://we.phorge.it/source/phorge.git synced 2024-11-09 16:32:39 +01:00
Commit graph

129 commits

Author SHA1 Message Date
epriestley
e146958217 Generate QR codes for TOTP tokens
Summary: Ref T4398. I found a reasonable-ish LGPLv3 library for doing this, which isn't too huge or unwieldy.

Test Plan:
  - Scanned QR code with Authy.
  - Scanned QR code with Google Authenticator.

{F149317}

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: epriestley

Maniphest Tasks: T4398

Differential Revision: https://secure.phabricator.com/D8923
2014-05-01 10:23:11 -07:00
Hangjun Ye
48f6bd9fea Changed default timeout of smtp from 10s to 60s.
Summary:
Our smtp server responded slowly sometimes and reached the timeout, but actually
it had sent the email successfully. The mta then retried and sent duplicated
emails. So changed to a bigger default value.

Test Plan: Tested in our deployed and it worked

Reviewers: #blessed_reviewers, epriestley

Reviewed By: #blessed_reviewers, epriestley

Subscribers: epriestley, Korvin

Differential Revision: https://secure.phabricator.com/D8852
2014-04-24 04:59:22 -07:00
Bob Trahan
67326bb47a Fix phpmailer-lite bug
Summary: Fixes T4417. In this particular codepath, the lovely CreateHeader already added the to: information, so no need to slap it on the front all ghetto style.

Test Plan: imma push this live and test (I am lazy and don't want to configure amazon ses)

Reviewers: epriestley

CC: Korvin, epriestley, aran

Maniphest Tasks: T4417

Differential Revision: https://secure.phabricator.com/D8288
2014-02-20 17:24:51 -08:00
epriestley
02aa193cb0 Add a common password blacklist
Summary:
Fixes T4143. This mitigates the "use a botnet to slowly try to login to every user account using the passwords '1234', 'password', 'asdfasdf', ..." attack, like the one that hit GitHub.

(I also donated some money to Openwall as a thanks for compiling this wordlist.)

Test Plan:
  - Tried to register with a weak password; registered with a strong password.
  - Tried to set VCS password to a weak password; set VCS password to a strong password.
  - Tried to change password to a weak password; changed password to a strong password.

Reviewers: btrahan

Reviewed By: btrahan

CC: aran, chad

Maniphest Tasks: T4143

Differential Revision: https://secure.phabricator.com/D8048
2014-01-23 14:01:18 -08:00
James Rhodes
4c143ad3b2 Phragment v0
Summary: Ref T4205.  This is an initial implementation of Phragment.  You can create and browse fragments in the system (but you can't yet view a fragment's patches / history).

Test Plan: Clicked around and created fragments.

Reviewers: epriestley, #blessed_reviewers

Reviewed By: epriestley

CC: Korvin, epriestley, aran

Maniphest Tasks: T4205

Differential Revision: https://secure.phabricator.com/D7726
2013-12-07 12:43:49 +11:00
Brooke Bryan
8af2f0d755 Fix undefined property in Amazon SES
Summary:
When sending an email through ses, the body property on the response object is not set, throwing a notice.  This causes the system to assume a messsage failure, and requeues the email.

As the email is actually delivered, it causes an email bomb :(

Message Undefined property: stdClass::$body
#0 /sidekick/phabricator/phabricator/externals/amazon-ses/ses.php(571): PhutilErrorHandler::handleError(8, 'Undefined prope...', '/sidekick/phabr...', 571, Array)
#1 [internal function]: SimpleEmailServiceRequest->__responseWriteCallback(Resource id #290, '<SendRawEmailRe...')
#2 /sidekick/phabricator/phabricator/externals/amazon-ses/ses.php(526): curl_exec(Resource id #290)
#3 /sidekick/phabricator/phabricator/externals/amazon-ses/ses.php(267): SimpleEmailServiceRequest->getResponse()
#4 /sidekick/phabricator/phabricator/src/applications/metamta/adapter/PhabricatorMailImplementationAmazonSESAdapter.php(33): SimpleEmailService->sendRawEmail('To: brooke.brya...')
#5 /sidekick/phabricator/phabricator/externals/phpmailer/class.phpmailer-lite.php(502): PhabricatorMailImplementationAmazonSESAdapter->executeSend('To: brooke.brya...')
#6 /sidekick/phabricator/phabricator/src/applications/metamta/adapter/PhabricatorMailImplementationPHPMailerLiteAdapter.php(91): PHPMailerLite->Send()
#7 /sidekick/phabricator/phabricator/src/applications/metamta/storage/PhabricatorMetaMTAMail.php(631): PhabricatorMailImplementationPHPMailerLiteAdapter->send()
#8 /sidekick/phabricator/phabricator/src/applications/metamta/management/PhabricatorMailManagementSendTestWorkflow.php(130): PhabricatorMetaMTAMail->sendNow()
#9 /sidekick/phabricator/libphutil/src/parser/argument/PhutilArgumentParser.php(396): PhabricatorMailManagementSendTestWorkflow->execute(Object(PhutilArgumentParser))
#10 /sidekick/phabricator/libphutil/src/parser/argument/PhutilArgumentParser.php(292): PhutilArgumentParser->parseWorkflowsFull(Array)
#11 /sidekick/phabricator/phabricator/scripts/mail/manage_mail.php(28): PhutilArgumentParser->parseWorkflows(Array)
#12 {main}

Test Plan: Send a test email through SES mail provider running on php 5.5

Reviewers: epriestley, #blessed_reviewers

Reviewed By: epriestley

CC: Korvin, epriestley, aran, btrahan

Differential Revision: https://secure.phabricator.com/D7660
2013-11-26 12:52:38 -08:00
epriestley
435134f7eb Strip +x from some WePay files
Summary: I opened a pull request to fix this in the WePay upstream, see
<https://github.com/wepay/PHP-SDK/pull/13>. Fix it here too now until that
gets pulled.

Auditors: btrahan
2013-11-12 17:48:47 -08:00
epriestley
09be177376 Update WePay API to HEAD
Summary: This is mostly to pick up the LICENSE file for packaging purposes,
but also fixes a bug I reported.

Auditors: btrahan
2013-11-06 14:05:29 -08:00
epriestley
f88a2b735d Remove spurious "+x" from files that shouldn't have it
Summary: We have a bunch of files with +x that aren't actually executable.
Remove +x from PNGs, etc.
2013-10-05 05:18:17 -07:00
Cam Spiers
66450698ba Provide clearer syntax highlighting for phame posts. Including background colour, overflow scrolling and border. Also support for tt tag differentiation
Summary: Clode blocks are now much clearer in blog posts with the usage of a bg color, border and scrolling for overflowing content

Test Plan: Create a phame post with a code block and see the visual difference

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, Korvin, chad

Differential Revision: https://secure.phabricator.com/D6320
2013-07-03 06:25:45 -07:00
epriestley
d20f4f6f20 Update S3 external library
Summary:
This fixes at least two issues with the S3 library on newer versions of cURL/PHP:

  - NOTICE: PHP message: [2013-07-02 22:15:54] ERROR 8: curl_setopt(): CURLOPT_SSL_VERIFYHOST with value 1 is deprecated and will be removed as of libcurl 7.28.1. It is recommended to use value 2 instead at [/core/lib/phabricator/externals/s3/S3.php:1744]
  - `$this->request->body` was appended to without initializing it, which rasies an error on PHP 5.5.0.

I looked over the rest of the changes briefly and they all seem reasonable-ish.

Test Plan:
  - Uploaded a file to S3.
  - Downloaded a file from S3.
  - Deleted a file from S3.
  - Checked error logs for anything suspicious.

Reviewers: btrahan

Reviewed By: btrahan

CC: aran

Differential Revision: https://secure.phabricator.com/D6349
2013-07-02 18:55:08 -07:00
epriestley
49ef13e876 Add WePay as a one-time payment provider
Summary:
Ref T2787.

I //think// we could also use WePay as a recurring payment provider, but this is somewhat messy (OAuth + requires account) -- basically it's "add a WePay account" instead of "add a credit card".

The WePay checkout workflow is a bit upsell-y but basically reasonable.

I like that their API just has a `request($method, $params)` method instead of 30,000 lines of methods for each request type. I did hit one bug; I'll send a pull for that.

Test Plan: Got as far as the charge callback in testing; the rest isn't implemented for any provider yet.

Reviewers: btrahan, vrana, chad

Reviewed By: btrahan

CC: aran

Maniphest Tasks: T2787

Differential Revision: https://secure.phabricator.com/D5982
2013-05-21 15:34:46 -07:00
epriestley
0569218201 Use JsShrink if jsxmin is not available
Summary: If `jsxmin` is not available, use a pure PHP implementation instead (JsShrink).

Test Plan:
  - Ran `arc lint --lintall` on all JS and fixed every relevant warning.
  - Forced minification on and browsed around the site using JS behaviors. Didn't hit anything problematic.

Reviewers: vrana, btrahan

Reviewed By: vrana

CC: aran, Korvin

Differential Revision: https://secure.phabricator.com/D5670
2013-05-18 17:04:22 -07:00
epriestley
23786784ef Add Balanced Payments API
Summary: Adds the Balanced PHP API to externals/. Ref T2787.

Test Plan: Used in next diff.

Reviewers: btrahan, chad

Reviewed By: chad

CC: aran, aurelijus

Maniphest Tasks: T2787

Differential Revision: https://secure.phabricator.com/D5764
2013-04-25 09:47:30 -07:00
epriestley
1e6deff8ba Don't use deprected "1" value to cURL CURLOPT_SSL_VERIFYHOST
Summary: Fixes T2962. That task discusses this issue.

Test Plan: Read php-curl documentation to verify this change makes sense. Sent an email with SES.

Reviewers: btrahan, garoevans

Reviewed By: garoevans

CC: aran

Maniphest Tasks: T2962

Differential Revision: https://secure.phabricator.com/D5669
2013-04-12 08:10:22 -07:00
epriestley
95f57756aa Move all external JS into webroot/rsrc/externals
Summary:
Currently, Celerity map rebuilds on Windows don't put Stripe or Raphael into the map. Move them into `webroot/rsrc/externals/` so they get picked up.

At some point we should maybe let the mapper load resources from mulitple locations, but this is more straightforward for now.

See https://github.com/facebook/phabricator/issues/294

Test Plan: Rebuilt map, verified Burnup Rate + Stripe work.

Reviewers: vrana, btrahan

Reviewed By: btrahan

CC: aran

Differential Revision: https://secure.phabricator.com/D5661
2013-04-11 10:06:05 -07:00
epriestley
9ca2bb991c Use ExecFuture to raise sendmail error codes out of PHPMailer
Summary:
Ref T2843. We currently drop any stdout/stderr emitted by sendmail. Instead, use `ExecFuture` so we'll throw an exception with debugging information preserved.

@tido, can you apply this and restart the daemons?

Test Plan: Rests on @tido

Reviewers: tido, btrahan

Reviewed By: btrahan

CC: aran

Maniphest Tasks: T2843

Differential Revision: https://secure.phabricator.com/D5464
2013-03-30 15:51:32 -07:00
Jakub Vrana
4d2cf457d4 Add space in header tags
Test Plan: Double clicked on the last word of title. Tag wasn't selected.

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, Korvin

Differential Revision: https://secure.phabricator.com/D5462
2013-03-30 10:10:30 -07:00
Jakub Vrana
1ee7bbe305 Move Javelin to webroot
Summary:
This is a major pain on Windows and the main reason why Phabricator doesn't work there and is hard to fix.
The sad part is that Windows support symlinks (via `MKLINK`) but Git on Windows doesn't use them.

Test Plan: Loaded Phabricator on Windows without JS errors.

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, Korvin

Differential Revision: https://secure.phabricator.com/D5458
2013-03-28 05:18:57 +00:00
epriestley
17b9ac41f1 Treat keyCode 10 as "return" in JX.Event
Summary: Fixes T2753. Return is sent as either 10 or 13, depending on browser and OS. See, e.g. [[ http://code.google.com/p/chromium/issues/detail?id=79407 | this Chromium issue ]].

Test Plan: @cystorm confirmed this patch fixes the issue on his system.

Reviewers: btrahan, codeblock

Reviewed By: codeblock

CC: cystorm, aran

Maniphest Tasks: T2753

Differential Revision: https://secure.phabricator.com/D5381
2013-03-19 10:57:54 -07:00
epriestley
34db006c4b Attempt to fix IE8 mixed content warning. 2013-02-26 08:00:20 -08:00
epriestley
26f8e76ee2 When an image is too wide in Pholio, scale it down
Summary:
Currently, if an image is too wide for the viewport, we freak out. Instead, scale it down.

This means we must also scale down all the rectangles on it, which is why this is tricky. However, all the draw/load separation has made it reasonably straightforward.

We'll possibly need to add some kind of "view full size" thing. I'm planning to add an element which shows "85%" or whatever if it's currently scaled.

Test Plan:
Before:

{F33607}

After:

{F33608}

Reviewers: chad, ljalonen

Reviewed By: chad

CC: aran

Differential Revision: https://secure.phabricator.com/D5088
2013-02-23 06:28:34 -08:00
epriestley
49c40d209d Tokens v1
Summary:
Features!

  - Giving tokens.
  - Taking tokens back.
  - Not giving tokens.

Test Plan: See screenshots.

Reviewers: chad, vrana

Reviewed By: chad

CC: aran, btrahan

Maniphest Tasks: T2541

Differential Revision: https://secure.phabricator.com/D4964
2013-02-15 07:47:14 -08:00
epriestley
0f1bdbe147 Merge branch 'master' into phutil_tag
(Sync.)
2013-02-04 06:19:52 -08:00
Lauri-Henrik Jalonen
209bf71b32 Add isNormalMouseEvent() to Javelin
Summary:
Added isNormalMouseEvent() that returns true if left mouse button triggered event click, mousedown or mouseup.
Modified isNormalMouseClick() to use new function.

Test Plan: Verified that new function works for click, mousedown and mouseup events.

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, Korvin

Maniphest Tasks: T2475

Differential Revision: https://secure.phabricator.com/D4778
2013-02-01 08:48:27 -08:00
epriestley
fc4cb57357 Fix JSON encoding of PhutilSafeHTML for browser consumption
Summary:
If you run this code:

  json_encode(array('tag' => phutil_tag('div', array())));

...you get this result, because json_encode() does not call toString() on objects:

  {"tag":{}}

Instead, convert such objects to their underlying strings. Javelin has support for JX.HTML and for implicit conversion (which is kind of sketchy for other reasons) but it's sort of complicated (only happens on Ajax, not behaviors) and messy (not metadata-based), so ignore it for now.

We'll need to do something similar for serialization to the database. My plan there is just to throw on any objects. The only time we put HTML in the database is cache-related and those tiny number of callsites can manually handle it.

Test Plan: Various ajax things now receive the correct data.

Reviewers: vrana

Reviewed By: vrana

CC: aran

Maniphest Tasks: T2432

Differential Revision: https://secure.phabricator.com/D4684
2013-01-28 18:11:27 -08:00
epriestley
07767fda00 Use direct inclusion, not submodules, to bring Javelin into Phabricator
Summary:
Submoduling is slightly convenient for developers but hellishly difficult for many users. Since we make about a dozen updates to Javelin per year, just include the source directly.

Even if we run `git submodule status` more often, this creates additional problems for users with PATH misconfigured.

Fixes T2062 by nuking it from orbit.

Test Plan: Loaded site, browsed around. Grepped for references to submodules.

Reviewers: btrahan, vrana

CC: aran

Maniphest Tasks: T2062

Differential Revision: https://secure.phabricator.com/D4581
2013-01-22 12:43:55 -08:00
Bob Trahan
2b0526e9f9 one more phame tweak for better social sharing -- make sure $uri is the full uri
Summary: basically when we're on a page we have a URIPath so set that and pass it over. I wasn't super duper happy with this but it seems to be the best way to pass this data.

Test Plan: verified the og:url was correct on my dev instance of phacility blog for both the main blog and individual post view

Reviewers: epriestley

Reviewed By: epriestley

CC: chad, aran, Korvin

Differential Revision: https://secure.phabricator.com/D4269
2012-12-21 13:46:23 -08:00
epriestley
b116861b16 Add draft support to ApplicationTransactions
Summary:
When previewing, save drafts. When loading objects, restore drafts if they are available.

Depends on: D665

Test Plan:
  - Viewed a Mock.
  - Typed text into the comment box.
  - Reloaded the page.
  - Text still there.
  - Hit submit, got my comment.
  - Reloaded the page.
  - Draft correctly deleted.
  - Repeated for Macros.

Reviewers: btrahan, chad, vrana

Reviewed By: btrahan

CC: aran

Maniphest Tasks: T2104

Differential Revision: https://secure.phabricator.com/D4252
2012-12-21 05:57:14 -08:00
epriestley
eeb97db283 Fix EncodeQ implementation in PHPMailer, and provide SSL/TLS options
Summary:
See f5c2a2ab4b (commitcomment-2333247)

Copy of working implementation from PHPMailerLite.

Also expose the SSL/TLS options.

Test Plan: Switched to this mailer, configured Gmail SMTP, sent email. Verified email arrived intact.

Reviewers: btrahan, vrana

Reviewed By: btrahan

CC: aran, mbeck

Differential Revision: https://secure.phabricator.com/D4239
2012-12-20 11:11:15 -08:00
Hangjun Ye
f5c2a2ab4b Support SMTP as the mailer.
Summary:
Support SMTP as the mailer and user could turn on SMTP authentication if needed.
Import PHPMailer as PHPMailerLite doesn't support SMTP.

Make class PhabricatorMailImplementationPHPMailerAdapter final.

Test Plan: N/A

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, Korvin

Maniphest Tasks: T2139

Differential Revision: https://secure.phabricator.com/D4063
2012-12-09 02:37:02 -08:00
epriestley
d9fd43704f Improve Lightbox behavior for nonstandard clicks
Summary:
When users middle click or command-click an image, we should open it in a new tab, not open a lightbox.

See https://github.com/facebook/phabricator/issues/234

Test Plan: Left, middle, and command-clicked a lightbox image.

Reviewers: vrana, chad, btrahan

Reviewed By: vrana

CC: aran

Differential Revision: https://secure.phabricator.com/D4020
2012-11-22 08:25:13 -08:00
epriestley
7138427a05 Modify Celerity to emit required resources on Ajax responses
Summary: Companion diff to D4003.

Test Plan: Rigged up a response which loaded a CSS file with `body { background: red; }`, verified page turned red after I clicked the button.

Reviewers: vrana, chad, btrahan

Reviewed By: chad

CC: aran

Maniphest Tasks: T2086

Differential Revision: https://secure.phabricator.com/D4004
2012-11-21 08:37:01 -08:00
epriestley
e0cc277d5f Fix mask positioning and use mask classes in lightbox
Summary: See D3795 / D3797. Also made the mask darker.

Test Plan: Mask now sizes properly on window resize in all browsers / mask uses.

Reviewers: btrahan

Reviewed By: btrahan

CC: aran

Differential Revision: https://secure.phabricator.com/D3798
2012-10-23 11:39:33 -07:00
epriestley
a3ffab6205 Use JX.Request.setRawData()
Summary:
See D3727.

@paulshen, these are the only callsites we have in Phabricator so we can remove `setFile()` once it's clear on the Facebook side.

Test Plan: Uploaded a file with drag and drop.

Reviewers: paulshen, vrana, mnml0

Reviewed By: mnml0

CC: aran

Differential Revision: https://secure.phabricator.com/D3769
2012-10-20 10:53:51 -07:00
epriestley
26f7425ee2 Allow blog resources to be served without Celerity
Summary:
Allow skins to serve arbitrary resources without needing to be mapped, so we can have a vibrant community of amateur skinners.

For "basic" skins, just put all the "css/" on the page always.

Includes an image to prove that works.

@vrana, pretty sure this has no impact outside of Phame but it does change Celerity so it might be to blame if there's any weirdness with static resources.

Test Plan:
{F21341}
{F21340}

Reviewers: btrahan

Reviewed By: btrahan

CC: aran

Maniphest Tasks: T1373

Differential Revision: https://secure.phabricator.com/D3719
2012-10-17 08:37:05 -07:00
epriestley
b3ad8507af Allow simple template-based skin definitions
Summary:
Lower the barrier to entry for installing and creating skins, so we can kill Wordpress. You can now install skins by dropping them into a directory, and build either "advanced" (full phutil library) skins or "basic" (simple PHP templates) skins.

Next up is getting static resources working in an easy way for skins.

I put these in `externals/` for now so they don't get hit by lint.

Test Plan: Viewed the Pokeblog with the Oblivious skin.

Reviewers: btrahan

Reviewed By: btrahan

CC: aran

Maniphest Tasks: T1373

Differential Revision: https://secure.phabricator.com/D3717
2012-10-17 08:36:48 -07:00
epriestley
5b7616ad6e Update Javelin to D3573
Summary: Pull in the latest version of Javelin.

Test Plan: Used application typeahead on a ":8080" install, got sent to the right URI.

Reviewers: btrahan

Reviewed By: btrahan

CC: aran

Differential Revision: https://secure.phabricator.com/D3584
2012-10-01 14:09:33 -07:00
vrana
8481f7ef09 Don't open symbols on double click
Summary:
My average double click speed is 10 ms but I tried to double click as I think normal people double clicks and it was around 200 ms.
I don't want to make the timeout much longer because it looks like that something doesn't work.

Test Plan:
Double clicked on symbol.
Clicked on symbol.

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, Korvin

Differential Revision: https://secure.phabricator.com/D3509
2012-09-17 16:08:53 -07:00
vrana
bde2c7ffc6 Update Javelin 2012-06-08 16:16:41 -07:00
epriestley
7b5f47b17d Enforce upload size limits and transport exceptions with appropriate response encoding
Summary:
  - When a user uploads an oversized file, throw an exception.
  - When an uncaught exception occurs during a Conduit request, return a Conduit response.
  - When an uncaught exception occurs during a non-workflow Ajax request, return an Ajax response.

Test Plan:
  - Uploaded overlarge files.
  - Hit an exception page with ?__ajax__=1 and ?__conduit__=1

Reviewers: btrahan, vrana, jungejason

Reviewed By: btrahan

CC: aran

Maniphest Tasks: T875, T788

Differential Revision: https://secure.phabricator.com/D2385
2012-05-07 06:17:00 -07:00
vrana
6c0e22b3a3 Support IE8
Test Plan:
View revision in Chrome.
View revision in Firefox.
View revision in IE8.

Reviewers: epriestley

Reviewed By: epriestley

CC: aran

Differential Revision: https://secure.phabricator.com/D2251
2012-04-17 11:01:30 -07:00
epriestley
1db0dadbcf Minor, use preg_replace_callback() in PHPMailerLite. See D2147.
Auditors: btrahan, vrana, 20after4
2012-04-16 07:05:41 -07:00
epriestley
f7b569e5d9 Don't use "/e" in PHPMailer Lite
Summary: PHP 5.4 raises an E_STRICT warning about "/e", and it's a generally awful idea, even though this case doesn't look exploitable. Silence the warning by using preg_replace_callback() instead of "/e".

Test Plan: Sent myself a message with a bunch of multibyte UTF8 characters in it, it came through cleanly.

Reviewers: btrahan, vrana, jungejason

Reviewed By: vrana

CC: aran

Maniphest Tasks: T1056

Differential Revision: https://secure.phabricator.com/D2147
2012-04-08 10:02:16 -07:00
Bob Trahan
cc586b0afa For discussion -- Stripe integration
Summary:
various stripe stuff, including

- external stripe library
- payment form
- test controller to play with payment form, sample business logic

My main questions / discussion topics are...

- is the stripe PHP library too big? (ie should I write something more simple just for phabricator?)
-- if its cool, what is the best way to include the client? (ie should I make it a submodule rather than the flat copy here?)
- is the JS I wrote (too) ridiculous?
-- particularly unhappy with the error message stuff being in JS *but* it seemed the best choice given the most juicy error messages come from the stripe JS such that the overall code complexity is lowest this way.
- how should the stripe JS be included?
-- flat copy like I did here?
-- some sort of external?
-- can we just load it off stripe servers at request time? (I like that from the "if stripe is down, stripe is down" perspective)
- wasn't sure if the date control was too silly and should just be baked into the form?
-- for some reason I feel like its good to be prepared to walk away from Stripe / switch providers here, though I think this is on the wrong side of pragmatic

Test Plan: - played around with sample client form

Reviewers: epriestley

Reviewed By: epriestley

CC: aran

Differential Revision: https://secure.phabricator.com/D2096
2012-04-04 16:09:29 -07:00
epriestley
84c40a732e Minor, don't minify raphael.js since it doesn't survive it
Auditors: btrahan
2012-04-02 12:09:04 -07:00
epriestley
43bd76336c Use Javelin placeholders and new sorting rules broadly; consolidate tokenizer construction code
Summary:
  - We have three nearly-identical blocks of Tokenizer construction code; consolidate them into Prefab.
  - Add placeholder support.
  - Augment server-side stuff to specify placeholder text.

Test Plan: Verified behavior of Differential edit tokenizers, Differential comment tokenizers, Maniphest edit tokenizers, Maniphest comment tokenizers, Maniphest filter tokenizers, Differential filter tokenizers, Owners filter tokenizers, Owners edit tokenizers, Herald edit tokenizers, Audit filter tokenizers.

Reviewers: btrahan

Reviewed By: btrahan

CC: aran, epriestley

Maniphest Tasks: T772, T946

Differential Revision: https://secure.phabricator.com/D1844
2012-03-09 15:46:39 -08:00
epriestley
492d047a49 Improve tokenizer sorting rules
Summary:
Currently, we sort all results alphabetically. This isn't ideal. Instead, sort them like this:

  - If the viewing user appears in the list, always sort them first. This is common in a lot of contexts and some "Ben Evans" guy is sorting first on secure.phabricator.com and causing me no end of aggravation.
  - If the tokens match a "priority" component (e.g., username), sort that before results which do not have a "priority" match.
  - Within a group (self, priority, everything else) sort tokens alphabetically.

NOTE: I need to go add setUser() to all the tokenizers to make the "self" rule work, but that's trivial so I figured I'd get this out first.

Test Plan:
https://secure.phabricator.com/file/data/4s2a72l5hhyyqqkq4bnd/PHID-FILE-x2r6ubk7s7dz54kxmtwx/Screen_Shot_2012-03-07_at_9.18.03_AM.png

Previously, "aaaaaepriestley" (first alphabetic match) would sort before "epriestley" (the viewing user). Now, "epriestley" sorts first because that is the viewer.

https://secure.phabricator.com/file/data/rmnxgnafz42f23fsjwui/PHID-FILE-yrnn55jl3ysbntldq3af/Screen_Shot_2012-03-07_at_9.18.09_AM.png

Previously, "aaaagopher" (first alphabetic match) would sort before "banana" (the "priority" match). Now, "banana" sorts first because it priority matches on username.

Reviewers: btrahan

Reviewed By: btrahan

CC: aran, epriestley

Maniphest Tasks: T946

Differential Revision: https://secure.phabricator.com/D1807
2012-03-07 13:17:44 -08:00
epriestley
41a265b464 Update Javelin and packaging
Summary:
  - Update the Javelin submodule to pick up recent fixes (like D1749).
  - Update the package definitions do do a slightly better job of packaging
resources.

Test Plan:
Up and down work in tokenizers now. Pages load slightly fewer
resources.

Reviewers: vrana, btrahan

Reviewed By: btrahan

CC: aran, epriestley

Maniphest Tasks: T927

Differential Revision: https://secure.phabricator.com/D1751
2012-03-01 17:23:00 -08:00
vrana
97144c0932 Support paste file uploads
Summary:
This is so freaking cool that I will try to implement it also on Facebook.
Idea is from
http://strd6.com/2011/09/html5-javascript-pasting-image-data-in-chrome/.
I don't know how to properly detect support but lying about it is not a big
deal.

Test Plan:
Go to revision comment textarea.
Paste some text data - works as usual.
Paste some image data in Chrome - file is uploaded and a link to it is inserted.

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, epriestley

Differential Revision: https://secure.phabricator.com/D1681
2012-02-23 16:36:58 -08:00
epriestley
bf3dd8663c Add "buoyant" headers to Differential
Summary:
As you scroll through a diff, add a fixed-position header to the top of the
document to provide context. This is particularly useful with keyboard
navigation.

The technical implementation is that we seed the document with invisible
markers. When the user scrolls past one, we show a header with that text until
they scroll past another.

Test Plan:
Scrolled through a revision, was presented with context.

https://secure.phabricator.com/file/data/5xhh2jmoon6ukr5qjkh3/PHID-FILE-463ituscyhyw7utnox7m/Screen_Shot_2012-02-22_at_2.48.19_PM.png

Reviewers: btrahan

Reviewed By: btrahan

CC: aran, epriestley

Maniphest Tasks: T696

Differential Revision: https://secure.phabricator.com/D1673
2012-02-23 12:26:14 -08:00
epriestley
228c3781a2 Add gRaphael charting library
Summary:
I typed up like 30 pages here and then got my soul crushed by T895, but here's
the summary:

I looked at several charting libraries. There aren't very many that seem to be
any good and have an open-source license.

I also want the charts to be scriptable in JS so we can add good interactivity
where appropriate.

Raphael is an SVG drawing library which seems very solid. gRaphael is a charting
library on top of Raphael that is a lot less solid, but seems kind of OK.

Overall, I think this selection gives us a lot of flexibility, although we'll
have to pay some costs up front. I'd rather do that then get limited later,
though.

That said, I'm open to other suggestions here if anyone has experience or wants
to take a different stab at researching things.

This is largely for @vii and D1643.

Test Plan: Created a basic, fairly OK chart (see next revision).

Reviewers: btrahan, vii

Reviewed By: btrahan

CC: aran, epriestley

Differential Revision: https://secure.phabricator.com/D1654
2012-02-21 15:10:24 -08:00
vrana
460efc4489 Include added reviewers and ccs in preview
Summary: Preview of Add Reviewers looks silly without actually showing them

Test Plan:
Go to any diff
Leap into action: Add Reviewers
Add some reviewers
Write some comment
Preview including Added reviewers should be displayed
Change action to Comment
Added reviewers should disappear
Repeat with Add CCs

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, epriestley, vrana

Differential Revision: https://secure.phabricator.com/D1276
2012-01-04 17:08:13 -08:00
epriestley
c93fc91e96 Update Javelin; improve package definitions
Summary:
  - Update Javelin to HEAD -- this doesn't pick up anything in particular, but
lets us smoke test some stuff like {D1217}.
  - Do a little more packaging since we've picked up a handful of 10-line
behaviors and such for various UI tweaks.

Test Plan:
  - Generally, this should be very low-risk.
  - Browed Maniphest, Differential, Diffusion and tried to hit all the JS
interactions.
  - Looked over the Javelin changes we're pulling in to see if I forgot
anything. The only API change I caught was removal of "JX.defer()", but that was
already cleared in Phabricator in D803.

Reviewers: aran, btrahan, jungejason

Reviewed By: aran

CC: aran

Differential Revision: 1240
2011-12-20 08:27:54 -08:00
adonohue
d5cb67d8c4 Update Javelin
Summary: Routine administration.

Test Plan: Use a tokenizer and browse around

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, epriestley

Differential Revision: 1083
2011-11-06 15:15:34 -08:00
epriestley
f4e25b7a35 Sync Phabricator to Javelin HEAD
Summary: cpiro reported a cache inconsistency issue from a push a while ago
which this should fix (see #?????), and we haven't sync'd in a while anyway.

Test Plan: Poked some interfaces very gently.

Reviewers: cpiro, cpojer, tomo, jungejason, tuomaspelkonen, aran

Reviewed By: tomo

CC: aran, epriestley, tomo, cpiro

Differential Revision: 859
2011-08-25 18:14:47 -07:00
epriestley
d064c6efa8 Use exceptions for S3 error messages
Summary:
Right now, the "SimpleEmailService" class uses trigger_error() to communicate
error messages. This means they get lost in the error logs and aren't visible in
the MetaMTA interface.

Provide a flag to strengthen them into exceptions, instead.

(I've attempted to emulate the prevailing style so I can offer this upstream.)

Test Plan: Faked an error condition and got a detailed stack trace in MetaMTA
instead of an empty "Message" field.
Reviewed By: jungejason
Reviewers: hunterbridges, codeblock, jungejason, tuomaspelkonen, aran
CC: aran, jungejason
Differential Revision: 783
2011-08-04 14:17:13 -07:00
epriestley
bd3a14f248 Add an Amazon S3 storage engine for Phabricator
Summary: Implements an S3 storage engine option for Phabricator.
Test Plan:
  - Uploaded files to S3.
  - Looked at them.
  - Verified they appeared in S3 using the S3 file browser.

Reviewed By: jungejason
Reviewers: jungejason, tuomaspelkonen, aran
CC: aran, jungejason
Differential Revision: 752
2011-08-03 10:58:03 -07:00
epriestley
b548b5166b Update externals/javelin to HEAD for the JX.Vector.getPos() fix. 2011-07-05 14:07:28 -07:00
epriestley
fc28ab06c2 Bring Javelin external up to HEAD for autocomplete. 2011-07-03 22:43:37 -07:00
epriestley
8ca5581a9c Skip attaching 'inline' text attachments
Summary:
Mail clients can send messages where the body is represented as 'inline'
attachments. Don't treat any such text attachments as actual attachments.

Test Plan:
toulouse, can you verify this fixes the issue?

Reviewed By: toulouse
Reviewers: toulouse
CC: aran, toulouse, epriestley
Differential Revision: 441
2011-06-12 22:38:57 -07:00
epriestley
96c43802e5 Update Javelin to c727216edfb2527d14e1047656986f0cb8f694f9 2011-06-09 09:59:57 -07:00
epriestley
d96d515cc2 Add comment linking to Maniphest and Differential
Summary:
Allows you to link to comments with "D123#3" or "T123#3", then adds a pile of JS
to try to make it not terrible. :/

The thing I'm trying to avoid here is when someone says "look at this!
http://blog.com/#comment-239291" and you click and your browser jumps somewhere
random and you have no idea which comment they meant. Since I really hate this,
I've tried to avoid it by making sure the comment is always highlighted.

Test Plan:
Put T1#1 and D1#1 in remarkup and verified they linked properly.

Clicked anchors on individual comments.

Faked all comments hidden in Differential and verified they expanded on anchor
or anchor change.

Reviewed By: aran
Reviewers: aran, tomo, mroch, jungejason, tuomaspelkonen
CC: aran, epriestley
Differential Revision: 383
2011-05-31 11:11:19 -07:00
epriestley
553c6c78fe Raise PhabricatorShapedRequest request timeout
Summary:
We hit this very short (1s) timeout when the browser chooses to resolve all the
diff requests before the preview request. In the long term we could start the
preview request only after all the diff requests resolve, but this solves the
issue for now and there's no reason for such a short timeout.

The historical reason to have this timeout at all is that intern was megaflaky
and that's no longer a problem.

Test Plan:
Faked it so it would use a 1ms timeout the first time and then a 20s timeout;
got reasonable behavior.

Reviewed By: aran
Reviewers: jungejason, tuomaspelkonen, aran
CC: aran
Differential Revision: 329
2011-05-22 14:48:26 -07:00
epriestley
386a5eecb7 Show description changes in Maniphest
Summary:
When a task description is updated, there's currently no way to see the change.
Build an "expanded summary" mode for transactions that shows description change
details. Also include changes in the email.

Test Plan:
Changed task descriptions, clicked "show details", read email.

Reviewed By: aran
Reviewers: tuomaspelkonen, jungejason, aran
CC: anjali, aran, epriestley
Differential Revision: 320
2011-05-21 21:17:45 -07:00
epriestley
84731e8f00 Aphlict, simple notification server
Summary:
This is purely a prototype at the moment, but the basic functionality sort of
works.

I'm not sure how far I want to go with this but I think we might be able to get
somewhere without it being gross.

The idea here is to build a notification server WITHOUT using Comet, since Comet
is extremely difficult and complicated.

Instead, I use Flash on the client. LocalConnection allows flash instances to
talk to each other and connect() can be used as a locking primitive. This allows
all the instances to elect a master instance in a race-safe way. The master is
responsible for opening a single connnection to the server.

On the server, I use Node.js since PHP is pretty unsuitable for this task.

See Github Issue #3: https://github.com/facebook/phabricator/issues/3

One thing I need to figure out next is if I can reasonably do SSL/TSL over Flash
(it looks like I can, in theory, with the as3crypto library) or if the server
needs to just send down version information and trigger a separate Ajax call on
the client.

Test Plan:
Created a client pool and connected it to the server, with election and failover
apparently working correctly.

Reviewed By: aran
Reviewers: Girish, aran, jungejason, tuomaspelkonen, davidrecordon
Commenters: Girish, davidrecordon
CC: aran, epriestley, Girish, davidrecordon
Differential Revision: 284
2011-05-17 10:32:41 -07:00
epriestley
6fb8367dfb Synchronize externals/javelin. 2011-05-09 10:39:43 -07:00
epriestley
561e98facc Update externals/javelin to point at non-broken HEAD, plus some lint fixes. 2011-05-09 10:11:17 -07:00
epriestley
2a39fd09eb Bring Javelin into Phabricator via git submodule, not copy-and-paste
Summary:
Javelin is currently embedded in Phabricator via copy-and-paste of prebuilt
packages. This is not so great.

Pull it in as a submodule instead and make all the Phabriator resources declare
proper dependency trees. Add Javelin linting.

Test Plan:
I tried to run through pretty much all the JS functionality on the site. This is
still a high-risk change, but I did a pretty thorough test

Differential: inline comments, revealing diffs, list tokenizers, comment
preview, editing/deleting comments, add review action.
Maniphest: list tokenizer, comment actions
Herald: rule editing, tokenizers, add/remove rows

Reviewed By: tomo
Reviewers: aran, tomo, mroch, jungejason, tuomaspelkonen
CC: aran, tomo, epriestley
Differential Revision: 223
2011-05-08 13:20:10 -07:00
epriestley
25dee6ecd2 Support email replies in Phabricator
Summary:
Provides support for per-user x per-object unique reply-to email addresses, plus
SMTP integration.

This does not actually make Phabricator use these in outbound email.

Test Plan:
Used test console to validate in-Phabricator routing and handling.

Piped emails into the "mail_handler.php" script to validate mail parsing.

Configured sendmail and sent mail to Phabricator.

Technically I haven't conducted all parts of this test on the same machine since
I lost the will to configure more SMTP servers after configuring phabricator.com

Reviewed By: jungejason
Reviewers: jungejason, tuomaspelkonen, aran
CC: aran, epriestley, jungejason
Differential Revision: 226
2011-05-05 14:58:57 -07:00
epriestley
8f5d01d451 Get rid of +x on a bunch of nonexecutable files because I failed to set
"create mask" on SMB. :/
2011-04-02 16:47:20 -07:00
epriestley
eccc76dae6 Fix some issues caught by HipHop, and work around some issues
caused by HipHop.
2011-02-26 21:01:42 -08:00
epriestley
8347729fc0 When sending with Amazon SES, use the AWS sendRawEmail API instead of sendEmail,
so we can send custom headers.

Summary:

Test Plan:

Reviewers:

CC:
2011-02-09 16:05:06 -08:00
epriestley
ed5cddf8d7 Convert SES from tabs to spaces
Summary:

Test Plan:

Reviewers:

CC:
2011-02-09 16:04:14 -08:00
epriestley
f239a9a930 Convert PHPMailer to unix newlines and spaces.
Summary:

Test Plan:

Reviewers:

CC:
2011-02-09 16:02:46 -08:00
epriestley
8098954776 Add basic Amazon SES support.
Summary:

Test Plan:

Reviewers:

CC:
2011-02-07 21:08:32 -08:00
epriestley
759eec3a77 Very rough cut of DarkConsole + XHProf 2011-02-02 13:48:52 -08:00
epriestley
03fec6e911 PhabricatorEnv
'infratructure' -> 'infrastructure' (rofl)
Recaptcha
Email Login / Forgot Password
Password Reset
2011-01-31 11:55:26 -08:00
epriestley
2112673f06 PHPMailerLite 2011-01-26 09:57:33 -08:00