1
0
Fork 0
mirror of https://we.phorge.it/source/phorge.git synced 2024-12-02 11:42:42 +01:00
Commit graph

643 commits

Author SHA1 Message Date
Dmitri Iouchtchenko
b639b38242 Fix myranch TLD
Summary: Fixes a typo in the Almanac docs.

Test Plan: Didn't test this one.

Reviewers: #blessed_reviewers, epriestley

Reviewed By: #blessed_reviewers, epriestley

Subscribers: epriestley

Differential Revision: https://secure.phabricator.com/D16529
2016-09-09 03:55:11 -07:00
epriestley
5f43abd7ef Add a {key ..} Remarkup rule for discussing keystrokes
Summary: Ruleset for styles in D16506.

Test Plan: {F1803883}

Reviewers: chad

Reviewed By: chad

Differential Revision: https://secure.phabricator.com/D16510
2016-09-07 09:09:40 -07:00
epriestley
7eee5c5f6f Fix two "proably" typos
Summary: Caught one of these while reviewing docs, grepped for the other one.

Test Plan: `grep`, reading

Reviewers: chad

Reviewed By: chad

Differential Revision: https://secure.phabricator.com/D16498
2016-09-06 08:59:07 -07:00
epriestley
081081b20e Fix a Repository doc spelling mistake
Summary: Those letters don't go there!

Test Plan: O__O

Reviewers: chad

Reviewed By: chad

Differential Revision: https://secure.phabricator.com/D16486
2016-09-02 08:23:00 -07:00
epriestley
991e49b711 Correct spelling of "therefore"
Summary: Fixes T11565.

Test Plan: `git grep -i therefor | grep -vi therefore`

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T11565

Differential Revision: https://secure.phabricator.com/D16476
2016-08-30 14:09:05 -07:00
Josh Cox
8cdf1a890a Updated the docs so chatbots can use the Conduit API
Summary: Previously, the chatbot docs instructed users to get certificates for the conduit API and put the cert in a `conduit.cert` config key. In order to get the chatbot to work, I needed to instead get an API key and put it in the `conduit.token` config entry.

Test Plan: Doc fix. Tried the new documented way and it worked.

Reviewers: epriestley, #blessed_reviewers

Reviewed By: epriestley, #blessed_reviewers

Subscribers: Korvin, epriestley

Differential Revision: https://secure.phabricator.com/D16443
2016-08-24 19:05:30 -04:00
epriestley
ae0cf00a23 Document the use of repository commit hints
Summary: Ref T11522. This explains how to actually use `bin/repository hint`.

Test Plan: Read the document. Used `bin/repository hint` as directed.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T11522

Differential Revision: https://secure.phabricator.com/D16441
2016-08-24 10:57:45 -07:00
epriestley
f46cf99274 Fix a typo in "Internationalization" documentation
Summary: Caught this while linking to it from D16405.

Test Plan: Consulted a dictionary.

Reviewers: chad, alexmv

Reviewed By: alexmv

Differential Revision: https://secure.phabricator.com/D16406
2016-08-16 17:48:00 -07:00
epriestley
a35b03ac6a Update Preamble documentation for clusters with mixed request sources and loadbalancer chains
Summary:
Fixes T11487. Improve documentation for three situations:

  - When you configure a cluster behind a load balancer, all requests are trusted but not all have an "X-Forwarded-For" header. Change the suggested snippet to read this header only if it exists.
  - When a request goes through a series of load balancers (as with a CDN) they can end up writing a list of IPs to the header. Parse these.
  - Remove the "rate limiting" stuff -- this got disabled/removed a long time ago and is misleading/incorrect.

Test Plan: Read documentation.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T11487

Differential Revision: https://secure.phabricator.com/D16403
2016-08-16 16:05:42 -07:00
epriestley
05f7227329 Document how to manually close revisions
Summary: Fixes T11484. These mechanisms aren't necessarily obvious and make sense to document here.

Test Plan: Read documentation.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T11484

Differential Revision: https://secure.phabricator.com/D16404
2016-08-16 16:04:38 -07:00
epriestley
38403b12be Update Herald documentation for modern policies and beahvior
Summary: Ref T11428. This documentation was a bit misleading and out of date. Update it to reflect modern reality.

Test Plan: Read documentation.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T11428

Differential Revision: https://secure.phabricator.com/D16384
2016-08-10 08:55:43 -07:00
epriestley
24a28dd1f3 Fix a documentation typo ("repositorie")
Summary: This isn't a word!

Test Plan: Read carefully.

Reviewers: chad

Reviewed By: chad

Differential Revision: https://secure.phabricator.com/D16362
2016-08-02 18:02:34 -07:00
Sbastien Santoro
7e49479ab0 discouarges → discourages
Test Plan: Read again the sentence.

Reviewers: #blessed_reviewers, epriestley

Reviewed By: #blessed_reviewers, epriestley

Subscribers: epriestley

Differential Revision: https://secure.phabricator.com/D16307
2016-07-15 21:06:47 +00:00
epriestley
5c8dabdf80 Add a strong hint about importing or observing repositories to repository creation
Summary: Fixes T11278. Also mention `svnsync`, since we have some evidence that it works.

Test Plan: {F1716250}

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T11278

Differential Revision: https://secure.phabricator.com/D16255
2016-07-08 07:43:34 -07:00
epriestley
abdb02b51d Update Phame documentation to reflect changes to the application
Summary:
Ref T9360. Old docs felt a little weird to me (particularly very-old text like "favoring the individual rather than the collective").

Try a simpler tone focused more on use cases and examples?

Test Plan:
Read documentation.

Also, viewed a post list and saw monograms.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T9895, T9360

Differential Revision: https://secure.phabricator.com/D16246
2016-07-06 18:43:06 -07:00
Chad Little
0dd6c3653e Clean up Blog Post crumbs
Summary: Show the J monogram when internally linked, but nothing externally (cleaner UI). Ref T9360

Test Plan: View post live and internal.

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: Korvin

Maniphest Tasks: T9360

Differential Revision: https://secure.phabricator.com/D16245
2016-07-07 01:30:54 +00:00
epriestley
b53831101f Raise explicit setup issues about PHP 7
Summary: Ref T9640. Fixes T9888. Decline to support PHP 7 until the async signal handling issue in T11270 is resolved.

Test Plan: Faked local version, got helpful error message.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T9640, T9888

Differential Revision: https://secure.phabricator.com/D16231
2016-07-05 05:33:26 -07:00
epriestley
bf1352c0e4 Document the "---" rule in Remarkup
Summary: Fixes T11228.

Test Plan: {F1704113}

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T11228

Differential Revision: https://secure.phabricator.com/D16186
2016-06-28 14:57:46 -07:00
Austin Seipp
da6c96dfff Fix a busted sentence in the File Encryption documentation
Summary: love to wordsmith

Test Plan: read it

Reviewers: #blessed_reviewers, epriestley

Reviewed By: #blessed_reviewers, epriestley

Subscribers: Korvin

Differential Revision: https://secure.phabricator.com/D16183
2016-06-28 03:55:31 +00:00
epriestley
67084a6953 Support AES256 at-rest encryption in Files
Summary:
Ref T11140. This makes encryption actually work:

  - Provide a new configuation option, `keyring`, for specifying encryption keys.
  - One key may be marked as `default`. This activates AES256 encryption for Files.
  - Add `bin/files generate-key`. This is helps when generating valid encryption keys.
  - Add `bin/files encode`. This changes the storage encoding of a file, and helps test encodings and migrate existing data.
  - Add `bin/files cycle`. This re-encodes the block key with a new master key, if your master key leaks or you're just paraonid.
  - Document all these options and behaviors.

Test Plan:
  - Configured a bad `keyring`, hit a bunch of different errors.
  - Used `bin/files generate-key` to try to generate bad keys, got appropriate errors ("raw doesn't support keys", etc).
  - Used `bin/files generate-key` to generate an AES256 key.
  - Put the new AES256 key into the `keyring`, without `default`.
  - Uploaded a new file, verified it still uploaded as raw data (no `default` key yet).
  - Used `bin/files encode` to change a file to ROT13 and back to raw. Verified old data got deleted and new data got stored properly.
  - Used `bin/files encode --key ...` to explicitly convert a file to AES256 with my non-default key.
  - Forced a re-encode of an AES256 file, verified the old data was deleted and a new key and IV were generated.
  - Used `bin/files cycle` to try to cycle raw/rot13 files, got errors.
  - Used `bin/files cycle` to cycle AES256 files. Verified metadata changed but file data did not. Verified file data was still decryptable with metadata.
  - Ran `bin/files cycle --all`.
  - Ran `encode` and `cycle` on chunked files, saw commands fail properly. These commands operate on the underlying data blocks, not the chunk metadata.
  - Set key to `default`, uploaded a file, saw it stored as AES256.
  - Read documentation.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T11140

Differential Revision: https://secure.phabricator.com/D16127
2016-06-16 08:08:56 -07:00
epriestley
411cf13457 Add Videos to Remarkup
Summary: Ref T6916. Added video to remarkup using D7156 as reference.

Test Plan:
  - Viewed video files (MP4, Ogg) in Safari, Chrome, Firefox (some don't work, e.g., OGG in Safari, but nothing we can really do about that).
  - Used `alt`.
  - Used `autoplay`.
  - Used `loop`.
  - Used `media=audio`.
  - Viewed file detail page.

Reviewers: nateguchi2, chad, #blessed_reviewers

Reviewed By: chad, #blessed_reviewers

Subscribers: asherkin, ivo, joshuaspence, Korvin, epriestley

Tags: #remarkup

Maniphest Tasks: T6916

Differential Revision: https://secure.phabricator.com/D11297
2016-06-07 13:20:25 -07:00
Chad Little
bbd5b3a9f6 Fix spelling issue in cluster doc
Summary: Fix spelling issue

Test Plan: Re-read

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: Korvin

Differential Revision: https://secure.phabricator.com/D16058
2016-06-06 11:38:07 -07:00
epriestley
fb1cc8cc58 Remove Lamson documentation
Summary:
Fixes T11054. This project's website has been down for more than a year:

<https://github.com/zedshaw/lamson/issues/36>

It hasn't received any new commits for three years (March, 2013):

<https://github.com/zedshaw/lamson/commits/master>

Instructions like this are a good candidate for community ownership rather than upstream maintenance. I don't think we'd accept these instructions upstream today.

Test Plan: `grep -i lamson`

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T11054

Differential Revision: https://secure.phabricator.com/D15990
2016-05-30 10:11:52 -07:00
epriestley
189600e411 Allow broader HTTP access to public repositories, respect nonstandard Phabricator HTTP port when generating repository URIs
Summary:
Fixes T11030. Fixes T11032.

  - Allow HTTP access to "Public" repositories even if `diffusion.allow-http-auth` is disabled.
  - If you run Phabricator on an unusual port (???) use that port as the default when generating HTTP URIs.

Test Plan:
  - Faked `phabricator.base-uri` to an unusual port, saw repository HTTP URI generate with an unusual port.
  - Disabled `diffusion.allow-http-auth`, confirmed that toggling view policy between "public" and "users" activated or deactivated HTTP clone URI.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T11030, T11032

Differential Revision: https://secure.phabricator.com/D15973
2016-05-25 09:07:00 -07:00
epriestley
9385ddaf82 Fix bad documentation link in clustering intro doc
Summary: Fixes T10991.

Test Plan: Previewed harder, clicked link.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T10991

Differential Revision: https://secure.phabricator.com/D15949
2016-05-19 14:59:50 -07:00
epriestley
9c24798e64 Update Owners auditing rules for multiple reviewers
Summary:
Ref T10939. Fixes T10181. This slightly simplifies, then documents the auditing rules, which haven't been updated for a while. In particular:

  - If an owner authored the change, never audit.
  - Examine all reviewers to determine reviewer audit status, not just the first reviewer.
  - Simplify some of the loading code a bit.

Test Plan:
  - Ran `bin/repository reparse --owners <commit> --force` to trigger this stuff.
  - Verified that the web UI did reasonable things with resulting audits.
  - Read documentation.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T10181, T10939

Differential Revision: https://secure.phabricator.com/D15939
2016-05-17 13:46:06 -07:00
epriestley
809c7bf996 Allow users to manage package dominion rules
Summary: Ref T10939. This adds UI, transactions, etc, to adjust dominion rules.

Test Plan:
  - Read documentation.
  - Changed dominion rules.
  - Created packages on `/` ("A") and `/x` ("B") with "Auto Review: Review".
  - Touched `/x`.
  - Verified that A and B were added with strong dominion.
  - Verified that only B was added when A was set to weak dominion.
  - Viewed file in Diffusion, saw correct ownership with strong/weak dominion rules.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T10939

Differential Revision: https://secure.phabricator.com/D15936
2016-05-17 10:57:43 -07:00
Luka Kladaric
174f3f6d23 docs: fix setup instructions for Mailgun and S3
Summary: The S3 fields are mandatory and if you only enter the ones in the docs you will immediately encounter a "Amazon S3 is Only Partially Configured" error. For Mailgun the error is more difficult to figure out - emails get stuck on Mailgun's side but the error is illegible. On Phabricator's side you have to go trawling through nginx logs to find "Mail signature is not valid. Check your Mailgun API key."

Test Plan: Deploy a new standalone instance, follow old instructions, fail. Deploy another one, follow updated instructions, win.

Reviewers: epriestley, #blessed_reviewers

Reviewed By: epriestley, #blessed_reviewers

Subscribers: Korvin

Differential Revision: https://secure.phabricator.com/D15931
2016-05-16 22:11:37 +02:00
Austin Seipp
1567f07e3c Fix some broken links in the cluster documentation
Summary:
Looks like some copy pasta snuck in. Also fixes a missed
parenthesis.

Test Plan: Eyeball it.

Reviewers: #blessed_reviewers, epriestley

Reviewed By: #blessed_reviewers, epriestley

Subscribers: Korvin

Differential Revision: https://secure.phabricator.com/D15920
2016-05-15 07:15:34 +00:00
epriestley
c9365e48d8 Don't trigger "Auto Review" if the author is already an owner; document "Auto Review"
Summary:
Ref T10939. If you already own a package, don't trigger the subscribe/review rules.

Document how these rules work.

Test Plan:
  - Read documentation.
  - Removed reviewers, updated a revision, got autoreviewed.
  - Joined package.
  - Removed reveiwers, updated a revision, no more autoreview.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T10939

Differential Revision: https://secure.phabricator.com/D15918
2016-05-13 17:24:33 -07:00
epriestley
1793e2f945 Use ye new Englishe in ye docs
Summary: Ah, a fine thing it be.

Test Plan: Pip pip cheerio.

Reviewers: chad

Reviewed By: chad

Differential Revision: https://secure.phabricator.com/D15919
2016-05-13 13:55:57 -07:00
epriestley
5162f81095 Provide SSH host documentation, tweak/supplement cluster documentation
Summary: Ref T10751. I think this mostly brings us up to date with the state of the world.

Test Plan: Read documentation.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T10751

Differential Revision: https://secure.phabricator.com/D15897
2016-05-12 12:09:04 -07:00
epriestley
0faf3dd18d Fix "Contributing" misspelling in documentation
Summary: Fixes T10958.

Test Plan: Dictionary'd.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T10958

Differential Revision: https://secure.phabricator.com/D15898
2016-05-12 08:29:53 -07:00
epriestley
fc654f8996 Flesh out a few more repository documentation sections
Summary: Ref T10923. This links up some more related documentation about repository management.

Test Plan: Read documentation.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T10923

Differential Revision: https://secure.phabricator.com/D15890
2016-05-11 13:01:02 -07:00
epriestley
5587d97a7f Tailor Diffusion protocol rules slightly
Summary: Fixes T10948. Ref T10923. Make these rules a little more thorough and document their behavior.

Test Plan: Looked at Diffusion clone URIs.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T10923, T10948

Differential Revision: https://secure.phabricator.com/D15887
2016-05-11 07:18:09 -07:00
epriestley
e2bbde9675 Bring old repository instructions and guidance forward to new UI
Summary:
Ref T10923. Fixes T10406. This brings most of the guidance/instructions forward:

  - Some remained as instructions.
  - Some moved to documentation.

Test Plan: Went through all of the sections and hit the help.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T10406, T10923

Differential Revision: https://secure.phabricator.com/D15873
2016-05-10 05:15:43 -07:00
epriestley
f191f66f34 Document API management of repositories and fix some issues with creating URIs via API
Summary:
Ref T10923. Primarily documents the process for creating repositories via the API.

Also fixes a couple of issues with `repositoryPHID` not being set yet when creating URIs via the API.

Test Plan:
  - Followed all documented steps to create a new repository.
  - Created and edited some new URIs from the web workflow, too.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T10923

Differential Revision: https://secure.phabricator.com/D15870
2016-05-10 05:10:35 -07:00
epriestley
34e85aaeb8 Document most of the new Diffusion management panel
Summary: Ref T10923. This isn't complete yet, but reduces lies and increases truths.

Test Plan: Read documentation, clicked new "Documentation" nav item.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T10923

Differential Revision: https://secure.phabricator.com/D15868
2016-05-10 05:10:07 -07:00
epriestley
cc579be6f1 Use more precise language to describe what mirroring is
Summary: Fixes T10928. This behavior hasn't changed at all and this is what, e.g., `git push --mirror` means, and the other behavior isn't possible, but be more explicit about the inherent destructive potential of mirroring.

Test Plan: Read documentation.

Reviewers: chad, sascha-egerer

Reviewed By: sascha-egerer

Subscribers: sascha-egerer

Maniphest Tasks: T10928

Differential Revision: https://secure.phabricator.com/D15861
2016-05-06 08:04:18 -07:00
epriestley
128995f1ac Document all the hypothetical URI features we plan to support soon
Summary: Ref T10748. Ref T10366. This documents how everything is planned to work shortly.

Test Plan: Read documentation.

Reviewers: chad

Reviewed By: chad

Subscribers: eadler, scode

Maniphest Tasks: T10366, T10748

Differential Revision: https://secure.phabricator.com/D15817
2016-04-29 09:24:10 -07:00
epriestley
dc3a13c5e8 Add bin/repository clusterize and document setup and migration for clusters
Summary: Ref T4292. This provides at least some sort of hint about how to set up cluster repositories.

Test Plan:
  - Read documentation.
  - Ran `bin/repository clusterize` to add + remove clusters.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T4292

Differential Revision: https://secure.phabricator.com/D15798
2016-04-26 10:07:17 -07:00
epriestley
8d9bc401e4 Improve Diffusion hosting setup instructions somewhat?
Summary:
Ref T10866. Fixes T10386. This attempts to make it a little more plausible to follow these directions:

  - Use simpler language in general.
  - Remove language suggesting that HTTP requires no additional configuration.
  - Suggest using a load balancer or an ugly port number instead of swapping SSH to a different port.
  - Be more granular about `sudo` setup.
  - Organize better?

Test Plan: Read documentation.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T10386, T10866

Differential Revision: https://secure.phabricator.com/D15796
2016-04-26 10:06:59 -07:00
epriestley
2c870bad86 Document how to register cluster devices with Almanac
Summary:
Ref T4292. This is a required step in configuring a cluster: document and explain it.

Previously `bin/almanac register` could //also// add and trust keys. I've removed this capability since I think it's needless and complicated. If there's some real use for it eventually, we could add a `bin/almanac add-key` or whatever. The workflow is simpler and has better guard rails that point you in the correct direction now.

Test Plan:
  - Read documentation.
  - Ran `bin/almanac` with various good/bad flags.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T4292

Differential Revision: https://secure.phabricator.com/D15795
2016-04-25 14:58:58 -07:00
epriestley
623ed1f434 Include directory-ownership note in sshd setup instructions
Summary: Fixes T9560. We suggest a root-owned location, but users who choose their own location instead can run into trouble.

Test Plan:
  - Changed parent directory to have an non-root owner, verified that `ssh` no longer worked.
  - Changed parent directory back to a root owner, verified `ssh` worked again.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T9560

Differential Revision: https://secure.phabricator.com/D15794
2016-04-25 08:16:14 -07:00
epriestley
9d0891c7e1 Correct Aphlict documentation for Nginx proxying
Summary: Fixes T10857. This documentation did not accurately reflect proper configuration: in the Aphlict config, SSL is inferred from the presence of `ssl.*` configuration.

Test Plan: Read documentation.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T10857

Differential Revision: https://secure.phabricator.com/D15787
2016-04-24 06:31:58 -07:00
epriestley
9656fe48bc Add a "Repository Servers" cluster administration panel
Summary: Ref T4292. This adds a new high-level overview panel.

Test Plan: {F1238854}

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T4292

Differential Revision: https://secure.phabricator.com/D15772
2016-04-21 11:56:44 -07:00
epriestley
c986caebb2 Put all cluster docs in the right documentation group
Summary: Some of these had the wrong `@group` header.

Test Plan: `grep`

Reviewers: chad

Reviewed By: chad

Differential Revision: https://secure.phabricator.com/D15778
2016-04-20 20:38:08 -07:00
epriestley
bd4fb3c9fa Implement bin/repository thaw for unfreezing cluster repositories
Summary:
Ref T10751. Add support tooling for manually prying your way out of trouble if disaster strikes.

Refine documentation, try to refer to devices as "devices" more consistently instead of sometimes calling them "nodes".

Test Plan: Promoted and demoted repository devices with `bin/repository thaw`.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T10751

Differential Revision: https://secure.phabricator.com/D15768
2016-04-20 10:45:58 -07:00
epriestley
11aa902bd1 Show "Last Writer" and "Last Write At" in the UI, add more documentation
Summary:
Ref T10751. Make the UI more useful and explain what failure states mean and how to get out of them.

The `bin/repository thaw` command does not exist yet, I'll write that soon.

Test Plan: {F1238241}

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T10751

Differential Revision: https://secure.phabricator.com/D15766
2016-04-20 10:45:03 -07:00
epriestley
48b015a3fa Add slightly more cluster repository documentation
Summary: Ref T10751. There are still some missing support tools here, but explain some of this a little better.

Test Plan: Read documentation.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T10751

Differential Revision: https://secure.phabricator.com/D15764
2016-04-20 04:46:40 -07:00
epriestley
bab3690b54 Fill in missing cluster database documentation
Summary:
Ref T10751. Provide some guidance on replicas and promotion.

I'm not trying to walk administrators through the gritty details of this. It's not too complex, they should understand it, and the MySQL documentation is pretty thorough.

Test Plan: Read documentation.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T10751

Differential Revision: https://secure.phabricator.com/D15763
2016-04-20 04:46:25 -07:00
epriestley
92c50de8aa Rough in the new custom URI panel
Summary: Ref T10748. Ref T10366. No support for editing and no impact on the UI, but get some of the basics in place.

Test Plan: {F1223279}

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T10366, T10748

Differential Revision: https://secure.phabricator.com/D15742
2016-04-17 16:03:24 -07:00
epriestley
025b243e27 Document wiki relative link syntax
Summary: Also make `../` work to start relative a link so I don't have to document it as `./../path`.

Test Plan:
  - Used `./`, `../`. `./../`, and normal links (proper title pickup).
  - Used bad links (red).
  - Regenerated documentation:

{F1221692}

Reviewers: hach-que

Reviewed By: hach-que

Differential Revision: https://secure.phabricator.com/D15734
2016-04-16 18:54:55 -07:00
Austin Seipp
b2d2f03dea Tell users to avoid magical CloudFlare nonsense in the CDN documentation
Summary:
Fixes T9716. Doesn't go into too much detail, but will hopefully
save some pain.

Test Plan: Read all the wonderful text.

Reviewers: #blessed_committers, epriestley, #blessed_reviewers

Reviewed By: #blessed_committers, epriestley, #blessed_reviewers

Subscribers: Korvin

Maniphest Tasks: T9716

Differential Revision: https://secure.phabricator.com/D15738
2016-04-17 01:50:26 +00:00
epriestley
686c02d54a Add a "memory.hint" parameter to Aphlict
Summary:
Ref T10696. By default, `node` uses 1.5GB, which is enormous overkill for this service and can crowd out other services if it's running next to things like a database on the same host.

Provide a configuration option to adjust it via `--max-old-space-size` and default to 256MB. It only seems to need about 30M locally, so this should be plenty of headroom.

Test Plan:
Ran `bin/aphlict debug`, things seemed OK.

It takes a long time (days?) to grow to 1.5GB so I can't easily test this locally without a lot of work, but I'll keep an eye on it in production.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T10696

Differential Revision: https://secure.phabricator.com/D15720
2016-04-15 07:14:45 -07:00
epriestley
fad9e043c3 Fix bad cluster.database in documentation
Summary: This is mistaken.

Test Plan: Careful inspection, `grep` for other mistakes.

Reviewers: chad, eadler

Reviewed By: eadler

Differential Revision: https://secure.phabricator.com/D15717
2016-04-14 15:00:03 -07:00
epriestley
7852ec1619 Use --master-data, not --dump-slave, in bin/storage dump
Summary: These flags do slightly different things, I actually want --master-data here. My test databases are setup half-weird and work with either statement, which is why I missed this.

Test Plan: Ran a dump against master, got the right CHANGE MASTER statement with no warnings.

Reviewers: chad

Reviewed By: chad

Differential Revision: https://secure.phabricator.com/D15716
2016-04-14 14:56:21 -07:00
epriestley
bbb321395a Support Aphlict clustering
Summary:
Ref T6915. This allows multiple notification servers to talk to each other:

  - Every server has a list of every other server, including itself.
  - Every server generates a unique fingerprint at startup, like "XjeHuPKPBKHUmXkB".
  - Every time a server gets a message, it marks it with its personal fingerprint, then sends it to every other server.
  - Servers do not retransmit messages that they've already seen (already marked with their fingerprint).
  - Servers learn other servers' fingerprints after they send them a message, and stop sending them messages they've already seen.

This is pretty crude, and the first message to a cluster will transmit N^2 times, but N is going to be like 3 or 4 in even the most extreme cases for a very long time.

The fingerprinting stops cycles, and stops servers from sending themselves copies of messages.

We don't need to do anything more sophisticated than this because it's fine if some notifications get lost when a server dies. Clients will reconnect after a short period of time and life will continue.

Test Plan:
  - Wrote two server configs.
  - Started two servers.
  - Told Phabricator about all four services.
  - Loaded Chrome and Safari.
  - Saw them connect to different servers.
  - Sent messages in one, got notifications in the other (magic!).
  - Saw the fingerprinting stuff work on the console, no infinite retransmission of messages, etc.

(This pretty much just worked when I ran it the first time so I probably missed something?)

{F1218835}

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T6915

Differential Revision: https://secure.phabricator.com/D15711
2016-04-14 13:26:30 -07:00
epriestley
5a0b7398ca Give bin/storage some replica-aware options
Summary:
Fixes T10758.

  - Adds a "--host" flag. If you specify this, we read your cluster config. This lets you dump from a replica.
  - Adds a "--for-replica" flag to `storage dump`. This makes `mysqldump` include a `CHANGE MASTER ...` statement in the output, which is useful when setting up a replica for the first time.

Test Plan:
  - Dumped master and replica cluster databases.
  - Dumped non-cluster databases.
  - Ran various other commands (help, status, etc).

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T10758

Differential Revision: https://secure.phabricator.com/D15714
2016-04-14 13:23:35 -07:00
epriestley
07fc8f17cc Support "ssl.chain" in Aphlict configuration
Summary: Fixes T10806. Although browsers don't seem to care about this, it's more correct to support it, and the new test console uses normal `cURL` and does care.

Test Plan:
  - Hit the error case for providing a chain but no key/cert.
  - Used `openssl s_client -connect localhost:22280` to connect to local Aphlict servers.
  - With SSL but no chain, saw `openssl` fail to verify the remote.
  - With SSL and a chain, saw `openssl` verify the identify of the remote.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T10806

Differential Revision: https://secure.phabricator.com/D15709
2016-04-14 10:41:21 -07:00
epriestley
383ae7621f Fix a "websokket" typo
Summary: Typo fix from D15703 that I overlooked.

Test Plan: Careful inspection.

Reviewers: chad

Reviewed By: chad

Differential Revision: https://secure.phabricator.com/D15708
2016-04-14 10:40:54 -07:00
epriestley
2930733ac9 Complete modernization of Aphlict configuration
Summary:
Fixes T10697. This finishes bringing the rest of the config up to cluster power levels.

Phabricator is now given an arbitrarily long list of notification servers.

Each Aphlict server is given an arbitrarily long list of ports to run services on.

Users are free to make them meet in the middle by proxying whatever they want to whatever else they want.

This should also accommodate clustering fairly easily in the future.

Also rewrote the status UI and changed a million other things. 🐗

Test Plan:
{F1217864}

{F1217865}

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T10697

Differential Revision: https://secure.phabricator.com/D15703
2016-04-14 04:57:00 -07:00
epriestley
c6b0925954 Move Aphlict logging and PID configuration options to config file
Summary: Ref T10697. Mostly straightforward. Also allow the server to have multiple logs and log options in the future (e.g., different verbosities or separate admin/client logs or whatever). No specific plans for this, but the default log is pretty noisy today.

Test Plan: Set up a couple of logs, started server, saw it log to them.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T10697

Differential Revision: https://secure.phabricator.com/D15702
2016-04-14 04:55:19 -07:00
epriestley
c84dee522b Move server-related Aphlict options to a configuration file
Summary: Ref T10697. This isn't everything but starts generalizing options and moving us toward a cluster-ready state of affairs.

Test Plan: Started server in various configurations, hit most (all?) of the error cases with bad configs, sent test notifications.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T10697

Differential Revision: https://secure.phabricator.com/D15701
2016-04-14 04:54:42 -07:00
Andy Reitz
3876d6b439 Fix some typos in the new cluster docs
Summary:
While reading the new cluster docs, I noticed a few minor typos, and one
section that seemed to be incomplete and redundant, so I just removed it.

Test Plan: none.

Reviewers: epriestley, #blessed_reviewers

Reviewed By: epriestley, #blessed_reviewers

Subscribers: chad, Korvin, jshirley

Differential Revision: https://secure.phabricator.com/D15704
2016-04-13 16:30:40 -07:00
epriestley
66366137ff Don't apply security.require-https to intracluster requests
Summary:
Ref T10784. Currently, if you terminate SSL at a load balancer (very common) and use HTTP beyond that, you have to fiddle with this setting in your premable or a `SiteConfig`.

On the balance I think this makes stuff much harder to configure without any real security benefit, so don't apply this option to intracluster requests.

Also document a lot of stuff.

Test Plan: Poked around locally but this is hard to test outside of a production cluster, I'll vet it more thoroughly on `secure`.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T10784

Differential Revision: https://secure.phabricator.com/D15696
2016-04-13 12:51:41 -07:00
epriestley
afb0f7c7af Clean up some old cluster-ish documentation
Summary:
Ref T10751. We currently have a placeholder Almanac document, and a fairly-bad-advice section in Daemons.

Pull these into the modern cluster documentation.

Test Plan: 17 phabricator PHDs

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T10751

Differential Revision: https://secure.phabricator.com/D15689
2016-04-12 19:14:08 -07:00
epriestley
110223c1a7 Fix pretty drawings
Summary: Changes elsewhere which support spaces before "|" when defining a table so that tables quote properly also accidentally changed these beautiful drawings into remarkup tables.

Test Plan: (( o.O ))

Reviewers: chad

Reviewed By: chad

Differential Revision: https://secure.phabricator.com/D15690
2016-04-12 10:55:03 -07:00
epriestley
58eef68b7c Rough cut of repository cluster status panel
Summary:
Ref T4292. This adds some very basic cluster/device data to the new management view. Nothing interesting yet.

Also deal with disabled bindings a little more cleanly.

Test Plan: {F1214619}

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T4292

Differential Revision: https://secure.phabricator.com/D15685
2016-04-12 05:38:10 -07:00
epriestley
ac35246d0d Never sever non-cluster database; write more read-only documentation
Summary:
Ref T4571. Write more of the missing documentation sections and clarify a few things.

Since the "replicating master" check needs a special permission, imposes a performance penalty, is probably very difficult to misconfigure, and likely not a big deal anyway, just drop the idea of trying to automatically detect + prevent it. We still show if it's an issue on the status page, provided we have permission to check.

When you don't have any cluster databases configured, never stop trying to connect to the default master database. We might want to do this eventually as load reduction, but just don't muddy the waters too much for now while things stabilize.

Test Plan:
  - Tested functionality in cluster, non-cluster, and degraded-cluster modes.
  - Used status console to monitor a health check cycle.
  - Read docs.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T4571

Differential Revision: https://secure.phabricator.com/D15679
2016-04-11 08:44:11 -07:00
epriestley
0439645d5b Add a "Database Cluster Status" console in Config
Summary: Ref T4571. The configuration option still doesn't do anything, but add a status panel for basic setup monitoring.

Test Plan:
Here's what a good version looks like:

{F1212291}

Also faked most of the errors it can detect and got helpful diagnostic messages like this:

{F1212292}

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T4571

Differential Revision: https://secure.phabricator.com/D15667
2016-04-09 20:34:13 -07:00
epriestley
3f51b78539 Lay cluster.databases configuration groundwork for database clustering
Summary:
Ref T4571. This adds a new option which allows you to upgrade your one-host configuration to a multi-host configuration by configuring it.

Doing this currently does nothing. I wrote a lot of words about what it is //supposed// to do in the future, though.

Test Plan:
  - Tried to configure the option in all the possible bad ways, got errors.
  - Read documentation.

Reviewers: chad

Reviewed By: chad

Subscribers: eadler

Maniphest Tasks: T4571

Differential Revision: https://secure.phabricator.com/D15663
2016-04-09 13:41:16 -07:00
epriestley
5dec03af32 Make OAuth scope handling more flexible
Summary:
Ref T7303. Currently, our handling of "scope" is fairly rigid and adheres to the spec, but some of these behaviors don't make much sense in practice.

Soften some behaviors and make them more flexible:

**Soft Failure on Unknown Permissions**: If a client asks for a permission we don't know about, just warn that we don't recognize it instead of fataling. In particular, I plan to make `offline_access` and `whoami` implicit. Older clients that request these permissions will still work fine as long as we don't hard-fatal.

**Move `user.whoami` to ALWAYS scope**: Make `whoami` a default permission. We've already done this, in effect; this just formalizes it.

**Tokens no longer expire**: Make `offline_access` (infinite-duration tokens) a default permission. I think the OAuth model doesn't map well to reality. It is common for other providers to issue "temporary" tokens with a duration of multiple years, and the refesh workflow is sort of silly. We can add a "temporary" scope later if we need temporary tokens.

This flow was potentially extra silly with the "log out of Phacility" use case, where we might need to have you log in again before we could log you out, which is bizarre and senseless. Avoid this nonsense.

**Move away from granular permissions**: Users currently get to pick-and-choose which permissions they grant, but this likely rarely/never works in practice and is fairly hostile since applications can't communicate which permissions they need. Applications which can actually operate with only some subset of permissions can make separate requests (e.g., when you activate "cool feature X", it asks for X permission). I think applications that do this are rare; pretty much everything just asks for tons of permissions and everyone grants them.

Making this all-or-nothing is better for well-behaved applications and better for users. It's also slightly better for overzealous applications that ask for more than they need, but whatever. Users can make an informed decision, hopefully, and I plan to let administrators force applications to a subset of permissions once we introduce meaningful scopes.

Test Plan:
  - Generated tokens.
  - Used tokens.
  - Authorized an instance.
  - Faked some bogus scopes, got clean authorization.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T7303

Differential Revision: https://secure.phabricator.com/D15621
2016-04-05 13:53:33 -07:00
epriestley
1bd33ad759 Correct table documentation in Remarkup reference
Summary: Ref T10570. Earlier work on that task made tables activate even if indented so they work in quoted blocks. However, the documentation doesn't explicitly mark them in code blocks, so it turned them into markup.

Test Plan:
Used `bin/diviner generate` to regenerate documentation, verified it now renders properly.

{F1205818}

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T10570

Differential Revision: https://secure.phabricator.com/D15619
2016-04-05 09:02:54 -07:00
epriestley
3493d9d513 Fix a typo
Summary: Whoops.

Test Plan: O.o

Reviewers: chad

Reviewed By: chad

Differential Revision: https://secure.phabricator.com/D15519
2016-03-24 09:12:34 -07:00
epriestley
b193796266 Provide "Reproduction Steps" docs and separate "Version" doc
Summary: I know this is ultimately pointless but feel better about pushing back on users when there is no possible way they could be acting in good faith.

Test Plan: Read documents.

Reviewers: chad

Reviewed By: chad

Differential Revision: https://secure.phabricator.com/D15518
2016-03-24 08:57:29 -07:00
epriestley
4a6589524b Add amazon-ses.endpoint configuration
Summary: Fixes T5116.

Test Plan: Will test in production.

Reviewers: chad

Maniphest Tasks: T5116

Differential Revision: https://secure.phabricator.com/D15515
2016-03-23 12:28:59 -07:00
epriestley
63ab2ad69b Typo fixed in docs/tech
Summary: Spelling mistake fixed - neessary > necessary

Test Plan: No Test plan

Reviewers: epriestley, #blessed_reviewers

Reviewed By: epriestley, #blessed_reviewers

Subscribers: epriestley

Differential Revision: https://secure.phabricator.com/D15146
2016-03-21 10:13:06 -07:00
tycho.tatitscheff
821ba8b22e Fix a typo on Almanac User Guide
Summary:
Ref T10527
The lack of a * messed up the remarkup.

Test Plan:
Tested on my instance by pasting the sentence in a phriction document.
See the markup correctly done.

Reviewers: epriestley, #blessed_reviewers

Reviewed By: epriestley, #blessed_reviewers

Subscribers: Korvin

Maniphest Tasks: T10527

Differential Revision: https://secure.phabricator.com/D15421
2016-03-06 15:49:44 -08:00
epriestley
809646c8d2 Unprototype Almanac
Summary: Fixes T10449. Almanac doesn't do a whole lot for the average user, but is in good shape technically and works well, and exposing it in the cluster won't let installs destroy themselves now.

Test Plan: Re-read documentation; grepped for `TODO` (there are a couple, but reasonable to push off); browsed around all the UI things (new two-column looks great), called API methods.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T10449

Differential Revision: https://secure.phabricator.com/D15400
2016-03-04 17:22:49 -08:00
epriestley
4c97d88aa4 Allow Almanac bindings to be disabled and unused interfaces to be removed
Summary:
Fixes T9762. Ref T10246.

**Disabling Bindings**: Previously, there was no formal way to disable bindings. The internal callers sometimes check some informal property on the binding, but this is a common need and deserves first-class support in the UI. Allow bindings to be disabled.

**Deleting Interfaces**: Previously, you could not delete interfaces. Now, you can delete unused interfaces.

Also some minor cleanup and slightly less mysterious documentation.

Test Plan: Disabled bindings and deleted interfaces.

Reviewers: chad

Reviewed By: chad

Subscribers: yelirekim

Maniphest Tasks: T9762, T10246

Differential Revision: https://secure.phabricator.com/D15345
2016-02-26 06:21:23 -08:00
epriestley
944539a786 Simplify locking of Almanac cluster services
Summary:
Fixes T6741. Ref T10246. Broadly, we want to protect Almanac cluster services:

  - Today, against users in the Phacility cluster accidentally breaking their own instances.
  - In the future, against attackers compromising administrative accounts and adding a new "cluster database" which points at hardware they control.

The way this works right now is really complicated: there's a global "can create cluster services" setting, and then separate per-service and per-device locks.

Instead, change "Can Create Cluster Services" into "Can Manage Cluster Services". Require this permission (in addition to normal permissions) to edit or create any cluster service.

This permission can be locked to "No One" via config (as we do in the Phacility cluster) so we only need this one simple setting.

There's also zero reason to individually lock //some// of the cluster services.

Also improve extended policy errors.

The UI here is still a little heavy-handed, but should be good enough for the moment.

Test Plan:
  - Ran migrations.
  - Verified that cluster services and bindings reported that they belonged to the cluster.
  - Edited a cluster binding.
  - Verified that the bound device was marked as a cluster device
  - Moved a cluster binding, verified the old device was unmarked as a cluster device.
  - Tried to edit a cluster device as an unprivileged user, got a sensible error.

{F1126552}

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T6741, T10246

Differential Revision: https://secure.phabricator.com/D15339
2016-02-25 03:38:39 -08:00
epriestley
411331469a Apply namespace locking rules in Almanac
Summary:
Ref T10246. Ref T6741.

When you have a namespace like "phacility.net", require users creating services and devices within it to have edit permission on the namespace.

This primarily allows us to lock down future device names in the cluster, so instances can't break themselves once they get access to Almanac.

Test Plan:
  - Configured a `phacility.net` namespace, locked myself out of it.
  - Could not create new `stuff.phacility.net` services/devices.
  - Could still edit existing devices I had permission for.
  - Configured a `free.phacility.net` namespace with more liberal policies.
  - Could create `me.free.phacility.net`.
  - Still could not create `other.phacility.net`.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T6741, T10246

Differential Revision: https://secure.phabricator.com/D15325
2016-02-22 04:58:53 -08:00
epriestley
db50d0fb11 Rough-in Almanac namespaces
Summary:
Ref T6741. Ref T10246.

Root problem: to provide Drydock in the cluster, we need to expose Almanac, and doing so would let users accidentally or intentionally create a bunch of `repo006.phacility.net` devices/services which could conflict with the real ones we manage.

There's currently no way to say "you can't create anything named `*.blah.net`". This adds "namespaces", which let you do that (well, not yet, but they will after the next diff).

After the next diff, if you try to create `repo003.phacility.net`, but the namespace `phacility.net` already exists and you don't have permission to edit it, you'll be asked to choose a different name.

Also various modernizations and some new docs.

Test Plan:
  - Created cool namespaces like `this.computer`.
  - Almanac namespaces don't actually enforce policies yet.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T6741, T10246

Differential Revision: https://secure.phabricator.com/D15324
2016-02-22 04:58:35 -08:00
epriestley
925a0d3d59 Pass repository PHID to custom hooks in PHABRICATOR_REPOSITORY instead of callsign
Summary:
Ref T4245. We pass this exclusively for use by additional third-party hooks.

This is technically a backward compatibility break, but I suspect it doesn't affect anyone:

  - Probably almost no one is using this (there are few reasons to, even for the tiny number of installs with custom commit hooks).
  - If they are, there's a good chance the PHID will work anyway, since nearly all scripts and Conduit methods will accept it in place of a callsign now, and if it's in logging or debugging code the PHID is a reasonable substitute
  - Even if it doesn't just keep working, the break should be very obvious in most reasonable cases.

I'll call this out explicitly in the changelog, though -- almost everything else will just continue working, but this is a strict compatibility break.

Test Plan:
  - Ugh.
  - Picked a hosted Git repo out of Diffusion.
  - Went to the path on disk.
  - Went into `hooks/`.
  - Went into `pre-receive-phabricator.d/`.
  - Wrote this hook and gave it `chmod +x`:

```name=stuff.sh
#!/bin/sh

echo $PHABRICATOR_REPOSITORY >> /tmp/stuff.log
```

  - Pushed to the repository.
  - Saw a PHID show up in the log:

```
$ cat /tmp/stuff.log
PHID-REPO-bqkcdp47euwnwlasrsrh
```

Reviewers: chad, avivey

Reviewed By: avivey

Subscribers: avivey

Maniphest Tasks: T4245

Differential Revision: https://secure.phabricator.com/D15294
2016-02-17 17:10:44 -08:00
epriestley
973b8ace86 Remove dependence on callsigns from bin/commit-hook
Summary:
Ref T4245. Two effects:

  - First, let hooks work for future repositories without callsigns.
  - Second, provide a better error when users push directly to hosted repositories.

Test Plan: Ran `bin/commit-hook PHID-REPO-xxx`.

Reviewers: chad, avivey

Reviewed By: avivey

Maniphest Tasks: T4245

Differential Revision: https://secure.phabricator.com/D15293
2016-02-17 16:50:36 -08:00
epriestley
8661170819 Fix a couple typos in "why so many databases?" document
Summary: One missing word, one `0` that should be a `)`, simplify a couple of mega-clauses to improve readability?

Test Plan: ((O)) . ((O))

Reviewers: michaeljs1990, chad

Reviewed By: chad

Differential Revision: https://secure.phabricator.com/D15252
2016-02-11 13:49:58 -08:00
epriestley
f5c8a2fb18 Write "Why does Phabricator need so many databases?"
Summary: We will sell you as many new databases as you want, cheap! Just $1 per database!

Test Plan: (O).(O)

Reviewers: chad

Reviewed By: chad

Differential Revision: https://secure.phabricator.com/D15249
2016-02-11 13:01:04 -08:00
Vlad Albulescu
b5518d4bfb fix a typo in troubleshooting perf wiki page
Summary: Fix typo. That said, I love the example.

Test Plan: no

Reviewers: epriestley, #blessed_reviewers

Reviewed By: epriestley, #blessed_reviewers

Subscribers: Korvin

Differential Revision: https://secure.phabricator.com/D15210
2016-02-07 16:29:13 -08:00
epriestley
90a0459821 Roughly implement milestone columns on workboards
Summary:
Ref T10010. These aren't perfect but I think (?) they aren't horribly broken.

  - When a project is a parent project, destroy (as far as the user can tell) any custom columns.
  - When a project has milestones, automatically generate columns on the project's workboard (if it has a workboard).
  - When you move tasks between milestones, add the proper milestone tag.
  - When you move tasks out of milestones back into the backlog, add the proper parent project tag.
  - (Plenty of UI / design stuff to adjust.)

Test Plan:
  - Dragged stuff between milestone columns.
  - Used a normal workboard.
  - Wasn't able to find any egregiously bad cases that did anything terrible.

{F1088224}

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T10010

Differential Revision: https://secure.phabricator.com/D15171
2016-02-03 16:37:59 -08:00
epriestley
d156da3402 Clarify why VCS passwords must be unique
Summary: Fixes T10265.

Test Plan: Read text.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T10265

Differential Revision: https://secure.phabricator.com/D15173
2016-02-03 07:23:19 -08:00
epriestley
268a9ced78 Implement subproject/milestone conflict resolution rules
Summary:
Ref T10010. When you try to add "Sprint 35" to a task, remove "Sprint 34", etc. Briefly:

  - A task can't be in Sprint 3 and Sprint 4.
  - A task can't be in "A" and "A > B" (but "A > B" and "A > C" are fine).
  - When a user makes an edit which would violate one of these rules, preserve the last tag in each group of conflicts.

Test Plan:
  - Added fairly comprehensive tests.
  - Added a bunch of different tags to things, saw them properly exclude conflicting tags.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T10010

Differential Revision: https://secure.phabricator.com/D15167
2016-02-02 13:12:27 -08:00
epriestley
fc9db6e2a2 Put subprojects and milestones back into the Project UI
Summary: Ref T10010. Restores subprojects and milestones to the UI with a more modern style and more warnings.

Test Plan:
{F1085207}

{F1085208}

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T10010

Differential Revision: https://secure.phabricator.com/D15152
2016-02-01 09:18:11 -08:00
epriestley
c00cd5c2a3 Make hidden and locked configuration even more explicit
Summary:
A user in IRC seemed very confused by this, and worked extremely hard to shoot themsevles in the foot by manually writing locked configuration to the database.

Try to explain why configuration is locked better.

Test Plan:
Mostly reading.

{F1078905}

{F1078906}

Reviewers: chad

Reviewed By: chad

Differential Revision: https://secure.phabricator.com/D15128
2016-01-28 08:18:24 -08:00
epriestley
9c19a026a8 Update old documentation about arc set-config
Summary: Fixes T10223.

Test Plan: Read documentation.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T10223

Differential Revision: https://secure.phabricator.com/D15116
2016-01-26 08:26:26 -08:00
epriestley
c11c7f2900 Prevent "Manage" profile menu items from being hidden
Summary: Ref T10054. Prevent users from removing this item and locking themselves out of the system unless they can guess the URI.

Test Plan: Tried to disable "Manage", wasn't permitted to.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T10054

Differential Revision: https://secure.phabricator.com/D15113
2016-01-25 06:43:03 -08:00
epriestley
7bbd949703 Document that tagging something with a project never affects visibility
Summary: Fixes T10144.

Test Plan: (-O.O-)

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T10144

Differential Revision: https://secure.phabricator.com/D15107
2016-01-24 10:02:22 -08:00
epriestley
df4b484a5f Write documentation for profile menus
Summary: Ref T10054. This is all pretty straightforward. Also include some project-specific examples in the project documentation.

Test Plan: Read documentation.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T10054

Differential Revision: https://secure.phabricator.com/D15090
2016-01-22 08:15:03 -08:00
epriestley
3f36e498b7 Document the new watcher/member/edit notification mail rules
Summary: Ref T10054. This is mostly for completness so I can reference it when closing all the related tasks.

Test Plan: Read documentation.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T10054

Differential Revision: https://secure.phabricator.com/D15066
2016-01-19 19:39:16 -08:00
epriestley
f24318f308 Make "profile menu" configuration mostly work
Summary:
Ref T10054. This does a big chunk of the legwork to let users reconfigure profile menus (currently, just project menus).

This includes:

  - Editing builtin items (e.g., you can rename the default items).
  - Creating new items (for now, only links are available).

This does not yet include:

  - Hiding items.
  - Reordering items.
  - Lots of fancy types of items (dashboards, etc).
  - Any UI changes.
  - Documentation (does feature: TODO link for documentation).

Test Plan:
{F1060695}

{F1060696}

{F1060697}

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T10054

Differential Revision: https://secure.phabricator.com/D15010
2016-01-13 11:45:31 -08:00