1
0
Fork 0
mirror of https://we.phorge.it/source/phorge.git synced 2024-11-15 19:32:40 +01:00
Commit graph

187 commits

Author SHA1 Message Date
epriestley
99ad978e90 Add UI for choosing header color
Summary: See D7731. Fixes T4194.

Test Plan: {F88020}

Reviewers: chad, btrahan

Reviewed By: chad

CC: aran, mbishopim3

Maniphest Tasks: T4194

Differential Revision: https://secure.phabricator.com/D7740
2013-12-07 10:46:09 -08:00
epriestley
5ca84589bd Add an SSH access log
Summary: Ref T4107. Ref T4189. This implements an SSH access log, similar to the HTTP access log.

Test Plan:
  [Thu, 05 Dec 2013 13:45:41 -0800]	77841	orbital	::1	dweller	epriestley	epriestley	git-receive-pack	/diffusion/POEMS/	0	324765	402	232
  [Thu, 05 Dec 2013 13:45:48 -0800]	77860	orbital	::1	dweller	epriestley	epriestley	git-receive-pack	/diffusion/POEMS/	0	325634	402	232

Reviewers: btrahan

Reviewed By: btrahan

CC: aran

Maniphest Tasks: T4107, T4189

Differential Revision: https://secure.phabricator.com/D7719
2013-12-05 17:00:48 -08:00
epriestley
476b27d9c8 Add "phd.user" with sudo hooks for SSH/HTTP writes
Summary:
Ref T2230. When fully set up, we have up to three users who all need to write into the repositories:

  - The webserver needs to write for HTTP receives.
  - The SSH user needs to write for SSH receives.
  - The daemons need to write for "git fetch", "git clone", etc.

These three users don't need to be different, but in practice they are often not likely to all be the same user. If for no other reason, making them all the same user requires you to "git clone httpd@host.com", and installs are likely to prefer "git clone git@host.com".

Using three different users also allows better privilege separation. Particularly, the daemon user can be the //only// user with write access to the repositories. The webserver and SSH user can accomplish their writes through `sudo`, with a whitelisted set of commands. This means that even if you compromise the `ssh` user, you need to find a way to escallate from there to the daemon user in order to, e.g., write arbitrary stuff into the repository or bypass commit hooks.

This lays some of the groundwork for a highly-separated configuration where the SSH and HTTP users have the fewest privileges possible and use `sudo` to interact with repositories. Some future work which might make sense:

  - Make `bin/phd` respect this (require start as the right user, or as root and drop privileges, if this configuration is set).
  - Execute all `git/hg/svn` commands via sudo?

Users aren't expected to configure this yet so I haven't written any documentation.

Test Plan:
Added an SSH user ("dweller") and gave it sudo by adding this to `/etc/sudoers`:

   dweller ALL=(epriestley) SETENV: NOPASSWD: /usr/bin/git-upload-pack, /usr/bin/git-receive-pack

Then I ran git pushes and pulls over SSH via "dweller@localhost". They successfully interacted with the repository on disk as the "epriestley" user.

Reviewers: btrahan

Reviewed By: btrahan

CC: aran

Maniphest Tasks: T2230

Differential Revision: https://secure.phabricator.com/D7589
2013-11-18 08:58:35 -08:00
epriestley
c0e1a63a63 Implement an approval queue
Summary:
  - Add an option for the queue.
  - By default, enable it.
  - Dump new users into the queue.
  - Send admins an email to approve them.

Test Plan:
  - Registered new accounts with queue on and off.
  - As an admin, approved accounts and disabled the queue from email.

Reviewers: btrahan

Reviewed By: btrahan

CC: aran

Differential Revision: https://secure.phabricator.com/D7576
2013-11-13 11:24:56 -08:00
epriestley
d02202cde2 Enable "SSH Keys" auth panel unconditionally
Summary: We've had support for this for a long time, but it was conditional on config. Since it more-or-less actually does something now, just enable it unconditionally.

Test Plan: Settings -> SSH Public Keys

Reviewers: btrahan

Reviewed By: btrahan

CC: hach-que, aran

Maniphest Tasks: T2230

Differential Revision: https://secure.phabricator.com/D7426
2013-10-29 15:32:41 -07:00
epriestley
00bf47f973 Fix "Manage herald rules" link by removing it
Summary: Fixes T4001. I broke this some time ago and no one has complained. I don't think it gets much use, and we haven't added it for the newer apps. Just get rid of it rather than adapt the URIs for ApplicationSearch.

Test Plan: Unit tests, sent myself some email.

Reviewers: zeeg, btrahan

Reviewed By: btrahan

CC: aran

Maniphest Tasks: T4001

Differential Revision: https://secure.phabricator.com/D7355
2013-10-21 16:58:56 -07:00
epriestley
516116e229 Add a config setting for storing application settings
Summary:
I'm just going to store application policy settings (like view/edit policy, and default policies for content) in config, because:

  1) We'll need access to it on every page, and Config is "free" since we already pull it.
  2) Building separate storage and transactions seems like overkill, we get less-nice but pretty-reasonable transactions for free with config.
  3) We could easily move it later if this is a bad call.

Also fix some formatting.

Test Plan: See future revisions.

Reviewers: btrahan

Reviewed By: btrahan

CC: aran

Differential Revision: https://secure.phabricator.com/D7202
2013-10-03 12:39:30 -07:00
epriestley
2d5b59b401 Move policy config to "Policy" app and make policy.allow-public description scarier
Summary: Ref T603. We have a real policy app now, so put the config options there. Revise the description of the public policy switch to make it clear that enabling it immediately opens up the user directory and various other interfaces.

Test Plan: Viewed/edited config setting.

Reviewers: btrahan

Reviewed By: btrahan

CC: aran

Maniphest Tasks: T603

Differential Revision: https://secure.phabricator.com/D7154
2013-09-27 10:50:19 -07:00
epriestley
c72f3b4bf1 Lock uri.allowed-protocols in Config
Summary: This allows administrative overreach. Administrators can enable `javascript:` and then XSS things if this isn't locked.

Test Plan: Viewed value on web UI, verified it was locked.

Reviewers: btrahan

Reviewed By: btrahan

CC: aran

Differential Revision: https://secure.phabricator.com/D6975
2013-09-13 11:48:43 -07:00
epriestley
7a39ac43b4 Add a "list<regex>" config option and move regex config to it
Summary:
Fixes T3807. Several issues:

  - Currently, we split config of type `list<string>` on commas, which makes it impossible to enter a regex with a comma in it.
    - Split on newlines only.
  - Some of the examples are confusing (provided in JSON instead of the format you actually have to enter them).
    - Show examples in the same format you should enter text.
  - We didn't validate regexps.
    - Introduce `list<regex>` to validate regexes.

@hlau: Note that the old config format for the bugtraq stuff implied the delimiters on the regular expression. They are no longer implied. The examples show the correct format.

Test Plan: Viewed and edited affected config, hitting error and success cases.

Reviewers: btrahan

Reviewed By: btrahan

CC: hlau, aran

Maniphest Tasks: T3807

Differential Revision: https://secure.phabricator.com/D6969
2013-09-13 11:48:00 -07:00
epriestley
f37b315dec Correct switched-around configuration descriptions for metamta.herald.show-hints and metamta.reply.show-hints
Summary: Fixes T3710. The text on these options is switched around.

Test Plan: {F54051} {F54052}

Reviewers: btrahan, nmalcolm, chad

Reviewed By: chad

CC: aran

Maniphest Tasks: T3710

Differential Revision: https://secure.phabricator.com/D6737
2013-08-13 08:33:56 -07:00
epriestley
149efe68ab Improve usability of DarkConsole settings
Summary:
Fixes T3632. Cleans up a bunch of DarkConsole stuff:

  - The config setting had out-of-date instructions. Modernize the instructions.
  - The setting was sort of hidden under "Display Preferences". Move it to a new "Developer Preferences".
  - The setting magically appeared if DarkConsole was enabled on the install. Instead, always show it but explain why it isn't availalbe.
  - When the user enables the console, also force it to actually be shown.
  - Call out instructions about use of the "`" key more clearly.

Test Plan: Viewed config setting. Viewed settings panel. Changed setting. Enabling the setting showed DarkConsole.

Reviewers: garoevans, chad, btrahan

Reviewed By: chad

CC: aran

Maniphest Tasks: T3632

Differential Revision: https://secure.phabricator.com/D6594
2013-07-27 20:18:58 -07:00
epriestley
7657c5e145 Fix exception with "phabricator.allowed-uris" when trying to set cookies
Summary: The `phabricator.allowed-uris` config setting is not checked properly when trying to set cookies.

Test Plan:
Set an alternate URI, then accessed Phabricator. No longer received a secondary cookie error.

Hit the new exceptions to test them:

{F51131}
{F51132}

Reviewers: btrahan, garoevans

Reviewed By: btrahan

CC: aran

Differential Revision: https://secure.phabricator.com/D6528
2013-07-22 12:21:08 -07:00
Levi Jackson
d27e7c52b2 Add explicit mysql.port configuration
See: https://github.com/facebook/phabricator/pull/356

Reviewed by: epriestley
2013-07-14 16:06:23 -07:00
epriestley
2b37911097 Make it easier to configure an Asana workspace ID
Summary:
Ref T2852. It's a little tricky to figure out Asana workspace IDs right now. If the viewer has a linked account, just pull their workspaces and show them which IDs are available.

(In theory, we could use a `<select>`, but it would have more edge cases; this seems like a pretty solid fix.)

Test Plan: {F49938}

Reviewers: btrahan

Reviewed By: btrahan

CC: aran

Maniphest Tasks: T2852

Differential Revision: https://secure.phabricator.com/D6437
2013-07-12 13:10:03 -07:00
epriestley
c3b2184977 Mostly modernize Conduit logs
Summary:
  - Add GC support to conduit logs.
  - Add Query support to conduit logs.
  - Record the actual user PHID.
  - Show client name.
  - Support querying by specific method, so I can link to this from a setup issue.

@wez, this migration may not be fast. It took about 8 seconds for me to migrate 800,000 rows in the `conduit_methodcalllog` table. This adds a GC which should keep the table at a more manageable size in the future.

You can safely delete all data older than 30 days from this table, although you should do it by `id` instead of `dateCreated` since there's no key on `dateCreated` until this patch.

Test Plan:
  - Ran GC.
  - Looked at log UI.
  - Ran Conduit methods.

Reviewers: btrahan

Reviewed By: btrahan

CC: wez, aran

Differential Revision: https://secure.phabricator.com/D6332
2013-07-01 12:37:34 -07:00
epriestley
09ebd6617e Add "invisible" styling/config to Phabricator
Summary: Ref T3322. Depends on D6297. Here are some Phabricator tweaks to complment D6297.

Test Plan: {F47522}

Reviewers: garoevans

Reviewed By: garoevans

CC: aran, chad

Maniphest Tasks: T3322

Differential Revision: https://secure.phabricator.com/D6298
2013-06-25 08:40:29 -07:00
epriestley
1834584e98 Provide contextual help on auth provider configuration
Summary:
Ref T1536.

  - Move all the provider-specific help into contextual help in Auth.
  - This provides help much more contextually, and we can just tell the user the right values to use to configure things.
  - Rewrite account/registration help to reflect the newer state of the word.
  - Also clean up a few other loose ends.

Test Plan: {F46937}

Reviewers: chad, btrahan

Reviewed By: chad

CC: aran

Maniphest Tasks: T1536

Differential Revision: https://secure.phabricator.com/D6247
2013-06-20 11:18:48 -07:00
epriestley
3b9ccf11f2 Drive auth config with the database
Summary: Ref T1536. This is the last major migration. Moves us over to the DB and drops all the config stuff.

Test Plan:
  - Ran the migration.
  - Saw all my old config brought forward and respected, with accurate settings.
  - Ran LDAP import.
  - Grepped for all removed config options.

Reviewers: btrahan, chad

Reviewed By: btrahan

CC: aran, wez

Maniphest Tasks: T1536

Differential Revision: https://secure.phabricator.com/D6243
2013-06-20 11:18:11 -07:00
epriestley
059183f6b5 Allow configuration to have custom UI types
Summary:
Ref T1703. This sets the stage for (but does not yet implement) custom UI types for config. In particular, a draggable list for custom fields.

I might make all the builtin types go through this at some point too, but don't really want to bother for the moment. It would be very slightly cleaner but woudn't get us much of anything.

Test Plan:
UI now renders via custom code, although that code does nothing (produces an unadorned text field):

{F45693}

Reviewers: chad

Reviewed By: chad

CC: aran

Maniphest Tasks: T1703

Differential Revision: https://secure.phabricator.com/D6154
2013-06-07 12:36:18 -07:00
Bryan Cuccioli
d78386584f Globally limit the size of generated emails.
Summary: At the global level, truncate emails at a user-configured size.

Test Plan: Untested, as I could not get PHP to send emails on my box, but if you can this should be very easy to test. Just set the max size to something like .001 kilobytes and make sure it does the right thing.

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, Korvin, AnhNhan

Maniphest Tasks: T1392

Differential Revision: https://secure.phabricator.com/D6118
2013-06-05 05:47:31 -07:00
epriestley
9c925464ba Default "environment.append-paths" to include likely paths
Summary:
A few more of these issues have cropped up recently. Basically:

  - Webservers often (by default, I guess?) have a different or nonexistent $PATH.
  - Users have a hard time figuring this out, since it's not obvious that the webserver might have a different configuration than the CLI, and they can run "git" and such themselves fine, and they don't normally use SetEnv or similar in webserver config.

I've been pursuing one prong of attack here (better detection and more tailored errors); this is a second prong (try to just guess the configuration correctly).

In 99% of cases, the binaries in question are in one of these three places, so just make them the default appended paths. If users have wacky configs they can override the setting.

Test Plan: Viewed config locally.

Reviewers: btrahan

Reviewed By: btrahan

CC: aran

Differential Revision: https://secure.phabricator.com/D6039
2013-05-27 13:40:21 -07:00
Gareth Evans
ef797494ca Add Allowed uris config
Summary:
Kind of a quick look at an idea for T2184

Ref T2184

Test Plan: Make sure the site still loads

Reviewers: epriestley

CC: aran, Korvin, mbishopim3

Maniphest Tasks: T2184

Differential Revision: https://secure.phabricator.com/D6045
2013-05-26 10:57:45 -07:00
Zedstar
f53cde8f92 Using PhabricatorExternalAccount
Summary: Using PhabricatorExternalAccount in place maniphest.default-public-author.

Test Plan:
Using receivemail to see if the a new entry is made in the 'phabircator_user.user_externalaccount' table. Few things, I noticed that phabricator creates table 'user_externalaccout'. And now it throws up error 'Unknown column 'dateCreated' in 'field list''. Awaiting your comments.
{F41370}

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, Korvin, AnhNhan

Maniphest Tasks: T1205

Differential Revision: https://secure.phabricator.com/D5747
2013-04-28 13:22:33 -07:00
epriestley
97ff7fe259 Make "isInstalled()" respect beta apps
Summary:
Currently, `isInstalled()` and `getAllInstalledApplications()` are inconsistent:

  - `isInstalled()` returns true for beta apps, even if `phabricator.show-beta-applications` is false.
  - `getAllInstalledApplications()` omits beta apps if `phabricator.show-beta-applications` is false.

Making the beta config control installs (not just homepage visibility) makes far more sense as we roll out more thorough application integrations.

Make `isInstalled()` respect beta, and clean up some callsites.

D5602 builds on this.

Test Plan: Installed/uninstalled beta apps, verified Conpherence menu/panel and other application integrations dropped out of the UI.

Reviewers: vrana, btrahan

Reviewed By: vrana

CC: aran

Differential Revision: https://secure.phabricator.com/D5603
2013-04-06 09:25:13 -07:00
epriestley
8b6fc615f4 Ignore and README for support/bin
Summary:
See D5561. Ref T2378.

  - Add `support/bin/*` to .gitignore so any symlinks or binaries won't get picked up by Git.
  - Add a README so Git preserves the directory and there's at least //some// documentation of its existence.

Test Plan: ummmmm

Reviewers: jevripio, codeblock, btrahan

Reviewed By: jevripio

CC: aran

Maniphest Tasks: T2378

Differential Revision: https://secure.phabricator.com/D5562
2013-04-03 12:58:39 -07:00
epriestley
cde1416446 Guarantee the existence of the Phabricator access log
Summary:
We have a fair number of conditionals on the existence of the access log. Instead, always build it and just don't write it if the user doesn't want a version on disk.

Also, formalize logged-in user PHID (avoids object existence juggling) in the access log and move microseconds-since-startup to PhabricatorStartup (simplifies index.php).

Depends on D5532. Fixes T2860. Ref T2870.

Test Plan: Disabled access log, verified XHProf writes occurred correctly.

Reviewers: btrahan, chad

Reviewed By: btrahan

CC: aran

Maniphest Tasks: T2860, T2870

Differential Revision: https://secure.phabricator.com/D5533
2013-04-02 09:53:56 -07:00
epriestley
b048bd0593 Add platform detection and a Windows-specific monospaced font override
Summary: Use UA strings to detect platform; override general monospaced settings with platform-specific ones. Fixes T2868.

Test Plan: whatcouldgowrong

Reviewers: chad

Reviewed By: chad

CC: aran

Maniphest Tasks: T2868

Differential Revision: https://secure.phabricator.com/D5526
2013-04-01 13:48:57 -07:00
Lauri-Henrik Jalonen
9a15f243fa PhabricatorCaches use namespace if set
Summary: PhabricatorCaches now uses namespaced caches if cofig option for cache is set.

Test Plan: noidea

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, Korvin

Maniphest Tasks: T2786

Differential Revision: https://secure.phabricator.com/D5425
2013-03-22 16:28:28 -07:00
James Rhodes
4674b88ff6 Added configurable welcome content for Phabricator home page.
Summary:
The welcome.enabled feature is turned on by default; unsure of
whether this is desired by upstream.

Test Plan:
Apply the patch and see the welcome content.  It's configurable
in the config.

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, Korvin

Differential Revision: https://secure.phabricator.com/D5339
2013-03-21 16:02:35 -07:00
Nick Pellegrino
be7677f211 Config option to ignore setup issues
Summary: T2381

Test Plan:
Include existing setup issues in the ignore config option,
reduces the number of setup issues in the status bar, moves ignored
issues to the bottom of the list, and marks them as ignored.

Also include a string corresponding to no setup issue, and verify that
application does not break.

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, Korvin

Differential Revision: https://secure.phabricator.com/D5072
2013-02-22 10:08:20 -08:00
vrana
c1f234759b Prefer MySQLi over MySQL
Summary: Makes sense with `QueryFuture`.

Test Plan: Switched secure.phabricator.com to MySQLi and nothing exploded.

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, Korvin

Differential Revision: https://secure.phabricator.com/D5066
2013-02-22 10:00:26 -08:00
Matt Robenolt
e6281c3db0 Add the ability to create a macro from a url
Test Plan: Enter in a url and create a macro. :)

Reviewers: epriestley

Reviewed By: epriestley

CC: epriestley, aran, dctrwatson, Korvin

Differential Revision: https://secure.phabricator.com/D5039
2013-02-21 12:51:28 -08:00
epriestley
a22bea2a74 Apply lint rules to Phabricator
Summary: Mostly applies a new call spacing rule; also a few things that have slipped through via pull requests and such

Test Plan: `find src/ -type f -name '*.php' | xargs -n16 arc lint --output summary --apply-patches`

Reviewers: chad

Reviewed By: chad

CC: aran

Differential Revision: https://secure.phabricator.com/D5002
2013-02-19 13:33:10 -08:00
Afaque Hussain
9c19e9b7d8 Preserving the Animation of Gif Images
Summary: Preserving animation of GIF profile Pictures

Test Plan: Uploaded Animated images as profile pictures to check if the animation of gif images is preserved and it does :) somewhat !

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, Korvin

Differential Revision: https://secure.phabricator.com/D4833
2013-02-08 09:42:28 -08:00
Bryan Cuccioli
c105a5bde0 Refactor developer options to specific developer-mode option.
Summary: Refactor options related to verbose error reporting and forcing disk reads into a single developer option.

Test Plan: Run Phabricator with the developer-mode option set and check that errors print stack traces, static assets are always reloaded, etc.

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, Korvin

Differential Revision: https://secure.phabricator.com/D4780
2013-02-01 10:12:17 -08:00
Afaque Hussain
5017c80b31 Installation & Uninstallion of Applications
Summary: Created Applications application which allows uninstallation & installation of application.

Test Plan: In "Applications" application, clicked on uninstalled the application by cliking Uninstall and chekcing whether they are really uninstalled(Disabling URI & in appearance in the side pane). Then Clicked on the install button of the uninstalled application to check whether they are installed.

Reviewers: epriestley

CC: aran, Korvin

Differential Revision: https://secure.phabricator.com/D4715
2013-01-29 09:17:24 -08:00
Bob Trahan
4d22c9104f Conpherence - reply handler integration
Summary: Added a reply handler. A few problems -- first, I can't seem to get this to actually send me email so I haven't been able to reply (which I would have done by generating a reply, then copying the raw email into scripts/mail_handler.php). Second, the subject is often terrible on these emails -- unless the conpherence is named its something gross like "E4:" Third, on create I am noticing an error on array_combine() which I think is related to the need to write array_combine_not_broken or what have you I saw go by... (PhabricatorTransactionEditor does array_combine(xaction->getOldValue(), xaction->getOldValue()) and complains that the arrays are empty)

Test Plan: noted that /mail/ said mails were being sent

Reviewers: epriestley

Reviewed By: epriestley

CC: chad, aran, Korvin

Maniphest Tasks: T2399

Differential Revision: https://secure.phabricator.com/D4656
2013-01-25 16:03:54 -08:00
Ricky Elrod
e990488889 Set some defaults back to correctness.
Summary:
There were a few defaults that got changed when porting to PHP. Most of them
seem to be accidental, so this diff sets them back to correctness.

Test Plan:
  php> require '../libphutil/src/__phutil_library_init__.php';
  php> require 'src/__phutil_library_init__.php'
  php> $a = PhabricatorApplicationConfigOptions::loadAllOptions()
  php> $b = require 'conf/default.conf.php';
  php> $x = array();
  php> foreach($a as $key => $obj) { $x[$key] = $obj->getDefault(); }
  php> foreach($x as $key => $default) { if ($b[$key] != $default) { echo "$key has different default.\n"; } }

  log.access.format has different default.
  (seems to be intentional)

  PHP Notice:  Undefined index: phabricator.env in /usr/lib/python2.7/site-packages/phpsh/phpsh.php(577) : eval()'d code on line 1
  (no longer in config file)

  PHP Notice:  Undefined index: test.value in /usr/lib/python2.7/site-packages/phpsh/phpsh.php(577) : eval()'d code on line 1
  (not in config file)

  metamta.default-address has different default.
  (intentional)

  metamta.domain has different default.
  (intentional)

  PHP Notice:  Undefined index: phid.external-loaders in /usr/lib/python2.7/site-packages/phpsh/phpsh.php(577) : eval()'d code on line 1
  (no longer in config file)

  phame.skins has different default.
  (fixed in D4618)

Reviewers: epriestley, btrahan

Reviewed By: epriestley

CC: aran, Korvin

Maniphest Tasks: T2255

Differential Revision: https://secure.phabricator.com/D4621
2013-01-24 12:10:41 -08:00
epriestley
3440892d7b Allow some protocols
Summary: I heard this HTTP thing is pretty good.

Test Plan: @starruler did things which confirmed this is less bad than D4611.

Reviewers: starruler

Reviewed By: starruler

CC: aran

Differential Revision: https://secure.phabricator.com/D4612
2013-01-23 18:44:19 -08:00
epriestley
62a27c1caa Fix uri.allowed-protocols default value
Summary: Fixes T2392.

Test Plan: grepped for others, this is the only `set` with non-array default

Reviewers: chad, starruler

Reviewed By: starruler

CC: aran

Maniphest Tasks: T2392

Differential Revision: https://secure.phabricator.com/D4611
2013-01-23 18:40:19 -08:00
epriestley
c95dcab439 Set hard-coded defaults for list<string> values to array()
Summary: These should default to array() so they're safe to `foreach` over.

Test Plan: Grepped for 'list<string>'.

Reviewers: codeblock, btrahan, starruler, vrana

Reviewed By: vrana

CC: aran

Differential Revision: https://secure.phabricator.com/D4600
2013-01-23 13:12:23 -08:00
epriestley
7e17acfb68 Remove PhabricatorSetup and make PHABRICATOR_ENV optional
Summary:
  - PHABRICATOR_ENV is now optional. If you don't specify it, we won't load a config file.
  - PhabricatorSetup is now gone.
    - I removed the alternate file domain check for now, see T2380.
  - `phabricator.setup` config is now gone.
  - Rewrote documentation:
    - No more mentions of `phabricator.setup`.
    - Normal install guide no longer mentions PHABRICATOR_ENV. This is now an advanced topic.
    - Clarified that you only need to set up one of apache, nginx or lighttpd.
    - Tweaked a few things I've seen users have difficulty with.

This should have no effect on any existing installs, but make the process much simpler for future installs.

Closes T2221.
Closes T2223.
Closes T2228.

Test Plan:
  - Removed my PHABRICATOR_ENV and went through the install process.
  - Generated and read documentation.

Reviewers: btrahan, chad

Reviewed By: btrahan

CC: aran

Maniphest Tasks: T2221, T2223, T2228

Differential Revision: https://secure.phabricator.com/D4596
2013-01-23 12:03:19 -08:00
epriestley
4425903480 Don't require phabricator.base-uri to be configured
Summary:
Fixes T2293.

We currently hard-require this in setup. We do not need to; we don't actually need it until we start running daemons. Move it to post-install and provide more guidance.

We could make this even easier in the future, but we'd need to special case it, since it's dangerous to let it be set to any value (if you set it to the wrong value, you can't log in). We could safely have a workflow which writes the current request URI into the database configuration, or a two-stage workflow where we set the URI and then verify it, but these both imply some special casing and complication. This should be a step forward from where we are today, regardless.

Test Plan:
Removed "phabricator.base-uri" from my configuration. Verified Phabricator still works.

Without "phabricator.base-uri" configured, logged in from multiple host names (127.0.0.1:8080, local.aphront.com:8080).

Configured "phabricator.base-uri". Verified my unblessed session no longer worked. Verified setup issue went away.

Reviewers: btrahan, vrana

Reviewed By: btrahan

CC: aran

Maniphest Tasks: T2293

Differential Revision: https://secure.phabricator.com/D4580
2013-01-22 13:57:02 -08:00
Ricky Elrod
bad95c15ce Add enum option type.
Summary: Might not be the cleanest way to do this, but seems to work.

Test Plan:
- Saved an option which used the new enum type.
- Changed it.
- Saw it show up on the list view.

Reviewers: epriestley, chad

Reviewed By: epriestley

CC: aran, Korvin

Maniphest Tasks: T2255

Differential Revision: https://secure.phabricator.com/D4572
2013-01-21 18:48:29 -08:00
Nick Pellegrino
3e6fa43658 getConfigEnv fails fast when key is not found and no default value is given.
Summary:
T2345
getConfig throws an Exception when the key does not exist.
Also removes dead code that throws an Exception.

Test Plan:
Reloaded the Phabricator home page.  In the process, found
2 Exceptions thrown due to nonexistent keys.  After addressing these problems,
the home page loads without Exceptions.

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, Korvin

Differential Revision: https://secure.phabricator.com/D4541
2013-01-19 12:11:28 -08:00
Lauri-Henrik Jalonen
2a6060a763 Added beta status for applications
Summary: Fixes T2338

Test Plan: bjhb

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, Korvin, chad

Maniphest Tasks: T2338

Differential Revision: https://secure.phabricator.com/D4529
2013-01-19 10:31:28 -08:00
Debarghya Das
2888d58034 Moved Version Footer from Footer to /config/all
Summary: Fixed T2349

Test Plan:
Could not visibly see version at footer any more. Appeared in the top of /config.
Does not appear as a config option in /config.

Reviewers: epriestley

CC: aran, Korvin

Maniphest Tasks: T2349

Differential Revision: https://secure.phabricator.com/D4539
2013-01-19 10:27:59 -08:00
Asher Baker
da9315b145 Read default values of custom config options
Summary: Because the Default configuration provider is loaded before custom libraries, any config options specified in them don't get a default values.

Test Plan: Looked at /config/

Reviewers: epriestley, codeblock, btrahan

Reviewed By: epriestley

CC: aran, Korvin

Differential Revision: https://secure.phabricator.com/D4532
2013-01-19 08:36:08 -08:00
epriestley
5beaafb952 Load libraries before adding database config
Summary:
If your configuration overrides the connection adapter, we need to load libraries before we can setup the database config source.

Also lock this since it won't work when edited from the web anymore, and so sneaky users can't upload stuff and then edit their config to run arbitrary code.

Test Plan: See chatlog in #phabricator. This is a problem for Facebook only.

Reviewers: vrana, btrahan

Reviewed By: vrana

CC: aran

Differential Revision: https://secure.phabricator.com/D4498
2013-01-17 18:59:58 -08:00
Ricky Elrod
da6296a176 LDAP STARTTLS option.
Summary: For GitHub PR 246.

Test Plan: Looked at the option.

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, Korvin

Maniphest Tasks: T2255

Differential Revision: https://secure.phabricator.com/D4485
2013-01-17 09:50:01 -08:00
epriestley
83f5452d53 Implement all remaining config options
Summary: Resolves T2255.

Test Plan: Looked at mail options. Saw no remaining "Setup Issues".

Reviewers: codeblock, btrahan

Reviewed By: codeblock

CC: aran

Maniphest Tasks: T2255

Differential Revision: https://secure.phabricator.com/D4477
2013-01-16 15:06:39 -08:00
epriestley
99847da3aa Mask remaining config values, and implement set type
Summary: The remaining hash/key values are already-migrated, I am just bad at grep. Also implement a "set" type.

Test Plan: Looked at set, edited set.

Reviewers: codeblock, btrahan

Reviewed By: codeblock

CC: aran

Maniphest Tasks: T2255

Differential Revision: https://secure.phabricator.com/D4476
2013-01-16 15:06:07 -08:00
epriestley
3ded757e84 Implement more configuration options
Summary:
Allow extra options to be locked, hidden or masked via config. These options are themselves locked and can not be edited via the web UI.

The primary goal here is to let us lock or hide things from SaaS installs (e.g., keys, etc.), or to let server administrators lock or hide information from web UI administrators if they want to for some reason.

The secondary goal is to remove the `darkconsole.config-mask` option, although I might just remove the panel entirely and put it in the config app, since that probably makes far more sense. Yeahhhhh... probably doing that.

These options need masks when ported (they haven't been ported yet):

    phabricator.csrf-key
    phabricator.mail-key
    security.hmac-key

Test Plan: Artifically tweaked lock/hide settings on options, verified the UI respected them.

Reviewers: codeblock, btrahan

Reviewed By: codeblock

CC: aran

Maniphest Tasks: T2255

Differential Revision: https://secure.phabricator.com/D4472
2013-01-16 10:52:09 -08:00
Ricky Elrod
65fbbd06c6 OAuth options.
Test Plan: Looked at the options.

Reviewers: epriestley, btrahan, chad

Reviewed By: epriestley

CC: aran, Korvin

Maniphest Tasks: T2255

Differential Revision: https://secure.phabricator.com/D4470
2013-01-16 10:00:54 -08:00
Ricky Elrod
8b1fb16865 Don't preface 'Daemons' with 'Phabricator'.
Summary:
It's obvious that they're Phabricator related (why else would we provide
settings for them) and nothing else is prefaced.

Test Plan: Looked at /config/

Reviewers: epriestley, chad, btrahan

Reviewed By: epriestley

CC: aran, Korvin

Maniphest Tasks: T2255

Differential Revision: https://secure.phabricator.com/D4471
2013-01-16 09:47:29 -08:00
epriestley
b04a6a1999 Diffusion / MetaMTA options
Summary: Implement Diffusion MetaMTA options. Also make the fake '{{config.option}}' rule work, and use Remarkup to render summaries as well as descriptions.

Test Plan: Looked at Diffusion rules, edited some, looked at setup issues, verified '{{config.option}}' linked to the right option.

Reviewers: codeblock, btrahan

Reviewed By: codeblock

CC: aran

Maniphest Tasks: T2255

Differential Revision: https://secure.phabricator.com/D4466
2013-01-16 09:08:13 -08:00
epriestley
950076ec95 Bring SendGrid configuration into PHP
Summary: Port more settings.

Test Plan: Looked at, edited settings.

Reviewers: codeblock, btrahan

Reviewed By: codeblock

CC: aran

Maniphest Tasks: T2255

Differential Revision: https://secure.phabricator.com/D4442
2013-01-15 12:04:05 -08:00
epriestley
c8a2bc982c Bring PHPMailer config into the new config UI
Summary:
Port PHPMailer options. Also:

  - Don't show values on config lists if they're masked (this is mostly for passwords, to prevent them from being idly/accidentally disclosed).
  - Don't show "default" icon -- just show an icon if the value has been customized. This makes it easier to pick out custom values.

Test Plan: Looked at / edited mailer values.

Reviewers: codeblock, btrahan

Reviewed By: codeblock

CC: aran

Maniphest Tasks: T2255

Differential Revision: https://secure.phabricator.com/D4441
2013-01-15 12:03:44 -08:00
Ricky Elrod
0c6e5f86bc Port a few various options.
Summary:
- remarkup.enable-embedded-youtube
- controller.oauth-registration
- aphront.default-application-configuration-class
- cache.enable-deflate

Test Plan: Saw the new options in the web interface.

Reviewers: epriestley, chad, btrahan

Reviewed By: epriestley

CC: aran, Korvin

Maniphest Tasks: T2255

Differential Revision: https://secure.phabricator.com/D4424
2013-01-13 15:10:40 -08:00
Ricky Elrod
dceb161150 Add the tokenizer.ondemand setting to Core for now.
Summary:
T2255 lists it as "???" and we don't have a "Misc" category and it seems silly
to make it for one option, so stick this in core for now.

Test Plan: Went to the setting page and saw the bool options.

Reviewers: epriestley, chad

Reviewed By: epriestley

CC: aran, Korvin

Maniphest Tasks: T2255

Differential Revision: https://secure.phabricator.com/D4389
2013-01-10 11:09:38 -08:00
Ricky Elrod
054f09fb50 Add syntax highlighting options.
Test Plan: Quick view of each option in the web interface.

Reviewers: epriestley, btrahan, chad

Reviewed By: epriestley

CC: aran, Korvin

Maniphest Tasks: T2255

Differential Revision: https://secure.phabricator.com/D4386
2013-01-10 09:56:39 -08:00
epriestley
bc2db90f61 Minor, fix old call to setOptions() introduced out of order.
Auditors: codeblock
2013-01-09 08:15:18 -08:00
Ricky Elrod
71b5d8f584 Default to "True" and "False" for bool options.
Summary:
Rather than throwing if we don't `setOptions()`, let's just default to `true`
and `false`.

Test Plan:
Removed a `setOptions()` call temporarily and saw options default to
`true` / `false`.

Reviewers: epriestley, btrahan, chad

Reviewed By: epriestley

CC: aran, Korvin

Maniphest Tasks: T2255

Differential Revision: https://secure.phabricator.com/D4368
2013-01-09 08:14:29 -08:00
Ricky Elrod
cdaf898b9c PHD Options.
Test Plan: Looked at the options render properly.

Reviewers: epriestley, btrahan, chad

Reviewed By: epriestley

CC: aran, Korvin

Maniphest Tasks: T2255

Differential Revision: https://secure.phabricator.com/D4367
2013-01-09 06:05:36 -08:00
Ricky Elrod
f7939b90e3 Fix reversed order of boolean config options.
Summary: See discussion in D4355, this fixes reversed bool logic.

Test Plan:
- Quickly viewed in the web interface to make sure it didn't break anything.
- Saved `ldap.auth-enabled` with correct boolean value in the db.

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, Korvin

Differential Revision: https://secure.phabricator.com/D4357
2013-01-07 13:54:37 -08:00
Ricky Elrod
9aa772ed00 First go at Authentication config options.
Test Plan: Looked at them in the web UI.

Reviewers: epriestley, chad, btrahan

Reviewed By: epriestley

CC: aran, Korvin

Maniphest Tasks: T2255

Differential Revision: https://secure.phabricator.com/D4355
2013-01-07 12:48:43 -08:00
Ricky Elrod
49b842187e Add Policy options.
Test Plan: Looked at the setting and available options from the dropdown.

Reviewers: epriestley, chad

Reviewed By: chad

CC: aran, Korvin

Maniphest Tasks: T2255

Differential Revision: https://secure.phabricator.com/D4354
2013-01-07 12:47:29 -08:00
Ricky Elrod
ae0773b789 Add translations config group.
Summary:
Adds the translations group as per T2255. Currently `translation.override` is
`wild` -- it should be changed to dict<string, string> when that exists.

Also fixes a small bug from D4326 which caused "class" types to not ever
validate.

Test Plan:
- Looked at the settings.
- Successfully saved a setting relating to classes.

Reviewers: epriestley, btrahan

Reviewed By: epriestley

CC: aran, Korvin

Maniphest Tasks: T2255

Differential Revision: https://secure.phabricator.com/D4350
2013-01-04 16:22:56 -08:00
epriestley
9a936b5bf3 Move notification configuration into PHP
Summary: Bring notification settings to PHP.

Test Plan: Viewed notification settings in /config/.

Reviewers: codeblock, btrahan

Reviewed By: btrahan

CC: aran

Maniphest Tasks: T2255

Differential Revision: https://secure.phabricator.com/D4337
2013-01-03 09:29:19 -08:00
epriestley
af604464d7 Move Recaptcha config to PHP
Summary: Bring these over. Also sort the group list.

Test Plan: Viewed config.

Reviewers: btrahan, codeblock, chad

Reviewed By: chad

CC: aran

Maniphest Tasks: T2255

Differential Revision: https://secure.phabricator.com/D4338
2013-01-03 09:17:38 -08:00
epriestley
0902543fc8 Port MySQL settings to PHP
Summary:
  - Ports MySQL settings to PHP.
  - Removes "mysql.retries" -- this existed only because Magic Numbers Are Bad, but there is no concievable reason it should ever be set to anything other than 3.
  - Introduced "Hidden" config, which isn't visible from the web (for SaaS, we'll just mark anything with secret keys as "hidden").
  - Introduced "Masked" config, which will be masked in darkconsole once that gets updated.
  - "Hidden" implies "Masked" and "Locked".
  - Moved "storage.default-namespace" here -- it probably makes more sense than core; this was my bad in T2255.
  - Put cancel button back for hidden/locked config.
  - Introduce 'class' config type.

Test Plan: Viewed MySQL options. None are editable.

Reviewers: codeblock, btrahan

Reviewed By: codeblock

CC: aran

Maniphest Tasks: T2255

Differential Revision: https://secure.phabricator.com/D4326
2013-01-03 06:01:14 -08:00
Ricky Elrod
3b3808c476 Add the rest of the "Debug/Developer" config group.
Summary:
- Adds the rest of the group as per T2255.
- Adds a pht() around the `$developer_warning` in `PhabricatorStandardPageView`.

Test Plan:
- Viewed new config options.
- Triggered a fake warning to make sure I didn't break error callouts.

Reviewers: epriestley, btrahan

Reviewed By: epriestley

CC: aran, Korvin

Maniphest Tasks: T2255

Differential Revision: https://secure.phabricator.com/D4333
2013-01-03 05:48:21 -08:00
Ricky Elrod
f84e0ca533 Add the "Security" config group options.
Summary: Added all the "Security" group options listed in T2255.

Test Plan:
- Looked at all the options.
- Tested validation on `security.alternate-file-domain`

Reviewers: epriestley, btrahan

Reviewed By: epriestley

CC: aran, Korvin

Maniphest Tasks: T2255

Differential Revision: https://secure.phabricator.com/D4334
2013-01-03 05:46:37 -08:00
Ricky Elrod
7b2ab1a4bc Add the "Extending Phabricator" config group.
Summary: Refs T2255 and takes care of the "EXTENDING PHABRICATOR" group thereof.

Test Plan: Looked at each of the new options.

Reviewers: epriestley, btrahan

Reviewed By: epriestley

CC: aran, Korvin

Maniphest Tasks: T2255

Differential Revision: https://secure.phabricator.com/D4325
2013-01-02 15:52:36 -08:00
Ricky Elrod
cad546301d Add pht() to two strings in Core settings.
Summary: See title.

Test Plan: Checked that the strings still rendered.

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, Korvin

Maniphest Tasks: T2255

Differential Revision: https://secure.phabricator.com/D4327
2013-01-02 15:52:19 -08:00
epriestley
962b432bfb Move LDAP config into PHP
Summary: This config section is weak (poorly documented) and inconsistent (keys with "_" instead of "-") but I'm going to keep punting on improving it until after T1536.

Test Plan: Loaded, examined LDAP config.

Reviewers: btrahan, codeblock

Reviewed By: codeblock

CC: aran

Maniphest Tasks: T2255

Differential Revision: https://secure.phabricator.com/D4322
2013-01-02 14:04:05 -08:00
epriestley
a3fdb20a8e Move GC into PHP and simplify it
Summary:
  - Move GC options into PHP.
  - Remove the "run at" and "run for" options. The GC daemon doesn't actually do any table scans, is very gentle, and runs for like 3 seconds per day in any normal install. Just limit it to running once every 4 hours when it's caught up and call it a day.

Test Plan: Edited GC options.

Reviewers: btrahan, codeblock

Reviewed By: codeblock

CC: aran

Maniphest Tasks: T2255

Differential Revision: https://secure.phabricator.com/D4321
2013-01-02 14:03:08 -08:00
epriestley
9cef013def Allow configuration options to be locked
Summary: Some config shouldn't reasonably be edited from the web interface because it immediately torpedoes the install if you make a mistake. Block edits to "locked" config.

Test Plan: Tried to edit locked config, got denied. Viewed locked config on edit and list screens.

Reviewers: codeblock, btrahan

Reviewed By: btrahan

CC: aran

Maniphest Tasks: T2255

Differential Revision: https://secure.phabricator.com/D4320
2013-01-02 14:02:43 -08:00
epriestley
db21319b39 Specialize list<string> in config
Summary: Specialize editing, display and validation of list<string> options.

Test Plan: Edited, viewed and validated "environment.append-paths".

Reviewers: codeblock, btrahan

Reviewed By: btrahan

CC: aran

Maniphest Tasks: T2255

Differential Revision: https://secure.phabricator.com/D4319
2013-01-02 14:02:31 -08:00
epriestley
cff043a800 Validate timezones
Summary:
Add validation for timezones, since date_default_timezone_set() returns a usable error code.

Note that we could also list all the timezones using timezone_identifiers_list(), but the list is enormous (many hundreds of entries) and impossible to use (~160 entries in "America" alone). I listed the likely US values as examples but left it as a string input text field.

Test Plan: Tried to save an invalid setting. Saved a valid setting.

Reviewers: codeblock, btrahan

Reviewed By: btrahan

CC: aran

Maniphest Tasks: T2255

Differential Revision: https://secure.phabricator.com/D4318
2013-01-02 14:02:22 -08:00
Ricky Elrod
9c41ea9609 Add some more options to the "core" group.
Summary:
Refs #2255 and completes the first group ("CORE") in @epriestley's comment
thereof.

Test Plan: Saw the new options appear in the list and save correctly.

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, Korvin

Differential Revision: https://secure.phabricator.com/D4317
2013-01-02 06:55:16 -08:00
epriestley
ec7d799b2f Add "Core" config, with complex validation
Summary: This is more or less a copy of the validation which lives in `webroot/index.php` right now, but I don't want to wipe that out just yet because there's no way for normal users to see this new validation.

Test Plan: Tried to set "phabricator.base-uri" to crazy nonsense, was harshly rebuffed.

Reviewers: codeblock, btrahan

Reviewed By: codeblock

CC: aran

Maniphest Tasks: T2255

Differential Revision: https://secure.phabricator.com/D4316
2013-01-01 18:22:48 -08:00
epriestley
a86fd38394 Allow configuration to be explicitly validated, including validation of complex attributes
Summary:
  - Allows us to implement setup warnings for edits which don't go through the web UI, e.g. "you edited a config file and set value X to something goofy".
  - Allows us to implement more sophisticated validations, beyond basic type checks (e.g., "phabricator.base-uri" must be a URI).
  - Fixes T358 (or, close enough -- fixes it for all options which have been migrated as per T2255.

Test Plan: Set "darkconsole.enabled" to "xyz" in my config, observed setup warning. Added fake validation, observed web UI edit error.

Reviewers: codeblock, btrahan

Reviewed By: codeblock

CC: aran

Maniphest Tasks: T2255, T358

Differential Revision: https://secure.phabricator.com/D4315
2013-01-01 18:15:03 -08:00
epriestley
8a52a6d585 Add Disqus, Facebook, Google, GitHub auth config; AWS config
Summary: Also improve behavior for the "unknown config" warning.

Test Plan: Looked at configs, went through unknown config workflow.

Reviewers: btrahan, codeblock

Reviewed By: btrahan

CC: aran

Maniphest Tasks: T2255

Differential Revision: https://secure.phabricator.com/D4310
2013-01-01 14:09:29 -08:00
epriestley
a3bff35b2b Add "Developer" and "Access Log" config option groups, some types
Summary:
  - Add a "developer" option group.
  - Add an "access log" option group.
  - Render the types "bool", "int" and "string" in a more tailored way.
  - Add a config check for dead config. Right now this serves as a "TODO" list of things that need to be migrated.

Test Plan: Looked at config options, setup issues. Edited bool, int, string options.

Reviewers: codeblock, btrahan

Reviewed By: codeblock

CC: aran

Maniphest Tasks: T2255

Differential Revision: https://secure.phabricator.com/D4308
2013-01-01 14:09:17 -08:00
epriestley
b852f213c3 Begin moving Phabricator configuration into PHP
Summary: Ref T2255. Ref T2221. Lay the groundwork to move configuration into PHP, so we can show descriptions in the web UI, do typechecking, disable application options when an application is uninstalled, etc.

Test Plan:
{F28421}
{F28420}
{F28422}

Reviewers: codeblock, btrahan, vrana

Reviewed By: codeblock

CC: aran

Maniphest Tasks: T2221, T2255

Differential Revision: https://secure.phabricator.com/D4306
2012-12-30 15:36:06 -08:00