1
0
Fork 0
mirror of https://we.phorge.it/source/phorge.git synced 2024-11-30 18:52:42 +01:00
Commit graph

45 commits

Author SHA1 Message Date
epriestley
5dec03af32 Make OAuth scope handling more flexible
Summary:
Ref T7303. Currently, our handling of "scope" is fairly rigid and adheres to the spec, but some of these behaviors don't make much sense in practice.

Soften some behaviors and make them more flexible:

**Soft Failure on Unknown Permissions**: If a client asks for a permission we don't know about, just warn that we don't recognize it instead of fataling. In particular, I plan to make `offline_access` and `whoami` implicit. Older clients that request these permissions will still work fine as long as we don't hard-fatal.

**Move `user.whoami` to ALWAYS scope**: Make `whoami` a default permission. We've already done this, in effect; this just formalizes it.

**Tokens no longer expire**: Make `offline_access` (infinite-duration tokens) a default permission. I think the OAuth model doesn't map well to reality. It is common for other providers to issue "temporary" tokens with a duration of multiple years, and the refesh workflow is sort of silly. We can add a "temporary" scope later if we need temporary tokens.

This flow was potentially extra silly with the "log out of Phacility" use case, where we might need to have you log in again before we could log you out, which is bizarre and senseless. Avoid this nonsense.

**Move away from granular permissions**: Users currently get to pick-and-choose which permissions they grant, but this likely rarely/never works in practice and is fairly hostile since applications can't communicate which permissions they need. Applications which can actually operate with only some subset of permissions can make separate requests (e.g., when you activate "cool feature X", it asks for X permission). I think applications that do this are rare; pretty much everything just asks for tons of permissions and everyone grants them.

Making this all-or-nothing is better for well-behaved applications and better for users. It's also slightly better for overzealous applications that ask for more than they need, but whatever. Users can make an informed decision, hopefully, and I plan to let administrators force applications to a subset of permissions once we introduce meaningful scopes.

Test Plan:
  - Generated tokens.
  - Used tokens.
  - Authorized an instance.
  - Faked some bogus scopes, got clean authorization.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T7303

Differential Revision: https://secure.phabricator.com/D15621
2016-04-05 13:53:33 -07:00
epriestley
3493d9d513 Fix a typo
Summary: Whoops.

Test Plan: O.o

Reviewers: chad

Reviewed By: chad

Differential Revision: https://secure.phabricator.com/D15519
2016-03-24 09:12:34 -07:00
epriestley
b193796266 Provide "Reproduction Steps" docs and separate "Version" doc
Summary: I know this is ultimately pointless but feel better about pushing back on users when there is no possible way they could be acting in good faith.

Test Plan: Read documents.

Reviewers: chad

Reviewed By: chad

Differential Revision: https://secure.phabricator.com/D15518
2016-03-24 08:57:29 -07:00
epriestley
f5c8a2fb18 Write "Why does Phabricator need so many databases?"
Summary: We will sell you as many new databases as you want, cheap! Just $1 per database!

Test Plan: (O).(O)

Reviewers: chad

Reviewed By: chad

Differential Revision: https://secure.phabricator.com/D15249
2016-02-11 13:01:04 -08:00
epriestley
bce83bf844 Delete old Maniphest edit controller
Summary:
Ref T9908. No more callsites. Also:

  - Phurl a couple of documentation URIs.
  - Get rid of "task:" in the global search since it doesn't really make sense anymore.

Test Plan: `grep`, edited/created tasks.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T9908

Differential Revision: https://secure.phabricator.com/D14716
2015-12-08 17:56:31 -08:00
epriestley
3438664b38 Provide documentation explicitly describing what a "root problem" is
Summary:
A guide to basic skills every software professional should have.

This is so fundamental that I don't think the document is actually helpful, but we can try it I guess.

Test Plan: Reading?

Reviewers: chad

Reviewed By: chad

Subscribers: Shredder121

Differential Revision: https://secure.phabricator.com/D14707
2015-12-08 13:01:32 -08:00
epriestley
afcbbce80f Minor spelling/wordsmith on CLA doc
Summary: Caught these while re-reading.

Test Plan: Reading?

Reviewers: chad

Reviewed By: chad

Differential Revision: https://secure.phabricator.com/D14580
2015-11-27 13:45:13 -08:00
epriestley
eb62a98e0f Document the CLA in more detail
Summary: Provide a long-form description of why we require a CLA and the distinction between the individual and corporate CLAs. See Q219 and Q97.

Test Plan: Reading.

Reviewers: chad

Reviewed By: chad

Differential Revision: https://secure.phabricator.com/D14578
2015-11-27 13:26:49 -08:00
epriestley
1b00ef08a0 Remove some low-hanging buildStandardPageResponse() methods
Summary: Ref T9690. I wanted to do an example of how to do these but it looks like most of them are trivial (no callsites) and the rest are a little tricky (weird interaction with frames, or in Releeph).

Test Plan:
  - Used `grep` to look for callsites.
  - Hit all applications locally, everything worked.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T9690

Differential Revision: https://secure.phabricator.com/D14385
2015-11-03 10:11:36 -08:00
epriestley
b3d8ea88ec Update a couple of links in "Feature Requests" documentation
Summary:
These are a little out of date:

  - Link to Starmap since it explicitly exists now.
  - Link to "Planning" instead of the old task.
  - Link to "Prioritization" instead of telling anyone to build stuff themselves.

Test Plan: Read documentation.

Reviewers: chad

Reviewed By: chad

Differential Revision: https://secure.phabricator.com/D14328
2015-10-24 08:13:28 -07:00
epriestley
1582bb54f6 Move version numbers to a dedicated "Versions" panel
Summary:
Currently, Version numbers are sort of randomly shown on "All Settings" beacuse we didn't have any better place to put them.

Now that we have modules, expose them as a config module.

Test Plan:
{F906426}

Grepped for "all settings" to look for other references to the old location, but didn't get any relevant hits.

Reviewers: chad

Reviewed By: chad

Differential Revision: https://secure.phabricator.com/D14327
2015-10-24 08:13:22 -07:00
epriestley
4cb2ec1120 Update support documentation for modern times
Summary:
Basically similar to D13941 but a little more extreme:

  - Really strongly emphasize reproducibility for bug reports, and set users up for rejection if they don't satisfy this.
  - Really strongly emphasize problem descriptions for feature requests, and set users up for rejection.
  - Get rid of various "please give us feedback"; we get plenty of feedback these days.
  - Some modernization tweaks.
  - Split the support document into:
    - Stuff we actually support for free (security / good bug reports / feature requests).
    - Stuff you can pay us for (hosting / consulting / prioritization).
    - A nebulous "community" section, with appropriate (low) expectations that better reflects reality.

My overall goals here are:

  - Set expectations better, so users don't show up in IRC expecting it to be a "great place to get amazing support" or whatever the docs said in 2011.
  - Possibly move the needle slightly on bug reports / feature request quality, maybe.

Test Plan: Read changes carefully.

Reviewers: chad

Reviewed By: chad

Differential Revision: https://secure.phabricator.com/D14305
2015-10-19 13:29:24 -07:00
epriestley
8f2f841d17 Fix some links to "Adding New Classes" in docs
Summary: Fixes T9483. This bookname is `phabcontrib`, not `contributor`.

Test Plan: `grep` / clicked these links.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T9483

Differential Revision: https://secure.phabricator.com/D14195
2015-09-30 07:44:54 -07:00
epriestley
a8e247528c Document that hypothetical requests aren't helpful
Summary: Fixes T8908. We sometimes receive hypothetical requests (usually when existing companies are thinking about adopting Phabricator) in the form of "No users have actually done this yet, but bad thing Y might happen". We can almost never move forward with these. Explain this in detail.

Test Plan: Reading.

Reviewers: btrahan, chad

Reviewed By: chad

Subscribers: epriestley

Maniphest Tasks: T8908

Differential Revision: https://secure.phabricator.com/D13663
2015-07-22 07:14:56 -07:00
epriestley
e587dbe9da Clean up some old "www.phabricator.com" references
Summary: We've decomissioned this host.

Test Plan: `git grep www.phabricator.com`

Reviewers: chad

Reviewed By: chad

Subscribers: epriestley

Differential Revision: https://secure.phabricator.com/D13585
2015-07-07 13:35:57 -07:00
epriestley
b22fba1ab5 Provide general documentation on how to use perfomance tools
Summary: Ref T8617. Provide general documentation with tools for debugging hangs and slow pages. Update DarkConsole docs and discuss how to use Services and XHProf. Explain what Multimeter is for and how to use it. Update XHProf docs and provide some usage hints.

Test Plan: Read documentation.

Reviewers: joshuaspence, btrahan

Reviewed By: joshuaspence, btrahan

Subscribers: joshuaspence, epriestley

Maniphest Tasks: T8617

Differential Revision: https://secure.phabricator.com/D13359
2015-06-20 05:30:17 -07:00
epriestley
85083c88c1 Update the translations document
Summary:
Fixes T8616. The rules for contributors have come up a few times recently, so update this document to give more complete advice.

Also try to do a better job with "adding new classes" (previously: libphutil libraries blah blah no one cares).

Test Plan: Read documents.

Reviewers: btrahan, joshuaspence

Reviewed By: btrahan, joshuaspence

Subscribers: joshuaspence, epriestley

Maniphest Tasks: T8616

Differential Revision: https://secure.phabricator.com/D13358
2015-06-20 05:25:08 -07:00
Joshua Spence
d9af48cc52 Add language specification to code blocks
Summary: Add the language specification to code blocks in documentation.

Test Plan: Eyeball it.

Reviewers: chad, #blessed_reviewers, epriestley

Reviewed By: #blessed_reviewers, epriestley

Subscribers: epriestley, Korvin

Differential Revision: https://secure.phabricator.com/D13277
2015-06-15 07:32:13 +10:00
Paul Kassianik
e74f027f0a Clarifiying Documentation Links
Summary: Fixes T8487.

Test Plan: Verify that links are clear at Diviner > Phabricator Contributor Docs > Using the Phabricator OAuth Server.

Reviewers: lpriestley, #blessed_reviewers, epriestley

Reviewed By: #blessed_reviewers, epriestley

Subscribers: epriestley, Korvin

Maniphest Tasks: T8487

Differential Revision: https://secure.phabricator.com/D13240
2015-06-13 19:44:29 -07:00
Joshua Spence
445caf1d97 Change monospace text formatting
Summary: Using `##` can cause some formatting issues, see D13071.

Test Plan: See D13071.

Reviewers: epriestley, #blessed_reviewers, chad

Reviewed By: epriestley, #blessed_reviewers

Subscribers: Korvin, epriestley

Differential Revision: https://secure.phabricator.com/D13072
2015-05-31 10:07:45 +10:00
Joshua Spence
69940f2b9e Replace ArcanistPhutilTestCase refs with PhutilTestCase
Summary: Ref T7977. Remove the `PhabricatorTestCase::getLink` method. Depends on D12665.

Test Plan: `arc unit`.

Reviewers: avivey, #blessed_reviewers, epriestley

Reviewed By: avivey, #blessed_reviewers, epriestley

Subscribers: Korvin, epriestley

Maniphest Tasks: T7977

Differential Revision: https://secure.phabricator.com/D12667
2015-05-20 09:40:39 +10:00
epriestley
557c22e9df Update feature requests doc
Summary:
This mentions "like GitHub", but we purged all the issues and no longer accept them.

Generally, feature requests should be coming to the upstream only nowadays.

Also, don't overpromise IRC.

Test Plan: Read documentation.

Reviewers: btrahan, chad

Reviewed By: chad

Subscribers: epriestley

Differential Revision: https://secure.phabricator.com/D11777
2015-02-16 08:26:39 -08:00
epriestley
d4680a7e4e Update Phabricator to work with more modular translations
Summary:
Ref T7152. Ref T1139. This updates Phabricator so third-party libraries can translate their own stuff. Also:

  - Hide "All Caps" when not in development mode, since some users have found this a little confusing.
  - With other changes, adds a "Raw Strings" mode (development mode only).
  - Add an example silly translation to make sure the serious business flag works.
  - Add a basic British English translation.
  - Simplify handling of translation overrides.

Test Plan:
  - Flipped serious business / development on and off and saw silly/development translations drop off.
  - Switched to "All Caps" and saw all caps.
  - Switched to Very English, Wow!
  - Switched to British english and saw "colour".

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: epriestley

Maniphest Tasks: T7152, T1139

Differential Revision: https://secure.phabricator.com/D11747
2015-02-11 13:02:35 -08:00
epriestley
7589ed12e4 Stop recommending GitHub as "okay" for bug reports
Summary: Queues purged.

Test Plan: Command-F "GitHub"

Reviewers: chad, btrahan

Reviewed By: btrahan

Subscribers: epriestley

Differential Revision: https://secure.phabricator.com/D11685
2015-02-04 15:15:05 -08:00
Bob Trahan
152072fc97 OAuthServer - harden things up a bit
Summary: This is the hardening work mentioned in T887#86529. Also take a documentation pass for accuracy about these changes and formatting. Ref T4593.

Test Plan: unit tests...! generated diviner docs and oauthserver doc looked good

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: Korvin, epriestley

Maniphest Tasks: T4593

Differential Revision: https://secure.phabricator.com/D11298
2015-01-09 11:04:18 -08:00
epriestley
b2e71bcb70 Don't say "K&R style" in coding conventions
Summary: We technically don't use K&R. These documents and the rest of the codebase are full of examples of the correct style, which should be unambiguous to a reasonable reader.

Test Plan: reading

Reviewers: staticshock, btrahan

Reviewed By: btrahan

Subscribers: epriestley

Differential Revision: https://secure.phabricator.com/D11255
2015-01-06 10:47:37 -08:00
epriestley
5372fb772c Unindent various links
Summary: @btrahan asked about this but I gave the wrong answer. These
currently do not turn into links. I think they might have in the past,
but if they did the rule is a little weird and feels specific to my
use. We can reexamine this at some point, but for now just make the
links work in a normal, reasonable sort of way.

Auditors: btrahan
2014-11-07 12:26:20 -08:00
epriestley
3b26fe8c05 Improve install documentation a bit
Summary:
  - Warn users that they'll need to be comfortable with the CLI.
  - Move XHProf stuff to the developer docs, since few/no normal users need it.

Test Plan: Read documentation.

Reviewers: btrahan, chad

Reviewed By: chad

Subscribers: epriestley

Differential Revision: https://secure.phabricator.com/D10810
2014-11-07 10:17:21 -08:00
epriestley
31b4d39003 Narrow scope of support documentation
Summary:
  - Direct users to detailed bug report / feature reuqest documents.
  - Move "get more info" and "unreproducible problems" to bug reporting document.
  - Stop telling users to email us, and strongly encourage them to use primary channels.

Test Plan: Read documentation.

Reviewers: btrahan, chad

Reviewed By: btrahan, chad

Subscribers: epriestley

Differential Revision: https://secure.phabricator.com/D10808
2014-11-07 10:17:06 -08:00
epriestley
853588af89 Write bug report, feature request and code contribution guides
Summary:
Fixes T6347. This refines the "contributor guide" documents to basically lock down support further. Notable changes in policy:

  - Bugs: Emphasis on reproduction steps, strong emphasis on using Maniphest. Emphasis on what we support.
  - Features: Emphasis on describing problems instead of solutions, emphasis on realistic expecations about timelines. Strong emphasis on using Maniphest.
  - Code: Strong emphasis on coordinating with us first. No GitHub pull requests. Emphasis on us ignoring contributions we don't have time to deal with. Suggests local forks.

Test Plan: Read these through; let me generate them and take some screenshots for easier reading.

Reviewers: btrahan, chad

Reviewed By: chad

Subscribers: epriestley

Maniphest Tasks: T6347

Differential Revision: https://secure.phabricator.com/D10764
2014-11-01 09:22:12 -07:00
epriestley
18161d00a0 Update some storage documentation for new adjustment workflows
Summary: Ref T1191. General update of this document, which remains mostly accurate. Remove a warning.

Test Plan: Read document.

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: epriestley

Maniphest Tasks: T1191

Differential Revision: https://secure.phabricator.com/D10760
2014-11-01 08:29:37 -07:00
epriestley
c728c0ac60 Make Celerity a real application
Summary: Ref T5702. This primarily gets URI routing out of Aphront and into an Application, for consistency.

Test Plan: Loaded some pages, got static resources.

Reviewers: chad, btrahan

Reviewed By: btrahan

Subscribers: epriestley

Maniphest Tasks: T5702

Differential Revision: https://secure.phabricator.com/D10696
2014-10-13 11:17:23 -07:00
Joshua Spence
ee6afccb10 Fix some long lines to be less long
Summary: Self-explanatory.

Test Plan: `arc lint`

Reviewers: btrahan, #blessed_reviewers, epriestley

Reviewed By: #blessed_reviewers, epriestley

Subscribers: epriestley, Korvin

Differential Revision: https://secure.phabricator.com/D10438
2014-09-08 23:08:56 +10:00
Bob Trahan
77fa7c8939 Docs - expand documentation on custom fields for selects a bit
Summary: ...and fix an error where lines that start with ##X## are rendering incorrectly by switching to alternate syntax `X`. Fixes T5806.

Test Plan: read the docs and they looked good

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: epriestley, Korvin

Maniphest Tasks: T5806

Differential Revision: https://secure.phabricator.com/D10165
2014-08-06 14:18:32 -07:00
epriestley
3fb64aebf0 Update a panel location in DarkConsole documentation
Summary: This moved.

Test Plan: Reading.

Reviewers: chad, btrahan

Reviewed By: btrahan

Subscribers: epriestley

Differential Revision: https://secure.phabricator.com/D10079
2014-07-30 12:18:21 -07:00
Joshua Spence
023dee0d3b Rename Conduit classes
Summary: Ref T5655. Rename Conduit classes and provide a `getAPIMethodName` method to declare the API method.

Test Plan:
```
> echo '{}' | arc --conduit-uri='http://phabricator.joshuaspence.com' call-conduit user.whoami
Waiting for JSON parameters on stdin...
{"error":null,"errorMessage":null,"response":{"phid":"PHID-USER-lioqffnwn6y475mu5ndb","userName":"josh","realName":"Joshua Spence","image":"http:\/\/phabricator.joshuaspence.com\/res\/1404425321T\/phabricator\/3eb28cd9\/rsrc\/image\/avatar.png","uri":"http:\/\/phabricator.joshuaspence.com\/p\/josh\/","roles":["admin","verified","approved","activated"]}}
```

Reviewers: epriestley, #blessed_reviewers

Reviewed By: epriestley, #blessed_reviewers

Subscribers: epriestley, Korvin, hach-que

Maniphest Tasks: T5655

Differential Revision: https://secure.phabricator.com/D9991
2014-07-25 10:54:15 +10:00
Joshua Spence
e495ce496b Fix various spelling mistakes
Summary: Minor change, self-explanatory.

Test Plan: Eye-ball it

Reviewers: epriestley, #blessed_reviewers

Reviewed By: epriestley, #blessed_reviewers

Subscribers: epriestley, Korvin

Differential Revision: https://secure.phabricator.com/D9911
2014-07-13 00:45:33 +10:00
Joshua Spence
8756d82cf6 Remove @group annotations
Summary: I'm pretty sure that `@group` annotations are useless now... see D9855. Also fixed various other minor issues.

Test Plan: Eye-ball it.

Reviewers: #blessed_reviewers, epriestley, chad

Reviewed By: #blessed_reviewers, epriestley

Subscribers: epriestley, Korvin, hach-que

Differential Revision: https://secure.phabricator.com/D9859
2014-07-10 08:12:48 +10:00
epriestley
3cb49d68d0 Point contributor documentation at Phacility CLAs, not Facebook CLAs
Summary: We now have workable CLAs, so route users to them.

Test Plan: Read documentation.

Reviewers: chad

Reviewed By: chad

Subscribers: epriestley

Differential Revision: https://secure.phabricator.com/D9820
2014-07-04 09:41:42 -07:00
Joshua Spence
464979302b Fix line lengths in documentation and lint *.book files as JSON.
Summary: Fix a few "line too long" lint issues in the Diviner documentation. Also lint `*.book` files as JSON.

Test Plan: Eye-ball it.

Reviewers: epriestley, #blessed_reviewers

Reviewed By: epriestley, #blessed_reviewers

Subscribers: epriestley, Korvin

Differential Revision: https://secure.phabricator.com/D9695
2014-06-24 04:26:06 +10:00
epriestley
2f7508929f Document the aural attribute and __aural__ preview mode
Summary:
Ref T4843. Document the new assistive features in the developer docs.

(Also use the recommended mode to set them. They're equivalent for `aural=true` (but not for `aural=false`), so this doesn't actually change anything.)

Test Plan: Read documentation.

Reviewers: btrahan, chad

Reviewed By: chad

Subscribers: epriestley

Maniphest Tasks: T4843

Differential Revision: https://secure.phabricator.com/D8926
2014-05-01 07:54:29 -07:00
epriestley
2823547f2c Update contributor documentation
Summary:
It's fairly common for people to show up and be interested in finding easy stuff to work on. This stuff basically doesn't exist and probably never will: it doesn't make much sense to deliberately leave easy bugs broken just because someone might show up and want to fix a couple of easy bugs.

Almost all of the work that's valuable to us requires a depth or bredth of context which can't be acquired in a few hours here and there, and probably always will. I think it also always //should//, in that as long as we continue refactoring and clearing technical debt aggressively and having solid static analysis support tools, we should never have a large backlog of human-intelligence codebase tasks. The closest we've ever come were probably `pht()` and `phutil_tag()`, which both have a lot of subtleties and we mostly automated `phutil_tag()` anyway. These tasks are also //incredibly boring// to write and review.

So, accept this as a reality and realign the contributor documentation to try to deal with this case:

  - Set expectations about starter tasks not existing and throwing a couple of hours at the project writing code being a hard path.
  - Suggest non-code contributions which anyone can do.
  - Segue into code contributions with context and suggestions.

Test Plan: Generated and read documentation.

Reviewers: btrahan, chad

Reviewed By: chad

Subscribers: epriestley

Differential Revision: https://secure.phabricator.com/D8872
2014-04-26 22:30:19 -07:00
epriestley
88dc1cf3f6 Add a basic CSS doc
Summary: Fixes T3426. This describes all the weird stuff we've got, at least. We can expand this as we get more contributors or after writing CSS lint.

Test Plan: Read document.

Reviewers: btrahan, chad

Reviewed By: chad

Subscribers: epriestley

Maniphest Tasks: T3426

Differential Revision: https://secure.phabricator.com/D8720
2014-04-08 08:05:05 -07:00
Ben Alpert
2bd8603d95 Update Celerity docs
Test Plan: Crossed fingers.

Reviewers: epriestley, #blessed_reviewers

Reviewed By: epriestley, #blessed_reviewers

Subscribers: epriestley, Korvin, chad

Differential Revision: https://secure.phabricator.com/D8687
2014-04-03 06:09:02 -07:00
epriestley
873a4721b8 Divide Phabricator documentation into four books
Summary:
Ref T988. Divides documentation into four books:

  - User: Install, configure and use Phabricator.
  - Contrib: Develop and contribute to Phabricator.
  - Flavor: Worldly advice.
  - Generated: Generated technical documentation.

Test Plan: Generated the books and got sensible results. See screenshots.

Reviewers: chad, btrahan

Reviewed By: btrahan

CC: chad, aran

Maniphest Tasks: T988

Differential Revision: https://secure.phabricator.com/D8414
2014-03-05 13:00:24 -08:00