1
0
Fork 0
mirror of https://we.phorge.it/source/phorge.git synced 2024-11-30 18:52:42 +01:00
Commit graph

656 commits

Author SHA1 Message Date
Eitan Adler
2536febed3 Remove duplicated duplicated words
Test Plan: eyeball it

Reviewers: joshuaspence, #blessed_reviewers, epriestley

Reviewed By: joshuaspence, #blessed_reviewers, epriestley

Subscribers: epriestley

Differential Revision: https://secure.phabricator.com/D13462
2015-06-27 08:43:44 -07:00
Chad Little
a89483ee5b [Redesign] Swap Slabo for Roboto Slab
Summary: Ref T8099, Moving to Roboto Slab for Document Headers. It's a little less serif-y and fits well with Lato. Also took a pass at cleaning up edge cases in Documents, Diviner, Phriction, Legalpad, and Welcome Screen.

Test Plan: Test Phriction, Diviner, Legalpad, Welcome Screen

Reviewers: btrahan, epriestley

Reviewed By: epriestley

Subscribers: epriestley, Korvin

Maniphest Tasks: T8099

Differential Revision: https://secure.phabricator.com/D13439
2015-06-25 09:20:51 -07:00
Chad Little
b942075205 [Redesign] Darken things when dark header is used
Summary: Ref T8099, uses original bgcolor when dark headers are used.

Test Plan: Switch between light and dark Phabricator, see new colors.

Reviewers: btrahan, epriestley

Reviewed By: epriestley

Subscribers: epriestley, Korvin

Maniphest Tasks: T8099

Differential Revision: https://secure.phabricator.com/D13361
2015-06-20 13:16:47 +01:00
epriestley
7d7e13d79b Merge branch 'master' into redesign-2015 2015-06-19 08:33:30 -07:00
Joshua Spence
dad29171ff Add more languages to syntax highlighting options
Summary: Fixes T8589. Adds a bunch of new languages to the syntax highlighting config options so that they are supported by #paste.

Test Plan: Saw new filetypes in Paste.

Reviewers: #blessed_reviewers, epriestley

Reviewed By: #blessed_reviewers, epriestley

Subscribers: epriestley, Korvin

Maniphest Tasks: T8589

Differential Revision: https://secure.phabricator.com/D13337
2015-06-18 22:39:22 +10:00
epriestley
f1b7fd483e Merge branch 'master' into redesign-2015 2015-06-16 19:34:36 -07:00
Bob Trahan
ca8adac1eb Config - make "No auth providers configured" check use proper hyperlinking technology
Summary: Fixes T8346. Also gets rid of the air quotes on Auth and uses the "Appname Application" style we use elsewhere.

Test Plan: slapped an "|| true" in the checking logic and verified the link was rendered in a usable fashion just below the error message.

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: epriestley, Korvin

Maniphest Tasks: T8346

Differential Revision: https://secure.phabricator.com/D13315
2015-06-16 14:49:52 -07:00
Chad Little
69b30c5d53 [Redesign] Move to light header by default
Summary: This should default to light, also made the icons on the dark headers more transparent.

Test Plan: Tested light, dark, blue, blindigo, and default.

Reviewers: btrahan, epriestley

Reviewed By: epriestley

Subscribers: epriestley, Korvin

Differential Revision: https://secure.phabricator.com/D13306
2015-06-16 09:42:47 -07:00
epriestley
53ef057b1b Merge branch 'master' into redesign-2015 2015-06-15 08:06:23 -07:00
Joshua Spence
1239cfdeaf Add a bunch of tests for subclass implementations
Summary: Add a bunch of tests to ensure that subclasses behave.

Test Plan: `arc unit`

Reviewers: eadler, #blessed_reviewers, epriestley

Reviewed By: eadler, #blessed_reviewers, epriestley

Subscribers: epriestley, Korvin

Differential Revision: https://secure.phabricator.com/D13272
2015-06-15 18:13:27 +10:00
Joshua Spence
b6d745b666 Extend from Phobject
Summary: All classes should extend from some other class. See D13275 for some explanation.

Test Plan: `arc unit`

Reviewers: epriestley, #blessed_reviewers

Reviewed By: epriestley, #blessed_reviewers

Subscribers: epriestley, Korvin

Differential Revision: https://secure.phabricator.com/D13283
2015-06-15 18:02:27 +10:00
Chad Little
9170e90112 [Redesign] Move basefont to Lato, remove Source Sans Pro
Summary: Working towards a more unified look and feel. This brings in Lato as a complete base font over Helvetica Neue, as well as removing Source Sans Pro from DocumentView and Conpherence. Design-wise Lato provides the nice readability at larger font sizes that Source Sans Pro did, with the ability to scale down to tables and UI widgets with ease. This gives us one font instead of two, and now Object descriptions and Timeline posts all can benefit from a consistent, readable font.

Test Plan:
Test main UI, smaller elements like tables, menus, DocumentViews, Previews, Conpherence.

{F498135}

{F498136}

Reviewers: btrahan, epriestley

Reviewed By: epriestley

Subscribers: epriestley, Korvin

Differential Revision: https://secure.phabricator.com/D13276
2015-06-13 20:32:45 +01:00
epriestley
57b898af9a Merge branch 'master' into redesign-2015 2015-06-10 07:44:58 -07:00
Chad Little
274cbf3cdb [Redesign] Uh... Add back gradient headers?
Summary: Ref T8099, hashtag#yolo. Adds back the original gradients plus a 'light' theme. Unclear which should be default, but we can play with it until a decision needs to be made.

Test Plan: Change colors a lot, turn on durable column.

Reviewers: btrahan, epriestley

Reviewed By: epriestley

Subscribers: Korvin, epriestley

Maniphest Tasks: T8099

Differential Revision: https://secure.phabricator.com/D13146
2015-06-03 20:21:12 -07:00
epriestley
6db97bde12 Build separate mail for each recipient, honoring recipient access levels
Summary:
Ref T6367. Removes `multiplexMail()`!

We can't pass a single body into a function which splits it anymore: we need to split recipients first, then build bodies for each recipient list. This lets us build separate bodies for each recipient's individual translation/access levels.

The new logic does this:

  - First, split recipients into groups called "targets".
    - Each target corresponds to one actual mail we're going to build.
    - Each target has a viewer (whose translation / access levels will be used to generate the mail).
    - Each target has a to/cc list (the users who we'll ultimately send the mail to).
  - For each target, build a custom mail body based on the viewer's access levels and settings (language prefs not actually implemented).
  - Then, deliver the mail.

Test Plan:
  - Read new config help.

Then did a bunch of testing, primarily with `bin/mail list-outbound` and `bin/mail show-outbound` (to review generated mail), `bin/phd debug taskmaster` (to run daemons freely) and `bin/worker execute --id <id>` (to repeatedly test a specific piece of code after identifying an issue).

With `one-mail-per-recipient` on (default):

  - Sent mail to multiple users.
  - Verified mail showed up in `mail list-outbound`.
  - Examined mail with `mail show-outbound`.
  - Added a project that a subscriber could not see.
    - Verified it was not present in `X-Phabricator-Projects`.
    - Verified it was rendered as "Restricted Project" for the non-permissioned viewer.
  - Added a subscriber, then changed the object policy so they could not see it and sent mail.
    - Verified I received mail but the other user did not.
  - Enabled public replies and verified mail generated with public addresses.
  - Disabld public replies and verified mail generated with private addresses.

With `one-mail-per-recipient` off:

  - Verified that one mail is sent to all recipients.
  - Verified users who can not see the object are still filtered.
  - Verified that partially-visible projects are completely visible in the mail (this violates policies, as documented, as the best available compromise).
  - Enabled public replies and verified the mail generated with "Reply To".

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: carlsverre, epriestley

Maniphest Tasks: T6367

Differential Revision: https://secure.phabricator.com/D13131
2015-06-03 18:59:31 -07:00
epriestley
8440b3efc0 Update account roles documentation and remove actAsUser
Summary:
Ref T8387. This describes changes I haven't made yet, but plan to make.

Also removes the long-deprecated actAsUser capability so I can remove the caveat about it from the documentation.

Test Plan: `grep`, reading

Reviewers: btrahan, eadler

Reviewed By: btrahan, eadler

Subscribers: eadler, epriestley

Maniphest Tasks: T8387

Differential Revision: https://secure.phabricator.com/D13120
2015-06-03 18:42:09 -07:00
Chad Little
d60f763c89 [Redesign] Update Config UI
Summary: Ref T8099, Sets a StatusIcon instead of a barColor on config status lists.

Test Plan: Review ignored and non-ignored status items.

Reviewers: btrahan, epriestley

Reviewed By: epriestley

Subscribers: Korvin, epriestley

Maniphest Tasks: T8341, T8099

Differential Revision: https://secure.phabricator.com/D13050
2015-05-28 11:14:02 -07:00
Chad Little
e81ec738f3 [Redesign] Add back limited header-color options
Summary: Ref T8099. Adds back basic header color options, which change the logo color instead. Also RAINBOW.

Test Plan:
tested each of the new colors.

{F442284}

Reviewers: btrahan, epriestley

Reviewed By: epriestley

Subscribers: Korvin, epriestley

Maniphest Tasks: T8099

Differential Revision: https://secure.phabricator.com/D13040
2015-05-27 14:56:21 -07:00
epriestley
bfca11dbba Merge branch 'master' into redesign-2015 2015-05-22 12:57:32 -07:00
Joshua Spence
36e2d02d6e phtize all the things
Summary: `pht`ize a whole bunch of strings in rP.

Test Plan: Intense eyeballing.

Reviewers: #blessed_reviewers, epriestley

Reviewed By: #blessed_reviewers, epriestley

Subscribers: hach-que, Korvin, epriestley

Differential Revision: https://secure.phabricator.com/D12797
2015-05-22 21:16:39 +10:00
epriestley
f5a9d1f8d4 Raise a setup issue for misconfigured Elasticsearch
Summary: Fixes T8274. That report is very light on details, but I think the issue is that their Elasticsearch is misconfigured and the new setup warning dies a little too hard if the server is just completely dead.

Test Plan: Set `search.elastic.host` to an invalid server, got a similar-looking exception (?), applied patch, got a setup warning instead.

Reviewers: btrahan, joshuaspence

Reviewed By: btrahan, joshuaspence

Subscribers: epriestley

Maniphest Tasks: T8274

Differential Revision: https://secure.phabricator.com/D12948
2015-05-20 14:21:46 -07:00
epriestley
f99c7beb90 Fully remove all the public-create-mail settings
Summary: Fixes T5703. These have been unused in production for a while and the new stuff seems good.

Test Plan: Mostly `grep`.

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: epriestley

Maniphest Tasks: T5703

Differential Revision: https://secure.phabricator.com/D12949
2015-05-20 14:21:33 -07:00
Chad Little
a4784e03ff [Redesign] Add Table, Collapse support to ObjectBox
Summary: Converts most all tables to be directly set via `setTable` to an ObjectBox. I think this path is more flexible design wise, as we can change the box based on children, and not just CSS. We also already do this with PropertyList, Forms, ObjectList, and Header. `setCollapsed` is added to ObjectBox to all children objects to bleed to the edges (like diffs).

Test Plan: I did a grep of `appendChild($table)` as well as searches for `PHUIObjectBoxView`, also with manual opening of hundreds of files. I'm sure I missed 5-8 places. If you just appendChild($table) nothing breaks, it just looks a little funny.

Reviewers: epriestley, btrahan

Subscribers: Korvin, epriestley

Differential Revision: https://secure.phabricator.com/D12955
2015-05-20 12:48:43 -07:00
Chad Little
fa858cc8fd [Redesign] ObjectBoxView colors
Summary: Removes setting colors on the headers and adds setting colors on an ObjectBoxView (which sets the headers). Ref T8099

Test Plan:
Tested each color, fixed workboard colors, added color to important setup issues.

{F410658}

{F410659}

Reviewers: btrahan, epriestley

Reviewed By: epriestley

Subscribers: Korvin, epriestley

Maniphest Tasks: T8099

Differential Revision: https://secure.phabricator.com/D12942
2015-05-19 16:47:48 -07:00
Joshua Spence
16a8ed72bd Modernize search engine selection
Summary: Remove the `PhabricatorDefaultSearchEngineSelector` class. This is quite similar to D12053.

Test Plan: Went to `/view/PhabricatorSearchApplication/` and saw the storage engine configuration. Set `search.elastic.host` and saw the highlighted storage engine change.

Reviewers: #blessed_reviewers, epriestley

Reviewed By: #blessed_reviewers, epriestley

Subscribers: Korvin, epriestley

Differential Revision: https://secure.phabricator.com/D12670
2015-05-20 06:59:59 +10:00
Chad Little
46f6c2680e [Redesign] New PHUIObjectItemListView
Summary:
New, cleaner, ObjectItemLists. Lots of minor style tweaks, basic overview:

 - Remove FootIcons
 - Remove Stackable
 - Remove Plain List
 - Add StatusIcon
 - Add setting ObjectList to an ObjectBox
 - Minor retouches to Headers

Mostly, this should give us an idea of life with the new Object Lists. I'll take another application by application pass down the road. This mostly looks at implementation in Maniphest, Differential, Audit, Workboards. Checked a few other areas and dialogs while testing, and everything looks square.

Test Plan: Maniphest, Differential, Homepage, Audit, People, and other applications. Drag reorder, etc.

Reviewers: btrahan, epriestley

Reviewed By: epriestley

Subscribers: Korvin, epriestley

Differential Revision: https://secure.phabricator.com/D12865
2015-05-15 13:28:59 -07:00
Joshua Spence
61b178f44e Use PhutilInvalidStateException
Summary: Use `PhutilInvalidStateException`. Depends on D12803.

Test Plan: Unit tests pass.

Reviewers: #blessed_reviewers, epriestley

Reviewed By: #blessed_reviewers, epriestley

Subscribers: Korvin, epriestley

Differential Revision: https://secure.phabricator.com/D12829
2015-05-14 07:53:52 +10:00
Joshua Spence
acb45968d8 Use __CLASS__ instead of hard-coding class names
Summary: Use `__CLASS__` instead of hard-coding class names. Depends on D12605.

Test Plan: Eyeball it.

Reviewers: #blessed_reviewers, epriestley

Reviewed By: #blessed_reviewers, epriestley

Subscribers: hach-que, Korvin, epriestley

Differential Revision: https://secure.phabricator.com/D12806
2015-05-14 07:21:13 +10:00
epriestley
7b6c320e15 Skeleton for "Multimeter", a performance sampling application
Summary:
Ref T6930. This application collects and displays performance samples -- roughly, things Phabricator spent some kind of resource on. It will collect samples on different types of resources and events:

  - Wall time (queries, service calls, pages)
  - Bytes In / Bytes Out (requests)
  - Implicit requests to CSS/JS (static resources)

I've started with the simplest case (static resources), since this can be used in an immediate, straghtforward way to improve packaging (look at which individual files have the most requests recently).

There's no aggregation yet and a lot of the data isn't collected properly. Future diffs will add more dimension data (controllers, users), more event and resource types (queries, service calls, wall time), and more display options (aggregation, sorting).

Test Plan: {F389344}

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: epriestley

Maniphest Tasks: T6930

Differential Revision: https://secure.phabricator.com/D12623
2015-05-01 13:19:43 -07:00
Chad Little
e427cb16f6 Fix show-hints config option copy
Summary: Fixes T7973.

Test Plan: Read copy.

Reviewers: btrahan, epriestley

Reviewed By: epriestley

Subscribers: Korvin, epriestley

Maniphest Tasks: T7973

Differential Revision: https://secure.phabricator.com/D12593
2015-04-28 09:34:48 -07:00
epriestley
f5580c7a08 Make buildWhereClause() a method of AphrontCursorPagedPolicyAwareQuery
Summary:
Ref T4100. Ref T5595.

To support a unified "Projects:" query across all applications, a future diff is going to add a set of "Edge Logic" capabilities to `PolicyAwareQuery` which write the required SELECT, JOIN, WHERE, HAVING and GROUP clauses for you.

With the addition of "Edge Logic", we'll have three systems which may need to build components of query claues: ordering/paging, customfields/applicationsearch, and edge logic.

For most clauses, queries don't currently call into the parent explicitly to get default components. I want to move more query construction logic up the class tree so it can be shared.

For most methods, this isn't a problem, but many subclasses define a `buildWhereClause()`. Make all such definitions protected and consistent.

This causes no behavioral changes.

Test Plan: Ran `arc unit --everything`, which does a pretty through job of verifying this statically.

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: yelirekim, hach-que, epriestley

Maniphest Tasks: T4100, T5595

Differential Revision: https://secure.phabricator.com/D12453
2015-04-20 10:06:09 -07:00
epriestley
2794c69db5 Remove getPagingColumn() / getReversePaging()
Summary: Ref T7803. Remove these in favor of more generalized paging and ordering.

Test Plan: Sorted and paged results in various applications.

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: epriestley

Maniphest Tasks: T7803

Differential Revision: https://secure.phabricator.com/D12378
2015-04-13 11:58:32 -07:00
epriestley
ffe9c26b00 Emit cache setup issues from cache specs
Summary:
Ref T5501. Currently, we emit some bad warnings about, e.g., "apc.stat" on PHP 5.5+ systems with OPcache, where the warnings are not relevant.

Generate and raise warnings out of the CacheSpec pipeline so we only run relevant code.

Test Plan: Faked various warnings and saw them render correctly.

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: epriestley

Maniphest Tasks: T5501

Differential Revision: https://secure.phabricator.com/D12318
2015-04-08 11:31:01 -07:00
epriestley
4783c3940d Summarize data cache usage and allocation information
Summary: Ref T5501. Group cache data by key pattern.

Test Plan: {F362994}

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: epriestley

Maniphest Tasks: T5501

Differential Revision: https://secure.phabricator.com/D12317
2015-04-07 16:00:18 -07:00
epriestley
c5d38c6e08 Provide more information about cache sizing in cache diagnostics
Summary: Ref T5501. This expands cache information a little more.

Test Plan: {F362975}

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: epriestley

Maniphest Tasks: T5501

Differential Revision: https://secure.phabricator.com/D12316
2015-04-07 15:08:47 -07:00
epriestley
0880788bd4 Restructure cache checks to improve modularity
Summary:
Ref T5501. This code was headed down a bad road; dump an indirection layer between rendering and data gatehring.

In particular, this will make it much easier to lift these issues into setup warnings eventually.

Test Plan: Viewed cache status page.

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: epriestley

Maniphest Tasks: T5501

Differential Revision: https://secure.phabricator.com/D12315
2015-04-07 14:38:03 -07:00
epriestley
c6b05dbb63 Add a very basic cache status page
Summary:
Ref T5501. This is just getting version detection and availability right, probably.

Eventually, this will get lifted up a bit and "$remedy" will turn into setup issues (or maybe one setup issue saying "your cache setup is messed up, click here to understand why").

Test Plan:
{F362935}

I intend to shove these up to production one-by-one since production is APC and local is Opcache + APCu.

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: epriestley

Maniphest Tasks: T5501

Differential Revision: https://secure.phabricator.com/D12314
2015-04-07 14:28:20 -07:00
epriestley
7aebd2388f Remove monospaced font preference global defaults
Summary: Fixes T7764. These settings have low utility, are no longer used by default, have become less useful on modern Windows which has a better selection of available fonts, and will eventually be subsumed (at least, for the most part) by T4103.

Test Plan:
  - Grepped for strings.
  - Viewed settings.
  - Changed font to "24px impact".
  - Viewed diffs with default and custom font.

Reviewers: btrahan, chad

Reviewed By: chad

Subscribers: chad, epriestley

Maniphest Tasks: T7764

Differential Revision: https://secure.phabricator.com/D12301
2015-04-06 08:08:53 -07:00
Joshua Spence
ea376685ae Fix some odd looking arrays
Summary: These arrays looks a little odd, most likely due to the autofix applied by `ArcanistXHPASTLinter::LINT_ARRAY_SEPARATOR`. See D12296 in which I attempt to improve the autocorrection from this linter rule.

Test Plan: N/A

Reviewers: epriestley, #blessed_reviewers

Reviewed By: epriestley, #blessed_reviewers

Subscribers: epriestley

Differential Revision: https://secure.phabricator.com/D12281
2015-04-05 22:29:39 +10:00
epriestley
5b1d0f9ed7 Remove "metamta.precedence-bulk" option (always enable it)
Summary: Ref T7746. This might possibly improve deliverability. Or might make it worse. Who knows?

Test Plan: `grep`

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: epriestley

Maniphest Tasks: T7746

Differential Revision: https://secure.phabricator.com/D12266
2015-04-03 16:38:27 -07:00
epriestley
34db543d27 Remove all application-specific reply handler class overrides
Summary:
Ref T7199. In the vein of D12231, these options were a bad idea.

  - They once served a very narrow, Facebook-specific need (see T1992), except even Facebook only used the Differential setting AFAIK.
  - Outside of that special case, they are unused and essentially unusable (generally speaking, they do not meaningfully implement anything modular or replaceable).
  - I have no knowledge of any install ever changing these settings, and can imagine no reason why they would.

Moving forward:

  - If they really need to, they can fork locally and chagne one line.
  - I expect "!actions" to make mail at least somewhat more modular soon, anyway.
  - Any derived handlers would break after T7199 and need to be rewritten anyway, so this is just taking advantage of a BC break to do cleanup.

Test Plan:
  - Grepped for removed configuration.
  - Sent some mail from applications, verified the reply handlers set proper reply addresses.

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: epriestley

Maniphest Tasks: T7199

Differential Revision: https://secure.phabricator.com/D12233
2015-03-31 17:22:01 -07:00
epriestley
bad645f1ec Remove all application-specific reply handler domains
Summary:
Ref T7199. These were a bad idea which got copy-pasted a bunch.

  - There is zero reason to ever set these to different things.
  - Unsurprisingly, I don't know of any install which has them set to different things.

Unless I've completely forgotten about it, this option was not motivated by some obscure business need, it was just a bad decision which didn't catch anyone's attention at the time.

We partially remedied the mistake at some point by introducing `metamta.reply-handler-domain`, which works as a default for all applications, but never cleaned this mess up.

Test Plan: Sent some mail from applications, verified it picked up appropraite reply handler domains.

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: epriestley

Maniphest Tasks: T7199

Differential Revision: https://secure.phabricator.com/D12231
2015-03-31 16:48:40 -07:00
epriestley
030e05aa4c Remove reply handler instructions from email
Summary:
Ref T7199. Although this is useful for discovery, it's un-useful enough that we already have an option to disable it, and most applications do not provide any meaningful instructions.

Throwing it away makes it easier to move forward and lets us get rid of a config option.

This is becoming a more advanced/power-user feature anyway, and the new syntax will be significantly more complex and hard to explain with a one-liner. I'm currently thinking that I'll maybe make the "help" menu a dropdown and give it some options like:

  +---+
  | O |
  +---+---------------------+
  | Maniphest Documentation |
  | Maniphest Email Actions |
  +-------------------------+

Then you click the "Email Actions" thing and get a runtime-derived list of available options. Not sure if I'll actually build that, but I think we can fairly throw the in-mail instructions away even if we don't go in that specific direction.

Test Plan: Grepped for `replyHandlerInstructions`, got no hits.

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: epriestley

Maniphest Tasks: T7199

Differential Revision: https://secure.phabricator.com/D12229
2015-03-31 16:48:17 -07:00
epriestley
1c32c9b965 Improve granluarity and defaults of security.allow-outbound-http
Summary:
Ref T6755. This is a partial fix, but:

  - Allow netblocks to be blacklisted instead of making the feature all-or-nothing.
  - Default to disallow requests to all reserved private/local/special IP blocks. This should generally be a "safe" setting.
  - Explain the risks better.
  - Improve the errors rasied by Macro when failing.
  - Removed `security.allow-outbound-http`, as it is superseded by this setting and is somewhat misleading.
    - We still make outbound HTTP requests to OAuth.
    - We still make outbound HTTP requests for repositories.

From a technical perspective:

  - Separate URIs that are safe to link to or redirect to (basically, not "javascript://") from URIs that are safe to fetch (nothing in a private block).
  - Add the default blacklist.
  - Be more careful with response data in Macro fetching, and don't let the user see it if it isn't ultimately valid.

Additionally:

  - I want to do this check before pulling repositories, but that's enough of a mess that it should go in a separate diff.
  - The future implementation of T4190 needs to perform the fetch check.

Test Plan:
  - Fetched a valid macro.
  - Fetched a non-image, verified it didn't result in a viewable file.
  - Fetched a private-ip-space image, got an error.
  - Fetched a 404, got a useful-enough error without additional revealing response content (which is usually HTML anyway and not useful).
  - Fetched a bad protocol, got an error.
  - Linked to a local resource, a phriction page, a valid remote site, all worked.
  - Linked to private IP space, which worked fine (we want to let you link and redierect to other private services, just not fetch them).
  - Added and executed unit tests.

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: epriestley

Maniphest Tasks: T6755

Differential Revision: https://secure.phabricator.com/D12136
2015-03-23 10:44:03 -07:00
epriestley
80b8dc521d Fix Mercurial command injection vulnerability
Summary: See <http://chargen.matasano.com/chargen/2015/3/17/this-new-vulnerability-mercurial-command-injection-cve-2014-9462.html>.

Test Plan: Crafted bad remote URL; got error instead of code execution.

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: epriestley

Differential Revision: https://secure.phabricator.com/D12112
2015-03-20 09:26:32 -07:00
epriestley
b7fa55ff93 Fix improper selection of the chunk engine as a writable engine
Summary:
Fixes T7621. The engine selection code started out making sense, but didn't make as much sense by the time I was done with it.

Specifically, from the vanilla file upload, we may incorrectly try to write directly to the chunk storage engine. This is incorrect, and produces a confusing/bad error.

Make chunk storage engines explicit and don't try to do single-file one-shot writes to them.

Test Plan:
  - Tried to upload a large file with vanilla uploader, got better error message.
  - Uploaded small and large files with drag and drop.
  - Viewed {nav Files > Help/Options}.

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: epriestley

Maniphest Tasks: T7621

Differential Revision: https://secure.phabricator.com/D12110
2015-03-18 19:06:39 -07:00
epriestley
bd2eaad04f Add "phabricator.silent" for stopping all outbound events from an install
Summary:
Ref T7522. This is mostly useful in the cluster, but could be useful for external installs too.

If you want to import an instance into a test/dry-run state (in the cluster, to test an import; in the general case, to do something like test new hardware or configuration), you currently risk spamming users with a lot of duplicate notifications. In particular, if Phabricator tracks remotes, both instances will continue importing commits and sending email about them. Both instances will try to publish to mirrors, too, which could be bad news, and both instances will try to update linked services.

Instead, provide a flag to let an instance run in "silent mode", which disables all outbound messaging and data.

We need to remember to support this flag on any new outbound channels, but we add about one of those per year so I think that's reasonable.

Test Plan:
  - Flipped config.
  - Saw it void email, feed and mirroring.
  - Didn't test SMS since it's not really in use yet and not convenient to test.
  - (Can you think of any publishing I missed?)

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: epriestley

Maniphest Tasks: T7522

Differential Revision: https://secure.phabricator.com/D12109
2015-03-18 07:09:43 -07:00
epriestley
8a6acf88e0 Fix a debugging value value for post_max_size
Although 3200MB is nice, 32MB is plenty.
2015-03-15 11:57:50 -07:00
epriestley
7482d260b0 Rewrite file documentation to be chunk-aware
Summary:
Ref T7149. We can simplify configuration somewhat by removing the upload limit setting, now that we support arbitrarily large files.

  - Merge configuration documentation.
  - Tell users to set things to at least 32MB. This is 8MB maximum one-shot file + 4x headroom. Chunk sizes are 4MB.

Test Plan:
  - Faked all the setup warnings.
  - Read documentation.
  - Uploaded some files.

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: epriestley

Maniphest Tasks: T7149

Differential Revision: https://secure.phabricator.com/D12083
2015-03-15 11:37:47 -07:00
epriestley
bc28b2c3a8 Examine fewer daemons for variant config
Summary:
Right now, if a daemon dies it can leave the setup warning around for like 10 minutes or something until we reap it.

Tighten the warning so we only care about actively running daemons.

Test Plan: Checked setup issues.

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: epriestley

Differential Revision: https://secure.phabricator.com/D12088
2015-03-15 11:31:07 -07:00
epriestley
e2296a0ff7 Modernize file storage engine selection
Summary:
Fixes T5843. File storage engines use a very old "selector" mechanism which makes them difficult to extend.

This mechanism predates widespread use of `PhutilSymbolLoader` to discover available implementations at runtime. Runtime discovery has generally proven more flexible and easier to use than explicit selection (although it sometimes needs more UI to support it in cases where order or enabled/disabled flags can not be directly determined).

Use a modern runtime discovery mechanism instead of an explicit selector. This might break any installs which subclassed the `Selector`, but I believe almost no such installs exist, and they'll receive a meaningful exception upon upgrading (any custom engines will no longer implement all of the required methods).

Looking forward, this modernizes infrastructure to prepare for new "virtual" chunked-storage engines, with the eventual goal of supporting very large file uploads and data import into the Phacility cluster.

This uses D12051 to add UI to make it easier to understand the state of storage engines.

Test Plan:
Used new UI panel to assess storage engines:

{F336270}

  - Uploaded a small file, saw it go to MySQL engine.
  - Uploaded a larger file, saw it go to S3 engine.

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: epriestley

Maniphest Tasks: T5843

Differential Revision: https://secure.phabricator.com/D12053
2015-03-12 13:28:53 -07:00
Chad Little
076cc6ed7e Change setErrorView to setInfoView in PHUIObjectBoxView
Summary: Renames the method in PHUIObjectBoxView to match the new PHUIInfoView class.

Test Plan: grepped codebase. Went to Calendar and tried a new status.

Reviewers: btrahan, epriestley

Reviewed By: epriestley

Subscribers: Korvin, epriestley

Differential Revision: https://secure.phabricator.com/D12005
2015-03-06 17:03:18 -08:00
cpettet
a43e7b292c phd.verbose config key description typo
Summary: Miniscule typo patch.

Test Plan: None really!

Reviewers: #blessed_reviewers, epriestley

Reviewed By: #blessed_reviewers, epriestley

Subscribers: epriestley

Differential Revision: https://secure.phabricator.com/D11986
2015-03-05 10:41:19 -08:00
Chad Little
e5e3eb357f New Admin Welcome Screen
Summary: Somewhat easier to parse and present information, with ICONS.

Test Plan:
Rebuilt current view with new layout. Tested toggling on and off some of the entries.

{F327816}

Reviewers: btrahan, epriestley

Reviewed By: epriestley

Subscribers: Korvin, epriestley

Differential Revision: https://secure.phabricator.com/D11938
2015-03-02 15:42:25 -08:00
Chad Little
2d50712aad Add fluid-view as an option for PHUIDocumentView
Summary: Fixes some UIExample UI issues, adds a new full-width setting for DocumentView

Test Plan:
Test UIExamples at desktop and mobile breakpoints

{F327446}

Reviewers: btrahan, epriestley

Reviewed By: epriestley

Subscribers: Korvin, epriestley

Maniphest Tasks: T7431

Differential Revision: https://secure.phabricator.com/D11933
2015-03-02 12:08:04 -08:00
epriestley
184619730f Fix an issue with collation construction on "sort" columns for old MySQL
Summary:
Fixes T7422. We'll currently choose a "binary" charset with a "utf8_general_ci" collation on "sort" columns on older MySQL, which seems to be causing problems.

Choose "utf8" in this case instead.

(I attempted to simplify the logic, too, but that's the only actual change.)

Test Plan: Went back and forth with `--disable-utf8mb4` on `storage adjust`, but this is version dependent so I'm not 100% sure it's the right fix.

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: epriestley

Maniphest Tasks: T7422

Differential Revision: https://secure.phabricator.com/D11928
2015-03-02 09:57:55 -08:00
epriestley
d69a6b8490 Improve error messages when specifying bad set or list to bin/config
Summary: Fixes T7308. Multiple users have encountered confusion around how they should specify a set or list in JSON; provide examples.

Test Plan:
```
epriestley@orbital ~/dev/phabricator $ ./bin/config set files.image-mime-types true
Usage Exception: Config key 'files.image-mime-types' is of type 'set'. Specify it in JSON. For example:

    ./bin/config set '{"value1": true, "value2": true}'

epriestley@orbital ~/dev/phabricator $ ./bin/config set cluster.addresses true
Usage Exception: Config key 'cluster.addresses' is of type 'list<string>'. Specify it in JSON. For example:

    ./bin/config set '["a", "b", "c"]'

epriestley@orbital ~/dev/phabricator $
```

Reviewers: btrahan, chad

Reviewed By: chad

Subscribers: epriestley

Maniphest Tasks: T7308

Differential Revision: https://secure.phabricator.com/D11925
2015-03-02 07:51:19 -08:00
Chad Little
c038c643f4 Move PHUIErrorView to PHUIInfoView
Summary: Since this element isn't strictly about errors, re-label as info view instead.

Test Plan: Grepped for all callsites, tested UIExamples and a few other random pages.

Reviewers: btrahan, epriestley

Reviewed By: epriestley

Subscribers: hach-que, Korvin, epriestley

Differential Revision: https://secure.phabricator.com/D11867
2015-03-01 14:45:56 -08:00
Joshua Spence
eec2d145df Add abstract getGroup() method
Summary: In D11722, a `getGroup()` method was added to all subclasses of `PhabricatorApplicationConfigOptions`, but no abstract method was added to the base class. This will fail if a custom `*ConfigOptions` class does not provide a `getGroup()` method, in which case `$group->getGroup()` (in `PhabricatorConfigListController`) will fatal.

Test Plan: N/A

Reviewers: epriestley, #blessed_reviewers

Reviewed By: epriestley, #blessed_reviewers

Subscribers: epriestley

Differential Revision: https://secure.phabricator.com/D11756
2015-03-01 09:47:10 +11:00
Chad Little
0a8eee37a1 Bump monospace font +1px when using Source Sans Pro
Summary: This diff moves the default monospace font from a Global Default config value to CSS. What this will allow is some flexibility in changing this font in other areas (like Diviner and DocumentView) without changing the defaults globally. However if the admin sets a config value or a user sets a config value, that value will trump all settings in the CSS files with an !important declaration in the page head.

Test Plan:
Currently tested:

- Setting no value
- Setting an admin value
- Setting a user value

Verify remarkup blocks in Differential, Diviner, Conpherence, and Diffusion look as expected.

Reviewers: btrahan, epriestley

Reviewed By: epriestley

Subscribers: Korvin, epriestley

Differential Revision: https://secure.phabricator.com/D11597
2015-02-28 14:37:31 -08:00
Chad Little
2476cfba3d Move ui.custom_header to UI Config
Summary: Moves the setting from Core to UI, also adds a link to the task for further instructions.

Test Plan: Load up config in sandbox, see new instructions.

Reviewers: btrahan, epriestley

Reviewed By: epriestley

Subscribers: Korvin, epriestley

Maniphest Tasks: T4214

Differential Revision: https://secure.phabricator.com/D11900
2015-02-26 17:36:07 -08:00
epriestley
a5426221b1 Improve "Host" header check
Summary: See IRC. This check is somewhat misleading right now because it could arise from a mangled/broken Host header rather than a bad `phabricator.base-uri` configuration.

Test Plan: Faked this to trip, read all the text.

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: epriestley

Differential Revision: https://secure.phabricator.com/D11894
2015-02-26 14:37:48 -08:00
epriestley
9e82cfcc21 Use utf8_general_ci for "sort" columns in old MySQL
Summary:
Fixes T7287. This trades off 4-byte character support for case insensitivity in these columns, which is a much better trade on the balance.

Also adds more warnings about old MySQL. Note that we already issue a warning when you run "storage adjust" (which I've made stronger) and already "strongly recommend" MySQL 5.5 or newer in the install documentation.

Test Plan:
  - Ran `storage adjust --disable-utf8mb4` to go to old definitions, then ran `storage adjust` to get back to the new ones. Everything seemed OK in both cases.
  - Verified that utf8mb4 data can be migrated out of these colums with `--unsafe` (which will truncate).
  - Verified that manual explains this.
  - Faked my way into the setup warning.

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: epriestley

Maniphest Tasks: T7287

Differential Revision: https://secure.phabricator.com/D11893
2015-02-26 10:18:54 -08:00
Bob Trahan
315aa4b000 UI - add ability to customize header logo
Summary: Fixes T7165. Let users specify a file phid in config, and then use that file via an inline style tag. Also, cache the URI so that we don't have to query the file on every page load.

Test Plan: {F319050}

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: Korvin, epriestley

Maniphest Tasks: T7165

Differential Revision: https://secure.phabricator.com/D11886
2015-02-25 12:00:36 -08:00
epriestley
af303f458b Convert taskmasters to use an autoscale pool
Summary: Ref T7352. This is pretty straightforward. I renamed `phd.start-taskmasters` to `phd.taskmasters` for clarity.

Test Plan:
  - Ran `phd start`, `phd start --autoscale-reserve 0.25`, `phd restart --autoscale-reserve 0.25`, etc.
  - Examined PID file to see options were passed.
  - I'm defaulting this off (0 reserve) and making it a flag rather than an option because it's a very advanced feature which is probably not useful outside of instancing.

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: epriestley

Maniphest Tasks: T7352

Differential Revision: https://secure.phabricator.com/D11871
2015-02-24 14:50:38 -08:00
epriestley
29fd3f136b Allow columns to be marked as nonmutable (so save() will not change them)
Summary:
Ref T6840. This feels a little dirty; open to alternate suggestions.

We currently have a race condition where multiple daemons may load a commit and then save it at the same time, when processing "reverts X" text. Prior to this feature, two daemons would never load a commit at the same time.

The "reverts X" load/save has no effect (doesn't change any object properties), but it will set the state back to the loaded state on save(). This overwrites any flag updates made to the commit in the meantime, and can produce the race in T6840.

In other cases (triggers, harbormaster, repositories) we deal with this kind of problem with "append-only-updates + single-consumer", or a bunch of locking. There isn't really a good place to add a single consumer for commits, since a lot of daemons need to access them. We could move the flags column to a separate table, but this feels pretty complicated. And locking is messy, also mostly because we have so many consumers.

Just exempting this column (which has unusual behavior) from `save()` feels OK-ish? I don't know if we'll have other use cases for this, and I like it even less if we never do, but this patch is pretty small and feels fairly understandable (that said, I also don't like that it can make some properties just silently not update if you aren't on the lookout).

So, this is //a// fix, and feels simplest/least-bad for the moment to me, I thiiink.

Test Plan: Added and executed unit tests.

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: epriestley

Maniphest Tasks: T6840

Differential Revision: https://secure.phabricator.com/D11822
2015-02-19 10:37:17 -08:00
epriestley
751ffe123d Support HTTP Strict Transport Security
Summary:
Ref T4340. The attack this prevents is:

  - An adversary penetrates your network. They acquire one of two capabilities:
    - Your server is either configured to accept both HTTP and HTTPS, and they acquire the capability to observe HTTP traffic.
    - Or your server is configured to accept only HTTPS, and they acquire the capability to control DNS or routing. In this case, they start a proxy server to expose your secure service over HTTP.
  - They send you a link to `http://secure.service.com` (note HTTP, not HTTPS!)
  - You click it since everything looks fine and the domain is correct, not noticing that the "s" is missing.
  - They read your traffic.

This is similar to attacks where `https://good.service.com` is proxied to `https://good.sorvace.com` (i.e., a similar looking domain), but can be more dangerous -- for example, the browser will send (non-SSL-only) cookies and the attacker can write cookies.

This header instructs browsers that they can never access the site over HTTP and must always use HTTPS, defusing this class of attack.

Test Plan:
  - Configured HTTPS locally.
  - Accessed site over HTTP (got application redirect) and HTTPS.
  - Enabled HSTS.
  - Accessed site over HTTPS (to set HSTS).
  - Tore down HTTPS part of the server and tried to load the site over HTTP. Browser refused to load "http://" and automatically tried to load "https://". In another browser which had not received the "HSTS" header, loading over HTTP worked fine.
  - Brought the HTTPS server back up, things worked fine.
  - Turned off the HSTS config setting.
  - Loaded a page (to set HSTS with expires 0, diabling it).
  - Tore down the HTTPS part of the server again.
  - Tried to load HTTP.
  - Now it worked.

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: epriestley

Maniphest Tasks: T4340

Differential Revision: https://secure.phabricator.com/D11820
2015-02-19 10:33:48 -08:00
epriestley
e5b402d13f Lock all reply-handler options in the upstream, plus cookie prefix
Summary:
Ref T7185. These settings shouldn't be unlocked anywhere. Specifically:

  - `reply-handler`: These are on the way out.
  - `reply-handler-domain`: Also hopefully on the way out; locked because a compromised administrator account can redirect replies.
  - `phabricator.cookie-prefix`: Not dangerous per se, but an admin could have a hard time fixing this if they changed it by accident since their session would become invalid immediately.

Test Plan: Browsed Config.

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: epriestley

Maniphest Tasks: T7185

Differential Revision: https://secure.phabricator.com/D11764
2015-02-13 11:00:09 -08:00
epriestley
ebebeb8f7c Upgrade "masked" config to "hidden"
Summary:
Ref T7185. We currently have "locked", "masked", and "hidden" config.

However, "masked" does not really do anything. It was intended to mask values in DarkConsole, but Config got built out instead and "hidden" is strictly better in modern usage and protects against compromised administrator accounts. "hidden" implies "locked", so it's now strictly more powerful than just locked.

Remove "masked" and upgrade all "masked" config to "hidden". In particular, this hides some API keys and secret keys much more aggressively in Config, which is desirable.

Test Plan: Browsed things like S3 API keys in config and could no longer see them.

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: epriestley

Maniphest Tasks: T7185

Differential Revision: https://secure.phabricator.com/D11763
2015-02-13 10:59:50 -08:00
epriestley
f74fa49636 Clean up a text string
Summary: Pretty sure this was me derping, not trying to make a joke.

Test Plan: New text makes sense.

Reviewers: btrahan, chad

Reviewed By: chad

Subscribers: epriestley

Differential Revision: https://secure.phabricator.com/D11762
2015-02-13 07:03:09 -08:00
Bob Trahan
d598edc5f3 MetaMTA - update documentation and make config a tad easier
Summary: Fixes T7088. Mainly this updates the documentation but I also snuck in tweaking how the domain reply handler is built. This does two main things -- makes the behavior consistent as some applications who didn't override this behavior would send out emails with reply tos AND makes it easier for us to deprecate the custom domain thing on a per application basis, which is just silly. On that note, the main documentation doesn't get into how this can be overridden, though I left in that mini blurb on the config setting itself. We could deprecate this harder and LOCK things if you want as well.

Test Plan: read docs, looked good. reasoned through re-factor

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: Korvin, epriestley

Maniphest Tasks: T7088

Differential Revision: https://secure.phabricator.com/D11725
2015-02-12 11:05:39 -08:00
epriestley
d4680a7e4e Update Phabricator to work with more modular translations
Summary:
Ref T7152. Ref T1139. This updates Phabricator so third-party libraries can translate their own stuff. Also:

  - Hide "All Caps" when not in development mode, since some users have found this a little confusing.
  - With other changes, adds a "Raw Strings" mode (development mode only).
  - Add an example silly translation to make sure the serious business flag works.
  - Add a basic British English translation.
  - Simplify handling of translation overrides.

Test Plan:
  - Flipped serious business / development on and off and saw silly/development translations drop off.
  - Switched to "All Caps" and saw all caps.
  - Switched to Very English, Wow!
  - Switched to British english and saw "colour".

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: epriestley

Maniphest Tasks: T7152, T1139

Differential Revision: https://secure.phabricator.com/D11747
2015-02-11 13:02:35 -08:00
epriestley
187836b8a9 Show open setup issue keys in "title" attribute of setup issues warning
Summary:
Ref T7184. I managed to write a phantom setup issue which fails normally and succeeds when looked at carefully, so clicking "you have open issues..." always cleared them. This made it very difficult to figure out what the problem was.

Show issue keys in the "title" attribute to make this sort of thing easier to deal with.

Test Plan: Moused over "You have issues..." text, saw issue key, quickly fixed issue with new information.

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: epriestley

Maniphest Tasks: T7184

Differential Revision: https://secure.phabricator.com/D11743
2015-02-11 13:00:59 -08:00
epriestley
a3f380a695 Make setup check groups more robust against fataling existing subclasses
Auditors: chad
2015-02-10 16:53:38 -08:00
Chad Little
b701313e0e Split Setup Issues into Groups
Summary: Groups setup issues into Important, PHP, MySQL, and Base for easier parsing on initial installations.

Test Plan:
Test my internal server and various issues.

{F289699}

Reviewers: btrahan, epriestley

Reviewed By: epriestley

Subscribers: Korvin, epriestley

Maniphest Tasks: T7207

Differential Revision: https://secure.phabricator.com/D11726
2015-02-10 12:53:00 -08:00
Bob Trahan
91a1f56a4c Subversion - set minimum required version to 1.5
Summary: Fixes T7228.

Test Plan: hacked $version to be '1.4' and saw the proper error message

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: Korvin, epriestley

Maniphest Tasks: T7228

Differential Revision: https://secure.phabricator.com/D11732
2015-02-10 12:07:18 -08:00
Joshua Spence
aaf8d73ec7 Fix pht method calls
Summary: Ref T7046. This is mainly a proof-of-concept for D11661.

Test Plan: `arc lint`

Reviewers: #blessed_reviewers, epriestley

Reviewed By: #blessed_reviewers, epriestley

Subscribers: Korvin, epriestley

Maniphest Tasks: T7046

Differential Revision: https://secure.phabricator.com/D11680
2015-02-10 18:57:45 +11:00
Chad Little
ae7dc8b9d2 Add getGroup to ConfigOptions
Summary: Adds core and apps grouping to configuration options, makes it somewhat easier to browse config options.

Test Plan: Set each option, review list. Breakdown is nearly 50/50 apps/core.

Reviewers: btrahan, epriestley

Reviewed By: epriestley

Subscribers: Korvin, epriestley

Differential Revision: https://secure.phabricator.com/D11722
2015-02-09 13:10:56 -08:00
epriestley
74ea59235a Make the "daemons and web have different config" warning more specific
Summary:
I'm hitting this in the cluster and couldn't figure it out after staring at it for a couple minutes. Produce a better error.

This dumps a hash of each configuration key value which is set to a non-default value into the daemon log. This is much more compact than the full config, and doesn't spread secrets around, so it seems like a good balance between providing information and going crazy with it.

Test Plan: {F284139}

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: epriestley

Differential Revision: https://secure.phabricator.com/D11699
2015-02-05 14:07:35 -08:00
epriestley
f96b258302 Restore the "alternate file domain" setup warning and provide CDN instructions
Summary:
Fixes T2380. Fixes T2382. Users should really configure this, but when we had a warning before a lot of users had trouble with it.

  - Tout performance benefits.
  - Document easy setup via CDN.
  - We have an "Ignore" button now for users who really don't care.

Test Plan:
  - Set up `admin.phacility.com` through AWS CloudFront (need a few changes to handle instances to put it on the cluster in general).
  - Set up `secure.phabricator.com` through CloudFlare (almost; waiting for DNS).

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: chad, epriestley

Maniphest Tasks: T2382, T2380

Differential Revision: https://secure.phabricator.com/D11649
2015-02-03 11:51:41 -08:00
Chad Little
d7b9b8b2ce ConfigIssueView minor tweaks
Summary: Minor, adds border, reduces greys, etc.

Test Plan:
View a number of config issues, see new colors.

{F282035}

Reviewers: btrahan, epriestley

Reviewed By: epriestley

Subscribers: Korvin, epriestley

Differential Revision: https://secure.phabricator.com/D11650
2015-02-03 09:07:00 -08:00
Chad Little
99292c5c6a Use icons with Config Options page
Summary: This sets an icon for each config, makes it easier to scan.

Test Plan:
Reload Config page, see all new icons

{F281089}

Reviewers: btrahan, epriestley

Reviewed By: epriestley

Subscribers: Korvin, epriestley

Differential Revision: https://secure.phabricator.com/D11619
2015-02-02 10:17:25 -08:00
Chad Little
3da38c74da PHUIErrorView
Summary: Clean up the error view styling.

Test Plan:
Tested as many as I could find, built additional tests in UIExamples

{F280452}

{F280453}

Reviewers: btrahan, epriestley

Reviewed By: epriestley

Subscribers: hach-que, Korvin, epriestley

Differential Revision: https://secure.phabricator.com/D11605
2015-02-01 20:14:56 -08:00
Chad Little
8b06804394 Remove getIconName from all applications
Summary: Not used anymore

Test Plan: grep for 'getIconName'

Reviewers: btrahan, epriestley

Reviewed By: epriestley

Subscribers: hach-que, Korvin, epriestley

Differential Revision: https://secure.phabricator.com/D11582
2015-01-30 12:11:21 -08:00
epriestley
c2efa9065c Raise a setup warning for an unparseable VCS binary version
Summary:
Hit this locally, with an error like:

> Version <empty string> is older than 1.9, the minimum supported version.

(Where `<empty string>` was just the empty string, not literally the text `<empty string>`.)

Be more careful about parsing versions, and parse the newer string.

Test Plan: Got "unknown version" with intentionally-broken test data, then clean readout.

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: epriestley

Differential Revision: https://secure.phabricator.com/D11558
2015-01-29 14:28:49 -08:00
epriestley
8798083ad9 Proxy VCS SSH requests
Summary: Fixes T7034. Like HTTP, proxy requests to the correct host if a repository has an Almanac service host.

Test Plan: Ran VCS requests through the proxy.

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: epriestley

Maniphest Tasks: T7034

Differential Revision: https://secure.phabricator.com/D11543
2015-01-28 14:41:24 -08:00
Chad Little
170dc15c05 Make border conditional in crumbs
Summary: Add a setBorder call to CrumbsView to be more deliberate when a border is drawn. Could not find any CSS hacks to set it conditionally CSS.

Test Plan: Browsed every application that called crumbs and make a design decision. Also fixed a few bad layouts.

Reviewers: btrahan, epriestley

Reviewed By: btrahan

Subscribers: Korvin, epriestley

Differential Revision: https://secure.phabricator.com/D11533
2015-01-28 09:33:49 -08:00
epriestley
d8550c114d Promote instance identity to the upstream and pass it to commit hooks
Summary:
Fixes T7019. In a cluster environment, pushes currently fail because the commit hook can't identify the instance.

For web processes, the hostname identifies the instance -- but we don't have a hostname in the hook.

For CLI processes, the environment identifies the instance -- but we don't have an environment in the hook under SVN.

Promote the instance identifier into the upstream and pack/unpack it explicitly for hooks. This is probably not useful for anyone but us, but the amount of special-purpose code we're introducing is very small.

I poked at trying to do this in a more general way, but:

  - We MUST know this BEFORE we run code, so the normal subclassing stuff is useless.
  - I couldn't come up with any other parameter which might ever be useful to pass in.

Test Plan: Used `git push` to push code through proxied HTTP, got a clean push.

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: epriestley

Maniphest Tasks: T7019

Differential Revision: https://secure.phabricator.com/D11495
2015-01-27 14:51:48 -08:00
Chad Little
d3d480fcf0 Give Config History a sidenav
Summary: Adds in the sidenav

Test Plan: Click on sidenav, see it persist

Reviewers: btrahan, epriestley

Reviewed By: epriestley

Subscribers: Korvin, epriestley

Differential Revision: https://secure.phabricator.com/D11526
2015-01-27 12:26:15 -08:00
Chad Little
7140e23b50 Updates 2015-01-25 08:01:28 -08:00
Chad Little
5d8bb61dde Add FontIcon bridge to AppIcons
Summary: Select a similar or better FontAwesome icon to represent each application

Test Plan: Visual inspection

Reviewers: epriestley, btrahan

Subscribers: hach-que, Korvin, epriestley

Differential Revision: https://secure.phabricator.com/D11489
2015-01-24 23:43:01 -08:00
Joshua Spence
c2ac63e9ad Increase visibility of PhabricatorController::buildApplicationMenu methods
Summary: Ref T6822. This method needs to be `public` because it is called from `PhabricatorApplicationSearchController::buildApplicationMenu()`.

Test Plan: I wouldn't expect //increasing// method visibility to break anything.

Reviewers: #blessed_reviewers, epriestley

Reviewed By: #blessed_reviewers, epriestley

Subscribers: Korvin, epriestley

Maniphest Tasks: T6822

Differential Revision: https://secure.phabricator.com/D11416
2015-01-16 07:41:26 +11:00
Bob Trahan
923096efc8 Config - add phd.variant-config to suppress "Daemon & Web config" error message on a per key basis
Summary: Fixes T6959.

Test Plan: When I was ready to test the feature, the "Daemon & Web config" error already showed up, from having added phd.variant-config. I went meta and changed the value of phd.variant-config to have phd.variant-config. The config error disappeared. I then changed the conpherence setting about conpherence email prefix and the error showed up again. Removing the conpherence config setting made the error disappear once more.

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: Korvin, epriestley

Maniphest Tasks: T6959

Differential Revision: https://secure.phabricator.com/D11399
2015-01-14 13:46:31 -08:00
Joshua Spence
463d094f96 Fix method visibility for PhabricatorPolicyAwareQuery subclasses
Summary: Ref T6822.

Test Plan:
`grep` for the following:

  - `->willFilterPage(`
  - `->loadPage(`
  - `->didFilterPage(`
  - `->getReversePaging(`
  - `->didFilterPage(`
  - `->willExecute(`
  - `->nextPage(`

Reviewers: #blessed_reviewers, epriestley

Reviewed By: #blessed_reviewers, epriestley

Subscribers: hach-que, Korvin, epriestley

Maniphest Tasks: T6822

Differential Revision: https://secure.phabricator.com/D11367
2015-01-14 07:01:16 +11:00
Joshua Spence
d6b882a804 Fix visiblity of LiskDAO::getConfiguration()
Summary: Ref T6822.

Test Plan: `grep`

Reviewers: epriestley, #blessed_reviewers

Reviewed By: epriestley, #blessed_reviewers

Subscribers: hach-que, Korvin, epriestley

Maniphest Tasks: T6822

Differential Revision: https://secure.phabricator.com/D11370
2015-01-14 06:54:13 +11:00
Bob Trahan
1a997fb0df Config - fix management scripts with --database parameter
Summary: Fixes T6923. Turns out we can't use the editor since we don't have a user with a phid (just some omnipotent guy).

Test Plan: ./bin/config set --database syntax.filemap '{}'; ./bin/config delete --database syntax.filemap

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: Korvin, epriestley

Maniphest Tasks: T6923

Differential Revision: https://secure.phabricator.com/D11301
2015-01-09 13:58:11 -08:00
epriestley
9e0f70e17d Rewrite Aphlict to use Websockets
Summary:
Fixes T6559. No more flash, use Websockets. This is less aggressive than the earlier version, and retains more server logic.

  - Support "wss".
  - Make the client work.
  - Remove "notification.user" entirely.
  - Seems ok?

Test Plan:
In Safari, Firefox and Chrome, saw the browsers connect. Made a bunch of comments/updates and saw notifications.

Notable holes in the test plan:

  - Haven't tested "wss" yet. I'll do this on secure.
  - Notifications are //too fast// now, locally. I get them after I hit submit but before the page reloads.
  - There are probably some other rough edges, this is a fairly big patch.

Reviewers: joshuaspence, btrahan

Reviewed By: joshuaspence, btrahan

Subscribers: fabe, btrahan, epriestley

Maniphest Tasks: T6713, T6559

Differential Revision: https://secure.phabricator.com/D11143
2015-01-08 10:03:00 -08:00
Joshua Spence
e7f8e79742 Fix method visibility for PhabricatorController subclasses
Summary: Ref T6822.

Test Plan: Visual inspection. These methods are only called from within `PhabricatorController` subclasses.

Reviewers: #blessed_reviewers, epriestley

Reviewed By: #blessed_reviewers, epriestley

Subscribers: Korvin, epriestley

Maniphest Tasks: T6822

Differential Revision: https://secure.phabricator.com/D11241
2015-01-07 07:34:59 +11:00
Joshua Spence
2c855a8993 Fix method visibility for PhabricatorConfigStorageSchema methods
Summary: Ref T6822.

Test Plan: Visual inspection. These methods are only called from within the `PhabricatorConfigStorageSchema` class.

Reviewers: #blessed_reviewers, epriestley

Reviewed By: #blessed_reviewers, epriestley

Subscribers: Korvin, epriestley

Maniphest Tasks: T6822

Differential Revision: https://secure.phabricator.com/D11247
2015-01-07 07:33:52 +11:00
epriestley
fa7bb8ff7a Add cluster.addresses and require membership before accepting cluster authentication tokens
Summary:
Ref T2783. Ref T6706.

  - Add `cluster.addresses`. This is a whitelist of CIDR blocks which define cluster hosts.
  - When we recieve a request that has a cluster-based authentication token, require the cluster to be configured and require the remote address to be a cluster member before we accept it.
    - This provides a general layer of security for these mechanisms.
    - In particular, it means they do not work by default on unconfigured hosts.
  - When cluster addresses are configured, and we receive a request //to// an address not on the list, reject it.
    - This provides a general layer of security for getting the Ops side of cluster configuration correct.
    - If cluster nodes have public IPs and are listening on them, we'll reject requests.
    - Basically, this means that any requests which bypass the LB get rejected.

Test Plan:
  - With addresses not configured, tried to make requests; rejected for using a cluster auth mechanism.
  - With addresses configred wrong, tried to make requests; rejected for sending from (or to) an address outside of the cluster.
  - With addresses configured correctly, made valid requests.

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: epriestley

Maniphest Tasks: T6706, T2783

Differential Revision: https://secure.phabricator.com/D11159
2015-01-02 15:13:41 -08:00
epriestley
08126d3904 Improve top-level exception handling
Summary:
Fixes T6692. Addresses two main issues:

  - The write guard would sometimes not get disposed of on exception pathways, generating an unnecessary secondary error which was just a symptom of the original root error.
    - This was generally confusing and reduced the quality of reports we received because users would report the symptomatic error sometimes instead of the real error.
    - Instead, reflow the handling so that we always dispose of the write guard if we create one.
  - If we missed the Controller-level error page generation (normally, a nice page with full CSS, etc), we'd jump straight to Startup-level error page generation (very basic plain text).
    - A large class of errors occur too early or too late to be handled by Controller-level pages, but many of these errors are not fundamental, and the plain text page is excessively severe.
    - Provide a mid-level simple HTML error page for errors which can't get full CSS, but also aren't so fundamental that we have no recourse but plain text.

Test Plan:
Mid-level errors now produce an intentional-looking error page:

{F259885}

Verified that setup errors still render properly.

@chad, feel free to tweak the exception page -- I just did a rough pass on it. Like the setup error stuff, it doesn't have Celerity, so we can't use `{$colors}` and no other CSS will be loaded.

Reviewers: chad, btrahan

Reviewed By: btrahan

Subscribers: epriestley, chad

Maniphest Tasks: T6692

Differential Revision: https://secure.phabricator.com/D11126
2015-01-02 10:49:27 -08:00
Fabian Stelzer
00495e3a0e remove unused FeedStory object in getTitleForFeed functions
Summary:
Removes an unused PhabricatorFeedStory Parameter from all getTitleForFeed() and getApplicationTransactionTitleForFeed() functions.
Ref D11088 Ref T6545

Test Plan: ran all unit tests and viewed some dashboard feeds

Reviewers: #blessed_reviewers, epriestley

Reviewed By: #blessed_reviewers, epriestley

Subscribers: Korvin, epriestley

Maniphest Tasks: T6545

Differential Revision: https://secure.phabricator.com/D11146
2015-01-02 08:45:43 -08:00
Joshua Spence
a98ec20dba Rename PhabricatorSetupCheck subclasses for consistency
Summary: Ref T5655.

Test Plan: `arc lint` and `arc unit`

Reviewers: #blessed_reviewers, epriestley

Reviewed By: #blessed_reviewers, epriestley

Subscribers: Korvin, epriestley

Maniphest Tasks: T5655

Differential Revision: https://secure.phabricator.com/D11130
2015-01-02 15:27:58 +11:00
Fabian Stelzer
86eb7c0ec4 Settings History
Summary:
Shows a timeline of all modified settings Fixes T6545
Will show all settings (no pagination, should be not so difficult to add if needed but most installs won't have hundreds of settings changes)
I'm not happy by how the PhabricatorConfigTransaction object is instructed to render the config keys but i don't see any other reasonable way.
We could always show the keys though.

Test Plan: Changed settings and called the history page

Reviewers: #blessed_reviewers, epriestley

Reviewed By: #blessed_reviewers, epriestley

Subscribers: Korvin, epriestley

Maniphest Tasks: T6545

Differential Revision: https://secure.phabricator.com/D11088
2015-01-01 06:52:13 -08:00
epriestley
376729b44c Don't check "repository.default-local-path" for readability in a cluster environment
Summary:
Ref T2783. When repository services are defined, skip the check for local repository storage.

In particular, in the Phacility cluster, this path won't exist on web nodes, but nothing will ever try to access it.

Test Plan: Verified new branch gets hit with cluster services defined.

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: epriestley

Maniphest Tasks: T2783

Differential Revision: https://secure.phabricator.com/D11100
2014-12-31 11:50:20 -08:00
epriestley
2fe553761a Increase severity of "phabricator.base-uri" warning
Summary: Fixes T6828.

Test Plan: reading

Reviewers: chad

Reviewed By: chad

Subscribers: epriestley

Maniphest Tasks: T6828

Differential Revision: https://secure.phabricator.com/D11075
2014-12-30 08:01:44 -08:00
epriestley
c8d707caa0 Improve pygments.enabled discussion
Summary: Ref T6533. Provide better instructions around installing, enabling, and troubleshooting Pygments.

Test Plan: Read documentation, viewed config option, clicked links.

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: epriestley, fabe

Maniphest Tasks: T6533

Differential Revision: https://secure.phabricator.com/D11053
2014-12-29 16:15:48 -08:00
Fabian Stelzer
736857d1f6 Setup check to install/enable pygments
Summary: Fixes T6533 - actively prompt the user to install and enable pygments

Test Plan: uninstalled / disabled pygments and checked setup checks

Reviewers: #blessed_reviewers, epriestley

Reviewed By: #blessed_reviewers, epriestley

Subscribers: Korvin, epriestley

Maniphest Tasks: T6533

Differential Revision: https://secure.phabricator.com/D11048
2014-12-29 09:51:40 -08:00
Fabian Stelzer
2fedb6f941 Start phd daemons as the correctly configured user and refuse otherwise
Summary:
Fixes T5196
If no phd.user is configured the behaviour is unchanged besides printing a warning when run as root (Usually i would add an exit(1) here but that would break existing installs who do that).
If phd.user is set and the current user is root it will run the daemon as: su USER -c "command" (I'm not sure if this works for every platform needed)
Otherwise it will refuse to start if configured and current user mismatch.

Test Plan: Stopped & Started phd daemon with various users and different phd.user settings including root

Reviewers: #blessed_reviewers, epriestley

Reviewed By: #blessed_reviewers, epriestley

Subscribers: vinzent, epriestley

Maniphest Tasks: T5196

Differential Revision: https://secure.phabricator.com/D11036
2014-12-23 08:15:51 -08:00
Chad Horohoe
a366f85c11 Properly create Elasticsearch index
Summary:
When the index does not exist and auto_create_index isn't
enabled, running ./bin/index results in a failure. That's
T5990

Instead create an index properly. This also allows us to do
nice things like do a proper mapping and analysis like for
substring matching like outlined by @fabe in T6552.

Test Plan:
Deleted and created index multiple times to verify
proper index creation and usage.

Reviewers: epriestley, #blessed_reviewers

Reviewed By: epriestley, #blessed_reviewers

Subscribers: Korvin, manybubbles, chasemp, fabe, epriestley

Differential Revision: https://secure.phabricator.com/D10955
2014-12-22 13:10:52 -08:00
Fabian Stelzer
853ce5e927 setup warning for mysql with default boolean syntax
Summary: Ref: T6747 add a setup warning if mysql is configured with the default boolean syntax

Test Plan: Run setup checks with default mysql config and then add the desired config option, restart and check again.

Reviewers: #blessed_reviewers, epriestley

Reviewed By: #blessed_reviewers, epriestley

Subscribers: epriestley

Maniphest Tasks: T6747

Differential Revision: https://secure.phabricator.com/D11030
2014-12-22 12:57:15 -08:00
epriestley
2c7be52fc2 Lock phabricator.show-prototypes
Summary:
Two goals:

  - If an attacker compromises an administrator account (without compromising the host itself), they can currently take advantage of vulnerabilities in prototype applications by enabling the applications, then exploiting the vulnerability. Locking this option requires CLI access to enable prototypes, so installs which do not have prototypes enabled have no exposure to security issues in prototype applications.
  - Making this very slightly harder to enable is probably a good thing, given the state of the world and support.

Test Plan: Verified that web UI shows the value is locked and instructs the user to update via the CLI.

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: epriestley

Differential Revision: https://secure.phabricator.com/D10993
2014-12-15 11:00:20 -08:00
Bob Trahan
6ab3f06b6e Transactions - adding willRenderTimeline to handle tricky cases
Summary: Fixes T6693.

Test Plan:
Made a bunch of comments on a diff with differential, being sure to leave inlines here and there. This reproduced the issue in T6693. With this patch this issue no longer reproduces!

Successfully "showed older changes" in Maniphest too.

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: Korvin, epriestley

Maniphest Tasks: T6693

Differential Revision: https://secure.phabricator.com/D10931
2014-12-04 13:58:52 -08:00
Bob Trahan
c2522a89b9 Transactions - deploy buildTransactionTimeline against Config, Pholio, and Projects
Summary: Ref T4712. These are a bit time consuming to test so might as well send off a batch now and again.

Test Plan: foreach impacted controller, made sure the timeline rendered as it did before. for project column and config, noted the "should terminate" UI was also rendered unlike before.

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: Korvin, epriestley

Maniphest Tasks: T4712

Differential Revision: https://secure.phabricator.com/D10923
2014-12-03 12:28:53 -08:00
lkassianik
f7aa87311a Add email preference links to email footers
Summary: Ref T1217, Add link to email preferences to email template

Test Plan: Add comment to object like Maniphest task, check that email has a footer with a link to email preferences.

Reviewers: epriestley, #blessed_reviewers

Reviewed By: epriestley, #blessed_reviewers

Subscribers: Korvin, epriestley

Maniphest Tasks: T1217

Differential Revision: https://secure.phabricator.com/D10883
2014-11-19 17:06:33 -08:00
Bob Trahan
4e5775f1da Config / setup - check for ONLY_FULL_GROUP_BY and warn the user
Summary: Fixes T6243.

Test Plan: simulated having this on by adding 'ONLY_FULL_GROUP_BY' to the $modes array. verified the error message looked nice {F233954}.

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: Korvin, epriestley

Maniphest Tasks: T6243

Differential Revision: https://secure.phabricator.com/D10856
2014-11-14 18:51:39 -08:00
Bob Trahan
c9c4dc1d9b Config - add setup checks for minimum and "bad" versions of VCS software.
Summary: Fixes T3046. Git has no minimum or bad versions; svn has no minimum and the bad version of 1.7.1, and mercurial has a minimum of 1.9 and bad versions 2.2 and 2.1. These error messages are specific about the problem but do not include the details as to what specifically is bad about a given version. I don't think that's really necessary - the details don't help solve the problem and its probably booooooring at best to the average user. The details about a bad version are included in the code however.

Test Plan: hardcoded a VCS array to let me test all the VCS stuff. added some phlog() calls to make sure the VCS version parsing stuff was working correctly relative to the version(s) on my system. played around with setting minimum versions and bad versions and saw good results depending on what I set.

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: Korvin, epriestley

Maniphest Tasks: T3046

Differential Revision: https://secure.phabricator.com/D10852
2014-11-14 14:58:18 -08:00
Scott Kroll
84f741f408 Allow config get to work when db is not functional
Summary: Fixes T6554.

Test Plan:
Run `bin/config get mysql.host` when no db is functional. Should not get an exception, but should see:
```
lang=json
{
  "config" : [
    {
      "key"       : "mysql.host",
      "source"    : "local",
      "value"     : null,
      "status"    : "unset",
      "errorInfo" : null
    },
    {
      "key"       : "mysql.host",
      "source"    : "database",
      "value"     : null,
      "status"    : "error",
      "errorInfo" : "Database source is not configured properly"
    }
  ]
}
```

Reviewers: #blessed_reviewers, epriestley

Reviewed By: #blessed_reviewers, epriestley

Subscribers: epriestley

Maniphest Tasks: T6554

Differential Revision: https://secure.phabricator.com/D10851
2014-11-14 09:12:20 -08:00
Bob Trahan
aeb3a12e13 Config - improve lock message for option phabricator.uninstalled-applications
Summary: Fixes T6175. This particular option is only editable via the Applications application so let the user know that.

Test Plan: saw error message and clicked through to applications app. tried another locked option and saw old message

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: Korvin, epriestley

Maniphest Tasks: T6175

Differential Revision: https://secure.phabricator.com/D10841
2014-11-12 11:31:54 -08:00
Bob Trahan
755c518631 Config migration script bug fix
Summary: i think way back in D10490 I didn't incorporate feedback correctly. make this code right as it fatals in this codepath as is. Fixes T6508.

Test Plan: @joshuaspence to the rescue  (I remain unable to test this effectively with my baby-clean installation.)

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: Korvin, epriestley, joshuaspence

Maniphest Tasks: T6508

Differential Revision: https://secure.phabricator.com/D10833
2014-11-11 15:05:57 -08:00
epriestley
000760b645 Do a better job of handling spec errors during schema adjustment
Summary:
Ref T1191. Currently if a developer forgot to specify a column type, `storage adjust` aborts explosively mid-stream. Instead:

  - Make this a formal error with an unambiugous name/description instead of something you sort of infer by seeing "<unknown>".
  - Make this error prevent generation of adjustment warnings, so we don't try to `ALTER TABLE t CHANGE COLUMN c <unknown>`, which is nonsense.
  - When schemata errors exist, surface them prominiently in `storage adjust`.

Overall:

  - Once `storage upgrade` runs `storage adjust` automatically (soon), this will make it relatively difficult to miss these errors.
  - Letting these errors slip through no longer escalates into a more severe issue.

Test Plan:
Commented out the recent `mailKey` spec and ran `storage adjust`:

```
$ ./bin/storage adjust --force
Verifying database schemata...
Found no adjustments for schemata.

Target                                            Error
phabricator2_phriction.phriction_document.mailKey Column Has No Specification

 SCHEMATA ERRORS

The schemata have serious errors (detailed above) which the adjustment
workflow can not fix.

If you are not developing Phabricator itself, report this issue to the
upstream.

If you are developing Phabricator, these errors usually indicate that your
schema specifications do not agree with the schemata your code actually
builds.
```

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: epriestley

Maniphest Tasks: T1191

Differential Revision: https://secure.phabricator.com/D10771
2014-11-04 04:42:05 -08:00
epriestley
f5c426639c Document the adjustment workflow and warn users about adjusting old MySQL
Summary: Ref T1191. Explain the adjustment workflow, how to resolve common errors, etc.

Test Plan: Read it, clicked doc links.

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: epriestley

Maniphest Tasks: T1191

Differential Revision: https://secure.phabricator.com/D10758
2014-11-01 08:25:05 -07:00
epriestley
4a00e47646 Fix wrong subclass in ConfigIgnore controller
Summary: Fixes T6436. We subclass the wrong controller and miss the admin-only check.

Test Plan: Ignored / unignored set up issues.

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: epriestley

Maniphest Tasks: T6436

Differential Revision: https://secure.phabricator.com/D10765
2014-10-30 15:33:13 -07:00
epriestley
917da08417 Fix various MySQL version issues with new charset stuff
Summary:
Ref T1191. Notable stuff:

  - Adds `--disable-utf8mb4` to `bin/storage` to make it easier to test what things will (approximately) do on old MySQL. This isn't 100% perfect but should catch all the major stuff. It basically makes us pretend the server is an old server.
  - Require utf8mb4 to dump a quickstart.
  - Fix some issues with quickstart generation, notably special casing the FULLTEXT handling.
  - Add an `--unsafe` flag to `bin/storage adjust` to let it truncate data to fix schemata.
  - Fix some old patches which don't work if the default table charset is utf8mb4.

Test Plan:
  - Dumped a quickstart.
  - Loaded the quickstart with utf8mb4.
  - Loaded the quickstart with `--disable-utf8mb4` (verified that we get binary columns, etc).
  - Adjusted schema with `--disable-utf8mb4` (got a long adjustment with binary columns, some truncation stuff with weird edge case test data).
  - Adjusted schema with `--disable-utf8mb4 --unsafe` (got truncations and clean adjust).
  - Adjusted schema back without `--disable-utf8mb4` (got a long adjustment with utf8mb4 columns, some invalid data on truncated utf8).
  - Adjusted schema without `--disable-utf8mb4`, but with `--unsafe` (got truncations on the invalid data).

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: epriestley

Maniphest Tasks: T1191

Differential Revision: https://secure.phabricator.com/D10757
2014-10-29 15:49:29 -07:00
Bob Trahan
5b7353689e Fix a typo in an admin tool
Summary: Fixes T6358.

Test Plan: ran bin/migrate

Reviewers: epriestley, chad

Reviewed By: chad

Subscribers: Korvin, epriestley

Maniphest Tasks: T6358

Differential Revision: https://secure.phabricator.com/D10735
2014-10-21 10:11:55 -07:00
Bob Trahan
c0848bca6d Allow bin/config to affect database configuration and migrate between local and database configuration
Summary: Fixes T4018. Basically hits the bullet points in that task description except the "ideally" one.

Test Plan:
ran bin/config migrate and saw sensible output.

```
~> ./bin/config migrate
Migrating file-based config to more modern config...
Skipping config of source type PhabricatorConfigDatabaseSource...
Skipping config of source type PhabricatorConfigLocalSource...
Skipping config of source type PhabricatorConfigDefaultSource...
Done. Migrated 0 keys.
```

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: hach-que, epriestley, Korvin

Maniphest Tasks: T4018

Differential Revision: https://secure.phabricator.com/D10490
2014-10-08 16:15:05 -07:00
Joshua Spence
3cf9a5820f Minor formatting changes
Summary: Apply some autofix linter rules.

Test Plan: `arc lint` and `arc unit`

Reviewers: #blessed_reviewers, epriestley

Reviewed By: #blessed_reviewers, epriestley

Subscribers: epriestley, Korvin, hach-que

Differential Revision: https://secure.phabricator.com/D10585
2014-10-08 08:39:49 +11:00
epriestley
0ddb187508 Add a setup warning about innodb_buffer_pool_size
Summary: Fixes T6119. This is a little fuzzy, but generally bumping up `innodb_buffer_pool_size` to something bigger than the default (which is often anemic, at `8M`) is desriable, and it seems like it will fix the specific issue a user encountered in T6119.

Test Plan: {F211855}

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: epriestley

Maniphest Tasks: T6119

Differential Revision: https://secure.phabricator.com/D10630
2014-10-02 14:44:36 -07:00
epriestley
d67b7f0f47 Correct column mutations for old versions of MySQL
Summary:
Ref T1191. Although I fixed some of the mutations earlier (in D10598), I missed the column mutations under old versions of MySQL. In particular, this isn't valid:

  - `ALTER TABLE ... MODIFY columnName VARCHAR(64) COLLATE binary`

Issue the permitted version of this instead, which is:

  - `ALTER TABLE ... MODIFY columnName VARBINARY(64)`

Also fixed an issue where a clean schema had the wrong nullability for a column in the draft table. Force it to the expected nullability.

The other trick here is around the one column with a FULLTEXT index on it, which needs a little massaging.

Test Plan:
  - Forced my local install to return `false` for utf8mb4 support.
  - Did a clean adjust into `binary` columns.
  - Poked around, added emoji to things.
  - Reverted the fake check and did a clean adjust into `utf8mb4` columns.
  - Emoji survived.

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: fabe, epriestley

Maniphest Tasks: T1191

Differential Revision: https://secure.phabricator.com/D10627
2014-10-02 14:44:22 -07:00
epriestley
8fa8415c07 Automatically build all Lisk schemata
Summary:
Ref T1191. Now that the whole database is covered, we don't need to do as much work to build expected schemata. Doing them database-by-database was helpful in converting, but is just reudndant work now.

Instead of requiring every application to build its Lisk objects, just build all Lisk objects.

I removed `harbormaster.lisk_counter` because it is unused.

It would be nice to autogenerate edge schemata, too, but that's a little trickier.

Test Plan: Database setup issues are all green.

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: epriestley, hach-que

Maniphest Tasks: T1191

Differential Revision: https://secure.phabricator.com/D10620
2014-10-02 09:51:20 -07:00
epriestley
3c6781b177 Differentiate between "no pygmetnize" and "nonworking pygmentize" during setup
Summary: Fixes T6210. The current messaging may be confusing if `pygmentize` is available but broken.

Test Plan: Faked the binary names and hit the errors, which seemed helpful.

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: epriestley

Maniphest Tasks: T6210

Differential Revision: https://secure.phabricator.com/D10626
2014-10-02 09:48:04 -07:00
epriestley
300172e799 Support AUTO_INCREMENT in bin/storage adjust
Summary:
Ref T1191. When changing the column type of an AUTO_INCREMENT column, we currently may lose the autoincrement attribute.

Instead, support it. This is a bit messy because AUTO_INCREMENT columns interact with PRIMARY KEY columns (tables may only have one AUTO_INCREMENT column, and it must be a primary key). We need to migrate in more phases to avoid this issue.

Introduce new `auto` and `auto64` types to represent autoincrement IDs.

Test Plan:
  - Saw autoincrement show up correctly in web UI.
  - Fixed an autoincrement issue on the XHProf storage table with `bin/storage adjust` safely.

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: epriestley

Maniphest Tasks: T1191

Differential Revision: https://secure.phabricator.com/D10607
2014-10-01 08:24:51 -07:00
epriestley
0d7489da79 Provide bin/storage quickstart to automate generation of quickstart.sql
Summary:
Ref T1191. Currently, the `quickstart.sql` gets generated in a pretty manual fashion. This is a pain, and will become more of a pain in the world of utf8mb4.

Provide a workflow which does upgrade + adjust + dump + destroy, then massages the output to produce a workable `quickstart.sql`.

Test Plan: Inspected output; I'll test this more throughly before actually generating a new quickstart, but that's some ways away.

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: epriestley

Maniphest Tasks: T1191

Differential Revision: https://secure.phabricator.com/D10603
2014-10-01 08:22:37 -07:00
epriestley
1dfa94e571 Use binary collations for most text
Summary:
Ref T1191. For most text columns, we either don't care if "a" and "A" are the same, or we expect them to be different (for example: keys, domains, secrets, etc). Default text columns to the `_bin` collation so they are compared by strict character value. This is safer in cases where we aren't sure.

For some text columns, we allow the user to sort by the column in the UI (like Maniphest task titles) or we do care that "A" and "a" are the same (for example: project names). Introduce a new class of virtual data types, the "sort..." types, to cover these columns. These are like the "text..." types but use sorting collations which treat "A" and "a" the same.

Test Plan:
  - Made an effort to identify all columns where the UI relies on database collation.
  - Ran `bin/storage adjust` and cleared all warnings.

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: beng, epriestley

Maniphest Tasks: T1191

Differential Revision: https://secure.phabricator.com/D10602
2014-10-01 08:18:53 -07:00
epriestley
4fcc634a99 Fix almost all remaining schemata issues
Summary:
Ref T1191. This fixes nearly every remaining blocker for utf8mb4 -- primarily, overlong keys.

Remaining issue is https://secure.phabricator.com/T1191#77467

Test Plan: I'll annotate inline.

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: epriestley, hach-que

Maniphest Tasks: T6099, T6129, T6133, T6134, T6150, T6148, T6147, T6146, T6105, T1191

Differential Revision: https://secure.phabricator.com/D10601
2014-10-01 08:18:36 -07:00
epriestley
22ee8432d2 Allow bin/storage adjust to correct column types and collations
Summary:
Ref T1191. Allow `bin/storage adjust` to modify columns.

  - Although `CREATE TABLE ... colname VARCHAR(64) CHARACTER SET BINARY` works fine, it's actually a trick. Adjust the binary columns for this.

Test Plan: See comment.

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: epriestley

Maniphest Tasks: T6130, T6128, T6135, T6137, T6138, T6149, T6151, T1191

Differential Revision: https://secure.phabricator.com/D10598
2014-10-01 08:17:45 -07:00
epriestley
ab6c6836f4 Remove the "note" database issue status
Summary:
Ref T1191. This was useful for annotating everything but we no longer need it; there are just two types of issues now:

  - Error: stuff we can't fix (missing or surplus tables/database/columns, bad column nullability).
  - Warning: stuff we can fix (column types, character sets, collations, missing or surplus keys, incorrectly defined keys, bad key uniqueness).

Test Plan: Saw 3,399 warnings and 0 errors.

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: epriestley

Maniphest Tasks: T1191

Differential Revision: https://secure.phabricator.com/D10594
2014-10-01 08:00:11 -07:00
epriestley
03519c53bb Mark questionable column nullability for later
Summary:
Ref T1191. Ref T6203. While generating expected schemata, I ran into these columns which seem to have sketchy nullability.

  - Mark most of them for later resolution (T6203). They work fine today and don't need to block T1191. Changing them can break the application, so we can't autofix them.
  - Forgive a couple of them that are sort-of reasonable or going to get wiped out.

Test Plan: Saw 94 remaining warnings.

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: hach-que, epriestley

Maniphest Tasks: T1191, T6203

Differential Revision: https://secure.phabricator.com/D10593
2014-10-01 07:59:44 -07:00
epriestley
4f87adc438 Ignore keys with trailing index on table primary key for now
Summary:
Ref T1191. We have several keys on `<x, y, id>`. When `id` is an auto-increment primary key, I believe this is exactly equivalent to a key on `<x, y>`, because the leaf nodes are implicitly sorted by `id`. We omit the implicit `id` elsewhere.

It would be nice to drop the `id` bit for consistency, but it's not doing any harm and this doesn't need to block the primary work of T1191.

Test Plan: Saw slightly fewer warnings.

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: epriestley

Maniphest Tasks: T1191

Differential Revision: https://secure.phabricator.com/D10592
2014-10-01 07:55:09 -07:00
epriestley
943c62d1e9 Add missing expected keys and uniqueness
Summary:
Ref T1191.

  - Adds definitions for missing keys and keys with wrong uniqueness. Generally, I defined these before fixing the key query to actually pull all keys and support uniqueness.
  - Moves "key uniqueness" to note severity; this is fixable (probably?) and there are no remaining issues.
  - Moves "Missing Key" to note severity; missing keys are fixable and all remaining missing keys are really missing (either missing edge keys, or missing PHID keys):

{F210089}

  - Moves "Surplus Key" to note seveirty; surplus keys are fixable all remaining surplus keys are really surplus (duplicate key in Harbormaster, key on unused column in Worker):

{F210090}

Test Plan:
  - Vetted missing/surplus/unique messages.
  - 146 issues remaining.

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: epriestley

Maniphest Tasks: T1191

Differential Revision: https://secure.phabricator.com/D10590
2014-10-01 07:53:50 -07:00
epriestley
e7b590a1cf Generate expected schemata for Harbormaster
Summary:
Ref T1191. Nothing too notable here:

  - Allow a Lisk object to specify that there's no expectation that a table exists. We have one Harbormaster object and one Token object like this.
  - Removed BuildPlanTransactionComment because it's currently unused.

Test Plan:
  - Saw ~200 fewer warnings; just ~800 left.

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: epriestley

Maniphest Tasks: T1191

Differential Revision: https://secure.phabricator.com/D10583
2014-10-01 07:40:36 -07:00
epriestley
152a62db7a Generate expected Ponder schemata
Summary:
Ref T1191.

  - Removes ponder comment table. This was migrated a very long time ago.

Test Plan:
  - Grepped for removed table.
  - Saw ~100 fewer issues in web UI.

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: epriestley

Maniphest Tasks: T1191

Differential Revision: https://secure.phabricator.com/D10582
2014-10-01 07:37:14 -07:00
epriestley
ac9182af58 Generate expected Project schemata
Summary:
Ref T1191. Notes:

  - Drops the project affiliation table. This is a very old membership table which was migrated to edges.
  - Drops the subproject table. This is a very old table for a removed feature.

Test Plan:
  - Grepped for dropped tables.
  - Saw ~100 fewer setup issues.

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: epriestley

Maniphest Tasks: T1191

Differential Revision: https://secure.phabricator.com/D10581
2014-10-01 07:37:01 -07:00
epriestley
098d0d93d6 Generate expected schemata for User/People tables
Summary:
Ref T1191. Some notes here:

  - Drops the old LDAP and OAuth info tables. These were migrated to the ExternalAccount table a very long time ago.
  - Separates surplus/missing keys from other types of surplus/missing things. In the long run, my plan is to have only two notice levels:
    - Error: something we can't fix (missing database, table, or column; overlong key).
    - Warning: something we can fix (surplus anything, missing key, bad column type, bad key columns, bad uniqueness, bad collation or charset).
    - For now, retaining three levels is helpful in generating all the expected scheamta.

Test Plan:
  - Saw ~200 issues resolve, leaving ~1,300.
  - Grepped for removed tables.

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: epriestley

Maniphest Tasks: T1191

Differential Revision: https://secure.phabricator.com/D10580
2014-10-01 07:36:47 -07:00
epriestley
93681fcdbc Generate expected schemata for Differential
Summary: Ref T1191. No major issues here.

Test Plan: Saw ~150 fewer issues.

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: epriestley

Maniphest Tasks: T1191

Differential Revision: https://secure.phabricator.com/D10577
2014-09-28 15:12:58 -07:00
epriestley
b149cb7e99 Generate expected schemata for Repository
Summary: Ref T1191. Add specs for repository tables.

Test Plan: Saw ~300 fewer schema warnings.

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: epriestley

Maniphest Tasks: T1191

Differential Revision: https://secure.phabricator.com/D10575
2014-09-28 15:12:21 -07:00
epriestley
3c527cc472 Add a setup issue to detect systems vulnerable to "Shellshock"
Summary: Ref T6185. Although it seems that we can't easily defuse or mitigate this, we can at least warn administrators.

Test Plan: Ran on my (unpatched, local) system, got a setup warning.

Reviewers: btrahan, chad

Reviewed By: chad

Subscribers: epriestley

Maniphest Tasks: T6185

Differential Revision: https://secure.phabricator.com/D10561
2014-09-25 11:21:11 -07:00
epriestley
d6639b68d5 Generate expected schemata for MetaMTA, Nuance, MetaData, OAuthServer
Summary: Ref T1191. Handful of minor things here (T6150, T6149, T6148, T6147, T6146) but nothing very noteworthy.

Test Plan: Viewed web UI, saw fewer errors.

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: epriestley

Maniphest Tasks: T1191

Differential Revision: https://secure.phabricator.com/D10527
2014-09-24 13:50:00 -07:00
epriestley
84568eba84 Generate expected schemata for Maniphest
Summary:
Ref T1191.

  - Adds support for custom fields.
  - Adds support for partial indexes (indexes on a prefix of a column).
  - Drops old auxiliary storage table: this was moved to custom field storage about a year ago.
  - Drops old project table: this was moved to edges about two months ago.

Test Plan:
  - Viewed web UI, saw fewer issues.
  - Used `grep` to verify no readers/writers for storage or project table.

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: epriestley

Maniphest Tasks: T1191

Differential Revision: https://secure.phabricator.com/D10526
2014-09-19 11:46:44 -07:00
epriestley
7dabc21154 Load all keys, support unique keys, and provide an "all issues" view
Summary:
Ref T1191. Three parts:

  - The old way of getting key information only got primary / unique / foreign keys, not all keys. Use `SHOW INDEXES` to get all keys instead.
  - Track key uniqueness and raise warnings about it.
  - Add a new "all issues" view to show an expanded, flat view of all issues. This is just an easier way to get a list so you don't have to dig around in the hierarchical view.

Test Plan:
{F206351}

{F206352}

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: epriestley

Maniphest Tasks: T1191

Differential Revision: https://secure.phabricator.com/D10525
2014-09-19 11:46:30 -07:00
epriestley
6bfe8b5984 Generate expected schemata for Calendar
Summary:
Ref T1191.

  - There was a varchar(50) column. I changed it to `text64`, since this length is unusual.
  - There was an int(3) column. I changed it to `int32`, since this length is unusual.

Test Plan: Ran migrations, saw warnings disappear from config tool.

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: epriestley

Maniphest Tasks: T1191

Differential Revision: https://secure.phabricator.com/D10524
2014-09-19 11:46:20 -07:00
epriestley
7499cb24ce Generate expected schemata for Workers, XHProf, PHPAAST, Tokens, System, Slowvote
Summary: T1191. Nothing very notable here.

Test Plan: Saw more blue in web UI.

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: epriestley

Differential Revision: https://secure.phabricator.com/D10522
2014-09-19 05:45:24 -07:00
epriestley
67fbfe6ccc Generate expected schemata for Doorkeeper, Draft, Drydock, Feed
Summary:
Ref T1191. Notable:

  - Allowed objects to remove default columns (some feed tables have no `id`).
  - Added a "note" severity and moved all the charset stuff down to that to make progress more clear.

Test Plan:
Trying to make the whole thing blue...

{F205970}

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: epriestley

Maniphest Tasks: T1191

Differential Revision: https://secure.phabricator.com/D10519
2014-09-18 11:15:49 -07:00
epriestley
8d0f0d1391 Generate expected schemata for Dashboards and Conpherence
Summary:
Ref T1191.

  - Add edge schemata generation.
  - Hit a couple of mostly-minor issues (T6128, T6129, T6130).

Test Plan: Viewed schema in web UI.

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: epriestley

Maniphest Tasks: T1191

Differential Revision: https://secure.phabricator.com/D10518
2014-09-18 11:15:38 -07:00
epriestley
1ead50c2cc Generate reasonable expected schemata for Chatlog, Conduit, Config, Countdown, Daemons
Summary: Ref T1191. Fills in some more of the databases. Nothing very notable here. I didn't encounter any issues or overlong keys.

Test Plan: Used web UI to click around and verify expected schemata match up against actual schemata well.

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: epriestley

Maniphest Tasks: T1191

Differential Revision: https://secure.phabricator.com/D10516
2014-09-18 11:15:29 -07:00
epriestley
9b63f84ff9 Generate reasonable expected schemata for Cache tables
Summary:
Ref T1191. Notable:

  - Rename `blob` to `bytes` for clarity.
  - Introduce raw schema specs.

Test Plan: See screenshots.

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: epriestley

Maniphest Tasks: T1191

Differential Revision: https://secure.phabricator.com/D10501
2014-09-18 08:36:22 -07:00
epriestley
0f73b15a70 Generate reasonable expected schemata for Audit and Auth
Summary: Ref T1191. This fills in some more features and gets audit and auth nearly generating reasonable expected schemata.

Test Plan: See screenshots.

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: epriestley

Maniphest Tasks: T1191

Differential Revision: https://secure.phabricator.com/D10500
2014-09-18 08:32:44 -07:00
epriestley
fb8da6f4af Support key schemata and column nullability
Summary:
Ref T1191. The major issue motivation here is that InnoDB keys have a maximum length of 767 bytes. When we move `utf8` colums to `utf8mb4` columns, they'll jump from 3 bytes per character to 4 bytes per character, which may make some indexes too long. Add key schema to help spot this.

Also add nullability since it doesn't hurt.

Test Plan: See screenshots.

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: epriestley

Maniphest Tasks: T1191

Differential Revision: https://secure.phabricator.com/D10499
2014-09-18 08:32:21 -07:00
epriestley
aa481dba57 Begin generating meaningful expected schemata
Summary:
Ref T1191. This lays some groundwork for generating the expected schemata, so we can compare them to the actual schemata and produce a meaningful diff.

  - In general, each application will subclass `PhabricatorConfigSchemaSpec` and provide a definition of the tables it expects.
  - This class has helper methods to mostly-automatically build table definitions for Lisk and (in the future) edges.
  - When building expected schema, we specify a "data type", like "epoch". This is the type of data the application stores in the column, from the application's point of view. The SchemaSpec converts this into the best avilable storage type: for example, "text" will translate to `utf8mb4` if it's availalbe, or `binary` if not. This gives us a layer of indirection to insulate us from craziness.

Test Plan: See screenshots.

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: epriestley

Maniphest Tasks: T1191

Differential Revision: https://secure.phabricator.com/D10497
2014-09-18 08:25:34 -07:00
epriestley
b24e36706d Generate expected and comparison schemata
Summary:
Ref T1191. This builds on the "view of the database as it exists" by building a view of the database as it is expected to exist (this is mostly empty for now) and comparing the two. We now render a view of the "comparison schema", which is the actual schema merged with the expected schema and annotated with the differences.

(I'm merging them like this because it makes it easier to handle both "missing" and "surpulus" warnings in a consistent way. If we tried to annotate just the actual or expected schema, the absence of components which are expected to exist is messy to handle.)

Test Plan: See screenshots.

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: epriestley

Maniphest Tasks: T1191

Differential Revision: https://secure.phabricator.com/D10496
2014-09-18 08:22:54 -07:00
epriestley
12b53e003b Add a UI for reviewing database schemata
Summary:
Ref T1191. Plan here is:

  - Build a tool showing the current schemata status (this diff).
  - Have it compare the current status to the desired status (partly here, mostly in future diffs).
  - Then add a migration tool, and eventually a setup issue to tell people to run it.

Test Plan:
Reviewed current schemata.

{F204492}

{F204493}

{F204494}

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: epriestley

Maniphest Tasks: T1191

Differential Revision: https://secure.phabricator.com/D10494
2014-09-18 08:22:18 -07:00
epriestley
ea602a082a Fix "are are" in explanatory text
Summary: See rP8806fb0296c2.

Test Plan:
me fail english

with bonus!

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: epriestley

Differential Revision: https://secure.phabricator.com/D10514
2014-09-18 08:21:34 -07:00
epriestley
8806fb0296 Add missing "are" to explanatory text
Summary: See D10493.

Auditors: btrahan
2014-09-17 18:30:00 -07:00
epriestley
298604c9d3 Rename "beta" to "prototype" and document support policy
Summary:
Fixes T6084. Changes:

  - Rename `phabricator.show-beta-applications` to `phabricator.show-prototypes`, to reinforce that these include early-development applications.
  - Migrate the config setting.
  - Add an explicit "no support" banner to the config page.
  - Rename "Beta" to "Prototype" in the UI.
  - Use "bomb" icon instead of "half star" icon.
  - Document prototype applications in more detail.
  - Explicitly document that we do not support these applications.

Test Plan:
  - Ran migration.
  - Resolved "obsolete config" issue.
  - Viewed config setting.
  - Browsed prototypes in Applications app.
  - Viewed documentation.

Reviewers: chad, btrahan

Reviewed By: btrahan

Subscribers: epriestley, hach-que

Maniphest Tasks: T6084

Differential Revision: https://secure.phabricator.com/D10493
2014-09-17 18:25:57 -07:00
epriestley
cae59d8345 Add an option to make it easier to debug page hangs
Summary:
Fixes T6044. We've had two cases (both the same install, coincidentally) where pages got hung doing too much data fetching.

When pages hang, we don't get a useful stack trace out of them, since nginx, php-fpm, or PHP eventually terminates things in a non-useful way without any diagnostic information.

The second time (the recent Macros issue) I was able to walk the install through removing limits on nginx, php-fpm, php, and eventually getting a profile by letting the page run for several minutes until the request completed. However, this install is exceptionally technically proficient and this was still a big pain for everyone, and this approach would not have worked if the page actually looped rather than just taking a long time.

Provide `debug.time-limit`, which should give us a better tool for reacting to this situation: by setting it to a small value (like 10), we'll kill the page after 10 seconds with a trace, before nginx/php-fpm/php/etc can kill it uselessly. Hopefully that will be enough information to find the issue (generally, getting a trace has been 95% of the problem in the two cases we've encountered).

Test Plan: Set this option to `3` and added a sleep loop, saw a termination after 3 seconds with a useful trace.

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: csilvers, joshuaspence, epriestley

Maniphest Tasks: T6044

Differential Revision: https://secure.phabricator.com/D10465
2014-09-11 06:28:21 -07:00
epriestley
d3cd9115f9 Add ui.footer-items to add a custom page footer
Summary: Fixes T6052. Allow installs to link to legal documents, etc., in the page footer.

Test Plan:
  - Configured a footer.
  - Viewed workboards (no footer).
  - Viewed Conpherence (no apparent disruption, I think everything z-indexes over the footer).
  - Viewed stuff on mobile (seems OK).
  - Viewed login page (saw footer).

{F201718}

Reviewers: btrahan, chad

Reviewed By: chad

Subscribers: epriestley

Maniphest Tasks: T6052

Differential Revision: https://secure.phabricator.com/D10466
2014-09-10 14:44:34 -07:00
Joshua Spence
0151c38b10 Apply some autofix linter rules
Summary: Self-explanatory.

Test Plan: Eyeball it.

Reviewers: #blessed_reviewers, epriestley

Reviewed By: #blessed_reviewers, epriestley

Subscribers: epriestley, Korvin

Differential Revision: https://secure.phabricator.com/D10454
2014-09-10 06:55:05 +10:00
epriestley
af842600ce Reword daemon configuration issue in response to user issues
Summary:
Ref T5968. Issues we've seen from users include:

  - Concern about severity ("... Need Restarting").
    - Reduce severity of explanatory text ("Different Config", "not severe").
    - Explain consequences in more detail.
    - In D10420, make "Ignore" easier to find.
    - Scope language for the multi-machine case ("at least one daemon").
  - Confusion about why daemons need restarting.
    - Unbury the lede ("Daemons and Web Have Different Config").
    - Make it clear that the root cause is a different checksum by showing the checksum. (This just hammers home that we're comparing checksums and this issue is about config checksums and we're not making it up, the checksums probably aren't that useful on their own.)
  - Difficulty understanding how to proceed when restarting does not resolve the issue:
    - Call out steps to take on the daemon console explicitly.
    - Walk through troubleshooting PHABRICATOR_ENV.
    - Walk through troubleshooting multiple `local.json`.

Test Plan: {F199245}

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: epriestley

Maniphest Tasks: T5968

Differential Revision: https://secure.phabricator.com/D10421
2014-09-05 12:27:20 -07:00
epriestley
3958bf3677 Make it easier to ignore setup issues
Summary:
Ref T4331. Ref T5968. Users sometimes have trouble figuring out how to ignore issues. The option is a bit hard to spot, especially if you aren't familiar with interfaces yet.
Make it a button on the issue page itself instead.

Test Plan:
Normal issue:

{F199225}

Ignored issue:

{F199226}

Fatal issue:

{F199227}

Reviewers: btrahan, chad

Reviewed By: chad

Subscribers: epriestley

Maniphest Tasks: T4331, T5968

Differential Revision: https://secure.phabricator.com/D10420
2014-09-05 12:26:58 -07:00
epriestley
8efea3abe9 Add a configuration warning when memory_limit will limit file uploads
Summary: Fixes T6011. See that task for discussion. We can detect when `memory_limit` will be the limiting factor for drag-and-drop uploads and warn administrators about it.

Test Plan: Fiddled configuration values and hit, then resolved, the issue.

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: epriestley

Maniphest Tasks: T6011

Differential Revision: https://secure.phabricator.com/D10413
2014-09-04 12:48:34 -07:00
epriestley
957c1d6602 Add a setting for selecting SMTP mail encoding
Summary:
Fixes T5956. We changed the default mail encoding to `quoted-printable` to fix delivery via SendGrid via SMTP, but this broke multiple other mailers.

  - Change the default back to 8bit (which works everywhere except SendGrid).
  - Add a configuration setting for selecting `quoted-printable`.
  - Document this issue.
  - Discourage use of SendGrid in documentation.

(IMPORTANT) @klimek @nickz This reverts the `quoted-printable` fix for SendGrid. You will need to adjust your configurations (set `phpmailer.smtp-encoding` to `quoted-printable`) and restart your daemons or mail will get double newlines again.

Test Plan:
  - Sent mail via SendGrid with various `phpmailer.smtp-encoding` settings, saw mail arrive with specified encoding.

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: klimek, nickz, epriestley

Maniphest Tasks: T5956

Differential Revision: https://secure.phabricator.com/D10397
2014-09-02 10:47:34 -07:00
Bob Trahan
c2874945c8 Daemons - add status of environment to daemon console, etc
Summary: Shows the UI everywhere. Also asort() the keys before calculating the environment hash as that is probably an issue for someone at some point we just don't need to have. Ref T5968.

Test Plan: Viewed the setup check and saw a link to the daemon console. Viewed the daemon console and saw the various stale config daemons. Clicked a daemon and saw a "stale config" header icon where expected. Restarted daemons and all of this went away.

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: epriestley, Korvin

Maniphest Tasks: T5968

Differential Revision: https://secure.phabricator.com/D10367
2014-08-27 11:35:21 -07:00
epriestley
6dd82d86a2 Provide some hints for Amazon RDS configuration
Summary: Fixes T2605. Provide some instructions on configuring RDS properly. The "DB Parameter Group" thing in the web UI seems pretty easy to use, it's just not obvious that it's what you should be using.

Test Plan: Jiggled these warnings to trigger them, viewed the output, saw a table of values and a hint about RDS.

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: epriestley

Maniphest Tasks: T2605

Differential Revision: https://secure.phabricator.com/D10343
2014-08-25 11:41:40 -07:00
epriestley
3275d80cf9 Detect ft_stopword_file being unsupported
Summary:
Ref T2605. For old MySQL, this option is not supported. Catch that and tailor the error.

I couldn't find the first version of MySQL which introduced this optino in order to produce a more useful error. I spent about ~10 minutes looking.

Test Plan: Faked the error, survived setup.

Reviewers: btrahan, chad

Reviewed By: chad

Subscribers: epriestley

Maniphest Tasks: T2605

Differential Revision: https://secure.phabricator.com/D10342
2014-08-25 07:30:39 -07:00
Bob Trahan
6f246bd351 Daemons - add a config check for out of date daemon environment
Summary: Fixes T4881.

Test Plan: made a config change, saw the issue, restarted daemons and it went away

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: epriestley, Korvin

Maniphest Tasks: T4881

Differential Revision: https://secure.phabricator.com/D10339
2014-08-22 14:52:36 -07:00
Tal Shiri
4c57e6d34d HTML emails
Summary:
Added support for side-by-side HTML and plaintext email building.

We can control if the HTML stuff is sent by by a new config, metamta.html-emails

Test Plan:
Been running this in our deployment for a few months now.

====Well behaved clients====
 - Gmail
 - Mail.app

====Bad clients====

- [[ http://airmailapp.com/ | Airmail ]]. They confuse Gmail too, though.

====Need testing====
 - Outlook (Windows + Mac)

Reviewers: chad, #blessed_reviewers, epriestley

Reviewed By: #blessed_reviewers, epriestley

Subscribers: webframp, taoqiping, chad, epriestley, Korvin

Maniphest Tasks: T992

Differential Revision: https://secure.phabricator.com/D9375
2014-08-15 08:12:21 -07:00
Bob Trahan
ff51a1a451 Remarkup - add a regex to blacklist what objects get link
Summary: Fixes T5453.

Test Plan: made a remarkup comment that "Q1 is dumb and Q10 is awesome" and only Q10 was linked. changed the new setting to have the value " " and the Q1 also started linking.

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: epriestley, Korvin

Maniphest Tasks: T5453

Differential Revision: https://secure.phabricator.com/D10270
2014-08-14 15:20:45 -07:00
epriestley
5d62f56c8f Provide a setup warning about ft_min_word_len
Summary: Fixes T4130. Adds a setup warning when ft_min_word_len is set to the default value.

Test Plan: Hit setup warning; resovled setup warning. Searched for "DOS".

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: epriestley

Maniphest Tasks: T4130

Differential Revision: https://secure.phabricator.com/D10259
2014-08-13 15:37:45 -07:00
epriestley
e616f166ae Provide a setup warning about using the default MySQL stopword file
Summary:
Fixes T2605.

  - Add a setup warning about the stopword file.
  - Provide a simpler stopword file.

Test Plan:
  - Hit setup warning.
  - Resolved it according to instructions.
  - Added "various" to a task, then searched for it, found the task.

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: epriestley

Maniphest Tasks: T2605

Differential Revision: https://secure.phabricator.com/D10258
2014-08-13 15:34:09 -07:00
epriestley
f6f9d78f3a Modularize mail tags
Summary:
Ref T5861. Currently, mail tags are hard-coded; move them into applications. Each Editor defines its own tags.

This has zero impact on the UI or behavior.

Test Plan:
  - Checked/unchecked some options, saved form.
  - Swapped back to `master` and saw exactly the same values.

Reviewers: chad, btrahan

Reviewed By: btrahan

Subscribers: epriestley

Maniphest Tasks: T5861

Differential Revision: https://secure.phabricator.com/D10238
2014-08-12 12:28:41 -07:00
Joshua Spence
8fd098329b Rename AphrontQueryException subclasses
Summary: Ref T5655. Depends on D10149.

Test Plan: Ran `arc unit`

Reviewers: epriestley, #blessed_reviewers

Reviewed By: epriestley, #blessed_reviewers

Subscribers: epriestley, Korvin, hach-que

Maniphest Tasks: T5655

Differential Revision: https://secure.phabricator.com/D10150
2014-08-06 07:51:21 +10:00
Joshua Spence
97a8700e45 Rename PHIDType classes
Summary: Ref T5655. Rename `PhabricatorPHIDType` subclasses for clarity (see discussion in D9839). I'm not too keen on some of the resulting class names, so feel free to suggest alternatives.

Test Plan: Ran unit tests.

Reviewers: epriestley, #blessed_reviewers

Reviewed By: epriestley, #blessed_reviewers

Subscribers: epriestley, Korvin, hach-que

Maniphest Tasks: T5655

Differential Revision: https://secure.phabricator.com/D9986
2014-07-24 08:05:46 +10:00
Joshua Spence
0c8f487b0f Implement the getName method in PhabricatorApplication subclasses
Summary: Provide an implementation for the `getName` method rather than automagically determining the application name.

Test Plan: Saw reasonable application names in the launcher.

Reviewers: #blessed_reviewers, epriestley

Reviewed By: #blessed_reviewers, epriestley

Subscribers: epriestley, Korvin

Differential Revision: https://secure.phabricator.com/D10027
2014-07-23 23:52:50 +10:00
Joshua Spence
86c399b657 Rename PhabricatorApplication subclasses
Summary: Ref T5655. Some discussion in D9839. Generally speaking, `Phabricator{$name}Application` is clearer than `PhabricatorApplication{$name}`.

Test Plan:
# Pinned and uninstalled some applications.
# Applied patch and performed migrations.
# Verified that the pinned applications were still pinned and that the uninstalled applications were still uninstalled.
# Performed a sanity check on the database contents.

Reviewers: btrahan, epriestley, #blessed_reviewers

Reviewed By: epriestley, #blessed_reviewers

Subscribers: hach-que, epriestley, Korvin

Maniphest Tasks: T5655

Differential Revision: https://secure.phabricator.com/D9982
2014-07-23 10:03:09 +10:00
Joshua Spence
254542237a Simplify the implementation of PhabricatorPHIDType subclasses
Summary: Instead of implementing the `getTypeConstant` method in all subclasses of `PhabricatorPHIDType`, provide a `final` implementation in the base class which uses reflection. See D9837 for a similar implementation.

Test Plan: Ran `arc unit`.

Reviewers: #blessed_reviewers, epriestley

Reviewed By: #blessed_reviewers, epriestley

Subscribers: epriestley, Korvin, hach-que

Differential Revision: https://secure.phabricator.com/D9985
2014-07-22 00:38:23 +10:00
Bob Trahan
e281c5ee90 Security - disable conduit act as user by default
Summary: Introduce a new configuration setting that by default disables the conduit as as user method. Wordily explain that turning it on is not recommended. Fixes T3818.

Test Plan:
```
15:25:19 ~/Dropbox/code/phalanx/src/applications/conduit (T3818)
~>  echo '{}' | arc call-conduit --conduit-uri http://phalanx.dev/ user.whoami
Waiting for JSON parameters on stdin...
{"error":null,"errorMessage":null,"response":{"phid":"PHID-USER-tghb3b2gbdyezdcuw2or","userName":"btrahan","realName":"Bob Trahan","image":"http:\/\/phalanx.dev\/file\/data\/yncjbh7phk7ktrdhuorn\/PHID-FILE-qyf4ui3x2ll3e52hpg5e\/profile-profile-gravatar","uri":"http:\/\/phalanx.dev\/p\/btrahan\/","roles":["admin","verified","approved","activated"]}}
15:25:34 ~/Dropbox/code/phalanx/src/applications/conduit (T3818)

<go edit libconfig/conduitclient to spoof another user...>

~>  echo '{}' | arc call-conduit --conduit-uri http://phalanx.dev/ user.whoami
Waiting for JSON parameters on stdin...
{"error":"ERR-CONDUIT-CORE","errorMessage":"ERR-CONDUIT-CORE: security.allow-conduit-act-as-user is disabled","response":null}
15:26:40 ~/Dropbox/code/phalanx/src/applications/conduit (T3818)

<enable option via bin/config....>

~>  echo '{}' | arc call-conduit --conduit-uri http://phalanx.dev/ user.whoami
Waiting for JSON parameters on stdin...
{"error":null,"errorMessage":null,"response":{"phid":"PHID-USER-6lcglnzbkiamdofishgi","userName":"xerxes","realName":"Xerxes Trahan","image":"http:\/\/phalanx.dev\/file\/data\/n2kyeevowetcuynbcxrg\/PHID-FILE-voquikectzpde256zzvm\/profile-1275455993.jpg","uri":"http:\/\/phalanx.dev\/p\/xerxes\/","roles":["verified","approved","activated"]}}
```

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: jevripio, sowedance, epriestley, Korvin

Maniphest Tasks: T3818

Differential Revision: https://secure.phabricator.com/D9881
2014-07-10 15:43:53 -07:00
Dirkjan Ochtman
a89ce7e9a2 Fix typo in ConfigWelcomeController support text
See: <https://github.com/phacility/phabricator/pull/670>

Reviewed by: epriestley
2014-07-07 04:54:00 -07:00
epriestley
04d5402e2f Fatal during setup for "mbstring.func_overload"
Summary:
Fixes T5545. We assume `strlen()` returns the number of bytes in a string, which is the normal behavior (and the documented behavior).

There's a config option, `mbstring.func_overload`, which silently calls mb_strlen() instead. This may return some other result, might fail, etc., and there's no way to get the byte length of a string if this option is set.

If this option is set, fatal immediately. Nothing good can ever come of it.

Test Plan: {F173990}

Reviewers: btrahan, chad

Reviewed By: chad

Subscribers: epriestley

Maniphest Tasks: T5545

Differential Revision: https://secure.phabricator.com/D9811
2014-07-04 07:59:02 -07:00
Chad Little
7ec09d3924 Use ObjectBoxView for Config pages
Summary: Doing to start to try to remove all the 'purple' PHUIHeaders around Phabricator and see what's left after.

Test Plan:
View each page

{F171007}

Reviewers: epriestley

Reviewed By: epriestley

Differential Revision: https://secure.phabricator.com/D9750
2014-06-27 08:28:33 -07:00
Chad Little
f8e7d8f65c Move ActionHeaders to PHUI, add ObjectBox Support, new Colors
Summary: Moves PhabricatorActionHeaderView to PHUIActionHeaderView, adds Red, Green, and Violet colors and extend ObjectBox to take colors and action headers.

Test Plan:
Tested new Welcome layout as well as UIExamples, Workboards, and Hovercards

{F169669}

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: epriestley, Korvin

Differential Revision: https://secure.phabricator.com/D9707
2014-06-24 09:39:32 -07:00
epriestley
46d9bebc84 Remove all device = true from page construction
Summary: Fixes T5446. Depends on D9687.

Test Plan: Mostly regexp'd this. Lint doesn't complain.

Reviewers: chad

Reviewed By: chad

Subscribers: epriestley, hach-que

Maniphest Tasks: T5446

Differential Revision: https://secure.phabricator.com/D9690
2014-06-23 15:18:14 -07:00
epriestley
abcd3efa5a Allow administrators to set a dashboard as a global default
Summary:
Ref T4883.

  - When an administrator installs a dashbord, give them the option to install it as a global default.
  - On the home page, if a user does not have a dashboard installed, check for a global default.
  - On the Admin NUX/Welcome page, check for a global dashboard.

Test Plan:
  - Installed a global dashboard, checked homepage, saw it.
  - Installed a personal dashboard over it.
  - Checked non-admin flow.
  - Checked Admin NUX page for quest completion.

Reviewers: btrahan, chad

Reviewed By: chad

Subscribers: epriestley

Maniphest Tasks: T4883

Differential Revision: https://secure.phabricator.com/D9670
2014-06-23 15:14:38 -07:00
epriestley
e3fd094a09 Minor, fix empty() call for older versions of PHP
Summary: While it's fine on 5.5.8, older versions of PHP are not happy about
this.
2014-06-23 09:40:15 -07:00
epriestley
ef0a0b5727 First version of "Quest Tracker" Home NUX
Summary:
Ref T5317. General idea here is that Dashboards are replacing the home page soon. We think they'll do a good job for normal users, but they aren't very good for new administrators who have just completed an install. In this case, any dashboard we put there by default will be empty and not very useful or helpful. It's also technically a bit messy to build objects by default.

Instead, give new administrators a "Quest Tracker" UI to help them get through things. When they're done with setup steps, they build a dashboard and install it to replace the home page. They can add install-specific welcome messages during this process, so hopefully this will also ease onboarding for non-administrator users.

For now, you have to go to Config > Welcome Screen explicitly to see this UI. We can tweak/test it for a bit before replacing the home page.

Test Plan: {F169226}

Reviewers: btrahan, chad

Reviewed By: chad

Subscribers: epriestley

Maniphest Tasks: T5317

Differential Revision: https://secure.phabricator.com/D9660
2014-06-23 09:37:51 -07:00
Joshua Spence
a4a8cfa6d6 Update callsites of phutil_json_decode.
Summary: Depends on D9634. `phutil_json_decode` now throws an exception on invalid JSON.

Test Plan: `arc unit`

Reviewers: epriestley, #blessed_reviewers

Reviewed By: epriestley, #blessed_reviewers

Subscribers: epriestley, Korvin

Differential Revision: https://secure.phabricator.com/D9640
2014-06-21 00:39:37 +10:00
Joshua Spence
d0128afa29 Applied various linter fixes.
Summary: Applied some more linter fixes that I previously missed because my global `arc` install was out-of-date.

Test Plan: Will run `arc unit` on another host.

Reviewers: epriestley, #blessed_reviewers

Reviewed By: epriestley, #blessed_reviewers

Subscribers: epriestley, Korvin

Differential Revision: https://secure.phabricator.com/D9443
2014-06-09 16:04:12 -07:00
Joshua Spence
0a62f13464 Change double quotes to single quotes.
Summary: Ran `arc lint --apply-patches --everything` over rP, mainly to change double quotes to single quotes where appropriate. These changes also validate that the `ArcanistXHPASTLinter::LINT_DOUBLE_QUOTE` rule is working as expected.

Test Plan: Eyeballed it.

Reviewers: #blessed_reviewers, epriestley

Reviewed By: #blessed_reviewers, epriestley

Subscribers: epriestley, Korvin, hach-que

Differential Revision: https://secure.phabricator.com/D9431
2014-06-09 11:36:50 -07:00
Chad Little
41ef6824be Make ObjectItem default as "Card"
Summary: This went smoother than expeced. Makes the rounded Card the default, also tweaked selected state a little.

Test Plan:
Test UIExamples, Maniphest, Home, Differential, Harbormaster, Audit. Everything seems normal

{F163971}

{F163973}

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: epriestley, Korvin

Differential Revision: https://secure.phabricator.com/D9408
2014-06-07 12:12:11 -07:00
epriestley
99c72a32d0 Allow installs to require multi-factor authentication for all users
Summary: Ref T5089. Adds a `security.require-multi-factor-auth` which forces all users to enroll in MFA before they can use their accounts.

Test Plan:
Config:

{F159750}

Roadblock:

{F159748}

After configuration:

{F159749}

  - Required MFA, got roadblocked, added MFA, got unblocked.
  - Removed MFA, got blocked again.
  - Used `bin/auth strip` to strip MFA, got blocked.

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: epriestley

Maniphest Tasks: T5089

Differential Revision: https://secure.phabricator.com/D9285
2014-06-03 16:50:27 -07:00
epriestley
6df1a02413 (Redesign) Clean up older "Tile" code
Summary:
This does some backend cleanup of the tile stuff, and some general cleanup of other application things:

  - Users who haven't customized preferences get a small, specific set of pinned applications: Differential, Maniphest, Diffusion, Audit, Phriction, Projects (and, for administrators, Auth, Config and People).
  - Old tile size methods are replaced with `isPinnnedByDefault()`.
  - Shortened some short descriptions.
  - `shouldAppearInLaunchView()` replaced by less ambiguous `isLaunchable()`.
  - Added a marker for third-party / extension applications.

Test Plan: Faked away my preferences and viewed the home page, saw a smaller set of default pins.

Reviewers: chad

Reviewed By: chad

Subscribers: epriestley

Differential Revision: https://secure.phabricator.com/D9358
2014-06-03 15:47:27 -07:00
epriestley
81d95cf682 Make default view of "Applications" app a full-page launcher
Summary:
This probably needs some tweaks, but the idea is to make it easier to browse and access applications without necessarily needing them to be on the homepage.

Open to feedback.

Test Plan:
(This screenshot merges "Organization", "Communication" and "Core" into a single "Core" group. We can't actually do this yet because it wrecks the homepage.)

{F160052}

Reviewers: btrahan, chad

Reviewed By: chad

Subscribers: epriestley

Maniphest Tasks: T5176

Differential Revision: https://secure.phabricator.com/D9297
2014-05-29 12:17:54 -07:00
Joshua Spence
1855e66758 Add some file types to pygments.dropdown-choices.
Summary: I could just add these options to my local configuration, but I figured I'd submit these upstream since they are (in my opinion) fairly common file formats.

Test Plan: N/A

Reviewers: epriestley, #blessed_reviewers

Reviewed By: epriestley, #blessed_reviewers

Subscribers: epriestley, Korvin

Differential Revision: https://secure.phabricator.com/D9319
2014-05-28 06:26:20 -07:00
Joshua Spence
1daa0aa36e Syntax highlight .arclint files as JSON.
Summary: After T2039, it makes sense to syntax highlight `.arclint` files as JSON.

Test Plan: N/A

Reviewers: epriestley, #blessed_reviewers

Reviewed By: epriestley, #blessed_reviewers

Subscribers: epriestley, Korvin

Differential Revision: https://secure.phabricator.com/D9305
2014-05-27 06:14:06 -07:00
Chad Little
0120388a75 Found some missing icons
Summary: Did a more exhaustive grep on setIcon and found 99.9% of the icons.

Test Plan: I verified icon names on UIExamples, but unable to test some of the more complex flows visually. Mostly a read and replace.

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: epriestley, Korvin, hach-que

Differential Revision: https://secure.phabricator.com/D9088
2014-05-13 07:45:39 -07:00
epriestley
98013cc599 Fix typo
Summary: This doesn't look like it is spelled correctly.

Test Plan: Seems more correct now.

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: epriestley

Differential Revision: https://secure.phabricator.com/D9043
2014-05-10 11:39:39 -07:00
Bob Trahan
e96c363eef Add SMS support
Summary:
Provides a working SMS implementation with support for Twilio.

This version doesn't really retry if we get any gruff at all. Future versions should retry.

Test Plan: used bin/sms to send messages and look at them.

Reviewers: chad, epriestley

Reviewed By: epriestley

Subscribers: aurelijus, epriestley, Korvin

Maniphest Tasks: T920

Differential Revision: https://secure.phabricator.com/D8930
2014-05-09 12:47:21 -07:00
epriestley
0620386d0e Fix typo (demo)
Summary: There was a typo.

Test Plan: Now there is no typo.

Reviewers: btrahan, chad

Reviewed By: chad

Subscribers: aran, epriestley

Differential Revision: https://secure.phabricator.com/D8995
2014-05-07 07:19:50 -07:00
epriestley
58fbb0ae53 Support mailto in Phabricator config defaults
Summary: Fixes T3949.

Test Plan: grumble grumble

Reviewers: chad, btrahan

Reviewed By: btrahan

Subscribers: epriestley

Maniphest Tasks: T3949

Differential Revision: https://secure.phabricator.com/D8963
2014-05-04 10:48:35 -07:00
epriestley
7145587df7 Lock down some config options
Summary:
This is just a general review of config options, to reduce the amount of damage a rogue administrator (without host access) can do. In particular:

  - Fix some typos.
  - Lock down some options which would potentially let a rogue administrator do something sketchy.
    - Most of the new locks relate to having them register a new service account, then redirect services to their account. This potentially allows them to read email.
    - Lock down some general disk stuff, which could be troublesome in combination with other vulnerabilities.

Test Plan:
  - Read through config options.
  - Tried to think about how to do evil things with each one.

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: epriestley

Differential Revision: https://secure.phabricator.com/D8928
2014-05-01 10:23:49 -07:00
epriestley
301c7d0a14 Require the "ctype" extension explicitly
Summary: Fixes T4916. Although every normal build of PHP has this in the core, at least one distribution which users could reasonably encounter does not.

Test Plan: Changed string to "ctypex", got setup warning. Changed to "ctype", got no warning.

Reviewers: hach-que, btrahan

Reviewed By: btrahan

Subscribers: epriestley

Maniphest Tasks: T4916

Differential Revision: https://secure.phabricator.com/D8896
2014-04-29 10:57:10 -07:00
epriestley
67f015a76c Clarify STRICT_ALL_TABLES instructions
Summary:
  - Mention the `[mysqld]` section.
  - Should be `sql_mode`, not `sql-mode`.
  - Improve clarity of the text.
  - Slightly nicer markup.

Test Plan: {F147076}

Reviewers: csilvers, btrahan

Reviewed By: btrahan

Subscribers: epriestley, spicyj

Differential Revision: https://secure.phabricator.com/D8847
2014-04-23 13:04:57 -07:00
Chad Little
11fd6afeb1 Move Timeline icons to Fonts
Summary: Throwing this up for testing, swapped out all icons in timeline for their font equivelants. Used better icons where I could as well. We should feel free to use more / be fun with the icons when possible since there is no penalty anymore.

Test Plan: I browsed many, not all, timelines in my sandbox and in IE8. Some of these were just swagged, but I'm expecting we'll do more SB testing before landing.

Reviewers: btrahan, epriestley

Reviewed By: epriestley

Subscribers: epriestley, Korvin

Differential Revision: https://secure.phabricator.com/D8827
2014-04-22 08:25:54 -07:00
epriestley
f1245f4f34 Remove flavor text for action buttons
Summary: A small but appreciable number of users find flavor on buttons confusing. Remove this flavor. This retains flavor in headers, error messages, etc., which doesn't cause confusion.

Test Plan: Looked at a revision, task, paste, macro, etc.

Reviewers: chad, btrahan

Reviewed By: btrahan

Subscribers: epriestley

Differential Revision: https://secure.phabricator.com/D8812
2014-04-18 17:51:46 -07:00
Joshua Spence
e7419d85f7 Set celerity.minify true in production environments.
Summary: I haven't been able to understand why this isn't set by default in production environments (since it is recommended to do so anyway).

Test Plan: N/A

Reviewers: epriestley, #blessed_reviewers

Reviewed By: epriestley, #blessed_reviewers

Subscribers: epriestley, Korvin

Differential Revision: https://secure.phabricator.com/D8743
2014-04-10 14:39:05 -07:00
epriestley
f79320e64e Render default/current settings in the same format they'll be edited
Summary:
Fixes T4773. For config settings of type `list<string>`, `set`, or `list<regex>`, the "defaults" table and "examples" aren't always in the same format you should actually use when changing the setting.

This is pretty confusing. Instead, always show the settings in the desired format. For example, if the user should enter a newline-separated list, show them a newline separated list.

Test Plan:
  - Grepped for `list<string>`, `list<regex>`, and `'set'`; verified all the config had the right example format (most already did).
  - Viewed config settings of various kinds, including custom settings.

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: epriestley

Maniphest Tasks: T4773

Differential Revision: https://secure.phabricator.com/D8725
2014-04-08 12:09:43 -07:00
epriestley
9ca86b69b7 Make Maniphest task statuses user configurable
Summary: Fixes T1812. Moves the internal configuration into public space and documents it.

Test Plan:
  - Tried to set it to some invalid stuff.
  - Set it to various valid things.
  - Browsed around, changed statuses, filtered statuses, viewed statuses, merged duplictes, examined transaction record, created tasks.

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: epriestley

Maniphest Tasks: T1812

Differential Revision: https://secure.phabricator.com/D8585
2014-03-25 14:05:36 -07:00
epriestley
221222ad7a Lock "security.require-https" from web edits
Summary: This can be used to lock yourself out of an instance, so prevent web edits.

Test Plan: Loaded page, wasn't web-editable.

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: epriestley

Differential Revision: https://secure.phabricator.com/D8572
2014-03-19 19:27:04 -07:00
epriestley
38cc38eaf6 Modernize documentation links
Summary:
  - Point them at the new Diviner.
  - Make them a little less cumbersome to write.

Test Plan: Found almost all of these links in the UI and clicked them.

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: epriestley

Differential Revision: https://secure.phabricator.com/D8553
2014-03-17 15:01:31 -07:00
epriestley
039b8e43b9 Whitelist allowed editor protocols
Summary:
This is the other half of D8548. Specifically, the attack here was to set your own editor link to `javascript\n:...` and then you could XSS yourself. This isn't a hugely damaging attack, but we can be more certain by adding a whitelist here.

We already whitelist linkable protocols in remarkup (`uri.allowed-protocols`) in general.

Test Plan:
Tried to set and use valid/invalid editor URIs.

{F130883}

{F130884}

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: epriestley

Differential Revision: https://secure.phabricator.com/D8551
2014-03-17 13:00:37 -07:00
epriestley
7cd4e70ef2 Remove DifferentialFieldSelector
Summary: Ref T2222. Gets rid of DifferentialFieldSelector, favoring `differential.fields`.

Test Plan: `grep`

Reviewers: btrahan

Reviewed By: btrahan

CC: aran

Maniphest Tasks: T2222

Differential Revision: https://secure.phabricator.com/D8472
2014-03-11 13:02:13 -07:00
epriestley
77af6be803 Remove host/path and test plan enable/disable options
Summary: Ref T2222. These no longer have an effect, and are obsoleted by `differential.fields`.

Test Plan: `grep`

Reviewers: btrahan

Reviewed By: btrahan

CC: aran

Maniphest Tasks: T2222

Differential Revision: https://secure.phabricator.com/D8468
2014-03-11 13:02:07 -07:00
epriestley
cdeea11fd3 Don't actually construct auth providers when checking for their existence
Summary:
A user reported this stack trace:

http://pastebin.com/6auGbZsE

...on this GitHub issue:

https://github.com/facebook/phabricator/issues/389#issuecomment-36612511

The problem is similar to the original report, but not identical. In this case, we're following a sequence of steps like:

  - Run setup checks.
    - Check for enabled providers, in order to raise "no providers configured yet" warning.
      - Try to generate login/redirect URIs.
  - Build the request.
  - Set the default base URI.
  - Run normal code.

Since we try to generate URIs before we provide a default, this fatals. Instead, don't try to build objects.

An alternative fix might be to try to set defaults earlier, but we depend on some config and on building the Request in order to be able to figure out if a request is HTTP or HTTPS right now. We could assume one, or guess, or use protocol-relative URIs (`///host.com`), but I think this fix is a little cleaner overall. If we keep hitting similar stuff, we could look into alternate fixes.

We could also set some kind of "setup mode" flag and make `getURI()` if it's called during setup mode to detect these during testing. I'd like to hit one more of these before doing that, though.

Test Plan: Reproduced the issue, applied the patch, verified this fixes it.

Reviewers: btrahan

Reviewed By: btrahan

CC: aran

Differential Revision: https://secure.phabricator.com/D8395
2014-03-04 16:11:28 -08:00
epriestley
f6a13fd1c7 Use CustomField, not AuxiliaryField, to power RevisionView
Summary: Ref T2222. This will probably have some rough edges for a bit (e.g., weird cases I didn't remember or think of), but there's no change to the underlying data and we can easily revert if things get too messy.

Test Plan: Looked at a variety of revisions and saw sensible output.

Reviewers: btrahan

Reviewed By: btrahan

CC: aran

Maniphest Tasks: T2222

Differential Revision: https://secure.phabricator.com/D8361
2014-02-27 11:06:14 -08:00
Joshua Spence
6270114767 Various linter fixes.
Summary:
- Removed trailing newlines.
- Added newline at EOF.
- Removed leading newlines.
- Trimmed trailing whitespace.
- Spelling fix.
- Added newline at EOF

Test Plan: N/A

Reviewers: epriestley, #blessed_reviewers

Reviewed By: epriestley

CC: hach-que, chad, Korvin, epriestley, aran

Differential Revision: https://secure.phabricator.com/D8344
2014-02-26 12:44:58 -08:00
epriestley
bbf40146fb Recommend STRICT_ALL_TABLES for every install, not just development installs
Summary:
See D8308. Enabling STRICT_ALL_TABLES prevents this entire class of error, by fataling on truncation instead of truncating. We never want truncation; it is always bad and sometimes extremely bad.

We've recommended this mode for developer installs for a long time, and some users run with it enabled, so it's very unlikely to cause any issues (I've had it enabled locally for at least 6-8 months, I think).

Test Plan:
  - Disabled mode.
  - Saw warning.
  - Enabled mode.
  - No warning.

{F117040}

Reviewers: btrahan, chad

Reviewed By: chad

CC: chad, aran, arice

Differential Revision: https://secure.phabricator.com/D8309
2014-02-23 10:59:59 -08:00
epriestley
88227d26bc Allow CustomField to provide ApplicationTransaction change details
Summary:
Ref T3886. Ref T418. For fields like "Summary" and "Test Plan" where changes can't be summarized in one line, allow CustomField to provide a "(Show Details)" link and render a diff.

Also consolidate some of the existing copy/paste, and simplify this featuer slightly now that we've move to dialogs.

Test Plan:
{F115918}

  - Viewed "description"-style field changes in phlux, pholio, legalpad, maniphest, differential, ponder (questions), ponder (answers), and repositories.

Reviewers: btrahan

Reviewed By: btrahan

CC: aran

Maniphest Tasks: T3886, T418

Differential Revision: https://secure.phabricator.com/D8284
2014-02-21 11:53:04 -08:00
epriestley
a0262c0b4f Remove tokenizer.ondemand, and always load on demand
Summary:
Ref T4420. Tokenizers currently operate in "preload" or "ondemand" modes. In the former mode, which is default, they'll try to load the entire result list when a page loads.

The theory here was that this would slightly improve the experience for small installs, and once they got big enough they could switch to "ondemand". In practice, several issues have arisen:

  - We generally don't have a good mechanism for telling installs that they should tweak perf config -- `metamta.send-immediately` is the canonical example here. Some large installs are probably affected negatively by not knowing to change this setting, and having settings like this is generally annoying.
  - We have way way too much config now.
  - With the advent of ApplicationSearch, pages like Maniphest make many redundant loads to prefill sources like projects. Most of the time, this data is not used. It's far simpler to switch everything to ondemand than try to deal with this, and dealing with this would mean creating two very complex divergent pathways in the codebase for a mostly theoretical performance benefit which only impacts tiny installs.
  - We've been using `tokenizer.ondemand` forever on `secure.phabricator.com` since we have many thousands of user accounts, and it doesn't seem sluggish and works properly.

Removing this config is an easy fix which makes the codebase simpler.

I've retained the ability to use preloaded sources, since they may make sense in some cases (in at least one case -- task priorities -- adding a static source pathway might make sense), and they're part of Javelin itself. However, the code will no longer ever go down that pathway.

Test Plan: Used `secure.phabricator.com` for years with this setting enabled.

Reviewers: btrahan, chad

Reviewed By: btrahan

CC: aran

Maniphest Tasks: T4420

Differential Revision: https://secure.phabricator.com/D8232
2014-02-14 10:24:40 -08:00
Tal Shiri
a9612fac24 Mailgun receive support
Summary:
As you've suggested, I took the SendGrid code and massaged it until it played nice with Mailgun.

btw - unless I'm missing something, it appears that the SendGrid receiver lets you spoof emails (it performs no validation on the data received).

Test Plan: Opened a task with Mailgun. Felt great.

Reviewers: epriestley, #blessed_reviewers

Reviewed By: epriestley

CC: Korvin, epriestley, aran

Maniphest Tasks: T4326

Differential Revision: https://secure.phabricator.com/D7989
2014-01-21 10:36:33 -08:00
epriestley
3770998c39 Fix php.net link to open in a new window
Summary:
From @chad. This setup link should open in a new window so you don't lose your context in resolving setup issues.

@chad, this was the only one I could find immediately, let me know if you remember seeing others that I missed.

Test Plan: Faked an error, clicked the link, got a new tab.

Reviewers: chad, btrahan

Reviewed By: chad

CC: chad, aran

Differential Revision: https://secure.phabricator.com/D7991
2014-01-17 10:54:04 -08:00
Alex Arwine
e6a6c265b0 Aprhont - Adding cookie-prefix, as config option, and into cookie methods
Summary: Cookie-prefix should fix phabricator instances where x.com and x.y.com have conflicting cookie names

Test Plan: Pushed branch to dev.phab.example.com, logged into phab.example.com and into dev.phab.example.com.

Reviewers: epriestley, #blessed_reviewers

Reviewed By: epriestley

CC: Korvin, epriestley, aran

Differential Revision: https://secure.phabricator.com/D7979
2014-01-17 08:08:40 -08:00
epriestley
2ec45d42a6 Remove session limits and sequencing
Summary:
Ref T4310. Fixes T3720. This change:

  - Removes concurrent session limits. Instead, unused sessions are GC'd after a while.
  - Collapses all existing "web-1", "web-2", etc., sessions into "web" sessions.
  - Dramatically simplifies the code for establishing a session (like omg).

Test Plan: Ran migration, checked Sessions panel and database for sanity. Used existing session. Logged out, logged in. Ran Conduit commands.

Reviewers: btrahan

Reviewed By: btrahan

CC: aran

Maniphest Tasks: T4310, T3720

Differential Revision: https://secure.phabricator.com/D7978
2014-01-15 17:27:59 -08:00
epriestley
e4deb7faad Remove metamta.send-immediately
Summary:
Ref T3857.

  - Always send mail via daemons. This lets us get rid of this config, and is generally much more performant.
  - After D7964, we warn if daemons aren't running.

Test Plan: Sent some mail.

Reviewers: btrahan

Reviewed By: btrahan

CC: aran

Maniphest Tasks: T3857

Differential Revision: https://secure.phabricator.com/D7965
2014-01-14 13:22:47 -08:00
epriestley
f060d8eb8f Warn if daemons are not running
Summary:
Currently, we try to mostly-kind-of-work if daemons aren't running (for example, we send mail in-process). I want to stop doing this. A major motivator is that `metamta.send-immediately` is confusing for a lot of users and frequently the cause of performance problems. Increasingly, functionality of applications depends on the daemons (Harbormaster, Drydock, Nuance all require daemons to do anything at all). They're also fairly stable/robust/well-tested and no reasonable install should be running without them.

This will let us simplify or remove some flags (like `metamta.send-immediately`) and simplify some other processes like search indexing.

Test Plan: Stopped daemons, loaded warnings, saw daemon warning. Started daemons, reloade, no warning.

Reviewers: btrahan

Reviewed By: btrahan

CC: aran

Maniphest Tasks: T3857

Differential Revision: https://secure.phabricator.com/D7964
2014-01-14 13:22:40 -08:00
Chad Little
b74c7a3d37 Simplify PHUIObjectBoxViews handling of Save and Error states
Summary: This removes the bulk of the "Form Errors" text, some variations likely exists. These are a bit redundant and space consuming. I'd also like to back ErrorView more into PHUIObjectBox.

Test Plan: Test out the forms, see errors without the text.

Reviewers: epriestley, btrahan

CC: Korvin, epriestley, aran, hach-que

Differential Revision: https://secure.phabricator.com/D7924
2014-01-10 09:17:37 -08:00
epriestley
95a806ada3 Remove celerity.resource-path config
Summary: Ref T4222. This was used by Facebook while developing Releeph, but should no longer be necessary since Releeph is in the upstream. I can't get an answer out of Facebook about whether they still use it or not (see T4227), so nuke it. We're going to replace it with a more general mechanism (see T4222).

Test Plan: Regenerated celerity map. Browsed some pages, still got resources.

Reviewers: btrahan, hach-que

Reviewed By: hach-que

CC: aran

Maniphest Tasks: T4222

Differential Revision: https://secure.phabricator.com/D7863
2013-12-31 18:02:35 -08:00
epriestley
e397103bf2 Extend all "ManagementWorkflow" classes from a base class
Summary:
Ref T2015. Not directly related to Drydock, but I've wanted to do this for a bit.

Introduce a common base class for all the workflows in the scripts in `bin/*`. This slightly reduces code duplication by moving `isExecutable()` to the base, but also provides `getViewer()`. This is a little nicer than `PhabricatorUser::getOmnipotentUser()` and gives us a layer of indirection if we ever want to introduce more general viewer mechanisms in scripts.

Test Plan: Lint; ran some of the scripts.

Reviewers: btrahan

Reviewed By: btrahan

CC: aran

Maniphest Tasks: T2015

Differential Revision: https://secure.phabricator.com/D7838
2013-12-27 13:15:40 -08:00
epriestley
a5dc9067af Provide convenience method addTextCrumb() to PhabricatorCrumbsView
Summary: We currently have a lot of calls to `addCrumb(id(new PhabricatorCrumbView())->...)` which can be expressed much more simply with a convenience method. Nearly all crumbs are only textual.

Test Plan:
  - This was mostly automated, then I cleaned up a few unusual sites manually.
  - Bunch of grep / randomly clicking around.

Reviewers: btrahan, chad

Reviewed By: btrahan

CC: hach-que, aran

Differential Revision: https://secure.phabricator.com/D7787
2013-12-18 17:47:34 -08:00
epriestley
5863f792a6 Remove many redundant implementations of canLoadNamedObject()
Summary:
These just got copy/pasted like crazy, the base class has the correct default implementation.

(I'm adding "H" for Herald Rules, which is why I was in this code.)

I also documented the existing prefixes at [[ Object Name Prefixes ]].

Test Plan: Verified base implementation. Typed some object names into the jump nav.

Reviewers: btrahan

Reviewed By: btrahan

CC: hach-que, aran

Differential Revision: https://secure.phabricator.com/D7785
2013-12-18 12:00:01 -08:00
epriestley
99ad978e90 Add UI for choosing header color
Summary: See D7731. Fixes T4194.

Test Plan: {F88020}

Reviewers: chad, btrahan

Reviewed By: chad

CC: aran, mbishopim3

Maniphest Tasks: T4194

Differential Revision: https://secure.phabricator.com/D7740
2013-12-07 10:46:09 -08:00
epriestley
5ca84589bd Add an SSH access log
Summary: Ref T4107. Ref T4189. This implements an SSH access log, similar to the HTTP access log.

Test Plan:
  [Thu, 05 Dec 2013 13:45:41 -0800]	77841	orbital	::1	dweller	epriestley	epriestley	git-receive-pack	/diffusion/POEMS/	0	324765	402	232
  [Thu, 05 Dec 2013 13:45:48 -0800]	77860	orbital	::1	dweller	epriestley	epriestley	git-receive-pack	/diffusion/POEMS/	0	325634	402	232

Reviewers: btrahan

Reviewed By: btrahan

CC: aran

Maniphest Tasks: T4107, T4189

Differential Revision: https://secure.phabricator.com/D7719
2013-12-05 17:00:48 -08:00
epriestley
476b27d9c8 Add "phd.user" with sudo hooks for SSH/HTTP writes
Summary:
Ref T2230. When fully set up, we have up to three users who all need to write into the repositories:

  - The webserver needs to write for HTTP receives.
  - The SSH user needs to write for SSH receives.
  - The daemons need to write for "git fetch", "git clone", etc.

These three users don't need to be different, but in practice they are often not likely to all be the same user. If for no other reason, making them all the same user requires you to "git clone httpd@host.com", and installs are likely to prefer "git clone git@host.com".

Using three different users also allows better privilege separation. Particularly, the daemon user can be the //only// user with write access to the repositories. The webserver and SSH user can accomplish their writes through `sudo`, with a whitelisted set of commands. This means that even if you compromise the `ssh` user, you need to find a way to escallate from there to the daemon user in order to, e.g., write arbitrary stuff into the repository or bypass commit hooks.

This lays some of the groundwork for a highly-separated configuration where the SSH and HTTP users have the fewest privileges possible and use `sudo` to interact with repositories. Some future work which might make sense:

  - Make `bin/phd` respect this (require start as the right user, or as root and drop privileges, if this configuration is set).
  - Execute all `git/hg/svn` commands via sudo?

Users aren't expected to configure this yet so I haven't written any documentation.

Test Plan:
Added an SSH user ("dweller") and gave it sudo by adding this to `/etc/sudoers`:

   dweller ALL=(epriestley) SETENV: NOPASSWD: /usr/bin/git-upload-pack, /usr/bin/git-receive-pack

Then I ran git pushes and pulls over SSH via "dweller@localhost". They successfully interacted with the repository on disk as the "epriestley" user.

Reviewers: btrahan

Reviewed By: btrahan

CC: aran

Maniphest Tasks: T2230

Differential Revision: https://secure.phabricator.com/D7589
2013-11-18 08:58:35 -08:00
epriestley
c0e1a63a63 Implement an approval queue
Summary:
  - Add an option for the queue.
  - By default, enable it.
  - Dump new users into the queue.
  - Send admins an email to approve them.

Test Plan:
  - Registered new accounts with queue on and off.
  - As an admin, approved accounts and disabled the queue from email.

Reviewers: btrahan

Reviewed By: btrahan

CC: aran

Differential Revision: https://secure.phabricator.com/D7576
2013-11-13 11:24:56 -08:00
epriestley
c818e6e159 Remove differential.anonymous-access
Summary:
Fixes T3034. This is obsoleted by modern policies.

This was written by a Facebook intern and is rarely used -- the Hive install might be the only use in the wild. It has never really worked correctly.

Test Plan: `grep`; browsed Differential.

Reviewers: btrahan

Reviewed By: btrahan

CC: aran

Maniphest Tasks: T3034

Differential Revision: https://secure.phabricator.com/D7568
2013-11-11 16:05:19 -08:00
Jakub Vrana
a29b5b070f Replace some hsprintf() by phutil_tag()
Test Plan: Looked at a diff with inline comment.

Reviewers: epriestley

Reviewed By: epriestley

CC: Korvin, epriestley, aran

Differential Revision: https://secure.phabricator.com/D7549
2013-11-11 09:23:23 -08:00
epriestley
f08908ff35 Raise a setup warning for missing or invalid local repository directory
Summary: I'm planning to add more detailed info to Diffusion itself, but catch the big issue here.

Test Plan: Hit config issue locally, then resolved it.

Reviewers: btrahan

Reviewed By: btrahan

CC: aran

Differential Revision: https://secure.phabricator.com/D7439
2013-10-30 13:07:09 -07:00
epriestley
d02202cde2 Enable "SSH Keys" auth panel unconditionally
Summary: We've had support for this for a long time, but it was conditional on config. Since it more-or-less actually does something now, just enable it unconditionally.

Test Plan: Settings -> SSH Public Keys

Reviewers: btrahan

Reviewed By: btrahan

CC: hach-que, aran

Maniphest Tasks: T2230

Differential Revision: https://secure.phabricator.com/D7426
2013-10-29 15:32:41 -07:00
epriestley
9e87172166 Make remarkup rules runtime-pluggable in a reasonable way
Summary:
Gets rid of some old Differential-specific nonsense and replaces it with general runtime-pluggable Remarkup rules.

Facebook: This removes two options which may be in use. Have any classes being added via config here just subclass the new abstract bases instead. This should take 5 seconds to fix. You can adjust order by overriding `getPriority()` on the rules, if necessary.

Test Plan: See comments.

Reviewers: btrahan

Reviewed By: btrahan

CC: FacebookPOC, andrewjcg, aran

Differential Revision: https://secure.phabricator.com/D7393
2013-10-24 17:26:07 -07:00
epriestley
2a5c987c71 Lock policy queries to their applications
Summary:
While we mostly have reasonable effective object accessibility when you lock a user out of an application, it's primarily enforced at the controller level. Users can still, e.g., load the handles of objects they can't actually see. Instead, lock the queries to the applications so that you can, e.g., never load a revision if you don't have access to Differential.

This has several parts:

  - For PolicyAware queries, provide an application class name method.
  - If the query specifies a class name and the user doesn't have permission to use it, fail the entire query unconditionally.
  - For handles, simplify query construction and count all the PHIDs as "restricted" so we get a UI full of "restricted" instead of "unknown" handles.

Test Plan:
  - Added a unit test to verify I got all the class names right.
  - Browsed around, logged in/out as a normal user with public policies on and off.
  - Browsed around, logged in/out as a restricted user with public policies on and off. With restrictions, saw all traces of restricted apps removed or restricted.

Reviewers: btrahan

Reviewed By: btrahan

CC: aran

Differential Revision: https://secure.phabricator.com/D7367
2013-10-21 17:20:27 -07:00
epriestley
00bf47f973 Fix "Manage herald rules" link by removing it
Summary: Fixes T4001. I broke this some time ago and no one has complained. I don't think it gets much use, and we haven't added it for the newer apps. Just get rid of it rather than adapt the URIs for ApplicationSearch.

Test Plan: Unit tests, sent myself some email.

Reviewers: zeeg, btrahan

Reviewed By: btrahan

CC: aran

Maniphest Tasks: T4001

Differential Revision: https://secure.phabricator.com/D7355
2013-10-21 16:58:56 -07:00
epriestley
073cb0e78c Make PhabricatorPolicyInterface require a getPHID() method
Summary:
Ref T603. This cleans up an existing callsite in the policy filter, and opens up some stuff in the future.

Some policy objects don't have real PHIDs:

  PhabricatorTokenGiven
  PhabricatorSavedQuery
  PhabricatorNamedQuery
  PhrequentUserTime
  PhabricatorFlag
  PhabricatorDaemonLog
  PhabricatorConduitMethodCallLog
  ConduitAPIMethod
  PhabricatorChatLogEvent
  PhabricatorChatLogChannel

Although it would be reasonable to add real PHIDs to some of these (like `ChatLogChannel`), it probably doesn't make much sense for others (`DaemonLog`, `MethodCallLog`). Just let them return `null`.

Also remove some duplicate `$id` and `$phid` properties. These are declared on `PhabricatorLiskDAO` and do not need to be redeclared.

Test Plan: Ran the `testEverythingImplemented` unit test, which verifies that all classes conform to the interface.

Reviewers: btrahan

Reviewed By: btrahan

CC: aran

Maniphest Tasks: T603

Differential Revision: https://secure.phabricator.com/D7306
2013-10-14 14:35:47 -07:00