1
0
Fork 0
mirror of https://we.phorge.it/source/phorge.git synced 2024-11-24 07:42:40 +01:00
Commit graph

7671 commits

Author SHA1 Message Date
epriestley
a10f969919 Revert "Query daemons across all hosts with ./bin/phd status --all."
This reverts commit 0ccebbe4b1.
2014-06-16 17:43:45 -07:00
Joshua Spence
0ccebbe4b1 Query daemons across all hosts with ./bin/phd status --all.
Summary: Ref T4209. Currently, `./bin/phd status` prints a table showing the daemons that are executing on the current host. It would be useful to be able to conventiently query the daemons running across all hosts. This would also (theoretically) make it possible to conditionally start daemons on a host depending upon the current state and on the daemons running on other hosts.

Test Plan:
```
> ./bin/phd status --all
ID      Host                    PID     Started                     Daemon                                            Arguments
   18          phabricator     6969   Jun 12 2014, 4:44:22 PM     PhabricatorTaskmasterDaemon
   17          phabricator     6961   Jun 12 2014, 4:44:19 PM     PhabricatorTaskmasterDaemon
   16          phabricator     6955   Jun 12 2014, 4:44:15 PM     PhabricatorTaskmasterDaemon
   15          phabricator     6950   Jun 12 2014, 4:44:14 PM     PhabricatorTaskmasterDaemon
   14          phabricator     6936   Jun 12 2014, 4:44:13 PM     PhabricatorGarbageCollectorDaemon
   13          phabricator     6931   Jun 12 2014, 4:44:12 PM     PhabricatorRepositoryPullLocalDaemon
```

Reviewers: #blessed_reviewers, epriestley

Reviewed By: #blessed_reviewers, epriestley

Subscribers: epriestley, Korvin

Maniphest Tasks: T4209

Differential Revision: https://secure.phabricator.com/D9497
2014-06-17 08:41:51 +10:00
Gareth Evans
78635a15c1 Only show profile status when calendar app installed
Summary:
If the calendar app is not installed we don't show the status.
Origianlly the idea was to only show the status if the viewer had access to
the app, but for display purposes this seems fine.

Fixes T5087

Test Plan: View with and without calendar installed

Reviewers: epriestley, #blessed_reviewers

Reviewed By: epriestley, #blessed_reviewers

Subscribers: epriestley, Korvin

Maniphest Tasks: T5087

Differential Revision: https://secure.phabricator.com/D9582
2014-06-16 14:18:51 -07:00
Gareth Evans
baa998faa4 Disable full screen mode for inline comments
Summary:
Full screen is a little foobar so disabling it for inline comments
Fixes T5272

Test Plan:
View inline comment after change, make sure full screen option
has gone.

Reviewers: epriestley, #blessed_reviewers

Reviewed By: epriestley, #blessed_reviewers

Subscribers: epriestley, Korvin

Maniphest Tasks: T5272

Differential Revision: https://secure.phabricator.com/D9579
2014-06-16 13:05:08 -07:00
epriestley
5aae1ee034 Make query panels editable by normal humans
Summary:
Ref T4986. Instead of requiring you to know engine class names and copy/paste URLs, provide select dropdowns that use SCARY JAVASCRIPT to do magical things.

I think this is mostly reasonable, the only issue is that it's hard to create a panel out of a completely ad-hoc query (you'd have to save it, then create a panel out of the saved query, then remove the saved query). Once we develop T5307 we can do a better job of this.

Test Plan: See screenshots.

Reviewers: chad

Reviewed By: chad

Subscribers: epriestley

Maniphest Tasks: T4986

Differential Revision: https://secure.phabricator.com/D9572
2014-06-16 12:27:12 -07:00
Gareth Evans
f1fa8fccb6 Fix old icon css
Summary:
Updated some old css to point at the new icon set
Fixes T5357

Test Plan: View it

Reviewers: epriestley, #blessed_reviewers

Reviewed By: epriestley, #blessed_reviewers

Subscribers: epriestley, Korvin

Maniphest Tasks: T5357

Differential Revision: https://secure.phabricator.com/D9578
2014-06-16 12:26:52 -07:00
Gareth Evans
824b8108da Check for calendar before settings status
Summary:
We should not show the status line in the people hover card
if the calendar app has been uninstalled or is not available for the
current user.

Test Plan:
View hover card with calendar installed and uninstalled.
Make sure I see the status at the correct time.

Reviewers: epriestley, #blessed_reviewers

Reviewed By: epriestley, #blessed_reviewers

Subscribers: epriestley, chad, Korvin

Maniphest Tasks: T5370

Differential Revision: https://secure.phabricator.com/D9577
2014-06-16 12:18:25 -07:00
Chad Little
657d061a78 Use [No Title] on mocks without a title
Summary: For some consistency, older mocks didn't have titles.

Test Plan: visit older mock, buttons are clickable

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: epriestley, Korvin

Differential Revision: https://secure.phabricator.com/D9575
2014-06-16 11:48:54 -07:00
epriestley
5f52f1f82c Fix some off-by-one issues when drag-and-dropping dashboard panels
Summary: Fixes T5321. There were a couple of off-by-one issues here which could result in inserts into the wrong position.

Test Plan:
  - Dragged panels to the top, bottom, and first position of columns.
  - Dragged panels from one column to another.
  - Reloaded the page after drags, things stayed where I put them.

Reviewers: chad

Reviewed By: chad

Subscribers: epriestley

Maniphest Tasks: T5321

Differential Revision: https://secure.phabricator.com/D9573
2014-06-16 09:15:35 -07:00
epriestley
0efa1ca643 Make the Pholio download button actually download
Summary:
  - When the button is clicked, actually download the file or image.
  - Add aural hints for the icon-only buttons.
  - Use a "photo" icon for "view raw image", so the "arrows pointing outward" icon can be used for "fullscreen" some day.

Test Plan: Clicked link, got a download.

Reviewers: chad

Reviewed By: chad

Subscribers: epriestley

Differential Revision: https://secure.phabricator.com/D9574
2014-06-16 09:15:25 -07:00
Chad Little
b12e2a4cc7 I was wrong
Summary: You were right

Test Plan:
mmm, blue

{F167137}

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: epriestley, Korvin

Differential Revision: https://secure.phabricator.com/D9567
2014-06-16 07:08:10 -07:00
Chad Little
2f5dedc97e More Pholio CSS updates
Summary: Pholio CSS tweaks and fixes, many little nudges

Test Plan:
Reload Pholio Mock page

{F167109}

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: epriestley, Korvin

Differential Revision: https://secure.phabricator.com/D9566
2014-06-15 21:10:12 -07:00
Joshua Spence
97bb13d1d7 Discover workflows automatically.
Summary: Most scripts detect the relevant workflows automatically. Some scripts, however, use a hardcoded list of workflows.

Test Plan: Ran `./bin/aphlict`, `./bin/cache` and `./bin/phd`.

Reviewers: epriestley, #blessed_reviewers

Reviewed By: epriestley, #blessed_reviewers

Subscribers: epriestley, Korvin

Differential Revision: https://secure.phabricator.com/D9564
2014-06-16 09:00:25 +10:00
Joshua Spence
a3c8b1e746 Fix a typo.
Summary: Self-explanatory.

Test Plan: Eyeball it.

Reviewers: epriestley, #blessed_reviewers

Reviewed By: epriestley, #blessed_reviewers

Subscribers: epriestley, Korvin

Differential Revision: https://secure.phabricator.com/D9563
2014-06-16 08:24:35 +10:00
epriestley
4ea14ae376 Make Pholio work a little better on mobile
Summary:
Ref T2644. This adjusts thumb sizing so the "X" button is visible, and hides the uploader on devices for now.

The thumb stuff I'm sort of hacking (we'll cut off a little bit of wide thumbs on the iPhone), but it looks fine, is usable, and works a little better in landscape mode and at tablet sizes.

Test Plan: {F167022}

Reviewers: chad

Reviewed By: chad

Subscribers: epriestley

Maniphest Tasks: T2644

Differential Revision: https://secure.phabricator.com/D9562
2014-06-15 15:00:43 -07:00
epriestley
99e3549522 Support M123/456 mock references in Remarkup
Summary: Fixes T4729. This form is a little fluff, but we show it in the URI when you click an anchor on the page, and doing so seems desirable. I think it's reasonable to support this form, given that it appears in the URI.

Test Plan: Wrote some stuff like `M60`, `M60/71`, `M60/72/`, `M60/73/#13` and saw it all get picked up and rendered/linked properly.

Reviewers: chad

Reviewed By: chad

Subscribers: epriestley

Maniphest Tasks: T4729

Differential Revision: https://secure.phabricator.com/D9555
2014-06-15 12:56:11 -07:00
Joshua Spence
bff58fac93 Move infrastructure tests up one directory.
Summary: Sometimes, the `PhabricatorInfrastructureTestCase` //would// fail, but we don't run it with `arc unit` because of the directory structure. See D9556 for an example.

Test Plan: This is essentially the same as D9557.

Reviewers: epriestley, #blessed_reviewers

Reviewed By: epriestley, #blessed_reviewers

Subscribers: epriestley, Korvin

Differential Revision: https://secure.phabricator.com/D9559
2014-06-16 05:52:11 +10:00
Joshua Spence
279a0e5371 Don't explicitly keep track of _activeListenerCount in the Aphlict server.
Summary: The `_activeListenerCount` variable is overkill, we should be able to achieve the same result using `Object.keys(this._listeners).length`.

Test Plan:
Mucked around in a NodeJS shell.

```lang=js
> Object.keys({}).length
0
> Object.keys({foo: 'bar'}).length
1
> Object.keys({1: 'foo', 2: 'bar'}).length
2
```

Reviewers: epriestley, #blessed_reviewers

Reviewed By: epriestley, #blessed_reviewers

Subscribers: epriestley, Korvin

Differential Revision: https://secure.phabricator.com/D9554
2014-06-16 05:20:00 +10:00
epriestley
397d67ff3d Support "Projects" field for pholio mocks in Herald
Summary: Mocks can have projects now; allow Herald rules to be written against them.

Test Plan: Wrote a Herald mock rule about projects.

Reviewers: chad

Reviewed By: chad

Subscribers: epriestley

Differential Revision: https://secure.phabricator.com/D9552
2014-06-15 12:14:46 -07:00
epriestley
e711a0ed30 Allow Pholio mocks to be destroyed with bin/remove
Summary: Implements the destruction interface so mocks can be permanently destroyed with `bin/remove destroy Mxxx`.

Test Plan: Destroyed some mocks.

Reviewers: chad

Reviewed By: chad

Subscribers: epriestley

Differential Revision: https://secure.phabricator.com/D9551
2014-06-15 11:55:48 -07:00
Joshua Spence
14e3c727cc Allow Arcanist Projects to be deleted using ./bin/remove destroy.
Summary: Self-explanatory.

Test Plan: Created (and destroyed) an arcanist project. Verified that the deletion actually happened.

Reviewers: epriestley, #blessed_reviewers

Reviewed By: epriestley, #blessed_reviewers

Subscribers: epriestley, Korvin

Maniphest Tasks: T4749

Differential Revision: https://secure.phabricator.com/D9353
2014-06-16 04:49:51 +10:00
epriestley
868ff166b1 Give Pholio mocks a configurable edit policy
Summary:
Ref T4566. Currently, mocks have a conservative (author only), immutable default edit policy.

Instead:

  - Let the edit policy be changed.
  - Default the edit policy to "all users", similar to other applications.
  - Add an application-level setting for it.
  - Migrate existing edit policies to be consistent with the old policy (just the author).

This stops short of adding a separate "owner" and letting that be changed, since Pholio doesn't really have any review/approve type features (at least, so far). We can look at doing this if we get more feedback about it, or if we make owners more meaningful (e.g., add more "review-like" process to mocks).

Test Plan:
  - Ran migration scripts.
  - Confirmed existing mocks retained their effective policies (author only).
  - Created a new mock, saw edit policy.
  - Changed edit policy.
  - Changed global edit policy default.
  - Tried to edit a mock I couldn't edit.

Reviewers: chad

Reviewed By: chad

Subscribers: epriestley

Maniphest Tasks: T4566

Differential Revision: https://secure.phabricator.com/D9550
2014-06-15 10:28:16 -07:00
epriestley
77efdb6f35 Treat Pholio image descriptions as Remarkup, not plain text
Summary: Fixes T5283.

Test Plan: See screenshots.

Reviewers: chad

Reviewed By: chad

Subscribers: epriestley

Maniphest Tasks: T5283

Differential Revision: https://secure.phabricator.com/D9549
2014-06-15 10:27:40 -07:00
epriestley
dcf3b4d322 Reduce Pholio brokenness for non-image files
Summary:
Ref T5359. When users upload non-image file types (PDFs, text files, whatever), Pholio currently chokes in a few places. Make most of these behaviors more reasonable:

  - Provide thumbs in the required sizes.
  - Predict the thumb size of these files correctly.
  - Disable inline comments.
  - Make "View Fullsize" and "Download" into buttons. These mostly-work. Download should probaly really download, but CSRF on forms is a bit of a pain right now.

Test Plan: See screenshots.

Reviewers: chad

Reviewed By: chad

Subscribers: epriestley

Maniphest Tasks: T5359

Differential Revision: https://secure.phabricator.com/D9548
2014-06-15 08:03:04 -07:00
epriestley
19ed6a1ad6 Show inline counts on the thumb grid in Pholio
Summary: This is a little rough visually but the actual number works fine.

Test Plan: {F166844}

Reviewers: chad

Reviewed By: chad

Subscribers: epriestley

Differential Revision: https://secure.phabricator.com/D9547
2014-06-15 07:56:07 -07:00
Chad Little
85870e79aa Switch Pholio over to lighter layout.
Summary: Gets rid of all the dark css.

Test Plan:
Do it live.

{F166665}

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: epriestley, Korvin

Differential Revision: https://secure.phabricator.com/D9545
2014-06-15 07:44:12 -07:00
epriestley
7ce8a1f437 Turn thumbs into a history grid thing
Summary:
This could probably use some refinement (and, like, explanatory text, and stronger cues about what rows and columns mean) but feels fairly good to me, at least on test data.

I didn't do any scrolling for now since we have to do full height on mobile anyway I think. I did swap it so the newer ones are on top.

Left/right navigate you among current images only, but you can click any thumb to review history.

Removed history view since it's no longer useful.

Some things that would probably help:

  - Some kind of header explaining what this is ("Mock History" or something).
  - Stronger visual cue that columns are related by being the same image.
  - Clearer cues about obsolete/deleted images (e.g., on the stage itself?)
  - Maybe general tweaks.
  - Maybe a placeholder (like a grey "X") for images which have been deleted.

(I'm planning to add comment counts too, which I think will be pretty useful, but that felt good to put in another diff.)

Test Plan: See screenshots.

Reviewers: chad

Reviewed By: chad

Subscribers: epriestley

Differential Revision: https://secure.phabricator.com/D9543
2014-06-14 21:12:19 -07:00
epriestley
2dfb2cd432 Add an "Mxx" crumb on the Pholio edit page
Summary: This crumb, which is consistently available in other applications, is not currently available in Pholio.

Test Plan: Viewed an edit page, clicked the crumb.

Reviewers: chad

Reviewed By: chad

Subscribers: epriestley

Differential Revision: https://secure.phabricator.com/D9542
2014-06-14 21:02:25 -07:00
epriestley
3a36f1e31c Fix a problem with recording image replacement, every other mock update
Summary:
This fixes a weird issue which currently doesn't have much impact on things, but starts to matter if we do the grid.

We're incorrectly initializing the form with `replacesPHID` as the //previously replaced Image PHID//. It is supposed to be the //current File PHID//.

Every other time, this is `null` and things work properly. On even updates (2, 4, 6, etc.), it's wrong and we don't record the replacement completely correctly.

Test Plan: Replaced images twice, saw three rows of thumb grid.

Reviewers: chad

Reviewed By: chad

Subscribers: epriestley

Differential Revision: https://secure.phabricator.com/D9541
2014-06-14 21:02:00 -07:00
Chad Little
2bbafcc924 Use comment icon for Pholio Inline Comments
Summary: Uses FontAwesome CSS icons

Test Plan:
Check draft and normal states. Click.

{F166611}

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: epriestley, Korvin

Differential Revision: https://secure.phabricator.com/D9544
2014-06-14 21:01:39 -07:00
epriestley
8b1b52ea70 Allow the Pholio stage to scroll vertically
Summary:
Currently, we limit the image size to make sure that the stage has a constant height and the entire image always fits on screen.

In practice, these don't actually seem like desirable qualities. Instead, focus on giving as many pixels as possible to the image.

Test Plan: See screenshots.

Reviewers: chad

Reviewed By: chad

Subscribers: epriestley

Differential Revision: https://secure.phabricator.com/D9539
2014-06-14 19:23:21 -07:00
epriestley
0cc0782eaf Completely remove Pholio right gutter
Summary:
  - Moves the right-hand gutter under the image.
  - Moves size information to the upper right.
  - This is transitional, on the way toward something more like the mocks in D9534.

Test Plan: See screenshot.

Reviewers: chad

Reviewed By: chad

Subscribers: epriestley

Differential Revision: https://secure.phabricator.com/D9538
2014-06-14 19:23:04 -07:00
epriestley
942f504893 Remove inline gutter in Pholio
Summary: This greatly simplifies inline comments while retaining their functionality. This is probably not where we want to end up, but will let us figure out what we're doing with the stage without worrying about inlines.

Test Plan: See screenshots.

Reviewers: chad

Reviewed By: chad

Subscribers: epriestley

Differential Revision: https://secure.phabricator.com/D9537
2014-06-14 18:41:45 -07:00
epriestley
fc2c3a5ca8 Increase finesse of inline comments in Pholio
Summary:
  - Hide inline areas on mobile, and when the mouse cursor is not on the stage.
  - Show small icon markers instead of areas.
  - Yellow icons show draft comments; pink icons show final comments.

Test Plan: {F166544}

Reviewers: chad

Reviewed By: chad

Subscribers: epriestley

Differential Revision: https://secure.phabricator.com/D9536
2014-06-14 18:40:52 -07:00
Chad Little
45b827c66e Touch up Pholio
Summary: Uses common CSS spacing, tweaks some colors, increases viewport size to very limits.

Test Plan:
Test large and small images, various breakpoints. Able to more easily review mocks.

{F166500}

{F166501}

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: epriestley, Korvin

Differential Revision: https://secure.phabricator.com/D9534
2014-06-14 17:08:24 -07:00
Ricky Elrod
6eb1e4ed29 Fix typo and remove repetition.
Summary:
- Fix typo of `"(NOTE")`
- Remove repetition of "You can also"

Test Plan: zoidbergmaybe

Reviewers: epriestley, #blessed_reviewers

Reviewed By: epriestley, #blessed_reviewers

Subscribers: epriestley, Korvin

Differential Revision: https://secure.phabricator.com/D9532
2014-06-14 13:26:03 -07:00
Chad Little
f801c8fed9 Use PHUIPinboard UI for embedding Pholio Mocks
Summary: Changes the old dark embed to match the PinboardView. Retains ability to target individual files. Removes "carousel" of files (not super useful?)

Test Plan:
Tested embedding Mocks, with and without targeting specific files. Tested Pholio Pinboard, Macro Pinboard.

{F166451}

{F166452}

{F166453}

{F166454}

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: epriestley, Korvin

Differential Revision: https://secure.phabricator.com/D9531
2014-06-14 12:11:19 -07:00
Joshua Spence
adbdea8d3f Update .gitignore.
Summary: See inline comments for reasoning.

Test Plan: N/A

Reviewers: #blessed_reviewers, epriestley

Reviewed By: #blessed_reviewers, epriestley

Subscribers: epriestley, Korvin

Differential Revision: https://secure.phabricator.com/D9527
2014-06-14 11:44:19 -07:00
Joshua Spence
e40b18fb75 Fix call to debug.log.
Summary: As pointed out by @epriestley in D9458#62, this call to `debug.log` is missing an argument.

Test Plan: meh..

Reviewers: epriestley, #blessed_reviewers

Reviewed By: epriestley, #blessed_reviewers

Subscribers: Korvin, epriestley

Differential Revision: https://secure.phabricator.com/D9485
2014-06-14 11:28:28 -07:00
Chad Little
4d30841100 Add app icons to search typeahead
Summary: Seems likely reasonable.

Test Plan:
Search for apps and other stuff, seems good.

{F166279}

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: epriestley, Korvin

Differential Revision: https://secure.phabricator.com/D9524
2014-06-14 11:03:31 -07:00
Chad Little
0c33bc1268 Update Remarkup Diviner
Summary: Adds Project and Pholio

Test Plan: Read? Anything else?

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: epriestley, Korvin

Differential Revision: https://secure.phabricator.com/D9526
2014-06-14 11:02:55 -07:00
Chad Little
14afd2f6a4 Default Pholio mocks to "Open" on create
Summary: When you currently create a Pholio Mock, it's closed if you didn't notice the select. This hides the input.

Test Plan: Created a Pholio Mock, verified it was open

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: epriestley, Korvin

Differential Revision: https://secure.phabricator.com/D9522
2014-06-13 18:13:25 -07:00
Chad Little
1676a4eece Fix mobile layout of calendar on profiles
Summary: It should have the consistant 8px gutter.

Test Plan: Reload profile at mobile breakpoints.

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: epriestley, Korvin

Differential Revision: https://secure.phabricator.com/D9521
2014-06-13 14:14:40 -07:00
Chad Little
fefe5ae27c Fix board links in TaskDetail
Summary: Not sure if this is the correct fix, but I think it's where you intend to go?

Test Plan: Click on link in Task, get the the correct board. Click lots of links of boards and make sure everything still works.

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: epriestley, Korvin

Maniphest Tasks: T5361

Differential Revision: https://secure.phabricator.com/D9520
2014-06-13 14:09:21 -07:00
Chad Little
cc5ba7e801 Fix Project Hovercards
Summary: Clear the float, remove the abs. position.

Test Plan:
Test a project hovercard, see expected layout.

{F166175}

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: epriestley, Korvin

Differential Revision: https://secure.phabricator.com/D9519
2014-06-13 13:06:04 -07:00
Chad Little
27c2299407 Remove double border on tables in object boxes
Summary: The CSS rule tends to miss many tables, make the rule more universal and add borders as needed.

Test Plan: Test a Revision and Diffusion

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: epriestley, Korvin

Differential Revision: https://secure.phabricator.com/D9516
2014-06-13 11:36:01 -07:00
Chad Little
3499f17075 Scope ActionLink mobile buttons to PropertyListView
Summary: We apply a mobile button style here, make sure to only use it in Property Lists, and not all PHUIX dropdowns.

Test Plan: Test dropdown on mobile

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: epriestley, Korvin

Differential Revision: https://secure.phabricator.com/D9517
2014-06-13 11:35:08 -07:00
James Rhodes
ed76c2be1d Implement showing buildable status in Diffusion
Summary: This implements showing the buildable status in Diffusion and unifies some of the logic used to calculate and render build and buildable statuses.

Test Plan: Looked at diffs and commits with statuses, they rendered fine.  Looked at Diffusion and saw buildable status appear (with a manual buildable and manual buildables included in the query).

Reviewers: #blessed_reviewers, epriestley, chad

Reviewed By: #blessed_reviewers, epriestley

Subscribers: epriestley, Korvin

Differential Revision: https://secure.phabricator.com/D9496
2014-06-14 02:28:00 +10:00
Chad Little
8426d1d2ab Add setDisabled to pinboard view
Summary: Adds setDisabled state to PHUIPinboardItemView, implements in Pholio, Macro

Test Plan:
Pholio, Macro, disabled and closed items.

{F166109}

{F166110}

Reviewers: lpriestley, epriestley

Reviewed By: epriestley

Subscribers: epriestley, Korvin

Maniphest Tasks: T5074

Differential Revision: https://secure.phabricator.com/D9514
2014-06-13 09:14:12 -07:00
epriestley
d401036bd8 Prevent the use of file:// URIs in Diffusion
Summary:
Via HackerOne. There are two attacks here:

  - Configuring mirroring to a `file://` URI to place files on disk or overwrite another repository. This is not particularly severe.
  - Configuring cloning from a `file://` URI to read repositories you should not have access to. This is more severe.

Historically, repository creation and editing explicitly supported `file://` URIs to deal with use cases where you had something else managing repositories on the same machine. Since there were no permissions, repository management was admin-only, and you couldn't mirror, this was fine.

As we've evolved, this use case is a tiny minority use case and the security implications of `file://` URIs overwhelm the utility it provides. Prevent the use of `file://` URIs. Existing configured repositories won't stop working, you just can't add any new ones.

Also prevent `localPath` from being set via Conduit (see T4039).

Test Plan:
  - Tried to create a `file://` repository.
  - Tried to create a `file://` mirror.
  - Tried to create a `file://` repository via Conduit.
  - Created a non-`file://` repository.
  - Created a non-`file://` mirror.
  - Created a non-`file://` repository via Conduit.

Reviewers: btrahan, chad

Reviewed By: chad

Subscribers: epriestley

Differential Revision: https://secure.phabricator.com/D9513
2014-06-13 07:07:00 -07:00