1
0
Fork 0
mirror of https://we.phorge.it/source/phorge.git synced 2024-11-13 10:22:42 +01:00
Commit graph

321 commits

Author SHA1 Message Date
epriestley
a3099e27bc Provide Maniphest auxiliary fields access to the viewer and task
Summary:
Maniphest auxiliary fields currently do not have access to the viewing user or task. This is fine for very simple fields, but insufficient for more complex fields. Generally, bring these in line with DifferentialFieldSpecifications.

This supercedes the additional $user/$viewer threading provided by D5247 and provides viewers to all fields, as well as access to the task object itself.

Test Plan: Created, viewed and edited a task with custom fields. Created a similar subtask.

Reviewers: hach-que, btrahan

Reviewed By: btrahan

CC: aran

Maniphest Tasks: T2575

Differential Revision: https://secure.phabricator.com/D5280
2013-03-07 17:22:36 -08:00
epriestley
67e086bba7 Save disk space
Summary: so many bytes saved

Test Plan:
http://local.aphront.com:8080/maniphest/view/custom/?tasks=12,14
http://local.aphront.com:8080/maniphest/view/custom/?tasks=~

Reviewers: vrana

Reviewed By: vrana

CC: aran, AnhNhan

Differential Revision: https://secure.phabricator.com/D5211
2013-03-04 13:35:41 -08:00
epriestley
8ae718c2aa Require a viewer for Remarkup rendering
Summary:
Provide a viewer to all remarkup engines.

This fixes commit summaries in Diffusion, which were failing to link because they didn't have a user and thus couldn't see/load `D123`, e.g.

Test Plan: Grepped for engine creation.

Reviewers: vrana

Reviewed By: vrana

CC: aran, edward

Maniphest Tasks: T603

Differential Revision: https://secure.phabricator.com/D5152
2013-03-04 12:33:05 -08:00
epriestley
dc8cc123da Fix Maniphest and Config transaction diff rendering
Summary:
I missed this in review of D5155: `wordwrap()` returns a string, but `phutil_utf8_hard_wrap()` returns an array.

Implode the returned arrays so the stuff underneath it doesn't choke.

Test Plan: Clicked "show details" on a maniphest task description change

Reviewers: AnhNhan, kwadwon

Reviewed By: kwadwon

CC: aran

Differential Revision: https://secure.phabricator.com/D5195
2013-03-03 11:37:45 -08:00
epriestley
cb2d0adf95 Fix exception in Maniphest task ID filtering
Summary:
Ref T2632. When the user enters task IDs, we filter them to allow the user to write `T123` or `task 123` to mean `123`. This filtering is latin-centric and silly, and cuases an exception when accessing, e.g,, `/maniphest/view/custom/?tasks=~`.

Instead of stripping a select few nondigits, strip all nondigits.

Test Plan: Hit `/maniphest/view/custom/?tasks=~`, no exception.

Reviewers: AnhNhan, chad, vrana

Reviewed By: chad

CC: aran

Maniphest Tasks: T2632

Differential Revision: https://secure.phabricator.com/D5193
2013-03-03 10:56:22 -08:00
epriestley
0a069cb55a Require a viewer to load handles
Summary:
Unmuck almost all of the we-sort-of-have-viewers-some-of-the-time mess.

There are a few notable cases here:

  - I used Omnipotent users when indexing objects for search. I think this is correct; we do policy filtering when showing results.
  - I cheated in a bad way in the Remarkup object rule, but fixing this requires fixing all the PhabricatorRemarkupEngine callsites (there are 85). I'll do that in the next diff.
  - I cheated in a few random places, like when sending mail about package edits. These aren't a big deal.

Test Plan:
  - Grepped for all PhabricatorObjectHandleData references.
  - Gave them viewers.

Reviewers: vrana

Reviewed By: vrana

CC: aran, edward

Maniphest Tasks: T603

Differential Revision: https://secure.phabricator.com/D5151
2013-02-28 17:15:09 -08:00
kwadwo
37ee66e27f changed wordwrap call to utf8 hard wrap call in multiple places
Summary: using to phutil_utf8_hard_wrap instead of wordwrap

Test Plan: hard_wrap already unit tested

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, Korvin

Differential Revision: https://secure.phabricator.com/D5155
2013-02-28 09:17:58 -08:00
epriestley
69dcd47751 Fix two cases where we load Commit handles without a viewer
I missed these in testing D5139 because they aren't in the web UIs and I am dumb and can not brain today.

Auditors: vrana
2013-02-27 11:44:52 -08:00
epriestley
8d20e42c1c Fix a MySQL strict issue with auxiliary task storage
Summary: This table has date columns but we don't populate them correctly. In strict mode with custom fields, this throws when creating a task.

Test Plan: Created a task in strict mode with custom fields.

Reviewers: chad, vrana

Reviewed By: vrana

CC: aran

Differential Revision: https://secure.phabricator.com/D5137
2013-02-27 10:51:34 -08:00
epriestley
b5da7b3723 Missing change from D5120 which I incorrectly discarded in a merge.
Auditors: vrana
2013-02-27 07:19:57 -08:00
epriestley
5e11eb7f72 Prepare for hovercards
Summary:
  - Unify all the reference/embed Remarkup rules for Differential, Maniphest, Paste and Ponder.
  - Add rules for Pholio.
  - Does not yet unify Diffusion or Files (both are a bit more involved).
  - Prepare for hovercards.

Test Plan: {F33894}

Reviewers: chad, vrana

Reviewed By: vrana

CC: aran

Differential Revision: https://secure.phabricator.com/D5120
2013-02-26 14:59:31 -08:00
epriestley
fe500f4268 Pre-prepare for hovercards
Summary:
D5120 and followups refactor and generalize object references in Remarkup -- notably, they move remarkup rules from a central location to the implementing applications.

Preserve blame by doing moves/renames only first. This change moves application remarkup rules into those applications, and renames the ones D5120 modifies.

Test Plan: Typed some preview text into a textarea, got a valid Remarkup render.

Reviewers: vrana, chad

Reviewed By: vrana

CC: aran

Differential Revision: https://secure.phabricator.com/D5123
2013-02-26 14:57:41 -08:00
vrana
6404fa5c0e Don't display 0 in launch view
Summary: This includes assigned tasks in the Maniphest number.

Test Plan: Looked at it.

Reviewers: chad, epriestley

Reviewed By: epriestley

CC: aran, epriestley

Differential Revision: https://secure.phabricator.com/D5067
2013-02-22 05:01:30 -08:00
vrana
c29fe2deb6 Display application status in tip for needs attention number
Summary:
Also splits blocking and active revisions.

This could display 0 with non-empty tip over it.
It's intentional meaning that 0 objects need your attention but there is still some work to do.

Test Plan: Hovered over number.

Reviewers: epriestley, chad

Reviewed By: chad

CC: aran, Korvin

Differential Revision: https://secure.phabricator.com/D5049
2013-02-21 14:57:24 -08:00
vrana
3c989590bf Remove object name from header
Summary: It's displayed right above it in the breadcrumbs including a link.

Test Plan: Looked at the pages.

Reviewers: chad, epriestley

Reviewed By: epriestley

CC: aran, epriestley, s.o.butler

Differential Revision: https://secure.phabricator.com/D5045
2013-02-21 11:00:22 -08:00
vrana
8eb404aea7 Avoid HTML escaping in plain text e-mails
Summary: Seen in e-mail from T2016.

Test Plan: None.

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, Korvin

Maniphest Tasks: T2432

Differential Revision: https://secure.phabricator.com/D5016
2013-02-19 14:02:35 -08:00
epriestley
a22bea2a74 Apply lint rules to Phabricator
Summary: Mostly applies a new call spacing rule; also a few things that have slipped through via pull requests and such

Test Plan: `find src/ -type f -name '*.php' | xargs -n16 arc lint --output summary --apply-patches`

Reviewers: chad

Reviewed By: chad

CC: aran

Differential Revision: https://secure.phabricator.com/D5002
2013-02-19 13:33:10 -08:00
epriestley
a5f031835c Notify users when an object they created gets awarded a token
Summary:
  - Publish feed/notification.
  - I think this is too lightweight for an email?
  - We don't tell them which token right now. Laziness? Or intentional aura of mystery?!
  - For tasks, notify both author and current owner.
  - Fixes T2562.

Test Plan: {F33187}

Reviewers: chad

Reviewed By: chad

CC: aran

Maniphest Tasks: T2562

Differential Revision: https://secure.phabricator.com/D5007
2013-02-18 17:44:45 -08:00
epriestley
50efcf1043 Fix double nav on Maniphest reports
Summary: Fixes T2311.

Test Plan: {F33161}

Reviewers: chad

Reviewed By: chad

CC: aran

Maniphest Tasks: T2311

Differential Revision: https://secure.phabricator.com/D5005
2013-02-18 11:44:42 -08:00
epriestley
49c40d209d Tokens v1
Summary:
Features!

  - Giving tokens.
  - Taking tokens back.
  - Not giving tokens.

Test Plan: See screenshots.

Reviewers: chad, vrana

Reviewed By: chad

CC: aran, btrahan

Maniphest Tasks: T2541

Differential Revision: https://secure.phabricator.com/D4964
2013-02-15 07:47:14 -08:00
epriestley
ef7f16180c Restore merge of phutil_tag. 2013-02-13 14:51:18 -08:00
epriestley
73cce6e131 Revert "Promote phutil-tag again"
This reverts commit 8fbabdc06d, reversing
changes made to 2dab1c1e42.
2013-02-13 14:08:57 -08:00
vrana
4eb84149c2 Convert everything to safe HTML
Summary: Sgrepped for `"=~/</"` and manually changed every HTML.

Test Plan: This doesn't work yet but it is hopefully one of the last diffs before Phabricator will be undoubtedly HTML safe.

Reviewers: epriestley

CC: aran, Korvin

Maniphest Tasks: T2432

Differential Revision: https://secure.phabricator.com/D4927
2013-02-13 12:35:40 -08:00
vrana
5ad526942b Convert AphrontPanelView to safe HTML (except children)
Summary: Fixes some double escaping and potential XSS.

Test Plan: Looked at homepage.

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, Korvin

Maniphest Tasks: T2432

Differential Revision: https://secure.phabricator.com/D4917
2013-02-13 10:30:32 -08:00
vrana
80fb84bd94 Convert PhabricatorTransactionView to safe HTML
Test Plan: Looked at revision detail with comments.

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, Korvin

Differential Revision: https://secure.phabricator.com/D4915
2013-02-11 19:01:20 -08:00
vrana
868ca71451 Fix some HTML problems
Summary: I'm too lazy to attaching them for diffs where they were introduced.

Test Plan:
/
/D1, wrote comment with code snippet
DarkConsole
commit detail, wrote comment
task detail, wrote comment

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, Korvin

Maniphest Tasks: T2432

Differential Revision: https://secure.phabricator.com/D4911
2013-02-11 18:18:26 -08:00
vrana
ae4e5807d6 Merge renderSingleView() and renderHTMLView()
Summary: They are same because render() returns safe HTML and raw strings are automatically escaped.

Test Plan: None.

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, Korvin

Differential Revision: https://secure.phabricator.com/D4909
2013-02-11 18:18:21 -08:00
vrana
c9ab1fe505 Return safe HTML from all render()
Summary:
This is pretty brutal and it adds some `phutil_safe_html()`.
But it is a big step in the right direction.

Test Plan: None.

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, Korvin

Maniphest Tasks: T2432

Differential Revision: https://secure.phabricator.com/D4905
2013-02-11 18:18:18 -08:00
vrana
37b98450a5 Replace array_interleave() by phutil_implode_html()
Summary:
I like this abstraction better.
Result of `phutil_implode_html()` may be also used as a param of `hsprintf()`.

Test Plan: None.

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, Korvin

Differential Revision: https://secure.phabricator.com/D4904
2013-02-11 15:27:43 -08:00
vrana
a22ef4e9b4 Kill most of phutil_escape_html()
Summary:
This resolves lots of double escaping.
We changed most of `phutil_render_tag(, , $s)` to `phutil_tag(, , $s)` which means that `$s` is now auto-escaped.
Also `pht()` auto escapes if it gets `PhutilSafeHTML`.

Test Plan: None.

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, Korvin

Maniphest Tasks: T2432

Differential Revision: https://secure.phabricator.com/D4889
2013-02-11 15:27:38 -08:00
vrana
9b8da73765 Convert AphrontTableView to safe HTML
Summary:
Lots of killed `phutil_escape_html()`.

Done by searching for `AphrontTableView` and then `$rows` (usually) backwards.

Test Plan:
Looked at homepage.

  echo id(new AphrontTableView(array(array('<'))))->render();

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, Korvin

Differential Revision: https://secure.phabricator.com/D4884
2013-02-09 15:11:38 -08:00
vrana
58b6e2cac6 Convert AphrontDialogView to safe HTML
Summary:
Done by searching for `AphrontDialogView` and then `appendChild()`.

Also added some `pht()`.

Test Plan: None.

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, Korvin

Differential Revision: https://secure.phabricator.com/D4882
2013-02-09 15:11:35 -08:00
vrana
d817dfa8fc Convert some phutil_escape_html() to hsprintf()
Summary: Found by `sgrep_php -e '"...".phutil_escape_html(...)'`.

Test Plan:
/
/D1
/uiexample/
/countdown/1/
/herald/transcript/1/all/

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, Korvin

Maniphest Tasks: T2432

Differential Revision: https://secure.phabricator.com/D4869
2013-02-08 15:59:02 -08:00
vrana
afc5333bb3 Convert AphrontFormView to safe HTML
Summary: Searched for `AphrontFormView` and then for `appendChild()`.

Test Plan: /login/

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, Korvin

Maniphest Tasks: T2432

Differential Revision: https://secure.phabricator.com/D4855
2013-02-07 18:01:00 -08:00
epriestley
11bb8db970 Merge branch 'master' into phutil_tag
(Sync.)
2013-02-07 08:08:01 -08:00
vrana
6bb7a282b1 Convert AphrontFormControl to safe HTML
Summary: Everything here now should properly handle plain strings and safe HTML.

Test Plan: /settings/panel/display/

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, Korvin

Maniphest Tasks: T2432

Differential Revision: https://secure.phabricator.com/D4826
2013-02-05 15:52:46 -08:00
vrana
be4662e667 Convert setCaption() to safe HTML
Test Plan: /settings/panel/display/

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, Korvin

Maniphest Tasks: T2432

Differential Revision: https://secure.phabricator.com/D4824
2013-02-05 15:52:43 -08:00
Bob Trahan
cb38ab27ce fix find / replace error from addressing feedback in D4708. now links to tasks work again. 2013-02-05 13:48:31 -08:00
Bob Trahan
1d0058abcf Update PeopleMenu to only show integration with applications if they are installed
Summary: do so via event engine. note different order now...

Test Plan: toggled "show beta applications" to off and noted that Conpherence disappeared. Otherwise noted that links showed.

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, Korvin

Maniphest Tasks: T2424

Differential Revision: https://secure.phabricator.com/D4708
2013-02-05 13:46:02 -08:00
epriestley
8f1311bbc1 Merge branch 'master' into phutil_tag
(Final sync.)
2013-02-05 10:23:16 -08:00
Bob Trahan
112c2ebfbe make sort controls only show up if sorting will work
Summary: T2326 tells the tale. this is the fix.

Test Plan: verified that queries that shouldn't be sortable weren't. also had a phlog in there a bit to sanity check things faster

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, Korvin

Maniphest Tasks: T2326

Differential Revision: https://secure.phabricator.com/D4816
2013-02-04 18:59:46 -08:00
epriestley
95d37af5d9 render_tag -> tag: fix some more callsites
Summary:
  - Crumbs is straightforward.
  - Maniphest does a lot of string construction which isn't i18n or safehtml aware. I cheated under the theory that we'll resolve this properly in {T2217}.

Test Plan: Looked at crumbs and Maniphest.

Reviewers: vrana

Reviewed By: vrana

CC: aran

Maniphest Tasks: T2432

Differential Revision: https://secure.phabricator.com/D4748
2013-01-31 09:07:31 -08:00
epriestley
607fca98df render_tag -> tag: Maniphest summary view, setup issue view
Summary: One trivial, one not-so-trivial.

Test Plan: Viewed maniphest list; saw expected output.

Reviewers: vrana

Reviewed By: vrana

CC: aran

Maniphest Tasks: T2432

Differential Revision: https://secure.phabricator.com/D4725
2013-01-30 11:26:03 -08:00
epriestley
40547030a5 render_tag -> tag: PropertyListView
Summary: Converts callsites in PropertyListView (addDetail() and setTextContent()).

Test Plan: Grepped for PhabricatorPropertyListView, addDetail() and setTextContent().

Reviewers: vrana

Reviewed By: vrana

CC: aran

Maniphest Tasks: T2432

Differential Revision: https://secure.phabricator.com/D4695
2013-01-29 11:01:47 -08:00
epriestley
caa7fcef58 render_tag -> tag: more miscellaenous easy cases
Summary: These all yeilded fairly easily.

Test Plan: Inspection / loaded pages.

Reviewers: vrana

Reviewed By: vrana

CC: aran

Maniphest Tasks: T2432

Differential Revision: https://secure.phabricator.com/D4694
2013-01-28 18:46:48 -08:00
epriestley
3093d1663d Add javelin_tag(), convert easy callsites
Summary:
  - Implements `javelin_tag()`, which is `javelin_render_tag()` on top of `phutil_tag()` instead of `phutil_render_tag()`.
  - Manually converts all or almost all of the trivial callsites.

Test Plan:
  - Site does not seem any more broken than before.

Reviewers: vrana

Reviewed By: vrana

CC: aran

Differential Revision: https://secure.phabricator.com/D4639
2013-01-25 12:57:17 -08:00
vrana
21a5956a35 Convert phutil_render_tag(X, Y, pht('...')) to phutil_tag
Summary:
Created with spatch:

  lang=diff
  - phutil_render_tag
  + phutil_tag
    (X, Y, pht('...'))

The searched for `<` and `&` by sgrep.

Test Plan: Loaded homepage.

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, Korvin

Differential Revision: https://secure.phabricator.com/D4504
2013-01-24 19:20:30 -08:00
vrana
20768d65d5 Convert phutil_render_tag(X, Y, '...') to phutil_tag
Summary:
Created with spatch:

  lang=diff
  - phutil_render_tag
  + phutil_tag
    (X, Y, '...')

Then searched for `&` and `<` in the output and replaced them.

Test Plan: Loaded homepage.

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, Korvin

Differential Revision: https://secure.phabricator.com/D4503
2013-01-24 19:20:27 -08:00
vrana
48561a8b1f Convert phutil_render_tag(X, Y, phutil_escape_html(Z)) to phutil_tag
Summary:
Created with spatch:

  lang=diff
  - phutil_render_tag
  + phutil_tag
    (X, Y,
  - phutil_escape_html(
    Z
  - )
    )

Test Plan: Loaded homepage

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, Korvin

Differential Revision: https://secure.phabricator.com/D4501
2013-01-24 19:08:55 -08:00
vrana
f8dbfdd59d Convert phutil_render_tag(X, Y) to phutil_tag
Summary:
Created with spatch:

  lang=diff
  - phutil_render_tag
  + phutil_tag
    (X, Y)

(and null manually)

Test Plan: Loaded homepage

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, Korvin

Differential Revision: https://secure.phabricator.com/D4500
2013-01-24 19:08:54 -08:00