1
0
Fork 0
mirror of https://we.phorge.it/source/phorge.git synced 2024-11-24 15:52:41 +01:00
Commit graph

8675 commits

Author SHA1 Message Date
Bob Trahan
786232c4bc Diffusion - default hosting options on during repository creation
Summary: ...if pertinent environment variables are set that is... Fixes T4151. This is the last piece in making repository creation somewhat easier.

Test Plan: made a new repo and noted that http serving was on r/w and ssh serving was still off, as expected for my environment configuration

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: Korvin, epriestley

Maniphest Tasks: T4151

Differential Revision: https://secure.phabricator.com/D10839
2014-11-12 10:25:08 -08:00
epriestley
120a7d9164 Improve Phriction page move dialog
Summary:
Fixes T5492. I figured this would be easier to just fix than write a guide for; it actually took me an hour, but I spent like 75% of that futzing with my editor.

  - The Move controller currently accepts either a slug or an ID. I can't find any callsites which pass a slug, and this doesn't make sense. Pretty sure this was copy/pasted from Edit or something. Only accept IDs.
  - Slightly modernize the Move controller (newDialog(), handleRequest(), $viewer).
  - When the user enters a bad slug, warn them that we're going to fix it for them and let them accept or reject the changes.
  - Don't prefill the edit note (this feels inconsistent/unusual).
  - On the form, label the input "Path" instead of "URI".
  - Show the old path, to help remind the user what the input should look like.
  - When a user tries to do a no-op move, show a more tailored message.
  - When the user tries to do an overwriting move, explain how they can fix it.
  - When normalizing a slug like `/question/???/mark/`, make it normalize to `/question/_/mark`.

Test Plan:
  - Tried to move a document to itself.
  - Tried to overwrite a document.
  - Did a bad-path move, accepted corrected path.
  - Did a good-path move.
  - Did a path move with a weird component like `/???/`.
  - Added and executed unit tests.

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: epriestley

Maniphest Tasks: T5492

Differential Revision: https://secure.phabricator.com/D10838
2014-11-12 07:04:51 -08:00
epriestley
99bcf06c62 Fix minor issues with PhrictionDocumentQuery
Summary:

  - Order checks used `=` but intended `==`. We could probably write a lint rule for this.
  - Selecting `*` with a join could pick (for example) `id` columns from both the document and content tables and end up using the wrong one.
  - `%Q` expects a string and chokes on `null`.

Auditors: btrahan
2014-11-11 18:49:53 -08:00
lkassianik
8e1a4eef04 T4666, Support Herald in Phriction
Summary: Fixes T4666, add Herald rules to Phriction Documents

Test Plan: add Herald rule to flag if title contains "xyz", create Phriction Document with title "xyz". Phriction Document should be flagged.

Reviewers: epriestley, #blessed_reviewers

Reviewed By: epriestley, #blessed_reviewers

Subscribers: Korvin, epriestley

Maniphest Tasks: T4666

Differential Revision: https://secure.phabricator.com/D10830
2014-11-11 18:29:36 -08:00
lkassianik
95df7717c3 Ref T6500, Duplicated tasks should be marked more visibly as duplicates
Summary: When merging tasks, the corresponding transaction on the merged task should be black, and the transaction on the ultimate task should be green.

Test Plan: Create two tasks, merge one into the other, merged task transaction is black, the surviving task should show a green transaction.

Reviewers: epriestley, #blessed_reviewers

Reviewed By: epriestley, #blessed_reviewers

Subscribers: chad, Korvin, epriestley

Maniphest Tasks: T6500

Differential Revision: https://secure.phabricator.com/D10827
2014-11-11 18:25:27 -08:00
Bob Trahan
36c46d80f5 Phriction - fix "unknown policy" on document create
Summary: when creating new documents the policy object wasn't being initialized properly. update the code to use the new handy initializeNewDocument method. Fixes T6527.

Test Plan: viewed a doc at /w/asdsadsadsdas/ and saw the correct policy setting

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: Korvin, epriestley

Maniphest Tasks: T6527

Differential Revision: https://secure.phabricator.com/D10837
2014-11-11 18:16:05 -08:00
epriestley
ac87ab275a Fix Phriction document migration after project magic removal
Summary: See <https://github.com/phacility/phabricator/issues/760>. We removed these methods in D10832 but still need the migration to be able to do project checks.

Test Plan: Ran on a test wiki with `/`, `/projects/` and `/projects/example/`. The first two pages didn't try to use project policies; the third one did.

Reviewers: btrahan, chad

Reviewed By: chad

Subscribers: epriestley

Differential Revision: https://secure.phabricator.com/D10836
2014-11-11 17:55:27 -08:00
Bob Trahan
755c518631 Config migration script bug fix
Summary: i think way back in D10490 I didn't incorporate feedback correctly. make this code right as it fatals in this codepath as is. Fixes T6508.

Test Plan: @joshuaspence to the rescue  (I remain unable to test this effectively with my baby-clean installation.)

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: Korvin, epriestley, joshuaspence

Maniphest Tasks: T6508

Differential Revision: https://secure.phabricator.com/D10833
2014-11-11 15:05:57 -08:00
Bob Trahan
b462a80cca Phriction - kill off rest of project integration
Summary: we don't need this stuff no mo'.  Fixes T6506.

Test Plan: cruised the wiki, noting workingess

Reviewers: chad, epriestley

Reviewed By: epriestley

Subscribers: Korvin, epriestley

Maniphest Tasks: T6506

Differential Revision: https://secure.phabricator.com/D10832
2014-11-11 13:45:16 -08:00
Bob Trahan
9252d2a579 Phriction - stop leaking document titles you can't see
Summary: Fixes T6495. convert ad hoc query to a PhrictionDocumentQuery, thus enforcing view permissions

Test Plan: noted my test user a had a great wiki while test user b couldn't see most things.

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: Korvin, epriestley

Maniphest Tasks: T6495

Differential Revision: https://secure.phabricator.com/D10822
2014-11-11 13:18:37 -08:00
Chad Little
ce030f0e21 Minor, style multiple blockquote levels in Remarkup
Summary: Adds minor styling

Test Plan:
quote lots of comments

{F232592}

Reviewers: btrahan, epriestley

Reviewed By: epriestley

Subscribers: Korvin, epriestley

Differential Revision: https://secure.phabricator.com/D10829
2014-11-11 09:55:06 -08:00
Chad Little
d0f477f170 Clean up line-height on feed stories
Summary: Resets line-height, removes unused CSS.

Test Plan: Test long paragraphs in feed stories.

Reviewers: btrahan, epriestley

Reviewed By: epriestley

Subscribers: Korvin, epriestley

Differential Revision: https://secure.phabricator.com/D10828
2014-11-11 08:26:49 -08:00
epriestley
af6ffd8c7b Allow Almanac devices to have SSH keys
Summary: Ref T5833. Expose a key management interface for Almanac devices.

Test Plan: {F231962}

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: epriestley

Maniphest Tasks: T5833

Differential Revision: https://secure.phabricator.com/D10825
2014-11-11 08:20:08 -08:00
Evan Priestley
32cdc23efc Separate SSH key management from the settings panel
Summary:
Ref T5833. I want to add SSH keys to Almanac devices, but the edit workflows for them are currently bound tightly to users.

Instead, decouple key management from users and the settings panel.

Test Plan:
  - Uploaded, generated, edited and deleted SSH keys.
  - Hit missing name, missing key, bad key format, duplicate key errors.
  - Edited/generated/deleted/etc keys for a bot user as an administrator.
  - Got HiSec'd on everything.

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: epriestley

Maniphest Tasks: T5833

Differential Revision: https://secure.phabricator.com/D10824
2014-11-11 08:18:26 -08:00
Merlijn van Deen
ce55bb1d96 Add icon, color and profile image to project.query
Summary:
 - The icon CSS tag is transformed through the new function
   PhabricatorProjectIcon::getAPIName($key), which returns
   a name without fa-.

 - Color is a trivial lookup
 - Profile image returns the PHID or null if not available

Test Plan:
 - Create two projects, with different icon and color,
   one with and one without profile image.
 - Request information on both using project.query
Then:
 [ ] Confirm icon and colors are correct for both projects
 [ ] Confirm image PHID is correct
 [ ] Confirm image PHID is null for the project without image

Reviewers: #blessed_reviewers, epriestley

Reviewed By: #blessed_reviewers, epriestley

Subscribers: yuvipanda, Korvin, legoktm, epriestley

Maniphest Tasks: T6501

Differential Revision: https://secure.phabricator.com/D10823
2014-11-09 11:37:23 -08:00
Bob Trahan
6f971a0fc4 Phriction - if you can't edit x/y don't allow creating x/y/z
Summary: ...how do you lock down entire areas otherwise? Fixes T6496.

Test Plan: used user 1 to create x/y that user 2 can't edit. tried to create x/y/z as user 2 and got a big ole error dialogue.

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: Korvin, epriestley

Maniphest Tasks: T6496

Differential Revision: https://secure.phabricator.com/D10819
2014-11-08 18:12:21 -08:00
Bob Trahan
b655699a6c Phriction - sever remaining project ties
Summary: 'cuz the wiki don't play that no more. Fixes T6497. This is mainly important to fix an incorrect policy filtering issue where a project policy can incorrectly override a document policy. Otherwise, it makes things nice and clean.

Test Plan:
- viewed the wiki - success.
- viewed wiki document list under "index" and tried a few different queries
- grep'd for things like "hasProject" and "getProject" and saw no phriction-related results

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: Korvin, epriestley

Maniphest Tasks: T6497

Differential Revision: https://secure.phabricator.com/D10818
2014-11-07 22:34:06 -08:00
Joshua Spence
bcd78716df Make ./bin/diviner generate more fault tolerant
Summary: Allow `./bin/diviner generate` to continue even if there is an exception throw processing an atom. This allows Diviner documentation to be generated for PHP source code that cannot be parsed with XHPAST.

Test Plan: Ran `./bin/diviner generate` on a PHP repository which previously throw an `XHPASTSyntaxErrorException`.

Reviewers: btrahan, epriestley, #blessed_reviewers

Reviewed By: epriestley, #blessed_reviewers

Subscribers: Korvin, epriestley

Differential Revision: https://secure.phabricator.com/D10803
2014-11-08 14:08:07 +11:00
Chad Little
97f05d6ab8 Add HiDPI favicons
Summary: Fixes T5939. Specifically, 16, 32, and 64 bit pngs are in the .ico file. Apple icons are added to support non-Retina and Retina iPad and iPhone. Follows roughly Apple guidelines here: https://developer.apple.com/library/ios/documentation/AppleApplications/Reference/SafariWebContent/ConfiguringWebApplications/ConfiguringWebApplications.html

Test Plan:
Tested Chrome, Firefox on Mac. Much cleaner on Retina.

{F230715,size=full}

Reviewers: btrahan, epriestley

Reviewed By: epriestley

Subscribers: Korvin, epriestley

Maniphest Tasks: T5939

Differential Revision: https://secure.phabricator.com/D10796
2014-11-07 17:07:38 -08:00
Bob Trahan
796428c810 Owners / Audit - restore link to view audits related to an owners package.
Summary: Fixes T5387. I broke this in D8805. Fix it by using the application search parameters that D8805 introduced.

Test Plan: verified that the two links mentioned in T5387 worked for me. Also tried manual links on secure.phabricator.com and those showed the right data even...!

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: Korvin, epriestley

Maniphest Tasks: T5387

Differential Revision: https://secure.phabricator.com/D10817
2014-11-07 16:45:59 -08:00
epriestley
3fa8b152b6 Make the default Phriction view migration policy just "Users"
This is consistent with the old policy and more consistent with how other
objects have been migrated into policies.

Auditors: btrahan
2014-11-07 15:46:02 -08:00
epriestley
2e13a31722 Make Phriction policy migration even more robust
We have at least one project with `null` as a viewPolicy. This should get
sorted out separately, but make the migration robust against it.

Auditors: btrahan
2014-11-07 15:44:19 -08:00
epriestley
3d44941373 Minor, make Phriction migration a little more robust
On secure.phabricator.com, we have at least one page with a bad project slug
from long ago. Make the migration recover in this case.

Auditors: btrahan
2014-11-07 15:43:29 -08:00
Bob Trahan
c8d20d3c66 Phriction - policy front end changes
Summary:
Ref T4029. Fixes T6034.

Various front-end miscellania here. See D10814#96251. This more or less makes policy work but I am not going to call it "fixed" here since we need D10814 to be deployed too and will do that manually.

Test Plan:
- changed document policy from web ui and changes persisted
- changed document policy from web and had form error and changes persisted
- created a structure like users/users/justmyuserpolicy and made sure another user could delete the users/users/ doc
- moved a doc from a to b and verified policy persisted
- verified stub documents inherited policy of the document that stub them...!
- uploaded a file and verified that it 1) had the permissions of the page it was added to and 2) had an "attached" tab linking back to the page on the file page (this means T6034 is fixed with this)

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: Korvin, epriestley

Maniphest Tasks: T6034, T4029

Differential Revision: https://secure.phabricator.com/D10816
2014-11-07 15:36:58 -08:00
Bob Trahan
8a3b1b9730 Phriction - add viewPolicy and editPolicy back-end data
Summary: Ref T4029. this diff makes the pertinent database changes AND adds the migration script. This is important to get the data backend straightened away before we fully ship T4029. Next diff will expose the edit controls for these policies and whatever else work is needed to get that part done right.

Test Plan: made sure the lone project page on my wiki had a project with restrictive view policy. Post migration verified correct policy applied to this lone project page AND most open policy applied to the others

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: Korvin, epriestley

Maniphest Tasks: T4029

Differential Revision: https://secure.phabricator.com/D10814
2014-11-07 15:35:28 -08:00
epriestley
bf17b12daf Standardize SSH key storage
Summary:
Ref T5833. This fixes a few weird things with this table:

  - A bunch of columns were nullable for no reason.
  - We stored an MD5 hash of the key (unusual) but never used it and callers were responsible for manually populating it.
  - We didn't perform known-key-text lookups by using an index.

Test Plan:
  - Ran migrations.
  - Faked duplicate keys, saw them clean up correctly.
  - Added new keys.
  - Generated new keys.
  - Used `bin/auth-ssh` and `bin/auth-ssh-key`.

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: epriestley

Maniphest Tasks: T5833

Differential Revision: https://secure.phabricator.com/D10805
2014-11-07 15:34:44 -08:00
epriestley
a17a368692 Apply storage adjustments as part of storage upgrade
Summary:
Fixes T1191. I'll write up the changelog with notes about this and open a feedback task for followups.

When you run `storage upgrade`, automatically run `storage adjust` afterward. Provide a flag to disable this.

This brings everyone into the utf8mb4 world.

Test Plan: Ran `bin/storage upgrade` with various flags. Ran `bin/storage adjust`.

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: epriestley

Maniphest Tasks: T1191

Differential Revision: https://secure.phabricator.com/D10800
2014-11-07 14:25:32 -08:00
Chad Little
4307d6816d Linkify Registration Email
Summary: Missed this in previous pass. Send these as links in HTML emails.

Test Plan: Register a new user that nees approval.

Reviewers: btrahan, epriestley

Reviewed By: epriestley

Subscribers: Korvin, epriestley

Differential Revision: https://secure.phabricator.com/D10815
2014-11-07 14:16:30 -08:00
epriestley
fbc175aa6e Force Differential draft uniqueness
Summary: Ref T1191. A couple of installs have hit issues with this table, so clean it up before adjustment adds a unique key to it.

Test Plan: Dropped key, added duplicate rows, ran patch, got cleanup, ran adjust to get the key back.

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: epriestley

Maniphest Tasks: T1191

Differential Revision: https://secure.phabricator.com/D10799
2014-11-07 12:30:00 -08:00
epriestley
dbef5660fc Update the quickstart.sql
Summary:
Ref T1191. Use `storage quickstart` to regenerate `quickstart.sql` using modern schema construction statements.

This puts new installs into utf8mb4 mode immediately without requiring storage adjustment.

Test Plan:
  - Ran `arc unit --everything`, which uses quickstart.
  - Ran `bin/storage upgrade --namespace temp`, to quickstart a new namespace.
  - Ran `bin/storage upgrade --namespace temp --disable-utf8mb4`, to quickstart a new namespace without utf8mb4 support.

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: epriestley

Maniphest Tasks: T1191

Differential Revision: https://secure.phabricator.com/D10797
2014-11-07 12:29:24 -08:00
epriestley
5372fb772c Unindent various links
Summary: @btrahan asked about this but I gave the wrong answer. These
currently do not turn into links. I think they might have in the past,
but if they did the rule is a little weird and feels specific to my
use. We can reexamine this at some point, but for now just make the
links work in a normal, reasonable sort of way.

Auditors: btrahan
2014-11-07 12:26:20 -08:00
epriestley
8b4a1b693f Minor, fix some article titles
Summary: Didn't actually click these.
2014-11-07 12:19:36 -08:00
Bob Trahan
6db25aa41c Phriction - add "create" conduit endpoint
Summary: Fixes T6262. Ref T4029. Also gets us ready for T5873 for these end points. I can file something new about someday adding phriction.query, etc but I think we'll remember and can look at that post T5873.

Test Plan: made a document via conduit and it worked!

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: Korvin, epriestley

Maniphest Tasks: T6262, T4029

Differential Revision: https://secure.phabricator.com/D10813
2014-11-07 11:46:25 -08:00
Bob Trahan
b538611e29 Phriction - move "move" business logic to the editor
Summary: Ref T4029. Even more code consolidation and cleanup for the long term benefits!

Test Plan: moved a page successfully. tried to move a page to an existing page and got an error. did the two tab trick to try to move a deleted page and got an error.

Reviewers: chad, epriestley

Reviewed By: epriestley

Subscribers: Korvin, epriestley

Maniphest Tasks: T4029

Differential Revision: https://secure.phabricator.com/D10812
2014-11-07 11:45:49 -08:00
epriestley
3b26fe8c05 Improve install documentation a bit
Summary:
  - Warn users that they'll need to be comfortable with the CLI.
  - Move XHProf stuff to the developer docs, since few/no normal users need it.

Test Plan: Read documentation.

Reviewers: btrahan, chad

Reviewed By: chad

Subscribers: epriestley

Differential Revision: https://secure.phabricator.com/D10810
2014-11-07 10:17:21 -08:00
epriestley
31b4d39003 Narrow scope of support documentation
Summary:
  - Direct users to detailed bug report / feature reuqest documents.
  - Move "get more info" and "unreproducible problems" to bug reporting document.
  - Stop telling users to email us, and strongly encourage them to use primary channels.

Test Plan: Read documentation.

Reviewers: btrahan, chad

Reviewed By: btrahan, chad

Subscribers: epriestley

Differential Revision: https://secure.phabricator.com/D10808
2014-11-07 10:17:06 -08:00
Chad Little
bcb360ea2b Fix HTML email section breaks
Summary: Fixes T6481. Provides better section handling.

Test Plan:
Test an email with multiple sections, multiple mail platforms.

{F231022}

Reviewers: btrahan, epriestley

Reviewed By: epriestley

Subscribers: Korvin, epriestley

Maniphest Tasks: T6481

Differential Revision: https://secure.phabricator.com/D10811
2014-11-07 10:15:28 -08:00
Bob Trahan
622eaac9ed Phriction - move delete business logic from controlller to editor
Summary: Ref T4029. More cleanup and code consolidation for the long terms benefits.

Test Plan: found a document and opened up two browser tabs. Loaded delete dialog on both. Completed delete in one tab and noted document was properly deleted. Tried to complete delete in tab 2 and got an error message.

Reviewers: chad, epriestley

Reviewed By: epriestley

Subscribers: Korvin, epriestley

Maniphest Tasks: T4029

Differential Revision: https://secure.phabricator.com/D10809
2014-11-07 10:03:20 -08:00
epriestley
aa0ca6fe4c Make user emails case-insensitive
Summary: Ref T1191. Same deal as D10786. These were previously case-insensitive, but changed to a case-sensitive column type.

Test Plan: Ran `bin/storage adjust` and got and adjustment.

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: webframp, epriestley

Maniphest Tasks: T1191

Differential Revision: https://secure.phabricator.com/D10806
2014-11-07 09:48:31 -08:00
epriestley
e58259b4f5 Retroactively populate Phriction mailKey column
Summary:
Fixes T6487. Ref T1191. Ref T4029. D10756 introduced, but did not populate, this column. This can cause it to fill with `"\0\0\0..."` after adjustment.

Regardless of the adjustment issue, it's nice to populate this column anyway because there's no fundamental reason an object can't have mail sent about it without being saved first, even though it may not practically be possible in the codebase today.

Test Plan:
  - Ran `storage upgrade`, saw the column populate for older documents.
  - Forced a couple of keys to bad values (too short or with "\0") and saw the migration fix them.

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: epriestley

Maniphest Tasks: T4029, T1191, T6487

Differential Revision: https://secure.phabricator.com/D10804
2014-11-07 09:48:15 -08:00
Bob Trahan
677e161865 Phriction - fix bug with delete
Summary: Fixes T6489. In an earlier diff I forgot to update the document status itself, thinking that the content update percolated up magically. Restore this functionality so the wiki works better.

Test Plan: deleted a document and observed that i did not get the option to delete it again and it disappeared from document index

Reviewers: epriestley, chad

Reviewed By: chad

Subscribers: Korvin, epriestley

Maniphest Tasks: T6489

Differential Revision: https://secure.phabricator.com/D10807
2014-11-07 09:08:02 -08:00
Chad Little
c1540434f7 Fix hover on new logo
Summary: I scoped this wrong and didn't test.

Test Plan: Hover on logo

Reviewers: btrahan, epriestley

Reviewed By: epriestley

Subscribers: Korvin, epriestley

Differential Revision: https://secure.phabricator.com/D10801
2014-11-06 14:31:30 -08:00
Bob Trahan
37bc0474fe Phriction - consolidate edit business logic into Editor
Summary:
Ref T4029. Some business logic lives outside the editor. This revision moves that logic from the edit controller into the editor proper. This makes re-using that business logic across other endpoints - say like a conduit end point - possible. This is also part of the general modernization quest for phriction I am on.

This diff also restores the functionality where you can delete a document by wiping out the content and saving.

Test Plan: tried to make a document with no title or content and saw errors. opened a document for edit with user 1, then made edits with user 2, then saw an error when i made the edit with user 1. clicking "overwrite changes" then worked.  deleted a document by wiping out the body and clicking save.

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: Korvin, epriestley

Maniphest Tasks: T4029

Differential Revision: https://secure.phabricator.com/D10795
2014-11-06 14:02:52 -08:00
Bob Trahan
9f8dde9cf6 Phriction - kill the old PhrictionDocumentEditor
Summary:
Ref T4029. Long live PhrictionTransactionEditor...! this means that all existing functionality runs 100% through the modern transactions + editor framework. this diff does a few things in sum

 - kills the old editor
 - moves conduit-based edits to new editor
 - moves stubbing out documents to new editor
 - deletes moving of wiki docs for projects functionality... (T4021#59511 is a better bigger battle plan here.)

Test Plan: edited a phriction document via conduit and it worked. created a new phriction document /that/was/deep/ and verified ancestral documents were properly stubbed out. changed a project name and noted no wiki page moves.

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: Korvin, epriestley

Maniphest Tasks: T4029

Differential Revision: https://secure.phabricator.com/D10792
2014-11-06 14:01:06 -08:00
epriestley
e29955b48d Move SSHKey table to Auth database
Summary: Ref T5833. Since these will no longer be bound specifically to users, bring them to a more central location.

Test Plan:
  - Edited SSH keys.
  - Ran `bin/ssh-auth` and `bin/ssh-auth-key`.

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: epriestley

Maniphest Tasks: T5833

Differential Revision: https://secure.phabricator.com/D10791
2014-11-06 12:37:22 -08:00
epriestley
6f0d3b0796 Add a query/policy layer on top of SSH keys for Almanac
Summary:
Ref T5833. Currently, SSH keys are associated only with users, and are a bit un-modern. I want to let Almanac Devices have SSH keys so devices in a cluster can identify to one another.

For example, with hosted installs, initialization will go something like this:

  - A request comes in for `company.phacility.com`.
  - A SiteSource (from D10787) makes a Conduit call to Almanac on the master install to check if `company` is a valid install and pull config if it is.
  - This call can be signed with an SSH key which identifies a trusted Almanac Device.

In the cluster case, a web host can make an authenticated call to a repository host with similar key signing.

To move toward this, put a proper Query class on top of SSH key access (this diff). In following diffs, I'll:

  - Rename `userPHID` to `objectPHID`.
  - Move this to the `auth` database.
  - Provide UI for device/key association.

An alternative approach would be to build some kind of special token layer in Conduit, but I think that would be a lot harder to manage in the hosting case. This gives us a more direct attack on trusting requests from machines and recognizing machines as first (well, sort of second-class) actors without needing things like fake user accounts.

Test Plan:
  - Added and removed SSH keys.
  - Added and removed SSH keys from a bot account.
  - Tried to edit an unonwned SSH key (denied).
  - Ran `bin/ssh-auth`, got sensible output.
  - Ran `bin/ssh-auth-key`, got sensible output.

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: epriestley

Maniphest Tasks: T5833

Differential Revision: https://secure.phabricator.com/D10790
2014-11-06 12:37:02 -08:00
Chad Little
3ea31c92b9 Break logo/name into replaceable parts
Summary: Ref T4214, this breaks the 'eye' out as a separate image 40px x 40px. We also now show the eye on mobile, as we have enough room for both currently.

Test Plan: Tested default and nightmaremoon colors, tested mobile, tablet and desktop layouts.

Reviewers: btrahan, epriestley

Reviewed By: epriestley

Subscribers: Korvin, epriestley

Maniphest Tasks: T4214

Differential Revision: https://secure.phabricator.com/D10794
2014-11-06 09:23:17 -08:00
Bob Trahan
351f4722d9 Conpherence - fix fatal on list view for 100+ messages
Summary: Fixes T6480. @epriestley is very popular and has over 100 messages, thus triggering this issue. fix the typo because bugs are bad.

Test Plan: set limit to 1, observed fatal, applied patch and fatal went away

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: Korvin, epriestley

Maniphest Tasks: T6480

Differential Revision: https://secure.phabricator.com/D10793
2014-11-05 17:31:53 -08:00
epriestley
6a5369b173 Add an extensible "SiteSource" for configuration
Summary:
Fixes T2792. This adds a pluggable configuration layer between all the stuff on disk (local/file) and the runtime configurable stuff (database).

An install can subclass this source and:

  - For Phacility, query a remote service (like Almanac) to retrieve hostname-based configuration, allowing one install to serve multiple instances.
  - Maybe for Phacility, query a remote service (like Phlux) to retrieve sitevar-like configuration (e.g., put everything in readonly mode to deal with a maintenance issue?). Not sure if we'll do this or not. We might just nuke Phlux since Almanac is sort-of-a-superset of it for our purposes.
  - For third parties, query some other remote service if that makes config management easier. In particular, it would theoretically let you put locked config in Zookeeper or whatever else you want.

Test Plan: Added a fake source and saw it inject configuration.

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: epriestley

Maniphest Tasks: T2792

Differential Revision: https://secure.phabricator.com/D10787
2014-11-05 15:30:40 -08:00
epriestley
2b495f1f03 Implement PhabricatorProjectInterface on Almanac Services and Devices
Summary:
Ref T5833. Allow services and devices to be tagged with projects.

(These fluff apply implementations are a good example of the issue discussed in T6403.)

Test Plan: {F229569}

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: epriestley

Maniphest Tasks: T5833

Differential Revision: https://secure.phabricator.com/D10782
2014-11-05 15:30:00 -08:00