1
0
Fork 0
mirror of https://we.phorge.it/source/phorge.git synced 2024-11-25 00:02:41 +01:00
Commit graph

12717 commits

Author SHA1 Message Date
epriestley
10ffa42504 Separate locales into more usable groups in the translation menu
Summary:
Ref T5267. Ref T4103. Currently, adding new locale support to the upstream fills this menu with confusing options which don't do anything. Separate it into four groups:

  - Translations: these have a "reasonable number" of strings and you'll probably see some obvious effect if you switch to the translation.
  - Limited Translations: these have very few or no strings, and include locales which we've added but don't ship translations for.
  - Silly Translations: Pirate english, etc.
  - Test Translations: ALLCAPS, raw strings, etc.

Czech is currently in "test" instead of "limited" for historical reasons; I'll remedy this in the next change.

Test Plan: {F1661523}

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T4103, T5267

Differential Revision: https://secure.phabricator.com/D15978
2016-05-26 08:00:06 -07:00
epriestley
a4e5780043 Remove "Search Preferences"
Summary:
Ref T4103. This removes these options:

{F1660585}

The jump nav option came from T916, when we had a separate jump nav on the home page. Essentially no one has ever been confused by the behavior of search or disabled this feature. Here are the stats for this install:

| Total Users | 36656 |
| Have Set Any Preference | 3084 |
| Have Disabled Jump | 6
| Are Not "Security Researchers" | 2
| Any Account Activity | 0

The "/" option came in the same change, but the preference came from T989. This keystroke conflicts with a default Firefox keystroke. Almost no one cares about this either, but I count 6 real users who have disabled the behavior. I suspect the number of real users who //use// it may be smaller.

In Safari and Firefox, the "tab" key does the same thing.

In Chrome, the "tab" key does the same thing if {nav Preferences > Web Content > "Pressing Tab highlights..."} is disabled.

Upshot: jump nav is great, bulk of the change in T989 was clearly great, specific preferences that came out of it seem not-so-great and now is a good time to kill them as we head into T4103.

Test Plan:
  - Grepped for removed constants.
  - Pressed "/".
  - Searched for `T123`.
  - Viewed settings.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T4103

Differential Revision: https://secure.phabricator.com/D15976
2016-05-26 06:21:47 -07:00
epriestley
9f399247b1 (stable) Fix a possible fatal on the first push to a cluster repository
Summary:
Fixes T11020. I think this resolves things -- `$new_version` (set above) should be used, not `$new_log` directly.

Specifically, we would get into trouble if the initial push failed for some reason (working copy not initialized yet, commit hook rejected, etc).

Test Plan: Made a bad push to a new repository. Saw it freeze before the patch and succeed afterwards.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T11020

Differential Revision: https://secure.phabricator.com/D15969
2016-05-25 11:00:46 -07:00
epriestley
70b194398e (stable) Fix "Reviewers" validation issue with empty reviewers
Summary: Fixes T11021.

Test Plan: Created a revision without reviewers.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T11021

Differential Revision: https://secure.phabricator.com/D15968
2016-05-25 11:00:31 -07:00
epriestley
08cc80cc5c (stable) Fix one more "Reviewers" wire format issue
Summary: Fixes T11010. This also needs to be inflated until we fix the whole client/server responsibility issue here.

Test Plan:
  - Created a revision while observing error log, no error.
  - Disabled "allow self accept", tried to make myself a reviewer, got rejected with an error message.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T11010

Differential Revision: https://secure.phabricator.com/D15966
2016-05-25 11:00:19 -07:00
epriestley
189600e411 Allow broader HTTP access to public repositories, respect nonstandard Phabricator HTTP port when generating repository URIs
Summary:
Fixes T11030. Fixes T11032.

  - Allow HTTP access to "Public" repositories even if `diffusion.allow-http-auth` is disabled.
  - If you run Phabricator on an unusual port (???) use that port as the default when generating HTTP URIs.

Test Plan:
  - Faked `phabricator.base-uri` to an unusual port, saw repository HTTP URI generate with an unusual port.
  - Disabled `diffusion.allow-http-auth`, confirmed that toggling view policy between "public" and "users" activated or deactivated HTTP clone URI.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T11030, T11032

Differential Revision: https://secure.phabricator.com/D15973
2016-05-25 09:07:00 -07:00
epriestley
d1eed54d85 Fix expansion of projects into lists of user PHIDs
Summary:
Ref T11016. I think I inverted the meaning of this function by accident in D14893.

The intent is to return a list of users: direct users, and all members of all projects.

Prior to this patch actually returns direct users, and all projects they are members of.

Test Plan:
  - Created "Project with Dog".
  - Added user "dog" to project.
  - Created package "X", owning file "/x", with audit enabled.
  - Made "X" owned by "Project with Dog".
  - Modified "/x" and had user "dog" accept it.
  - Landed change.
  - Prior to change: package "X" incorrectly added as auditor.
  - After change: package "X" correctly omitted as auditor, because a member reviewed the change.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T11016

Differential Revision: https://secure.phabricator.com/D15971
2016-05-24 06:38:37 -07:00
epriestley
74e117ae41 Don't send mail to "uninteresting" auditors
Summary:
Fixes T11017. We add packages as "uninteresting" auditors so that we can query commits by package later.

Until recently, this didn't matter because we didn't send mail to packages. But now we do, so stop mailing them when they don't actually need to do anything.

Test Plan:
  - Made a commit to a file which was part of a package but which I owned (so it does not trigger auditing).
  - `var_dump()`'d mail "To:" PHIDs.
    - Before patch: included package.
    - After patch: no package.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T11017

Differential Revision: https://secure.phabricator.com/D15970
2016-05-23 17:55:13 -07:00
epriestley
bb16a1b0e2 Fix a possible fatal on the first push to a cluster repository
Summary:
Fixes T11020. I think this resolves things -- `$new_version` (set above) should be used, not `$new_log` directly.

Specifically, we would get into trouble if the initial push failed for some reason (working copy not initialized yet, commit hook rejected, etc).

Test Plan: Made a bad push to a new repository. Saw it freeze before the patch and succeed afterwards.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T11020

Differential Revision: https://secure.phabricator.com/D15969
2016-05-23 17:54:54 -07:00
epriestley
725d60eb4a Fix "Reviewers" validation issue with empty reviewers
Summary: Fixes T11021.

Test Plan: Created a revision without reviewers.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T11021

Differential Revision: https://secure.phabricator.com/D15968
2016-05-23 17:16:21 -07:00
epriestley
e1ad312fdd Fix one more "Reviewers" wire format issue
Summary: Fixes T11010. This also needs to be inflated until we fix the whole client/server responsibility issue here.

Test Plan:
  - Created a revision while observing error log, no error.
  - Disabled "allow self accept", tried to make myself a reviewer, got rejected with an error message.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T11010

Differential Revision: https://secure.phabricator.com/D15966
2016-05-23 12:48:34 -07:00
lkassianik
627b95bf78 Remove calendar panel in profile and make calendar box header a link to user's calendar
Summary: Ref T9606, Clicking on the calendar preview header in user's profile page should link to user's full month calendar

Test Plan: Open user profile, scroll to calendar preview, click on Calendar box header. This should open the month calendar for the user (not viewer)

Reviewers: epriestley, #blessed_reviewers

Reviewed By: epriestley, #blessed_reviewers

Subscribers: Korvin

Maniphest Tasks: T9606

Differential Revision: https://secure.phabricator.com/D15967
2016-05-23 11:32:56 -07:00
lkassianik
359e8d4aa5 Hover hint on calendar list items should appear on the most convenient side of the item
Summary: Hover hint on calendar list items should be to the right in day view, left in profile view, on top in month view

Test Plan: Open profile view, calendar items should have a left hover. Open day view, calendar items should have a right hover. Open month view, calendar items should have top hover.

Reviewers: epriestley, #blessed_reviewers

Reviewed By: epriestley, #blessed_reviewers

Subscribers: Korvin

Maniphest Tasks: T9606

Differential Revision: https://secure.phabricator.com/D15964
2016-05-23 10:49:29 -07:00
lkassianik
de645301b5 Adding a calendar preview panel to people profile
Summary: Ref T9606

Test Plan: Open people profile for a user with events today/tomorrow, see a panel under badges panel with event list

Reviewers: chad, epriestley, #blessed_reviewers

Reviewed By: epriestley, #blessed_reviewers

Subscribers: Korvin

Maniphest Tasks: T9606

Differential Revision: https://secure.phabricator.com/D15851
2016-05-23 10:39:25 -07:00
epriestley
efd001b42f Wordsmith the timezone selection UX
Summary:
Ref T3025.

  - Show current zone to make the current vs new more clear.
  - Tweak some text.

Test Plan: {F1656534}

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T3025

Differential Revision: https://secure.phabricator.com/D15965
2016-05-23 10:31:42 -07:00
epriestley
3d3fff4991 Fix weird remarkup linewrapping on a few instructions forms, plus move toward fixing Phame/CORGI remarkup issues
Summary:
Fixes T10381. When we converted to `PHUIRemarkupView`, some instructional text got linebreaks added when it shouldn't have them (the source is written in PHP and wrapped at 80 characters, but the output should flow naturally).

Fix this so we don't preserve linebreaks.

This also makes `PHUIRemarkupView` a little more powerful and inches us toward fixing Phame/CORGI remarkup issues, getting rid of `PhabricatorMarkupInterface` / `PhabricatorMarkupOneOff`, and dropping all the application hard-coding in `PhabricatorMarkupEngine`.

Test Plan:
  - Grepped for all callsites, looking for callsites which accept remarkup written in `<<<HEREDOC` format.
  - Viewed form instructions, Conduit API methods, HTTP parameter edit instructions.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T10381

Differential Revision: https://secure.phabricator.com/D15963
2016-05-22 12:23:05 -07:00
epriestley
2a00f185eb When the JS "Intl" API is available, use it to guess the timezone
Summary:
Ref T3025. Chrome gives us an easily-accessible, much better guess at which timezone the user is in.

Firefox also exposes "Intl" but this doesn't seem to be a reliable method to read the timezone.

Test Plan:
In Chrome, swapped my system date/time between zones, clicked the "reconcile" popup, got the dropdown prefilled accurately.

In Safari (no `Intl` API) got the normal flow with no default selected.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T3025

Differential Revision: https://secure.phabricator.com/D15962
2016-05-22 09:14:02 -07:00
epriestley
5d30ea56cf Add a modern user.search Conduit API method
Summary: Ref T10512. This is fairly bare-bones but appears to work.

Test Plan: Queried all users, queried some stuff by constraints.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T10512

Differential Revision: https://secure.phabricator.com/D15959
2016-05-22 05:54:31 -07:00
epriestley
8b9df5e90f Update Celerity map. 2016-05-21 13:27:56 -07:00
epriestley
a91004ef1b Detect timezone discrepancies and prompt users to reconcile them
Summary: Ref T3025. This adds a check for different client/server timezone offsets and gives users an option to fix them or ignore them.

Test Plan:
  - Fiddled with timezone in Settings and System Preferences.
  - Got appropriate prompts and behavior after simulating various trips to and from exotic locales.

In particular, this slightly tricky case seems to work correctly:

  - Travel to NY.
  - Ignore discrepancy (you're only there for a couple hours for an important meeting, and returning to SF on a later flight).
  - Return to SF for a few days.
  - Travel back to NY.
  - You should be prompted again, since you left the timezone after you ignored the discrepancy.

{F1654528}

{F1654529}

{F1654530}

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T3025

Differential Revision: https://secure.phabricator.com/D15961
2016-05-21 13:25:23 -07:00
Chad Little
e902fc0e2a Move Tablet breakpoint from 768 -> 920
Summary: Bumping this up higher since two column views get extra tight fast below 900 px. This felt most correct to me, dialing it back from first attempt at 960. Mostly I don't want to ever accidentally trigger it when I'm on the 12" MacBook. Ref T10926

Test Plan: Durable Column, Workboards, Dashboards, Tasks.

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: avivey, Korvin

Maniphest Tasks: T10926

Differential Revision: https://secure.phabricator.com/D15960
2016-05-21 12:11:27 -07:00
epriestley
ed92d1d844 Regenerate the Celerity map.
Auditors: chad
2016-05-20 16:26:11 -07:00
epriestley
f2c36a934e Provide an <input type="file"> control in Remarkup for mobile and users with esoteric windowing systems
Summary:
Ref T5187. This definitely feels a bit flimsy and I'm going to hold it until I cut the release since it changes a couple of things about Workflow in general, but it seems to work OK and most of it is fine.

The intent is described in T5187#176236.

In practice, most of that works like I describe, then the `phui-file-upload` behavior gets some weird glue to figure out if the input is part of the form. Not the most elegant system, but I think it'll hold until we come up with many reasons to write a lot more Javascript.

Test Plan:
Used both drag-and-drop and the upload dialog to upload files in Safari, Firefox and Chrome.

{F1653716}

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T5187

Differential Revision: https://secure.phabricator.com/D15953
2016-05-20 16:24:22 -07:00
epriestley
77d543ba44 (stable) Promote 2016 Week 21 2016-05-20 16:24:08 -07:00
Chad Little
804a5db41a Add transparency to Pholio Edit thumbs
Summary: Makes the background transparent for uploaded thumbs. This page in general needs lots of work, but here's the minimum. Fixes T10986

Test Plan: Edit a Mock with a transparent jeff.

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: Korvin

Maniphest Tasks: T10986

Differential Revision: https://secure.phabricator.com/D15957
2016-05-20 13:43:22 -07:00
Chad Little
969d3be035 Clean up "points" display on workboards
Summary: Couple of edge cases here I never cleaned up. This inlines points and projects better, with spacing and use of grey to better differentate from project tag colors.

Test Plan:
Review edge cases on workboard with multiple short and long project names.

{F1653998}

{F1653999}

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: Korvin

Differential Revision: https://secure.phabricator.com/D15956
2016-05-20 13:06:57 -07:00
Chad Little
58aa3fdc9d Make View Revision in Mail a little more resilient
Summary: Converts to table so text wraps on long strings well, button always stays top right, better spacing underneath.

Test Plan: Mail, Gmail, mobile

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: Korvin

Differential Revision: https://secure.phabricator.com/D15955
2016-05-20 12:07:17 -07:00
epriestley
45718268a9 Restore viewer() function to "Responsible Users" tokenizer in Differential
Summary:
Ref T10939. This makes the `viewer()` function work again. It retains its own meaning (viewer, plus all their projects and packages).

There's no `exact-viewer()` function; we could conceivably add one eventually if we need it.

Test Plan:
  - Queried for `viewer()`, got the same results as querying by my own username.
  - Browsed function in token browser.
  - Reviewed autogenerated documentation.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T10939

Differential Revision: https://secure.phabricator.com/D15951
2016-05-19 15:21:20 -07:00
epriestley
7ae33d14ec Use new Differential bucketing logic on default (non-dashboard) homepage
Summary:
Ref T10939. If you haven't installed a dashboard, we show an "Active Revisions" panel on the homepage by default. I waited a bit to update this, but the new buckets don't seem to have caused any major problems so far.

Update this to use the new logic. I'm just showing "must review" + "should review", which is similar to the old beahvior.

Also replace the notification count with this same number. This is a little different from the old behavior, but simpler, and I think we should probably move toward getting rid of these counts completely.

Test Plan:
  - Viewed homepage as logged-in user, saw my revisions (including revisions I have authority over only because of project membership).
  - Saw consistent notification count.
  - Grepped for removed method.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T10939

Differential Revision: https://secure.phabricator.com/D15950
2016-05-19 15:20:39 -07:00
epriestley
0fad384727 Fix minor section formatting mishap in SSH key email
Summary: Ref T10917. This is getting added as a link right now, which causes it to get `<a href>`'d in HTML mail. Add it as text instead.

Test Plan: Edited a key, examined HTML mail body carefully.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T10917

Differential Revision: https://secure.phabricator.com/D15952
2016-05-19 15:20:19 -07:00
epriestley
6f6ca0102d Send forced mail on SSH key edits
Summary:
Ref T10917. This cheats fairly heavily to generate SSH key mail:

  - Generate normal transaction mail.
  - Force it to go to the user.
  - Use `setForceDelivery()` to force it to actually be delivered.
  - Add some warning language to the mail body.

This doesn't move us much closer to Glorious Infrastructure for this whole class of events, but should do what it needs to for now and doesn't really require anything sketchy.

Test Plan: Created and edited SSH keys, got security notice mail.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T10917

Differential Revision: https://secure.phabricator.com/D15948
2016-05-19 15:01:25 -07:00
epriestley
da6b3de65c Use transactions to apply web UI SSH key edits
Summary:
Ref T10917. Converts web UI edits to transactions.

This is about 95% "the right way", and then I cheated on the last 5% instead of building a real EditEngine. We don't need it for anything else right now and some of the dialog workflows here are a little weird so I'm just planning to skip it for the moment unless it ends up being easier to do after the next phase (mail notifications) or something like that.

Test Plan: {F1652160}

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T10917

Differential Revision: https://secure.phabricator.com/D15947
2016-05-19 15:00:18 -07:00
epriestley
9385ddaf82 Fix bad documentation link in clustering intro doc
Summary: Fixes T10991.

Test Plan: Previewed harder, clicked link.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T10991

Differential Revision: https://secure.phabricator.com/D15949
2016-05-19 14:59:50 -07:00
epriestley
08bea1d363 Add ViewController and SearchEngine for SSH Public Keys
Summary:
Ref T10917. This primarily prepares these for transactions by giving us a place to:

  - review old deactivated keys; and
  - review changes to keys.

Future changes will add transactions and a timeline so key changes are recorded exhaustively and can be more easily audited.

Test Plan:
{F1652089}

{F1652090}

{F1652091}

{F1652092}

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T10917

Differential Revision: https://secure.phabricator.com/D15946
2016-05-19 09:48:46 -07:00
epriestley
36006bcb8f Prevent locked credentials from being made accessible via conduit
Summary:
Via HackerOne. Currently, you can use "Lock Permanently" to lock a credential permanently, but you can still enable Conduit API access to it. This directly contradicts both intent of the setting and its description as presented to the user.

Instead:

  - When a credential is locked, revoke Conduit API access.
  - Prevent API access from being enabled for locked credentials.
  - Prevent API access to locked credentials, period.

Test Plan:
  - Created a credential.
  - Enabled API access.
  - Locked credential.
  - Saw API access become disabled.
  - Tried to enable API access; was rebuffed.
  - Queried credential via API, wasn't granted access.

Reviewers: chad

Reviewed By: chad

Differential Revision: https://secure.phabricator.com/D15944
2016-05-18 14:54:44 -07:00
epriestley
0308d580d7 Deactivate SSH keys instead of destroying them completely
Summary:
Ref T10917. Currently, when you delete an SSH key, we really truly delete it forever.

This isn't very consistent with other applications, but we built this stuff a long time ago before we were as rigorous about retaining data and making it auditable.

In partiular, destroying data isn't good for auditing after security issues, since it means we can't show you logs of any changes an attacker might have made to your keys.

To prepare to improve this, stop destoying data. This will allow later changes to become transaction-oriented and show normal transaction logs.

The tricky part here is that we have a `UNIQUE KEY` on the public key part of the key.

Instead, I changed this to `UNIQUE (key, isActive)`, where `isActive` is a nullable boolean column. This works because MySQL does not enforce "unique" if part of the key is `NULL`.

So you can't have two rows with `("A", 1)`, but you can have as many rows as you want with `("A", null)`. This lets us keep the "each key may only be active for one user/object" rule without requiring us to delete any data.

Test Plan:
- Ran schema changes.
- Viewed public keys.
- Tried to add a duplicate key, got rejected (already associated with another object).
- Deleted SSH key.
- Verified that the key was no longer actually deleted from the database, just marked inactive (in future changes, I'll update the UI to be more clear about this).
- Uploaded a new copy of the same public key, worked fine (no duplicate key rejection).
- Tried to upload yet another copy, got rejected.
- Generated a new keypair.
- Tried to upload a duplicate to an Almanac device, got rejected.
- Generated a new pair for a device.
- Trusted a device key.
- Untrusted a device key.
- "Deleted" a device key.
- Tried to trust a deleted device key, got "inactive" message.
- Ran `bin/ssh-auth`, got good output with unique keys.
- Ran `cat ~/.ssh/id_rsa.pub | ./bin/ssh-auth-key`, got good output with one key.
- Used `auth.querypublickeys` Conduit method to query keys, got good active keys.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T10917

Differential Revision: https://secure.phabricator.com/D15943
2016-05-18 14:54:28 -07:00
epriestley
49eb6403a4 Send HTML email by default
Summary: Ref T10694. Switch default mode to HTML since it has a number of significant advantages and we haven't seen reports of significant problems.

Test Plan:
  - Switched preference to default (saw "HTML" in UI).
  - Sent myself some mail.
  - Got HTML mail.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T10694

Differential Revision: https://secure.phabricator.com/D15885
2016-05-18 14:53:57 -07:00
Chad Little
5bb3cbe239 Add a "View Revision" button to HTML email
Summary:
Ref T10694. If this feels good, I'd plan to eventually add something similar to other applications ("View Task", etc).

Not sure if we should keep the object link later in the mail body or not. I left it for now.

Test Plan: {F1307256, size=full}

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: Korvin

Maniphest Tasks: T10694

Differential Revision: https://secure.phabricator.com/D15884
2016-05-18 14:25:16 -07:00
epriestley
9d029519f6 Two-for-one deal on typos
Summary: Wow! Real value here.

Test Plan: No more red underlines.

Reviewers: chad

Reviewed By: chad

Differential Revision: https://secure.phabricator.com/D15941
2016-05-18 09:53:39 -07:00
epriestley
7b50eef27a Special case the "added projects" transaction in mail when creating objects
Summary: Fixes T10493. See that task and inline comments for discussion.

Test Plan:
Created an object with some projects, saw the transaction in resulting mail:

{F1600496}

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T10493

Differential Revision: https://secure.phabricator.com/D15942
2016-05-18 07:09:39 -07:00
epriestley
3aed39b8b0 Fix an issue with serializing reviewers over the wire
Fixes T10981. Ref T10939. `arc` currently has some odd, hard-coded checks
(missing reviewers, all reviewers away) that depend on the field value being
in a certain format.

The recent changes swapped the field value from scalars (PHIDs) to
dictionaries and broke this workflow. It worked fine in testing because we
apply these checks very inconsistently (not on update or `--edit`).

To get around this for now, serialize into "PHID!" and then unserialize on
the other side. This is icky but keeps us from needing to require an `arc`
upgrade.

These checks are generally bad news and should move to the server side in the
long run (T4631).

(This probably prevents clean `arc diff`, so I'm just cowboy committing it.)

Auditors: chad
2016-05-17 17:44:13 -07:00
epriestley
de1a30efc7 Improve audit behavior for "uninteresting" auditors
Summary:
Ref T10939. Fixes T10174. We can currently trigger "uninteresting" auditors in two ways:

  - Packages with auditing disabled ("NONE" audits).
  - Packages with auditing enabled, but they don't need an audit (e.g., author is a pacakge owner; "NOT REQUIRED" audits).

These audits aren't interesting (we only write them so we can list "commits in this package" from other UIs) but right now they take up the audit slot. In particular:

  - They show in the UI, but are generally useless/confusing nowadays. The actual table of contents does a better job of just showing "which packages do these paths belong to" now, and shows all packages for each path.
  - They block Herald from adding real auditors.

Change this:

  - Don't show uninteresting auditors.
  - Let Herald upgrade uninteresting auditors into real auditors.

Test Plan:
  - Ran `bin/repository reparse --owners <commit> --force`, and `--herald` to trigger Owners and Herald rules.
  - With a package with auditing disabled, triggered a "None" audit and saw it no longer appear in the UI with the patch applied.
  - With a package with auditing disabled, added a Herald rule to trigger an audit. With the patch, saw it go through and upgrade the audit to "Audit Required".

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T10174, T10939

Differential Revision: https://secure.phabricator.com/D15940
2016-05-17 13:47:33 -07:00
epriestley
9c24798e64 Update Owners auditing rules for multiple reviewers
Summary:
Ref T10939. Fixes T10181. This slightly simplifies, then documents the auditing rules, which haven't been updated for a while. In particular:

  - If an owner authored the change, never audit.
  - Examine all reviewers to determine reviewer audit status, not just the first reviewer.
  - Simplify some of the loading code a bit.

Test Plan:
  - Ran `bin/repository reparse --owners <commit> --force` to trigger this stuff.
  - Verified that the web UI did reasonable things with resulting audits.
  - Read documentation.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T10181, T10939

Differential Revision: https://secure.phabricator.com/D15939
2016-05-17 13:46:06 -07:00
epriestley
809c7bf996 Allow users to manage package dominion rules
Summary: Ref T10939. This adds UI, transactions, etc, to adjust dominion rules.

Test Plan:
  - Read documentation.
  - Changed dominion rules.
  - Created packages on `/` ("A") and `/x` ("B") with "Auto Review: Review".
  - Touched `/x`.
  - Verified that A and B were added with strong dominion.
  - Verified that only B was added when A was set to weak dominion.
  - Viewed file in Diffusion, saw correct ownership with strong/weak dominion rules.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T10939

Differential Revision: https://secure.phabricator.com/D15936
2016-05-17 10:57:43 -07:00
epriestley
6cb2bde48d Add "Dominion" rules for Owners Packages
Summary:
Ref T10939. This supports two settings for packages (although they can't be configured yet):

  - **Strong Dominion**: If the package owns `a/`, it always owns every subpath, even if another package also owns the subpath. For example, if I own `src/differential/`, I always own it even if someone else claims `src/differential/js/` as part of the "Javascript" package. This is the current behavior, and the default.
  - **Weak Dominion**: If the package owns `a/`, but another package owns `a/b/`, the package gives up control of those paths and no longer owns paths in `a/b/`. This is a new behavior which can make defining some types of packages easier.

In the next change, I'll allow users to switch these modes and document what they mean.

Test Plan:
  - Ran existing unit tests.
  - Added new unit tests.

Reviewers: chad

Reviewed By: chad

Subscribers: joel

Maniphest Tasks: T10939

Differential Revision: https://secure.phabricator.com/D15935
2016-05-17 10:57:06 -07:00
epriestley
29a060d7f1 Allow blocking reviewers to be added via the CLI
Summary: Ref T10939. Fixes T4887. Supports "username!" to add a reviewer as blocking.

Test Plan: Added and removed blocking and non-blocking reviewers via CLI.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T4887, T10939

Differential Revision: https://secure.phabricator.com/D15934
2016-05-17 10:56:29 -07:00
epriestley
afec01129a Allow blocking reviewers to be added via the web UI
Summary:
Ref T10939. Adds a `blocking(...)` token.

This code is pretty iffy and going to get worse before it gets better, but the fix (T10967 + EditEngine) is going to be a fair chunk of work down the road.

Test Plan: {F1426966}

Reviewers: chad

Reviewed By: chad

Subscribers: scode

Maniphest Tasks: T10939

Differential Revision: https://secure.phabricator.com/D15933
2016-05-17 10:56:12 -07:00
epriestley
875b866715 Add missing "oauth_server_edge" tables
Summary: Fixes T10975. The "scramble attached file permissions when an object is saved" code is misfiring here too. See T10778 + D15803 for prior work.

Test Plan:
  - Ran `bin/storage upgrade -f`.
  - Edited the view policy of an OAuth server (prepatch: fatal; postpatch: worked great).

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T10975

Differential Revision: https://secure.phabricator.com/D15938
2016-05-17 08:50:27 -07:00
epriestley
f930a43f91 Remove "Used By" from Passphrase
Summary: Fixes T10972. Nothing actually updates this anymore, and only repositories ever did (e.g., Harbormaster and Drydock have never tracked it). Keeping track of this is more trouble than it's worth.

Test Plan: Grepped for constants, viewed a passphrase credential.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T10972

Differential Revision: https://secure.phabricator.com/D15932
2016-05-16 16:38:52 -07:00
Luka Kladaric
174f3f6d23 docs: fix setup instructions for Mailgun and S3
Summary: The S3 fields are mandatory and if you only enter the ones in the docs you will immediately encounter a "Amazon S3 is Only Partially Configured" error. For Mailgun the error is more difficult to figure out - emails get stuck on Mailgun's side but the error is illegible. On Phabricator's side you have to go trawling through nginx logs to find "Mail signature is not valid. Check your Mailgun API key."

Test Plan: Deploy a new standalone instance, follow old instructions, fail. Deploy another one, follow updated instructions, win.

Reviewers: epriestley, #blessed_reviewers

Reviewed By: epriestley, #blessed_reviewers

Subscribers: Korvin

Differential Revision: https://secure.phabricator.com/D15931
2016-05-16 22:11:37 +02:00