1
0
Fork 0
mirror of https://we.phorge.it/source/phorge.git synced 2024-11-28 17:52:43 +01:00
Commit graph

4831 commits

Author SHA1 Message Date
epriestley
fdb03a424d Fix a minor issue with editing Credential policies
Also, test repository self-hosting.

Auditors: btrahan
2013-11-22 16:06:35 -08:00
epriestley
6e41016077 Document and remove some scary warnings from repository hosting
Summary: Fixes T2230. This isn't a total walk in the park to configure, but should work for early adopters now.

Test Plan: Read documentation, browsed UI.

Reviewers: btrahan

Reviewed By: btrahan

CC: aran

Maniphest Tasks: T2230

Differential Revision: https://secure.phabricator.com/D7634
2013-11-22 15:24:27 -08:00
epriestley
d09dd23bd7 Actually push to mirrors
Summary: Fixes T4038. Push repositories to mirrors.

Test Plan: Created a functional mirror of a local: https://github.com/epriestley/poems

Reviewers: btrahan

Reviewed By: btrahan

CC: aran

Maniphest Tasks: T4038

Differential Revision: https://secure.phabricator.com/D7633
2013-11-22 15:24:09 -08:00
epriestley
4b91c4f7ae Add UI for defining repository mirrors
Summary:
Ref T4038. This adds everything except the actual pushing part for mirrors.

This isn't the most beautiful or sophisticated UI, but I want get the authoritative repositories self-hosted and get users beta-ing hosting as soon as possible. We can do transactions, etc., later on.

Test Plan: See screenshots.

Reviewers: btrahan

Reviewed By: btrahan

CC: aran

Maniphest Tasks: T4038

Differential Revision: https://secure.phabricator.com/D7632
2013-11-22 15:23:50 -08:00
epriestley
51fb1ca16d Migrate repositories to use Passphrase for credential management
Summary: Fixes T4122. Ref T2230. Instead of storing credentials on each repository, store them in Passphrase. This allows easy creation/management of many repositories which share credentials.

Test Plan:
  - Upgraded repositories.
  - Created and edited repositories.
  - Pulled HTTP and SSH repositories.

Reviewers: btrahan

Reviewed By: btrahan

CC: aran

Maniphest Tasks: T2230, T4122

Differential Revision: https://secure.phabricator.com/D7629
2013-11-22 15:23:33 -08:00
epriestley
819f899013 Add an edge between Passphrase credentials and objects which use them
Summary: Ref T4122. Add an edge to keep track of where a credential is used, and show it in the UI.

Test Plan:
See "Used By":

{F84099}

Reviewers: btrahan

Reviewed By: btrahan

CC: aran

Maniphest Tasks: T4122

Differential Revision: https://secure.phabricator.com/D7628
2013-11-22 15:23:23 -08:00
epriestley
61b26255bb Add "PassphraseKey" classes for code which needs to actually use credentials
Summary: Ref T4122. These classes provide typed, checked access to credentials, so you can say "give me this password, and throw if anything is funky".

Test Plan: Used in next revision.

Reviewers: btrahan

Reviewed By: btrahan

CC: aran

Maniphest Tasks: T4122

Differential Revision: https://secure.phabricator.com/D7625
2013-11-22 15:23:10 -08:00
epriestley
572567b85d Add "allow null" and username hinting to the Passphrase credential control
Summary:
Ref T4122.

  - For Diffusion, we need "allow null" (permits selection of "No Credential") for anonymous HTTP repositories.
  - For Diffusion, we can make things a little easier to configure by prefilling the username.

Test Plan: Used UIExample form. These featuers are used in a future revision.

Reviewers: btrahan

Reviewed By: btrahan

CC: aran

Maniphest Tasks: T4122

Differential Revision: https://secure.phabricator.com/D7624
2013-11-22 14:35:35 -08:00
James Rhodes
7c3cb5948c Drydock blueprint for preallocated remote hosts
Summary:
This adds a Drydock blueprint for preallocated, remote hosts.  This will be used by the Harbormaster interface to allow users to specify remote hosts that builds can be run on.

This adds a `canAllocateResource` method to Drydock blueprints; it is used to detect whether a blueprint can allocate a resource for the given type and attributes.

Test Plan:
Ran:

```
bin/drydock lease --type host --attributes remote=true,preallocated=true,host=192.168.56.101,port=22,user=james,keyfile=,path=C:\\Build\\,platform=windows
```

and saw the "C:\Build\<id>" folder appear on the remote Windows machine.  Viewed the lease and resource in Drydock as well.

Reviewers: epriestley, #blessed_reviewers

Reviewed By: epriestley

CC: Korvin, epriestley, aran, jamesr

Maniphest Tasks: T4111

Differential Revision: https://secure.phabricator.com/D7593
2013-11-22 14:34:10 -08:00
epriestley
97937556ca Fix issue when paging Applications
Summary: See <https://github.com/facebook/phabricator/issues/450>.

Test Plan: See GitHub issue.

Reviewers: btrahan

Reviewed By: btrahan

CC: aran

Differential Revision: https://secure.phabricator.com/D7627
2013-11-22 12:34:52 -08:00
Saulius Zemaitaitis
4910a36563 Set reasonable defaults when displaying remote repository URIs.
Summary: Show SSH user on git-over-ssh repositories and hide both username and password for other repos.

Test Plan: View repository details page in diffusion, Clone URI should appear with a username (taken from repo config) and any http(s) repos should be without usernames.

Reviewers: epriestley, #blessed_reviewers

Reviewed By: epriestley

CC: Korvin, epriestley, aran

Maniphest Tasks: T4147

Differential Revision: https://secure.phabricator.com/D7631
2013-11-22 11:22:39 -08:00
Chad Little
b154b07f0e Have TransactionComments return a PHUIObjectBoxView
Summary: Simplifies the code a bit and fixes all the wonky previews. Fixes T4053

Test Plan: Test all pages, logged in and logged out.

Reviewers: epriestley

Reviewed By: epriestley

CC: Korvin, epriestley, aran

Maniphest Tasks: T4053

Differential Revision: https://secure.phabricator.com/D7622
2013-11-21 16:09:04 -08:00
epriestley
e99c53da2e Fix an issue with SVN path construction in the presence of subpath configuration
Summary: D7590 made path construction more consistent, but affected this callsite if a subpath is configured. Currently, we end up with double `@@` in the URI.

Test Plan:
  - Ran unit tests.
  - Ran `bin/repostitory discover`.

Reviewers: staticshock, btrahan

Reviewed By: btrahan

CC: aran

Differential Revision: https://secure.phabricator.com/D7619
2013-11-21 14:41:38 -08:00
epriestley
3a035c02e7 Recover more flexibly from an already-verified email
Summary:
Ref T4140. We could hit a redirect loop for a user with a verified primary email address but no "is verified" flag on their account. This shouldn't be possible since the migration should have set the flag, but we can deal with it more gracefully when it does happen (maybe because users forgot to run `storage/upgrade`, or because of ghosts).

In the controller, check the same flag we check before forcing the user to the controller.

When verifying, allow the verification if either the email or user flag isn't set.

Test Plan: Hit `/login/mustverify/`; verified an address.

Reviewers: btrahan

Reviewed By: btrahan

CC: aran

Maniphest Tasks: T4140

Differential Revision: https://secure.phabricator.com/D7621
2013-11-21 14:41:32 -08:00
epriestley
a518626a85 Slightly improve behavior for unverified + unapproved users
Summary: Ref T4140. Allow unapproved users to verify their email addresses. Currently, unapproved blocks email verification, but should not.

Test Plan: Clicked email verification link as an unapproved user, got email verified.

Reviewers: btrahan, chad

Reviewed By: chad

CC: aran

Maniphest Tasks: T4140

Differential Revision: https://secure.phabricator.com/D7618
2013-11-21 12:58:58 -08:00
epriestley
8f715d8edf Add a credential selection control to Passphrase
Summary: Ref T4122. Adds a control for choosing credentials.

Test Plan: See screenshots.

Reviewers: btrahan

Reviewed By: btrahan

CC: aran, lsave

Maniphest Tasks: T4122

Differential Revision: https://secure.phabricator.com/D7617
2013-11-21 12:35:36 -08:00
Bob Trahan
7b718bb033 Nuance - federate out the design of NuanceSource via NuanceSourceDefinition
Summary: ...and get the basic edit flow "working" for a new NuanceSourceDefinition - the Phabricator Form. ...and fix a dumb bug in the query class so when you redirect to the view page / try to edit an existing NuanceSource you don't fatal.

Test Plan: played around with the edit form and it worked!

Reviewers: epriestley

Reviewed By: epriestley

CC: Korvin, epriestley, aran

Differential Revision: https://secure.phabricator.com/D7585
2013-11-20 13:41:19 -08:00
epriestley
a07f444f2a Fix git "origin" remote in more circumstances
Summary:
Fixes T4041. We currently detect when "origin" is incorrect, but can do better:

  - When "origin" is missing, we can add it. This happens for Git 1.7.1 -- see T4041.
  - When "origin" is wrong, we can fix it automatically if we control the repository.

We only need to fail when origin exists, is wrong, and we aren't in charge of the repository.

Test Plan: Ran `bin/repository discover X` on a repository with a good origin, no origin, a bad-but-under-control origin, and a bad-out-of-control origin. Got the right behavior in all cases.

Reviewers: btrahan

Reviewed By: btrahan

CC: aran, champo

Maniphest Tasks: T4041

Differential Revision: https://secure.phabricator.com/D7614
2013-11-20 10:41:56 -08:00
epriestley
ff8b48979e Simplify Repository remote and local command construction
Summary:
This cleans up some garbage:

  - We were specifying environmental variables with `X=y git ...`, but now have `setEnv()` on both `ExecFuture` and `PhutilExecPassthru`. Use `setEnv()`.
  - We were specifying the working directory with `(cd %s && git ...)`, but now have `setCWD()` on both `ExecFuture` and `PhutilExecPassthru`. Use `setCWD()`.
  - We were specifying the Git credentials with `ssh-agent -c (ssh-add ... && git ...)`. We can do this more cleanly with `GIT_SSH`. Use `GIT_SSH`.
  - Since we have to write a script for `GIT_SSH` anyway, use the same script for Subversion and Mercurial.

This fixes two specific issues:

  - Previously, we were not able to set `-o StrictHostKeyChecking=no` on Git commands, so the first time you cloned a git repo the daemons would generally prompt you to add `github.com` or whatever to `known_hosts`. Since this was non-interactive, things would mysteriously hang, in effect. With `GIT_SSH`, we can specify the flag, reducing the number of ways things can go wrong.
  - This adds `LANG=C`, which probably (?) forces the language to English for all commands. Apparently you need to install special language packs or something, so I don't know that this actually works, but at least two users with non-English languages have claimed it does (see <https://github.com/facebook/arcanist/pull/114> for a similar issue in Arcanist).

At some point in the future I might want to combine the Arcanist code for command execution with the Phabricator code for command execution (they share some stuff like LANG and HGPLAIN). However, credential management is kind of messy, so I'm adopting a "wait and see" approach for now. I expect to split this at least somewhat in the future, for Drydock/Automerge if nothing else.

Also I'm not sure if we use the passthru stuff at all anymore, I may just be able to delete that. I'll check in a future diff.

Test Plan: Browsed and pulled Git, Subversion and Mercurial repositories.

Reviewers: btrahan

Reviewed By: btrahan

CC: aran

Maniphest Tasks: T2230

Differential Revision: https://secure.phabricator.com/D7600
2013-11-20 10:41:35 -08:00
epriestley
08bdfacff3 Make Subversion URI construction more consistent
Summary:
Ref T2230. SVN has some weird rules about path construction. Particularly, if you're missing a "/" in the remote URI right now, the change parsing step doesn't build the right paths.

Instead, build the right paths more intelligently.

Test Plan: Added and executed unit tests. Imported an SVN repo.

Reviewers: btrahan

Reviewed By: btrahan

CC: aran, jpeffer

Maniphest Tasks: T2230

Differential Revision: https://secure.phabricator.com/D7590
2013-11-20 10:41:25 -08:00
epriestley
6eb02af314 Allow "bin/auth recover" to succeed before phabricator.base-uri is set
Summary:
Fixes T4132. If you run "bin/auth recover" before setting the base URI, it throws when trying to generate a production URI.

Instead, just show the path. We can't figure out the domain, and I think this is less confusing than showing "your.phabricator.example.com", etc.

Test Plan: Ran `bin/auth recover <user>` for valid and missing base-uri.

Reviewers: btrahan

Reviewed By: btrahan

CC: aran

Maniphest Tasks: T4132

Differential Revision: https://secure.phabricator.com/D7615
2013-11-20 10:36:00 -08:00
epriestley
91d084624b Passphrase v0
Summary:
Ref T4122. Implements a credential management application for the uses described in T4122.

@chad, this needs an icon, HA HA HAHA HA BWW HA HA HA

bwahaha

Test Plan: See screenshots.

Reviewers: btrahan, chad

Reviewed By: btrahan

CC: chad, aran

Maniphest Tasks: T4122

Differential Revision: https://secure.phabricator.com/D7608
2013-11-20 09:13:35 -08:00
Kelsey Fix
a6b16bb894 Fixing usage message for "hg diff"
Summary: Phabricator doesn't accept raw hg diff, fixing usage message to
specify using git extended diff.

See: <https://github.com/facebook/phabricator/pull/444>

Reviewed by: epriestley
2013-11-19 17:51:47 -08:00
epriestley
ab64ad1257 Add explicit width/height controls for embedded images in Remarkup
Summary: User request. See screenshot.

Test Plan: doge

Reviewers: btrahan, bigo

Reviewed By: btrahan

CC: aran

Differential Revision: https://secure.phabricator.com/D7610
2013-11-19 17:33:55 -08:00
Joel Beales
9efcbc4ee9 Speed up loading of diffs with a lot of unit test failures
Summary:
We've been having trouble with viewing diffs timing out when there's a lot of unit test failures. It was caused by formatting userdata for every single failure. The expensive part of this was actually creating the engine for every result, so moved the construction outside of the loop.

Diffs that timed out (2 min) loading before load in around 6 seconds now.

Test Plan: Loaded diffs that used to time out. Verified that details still looked right when Show Full Unit Test Results Is Clicked.

Reviewers: epriestley, keegancsmith, lifeihuang, #blessed_reviewers

Reviewed By: epriestley

CC: Korvin, epriestley, aran, andrewjcg

Differential Revision: https://secure.phabricator.com/D7581
2013-11-19 15:19:15 -08:00
epriestley
d9db1d61e0 Restore population of ownerOrdering to ManiphestTasks
Summary:
Ref T4110. This denormalized field used to power "Group By: Assigned" got dropped in the T2217 migration at some point.

Restore its population, and fix all the data in the database.

Test Plan: Ran migration, verified database came out reasonable-looking. Reassigned a task, verified database. Ran a "Group By: assigned" query.

Reviewers: btrahan

Reviewed By: btrahan

CC: aran

Maniphest Tasks: T4110

Differential Revision: https://secure.phabricator.com/D7602
2013-11-19 14:10:54 -08:00
epriestley
c207964036 Never raise policy exceptions for the omnipotent viewer
Summary:
Fixes T4109. If a revision has a bad `repositoryPHID` (for example, because the repository was deleted), `DifferentialRevisionQuery` calls `didRejectResult()` on it, which raises a policy exception, even if the viewer is omnipotent. This aborts the `MessageParser`, because it does not expect policy exceptions to be raised for an omnipotent viewer.

Fix this in two ways:

  # Never raise a policy exception for an omnipotent viewer. I think this is the expected behavior and a reasonable rule.
  # In this case, load the revision for an omnipotent viewer.

This feels a little gross, but it's the only place where we do this in the codebase right now. We can clean this up later on once it's more clear what the circumstances of checks like these are.

Test Plan: Set a revision to have an invalid `repositoryPHID`, ran message parser on it, got a clean parse.

Reviewers: btrahan

Reviewed By: btrahan

CC: aran

Maniphest Tasks: T4109

Differential Revision: https://secure.phabricator.com/D7603
2013-11-19 14:10:38 -08:00
Chad Little
200b51df5d Set a default paste header
Summary: Fixes T4040

Test Plan: Create new paste without title, see title.

Reviewers: epriestley

Reviewed By: epriestley

CC: Korvin, epriestley, aran

Maniphest Tasks: T4040

Differential Revision: https://secure.phabricator.com/D7605
2013-11-18 16:16:25 -08:00
epriestley
c146c942af Fix meme generation for palette PNGs
Summary: Fixes T4125. Indexed / palette PNGs may fail to allocate a proper black for drawing an image border.

Test Plan: {F83066}

Reviewers: btrahan, asukhachev

Reviewed By: asukhachev

CC: aran

Maniphest Tasks: T4125

Differential Revision: https://secure.phabricator.com/D7604
2013-11-18 15:16:58 -08:00
epriestley
476b27d9c8 Add "phd.user" with sudo hooks for SSH/HTTP writes
Summary:
Ref T2230. When fully set up, we have up to three users who all need to write into the repositories:

  - The webserver needs to write for HTTP receives.
  - The SSH user needs to write for SSH receives.
  - The daemons need to write for "git fetch", "git clone", etc.

These three users don't need to be different, but in practice they are often not likely to all be the same user. If for no other reason, making them all the same user requires you to "git clone httpd@host.com", and installs are likely to prefer "git clone git@host.com".

Using three different users also allows better privilege separation. Particularly, the daemon user can be the //only// user with write access to the repositories. The webserver and SSH user can accomplish their writes through `sudo`, with a whitelisted set of commands. This means that even if you compromise the `ssh` user, you need to find a way to escallate from there to the daemon user in order to, e.g., write arbitrary stuff into the repository or bypass commit hooks.

This lays some of the groundwork for a highly-separated configuration where the SSH and HTTP users have the fewest privileges possible and use `sudo` to interact with repositories. Some future work which might make sense:

  - Make `bin/phd` respect this (require start as the right user, or as root and drop privileges, if this configuration is set).
  - Execute all `git/hg/svn` commands via sudo?

Users aren't expected to configure this yet so I haven't written any documentation.

Test Plan:
Added an SSH user ("dweller") and gave it sudo by adding this to `/etc/sudoers`:

   dweller ALL=(epriestley) SETENV: NOPASSWD: /usr/bin/git-upload-pack, /usr/bin/git-receive-pack

Then I ran git pushes and pulls over SSH via "dweller@localhost". They successfully interacted with the repository on disk as the "epriestley" user.

Reviewers: btrahan

Reviewed By: btrahan

CC: aran

Maniphest Tasks: T2230

Differential Revision: https://secure.phabricator.com/D7589
2013-11-18 08:58:35 -08:00
Chad Little
40c0e3529d Fix DiffusionLintController
Summary: Use proper method Fixes T4118

Test Plan: Test a lint page in Diffusion

Reviewers: epriestley, btrahan, vrana

Reviewed By: epriestley

CC: Korvin, epriestley, aran

Maniphest Tasks: T4118

Differential Revision: https://secure.phabricator.com/D7598
2013-11-18 08:05:27 -08:00
epriestley
965c2e6732 Add a default "Subscribed" query to Maniphest
Summary: Although I don't want to end up with 20 of these again, this is a reasonable default to provide, particularly for installs where a large portion of the userbase primarily reports bugs and does not interact with them directly.

Test Plan: Hit `/maniphest/`, saw "Subscribed", clicked it, saw the tasks I'm subscribed to.

Reviewers: jbrown, btrahan

Reviewed By: jbrown

CC: aran

Maniphest Tasks: T4100

Differential Revision: https://secure.phabricator.com/D7586
2013-11-14 10:13:20 -08:00
Aviv Eyal
dcf909ba56 Land to GitHub + support stuff
Summary:
A usable, Land to GitHub flow.

Still to do:
- Refactor all git/hg stratagies to a sane structure.
- Make the dialogs Workflow + explain why it's disabled.
- Show button and request Link Account if GH is enabled, but user is not linked.
- After refreshing token, user ends up in the settings stage.

Hacked something in LandController to be able to show an arbitrary dialog from a strategy.
It's not very nice, but I want to make some more refactoring to the controller/strategy/ies anyway.

Also made PhabricatorRepository::getRemoteURIObject() public, because it was very useful in getting
the domain and path for the repo.

Test Plan:
Went through these flows:
- load revision in hosted, github-backed, non-github backed repos to see button as needed.
- hit land with weak token - sent to refresh it with the extra scope.
- Land to repo I'm not allowed - got proper error message.
- Successfully landed; Failed to apply patch.

Reviewers: epriestley, #blessed_reviewers

Reviewed By: epriestley

CC: Korvin, epriestley, aran

Maniphest Tasks: T182

Differential Revision: https://secure.phabricator.com/D7555
2013-11-13 17:25:24 -08:00
epriestley
87a655e8c5 Fix new logged-out "Login" button URI and workflowiness
Summary: Whelp apparently I never actually clicked this.

Auditors: btrahan
2013-11-13 11:48:24 -08:00
epriestley
2dc8065d11 Prevent Repository local path edit from the web UI
Summary:
Ref T4039. This fixes an issue where a user with the ability to create repositories could view repositories he is otherwise not permitted to see, by following these steps:

  - Suppose you want to see repository "A".
  - Create a repository with the same VCS, called "B".
  - Edit the local path, changing "/var/repo/B" to "/var/repo/A".
  - Now it points at a working copy of a repository you can't see.
  - Although you won't be able to make it through discovery (the pull will fail with the wrong credentials), you can read some information out of the repository directly through the Diffusion UI, probably?

I'm not sure this was really practical to execute since there are a bunch of sanity checks along most/all of the major pathways, but lock it down since normal users shouldn't be editing it anyway. In the best case, this would make a mess.

Test Plan: {F81391}

Reviewers: btrahan

Reviewed By: btrahan

CC: aran

Maniphest Tasks: T4039

Differential Revision: https://secure.phabricator.com/D7580
2013-11-13 11:26:22 -08:00
epriestley
f5ca647d2c Add bin/repository edit for CLI repository editing
Summary:
Ref T4039. This is mostly to deal with that, to prevent the security issues associated with mutable local paths. The next diff will lock them in the web UI.

I also added a confirmation prompt to `bin/repository delete`, which was a little scary without one.

See one comment inline about the `--as` flag. I don't love this, but when I started adding all the stuff we'd need to let this transaction show up as "Administrator" it quickly got pretty big.

Test Plan: Ran `bin/repository edit ...`, saw an edit with a transaction show up on the web UI.

Reviewers: btrahan

Reviewed By: btrahan

CC: aran

Maniphest Tasks: T4039

Differential Revision: https://secure.phabricator.com/D7579
2013-11-13 11:26:05 -08:00
epriestley
626b3dab3b Fix handle loads in ManiphestTaskListView
Summary:
Fixes T4095. Fixes T3817.

  - The batch editor has some funky handle code which misses projects, share that.
  - Remove some hacks for T3817 that should be good now.

Test Plan: Looked at batch editor, saw projects. Looked at task list.

Reviewers: btrahan

Reviewed By: btrahan

CC: aran, martin.schulz

Maniphest Tasks: T3817, T4095

Differential Revision: https://secure.phabricator.com/D7578
2013-11-13 11:25:57 -08:00
epriestley
fb6e38548b Respect "can edit username" in registration UI
Summary:
Fixes T3741. The flag is respected in terms of actually creating the account, but the UI is a bit unclear.

This can never occur naturally, but installs can register an event which locks it.

Test Plan:
Artificially locked it, verified I got more reasonable UI;

{F81282}

Reviewers: btrahan, datr

Reviewed By: datr

CC: aran

Maniphest Tasks: T3741

Differential Revision: https://secure.phabricator.com/D7577
2013-11-13 11:25:43 -08:00
epriestley
c0e1a63a63 Implement an approval queue
Summary:
  - Add an option for the queue.
  - By default, enable it.
  - Dump new users into the queue.
  - Send admins an email to approve them.

Test Plan:
  - Registered new accounts with queue on and off.
  - As an admin, approved accounts and disabled the queue from email.

Reviewers: btrahan

Reviewed By: btrahan

CC: aran

Differential Revision: https://secure.phabricator.com/D7576
2013-11-13 11:24:56 -08:00
epriestley
0fa411083f Show an "approval queue" item on the home page for admins, and sort out menu item visibility
Summary:
  - If you're an administrator and there are users waiting for approval, show a count on the home page.
  - Sort out the `isUserActivated()` access check.
  - Hide all the menu widgets except "Logout" for disabled and unapproved users.
  - Add a "Log In" item.
  - Add a bunch of unit tests.

Test Plan: Ran unit tests, clicked around as unapproved/approved/logged-in/logged-out users.

Reviewers: btrahan

Reviewed By: btrahan

CC: aran, chad

Differential Revision: https://secure.phabricator.com/D7574
2013-11-13 11:24:38 -08:00
epriestley
c8320923c4 Implement most of the administrative UI for approval queues
Summary:
Nothing fancy here, just:

  - UI to show users needing approval.
  - "Approve" and "Disable" actions.
  - Send "Approved" email on approve.
  - "Approve" edit + log operations.
  - "Wait for Approval" state for users who need approval.

There's still no natural way for users to end up not-approved -- you have to write directly to the database.

Test Plan: See screenshots.

Reviewers: btrahan

Reviewed By: btrahan

CC: aran

Differential Revision: https://secure.phabricator.com/D7573
2013-11-13 11:24:18 -08:00
epriestley
a3c811f281 Accept case-insensitive mail replies
Summary:
Mailbox sometimes (?) changes the case of the email address (?). Be more liberal in what we accept.

Also fix a minor output bug.

Test Plan: Sent mail to `e1+...` instead of `E1+...`, verified it arrived.

Reviewers: btrahan

Reviewed By: btrahan

CC: aran

Differential Revision: https://secure.phabricator.com/D7575
2013-11-12 21:23:23 -08:00
epriestley
7f11e8d740 Improve handling of email verification and "activated" accounts
Summary:
Small step forward which improves existing stuff or lays groudwork for future stuff:

  - Currently, to check for email verification, we have to single-query the email address on every page. Instead, denoramlize it into the user object.
    - Migrate all the existing users.
    - When the user verifies an email, mark them as `isEmailVerified` if the email is their primary email.
    - Just make the checks look at the `isEmailVerified` field.
  - Add a new check, `isUserActivated()`, to cover email-verified plus disabled. Currently, a non-verified-but-not-disabled user could theoretically use Conduit over SSH, if anyone deployed it. Tighten that up.
  - Add an `isApproved` flag, which is always true for now. In a future diff, I want to add a default-on admin approval queue for new accounts, to prevent configuration mistakes. The way it will work is:
    - When the queue is enabled, registering users are created with `isApproved = false`.
    - Admins are sent an email, "[Phabricator] New User Approval (alincoln)", telling them that a new user is waiting for approval.
    - They go to the web UI and approve the user.
    - Manually-created accounts are auto-approved.
    - The email will have instructions for disabling the queue.

I think this queue will be helpful for new installs and give them peace of mind, and when you go to disable it we have a better opportunity to warn you about exactly what that means.

Generally, I want to improve the default safety of registration, since if you just blindly coast through the path of least resistance right now your install ends up pretty open, and realistically few installs are on VPNs.

Test Plan:
  - Ran migration, verified `isEmailVerified` populated correctly.
  - Created a new user, checked DB for verified (not verified).
  - Verified, checked DB (now verified).
  - Used Conduit, People, Diffusion.

Reviewers: btrahan

Reviewed By: btrahan

CC: chad, aran

Differential Revision: https://secure.phabricator.com/D7572
2013-11-12 14:37:04 -08:00
epriestley
cd73fe78db Roadblock users trying to register with external accounts that have invalid emails
Summary:
Ref T3472. Currently, if an install only allows "@mycompany.com" emails and you try to register with an "@personal.com" account, we let you pick an "@mycompany.com" address instead. This is secure: you still have to verify the email. However, it defies user expectation -- it's somewhat confusing that we let you register. Instead, provide a hard roadblock.

(These accounts can still be linked, just not used for registration.)

Test Plan: See screenshot.

Reviewers: btrahan

Reviewed By: btrahan

CC: aran

Maniphest Tasks: T3472

Differential Revision: https://secure.phabricator.com/D7571
2013-11-12 14:36:49 -08:00
epriestley
30a51dac36 Clarify registration rules more aggressively when configuring auth
Summary: See private chatter. Make it explicitly clear when adding a provider that anyone who can browse to Phabricator can register.

Test Plan: See screenshots.

Reviewers: btrahan

Reviewed By: btrahan

CC: aran

Differential Revision: https://secure.phabricator.com/D7570
2013-11-12 10:56:47 -08:00
epriestley
62794e4494 Don't allow "autoclose only" to be set in Mercurial
Summary: We don't actually support this yet, so hide the configuration.

Test Plan: Edited branches for an hg repo.

Reviewers: btrahan

Reviewed By: btrahan

CC: aran

Differential Revision: https://secure.phabricator.com/D7563
2013-11-11 16:26:58 -08:00
epriestley
d4eca25774 Don't implement SVN over HTTP
Summary:
Ref T2230. As far as I can tell, getting SVN working over HTTP is incredibly complicated. It's all DAV-based and doesn't appear to have any kind of binary we can just execute and pass requests through to. Don't support it for now.

  - Disable it in the UI.
  - Make sure all the error messages are reasonable.

Test Plan: Tried to HTTP an SVN repo. Tried to clone a Git repo with SVN, got a good error message.

Reviewers: btrahan

Reviewed By: btrahan

CC: aran

Maniphest Tasks: T2230

Differential Revision: https://secure.phabricator.com/D7562
2013-11-11 16:10:41 -08:00
epriestley
c818e6e159 Remove differential.anonymous-access
Summary:
Fixes T3034. This is obsoleted by modern policies.

This was written by a Facebook intern and is rarely used -- the Hive install might be the only use in the wild. It has never really worked correctly.

Test Plan: `grep`; browsed Differential.

Reviewers: btrahan

Reviewed By: btrahan

CC: aran

Maniphest Tasks: T3034

Differential Revision: https://secure.phabricator.com/D7568
2013-11-11 16:05:19 -08:00
Bob Trahan
819bd7f03b Add arcanist project phid to differential.query
Summary: Fixes T3535. Also, flip flop on that spacing thing and make the spaces purdy

Test Plan: got an arcanist projected phid in the json dict

Reviewers: epriestley

Reviewed By: epriestley

CC: Korvin, epriestley, aran

Maniphest Tasks: T3535

Differential Revision: https://secure.phabricator.com/D7565
2013-11-11 15:01:21 -08:00
Bob Trahan
f35ce505a1 Herald - add ability to conditionalize on Maniphest Task projects
Summary: adds FIELD_PROJECTS and deploys it to Maniphest Task Herald Adapter. Went with "projects" because it feels like that could go well in other Adapters that want to conditionalize based on project.

Test Plan: made a new herald rule to be cc'd if project foo was on a task. it worked!

Reviewers: epriestley

CC: Korvin, epriestley, aran

Differential Revision: https://secure.phabricator.com/D7564
2013-11-11 14:20:31 -08:00
epriestley
a4e8fd2289 Wait for the Git client to disconnect before exiting in Git SSH workflows
Summary:
Ref T2230. Very rarely, even though we've flushed the connection and sent all the data, we'll close the connection before Git is happy with it and it will flip out with an error like this:

  fatal: The remote end hung up unexpectedly
  fatal: early EOF
  fatal: index-pack failed

This is hard to reproduce because it depends on the order of read/write operations we can't directly control. I only saw it about 2% of the time, by just running `git pull` over and over again.

Waiting for Git to close its side of the connection seems to fix it.

Test Plan: Ran `git clone` a ton of times without seeing the error again. Ran `git push` a ton of times with new commits.

Reviewers: btrahan

Reviewed By: btrahan

CC: aran

Maniphest Tasks: T2230

Differential Revision: https://secure.phabricator.com/D7558
2013-11-11 12:27:28 -08:00
epriestley
85f505465e Support serving SVN repositories over SSH
Summary:
Ref T2230. The SVN protocol has a sensible protocol format with a good spec here:

http://svn.apache.org/repos/asf/subversion/trunk/subversion/libsvn_ra_svn/protocol

Particularly, compare this statement to the clown show that is the Mercurial wire protocol:

> It is possible to parse an item without knowing its type in advance.

WHAT A REASONABLE STATEMENT TO BE ABLE TO MAKE ABOUT A WIRE PROTOCOL

Although it makes substantially more sense than Mercurial, it's much heavier-weight than the Git or Mercurial protocols, since it isn't distributed.

It's also not possible to figure out if a request is a write request (or even which repository it is against) without proxying some of the protocol frames. Finally, several protocol commands embed repository URLs, and we need to reach into the protocol and translate them.

Test Plan: Ran various SVN commands over SSH (`svn log`, `svn up`, `svn commit`, etc).

Reviewers: btrahan

Reviewed By: btrahan

CC: aran

Maniphest Tasks: T2230

Differential Revision: https://secure.phabricator.com/D7556
2013-11-11 12:19:06 -08:00
epriestley
8840f60218 Enable Mercurial reads and writes over SSH
Summary:
Ref T2230. This is substantially more complicated than Git, but mostly because Mercurial's protocol is a like 50 ad-hoc extensions cobbled together. Because we must decode protocol frames in order to determine if a request is read or write, 90% of this is implementing a stream parser for the protocol.

Mercurial's own parser is simpler, but relies on blocking reads. Since we don't even have methods for blocking reads right now and keeping the whole thing non-blocking is conceptually better, I made the parser nonblocking. It ends up being a lot of stuff. I made an effort to cover it reasonably well with unit tests, and to make sure we fail closed (i.e., reject requests) if there are any parts of the protocol I got wrong.

A lot of the complexity is sharable with the HTTP stuff, so it ends up being not-so-bad, just very hard to verify by inspection as clearly correct.

Test Plan:
  - Ran `hg clone` over SSH.
  - Ran `hg fetch` over SSH.
  - Ran `hg push` over SSH, to a read-only repo (error) and a read-write repo (success).

Reviewers: btrahan, asherkin

Reviewed By: btrahan

CC: aran

Maniphest Tasks: T2230

Differential Revision: https://secure.phabricator.com/D7553
2013-11-11 12:18:27 -08:00
epriestley
ac7c739226 Fix --depth N clones in Git
Summary: Ref T2230. Fixes T4079. As it turns out, this is Git being weird. See comments for some detials about what's going on here.

Test Plan: Created shallow and deep Git clones.

Reviewers: hach-que, btrahan

Reviewed By: btrahan

CC: aran

Maniphest Tasks: T4079, T2230

Differential Revision: https://secure.phabricator.com/D7554
2013-11-11 12:17:47 -08:00
epriestley
f2938bacd9 Generalize SSH passthru for repository hosting
Summary:
Ref T2230. In Git, we can determine if a command is read-only or read/write from the command itself, but this isn't the case in Mercurial or SVN.

For Mercurial and SVN, we need to proxy the protocol that's coming over the wire, look at each request from the client, and then check if it's a read or a write. To support this, provide a more flexible version of `passthruIO`.

The way this will work is:

  - The SSH IO channel is wrapped in a `ProtocolChannel` which can parse the the incoming stream into message objects.
  - The `willWriteCallback` will look at those messages and determine if they're reads or writes.
    - If they're writes, it will check for write permission.
    - If we're good to go, the message object is converted back into a byte stream and handed to the underlying command.

Test Plan: Executed `git clone`, `git clone --depth 3`, `git push` (against no-write repo, got error), `git push` (against valid repo).

Reviewers: btrahan

Reviewed By: btrahan

CC: hach-que, asherkin, aran

Maniphest Tasks: T2230

Differential Revision: https://secure.phabricator.com/D7551
2013-11-11 12:12:21 -08:00
epriestley
ae5fbe034e Fix an issue where Ponder rename stories tried to render question bodies
Summary: Missing some `break;`, pretty sure this is causing the issue on `secure.phabricator.com`.

Test Plan: Will push.

Reviewers: chad, btrahan

Reviewed By: btrahan

CC: aran

Differential Revision: https://secure.phabricator.com/D7559
2013-11-11 11:17:06 -08:00
Jakub Vrana
a29b5b070f Replace some hsprintf() by phutil_tag()
Test Plan: Looked at a diff with inline comment.

Reviewers: epriestley

Reviewed By: epriestley

CC: Korvin, epriestley, aran

Differential Revision: https://secure.phabricator.com/D7549
2013-11-11 09:23:23 -08:00
Brecht Van Lommel
7ec42dbbea Fix 404 clicking Find Owners in diffusion, if Owners application is disabled.
Test Plan: Install/uninstall Owners application, Find Owners action shown/hidden as expected.

Reviewers: epriestley, #blessed_reviewers

Reviewed By: epriestley

CC: Korvin, epriestley, aran

Differential Revision: https://secure.phabricator.com/D7557
2013-11-11 09:12:09 -08:00
Ryan Freebern
71adee75b0 Use accounts typeahead endpoint for project membership
Reviewed by: epriestley

See: <https://github.com/facebook/phabricator/pull/436>
2013-11-10 16:46:30 -08:00
epriestley
5bb646a838 Fix incorrect check for CAN_EDIT in macro enable/disable controller
Summary: This CAN_EDIT capability doesn't exist. `PhabricatorMacroCapabilityManage::CAPABILITY` (checked on line 15) is used instead.

Test Plan: Disabled, then re-enabled a macro.

Reviewers: hach-que, btrahan

Reviewed By: hach-que

CC: aran

Differential Revision: https://secure.phabricator.com/D7550
2013-11-09 16:34:26 -08:00
James Rhodes
eccbbce9a2 Allow users to create buildables from diffs
Summary:
Now that diffs have PHIDs we can create buildables for them.

This also adds `buildable.diff` in the variables list so the diff ID is available, and it also fixes the Cancel button on "Edit Plan" page so it redirects to the right place.

Test Plan: Created a buildable from a diff, ran a build plan against it that had `echo ${buildable.diff}` and got the right ID.  Also tested the "Edit Plan" cancel redirect.

Reviewers: epriestley, #blessed_reviewers

Reviewed By: epriestley

CC: Korvin, epriestley, aran

Maniphest Tasks: T1049

Differential Revision: https://secure.phabricator.com/D7546
2013-11-09 15:08:34 -08:00
James Rhodes
79ef667dfd Render build status on revisions and commits
Summary:
This uses an event listener to render the status of builds on their buildables.  The revision and commit view now renders out the status of each of the builds.

Currently the revision controller has the results for the latest diff rendered out.  We might want to show the status of previous diffs in the future, but for now I think the latest diff should do fine.

There's also a number of bug fixes in this diff, including a particularly nasty one where builds would have a build plan PHID generated for them, which resulted in handle lookups always returning invalid objects.

Test Plan: Ran builds against diffs and commits, saw them appear on the revision and commit view controllers.

Reviewers: epriestley, #blessed_reviewers

Reviewed By: epriestley

CC: Korvin, epriestley, aran

Maniphest Tasks: T1049

Differential Revision: https://secure.phabricator.com/D7544
2013-11-09 15:04:00 -08:00
epriestley
56c65e33ef Add a "Make an HTTP Request" build step
Summary:
Ref T1049. This is very minimal, but does what it says.

I merged the variable replacement code so Remote + HTTP can share more stuff.

Test Plan:
Ran "HTTP" and "Remote" build plans.

{F79886}

{F79887}

Reviewers: hach-que, btrahan

Reviewed By: hach-que

CC: zeeg, aran

Maniphest Tasks: T1049

Differential Revision: https://secure.phabricator.com/D7541
2013-11-09 07:16:12 -08:00
James Rhodes
43847d6bd7 Prevent crashes when more than one buildable for an object exists
Summary: This prevents a crash in applying build plans when more than one buildable exists for the same object.  It also adds a check into the "New Manual Build" page to ensure that users can't create a buildable for an object that already has one.

Test Plan: Tried to create a buildable for an object that already has one and a nice friendly error appeared.  Applied a build plan to a buildable whose object has two buildables and didn't get a crash any more.

Reviewers: epriestley, #blessed_reviewers

Reviewed By: epriestley

CC: Korvin, epriestley, aran

Differential Revision: https://secure.phabricator.com/D7543
2013-11-09 07:03:18 -08:00
James Rhodes
3eaac9eda9 Added build.id variable and other improvements / fixes
Summary: This adds a `build.id` variable, cleans up the naming convention of other variables and also fixes an issue in the remote command to read the buffers after the command finishes.

Test Plan: Ran a build with `/bin/echo ${build.id}` and saw the build ID come through.

Reviewers: epriestley, #blessed_reviewers

Reviewed By: epriestley

CC: Korvin, epriestley, aran

Maniphest Tasks: T1049

Differential Revision: https://secure.phabricator.com/D7540
2013-11-08 19:06:45 -08:00
James Rhodes
197e9b6f49 Put back the stronger variable replacement
Summary: This puts back the stronger variable replacement that was missed the last update to D7519.

Test Plan: Re-ran a remote build that had variables in the command and everything worked as expected.

Reviewers: epriestley, #blessed_reviewers

Reviewed By: epriestley

CC: Korvin, epriestley, aran

Maniphest Tasks: T1049

Differential Revision: https://secure.phabricator.com/D7539
2013-11-08 18:36:48 -08:00
James Rhodes
8f52778f32 Fix content being missed in the build logs
Summary: This fixes an issue where content would be discarded when the content to append is larger than the chunk size limit.

Test Plan: Tested running a remote command that does `I=0; while true; do echo "$I"; I=$[$I+1]; done` and all of the outputted numbers matched the line numbers in the logs.

Reviewers: epriestley, #blessed_reviewers

Reviewed By: epriestley

CC: Korvin, epriestley, aran

Differential Revision: https://secure.phabricator.com/D7537
2013-11-08 18:28:15 -08:00
James Rhodes
e64efa05c3 Implement "Run Remote Command" build step implementation.
Summary: This adds a build step implementation for running a command on a remote machine over SSH.  It supports merging in various variables about the build (such as the commit hash / revision ID, repository call sign, version control type and clone URI).

Test Plan: Configured a build plan to run `/bin/true` on localhost and the build passed.  Configured a build plan to run `/bin/false` on localhost and the build failed.

Reviewers: epriestley, #blessed_reviewers

Reviewed By: epriestley

CC: Korvin, epriestley, aran

Maniphest Tasks: T1049

Differential Revision: https://secure.phabricator.com/D7519
2013-11-08 18:15:14 -08:00
James Rhodes
0ac1be7094 Implemented support for build logs
Summary:
Depends on D7519.

This implements support for build logs in Harbormaster.  This includes support for appending to a log from the "Run Remote Command" build step.

It also adds the ability to cancel builds.

Currently the build view page doesn't update the logs live; I'm sure this can be achieved with Javelin, but I don't have enough experience with Javelin to actually make it poll from updates to content in the background.

{F79151}

{F79153}

{F79150}

{F79152}

Test Plan:
Tested this by setting up SSH on a Windows machine and using a Remote Command configured with:

```
C:\Windows\system32\cmd.exe /C cd C:\Build && mkdir Build_${timestamp} && cd Build_${timestamp} && git clone --recursive https://github.com/hach-que/Tychaia.git && cd Tychaia && Protobuild.exe && C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe Tychaia.Windows.sln
```

and observed the output of the build stream from the Windows machine into Phabricator.

Reviewers: epriestley, #blessed_reviewers

Reviewed By: epriestley

CC: Korvin, epriestley, aran

Maniphest Tasks: T1049

Differential Revision: https://secure.phabricator.com/D7521
2013-11-08 18:15:07 -08:00
Bob Trahan
d0de4dab24 Pholio - fix a bug replacing multiple images
Summary: these transactions should //never// merge since they are always created for a 1:1 replacement. (ie any merging would be implicitly erroneous).  Fixes T4081

Test Plan: made a mock with three images and replaced all three successfully. replaced image A with image B, did not save, replaced image B with image C, then saved and verified transaction correctly showed image A replaced with image C.

Reviewers: epriestley

Reviewed By: epriestley

CC: Korvin, epriestley, aran

Maniphest Tasks: T4081

Differential Revision: https://secure.phabricator.com/D7536
2013-11-08 17:13:36 -08:00
James Rhodes
7ffea0463e Use herald to trigger builds of revisions and commits.
Summary:
Depends on D7500.

This seemed like a pretty good idea once I thought of it.  Instead of having some custom triggering logic instead Harbormaster, I figured it best to leverage all of Herald's power so that users can create rules to apply builds to commits and differential revisions.  This gives the added advantage that they can trigger off builds for particular types of revisions and commits, which seems like it could be really useful (e.g. run extra tests against revisions that touch sensitive areas of the code).

Test Plan: Ran the usual daemons + the Harbormaster daemon.  Pushed a commit to the repository and saw both the buildable and build get created when the commit worked picked it up.  Submitted a diff and saw both the buildable and build get created when the Herald rules were evaluated for the diff.

Reviewers: epriestley, #blessed_reviewers

Reviewed By: epriestley

CC: Korvin, epriestley, aran, hwinkel

Maniphest Tasks: T1049

Differential Revision: https://secure.phabricator.com/D7501
2013-11-08 16:58:39 -08:00
Bob Trahan
3de4e91dac Naunce - capalities for Source object
Summary: another little piece here that basically just adds some permissions to source editing. serving it up before I do anything too complicated to make sure it seems kosher. in terms of what comes next this form needs to be dynamic based on source type so there'll be some fun there. That said, I plan to implement a more simple "phabricator form" only version to start here and flesh out a few other things like queues with that.

Test Plan: set permission to no one for source edit and got a nice error page.

Reviewers: epriestley

Reviewed By: epriestley

CC: Korvin, epriestley, aran

Differential Revision: https://secure.phabricator.com/D7535
2013-11-08 12:45:14 -08:00
Asher Baker
d700e7f22d Add support for landing to hosted Mercurial repos.
Summary: I've kept this as close as possible to the Git version for ease of review and later refactoring of them both together. At minimum, the functions to get the working dir should probably be cleaned up one day.

Test Plan: Landed a revision.

Reviewers: epriestley, #blessed_reviewers

Reviewed By: epriestley

CC: Korvin, epriestley, aran

Differential Revision: https://secure.phabricator.com/D7534
2013-11-08 11:39:32 -08:00
epriestley
1c73d6cd06 Tighten a regular expression in repository.create
Summary:
See <https://github.com/facebook/phabricator/issues/433>. We were missing a "^" here.

This should be moved over to transactions soon and then we can get rid of the duplication. :/

Test Plan: Tried to create a repository with callsign "9X", got a helpful error about "ALL UPPERCASE LETTERS".

Reviewers: btrahan

Reviewed By: btrahan

CC: aran

Differential Revision: https://secure.phabricator.com/D7531
2013-11-08 11:09:09 -08:00
Anirudh Sanjeev
1bcf478c69 Fix weird issue where INF is not respected in PHP 5.5
Summary:
After upgrading to PHP 5.5, the conduit list was not fully visible because
INF was being treated as "0" for some reason. Fixed by making it a PHP_MAX_INT

Test Plan: Checked on PHP 5.5

Reviewers: epriestley, #blessed_reviewers

Reviewed By: epriestley

CC: Korvin, epriestley, aran

Differential Revision: https://secure.phabricator.com/D7530
2013-11-08 07:07:10 -08:00
epriestley
f68d67530a Fix an issue with pulling Subversion blame data
Summary:
Fixes T4067. The way `DiffusionCommitQuery` works prevents it from loading SVN identifiers in some cases without additional constraints, since "12345" might be an SVN revision 12345, or it might be the first 5 characters of a Git commit hash.

Introduce `withRepository()` as a shorthand for `withDefaultRepository()` + `withRepositoryIDs()`. This tells the query to:

  - Only look in the given repository; and
  - use the more liberal identifier resolution rules while doing so.

The practical impact this has is that blame tooltips in SVN work again. The other queries which are fixed here were never run in SVN (which doesn't have first-class branches or tags); I've cleaned them up only for completeness.

Test Plan:
  - Viewed blame in SVN, saw information again instead of empty tooltip.
  - Viewed brnaches/tags in Mercurial and Git.

{F79226}

Reviewers: btrahan

Reviewed By: btrahan

CC: aran

Maniphest Tasks: T4067

Differential Revision: https://secure.phabricator.com/D7523
2013-11-07 12:10:43 -08:00
Bob Trahan
9084f1fe8c Phriction - make the check for project sub pages more fine-grained
Summary:
we were just checking if projects/ was in the URI before barfing. Use some more fun utility functions such that we only complain if there is no project.

Fixes T4071.

Test Plan: made a subpage under a project - success! tried to make a project wiki page where there was no project - successful failure! tried to make a project wiki sub page where there was no project - successful failure!

Reviewers: epriestley, chad

Reviewed By: epriestley

CC: Korvin, epriestley, aran

Maniphest Tasks: T4071

Differential Revision: https://secure.phabricator.com/D7527
2013-11-07 12:06:42 -08:00
epriestley
0e65740c2d Support ecdsa-sha2-nistp256 SSH keys
Summary:
See discussion in <https://github.com/facebook/phabricator/issues/430>.

(If we end up with more than like 5 of these we should probably make this a warning or something instead, the only goal is to prevent user error.)

Test Plan:
{F79196}

{F79197}

Reviewers: btrahan, chad

Reviewed By: chad

CC: aran, enko

Differential Revision: https://secure.phabricator.com/D7522
2013-11-07 11:33:46 -08:00
epriestley
038f5323c0 Allow Herald's "Reviewers" field to select project reviewers
Summary: The "Reviewers" condition in Differential Revision rules has the wrong typeahead and can't select projects, but should be able to.

Test Plan: {F79273}

Reviewers: btrahan

Reviewed By: btrahan

CC: aran

Differential Revision: https://secure.phabricator.com/D7526
2013-11-07 11:23:31 -08:00
epriestley
6324669748 Allow Phabricator to serve Mercurial repositories over HTTP
Summary: Ref T2230. This is easily the worst thing I've had to write in a while. I'll leave some notes inline.

Test Plan: Ran `hg clone http://...` on a hosted repo. Ran `hg push` on the same. Changed sync'd both ways.

Reviewers: asherkin, btrahan

Reviewed By: btrahan

CC: aran

Maniphest Tasks: T2230

Differential Revision: https://secure.phabricator.com/D7520
2013-11-06 18:00:42 -08:00
epriestley
44a40eaf57 Split Diffusion VSC serve code into its own controller
Summary: This is starting to get a bit sizable and it turns out Mercurial is sort of a beast, so split the VCS serve stuff into a separate controller.

Test Plan: Pushed and pulled an authenticated Git repository.

Reviewers: btrahan

Reviewed By: btrahan

CC: aran, hach-que

Differential Revision: https://secure.phabricator.com/D7494
2013-11-06 17:55:46 -08:00
epriestley
5b873a74de Move Mercurial discovery to PhabricatorRepositoryDiscoveryEngine
Summary: Ref T4068. Partly, this moves discovery to the more unit-testable PhabricatorRepositoryDiscoveryEngine. It also fixes some issues, see inlines.

Test Plan: In a Mercurial repository, ran `bin/repository discover --repair`, verified commits came out topographically sorted. Ran without `--repair` and in various other contexts, like with no commits to discover and some-but-not-all commits to discover.

Reviewers: btrahan

Reviewed By: btrahan

CC: aran

Maniphest Tasks: T4068

Differential Revision: https://secure.phabricator.com/D7518
2013-11-06 17:20:22 -08:00
Bob Trahan
66ae64f7bc Nuance - get some scaffolding up there
Summary:
I updated the wiki too - https://secure.phabricator.com/w/projects/pebkac/ - with what I am thinking right now. Rough plan here is

 - next diff:
  - implement editors and transactions
  - implement "web type" for contact source
   - /pebkac/item/new/ will be the entry point for this
  - implement "actions" on a contact
  - probably some "polish" on the scaffolding laid out here; like "create" permissions maybs
 - diffs after that:
  - implement "twitter" type for source
  - implement email reply handler stuff for item and source

Probs a great time to blast huge holes in all this stuff. :D

Test Plan: these pages load and arc lint doesn't complain

Reviewers: epriestley

Reviewed By: epriestley

CC: Korvin, epriestley, aran, chad

Differential Revision: https://secure.phabricator.com/D7465
2013-11-06 17:00:09 -08:00
epriestley
4f0f95f7b5 Assign PHIDs to all diffs
Summary:
Ref T1049. Ref T2222. `DifferentialDiff` does not currently have a PHID, but we need it for Harbormaster and ApplicationTransactions. See some discussion in D7501.

(I split the SQL into two sections so we can't fail in the middle. At some point, I'd like to do a pass on the migration stuff and get this happening automatically, and also simplify the PatchList.)

Test Plan:
  - Ran `bin/storage upgrade`.
  - Checked for valid PHIDs in the database.
  - Used `phid.query` to look up a diff by PHID.
  - Created a new diff and verified it got a PHID.

Reviewers: btrahan, hach-que

Reviewed By: btrahan

CC: aran, vrana

Maniphest Tasks: T2222, T1049

Differential Revision: https://secure.phabricator.com/D7513
2013-11-06 13:59:06 -08:00
epriestley
bd29784a32 Add an administrative bin/repository importing command to list importing commits
Summary: Ref T4068. Adds a command to list all commits in an "importing" status. This will allow users to use `reparse.php` to diagnose and repair issues.

Test Plan:
  - Ran `bin/repository importing P`, etc.
  - Used `reparse.php` to reparse some commit stages and saw status update correctly.
  - Ran on a repo with no importing commits.
  - Ran with `... --simple | xargs`, which saves us having to put an `awk` or something in there for users.

Reviewers: btrahan

Reviewed By: btrahan

CC: aran

Maniphest Tasks: T4068

Differential Revision: https://secure.phabricator.com/D7515
2013-11-06 11:26:41 -08:00
epriestley
e3a5ab1f8c Add an administrative bin/repository mark-imported command
Summary:
Ref T4068. In some cases like that one, I anticipate a repository not fully importing when a handful of random commits are broken. In the long run we should just deal with that properly, but in the meantime provide an administrative escape hatch so you can mark the repository as imported and get it running normally.

The major reason to do this is that Herald, Feed, Harbormaster, etc., won't activate until a repository is "imported".

Test Plan:
  - Tried to mark an imported repository as imported, got an "already imported" message.
  - Same for not-imported.
  - Marked a repository not-imported.
  - Marked a repository imported.
  - Marked a repository not-imported, then waited for the daemons to mark it imported again automatically.

Reviewers: btrahan

Reviewed By: btrahan

CC: aran, kbrownlees

Maniphest Tasks: T4068

Differential Revision: https://secure.phabricator.com/D7514
2013-11-06 11:26:24 -08:00
epriestley
377742c23a Get some level of meaningful status information into Harbormaster buildable list
Summary: Ref T1049. Nothing fancy, but shows red for fail/error and green for pass. See discussion in D7502.

Test Plan: {F78839}

Reviewers: hach-que, btrahan

Reviewed By: btrahan

CC: aran

Maniphest Tasks: T1049

Differential Revision: https://secure.phabricator.com/D7512
2013-11-06 11:26:17 -08:00
James Rhodes
8cae7f999f Make the buildables list a little nicer.
Summary:
Depends on D7501.

This just renders the buildable's actual object name onto the list, so you can see at a glance what the buildable represents.  I'd like to also pull across a list of builds of this buildable and change the bar color, but I'm not quite sure how to do that in the search architecture without N+1 querying.

Test Plan:
Looked at the buildable list and it looked like this:

{F78555}

Reviewers: epriestley, #blessed_reviewers

Reviewed By: epriestley

CC: Korvin, epriestley, aran

Maniphest Tasks: T1049

Differential Revision: https://secure.phabricator.com/D7502
2013-11-06 06:14:26 -08:00
Chad Little
b6c88bd6c1 Merge branch 'master' of github.com:facebook/phabricator 2013-11-05 19:05:22 -08:00
Chad Little
f691e35195 Add Fluid-ish view to AphrontMultiColumnView
Summary: Cleans up some CSS while adding lots of other... Mainly, this allow min-width "tables" that trigger a scroll-bar, but go full width if larger than min.

Test Plan: Tested Workboard Examples and some Project pages, Chrome, Tablet and Mobile Layouts

Reviewers: epriestley

CC: Korvin, epriestley, aran

Differential Revision: https://secure.phabricator.com/D7509
2013-11-05 18:57:52 -08:00
epriestley
ebcd60eae5 Fix an issue with non-bare Git repositories and non-master branches
Summary: This is a little funky but fixes an issue with Git repos that are
non-bare needing "origin/" to resolve branches other than "master". Eventually
this should get cleaned up.

Test Plan: Reporting user verified this fixed their issue.

Auditors: btrahan
2013-11-05 17:38:15 -08:00
epriestley
d5f41ef70e Return HTTP 500, not HTTP 200, on exception pages
Summary: Ref T4064. The response code here isn't normally relevant, but we can hit these via `git clone http://../`, etc., and it's clearly more correct to use HTTP 500.

Test Plan: Added a fake `throw new Exception()` and verified I got an HTTP 500 response.

Reviewers: jamesr, btrahan

Reviewed By: btrahan

CC: aran

Maniphest Tasks: T4064

Differential Revision: https://secure.phabricator.com/D7507
2013-11-05 15:25:12 -08:00
epriestley
ce48375951 Don't throw when user tries to use an empty password via HTTP auth
Summary: Fixes T4064. See discussion there.

Test Plan: Tried `git clone http://...` with empty password, got 403. Retried with actual password, got a clone.

Reviewers: jamesr, btrahan

Reviewed By: btrahan

CC: aran

Maniphest Tasks: T4064

Differential Revision: https://secure.phabricator.com/D7508
2013-11-05 15:24:58 -08:00
James Rhodes
e4569e7e7e Implement interface for adding, editing and deleting build steps on plans.
Summary: This implements an interface for adding new build steps, editing existing build steps and deleting build steps from build plans.  It uses the settings definitions on the build implementation to work out what fields should be displayed on the edit page.

Test Plan:
See screenshots:

{F78529}

{F78532}

{F78528}

{F78531}

{F78527}

{F78530}

Reviewers: epriestley, #blessed_reviewers

Reviewed By: epriestley

CC: Korvin, epriestley, aran

Maniphest Tasks: T1049

Differential Revision: https://secure.phabricator.com/D7500
2013-11-05 14:08:44 -08:00
James Rhodes
c514d34b94 Add build step implementation infrastructure and sleep build step.
Summary:
Depends on D7498.

This implements support for a "build step implementation".  Build steps have an associated class name (which makes the class in PHP) and a details field, which is serialized JSON (same as PhabricatorRepository).

This also implements a SleepBuildStepImplementation which just pauses the build for a specified period of seconds.

Test Plan:
Inserted a build step with `insert into harbormaster_buildstep (phid, buildPlanPHID, className, details, dateCreated, dateModified) values ('', 'PHID-HMCP-zkh5w6czfbfpk2gxwdeo', 'SleepBuildStepImplementation', '{"seconds":5}', NOW(), NOW());` (adjusting the build plan PHID as appropriate).

Started the daemon and applied the build plan to a buildable, and saw the daemon take a 5 second delay after creating `SleepBuildStepImplementation`.

Reviewers: epriestley, #blessed_reviewers

Reviewed By: epriestley

CC: Korvin, epriestley, aran, chad

Maniphest Tasks: T1049

Differential Revision: https://secure.phabricator.com/D7499
2013-11-05 13:34:44 -08:00
Aviv Eyal
5c0edc9351 Land Revision button for hosted git repos
Summary:
ref T182.

Simple approach of clone, patch, push. While waiting for drydock, implement a hackish mutex
setup for the workspace, which should work ok as long as there's only one committer who is
carefull about theses things.

Less obvious note: This is taking the both author and commiter's 'primary email' for the commit -
which might rub some people wrong.

Test Plan:
With a hosted repo, created some diffs and landed them.
Also clicked button for some error cases, got the right error message.

Reviewers: epriestley, #blessed_reviewers

Reviewed By: epriestley

CC: hach-que, Korvin, epriestley, aran

Maniphest Tasks: T182

Differential Revision: https://secure.phabricator.com/D7486
2013-11-05 13:00:13 -08:00
James Rhodes
ca5400d14b Implement basic Harbormaster daemon and start builds.
Summary: This implements a basic Harbormaster daemon that takes pending builds and builds them (currently just sleeps 15 seconds before moving to passed state).  It also implements an interface to apply a build plan to a buildable, so that users can kick off builds for a buildable.

Test Plan: Ran `bin/phd debug PhabricatorHarbormasterBuildDaemon` and used the interface to start some builds by applying a build plan.  Observed them move from 'pending' to 'building' to 'passed'.

Reviewers: epriestley, #blessed_reviewers

Reviewed By: epriestley

CC: Korvin, epriestley, aran

Maniphest Tasks: T1049

Differential Revision: https://secure.phabricator.com/D7498
2013-11-05 12:48:36 -08:00
epriestley
5cc26f065d Expand "local working copy" conditional check in Diffusion
Summary: We don't care about any disk resources at all for non-hosted SVN repositories. See <https://github.com/facebook/phabricator/issues/428>.

Test Plan: Looked at a non-hosted SVN repo, saw no storage info.

Reviewers: btrahan, chad

Reviewed By: chad

CC: aran

Differential Revision: https://secure.phabricator.com/D7506
2013-11-05 10:01:44 -08:00
epriestley
71e6386a73 Fix issue with new branch query data getting used incorrectly
See <https://github.com/facebook/phabricator/issues/429>
2013-11-05 09:59:31 -08:00
epriestley
7414777856 Select all available bodies when rendering a feed story
Summary:
Fixes T4060. The logic here is:

  - When you take several actions at once, we show a single feed story for all of them.
  - We choose the "most interesting" title for the feed story. For example, "close task" is more interesting than "add CC".

Currently, the issue with this is:

  - "Add comment" is the //least interesting// title. I think this is correct: all other actions are more interesting than the fact that you added a comment.
  - We try to conserve the number of objects we need to load by rendering only the most interesting transaction.

To fix this:

  - Stop being so conservative; load all of the transactions and all of their PHIDs.
  - Add bodies from any transactions which render bodies. In all cases (I think?) this is a maximum of one comment adding a body.

The end result is a story like this:

  epriestley closed T123: the building is on fire.

  "Okay guys I put the fire out"

Test Plan: See screenshot.

Reviewers: chad, btrahan

Reviewed By: chad

CC: aran, asherkin

Maniphest Tasks: T4060

Differential Revision: https://secure.phabricator.com/D7504
2013-11-05 09:03:59 -08:00
epriestley
9d069963ed Add more status checks for binaries
Summary:
Expands on D7488, which looks way better than the config checks. I'm leaving the config checks for now, but maybe we should just get rid of them? This advice is delivered in a far more timely way.

  - Check for normal VCS binaries too.
  - Link to `environment.append-paths`.
  - Get rid of untranslated names (I think they're probably not too useful?)

Test Plan: See screenshots.

Reviewers: hach-que, btrahan

Reviewed By: hach-que

CC: aran

Differential Revision: https://secure.phabricator.com/D7495
2013-11-04 15:14:01 -08:00
James Rhodes
10659ece8e Warn when 'git-http-backend' is not on the PATH.
Summary:
Currently if 'git-http-backend' is not on the PATH, there is no visible message to the user other than "info/refs: is this a valid git repository?" when trying to clone.  This adds a setup check so that if there are any Git repositories in use, it will check for the existance of the "git-http-backend" binary in the PATH.

I believe this is shipped by default alongside the git package on most distros, but in some (such as OpenSUSE), this binary isn't on the PATH by default.

Test Plan: Removed `/usr/lib/git` from my `environment.append-paths` and saw the message appear.  Added it back and the message went away.

Reviewers: epriestley, #blessed_reviewers

Reviewed By: epriestley

CC: Korvin, epriestley, aran

Maniphest Tasks: T4050

Differential Revision: https://secure.phabricator.com/D7488
2013-11-04 15:03:08 -08:00
epriestley
4f20530856 Merge "expandshortcommitquery" and "stablecommitnamequery" into "resolverefs"
Summary:
Ref T1493. Diffusion has some garbagey behavior for things we can't resolve. Common cases are:

  - Looking at a branch that doesn't exist.
  - Looking at a repository with no branches.
  - Looking at a commit that doesn't exist.
  - Looking at an empty repository.

In these cases, we generally fatal unhelpfully. I want to untangle this mess.

This doesn't help much, but does clean things up a bit. We currently have two separate query paths, "stablecommitname" and "expandshortcommit". These are pretty much doing the same thing -- taking some ref like "master" or "default" or a tag name or part of a commit name, and turning it into a full commit name. Merge them into a single "resolverefs" method.

This simplifies the code a fair bit, and gives us better error messages. They still aren't great, but they're like this now:

  Ref "7498aec194ecf2d333e0e2baddd9d5cdf922d7f1" is ambiguous or does not exist.

...instead of just:

  ERR-INVALID-COMMIT

Test Plan: Looked at Git, Mercurial and Subversion repositories that were empty and non-empty. Looked at branches/heads. Tried to look at invalid commits. Looked at tags. All of this still works, and some behaviors are a bit better than they used to be.

Reviewers: btrahan

Reviewed By: btrahan

CC: aran

Maniphest Tasks: T1493

Differential Revision: https://secure.phabricator.com/D7484
2013-11-04 14:13:07 -08:00
epriestley
8f3ae81143 Fix tag content display in Git
Summary: Fixes the junk I broke in D7484. Before that, tag content was a side effect of resolving the ref name. Now, fetch it explicitly in `diffusion.tagsquery`.

Test Plan: Looked at a tag, saw the annotation/message.

Reviewers: btrahan

Reviewed By: btrahan

CC: aran

Differential Revision: https://secure.phabricator.com/D7485
2013-11-04 12:16:53 -08:00
epriestley
90a9e90675 Record Conduit calls in the service profiler
Summary: This puts Conduit calls into the "Services" tab. They aren't always real service calls, but I think they're big enough to belong there and be useful.

Test Plan: Viewed "Services" tab, saw conduit calls.

Reviewers: btrahan

Reviewed By: btrahan

CC: aran

Differential Revision: https://secure.phabricator.com/D7482
2013-11-04 12:15:48 -08:00
epriestley
b90e51ab0e Clean up hg --debug branches calls
Summary: Ref T1493. Consolidate these a bit; they might need some more magic once we do `--noupdate` checkouts. Mostly just trying to clean up and centralize this code a bit.

Test Plan: Viewed and `bin/repository discover`'d Mercurial repos with and without any branches.

Reviewers: btrahan

Reviewed By: btrahan

CC: aran

Maniphest Tasks: T1493

Differential Revision: https://secure.phabricator.com/D7480
2013-11-04 12:15:32 -08:00
Jakub Vrana
00fb8c22e4 Decentralize phtize
Summary: The idea is to have all `phtize` definitions in applications to allow their separation.

Test Plan: Clicked View Options after mangling the translation.

Reviewers: epriestley

Reviewed By: epriestley

CC: btrahan, Korvin, epriestley, aran

Differential Revision: https://secure.phabricator.com/D7345
2013-11-04 11:38:28 -08:00
Chad Little
1c31ea3a60 Add header icons to PHUIPropertyListView
Summary: Adds summary (description) and test plan icons to make these area's more unique and differentiated over general sections.

Test Plan: Test a diff, a commit, a task

Reviewers: epriestley, btrahan

Reviewed By: epriestley

CC: Korvin, epriestley, aran

Differential Revision: https://secure.phabricator.com/D7493
2013-11-04 11:07:51 -08:00
Chad Little
5e2de53522 Touch up Phriction History page
Summary: Adds an ObjectBox. Fixes T4047

Test Plan: View updated Phriction History Page.

Reviewers: epriestley

Reviewed By: epriestley

CC: Korvin, epriestley, aran

Maniphest Tasks: T4047

Differential Revision: https://secure.phabricator.com/D7487
2013-11-04 08:54:00 -08:00
James Rhodes
3e2efaf00e Disable CSRF checks on Git push when updating repository.
Summary: This disables CSRF checking around the `$repository->writeStatusMessage` so that pushing changes over HTTP to Git repositories doesn't fail miserably.

Test Plan: Applied this fix and I could `git push` to hosted repositories again.

Reviewers: epriestley, #blessed_reviewers

Reviewed By: epriestley

CC: Korvin, epriestley, aran

Maniphest Tasks: T4052

Differential Revision: https://secure.phabricator.com/D7490
2013-11-04 07:43:29 -08:00
James Rhodes
0ceb53bfae Fix issue where Git authentication would always 403 on non-public install.
Summary: This fixes an issue where Git authentication would always fail on an install with `policy.allow-public` set to false.  This is because when public access is allowed, anonymous users can query the user list.  However, when public access is not allowed, you have to be authenticated before you can read any of the user objects.

Test Plan:
Prior to this fix, I get:

```
james@james-laptop:~/git/8> git clone http://phabricator.local/diffusion/TEST/
Cloning into 'TEST'...
fatal: unable to access 'http://phabricator.local/diffusion/TEST/': The requested URL returned error: 403
```

when `policy.allow-public` is false.  After this fix I get:

```
james@james-laptop:~/git/8> git clone http://phabricator.local/diffusion/TEST/
Cloning into 'TEST'...
remote: Counting objects: 102, done.
remote: Compressing objects: 100% (71/71), done.
remote: Total 102 (delta 6), reused 0 (delta 0)
Receiving objects: 100% (102/102), 9.89 KiB | 0 bytes/s, done.
Resolving deltas: 100% (6/6), done.
Checking connectivity... done
```

Reviewers: epriestley, #blessed_reviewers

Reviewed By: epriestley

CC: Korvin, epriestley, aran

Maniphest Tasks: T4049

Differential Revision: https://secure.phabricator.com/D7489
2013-11-04 07:29:21 -08:00
epriestley
3dcef4f37b Minor, restore a missing "break;" that I derped somehow. 2013-11-02 18:18:12 -07:00
James Rhodes
24579e2956 Add phame.queryblog and phame.querypost Conduit calls.
Summary: This implements Conduit calls for querying Phame blogs and Phame posts.

Test Plan: Made some calls and they seem to generally work.

Reviewers: epriestley, #blessed_reviewers

Reviewed By: epriestley

CC: Korvin, epriestley, aran

Maniphest Tasks: T3695

Differential Revision: https://secure.phabricator.com/D7478
2013-11-02 16:31:30 -07:00
James Rhodes
10a9f6501f Support processing Remarkup in bulk with remarkup.processbulk Conduit method
Summary: This adds support for a Conduit method to process Remarkup content in bulk.  It also updates the `getEngineContexts` methods to support any missing contexts.

Test Plan: Ran the command and processed a few sets of text.

Reviewers: epriestley, #blessed_reviewers

Reviewed By: epriestley

CC: Korvin, epriestley, aran

Maniphest Tasks: T4046

Differential Revision: https://secure.phabricator.com/D7479
2013-11-02 16:30:11 -07:00
Chad Little
7498aec194 Fix Phriction email language
Summary: This adds pht's and such english to Phriction email body.

Test Plan: Edited a Document, Moved a Document. Got new emails. Such Wow.

Reviewers: epriestley, btrahan

Reviewed By: epriestley

CC: Korvin, epriestley, aran

Differential Revision: https://secure.phabricator.com/D7477
2013-11-02 08:43:53 -07:00
epriestley
cd674931fc When creating a repository in Diffusion, prompt for "Create" or "Import" first
Summary:
Ref T2230. This will need some more refinement, but basically it adds a "Create" vs "Import" step before we go through the paged workflow.

  - If you choose "Create", we skip the remote URI / auth stuff, and then set the "hosted" flag.
  - If you choose "Import", we do what we do now.

Test Plan: Created and imported repos.

Reviewers: btrahan

Reviewed By: btrahan

CC: aran

Maniphest Tasks: T2230

Differential Revision: https://secure.phabricator.com/D7475
2013-11-01 17:39:35 -07:00
epriestley
3607bd487c Survive pull/discover for hosted repositories in all VCSes
Summary:
Hosted repositories only sometimes survive the pull/discover phases right now, due to issues like:

  - Pull tries to `git clone`, but should `git init`.
  - Mercurial doesn't handle empty repositories with on branches.
  - SVN tries to connect to an invalid remote.
  - None of them set the INIT repo flag correctly, so status doesn't get updated properly in the UI.

Fix all this stuff.

Test Plan:
  - For each of Git, SVN and Mercurial:
    - Created a new repository from the web UI in a deactivated state.
    - Made it hosted.
    - Manually ran pull/discover.
    - Verified we end up with initialized, empty repositories in consistent states.

Reviewers: btrahan

Reviewed By: btrahan

CC: aran

Maniphest Tasks: T2230

Differential Revision: https://secure.phabricator.com/D7474
2013-11-01 17:36:30 -07:00
epriestley
a0e820ad9a Improve repository hinting and feedback
Summary:
  - Warn about "Read/Write" instead of disabling it, to prevent edits which mutate it after changing a hosted repository to an unhosted one.
  - Warn about authenticated connections with HTTPS auth disabled, and link to the relevant setting.
  - When "Autoclose" is disabled, show that "Autoclose Branches" won't have an effect.
  - For hosted repositories, show the HTTP and SSH clone URIs.
    - Make them easy to copy/paste.
    - Link to credential management.
    - Show if they're read-only.
    - This could be a bit nicer-looking than it is.

Test Plan: Looked at repositories in a bunch of states and made various edits to them.

Reviewers: btrahan, chad

Reviewed By: btrahan

CC: chad, aran

Maniphest Tasks: T2230

Differential Revision: https://secure.phabricator.com/D7471
2013-11-01 17:35:43 -07:00
epriestley
d1649d176f Mark IMPORTED_CHANGE more consistently
Summary:
See <https://github.com/facebook/phabricator/issues/425>. There are some ways that the change parsers may not reach `finishParse()`, but we now need them to in order to mark the commit imported, advance the progress bar, and eventually kick the repository out of IMPORTING status.

Take all the copy/pasted code in the parsers and move it into the parent. Specifically, this is:

  - Printing a status message about starting a parse;
  - checking for bad commits;
  - queueing the next parse stage; and
  - marking the import step complete.

Test Plan: Used `reparse.php --change` to reparse Git, SVN and Mercurial repos.

Reviewers: btrahan

Reviewed By: btrahan

CC: aran

Differential Revision: https://secure.phabricator.com/D7470
2013-11-01 12:54:10 -07:00
epriestley
43fd567ef4 Implement writes over HTTP for Git.
Summary: Depends on D7642.  This updates the authentication logic so that HTTP writes can be made to Git repositories hosted by Phabricator.

Test Plan: Set the policy to allow me to push and I was able to.  Changed the policy to disallow push and I was no longer able to push.

Reviewers: #blessed_reviewers, hach-que

Reviewed By: hach-que

CC: Korvin, epriestley, aran

Maniphest Tasks: T2230

Differential Revision: https://secure.phabricator.com/D7468
2013-11-01 08:44:37 -07:00
epriestley
0278b15ceb Implementation of VCS passwords against user.
Summary: This allows users to set their HTTP access passwords via Diffusion interface.

Test Plan: Clicked the "Set HTTP Access Password" link, set a password and saw it appear in the DB.

Reviewers: #blessed_reviewers, hach-que, btrahan

Reviewed By: hach-que

CC: Korvin, epriestley, aran, jamesr

Maniphest Tasks: T2230

Differential Revision: https://secure.phabricator.com/D7462
2013-11-01 08:34:11 -07:00
epriestley
40b0818207 Show additional status information during repository import
Summary:
Ref T2350. Fixes T2231.

  - Adds log flags around discovery.
  - Adds message flags for "needs update". This is basically an out-of-band hint to the daemons that a repository should be pulled sooner than normal. We set the flag when users push a revision, and expose a Conduit method that `arc land` will be able to use.

Test Plan: See screenshots.

Reviewers: btrahan, chad

Reviewed By: btrahan

CC: aran

Maniphest Tasks: T2350, T2231

Differential Revision: https://secure.phabricator.com/D7467
2013-10-31 15:46:57 -07:00
epriestley
2f7057ad99 Preserve linebreaks again in Summary / Test Plan for revisions
Summary:
I pulled these into the property list recently, which made them more consistent, but that dropped "preserve linebreaks". Since these usually come from the CLI, render with linebreaks preserved.

@csilvers, you'll need to `bin/cache purge --purge-remarkup` after this if you want to fix existing revisions.

Test Plan: Made a revision with some poetry, saw poetry preserved.

Reviewers: btrahan, csilvers

Reviewed By: btrahan

CC: csilvers, aran

Differential Revision: https://secure.phabricator.com/D7464
2013-10-30 17:20:06 -07:00
Aviv Eyal
2250ee6aa6 Allow null for token expiration date
Summary: At least under GitHub, the token value is stored as "null", and not missing. And `null > anything` is false, so Phabricator thinks the token is expired or not there.

Test Plan: http://ph.vm/settings/panel/external/ before shows "No OAuth Access Token," and after it says "Active OAuth Token".

Reviewers: epriestley, #blessed_reviewers

Reviewed By: epriestley

CC: Korvin, epriestley, aran

Differential Revision: https://secure.phabricator.com/D7466
2013-10-30 17:19:46 -07:00
epriestley
3a39b01233 Add "RepositoryStatusMessage" and detailed information about initilization
Summary:
`RepositoryStatusMessage` is basically a key/value table associated with a repository that I'm using to let the daemons store the most recent event of a given type, so we can easily show it on the status dashboard. I think this will be a lot easier for users to figure out than digging through logfiles.

I'm also going to write the "this needs a pull" status here eventually, for reducing the time lapse between pushes and discovery.

  - Add storage for these messages.
  - Have the pull engine populate the INIT phase. I'll do the FETCH phase next.
  - Update the status readout to show all the various states.

Test Plan: See screenshots.

Reviewers: btrahan

Reviewed By: btrahan

CC: aran

Differential Revision: https://secure.phabricator.com/D7461
2013-10-30 16:04:19 -07:00
Chad Little
edd8bea85b Clean up legalpad sign UI
Summary: Moves stuff to ObjectBox, Error UI

Test Plan: Signed Document, Missed a Form Field, Resigned Form Document. Fixes T4037

Reviewers: epriestley, btrahan

Reviewed By: epriestley

CC: Korvin, epriestley, aran

Differential Revision: https://secure.phabricator.com/D7463
2013-10-30 15:50:46 -07:00
epriestley
5ef4954a36 Remove "daemons not running" code from Repositories
Summary: This moved into Diffusion in D7458 and is now presented in a much cleaner, more targeted way.

Test Plan: Loaded `/repository/`.

Reviewers: btrahan

Reviewed By: btrahan

CC: aran

Differential Revision: https://secure.phabricator.com/D7459
2013-10-30 13:15:41 -07:00
epriestley
2d01da14fd Provide detailed status information about repository state/progress
Summary:
Replace the blanket "daemons not running" warning with a lot more specific detail, to try to make it easier for users to figure out how to set up repositories correctly.

The next change here will add some additional status information from the daemons, so this panel can report results in greater detail.

Test Plan: See screenshots.

Reviewers: btrahan, chad

Reviewed By: btrahan

CC: aran

Differential Revision: https://secure.phabricator.com/D7458
2013-10-30 13:15:32 -07:00
epriestley
93d7a1451b Clean up file browse view a bit
Summary:
  - Use DiffusionCommitQuery
  - Get rid of the "Author" column.
  - Collapse commit + revision together.
  - Better tooltips to cover for the removed information.
  - Colorize only the "line" column.
  - Generally, reduce the amount of visual noise and non-code-stuff going on in this interface.
  - I'd like to make the "<<" thing look nicer too but that might take some actual design.

Test Plan: See screenshots.

Reviewers: btrahan, chad

Reviewed By: chad

CC: chad, aran

Differential Revision: https://secure.phabricator.com/D7457
2013-10-30 13:15:26 -07:00
epriestley
d51ae49f61 Clean up Diffusion dedicated tag table view
Summary: Minor cleanup. Make the "imported" check less strict (we don't need owners or herald to show change status). Export the "imported" flag over Conduit.

Test Plan: Viewed tag table. Viewed partially imported repositories.

Reviewers: btrahan

Reviewed By: btrahan

CC: aran

Differential Revision: https://secure.phabricator.com/D7455
2013-10-30 13:15:14 -07:00
epriestley
bf2fffe264 Clean up dedicated branch table view
Summary: Swap to DiffusionCommitQuery, other minor cleanup.

Test Plan: Viewed page, forced error view and looked at it.

Reviewers: btrahan

Reviewed By: btrahan

CC: aran

Differential Revision: https://secure.phabricator.com/D7454
2013-10-30 13:14:56 -07:00
epriestley
05884e5042 Add a quoted body stripping pattern for "> On ... at ... wrote:"
Summary: See @scottmac's reply in T3982. It looks like his email client uses the standard quote string, but includes it in the quoted block.

Test Plan: Added a failing unit test, made it pass.

Reviewers: btrahan

Reviewed By: btrahan

CC: scottmac, aran

Differential Revision: https://secure.phabricator.com/D7440
2013-10-30 13:07:18 -07:00
epriestley
f08908ff35 Raise a setup warning for missing or invalid local repository directory
Summary: I'm planning to add more detailed info to Diffusion itself, but catch the big issue here.

Test Plan: Hit config issue locally, then resolved it.

Reviewers: btrahan

Reviewed By: btrahan

CC: aran

Differential Revision: https://secure.phabricator.com/D7439
2013-10-30 13:07:09 -07:00
epriestley
d5bc8197ec Remove "isUnparsed" flag from commits
Summary: The new "importStatus" property provides a much stronger and more consistent version of this flag. The only callsite was removed by D7452.

Test Plan: Used `grep` to check for callsites and found none.

Reviewers: btrahan

Reviewed By: btrahan

CC: aran

Differential Revision: https://secure.phabricator.com/D7453
2013-10-30 13:06:57 -07:00
epriestley
25656b311a Clean up Diffusion tag list query a bit
Summary:
  - Use DiffusionCommitQuery.
  - Use denormalized summary.
  - Use stronger "Importing" test.

Test Plan: Viewed `/diffusion/X/` for repos with tags. Saw tags; saw importing commits marked as "Importing" instead of "Unknown".

Reviewers: btrahan

Reviewed By: btrahan

CC: aran

Differential Revision: https://secure.phabricator.com/D7452
2013-10-30 13:06:43 -07:00
epriestley
d1c4b5081c Clean up Diffusion branch query a bit
Summary:
Ref T2716.

  - Serve from `DiffusionCommitQuery`, not `PhabricatorAuditCommitQuery` (which should probably die).
  - Fix logic for `limit`, which incorrectly failed to display the "Showing %d branches." text.
  - Clean up things a touch.
  - I didn't end up actually needing `needCommitData()`, but left it in there since I think it will be needed soon.
  - Removed a "TODO" because I don't remember what "etc etc" means.

Test Plan: Looked at branches in several repositories.

Reviewers: btrahan

Reviewed By: btrahan

CC: aran

Maniphest Tasks: T2716

Differential Revision: https://secure.phabricator.com/D7451
2013-10-30 13:06:28 -07:00
epriestley
70b53c49fd Fix an issue with viewing an undiscovered commit in Diffusion
Summary: If you load Diffusion between a repository being pulled and discovered, you can end up with a valid commit reference that hasn't been discovered yet. Don't fatal.

Test Plan: Saw somewhat-helpful error page instead of fatal.

Reviewers: btrahan

Reviewed By: btrahan

CC: aran

Differential Revision: https://secure.phabricator.com/D7448
2013-10-30 13:06:15 -07:00
epriestley
3bf372c60c Consolidate querying of things which we can use git for-each-ref for
Summary: Ref T2230. This cleans up D7442, by using `git for-each-ref` everywhere we can, in a basically reasonable way.

Test Plan:
In bare and non-bare repositories:

  - Ran discovery with `bin/repository discover`;
  - listed branches on `/diffusion/X/`;
  - listed tags on `/diffusion/X/`;
  - listed tags, branches and refs on `/diffusion/rXnnnn`.

Reviewers: btrahan, avivey

Reviewed By: avivey

CC: aran

Maniphest Tasks: T2230

Differential Revision: https://secure.phabricator.com/D7447
2013-10-30 13:06:09 -07:00
epriestley
7360688afb Conditionally restore some "remote/" stuff removed by rP59922b7
Summary: Fixes T4035. I removed these two "remote/" things in rP59922b7, but we need them for non-bare repositories. Without them, the commands work and run fine and the output looks OK, but the results may not reflect the correct information (e.g., the log shows the working copy's master, which may not be in the same state as origin/master). I'm going to generally clean this up, but unbreak it for now.

Test Plan: Viewed bare and non-bare repositories in Diffusion, got accurate history.

Reviewers: btrahan, hach-que

Reviewed By: btrahan

CC: aran, mbishopim3

Maniphest Tasks: T4035

Differential Revision: https://secure.phabricator.com/D7445
2013-10-30 13:06:03 -07:00
Chad Little
07d25b9640 Add Document PropertyList item to LegalPad
Summary: Makes Legalpad a little easier to grok.

Test Plan: View Document

Reviewers: epriestley, btrahan

Reviewed By: btrahan

CC: Korvin, epriestley, aran

Differential Revision: https://secure.phabricator.com/D7460
2013-10-30 12:45:13 -07:00
Chad Little
8babbb92cc Fix warning panel on large commits
Summary: The warning panel on large commits in diffusion was being overrun with other styles. Fixes T3952

Test Plan: test on a large commit

Reviewers: epriestley

Reviewed By: epriestley

CC: Korvin, epriestley, aran

Maniphest Tasks: T3952

Differential Revision: https://secure.phabricator.com/D7456
2013-10-30 09:20:48 -07:00
epriestley
24a5d0505a Add a "Description" header to the repository view for consistency
Summary: We don't have a section header on `/diffusion/X/` for descriptions right now. Add one to improve consistency.

Test Plan: Looked at a repository.

Reviewers: chad, btrahan

Reviewed By: chad

CC: aran

Differential Revision: https://secure.phabricator.com/D7449
2013-10-30 08:21:16 -07:00
Chad Little
5fdae4b6eb Add q/a subheaders to ponder
Summary: Helps make it seem more q/a like and consistent.

Test Plan: Look at question

Reviewers: epriestley

Reviewed By: epriestley

CC: Korvin, epriestley, aran

Differential Revision: https://secure.phabricator.com/D7450
2013-10-30 08:10:05 -07:00
epriestley
29c7de621e Split exceptionally huge revision titles into the summary
Summary: Fixes T4034.

Test Plan: See screenshot.

Reviewers: spicyj, btrahan

Reviewed By: spicyj

CC: aran

Maniphest Tasks: T4034

Differential Revision: https://secure.phabricator.com/D7443
2013-10-29 21:19:51 -07:00
epriestley
19124554d8 Fix various branch/ref issues with bare repositories in Git
Summary:
Ref T2230. Although all the non-bare commands //run// fine in bare repos, not all of them do exactly the same thing.

This could use further cleanup, but at least get it working again for now.

Test Plan: Ran `bin/repository pull`, `bin/repository discover`, viewed Diffusion (looked at branch table), viewed a commit (looked at "Branches"), for bare and non-bare git repos.

Reviewers: avive, btrahan, avivey

Reviewed By: avivey

CC: aran

Maniphest Tasks: T2230

Differential Revision: https://secure.phabricator.com/D7442
2013-10-29 21:04:38 -07:00
Chad Little
cdcfbb69a0 CSS Tweaks to reviewers status list
Summary: Updates the review status list to align better inside property lists. Alsu uses the default colors a bit more. This removes an overflow hidden on the value side, but that shouldnt cause any issues, given it has plenty of space.

Test Plan: tested differential and audit, highlighted and not.

Reviewers: epriestley

Reviewed By: epriestley

CC: Korvin, epriestley, aran

Differential Revision: https://secure.phabricator.com/D7441
2013-10-29 20:26:41 -07:00
Dean Reilly
62edbb8e21 Treat relocated files as added files in svn worker.
Summary:
Relocated files aren't treated as newly created files by the worker. This
can lead to the worker trying to look up information about deleted files
in the wrong location.

Test Plan: See T4030

Reviewers: #blessed_reviewers, epriestley

Reviewed By: epriestley

CC: epriestley, aran

Maniphest Tasks: T4030

Differential Revision: https://secure.phabricator.com/D7432
2013-10-29 20:11:06 -07:00
Chad Little
00d9aae894 Merge branch 'master' of github.com:facebook/phabricator 2013-10-29 16:13:49 -07:00
Chad Little
f82cb0e063 Clean up Phriction History View
Summary: Fixes T4028, makes the table a bit easier to read and navigate changesets.

Test Plan: Tested a big history, back to original and latest.

Reviewers: epriestley, btrahan

CC: Korvin, epriestley, aran

Maniphest Tasks: T4028

Differential Revision: https://secure.phabricator.com/D7438
2013-10-29 16:07:13 -07:00
epriestley
c749fcc192 Reject SCP-style URIs with explicit protocols in Diffusion
Summary:
Fixes T3619. These URIs are valid:

  git@domain.com:/path        (Git SCP-style implicit SSH)
  ssh://git@domain.com/path   (Explicit SSH)

This URI, arrived at by adding "ssh://" to the front of an SCP-style URI, is not:

  ssh://git@domain.com:/path

Detect URIs in this form and reject them. See T3619.

Test Plan:
{F75486}

Also set some valid URIs.

Reviewers: btrahan

Reviewed By: btrahan

CC: aran

Maniphest Tasks: T3619

Differential Revision: https://secure.phabricator.com/D7431
2013-10-29 15:32:51 -07:00
epriestley
59922b78b9 Make Phabricator clone bare git repositories
Summary:
This doesn't really impact anything very much, but is a little cleaner than cloning repositories with a working copy. It's somewhat important for allowing pushes, because you can't push to a checked-out branch.

Mercurial has a similar option (`--noupdate`) but leave that alone for now.

The origin stuff was mostly for sanity/explicitness purposes -- I believe it's safe to remove in all non-ridiculous cases. Git fails with it in bare repositories (it automatically creates an `origin`, but doesn't create the local refs for it, or something).

Test Plan: Nuked a repo, re-cloned it, pulled and updated it several times. Browsed both bare and non-bare repos in Diffusion.

Reviewers: btrahan

Reviewed By: btrahan

CC: aran

Maniphest Tasks: T2230

Differential Revision: https://secure.phabricator.com/D7430
2013-10-29 15:32:41 -07:00
epriestley
d8bda7c66e Add an "importing" state to repositories and clean up the UI
Summary:
Fixes T3217. Ref T776. Ref T1493. Broadly, this introduces a mechanism which works like this:

  - When a repository is created, we set an "importing" flag.
  - After discovery completes, we check if a repository has no importing commits. Basically, this is the first time we catch up to HEAD.
  - If we're caught up, clear the "importing" flag.

This flag lets us fix some issues:

  - T3217. Currently, when you import a new repository and users have rules like "Email me on every commit ever" or "trigger an audit on every commit", we take a bunch of publish actions. Instead, implicitly disable publishing during import.
  - An imported but un-pulled repository currently has an incomprehensible error on `/diffusion/X/`. Fix that.
  - Show more cues in the UI about importing.
  - Made some exceptions more specific.

Test Plan:
This is the new screen for a completely new repo, replacing a giant exception:

{F75443}

  - Created a repository, saw it "importing".
  - Pulled and discovered it.
  - Processed its commits.
  - Ran discovery again, saw import flag clear.
  - Also this repository was empty, which hit some of the other code.

This is the new "parsed empty repository" UI, which isn't good, but is less broken:

{F75446}

Reviewers: btrahan

Reviewed By: btrahan

CC: aran, hach-que

Maniphest Tasks: T3607, T1493, T776, T3217

Differential Revision: https://secure.phabricator.com/D7429
2013-10-29 15:32:41 -07:00
epriestley
9125095587 Distinguish between empty and unparsed commits in Diffusion
Summary:
Fixes T3416. Fixes T1733.

  - Adds a flag to the commit table showing whether or not we have parsed it.
  - The flag is set to `0` initially when the commit is discovered.
  - The flag is set to `1` when the changes are parsed.
  - The UI can now use the flag to distinguish between "empty commit" and "commit which we haven't imported changes for yet".
  - Simplify rendering code a little bit.
  - Fix an issue with the Message parser for empty commits.
  - There's a key on the flag so we can do `SELECT * FROM repository_commit WHERE repositoryID = %d AND importStatus = 0 LIMIT 1` soon, to determine if a repository is fully imported or not. This will let us improve the UI (Ref T776, Ref T3217).

Test Plan:
  - Ran `bin/storage upgrade -f`.
  - Created an empty commit.
  - Without the daemons running, ran `bin/repository pull GTEST` and `bin/repository discover GTEST`.
  - Viewed web UI to get the first screenshot ("Still Importing...").
  - Ran the message and change steps with `scripts/repository/reparse.php`.
  - Viewed web UI to get the second screenshot ("Empty Commit").

Reviewers: btrahan

Reviewed By: btrahan

CC: aran

Maniphest Tasks: T776, T1733, T3416, T3217

Differential Revision: https://secure.phabricator.com/D7428
2013-10-29 15:32:41 -07:00
epriestley
0965f0041a Don't pull updates for repositories marked as hosted
Summary:
  - Don't try to pull hosted repos.
  - Also, fix the `--verbose` + `--trace` interaction for `bin/repository`.
  - Also, fix a couple of unit tests which got tweaked earlier.

Test Plan:
  $ ./bin/repository pull GTEST --verbose
  Pulling 'GTEST'...
  Repository "GTEST" is hosted, so Phabricator does not pull updates for it.
  Done.

Reviewers: btrahan, hach-que

Reviewed By: hach-que

CC: aran

Maniphest Tasks: T2230

Differential Revision: https://secure.phabricator.com/D7427
2013-10-29 15:32:41 -07:00
epriestley
d02202cde2 Enable "SSH Keys" auth panel unconditionally
Summary: We've had support for this for a long time, but it was conditional on config. Since it more-or-less actually does something now, just enable it unconditionally.

Test Plan: Settings -> SSH Public Keys

Reviewers: btrahan

Reviewed By: btrahan

CC: hach-que, aran

Maniphest Tasks: T2230

Differential Revision: https://secure.phabricator.com/D7426
2013-10-29 15:32:41 -07:00
epriestley
c6665b1907 Serve git writes over SSH
Summary: Looks like this is pretty straightforward; same as the reads except mark it as needing PUSH.

Test Plan: Ran `git push`, pushed over SSH to a hosted repo.

Reviewers: btrahan

Reviewed By: btrahan

CC: hach-que, aran

Maniphest Tasks: T2230

Differential Revision: https://secure.phabricator.com/D7425
2013-10-29 15:32:41 -07:00
epriestley
9a2e45ef12 Serve Git reads over SSH
Summary: Like D7423, but for SSH.

Test Plan: Ran `git clone ssh://...`, got a clone.

Reviewers: btrahan

Reviewed By: btrahan

CC: hach-que, aran

Maniphest Tasks: T2230

Differential Revision: https://secure.phabricator.com/D7424
2013-10-29 15:32:40 -07:00
epriestley
7d9dfb561d Serve Git reads over HTTP
Summary: Mostly ripped from D7391. No writes yet.

Test Plan: Ran `git clone` against a local over HTTP, got a clone.

Reviewers: btrahan, hach-que

Reviewed By: hach-que

CC: aran

Maniphest Tasks: T2230

Differential Revision: https://secure.phabricator.com/D7423
2013-10-29 15:32:40 -07:00
epriestley
bb4904553f Route some VCS connections over SSH
Summary:
  - Add web UI for configuring SSH hosting.
  - Route git reads (`git-upload-pack` over SSH).

Test Plan:
  >>> orbital ~ $ git clone ssh://127.0.0.1/
  Cloning into '127.0.0.1'...
  Exception: Unrecognized repository path "/". Expected a path like "/diffusion/X/".
  fatal: Could not read from remote repository.

  Please make sure you have the correct access rights
  and the repository exists.
  >>> orbital ~ $ git clone ssh://127.0.0.1/diffusion/X/
  Cloning into 'X'...
  Exception: No repository "X" exists!
  fatal: Could not read from remote repository.

  Please make sure you have the correct access rights
  and the repository exists.
  >>> orbital ~ $ git clone ssh://127.0.0.1/diffusion/MT/
  Cloning into 'MT'...
  Exception: This repository is not available over SSH.
  fatal: Could not read from remote repository.

  Please make sure you have the correct access rights
  and the repository exists.
  >>> orbital ~ $ git clone ssh://127.0.0.1/diffusion/P/
  Cloning into 'P'...
  Exception: TODO: Implement serve over SSH.
  fatal: Could not read from remote repository.

  Please make sure you have the correct access rights
  and the repository exists.

Reviewers: btrahan

Reviewed By: btrahan

CC: hach-que, aran

Maniphest Tasks: T2230

Differential Revision: https://secure.phabricator.com/D7421
2013-10-29 15:32:40 -07:00
epriestley
888b3839e7 Prepare to route VCS connections through SSH
Summary:
Fixes T2229. This sets the stage for a patch similar to D7417, but for SSH. In particular, SSH 6.2 introduced an `AuthorizedKeysCommand` directive, which lets us do this in a mostly-reasonable way without needing users to patch sshd (if they have a recent enough version, at least).

The way the `AuthorizedKeysCommand` works is that it gets run and produces an `authorized_keys`-style file fragment. This isn't ideal, because we have to dump every key into the result, but should be fine for most installs. The earlier patch against `sshd` passes the public key itself, which allows the script to just look up the key. We might use this eventually, since it can scale much better, so I haven't removed it.

Generally, auth is split into two scripts now which mostly do the same thing:

  - `ssh-auth` is the AuthorizedKeysCommand auth, which takes nothing and dumps the whole keyfile.
  - `ssh-auth-key` is the slightly cleaner and more scalable (but patch-dependent) version, which takes the public key and dumps only matching options.

I also reworked the argument parsing to be a bit more sane.

Test Plan:
This is somewhat-intentionally a bit obtuse since I don't really want anyone using it yet, but basically:

  - Copy `phabricator-ssh-hook.sh` to somewhere like `/usr/libexec/openssh/`, chown it `root` and chmod it `500`.
    - This script should probably also do a username check in the future.
  - Create a copy of `sshd_config` and fix the paths/etc. Point the KeyScript at your copy of the hook.
  - Start a copy of sshd (6.2 or newer) with `-f <your config file>` and maybe `-d -d -d` to foreground and debug.
  - Run `ssh -p 2222 localhost` or similar.

Specifically, I did this setup and then ran a bunch of commands like:

  - `ssh host` (denied, no command)
  - `ssh host ls` (denied, not supported)
  - `echo '{}' | ssh host conduit conduit.ping` (works)

Reviewers: btrahan

Reviewed By: btrahan

CC: hach-que, aran

Maniphest Tasks: T2229, T2230

Differential Revision: https://secure.phabricator.com/D7419
2013-10-29 15:32:40 -07:00
epriestley
c7f23f522a Accept and route VCS HTTP requests
Summary:
Mostly ripped from D7391, with some changes:

  - Serve repositories at `/diffusion/X/`, with no special `/git/` or `/serve/` URI component.
    - This requires a little bit of magic, but I got the magic working for Git, Mercurial and SVN, and it seems reasonable.
    - I think having one URI for everything will make it easier for users to understand.
    - One downside is that git will clone into `X` by default, but I think that's not a big deal, and we can work around that in the future easily enough.
  - Accept HTTP requests for Git, SVN and Mercurial repositories.
  - Auth logic is a little different in order to be more consistent with how other things work.
  - Instead of AphrontBasicAuthResponse, added "VCSResponse". Mercurial can print strings we send it on the CLI if we're careful, so support that. I did a fair amount of digging and didn't have any luck with git or svn.
  - Commands we don't know about are assumed to require "Push" capability by default.

No actual VCS data going over the wire yet.

Test Plan:
Ran a bunch of stuff like this:

  $ hg clone http://local.aphront.com:8080/diffusion/P/
  abort: HTTP Error 403: This repository is not available over HTTP.

...and got pretty reasonable-seeming errors in all cases. All this can do is produce errors for now.

Reviewers: hach-que, btrahan

Reviewed By: hach-que

CC: aran

Maniphest Tasks: T2230

Differential Revision: https://secure.phabricator.com/D7417
2013-10-29 15:32:40 -07:00
epriestley
bb35f8ec9f Add hosting, serving, and push policy options to repository edit
Summary:
Basically straight from D7391. The differences are basically:

  - Policy stuff is all application-scope instead of global-scope.
  - Made a few strings a little nicer.
  - Deleted a bit of dead code.
  - Added a big "THIS DOESN'T WORK YET" warning.

Test Plan: See screenshots.

Reviewers: hach-que, btrahan

Reviewed By: hach-que

CC: aran

Maniphest Tasks: T2230

Differential Revision: https://secure.phabricator.com/D7416
2013-10-29 15:32:40 -07:00
epriestley
86fe020a97 Add global "push" policy to Repositories
Summary: No editing or view yet, just adds the schema and a policy default. Part of D7391.

Test Plan: `bin/storage upgrade`

Reviewers: hach-que, btrahan

Reviewed By: hach-que

CC: aran

Maniphest Tasks: T2230

Differential Revision: https://secure.phabricator.com/D7415
2013-10-29 15:32:40 -07:00
epriestley
ba63c5e426 Ship "Repositories" create button to new Diffusion workflow
Summary: Ref T2231. Get rid of the old create controller and make the button go to the new stuff instead. This will eventually get cleaned up more, but I don't have a clear plan for Arcanist Projects yet.

Test Plan: Clicked button, hit new workflow.

Reviewers: btrahan

Reviewed By: btrahan

CC: aran

Maniphest Tasks: T2231

Differential Revision: https://secure.phabricator.com/D7414
2013-10-29 15:32:39 -07:00
epriestley
5f6ea9f662 Activate the new Repository creation workflow
Summary:
Ref T2231. This:

  - Activates the new multi-step workflow, and exposes it in the UI.
  - Adds "can create", "default view" and "default edit" capabilities.
  - Provides a default value for `repository.default-local-path` and forces repositories into it by default. It's still editable, but Phabricator gets it correct (for some definition of correct) by default now.

Test Plan: Created some new repositories with the new workflow.

Reviewers: btrahan

Reviewed By: btrahan

CC: aran

Maniphest Tasks: T1286, T2231

Differential Revision: https://secure.phabricator.com/D7413
2013-10-29 15:32:39 -07:00
epriestley
c585f97e90 Remove horrible old repository edit controller
Summary:
Ref T2231. I didn't port these options over, so they're still supported but have no edit UI:

  - Pull Frequency (confusing/not useful, I think?)
  - Default Owners Path (probably used only by Facebook and only in the E repository)
  - Show user in public repository URL (probably mostly obsolete with hosting?)

We can add those back if users notice, but they seem like the three least useful options so I'm going to see if we can get away with removing them.

Test Plan: Clicked "Edit" from Repositories, got kicked into the nice new Diffusion edit UI instead of the old one.

Reviewers: btrahan

Reviewed By: btrahan

CC: aran

Maniphest Tasks: T2231

Differential Revision: https://secure.phabricator.com/D7410
2013-10-29 15:32:39 -07:00
Chad Little
6bdedfe679 Add ObjectBox to Condiut Cert Page
Summary: adds a box, Fixes T4033

Test Plan: look at box

Reviewers: epriestley

Reviewed By: epriestley

CC: Korvin, epriestley, aran

Maniphest Tasks: T4033

Differential Revision: https://secure.phabricator.com/D7437
2013-10-29 14:54:10 -07:00
epriestley
d1ed816e61 Move "Delete Repository" stuff to Diffusion
Summary: Ref T2231. This just moves the "Delete" dialog from Repositories to Diffusion. This dialog just shows instructions and isn't interesting.

Test Plan: {F75093}

Reviewers: btrahan, chad

Reviewed By: chad

CC: aran

Maniphest Tasks: T2231

Differential Revision: https://secure.phabricator.com/D7412
2013-10-29 12:26:07 -07:00
epriestley
7c23960de8 Use status header stuff for "Edit Repository"
Summary: Ref T2231. Use status info element instead of tags.

Test Plan: {F75092}

Reviewers: chad, btrahan

Reviewed By: chad

CC: aran

Maniphest Tasks: T2231

Differential Revision: https://secure.phabricator.com/D7411
2013-10-29 12:24:03 -07:00
epriestley
c4cdb5c5f0 Move editing "Local Path" to modern UI/controller/etc
Summary: Fixes T1286. Ref T2231. See previous diffs; same as the others but does "Local Path".

Test Plan: See screenshots.

Reviewers: btrahan

Reviewed By: btrahan

CC: aran

Maniphest Tasks: T1286, T2231

Differential Revision: https://secure.phabricator.com/D7409
2013-10-29 12:20:26 -07:00
epriestley
796db9f9c6 Sort out application crumbs in new repository edit workflow
Summary: Ref T2231. Crumbs in the Diffusion edit workflow are a bit wonky, with stuff like "rP (master)" which isn't very useful and no link back to the main "Edit" page. Make them consistent across all the screens.

Test Plan: Loaded a bunch of these screens and saw sane crumbs on all of them.

Reviewers: btrahan

Reviewed By: btrahan

CC: aran

Maniphest Tasks: T2231

Differential Revision: https://secure.phabricator.com/D7407
2013-10-25 15:58:58 -07:00
epriestley
1975bdfb36 Work around a bug in PHP 5.3-ish with abstract methods in interfaces
Summary:
@chad is hitting an issue described in P961, which I think is this bug in PHP: https://bugs.php.net/bug.php?id=43200

Work around it by defining a "PHIDInterface" and having both "Flaggable" and "Policy" extend it, so that there is only one `getPHID()` declaration.

Test Plan: shrug~

Reviewers: chad, btrahan

Reviewed By: chad

CC: chad, aran

Differential Revision: https://secure.phabricator.com/D7408
2013-10-25 15:58:17 -07:00
epriestley
e81bad9ba2 Improve consistency of policy enforcement on new repository edit UI
Summary: Ref T2231. The policy rules are a little murky right now: the "Edit Repository" link requires CAN_EDIT, but the actualy page doesn't. Instead, require CAN_EDIT for the edit page.

Test Plan: As a user without CAN_EDIT, viewed a repository and clicked the edit link.

Reviewers: btrahan

Reviewed By: btrahan

CC: aran

Maniphest Tasks: T2231

Differential Revision: https://secure.phabricator.com/D7406
2013-10-25 15:58:02 -07:00
epriestley
b57b72368c Move "Remote URI" to modern repository editor thing
Summary:
Ref T2231. Allows you to edit the remote URI and credentials.

This is a little bit funky because I'm reusing some of the pages on the new (not-yet-hooked-up) create form. Specifically, it had pages like this:

  - Repo Type
  - Name/Callsign/Remote
  - Auth
  - Done

I split "Name/Callsign/Remote" into "Name/Callsign" and "Remote", then when editing the remote I just take you through "Remote" and "Auth" and then back. This lets us reuse the giant pile of protocol/URI sanity checking logic and ends up being pretty clean, although it's a little weird that the "Create" controller does both full-create and edit-remote.

Test Plan: See screenshots.

Reviewers: btrahan, chad

Reviewed By: btrahan

CC: chad, aran

Maniphest Tasks: T2231

Differential Revision: https://secure.phabricator.com/D7405
2013-10-25 13:59:02 -07:00
epriestley
52d4e66883 Move repository actions (notify, autoclose) to new UI
Summary: Ref T2231. Brings "Notify/Publish" and "Autoclose" to the new UI.

Test Plan: See screenshots.

Reviewers: btrahan, chad

Reviewed By: btrahan

CC: aran

Maniphest Tasks: T2231

Differential Revision: https://secure.phabricator.com/D7402
2013-10-25 13:58:15 -07:00
epriestley
49670e1a56 Move Subversion repository information to the new interface
Summary: Ref T2231. Moves "UUID" and "Subpath/Import Only" to Diffusion.

Test Plan: See screenshots.

Reviewers: btrahan, chad

Reviewed By: btrahan

CC: aran

Maniphest Tasks: T2231

Differential Revision: https://secure.phabricator.com/D7400
2013-10-25 13:58:03 -07:00
epriestley
dcb0b1b64f Add support for branch-related configuration to new Repository edit workflow
Summary: Ref T2231. Modernizes editing "Default Branch", "Track Only", and "Autoclose Only".

Test Plan: See screenshots.

Reviewers: btrahan, chad

Reviewed By: btrahan

CC: aran

Maniphest Tasks: T2231

Differential Revision: https://secure.phabricator.com/D7399
2013-10-25 13:57:14 -07:00
Bob Trahan
64f3c9b3da Forgot a pht on my last diff
Summary: also add a few more words

Test Plan: looks good!

Reviewers: epriestley

Reviewed By: epriestley

CC: Korvin, epriestley, aran

Differential Revision: https://secure.phabricator.com/D7404
2013-10-25 12:57:42 -07:00
Bob Trahan
da84546058 Add filter by object ability to flag query
Summary: See title. Fixes T1809.

Test Plan:
verified each type that has flaggable interface still can be flagged

verified that new custom query filter works

Reviewers: epriestley

Reviewed By: epriestley

CC: Korvin, epriestley, aran

Maniphest Tasks: T1809

Differential Revision: https://secure.phabricator.com/D7392
2013-10-25 12:52:00 -07:00
Erik Fercak
203d82083a Allow prefilling a task's assignee by his PHID
Summary: Some scripts might find it easier to work with PHIDs instead of user names.

Test Plan:
Use ?assign=<username> and ?assign=<PHID-USER> with the create task URI.
See assignee input being filled correctly.

Reviewers: #blessed_reviewers, epriestley

Reviewed By: epriestley

CC: epriestley, aran, Korvin

Differential Revision: https://secure.phabricator.com/D7401
2013-10-25 11:35:35 -07:00
Chad Little
e478706769 PHUIInfoPanel
Summary: First cut of an 'info panel' for phabricator. Basic concept is for display a list of items with a bit more info and depth and an object item list. Projects could be a good first example.

Test Plan: UIExamples

Reviewers: epriestley, btrahan

Reviewed By: epriestley

CC: Korvin, epriestley, aran

Differential Revision: https://secure.phabricator.com/D7398
2013-10-25 11:09:06 -07:00
Erik Fercak
1fb2f39fc0 Enable prefilling of projects and priority fields in Maniphest task creation
Summary:
Projects and priority inputs can be prefilled similar to how title
and description fields work.

Prefilling of projects already worked but used PHIDs instead of
more user friendly name so I changed that too.

Test Plan:
Visit [[/maniphest/task/create/?projects=Maniphest;Easy&priority=100&assign=vrana&title=Hip-hip&description=hooray!|example]]
and see prefilled form fields.

Reviewers: epriestley, #blessed_reviewers

Reviewed By: epriestley

CC: Korvin, epriestley, aran

Differential Revision: https://secure.phabricator.com/D7394
2013-10-25 10:20:32 -07:00
epriestley
0c2b4dbfff Fix header of "Change Password" form
Summary: Fixes T4025.

Test Plan: {F74873}

Reviewers: btrahan, chad

Reviewed By: chad

CC: aran

Maniphest Tasks: T4025

Differential Revision: https://secure.phabricator.com/D7395
2013-10-25 08:57:35 -07:00
epriestley
9e87172166 Make remarkup rules runtime-pluggable in a reasonable way
Summary:
Gets rid of some old Differential-specific nonsense and replaces it with general runtime-pluggable Remarkup rules.

Facebook: This removes two options which may be in use. Have any classes being added via config here just subclass the new abstract bases instead. This should take 5 seconds to fix. You can adjust order by overriding `getPriority()` on the rules, if necessary.

Test Plan: See comments.

Reviewers: btrahan

Reviewed By: btrahan

CC: FacebookPOC, andrewjcg, aran

Differential Revision: https://secure.phabricator.com/D7393
2013-10-24 17:26:07 -07:00
Chad Little
87a440888d Minor Differential CSS
Summary: More Diffusion/Differential touch ups, ToC, etc.

Test Plan: Look at colors, see that they match or look better.

Reviewers: epriestley, btrahan

Reviewed By: btrahan

CC: Korvin, epriestley, aran

Maniphest Tasks: T3952

Differential Revision: https://secure.phabricator.com/D7386
2013-10-23 13:35:20 -07:00
Chad Little
18931ec4c0 Update Apps Installed icons to match Projects.
Summary: Changes to checkmark and crossed circle to match active projects

Test Plan: installed and uninstalled an application. poor conpherence.

Reviewers: epriestley, btrahan

Reviewed By: btrahan

CC: Korvin, epriestley, aran

Differential Revision: https://secure.phabricator.com/D7390
2013-10-23 13:28:47 -07:00
Chad Little
2b21b4e880 Add search app icon
Summary: It's an icon. For Search. Fixes T3966

Test Plan: Search

Reviewers: epriestley, btrahan

Reviewed By: epriestley

CC: Korvin, epriestley, aran

Maniphest Tasks: T3966

Differential Revision: https://secure.phabricator.com/D7389
2013-10-23 11:30:52 -07:00
epriestley
2c3d071a26 Improve exception behavior for Herald commit rules which fail to load diff context
Summary:
This code is a little funky right now, and can return `array("error message")` and then try to call `getHunks()` on it. Additionally, each field loads the commit's changes separately.

Instead, load the commit's changes once and cache them, and handle exceptions appropriately.

Test Plan:
  - Created a rule like "changed, added, removed content all match /.*/" to force all fields to generate.
  - Ran it successfully.
  - Faked an error and ran it, got reasonable results.

Reviewers: btrahan

Reviewed By: btrahan

CC: bigo, aran

Differential Revision: https://secure.phabricator.com/D7384
2013-10-23 08:28:58 -07:00
epriestley
b5a009337f Harbormaster v(-2)
Summary:
Ref T1049. I don't really want to sink too much time into this right now, but a seemingly reasonable architecture came to me in a dream. Here's a high-level overview of how things fit together:

  - **"Build"**: In Harbormaster, "build" means any process we want to run against a working copy. It might actually be building an executable, but it might also be running lint, running unit tests, generating documentation, generating symbols, running a deploy, setting up a sandcastle, etc.
  - `HarbormasterBuildable`: A "buildable" is some piece of code which build operations can run on. Generally, this is either a Differential diff or a Diffusion commit. The Buildable class just wraps those objects and provides a layer of abstraction. Currently, you can manually create a buildable from a commit. In the future, this will be done automatically.
  - `HarbormasterBuildStep`: A "build step" is an individual build operation, like "run lint", "run unit", "build docs", etc. The step defines how to perform the operation (for example, "run unit tests by executing 'arc unit'"). In this diff, this barely exists.
  - `HarbormasterBuildPlan`: This glues together build steps into groups or sequences. For example, you might want to "run unit", and then "deploy" if the tests pass. You can create a build plan which says "run step "unit tests", then run step "deploy" on success" or whatever. In the future, these will also contain triggers/conditions ("Automatically run this build plan against every commit") and probably be able to define failure actions ("If this plan fails, send someone an email"). Because build plans will run commands, only administrators can manage them.
  - `HarbormasterBuild`: This is the concrete result of running a `BuildPlan` against a `Buildable`. It tracks the build status and collects results, so you can see if the build is running/successful/failed. A `Buildable` may have several `Build`s, because you can execute more than one `BuildPlan` against it. For example, you might have a "documentation" build plan which you run continuously against HEAD, but a "unit" build plan which you want to run against every commit.
  - `HarbormasterBuildTarget`: This is the concrete result of running a `BuildStep` against a `Buildable`. These are children of `Build`. A step might be able to produce multiple targets, but generally this is something like "Unit Tests" or "Lint" and has an overall status, so you can see at a glance that unit tests were fine but lint had some issues.
  - `HarbormasterBuildItem`: An optional subitem for a target. For lint, this might be an individual file. For unit tests, an individual test. For normal builds, an executable. For deploys, a server. For documentation generation, there might just not be subitems.
  - `HarbormasterBuildLog`: Provides extra information, like command/execution transcripts. This is where stdout/stderr will get dumped, and general details and other messages.
  - `HarbormasterBuildArtifact`: Stores side effects or results from build steps. For example, something which builds a binary might put the binary in "Files" and then put its PHID here. Unit tests might put coverage information here. Generally, any build step which produces some high-level output object can use this table to record its existence.

This diff implements almost nothing and does nothing useful, but puts most of these object relationships in place. The two major things you can't easily do with these objects are:

  1) Run arbitrary cron jobs. Jenkins does this, but it feels tacked on and I don't know of anyone using it for that. We could create fake Buildables to get a similar effect, but if we need to do this I'd rather do it elsewhere in general. Build and cron/service/monitoring feel like pretty different problems to me.
  2) Run parameterized/matrix steps (maybe?). Bamboo has this plan/stage/task/job breakdown where a build step can generate a zillion actual jobs, like "build client on x86", "build server on x86", "build client on ARM", "build server on ARM", etc. We can sort of do this by having a Step map to multiple Targets, but I haven't really thought about it too much and it may end up being not-great. I'd guess we have like an 80% chance of getting a clean implementation if/when we get there. I suspect no one actually needs this, or when they do they'll just implement a custom Step and it can be parameterized at that level. I'm not too worried about this overall.

The major difference between this and Jenkins/Bamboo/TravisCI is that all three of those are **plan-centric**: the primary object in the system is a build plan, and the dashboard shows you all your build plans and the current status. I don't think this is the right model. One disadvantage is that you basically end up with top-level messaging that says "Trunk is broken", not "Trunk was broken by commit af32f392f". Harbormaster is **buildable-centric**: the primary object in the system is stuff you can run build operations against (commits/branches/revisions), and actual build plans are secondary. The main view will be "recent commits on this branch, and whether they're good or not" -- which I think is what's most important in a larger/more complex product -- not the pass/fail status of all jobs. This also makes it easier and more natural to integrate with Differential and Diffusion, which both care about the overall status of the commit/revision, not the current status of jobs.

Test Plan: Poked around, but this doesn't really do anything yet.

Reviewers: btrahan

Reviewed By: btrahan

CC: zeeg, chad, aran, seporaitis

Maniphest Tasks: T1049

Differential Revision: https://secure.phabricator.com/D7368
2013-10-22 15:01:06 -07:00
epriestley
fd27538e89 Add project history and title strings
Summary: Ref T4010. Adds a history page and restores the transaction title strings, which previously sort-of existed in the defunct feed story class.

Test Plan: See screenshots.

Reviewers: chad, btrahan

Reviewed By: chad

CC: aran

Maniphest Tasks: T4010

Differential Revision: https://secure.phabricator.com/D7371
2013-10-22 13:49:37 -07:00
epriestley
9b89e137cf Move Project transaction storage to modern tables
Summary:
Ref T4010. Projects have a weird proto-version of ApplicationTransactions which is very similar but not quite the same.

Move the storage to a modern format, but keep all the other code for now.

Test Plan: Migrated project transactions; edited projects.

Reviewers: btrahan, chad

Reviewed By: btrahan

CC: aran

Maniphest Tasks: T4010

Differential Revision: https://secure.phabricator.com/D7370
2013-10-22 13:49:28 -07:00
epriestley
90b83d7a92 Fix logged-out Diffusion calls to Conduit
Summary:
Conduit doesn't currently have an analog to "shouldAllowPublic", so the recent policy checks added here caught legitimate Conduit calls when viewing Diffusion as a logged-out user.

Add `shouldAllowPublic()` and set it for all the Diffusion queries.

(More calls probably need this, but we can add it when we hit them.)

Test Plan: Looked at Diffusion as a logged-out user with public access enabled.

Reviewers: btrahan

Reviewed By: btrahan

CC: aran

Differential Revision: https://secure.phabricator.com/D7380
2013-10-22 13:47:52 -07:00
epriestley
7dd31a16d9 Fix chatlog application query integration
Summary: `class_exists()` is case-insensitive, but `PhabricatorApplication::getByClass()` is not.

Test Plan: Fixed unit test to fail, then fixed code to pass unit test.

Reviewers: btrahan

Reviewed By: btrahan

CC: aran

Differential Revision: https://secure.phabricator.com/D7379
2013-10-22 13:47:47 -07:00
epriestley
d7a276346f Add a secret board view to Projects
Summary:
Ref T1344. This is //very// rough. Some UI issues:

  - Empty states for the board and columns are junky.
  - Column widths are crazy. I think we need to set them to fixed-width, since we may have an arbitrarily large number of columns?
  - I don't think we have the header UI elements in M10 yet and that mock is pretty old, so I sort of very roughly approximated it.
  - What should we do when you click a task title? Popping the whole task in a dialog is possible but needs a bunch of work to actually work. Might need to build "sheets" or something.
  - Icons are slightly clipped for some reason.
  - All the backend stuff is totally faked.

Generally, my plan is just to use these to implement all of T390. Specifically:

  - "Kanban" projects will have "Backlog" on the left. You'll drag them toward the right as you make progress.
  - "Milestone" projects will have "No Milestone" on the left, then "Milestone 9", "Milestone 8", etc.
  - "Sprint" projects will have "Backlog" on the left, then "Sprint 31", "Sprint 30", etc.

So all of these things end up being pretty much exactly the same, with some minor text changes and new columns showing up on the left vs the right or whatever.

Test Plan: See screenshot.

Reviewers: chad, btrahan

Reviewed By: btrahan

CC: chad, aran, sascha-egerer

Maniphest Tasks: T1344

Differential Revision: https://secure.phabricator.com/D7374
2013-10-21 21:11:36 -07:00
epriestley
2a5c987c71 Lock policy queries to their applications
Summary:
While we mostly have reasonable effective object accessibility when you lock a user out of an application, it's primarily enforced at the controller level. Users can still, e.g., load the handles of objects they can't actually see. Instead, lock the queries to the applications so that you can, e.g., never load a revision if you don't have access to Differential.

This has several parts:

  - For PolicyAware queries, provide an application class name method.
  - If the query specifies a class name and the user doesn't have permission to use it, fail the entire query unconditionally.
  - For handles, simplify query construction and count all the PHIDs as "restricted" so we get a UI full of "restricted" instead of "unknown" handles.

Test Plan:
  - Added a unit test to verify I got all the class names right.
  - Browsed around, logged in/out as a normal user with public policies on and off.
  - Browsed around, logged in/out as a restricted user with public policies on and off. With restrictions, saw all traces of restricted apps removed or restricted.

Reviewers: btrahan

Reviewed By: btrahan

CC: aran

Differential Revision: https://secure.phabricator.com/D7367
2013-10-21 17:20:27 -07:00
epriestley
32dd8af9e5 Reduce surface area of DifferentialComment API
Summary:
Ref T2222. Shrink the API to make it easier to move this object's storage to ApplicationTransactions.

Fixes T3415. This moves the "Summary" and "Test Plan" into the property list, and thereby fixes all the attribution problems associated with commandeering, creating a revision from another user's diff, etc.

Test Plan: Browsed several revisions.

Reviewers: btrahan

Reviewed By: btrahan

CC: aran

Maniphest Tasks: T3415, T2222

Differential Revision: https://secure.phabricator.com/D7375
2013-10-21 17:01:27 -07:00
epriestley
cf1c06e157 Add custom field storage to Projects
Summary: Ref T4010. Adds storage and indexes for custom fields. These tables are the same as people/maniphest/differential.

Test Plan: Ran `bin/storage upgrade`.

Reviewers: chad, btrahan

Reviewed By: chad

CC: aran

Maniphest Tasks: T4010

Differential Revision: https://secure.phabricator.com/D7369
2013-10-21 17:01:13 -07:00
epriestley
8994a81b35 Make event-triggered actions more aware of application access
Summary:
Fixes T3675.

  - Maniphest had a couple of old non-event listeners; move them to events.
  - Make most of the similar listeners a little more similar.
  - Add checks for access to the application.

Test Plan:
  - Viewed profile, project, task, revision.
  - Clicked all the actions.
  - Blocked access to various applications and verified the actions vanished.

Reviewers: btrahan

Reviewed By: btrahan

CC: aran

Maniphest Tasks: T3675

Differential Revision: https://secure.phabricator.com/D7365
2013-10-21 17:00:50 -07:00
epriestley
d66972c9f2 Tie application event listeners to the applications they listen for
Summary:
Ref T3675. Some of these listeners shouldn't do their thing if the viewer doesn't have access to an application (for example, users without access to Differential should not be able to "Edit Tasks"). Set the stage for that:

  - Introduce `PhabricatorEventListener`, which has an application.
  - Populate this for event listeners installed by applications.
  - Rename the "PeopleMenu" listeners to "ActionMenu" listeners, which better describes their modern behavior.

This doesn't actually change any behaviors.

Test Plan: Viewed Maniphest, Differntial, People.

Reviewers: btrahan, chad

Reviewed By: btrahan

CC: aran

Maniphest Tasks: T3675

Differential Revision: https://secure.phabricator.com/D7364
2013-10-21 17:00:21 -07:00
epriestley
c69beb7988 Stop writes to the old Relationship table
Summary: Ref T1279. The new stuff seems stable, so stop writes to the old tables.

Test Plan:
  - Added and removed reviewers.
  - Grepped for `::RELATIONSHIP_TABLE` to verify we really have no more reads.
  - Grepped for `::RELATION_REVIEWER`.

Reviewers: btrahan

Reviewed By: btrahan

CC: aran

Maniphest Tasks: T1279

Differential Revision: https://secure.phabricator.com/D7360
2013-10-21 16:59:22 -07:00
epriestley
7fedfacbca Add capabilities for editing task triage details (priority, assignee, etc)
Summary:
This is primarily a client request, and a little bit use-case specific, but policies seem to be holding up well and I'm getting more comfortable about maintaining this. Much if it can run through ApplicationTransactions.

Allow the ability to edit status, policies, priorities, assignees and projects of a task to be restricted to some subset of users. Also allow bulk edit to be locked. This affects the editor itself and the edit, view and list interfaces.

Test Plan: As a restricted user, created, edited and commented on tasks. Tried to drag them around.

Reviewers: btrahan

Reviewed By: btrahan

CC: aran

Differential Revision: https://secure.phabricator.com/D7357
2013-10-21 16:59:06 -07:00
epriestley
00bf47f973 Fix "Manage herald rules" link by removing it
Summary: Fixes T4001. I broke this some time ago and no one has complained. I don't think it gets much use, and we haven't added it for the newer apps. Just get rid of it rather than adapt the URIs for ApplicationSearch.

Test Plan: Unit tests, sent myself some email.

Reviewers: zeeg, btrahan

Reviewed By: btrahan

CC: aran

Maniphest Tasks: T4001

Differential Revision: https://secure.phabricator.com/D7355
2013-10-21 16:58:56 -07:00
epriestley
baf2ea5b32 Remove "ManiphestTransactionEditorPro"
Summary: Drop the "Pro" bit.

Test Plan: Created/edited tasks, moved tasks around, generally made a mess. Nothing burned down.

Reviewers: btrahan

Reviewed By: btrahan

CC: aran

Differential Revision: https://secure.phabricator.com/D7352
2013-10-21 16:58:37 -07:00
epriestley
83c99be423 Clean up supplemental capabilitiy checks in transaction edits
Summary:
We have this commented-out chunk of code now which was originally buggy and is now just nonfunctional.

For now, the core edit types don't always require CAN_EDIT (e.g., subscribe, comment, add edges), except for editing the edit policy itself, which always does. Add a supplemental capability check there and let everything else go through with CAN_VIEW. We can buff the policy checks on application editors over time, they all require appropriate capabilities to get to in the first place anyway.

Test Plan: Created and edited some tasks without getting overwhelmed with policy exceptions.

Reviewers: btrahan

Reviewed By: btrahan

CC: aran

Differential Revision: https://secure.phabricator.com/D7351
2013-10-21 16:58:21 -07:00
epriestley
f5c7dd68d2 Clean up some ordering and strata edge cases in Phrequent
Summary:
Ref T3569. Two issues:

  # Since `sort()` is not stable, instantaneous events (ending on the same second they start) would sometime sort wrong and produce the wrong results. Guarantee they sort correctly.
  # Because events can end at any time, there are some additional special cases the algorithm didn't handle properly. Draw a bunch of ASCII art diagrams so these cases work properly.

Test Plan:
  - No more fatal when tracking an object for the first time.
  - Unit tests.

Reviewers: btrahan

Reviewed By: btrahan

CC: skyronic, aran

Maniphest Tasks: T3569

Differential Revision: https://secure.phabricator.com/D7350
2013-10-21 16:58:12 -07:00
epriestley
da9a362169 Shuffle project information around on detail page
Summary:
Ref T4007. Fixes T4009. Ref T4008.

  - Move blurb to a text section.
  - Make it render as remarkup.
  - Put policy information and status information in header.

Test Plan: See screenshot.

Reviewers: chad, btrahan

Reviewed By: chad

CC: aran

Maniphest Tasks: T4009, T4007, T4008

Differential Revision: https://secure.phabricator.com/D7373
2013-10-21 11:34:45 -07:00
epriestley
ee254b5c2a Remove PhabricatorFeedStoryManiphest and ManiphestAction
Summary:
I'll hold this for a couple weeks.

These classes are now only used to render legacy feed stories. I don't plan to migrate the stories since I don't think they're particularly valuable, and migrating them would be complex and time consuming.

With these classes removed, legacy Maniphest feed stories simply vanish from feed.

Test Plan: `grep`, viewed feed, verified it worked but omitted old-style stories.

Reviewers: btrahan

Reviewed By: btrahan

CC: aran

Differential Revision: https://secure.phabricator.com/D7114
2013-10-20 16:13:34 -07:00
epriestley
31c474a7ff Duct-tape the "z" haunted comment panel mode back together
Summary: Fixes T3898. This feature needs generalization at some point, but just unbreak it for now since a surprising number of users like it.

Test Plan: Pressed "z".

Reviewers: chad, btrahan

Reviewed By: chad

CC: chad, aran, spicyj

Maniphest Tasks: T3898

Differential Revision: https://secure.phabricator.com/D7366
2013-10-19 16:43:33 -07:00
epriestley
3643fe1498 Use property tabs in Files
Summary:
See screenshots. Some simplifications:

  - Tabbed and non-tabbed lists are now allowed to be mixed. We just make the non-tabbed lists permanent and put them on the bottom (e.g., image and audio data in Files).
  - You can provide a tab name instead of an entire tab object and we'll build an object for you.
  - We respect `setSelected()` on the tab objects now.

Test Plan: See screenshots.

Reviewers: chad, btrahan

Reviewed By: chad

CC: chad, aran

Differential Revision: https://secure.phabricator.com/D7362
2013-10-19 12:08:06 -07:00
epriestley
2228029201 Wire up object box tabs
Summary: Make tabs do stuff when you click 'em.

Test Plan:
  - Clicked object box tabs in UIExample.
  - Viewed some existing non-tab UIs (Differential, Maniphest).
  - Viewed some existing non-tab, multiple-list UIs (Diffusion).
  - Grepped for methods I changed.

Reviewers: chad, btrahan

Reviewed By: chad

CC: aran

Differential Revision: https://secure.phabricator.com/D7361
2013-10-19 12:07:50 -07:00
epriestley
f010730e49 Migrate all Differential inline comments to ApplicationTransactions
Summary:
Ref T2222. This implements step (1) described there, which is moving over all the inline comments.

The old and new tables are simliar. The only real trick here is that `transactionPHID` and `legacyCommentID` mean roughly the same thing (`null` if the inline is a draft, non-null if it has been submitted) but we don't have real `transactionPHID`s yet. We just make some up -- we'll backfill them later.

Two risks here:

  - I need to take a second look at the keys on this table. I think we need to tweak them a bit, and it will be less disruptive to do that before this migration than after.
  - This will take a while for Facebook, and other large installs with tens of thousands of revisions. I'll communicate this.

I'm otherwise pretty satisfied with this, seems to work well and is pretty low risk / non-disruptive.

Test Plan:
  - Before migrating, then after migrating:
    - Made a bunch of inlines (drafts, submitted).
    - Edited and deleted inlines.
    - Verified inlines showed up in preview.
    - Verified that inlines aren't indexed when they're drafts (`bin/search index D935`).
    - Verified that inlines ARE indexed when they're not drafts.
    - Verified that drafts inlines make revisions appear as "with draft" in the revision list.
  - Made left, right, and draft inlines.
  - Migrated (`bin/storage upgrade`).
  - Verified that my inlines from before the migration still showed up.
  - (Repeated all the stuff above.)
  - Manually inspected the inline comment table.

Reviewers: btrahan

Reviewed By: btrahan

CC: FacebookPOC, aran

Maniphest Tasks: T2222

Differential Revision: https://secure.phabricator.com/D7139
2013-10-19 05:03:25 -07:00
epriestley
7180199d13 Fix daemon auth issue
Summary: I touched this code recently but it needs an unusual special case because we call through with the "omnipotent user" from the daemons. As per the TODO below, this will all get cleaned up at some point.

Test Plan: Will make @poop verify.

Reviewers: btrahan, poop

Reviewed By: poop

CC: poop, aran

Differential Revision: https://secure.phabricator.com/D7356
2013-10-18 18:29:36 -07:00
epriestley
7e815a06f8 Fix audio editing!
Summary: This capability was replaced with an application-wide "manage" capability. It's checked for just above.

Test Plan: Edited audio!

Reviewers: btrahan, ljalonen, chad

Reviewed By: chad

CC: aran

Differential Revision: https://secure.phabricator.com/D7353
2013-10-18 16:23:16 -07:00
epriestley
943080a4de Make Phrequent time accounting aware of the stack
Summary:
Ref T3569. Fixes T3567. When figuring out how much time has been spent on an object, subtract "preemptive" events which interrupted the object.

Also, make the UI look vaguely sane:

{F72773}

Test Plan: Added a bunch of unit tests, mucked around in the UI.

Reviewers: btrahan

Reviewed By: btrahan

CC: hach-que, skyronic, aran

Maniphest Tasks: T3567, T3569

Differential Revision: https://secure.phabricator.com/D7349
2013-10-18 12:47:36 -07:00
epriestley
0b22777f68 Remove UI warnings about policies being a janky mess
Summary: Ref T603. While policies aren't completely perfect, they are substantially functional to the best of my knowledge -- definitely in good enough shape that we want to hear about issues with them, now.

Test Plan: Edited a task, repository, and project.

Reviewers: btrahan

Reviewed By: btrahan

CC: aran

Maniphest Tasks: T603

Differential Revision: https://secure.phabricator.com/D7343
2013-10-17 12:59:40 -07:00
epriestley
5171e3684c Require application "Can Use" capability to call Conduit methods
Summary: Ref T603. If you don't have access to an application, prevent execution of its (authenticated) methods.

Test Plan: Restricted Tokens to only admins, then tried to view/call Token methods as a non-admin.

Reviewers: btrahan

Reviewed By: btrahan

CC: aran

Maniphest Tasks: T603

Differential Revision: https://secure.phabricator.com/D7342
2013-10-17 12:51:19 -07:00
epriestley
32dca4b553 Fix lightbox downloads for embeded images and a warning
Summary:
I refactored this recently and accidentally dropped the download URI.

Also fix a warning with, e.g., files named `README`.

Test Plan: Clicked a thumb, clicked "Download", got a file.

Reviewers: chad, btrahan, dctrwatson

Reviewed By: chad

CC: aran

Differential Revision: https://secure.phabricator.com/D7341
2013-10-17 11:21:01 -07:00
epriestley
95c2b03fc8 Distinguish between invalid/broken handles and filtered handles
Summary:
Ref T603. Currently, we render handles the user doesn't have permission to see in a manner identical to handles that don't exist. This is confusing, and not required by policies (which restrict content, but permit knowledge that an object exists).

Instead, render them in different styles. Bad/invalid objects look like:

  Unknown Object (Task)

Restricted objects look like:

  [o] Restricted Task

...where `[o]` is the padlock icon.

Test Plan:
{F71100}

{F71101}

It's possible this renders weird somewhere, but I wasn't immediately able to find any issues. Yell if you see something.

Reviewers: btrahan, chad

Reviewed By: btrahan

CC: chad, aran

Maniphest Tasks: T603

Differential Revision: https://secure.phabricator.com/D7334
2013-10-17 10:49:21 -07:00
epriestley
cf8d7da292 Add some missing non-context translations
Summary: We're missing some strings here.

Test Plan: {F71857}

Reviewers: btrahan

Reviewed By: btrahan

CC: aran

Differential Revision: https://secure.phabricator.com/D7340
2013-10-17 10:48:44 -07:00
epriestley
4f05736175 Add an icon+background selector for project images
Summary: Makes it easy to choose distinctive icons for projects.

Test Plan:
{F71018}

{F71020}

{F71019}

{F71021}

Reviewers: btrahan, chad

Reviewed By: chad

CC: chad, aran

Differential Revision: https://secure.phabricator.com/D7333
2013-10-17 09:32:34 -07:00
Jakub Vrana
a9a3bdf3cc Delete unintentional phlog()
Leaked in D7329.
2013-10-16 13:59:23 -07:00
Chad Little
89d35b98c8 Misc Diffusion/Differential CSS tweaks
Summary: Various tweaks and fixes. Adds a File Contents view in Diffusion, normalizes spaces, colors.

Test Plan: tested differential and diffusion in my sandbox.

Reviewers: epriestley, btrahan

Reviewed By: epriestley

CC: Korvin, epriestley, aran

Maniphest Tasks: T3952

Differential Revision: https://secure.phabricator.com/D7325
2013-10-16 13:09:12 -07:00
epriestley
314673f4f6 Fix an issue with rendering PHID lists containing null in Maniphest
Summary: See IRC. Someone got a `null` in CCPHIDs somehow. Moving to subscriptions should prevent this, but paper over it for now.

Test Plan: Will have @dctrwatson check.

Reviewers: btrahan, dctrwatson

Reviewed By: btrahan

CC: dctrwatson, aran

Differential Revision: https://secure.phabricator.com/D7330
2013-10-16 12:46:34 -07:00
epriestley
3410cbd53e Add application and object level policy controls to Countdown
Summary: Ref T603. Give countdowns proper UI-level policy controls, and an application-level default policy. Put policy information in the header.

Test Plan:
  - Adjusted default policy.
  - Created new countdowns.
  - Edited countdowns.

Reviewers: btrahan

Reviewed By: btrahan

CC: aran

Maniphest Tasks: T603

Differential Revision: https://secure.phabricator.com/D7322
2013-10-16 10:36:08 -07:00
epriestley
e381022bc7 Provide application and object level policy controls in Slowvote
Summary: Ref T603. Gives the create/edit interface a policy control, and adds an application-level default.

Test Plan: Created and edited polls.

Reviewers: btrahan

Reviewed By: btrahan

CC: aran

Maniphest Tasks: T603

Differential Revision: https://secure.phabricator.com/D7321
2013-10-16 10:36:00 -07:00
epriestley
8c1c6fec5a Modernize policies in Paste and Macro
Summary:
Ref T603. Fixes T2823. This updates Paste and Macro.

  - **Paste**
    - Added default view policy.
    - I didn't add a "create" policy, since I can't come up with any realistic scenario where you'd give users access to pastes but not let them create them.
  - **Macro**
    - Added a "manage" policy, which covers creating and editing macros. This lets an install only allow "People With An Approved Sense of Humor" or whatever to create macros.
    - Removed the "edit" policy, since giving individual users access to specific macros doesn't make much sense to me.
    - Changed the view policy to the "most public" policy the install allows.
    - Added view policy information to the header.

Also fix a couple of minor things in Maniphest.

Test Plan:
  - Set Paste policy, created pastes via web and Conduit, saw they got the right default policies.
  - Set Macro policy, tried to create/edit macros with valid and unauthorized users.

Reviewers: btrahan

Reviewed By: btrahan

CC: aran

Maniphest Tasks: T2823, T603

Differential Revision: https://secure.phabricator.com/D7317
2013-10-16 10:35:52 -07:00
Jakub Vrana
29391a658e Disallow <! in <script>
Summary:
HTML5 has this crazy script escaping states:

- Script data escaped dash dash state
- Script data double escaped state

https://communities.coverity.com/blogs/security/2012/11/16/did-i-do-that-html-5-js-escapers-3

Perhaps `<!` is too aggressive but I didn't spend much time searching for a more fine grained expression.

Test Plan: Searched for `renderInlineScript()`.

Reviewers: epriestley

Reviewed By: epriestley

CC: Korvin, epriestley, aran

Differential Revision: https://secure.phabricator.com/D7329
2013-10-16 09:28:37 -07:00
Chad Little
451dfb9afb Differential Changeset header icons
Summary: Adds filetype icons, applying to differential file headers. The main issue is with all the lightening, I wanted something to still anchor 'new file' on the page and adding a sharp icons does that pretty well for me. Feedback is cool too.

Test Plan: Add some new icons, test in previous commits.

Reviewers: epriestley, btrahan

Reviewed By: epriestley

CC: Korvin, epriestley, aran

Differential Revision: https://secure.phabricator.com/D7320
2013-10-15 07:34:48 -07:00
epriestley
19968e31f4 Generalize Herald account sources
Summary: The "user" and "user/project" sources exclude system agents and disabled users, but should not.

Test Plan: Added system agents to Herald rules.

Reviewers: btrahan, bigo

Reviewed By: bigo

CC: aran

Differential Revision: https://secure.phabricator.com/D7319
2013-10-14 19:38:35 -07:00
epriestley
76dfeb95ba Allow "Custom" policies to be selected in the policy control
Summary: Ref T603. When a user selects "Custom", we pop open the rules dialog and let them create a new rule or edit the existing rule.

Test Plan: Set some objects to have custom policies.

Reviewers: btrahan

Reviewed By: btrahan

CC: aran

Maniphest Tasks: T603

Differential Revision: https://secure.phabricator.com/D7300
2013-10-14 16:59:16 -07:00
epriestley
3a4c08d7f1 Simplify custom policies before saving, and reject meaningless policies
Summary:
Ref T603. Do a little more sanity checking on custom policies, so policies like this:

  [ Allow ] [ Users ] [ <no users> ]

...that don't specify anything and thus which aren't meaningful raise errors.

Test Plan: {F69570}

Reviewers: btrahan

Reviewed By: btrahan

CC: aran

Maniphest Tasks: T603

Differential Revision: https://secure.phabricator.com/D7314
2013-10-14 16:48:41 -07:00
Chad Little
d2895249ee Add Persona login icon
Summary: Adds the new icon 1x and 2x

Test Plan: photoshop

Reviewers: epriestley

Reviewed By: epriestley

CC: Korvin, epriestley, aran

Maniphest Tasks: T3958

Differential Revision: https://secure.phabricator.com/D7316
2013-10-14 16:33:49 -07:00
Scott MacVicar
4d1709651e [releeph] Conduit failure with bad IDs
Summary:
Instead of returning a blank result it throws exceptions. Fix this up a
little so we get some consistency with differential

Test Plan:
Loaded a bad phid for releeph, returns empty list.
Try a good phid and get 2 releeph merges.

Reviewers: epriestley, elenaperezrioja, dschleimer, #blessed_reviewers

Reviewed By: epriestley

CC: Korvin, epriestley, aran

Differential Revision: https://secure.phabricator.com/D7302
2013-10-14 16:07:17 -07:00
epriestley
c4abf160cc Fix some file policy issues and add a "Query Workspace"
Summary:
Ref T603. Several issues here:

  1. Currently, `FileQuery` does not actually respect object attachment edges when doing policy checks. Everything else works fine, but this was missing an `array_keys()`.
  2. Once that's fixed, we hit a bunch of recursion issues. For example, when loading a User we load the profile picture, and then that loads the User, and that loads the profile picture, etc.
  3. Introduce a "Query Workspace", which holds objects we know we've loaded and know we can see but haven't finished filtering and/or attaching data to. This allows subqueries to look up objects instead of querying for them.
    - We can probably generalize this a bit to make a few other queries more efficient. Pholio currently has a similar (but less general) "mock cache". However, it's keyed by ID instead of PHID so it's not easy to reuse this right now.

This is a bit complex for the problem being solved, but I think it's the cleanest approach and I believe the primitive will be useful in the future.

Test Plan: Looked at pastes, macros, mocks and projects as a logged-in and logged-out user.

Reviewers: btrahan

Reviewed By: btrahan

CC: aran

Maniphest Tasks: T603

Differential Revision: https://secure.phabricator.com/D7309
2013-10-14 14:36:06 -07:00
epriestley
073cb0e78c Make PhabricatorPolicyInterface require a getPHID() method
Summary:
Ref T603. This cleans up an existing callsite in the policy filter, and opens up some stuff in the future.

Some policy objects don't have real PHIDs:

  PhabricatorTokenGiven
  PhabricatorSavedQuery
  PhabricatorNamedQuery
  PhrequentUserTime
  PhabricatorFlag
  PhabricatorDaemonLog
  PhabricatorConduitMethodCallLog
  ConduitAPIMethod
  PhabricatorChatLogEvent
  PhabricatorChatLogChannel

Although it would be reasonable to add real PHIDs to some of these (like `ChatLogChannel`), it probably doesn't make much sense for others (`DaemonLog`, `MethodCallLog`). Just let them return `null`.

Also remove some duplicate `$id` and `$phid` properties. These are declared on `PhabricatorLiskDAO` and do not need to be redeclared.

Test Plan: Ran the `testEverythingImplemented` unit test, which verifies that all classes conform to the interface.

Reviewers: btrahan

Reviewed By: btrahan

CC: aran

Maniphest Tasks: T603

Differential Revision: https://secure.phabricator.com/D7306
2013-10-14 14:35:47 -07:00
epriestley
0ce4f6d176 Add Persona auth provider
Summary: Ref T3958. Adds a provider for Mozilla's Persona auth.

Test Plan:
  - Created a Persona provider.
  - Registered a new account with Persona.
  - Logged in with Persona.
  - Linked an account with Persona.
  - Dissolved an account link with Persona.

Reviewers: btrahan

Reviewed By: btrahan

CC: aran

Maniphest Tasks: T3958

Differential Revision: https://secure.phabricator.com/D7313
2013-10-14 14:34:57 -07:00
epriestley
502c6f2d48 Render public content as "Public" in headers, not "Public (No Login Required)"
Summary:
Ref T603. Although I think the parenthetical is valuable when //setting// policies to make sure no one accidentally opens content up, it's super annoying in headers.

This makes headers say "Public". Everything else still says "Public (No Login Required)".

Test Plan: {F69469}

Reviewers: chad, btrahan

Reviewed By: chad

CC: aran

Maniphest Tasks: T603

Differential Revision: https://secure.phabricator.com/D7310
2013-10-14 14:17:25 -07:00
Bob Trahan
cb64bef3c5 Maniphest - make instructions !assign savvy
Summary: forgot this in last diff.  Ref T3937.

Test Plan: looks good

Reviewers: epriestley

Reviewed By: epriestley

CC: Korvin, epriestley, aran

Maniphest Tasks: T3937

Differential Revision: https://secure.phabricator.com/D7308
2013-10-14 12:33:38 -07:00
Bob Trahan
d0127f95e5 Maniphest - add support for !assign command
Summary:
also try to centralize some of the command parsing logic. note that differential is still an exception here. it uses a whitelist-style regex. i think long-term we should have this for every app but changing it seemed too big for this diff.

Fixes T3937.

Test Plan:
echo '!assign btrahan' | ./bin/mail receive-test --as xerxes --to T22 ; echo '!claim' | ./bin/mail receive-test --as xerxes --to T22

unit tests passed, though my new one is silly

Reviewers: epriestley

Reviewed By: epriestley

CC: Korvin, epriestley, aran

Maniphest Tasks: T3937

Differential Revision: https://secure.phabricator.com/D7307
2013-10-14 12:29:41 -07:00
epriestley
13178ec279 Prepare the policy rule edit endpoint for integration
Summary: Ref T603. Allow the endpoint to take an existing policy PHID to populate the editor and return a useful datastructure.

Test Plan: In the next revision, actually hooked this up.

Reviewers: btrahan

Reviewed By: btrahan

CC: aran

Maniphest Tasks: T603

Differential Revision: https://secure.phabricator.com/D7299
2013-10-14 12:07:31 -07:00
epriestley
5e5b7576a6 Make PhabricatorPolicyQuery a CursorPagedPolicyAwareQuery
Summary:
Ref T603. Make these actually implement policy interfaces, so shared infrastructure (like handle loading) works as expected. They don't actually have meaningful policies, and we short circuit all the checks.

(I don't plan to let you set policy controls on policies themselves)

Test Plan: Loaded handles for Policy objects via common infrastructure.

Reviewers: btrahan

Reviewed By: btrahan

CC: aran

Maniphest Tasks: T603

Differential Revision: https://secure.phabricator.com/D7298
2013-10-14 12:06:52 -07:00
epriestley
7364a3bedd Add some missing strings for custom policies
Summary: Ref T603. Fix/provide some rendering stuff related to custom policies.

Test Plan: After setting stuff to custom policies (made easier by future diffs), looked at the various places strings appear in the UI and saw more sensible ones.

Reviewers: btrahan

Reviewed By: btrahan

CC: aran

Maniphest Tasks: T603

Differential Revision: https://secure.phabricator.com/D7297
2013-10-14 12:05:43 -07:00
epriestley
6c1b00fa40 Rename ACTION_ACCEPT into ACTION_ALLOW
Summary: Ref T603. This is "Allow" in the UI, I just mistyped it when I created the constant.

Test Plan: `grep`

Reviewers: btrahan

Reviewed By: btrahan

CC: aran

Maniphest Tasks: T603

Differential Revision: https://secure.phabricator.com/D7296
2013-10-14 12:05:11 -07:00
epriestley
67b17239b8 Allow custom policies to be loaded and exeucuted by the policy filter
Summary: Ref T603. Adds code to actually execute custom policies. (There's still no way to select them in the UI.)

Test Plan:
  - Added and executed unit tests.
  - Edited policies in existing applications.

Reviewers: btrahan

Reviewed By: btrahan

CC: aran

Maniphest Tasks: T603

Differential Revision: https://secure.phabricator.com/D7292
2013-10-14 11:46:14 -07:00
Chad Little
4733a8ef14 Add border, transparent indicators to images in file property view
Summary: Fixes T3950. This centers the images, adds a thin blue border, and a transparent background.

Test Plan: Tested a file in Files, Diffusion, and Macro.

Reviewers: epriestley, btrahan

Reviewed By: epriestley

CC: Korvin, epriestley, aran

Maniphest Tasks: T3950

Differential Revision: https://secure.phabricator.com/D7305
2013-10-14 11:40:19 -07:00
Chad Little
503f413789 Clean up spacing on Diffusion headers
Summary: This adds some controllable space between paths in Diffusion headers. Fixes T3951

Test Plan: Tested new links in diffusion.

Reviewers: epriestley

Reviewed By: epriestley

CC: Korvin, epriestley, aran

Maniphest Tasks: T3951

Differential Revision: https://secure.phabricator.com/D7304
2013-10-14 09:40:05 -07:00
epriestley
5af031ec9b Make the policy control a JS dropdown with icons
Summary: Ref T603. After thinking about this for a bit I can't really come up with anything better than what Facebook does, so I'm going to implement something similar for choosing custom policies. To start with, swap this over to a JS-driven dropdown.

Test Plan: See screenshot.

Reviewers: chad, btrahan

Reviewed By: btrahan

CC: chad, aran

Maniphest Tasks: T603

Differential Revision: https://secure.phabricator.com/D7285
2013-10-12 17:08:11 -07:00
Chad Little
538d8f27b5 Fix empty property list in Phriction
Summary: Fixes T3944

Test Plan: Will test on secure

Reviewers: epriestley, staticshock

CC: Korvin, epriestley, aran

Maniphest Tasks: T3944

Differential Revision: https://secure.phabricator.com/D7291
2013-10-11 14:20:21 -07:00
Chad Little
97c690fc0f PHUIPropertyListView
Summary: This builds out and implements PHUIPropertyListView (container) and PHUIPropertyListItemView (section) as well as adding tabs.

Test Plan: Tested each page I edited with the exception of Releeph and Phortune, though those changes look ok to me diff wise. Updated examples page with tabs.

Reviewers: epriestley, btrahan

Reviewed By: epriestley

CC: Korvin, epriestley, aran

Differential Revision: https://secure.phabricator.com/D7283
2013-10-11 07:53:56 -07:00
Asher Baker
f8d963a77e Rename "Upload Image" dialog to "Upload File" to match purpose
Summary: Fixes T3940.

Test Plan: Clicked button, looked at dialog.

Reviewers: epriestley, #blessed_reviewers

Reviewed By: epriestley

CC: nmalcolm, Korvin, epriestley, aran

Maniphest Tasks: T3940

Differential Revision: https://secure.phabricator.com/D7287
2013-10-11 05:15:45 -07:00
epriestley
5899ae08b3 Add storage for custom policies
Summary: Ref T603. Allows custom policies to be saved. No integration with policy controls yet.

Test Plan:
  mysql> select * from policy where id = 3\G
  *************************** 1. row ***************************
             id: 3
           phid: PHID-PLCY-e4v2fnbyuibi4supl5tn
          rules: [{"action":"allow","rule":"PhabricatorPolicyRuleAdministrators","value":null},{"action":"allow","rule":"PhabricatorPolicyRuleProjects","value":["PHID-PROJ-cwovm5gn2ilubjehcdgd"]},{"action":"allow","rule":"PhabricatorPolicyRuleLunarPhase","value":"new"}]
  defaultAction: deny
    dateCreated: 1381437466
   dateModified: 1381437466
  1 row in set (0.00 sec)

Reviewers: btrahan

Reviewed By: btrahan

CC: aran

Maniphest Tasks: T603

Differential Revision: https://secure.phabricator.com/D7282
2013-10-10 16:09:51 -07:00
Bob Trahan
db71bf6128 Fix issue reported from github
Summary:
we filter the $actors above such that its possible to have no $actor anymore (if $actor is not a deliverable email address). ergo, make sure we have actor before we start calling methods.

Fixes github issue 403

Test Plan: logic on this one - not 100% sure how to easily reproduce

Reviewers: epriestley

Reviewed By: epriestley

CC: Korvin, epriestley, aran

Differential Revision: https://secure.phabricator.com/D7284
2013-10-10 15:17:37 -07:00
Asher Baker
ff4fa1885b Improve pagination in ChatLog application
Summary:
- Add an extra paginator at the top.
- Add a link to jump to the bottom (where the latest messages are).
- Align paginators with edge of content rather than the page.

Test Plan: Looked at the chatlog.

Reviewers: epriestley, chad, #blessed_reviewers

CC: chad, Korvin, epriestley, aran

Differential Revision: https://secure.phabricator.com/D7280
2013-10-10 04:49:04 -07:00
Asher Baker
8cc64a9678 Add a 'create' policy to Project
Summary: UX on this could probably be better 'disabled' crumbs don't appear to have any visible difference, and the policy error has to load the /create page rather than being a modal - not sure on the way to fix these.

Test Plan: Tried to create a project with and without access, saw suitable error.

Reviewers: epriestley, #blessed_reviewers

CC: Korvin, epriestley, aran

Differential Revision: https://secure.phabricator.com/D7279
2013-10-10 04:33:18 -07:00
epriestley
c39b10aa7a Fix non-public capabilities in Application edit
Summary: Ref T603. I nuked this check by accident and neglected to test the negative case.

Test Plan: Saved a non-public policy (Herald Global) and a public policy (Maniphest View).

Reviewers: asherkin, btrahan

Reviewed By: asherkin

CC: aran

Maniphest Tasks: T603

Differential Revision: https://secure.phabricator.com/D7278
2013-10-09 16:23:36 -07:00
Asher Baker
e3005fad09 Hide Audit information on Home when the application is uninstalled
Test Plan: Looked at Home with Audit installed and uninstalled.

Reviewers: epriestley, #blessed_reviewers

Reviewed By: epriestley

CC: Korvin, epriestley, aran

Differential Revision: https://secure.phabricator.com/D7277
2013-10-09 15:25:03 -07:00
epriestley
f4582dc49d Allow "Default View" policies to be set to Public
Summary: Ref T603. Currently, we hard-code defense against setting policies to "Public" in several places, and special case only the CAN_VIEW policy. In fact, other policies (like Default View) should also be able to be set to public. Instead of hard-coding this, move it to the capability definitions.

Test Plan: Set default view policy in Maniphest to "Public", created a task, verified default policy.

Reviewers: btrahan, asherkin

Reviewed By: asherkin

CC: asherkin, aran

Maniphest Tasks: T603

Differential Revision: https://secure.phabricator.com/D7276
2013-10-09 15:06:18 -07:00
epriestley
11fbd213b1 Custom Policy Editor
Summary:
Ref T603. This isn't remotely usable yet, but I wanted to get any feedback before I build it out anymore.

I think this is a reasonable interface for defining custom policies? It's basically similar to Herald, although it's a bit simpler.

I imagine users will rarely interact with this, but this will service the high end of policy complexity (and allow the definition of things like "is member of LDAP group" or whatever).

Test Plan: See screenshots.

Reviewers: btrahan, chad

Reviewed By: btrahan

CC: aran, asherkin

Maniphest Tasks: T603

Differential Revision: https://secure.phabricator.com/D7217
2013-10-09 14:05:10 -07:00
epriestley
436a403357 Add a "default view" policy to Differential
Summary:
Ref T603. Allows the Differential view policy to be configured with a default.

I've omitted "edit" because I want to wait and see how comment/comment-action policies work out. I could imagine locking "edit" down to only the owner at some point, and providing a wider "interact" capability, or something like that, which would cover accept/reject/commandeer. Users in this group could still edit indirectly by commandeering first.

Test Plan: Created new revisions from the CLI and conduit.

Reviewers: btrahan

Reviewed By: btrahan

CC: aran

Maniphest Tasks: T603

Differential Revision: https://secure.phabricator.com/D7269
2013-10-09 13:58:00 -07:00
epriestley
650dc0cc30 Remove the "create rules" Herald capability
Summary:
Ref T603. In thinking about this, I think I went mad with power in creating this capability. I can't imagine any reason to give users access to Herald but not let them create rules.

We can restore this later if some install comes up with a good reason to have it, but in the interest of keeping policies as simple as possible, I think we're better off without it. In particular, if you don't want a group of users creating rules, just lock them out of the application entirely.

The "Manage Global Rules" capability is still around, I think that one's super good.

Test Plan: Edited Herald policies, created a rule.

Reviewers: btrahan

Reviewed By: btrahan

CC: aran

Maniphest Tasks: T603

Differential Revision: https://secure.phabricator.com/D7268
2013-10-09 13:55:44 -07:00
epriestley
1ee455c441 Add defualt view and default edit policies for tasks
Summary: Ref T603. Allow global default policies to be configured for tasks.

Test Plan:
  - Created task via web UI.
  - Created task via Conduit.
  - Created task via email.

Reviewers: btrahan

Reviewed By: btrahan

CC: aran

Maniphest Tasks: T603

Differential Revision: https://secure.phabricator.com/D7267
2013-10-09 13:53:17 -07:00
epriestley
3147a6ca57 Improve messaging of special policy rules in applications
Summary: Ref T603. When the user encounters an action which is controlled by a special policy rule in the application, make it easier for applications to show the user what policy controls the action and what the setting is. I took this about halfway before and left a TODO, but turn it into something more useful.

Test Plan: See screenshots.

Reviewers: btrahan, chad

Reviewed By: chad

CC: chad, aran

Maniphest Tasks: T603

Differential Revision: https://secure.phabricator.com/D7265
2013-10-09 13:52:04 -07:00
epriestley
45f38c549b Use header status/policy elements in Applications meta-application
Summary: Ref T603. Use more modern elements.

Test Plan: See screenshot.

Reviewers: chad, btrahan

Reviewed By: chad

CC: aran

Maniphest Tasks: T603

Differential Revision: https://secure.phabricator.com/D7264
2013-10-09 13:46:45 -07:00
epriestley
7a97a71e20 Move Herald application capabilities to newer infrastructure
Summary: Ref T603. Use the new hotness.

Test Plan: Edited Herald in Applications, tried to create rules / global rules without capabilities, got reasonable error messages.

Reviewers: btrahan

Reviewed By: btrahan

CC: aran

Maniphest Tasks: T603

Differential Revision: https://secure.phabricator.com/D7263
2013-10-09 13:44:41 -07:00
Chad Little
fe73f9da73 Adds status colors to navbar tabs
Summary: Adds the abilit to set a status color of warning or fail to navbar tab lists (for objectheaders)

Test Plan: uiexamples, photoshop

Reviewers: epriestley

Reviewed By: epriestley

CC: Korvin, epriestley, aran

Differential Revision: https://secure.phabricator.com/D7266
2013-10-07 19:29:05 -07:00
epriestley
b1b1ff83f2 Allow applications to define new policy capabilities
Summary:
Ref T603. I want to let applications define new capabilities (like "can manage global rules" in Herald) and get full support for them, including reasonable error strings in the UI.

Currently, this is difficult for a couple of reasons. Partly this is just a code organization issue, which is easy to fix. The bigger thing is that we have a bunch of strings which depend on both the policy and capability, like: "You must be an administrator to view this object." "Administrator" is the policy, and "view" is the capability.

That means every new capability has to add a string for each policy, and every new policy (should we introduce any) needs to add a string for each capability. And we can't do any piecemeal "You must be a {$role} to {$action} this object" becuase it's impossible to translate.

Instead, make all the strings depend on //only// the policy, //only// the capability, or //only// the object type. This makes the dialogs read a little more strangely, but I think it's still pretty easy to understand, and it makes adding new stuff way way easier.

Also provide more context, and more useful exception messages.

Test Plan:
  - See screenshots.
  - Also triggered a policy exception and verified it was dramatically more useful than it used to be.

Reviewers: btrahan, chad

Reviewed By: btrahan

CC: chad, aran

Maniphest Tasks: T603

Differential Revision: https://secure.phabricator.com/D7260
2013-10-07 13:28:58 -07:00
epriestley
68c854b967 Remove dead rejectImpossiblePolicy() method
Summary: Ref T603. Apparently we made all policies possible at some point. Go us! This has no callsites.

Test Plan: `grep`, notice it's a private method

Reviewers: btrahan

Reviewed By: btrahan

CC: aran

Maniphest Tasks: T603

Differential Revision: https://secure.phabricator.com/D7259
2013-10-07 12:52:01 -07:00
epriestley
0598600476 Always pass handles to tokenizers, not <phid -> name> maps
Summary: Ref T1279. Prerequisite for adding icons or other type information to tokenizers, since we don't currently have enough information to prefill them when rendering things from the server side. By passing handles in, the tokenizer can extract type information.

Test Plan:
- Searched by user in Audit.
- Sent Conpherence from profile page.
- Tried to send an empty conpherence.
- Searched Countdown by user.
- Edited CCs in Differential.
- Edited reviewers in Differential.
- Edited a commit's projects.
- Searched lint by owner.
- Searched feed by owner/project.
- Searched files by owner.
- Searched Herald by owner.
- Searched Legalpad by owner.
- Searched Macro by owner.
- Filtered Maniphest reports by project.
- Edited CCs in Maniphest.
- Searched Owners by owner.
- Edited an Owners package.
- Searched Paste by owner.
- Searched activity logs by owner.
- Searched for mocks by owner.
- Edited a mock's CCs.
- Searched Ponder by owner.
- Searched projects by owner.
- Edited a Releeph project's pushers.
- Searched Releeph by requestor.
- Edited "Uses Symbols" for an Arcanist project.
- Edited all tokenizers in main search.
- Searched Slowvote by user.

Reviewers: chad, btrahan

Reviewed By: btrahan

CC: aran

Maniphest Tasks: T1279

Differential Revision: https://secure.phabricator.com/D7248
2013-10-07 12:51:24 -07:00
epriestley
2abbd51868 Don't raise a policy exception if a user can't see the parent revision of a new diff
Summary: Ref T603. We currently bomb out here, but should just continue forward. I'm fairly certain we don't even use this for anything anymore (it has been replaced by "depends on") but need to check that.

Test Plan: Created a new revision with `arc diff`.

Reviewers: ljalonen, btrahan, #blessed_reviewers, chad

Reviewed By: chad

CC: aran

Maniphest Tasks: T603

Differential Revision: https://secure.phabricator.com/D7255
2013-10-07 12:51:04 -07:00
epriestley
c6f9316a77 Add missing case for personal ruls which create blocking reviewers
Summary: Ref T1279. I only tested the global case. :O

Test Plan: Created a personal "add me as blocking" rule.

Reviewers: btrahan, zeeg

Reviewed By: zeeg

CC: aran

Maniphest Tasks: T1279

Differential Revision: https://secure.phabricator.com/D7261
2013-10-07 11:18:00 -07:00
epriestley
c4ecdfa2a5 Fix missing property on revision adapter. 2013-10-07 03:41:00 -07:00
epriestley
2a69b91000 Fix minor issue with data attachment on project creation 2013-10-06 17:13:51 -07:00
epriestley
953ff197bf Allow Herald rules to be disabled, instead of deleted
Summary:
Ref T603. Ref T1279. Further improves transaction and policy support for Herald.

  - Instead of deleting rules (which wipes out history and can't be undone) allow them to be disabled.
  - Track disables with transactions.
  - Gate disables with policy controls.
  - Show policy and status information in the headers.
  - Show transaction history on rule detail screens.
  - Remove the delete controller.
  - Support disabled queries in the ApplicationSearch.

Test Plan:
  - Enabled and disabled rules.
  - Searched for enabled/disabled rules.
  - Verified disabled rules don't activate.

Reviewers: btrahan

Reviewed By: btrahan

CC: aran

Maniphest Tasks: T1279, T603

Differential Revision: https://secure.phabricator.com/D7247
2013-10-06 17:10:29 -07:00
epriestley
c6add6ae73 Make "reject" and "blocking reviewer" block acceptance in Differential
Summary:
Ref T1279. This is a logical change.

  - "Reject" (nee "Request Changes") is now sticky. The review won't transition to "Accepted" until the reviewer clears their objection. In practice, I think it always worked like this anyway (without technical enforcement, users just followed this rule naturally, since disobeying this rule is kind of a dick move) so I don't expect this to change much. I think this rule is easier to understand than the old rule now, given the multi-reviewer status and blocking reviewers.
  - "Blocking Reviewer" and "Reject" now prevent a revision from transitioning to "Accepted". When reviewers accept, resign, or are removed, we do a check to see if the reivsion has: at least one user reviewer who has accepted; zero rejects; and zero blocks. If all conditions are satisfied, we transition it to "accepted".

Practically, the primary net effect of this is just to make blocking reviews actually block.

This is pretty messy, but there's not much we can do about it until after T2222, since we have two completely separate editor pathways which are both responsible for adjusting status. Eventually, these can merge into a single sane editor which implements reasonable rules in reaonable ways. But that day is not today.

Test Plan: With three users and a project, made a bunch of accepts, rejects, resigns and reviewer removals. I think I probably covered most of the pathways? There are a lot of interactions here.

Reviewers: btrahan

Reviewed By: btrahan

CC: aran, wisutsak.jaisue.7

Maniphest Tasks: T1279

Differential Revision: https://secure.phabricator.com/D7245
2013-10-06 17:09:56 -07:00
epriestley
8aa8ef49da Provide an "Add blocking reviewer..." Herald action
Summary: Ref T1279. These reviewers don't actually create a logical block yet (that is, revisions still transition to "accepted" even in their presence), but this handles everything except that.

Test Plan: Added Herald rules and updated revisions; see screenshots.

Reviewers: btrahan

Reviewed By: btrahan

CC: aran

Maniphest Tasks: T1279

Differential Revision: https://secure.phabricator.com/D7244
2013-10-06 17:09:24 -07:00
epriestley
929ad86b57 Allow accepting accepted revisions, and rejecting rejected revisions
Summary:
Ref T1279. With the new per-reviewer status, you can always accept or reject a revision.

This is primarily cosmetic/UI changes. In particular, you've always been able to reject a rejected revision, the UI just didn't show you an option.

Test Plan: Accepted accepted revisions; rejected rejected revisions. See screenshots.

Reviewers: btrahan

Reviewed By: btrahan

CC: aran

Maniphest Tasks: T1279

Differential Revision: https://secure.phabricator.com/D7243
2013-10-06 17:09:02 -07:00
epriestley
d518f3c9de When a user accepts a revision, accept for all projects the user has authority over
Summary: Ref T1279. If you accept a revision, also accept on behalf of all the projects you have authority to accept for.

Test Plan:
  - Accepted a revision which I was a reviewer on, saw my own status and an authority project's status change to "Accepted".
  - Accepted a revision which I was not a reviewer on, saw my own status be added (as "Accepted") and the project's status update.

Also, see screenshot.

Reviewers: btrahan

Reviewed By: btrahan

CC: aran, wisutsak.jaisue.7

Maniphest Tasks: T1279

Differential Revision: https://secure.phabricator.com/D7242
2013-10-06 17:08:30 -07:00
epriestley
3d3d3b6d80 Move determination of reviewer authority into DifferentialRevisionQuery
Summary:
Ref T1279. We currently determine reviewers at display time, but this is bad for several reasons:

  - It puts queries very close to the display layer.
  - We have to query for each revision if we want to figure out authority for several.
  - We need to figure it out in several places, so we'll end up with copies of this logic.
  - The logic isn't trivial (exceptions for the viewer, exceptions to that rule for install configuration).
  - We already do this "figure it out when we need it" stuff in Diffusion for audits and it's really bad: we have half-working copies of the logic spread all over the place.

Instead, put it in the Query. Callers query for it and get the data attached to the reviewer objects.

Test Plan:
  - Looked at some revisions, verified the correct lines were highlighted.
    - Looked at a revision I created and verified that projects I was a member of were not highlighted.
      - With self-accept enabled, these //are// highlighted.
    - Looked at a revision I did not create and verified that projects I was a member of were highlighted.

Reviewers: btrahan

Reviewed By: btrahan

CC: aran

Maniphest Tasks: T1279

Differential Revision: https://secure.phabricator.com/D7241
2013-10-06 17:08:14 -07:00
epriestley
515f9a36ab When editing objects which use files, attach the files to the objects
Summary: Ref T603. Fixes T3921. Tightens up policy controls for file/object relationships in existing applications.

Test Plan:
  - Uploaded new project image, verified it got an edge to the project.
  - Uploaded new profile image, verified it got an edge to me.
  - Uploaded new macro image, verified it got an edge to the macro.
  - Uploaded new paste via web UI and conduit, verified it got attached.
  - Replaced, added images to a mock, verified they got edges.

Reviewers: btrahan

Reviewed By: btrahan

CC: aran

Maniphest Tasks: T3921, T603

Differential Revision: https://secure.phabricator.com/D7254
2013-10-06 17:07:55 -07:00
epriestley
c587b8a9c8 Remove ProjectProfile->loadProfileImageURI()
Summary: Ref T603. Gets rid of a sketchy, non-policy-aware, unbatched file query.

Test Plan: Looked at projects, typeahead, edited project profile images.

Reviewers: btrahan

Reviewed By: btrahan

CC: aran

Maniphest Tasks: T603

Differential Revision: https://secure.phabricator.com/D7253
2013-10-06 17:07:43 -07:00
epriestley
80f6d00940 Remove PhabricatorProject->loadProfile
Summary: Ref T603. Do modern, sensible queries here.

Test Plan: Viewed project profile, list, member edit, profile edit, used typeahead, changed project image.

Reviewers: btrahan

Reviewed By: btrahan

CC: aran

Maniphest Tasks: T603

Differential Revision: https://secure.phabricator.com/D7252
2013-10-06 17:07:20 -07:00
epriestley
64e4b3aef4 Remove loadMemberPHIDs from PhabricatorProject
Summary:
Ref T603. Move toward stamping out all the Project / ProjectProfile query irregularities with respect to policies.

  - Fixes a bug with Asana publishing when the remote task is deleted.
  - Fixes an issue with Herald commit rules.

Test Plan:
  - Viewed projects;
  - edited projects;
  - added and removed members from projects;
  - republished Asana-bridged feed stories about commits.

Reviewers: btrahan

Reviewed By: btrahan

CC: aran

Maniphest Tasks: T603

Differential Revision: https://secure.phabricator.com/D7251
2013-10-06 17:07:08 -07:00
epriestley
b7297a3278 Add an "Author's projects" Herald field to Differential
Summary:
Ref T1279. This allows installs to implement two different flavors of project review. They can either implement this rule:

  When:
    [ ... ] [ ... ]
  Take Action:
    [ Add blockign reviewers ] [ Security ]

...which means "every revision matching X needs to be signed off by someone else on the Security team, //even if the author is on that team//". The alternative is to implement this rule:

  When:
    [ Author's projects ] [ do not include ] [ Security ]
    [ ... ] [ ... ]
  Take Action:
    [ Add blocking reviewers ] [ Security ]

...which means that people on the Security team don't need a separate signoff from someone else on the team.

I think this weaker version maps to some of what, e.g., Google does (you need to be reviewed by someone with "readability" in a language, but if you have it that's good enough), but I could imagine cases like "Security" wanting to prevent self-review from satisfying the requirement.

@zeeg, not sure which of these use cases is relevant here, but either one should work after this.

Test Plan: Created rules with this field, verified it populated properly in the transcript.

Reviewers: btrahan

Reviewed By: btrahan

CC: zeeg, aran

Maniphest Tasks: T1279

Differential Revision: https://secure.phabricator.com/D7238
2013-10-05 14:10:53 -07:00
epriestley
c80a4f51c1 Highlight reviews the viewer is responsible for in Differential
Summary: Ref T1279. No logical changes, but cosmetically highlight stuff you have authority for, like we do in Diffusion.

Test Plan: See screenshot.

Reviewers: chad, btrahan

Reviewed By: btrahan

CC: aran

Maniphest Tasks: T1279

Differential Revision: https://secure.phabricator.com/D7237
2013-10-05 14:10:52 -07:00
epriestley
4c0ec01ce5 Allow Herald rules to add reviewers
Summary:
Ref T1279. Although I think this is a bad idea in general (we once supported it, removed it, and seemed better off for it) users expect it to exist and want it to be available. Give them enough rope to shoot themselves in the foot.

I will probably write some lengthy treatise on how you shouldn't use this rule later.

Implementation is straightforward because Differential previously supported this rule.

This rule can also be used to add project reviewers.

Test Plan: Made some "add reviewers" rules, created revisions, saw reviewers trigger.

Reviewers: btrahan

Reviewed By: btrahan

CC: aran

Maniphest Tasks: T1279

Differential Revision: https://secure.phabricator.com/D7235
2013-10-05 14:10:51 -07:00
epriestley
2d733f88a1 Split users apart from projects/packages in reviewer and audit UIs
Summary: Ref T1279. Show separate sections for "Reviewers" and "Project Reviewers" (Differential) and for "Auditors" and "Package/Project Auditors" (Diffusion/Audit).

Test Plan:
  - Looked at a commit. Saw separation.
  - Looked at a revision. Saw separation.

Reviewers: chad, btrahan

Reviewed By: btrahan

CC: aran

Maniphest Tasks: T1279

Differential Revision: https://secure.phabricator.com/D7233
2013-10-05 14:10:49 -07:00
epriestley
9434df9d7c Accommodate project reviewers in Differential search
Summary:
Ref T1279. Two changes to the search/query for Differential:

  - "Reviewers" now accepts users and projects.
  - "Responsible Users" now includes revisions where a project you are a member of is a reviewer.

Test Plan:
  - Searched for project reviewers.
  - Verified that the dashboard now shows reviews which I'm only part of via project membership.

Reviewers: btrahan

Reviewed By: btrahan

CC: aran

Maniphest Tasks: T1279

Differential Revision: https://secure.phabricator.com/D7231
2013-10-05 14:10:47 -07:00
epriestley
cf4eb3109e Allow projects to review revisions
Summary:
Ref T1279. No actual logical changes, but:

  - You can now add projects as reviewers from the revision view typeahead ("Add Reviewers" action).
  - You can now add projects as reviewers from the revision detail typeahead.
  - You can now add projects as reviewers from the CLI (`#yoloswag`).
  - Generated commit messages now list project reviewers (`Reviewers: #yoloswag`).

I'll separate projects from users in the "Reviewers" tables in the next revision.

Test Plan:
  - Added projects as reviewers using the web UI and CLI.
  - Used `arc amend --show --revision Dnnn` to generate commit messages.
  - Viewed revision with project reviewers in web UI.

Reviewers: btrahan

Reviewed By: btrahan

CC: aran

Maniphest Tasks: T1279

Differential Revision: https://secure.phabricator.com/D7230
2013-10-05 14:10:46 -07:00
epriestley
370c7635a7 Track "accepted" and "commented" in per-reviewer status
Summary: Ref T1279. Updates status to 'accepted' or 'commented' when the user takes those actions.

Test Plan:
  - Commented on a revision, got a comment icon.
  - Accepted a revision, got an accept icon.
  - Commented again, icon stayed as "accept".
  - Faked the "old diff" states.

Reviewers: btrahan, chad

Reviewed By: chad

CC: aran

Maniphest Tasks: T1279

Differential Revision: https://secure.phabricator.com/D7229
2013-10-05 14:10:45 -07:00
epriestley
4d8707df13 Use status list UI to show reviewers in Differential
Summary:
Ref T1279. No logical changes, just updates the reviewer display style.

We currently keep track of only "requested changes".

Test Plan: See screenshot.

Reviewers: btrahan, chad

Reviewed By: chad

CC: aran

Maniphest Tasks: T1279

Differential Revision: https://secure.phabricator.com/D7228
2013-10-05 14:10:44 -07:00
epriestley
65ddefad8b Migrate all Differential reviewer data to edges
Summary:
Ref T1279. @champo did a lot of this work already; we've been doing double writes for a long time.

Add "double reads" (reading the edge table as both the "relationship" table and as the "reviewer status" table), and migrate all the data.

I'm not bothering to try to recover old reviewer status (e.g., we could infer from transactions who accepted old revisions) because it wold be very complicated and doesn't seem too valuable.

Test Plan:
  - Without doing the migration, used Differential. Verified that reads and writes worked. Most of the data was there anyway since we've been double-writing.
  - Performed the migration. Verified that everything was still unchanged.
  - Dropped the edge table, verified all reviweer data vanished.
  - Migrated again, verified the reviewer stuff was restored.
  - Did various cc/reviewer/subscriber queries, got consistent results.

Reviewers: btrahan

Reviewed By: btrahan

CC: champo, aran

Maniphest Tasks: T1279

Differential Revision: https://secure.phabricator.com/D7227
2013-10-05 13:54:02 -07:00
epriestley
e6d8e1a00a Make Herald rules obey policies during application
Summary:
Ref T603. This closes the other major policy loophole in Herald, which was that you could write a rule like:

  When [Always], [Add me to CC]

...and end up getting email about everything. These rules are now enforced:

  - For a //personal// rule to trigger, you must be able to see the object, and you must be able to use the application the object exists in.
  - In contrast, //global// rules will //always// trigger.

Also fixes some small bugs:

  - Policy control access to thumbnails was overly restrictive.
  - The Pholio and Maniphest Herald rules applied only the //last// "Add CC" or "Add Project" rules, since each rule overwrote previous rules.

Test Plan:
  - Created "always cc me" herald and maniphest rules with a normal user.
  - Created task with "user" visibility, saw CC.
  - Created task with "no one" visibility, saw no CC and error message in transcript ("user can't see the object").
  - Restricted Maniphest to administrators and created a task with "user" visibility. Same deal.
  - Created "user" and "no one" mocks and saw CC and no CC, respectively.
  - Thumbnail in Pholio worked properly.

Reviewers: btrahan

Reviewed By: btrahan

CC: aran

Maniphest Tasks: T603

Differential Revision: https://secure.phabricator.com/D7224
2013-10-05 12:55:34 -07:00
epriestley
7dde01df76 Fix issues with first-time account registration
Summary: This worked originally, but the migration broke slightly after the
config was deprecated, and there was another minor issue during setup.
2013-10-05 08:02:41 -07:00
epriestley
f88a2b735d Remove spurious "+x" from files that shouldn't have it
Summary: We have a bunch of files with +x that aren't actually executable.
Remove +x from PNGs, etc.
2013-10-05 05:18:17 -07:00
Juan Pablo Civile
562da7e98b Stop using loadRelationships in differential related herald adapters
Summary:
Used `DifferentialRevisionQuery` with the relevant `need*()` calls in the test controller.
And started assuming the revision has reviewers and CC phids in `HeraldDifferentialRevisionAdapter`.

Test Plan:
Added herald rules that use revisions (one for revisions another for commit) and reviewers.
Created, accepted and landed a revision that matched the rules and checked all rules were applied.

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, Korvin

Maniphest Tasks: T1279

Differential Revision: https://secure.phabricator.com/D6468

Conflicts:
	src/applications/herald/adapter/HeraldCommitAdapter.php
	src/applications/herald/adapter/HeraldDifferentialRevisionAdapter.php
	src/applications/herald/controller/HeraldTestConsoleController.php
2013-10-04 16:40:42 -07:00
Bob Trahan
c35b93d9b6 lipsum - tighten up some test data generation
Summary:
maniphest tasks were fataling with priority 0 before making sure to add the return null if new object trick to the maniphest pro editor.

pholio had a problem where if you had no jpegs you were walking off array_rand. tighten the math and then just return a built-in if no uploaded user images could be found. Fixes T3889.

Test Plan: bin/lipsum generate for a few minutes and no errors

Reviewers: epriestley

Reviewed By: epriestley

CC: Korvin, aran

Maniphest Tasks: T3889

Differential Revision: https://secure.phabricator.com/D7222
2013-10-04 15:29:32 -07:00
epriestley
ee4bdb501b Make Herald transcripts policy-aware
Summary:
Ref T603. Herald transcripts potentially leak a bunch of content (task text, revision/commit content). Don't let users see them if they can't see the actual objects.

This is a little messy but ends up mostly reasonable-ish.

Test Plan:
  - Verified that transcripts for objects I couldn't see no longer appear in the list, and reject access.
  - Verified that transcripts for objects in applications I can't see reject access, albeit less gracefully.

Reviewers: btrahan

Reviewed By: btrahan

CC: aran

Maniphest Tasks: T603

Differential Revision: https://secure.phabricator.com/D7221
2013-10-04 15:17:18 -07:00
epriestley
a235768d58 Modernize "Test Console" and fix a minor display bug with "Always"
Summary:
  - Use the box view in the test console.
  - Let the test console load tasks and mocks. We should move this to the adapters (`canAdaptObject($object)` or something).
  - Fix a minor issue with "Always": hiding the whole cell could make the table layout weird in Safari, at least. Just hide the select instead.

Test Plan:
  - Used test console on task.
  - Used test console on mock.
  - Created (silly) rule with "Always" and also some other conditions.

Reviewers: btrahan

Reviewed By: btrahan

CC: aran

Differential Revision: https://secure.phabricator.com/D7220
2013-10-04 15:17:01 -07:00
Chad Little
cad9e548bc Add Header to Registration
Summary: Adds an ObjectBox to Phabricator Registration

Test Plan: check logged out page for new header.

Reviewers: epriestley, btrahan

Reviewed By: epriestley

CC: Korvin, aran

Differential Revision: https://secure.phabricator.com/D7223
2013-10-04 15:13:05 -07:00
epriestley
c8127edfe9 Tighten up some policy interactions in Herald
Summary:
Ref T603. Herald is a bit of a policy minefield right now, although I think pretty much everything has straightforward solutions. This change:

  - Introduces "create" and "create global" permisions for Herald.
    - Maybe "create" is sort of redundant since there's no reason to have access to the application if not creating rules, but I think this won't be the case for most applications, so having an explicit "create" permission is more consistent.
  - Add some application policy helper functions.
  - Improve rendering a bit -- I think we probably need to build some `PolicyType` class, similar to `PHIDType`, to really get this right.
  - Don't let users who can't use application X create Herald rules for application X.
  - Remove Maniphest/Pholio rules when those applications are not installed.

Test Plan:
  - Restricted access to Maniphest and uninstalled Pholio.
  - Verified Pholio rules no longer appear for anyone.
  - Verified Maniphest ruls no longer appear for restricted users.
  - Verified users without CREATE_GLOBAL can not create global ruls.

Reviewers: btrahan

Reviewed By: btrahan

CC: aran

Maniphest Tasks: T603

Differential Revision: https://secure.phabricator.com/D7219
2013-10-04 15:15:48 -07:00