1
0
Fork 0
mirror of https://we.phorge.it/source/phorge.git synced 2024-11-27 17:22:42 +01:00
Commit graph

282 commits

Author SHA1 Message Date
epriestley
2ee5086ce9 With the {F...} syntax, render non-images as links
Summary:
We render a huge picture of a PDF for PDFs right now, etc. This is hella dumb.

Also allow users to force this rendering style, and change the link name.

Test Plan: Uploaded image and non-image files, used layout=link and name=....

Reviewers: btrahan

Reviewed By: btrahan

CC: aran, epriestley

Maniphest Tasks: T1040

Differential Revision: https://secure.phabricator.com/D2006
2012-03-23 15:32:07 -07:00
vrana
330d62984b Check required classes in setup
Test Plan:
Run setup with 'differential.attach-task-class' set to:

- ''
- 'FacebookTasksAttacher'
- 'X'

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, epriestley

Differential Revision: https://secure.phabricator.com/D1999
2012-03-22 15:58:27 -07:00
epriestley
315870d56a Fix various newline problems in the difference engines
Summary: I'll mark this one up inline since it's all separate bugs.

Test Plan:
  - Created a diff with eight changes: (newline absent -> newline present, newline present -> newline absent, newline present -> newline present, newline absent -> newline absent) x (short file with change near end, long file with change near middle).
  - Viewed diff in Ignore All, Ignore Most, Ignore Trailing and Show All whitespace modes.
  - All 32 results seemed sensible.
  - Really wish this stuff was better factored and testable. Need to fix it. :(

Reviewers: vrana, btrahan

Reviewed By: btrahan

CC: aran, epriestley

Maniphest Tasks: T1030

Differential Revision: https://secure.phabricator.com/D1992
2012-03-22 14:13:48 -07:00
vrana
9622dcd98a Check instance of differential.attach-task-class
Test Plan: Attach Facebook task to revision

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, epriestley

Differential Revision: https://secure.phabricator.com/D1991
2012-03-22 11:10:49 -07:00
vrana
4fba549a99 Use PhabricatorEnv::newObjectFromConfig() wherever possible
Test Plan:
/mail/send/
scripts/aphront/aphrontpath.php /

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, epriestley

Differential Revision: https://secure.phabricator.com/D1983
2012-03-21 14:57:52 -07:00
vrana
07b60b2016 Require valid class for certain config settings
Summary:
It is now possible to set config setting requiring class of certain implementation to something completely else.
The consequence is that your Phabricator may stop working after update because you didn't implement some new method.

This diff validates the class upon usage.
It throws exception which is better than fatal thrown currently after calling undefined method.

Better solution would be to validate classes when setting the config but it would be too expensive - respective class definitions would have to be loaded and checked by reflection.

I was also thinking about some check script but nobody would run it after changing config.

The same behavior should be implemented for these settings:

- metamta.mail-adapter
- metamta.maniphest.reply-handler
- metamta.differential.reply-handler
- metamta.diffusion.reply-handler
- storage.engine-selector
- search.engine-selector
- differential.field-selector
- maniphest.custom-task-extensions-class
- aphront.default-application-configuration-class
- controller.oauth-registration

Test Plan:
Send comment, verify that it pass.
Change `metamta.differential.reply-handler` to incompatible class, verify that sending comment shows nice red exception.
Set `metamta.differential.reply-handler` to empty string, verify that it throws.

Reviewers: epriestley, btrahan

Reviewed By: epriestley

CC: aran, epriestley

Differential Revision: https://secure.phabricator.com/D1919
2012-03-21 14:14:01 -07:00
epriestley
6a13b3ea7e Separate the inline comment summary element into a separate view
Summary:
  - Affects the "Inline Comments" summary table which appears in comments that have attached inlines in the discussion threads in Differential.
  - Prepares for inclusion in Diffusion.
  - No application changes (minor CSS), just factors code better.
  - Simplify/separate CSS.

Test Plan: Looked at on-diff and off-diff comment summaries in Differential, display looked correct.

Reviewers: davidreuss, nh, btrahan

Reviewed By: davidreuss

CC: aran, epriestley

Maniphest Tasks: T904

Differential Revision: https://secure.phabricator.com/D1928
2012-03-19 19:45:16 -07:00
vrana
4fa9798c4a Allow selecting text when creating inline comment
Summary:
It is currently not possible to select source code covered by reticle when creating comment.
This diff hides reticle on mouseout from reply area.

Test Plan:
Hover inline comment, verify that reticle is displayed.
Reply, verify that reticle is displayed when mouseover reply, hidden otherwise.
Repeat for create.

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, epriestley

Differential Revision: https://secure.phabricator.com/D1851
2012-03-15 11:02:25 -07:00
epriestley
900190b2fe Add inline comments to Diffusion/Audit
Summary:
  - Add inline comments to Audits, like Differential.
  - Creates new storage for the comments in the Audits database.
  - Creates a new PhabricatorAuditInlineComment class, similar to DifferentialInlineComment.
  - Defines an Interface which Differential and Audit comments conform to.
  - Makes consumers of DifferentialInlineComments consume objects which implement that interface instead.
  - Adds save

NOTE: Some features are still missing! Wanted to cut this off before it got crazy:

  - Inline comments aren't shown in the main comment list.
  - Inline comments aren't shown in the emails.
  - Inline comments aren't previewed.

I'll followup with those but this was getting pretty big.

@vrana, does the SQL change look correct?

Test Plan:
  - Created, edited, deleted, replied to, reloaded and saved inline comments in Diffusion, on the left and right side of diffs.
  - Created, edited, deleted, replied to, reloaded and saved inline comments in Differentila, on the left and right side of primary and diff-versus-diff diffs.

Reviewers: btrahan, vrana

Reviewed By: btrahan

CC: aran, epriestley

Maniphest Tasks: T904

Differential Revision: https://secure.phabricator.com/D1898
2012-03-14 12:56:01 -07:00
Craig Fratrik
4953c58c90 minor changes to setup flow
Summary:
1. The setup flow complains if you haven't updated your schema, so that section
should be moved above the setup flow.

2. The setup flow tells you to lower your timeout, but it doesn't tell you how
low will make it stop complaining.

Test Plan:
Didn't test the setup.
Regenerated the docs and saw the change.

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, epriestley

Differential Revision: https://secure.phabricator.com/D1888
2012-03-13 19:03:29 -07:00
epriestley
d0af617818 Add "final" to (almost) everything else
Summary: Last of the big final patches. Left a few debatable classes (12 out of about 400) that I'll deal with individually eventually.

Test Plan: Ran testEverythingImplemented.

Reviewers: btrahan

Reviewed By: btrahan

CC: aran, epriestley

Maniphest Tasks: T795

Differential Revision: https://secure.phabricator.com/D1881
2012-03-13 16:21:04 -07:00
epriestley
f158b32a54 Minor, formalize changeset response class. 2012-03-12 21:39:05 -07:00
epriestley
b2890eeb0e Add "final" to all Phabricator "Controller" classes
Summary:
These are all unambiguously unextensible. Issues I hit:

  - Maniphest Change/Diff controllers, just consolidated them.
  - Some search controllers incorrectly extend from "Search" but should extend from "SearchBase". This has no runtime effects.
  - D1836 introduced a closure, which we don't handle correctly (somewhat on purpose; we target PHP 5.2). See T962.

Test Plan: Ran "testEverythingImplemented" unit test to identify classes extending from `final` classes. Resolved issues.

Reviewers: btrahan

Reviewed By: btrahan

CC: aran, epriestley

Maniphest Tasks: T795

Differential Revision: https://secure.phabricator.com/D1843
2012-03-09 15:46:25 -08:00
epriestley
6712dbb709 Bring macros to IRC
Summary:
Adds a macro handler that spams your channel with macros. Config is:

  - macro.size: scale macros to this size before rasterizing
  - macro.sleep: sleep this many seconds between lines (evade flood protection)

Test Plan: derpderp

Reviewers: kdeggelman, btrahan

Reviewed By: btrahan

CC: aran, epriestley

Differential Revision: https://secure.phabricator.com/D1838
2012-03-09 12:40:03 -08:00
Korvin Szanto
d7fcbd7d39 Adding explicitly set ircbot notifications
Summary:
This adds a new configuration setting:

  "notification.actions" : [
    "commit",
    "abandon",
    "actions"
  ]

if not set, displays all actions, if is set, display only what is set to display

Test Plan: add the notification.actions settings and set accordingly

Reviewers: epriestley, zeeg

CC: aran, epriestley

Differential Revision: https://secure.phabricator.com/D1820
2012-03-07 18:51:48 -08:00
epriestley
84d2f5fcad Increase phd sanity check timeout
Summary:
A user reported that their install (on an unusual piece of hardware) was hitting this timeout. We don't need to be quite so stingy; just use the default 30s timeout.

Also remove some kind of sentence fragment since I no longer remember what it meant and it doesn't make sense.

Test Plan: This change resolved the issue.

Reviewers: btrahan, jungejason

Reviewed By: jungejason

CC: aran, epriestley

Differential Revision: https://secure.phabricator.com/D1805
2012-03-07 08:52:00 -08:00
epriestley
37451ffb25 Automatically select the right Conduit URI path for the irc bot
Summary: The docs say "http://www.domain.com/" but if you don't put "/api/" it fails. GOTCHA!

Test Plan: Removed "/api/", launched bot, it worked.

Reviewers: btrahan

Reviewed By: btrahan

CC: aran, epriestley

Maniphest Tasks: T935

Differential Revision: https://secure.phabricator.com/D1763
2012-03-05 09:57:21 -08:00
Koolvin
84b518efeb Added irc What's New support for audit functions
Summary: Added support for audit comment, concern, accept

Test Plan: Comment / Concern / Accept audit, and say "What's new?" in IRC

Reviewers: epriestley

CC: aran, epriestley

Differential Revision: https://secure.phabricator.com/D1730
2012-02-29 12:13:56 -08:00
Evan Priestley
8b447e21d0 Merge pull request #95 from Koolvin/arcpatch-D1717-1
Private Message User IRC Command
2012-02-29 09:09:37 -08:00
Koolvin
7863956746 Private Message User IRC Command
Summary:
Added phabot irc command to directly message a user rather than outputting in a
channel.

Syntax:

ex:

````Korvin, D1717```

results in phabot private messaging me the info on D1717

Test Plan: ##nick##, [DTPVF]n

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, epriestley

Differential Revision: https://secure.phabricator.com/D1717
2012-02-29 08:28:17 -08:00
vrana
9b318e4044 Respect username letter case in Remarkup
Test Plan:
Type ##@makinde## to comment, verify that it is converted to ##@Makinde##.
Verify that ##@NonExistent## stays ##@NonExistent##.

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, epriestley

Differential Revision: https://secure.phabricator.com/D1725
2012-02-28 15:20:29 -08:00
Korvin Szanto
31cbb7fbe2 What's New flood protection
Summary:
Added what's new flood protection and fixed array_push issues.
Also added rhetoric for "Commit"

Test Plan: say "What's new?" twice within one minute

Reviewers: epriestley

CC: aran, epriestley

Differential Revision: https://secure.phabricator.com/D1684
2012-02-23 19:18:22 -08:00
Korvin Szanto
5e39522ac4 IRC Bot what's new directive
Summary:
Added "What's new?" to the ircbot

====Matches

```What is new?
What's new?
Whats new```

Test Plan:
<`Korvin> what is new?
<korvinbot-local> Derpen created D1: Herped the derp - http://phabricator.net/D1

It shows five.

Reviewers: epriestley

Reviewed By: epriestley

CC: epriestley, aran

Differential Revision: https://secure.phabricator.com/D1666
2012-02-23 18:01:25 -08:00
epriestley
228c3781a2 Add gRaphael charting library
Summary:
I typed up like 30 pages here and then got my soul crushed by T895, but here's
the summary:

I looked at several charting libraries. There aren't very many that seem to be
any good and have an open-source license.

I also want the charts to be scriptable in JS so we can add good interactivity
where appropriate.

Raphael is an SVG drawing library which seems very solid. gRaphael is a charting
library on top of Raphael that is a lot less solid, but seems kind of OK.

Overall, I think this selection gives us a lot of flexibility, although we'll
have to pay some costs up front. I'd rather do that then get limited later,
though.

That said, I'm open to other suggestions here if anyone has experience or wants
to take a different stab at researching things.

This is largely for @vii and D1643.

Test Plan: Created a basic, fairly OK chart (see next revision).

Reviewers: btrahan, vii

Reviewed By: btrahan

CC: aran, epriestley

Differential Revision: https://secure.phabricator.com/D1654
2012-02-21 15:10:24 -08:00
epriestley
8b851e4978 Minor, fix simpleoptions parse of {F123} notation. 2012-02-17 16:22:38 -08:00
epriestley
2bcf153e7e Minor, fix chatlog handler comment. 2012-02-17 10:24:55 -08:00
epriestley
7200040479 Add a basic chatlog
Summary:
This is pretty simple and unpolished, but it's getting pretty big and it seems
like a reasonable starting point.

  - Log chat in various "channels".
  - Conduit record and query methods.
  - IRCBot integration for IRC logging

Major TODO:

  - Web UI is really unpolished and has no search, paging, anchor-linking, etc.
Basically all presentation stuff, though.
  - I think the bot should have a map of channels to log with channel aliases?
  - The "channels" should probably be in a separate table.
  - The "authors" should probably be correlated to Phabricator accounts somehow,
where possible.

Test Plan: Used phabotlocal to log #phabricator.

Reviewers: kdeggelman, btrahan, Koolvin

Reviewed By: btrahan

CC: aran, epriestley

Maniphest Tasks: T837

Differential Revision: https://secure.phabricator.com/D1625
2012-02-17 10:21:38 -08:00
epriestley
fce6a7089c Fix production file links for some alt-domain configurations
Summary:
We sometimes call PhabricatorEnv::getProductionURI($file->getBestURI()) or
similar, but this may currently cause us to construct a URI like this:

  http://domain.com/http://cdn-domain.com/file/data/xxx/yyy/name.jpg

Instead, if the provided URI has a domain already, leave it unmodified.

Test Plan: Attached a file to a task; got an email with a valid URI instead of
an invalid URI.

Reviewers: btrahan

Reviewed By: btrahan

CC: Makinde, aran, epriestley

Differential Revision: https://secure.phabricator.com/D1622
2012-02-15 17:06:36 -08:00
epriestley
35c5852d3f Add a safeguard against multiple patches with the same version
Summary:
I accidentally added two "104" patches. This actually works OK for the most part
but is fundamentally bad and wrong.

Merge the patches (installs applied both as "104", so we can't move one to
"105") and add a safeguard.

Test Plan: Ran upgrade_schema.php with two "104" patches, got error'd. Ran
without, got successs.

Reviewers: btrahan

Reviewed By: btrahan

CC: aran, epriestley

Differential Revision: https://secure.phabricator.com/D1614
2012-02-14 16:24:02 -08:00
epriestley
549146bc7c Move ALL files to serve from the alternate file domain, not just files without
"Content-Disposition: attachment"

Summary:
We currently serve some files off the primary domain (with "Content-Disposition:
attachment" + a CSRF check) and some files off the alternate domain (without
either).

This is not sufficient, because some UAs (like the iPad) ignore
"Content-Disposition: attachment". So there's an attack that goes like this:

	- Alice uploads xss.html
	- Alice says to Bob "hey download this file on your iPad"
        - Bob clicks "Download" on Phabricator on his iPad, gets XSS'd.

NOTE: This removes the CSRF check for downloading files. The check is nice to
have but only raises the barrier to entry slightly. Between iPad / sniffing /
flash bytecode attacks, single-domain installs are simply insecure. We could
restore the check at some point in conjunction with a derived authentication
cookie (i.e., a mini-session-token which is only useful for downloading files),
but that's a lot of complexity to drop all at once.

(Because files are now authenticated only by knowing the PHID and secret key,
this also fixes the "no profile pictures in public feed while logged out"
issue.)

Test Plan: Viewed, info'd, and downloaded files

Reviewers: btrahan, arice, alok

Reviewed By: arice

CC: aran, epriestley

Maniphest Tasks: T843

Differential Revision: https://secure.phabricator.com/D1608
2012-02-14 14:52:27 -08:00
epriestley
c8b4bfdcd1 Encode "<" and ">" in JSON/Ajax responses to prevent content-sniffing attacks
Summary:
Some browsers will still sniff content types even with "Content-Type" and
"X-Content-Type-Options: nosniff". Encode "<" and ">" to prevent them from
sniffing the content as HTML.

See T865.

Also unified some of the code on this pathway.

Test Plan: Verified Opera no longer sniffs the Conduit response into HTML for
the test case in T865. Unit tests pass.

Reviewers: cbg, btrahan

Reviewed By: cbg

CC: aran, epriestley

Maniphest Tasks: T139, T865

Differential Revision: https://secure.phabricator.com/D1606
2012-02-14 14:51:51 -08:00
Korvin Szanto
ad9a2ab00c D1535
IRC bot responds to T1000 as if you were referencing the nanomorph mimetic poly-alloy assassin.
2012-02-10 09:47:57 -08:00
vrana
5e58a016a5 Allow full anchors in remarkup object names
Summary: Remarkup object names require #1 for linking to comments which is not
very intuitive.

Test Plan:
  D1558#4e01328c
  D1558#1
  D1558#comment-1

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, epriestley

Differential Revision: https://secure.phabricator.com/D1565
2012-02-03 15:50:19 -08:00
vrana
6bd8542abb Avoid sending CSRF token in GET and external forms
Summary:
Sending CSRF token in GET forms is dangerous because if there are external links
on the target page then the token could leak through Referer header.
The token is not required for anything because GET forms are used only to
display data, not to perform operations.
Sending CSRF tokens to external URLs leaks the token immediately.

Please note that <form action> defaults to GET.

PhabricatorUserOAuthSettingsPanelController suffered from this problem for both
reasons.

Test Plan: Save my settings (POST form).

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, epriestley

Differential Revision: https://secure.phabricator.com/D1558
2012-02-03 10:58:51 -08:00
epriestley
dc36317ea4 Use 'ps <pid>' to test for process existence if posix is not available
Summary: posix may not be loaded on the web/cgi SAPI but we call posix functions
on this pathway, which we hit on /daemon/. Fall back to exec if we don't have
posix.

Test Plan: Added "&& false" and verified the page executed a bunch of "ps"
tests.

Reviewers: Koolvin, btrahan

Reviewed By: btrahan

CC: aran, epriestley

Maniphest Tasks: T821

Differential Revision: https://secure.phabricator.com/D1540
2012-02-02 16:03:36 -08:00
epriestley
add1ae945d Use setConcreteOnly() in Phabricator and only list/launch concrete Daemons
Summary: We currently allow you to launch abstract daemons; use
setConcreteOnly() to only list/launch concrete daemons.

Test Plan: Ran "phd list" (no abstract daemons listed), "phd launch
PhabricatorRepositoryCommitDiscoveryDaemon" (reasonable error message).

Reviewers: btrahan, jungejason

Reviewed By: btrahan

CC: aran, epriestley

Maniphest Tasks: T801

Differential Revision: https://secure.phabricator.com/D1487
2012-01-25 11:50:59 -08:00
epriestley
ff339e152e Improve error message for "phd stop" with bad PID
Summary: "phd launch ircbot" works but "phd stop ircbot" gives you a potentially
confusing message. Improve messaging.

Test Plan: Ran "phd stop ircbot", "phd stop 87888" (actual PID)

Reviewers: btrahan, jungejason

Reviewed By: btrahan

CC: aran

Maniphest Tasks: T791

Differential Revision: https://secure.phabricator.com/D1457
2012-01-19 21:12:50 -08:00
root
f6a78452f3 Added Fn directive to IRCbot D1456 2012-01-19 10:50:53 -08:00
epriestley
1651be91ec Remove daemon PID files for missing daemons when running "phd stop"
Summary: When we try to kill a daemon but discover it isn't running, we should
remove the PID file. We can also simplify the logic here.

Test Plan: Ran "phd stop" a couple of times, subsequent runs did not try to stop
a legion of dead daemons.

Reviewers: btrahan, jungejason

Reviewed By: btrahan

CC: aran

Maniphest Tasks: T781

Differential Revision: https://secure.phabricator.com/D1421
2012-01-16 12:59:41 -08:00
epriestley
56447ed2cc Add more options to Remarkup
Summary:
See D1416. Add options to file-embed syntax, and document new code and
embed options.

Test Plan: Used new options in markup blocks.

Reviewers: davidreuss, btrahan, jungejason

Reviewed By: btrahan

CC: aran

Maniphest Tasks: T336

Differential Revision: https://secure.phabricator.com/D1417
2012-01-16 11:53:16 -08:00
epriestley
80643d63a8 Detect empty $PATH environmental var
Summary:
By default, PHP-FMP (an alternate PHP FCGI SAPI) cleans the entire environment
for child processes. This means we have no $PATH.

This causes some confusing failures for reasons I don't fully understand. If you
do these things:

  exec_manual('env');
  exec_manual('export');

...they show no $PATH, as expected. If you do this:

  exec_manual('echo $PATH');

...it shows a path. And this works (i.e., it finds the executable):

  exec_manual('ls');

...but this fails (it says "no ls in ((null))"):

  exec_manual('which ls');

So, basically, the sh -c process itself gets a default PATH somehow, but its
children don't. I don't realllly get why this happens, but clearly an empty
$PATH is a misconfiguration, and can easily be remedied.

See discussion here: https://github.com/facebook/libphutil/issues/7

Test Plan: Applied patch to Centos6 + nginx + PHP-FPM machine, ran setup, the
configuration issue was detected and I was given information on resolving it.

Reviewers: btrahan, jungejason

Reviewed By: btrahan

CC: aran

Differential Revision: https://secure.phabricator.com/D1413
2012-01-16 11:49:19 -08:00
epriestley
cedb0c045a Lock down accepted next URI values for redirect after login
Summary:
I locked this down a little bit recently, but make
double-extra-super-sure that we aren't sending the user anywhere suspicious or
open-redirecty. This also locks down protocol-relative URIs (//evil.com/path)
although I don't think any browsers do bad stuff with them in this context, and
header injection URIs (although I don't think any of the modern PHP runtimes are
vulnerable).

Test Plan:
  - Ran tests.
  - Hit redirect page with valid and invalid next URIs; was punted to / for
invalid ones and to the right place for valid ones.

Reviewers: btrahan, jungejason

Reviewed By: btrahan

CC: arice, aran, epriestley, btrahan

Differential Revision: https://secure.phabricator.com/D1369
2012-01-13 11:58:45 -08:00
epriestley
b71e1c15ef Detect which PHP SAPI the CLI binary uses during setup
Summary:
  - PHP uses a SAPI ("server API") to determine how it interacts with the caller
(e.g., how to read the environment, how to read flags, what code to execute).
  - There are several different SAPIs: cli, cgi, cgi-fcgi, apache, etc.
  - Each SAPI has different behavior -- for instance, the "cgi" SAPI emits some
CGI headers unless told not to, so a script like 'echo "x"' actually echoes some
headers and then 'x' as an HTTP body.
  - In some setups, "php" may be php-cgi.
  - If you run php-cgi as "php scriptname.php" and your ENV has an existing CGI
request in it, it runs that CGI request instead of the script. This causes an
infinite loop.
  - Add checks to verify that "php" is the "cli" SAPI binary, not some other
SAPI.
  - In particular, cPanel uses suphp and is affected by this configuration
issue. See this thread:
https://lists.marsching.com/pipermail/suphp/2008-September/002036.html

Test Plan:
  - On a cPanel + suphp machine, ran setup and was stopped for having the
"cgi-fcgi" SAPI instead of throw into an infinite loop.
  - Applied the suggested remedy, setup now runs fine.

Reviewers: btrahan, jungejason

Reviewed By: btrahan

CC: aran, btrahan, epriestley

Differential Revision: https://secure.phabricator.com/D1390
2012-01-13 11:54:22 -08:00
jungejason
12d1379dee Add instructions about how to support localhost
Summary:
With T764, http://localhost doesn't work anymore. So add instructions
about how to support it by modifying the hosts file.

Test Plan:
- turned on setup mode and the error message did show up
- turned off the setup mode and the error message also showed up

Reviewers: epriestley, btrahan

Reviewed By: epriestley

CC: aran, epriestley

Maniphest Tasks: T764

Differential Revision: https://secure.phabricator.com/D1370
2012-01-11 18:09:14 -08:00
epriestley
af37b637f5 Detect un-cookieable domain confiugration and explode
Summary:
Chrome/Chromium won't set cookies on these domains, at least under
Ubuntu. See T754. Detect brokenness and explode.

Test Plan:
Logged into phabricator as "http://derps/" (failed) and
"http://derps.com/" (worked) in Chromium. Set config to "http://derps/" (config
exploded) and "http://local.aphront.com/" (config OK).

Reviewers: btrahan, jungejason

Reviewed By: btrahan

CC: aran, btrahan

Maniphest Tasks: T754

Differential Revision: https://secure.phabricator.com/D1355
2012-01-11 08:12:50 -08:00
Bob Trahan
84ea5c53e4 Kill PhabricatorFileURI
Summary:
we used to need this function for security purposes, but no longer need
it.   remove it so that some call sites can be optimized via smarter data
fetching, and so the whole codebase can have one less thing in it.

Test Plan:
verified the images displayed properly for each of the following
- viewed a diff with added images.
- viewed a user feed
- viewed a user profile
- viewed all image macros
- viewed a paste and clicked through "raw link"
weakness in testing around proxy files and transformed files.  not sure what
these are.  changes here are very programmatic however.

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, btrahan, epriestley

Maniphest Tasks: T672

Differential Revision: https://secure.phabricator.com/D1354
2012-01-10 15:21:39 -08:00
epriestley
b9cac3bcd1 Improve phabot handling of private messages
Summary: When private messaged, the bot responds via private message to the
sender, instead of sending a private message to itself.

Test Plan: Mentioned tasks in public channels and private messages.

Reviewers: btrahan, jungejason

Reviewed By: btrahan

CC: aran, btrahan

Maniphest Tasks: T274

Differential Revision: https://secure.phabricator.com/D1350
2012-01-10 15:11:45 -08:00
epriestley
684d12d5db Add an example notification handler to the IRC bot
Summary: Simple notificaiton handler that reads the difx event timeline and
posts notifications to IRC.

Test Plan: Ran it in #phabricator.

Reviewers: btrahan, jungejason

Reviewed By: btrahan

CC: aran, btrahan

Differential Revision: https://secure.phabricator.com/D1337
2012-01-06 15:09:55 -08:00
epriestley
4579f23f63 Add a "maniphest.update" Conduit method
Summary:
  - Add maniphest.update
  - Add support for auxiliary fields to maniphest.createtask

Test Plan:
  - Created tasks with maniphest.createtask
  - Updated tasks with maniphest.update

Reviewers: btrahan, jungejason, zeeg

Reviewed By: btrahan

CC: aran, btrahan

Differential Revision: https://secure.phabricator.com/D1330
2012-01-06 11:52:00 -08:00
vrana
460efc4489 Include added reviewers and ccs in preview
Summary: Preview of Add Reviewers looks silly without actually showing them

Test Plan:
Go to any diff
Leap into action: Add Reviewers
Add some reviewers
Write some comment
Preview including Added reviewers should be displayed
Change action to Comment
Added reviewers should disappear
Repeat with Add CCs

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, epriestley, vrana

Differential Revision: https://secure.phabricator.com/D1276
2012-01-04 17:08:13 -08:00
epriestley
5065db5a2a Reduce spew of some daemons
Summary:
It used to be more useful for daemons to spew random debugging information, but
features like "phd debug" and some fixes to error reporting like D1101 provide
better ways to debug, test, develop and diagnose daemons.

  - Stop writing "." every time MetaMTA sends a message.
  - Stop spewing the entire IRC protocol from the IRC bot unless in debug mode.
  - Stop writing GC daemon log entries about collecting daemon logs (DURRR)
unless in debug mode.

Test Plan: Ran daemons in debug and non-debug modes, got expected level of
noisiness.

Reviewers: jungejason, nh, btrahan

Reviewed By: jungejason

CC: aran, jungejason

Differential Revision: https://secure.phabricator.com/D1268
2011-12-22 17:49:33 -08:00
epriestley
13155f8828 Add symbol integration to the IRC bot
Summary: Allow the bot to answer the question "where is X?", where X is a
symbol.

Test Plan:
    phabotlocal joined the chat room.
  epriestley: phabotlocal: where is DarkConsole?
    phabotlocal left the chat room. (Remote host closed the connection)
    phabotlocal joined the chat room.
  epriestley: phabotlocal: where is DarkConsole?
    phabotlocal left the chat room. (Remote host closed the connection)
    phabotlocal joined the chat room.
  epriestley: phabotlocal: where is DarkConsole?
  phabotlocal: class DarkConsole (php):
http://local.aphront.com/diffusion/SUBC/browse/src/aphront/console/api/DarkConsole.php$22
  epriestley: thanks phabotlocal that is vastly more useful
    phabotlocal left the chat room. (Remote host closed the connection)

Reviewers: btrahan, jungejason

Reviewed By: jungejason

CC: aran, jungejason

Maniphest Tasks: T315

Differential Revision: https://secure.phabricator.com/D1261
2011-12-22 06:45:37 -08:00
epriestley
e45ffda55a Move most remaining sha1() calls to HMAC
Summary:
  - For context, see T547. This is the last (maybe?) in a series of diffs that
moves us off raw sha1() calls in order to make it easier to audit the codebase
for correct use of hash functions.
  - This breaks CSRF tokens. Any open forms will generate an error when
submitted, so maybe upgrade off-peak.
  - We now generate HMAC mail keys but accept MAC or HMAC. In a few months, we
can remove the MAC version.
  - The only remaining callsite is Conduit. We can't use HMAC since Arcanist
would need to know the key. {T550} provides a better solution to this, anyway.

Test Plan:
  - Verified CSRF tokens generate properly.
  - Manually changed CSRF to an incorrect value and got an error.
  - Verified mail generates with a new mail hash.
  - Verified Phabricator accepts both old and new mail hashes.
  - Verified Phabricator rejects bad mail hashes.
  - Checked user log, things look OK.

Reviewers: btrahan, jungejason, benmathews

Reviewed By: btrahan

CC: aran, epriestley, btrahan

Maniphest Tasks: T547

Differential Revision: 1237
2011-12-19 08:56:53 -08:00
Marek Sapota
2d232674df Allow customized patterns for marking generated files.
Test Plan:
Created a listener that adds some patterns to $matches array, reloaded
Differential, some changesets were not shown as generated.

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, epriestley, mareksapota

Differential Revision: 1200
2011-12-13 17:14:25 -08:00
epriestley
c16c920f94 Remove setTimeout() hacks for Javelin behavior initialization
Summary:
  - Prioritize higher-priority behaviors on the server.
  - Remove setTimeout() hacks.

Test Plan: Loaded Differential, didn't get CSRF races for comment previews.

Reviewers: aran, jg, cpojer

Reviewed By: jg

CC: btrahan, jungejason, aran, epriestley, jg

Differential Revision: 1183
2011-12-13 12:50:00 -08:00
David Reuss
dfffc78d38 Added mbstring and iconv as required extensions
Test Plan: Obvious.

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, epriestley, davidreuss

Differential Revision: 1138
2011-12-01 08:52:54 -08:00
epriestley
30b578cff6 Preserve original case in @mentions which whiff
Summary: See T632. When we miss a @mention, preserve the original case. This
approach is slightly unwieldy, but preserves backward compatibility (remarkup is
cached in Differential and Maniphest).

Test Plan:
https://secure.phabricator.com/file/view/PHID-FILE-u7z5j73dxrr4vuwkdcy3/

Reviewers: aran, btrahan

Reviewed By: aran

CC: aran, epriestley

Differential Revision: 1141
2011-11-30 11:16:44 -08:00
Bob Trahan
0795cd4baa Add cycle detection to celerity mapper
Summary: create CelerityResourceGraph, which extends AbstractDirectedGraph.
since we've done a bunch of work already to load the resource graph into memory
CelerityResourceGraph simply stores a copy and makes loadEdges work off that
stored copy.

Test Plan:
made phabricator-prefab require herald-rule-editor

~/code/phabricator> ./scripts/celerity_mapper.php webroot
Finding static resources...
Processing 154
files..........................................................................................................................................................
[2011-11-22 11:28:29] EXCEPTION: (Exception) Cycle detected in resource graph:
phabricator-prefab => herald-rule-editor => phabricator-prefab at
[/Users/btrahan/Dropbox/code/phabricator/scripts/celerity_mapper.php:173]

fixed phabricator-prefab requiring herald-rule-editor.  re-ran celerity_mapper
and no errors!

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, btrahan, epriestley

Differential Revision: 1132
2011-11-29 12:09:08 -08:00
Bob Trahan
4afe82f3e2 Show MySQL exception when unable to connect during setup
Summary: a well-titled diff this be.  i feel 'meh' about the change; doesn't
seem to help too much imo.

Test Plan:
edited my custom conf file to have errors -

127.0.0.1 => 127.0.0.2
mysql_user => mysql_users

and for phabricator to be in setup mode. for each error i verified that i liked
the display.

Reviewers: epriestley, jungejason

Reviewed By: jungejason

CC: aran, jungejason

Differential Revision: 1129
2011-11-21 17:11:38 -08:00
Marek Sapota
e9693f25f8 Move event framework from Phabricator to libphutil
Summary:
Move event framework from Phabricator to libphutil so it can be used in other
phutil projects, such as Arcanist.

Test plan:
Use along with path to libphutil, events should work as expected.

Reviewers: epriestley

Differential Revision: 1098
2011-11-16 16:34:45 -08:00
Marek Sapota
b71a55900a Allow tweaking of Differential mail by using events
Summary: Allow tweaking Differential mail before sending.

Test Plan:
Wrote a listener renaming Differential attachments and it worked without
problems.

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, epriestley, mareksapota, davidreuss

Differential Revision: 1091
2011-11-09 10:13:53 -08:00
Jason Ge
13eee1a344 Add test to check all symbols can be loaded
Summary:
make sure all symboles can be loaded to avoid issues like missing
methods in descendants of abstract base class.

Test Plan:
ran it and verified it passes; remove a method in a descendant class
and verified that the test failed.

Reviewers: epriestley, nh

Reviewed By: nh

CC: aran, nh, jungejason

Differential Revision: 1023
2011-10-20 16:43:13 -07:00
epriestley
d625f94c55 Provide a markup protocol whitelist for Phabricator
Summary: See T548 and D996. Makes Phabricator configure the remarkup engine so
http:// and https:// get linked. Also make the "named link" syntax respect the
whitelist.

Test Plan:
  - Whitelisted URIs (they get linked).
  - Other URIs (not linked).
  - Whitelisted, named URIs (linked).
  - Other, named URIs (treated as phriction links).
  - Actual phriction links (work correctly).

Reviewers: jungejason, nh, tuomaspelkonen, aran, benmathews

Reviewed By: jungejason

CC: aran, jungejason

Differential Revision: 997
2011-10-10 13:12:11 -07:00
epriestley
e4e5c39457 Merge __init_env__.php into __init_script__.php
Summary: There are currently two files, but all scripts require both of them,
which is clearly silly. In the longer term I want to rewrite all of this init
stuff to be more structured (e.g., merge webroot/index.php and __init_script__
better) but this reduces the surface area of the ad-hoc "include files" API we
have now, at least.

Test Plan:
  - Grepped for __init_env__.php (no hits)
  - Ran a unit test (to test unit changes)
  - Ran a daemon (to test daemon changes)

Reviewers: jungejason, nh, tuomaspelkonen, aran

Reviewed By: jungejason

CC: aran, jungejason

Differential Revision: 976
2011-10-02 11:48:09 -07:00
Ricky Elrod
10570635b5 Stop 'stop' from being in phd's list twice, and provide a way to kill one particular PID.
Summary:
This is a pretty bad, but working implmentation of a way to kill one particular PID that
is controlled by Phabricator. Also remove the second 'stop' from the ##phd help## list.

Test Plan:
  [ricky@rhelpad01 phabricator] (phd-stop-twice)$ ./bin/phd status
  PID  	Started                 	Daemon
  30154	Oct 1 2011, 2:38:08 AM  	PhabricatorMetaMTADaemon
  30172	Oct 1 2011, 2:38:09 AM  	PhabricatorMetaMTADaemon
  30190	Oct 1 2011, 2:38:09 AM  	PhabricatorMetaMTADaemon
  30210	Oct 1 2011, 2:38:09 AM  	PhabricatorMetaMTADaemon

  [ricky@rhelpad01 phabricator] (phd-stop-twice)$ ./bin/phd stop 30190
  Stopping daemon 'PhabricatorMetaMTADaemon' (30190)...
  Daemon 30190 exited normally.

  [ricky@rhelpad01 phabricator] (phd-stop-twice)$ ./bin/phd stop 123456
  123456 is not controlled by Phabricator. Not killing.

  [ricky@rhelpad01 phabricator] (phd-stop-twice)$ ./bin/phd stop
  Stopping daemon 'PhabricatorMetaMTADaemon' (30154)...
  Stopping daemon 'PhabricatorMetaMTADaemon' (30172)...
  Stopping daemon 'PhabricatorMetaMTADaemon' (30210)...
  Daemon 30210 exited normally.
  Daemon 30154 exited normally.
  Daemon 30172 exited normally.

Reviewers: epriestley

CC:

Differential Revision: 975
2011-10-01 17:31:20 -04:00
epriestley
1b8562467c Add an "Event" plugin to DarkConsole for event inspection
Summary: Shows events which a page dispatched, plus all the registered
listeners.

Test Plan:
Pretty basic for now, but works OK:

https://secure.phabricator.com/file/view/PHID-FILE-49fcd23081ce55cf9369/

(I also made it dispatch some dummy events to verify they show up.)

Reviewers: aran

Reviewed By: aran

CC: aran

Differential Revision: 973
2011-10-01 08:51:54 -07:00
epriestley
522e5b4779 Build an event dispatch mechanism into Phabricator
Summary:
This is an attempt to satisfy a lot of the one-off requests a little more
generally, by providing a relatively generic piece of event architecture.

Allow the registation of event listeners which can react to various application
events (currently, task editing).

I'll doc this a bit better but I wanted to see if anyone had massive objections
to doing this or the broad approach. The specific problem I want to address is
that one client wants to do a bunch of routing for tasks via email, so it's
either build a hook, or have them override most of ManiphestReplyHandler, or
something slightly more general like this.

Test Plan: Wrote a silly listener that adds "Quack!" to a task every time it is
edited and edited some tasks. I was justly rewarded.

Reviewers: nh, jungejason, tuomaspelkonen, aran

Reviewed By: aran

CC: aran, epriestley

Differential Revision: 881
2011-09-30 12:16:40 -07:00
epriestley
40c1450129 Add an explicit test for the availablility of 'php' from the command line during
setup

Summary: See T481. We'll fail the pcntl test if we don't have this, in a
potentially confusing way. Test and detect missing 'php' explicitly before we
try the pcntl test, so we can give the user a better error message.

Test Plan: In setup mode, did a good run and then faked it to execute 'phpx'
instead to get a failure.

Reviewers: johnduhart, jungejason, tuomaspelkonen, aran

Reviewed By: tuomaspelkonen

CC: aran, epriestley, tuomaspelkonen

Differential Revision: 878
2011-09-07 13:20:39 -07:00
epriestley
5908a63dfe Add a custom lint name hook to Phabricator
Summary: Allow Conduit method so they stop raising lint warnings. See D874.

Test Plan: Ran "arc lint" on conduit files and was no longer given frivolous
warnings.

Reviewers: nh, jungejason, tuomaspelkonen, aran

Reviewed By: nh

CC: aran, nh, epriestley

Differential Revision: 875
2011-08-31 13:49:30 -07:00
epriestley
0e40b3c5b2 Allow Phriction [[links]] to link to non-Phriction URIs
Summary: If the link text is a URI, just treat it as a nameable (and possibly
relative) URI link. See tasks.

Test Plan: Copy/pasted the doc example into Phriction, links worked.

Reviewers: skrul, hunterbridges, jungejason, tuomaspelkonen, aran

Reviewed By: jungejason

CC: aran, jungejason

Differential Revision: 882
2011-08-31 13:48:58 -07:00
epriestley
764d3d1c65 Make "pcntl" script error more explicit
Summary: This may make it easier to debug problems with CLI + pcntl

Test Plan: Added a syntax error to the script and got more useful output

Reviewers: johnduhart, jungejason, tuomaspelkonen, aran

Reviewed By: johnduhart

CC: aran, johnduhart

Differential Revision: 869
2011-08-29 10:07:25 -07:00
moos3
69f7581582 Fixed the missing space after the : for vote 2011-08-23 22:03:56 -04:00
moos3
003694458b fixes 2011-08-23 21:21:00 -04:00
moos3
dd9b15600a added the support for slowvote links from the bot 2011-08-23 21:17:27 -04:00
epriestley
fd0f4d9c52 Delay sending JOIN command until after MOTD finishes for IRC bot
Summary: Do JOIN in the protocol handler, after we receive 376 ("end of motd").

Test Plan: Ran bot, it joined a channel after receieving a 376 command.

Reviewers: moos3, codeblock, aran, jungejason, tuomaspelkonen

Reviewed By: moos3

CC: aran, moos3

Differential Revision: 855
2011-08-23 14:12:30 -07:00
Richard
9192a0ecf8 Added the ability for SSL to be fined in the irc_config.json file, if not there we assume that its false and continue on our way. if "ssl":true is in the config then we are going to use ssl:// to make the connection use openssl. 2011-08-22 15:20:57 -07:00
moos3
2d677d3992 added the ability for the irc nick to have a identify password. just add "nickpass":"password" to your irc_config.json file and it will identify on connect" 2011-08-22 15:20:57 -07:00
Richard
fbef90c4c6 Added the ability to support Irc Bots that need to login into private IRC Servers. Requires the following to be added to the config.json file
"user":"authenticationusername",
"pass":"thisuserspassowrd",

This will allow people with internal irc servers to use this if they control access from ldap for irc.
2011-08-22 11:12:34 -07:00
epriestley
6dc193d3d9 Fully update library map. 2011-08-18 09:52:36 -07:00
epriestley
74f3112b1c Allow daemons to perform writes unconditionally. 2011-08-16 13:43:51 -07:00
epriestley
68c30e1a71 Provide a setting which forces all file views to be served from an alternate
domain

Summary:
See D758, D759.

  - Provide a strongly recommended setting which permits configuration of an
alternate domain.
  - Lock cookies down better: set them on the exact domain, and use SSL-only if
the configuration is HTTPS.
  - Prevent Phabriator from setting cookies on other domains.

This assumes D759 will land, it is not effective without that change.

Test Plan:
  - Attempted to login from a different domain and was rejected.
  - Logged out, logged back in normally.
  - Put install in setup mode and verified it revealed a warning.
  - Configured an alterate domain.
  - Tried to view an image with an old URI, got a 400.
  - Went to /files/ and verified links rendered to the alternate domain.
  - Viewed an alternate domain file.
  - Tried to view an alternate domain file without the secret key, got a 404.

Reviewers: andrewjcg, erling, aran, tuomaspelkonen, jungejason, codeblock
CC: aran
Differential Revision: 760
2011-08-16 13:21:46 -07:00
epriestley
3aa17c7443 Prevent CSRF uploads via /file/dropupload/
Summary:
We don't currently validate CSRF tokens on this workflow. This allows an
attacker to upload arbitrary files on the user's behalf. Although I believe the
tight list of servable mime-types means that's more or less the end of the
attack, this is still a vulnerability.

In the long term, the right solution is probably to pass CSRF tokens on all Ajax
requests in an HTTP header (or just a GET param) or something like that.
However, this endpoint is unique and this is the quickest and most direct way to
close the hole.

Test Plan:
  - Drop-uploaded files to Files, Maniphest, Phriction and Differential.
  - Modified CSRF vaidator to use __csrf__.'x' and verified uploads and form
submissions don't work.

Reviewers: andrewjcg, aran, jungejason, tuomaspelkonen, erling
Commenters: andrewjcg, pedram
CC: aran, epriestley, andrewjcg, pedram
Differential Revision: 758
2011-08-16 13:19:10 -07:00
epriestley
fa49c6c52d Provide a "reference-with-full-name" syntax for Remarkup
Summary:
Provide a {T123} syntax which pulls in the entire name of an object, not just a
link to it. A major use for this is organizing projects using wiki pages. Since
handle links show object status now, this lets you organize stuff in an ad-hoc
way and get a reasonable overview of it. We can make handles richer in the
future, too.

The performance on this isn't perfect (it adds some potential single gets) but I
think it's okay for now and I don't want to make remarkup engine even more
complex until the preprocess/postprocess stuff has had a chance to settle and
I'm more confident it works.

In Differential and Maniphest we'll also incorrectly cache the object
state/name, but that'll fix itself once I move the cache code to use
preprocess/postprocess correctly.

Test Plan:
  - See https://secure.phabricator.com/file/view/PHID-FILE-5f9ca32407bec20899b9/
for an example.
  - Generated and looked over the documentation.

Reviewed By: jungejason
Reviewers: jungejason, tuomaspelkonen, aran, hunterbridges
CC: skrul, aran, jungejason, epriestley
Differential Revision: 784
2011-08-06 12:55:16 -07:00
epriestley
6cd58b17b4 Refactor Phabricator mention rule to do data fetching in post processing
Summary:
This accomplishes two goals:

  - Data fetching is now grouped across blocks.
  - Demonstrates that D737 actually works.

Test Plan: Used @mentions in Phriction preview, they rendered properly. Verified
only one service call was being made across blocks.
Reviewed By: jungejason
Reviewers: hunterbridges, jungejason, tuomaspelkonen, aran
CC: aran, jungejason, epriestley
Differential Revision: 738
2011-08-05 08:18:52 -07:00
epriestley
29444d1df3 Add a little more unit test documentation, fail loudly when isolation prevents a
query

Summary:
  - Provide an example unit test, and document it.
  - Document database isolation better.
  - When we issue an unsimulated query to the isolated connection, throw a
helpful message.
  - Pygments is complaining about my madeup "lang=demo", change it to
"lang=text".

Test Plan:
  - Ran the unit test (sanity check).
  - Ran all other unit tests (verify I didn't break isolation).
  - Added a queryfx(..., 'SELECT 1') to a test and verified it throws.
  - Read the documentation.

Reviewed By: edward
Reviewers: edward, jungejason, tuomaspelkonen, aran
CC: aran, edward
Differential Revision: 773
2011-08-03 09:15:43 -07:00
epriestley
8a03a73e95 Fix some brace lint stuff.
Summary: New brace linter picked these up (see D755).
Test Plan: Visual inspection.
Reviewed By: jungejason
Reviewers: jungejason, tuomaspelkonen, aran
CC: aran, jungejason
Differential Revision: 756
2011-08-02 10:40:45 -07:00
epriestley
9d3f33a7a6 Rough implementation of drag-and-drop file uploads
Summary:
This gets all the major pieces working. Allows you to drag-and-drop files in
Differential and Phriction, and embed files in remarkup with {Fxxx} references.
See also task.

I'm explicitly not documenting this yet since it's still pretty rough.

Test Plan: Dragged and dropped stuff into Differential and Phriction.
Reviewed By: jungejason
Reviewers: jungejason, tuomaspelkonen, aran, tomo
Commenters: tomo
CC: aran, tomo, jungejason
Differential Revision: 674
2011-08-01 15:27:13 -07:00
epriestley
879431fb50 Improve GC performance for Herald Transcripts
Summary: This has to table scan a ginormous table right now, give it a fighting
chance with a more usable key.
Test Plan:
  - Launched GC daemon, no errors.
  - Used test console to create a new transcript.
  - Viewed some old transcripts.
  - Ran EXPLAIN on the SELECT and verified it was utilizing the garbageCollected
key.

Reviewed By: jungejason
Reviewers: jungejason, tuomaspelkonen, aran
CC: aran, epriestley, jungejason
Differential Revision: 735
2011-07-28 18:50:54 -07:00
epriestley
8d26399cfd Remove unused EXPECTED_SCHEMA_VERSION constant
Summary: This didn't end up getting used but I neglected to delete it.
Test Plan: git grep
Reviewed By: jungejason
Reviewers: tuomaspelkonen, jungejason, aran
CC: aran, jungejason
Differential Revision: 721
2011-07-24 18:16:39 -07:00
epriestley
26bca41828 Improve setup process to detect 'open_basedir', 'date.timezone' and 'safe_mode'
problems

Summary: Detect more PHP misconfigurations in setup.
Test Plan: Broke my configuration, ran setup, it seemed to detect all the
problems and issue meaningful error messages.
Reviewed By: jungejason
Reviewers: hunterbridges, 10098, jungejason, tuomaspelkonen, aran
CC: aran, jungejason
Differential Revision: 717
2011-07-24 18:10:48 -07:00
epriestley
ffae7b19e6 Slightly loosen the mention regexp to allow for "Go ask @tomo."
Summary: Currently, we incorrectly flag these under the "@lists.com" rule.
Test Plan:
https://secure.phabricator.com/file/view/PHID-FILE-887c2bc66eb9d47d02f4/
Reviewed By: tomo
Reviewers: tomo
CC: aran, epriestley, tomo
Differential Revision: 708
2011-07-23 09:07:36 -07:00
epriestley
2b7210260f Allow Phabricator storage engines to be extended and configured
Summary:
See T344. Currently, there's a hard-coded 12MB filesize limit and some awkward
interactions with MySQL's max_allowed_packet. Make this system generally more
robust:

  - Move the upload limit to configuration.
  - Add setup steps which reconcile max_allowed_packet vs MySQL file storage
limits.
  - Add a layer of indirection between uploading files and storage engines.
  - Allow the definition of new storage engines.
  - Define a local disk storage engine.
  - Add a "storage engine selector" class which manages choosing which storage
engines to put files in.
  - Document storage engines.
  - Document file storage classes.

Test Plan:
Setup mode:

  - Disabled MySQL storage engine, misconfigured it, configured it correctly.
  - Disabled file storage engine, set it to something invalid, set it to
something valid.
  - Verified max_allowed_packet is read correctly.

Application mode:

  - Configured local file storage.
  - Uploaded large and small files.
  - Verified larger files were written to local storage.
  - Verified smaller files were written to MySQL blob storage.

Documentation:

  - Read documentation.

Reviewed By: jungejason
Reviewers: jungejason, tuomaspelkonen, aran
CC: aran, epriestley, jungejason
Differential Revision: 695
2011-07-21 16:44:24 -07:00
epriestley
3eafe9e3bb Fix Diffusion rendering of SVN files which did not change
Summary:
Share code with the new PhabricatorDifferenceEngine, which handles diffs with no
changes correctly.

(This isn't the same issue as file moves, but I ran into it while generating a
repro case.)

Test Plan: Previously, changes which didn't change file content (e.g., property
changes) would throw. Now they work.
Reviewed By: tuomaspelkonen
Reviewers: tuomaspelkonen, jungejason, aran
CC: aran, epriestley, tuomaspelkonen
Differential Revision: 698
2011-07-20 11:54:33 -07:00
epriestley
87fa97e49a Require double brackets for Phriction links
Summary:
Single brackets are getting some troublesome false positives in Facebook's
install. Particularly, there's a weird convention at Facebook of tagging diffs
by putting stuff like "[perf]" or "[chat]" in the title, although this isn't
turned into structured data at any stage. When commits appear in Diffusion, we
currently link such ad-hoc tags to Phriction.

Wikipedia uses double-bracket sytnax, as do many other wikis, so this seems like
a reasonable burden to place on the lightweightness of the markup. The
alternative is selectively disabling Phriction markup in some interfaces, but
I'd rather allow integration in commit messages and just guard the syntax more
closely.

(I'm not providing any sort of migration plan since this landed less than a week
ago and I'm pretty confident no one has built a huge wiki yet, but I added a
CHANGELOG note.)

Test Plan: Edited a wiki document and added some links. Verified single brackets
were unlinked and double brackets were linked.
Reviewed By: jungejason
Reviewers: hsb, aran, jungejason, tuomaspelkonen
CC: aran, jungejason, epriestley
Differential Revision: 689
2011-07-18 09:18:42 -07:00
epriestley
c0ae2f6289 Show change diffs in Phriction
Summary:
This is really rough and needs work (particularly, there's some diff code I
really need to refactor since I sort-of-copy-pasted it) but basically
functional.

Show text changes between diffs and allow users to revert to earlier versions.

Differential's line-oriented diff style isn't ideal for large blocks of text but
I'm betting this is probably good enough in most cases. We can see how bad it is
in practice and then fix it if needbe.

I added a bunch of support for "description" but didn't add the feature in this
diff, I'll either follow up or task it out since it should be a pretty
straightforward change.

Test Plan: Looked at history for several Phriction documents, clicked "previous
change" / "next change", clicked revert buttons.
Reviewed By: hsb
Reviewers: hsb, codeblock, jungejason, tuomaspelkonen
CC: aran, hsb, epriestley
Differential Revision: 687
2011-07-18 08:46:45 -07:00
epriestley
6f388f97d9 Improve Phabricator behavior for fatal errors
Summary:
  - Exceptions on the rendering pathway currently go uncaught and result in a
blank page. Commonly, this is a bad require_celerity_resource() call. Although
we can't safely render a page if the rendering pathway is broken, we can show a
useful message.
  - When PHP exits because of a fatal error, there is an opportunity to run code
in the shutdown handler. This allows us to show messages at least some of the
time, e.g. "call to unknown function derp() in somefile.php at line 99"
  - flip dem tables

Test Plan: Added fatals ("derp();") and rendering exceptions
("require_celerity_resource('does-not-exist')") to a controller and verified
that the error handling behavior is now more useful.
Reviewed By: aran
Reviewers: jungejason, tuomaspelkonen, aran
CC: aran, epriestley
Differential Revision: 680
2011-07-18 07:23:01 -07:00
epriestley
7d152def3e Basic remarkup integration for Phriction
Summary: Document linking and some general layout improvements. I'd like to
eventually do more meta-dataey things with links (like store them separately and
check them for 404s) but this is a decent start.
Test Plan:
https://secure.phabricator.com/file/view/PHID-FILE-d756b94a06b69c273fce/
Reviewed By: jungejason
Reviewers: hsb, codeblock, jungejason, tuomaspelkonen, aran
CC: aran, jungejason, epriestley
Differential Revision: 650
2011-07-12 06:58:47 -07:00
epriestley
467308dd12 Script to selectively convert MyISAM tables to InnoDB
Summary:
A bunch of the .sql patch files don't explicitly specify the table engine, but
we should always use InnoDB with the exception of one table which needs MyISAM
for FULLTEXT.

MySQL doesn't no-op an ALTER TABLE statment that changes the engine back to
itself and converting large tables can be time consuming, so convert only the
required tables.

Test Plan: Ran on secure.phabricator.com and my local box, it fixed all the
issues in about 3 seconds on secure.phabricator.com and <<1 second on my local.
Reviewed By: codeblock
Reviewers: codeblock, tuomaspelkonen, jungejason, aran
CC: aran, epriestley, codeblock
Differential Revision: 641
2011-07-11 11:42:28 -07:00
Ricky Elrod
3164e4b521 sendmail is in /usr/sbin/ on RHEL.
Summary:
If we're going to hardcode a path, at least let's do it in a way that works on RHEL too.

Test Plan:
Successfully ran the setup script on RHEL.

Reviewers:
epriestley

CC:

Differential Revision: 623
2011-07-08 21:03:32 -04:00
epriestley
51c2726a34 Add Differential parse cache to the GC daemon
Summary:
Add the differential parse cache to the GC. This is the largest object in the
system by a wide margin, I think.

This table is potentially gigantic which is why the script truncates it before
doing a schema change.

Test Plan: Ran the GC daemon, it cleaned up some parse caches.
Reviewed By: jungejason
Reviewers: tuomaspelkonen, jungejason, aran
Commenters: tuomaspelkonen
CC: aran, jungejason, tuomaspelkonen, epriestley
Differential Revision: 620
2011-07-08 17:31:25 -07:00
Ricky Elrod
3d85d6a81d Add language to paste.info, and show it in Pxxx responses from phabot.
Summary:
Now that we store language with pastes, we can include this in Conduit.

Test Plan:
Tried it on a paste with a blank language, and one with a specified language.
    16:14:50 <@CodeBlock> P1
    16:14:51 <@codeblock-phabot> P1: http://phabricator.local/P1 - test.php
    16:15:05 <@CodeBlock> P43
    16:15:06 <@codeblock-phabot> P43: http://phabricator.local/P43 - sadoijfoisaf (php)

Reviewers:
epriestley, Ttech

CC:

Differential Revision: 616
2011-07-08 13:55:22 -07:00
epriestley
cce786a89f Prevent mentions from matching "derp@derp"
Summary: See task / comment.
Test Plan:
https://secure.phabricator.com/file/view/PHID-FILE-f337d112ffe053fdea7d/
Reviewed By: tomo
Reviewers: mroch, tomo
CC: aran, tomo
Differential Revision: 614
2011-07-08 12:32:03 -07:00
epriestley
4ef918e213 Add a garbage collector daemon
Summary:
Phabricator generates a bunch of data that we don't need to keep around forever,
add a GC daemon to get rid of it with some basic configuration options.

This needs a couple more diffs to get some of the details but I think this is a
reasonable start.

I also fixed a couple of UI things related to this, e.g. the daemon logs page
going crazy when a daemon gets stuck in a loop and dumps tons of data to stdout.

Test Plan:
  - Ran gc daemon in 'phd debug' mode and saw it delete stuff, then sleep once
it had cleaned everything up.
  - Mucked around with TTLs and verified they work correctly.
  - Viewed gc'd transcripts in the web interface and made sure they displayed
okay.
  - Viewed daemon logs before/after garbage collection.
  - Running some run-at / run-for tests now, I'll update if the daemon doesn't
shut off in ~10-15 minutes. :P

Reviewed By: tuomaspelkonen
Reviewers: jungejason, tuomaspelkonen, aran
CC: aran, tuomaspelkonen, epriestley
Differential Revision: 583
2011-07-05 13:49:11 -07:00
Ricky Elrod
eeb8d10f42 Edited src/infrastructure/daemon/irc/handler/objectname/PhabricatorIRCObjectNameHandler.php via GitHub 2011-07-05 08:55:21 -07:00
epriestley
f2cedd8108 Provide basic Celerity documentation. 2011-07-04 11:23:04 -07:00
epriestley
39adae9aa8 Prevent Phabot from spinning out of control
Summary: When the remote closes the connection, phabot goes into a busy loop
because of PHP's "nothing should ever be an error" semantics. Instead, detect
connection termination.
Test Plan: Disabled the "PONG" response in the protocol handler and let freenode
disconnect phabot. It spun out of control before, now it detects the issue and
exits to await automatic restart.
Reviewed By: jungejason
Reviewers: codeblock, jungejason, aran, tuomaspelkonen
CC: aran, jungejason
Differential Revision: 582
2011-07-03 09:58:11 -07:00
Evan Priestley
edf6a44db3 Merge pull request #28 from CodeBlock/3346f04d89548ebfa6e84c6bada01b84b
D552 and 553.
2011-06-29 12:16:57 -07:00
Ricky Elrod
3346f04d89 Add Pxxx to phabot.
Summary:
Summarize (or at least link to) pastes when P<id> is given in a channel. This depends on D552!

Test Plan:
04:34:03 <@codeblock-phabot> P15 - http://phabricator.local/P15
04:35:22 <@CodeBlock> P1 asdf foo Bar Baz Diet Sprite P4
04:35:24 <@codeblock-phabot> P1 - http://phabricator.local/P1
04:35:24 <@codeblock-phabot> P4 - http://phabricator.local/P4

Reviewers:
epriestley

CC:

Differential Revision: 553
2011-06-29 15:00:07 -04:00
Ricky Elrod
2728a41fa0 Make phabot understand Txxx.
Summary:
Maniphest tasks can now be summarized by referencing their respective T<id> in irc.

Test Plan:
03:29:28 <@CodeBlock> T218
03:29:29 <@codeblock-phabot> T218: NYANCAT (Priority: Wishlist) - https://secure.phabricator.com/T218
03:30:14 <@CodeBlock> T58 asdf foo bar baz mcFoo T163
03:30:15 <@codeblock-phabot> T58: Allow AphrontFormView to render as a <div /> instead of a form (Priority: Wishlist) - https://secure.phabricator.com/T58
03:30:15 <@codeblock-phabot> T163: arc amend is slow (Priority: Needs Triage) - https://secure.phabricator.com/T163
...
03:28:23 <@CodeBlock> Oh. Hah, I'm testing against production Conduit. Ah well.
03:28:40 <@CodeBlock> I don't always test my code...but when I do, I do it in prod! :D

Reviewers:
epriestley

CC:

Differential Revision: 551
2011-06-29 04:14:16 -04:00
Jun Ge
a54bc391db Merge pull request #26 from hwang36/master
D539 Add P### link to paste
2011-06-28 07:41:40 -07:00
epriestley
07b64dc01f Make @mentions add CCs as a side effect
Summary:
When a user gets @mentioned in Differential, add them as a CC.

No Maniphest hookup yet since I want to make that one a little more formal.

Depends on D518.

Test Plan:
@mentioned a user and they were added as a CC.

Reviewed By: jungejason
Reviewers: tomo, mroch, jsp, jungejason, aran, tuomaspelkonen
CC: aran, jungejason
Differential Revision: 519
2011-06-28 07:00:20 -07:00
hwang
c2d0664c5e Add P### link to paste
Summary:Make a new directory, src/infrastructure/markup/remarkup/markuprule/paste/
	Make a new class called PhabricatorRemarkupRulePaste in that directory.
	Add the rule to DifferentialMarkupEngineFactory.

Test Plan: Created a task in maniphest. Put P1 and P2 in the content.
Created P1 and P2 in Paste. Verified P1 and P2 were highlighted and
linked correctly.

Reviewers:epriestley, codeblock

CC:jungejason

Differential Revision: 539
2011-06-27 22:53:55 -07:00
epriestley
709d7ed5d7 Use the proc-error-aware signaling check for daemons from the CLI
Summary:
The web console already correctly checks for processes which are running but
can't be signaled. Share this check in the CLI.

Test Plan:
Looked at the web console. Poked at the CLI.

Reviewed By: fratrik
Reviewers: fratrik
CC: aran, fratrik
Differential Revision: 544
2011-06-27 15:01:07 -07:00
epriestley
b61e325f05 Show logs to the console in 'phd debug'
Summary:
Currently we send logs to the logfile in 'phd debug', but we should send them to
the console instead.

Also fixed some %C stuff which could theoretically cause problems if a user had
percentage symbols in their paths (heaven forbid).

fratrik, this or D535 might have been involved in frustrating your efforts to
debug the "sudo" stuff.

Test Plan:
Ran "phd debug irc derpderp" and "phd launch irc derpderp". In the former case,
the exception appeared in the console. In the latter, it appeared in the log.

Reviewed By: codeblock
Reviewers: codeblock, jungejason, tuomaspelkonen, aran, fratrik
CC: aran, codeblock
Differential Revision: 536
2011-06-26 20:41:08 -07:00
epriestley
405b05a490 Basic @mentions support
Summary:
Provides basic Remarkup support for @mentions. No application integration yet so
these aren't terribly useful until that happens.

Test Plan:
https://secure.phabricator.com/file/view/PHID-FILE-83d68e7af6085ae928df/

Reviewers: tomo, mroch, jsp
Commenters: tomo
CC: aran, tomo, epriestley
Differential Revision: 517
2011-06-24 11:55:15 -07:00
epriestley
4bfbd209b2 Fix XSS hole in YouTube remarkup rule
Summary:
The source wasn't properly escaped.

Test Plan:
Made a comment like "http://youtube.com/?v="></iframe><h1>!!!</h1>"

Reviewed By: mroch
Reviewers: tomo, mroch, tuomaspelkonen, aran, jungejason
CC: aran, mroch
Differential Revision: 516
2011-06-24 10:45:53 -07:00
epriestley
12772ec35f Provide setup instructions for reducing minimum index word length
Summary:
The MySQL MyISAM fulltext backend defaults to a minimum length of 4, but many
3-letter words are useful search terms. Provide instructions for configuring
MySQL to reduce the auto-stopword length.

Test Plan:
Followed instructions, searched for a 3-letter term and got a hit.

Reviewed By: jungejason
Reviewers: aran, tuomaspelkonen, jungejason
CC: aran, jungejason
Differential Revision: 471
2011-06-20 05:13:24 -07:00
epriestley
d33670c416 Update Herald documentation. 2011-06-14 11:09:40 -07:00
epriestley
555464c4a7 "Paste" application tweaks
Summary:
Tweaks to the paste app:

  - I realized that unlike all the other apps, it makes more sense for the
default view of this one to be "create paste" instead of "list pastes" since
when you access the application directly you are most often wanting to share
something. Swap list out of the default slot and make edit the default.
  - Make the textarea bigger (usability).
  - Allow you to copy an existing paste.
  - Implement 'raw view'.
  - Tweak/adjust list view (usability, formatting).
  - Tweak page titles.

Test Plan:
Created, copied, and listed pastes. Viewed raw paste. Created an invalid paste.
Tried to create a copy of a nonexistant paste.

Reviewed By: codeblock
Reviewers: codeblock, jungejason, aran, tuomaspelkonen
CC: aran, epriestley, codeblock
Differential Revision: 456
2011-06-13 21:13:32 -07:00
epriestley
8f63873d57 Ping conduit from PHD and set daemon logfiles. 2011-06-13 18:39:23 -07:00
epriestley
1d28d97307 This needs a defualt or everything is ruined. 2011-06-13 18:07:58 -07:00
Evan Priestley
961a1498aa Merge pull request #18 from CodeBlock/master
IRC nick regex.
2011-06-13 17:02:26 -07:00
Ricky Elrod
226fdb5589 Fix IRC nick regex.
Summary:
Nicks can contain more characters than were allowed. The new regex is ugly,
but should include most of them.

Test Plan:
Joined the bot as phabot-c0d`eb1^ock successfully.

Reviewers:
epriestley

CC:

Differential Revision: 453
2011-06-13 19:24:23 -04:00
Jason Ge
f2efdd07a7 Use DatabaseConfigurationProvider to get DB info
Summary:
remove accessing the db config info directly. Use
DatabaseConfigurationProvider instead. Also fixed a minor issue where
different number of newlines are output in PhabricatorSetup.php's output.

Test Plan:
executed upgrade_schema.php; executed PhabricatorSetup.php by
setting 'phabricator.setup' to true.

Reviewed By: epriestley
Reviewers: epriestley
CC: aran, jungejason, epriestley
Differential Revision: 443
2011-06-13 14:59:28 -07:00
epriestley
f706093933 Support thumbnailing non-image files and straighten out setup for 'gd'
Summary:
Make 'gd' an explicit optional dependency, test for it in setup, and make the
software behave correctly if it is not available.

When generating file thumnails, provide reasonable defaults and behavior for
non-image files.

Test Plan:
Uploaded text files, pdf files, etc., and got real thumbnails instead of a
broken image.

Simulated setup and gd failures and walked through setup process and image
fallback for thumbnails.

Reviewed By: aran
Reviewers: toulouse, jungejason, tuomaspelkonen, aran
CC: aran, epriestley
Differential Revision: 446
2011-06-13 13:49:17 -07:00
epriestley
cb0cbc50ad Add a "phd debug" command
Summary:
Make it easier to find obvious problems in daemons by letting them run
undaemonized in the console without requiring the user to know the magical
incantations for loading libraries, etc.

Test Plan:
Ran "phd debug nice", simulated some failures (e.g., bringing down Phabricator,
daemon fatal) and got useful error messages.

Reviewed By: jungejason
Reviewers: toulouse, jungejason, tuomaspelkonen, aran
CC: aran, jungejason
Differential Revision: 448
2011-06-13 13:42:01 -07:00
epriestley
d710fc097f Improve messaging and setup process for configuring outbound email.
Summary:
- Make the instructional text generally more useful.
  - Show the current configured adapter.
  - When the configuration prevents outbound email from being delivered, show a
warning.
  - Detect 'curl' extension during setup since it's more-or-less required
  - Add curl extension to the install scripts

codeblock: can you verify the rhel-derivs changes are correct?

Test Plan:
Set adapter to test, verified warning; entered setup mode and verified curl. Ran
apt-get on an ubuntu box. Ran yum on an amazon linux box.

Reviewed By: toulouse
Reviewers: toulouse, codeblock
Commenters: codeblock
CC: aran, jungejason, tuomaspelkonen, codeblock, epriestley, toulouse
Differential Revision: 438
2011-06-12 22:40:18 -07:00
epriestley
fedbd475b5 Create phd PID directory if it doesn't exist, and give the user a meaningful
error message if that doesn't work

Summary:
This workflow is needlessly bad right now, make it not terrible.

Also removed some related, unused code.

Test Plan:
Ran 'phd launch nice' with no directory and with a failing mkdir command.

Reviewed By: toulouse
Reviewers: hsb, toulouse, codeblock
CC: aran, toulouse
Differential Revision: 440
2011-06-12 22:40:07 -07:00
epriestley
d22e6b277f Fix http / https check in setup
Summary:
There was a last-minute edit to this to fix a typo before rP089d8327 landed
which accidentally made it impossible to pass the check. :)

Test Plan:
Put install into setup mode, changed protocol to 'http', 'ftp'.

Reviewed By: cadamo
Reviewers: toulouse, codeblock, cadamo
Commenters: toulouse, codeblock
CC: aran, cadamo, toulouse, codeblock
Differential Revision: 434
2011-06-11 14:53:45 -07:00
epriestley
0ad2b526bc Don't mention the same object in IRC more than once every 10 minutes
Summary:
phabot gets spammy when discussing a specific revision.

Test Plan:
Added debugging code and produced a reasonable-looking chatlog:

  [1:15pm] phabotlocal joined the chat room.
  [1:15pm] epriestley: D5
  [1:15pm] phabotlocal: D5 quack - http://local.aphront.com/D5
  [1:15pm] epriestley: D5
  [1:15pm] phabotlocal: Declining to mention PHID-DREV-d7940d0fe081e3ae5267
again (59s left).
  [1:15pm] epriestley: D5
  [1:15pm] phabotlocal: Declining to mention PHID-DREV-d7940d0fe081e3ae5267
again (57s left).
  [1:15pm] CodeBlock: nice :D
  [1:15pm] epriestley: I should just leave that code in for maximum irony.
  [1:15pm] epriestley: D5
  [1:15pm] phabotlocal: Declining to mention PHID-DREV-d7940d0fe081e3ae5267
again (9s left).
  [1:16pm] epriestley: D5
  [1:16pm] phabotlocal: Declining to mention PHID-DREV-d7940d0fe081e3ae5267
again (2s left).
  [1:16pm] epriestley: D5
  [1:16pm] phabotlocal: D5 quack - http://local.aphront.com/D5
  [1:16pm] epriestley: D5
  [1:16pm] phabotlocal: Declining to mention PHID-DREV-d7940d0fe081e3ae5267
again (57s left).
  [1:16pm] epriestley: rJUI100
  [1:16pm] phabotlocal: http://local.aphront.com/rJUI100
  [1:16pm] epriestley: rJUI100
  [1:16pm] phabotlocal: Declining to mention PHID-CMIT-8fb731b171a27b8d477c
again (55s left).
  [1:16pm] phabotlocal left the chat room. (Remote host closed the connection)

Reviewed By: aran
Reviewers: aran, codeblock, hsb, mroch
CC: aran
Differential Revision: 420
2011-06-09 13:48:03 -07:00
epriestley
79b5343d6b Remove "@" from resource map include since there is no reason to silence this file and it makes it impossible to find syntax errors. 2011-06-09 12:30:28 -07:00
epriestley
94d0adb140 Add "Undo" for editing Differential inline comments
Summary:
When a user hits 'cancel' on a 'new', 'edit', or 'reply' operation, add a little
"Changes discarded. __Undo__" insert so they can get their change back. No undo
for delete since there's an explicit prompt. Once this lands we can make
'escape' work again to close dialogs.

This change started feeling really good when I was merging all the duplicate
code and making things more consistent, but by the time I started writing client
rendering it felt gross. I'm not really thrilled with it but I guess it's a step
forward? The feature seems pretty OK in practice. Let me know how much barfing
this causes and I can try to remedy the most acute concerns.

This also fixes a bug where replies always (?) appear on the 'new' side of the
diff (I think?).

Test Plan:
Applied 'new', 'edit', 'delete' and 'reply' operations, pressed 'cancel' and
'okay' in each case, with and without changing text where relevant. All
behaviors seem to conform with expectations, except that canceling out of 'edit'
without changing the text gives you an option to undo when it shouldn't really.
There's no super easy way to get at the original text right now.

Reviewed By: aran
Reviewers: aran, jungejason, tuomaspelkonen
CC: simpkins, aran, epriestley
Differential Revision: 406
2011-06-08 10:44:01 -07:00
Evan Priestley
b8e1ead481 Merge pull request #12 from DamianZaremba/master
Path issues in PhabricatorSetup.php
2011-06-03 16:45:57 -07:00
cadamo
089d8327b3 Fix regenerate arcanist cert, setup stuff and avoid accept non valid image files as profile picture.
Summary:
Well, since I couldn't regenerate my arcanist cert I figured out that this wass because "workflows" are unavailable there now. I really can not figure out why but it was.
I added in the setup script, the ability to check if is present the protocol of the host and if it has a trailing slash a the end of the line, since both are needed to generate the cert.

Users now only be able to upload valid image files with mimetype of jpg, jpeg,
png and gif.

Test Plan:
FIRST: DO NOT apply those changes! then
1- go to settings->arcanist certificate and the click on regenerate ... humm
2- On your config file, delete the trailing slash at the end and the protocol on "phabricator.base-uri", then go to setting->arcanist certificate. Here you
will see something like this "phabricator.example.comapi\/" instead of
"http:\/\/phabricator.example.com\/api\/".

SECOND: Now apply this changes:
1- Go to settings->arcanist certificate and the click on regenerate.
2- On your config file, delete the trailing slash at the end and the protocol
on "phabricator.base-uri", and setup "phabricator.setup" to true.
3- Then go to setting->arcanist certificate and you could see that this was successfully generated.

THIRD:
Go to settings->account and try to upload an invalid image file, and do the same on "youruserna"->edit profile.

Reviewed By: epriestley
Reviewers: epriestley jungejason
CC: epriestley jugesason cadamo aran
Differential Revision: 391
2011-06-02 23:27:10 -03:00
epriestley
d96d515cc2 Add comment linking to Maniphest and Differential
Summary:
Allows you to link to comments with "D123#3" or "T123#3", then adds a pile of JS
to try to make it not terrible. :/

The thing I'm trying to avoid here is when someone says "look at this!
http://blog.com/#comment-239291" and you click and your browser jumps somewhere
random and you have no idea which comment they meant. Since I really hate this,
I've tried to avoid it by making sure the comment is always highlighted.

Test Plan:
Put T1#1 and D1#1 in remarkup and verified they linked properly.

Clicked anchors on individual comments.

Faked all comments hidden in Differential and verified they expanded on anchor
or anchor change.

Reviewed By: aran
Reviewers: aran, tomo, mroch, jungejason, tuomaspelkonen
CC: aran, epriestley
Differential Revision: 383
2011-05-31 11:11:19 -07:00
epriestley
ead9bbfeb1 Test for pcntl availability from the command line, not Apache
Summary:
In RHEL6 at the least, pcntl installs from distro package management to the CLI
but not to Apache. Since we don't need it in apache and it's a pain to build
manually, just verify it exists on the CLI.

Test Plan:
Simulated script failures and verified setup output.

Reviewed By: codeblock
Reviewers: codeblock, aran, jungejason, tuomaspelkonen
CC: aran, epriestley, kevinwallace, codeblock
Differential Revision: 380
2011-05-30 21:02:08 -07:00
epriestley
8ae765f6d7 Enable SendGrid Parse API as an inbound email handler
Summary:
Sendmail is seriously difficult to configure; SendGrid is extremely easy. It's
also pretty expensive ($80/mo) but there are a bunch of startups that already
have plans so it's effectively free for them.

Test Plan:
Configured SendGrid and sent reply email through it.

Reviewed By: aran
Reviewers: tuomaspelkonen, jungejason, aran
CC: aran, epriestley
Differential Revision: 376
2011-05-30 12:28:33 -07:00
epriestley
d3fed84b9c Minor IRCBot fixes/upgrades
Summary:
Keep him from getting killed every 24 hours by the overseer, add basic commit
support.

Test Plan:
Ran irc bot, fed him a commit, fed him "http://blah/D1".

Reviewed By: aran
Reviewers: aran, jungejason, tuomaspelkonen, codeblock, mroch
CC: aran, epriestley
Differential Revision: 377
2011-05-30 12:24:39 -07:00
Damian Zaremba
e7d2e96c23 Changing the method of validating sendmail exists on the system.
Summary:
Removes calling `which` and instead checks the file path that PHPMailerLite uses directly (/usr/bin/sendmail).

This fixes $PATH export issues which occur on certain platforms causing un-expected errors during setup.

Test Plan:
* Run setup on server without sendmail install & error should be presented.
* Install sendmail then re-run setup & no error should be presented.

Reviewers: epriestley

Differential Revision: 375
2011-05-30 02:57:44 +01:00
Aizat Faiz
fdf39a9cb1 Add PHP openssl extension as a dependency
Summary:
After successfully installing phabricator on my Mac OS X 10.6.7, I was unable to
link my accounts to either Facebook or GitHub.

I diagnosed that file_get_contents() and fopen() were not working properly.

After installing the php openssl package I was able to get it linking
successfully.

Test Plan:
With php's openssl extension disabled, and phabricator installed. Try linking to
Facebook and GitHub and observe that it fails.  You can visit the Auth
Diagnostics page and "Facebook Graph" and "App Login" should fail.

With php's openssl extension enabled, linking to Facebook and GitHub should be
successful.

Change the configuration to add "phabricator.setup = false".

Disable php's openssl extension.  Visit the phabricator site and observe that it
requires you to install php's openssl extension.

Enable php's openssl extension. Visit the phabricator site and observe that it
installs fine.

Reviewed By: epriestley
Reviewers: epriestley
CC: aran, epriestley
Differential Revision: 352
2011-05-28 08:53:08 +08:00
tuomaspelkonen
19e10b2b5d Embedded youtube videos.
Summary:
Markup support for embedding Youtube videos.

Test Plan:
https://www.youtube.com/watch?v=Vw4KVoEVcr0 was embedded

Reviewed By: epriestley
Reviewers: epriestley
CC: aran, epriestley
Differential Revision: 353
2011-05-27 13:50:58 -07:00
adonohue
36a6fcb573 diffusion.getrecentcommitsbypath
Summary:
Implement diffusion.getrecentcommitsbypath, a Conduit wrapper over
DiffusionHistoryQuery which returns results suitable for consumption by
diffusion.getcommits.

Test Plan:
Conduit console

Reviewed By: epriestley
Reviewers: epriestley
CC: aran, epriestley
Differential Revision: 315
2011-05-19 15:59:38 -07:00
epriestley
5fdea30878 Documentation: improve Diffusion documentation 2011-05-19 13:40:40 -07:00
Julius Seporaitis
cb8348c8eb Added PCNTL extension to the required extensions list. 2011-05-18 11:46:04 +03:00
epriestley
28146171ce Add an "IRC Object Name" handler for D12345
Summary:
I need to add some more conduit methods / info to make this at all useful but
here's some basics.

Test Plan:
Hung out in #phabot-test

Reviewed By: mroch
Reviewers: mroch, codeblock, aran, jungejason, tuomaspelkonen
CC: aran, mroch, epriestley
Differential Revision: 300
2011-05-17 16:16:25 -07:00
epriestley
f1d43bc3c5 Establish a Conduit connection from PhabricatorIRCBot
Summary:
Allow construction of handlers which use Conduit.

Test Plan:
Made a bot that connects to local and runs conduit.ping.

Reviewed By: mroch
Reviewers: mroch, codeblock, aran, jungejason, tuomaspelkonen
CC: aran, mroch
Differential Revision: 299
2011-05-17 16:16:07 -07:00
epriestley
84731e8f00 Aphlict, simple notification server
Summary:
This is purely a prototype at the moment, but the basic functionality sort of
works.

I'm not sure how far I want to go with this but I think we might be able to get
somewhere without it being gross.

The idea here is to build a notification server WITHOUT using Comet, since Comet
is extremely difficult and complicated.

Instead, I use Flash on the client. LocalConnection allows flash instances to
talk to each other and connect() can be used as a locking primitive. This allows
all the instances to elect a master instance in a race-safe way. The master is
responsible for opening a single connnection to the server.

On the server, I use Node.js since PHP is pretty unsuitable for this task.

See Github Issue #3: https://github.com/facebook/phabricator/issues/3

One thing I need to figure out next is if I can reasonably do SSL/TSL over Flash
(it looks like I can, in theory, with the as3crypto library) or if the server
needs to just send down version information and trigger a separate Ajax call on
the client.

Test Plan:
Created a client pool and connected it to the server, with election and failover
apparently working correctly.

Reviewed By: aran
Reviewers: Girish, aran, jungejason, tuomaspelkonen, davidrecordon
Commenters: Girish, davidrecordon
CC: aran, epriestley, Girish, davidrecordon
Differential Revision: 284
2011-05-17 10:32:41 -07:00
epriestley
417ca39703 Update Phabricator to new PhutilServiceProfiler APIs
Summary:
Get rid of the Phabricator-level DarkConsole-specific API and use the more
general Phutil-level one.

Test Plan:
Loaded DarkConsole services plugin, viewed Diffusion, got execs in the trace.

Reviewed By: aran
Reviewers: aran, jungejason, tuomaspelkonen
CC: aran
Differential Revision: 293
2011-05-16 17:10:18 -07:00
epriestley
3fdc115b54 Very basic IRC Bot
Summary:
This is sort of a silly/fun project but I think there's some utility. For
example, mroch added some handlers to an eggdrop or something similar to look
for "D12345" and print out the title/link, which was actually pretty useful.

We could also add logging here and subsume the more-or-less unowned Facebook
tool that does the same thing, especially since we can get a bunch of good stuff
it doesn't support (like search) more or less for free.

This is also an easy way to provide some example code for writing Conduit system
agents.

This is a minimal implementation which creates a bot that connects to a
hard-coded server and sits there indefinitely. Next steps:

  - Add conduit/sysagent support
  - Write differential/maniphest/diffusion handlers
  - Move configuration to the web interface (?) and integrate with phd
  - Write a logging handler?

Test Plan:
Ran bot with "exec_daemon.php", it connected to the hard-coded server and sat
there indefinitely.

Reviewed By: aran
Reviewers: codeblock, mroch, tuomaspelkonen, aran, jungejason
CC: aran, epriestley
Differential Revision: 283
2011-05-16 13:18:02 -07:00
epriestley
8391767d8c Improve setup process / documentation for outbound email configuration
Summary:
ccheever did an install and gave me some feedback about issues he hit. This
tries to:

  - properly document how to configure outbound email;
  - test outbound email configuration in the setup mode;
  - provide basic daemon documentation;
  - document that phabricator.base-uri is required for all installs.

Test Plan:
read documentation, jumped through all the setup branches to test configuration
error detection

Reviewed By: aran
Reviewers: tuomaspelkonen, jungejason, aran, rm
CC: ccheever, aran
Differential Revision: 276
2011-05-12 11:01:03 -07:00