1
0
Fork 0
mirror of https://we.phorge.it/source/phorge.git synced 2024-11-24 07:42:40 +01:00
Commit graph

202 commits

Author SHA1 Message Date
vrana
11ffed7cfc Fix paging for 'before ID' queries
Test Plan: https://secure.phabricator.com/paste/filter/all/?before=157 - 158 is missing.

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, Koolvin

Differential Revision: https://secure.phabricator.com/D2330
2012-04-27 17:27:00 -07:00
epriestley
944049d871 Add a paginated list of all repository tags to Diffusion
Summary: Now supports more than 25 tags!

Test Plan: Set page size to 1, paginated. Verified SVN / Hg don't break/explode.

Reviewers: davidreuss, vrana, btrahan

Reviewed By: btrahan

CC: aran

Maniphest Tasks: T1130

Differential Revision: https://secure.phabricator.com/D2268
2012-04-19 09:39:19 -07:00
epriestley
dec8acd803 Add very basic tag support to Diffusion
Summary: Lists the 25 most recent tags on the "Repository" page.

Test Plan: Looked at a git repository with a tag, saw it. Looked at HG/SVN repos, they didn't break.

Reviewers: davidreuss, 20after4, btrahan, vrana, jungejason

Reviewed By: davidreuss

CC: aran

Maniphest Tasks: T1130

Differential Revision: https://secure.phabricator.com/D2255
2012-04-18 08:02:08 -07:00
vrana
6c0e22b3a3 Support IE8
Test Plan:
View revision in Chrome.
View revision in Firefox.
View revision in IE8.

Reviewers: epriestley

Reviewed By: epriestley

CC: aran

Differential Revision: https://secure.phabricator.com/D2251
2012-04-17 11:01:30 -07:00
epriestley
fbfccf5ddc Improve Policy options
Summary:
  - Add an "Administrators" policy.
  - Allow "Public" to be completely disabled in configuration.
  - Simplify unit tests, and cover the new policies.

Test Plan: Ran unit tests.

Reviewers: btrahan, vrana, jungejason

Reviewed By: btrahan

CC: aran

Maniphest Tasks: T603

Differential Revision: https://secure.phabricator.com/D2238
2012-04-17 07:52:10 -07:00
epriestley
ded641ae32 Add basic per-object privacy policies
Summary:
Provides a basic start for access policies. Objects expose various capabilities, like CAN_VIEW, CAN_EDIT, etc., and set a policy for each capability. We currently implement three policies, PUBLIC (anyone, including logged-out), USERS (any logged-in) and NOONE (nobody). There's also a way to provide automatic capability grants (e.g., the owner of an object can always see it, even if some capability is set to "NOONE"), but I'm not sure how great the implementation feels and it might change.

Most of the code here is providing a primitive for efficient policy-aware list queries. The problem with doing queries naively is that you have to do crazy amounts of filtering, e.g. to show the user page 6, you need to filter at least 600 objects (and likely more) before you can figure out which ones are 500-600 for them. You can't just do "LIMIT 500, 100" because that might have only 50 results, or no results. Instead, the query looks like "WHERE id > last_visible_id", and then we fetch additional pages as necessary to satisfy the request.

The general idea is that we move all data access to Query classes and have them do object filtering. The ID paging primitive allows efficient paging in most cases, and the executeOne() method provides a concise way to do policy checks for edit/view screens.

We'll probably end up with mostly broader policy UIs or configuration-based policies, but there are at least a few cases for per-object privacy (e.g., marking tasks as "Security", and restricting things to the members of projects) so I figured we'd start with a flexible primitive and the simplify it in the UI where we can.

Test Plan: Unit tests, played around in the UI with various policy settings.

Reviewers: btrahan, vrana, jungejason

Reviewed By: btrahan

CC: aran

Maniphest Tasks: T603

Differential Revision: https://secure.phabricator.com/D2210
2012-04-14 10:13:29 -07:00
Edward Speyer
8f70d891fa AphrontFormSelectControl: Add <optgroup> to <select>
Summary:
Add <optgroup> style selects, if the array of options is actually an
array-of-arrays.

Test Plan: Made one, it looked OK.

Reviewers: epriestley

Reviewed By: epriestley

CC: aran

Differential Revision: https://secure.phabricator.com/D2177
2012-04-10 21:35:51 -07:00
epriestley
dd21f7e37c Make error views look less awful
Summary: These elements look heavy and out of place right now.

Test Plan: Looked at error views in uiexample page.

Reviewers: btrahan, vrana, jungejason

Reviewed By: jungejason

CC: aran

Differential Revision: https://secure.phabricator.com/D2144
2012-04-07 17:25:31 -07:00
vrana
2211a0b07e Don't render <div> inside <span>
Test Plan: D1

Reviewers: epriestley

Reviewed By: epriestley

CC: aran

Differential Revision: https://secure.phabricator.com/D2121
2012-04-06 10:15:44 -07:00
Bob Trahan
cc586b0afa For discussion -- Stripe integration
Summary:
various stripe stuff, including

- external stripe library
- payment form
- test controller to play with payment form, sample business logic

My main questions / discussion topics are...

- is the stripe PHP library too big? (ie should I write something more simple just for phabricator?)
-- if its cool, what is the best way to include the client? (ie should I make it a submodule rather than the flat copy here?)
- is the JS I wrote (too) ridiculous?
-- particularly unhappy with the error message stuff being in JS *but* it seemed the best choice given the most juicy error messages come from the stripe JS such that the overall code complexity is lowest this way.
- how should the stripe JS be included?
-- flat copy like I did here?
-- some sort of external?
-- can we just load it off stripe servers at request time? (I like that from the "if stripe is down, stripe is down" perspective)
- wasn't sure if the date control was too silly and should just be baked into the form?
-- for some reason I feel like its good to be prepared to walk away from Stripe / switch providers here, though I think this is on the wrong side of pragmatic

Test Plan: - played around with sample client form

Reviewers: epriestley

Reviewed By: epriestley

CC: aran

Differential Revision: https://secure.phabricator.com/D2096
2012-04-04 16:09:29 -07:00
epriestley
01767c482d Add a datepicker control
Summary: I looooove JS! It makes me giddy with glee!

Test Plan: Picked dates. See screenshots.

Reviewers: btrahan

Reviewed By: btrahan

CC: aran

Differential Revision: https://secure.phabricator.com/D2086
2012-04-04 12:14:10 -07:00
vrana
a309d5ba2f Replace leading double underscore in function names by single underscore
Summary:
> PHP reserves all symbols starting with __ as magical. http://php.net/userlandnaming.rules

I didn't touch third-party S3 library.

Test Plan: /

Reviewers: epriestley

Reviewed By: epriestley

CC: aran

Differential Revision: https://secure.phabricator.com/D2077
2012-04-03 18:55:52 -07:00
vrana
6f855c8b52 Don't show current revision in dependencies
Test Plan: Edit Dependencies, don't see current revision.

Reviewers: epriestley

Reviewed By: epriestley

CC: aran

Differential Revision: https://secure.phabricator.com/D2098
2012-04-03 18:39:34 -07:00
mkedia
591d50008f Allow projects to own packages
Summary:
- The UI is pretty straightforward, since Handle just works (tm)
- Added two methods to the owners object to handle the new layer of
  indirection. Then ran git grep PhabricatorOwnersOwner and changed
  callsites as appropriate.

Sending this to get a round of feedback before I test the non-trivial
changes in this diff.

Test Plan:
- owners tool: edit, view, list for basic functionality.
- phlog for the two new methods I added

Reviewers: epriestley, blair, jungejason

CC: aran

Differential Revision: https://secure.phabricator.com/D2079
2012-04-03 16:20:07 -07:00
vrana
8813c7be0e Use assert_instances_of() everywhere but Differential and Diffusion
Summary: NOTE: This is not produced by a script so there might be errors. Please review carefully.

Test Plan: Browse around.

Reviewers: epriestley

Reviewed By: epriestley

CC: aran

Differential Revision: https://secure.phabricator.com/D2091
2012-04-03 14:53:20 -07:00
vrana
67e10e60f2 Return $this from setters
Summary:
Most setters returns `$this` but some don't.
I guess it's not by purpose.

Test Plan:
  arc lint

Reviewers: epriestley

Reviewed By: epriestley

CC: aran

Differential Revision: https://secure.phabricator.com/D2085
2012-04-02 18:48:37 -07:00
vrana
b023480277 Display day of week in dates
Summary:
I've found it quite useful to know day of week of most displayed dates.
This is useful in periodic workflows (e.g. cut on Sunday, push on Tuesday).

It adds the day only to recent dates to save some space (similar approach as `ls -l`).

Test Plan: /

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, epriestley

Maniphest Tasks: T1034

Differential Revision: https://secure.phabricator.com/D1984
2012-04-02 12:28:46 -07:00
Edward Speyer
c15d8d4d23 Relative date helper, for 'today' and 'yesterday'
Summary:
Format a date as 'today', 'yesterday', or 'Mar 27 2012'.  Optionally,
the final example can be rendered 'on Mar 27 2012' for things like:

  $excuse =
    'I fell out of a window '.
    phabricator_on_rel_date($time, $me);

Test Plan: Tested in my sandbox!!!!

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, epriestley

Differential Revision: https://secure.phabricator.com/D2035
2012-03-30 22:15:40 -07:00
epriestley
5945546440 Unify Differential/Maniphest/Diffusion styles and allow commits to be flagged explicitly
Summary:
  - Differential, Maniphest and Diffusion use slightly different styles for the object detail panels.
  - Instead, use the same styles and CSS.
  - Add object actions to Diffusion, including "Flag".

Test Plan: Looked at revisions, tasks and commit. Flagged and unflagged commits.

Reviewers: btrahan

Reviewed By: btrahan

CC: aran, epriestley

Maniphest Tasks: T1041

Differential Revision: https://secure.phabricator.com/D2062
2012-03-30 14:12:10 -07:00
epriestley
698ec68327 General Herald refactoring pass
Summary:
**Who can delete global rules?**: I discussed this with @jungejason. The current behavior is that the rule author or any administrator can delete a global rule, but this
isn't consistent with who can edit a rule (anyone) and doesn't really make much sense (it's an artifact of the global/personal split). I proposed that anyone can delete a
rule but we don't actually delete them, and log the deletion. However, when it came time to actually write the code for this I backed off a bit and continued actually
deleting the rules -- I think this does a reasonable job of balancing accountability with complexity. So the new impelmentation is:

  - Personal rules can be deleted only by their owners.
  - Global rules can be deleted by any user.
  - All deletes are logged.
  - Logs are more detailed.
  - All logged actions can be viewed in aggregate.

**Minor Cleanup**

  - Merged `HomeController` and `AllController`.
  - Moved most queries to Query classes.
  - Use AphrontFormSelectControl::renderSelectTag() where appropriate (this is a fairly recent addition).
  - Use an AphrontErrorView to render the dry run notice (this didn't exist when I ported).
  - Reenable some transaction code (this works again now).
  - Removed the ability for admins to change rule authors (this was a little buggy, messy, and doesn't make tons of sense after the personal/global rule split).
  - Rules which depend on other rules now display the right options (all global rules, all your personal rules for personal rules).
  - Fix a bug in AphrontTableView where the "no data" cell would be rendered too wide if some columns are not visible.
  - Allow selectFilter() in AphrontNavFilterView to be called without a 'default' argument.

Test Plan:
  - Browsed, created, edited, deleted personal and gules.
  - Verified generated logs.
  - Did some dry runs.
  - Verified transcript list and transcript details.
  - Created/edited all/any rules; created/edited once/every time rules.
  - Filtered admin views by users.

Reviewers: jungejason, btrahan

Reviewed By: btrahan

CC: aran, epriestley

Differential Revision: https://secure.phabricator.com/D2040
2012-03-30 10:49:55 -07:00
epriestley
36ab0c3313 Fix local-clobbering iterators in phabricator/
Summary:
These are the issues identified by the linter in D2052. I don't think any cause bugs, but they are all reasonable errors to raise and the linter correctly
detected that they are suspicious.

Test Plan: Mostly inspection.

Reviewers: vrana, btrahan

Reviewed By: vrana

CC: aran, epriestley

Differential Revision: https://secure.phabricator.com/D2053
2012-03-29 13:24:06 -07:00
epriestley
ae9d1bf9ae Allow installs to add a custom corp/org header link
Summary: A bunch of installs are doing this to varying degrees of success anyway, make it easier and nudge them toward a more consistent approach.

Test Plan: Set a custom logo, viewed normal and admin pages.

Reviewers: btrahan

Reviewed By: btrahan

CC: aran, epriestley

Maniphest Tasks: T700

Differential Revision: https://secure.phabricator.com/D2019
2012-03-26 09:29:31 -07:00
epriestley
b440c95e9b Make "subscribed" filter in Differential accept any mailable
Summary:
In the Differential revision list views:

  - Allow you to filter by mailables (notably, mailing lists).
  - Allow you to filter by user (including disabled users).

Test Plan: Filtered by a mailing list.

Reviewers: btrahan, nh

CC: aran, epriestley

Maniphest Tasks: T1031

Differential Revision: https://secure.phabricator.com/D1994
2012-03-23 08:45:48 -07:00
Edward Speyer
06822c89f6 [Aphront] fix setter for AphrontCrumbsView
Summary:
The idiom is to return $this in all setters; I think this got missed in
AphrontCrumbsView by mistake.

Test Plan: Use an AphrontCrumbsView!

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, epriestley

Differential Revision: https://secure.phabricator.com/D1966
2012-03-20 14:06:12 -07:00
epriestley
65cf34e2b8 Add UI elements for sortable tables
Summary: Allow AphrontTableView to render with sort indicators and links in its columns.

Test Plan: Looked at UI example.

Reviewers: btrahan

Reviewed By: btrahan

CC: aran, epriestley, sandra

Maniphest Tasks: T994

Differential Revision: https://secure.phabricator.com/D1946
2012-03-19 19:48:22 -07:00
Hafsteinn Baldvinsson
fffc1e51d0 Inset view controller for inset elements of forms.
Summary:
T937 suggests 'inset' could have its own view controller.

It has the following methods:
 - setTitle         for title
 - setRightbutton   if you have to place something (preferably a button)
                    on the right side of the form
 - setDescription   if you want to describe what it does
 - setContent       for the main content
 - addDivAttributes REALLY not sure about this one but it had to be included
                    because of a single controller (see owners/controller/edit/PhabricatorOwnersEditController.php:238)
 - appendChild      works as usual if your form is complex but you still want to remove
                    ->appendChild('<div class..') ->appendChild('</div>');

It might be an overkill so maybe some could be dropped:
 - addDivAttributes() and just rewrite how PhabricatorOwnersEditController.php works
 - setContent() and use appendChild for the main content?

Test Plan:
 - Looked at the controllers in phabricator
 - Changed the controller
 - Opened the page in another tab
 - If something didnd't look the same I fixed it.

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, epriestley

Differential Revision: https://secure.phabricator.com/D1926
2012-03-15 17:10:38 -07:00
David Fisher
1c9a8ccb7c Added Search Box Preferences
Summary:
Resolves T989
- users can now disable the '/' keyboard shortcut which focuses the
  search box
- users can now disable the jump nav functionality of the search box

Test Plan:
- verified that the '/' keyboard shortcut works with preference enabled
  or unset
- verified that '/' no longer has any effect and disappears from
  keyboard shortcuts help overlay with preference disabled
- verified that search boxes have jump nav capabilities with jump nav
  functionality preference unset or enabled
- verified that search boxes do not jump with jump nav preference
  disabled
- verified that the jump nav still works as a jump nav with jump nav
  preference disabled

Reviewers: epriestley

Reviewed By: epriestley

CC: simpkins, aran, epriestley, vrana

Maniphest Tasks: T989

Differential Revision: https://secure.phabricator.com/D1902
2012-03-14 20:47:41 -07:00
epriestley
d0af617818 Add "final" to (almost) everything else
Summary: Last of the big final patches. Left a few debatable classes (12 out of about 400) that I'll deal with individually eventually.

Test Plan: Ran testEverythingImplemented.

Reviewers: btrahan

Reviewed By: btrahan

CC: aran, epriestley

Maniphest Tasks: T795

Differential Revision: https://secure.phabricator.com/D1881
2012-03-13 16:21:04 -07:00
epriestley
43bd76336c Use Javelin placeholders and new sorting rules broadly; consolidate tokenizer construction code
Summary:
  - We have three nearly-identical blocks of Tokenizer construction code; consolidate them into Prefab.
  - Add placeholder support.
  - Augment server-side stuff to specify placeholder text.

Test Plan: Verified behavior of Differential edit tokenizers, Differential comment tokenizers, Maniphest edit tokenizers, Maniphest comment tokenizers, Maniphest filter tokenizers, Differential filter tokenizers, Owners filter tokenizers, Owners edit tokenizers, Herald edit tokenizers, Audit filter tokenizers.

Reviewers: btrahan

Reviewed By: btrahan

CC: aran, epriestley

Maniphest Tasks: T772, T946

Differential Revision: https://secure.phabricator.com/D1844
2012-03-09 15:46:39 -08:00
epriestley
492d047a49 Improve tokenizer sorting rules
Summary:
Currently, we sort all results alphabetically. This isn't ideal. Instead, sort them like this:

  - If the viewing user appears in the list, always sort them first. This is common in a lot of contexts and some "Ben Evans" guy is sorting first on secure.phabricator.com and causing me no end of aggravation.
  - If the tokens match a "priority" component (e.g., username), sort that before results which do not have a "priority" match.
  - Within a group (self, priority, everything else) sort tokens alphabetically.

NOTE: I need to go add setUser() to all the tokenizers to make the "self" rule work, but that's trivial so I figured I'd get this out first.

Test Plan:
https://secure.phabricator.com/file/data/4s2a72l5hhyyqqkq4bnd/PHID-FILE-x2r6ubk7s7dz54kxmtwx/Screen_Shot_2012-03-07_at_9.18.03_AM.png

Previously, "aaaaaepriestley" (first alphabetic match) would sort before "epriestley" (the viewing user). Now, "epriestley" sorts first because that is the viewer.

https://secure.phabricator.com/file/data/rmnxgnafz42f23fsjwui/PHID-FILE-yrnn55jl3ysbntldq3af/Screen_Shot_2012-03-07_at_9.18.09_AM.png

Previously, "aaaagopher" (first alphabetic match) would sort before "banana" (the "priority" match). Now, "banana" sorts first because it priority matches on username.

Reviewers: btrahan

Reviewed By: btrahan

CC: aran, epriestley

Maniphest Tasks: T946

Differential Revision: https://secure.phabricator.com/D1807
2012-03-07 13:17:44 -08:00
David Fisher
639ed0faa6 Change All Search Boxes into Jump Navs
Summary:
- all search boxes are now jump navs (old functionality retained if none
  of the jump nav patterns match)
- added global keyboard shortcut '/' to focus the search box in the upper
  right

Test Plan:
- pressed '/' and noticed the search box gains keyboard focus
- triggered jump nav functionality from search box and saw it worked
- did a search which did not match a jump nav pattern and saw it worked
  (and searched in the selected context)
NOTE: The search box on the /search/ page is also changed to have jump
nav functionality. Old functionality is not impared. Still, this may not
be desirable.

Reviewers: epriestley, btrahan

Reviewed By: epriestley

CC: aran, epriestley

Differential Revision: https://secure.phabricator.com/D1794
2012-03-05 19:52:26 -08:00
epriestley
67abac5201 Improve Audit tool filters
Summary: Add more filters/options to the /audit/ interface (By User, By Package,
By Project...)

Test Plan: Looked at audits via /audit/.

Reviewers: btrahan, jungejason

Reviewed By: jungejason

CC: aran, epriestley

Maniphest Tasks: T904

Differential Revision: https://secure.phabricator.com/D1705
2012-02-27 19:21:41 -08:00
epriestley
3289059452 Unify "toggle buttons" controls
Summary: This control is a very thin shell right now with Maniphest/Differential
code duplication; unify the implemenations better for use in Audit.

Test Plan: Clicked toggle buttons in Differential and Maniphest.

Reviewers: btrahan, jungejason

Reviewed By: btrahan

CC: aran, epriestley

Differential Revision: https://secure.phabricator.com/D1700
2012-02-27 12:59:05 -08:00
Bob Trahan
3c4070a168 OAuth Server -- add controllers to RUD client authorizations and CRUD clients
Summary:
beyond the title, this diff tweaks the test console to have a bit more
functionality.  also makes a small change to CSS for AphrontFormControlMarkup,
which IMO fixes a display issue on
https://secure.phabricator.com/settings/page/profile/ where the Profile URI is
all up in the air and whatnot

I think this is missing pagination.  I am getting tired of the size though and
will add later.  See T905.

Test Plan:
viewed, updated and deleted client authorizations.  viewed, created,
updated and deleted clients

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, epriestley

Maniphest Tasks: T849, T850, T848

Differential Revision: https://secure.phabricator.com/D1683
2012-02-24 14:56:18 -08:00
epriestley
282d6e5ffa Unify Maniphest + Differential comment styles
Summary:
I want to add comments to commits, and they should obviously share code with the
nearly-identical comments in Maniphest and Differential. Unify code/style as
much as possible.

This program made possible by a generous grant from D1513.

Test Plan:
  - Looked at a bunch of different Differential and Maniphest comments; they
appeared to render identically to how they looked before.
  - Tested some edge cases like anchors and "show details" on description edits
in Maniphest.

Reviewers: btrahan, jungejason

Reviewed By: btrahan

CC: aran, epriestley

Maniphest Tasks: T904

Differential Revision: https://secure.phabricator.com/D1686
2012-02-24 13:02:35 -08:00
jungejason
fb9d48f38b Refactor Owners pages and Improve the Nav Filter
Summary:
Getting ready to support searching for the related commits by
package owner (D1631):

- Add 'relative' option to the Nav Filter
- Refactor Owners page

Test Plan: - owners page still renders with the filter displayed correctly.

Reviewers: epriestley, nh

Reviewed By: epriestley

CC: aran, epriestley

Differential Revision: https://secure.phabricator.com/D1630
2012-02-17 08:56:19 -08:00
epriestley
cd651001b6 Add a contextual "scope" dropdown for searches
Summary: Add a "Search for ... in (document group)" thing that picks the current
scope based on the current application.

Test Plan: Conducted searches in several browsers.

Reviewers: btrahan, skrul

Reviewed By: btrahan

CC: aran, epriestley

Maniphest Tasks: T858

Differential Revision: https://secure.phabricator.com/D1610
2012-02-14 17:00:12 -08:00
epriestley
6a11d8d0d1 Reduce size of "Unbreak Now" and "Needs Triage" panels when no action is
required

Summary: Make these things like 1/4th the size if they aren't actionable.

Test Plan: Loaded home page with actionable, unactionable panels.

Reviewers: btrahan

Reviewed By: btrahan

CC: aran, epriestley

Differential Revision: https://secure.phabricator.com/D1613
2012-02-14 16:23:53 -08:00
epriestley
3f46d30e8f Replace home directory list with a dashboard
Summary:
Rough cut that still needs a lot of polish, but replace the directory list with
more of a dashboard type thing:

  - Show "Unbreak Now", triage-in-your-projects, and other stuff that you're
supposed to deal with, then feed.
  - Move tools a click a way behind nav -- this also lets us put more stuff
there and subtools, etc., later.
  - Remove tabs.
  - Merge the category/item editing views.
  - I also added a light blue wash to the side nav, not sure if I like that or
not.

Test Plan:
  - Viewed all elements in empty and nonempty states.
  - Viewed applications, edited items/categories.

Reviewers: btrahan, aran

Reviewed By: btrahan

CC: aran, epriestley, davidreuss

Maniphest Tasks: T21, T631

Differential Revision: https://secure.phabricator.com/D1574
2012-02-07 16:04:48 -08:00
vrana
2ff36b7cad Move tail to <body>
Summary:
Prevents invalid HTML.
Discussion at D1561#6.

Test Plan:
http://validator.w3.org/check?uri=https%3A%2F%2Fsecure.phabricator.com

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, epriestley

Differential Revision: https://secure.phabricator.com/D1563
2012-02-03 11:33:38 -08:00
vrana
6bd8542abb Avoid sending CSRF token in GET and external forms
Summary:
Sending CSRF token in GET forms is dangerous because if there are external links
on the target page then the token could leak through Referer header.
The token is not required for anything because GET forms are used only to
display data, not to perform operations.
Sending CSRF tokens to external URLs leaks the token immediately.

Please note that <form action> defaults to GET.

PhabricatorUserOAuthSettingsPanelController suffered from this problem for both
reasons.

Test Plan: Save my settings (POST form).

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, epriestley

Differential Revision: https://secure.phabricator.com/D1558
2012-02-03 10:58:51 -08:00
vrana
c0efecb561 Specify encoding in <meta>
Summary: Phabricator sends information about encoding in Content-Type header but
when I save the HTML page then this information is lost.

Test Plan: /

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, epriestley

Differential Revision: https://secure.phabricator.com/D1561
2012-02-03 10:16:12 -08:00
epriestley
5954ae84aa Improve Herald personal/global UI/UX
Summary:
  - Default "personal" vs "global" choice to "personal".
  - Don't show global rules under "My Rules".
  - After editing or creating a global rule, redirect back to global rule list.
  - Use radio buttons for "personal" vs "global" and add captions explaining the
difference.
  - For "global" rules, don't show the owner/author in the rule detail view --
they effectively have no owner (see also D1387).
  - For "global" rules, don't show the owner/author in the rule list view, as
above.
  - For admin views, show rule type (global vs personal).

Test Plan:
  - Created and edited new global and personal rules.
  - Viewed "my", "global" and "admin" views.

Reviewers: btrahan, jungejason, nh, xela

Reviewed By: btrahan

CC: aran, epriestley

Differential Revision: https://secure.phabricator.com/D1518
2012-01-31 12:09:29 -08:00
epriestley
cb0bb8165d Add a Join / Leave button to Projects
Summary: Make it easy to join or leave (well, slightly less easy) a project.
Publish join/leave to feed. Fix a couple of membership editor bugs.

Test Plan: Joined, left a project.

Reviewers: btrahan, jungejason

Reviewed By: btrahan

CC: aran, epriestley

Maniphest Tasks: T681

Differential Revision: https://secure.phabricator.com/D1485
2012-01-25 11:51:20 -08:00
epriestley
82c0795e54 Unify logic for username validation
Summary: Revisit of D1254. Don't require lowercase, just standardize the logic.
The current implementation has nonuniform logic -- PeopleEditController forbids
uppercase.

Test Plan: Ran unit tests, see also D1254.

Reviewers: btrahan, jungejason, aran

Reviewed By: btrahan

CC: aran

Differential Revision: https://secure.phabricator.com/D1415
2012-01-16 11:52:59 -08:00
epriestley
d8bbf55959 Improve behavior when user submits a no-op action in Differential
Summary:
See T730 and the slightly-less-pretty version of this in D1398.

When a user takes an action in Differential that has no effect (for instance,
accepting an already-accepted revision), prompt them:

  Action Has No Effect

  You can not accept this revision because it has already been accepted.

  Do you want to post the feedback anyway, as a normal comment?

                        [Cancel] [Post as Comment]

If they have no comment text, the dialog only says "Cancel".

I think this is probably the best way to balance all the concerns here -- it
might occasionally be a little annoying, but that should be rare, and it should
never be confusing (the current workflow is extremely confusing).

This also fixes the issue where you can add all sorts of CCs who are already
part of the revision, either explicitly or via mentions.

Test Plan:
Posted some has-effect and has-no-effect comments, made different
choices in the dialog, everything seems to work OK?

Reviewers: vrana, btrahan, jungejason

Reviewed By: vrana

CC: aran, vrana

Maniphest Tasks: T730

Differential Revision: https://secure.phabricator.com/D1403
2012-01-15 03:44:09 -08:00
epriestley
bfbe6ec594 Prevent login brute forcing with captchas
Summary: If a remote address has too many recent login failures, require they
fill out a captcha before they can attempt to login.

Test Plan: Tried to login a bunch of times, then submitted the CAPTHCA form with
various combinations of valid/invalid passwords and valid/invalid captchas.

Reviewers: btrahan, jungejason

Reviewed By: jungejason

CC: aran, epriestley, jungejason

Maniphest Tasks: T765

Differential Revision: https://secure.phabricator.com/D1379
2012-01-12 15:22:05 -08:00
epriestley
7f7710a24d Add @phutil-external-symbol declarations to Phabricator
Summary: See D1381.

Test Plan: Ran "arc liberate src/ --all" and got a clean rebuild.

Reviewers: btrahan, jungejason

Reviewed By: jungejason

CC: aran, jungejason

Maniphest Tasks: T762

Differential Revision: https://secure.phabricator.com/D1382
2012-01-12 15:20:18 -08:00
epriestley
d43dec1d12 Make it harder to miss errors and warnings while developing Phabricator
Summary:
If a page generates warnings or errors, you only get a little red dot in
DarkConsole which is hard to see. DarkConsole is also fairly big and there are
plenty of reasons not to leave it open all the time.

Instead, unconditionally show a big message to developers if there are errors or
warnings.

We could make this more sophisticated eventually, but the value is just that you
see it.

Test Plan: Browsed pages with and without warnings, got the right banner state.

Reviewers: nh, btrahan, jungejason

Reviewed By: btrahan

CC: aran, btrahan

Maniphest Tasks: T734

Differential Revision: https://secure.phabricator.com/D1307
2012-01-04 10:21:00 -08:00
epriestley
cacdfcc8ea Remove unused PhabricatorProfileView
Summary: After D1281, this has no callsites. I don't see us wanting to go back
to it.

Test Plan: Grepped for symbol name, no hits.

Reviewers: btrahan, jungejason

Reviewed By: jungejason

CC: aran, jungejason

Differential Revision: https://secure.phabricator.com/D1282
2011-12-24 08:54:31 -08:00
epriestley
43430e154d Rough cut of Project profile improvements
Summary:
  - Old page was useless and dumb.
  - New page looks a little less bad, functions a little less poorly.
  - Still lots of work to be done.

Test Plan:
  - Viewed a project.
  - Clicked all the links on the left nav.
  - Here is a screenshot:
https://secure.phabricator.com/file/view/PHID-FILE-4buzquotb3fo4dhlicrw/

Reviewers: btrahan, jungejason

Reviewed By: jungejason

CC: aran, jungejason

Maniphest Tasks: T681

Differential Revision: 1246
2011-12-20 17:19:55 -08:00
jungejason
c80d1480d5 Add Basic Auditing Functionalities
Summary:
add basic auditing functionalities. For the related commits for a
package, we detect the following conditions which might be suspicious to the
owners of the package:

* no revision specified
* revision not found
* author not match
* reviewedby not match
* owners not involved
* commit author not recognized

The owners of the package can change the status of the audit entries by
accepting it or specify concern.

The owner can turn on/off the auditing for a package.

Test Plan:
*  verified that non-owner cannot see the details of the audit and cannot modify
it
*  verified that all the audit reasons can be detected
*  tested dropdown filtering and package search
*  verified really normal change not detected
*  verified accept/concern a commit
*  tested enable/disable a package for auditing
*  verified one audit applies to all <commit, packages> to the packages the
auditor owns
*  verified that re-parsing a commit won't have effect if there exists a
 relationship for <commit, package> already

Reviewers: epriestley, nh

Reviewed By: epriestley

CC: aran, benmathews, btrahan, mpodobnik, prithvi, TomL, epriestley

Differential Revision: 1242
2011-12-20 13:36:53 -08:00
epriestley
81acf588e2 Take the first step on the long journey of fixing "Projects"
Summary:
  - Allow more than the 100 most recent projects to be viewed.
  - Provide some useful filters.
  - Default the view to your projects, not all projects.
  - Put query logic in a query object.
  - Put filter view logic in a view object. We can port more stuff to it later.

Test Plan: Looked at active/owned/all projects. Set page size to 5 and paged
through projects.

Reviewers: btrahan, jungejason, zeeg

Reviewed By: btrahan

CC: aran, btrahan

Differential Revision: 1227
2011-12-16 17:23:48 -08:00
Bob Trahan
588b959c03 phabricator_format_timestamp => phabricator_datetime
Summary: make the change, kill the function.   be sure to get a good $user or
$viewer variable

Test Plan:
for each controller or view, look at it in the ui.   change timezone, refresh ui
and note change.   i did not test the OAuthSettingsPanelController; not sure how
to get to that badboy and i got a bit lazy

Maniphest Tasks: T222

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, btrahan, epriestley

Maniphest Tasks: T222

Differential Revision: 1166
2011-12-04 08:51:34 -08:00
epriestley
bd520076f9 Add optional keystroke support for AphrontPagerView
Summary: This is sort of silly but maybe useful? The real problem is that there
are like 500k conduit call logs and the real solution to that is better
filtering options, but this seems sort of okay.

Test Plan: Used "[" and "]" to switch between pages on the conduit call log.

Reviewers: btrahan, jungejason, nh, aran

Reviewed By: nh

CC: aran, nh, epriestley

Differential Revision: 1145
2011-12-01 10:16:12 -08:00
adonohue
7d2a18d883 Examples using JX.View
Summary: Provide a dirt-simple working example of client-side templating and
reactive programming.

Test Plan: Load the examples

Reviewers: epriestley, mroch, tomo

Reviewed By: epriestley

CC: ide, schrockn, aran, rzadorozny, epriestley

Differential Revision: 908
2011-11-06 15:17:00 -08:00
Marek Sapota
789dc6cb5e Allow anonymus access to Differential.
Summary:
Add possibility for not logged in users to browse and see Differential
revisions.

Test Plan:
Set 'differential.anonymous-access' config option to true, log out, you should
be able to browse Differential without logging back in.

Reviewers: epriestley, jungejason

Reviewed By: epriestley

CC: aran, epriestley, mareksapota

Differential Revision: 1044
2011-10-25 10:23:08 -07:00
epriestley
2fc3acc969 Improve time localization code
Summary:
  - We throw on a missing date right now, in the DateTime constructor. This can
happen in reasonable cases and this is display code, so handle it more
gracefully (see T520).
  - This stuff is a little slow and we sometimes render many hundreds of dates
per page. I've been seeing it in profiles on and off. Memoize timezones to
improve performance.
  - Some minor code duplication that would have become less-minor with the
constructor change, consolidate the logic.
  - Add some unit tests and a little documentation.

Test Plan:
  - Ran unit tests.
  - Profiled 1,000 calls to phabricator_datetime(), cost dropped from ~49ms to
~19ms with addition of memoization. This is still slower than I'd like but I
don't think there's an easy way to squeeze it down further.

Reviewers: ajtrichards, jungejason, nh, tuomaspelkonen, aran

Reviewed By: ajtrichards

CC: aran, ajtrichards, epriestley

Differential Revision: 966
2011-09-27 09:25:16 -07:00
epriestley
d0b6602e29 Add an option to switch tokenizers to use "ondemand" instead of "preloaded"
datasources

Summary:
The open source Phabricator has like 3,500 user accounts now and it takes a
while to pull/render them. Add an option to switch to ondemand for large
installs.

I'll follow up with a patch at some point to address a couple of name things:

  - Denormalize last names into a keyed column (although this evidences some
bias toward the western world).
  - Force all usernames to lowercase (sorry Girish, Makinde).

Also this patch is so clean it's crazy.

Didn't bother with other object types for now, I'm planning to dedicate a few
days to Projects at some point and I'll flesh out some auxiliary features like
this when I do that.

Test Plan: Switched to ondemand, verified data was queried dynamically. Switched
back, verified data was preloaded.

Reviewers: jungejason, nh, tuomaspelkonen, aran

Reviewed By: nh

CC: aran, epriestley, nh

Differential Revision: 923
2011-09-21 14:22:01 -07:00
epriestley
cd7ba81d83 Use "Best" URI when linking to files from Maniphest file previews
Summary: Previously, this code accidentally did not use the best URI. Instead,
use the best URI. It's the best, obviously.

Test Plan: Uploaded a binary file and then clicked the preview.

Reviewers: hunterbridges, jungejason, nh, tuomaspelkonen, aran

Reviewed By: tuomaspelkonen

CC: aran, tuomaspelkonen

Differential Revision: 905
2011-09-06 15:35:30 -07:00
epriestley
3aa17c7443 Prevent CSRF uploads via /file/dropupload/
Summary:
We don't currently validate CSRF tokens on this workflow. This allows an
attacker to upload arbitrary files on the user's behalf. Although I believe the
tight list of servable mime-types means that's more or less the end of the
attack, this is still a vulnerability.

In the long term, the right solution is probably to pass CSRF tokens on all Ajax
requests in an HTTP header (or just a GET param) or something like that.
However, this endpoint is unique and this is the quickest and most direct way to
close the hole.

Test Plan:
  - Drop-uploaded files to Files, Maniphest, Phriction and Differential.
  - Modified CSRF vaidator to use __csrf__.'x' and verified uploads and form
submissions don't work.

Reviewers: andrewjcg, aran, jungejason, tuomaspelkonen, erling
Commenters: andrewjcg, pedram
CC: aran, epriestley, andrewjcg, pedram
Differential Revision: 758
2011-08-16 13:19:10 -07:00
epriestley
774211af76 Tweak style on "Create Another Task" button
Summary:
Not totally sure I'm in love with this but I think it's somewhat non-terrible,
despite the lack of lens flare.

Also made "Cancel" take you back to the task if you got to "Create" from "Create
Another Task".

Test Plan:
  - Style:
https://secure.phabricator.com/file/view/PHID-FILE-ad37d3c1f3b2c7a7a7d1/
  - Hit "Cancel" from "Create Another", got sent back to task.
  - Hit "Cancel" from normal create, got sent back to list.
  - Tried to save an invalid task after making changes to CC/Projects, changes
were preserved.

Reviewed By: codeblock
Reviewers: hunterbridges, jungejason, tuomaspelkonen, aran, codeblock
CC: aran, epriestley, codeblock
Differential Revision: 736
2011-08-03 13:15:18 -07:00
epriestley
9d3f33a7a6 Rough implementation of drag-and-drop file uploads
Summary:
This gets all the major pieces working. Allows you to drag-and-drop files in
Differential and Phriction, and embed files in remarkup with {Fxxx} references.
See also task.

I'm explicitly not documenting this yet since it's still pretty rough.

Test Plan: Dragged and dropped stuff into Differential and Phriction.
Reviewed By: jungejason
Reviewers: jungejason, tuomaspelkonen, aran, tomo
Commenters: tomo
CC: aran, tomo, jungejason
Differential Revision: 674
2011-08-01 15:27:13 -07:00
epriestley
35d03d36c7 Improve display behavior of commit messages in Diffusion
Summary:
See T372. Always render commit messages on one display line, so the table
doesn't jump around as they AJAX in on browse views.

The goal here is to have the cell choose a size naturally and for its content to
render with "overflow: hidden" if the natural size isn't large enough to contain
the content. "white-space: pre" or "white-space: nowrap" would prevent wrapping
but potentially make the table exceed the display width when a better behavior
is to hide some of the commit message.

Also use utf8-aware shortening, now that we have a function for it.

Casting a wide net in case anyone has a better way to do the CSS here. It's kind
of nasty that we have to use so many DOM nodes.

Test Plan:
  - Resized window while viewing browse and history views in Safari, Chrome and
Firefox. Table exhibited described behavior.
  - Verified summaries render sensibly and are properly truncated to 100
characters.

Reviewed By: aran
Reviewers: aran, jungejason, tuomaspelkonen, tomo, mroch, cpojer
CC: aran, epriestley
Differential Revision: 750
2011-07-31 12:05:06 -07:00
epriestley
15ef2fced0 Fix conservative CSRF token cycling limit
Summary:
We currently cycle CSRF tokens every hour and check for the last two valid ones.
This means that a form could go stale in as little as an hour, and is certainly
stale after two.

When a stale form is submitted, you basically get a terrible heisen-state where
some of your data might persist if you're lucky but more likely it all just
vanishes. The .js file below outlines some more details.

This is a pretty terrible UX and we don't need to be as conservative about CSRF
validation as we're being. Remedy this problem by:

  - Accepting the last 6 CSRF tokens instead of the last 1 (i.e., pages are
valid for at least 6 hours, and for as long as 7).
  - Using JS to refresh the CSRF token every 55 minutes (i.e., pages connected
to the internet are valid indefinitely).
  - Showing the user an explicit message about what went wrong when CSRF
validation fails so the experience is less bewildering.

They should now only be able to submit with a bad CSRF token if:

  - They load a page, disconnect from the internet for 7 hours, reconnect, and
submit the form within 55 minutes; or
  - They are actually the victim of a CSRF attack.

We could eventually fix the first one by tracking reconnects, which might be
"free" once the notification server gets built. It will probably never be an
issue in practice.

Test Plan:
  - Reduced CSRF cycle frequency to 2 seconds, submitted a form after 15
seconds, got the CSRF exception.
  - Reduced csrf-refresh cycle frequency to 3 seconds, submitted a form after 15
seconds, got a clean form post.
  - Added debugging code the the csrf refresh to make sure it was doing sensible
things (pulling different tokens, finding all the inputs).

Reviewed By: aran
Reviewers: tuomaspelkonen, jungejason, aran
CC: aran, epriestley
Differential Revision: 660
2011-07-14 08:09:40 -07:00
epriestley
c33eecf438 Improve DarkConsole "Services" and "XHProf" plugins
Summary:

  - Services: Show summary panel of total service call costs and relative page weight.
  - Services: Add "Analyze Query Plans" button, which issues EXPLAIN for each query and flags problems.
  - XHPRof: iframe the profile.

Test Plan: Used the new query plan analysis to find missing keys causing table scans, see D627.

Reviewers: jungejason, tuomaspelkonen, aran

CC:

Differential Revision: 628
2011-07-11 12:51:58 -07:00
epriestley
74d57b0a42 Use phabricator_ time functions in more places
Summary:
Replace some more date() calls with locale-aware calls.

Also, at least on my system, the DateTimeZone / DateTime stuff didn't actually
work and always rendered in UTC. Fixed that.

Test Plan:
Viewed daemon console, differential revisions, files, and maniphest timestamps
in multiple timezones.

Reviewed By: toulouse
Reviewers: toulouse, fratrik, jungejason, aran, tuomaspelkonen
CC: aran, toulouse
Differential Revision: 530
2011-06-26 10:38:25 -07:00
epriestley
4acf457431 Merge remote branch 'cadamo/devel'
Conflicts:
	src/__celerity_resource_map__.php
2011-06-20 16:06:03 -07:00
Cristian Adamo
7851b6573f Project list and profile view modifications
Summary: Added some change on the project's list view, to show information about
active tasks, population, etc. Also modified the "profile view", and added a class "PhabricatorProfileView" to render the profile, both on projects and users.

Test Plan: play around the project directory :)

Reviewers: epriestley ericfrenkiel

CC:

Differential Revision: 477
2011-06-20 16:13:44 -03:00
Andrew Toulouse
9b522982fa Add timezone support
Summary:
Allows user-configurable timezones. Adds a preference panel, and migrates to the
new date rendering in easily-modified areas of the code. ***In progress***.

Test Plan:
Check database to make sure the field is being changed when the settings are
changed; check affected views to see how they render times.

Reviewed By: epriestley
Reviewers: epriestley
CC: aran, epriestley, toulouse
Differential Revision: 475
2011-06-18 13:07:43 -07:00
epriestley
b49c5e9762 "Merge Duplicates" in Maniphest
Summary:
Allow duplicate tasks to be selected and merged in Maniphest.

I didn't create a separate transaction type for this because that implies a
bunch of really complicated rules which I don't want to sort out right now
(e.g., do we need to do cycle detection for merges? If so, what do we do when we
detect a cycle?) since I think it's unnecessary to get right for the initial
implementation (my Tasks merge implementation was similar to this and worked
quite well) and if/when we eventually need the metadata to be available in a
computer-readable form that need should inform the implementation.

Plenty of room for improvement here, of course.

Test Plan:
Merged duplicate tasks, tried to perform invalid merge operations (e.g., merge a
task into itself).
Tested existing attach workflows (task -> revision, revision -> task).

Reviewed By: aran
Reviewers: tuomaspelkonen, jungejason, aran
CC: anjali, aran
Differential Revision: 459
2011-06-14 20:44:58 -07:00
epriestley
aa86cf0ed8 Countdown tweaks
Summary:
A few tweaks to hsb's Countdown implementation:

  - Allow the page to be rendered "chromeless", suitable for display on one of
the dozens of monitors everyone has laying around.
  - Show title of countdown in deletion dialog.
  - When creating a new countdown default to time(), not Dec 31, 1969.
  - Add extra "/" after editing to avoid needless redirect.
  - Tweak some page titles.
  - Show countdown author in list view.
  - Highlight tab in list view.
  - Tweak menu copy.
  - Link countdown title in list view, separate buttons into different columns
so they pick up padding.

Test Plan:
Created, edited and deleted a timer. Viewed a timer and toggled chrome mode.
Viewed timer list.

Reviewed By: hsb
Reviewers: hsb, aran, jungejason, tuomaspelkonen
CC: aran, hsb, epriestley
Differential Revision: 454
2011-06-13 18:53:43 -07:00
tuomaspelkonen
501c001520 Added a big warning if reviewer is about to accept a diff with lint or unit
errors.

Summary:
Make sure reviewers know what they are doing.

Test Plan:
Tested with different diffs that had lint and unit problems.

Reviewed By: epriestley
Reviewers: epriestley, jungejason
CC: grglr, aran, epriestley, tuomaspelkonen
Differential Revision: 432
2011-06-13 11:49:31 -07:00
epriestley
eab768f705 Allow projects to be quickly added from the Maniphest task creation interface
Summary:
Provide a quick workflow for adding a new project. This ended up being sort of
complicated because we don't currently put forms in dialogs. I separated the
actual <form /> tag out of the display/layout of AphrontFormView to enable this
(the dialog is itself a form).

Limitations: if you create a new project and then remove it, it won't appear in
the tokenizer until you reload the page. We need to add the ability for the
datasource to drop its cache to enable this, which is super complicated.

Test Plan:
Used "Create new project" to add a new project when creating a task.

Reviewed By: aran
Reviewers: jungejason, tuomaspelkonen, aran
CC: anjali, aran, epriestley
Differential Revision: 422
2011-06-13 10:17:08 -07:00
epriestley
1c5b31d397 Keep menubar from spazzing out in narrow screens
Summary:
If you resize your window to be very narrow, the menu bar spazzes out right now.
Prevent it from developing all sorts of weird internal linewrapping.

Test Plan:
Narrowed my browser window, header didn't spaz out.

Reviewed By: jungejason
Reviewers: aran, jungejason, tuomaspelkonen
CC: aran, jungejason
Differential Revision: 428
2011-06-11 16:01:04 -07:00
epriestley
17306b7a92 Provide basic keyboard navigation support for Differential.
Summary:
ReviewBoard has a fancier version of this feature that's more granular -- the
keyboard can focus on individual changes. I think that's good and intend to
implement something similar, but this gets us a step closer and gets rid of some
of the bookkeeping stuff like making shortcuts discoverable.

(I have another brnach with Maniphest merging which also uses fatcow icons,
which is why the README seems a little out of context.)

Test Plan:
Used "j" and "k" to jump between changesets. Pressed "?" and got a list of
available shortcuts.

Reviewed By: tuomaspelkonen
Reviewers: aran, jungejason, tuomaspelkonen
CC: moskov, aran, epriestley, tuomaspelkonen
Differential Revision: 412
2011-06-09 14:55:44 -07:00
epriestley
48ec1f6d98 Provide basic structure for keyboard shortcuts
Summary: Implements a simple infrastructure for keyboard shortcuts, see T184, and a "help" shortcut.

There's a lot of room for refinement here but I think it basically works. Each shortcut can also provide a "tooltip" handler which allows it to show help when the alt/option key is held down.

Test Plan: Pressed "?" and got help. Pressed "?" in various contexts where it should not activate (modifier keys, text input focused) and didn't get help.

Reviewers: aran, tuomaspelkonen, jungejason

CC: moskov

Differential Revision: 362
2011-06-07 11:23:19 -07:00
epriestley
bfe73f585f Crop screenshot thumbs in Maniphest
Summary:
If you name an attached file something like
"derpderpderpderpderdperdperpereprederpderplolololololo.png", the display
overflows. Crop and shorten it so that it looks decent. Show the full name as
the image title.

Test Plan:
Named a file "derpderpderpderpderdperdperpereprederpderplolololololo.png" and
got a sensible display out of it.

Reviewed By: tuomaspelkonen
Reviewers: tuomaspelkonen, jungejason, aran
CC: aran, tuomaspelkonen
Differential Revision: 389
2011-06-01 15:38:17 -07:00
epriestley
d96d515cc2 Add comment linking to Maniphest and Differential
Summary:
Allows you to link to comments with "D123#3" or "T123#3", then adds a pile of JS
to try to make it not terrible. :/

The thing I'm trying to avoid here is when someone says "look at this!
http://blog.com/#comment-239291" and you click and your browser jumps somewhere
random and you have no idea which comment they meant. Since I really hate this,
I've tried to avoid it by making sure the comment is always highlighted.

Test Plan:
Put T1#1 and D1#1 in remarkup and verified they linked properly.

Clicked anchors on individual comments.

Faked all comments hidden in Differential and verified they expanded on anchor
or anchor change.

Reviewed By: aran
Reviewers: aran, tomo, mroch, jungejason, tuomaspelkonen
CC: aran, epriestley
Differential Revision: 383
2011-05-31 11:11:19 -07:00
epriestley
c7ff835073 Replace "Phabricator" menu text with phabricator logo
Summary:
I ran a 99designs contest and this gear-eye thing was actually pretty okay. All
this stuff needs tweaks but at least it won't render with a big square on
windows anymore.

Test Plan:
Looked at menu, it seemed slightly more legitimate and designey than before?

Reviewed By: jungejason
Reviewers: tuomaspelkonen, jungejason, aran
CC: aran, epriestley, jungejason
Differential Revision: 363
2011-05-29 02:48:14 -07:00
epriestley
cc5a86f75a Reenable login forms for installs with multiple login mechanisms. 2011-05-27 16:34:10 -07:00
epriestley
ce8a406424 Improve file preview in Maniphest
Summary:
Show large thumbnails of attached files in Maniphest.

Test Plan:
Looked at large thumbnails in Maniphest.

Reviewed By: jungejason
Reviewers: tomo, aran, jungejason, tuomaspelkonen
CC: anjali, aran, epriestley, jungejason
Differential Revision: 335
2011-05-27 09:35:56 -07:00
epriestley
109a202b6c Improve drag-and-drop uploader
Summary:
Make it discoverable, show uploading progress, show file thumbnails, allow you
to remove files, make it a generic form component.

Test Plan:
Uploaded ducks

Reviewed By: tomo
Reviewers: aran, tomo, jungejason, tuomaspelkonen
CC: anjali, aran, epriestley, tomo
Differential Revision: 334
2011-05-27 09:34:29 -07:00
tuomaspelkonen
d21a056f1c Multiple comment submissions for a diff is prevented now.
Summary:
It was possible to submit a comment multiple times if the submit
button was pressed more than once quickly. Added javascript code
that disables the button when it is clicked.

Test Plan:
Tried to click the button multiple times very quickly, but the
button was disabled after the first click.

Reviewed By: epriestley
Reviewers: epriestley, jungejason
Commenters: aran
CC: aran, epriestley, tuomaspelkonen
Differential Revision: 337
2011-05-25 12:14:43 -07:00
epriestley
9f65a5efb8 Drag-and-drop upload for Maniphest
Summary:
This needs a bunch of UI polish (critically, it's totally undiscoverable) but it
basically works correctly. I'll clean it up in some followups.

Test Plan:
Uploaded some files via drag-and-drop, made comments, etc.

Reviewed By: aran
Reviewers: tomo, aran, jungejason, tuomaspelkonen
CC: anjali, aran
Differential Revision: 332
2011-05-22 14:47:04 -07:00
epriestley
3f11c8a602 Tweak Maniphest CSS, fix remarkup in description change views
Summary:
Various CSS tweaks and fixes:

  - Add remarkup styling to description change views, missed this before.
  - Fix CSS so that transactions with only one item (e.g., changed priority)
don't have weird floater underneath them.
  - Add more space between transaction items.
  - Make default background color lighter and less heavy.
  - Use beigey color for comment form in Maniphest.
  - Share more CSS between Maniphest and Differential (previews, feedback).
  - Move "Leap Into Action" call to Differential, replace Maniphest with
thematically-consistent "Weigh In" (obviously, Maniphest has a nautical theme).

Test Plan:
Browsed Maniphest and Differential in a couple browsers, styling all seems
correct.

Reviewed By: tomo
Reviewers: tomo, aran, jungejason, tuomaspelkonen
CC: anjali, aran, tomo
Differential Revision: 328
2011-05-22 13:26:55 -07:00
epriestley
f72c1acc63 Lockdown tool directory editing to administrators
Summary:
Someone has "defaced" secure.phabricator.com with a helpful suggestion that I
actually do this; fair enough. :P

Test Plan:
Logged in as myself, unable to edit directory information. Logged out, logged in
as admin, was able to edit directory information.

I need to fix some more CSS stuff since some of these tabs render out hideous in
the admin background, but I can followup with that.

Reviewed By: tuomaspelkonen
Reviewers: aran, jungejason, tuomaspelkonen
Commenters: aran
CC: aran, tuomaspelkonen, epriestley
Differential Revision: 296
2011-05-17 13:17:13 -07:00
epriestley
4b92b2cead Allow revisions to be edited from Maniphest
Summary:
You can currently attach tasks to revisions from Differential, but not revisions
to tasks from Maniphest. Allow editing from either side.

This logic is kind of tricky but the alternative was massive code duplication.

Test Plan:
Added and removed revisions from maniphest. Added and removed tasks from
differential.

This should have no impact on the Facebook install since none of this is used
there.

Reviewed By: aran
Reviewers: tomo, tuomaspelkonen, jungejason, aran
CC: aran, epriestley
Differential Revision: 288
2011-05-16 15:31:46 -07:00
epriestley
f9f8ef0e6e Admin and disabled flags for users
Summary:
Provide an "isAdmin" flag for users, to designate administrative users.

Restore the account editing interface and allow it to set role flags and reset
passwords.

Provide an "isDisabled" flag for users and shut down all system access for them.

Test Plan:
Created "admin" and "disabled" users. Did administrative things with the admin
user. Tried to do stuff with the disabled user and was rebuffed. Tried to access
administrative interfaces with a normal non-admin user and was denied.

Reviewed By: aran
Reviewers: tuomaspelkonen, jungejason, aran
CC: ccheever, aran
Differential Revision: 278
2011-05-12 11:17:50 -07:00
epriestley
e32fd1a871 Correctly focus elements in Workflow dialogs
Summary:
JX.Workflow does a JX.DOM.find() for the sigil __default__, but fails because we
render with phutil_render_tag() instead of javelin_render_tag() so sigils are
not converted correctly.

Test Plan:
Opened an inline comment in differential, got focus on the <textarea />

Reviewed By: tuomaspelkonen
Reviewers: tuomaspelkonen
CC: aran, tuomaspelkonen, epriestley
Differential Revision: 259
2011-05-10 11:28:07 -07:00
epriestley
2a39fd09eb Bring Javelin into Phabricator via git submodule, not copy-and-paste
Summary:
Javelin is currently embedded in Phabricator via copy-and-paste of prebuilt
packages. This is not so great.

Pull it in as a submodule instead and make all the Phabriator resources declare
proper dependency trees. Add Javelin linting.

Test Plan:
I tried to run through pretty much all the JS functionality on the site. This is
still a high-risk change, but I did a pretty thorough test

Differential: inline comments, revealing diffs, list tokenizers, comment
preview, editing/deleting comments, add review action.
Maniphest: list tokenizer, comment actions
Herald: rule editing, tokenizers, add/remove rows

Reviewed By: tomo
Reviewers: aran, tomo, mroch, jungejason, tuomaspelkonen
CC: aran, tomo, epriestley
Differential Revision: 223
2011-05-08 13:20:10 -07:00
epriestley
6229cdadd8 Improve web tools for viewing daemons
Summary:
- Provides an "all daemons" view to look at more than the first 15 daemons.
  - Provides a "combined log" view with a large page size, to quickly look at
the log across all the daemons, making it easier to find issues when you have a
bunch of the same daemon and only one is having issues.
  - When viewing the web console on the same host as a daemon, show whether it's
running or not.

Test Plan:
Clicked the various daemon log interfaces.

Reviewed By: aran
Reviewers: jungejason, tuomaspelkonen, aran
CC: aran
Differential Revision: 215
2011-05-03 06:38:12 -07:00
epriestley
927407c426 Be more explicit about PHID sourcing in PhabricatorObjectSelectorDialog 2011-04-14 18:36:33 -07:00
adonohue
6d20a57ce0 Instant subscribe/unsubscribe
Summary:
No workflow dialog when subscribing or unsubscribing from a Differential
Revision

Test Plan:
Repeatedly subscribe and unsubscribe to a revision. Enter refractory period due
to
speed of page gen.

Reviewed By: epriestley
Reviewers: epriestley
CC: epriestley
Differential Revision: 128
2011-04-12 18:25:46 -07:00
epriestley
675ce22bf4 Allow Maniphest and Differential object lists to be filtered by user. 2011-04-11 02:06:13 -07:00
tuomaspelkonen
d5ee8c792c Modified DarkConsole Error Log to show more detailed information.
Summary:
When function phlog() is called, stacktrace and detailed log information
is shown in DarkConsole.

Test Plan:
Called 'phlog' function from various places in Phabricator and checked that
the debug information was available in DarkConsole.

Reviewed By: epriestley
Reviewers: epriestley
CC: jungejason, epriestley
Differential Revision: 101
2011-04-06 14:30:54 -07:00
tuomaspelkonen
1c6487197f Object selector does live-updates without requiring user to hit 'search'
Summary:
Editing Maniphest tasks for a Differential Revision required user to hit
'search' every time he changed search parameters. Now select and text input
changes trigger search automatically.

Test Plan:
Tested that changing the select and entering text automatically gave the
correct results.

Reviewed By: epriestley
Reviewers: epriestley, jungejason
Commenters: jungejason
CC: epriestley, jungejason
Differential Revision: 102
2011-04-05 15:24:10 -07:00
epriestley
23f882a0ee Some owners write workflows. 2011-04-03 22:03:27 -07:00
epriestley
5038ab850c Some owners read workflows. 2011-04-03 19:20:47 -07:00
epriestley
4993bb9a9b AphrontListFilterView, for list filtering. 2011-04-03 15:50:06 -07:00