1
0
Fork 0
mirror of https://we.phorge.it/source/phorge.git synced 2024-11-30 18:52:42 +01:00
Commit graph

225 commits

Author SHA1 Message Date
epriestley
8798083ad9 Proxy VCS SSH requests
Summary: Fixes T7034. Like HTTP, proxy requests to the correct host if a repository has an Almanac service host.

Test Plan: Ran VCS requests through the proxy.

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: epriestley

Maniphest Tasks: T7034

Differential Revision: https://secure.phabricator.com/D11543
2015-01-28 14:41:24 -08:00
epriestley
d8550c114d Promote instance identity to the upstream and pass it to commit hooks
Summary:
Fixes T7019. In a cluster environment, pushes currently fail because the commit hook can't identify the instance.

For web processes, the hostname identifies the instance -- but we don't have a hostname in the hook.

For CLI processes, the environment identifies the instance -- but we don't have an environment in the hook under SVN.

Promote the instance identifier into the upstream and pack/unpack it explicitly for hooks. This is probably not useful for anyone but us, but the amount of special-purpose code we're introducing is very small.

I poked at trying to do this in a more general way, but:

  - We MUST know this BEFORE we run code, so the normal subclassing stuff is useless.
  - I couldn't come up with any other parameter which might ever be useful to pass in.

Test Plan: Used `git push` to push code through proxied HTTP, got a clean push.

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: epriestley

Maniphest Tasks: T7019

Differential Revision: https://secure.phabricator.com/D11495
2015-01-27 14:51:48 -08:00
Bob Trahan
923096efc8 Config - add phd.variant-config to suppress "Daemon & Web config" error message on a per key basis
Summary: Fixes T6959.

Test Plan: When I was ready to test the feature, the "Daemon & Web config" error already showed up, from having added phd.variant-config. I went meta and changed the value of phd.variant-config to have phd.variant-config. The config error disappeared. I then changed the conpherence setting about conpherence email prefix and the error showed up again. Removing the conpherence config setting made the error disappear once more.

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: Korvin, epriestley

Maniphest Tasks: T6959

Differential Revision: https://secure.phabricator.com/D11399
2015-01-14 13:46:31 -08:00
epriestley
9e0f70e17d Rewrite Aphlict to use Websockets
Summary:
Fixes T6559. No more flash, use Websockets. This is less aggressive than the earlier version, and retains more server logic.

  - Support "wss".
  - Make the client work.
  - Remove "notification.user" entirely.
  - Seems ok?

Test Plan:
In Safari, Firefox and Chrome, saw the browsers connect. Made a bunch of comments/updates and saw notifications.

Notable holes in the test plan:

  - Haven't tested "wss" yet. I'll do this on secure.
  - Notifications are //too fast// now, locally. I get them after I hit submit but before the page reloads.
  - There are probably some other rough edges, this is a fairly big patch.

Reviewers: joshuaspence, btrahan

Reviewed By: joshuaspence, btrahan

Subscribers: fabe, btrahan, epriestley

Maniphest Tasks: T6713, T6559

Differential Revision: https://secure.phabricator.com/D11143
2015-01-08 10:03:00 -08:00
epriestley
fa7bb8ff7a Add cluster.addresses and require membership before accepting cluster authentication tokens
Summary:
Ref T2783. Ref T6706.

  - Add `cluster.addresses`. This is a whitelist of CIDR blocks which define cluster hosts.
  - When we recieve a request that has a cluster-based authentication token, require the cluster to be configured and require the remote address to be a cluster member before we accept it.
    - This provides a general layer of security for these mechanisms.
    - In particular, it means they do not work by default on unconfigured hosts.
  - When cluster addresses are configured, and we receive a request //to// an address not on the list, reject it.
    - This provides a general layer of security for getting the Ops side of cluster configuration correct.
    - If cluster nodes have public IPs and are listening on them, we'll reject requests.
    - Basically, this means that any requests which bypass the LB get rejected.

Test Plan:
  - With addresses not configured, tried to make requests; rejected for using a cluster auth mechanism.
  - With addresses configred wrong, tried to make requests; rejected for sending from (or to) an address outside of the cluster.
  - With addresses configured correctly, made valid requests.

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: epriestley

Maniphest Tasks: T6706, T2783

Differential Revision: https://secure.phabricator.com/D11159
2015-01-02 15:13:41 -08:00
epriestley
c8d707caa0 Improve pygments.enabled discussion
Summary: Ref T6533. Provide better instructions around installing, enabling, and troubleshooting Pygments.

Test Plan: Read documentation, viewed config option, clicked links.

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: epriestley, fabe

Maniphest Tasks: T6533

Differential Revision: https://secure.phabricator.com/D11053
2014-12-29 16:15:48 -08:00
epriestley
2c7be52fc2 Lock phabricator.show-prototypes
Summary:
Two goals:

  - If an attacker compromises an administrator account (without compromising the host itself), they can currently take advantage of vulnerabilities in prototype applications by enabling the applications, then exploiting the vulnerability. Locking this option requires CLI access to enable prototypes, so installs which do not have prototypes enabled have no exposure to security issues in prototype applications.
  - Making this very slightly harder to enable is probably a good thing, given the state of the world and support.

Test Plan: Verified that web UI shows the value is locked and instructs the user to update via the CLI.

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: epriestley

Differential Revision: https://secure.phabricator.com/D10993
2014-12-15 11:00:20 -08:00
lkassianik
f7aa87311a Add email preference links to email footers
Summary: Ref T1217, Add link to email preferences to email template

Test Plan: Add comment to object like Maniphest task, check that email has a footer with a link to email preferences.

Reviewers: epriestley, #blessed_reviewers

Reviewed By: epriestley, #blessed_reviewers

Subscribers: Korvin, epriestley

Maniphest Tasks: T1217

Differential Revision: https://secure.phabricator.com/D10883
2014-11-19 17:06:33 -08:00
Bob Trahan
aeb3a12e13 Config - improve lock message for option phabricator.uninstalled-applications
Summary: Fixes T6175. This particular option is only editable via the Applications application so let the user know that.

Test Plan: saw error message and clicked through to applications app. tried another locked option and saw old message

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: Korvin, epriestley

Maniphest Tasks: T6175

Differential Revision: https://secure.phabricator.com/D10841
2014-11-12 11:31:54 -08:00
Joshua Spence
3cf9a5820f Minor formatting changes
Summary: Apply some autofix linter rules.

Test Plan: `arc lint` and `arc unit`

Reviewers: #blessed_reviewers, epriestley

Reviewed By: #blessed_reviewers, epriestley

Subscribers: epriestley, Korvin, hach-que

Differential Revision: https://secure.phabricator.com/D10585
2014-10-08 08:39:49 +11:00
epriestley
ea602a082a Fix "are are" in explanatory text
Summary: See rP8806fb0296c2.

Test Plan:
me fail english

with bonus!

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: epriestley

Differential Revision: https://secure.phabricator.com/D10514
2014-09-18 08:21:34 -07:00
epriestley
8806fb0296 Add missing "are" to explanatory text
Summary: See D10493.

Auditors: btrahan
2014-09-17 18:30:00 -07:00
epriestley
298604c9d3 Rename "beta" to "prototype" and document support policy
Summary:
Fixes T6084. Changes:

  - Rename `phabricator.show-beta-applications` to `phabricator.show-prototypes`, to reinforce that these include early-development applications.
  - Migrate the config setting.
  - Add an explicit "no support" banner to the config page.
  - Rename "Beta" to "Prototype" in the UI.
  - Use "bomb" icon instead of "half star" icon.
  - Document prototype applications in more detail.
  - Explicitly document that we do not support these applications.

Test Plan:
  - Ran migration.
  - Resolved "obsolete config" issue.
  - Viewed config setting.
  - Browsed prototypes in Applications app.
  - Viewed documentation.

Reviewers: chad, btrahan

Reviewed By: btrahan

Subscribers: epriestley, hach-que

Maniphest Tasks: T6084

Differential Revision: https://secure.phabricator.com/D10493
2014-09-17 18:25:57 -07:00
epriestley
cae59d8345 Add an option to make it easier to debug page hangs
Summary:
Fixes T6044. We've had two cases (both the same install, coincidentally) where pages got hung doing too much data fetching.

When pages hang, we don't get a useful stack trace out of them, since nginx, php-fpm, or PHP eventually terminates things in a non-useful way without any diagnostic information.

The second time (the recent Macros issue) I was able to walk the install through removing limits on nginx, php-fpm, php, and eventually getting a profile by letting the page run for several minutes until the request completed. However, this install is exceptionally technically proficient and this was still a big pain for everyone, and this approach would not have worked if the page actually looped rather than just taking a long time.

Provide `debug.time-limit`, which should give us a better tool for reacting to this situation: by setting it to a small value (like 10), we'll kill the page after 10 seconds with a trace, before nginx/php-fpm/php/etc can kill it uselessly. Hopefully that will be enough information to find the issue (generally, getting a trace has been 95% of the problem in the two cases we've encountered).

Test Plan: Set this option to `3` and added a sleep loop, saw a termination after 3 seconds with a useful trace.

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: csilvers, joshuaspence, epriestley

Maniphest Tasks: T6044

Differential Revision: https://secure.phabricator.com/D10465
2014-09-11 06:28:21 -07:00
epriestley
d3cd9115f9 Add ui.footer-items to add a custom page footer
Summary: Fixes T6052. Allow installs to link to legal documents, etc., in the page footer.

Test Plan:
  - Configured a footer.
  - Viewed workboards (no footer).
  - Viewed Conpherence (no apparent disruption, I think everything z-indexes over the footer).
  - Viewed stuff on mobile (seems OK).
  - Viewed login page (saw footer).

{F201718}

Reviewers: btrahan, chad

Reviewed By: chad

Subscribers: epriestley

Maniphest Tasks: T6052

Differential Revision: https://secure.phabricator.com/D10466
2014-09-10 14:44:34 -07:00
epriestley
957c1d6602 Add a setting for selecting SMTP mail encoding
Summary:
Fixes T5956. We changed the default mail encoding to `quoted-printable` to fix delivery via SendGrid via SMTP, but this broke multiple other mailers.

  - Change the default back to 8bit (which works everywhere except SendGrid).
  - Add a configuration setting for selecting `quoted-printable`.
  - Document this issue.
  - Discourage use of SendGrid in documentation.

(IMPORTANT) @klimek @nickz This reverts the `quoted-printable` fix for SendGrid. You will need to adjust your configurations (set `phpmailer.smtp-encoding` to `quoted-printable`) and restart your daemons or mail will get double newlines again.

Test Plan:
  - Sent mail via SendGrid with various `phpmailer.smtp-encoding` settings, saw mail arrive with specified encoding.

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: klimek, nickz, epriestley

Maniphest Tasks: T5956

Differential Revision: https://secure.phabricator.com/D10397
2014-09-02 10:47:34 -07:00
Tal Shiri
4c57e6d34d HTML emails
Summary:
Added support for side-by-side HTML and plaintext email building.

We can control if the HTML stuff is sent by by a new config, metamta.html-emails

Test Plan:
Been running this in our deployment for a few months now.

====Well behaved clients====
 - Gmail
 - Mail.app

====Bad clients====

- [[ http://airmailapp.com/ | Airmail ]]. They confuse Gmail too, though.

====Need testing====
 - Outlook (Windows + Mac)

Reviewers: chad, #blessed_reviewers, epriestley

Reviewed By: #blessed_reviewers, epriestley

Subscribers: webframp, taoqiping, chad, epriestley, Korvin

Maniphest Tasks: T992

Differential Revision: https://secure.phabricator.com/D9375
2014-08-15 08:12:21 -07:00
Bob Trahan
ff51a1a451 Remarkup - add a regex to blacklist what objects get link
Summary: Fixes T5453.

Test Plan: made a remarkup comment that "Q1 is dumb and Q10 is awesome" and only Q10 was linked. changed the new setting to have the value " " and the Q1 also started linking.

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: epriestley, Korvin

Maniphest Tasks: T5453

Differential Revision: https://secure.phabricator.com/D10270
2014-08-14 15:20:45 -07:00
Bob Trahan
e281c5ee90 Security - disable conduit act as user by default
Summary: Introduce a new configuration setting that by default disables the conduit as as user method. Wordily explain that turning it on is not recommended. Fixes T3818.

Test Plan:
```
15:25:19 ~/Dropbox/code/phalanx/src/applications/conduit (T3818)
~>  echo '{}' | arc call-conduit --conduit-uri http://phalanx.dev/ user.whoami
Waiting for JSON parameters on stdin...
{"error":null,"errorMessage":null,"response":{"phid":"PHID-USER-tghb3b2gbdyezdcuw2or","userName":"btrahan","realName":"Bob Trahan","image":"http:\/\/phalanx.dev\/file\/data\/yncjbh7phk7ktrdhuorn\/PHID-FILE-qyf4ui3x2ll3e52hpg5e\/profile-profile-gravatar","uri":"http:\/\/phalanx.dev\/p\/btrahan\/","roles":["admin","verified","approved","activated"]}}
15:25:34 ~/Dropbox/code/phalanx/src/applications/conduit (T3818)

<go edit libconfig/conduitclient to spoof another user...>

~>  echo '{}' | arc call-conduit --conduit-uri http://phalanx.dev/ user.whoami
Waiting for JSON parameters on stdin...
{"error":"ERR-CONDUIT-CORE","errorMessage":"ERR-CONDUIT-CORE: security.allow-conduit-act-as-user is disabled","response":null}
15:26:40 ~/Dropbox/code/phalanx/src/applications/conduit (T3818)

<enable option via bin/config....>

~>  echo '{}' | arc call-conduit --conduit-uri http://phalanx.dev/ user.whoami
Waiting for JSON parameters on stdin...
{"error":null,"errorMessage":null,"response":{"phid":"PHID-USER-6lcglnzbkiamdofishgi","userName":"xerxes","realName":"Xerxes Trahan","image":"http:\/\/phalanx.dev\/file\/data\/n2kyeevowetcuynbcxrg\/PHID-FILE-voquikectzpde256zzvm\/profile-1275455993.jpg","uri":"http:\/\/phalanx.dev\/p\/xerxes\/","roles":["verified","approved","activated"]}}
```

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: jevripio, sowedance, epriestley, Korvin

Maniphest Tasks: T3818

Differential Revision: https://secure.phabricator.com/D9881
2014-07-10 15:43:53 -07:00
Joshua Spence
0a62f13464 Change double quotes to single quotes.
Summary: Ran `arc lint --apply-patches --everything` over rP, mainly to change double quotes to single quotes where appropriate. These changes also validate that the `ArcanistXHPASTLinter::LINT_DOUBLE_QUOTE` rule is working as expected.

Test Plan: Eyeballed it.

Reviewers: #blessed_reviewers, epriestley

Reviewed By: #blessed_reviewers, epriestley

Subscribers: epriestley, Korvin, hach-que

Differential Revision: https://secure.phabricator.com/D9431
2014-06-09 11:36:50 -07:00
epriestley
99c72a32d0 Allow installs to require multi-factor authentication for all users
Summary: Ref T5089. Adds a `security.require-multi-factor-auth` which forces all users to enroll in MFA before they can use their accounts.

Test Plan:
Config:

{F159750}

Roadblock:

{F159748}

After configuration:

{F159749}

  - Required MFA, got roadblocked, added MFA, got unblocked.
  - Removed MFA, got blocked again.
  - Used `bin/auth strip` to strip MFA, got blocked.

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: epriestley

Maniphest Tasks: T5089

Differential Revision: https://secure.phabricator.com/D9285
2014-06-03 16:50:27 -07:00
Joshua Spence
1855e66758 Add some file types to pygments.dropdown-choices.
Summary: I could just add these options to my local configuration, but I figured I'd submit these upstream since they are (in my opinion) fairly common file formats.

Test Plan: N/A

Reviewers: epriestley, #blessed_reviewers

Reviewed By: epriestley, #blessed_reviewers

Subscribers: epriestley, Korvin

Differential Revision: https://secure.phabricator.com/D9319
2014-05-28 06:26:20 -07:00
Joshua Spence
1daa0aa36e Syntax highlight .arclint files as JSON.
Summary: After T2039, it makes sense to syntax highlight `.arclint` files as JSON.

Test Plan: N/A

Reviewers: epriestley, #blessed_reviewers

Reviewed By: epriestley, #blessed_reviewers

Subscribers: epriestley, Korvin

Differential Revision: https://secure.phabricator.com/D9305
2014-05-27 06:14:06 -07:00
Bob Trahan
e96c363eef Add SMS support
Summary:
Provides a working SMS implementation with support for Twilio.

This version doesn't really retry if we get any gruff at all. Future versions should retry.

Test Plan: used bin/sms to send messages and look at them.

Reviewers: chad, epriestley

Reviewed By: epriestley

Subscribers: aurelijus, epriestley, Korvin

Maniphest Tasks: T920

Differential Revision: https://secure.phabricator.com/D8930
2014-05-09 12:47:21 -07:00
epriestley
58fbb0ae53 Support mailto in Phabricator config defaults
Summary: Fixes T3949.

Test Plan: grumble grumble

Reviewers: chad, btrahan

Reviewed By: btrahan

Subscribers: epriestley

Maniphest Tasks: T3949

Differential Revision: https://secure.phabricator.com/D8963
2014-05-04 10:48:35 -07:00
epriestley
7145587df7 Lock down some config options
Summary:
This is just a general review of config options, to reduce the amount of damage a rogue administrator (without host access) can do. In particular:

  - Fix some typos.
  - Lock down some options which would potentially let a rogue administrator do something sketchy.
    - Most of the new locks relate to having them register a new service account, then redirect services to their account. This potentially allows them to read email.
    - Lock down some general disk stuff, which could be troublesome in combination with other vulnerabilities.

Test Plan:
  - Read through config options.
  - Tried to think about how to do evil things with each one.

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: epriestley

Differential Revision: https://secure.phabricator.com/D8928
2014-05-01 10:23:49 -07:00
epriestley
f1245f4f34 Remove flavor text for action buttons
Summary: A small but appreciable number of users find flavor on buttons confusing. Remove this flavor. This retains flavor in headers, error messages, etc., which doesn't cause confusion.

Test Plan: Looked at a revision, task, paste, macro, etc.

Reviewers: chad, btrahan

Reviewed By: btrahan

Subscribers: epriestley

Differential Revision: https://secure.phabricator.com/D8812
2014-04-18 17:51:46 -07:00
Joshua Spence
e7419d85f7 Set celerity.minify true in production environments.
Summary: I haven't been able to understand why this isn't set by default in production environments (since it is recommended to do so anyway).

Test Plan: N/A

Reviewers: epriestley, #blessed_reviewers

Reviewed By: epriestley, #blessed_reviewers

Subscribers: epriestley, Korvin

Differential Revision: https://secure.phabricator.com/D8743
2014-04-10 14:39:05 -07:00
epriestley
f79320e64e Render default/current settings in the same format they'll be edited
Summary:
Fixes T4773. For config settings of type `list<string>`, `set`, or `list<regex>`, the "defaults" table and "examples" aren't always in the same format you should actually use when changing the setting.

This is pretty confusing. Instead, always show the settings in the desired format. For example, if the user should enter a newline-separated list, show them a newline separated list.

Test Plan:
  - Grepped for `list<string>`, `list<regex>`, and `'set'`; verified all the config had the right example format (most already did).
  - Viewed config settings of various kinds, including custom settings.

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: epriestley

Maniphest Tasks: T4773

Differential Revision: https://secure.phabricator.com/D8725
2014-04-08 12:09:43 -07:00
epriestley
221222ad7a Lock "security.require-https" from web edits
Summary: This can be used to lock yourself out of an instance, so prevent web edits.

Test Plan: Loaded page, wasn't web-editable.

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: epriestley

Differential Revision: https://secure.phabricator.com/D8572
2014-03-19 19:27:04 -07:00
epriestley
38cc38eaf6 Modernize documentation links
Summary:
  - Point them at the new Diviner.
  - Make them a little less cumbersome to write.

Test Plan: Found almost all of these links in the UI and clicked them.

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: epriestley

Differential Revision: https://secure.phabricator.com/D8553
2014-03-17 15:01:31 -07:00
epriestley
039b8e43b9 Whitelist allowed editor protocols
Summary:
This is the other half of D8548. Specifically, the attack here was to set your own editor link to `javascript\n:...` and then you could XSS yourself. This isn't a hugely damaging attack, but we can be more certain by adding a whitelist here.

We already whitelist linkable protocols in remarkup (`uri.allowed-protocols`) in general.

Test Plan:
Tried to set and use valid/invalid editor URIs.

{F130883}

{F130884}

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: epriestley

Differential Revision: https://secure.phabricator.com/D8551
2014-03-17 13:00:37 -07:00
epriestley
a0262c0b4f Remove tokenizer.ondemand, and always load on demand
Summary:
Ref T4420. Tokenizers currently operate in "preload" or "ondemand" modes. In the former mode, which is default, they'll try to load the entire result list when a page loads.

The theory here was that this would slightly improve the experience for small installs, and once they got big enough they could switch to "ondemand". In practice, several issues have arisen:

  - We generally don't have a good mechanism for telling installs that they should tweak perf config -- `metamta.send-immediately` is the canonical example here. Some large installs are probably affected negatively by not knowing to change this setting, and having settings like this is generally annoying.
  - We have way way too much config now.
  - With the advent of ApplicationSearch, pages like Maniphest make many redundant loads to prefill sources like projects. Most of the time, this data is not used. It's far simpler to switch everything to ondemand than try to deal with this, and dealing with this would mean creating two very complex divergent pathways in the codebase for a mostly theoretical performance benefit which only impacts tiny installs.
  - We've been using `tokenizer.ondemand` forever on `secure.phabricator.com` since we have many thousands of user accounts, and it doesn't seem sluggish and works properly.

Removing this config is an easy fix which makes the codebase simpler.

I've retained the ability to use preloaded sources, since they may make sense in some cases (in at least one case -- task priorities -- adding a static source pathway might make sense), and they're part of Javelin itself. However, the code will no longer ever go down that pathway.

Test Plan: Used `secure.phabricator.com` for years with this setting enabled.

Reviewers: btrahan, chad

Reviewed By: btrahan

CC: aran

Maniphest Tasks: T4420

Differential Revision: https://secure.phabricator.com/D8232
2014-02-14 10:24:40 -08:00
Tal Shiri
a9612fac24 Mailgun receive support
Summary:
As you've suggested, I took the SendGrid code and massaged it until it played nice with Mailgun.

btw - unless I'm missing something, it appears that the SendGrid receiver lets you spoof emails (it performs no validation on the data received).

Test Plan: Opened a task with Mailgun. Felt great.

Reviewers: epriestley, #blessed_reviewers

Reviewed By: epriestley

CC: Korvin, epriestley, aran

Maniphest Tasks: T4326

Differential Revision: https://secure.phabricator.com/D7989
2014-01-21 10:36:33 -08:00
Alex Arwine
e6a6c265b0 Aprhont - Adding cookie-prefix, as config option, and into cookie methods
Summary: Cookie-prefix should fix phabricator instances where x.com and x.y.com have conflicting cookie names

Test Plan: Pushed branch to dev.phab.example.com, logged into phab.example.com and into dev.phab.example.com.

Reviewers: epriestley, #blessed_reviewers

Reviewed By: epriestley

CC: Korvin, epriestley, aran

Differential Revision: https://secure.phabricator.com/D7979
2014-01-17 08:08:40 -08:00
epriestley
2ec45d42a6 Remove session limits and sequencing
Summary:
Ref T4310. Fixes T3720. This change:

  - Removes concurrent session limits. Instead, unused sessions are GC'd after a while.
  - Collapses all existing "web-1", "web-2", etc., sessions into "web" sessions.
  - Dramatically simplifies the code for establishing a session (like omg).

Test Plan: Ran migration, checked Sessions panel and database for sanity. Used existing session. Logged out, logged in. Ran Conduit commands.

Reviewers: btrahan

Reviewed By: btrahan

CC: aran

Maniphest Tasks: T4310, T3720

Differential Revision: https://secure.phabricator.com/D7978
2014-01-15 17:27:59 -08:00
epriestley
e4deb7faad Remove metamta.send-immediately
Summary:
Ref T3857.

  - Always send mail via daemons. This lets us get rid of this config, and is generally much more performant.
  - After D7964, we warn if daemons aren't running.

Test Plan: Sent some mail.

Reviewers: btrahan

Reviewed By: btrahan

CC: aran

Maniphest Tasks: T3857

Differential Revision: https://secure.phabricator.com/D7965
2014-01-14 13:22:47 -08:00
epriestley
95a806ada3 Remove celerity.resource-path config
Summary: Ref T4222. This was used by Facebook while developing Releeph, but should no longer be necessary since Releeph is in the upstream. I can't get an answer out of Facebook about whether they still use it or not (see T4227), so nuke it. We're going to replace it with a more general mechanism (see T4222).

Test Plan: Regenerated celerity map. Browsed some pages, still got resources.

Reviewers: btrahan, hach-que

Reviewed By: hach-que

CC: aran

Maniphest Tasks: T4222

Differential Revision: https://secure.phabricator.com/D7863
2013-12-31 18:02:35 -08:00
epriestley
99ad978e90 Add UI for choosing header color
Summary: See D7731. Fixes T4194.

Test Plan: {F88020}

Reviewers: chad, btrahan

Reviewed By: chad

CC: aran, mbishopim3

Maniphest Tasks: T4194

Differential Revision: https://secure.phabricator.com/D7740
2013-12-07 10:46:09 -08:00
epriestley
5ca84589bd Add an SSH access log
Summary: Ref T4107. Ref T4189. This implements an SSH access log, similar to the HTTP access log.

Test Plan:
  [Thu, 05 Dec 2013 13:45:41 -0800]	77841	orbital	::1	dweller	epriestley	epriestley	git-receive-pack	/diffusion/POEMS/	0	324765	402	232
  [Thu, 05 Dec 2013 13:45:48 -0800]	77860	orbital	::1	dweller	epriestley	epriestley	git-receive-pack	/diffusion/POEMS/	0	325634	402	232

Reviewers: btrahan

Reviewed By: btrahan

CC: aran

Maniphest Tasks: T4107, T4189

Differential Revision: https://secure.phabricator.com/D7719
2013-12-05 17:00:48 -08:00
epriestley
476b27d9c8 Add "phd.user" with sudo hooks for SSH/HTTP writes
Summary:
Ref T2230. When fully set up, we have up to three users who all need to write into the repositories:

  - The webserver needs to write for HTTP receives.
  - The SSH user needs to write for SSH receives.
  - The daemons need to write for "git fetch", "git clone", etc.

These three users don't need to be different, but in practice they are often not likely to all be the same user. If for no other reason, making them all the same user requires you to "git clone httpd@host.com", and installs are likely to prefer "git clone git@host.com".

Using three different users also allows better privilege separation. Particularly, the daemon user can be the //only// user with write access to the repositories. The webserver and SSH user can accomplish their writes through `sudo`, with a whitelisted set of commands. This means that even if you compromise the `ssh` user, you need to find a way to escallate from there to the daemon user in order to, e.g., write arbitrary stuff into the repository or bypass commit hooks.

This lays some of the groundwork for a highly-separated configuration where the SSH and HTTP users have the fewest privileges possible and use `sudo` to interact with repositories. Some future work which might make sense:

  - Make `bin/phd` respect this (require start as the right user, or as root and drop privileges, if this configuration is set).
  - Execute all `git/hg/svn` commands via sudo?

Users aren't expected to configure this yet so I haven't written any documentation.

Test Plan:
Added an SSH user ("dweller") and gave it sudo by adding this to `/etc/sudoers`:

   dweller ALL=(epriestley) SETENV: NOPASSWD: /usr/bin/git-upload-pack, /usr/bin/git-receive-pack

Then I ran git pushes and pulls over SSH via "dweller@localhost". They successfully interacted with the repository on disk as the "epriestley" user.

Reviewers: btrahan

Reviewed By: btrahan

CC: aran

Maniphest Tasks: T2230

Differential Revision: https://secure.phabricator.com/D7589
2013-11-18 08:58:35 -08:00
epriestley
c0e1a63a63 Implement an approval queue
Summary:
  - Add an option for the queue.
  - By default, enable it.
  - Dump new users into the queue.
  - Send admins an email to approve them.

Test Plan:
  - Registered new accounts with queue on and off.
  - As an admin, approved accounts and disabled the queue from email.

Reviewers: btrahan

Reviewed By: btrahan

CC: aran

Differential Revision: https://secure.phabricator.com/D7576
2013-11-13 11:24:56 -08:00
epriestley
d02202cde2 Enable "SSH Keys" auth panel unconditionally
Summary: We've had support for this for a long time, but it was conditional on config. Since it more-or-less actually does something now, just enable it unconditionally.

Test Plan: Settings -> SSH Public Keys

Reviewers: btrahan

Reviewed By: btrahan

CC: hach-que, aran

Maniphest Tasks: T2230

Differential Revision: https://secure.phabricator.com/D7426
2013-10-29 15:32:41 -07:00
epriestley
00bf47f973 Fix "Manage herald rules" link by removing it
Summary: Fixes T4001. I broke this some time ago and no one has complained. I don't think it gets much use, and we haven't added it for the newer apps. Just get rid of it rather than adapt the URIs for ApplicationSearch.

Test Plan: Unit tests, sent myself some email.

Reviewers: zeeg, btrahan

Reviewed By: btrahan

CC: aran

Maniphest Tasks: T4001

Differential Revision: https://secure.phabricator.com/D7355
2013-10-21 16:58:56 -07:00
epriestley
516116e229 Add a config setting for storing application settings
Summary:
I'm just going to store application policy settings (like view/edit policy, and default policies for content) in config, because:

  1) We'll need access to it on every page, and Config is "free" since we already pull it.
  2) Building separate storage and transactions seems like overkill, we get less-nice but pretty-reasonable transactions for free with config.
  3) We could easily move it later if this is a bad call.

Also fix some formatting.

Test Plan: See future revisions.

Reviewers: btrahan

Reviewed By: btrahan

CC: aran

Differential Revision: https://secure.phabricator.com/D7202
2013-10-03 12:39:30 -07:00
epriestley
2d5b59b401 Move policy config to "Policy" app and make policy.allow-public description scarier
Summary: Ref T603. We have a real policy app now, so put the config options there. Revise the description of the public policy switch to make it clear that enabling it immediately opens up the user directory and various other interfaces.

Test Plan: Viewed/edited config setting.

Reviewers: btrahan

Reviewed By: btrahan

CC: aran

Maniphest Tasks: T603

Differential Revision: https://secure.phabricator.com/D7154
2013-09-27 10:50:19 -07:00
epriestley
c72f3b4bf1 Lock uri.allowed-protocols in Config
Summary: This allows administrative overreach. Administrators can enable `javascript:` and then XSS things if this isn't locked.

Test Plan: Viewed value on web UI, verified it was locked.

Reviewers: btrahan

Reviewed By: btrahan

CC: aran

Differential Revision: https://secure.phabricator.com/D6975
2013-09-13 11:48:43 -07:00
epriestley
7a39ac43b4 Add a "list<regex>" config option and move regex config to it
Summary:
Fixes T3807. Several issues:

  - Currently, we split config of type `list<string>` on commas, which makes it impossible to enter a regex with a comma in it.
    - Split on newlines only.
  - Some of the examples are confusing (provided in JSON instead of the format you actually have to enter them).
    - Show examples in the same format you should enter text.
  - We didn't validate regexps.
    - Introduce `list<regex>` to validate regexes.

@hlau: Note that the old config format for the bugtraq stuff implied the delimiters on the regular expression. They are no longer implied. The examples show the correct format.

Test Plan: Viewed and edited affected config, hitting error and success cases.

Reviewers: btrahan

Reviewed By: btrahan

CC: hlau, aran

Maniphest Tasks: T3807

Differential Revision: https://secure.phabricator.com/D6969
2013-09-13 11:48:00 -07:00
epriestley
f37b315dec Correct switched-around configuration descriptions for metamta.herald.show-hints and metamta.reply.show-hints
Summary: Fixes T3710. The text on these options is switched around.

Test Plan: {F54051} {F54052}

Reviewers: btrahan, nmalcolm, chad

Reviewed By: chad

CC: aran

Maniphest Tasks: T3710

Differential Revision: https://secure.phabricator.com/D6737
2013-08-13 08:33:56 -07:00
epriestley
149efe68ab Improve usability of DarkConsole settings
Summary:
Fixes T3632. Cleans up a bunch of DarkConsole stuff:

  - The config setting had out-of-date instructions. Modernize the instructions.
  - The setting was sort of hidden under "Display Preferences". Move it to a new "Developer Preferences".
  - The setting magically appeared if DarkConsole was enabled on the install. Instead, always show it but explain why it isn't availalbe.
  - When the user enables the console, also force it to actually be shown.
  - Call out instructions about use of the "`" key more clearly.

Test Plan: Viewed config setting. Viewed settings panel. Changed setting. Enabling the setting showed DarkConsole.

Reviewers: garoevans, chad, btrahan

Reviewed By: chad

CC: aran

Maniphest Tasks: T3632

Differential Revision: https://secure.phabricator.com/D6594
2013-07-27 20:18:58 -07:00
epriestley
7657c5e145 Fix exception with "phabricator.allowed-uris" when trying to set cookies
Summary: The `phabricator.allowed-uris` config setting is not checked properly when trying to set cookies.

Test Plan:
Set an alternate URI, then accessed Phabricator. No longer received a secondary cookie error.

Hit the new exceptions to test them:

{F51131}
{F51132}

Reviewers: btrahan, garoevans

Reviewed By: btrahan

CC: aran

Differential Revision: https://secure.phabricator.com/D6528
2013-07-22 12:21:08 -07:00
Levi Jackson
d27e7c52b2 Add explicit mysql.port configuration
See: https://github.com/facebook/phabricator/pull/356

Reviewed by: epriestley
2013-07-14 16:06:23 -07:00
epriestley
2b37911097 Make it easier to configure an Asana workspace ID
Summary:
Ref T2852. It's a little tricky to figure out Asana workspace IDs right now. If the viewer has a linked account, just pull their workspaces and show them which IDs are available.

(In theory, we could use a `<select>`, but it would have more edge cases; this seems like a pretty solid fix.)

Test Plan: {F49938}

Reviewers: btrahan

Reviewed By: btrahan

CC: aran

Maniphest Tasks: T2852

Differential Revision: https://secure.phabricator.com/D6437
2013-07-12 13:10:03 -07:00
epriestley
c3b2184977 Mostly modernize Conduit logs
Summary:
  - Add GC support to conduit logs.
  - Add Query support to conduit logs.
  - Record the actual user PHID.
  - Show client name.
  - Support querying by specific method, so I can link to this from a setup issue.

@wez, this migration may not be fast. It took about 8 seconds for me to migrate 800,000 rows in the `conduit_methodcalllog` table. This adds a GC which should keep the table at a more manageable size in the future.

You can safely delete all data older than 30 days from this table, although you should do it by `id` instead of `dateCreated` since there's no key on `dateCreated` until this patch.

Test Plan:
  - Ran GC.
  - Looked at log UI.
  - Ran Conduit methods.

Reviewers: btrahan

Reviewed By: btrahan

CC: wez, aran

Differential Revision: https://secure.phabricator.com/D6332
2013-07-01 12:37:34 -07:00
epriestley
09ebd6617e Add "invisible" styling/config to Phabricator
Summary: Ref T3322. Depends on D6297. Here are some Phabricator tweaks to complment D6297.

Test Plan: {F47522}

Reviewers: garoevans

Reviewed By: garoevans

CC: aran, chad

Maniphest Tasks: T3322

Differential Revision: https://secure.phabricator.com/D6298
2013-06-25 08:40:29 -07:00
epriestley
1834584e98 Provide contextual help on auth provider configuration
Summary:
Ref T1536.

  - Move all the provider-specific help into contextual help in Auth.
  - This provides help much more contextually, and we can just tell the user the right values to use to configure things.
  - Rewrite account/registration help to reflect the newer state of the word.
  - Also clean up a few other loose ends.

Test Plan: {F46937}

Reviewers: chad, btrahan

Reviewed By: chad

CC: aran

Maniphest Tasks: T1536

Differential Revision: https://secure.phabricator.com/D6247
2013-06-20 11:18:48 -07:00
epriestley
3b9ccf11f2 Drive auth config with the database
Summary: Ref T1536. This is the last major migration. Moves us over to the DB and drops all the config stuff.

Test Plan:
  - Ran the migration.
  - Saw all my old config brought forward and respected, with accurate settings.
  - Ran LDAP import.
  - Grepped for all removed config options.

Reviewers: btrahan, chad

Reviewed By: btrahan

CC: aran, wez

Maniphest Tasks: T1536

Differential Revision: https://secure.phabricator.com/D6243
2013-06-20 11:18:11 -07:00
epriestley
059183f6b5 Allow configuration to have custom UI types
Summary:
Ref T1703. This sets the stage for (but does not yet implement) custom UI types for config. In particular, a draggable list for custom fields.

I might make all the builtin types go through this at some point too, but don't really want to bother for the moment. It would be very slightly cleaner but woudn't get us much of anything.

Test Plan:
UI now renders via custom code, although that code does nothing (produces an unadorned text field):

{F45693}

Reviewers: chad

Reviewed By: chad

CC: aran

Maniphest Tasks: T1703

Differential Revision: https://secure.phabricator.com/D6154
2013-06-07 12:36:18 -07:00
Bryan Cuccioli
d78386584f Globally limit the size of generated emails.
Summary: At the global level, truncate emails at a user-configured size.

Test Plan: Untested, as I could not get PHP to send emails on my box, but if you can this should be very easy to test. Just set the max size to something like .001 kilobytes and make sure it does the right thing.

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, Korvin, AnhNhan

Maniphest Tasks: T1392

Differential Revision: https://secure.phabricator.com/D6118
2013-06-05 05:47:31 -07:00
epriestley
9c925464ba Default "environment.append-paths" to include likely paths
Summary:
A few more of these issues have cropped up recently. Basically:

  - Webservers often (by default, I guess?) have a different or nonexistent $PATH.
  - Users have a hard time figuring this out, since it's not obvious that the webserver might have a different configuration than the CLI, and they can run "git" and such themselves fine, and they don't normally use SetEnv or similar in webserver config.

I've been pursuing one prong of attack here (better detection and more tailored errors); this is a second prong (try to just guess the configuration correctly).

In 99% of cases, the binaries in question are in one of these three places, so just make them the default appended paths. If users have wacky configs they can override the setting.

Test Plan: Viewed config locally.

Reviewers: btrahan

Reviewed By: btrahan

CC: aran

Differential Revision: https://secure.phabricator.com/D6039
2013-05-27 13:40:21 -07:00
Gareth Evans
ef797494ca Add Allowed uris config
Summary:
Kind of a quick look at an idea for T2184

Ref T2184

Test Plan: Make sure the site still loads

Reviewers: epriestley

CC: aran, Korvin, mbishopim3

Maniphest Tasks: T2184

Differential Revision: https://secure.phabricator.com/D6045
2013-05-26 10:57:45 -07:00
Zedstar
f53cde8f92 Using PhabricatorExternalAccount
Summary: Using PhabricatorExternalAccount in place maniphest.default-public-author.

Test Plan:
Using receivemail to see if the a new entry is made in the 'phabircator_user.user_externalaccount' table. Few things, I noticed that phabricator creates table 'user_externalaccout'. And now it throws up error 'Unknown column 'dateCreated' in 'field list''. Awaiting your comments.
{F41370}

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, Korvin, AnhNhan

Maniphest Tasks: T1205

Differential Revision: https://secure.phabricator.com/D5747
2013-04-28 13:22:33 -07:00
epriestley
97ff7fe259 Make "isInstalled()" respect beta apps
Summary:
Currently, `isInstalled()` and `getAllInstalledApplications()` are inconsistent:

  - `isInstalled()` returns true for beta apps, even if `phabricator.show-beta-applications` is false.
  - `getAllInstalledApplications()` omits beta apps if `phabricator.show-beta-applications` is false.

Making the beta config control installs (not just homepage visibility) makes far more sense as we roll out more thorough application integrations.

Make `isInstalled()` respect beta, and clean up some callsites.

D5602 builds on this.

Test Plan: Installed/uninstalled beta apps, verified Conpherence menu/panel and other application integrations dropped out of the UI.

Reviewers: vrana, btrahan

Reviewed By: vrana

CC: aran

Differential Revision: https://secure.phabricator.com/D5603
2013-04-06 09:25:13 -07:00
epriestley
8b6fc615f4 Ignore and README for support/bin
Summary:
See D5561. Ref T2378.

  - Add `support/bin/*` to .gitignore so any symlinks or binaries won't get picked up by Git.
  - Add a README so Git preserves the directory and there's at least //some// documentation of its existence.

Test Plan: ummmmm

Reviewers: jevripio, codeblock, btrahan

Reviewed By: jevripio

CC: aran

Maniphest Tasks: T2378

Differential Revision: https://secure.phabricator.com/D5562
2013-04-03 12:58:39 -07:00
epriestley
cde1416446 Guarantee the existence of the Phabricator access log
Summary:
We have a fair number of conditionals on the existence of the access log. Instead, always build it and just don't write it if the user doesn't want a version on disk.

Also, formalize logged-in user PHID (avoids object existence juggling) in the access log and move microseconds-since-startup to PhabricatorStartup (simplifies index.php).

Depends on D5532. Fixes T2860. Ref T2870.

Test Plan: Disabled access log, verified XHProf writes occurred correctly.

Reviewers: btrahan, chad

Reviewed By: btrahan

CC: aran

Maniphest Tasks: T2860, T2870

Differential Revision: https://secure.phabricator.com/D5533
2013-04-02 09:53:56 -07:00
epriestley
b048bd0593 Add platform detection and a Windows-specific monospaced font override
Summary: Use UA strings to detect platform; override general monospaced settings with platform-specific ones. Fixes T2868.

Test Plan: whatcouldgowrong

Reviewers: chad

Reviewed By: chad

CC: aran

Maniphest Tasks: T2868

Differential Revision: https://secure.phabricator.com/D5526
2013-04-01 13:48:57 -07:00
Lauri-Henrik Jalonen
9a15f243fa PhabricatorCaches use namespace if set
Summary: PhabricatorCaches now uses namespaced caches if cofig option for cache is set.

Test Plan: noidea

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, Korvin

Maniphest Tasks: T2786

Differential Revision: https://secure.phabricator.com/D5425
2013-03-22 16:28:28 -07:00
James Rhodes
4674b88ff6 Added configurable welcome content for Phabricator home page.
Summary:
The welcome.enabled feature is turned on by default; unsure of
whether this is desired by upstream.

Test Plan:
Apply the patch and see the welcome content.  It's configurable
in the config.

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, Korvin

Differential Revision: https://secure.phabricator.com/D5339
2013-03-21 16:02:35 -07:00
Nick Pellegrino
be7677f211 Config option to ignore setup issues
Summary: T2381

Test Plan:
Include existing setup issues in the ignore config option,
reduces the number of setup issues in the status bar, moves ignored
issues to the bottom of the list, and marks them as ignored.

Also include a string corresponding to no setup issue, and verify that
application does not break.

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, Korvin

Differential Revision: https://secure.phabricator.com/D5072
2013-02-22 10:08:20 -08:00
vrana
c1f234759b Prefer MySQLi over MySQL
Summary: Makes sense with `QueryFuture`.

Test Plan: Switched secure.phabricator.com to MySQLi and nothing exploded.

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, Korvin

Differential Revision: https://secure.phabricator.com/D5066
2013-02-22 10:00:26 -08:00
Matt Robenolt
e6281c3db0 Add the ability to create a macro from a url
Test Plan: Enter in a url and create a macro. :)

Reviewers: epriestley

Reviewed By: epriestley

CC: epriestley, aran, dctrwatson, Korvin

Differential Revision: https://secure.phabricator.com/D5039
2013-02-21 12:51:28 -08:00
epriestley
a22bea2a74 Apply lint rules to Phabricator
Summary: Mostly applies a new call spacing rule; also a few things that have slipped through via pull requests and such

Test Plan: `find src/ -type f -name '*.php' | xargs -n16 arc lint --output summary --apply-patches`

Reviewers: chad

Reviewed By: chad

CC: aran

Differential Revision: https://secure.phabricator.com/D5002
2013-02-19 13:33:10 -08:00
Afaque Hussain
9c19e9b7d8 Preserving the Animation of Gif Images
Summary: Preserving animation of GIF profile Pictures

Test Plan: Uploaded Animated images as profile pictures to check if the animation of gif images is preserved and it does :) somewhat !

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, Korvin

Differential Revision: https://secure.phabricator.com/D4833
2013-02-08 09:42:28 -08:00
Bryan Cuccioli
c105a5bde0 Refactor developer options to specific developer-mode option.
Summary: Refactor options related to verbose error reporting and forcing disk reads into a single developer option.

Test Plan: Run Phabricator with the developer-mode option set and check that errors print stack traces, static assets are always reloaded, etc.

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, Korvin

Differential Revision: https://secure.phabricator.com/D4780
2013-02-01 10:12:17 -08:00
Afaque Hussain
5017c80b31 Installation & Uninstallion of Applications
Summary: Created Applications application which allows uninstallation & installation of application.

Test Plan: In "Applications" application, clicked on uninstalled the application by cliking Uninstall and chekcing whether they are really uninstalled(Disabling URI & in appearance in the side pane). Then Clicked on the install button of the uninstalled application to check whether they are installed.

Reviewers: epriestley

CC: aran, Korvin

Differential Revision: https://secure.phabricator.com/D4715
2013-01-29 09:17:24 -08:00
Bob Trahan
4d22c9104f Conpherence - reply handler integration
Summary: Added a reply handler. A few problems -- first, I can't seem to get this to actually send me email so I haven't been able to reply (which I would have done by generating a reply, then copying the raw email into scripts/mail_handler.php). Second, the subject is often terrible on these emails -- unless the conpherence is named its something gross like "E4:" Third, on create I am noticing an error on array_combine() which I think is related to the need to write array_combine_not_broken or what have you I saw go by... (PhabricatorTransactionEditor does array_combine(xaction->getOldValue(), xaction->getOldValue()) and complains that the arrays are empty)

Test Plan: noted that /mail/ said mails were being sent

Reviewers: epriestley

Reviewed By: epriestley

CC: chad, aran, Korvin

Maniphest Tasks: T2399

Differential Revision: https://secure.phabricator.com/D4656
2013-01-25 16:03:54 -08:00
Ricky Elrod
e990488889 Set some defaults back to correctness.
Summary:
There were a few defaults that got changed when porting to PHP. Most of them
seem to be accidental, so this diff sets them back to correctness.

Test Plan:
  php> require '../libphutil/src/__phutil_library_init__.php';
  php> require 'src/__phutil_library_init__.php'
  php> $a = PhabricatorApplicationConfigOptions::loadAllOptions()
  php> $b = require 'conf/default.conf.php';
  php> $x = array();
  php> foreach($a as $key => $obj) { $x[$key] = $obj->getDefault(); }
  php> foreach($x as $key => $default) { if ($b[$key] != $default) { echo "$key has different default.\n"; } }

  log.access.format has different default.
  (seems to be intentional)

  PHP Notice:  Undefined index: phabricator.env in /usr/lib/python2.7/site-packages/phpsh/phpsh.php(577) : eval()'d code on line 1
  (no longer in config file)

  PHP Notice:  Undefined index: test.value in /usr/lib/python2.7/site-packages/phpsh/phpsh.php(577) : eval()'d code on line 1
  (not in config file)

  metamta.default-address has different default.
  (intentional)

  metamta.domain has different default.
  (intentional)

  PHP Notice:  Undefined index: phid.external-loaders in /usr/lib/python2.7/site-packages/phpsh/phpsh.php(577) : eval()'d code on line 1
  (no longer in config file)

  phame.skins has different default.
  (fixed in D4618)

Reviewers: epriestley, btrahan

Reviewed By: epriestley

CC: aran, Korvin

Maniphest Tasks: T2255

Differential Revision: https://secure.phabricator.com/D4621
2013-01-24 12:10:41 -08:00
epriestley
3440892d7b Allow some protocols
Summary: I heard this HTTP thing is pretty good.

Test Plan: @starruler did things which confirmed this is less bad than D4611.

Reviewers: starruler

Reviewed By: starruler

CC: aran

Differential Revision: https://secure.phabricator.com/D4612
2013-01-23 18:44:19 -08:00
epriestley
62a27c1caa Fix uri.allowed-protocols default value
Summary: Fixes T2392.

Test Plan: grepped for others, this is the only `set` with non-array default

Reviewers: chad, starruler

Reviewed By: starruler

CC: aran

Maniphest Tasks: T2392

Differential Revision: https://secure.phabricator.com/D4611
2013-01-23 18:40:19 -08:00
epriestley
c95dcab439 Set hard-coded defaults for list<string> values to array()
Summary: These should default to array() so they're safe to `foreach` over.

Test Plan: Grepped for 'list<string>'.

Reviewers: codeblock, btrahan, starruler, vrana

Reviewed By: vrana

CC: aran

Differential Revision: https://secure.phabricator.com/D4600
2013-01-23 13:12:23 -08:00
epriestley
7e17acfb68 Remove PhabricatorSetup and make PHABRICATOR_ENV optional
Summary:
  - PHABRICATOR_ENV is now optional. If you don't specify it, we won't load a config file.
  - PhabricatorSetup is now gone.
    - I removed the alternate file domain check for now, see T2380.
  - `phabricator.setup` config is now gone.
  - Rewrote documentation:
    - No more mentions of `phabricator.setup`.
    - Normal install guide no longer mentions PHABRICATOR_ENV. This is now an advanced topic.
    - Clarified that you only need to set up one of apache, nginx or lighttpd.
    - Tweaked a few things I've seen users have difficulty with.

This should have no effect on any existing installs, but make the process much simpler for future installs.

Closes T2221.
Closes T2223.
Closes T2228.

Test Plan:
  - Removed my PHABRICATOR_ENV and went through the install process.
  - Generated and read documentation.

Reviewers: btrahan, chad

Reviewed By: btrahan

CC: aran

Maniphest Tasks: T2221, T2223, T2228

Differential Revision: https://secure.phabricator.com/D4596
2013-01-23 12:03:19 -08:00
epriestley
4425903480 Don't require phabricator.base-uri to be configured
Summary:
Fixes T2293.

We currently hard-require this in setup. We do not need to; we don't actually need it until we start running daemons. Move it to post-install and provide more guidance.

We could make this even easier in the future, but we'd need to special case it, since it's dangerous to let it be set to any value (if you set it to the wrong value, you can't log in). We could safely have a workflow which writes the current request URI into the database configuration, or a two-stage workflow where we set the URI and then verify it, but these both imply some special casing and complication. This should be a step forward from where we are today, regardless.

Test Plan:
Removed "phabricator.base-uri" from my configuration. Verified Phabricator still works.

Without "phabricator.base-uri" configured, logged in from multiple host names (127.0.0.1:8080, local.aphront.com:8080).

Configured "phabricator.base-uri". Verified my unblessed session no longer worked. Verified setup issue went away.

Reviewers: btrahan, vrana

Reviewed By: btrahan

CC: aran

Maniphest Tasks: T2293

Differential Revision: https://secure.phabricator.com/D4580
2013-01-22 13:57:02 -08:00
Ricky Elrod
bad95c15ce Add enum option type.
Summary: Might not be the cleanest way to do this, but seems to work.

Test Plan:
- Saved an option which used the new enum type.
- Changed it.
- Saw it show up on the list view.

Reviewers: epriestley, chad

Reviewed By: epriestley

CC: aran, Korvin

Maniphest Tasks: T2255

Differential Revision: https://secure.phabricator.com/D4572
2013-01-21 18:48:29 -08:00
Nick Pellegrino
3e6fa43658 getConfigEnv fails fast when key is not found and no default value is given.
Summary:
T2345
getConfig throws an Exception when the key does not exist.
Also removes dead code that throws an Exception.

Test Plan:
Reloaded the Phabricator home page.  In the process, found
2 Exceptions thrown due to nonexistent keys.  After addressing these problems,
the home page loads without Exceptions.

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, Korvin

Differential Revision: https://secure.phabricator.com/D4541
2013-01-19 12:11:28 -08:00
Lauri-Henrik Jalonen
2a6060a763 Added beta status for applications
Summary: Fixes T2338

Test Plan: bjhb

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, Korvin, chad

Maniphest Tasks: T2338

Differential Revision: https://secure.phabricator.com/D4529
2013-01-19 10:31:28 -08:00
Debarghya Das
2888d58034 Moved Version Footer from Footer to /config/all
Summary: Fixed T2349

Test Plan:
Could not visibly see version at footer any more. Appeared in the top of /config.
Does not appear as a config option in /config.

Reviewers: epriestley

CC: aran, Korvin

Maniphest Tasks: T2349

Differential Revision: https://secure.phabricator.com/D4539
2013-01-19 10:27:59 -08:00
Asher Baker
da9315b145 Read default values of custom config options
Summary: Because the Default configuration provider is loaded before custom libraries, any config options specified in them don't get a default values.

Test Plan: Looked at /config/

Reviewers: epriestley, codeblock, btrahan

Reviewed By: epriestley

CC: aran, Korvin

Differential Revision: https://secure.phabricator.com/D4532
2013-01-19 08:36:08 -08:00
epriestley
5beaafb952 Load libraries before adding database config
Summary:
If your configuration overrides the connection adapter, we need to load libraries before we can setup the database config source.

Also lock this since it won't work when edited from the web anymore, and so sneaky users can't upload stuff and then edit their config to run arbitrary code.

Test Plan: See chatlog in #phabricator. This is a problem for Facebook only.

Reviewers: vrana, btrahan

Reviewed By: vrana

CC: aran

Differential Revision: https://secure.phabricator.com/D4498
2013-01-17 18:59:58 -08:00
Ricky Elrod
da6296a176 LDAP STARTTLS option.
Summary: For GitHub PR 246.

Test Plan: Looked at the option.

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, Korvin

Maniphest Tasks: T2255

Differential Revision: https://secure.phabricator.com/D4485
2013-01-17 09:50:01 -08:00
epriestley
83f5452d53 Implement all remaining config options
Summary: Resolves T2255.

Test Plan: Looked at mail options. Saw no remaining "Setup Issues".

Reviewers: codeblock, btrahan

Reviewed By: codeblock

CC: aran

Maniphest Tasks: T2255

Differential Revision: https://secure.phabricator.com/D4477
2013-01-16 15:06:39 -08:00
epriestley
99847da3aa Mask remaining config values, and implement set type
Summary: The remaining hash/key values are already-migrated, I am just bad at grep. Also implement a "set" type.

Test Plan: Looked at set, edited set.

Reviewers: codeblock, btrahan

Reviewed By: codeblock

CC: aran

Maniphest Tasks: T2255

Differential Revision: https://secure.phabricator.com/D4476
2013-01-16 15:06:07 -08:00
epriestley
3ded757e84 Implement more configuration options
Summary:
Allow extra options to be locked, hidden or masked via config. These options are themselves locked and can not be edited via the web UI.

The primary goal here is to let us lock or hide things from SaaS installs (e.g., keys, etc.), or to let server administrators lock or hide information from web UI administrators if they want to for some reason.

The secondary goal is to remove the `darkconsole.config-mask` option, although I might just remove the panel entirely and put it in the config app, since that probably makes far more sense. Yeahhhhh... probably doing that.

These options need masks when ported (they haven't been ported yet):

    phabricator.csrf-key
    phabricator.mail-key
    security.hmac-key

Test Plan: Artifically tweaked lock/hide settings on options, verified the UI respected them.

Reviewers: codeblock, btrahan

Reviewed By: codeblock

CC: aran

Maniphest Tasks: T2255

Differential Revision: https://secure.phabricator.com/D4472
2013-01-16 10:52:09 -08:00
Ricky Elrod
65fbbd06c6 OAuth options.
Test Plan: Looked at the options.

Reviewers: epriestley, btrahan, chad

Reviewed By: epriestley

CC: aran, Korvin

Maniphest Tasks: T2255

Differential Revision: https://secure.phabricator.com/D4470
2013-01-16 10:00:54 -08:00
Ricky Elrod
8b1fb16865 Don't preface 'Daemons' with 'Phabricator'.
Summary:
It's obvious that they're Phabricator related (why else would we provide
settings for them) and nothing else is prefaced.

Test Plan: Looked at /config/

Reviewers: epriestley, chad, btrahan

Reviewed By: epriestley

CC: aran, Korvin

Maniphest Tasks: T2255

Differential Revision: https://secure.phabricator.com/D4471
2013-01-16 09:47:29 -08:00
epriestley
b04a6a1999 Diffusion / MetaMTA options
Summary: Implement Diffusion MetaMTA options. Also make the fake '{{config.option}}' rule work, and use Remarkup to render summaries as well as descriptions.

Test Plan: Looked at Diffusion rules, edited some, looked at setup issues, verified '{{config.option}}' linked to the right option.

Reviewers: codeblock, btrahan

Reviewed By: codeblock

CC: aran

Maniphest Tasks: T2255

Differential Revision: https://secure.phabricator.com/D4466
2013-01-16 09:08:13 -08:00
epriestley
950076ec95 Bring SendGrid configuration into PHP
Summary: Port more settings.

Test Plan: Looked at, edited settings.

Reviewers: codeblock, btrahan

Reviewed By: codeblock

CC: aran

Maniphest Tasks: T2255

Differential Revision: https://secure.phabricator.com/D4442
2013-01-15 12:04:05 -08:00
epriestley
c8a2bc982c Bring PHPMailer config into the new config UI
Summary:
Port PHPMailer options. Also:

  - Don't show values on config lists if they're masked (this is mostly for passwords, to prevent them from being idly/accidentally disclosed).
  - Don't show "default" icon -- just show an icon if the value has been customized. This makes it easier to pick out custom values.

Test Plan: Looked at / edited mailer values.

Reviewers: codeblock, btrahan

Reviewed By: codeblock

CC: aran

Maniphest Tasks: T2255

Differential Revision: https://secure.phabricator.com/D4441
2013-01-15 12:03:44 -08:00
Ricky Elrod
0c6e5f86bc Port a few various options.
Summary:
- remarkup.enable-embedded-youtube
- controller.oauth-registration
- aphront.default-application-configuration-class
- cache.enable-deflate

Test Plan: Saw the new options in the web interface.

Reviewers: epriestley, chad, btrahan

Reviewed By: epriestley

CC: aran, Korvin

Maniphest Tasks: T2255

Differential Revision: https://secure.phabricator.com/D4424
2013-01-13 15:10:40 -08:00
Ricky Elrod
dceb161150 Add the tokenizer.ondemand setting to Core for now.
Summary:
T2255 lists it as "???" and we don't have a "Misc" category and it seems silly
to make it for one option, so stick this in core for now.

Test Plan: Went to the setting page and saw the bool options.

Reviewers: epriestley, chad

Reviewed By: epriestley

CC: aran, Korvin

Maniphest Tasks: T2255

Differential Revision: https://secure.phabricator.com/D4389
2013-01-10 11:09:38 -08:00
Ricky Elrod
054f09fb50 Add syntax highlighting options.
Test Plan: Quick view of each option in the web interface.

Reviewers: epriestley, btrahan, chad

Reviewed By: epriestley

CC: aran, Korvin

Maniphest Tasks: T2255

Differential Revision: https://secure.phabricator.com/D4386
2013-01-10 09:56:39 -08:00
epriestley
bc2db90f61 Minor, fix old call to setOptions() introduced out of order.
Auditors: codeblock
2013-01-09 08:15:18 -08:00
Ricky Elrod
71b5d8f584 Default to "True" and "False" for bool options.
Summary:
Rather than throwing if we don't `setOptions()`, let's just default to `true`
and `false`.

Test Plan:
Removed a `setOptions()` call temporarily and saw options default to
`true` / `false`.

Reviewers: epriestley, btrahan, chad

Reviewed By: epriestley

CC: aran, Korvin

Maniphest Tasks: T2255

Differential Revision: https://secure.phabricator.com/D4368
2013-01-09 08:14:29 -08:00
Ricky Elrod
cdaf898b9c PHD Options.
Test Plan: Looked at the options render properly.

Reviewers: epriestley, btrahan, chad

Reviewed By: epriestley

CC: aran, Korvin

Maniphest Tasks: T2255

Differential Revision: https://secure.phabricator.com/D4367
2013-01-09 06:05:36 -08:00
Ricky Elrod
f7939b90e3 Fix reversed order of boolean config options.
Summary: See discussion in D4355, this fixes reversed bool logic.

Test Plan:
- Quickly viewed in the web interface to make sure it didn't break anything.
- Saved `ldap.auth-enabled` with correct boolean value in the db.

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, Korvin

Differential Revision: https://secure.phabricator.com/D4357
2013-01-07 13:54:37 -08:00
Ricky Elrod
9aa772ed00 First go at Authentication config options.
Test Plan: Looked at them in the web UI.

Reviewers: epriestley, chad, btrahan

Reviewed By: epriestley

CC: aran, Korvin

Maniphest Tasks: T2255

Differential Revision: https://secure.phabricator.com/D4355
2013-01-07 12:48:43 -08:00
Ricky Elrod
49b842187e Add Policy options.
Test Plan: Looked at the setting and available options from the dropdown.

Reviewers: epriestley, chad

Reviewed By: chad

CC: aran, Korvin

Maniphest Tasks: T2255

Differential Revision: https://secure.phabricator.com/D4354
2013-01-07 12:47:29 -08:00
Ricky Elrod
ae0773b789 Add translations config group.
Summary:
Adds the translations group as per T2255. Currently `translation.override` is
`wild` -- it should be changed to dict<string, string> when that exists.

Also fixes a small bug from D4326 which caused "class" types to not ever
validate.

Test Plan:
- Looked at the settings.
- Successfully saved a setting relating to classes.

Reviewers: epriestley, btrahan

Reviewed By: epriestley

CC: aran, Korvin

Maniphest Tasks: T2255

Differential Revision: https://secure.phabricator.com/D4350
2013-01-04 16:22:56 -08:00
epriestley
9a936b5bf3 Move notification configuration into PHP
Summary: Bring notification settings to PHP.

Test Plan: Viewed notification settings in /config/.

Reviewers: codeblock, btrahan

Reviewed By: btrahan

CC: aran

Maniphest Tasks: T2255

Differential Revision: https://secure.phabricator.com/D4337
2013-01-03 09:29:19 -08:00
epriestley
af604464d7 Move Recaptcha config to PHP
Summary: Bring these over. Also sort the group list.

Test Plan: Viewed config.

Reviewers: btrahan, codeblock, chad

Reviewed By: chad

CC: aran

Maniphest Tasks: T2255

Differential Revision: https://secure.phabricator.com/D4338
2013-01-03 09:17:38 -08:00
epriestley
0902543fc8 Port MySQL settings to PHP
Summary:
  - Ports MySQL settings to PHP.
  - Removes "mysql.retries" -- this existed only because Magic Numbers Are Bad, but there is no concievable reason it should ever be set to anything other than 3.
  - Introduced "Hidden" config, which isn't visible from the web (for SaaS, we'll just mark anything with secret keys as "hidden").
  - Introduced "Masked" config, which will be masked in darkconsole once that gets updated.
  - "Hidden" implies "Masked" and "Locked".
  - Moved "storage.default-namespace" here -- it probably makes more sense than core; this was my bad in T2255.
  - Put cancel button back for hidden/locked config.
  - Introduce 'class' config type.

Test Plan: Viewed MySQL options. None are editable.

Reviewers: codeblock, btrahan

Reviewed By: codeblock

CC: aran

Maniphest Tasks: T2255

Differential Revision: https://secure.phabricator.com/D4326
2013-01-03 06:01:14 -08:00
Ricky Elrod
3b3808c476 Add the rest of the "Debug/Developer" config group.
Summary:
- Adds the rest of the group as per T2255.
- Adds a pht() around the `$developer_warning` in `PhabricatorStandardPageView`.

Test Plan:
- Viewed new config options.
- Triggered a fake warning to make sure I didn't break error callouts.

Reviewers: epriestley, btrahan

Reviewed By: epriestley

CC: aran, Korvin

Maniphest Tasks: T2255

Differential Revision: https://secure.phabricator.com/D4333
2013-01-03 05:48:21 -08:00
Ricky Elrod
f84e0ca533 Add the "Security" config group options.
Summary: Added all the "Security" group options listed in T2255.

Test Plan:
- Looked at all the options.
- Tested validation on `security.alternate-file-domain`

Reviewers: epriestley, btrahan

Reviewed By: epriestley

CC: aran, Korvin

Maniphest Tasks: T2255

Differential Revision: https://secure.phabricator.com/D4334
2013-01-03 05:46:37 -08:00
Ricky Elrod
7b2ab1a4bc Add the "Extending Phabricator" config group.
Summary: Refs T2255 and takes care of the "EXTENDING PHABRICATOR" group thereof.

Test Plan: Looked at each of the new options.

Reviewers: epriestley, btrahan

Reviewed By: epriestley

CC: aran, Korvin

Maniphest Tasks: T2255

Differential Revision: https://secure.phabricator.com/D4325
2013-01-02 15:52:36 -08:00
Ricky Elrod
cad546301d Add pht() to two strings in Core settings.
Summary: See title.

Test Plan: Checked that the strings still rendered.

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, Korvin

Maniphest Tasks: T2255

Differential Revision: https://secure.phabricator.com/D4327
2013-01-02 15:52:19 -08:00
epriestley
962b432bfb Move LDAP config into PHP
Summary: This config section is weak (poorly documented) and inconsistent (keys with "_" instead of "-") but I'm going to keep punting on improving it until after T1536.

Test Plan: Loaded, examined LDAP config.

Reviewers: btrahan, codeblock

Reviewed By: codeblock

CC: aran

Maniphest Tasks: T2255

Differential Revision: https://secure.phabricator.com/D4322
2013-01-02 14:04:05 -08:00
epriestley
a3fdb20a8e Move GC into PHP and simplify it
Summary:
  - Move GC options into PHP.
  - Remove the "run at" and "run for" options. The GC daemon doesn't actually do any table scans, is very gentle, and runs for like 3 seconds per day in any normal install. Just limit it to running once every 4 hours when it's caught up and call it a day.

Test Plan: Edited GC options.

Reviewers: btrahan, codeblock

Reviewed By: codeblock

CC: aran

Maniphest Tasks: T2255

Differential Revision: https://secure.phabricator.com/D4321
2013-01-02 14:03:08 -08:00
epriestley
9cef013def Allow configuration options to be locked
Summary: Some config shouldn't reasonably be edited from the web interface because it immediately torpedoes the install if you make a mistake. Block edits to "locked" config.

Test Plan: Tried to edit locked config, got denied. Viewed locked config on edit and list screens.

Reviewers: codeblock, btrahan

Reviewed By: btrahan

CC: aran

Maniphest Tasks: T2255

Differential Revision: https://secure.phabricator.com/D4320
2013-01-02 14:02:43 -08:00
epriestley
db21319b39 Specialize list<string> in config
Summary: Specialize editing, display and validation of list<string> options.

Test Plan: Edited, viewed and validated "environment.append-paths".

Reviewers: codeblock, btrahan

Reviewed By: btrahan

CC: aran

Maniphest Tasks: T2255

Differential Revision: https://secure.phabricator.com/D4319
2013-01-02 14:02:31 -08:00
epriestley
cff043a800 Validate timezones
Summary:
Add validation for timezones, since date_default_timezone_set() returns a usable error code.

Note that we could also list all the timezones using timezone_identifiers_list(), but the list is enormous (many hundreds of entries) and impossible to use (~160 entries in "America" alone). I listed the likely US values as examples but left it as a string input text field.

Test Plan: Tried to save an invalid setting. Saved a valid setting.

Reviewers: codeblock, btrahan

Reviewed By: btrahan

CC: aran

Maniphest Tasks: T2255

Differential Revision: https://secure.phabricator.com/D4318
2013-01-02 14:02:22 -08:00
Ricky Elrod
9c41ea9609 Add some more options to the "core" group.
Summary:
Refs #2255 and completes the first group ("CORE") in @epriestley's comment
thereof.

Test Plan: Saw the new options appear in the list and save correctly.

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, Korvin

Differential Revision: https://secure.phabricator.com/D4317
2013-01-02 06:55:16 -08:00
epriestley
ec7d799b2f Add "Core" config, with complex validation
Summary: This is more or less a copy of the validation which lives in `webroot/index.php` right now, but I don't want to wipe that out just yet because there's no way for normal users to see this new validation.

Test Plan: Tried to set "phabricator.base-uri" to crazy nonsense, was harshly rebuffed.

Reviewers: codeblock, btrahan

Reviewed By: codeblock

CC: aran

Maniphest Tasks: T2255

Differential Revision: https://secure.phabricator.com/D4316
2013-01-01 18:22:48 -08:00
epriestley
a86fd38394 Allow configuration to be explicitly validated, including validation of complex attributes
Summary:
  - Allows us to implement setup warnings for edits which don't go through the web UI, e.g. "you edited a config file and set value X to something goofy".
  - Allows us to implement more sophisticated validations, beyond basic type checks (e.g., "phabricator.base-uri" must be a URI).
  - Fixes T358 (or, close enough -- fixes it for all options which have been migrated as per T2255.

Test Plan: Set "darkconsole.enabled" to "xyz" in my config, observed setup warning. Added fake validation, observed web UI edit error.

Reviewers: codeblock, btrahan

Reviewed By: codeblock

CC: aran

Maniphest Tasks: T2255, T358

Differential Revision: https://secure.phabricator.com/D4315
2013-01-01 18:15:03 -08:00
epriestley
8a52a6d585 Add Disqus, Facebook, Google, GitHub auth config; AWS config
Summary: Also improve behavior for the "unknown config" warning.

Test Plan: Looked at configs, went through unknown config workflow.

Reviewers: btrahan, codeblock

Reviewed By: btrahan

CC: aran

Maniphest Tasks: T2255

Differential Revision: https://secure.phabricator.com/D4310
2013-01-01 14:09:29 -08:00
epriestley
a3bff35b2b Add "Developer" and "Access Log" config option groups, some types
Summary:
  - Add a "developer" option group.
  - Add an "access log" option group.
  - Render the types "bool", "int" and "string" in a more tailored way.
  - Add a config check for dead config. Right now this serves as a "TODO" list of things that need to be migrated.

Test Plan: Looked at config options, setup issues. Edited bool, int, string options.

Reviewers: codeblock, btrahan

Reviewed By: codeblock

CC: aran

Maniphest Tasks: T2255

Differential Revision: https://secure.phabricator.com/D4308
2013-01-01 14:09:17 -08:00
epriestley
b852f213c3 Begin moving Phabricator configuration into PHP
Summary: Ref T2255. Ref T2221. Lay the groundwork to move configuration into PHP, so we can show descriptions in the web UI, do typechecking, disable application options when an application is uninstalled, etc.

Test Plan:
{F28421}
{F28420}
{F28422}

Reviewers: codeblock, btrahan, vrana

Reviewed By: codeblock

CC: aran

Maniphest Tasks: T2221, T2255

Differential Revision: https://secure.phabricator.com/D4306
2012-12-30 15:36:06 -08:00