1
0
Fork 0
mirror of https://we.phorge.it/source/phorge.git synced 2024-11-28 17:52:43 +01:00
Commit graph

690 commits

Author SHA1 Message Date
epriestley
5e6716399c Make Settings modular and allow them to be EditEngine'd
Summary: Ref T4103. This starts breaking out settings in a modern way to prepare for global defaults.

Test Plan:
  - Edited diff settings.
  - Saw them take effect in primary settings pane.
  - Set stuff to new automatic defaults.
  - Tried to edit another user's settings.
  - Edited a bot's settings as an administrator.

{F1669077}

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T4103

Differential Revision: https://secure.phabricator.com/D15995
2016-05-31 15:32:02 -07:00
epriestley
b256f2d7b2 Prepare UserPreferences for transactions
Summary:
Ref T4103. This give preferences a PHID, policy/transaction interfaces, a transaction table, and a Query class.

This doesn't actually change how they're edited, yet.

Test Plan:
- Ran migrations.
- Inspected database for date created, date modified, PHIDs.
- Changed some of my preferences.
- Deleted a user's preferences, verified they reset properly.
- Set some preferences as a new user, got a new row.
- Destroyed a user, verified their preferences were destroyed.
- Sent Conpherence messages.
- Send mail.
- Tried to edit another user's settings.
- Tried to edit a bot's settings as a non-admin.
- Edited a bot's settings as an admin (technically, none of the editable settings are actually stored in the settings table, currently).

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T4103

Differential Revision: https://secure.phabricator.com/D15991
2016-05-31 12:28:44 -07:00
epriestley
92ea4fb098 Stop two special cache writes in read-only mode
Summary:
Ref T10769. The user availability cache write shouldn't happen in read-only mode, nor should the Differential parse cache write.

(We might want to turn off the availbility feature completely since it's potentially expensive if we can't cache it, but I think we're OK for now.)

Test Plan:
In read-only mode:

  - Browsed as a user with an out-of-date availability cache.
  - Loaded an older revision without cached parse data.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T10769

Differential Revision: https://secure.phabricator.com/D15988
2016-05-30 10:12:09 -07:00
lkassianik
627b95bf78 Remove calendar panel in profile and make calendar box header a link to user's calendar
Summary: Ref T9606, Clicking on the calendar preview header in user's profile page should link to user's full month calendar

Test Plan: Open user profile, scroll to calendar preview, click on Calendar box header. This should open the month calendar for the user (not viewer)

Reviewers: epriestley, #blessed_reviewers

Reviewed By: epriestley, #blessed_reviewers

Subscribers: Korvin

Maniphest Tasks: T9606

Differential Revision: https://secure.phabricator.com/D15967
2016-05-23 11:32:56 -07:00
lkassianik
359e8d4aa5 Hover hint on calendar list items should appear on the most convenient side of the item
Summary: Hover hint on calendar list items should be to the right in day view, left in profile view, on top in month view

Test Plan: Open profile view, calendar items should have a left hover. Open day view, calendar items should have a right hover. Open month view, calendar items should have top hover.

Reviewers: epriestley, #blessed_reviewers

Reviewed By: epriestley, #blessed_reviewers

Subscribers: Korvin

Maniphest Tasks: T9606

Differential Revision: https://secure.phabricator.com/D15964
2016-05-23 10:49:29 -07:00
lkassianik
de645301b5 Adding a calendar preview panel to people profile
Summary: Ref T9606

Test Plan: Open people profile for a user with events today/tomorrow, see a panel under badges panel with event list

Reviewers: chad, epriestley, #blessed_reviewers

Reviewed By: epriestley, #blessed_reviewers

Subscribers: Korvin

Maniphest Tasks: T9606

Differential Revision: https://secure.phabricator.com/D15851
2016-05-23 10:39:25 -07:00
epriestley
5d30ea56cf Add a modern user.search Conduit API method
Summary: Ref T10512. This is fairly bare-bones but appears to work.

Test Plan: Queried all users, queried some stuff by constraints.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T10512

Differential Revision: https://secure.phabricator.com/D15959
2016-05-22 05:54:31 -07:00
epriestley
a91004ef1b Detect timezone discrepancies and prompt users to reconcile them
Summary: Ref T3025. This adds a check for different client/server timezone offsets and gives users an option to fix them or ignore them.

Test Plan:
  - Fiddled with timezone in Settings and System Preferences.
  - Got appropriate prompts and behavior after simulating various trips to and from exotic locales.

In particular, this slightly tricky case seems to work correctly:

  - Travel to NY.
  - Ignore discrepancy (you're only there for a couple hours for an important meeting, and returning to SF on a later flight).
  - Return to SF for a few days.
  - Travel back to NY.
  - You should be prompted again, since you left the timezone after you ignored the discrepancy.

{F1654528}

{F1654529}

{F1654530}

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T3025

Differential Revision: https://secure.phabricator.com/D15961
2016-05-21 13:25:23 -07:00
epriestley
6f6ca0102d Send forced mail on SSH key edits
Summary:
Ref T10917. This cheats fairly heavily to generate SSH key mail:

  - Generate normal transaction mail.
  - Force it to go to the user.
  - Use `setForceDelivery()` to force it to actually be delivered.
  - Add some warning language to the mail body.

This doesn't move us much closer to Glorious Infrastructure for this whole class of events, but should do what it needs to for now and doesn't really require anything sketchy.

Test Plan: Created and edited SSH keys, got security notice mail.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T10917

Differential Revision: https://secure.phabricator.com/D15948
2016-05-19 15:01:25 -07:00
epriestley
0308d580d7 Deactivate SSH keys instead of destroying them completely
Summary:
Ref T10917. Currently, when you delete an SSH key, we really truly delete it forever.

This isn't very consistent with other applications, but we built this stuff a long time ago before we were as rigorous about retaining data and making it auditable.

In partiular, destroying data isn't good for auditing after security issues, since it means we can't show you logs of any changes an attacker might have made to your keys.

To prepare to improve this, stop destoying data. This will allow later changes to become transaction-oriented and show normal transaction logs.

The tricky part here is that we have a `UNIQUE KEY` on the public key part of the key.

Instead, I changed this to `UNIQUE (key, isActive)`, where `isActive` is a nullable boolean column. This works because MySQL does not enforce "unique" if part of the key is `NULL`.

So you can't have two rows with `("A", 1)`, but you can have as many rows as you want with `("A", null)`. This lets us keep the "each key may only be active for one user/object" rule without requiring us to delete any data.

Test Plan:
- Ran schema changes.
- Viewed public keys.
- Tried to add a duplicate key, got rejected (already associated with another object).
- Deleted SSH key.
- Verified that the key was no longer actually deleted from the database, just marked inactive (in future changes, I'll update the UI to be more clear about this).
- Uploaded a new copy of the same public key, worked fine (no duplicate key rejection).
- Tried to upload yet another copy, got rejected.
- Generated a new keypair.
- Tried to upload a duplicate to an Almanac device, got rejected.
- Generated a new pair for a device.
- Trusted a device key.
- Untrusted a device key.
- "Deleted" a device key.
- Tried to trust a deleted device key, got "inactive" message.
- Ran `bin/ssh-auth`, got good output with unique keys.
- Ran `cat ~/.ssh/id_rsa.pub | ./bin/ssh-auth-key`, got good output with one key.
- Used `auth.querypublickeys` Conduit method to query keys, got good active keys.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T10917

Differential Revision: https://secure.phabricator.com/D15943
2016-05-18 14:54:28 -07:00
epriestley
99be132ea2 Allow public users to make intracluster API requests
Summary:
Ref T10784. On `secure`, logged-out users currently can't browse repositories when cluster/service mode is enabled because they aren't permitted to make intracluster requests.

We don't allow totally public external requests (they're hard to rate limit and users might write bots that polled `feed.query` or whatever which we'd have no way to easily disable) but it's fine to allow intracluster public requests.

Test Plan: Browsed a clustered repository while logged out locally.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T10784

Differential Revision: https://secure.phabricator.com/D15695
2016-04-13 12:51:16 -07:00
Chad Little
6b40cfaa60 Fix spelling error
Summary: Ran into this, correct spelling.

Test Plan: read

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: Korvin

Differential Revision: https://secure.phabricator.com/D15681
2016-04-11 09:26:08 -07:00
epriestley
27104b57c8 Account for raw limits properly in CalendarEventQuery
Summary:
Fixes T8613. This was pretty straightforward, I just never dug into it originally.

`rawResultLimit = 0` just means "no limit", so the fix is to only apply a limit if it is set to some nonzero value.

Also modernize a few pieces of code.

Test Plan: I'm actually not sure this can actually be hit normally? I faked `setGenerateGhosts(true)` into an unrelated query, hit the fatal, then fixed it.

Reviewers: lpriestley, chad

Reviewed By: chad

Maniphest Tasks: T8613

Differential Revision: https://secure.phabricator.com/D15653
2016-04-07 08:39:27 -07:00
Chad Little
8aad862cd4 Normalize casing on property boxes
Summary: Going to render these all normal case instead of all caps, and bump up the font size. Should be more consistent. Yellow if you green anything orange.

Test Plan: grep, lint

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: Korvin

Differential Revision: https://secure.phabricator.com/D15645
2016-04-06 15:33:15 -07:00
epriestley
46881c4ce5 Add a session engine extension point
Summary: Ref T7673. This is really just so I can force admin.phacility.com logout when you log out of an instance, but there are a few other things we could move here eventually, like the WILLREGISTERUSER event.

Test Plan: Logged out of an instance, got logged out of parent (see next change).

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T7673

Differential Revision: https://secure.phabricator.com/D15629
2016-04-05 15:19:47 -07:00
epriestley
5dec03af32 Make OAuth scope handling more flexible
Summary:
Ref T7303. Currently, our handling of "scope" is fairly rigid and adheres to the spec, but some of these behaviors don't make much sense in practice.

Soften some behaviors and make them more flexible:

**Soft Failure on Unknown Permissions**: If a client asks for a permission we don't know about, just warn that we don't recognize it instead of fataling. In particular, I plan to make `offline_access` and `whoami` implicit. Older clients that request these permissions will still work fine as long as we don't hard-fatal.

**Move `user.whoami` to ALWAYS scope**: Make `whoami` a default permission. We've already done this, in effect; this just formalizes it.

**Tokens no longer expire**: Make `offline_access` (infinite-duration tokens) a default permission. I think the OAuth model doesn't map well to reality. It is common for other providers to issue "temporary" tokens with a duration of multiple years, and the refesh workflow is sort of silly. We can add a "temporary" scope later if we need temporary tokens.

This flow was potentially extra silly with the "log out of Phacility" use case, where we might need to have you log in again before we could log you out, which is bizarre and senseless. Avoid this nonsense.

**Move away from granular permissions**: Users currently get to pick-and-choose which permissions they grant, but this likely rarely/never works in practice and is fairly hostile since applications can't communicate which permissions they need. Applications which can actually operate with only some subset of permissions can make separate requests (e.g., when you activate "cool feature X", it asks for X permission). I think applications that do this are rare; pretty much everything just asks for tons of permissions and everyone grants them.

Making this all-or-nothing is better for well-behaved applications and better for users. It's also slightly better for overzealous applications that ask for more than they need, but whatever. Users can make an informed decision, hopefully, and I plan to let administrators force applications to a subset of permissions once we introduce meaningful scopes.

Test Plan:
  - Generated tokens.
  - Used tokens.
  - Authorized an instance.
  - Faked some bogus scopes, got clean authorization.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T7303

Differential Revision: https://secure.phabricator.com/D15621
2016-04-05 13:53:33 -07:00
Chad Little
f90cd8a1ed Modernize People UI
Summary: Updates various /people/ pages for new UI and newPage

Test Plan: Review creating people, new people, sending invites, editing a profile, setting a new picture, something with LDAP

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: Korvin

Differential Revision: https://secure.phabricator.com/D15604
2016-04-04 08:06:44 -07:00
lkassianik
e66bf17505 Fixing the badges query, yet again
Summary: Forgot a more efficient way to get badge from award

Test Plan: Badges on user profiles should still show up with awarder handle on the back of the card

Reviewers: #blessed_reviewers, epriestley

Reviewed By: #blessed_reviewers, epriestley

Subscribers: Korvin

Differential Revision: https://secure.phabricator.com/D15589
2016-04-02 18:56:36 -07:00
lkassianik
219357aa9f Adding awarder info to badge cards displayed on user profile pages
Summary: Ref T8940

Test Plan: Award badge, open recipient profile page, badge should appear in badges list, and flipping the badge card should show who awarded it.

Reviewers: #blessed_reviewers, epriestley

Reviewed By: #blessed_reviewers, epriestley

Subscribers: chad, Korvin

Maniphest Tasks: T8940

Differential Revision: https://secure.phabricator.com/D15570
2016-04-02 18:23:11 -07:00
Chad Little
2386705873 Allow awarding Badges from the profile
Summary:
[WIP] Allows awarding a badge from a user profile. Unsure of the interactions here if a user can't award any badges, or if we should just hide this.

Fixes T10688
Fixes T10318

Test Plan: Award some badges. Steal them back.

Reviewers: lpriestley, epriestley

Reviewed By: epriestley

Subscribers: Korvin

Maniphest Tasks: T10318, T10688

Differential Revision: https://secure.phabricator.com/D15544
2016-03-31 20:39:06 +00:00
lkassianik
878b941309 Show "no badges" text in people profiles with archived badges only
Summary: Fixes T10670, for users with exclusively archived badges, user profile should show "no badges" message instead of blank box

Test Plan: Award badge to user with no badges, archive badge, user profile should show "no badges" message under badges.

Reviewers: epriestley, #blessed_reviewers

Reviewed By: epriestley, #blessed_reviewers

Subscribers: Korvin

Maniphest Tasks: T10670

Differential Revision: https://secure.phabricator.com/D15538
2016-03-28 11:40:06 -07:00
lkassianik
0330ea575d Converting badge recipients from Edge to BadgeAward table
Summary: Ref T8996, Convert badge recipients from Edges to actual BadgeAward objects

Test Plan: Create badge, award it to recipient. Make sure adding/removing recipients works. (Still need to migrate exisiting recipients to new table and need to create activity feed blurbs)

Reviewers: epriestley, #blessed_reviewers

Reviewed By: epriestley, #blessed_reviewers

Subscribers: chad, Korvin

Maniphest Tasks: T8996

Differential Revision: https://secure.phabricator.com/D15014
2016-03-26 14:03:48 -07:00
epriestley
f07d0ae7c3 Make dates/times more concise in Diffusion
Summary: I think I like this better -- but maybe right-aligned?

Test Plan:
{F1180295}

{F1180296}

Reviewers: chad

Reviewed By: chad

Differential Revision: https://secure.phabricator.com/D15495
2016-03-18 09:11:09 -07:00
epriestley
8e3ea4e034 Use new modular temporary auth token constants in one-time login and password reset flows
Summary:
Ref T10603. This converts existing hard-codes to modular constants.

Also removes one small piece of code duplication.

Test Plan:
  - Performed one-time logins.
  - Performed a password reset.
  - Verified temporary tokens were revoked properly.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T10603

Differential Revision: https://secure.phabricator.com/D15476
2016-03-16 09:33:24 -07:00
Chad Little
1392872c5c Convert people manage page to two column
Summary: Ref T10545, this brings flags back? and converts the layout to two column w/curtain

Test Plan: View a few manage pages.

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: Korvin

Maniphest Tasks: T10545

Differential Revision: https://secure.phabricator.com/D15449
2016-03-09 08:57:11 -08:00
Chad Little
fe7e288cf5 Solidify PHUITwoColumnView as a page layout
Summary:
Rolls out a new "Object Page" design with PHUITwoColumnView. This is reasonably polished, but wanted to post it up for you now for feedback before chasing down minor bugs. This implements TwoColumn in the following applications:

 - Ponder
 - Paste
 - Slowvote
 - Countdown
 - Projects
 - Profile
 - Passphrase

This helped track down display issues and inconsistencies and make sure the layout was flexible for different pages.

Test Plan:
Test each of the applications on mobile, tablet, and desktop breakpoints.

{F1135705}

{F1135706}

{F1135707}

{F1135708}

{F1135709}

{F1135710}

{F1135711}

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: Korvin

Differential Revision: https://secure.phabricator.com/D15366
2016-03-01 07:23:08 -08:00
Chad Little
e9f4ca6ca3 Redesign PonderQuestionView
Summary: Full new UI, testing some upcoming treatments for consideration in other View controllers. Small tweaks to allow PHUITwoColumnView to have fixed and fluid width, and let TransactionCommentView go fullWidth.

Test Plan:
Tested a number of Ponder cases, New Question, with and without summary, with and without answers, with and without comments. Mobile, Tablet, and Desktop layouts. Verify Project and Profile UI's still in tact.

{F1120961}

{F1120962}

{F1120963}

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: Korvin

Differential Revision: https://secure.phabricator.com/D15315
2016-02-23 17:20:07 -08:00
Chad Little
f5e2f9587c Add setHeader to PHUITwoColumnView for consistent page layouts
Summary: Working towards making PHUITwoColumnView into a page layout engine. Adds header support.

Test Plan: Use new header on Profile and Profiles. No visual changes, less duplicated code.

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: Korvin

Differential Revision: https://secure.phabricator.com/D15292
2016-02-17 13:09:10 -08:00
Chad Little
12d8520059 Convert PHUIObjectBoxView to AphrontTagView
Summary: Attempting to clean PHUIObjectBoxView up a little as well as finally being able to `addClass` on the sucker. I'm running into some issue with `addTabs` though, which on Files isn't firing.

Test Plan: Bounce around tons of screens.

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: Korvin

Differential Revision: https://secure.phabricator.com/D15291
2016-02-17 12:54:56 -08:00
Chad Little
c1f57605ab Normalize colors a bit better on Profiles/Projects, add Workboard backgrounds
Summary: Cleans up the backgrounds a little on Projects/Profiles and adds a number of colour choices for Workboards.

Test Plan:
Manually add each color for testing. Test new project / profile layouts with and without properties.

{F1109325}

{F1109326}

{F1109327}

{F1109328}

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: Korvin

Differential Revision: https://secure.phabricator.com/D15269
2016-02-13 12:08:29 -08:00
Chad Little
6ae0a62f9f New People Hovercards
Summary: Mimics the Project Hovercards, more custom UI.

Test Plan: Hover over person with and without badges, hover over project.

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: Korvin

Differential Revision: https://secure.phabricator.com/D15253
2016-02-11 15:41:55 -08:00
epriestley
7550557e44 Don't show archived projects by default in policy control
Summary:
When filling in filler projects, only select active ones.

Also use a slightly more modern method signature.

Test Plan: Disabled a project, saw it vanish from the control.

Reviewers: chad

Reviewed By: chad

Differential Revision: https://secure.phabricator.com/D15199
2016-02-06 12:41:58 -08:00
epriestley
42954bc5ac Fix bad rendering pathway on user profiles for viewers without Badges application
Summary: Fixes T10275. We'd fatal on `$flex` not being defined.

Test Plan: Uninstalled badges, viewed profile. Before: fatal; now: no badges element appears but profile renders properly.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T10275

Differential Revision: https://secure.phabricator.com/D15182
2016-02-04 07:17:31 -08:00
Chad Little
2f0571923c Add project list to user profiles
Summary: Adds which Projects a user is a member of to their profile, with a link to more. Build fallback states for no badges or no projects.

Test Plan:
Review a user with projects, without projects, with badges, without badges.

{F1084127}

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: Korvin

Differential Revision: https://secure.phabricator.com/D15150
2016-02-04 02:22:34 +00:00
Chad Little
6bb24e1d0c Move PhabricatorHovercard to PHUIHovercard
Summary: No UI changes, just some search and replace for UI consistency.

Test Plan: Test person and object hovercards still work. UIExamples too.

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: Korvin

Differential Revision: https://secure.phabricator.com/D15172
2016-02-03 16:26:30 +00:00
epriestley
9d125b459e Use large text columns to store IP addresses
Summary: Fixes T10259. There was no real reason to do this `ip2long()` stuff in the first place -- it's very slightly smaller, but won't work with ipv6 and the savings are miniscule.

Test Plan:
  - Ran migration.
  - Viewed logs in web UI.
  - Pulled and pushed.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T10259

Differential Revision: https://secure.phabricator.com/D15165
2016-02-02 10:13:14 -08:00
epriestley
18f34fab73 Always give users "fa-user" icons in tokenizers
Summary: Fixes T10247. The flavor icons are unhelpful/confusing in these contexts; show a boringer icon instead.

Test Plan: Used tokenizer to select user with custom profile icon. Reloaded page. Saw boringer icon in both cases.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T10247

Differential Revision: https://secure.phabricator.com/D15154
2016-02-01 09:49:12 -08:00
epriestley
08e7b6f79f Fix object extraction from user profile blurbs
Summary: Fixes T10242. Currently, we don't extract files, mentions, etc., properly from user profile blurbs.

Test Plan: Uploaded a file to my profile blurb, saw it attach properly.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T10242

Differential Revision: https://secure.phabricator.com/D15153
2016-02-01 09:46:45 -08:00
epriestley
354858e434 Disambiguate isEmpty()
Summary:
Fixes T10250.

Rename the one I added to `hasAnyProperties()` for clarity.

Test Plan:
  - Viewed a project profile with content.
  - Viewed a project profile with no properties.
  - Viewed a workboard with tasks that had a mixture of additional projects and no additional projects.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T10250

Differential Revision: https://secure.phabricator.com/D15151
2016-01-31 15:20:04 -08:00
Chad Little
e2da571734 Add additional icons for User Profiles
Summary: Designer, Musician, Spy, Robot

Test Plan: Click Choose Icon, see that I am a designer.

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: Korvin

Differential Revision: https://secure.phabricator.com/D15147
2016-01-31 20:09:06 +00:00
Chad Little
b8139e6946 Add basic fields back to Manage pages
Summary: It feels wierd to edit a project or profile and not see the changes. For now add them back to the Manage page.

Test Plan: Edit a Profile, Edit a Project. See updates on Manage page.

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: Korvin

Differential Revision: https://secure.phabricator.com/D15140
2016-01-29 11:52:00 -08:00
Chad Little
5e639feab4 Minor tweaks to Profile/Project
Summary:
- Redirect to profileview when new image is uploaded.
- Add ProfileNav to EditPicture on Profile
- Add ProfileNav to EditProfile on Profile

Test Plan: Set new images on Profiles and Projects. See new redirect. See new navs.

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: Korvin

Differential Revision: https://secure.phabricator.com/D15132
2016-01-28 22:45:19 +00:00
Chad Little
fe5cd4ca2c Move FontIcon calls to Icon
Summary: Normalizes all `setFontIcon` calls to `setIcon`.

Test Plan: UIExamples, Almanac, Apps list, etc.

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: Korvin, hach-que, yelirekim

Differential Revision: https://secure.phabricator.com/D15129
2016-01-28 08:48:45 -08:00
Chad Little
36158dbdc0 Convert all calls to 'IconFont' to just 'Icon'
Summary: Mostly for consistency, we're not using other forms of icons and this makes all classes that use an icon call it in the same way.

Test Plan: tested uiexamples, lots of other random pages.

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: Korvin

Differential Revision: https://secure.phabricator.com/D15125
2016-01-27 20:59:27 -08:00
epriestley
c11c7f2900 Prevent "Manage" profile menu items from being hidden
Summary: Ref T10054. Prevent users from removing this item and locking themselves out of the system unless they can guess the URI.

Test Plan: Tried to disable "Manage", wasn't permitted to.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T10054

Differential Revision: https://secure.phabricator.com/D15113
2016-01-25 06:43:03 -08:00
Chad Little
a9e2e6c5aa Update Profiles to look like Project UI
Summary: Updates People profiles to look more like Project profiles. This removes Conpherence and Flag links. Don't think you like Conpherence links much and for Flags maybe we can put them in the quick create menu?

Test Plan:
View profiles with and without Badges.

{F1069365}

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: Korvin

Differential Revision: https://secure.phabricator.com/D15111
2016-01-24 17:42:57 -08:00
epriestley
8efaaa188f Move user editing/management actions to a separate "Manage" item, like projects
Summary: This improves consistency (by making this UI more similar to the projects UI) and gives us more flexibility the next time we update user profiles.

Test Plan:
{F1068889}

Took all the actions (probably?) to check that all the redirects were updated.

Reviewers: chad

Reviewed By: chad

Differential Revision: https://secure.phabricator.com/D15104
2016-01-24 10:01:31 -08:00
epriestley
06aa207960 Allow users to have profile icons
Summary: Ref T10054. This primarily improves aesthetics and consistency for member/wathcher lists in projects.

Test Plan:
{F1068873}

{F1068874}

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T10054

Differential Revision: https://secure.phabricator.com/D15103
2016-01-24 09:58:01 -08:00
epriestley
da5d01e542 Convert user profiles to Profile Panels
Summary:
Ref T10054. Primary goal is to be able to remove IconNav from the codebase.

I've made these non-editable so users can't customize them yet. We //might// want administrators to customize these globally instead? In any case, we avoid a bunch of product questions by just locking these down for now.

Test Plan: {F1061348}

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T10054

Differential Revision: https://secure.phabricator.com/D15020
2016-01-15 09:13:13 -08:00
epriestley
5d6dd7df7d Add a basic remarkup typeahead for users and projects
Summary: Ref T3725. This probably has 900,000 bugs. This will need updates for subprojects/milestones.

Test Plan:
  - Tested very gently in Safari, Firefox and Chrome.
  - Reasonable inputs appear to work.
  - Clicking, escape, tab, return, arrow keys work OK?

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T3725

Differential Revision: https://secure.phabricator.com/D15029
2016-01-15 09:11:46 -08:00
epriestley
08de131da5 Begin modularizing main menu items
Summary:
Ref T10077. Ref T8918. The way the main menu is built is not very modular and fairly hacky.

It assumes menus are provided by applications, but this isn't exactly true. Notably, the "Quick Create" menu is not per-application.

The current method of building this menu is very inefficient (see T10077). Particularly, we have to build it //twice// because we need to build it once to render the item and then again to render the dropdown options.

Start cleaning this up. This diff doesn't actually have any behavioral changes, since I can't swap the menu over until we get rid of all the other items and I haven't extended this to Notifications/Conpherence yet so it doesn't actually fix T8918.

Test Plan: Viewed menus while logged in, logged out, in different applications, in desktop/mobile. Nothing appeared different.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T8918, T10077

Differential Revision: https://secure.phabricator.com/D14922
2016-01-04 06:57:09 -08:00
epriestley
be5b89687e Separate external editor integration from callsigns
Summary: Ref T4245. Pass the whole repository in so it can do something else in a future change.

Test Plan: Loaded changesets in Diffusion.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T4245

Differential Revision: https://secure.phabricator.com/D14931
2016-01-04 06:54:01 -08:00
epriestley
bdc517485c Modernize Hovercard implementation
Summary:
Ref T8980. Move away from events to EngineExtensions.

This also simplifies hovercards a bit:

  - Removes tasks from revision cards.
  - Removes blockers/blocked from task cards.
  - Removes "Send Message" from user cards.

These mostly felt cluttery to me. Open to arguments to retain them. I think we can make better use of the space, though (e.g., flags, projects + board columns).

Test Plan:
  - Viewed people, task, revision, commit and project hovercards.

{F1043256}

{F1043257}

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T8980

Differential Revision: https://secure.phabricator.com/D14878
2015-12-24 12:18:28 -08:00
epriestley
ba37149bf9 Improve bin/lipsum UX
Summary: Ref T9156. This makes the UX a little more modern/standard/safe.

Test Plan:
```
epriestley@orbital ~/dev/phabricator $ ./bin/lipsum generate
Choose which type or types of test data you want to generate, or select "all".

      - Differential Revisions
      - Files
      - Maniphest Tasks
      - Pastes
      - Pholio Mocks
      - Projects
      - User Accounts
```

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T9156

Differential Revision: https://secure.phabricator.com/D14873
2015-12-24 09:06:35 -08:00
epriestley
99c9df96b4 Convert all "DocumentIndexers" into "FulltextEngines"
Summary: Ref T9979. This simplifies/standardizes the code a bit, but mostly gives us more consistent class names and structure.

Test Plan:
  - Used `bin/search index --type ...` to index documents of every indexable type.
  - Searched for documents by unique text, found them.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T9979

Differential Revision: https://secure.phabricator.com/D14842
2015-12-21 17:25:23 -08:00
epriestley
2447d9bdf2 Begin improving modularity of IndexEngine, add locks
Summary:
Ref T9890. Ref T9979. Several adjacent goals:

  - The `SearchEngine` vs `ApplicationSearchEngine` thing is really confusing. There are also a bunch of confusing class names and class relationships within the fulltext indexing. I want to rename these classes to be more standard (`IndexEngine`, `IndexEngineExtension`, etc). Rename `SearchIndexer` to `IndexEngine`. A future change will rename `SearchEngine`.
  - Add the index locks described in T9890.
  - Structure things a little more normally so future diffs can do the "EngineExtension" thing more cleanly.

Test Plan:
Indexing:

  - Renamed a task to have a unique word in the title.
  - Ran `bin/search index Txxx`.
  - Searched for unique word.
  - Found task.

Locking:

  - Added a `sleep(10)` after the `lock()` call.
  - Ran `bin/search index Txxx` in two windows.
  - Saw first one lock, sleep 10 seconds, index.
  - Saw second one give up temporarily after failing to grab the lock.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T9890, T9979

Differential Revision: https://secure.phabricator.com/D14834
2015-12-21 17:04:10 -08:00
epriestley
2868a69f65 Remove all setObjectURI() from ActionListViews
Summary:
Ref T10004. After D14804, we get this behavior by default and no longer need to set it explicitly.

(If some endpoint did eventually need to set it explicitly, it could just change what it passes to `setHref()`, but I believe we currently have no such endpoints and do not foresee ever having any.)

Test Plan:
  - As a logged out user, clicked various links in Differential, Maniphest, Files, etc., always got redirected to a sensible place after login.
  - Grepped for `setObjectURI()`, `getObjectURI()` (there are a few remaining callsites, but to a different method with the same name in Doorkeeper).

Reviewers: chad

Reviewed By: chad

Subscribers: hach-que

Maniphest Tasks: T10004

Differential Revision: https://secure.phabricator.com/D14805
2015-12-17 08:30:22 -08:00
epriestley
05a798e3ac Add basic typechecking support to Conduit
Summary:
Ref T9964. I want to show users what we're expecting in "constraints", and let constraints like "authors=epriestley" work to make things easier.

I'm generally very happy with the "HTTPParameterType" stuff from EditEngine, so add a parallel set of "ConduitParameterType" classes. These are a little simpler than the HTTP ones, but have a little more validation logic.

Test Plan:
This is really just a proof of concept; some of these fields are now filled in:

{F1023845}

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T9964

Differential Revision: https://secure.phabricator.com/D14763
2015-12-14 04:21:39 -08:00
Chad Little
6985643f58 Filter archived Badges from UI
Summary: If you archive a badge, remove it's presence in the main Phabricator UI. These are still accessible from `/badges/` for properity. Ref T9944

Test Plan: Archive a badge, weep uncontrollably.

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: Korvin

Maniphest Tasks: T9944

Differential Revision: https://secure.phabricator.com/D14730
2015-12-10 10:49:42 -08:00
Chad Little
b482027687 Actual 2x avatar, new profile picture options
Summary: Provides a real 2x avatar and offers new built in images for profile pictures.

Test Plan: reload profile, see sharper image, pick eevee, see eevee

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: Korvin

Differential Revision: https://secure.phabricator.com/D14668
2015-12-04 13:24:25 -08:00
epriestley
618cec23d8 Make notification counts properly translatable
Summary:
Ref T9132. When I've touched `PhabricatorApplication` I keep hitting this bad `pht()` junk.

The warning is correct, these strings are not extactable and can not be translated.

Fix it so they can be extracted and translated.

Broadly, in all cases we want to render one of these:

> 95 Things (for fewer than some limit)
> 99+ Things (when we hit the limit)

Test Plan: Looked at homepage status counts, moused over them, saw reasonable strings. Grepped for removed method.

Reviewers: chad

Reviewed By: chad

Subscribers: joshuaspence

Maniphest Tasks: T9132

Differential Revision: https://secure.phabricator.com/D14638
2015-12-03 07:06:39 -08:00
Joshua Spence
cf2eb0dd5f Move some files around
Summary: Move some `PhabricatorPolicyRule` implementations to a subdirectory of the parent application.

Test Plan: N/A

Reviewers: #blessed_reviewers, epriestley

Reviewed By: #blessed_reviewers, epriestley

Subscribers: Korvin

Differential Revision: https://secure.phabricator.com/D14478
2015-11-17 06:26:13 +11:00
Joshua Spence
c35b564f4d Various translation improvements
Summary: Depends on D14070.

Test Plan: Eyeball it.

Reviewers: epriestley, #blessed_reviewers

Reviewed By: epriestley, #blessed_reviewers

Subscribers: Korvin, hach-que

Differential Revision: https://secure.phabricator.com/D14073
2015-11-03 07:02:46 +11:00
Joshua Spence
495cb7a2e0 Mark PhabricatorPHIDType::getPHIDTypeApplicationClass() as abstract
Summary: Fixes T9625. As explained in a `TODO` comment, seems reasonable enough.

Test Plan: Unit tests.

Reviewers: #blessed_reviewers, epriestley

Reviewed By: #blessed_reviewers, epriestley

Subscribers: Korvin, hach-que

Maniphest Tasks: T9625

Differential Revision: https://secure.phabricator.com/D14068
2015-11-03 06:47:12 +11:00
epriestley
32dc62955a Disable "Send Message" profile action if viewer is logged out
Summary: Fixes T9598.

Test Plan:
  - Used "Send Message" as a logged-in user.
  - Used "Send Message" as a logged-out user. The action was disabled and clicking it popped up a login dialog.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T9598

Differential Revision: https://secure.phabricator.com/D14326
2015-10-24 08:13:14 -07:00
epriestley
9c798e5cca Provide bin/garbage for interacting with garbage collection
Summary:
Fixes T9494. This:

  - Removes all the random GC.x.y.z config.
  - Puts it all in one place that's locked and which you use `bin/garbage set-policy ...` to adjust.
  - Makes every TTL-based GC configurable.
  - Simplifies the code in the actual GCs.

Test Plan:
  - Ran `bin/garbage collect` to collect some garbage, until it stopped collecting.
  - Ran `bin/garbage set-policy ...` to shorten policy. Saw change in web UI. Ran `bin/garbage collect` again and saw it collect more garbage.
  - Set policy to indefinite and saw it not collect garabge.
  - Set policy to default and saw it reflected in web UI / `collect`.
  - Ran `bin/phd debug trigger` and saw all GCs fire with reasonable looking queries.
  - Read new docs.

{F857928}

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T9494

Differential Revision: https://secure.phabricator.com/D14219
2015-10-02 09:17:24 -07:00
epriestley
878a493301 Begin standardizing garbage collectors
Summary: Ref T9494. Improve support infrastructure for garbage collectors.

Test Plan:
  - Ran `bin/phd debug trigger`, saw collectors execute.

{F857852}

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T9494

Differential Revision: https://secure.phabricator.com/D14218
2015-10-01 16:58:43 -07:00
epriestley
a0ed843d47 Don't allow welcome mail to be sent to users who can't login
Summary:
Fixes T9446. We allow administrators to send "Welcome" mail to bots and mailing lists.

This is harmless (these links do not function), but confusing.

Instead, disable this option in the UI and explain why it is disabled when it is clicked. Also prevent generation of this mail lower in the stack.

Test Plan:
  - Viewed a bot page, saw action disabled, clicked it, got explanation.
  - Viewed a normal user page, saw action enabled, clicked it, sent welcome email.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T9446

Differential Revision: https://secure.phabricator.com/D14134
2015-09-20 04:28:33 -07:00
epriestley
29948eaa5b Use phutil_hashes_are_identical() when comparing hashes in Phabricator
Summary: See D14025. In all cases where we compare hashes, use strict, constant-time comparisons.

Test Plan: Logged in, logged out, added TOTP, ran Conduit, terminated sessions, submitted forms, changed password. Tweaked CSRF token, got rejected.

Reviewers: chad

Reviewed By: chad

Subscribers: chenxiruanhai

Differential Revision: https://secure.phabricator.com/D14026
2015-09-01 15:52:44 -07:00
Chad Little
84049e6d07 Fix public/private profile edit note
Summary: Fixes T8976. Checks state of note before applying to box.

Test Plan: Set policy to login, edit profile.

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: epriestley, Korvin

Maniphest Tasks: T8976

Differential Revision: https://secure.phabricator.com/D13739
2015-07-27 15:12:03 -07:00
Chad Little
0ba6569959 Add Badges to Hovercards
Summary: Fixes T8942, Makes Badges if installed show up on your hovercard.

Test Plan: Give a badge, mention myself, see badge on hovercard.

Reviewers: btrahan, epriestley

Reviewed By: epriestley

Subscribers: epriestley, Korvin

Maniphest Tasks: T8942

Differential Revision: https://secure.phabricator.com/D13703
2015-07-24 10:58:13 -07:00
Chad Little
ded654b8e2 Badges ... on your profile
Summary: Shows badges on profile if you have them. Check if app is installed, show badges.

Test Plan:
Gave myself a liberal selection of badge. Gave notchad one badge. Gave chadtwo absolutely nothing.

{F651069}

Reviewers: btrahan, lpriestley, epriestley

Reviewed By: epriestley

Subscribers: johnny-bit, epriestley, Korvin

Differential Revision: https://secure.phabricator.com/D13692
2015-07-23 11:46:34 -07:00
Chad Little
cf83db15d6 Allow public viewing of profiles and people calendars
Summary: Ref T4830, this allows profile view and calendar profile view to be publicly visible. Also adds a note reminding the user of visibility.

Test Plan: Log out, visit a profile and various links.

Reviewers: btrahan, epriestley

Reviewed By: epriestley

Subscribers: epriestley, Korvin

Maniphest Tasks: T4830

Differential Revision: https://secure.phabricator.com/D13676
2015-07-22 09:32:54 -07:00
Chad Little
d83dce9893 Allow People to be Flagged
Summary: Ref T8888, Makes People Flaggable (and makes me wonder if we should rename Flags->Bookmarks).

Test Plan: Flag myself. Get excited.

Reviewers: btrahan, epriestley

Reviewed By: epriestley

Subscribers: joshuaspence, epriestley, Korvin

Maniphest Tasks: T8888

Differential Revision: https://secure.phabricator.com/D13654
2015-07-20 13:43:58 -07:00
Joshua Spence
12a088d8b7 Fix a broken class reference
Summary: This was broken in D13374. Also rearranged a few classes.

Test Plan: `arc lint`

Reviewers: epriestley, #blessed_reviewers

Reviewed By: epriestley, #blessed_reviewers

Subscribers: epriestley, Korvin

Differential Revision: https://secure.phabricator.com/D13575
2015-07-07 22:53:13 +10:00
Joshua Spence
acb1eb81cc Move some PhabricatorSearchField subclasses
Summary: Move some `PhabricatorSearchField` subclasses to be adjacent to the application to which they belong. This seems generally better to me than lumping them all together in the `src/applications/search/field/` directory. I was also wondering if it makes sense to rename these subclasses as `PhabricatorXSearchField` rather than `PhabricatorSearchXField` (as per T5655), but wasn't really sure if these objects are meant to be search-fields, or just fields belonging to the #search application.

Test Plan: N/A.

Reviewers: #blessed_reviewers, epriestley

Reviewed By: #blessed_reviewers, epriestley

Subscribers: epriestley, Korvin

Differential Revision: https://secure.phabricator.com/D13374
2015-07-06 22:52:05 +10:00
epriestley
4b298c1c44 Merge branch 'master' into redesign-2015 2015-06-30 11:20:16 -07:00
epriestley
4adaf53bf0 Dramatically increase cache hit rate for feed
Summary:
Ref T8631. The query plan for feed stories is really bad right now, because we miss caches we should be hitting:

  - The workspace cache is stored at each query, so adjacent queries can't benefit from the cache (only subqueries). Feed has primarily sibling queries.
    - There is no technical reason to do this. Store the workspace cache on the root query, so sibling queries can hit it.
  - In `ObjectQuery`, we check the workspace once, then load all the PHIDs. When the PHIDs are a mixture of transactions and objects, we always miss the workspace and load the objects twice.
    - Instead, check the workspace after loading each type of object.
  - `HandleQuery` does not set itself as the parent query for `ObjectQuery`, so handles never hit the workspace cache.
    - Pass it, so they can hit the workspace cache.
  - Feed's weird `PhabricatorFeedStory::loadAllFromRows()` method does not specify a parent query on its object/handle queries.
    - Just declare the object query to be the "root" query until this eventually gets cleaned up.

Test Plan: Saw queries for each object drop from 4-6x to 1x in `/feed/`.

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: epriestley

Maniphest Tasks: T8631

Differential Revision: https://secure.phabricator.com/D13479
2015-06-30 11:19:41 -07:00
Chad Little
08ec0f1704 [Redesign] Remove AphrontTable restriction on Search Engine
Summary: Ref T8099, functionally I prefer to be able to set anything 'table-like' with `setTable` for design consistency. This looses the restriction and did some light grepping for other missed cases.

Test Plan: Test new UI, grep for other missing cases.

Reviewers: btrahan, epriestley

Reviewed By: epriestley

Subscribers: epriestley, Korvin

Maniphest Tasks: T8099

Differential Revision: https://secure.phabricator.com/D13471
2015-06-29 12:28:55 -07:00
epriestley
26a007f879 Merge branch 'master' into redesign-2015 2015-06-25 13:59:08 -07:00
Bob Trahan
541e3d9e1c Conpherence - remove room vs message distinction as far as users are concerned
Summary:
Ref T8488, T8469, T8485.

This is done in regards to T8488 as far as users are concerned. There's still some classes, and etc. that should be re-named probably. T8469 and T8485 are basically moot now though.

Rather than having "Send Message" exposed, just expose "Create Room". Users get the full form. One change is "title" is now required.

This diff removes the concept of "isRoom" entirely.

Test Plan: Verifed a user with no conpherences had sensible data in both column view and full conpherence view. Created rooms with various policies and things worked well.

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: chad, epriestley, Korvin

Maniphest Tasks: T8469, T8485, T8488

Differential Revision: https://secure.phabricator.com/D13351
2015-06-25 13:14:20 -07:00
Chad Little
dbdeca58fc [Redesign] Fix People Log Query
Summary: Fixes T8642, This is a table, but not returned as one. Set it to Content for now with a Collapsed layout.

Test Plan: Test /people/logs/

Reviewers: btrahan, epriestley

Reviewed By: epriestley

Subscribers: epriestley, Korvin

Maniphest Tasks: T8642

Differential Revision: https://secure.phabricator.com/D13395
2015-06-22 22:10:07 +01:00
epriestley
7d7e13d79b Merge branch 'master' into redesign-2015 2015-06-19 08:33:30 -07:00
Chad Little
801607381d [Redesign] PhabricatorApplicationSearchResultView
Summary: Ref T8099. This adds a new class which all search engines return for layout. I thought about this a number of ways, and I think this is the cleanest path. Each Engine can return whatever UI bits they needs, and AppSearch or Dashboard picks and lays the bits out as needed. In the AppSearch case, interfaces like Notifications, Calendar, Legalpad all need more custom layouts. I think this also leaves a resonable path forward for NUX as well. Also, not sure I implemented the class correctly, but assume thats easy to fix?

Test Plan: Review and do a search in each application changed. Grep for all call sites.

Reviewers: btrahan, epriestley

Reviewed By: epriestley

Subscribers: epriestley, Korvin

Maniphest Tasks: T8099

Differential Revision: https://secure.phabricator.com/D13332
2015-06-19 11:46:20 +01:00
epriestley
b12f13efd8 Force date/time preferences to valid values
Summary:
Fixes T8601. To reproduce the problem:

  - Set your time preference to `""` (the empty string). This isn't possible from the modern UI, but can be done with "Right Click > Inspect Element", or users may have carried it forward from an older setting (this is the case with me and @hach-que on this install).
  - Load Calendar with some events.
  - This parses an epoch, which sets `valueTime` to `""` (since there are no format characters in the preference) and then `getEpoch()` fails because `strlen($time)` is 0.
  - Since `getEpoch()` failed, `getDateTime()` also fails.

To fix this:

  - Only permit the date and time preferences to have valid values.

Test Plan:
  - Loaded page before patch, saw fatal.
  - Applied patch.
  - No more fatal.
  - Viewed tooltips, dates/times, dates/times in other apps.
  - Changed my preferences, saw them respected.

Reviewers: lpriestley

Reviewed By: lpriestley

Subscribers: epriestley, hach-que

Maniphest Tasks: T8601

Differential Revision: https://secure.phabricator.com/D13346
2015-06-18 15:11:01 -07:00
Chad Little
3846a00916 [Redesign] Fix alignment of icon/grip on ObjectList
Summary:
Ref T8099, these should sit in a 4px gutter.

Also:
- remove bad route on feed
- Fix issue with custom logos
- Fix unit error

Test Plan: Review on dashboards and on Maniphest homepage

Reviewers: btrahan, epriestley

Reviewed By: epriestley

Subscribers: epriestley, Korvin

Maniphest Tasks: T8099

Differential Revision: https://secure.phabricator.com/D13310
2015-06-16 13:09:48 -07:00
epriestley
53ef057b1b Merge branch 'master' into redesign-2015 2015-06-15 08:06:23 -07:00
epriestley
88e7cd158f Allow Spaces to be archived
Summary:
Ref T8377. This adds a standard disable/enable feature to Spaces, with a couple of twists:

  - You can't create new stuff in an archived space, and you can't move stuff into an archived space.
  - We don't show results from an archived space by default in ApplicationSearch queries. You can still find these objects if you explicitly search for "Spaces: <the archived space>".

So this is a "put it in a box in the attic" sort of operation, but that seems fairly nice/reasonable.

Test Plan:
  - Archived and activated spaces.
  - Used ApplicationSearch, which omitted archived objects by default but allowed searches for them, specifically, to succeed.
  - Tried to create objects into an archived space (this is not allowed).
  - Edited objects in an archived space (this is OK).

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: epriestley

Maniphest Tasks: T8377

Differential Revision: https://secure.phabricator.com/D13238
2015-06-11 10:13:47 -07:00
epriestley
739bdeccab Improve some Spaces behaviors
Summary:
Ref T8449. Try out some more subtle behaviors:

  - Make the "Space" control part of the policy control, so the UI shows "Visible To: [Space][Policy]". I think this helps make the role of spaces more clear. It also makes them easier to implement.
  - Don't show the default space in headers: instead, show nothing.
  - If the user has access to only one space, pretend spaces don't exist (no edit controls, no header stuff).

This might be confusing, but I think most of the time it will all align fairly well with user expectation.

Test Plan:
  - Viewed a list of pastes (saw Space with non-default space, no space with default space, no space with user in only one space).
  - Viewed a paste (saw Space with non-default space, saw no space with default space, saw no space with user in only one space).
  - Edited spaces on objects (control as privileged user, no control as locked user).
  - Created a new paste in a space (got space select as privileged user, no select as locked user).

Reviewers: chad, btrahan

Reviewed By: btrahan

Subscribers: epriestley

Maniphest Tasks: T8449

Differential Revision: https://secure.phabricator.com/D13229
2015-06-10 15:52:18 -07:00
epriestley
8d6209b701 Don't require users be activated in order to establish Web sessions
Summary: Ref T8496. In D13123, the condition for establishing a web session was made too strict: we need to let non-activated users establish web sessions in order to see "you are a bad disabled person" or "your account needs approval" messages. The previous behavior let them in, the new behavior incorrectly locks them out.

Test Plan: Enabled login approvals and registered a new account with username/password auth.

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: joshuaspence, epriestley

Maniphest Tasks: T8496

Differential Revision: https://secure.phabricator.com/D13239
2015-06-10 15:34:02 -07:00
epriestley
57b898af9a Merge branch 'master' into redesign-2015 2015-06-10 07:44:58 -07:00
Joshua Spence
f47e69c015 Mark some strings for translation
Summary: Add some more `pht`izations.

Test Plan: Eyeball it.

Reviewers: epriestley, #blessed_reviewers

Reviewed By: epriestley, #blessed_reviewers

Subscribers: hach-que, Korvin, epriestley

Differential Revision: https://secure.phabricator.com/D13200
2015-06-09 23:06:52 +10:00
epriestley
8915fd8be8 Don't try to generate a CSRF token for the omnipotent user
Summary:
We can end up here with a stack trace like this, while rendering an embedded Slowvote trying to publish a Feed story:

```
Daemon 43450 STDE [Mon, 08 Jun 2015 22:49:57 +0000] [2015-06-08 22:49:57] EXCEPTION: (PhutilProxyException) Error while executing Task ID 830591. {>} (PhabricatorDataNotAttachedException) Attempting to access attached data on PhabricatorUser (via getAlternateCSRFString()), but the data is not actually attached. Before accessing attachable data on an object, you must load and attach it.
Daemon 43450 STDE [Mon, 08 Jun 2015 22:49:57 +0000]
Daemon 43450 STDE [Mon, 08 Jun 2015 22:49:57 +0000] Data is normally attached by calling the corresponding needX() method on the Query class when the object is loaded. You can also call the corresponding attachX() method explicitly. at [<phabricator>/src/infrastructure/storage/lisk/PhabricatorLiskDAO.php:166]
Daemon 43450 STDE [Mon, 08 Jun 2015 22:49:57 +0000] arcanist(head=master, ref.master=7d15b85a1bc0), phabricator(head=master, ref.master=929f5f22acef), phutil(head=master, ref.master=92882eb9404d)
Daemon 43450 STDE [Mon, 08 Jun 2015 22:49:57 +0000]   #0 <#2> PhabricatorLiskDAO::assertAttached(string) called at [<phabricator>/src/applications/people/storage/PhabricatorUser.php:556]
Daemon 43450 STDE [Mon, 08 Jun 2015 22:49:57 +0000]   #1 <#2> PhabricatorUser::getAlternateCSRFString() called at [<phabricator>/src/applications/people/storage/PhabricatorUser.php:432]
Daemon 43450 STDE [Mon, 08 Jun 2015 22:49:57 +0000]   #2 <#2> PhabricatorUser::generateToken(integer, integer, string, integer) called at [<phabricator>/src/applications/people/storage/PhabricatorUser.php:344]
Daemon 43450 STDE [Mon, 08 Jun 2015 22:49:57 +0000]   #3 <#2> PhabricatorUser::getRawCSRFToken() called at [<phabricator>/src/applications/people/storage/PhabricatorUser.php:357]
Daemon 43450 STDE [Mon, 08 Jun 2015 22:49:57 +0000]   #4 <#2> PhabricatorUser::getCSRFToken() called at [<phabricator>/src/infrastructure/javelin/markup.php:91]
Daemon 43450 STDE [Mon, 08 Jun 2015 22:49:57 +0000]   #5 <#2> phabricator_form(PhabricatorUser, array, array) called at [<phabricator>/src/applications/slowvote/view/SlowvoteEmbedView.php:169]
Daemon 43450 STDE [Mon, 08 Jun 2015 22:49:57 +0000]   #6 <#2> SlowvoteEmbedView::render() called at [<phabricator>/src/view/AphrontView.php:175]
Daemon 43450 STDE [Mon, 08 Jun 2015 22:49:57 +0000]   #7 <#2> AphrontView::producePhutilSafeHTML() called at [<phutil>/src/markup/render.php:133]
Daemon 43450 STDE [Mon, 08 Jun 2015 22:49:57 +0000]   #8 <#2> phutil_escape_html(SlowvoteEmbedView)
Daemon 43450 STDE [Mon, 08 Jun 2015 22:49:57 +0000]   #9 <#2> array_map(string, array) called at [<phutil>/src/markup/engine/remarkup/PhutilRemarkupBlockStorage.php:56]
Daemon 43450 STDE [Mon, 08 Jun 2015 22:49:57 +0000]   #10 <#2> PhutilRemarkupBlockStorage::restore(PhutilSafeHTML, integer) called at [<phutil>/src/markup/engine/PhutilRemarkupEngine.php:299]
Daemon 43450 STDE [Mon, 08 Jun 2015 22:49:57 +0000]   #11 <#2> PhutilRemarkupEngine::restoreText(PhutilSafeHTML, integer) called at [<phutil>/src/markup/engine/PhutilRemarkupEngine.php:295]
Daemon 43450 STDE [Mon, 08 Jun 2015 22:49:57 +0000]   #12 <#2> PhutilRemarkupEngine::postprocessText(array) called at [<phabricator>/src/infrastructure/markup/PhabricatorMarkupEngine.php:138]
Daemon 43450 STDE [Mon, 08 Jun 2015 22:49:57 +0000]   #13 <#2> PhabricatorMarkupEngine::process() called at [<phabricator>/src/applications/feed/story/PhabricatorFeedStory.php:167]
Daemon 43450 STDE [Mon, 08 Jun 2015 22:49:57 +0000]   #14 <#2> PhabricatorFeedStory::loadAllFromRows(array, PhabricatorUser) called at [<phabricator>/src/applications/feed/query/PhabricatorFeedQuery.php:37]
Daemon 43450 STDE [Mon, 08 Jun 2015 22:49:57 +0000]   #15 <#2> PhabricatorFeedQuery::willFilterPage(array) called at [<phabricator>/src/infrastructure/query/policy/PhabricatorPolicyAwareQuery.php:237]
Daemon 43450 STDE [Mon, 08 Jun 2015 22:49:57 +0000]   #16 <#2> PhabricatorPolicyAwareQuery::execute() called at [<phabricator>/src/infrastructure/query/policy/PhabricatorPolicyAwareQuery.php:168]
Daemon 43450 STDE [Mon, 08 Jun 2015 22:49:57 +0000]   #17 <#2> PhabricatorPolicyAwareQuery::executeOne() called at [<phabricator>/src/applications/feed/worker/FeedPushWorker.php:12]
Daemon 43450 STDE [Mon, 08 Jun 2015 22:49:57 +0000]   #18 <#2> FeedPushWorker::loadFeedStory() called at [<phabricator>/src/applications/feed/worker/FeedPublisherWorker.php:6]
Daemon 43450 STDE [Mon, 08 Jun 2015 22:49:57 +0000]   #19 <#2> FeedPublisherWorker::doWork() called at [<phabricator>/src/infrastructure/daemon/workers/PhabricatorWorker.php:91]
Daemon 43450 STDE [Mon, 08 Jun 2015 22:49:57 +0000]   #20 <#2> PhabricatorWorker::executeTask() called at [<phabricator>/src/infrastructure/daemon/workers/storage/PhabricatorWorkerActiveTask.php:162]
Daemon 43450 STDE [Mon, 08 Jun 2015 22:49:57 +0000]   #21 <#2> PhabricatorWorkerActiveTask::executeTask() called at [<phabricator>/src/infrastructure/daemon/workers/PhabricatorTaskmasterDaemon.php:22]
Daemon 43450 STDE [Mon, 08 Jun 2015 22:49:57 +0000]   #22 PhabricatorTaskmasterDaemon::run() called at [<phutil>/src/daemon/PhutilDaemon.php:185]
Daemon 43450 STDE [Mon, 08 Jun 2015 22:49:57 +0000]   #23 PhutilDaemon::execute() called at [<phutil>/scripts/daemon/exec/exec_daemon.php:125]
```

Just return `null`.

Test Plan: Will check that tasks clear in production.

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: epriestley

Differential Revision: https://secure.phabricator.com/D13218
2015-06-08 16:07:21 -07:00
Joshua Spence
af1b586990 Fix method visibilities
Summary: See also D13186.

Test Plan: Ran `arc unit --everything`

Reviewers: epriestley, #blessed_reviewers

Reviewed By: epriestley, #blessed_reviewers

Subscribers: Korvin, epriestley

Differential Revision: https://secure.phabricator.com/D13201
2015-06-09 07:17:44 +10:00
epriestley
3bb7f3624f Implement PhabricatorApplicationTransactionInterface on PhabricatorUser
Summary: Right now, "Publish" workers for user profile edits (title / blub) can get gummed up in the daemons. Implement the interfaces and provide a Query so they can go through.

Test Plan:
  - Made a profile "Title" edit.
  - Used `bin/worker execute --id <id>` to see task fail.
  - Applied patch.
  - Saw task work.

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: epriestley

Differential Revision: https://secure.phabricator.com/D13213
2015-06-08 13:35:57 -07:00
epriestley
bf87976d25 Support ordering in SearchField
Summary:
Ref T8441. Ref T7715. Automatically generate a modern "Order" control in ApplicationSearch for engines which fully support SearchField.

Notably, this allows the standard "Order" control to automatically support custom field orders. We do this in Maniphest today, but in an ad-hoc way.

Test Plan: Performed order-by queries in Almanac (Services), Pholio, Files, People, Projects, and Paste.

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: epriestley

Maniphest Tasks: T7715, T8441

Differential Revision: https://secure.phabricator.com/D13193
2015-06-08 12:21:48 -07:00
epriestley
3e2b0c35f9 Move People to SearchFields
Summary:
Ref T8441. Ref T7715. This is the second of three ApplicationSearch + CustomField use cases (Maniphest is the third).

Also add a way to set a default ordering for the fields.

Test Plan:
  - Performed searches with each field.
  - Added a custom field and searched for it.
  - Observed desired ordering.

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: epriestley

Maniphest Tasks: T7715, T8441

Differential Revision: https://secure.phabricator.com/D13190
2015-06-08 12:20:35 -07:00
epriestley
b4de79741c Fix a minor issue with the approval queue
Ref T8454. This got gummed up in swapping between double negatives like "noDisabled".

Viewed queue, saw "Hide Disabled Users" instead of "Show Only Disabled Users".

Auditors: joshuaspence, btrahan
2015-06-06 06:39:02 -07:00
epriestley
ef90007a21 Support Spaces transactions
Summary:
Ref T8424. This adds crude integration with Paste's edit/view workflows: you can change the space a Paste appears in, see transactions, and get a policy callout.

Lots of rough edges and non-obviousness but it pretty much works.

Test Plan:
  - Created and updated Pastes.
  - Moved them between spaces, saw policy effects.
  - Read transactions.
  - Looked at feed.
  - Faked query to return no spaces, saw control and other stuff vanish.
  - Faked query to return no spaces, created pastes.
  - Tried to submit bad values and got errors.

Reviewers: chad, btrahan

Reviewed By: btrahan

Subscribers: epriestley

Maniphest Tasks: T8424

Differential Revision: https://secure.phabricator.com/D13159
2015-06-05 10:42:49 -07:00
Erik Fercak
5deaeec668 Use a class constant instead of a hardcoded string
Test Plan: Submitted a form - saw nothing out of ordinary.

Reviewers: #blessed_reviewers

Subscribers: epriestley

Differential Revision: https://secure.phabricator.com/D13167
2015-06-05 07:27:35 -07:00