1
0
Fork 0
mirror of https://we.phorge.it/source/phorge.git synced 2024-11-28 17:52:43 +01:00
Commit graph

292 commits

Author SHA1 Message Date
vrana
a22ef4e9b4 Kill most of phutil_escape_html()
Summary:
This resolves lots of double escaping.
We changed most of `phutil_render_tag(, , $s)` to `phutil_tag(, , $s)` which means that `$s` is now auto-escaped.
Also `pht()` auto escapes if it gets `PhutilSafeHTML`.

Test Plan: None.

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, Korvin

Maniphest Tasks: T2432

Differential Revision: https://secure.phabricator.com/D4889
2013-02-11 15:27:38 -08:00
vrana
9b8da73765 Convert AphrontTableView to safe HTML
Summary:
Lots of killed `phutil_escape_html()`.

Done by searching for `AphrontTableView` and then `$rows` (usually) backwards.

Test Plan:
Looked at homepage.

  echo id(new AphrontTableView(array(array('<'))))->render();

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, Korvin

Differential Revision: https://secure.phabricator.com/D4884
2013-02-09 15:11:38 -08:00
vrana
58b6e2cac6 Convert AphrontDialogView to safe HTML
Summary:
Done by searching for `AphrontDialogView` and then `appendChild()`.

Also added some `pht()`.

Test Plan: None.

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, Korvin

Differential Revision: https://secure.phabricator.com/D4882
2013-02-09 15:11:35 -08:00
vrana
d817dfa8fc Convert some phutil_escape_html() to hsprintf()
Summary: Found by `sgrep_php -e '"...".phutil_escape_html(...)'`.

Test Plan:
/
/D1
/uiexample/
/countdown/1/
/herald/transcript/1/all/

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, Korvin

Maniphest Tasks: T2432

Differential Revision: https://secure.phabricator.com/D4869
2013-02-08 15:59:02 -08:00
vrana
afc5333bb3 Convert AphrontFormView to safe HTML
Summary: Searched for `AphrontFormView` and then for `appendChild()`.

Test Plan: /login/

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, Korvin

Maniphest Tasks: T2432

Differential Revision: https://secure.phabricator.com/D4855
2013-02-07 18:01:00 -08:00
epriestley
11bb8db970 Merge branch 'master' into phutil_tag
(Sync.)
2013-02-07 08:08:01 -08:00
vrana
6bb7a282b1 Convert AphrontFormControl to safe HTML
Summary: Everything here now should properly handle plain strings and safe HTML.

Test Plan: /settings/panel/display/

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, Korvin

Maniphest Tasks: T2432

Differential Revision: https://secure.phabricator.com/D4826
2013-02-05 15:52:46 -08:00
vrana
be4662e667 Convert setCaption() to safe HTML
Test Plan: /settings/panel/display/

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, Korvin

Maniphest Tasks: T2432

Differential Revision: https://secure.phabricator.com/D4824
2013-02-05 15:52:43 -08:00
Bob Trahan
cb38ab27ce fix find / replace error from addressing feedback in D4708. now links to tasks work again. 2013-02-05 13:48:31 -08:00
Bob Trahan
1d0058abcf Update PeopleMenu to only show integration with applications if they are installed
Summary: do so via event engine. note different order now...

Test Plan: toggled "show beta applications" to off and noted that Conpherence disappeared. Otherwise noted that links showed.

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, Korvin

Maniphest Tasks: T2424

Differential Revision: https://secure.phabricator.com/D4708
2013-02-05 13:46:02 -08:00
epriestley
8f1311bbc1 Merge branch 'master' into phutil_tag
(Final sync.)
2013-02-05 10:23:16 -08:00
Bob Trahan
112c2ebfbe make sort controls only show up if sorting will work
Summary: T2326 tells the tale. this is the fix.

Test Plan: verified that queries that shouldn't be sortable weren't. also had a phlog in there a bit to sanity check things faster

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, Korvin

Maniphest Tasks: T2326

Differential Revision: https://secure.phabricator.com/D4816
2013-02-04 18:59:46 -08:00
epriestley
95d37af5d9 render_tag -> tag: fix some more callsites
Summary:
  - Crumbs is straightforward.
  - Maniphest does a lot of string construction which isn't i18n or safehtml aware. I cheated under the theory that we'll resolve this properly in {T2217}.

Test Plan: Looked at crumbs and Maniphest.

Reviewers: vrana

Reviewed By: vrana

CC: aran

Maniphest Tasks: T2432

Differential Revision: https://secure.phabricator.com/D4748
2013-01-31 09:07:31 -08:00
epriestley
607fca98df render_tag -> tag: Maniphest summary view, setup issue view
Summary: One trivial, one not-so-trivial.

Test Plan: Viewed maniphest list; saw expected output.

Reviewers: vrana

Reviewed By: vrana

CC: aran

Maniphest Tasks: T2432

Differential Revision: https://secure.phabricator.com/D4725
2013-01-30 11:26:03 -08:00
epriestley
40547030a5 render_tag -> tag: PropertyListView
Summary: Converts callsites in PropertyListView (addDetail() and setTextContent()).

Test Plan: Grepped for PhabricatorPropertyListView, addDetail() and setTextContent().

Reviewers: vrana

Reviewed By: vrana

CC: aran

Maniphest Tasks: T2432

Differential Revision: https://secure.phabricator.com/D4695
2013-01-29 11:01:47 -08:00
epriestley
caa7fcef58 render_tag -> tag: more miscellaenous easy cases
Summary: These all yeilded fairly easily.

Test Plan: Inspection / loaded pages.

Reviewers: vrana

Reviewed By: vrana

CC: aran

Maniphest Tasks: T2432

Differential Revision: https://secure.phabricator.com/D4694
2013-01-28 18:46:48 -08:00
epriestley
3093d1663d Add javelin_tag(), convert easy callsites
Summary:
  - Implements `javelin_tag()`, which is `javelin_render_tag()` on top of `phutil_tag()` instead of `phutil_render_tag()`.
  - Manually converts all or almost all of the trivial callsites.

Test Plan:
  - Site does not seem any more broken than before.

Reviewers: vrana

Reviewed By: vrana

CC: aran

Differential Revision: https://secure.phabricator.com/D4639
2013-01-25 12:57:17 -08:00
vrana
21a5956a35 Convert phutil_render_tag(X, Y, pht('...')) to phutil_tag
Summary:
Created with spatch:

  lang=diff
  - phutil_render_tag
  + phutil_tag
    (X, Y, pht('...'))

The searched for `<` and `&` by sgrep.

Test Plan: Loaded homepage.

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, Korvin

Differential Revision: https://secure.phabricator.com/D4504
2013-01-24 19:20:30 -08:00
vrana
20768d65d5 Convert phutil_render_tag(X, Y, '...') to phutil_tag
Summary:
Created with spatch:

  lang=diff
  - phutil_render_tag
  + phutil_tag
    (X, Y, '...')

Then searched for `&` and `<` in the output and replaced them.

Test Plan: Loaded homepage.

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, Korvin

Differential Revision: https://secure.phabricator.com/D4503
2013-01-24 19:20:27 -08:00
vrana
48561a8b1f Convert phutil_render_tag(X, Y, phutil_escape_html(Z)) to phutil_tag
Summary:
Created with spatch:

  lang=diff
  - phutil_render_tag
  + phutil_tag
    (X, Y,
  - phutil_escape_html(
    Z
  - )
    )

Test Plan: Loaded homepage

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, Korvin

Differential Revision: https://secure.phabricator.com/D4501
2013-01-24 19:08:55 -08:00
vrana
f8dbfdd59d Convert phutil_render_tag(X, Y) to phutil_tag
Summary:
Created with spatch:

  lang=diff
  - phutil_render_tag
  + phutil_tag
    (X, Y)

(and null manually)

Test Plan: Loaded homepage

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, Korvin

Differential Revision: https://secure.phabricator.com/D4500
2013-01-24 19:08:54 -08:00
Chad Little
d3323d0b3d Maniphest Detail view for mobile.
Summary: I try to access tasks a lot on my phone, but its hard to parse. I'm sure most of this will get tossed with new transactions, but wanted to land it anyways.

Test Plan: Test ticket details on iOS simulator and Chrome.

Reviewers: epriestley, btrahan

Reviewed By: epriestley

CC: aran, Korvin

Differential Revision: https://secure.phabricator.com/D4619
2013-01-24 16:29:47 -08:00
Chad Little
47a81aa9c4 Make Create Task mobile friendly, pht'd
Summary: Allows Create Task to render using mobile targeting. pht added where found.

Test Plan: Tested in iOS simulator and in Chrome.

Reviewers: epriestley, btrahan

Reviewed By: epriestley

CC: aran, Korvin

Differential Revision: https://secure.phabricator.com/D4584
2013-01-22 14:03:10 -08:00
Chad Little
849dc086e4 Ability to "Create X" from wide sidebar buttons
Summary: Shorten home to 240, 3 items wide, add create button for certain wide apps.

Test Plan: Test in FF, Chrome, IE8/9

Reviewers: epriestley, btrahan, codeblock

Reviewed By: epriestley

CC: aran, Korvin, vrana

Differential Revision: https://secure.phabricator.com/D4555
2013-01-22 09:06:57 -08:00
epriestley
be1ee3c530 Fix Maniphest Excel export for tasks with descriptions beginning with "="
Summary: Fixes T2369. If you create a task with a description like `= Header =`, the Excel writer interprets it as a formula. Explicitly set the cell types to strings to avoid this.

Test Plan: Exported a task with the description `=1,`; no exception after this patch.

Reviewers: btrahan, chad, vrana

Reviewed By: chad

CC: aran

Maniphest Tasks: T2369

Differential Revision: https://secure.phabricator.com/D4567
2013-01-21 10:11:35 -08:00
Chad Little
d588e5c161 Fix 'No Task' Header
Summary: Fix spacing when there are no tasks, remove a panel background.

Test Plan: reload page, check other maniphest pages

Reviewers: codeblock

Reviewed By: codeblock

CC: aran, epriestley

Differential Revision: https://secure.phabricator.com/D4558
2013-01-20 09:14:51 -08:00
Chad Little
117589c160 Clean up Login, Responsive Forms
Summary: Removes the panel-view on login and adds additonal responsive styles for mobile forms.

Test Plan: View in mobile browser, resize page.

Reviewers: epriestley, btrahan

Reviewed By: epriestley

CC: aran, Korvin

Differential Revision: https://secure.phabricator.com/D4530
2013-01-19 14:30:26 -08:00
Nick Pellegrino
3e6fa43658 getConfigEnv fails fast when key is not found and no default value is given.
Summary:
T2345
getConfig throws an Exception when the key does not exist.
Also removes dead code that throws an Exception.

Test Plan:
Reloaded the Phabricator home page.  In the process, found
2 Exceptions thrown due to nonexistent keys.  After addressing these problems,
the home page loads without Exceptions.

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, Korvin

Differential Revision: https://secure.phabricator.com/D4541
2013-01-19 12:11:28 -08:00
Chad Little
f7cc0886a0 Use panels for spacing in Maniphest.
Summary: Trying to move move content areas to panelview for consistency in spacing.

Test Plan: Reload Maniphest pages, see equal spacing like on Differential.

Reviewers: epriestley, btrahan

Reviewed By: epriestley

CC: aran, Korvin

Differential Revision: https://secure.phabricator.com/D4527
2013-01-18 18:19:56 -08:00
epriestley
1b4369056e Remove unnecessary $nav
Summary: See D4451.

Test Plan: Looked at Maniphest, saw it unchanged.

Reviewers: edward, btrahan

Reviewed By: edward

CC: aran

Differential Revision: https://secure.phabricator.com/D4484
2013-01-17 08:33:34 -08:00
epriestley
307acd6067 Maniphest / MetaMTA config options
Summary: Move the Maniphest-related mta options into config.

Test Plan: Looked at options and edited a couple. Looked at setup warnings to make sure the relevant setup warnings were no longer raised.

Reviewers: codeblock, btrahan

Reviewed By: codeblock

CC: aran

Maniphest Tasks: T2255

Differential Revision: https://secure.phabricator.com/D4465
2013-01-16 09:01:32 -08:00
epriestley
55072a2640 Move all ListFilter buttons into crumbs
Summary:
Maniphest and Owners still have green ListFilter buttons, which have looked awkward for a while and are extra-awkward after D4447. Move them into crumbs and remove the ability of ListFilter to support buttons.

The actual implementation can be simplified too now.

Test Plan: Looked at Owners, Maniphest. Clicked create buttons. Looked at UIExample.

Reviewers: chad

Reviewed By: chad

CC: aran

Differential Revision: https://secure.phabricator.com/D4451
2013-01-15 15:38:05 -08:00
Chad Little
38626dce64 Remove spacer from sidebars.
Summary: This removes all calls to addSpacer and the method. We were applying it inconsistently and it was causing spacing issues with redesigning the sidenav. My feeling is we can recreate the space in CSS if the design dictates, which would apply it consistently.

Test Plan: Go to Applications, click on every application.

Reviewers: epriestley, btrahan

Reviewed By: epriestley

CC: aran, Korvin

Differential Revision: https://secure.phabricator.com/D4420
2013-01-13 08:17:12 -08:00
vrana
b0edca7294 Display #1 instead of #comment-1 in comment anchors
Summary: I changed this a long time ago probably without knowing that this format is usable in Remarkup.

Test Plan: Viewed revision and task.

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, Korvin

Differential Revision: https://secure.phabricator.com/D4413
2013-01-11 15:51:21 -08:00
Ricky Elrod
30345cfbdd Port Maniphest options.
Test Plan: Viewed the new options.

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, Korvin

Maniphest Tasks: T2255

Differential Revision: https://secure.phabricator.com/D4401
2013-01-11 10:24:37 -08:00
epriestley
f6b1964740 Improve Search architecture
Summary:
The search indexing API has several problems right now:

  - Always runs in-process.
    - It would be nice to push this into the task queue for performance. However, the API currently passses an object all the way through (and some indexers depend on preloaded object attributes), so it can't be dumped into the task queue at any stage since we can't serialize it.
    - Being able to use the task queue will also make rebuilding indexes faster.
    - Instead, make the API phid-oriented.
  - No uniform indexing API.
    - Each "Editor" currently calls SomeCustomIndexer::indexThing(). This won't work with AbstractTransactions. The API is also just weird.
    - Instead, provide a uniform API.
  - No uniform CLI.
    - We have `scripts/search/reindex_everything.php`, but it doesn't actually index everything. Each new document type needs to be separately added to it, leading to stuff like D3839. Third-party applications can't provide indexers.
    - Instead, let indexers expose documents for indexing.
  - Not application-oriented.
    - All the indexers live in search/ right now, which isn't the right organization in an application-orietned view of the world.
    - Instead, move indexers to applications and load them with SymbolLoader.

Test Plan:
  - `bin/search index`
    - Indexed one revision, one task.
    - Indexed `--type TASK`, `--type DREV`, etc., for all types.
    - Indexed `--all`.
  - Added the word "saboteur" to a revision, task, wiki page, and question and then searched for it.
    - Creating users is a pain; searched for a user after indexing.
    - Creating commits is a pain; searched for a commit after indexing.
    - Mocks aren't currently loadable in the result view, so their indexing is moot.

Reviewers: btrahan, vrana

Reviewed By: btrahan

CC: 20after4, aran

Maniphest Tasks: T1991, T2104

Differential Revision: https://secure.phabricator.com/D4261
2012-12-21 14:21:31 -08:00
vrana
2cc7f82ece Move Conduit methods inside applications
Test Plan:
/conduit/
/conduit/method/arcanist.projectinfo/
Call method

  $ echo '{}' | arc call-conduit user.whoami

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, Korvin

Differential Revision: https://secure.phabricator.com/D4268
2012-12-21 12:21:59 -08:00
epriestley
141318fd01 Fix a Maniphest issue where multiple saved copies of a query break the menu
Summary: Fixes T2210. Recently, we require unique keys on menu items, but it's currently possible in Maniphest to save the same custom query under multiple names. Avoid exploding in this case (we'll hide the duplicates). This isn't a great fix, but makes Maniphest usable again.

Test Plan: Saved the same query twice, laoded page, got exception, applied patch, loaded page, saw duplicate query stripped.

Reviewers: btrahan, vrana

Reviewed By: btrahan

CC: aran

Maniphest Tasks: T2210

Differential Revision: https://secure.phabricator.com/D4247
2012-12-21 05:42:38 -08:00
vrana
ef214e94ce Move setUser() to AphrontView
Summary: This is used in every other view.

Test Plan: Browsed around.

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, Korvin

Differential Revision: https://secure.phabricator.com/D4248
2012-12-20 14:49:52 -08:00
epriestley
239eca13d7 Fix fatal in Maniphest when viewing "show details" of a task description edit
Summary:
Clicking "show details" of a task description change in Maniphest currently throws an exception about the markup engine.

Since we don't actually need the engine an alternate fix would be "if ($this->markupEngine) { $renderer->setMarkupEngine($this->markupEngine); }" but we have one at the ready so just provide it. This should become part of the Transactions stuff anyway.

Test Plan: Clicked "show details".

Reviewers: btrahan

Reviewed By: btrahan

CC: aran

Differential Revision: https://secure.phabricator.com/D4167
2012-12-12 17:15:51 -08:00
epriestley
03a1148480 Restore Maniphest to use comma-style lists for subscribers, projects
Summary: D4153 made these render with newlines between items; use commas instead.

Test Plan: {F26950}

Reviewers: btrahan, chad, vrana

Reviewed By: chad

CC: aran

Differential Revision: https://secure.phabricator.com/D4162
2012-12-11 17:15:59 -08:00
epriestley
571ec81dd9 Modernize the top half of Maniphest
Summary:
Use modern elements: crumbs, header, action list, property list, tags.

No functional changes.

Test Plan: {F26934}

Reviewers: chad, btrahan, vrana

Reviewed By: btrahan

CC: aran

Differential Revision: https://secure.phabricator.com/D4153
2012-12-11 14:03:16 -08:00
epriestley
f306cab653 Use application icons for "Eye" menu and Crumbs
Summary:
Issues here:

  - Need an application-sized "eye", or a "home" icon for "Phabricator Home".
  - Some of the "apps_lb_2x" sliced images are the "_dark_" versions, not the light versions.
  - If you slice an application-sized "logout" (power off) icon and application-sized "help" (questionmark in circle) icon I can replace the current menu icons and nearly get rid of "autosprite".
  - To replace the icons on /applications/, the non-retina size is "4x", so we'd need "8x" for retina. Alternatively I can reduce the icon sizes by 50%.
  - The "Help", "Settings" and "Logout" items currently have a "glowing" hover state, which needs a variant (or we can drop it).
  - The /applications/ icons have a white hover state (or we can drop it).
  - The 1x application (14x14) icons aren't used anywhere right now, should they be? Maybe in the feed in the future, etc?
  - The "apps-2x" and "apps-large" sheets are the same image, but getting them to actually use the same file is a bit tricky, so I just left them separate for now.

Test Plan:
{F26698}
{F26699}

Reviewers: chad

Reviewed By: chad

CC: aran

Maniphest Tasks: T1960

Differential Revision: https://secure.phabricator.com/D4108
2012-12-07 13:37:28 -08:00
Ricky Elrod
416d26b621 Allow users to set whether or not textareas are monospaced.
Summary:
Some users like monospaced textareas and others don't.
This introduces an option to set this as a user preference.

Test Plan: Enabled and saw monospaced textareas, disabled and saw non-monospaced textareas.

Reviewers: epriestley

CC: aran, Korvin

Maniphest Tasks: T2114

Differential Revision: https://secure.phabricator.com/D4037
2012-11-27 14:06:42 -08:00
epriestley
3ceaad1aa8 Add basic email support to Pholio
Summary: These emails aren't yet useful, but thread/multiplex/etc correctly.

Test Plan: Got some Pholio emails.

Reviewers: btrahan, chad

Reviewed By: btrahan

CC: aran

Maniphest Tasks: T2097

Differential Revision: https://secure.phabricator.com/D3842
2012-11-21 17:39:46 -08:00
Bob Trahan
cd8a9c603e fix Maniphest search for null-like values edge case
Summary: wishlist has priority value of 0 which was messing things up. also fix search text so we can search for "0".

Test Plan: searched for stuff, got results

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, Korvin

Maniphest Tasks: T1878

Differential Revision: https://secure.phabricator.com/D3948
2012-11-12 13:53:33 -08:00
epriestley
2e993f7561 Fix an issue where projects queried in "Any Projects" in Maniphest did not have their handles loaded
Summary:
See https://github.com/facebook/phabricator/issues/230.

If you searched for a project with the "Any Projects" field, we didn't explicitly include it in the list of handles to fetch. Usually this works fine because something else fetches the handle, but if you, e.g., search for a project that has no tasks, you get a fatal.

Test Plan:
Reproduced fatal described in report by performing a custom query for "Any Projects" using a project with no tasks; applied patch; query worked correctly.

Verified `$xproject_phids` and `$project_phids` are already queried.

Reviewers: btrahan, vrana

Reviewed By: btrahan

CC: aran

Differential Revision: https://secure.phabricator.com/D3923
2012-11-08 09:05:38 -08:00
vrana
ef85f49adc Delete license headers from files
Summary:
This commit doesn't change license of any file. It just makes the license implicit (inherited from LICENSE file in the root directory).

We are removing the headers for these reasons:

- It wastes space in editors, less code is visible in editor upon opening a file.
- It brings noise to diff of the first change of any file every year.
- It confuses Git file copy detection when creating small files.
- We don't have an explicit license header in other files (JS, CSS, images, documentation).
- Using license header in every file is not obligatory: http://www.apache.org/dev/apply-license.html#new.

This change is approved by Alma Chao (Lead Open Source and IP Counsel at Facebook).

Test Plan: Verified that the license survived only in LICENSE file and that it didn't modify externals.

Reviewers: epriestley, davidrecordon

Reviewed By: epriestley

CC: aran, Korvin

Maniphest Tasks: T2035

Differential Revision: https://secure.phabricator.com/D3886
2012-11-05 11:16:51 -08:00
20after4
d7f6bd42d6 Use getProductionURI instead of getURI for emails.
Summary: 'TASK DETAIL' links point to the non-production uri.  Our daemons run in an environment that uses different baseUrl because we can't use https locally (https is provided by our load balancers)

Test Plan: check emails generated with a non-production environment. See that the TASK DETAIL link points to production url.

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, Korvin

Differential Revision: https://secure.phabricator.com/D3877
2012-11-02 13:43:38 -07:00
Bob Trahan
afae26ad94 robustify Differential and Maniphest mailhandlers wrt attachments
Summary:
a few things

- make the parent mailhandler class not send "blank body" error if you have attachments
- make both differential and maniphest append a list of attachments to the body if any exist
- BONUS - made the cc stuff work in Maniphest

Test Plan: I haven't actually tested this yet. :(  i need to figure out how to send a mail with an attachment from the command-line and figured I'd serve this up first.

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, Korvin

Maniphest Tasks: T2012

Differential Revision: https://secure.phabricator.com/D3868
2012-11-01 15:18:06 -07:00