1
0
Fork 0
mirror of https://we.phorge.it/source/phorge.git synced 2024-12-24 06:20:56 +01:00
Commit graph

13960 commits

Author SHA1 Message Date
epriestley
81a9726fa1 Make the new "Unverified Email" behavior more clear to other users
Summary:
Ref T12268. Ref T12157. When you mention or interact with a user who is unlikely to be able to respond (for example, because their account is disabled), we try to show a colored dot to provide a hint about this.

Recently, we no longer send any normal mail to unverified addresses. However, the rules for showing a dot haven't been updated yet, so they only care about this if `auth.require-verification` is set. This can be misleading, because if you say `Hey @alice, what do you think about this?` and she hasn't verified her email, you may not get a response.

Update the rule so users with unverified email addresses get a grey dot in all cases. The hint is basically "you shouldn't expect a response from this user".

Make the meaning of this hint more clear on the hovercard and profile.

Also:

  - Allow the non-ajax version of the hovercard page (which is basically only useful for testing hovercards) accept `?names=...` so you can just plug usernames, hashtags, etc., in there.
  - Fix a bug where the user's join date was based on their profile creation date instead of account creation date on the hovercard. Users may not have a profile creation date (if they never changed any account details), and it may be different from their account creation date.

Test Plan: {F2998517}

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T12268, T12157

Differential Revision: https://secure.phabricator.com/D17374
2017-02-17 10:28:44 -08:00
epriestley
7448cb0c3a Replace exciting fantasy word "subtasktask" with plain old "subtask"
Summary: Fixes T12284. This isn't actually a word.

Test Plan: Read carefully.

Reviewers: chad, avivey

Reviewed By: avivey

Maniphest Tasks: T12284

Differential Revision: https://secure.phabricator.com/D17373
2017-02-17 06:08:55 -08:00
Jakub Vrana
a778151f28 Fix errors found by PHPStan
Test Plan: Ran `phpstan analyze -a autoload.php phabricator/src`.

Reviewers: #blessed_reviewers, epriestley

Reviewed By: #blessed_reviewers, epriestley

Subscribers: Korvin, hach-que

Differential Revision: https://secure.phabricator.com/D17371
2017-02-17 10:10:15 +00:00
epriestley
b2739710ba Don't allow forms which can't create objects to be added to profile menus
Summary:
Fixes T12281. Some forms (like Settings) can't actually create new objects. Currently, though, you can select them and add them to profile menus; if you do, they fail when building an item.

Kick them out of the typeahead, and decline to render them in menus.

Test Plan:
Added "Create Settings" to a menu, no longer fatals after patch (item vanished from menu, still editable normally to get rid of it).

Tried to add another "Create Settings", no longer available in typehaead.

Added some normal stuff.

Viewed a choose-among-forms dropdown in Maniphest, which still worked normally.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T12281

Differential Revision: https://secure.phabricator.com/D17372
2017-02-16 15:45:11 -08:00
epriestley
b11138a16b Remove extra parameter in newStandardEditField() call
Summary: See D14617. This could probably go either way but we don't currently need `$engine` in `newStandardEditField()`, so just get rid of it.

Test Plan: Edited a task with standard custom fields defined.

Reviewers: vrana, chad

Reviewed By: vrana

Differential Revision: https://secure.phabricator.com/D17370
2017-02-16 09:44:39 -08:00
epriestley
01f277cef2 Fix a CalendarExport issue when an existing export has an unsupported mode
Summary:
See D16676. When an export has an unsupported mode (bad database value, out-of-date object, etc) the intent of this code is to put it into the `<select />` so that you can save the form without silently changing the object.

However, it incorrectly calls `array_shift()` instead of `array_unshift()`.

Test Plan:
Edited a Calendar export with an invalid mode, saw the mode appear properly in the dropdown:

{F2957321}

Reviewers: vrana, chad

Reviewed By: vrana

Differential Revision: https://secure.phabricator.com/D17369
2017-02-16 06:22:21 -08:00
Chad Little
e0cd3062d5 Restrict all crumbs to 240 max width
Summary: Ref T12270. Any project, badge, dashboard, etc, that uses names in crumbs can over generate a long title. Restrict to a sane but generous width.

Test Plan: Make a project with a really long name, test various crumb layouts, boards, tasks, desktop, mobile.

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: Korvin

Maniphest Tasks: T12270

Differential Revision: https://secure.phabricator.com/D17361
2017-02-15 13:06:11 -08:00
Chad Little
9716e83d60 Build Badges View page into more of a profile
Summary: Ref T10798. Cleans up the UI a little and adds a sidenav.

Test Plan: Review badge and recipients in sandbox.

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: Korvin

Maniphest Tasks: T10798

Differential Revision: https://secure.phabricator.com/D17358
2017-02-15 11:32:23 -08:00
Chad Little
2f69cb5fe7 Add more transation data to panel tab changes
Summary: Fixes T10473. Clever, didn't know we could do this, but works well. Renders out the tab names by ', '.

Test Plan:
Add a tab panel, change some names, review transactions.

{F2929594}

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: Korvin

Maniphest Tasks: T10473

Differential Revision: https://secure.phabricator.com/D17359
2017-02-15 11:05:39 -08:00
Chad Little
37ac0ada17 Restrict movable panels to non-tab panels
Summary: Fixes T12248. Adds a flag for movable panels, and only allows those to be moved. Also cleaned up some CSS rules missing once a panel was drug into a new position.

Test Plan: Try to drag a tab panel content pane, cannot. Drag normal pane, see CSS, grab and drag same panel back, CSS looks the same.

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: Korvin

Maniphest Tasks: T12248

Differential Revision: https://secure.phabricator.com/D17356
2017-02-14 14:15:59 -08:00
Chad Little
b28b2b8ab8 Use typeahead for tab panel selection
Summary: Fixes T11449. Feels.... magical? Probably a more efficient way of doing this, but only 6 tabs so...

Test Plan: Create a tab panel in old UI. Edit panel in new UI. Create a panel in new UI, edit panel in new UI.

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: Korvin

Maniphest Tasks: T11449

Differential Revision: https://secure.phabricator.com/D17355
2017-02-14 13:43:52 -08:00
Chad Little
5556f0e45a Don't allow duplicate panels on dashboards
Summary: Fixes T10145. I went with "don't add two panels", since panels are easy to create, I expect this to be a reasonable limit until we have better use cases.

Test Plan: Try to add the same panel twice, get error. Add panel normally fine, move panels fine, edit panels fine.

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: Korvin

Maniphest Tasks: T10145

Differential Revision: https://secure.phabricator.com/D17351
2017-02-14 07:24:03 -08:00
Chad Little
128a9d13fc Fix diviner documenation hover states
Summary: Bump up the CSS scope, since we altered the normal rule for device-desktop

Test Plan: /diviner/ in sandbox

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: Korvin

Differential Revision: https://secure.phabricator.com/D17352
2017-02-14 07:23:45 -08:00
Chad Little
2c09fc5605 Make Panels slightly easier to find and use
Summary: Ref T10390, turns "add existing panel" into a typeahead, and add lots more information to search.

Test Plan: Add an existing panel, click the search icon, see more information (type, engine).

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: Korvin

Maniphest Tasks: T10390

Differential Revision: https://secure.phabricator.com/D17348
2017-02-13 19:38:41 -08:00
Chad Little
1cb924ce68 Fix duplicating panel when editing in column 2
Summary: Fixes T10612. We're writing a new panel to any dashboard even if it already exists. No need when just updating a panel title.

Test Plan: Add "welcome" panel to column 2 of a clean dashboard. Edit title, save. See correct panel in correct place.

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: Korvin

Maniphest Tasks: T10612

Differential Revision: https://secure.phabricator.com/D17349
2017-02-14 02:52:29 +00:00
Chad Little
f9163bf065 Allow lightbox comments to be viewed logged out
Summary: Fixes T12160. Lightbox thread view should be visible if file is public.

Test Plan:
Add a file to a task, log out, click on file in task, get lightbox and no error. Expand comments, see login box.

{F2867067}

{F2867088}

{F2867098}

{F2867114}

{F2867124}

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: Korvin

Maniphest Tasks: T12160

Differential Revision: https://secure.phabricator.com/D17347
2017-02-13 13:54:13 -08:00
epriestley
6f37685a75 Fix flipped open/closed status for Diviner atoms in search index
Summary: Fixes T12258. I think these constants are just flipped.

Test Plan: Kinda winged it.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T12258

Differential Revision: https://secure.phabricator.com/D17346
2017-02-13 13:12:32 -08:00
Chad Little
006d74fde2 Clean up some search result alignment CSS
Summary: Aligns the search result list to the right of the input box, adds a little space, removes a double border.

Test Plan: Search on desktop, mobile, tablet breakpoints. Double check normal typeahead results.

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: Korvin

Differential Revision: https://secure.phabricator.com/D17345
2017-02-13 11:19:00 -08:00
epriestley
3cf6f746f0 Raise an "Account Setup Issue" if your primary address is unverified
Summary:
Ref T12237. This adds a UI cue for users who have unverified primary addresses, since we no longer send them mail.

Also adds a new `bin/mail unverify` to unverify an address (for example, because mail is bouncing).

Test Plan:
  - Unverified my address, saw setup issue.
  - Verified my address, no more setup issue.

{F2861820}

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T12237

Differential Revision: https://secure.phabricator.com/D17344
2017-02-13 10:41:32 -08:00
epriestley
037c749ef3 Fix missing setQuoteRef() on Commit detail pages in Diffusion
Summary: Fixes T12253.

Test Plan:
  - Before change: used "Quote Comment", saw "In null, alice wrote:" in quoted text.
  - After change: used "Quote Comment", saw proper reference to the commit/page. Clicked reference, was sent to the comment properly.

{F2859093}

Reviewers: chad, avivey

Reviewed By: avivey

Maniphest Tasks: T12253

Differential Revision: https://secure.phabricator.com/D17343
2017-02-13 07:44:01 -08:00
Chad Little
554c4f10c5 Remove Copy Dashboard
Summary: Ref T10390. This removes the "Copy Dashboard" feature, which was more of a crutch to assist in the complexity of building and maintaining dashboards. I think we're close enough now that removing this and adding in some simpler edit dialogs should negate any benefit to keeping this around. Also removed an un-used "Uninstall Dashboard" dialog.

Test Plan: Visit manage, edit, no longer see option to copy dashboard. grep /dashboards/ for "copy" and remove all traces. Add some panels to a dashboard I own.

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: Korvin

Maniphest Tasks: T10390

Differential Revision: https://secure.phabricator.com/D17338
2017-02-13 07:25:27 -08:00
Chad Little
5a850ab235 Add more information to Dashboard ApplicationSearch list
Summary: Fixes T4984. This is about as fancy as I want to get this pass. Adds in the list of panel titles and the author. This does give me a rough idea what's on each dashboard.

Test Plan:
Visit a list of dashboards and see various authors and panels.

{F2810876}

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: Korvin

Maniphest Tasks: T4984

Differential Revision: https://secure.phabricator.com/D17340
2017-02-13 07:24:43 -08:00
Austin McKinley
8dd7b544fe Don't show an auth provider as enabled if it's still being created
Test Plan: attempted to create a new auth provider; observed that "enabled" ui element does not render. viewed existing auth provider and observed that "enabled" ui element still renders

Reviewers: #blessed_reviewers, epriestley

Reviewed By: #blessed_reviewers, epriestley

Subscribers: Korvin

Maniphest Tasks: T12245

Differential Revision: https://secure.phabricator.com/D17337
2017-02-13 07:02:52 -08:00
epriestley
b71e089669 Fix a fatal when viewing methods which no longer exist in the Conduit call log
Summary: Fixes T12252.

Test Plan:
I just faked this, but likely repro is:

  - Call method `x.y`.
  - Remove method `x.y` from the codebase.
  - View log.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T12252

Differential Revision: https://secure.phabricator.com/D17342
2017-02-13 06:24:48 -08:00
Chad Little
8b2880cfb7 Add a Phurl Typeahead
Summary: Adds a basic typeahead for Phurl Objects.

Test Plan: http://local.phacility.com/typeahead/browse/PhabricatorPhurlURLDatasource/

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: Korvin

Differential Revision: https://secure.phabricator.com/D17339
2017-02-11 15:31:07 -08:00
epriestley
29dc9e9ae1 Make the Phortune Subscription view show "Deleted Payment Method" for deleted payment methods
Summary: Fixes T12224. This brings "Autopay" on the View controller into line with how it works on the Edit controller.

Test Plan:
  - Viewed subscriptions with no autopay, valid autopay, and deleted autopay.

{F2750725}

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T12224

Differential Revision: https://secure.phabricator.com/D17334
2017-02-10 16:02:26 -08:00
Chad Little
4176bdeb5b Allow task graph task titles to go full width
Summary: Fixes T12213. Removes truncation and allows titles to be full width if needed.

Test Plan:
Chrome / Firefox / Safari on Mac, mobile and desktop widths.

{F2754679}

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: Korvin

Maniphest Tasks: T12213

Differential Revision: https://secure.phabricator.com/D17336
2017-02-10 10:58:15 -08:00
Josh Cox
e0675b28d8 Pass exception to PhutilProxyException
Summary: Fixes T12243. That error occured due to network flakiness with some mounted filesystems so I'm not sure how best to simulate it. But you can look and see that the PhutilProxyException does indeed expect an exception as its second arg.

Test Plan: Look at method signature... look at callsite... now back at the method. Smile and nod.

Reviewers: #blessed_reviewers, yelirekim, epriestley

Reviewed By: #blessed_reviewers, epriestley

Subscribers: epriestley

Maniphest Tasks: T12243

Differential Revision: https://secure.phabricator.com/D17335
2017-02-08 13:24:44 -05:00
epriestley
4039f5f11b Don't try to access the Stripe object until the user submits the credit card form
Summary: Ref T12232. I can't reproduce the original issue, but this should probably fix it without side effects?

Test Plan: Added a card with Stripe, but I could do that before too.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T12232

Differential Revision: https://secure.phabricator.com/D17333
2017-02-10 08:40:14 -08:00
epriestley
743dc9fdb5 Stop "Header" fields (labels for form sections) from trying to generate Conduit edits
Summary: Fixes T12236. Headers are currently trying to generate an edit transaction for `maniphest.edit` and similar, but should not, since you can't edit them.

Test Plan:
  - Configured Maniphest with a custom header field.
  - Before change: `maniphest.edit` API console page fataled.
  - After change: all good, no weird "header" transaction.
  - Header still shows up on "Edit Task" form in web UI.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T12236

Differential Revision: https://secure.phabricator.com/D17332
2017-02-10 07:39:39 -08:00
epriestley
56b1ff833b Fix some outdated help text about "Reply All" in "metamta.one-mail-per-recipient"
Summary: Ref T12240. When you "Reply All" to a Phabricator mail, we make an effort not to send the response to recipients who you hit with the original message. This isn't perfect and we can't always get it right, but the old description implies it's a bigger problem than it should be in practice.

Test Plan: Read text.

Reviewers: chad, eadler

Reviewed By: chad

Maniphest Tasks: T12240

Differential Revision: https://secure.phabricator.com/D17331
2017-02-10 07:17:10 -08:00
Chad Little
d1c253de94 Touch up basic usability of Dashboards
Summary: Ref T10390. This mostly shuffles layout into "View" and keepts "Manage" around for Edit/Copy/History. This feels better to me overall. Also tweaked some spacing and color.

Test Plan:
New Dashboard, edit Dashboard, shuffle panels. Create new panels.

{F2684043}

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: Korvin

Maniphest Tasks: T10390

Differential Revision: https://secure.phabricator.com/D17326
2017-02-09 14:20:47 -08:00
epriestley
4997b6bd02 Never send normal mail to unverified addresses
Summary:
Ref T12237. This tightens our delivery rules, which previously sent normal mail to unverified addresses:

  - We sent general mail to unverified addresses so that you wouldn't miss anything between the time you sign up (or have an account created) and the time you verify your address. This was imagined as a slight convenience for users.
  - We sent automatic reply mail to unverified addresses if they sent mail to us first, saying "we don't recognize that address". This was imagined as a convenience for users who accidentally send mail "From" the wrong address (personal vs work, for example).

I think both behaviors are probably a little better for users on the balance, but not having mail providers randomly shut us off without warning is better for me, personally -- so stop doing this stuff.

This creates a problem which we likely need to solve before the release is cut:

  - On installs which do not require mail verification, mail to you will now mostly-silently be dropped if you never bothered to verify your address.

I'd like to solve this by adding some kind of per-user alert that says "We recently tried to send you some mail but you haven't verified your address.", and giving them links to verify the address and review the mail. I'll pursue this after restoring mail service to `secure.phabricator.com`.

Test Plan:
  - Added a unit test.
  - Unverified my address, sent mail, saw it get dropped.
  - Reverified my address, sent mail, saw it go through.
  - Verified that important mail (password reset, invite, confirm-this-address) either uses "Force Delivery" (skips this check) or "Raw To Addresses" (also skips this check).
    - Verified that Phacility instance stuff is also covered: it uses the same invite flow.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T12237

Differential Revision: https://secure.phabricator.com/D17329
2017-02-09 10:20:57 -08:00
Chad Little
7d0d4708ca Fix icon color on project icon chooser
Summary: These colors are also off from the icon change.

Test Plan: Project -> Manage -> Edit Picture -> Choose Icon

Reviewers: epriestley, 20after4

Reviewed By: epriestley

Subscribers: Korvin

Differential Revision: https://secure.phabricator.com/D17328
2017-02-09 14:45:47 +00:00
Chad Little
3b558d7dd0 Add back the motivator panel
Summary: Fixes T12226, Ref D17233. Resurrects the motivator panel.

Test Plan: Add panel, see fact on hover.

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: yelirekim, jcox, Korvin

Maniphest Tasks: T12226

Differential Revision: https://secure.phabricator.com/D17324
2017-02-08 09:09:30 -08:00
Chad Little
638f2a012b Add AuthorHref to feed story images
Summary: Fixes T9336. Kind of a bit to back up and find the source, but works easily.

Test Plan: View feed, click on my image.

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: Korvin

Maniphest Tasks: T9336

Differential Revision: https://secure.phabricator.com/D17322
2017-02-07 10:09:00 -08:00
Chad Little
1f4a89b613 More minor CSS tweaks globally
Summary: Moves profile/project to use more standard colored boxes. Reverts dashboard border colors. Ensures better High-Contrast application more consistently across these projects. Also fix T12211.

Test Plan: Home, People, Projects in High Contrast / Standard

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: Korvin

Maniphest Tasks: T12211

Differential Revision: https://secure.phabricator.com/D17321
2017-02-06 11:06:46 -08:00
Chad Little
b58e18bad7 Allow action-list-items to also use text-overflow ellipsis
Summary: These just cut off currently if the menu item name is too wide (like mobile). Add some ellipsis

Test Plan: Check long name on mobile action list menu

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: Korvin

Differential Revision: https://secure.phabricator.com/D17319
2017-02-06 09:27:11 -08:00
Chad Little
b33bb3714b Add some max-width to basic-nav
Summary: Fixes T12214. Adds a max-width

Test Plan: Tested on Home, Projects, Appsearch

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: Korvin

Maniphest Tasks: T12214

Differential Revision: https://secure.phabricator.com/D17318
2017-02-06 08:58:34 -08:00
epriestley
75abf79953 Remove bad "Session" link in User activity logs
Summary:
Fixes T12215. Two issues:

  - We build this `$session` link out of `$ip`, which is (a) wrong even if `$ip` was the IP and (b) super wrong since `$ip` is a tag.
  - These links don't work even if we'd built them right: searching by the //prefix// of a session identifier does nothing.

At least for now, just get rid of the links rather than trying to make this behavior work.

Test Plan:
On People > Activity logs:

  - Before patch: Saw bad links with bogus targets in "session" column.
  - After patch: Saw plain text in "session" column.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T12215

Differential Revision: https://secure.phabricator.com/D17316
2017-02-06 08:38:17 -08:00
epriestley
3d44208e4f Clarify that "account.editable" no longer extends to profile pictures
Summary: Fixes T12216. I'd like to remove this option eventually, but just narrow its scope in the config description for now.

Test Plan: Read config description.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T12216

Differential Revision: https://secure.phabricator.com/D17317
2017-02-06 08:37:26 -08:00
Chad Little
70135d0ca8 Lots of little minor CSS tweaks
Summary: Lots of little details, fix workboard bg colors, darken up global backgrounds just a hair, add more "widgety" look to dashboard panels, remove underline on anchors on mobile. Also Fixes T12210

Test Plan: Use lots of pages on mobile and desktop.

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: Korvin

Maniphest Tasks: T12210

Differential Revision: https://secure.phabricator.com/D17315
2017-02-05 20:45:27 +00:00
epriestley
f64edb993f Allow users who can edit a dashboard to remove invalid / restricted panels
Summary:
Ref T12207. Currently, to remove a panel from a dashboard, it must be a valid panel which you can see.

Instead, only require that the panel PHID actually be listed somewhere in the dashboard's internal list of panels.

This interacts with the "multiple instances of a panel" issue described in some more depth in T12207. In particular:

  - Currently, you can sort of add multiple copies of a panel to a dashboard, sometimes? Maybe?
  - This leads to great tragedy.

This doesn't fix up the workflow with respect to multiple copies of a panel. We still remove by panel PHID (not by column/position or internal ID) so if a dashboard has multiple copies of the same panel for some reason, I think this workflow removes one of them arbitrarily (at best) or perhaps does something worse. I'm just treating this behavior as undefined for the moment.

Test Plan:
- Removed an invalid/hidden panel from a dashboard as a user with permission to edit that dashboard.
- Tried to remove a made-up panel with a totally bogus PHID, got 404'd.
- Viewed a dashboard with a restricted panel.
- Put a hidden panel inside a tab panel, viewed it as a user who could not see it and a user who could.

Reviewers: chad

Reviewed By: chad

Subscribers: swisspol

Maniphest Tasks: T12207

Differential Revision: https://secure.phabricator.com/D17314
2017-02-04 16:33:47 -08:00
Chad Little
d2c4d7d961 Clarify linking to comments in Remarkup Guide
Summary: Provides additional hint on where to find and clarification.

Test Plan: read

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: Korvin

Differential Revision: https://secure.phabricator.com/D17313
2017-02-04 11:09:09 -08:00
Chad Little
2c691ef009 Add more color/CSS to phui-icon-selector
Summary: Fixes T12205. These got over-ridden at a global scale (correctly) and need to adjust local scopes better. Also make it more bluer.

Test Plan: Go to Edit Dashboard, and pick a new icon for a Dashboard.

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: Korvin

Maniphest Tasks: T12205

Differential Revision: https://secure.phabricator.com/D17312
2017-02-04 10:13:32 -08:00
epriestley
29114bea5f Fix a policy error for restricted applications in a profile menu
Ref T12174. This could improperly raise a policy error. Instead, hide the menu item.

Auditors: chad
2017-02-04 07:08:49 -08:00
epriestley
9c62a10989 Limit damage caused by bad panels on dashboards you can manage
Summary:
Fixes T12203. If you tried to //manage// a dashboard which had a panel you can't see, we'd try to render bogus actions for it and fatal.

Instead, for the moment, survive. Presumably we'll ship a real fix for this in the next release or so, and tackle T10612 / T10145, which I think are closely related.

Test Plan: {F2570418}

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T12203

Differential Revision: https://secure.phabricator.com/D17311
2017-02-03 18:34:36 -08:00
Chad Little
c8de563622 Update Profile Menu diviner
Summary: Ref T12174, Updates documentation to better match current functionality.

Test Plan: I keep getting exceptions trying to generate diviner locally, not sure what's up.

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: Korvin

Maniphest Tasks: T12174

Differential Revision: https://secure.phabricator.com/D17309
2017-02-03 18:24:09 -08:00
epriestley
281e9849ed Fix display of current file on Macro creation
Summary: This could hit an obscure fatal.

Test Plan:
  - Create a macro.
  - Upload a file, but don't give it a name.
  - Before: fatal.
  - After:

{F2569846}

Reviewers: chad, 20after4

Reviewed By: chad

Differential Revision: https://secure.phabricator.com/D17310
2017-02-03 17:10:02 -08:00
Austin Seipp
ab923e0a75 Implement new reCAPTCHA interface
Summary:
Fixes T12195. For the past few years, Recaptcha (now part of Google) has supported
a new, "no captcha" one-click user interface. This new UI is stable, doesn't
require any typing or reading words, and can even work without JavaScript (if
the administrator enables it on the Recaptcha side).

Furthermore, the new Recaptcha has a completely trivial API that can be dealt
with in a few lines of code. Thus, the external `recaptcha` php library is now
gone.

This API is a complete replacement for the old one, and does not require any
upgrade path for users or Phabricator administrators - public and secret keys
for the "new" Recaptcha UI are the exact same as the "classic" Recaptcha. Any
old Recaptcha keys for a domain will continue to work.

Note that Google is currently testing Yet Another new Captcha API, called
"Invisible reCAPTCHA", that will not require user interaction at all. In fact,
the user will not even be aware there //is even a captcha form//, as far as I
understand. However, this new API is 1) in beta, 2) requires new Recaptcha keys
(so it cannot be a drop-in replacement), and 3) requires more drastic API
changes, as form submission buttons must instead invoke JavaScript code, rather
than a token being passed along with the form submission. This would require far
more extensive changes to the controllers. Maybe when it's several years old, it
can be considered.

Signed-off-by: Austin Seipp <aseipp@pobox.com>

Test Plan:
Created a brand-new Phabricator installation, saw the new Captcha UI
on administrator sign up. Logged out, made 5 invalid login attempts, and saw the
new Captcha UI. Reworked the conditional to invert the condition, etc to test
and make sure the API responded properly.

Reviewers: epriestley, #blessed_reviewers, chad

Reviewed By: epriestley, #blessed_reviewers

Subscribers: avivey, Korvin

Maniphest Tasks: T12195

Differential Revision: https://secure.phabricator.com/D17304
2017-02-03 20:06:29 +00:00