1
0
Fork 0
mirror of https://we.phorge.it/source/phorge.git synced 2024-12-20 20:40:56 +01:00
Commit graph

11270 commits

Author SHA1 Message Date
Austin McKinley
ece9579d25 Switch File deletion to use ModularTransactions
Summary: Fixes T12587. Adds a new `PhabricatorFileDeleteTransaction` that enqueues `File` delete tasks.

Test Plan:
  - hack `PhabricatorFileQuery` to ignore isDeleted state
  - stop daemons
  - upload a file, delete it from the UI
  - check that the DB has updated isDeleted = 1
  - check timeline rendering in `File` detail view
  - start daemons
  - confirm rows are deleted from DB

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: Korvin, thoughtpolice

Maniphest Tasks: T12587

Differential Revision: https://secure.phabricator.com/D17723
2017-04-18 13:01:51 -07:00
epriestley
ab2aa74d6e Fix several duplication/replay behaviors in Aphlict
Summary:
Ref T12566. Ref T12563. This fixes three bugs with Aphlict replay stuff:

First, Conphernece would try to repaint the UI even if no thread was open. Only repaint when a thread is open.

Second, although we deduplicate JX.Leader messages, we didn't deduplicate actual notification messages. If you browsed the leader window, then it re-elected itelf as a leader and replayed history, it could rebroadcast notifications and other windows could show doubles. Deduplicate notifications to prevent this.

Third, we always replayed the last 60 seconds of history. When you browsed the leader window, whichever window became the new leader (possibly the one you just browsed) could replay messages from before it had opened, leading to duplicate messages. Particularly, after receiving a message and then browsing you could see that message again. Instead, only replay history as far back as when the window first opened.

Test Plan:
  - Clicked "Repaint" with a thread open, saw a repaint. Clicked "Repaint" with Conpherence open but no thread, no repaint and no 404 request to `/update/null/`.
  - In browser A, opened three windows. In browser B, sent a notification. In browser A, browsed the leader window away twice in a row. Observed that the window which never became a leader doesn't duplicate notifications.
  - In browser A, opened three windows. In browser B, sent a notification. In browser A, browsed the leader window away over and over again. Observed that replay requests issued with appropriate history windows.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T12566, T12563

Differential Revision: https://secure.phabricator.com/D17722
2017-04-18 12:10:12 -07:00
epriestley
5d55804e3f Play a sound when receiving a new chat message
Summary:
Ref T7567. Nothing fancy yet, just getting this working. Sound is lightly edited version of "Pop 6":

https://www.freesound.org/people/greenvwbeetle/sounds/244656/

Test Plan: Sent chat, heard sounds.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T7567

Differential Revision: https://secure.phabricator.com/D17721
2017-04-18 11:34:17 -07:00
Austin McKinley
be00264ae7 Make daemons perform file deletion
Summary:
Deletion is a possibly time-intensive process, especially with large
files that are backed by high-latency, chunked storage (such as
S3). Even ~200mb objects take minutes to delete, which makes for an
unhappy experience. Fixes T10828.

Test Plan:
Delete a large file, and stare in awe of the swiftness with
which I am redirected to the main file application.

Reviewers: #blessed_reviewers, epriestley

Reviewed By: #blessed_reviewers, epriestley

Subscribers: thoughtpolice, Korvin

Maniphest Tasks: T10828

Differential Revision: https://secure.phabricator.com/D15743
2017-04-18 11:09:41 -07:00
epriestley
8377bb3637 Raise a tailored error message on "show-outbound --id cat"
Summary: Fixes T12579. Unclear why the user ran this command.

Test Plan: Ran with `--id cat`. Ran with `--id 123`.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T12579

Differential Revision: https://secure.phabricator.com/D17719
2017-04-18 09:51:26 -07:00
Austin McKinley
b54adc6161 Kick off indexing for File objects on creation
Summary: Ensures that newly-made `File` objects get indexed into the new ngrams index. Fixes T8788.

Test Plan:
  - uploaded a file with daemons stopped; confirmed no new rows in ngrams table
  - started daemons; confirmed indexing of previously-uploaded files happened
  - uploaded a new file with daemons running; confirmed it got added to the index

Not sure how to test the changes to `PhabricatorFileUploadSource->writeChunkedFile()` and `PhabricatorChunkedFileStorageEngine->allocateChunks()`. I spent a few minutes trying to find their callers, but the first looks like it requires a Diffusion repo and the 2nd is only accessible via Conduit. I can test that stuff if necessary, but it's such a small change that I'm not worried about it.

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: Korvin

Maniphest Tasks: T8788

Differential Revision: https://secure.phabricator.com/D17718
2017-04-18 08:38:34 -07:00
Austin McKinley
976fbee877 Implement ngram search for File objects
Summary: Follows the outline in D15656 for implementing ngram search for names of File objects. Also created FileFullTextEngine, because without implementing `PhabricatorFulltextInterface`, `./bin/search` complains that `File` is not an indexable type.

Test Plan:
  - ran `./bin/storage upgrade` to apply the schema change
  - confirmed the presence of a new `file_filename_ngrams` table
  - added a couple file objects
  - ran `bin/search index --type file --force`
  - confirmed the presence of rows in `file_filename_ngrams`
  - did a few keyword searches and saw expected results

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: Korvin

Maniphest Tasks: T8788

Differential Revision: https://secure.phabricator.com/D17702
2017-04-17 17:37:20 -07:00
Chad Little
c98be54bf4 Don't show tag when no topic is set
Summary: Check the strlen of topic before adding a tag to the header in Conpherence.

Test Plan: Remove a topic, no longer see indigo bubble.

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: Korvin

Differential Revision: https://secure.phabricator.com/D17715
2017-04-17 16:15:17 -07:00
epriestley
ffed156981 After a reconnect, repaint Conpherence thread state
Summary: Ref T12566. When we reconnect, refresh the current thread even if we replayed notifications.

Test Plan:
  - Clicked the "Repaint" button, saw the thread refresh.
  - Clicked the "Reconnect" button, saw the thread reresh.
  - Launched `aphlict debug`, killed it, restarted it, saw the thread refresh after reconnect.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T12566

Differential Revision: https://secure.phabricator.com/D17713
2017-04-17 16:00:32 -07:00
epriestley
eaecf35324 Deduplicate application-level notifications from Aphlict
Summary:
Fixes T12564. We already had some code which seems to deal with this properly, it just wasn't getting used.

Assign each application-level notification a unique ID, then ignore messages with duplicate IDs.

Test Plan:
  - In browser A, loaded `/T123`.
  - In browser B, loaded `/T123`.
  - Made a comment as B.
  - Saw notification as A.
  - Mashed "Replay" a bunch.
  - Before patch: piles of duplicate notifications.
  - After patch: no duplicates.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T12564

Differential Revision: https://secure.phabricator.com/D17710
2017-04-17 15:55:38 -07:00
epriestley
02194f0fc8 After Aphlict reconnects, ask the server to replay recent messages
Summary:
Fixes T12563. If we've ever seen an "open", mark all future connections as reconnects. When we reconnect, replay recent history.

(Until duplicate messages (T12564) are handled better this may cause some notification duplication.)

Also emit a reconnect event (for T12566) but don't use it yet.

Test Plan: {F4912044}

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T12563

Differential Revision: https://secure.phabricator.com/D17708
2017-04-17 15:54:51 -07:00
epriestley
88157a9442 Hold recent messages in Aphlict so they can be replayed after clients reconnect
Summary:
Ref T12563. Before broadcasting messages from the server, store them in a history buffer.

A future change will let clients retrieve them.

Test Plan:
  - Used the web frontend to look at the buffer, reloaded over time, sent messages. Saw buffer size go up as I sent messages and fall after 60 seconds.
  - Set size to 4 messages, sent a bunch of messages, saw the buffer size max out at 4 messages.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T12563

Differential Revision: https://secure.phabricator.com/D17707
2017-04-17 15:53:58 -07:00
epriestley
1212047843 Add a "Reconnect" debugging action and show reconnect delays in the console
Summary: Ref T12568. Ref T12567. Allows you to force a reconnect, and shows the reconnect delay on connection close/failure.

Test Plan: {F4911879}

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T12568, T12567

Differential Revision: https://secure.phabricator.com/D17705
2017-04-17 15:51:24 -07:00
epriestley
f394fefe6f Add a very basic "Realtime" log to DarkConsole
Summary: Ref T12568. This begins building toward a more useful realtime debugging console for Leader/Aphlict/general realtime stuff.

Test Plan: {F4911521}

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T12568

Differential Revision: https://secure.phabricator.com/D17701
2017-04-17 15:46:31 -07:00
epriestley
6052bc1933 Extend "fulltext" and "ngrams" interfaces from "indexable" interface
Summary: Ref T8788. See D17702. This allows `bin/search index` to index stuff which only implements `Ngrams`, not `Fulltext`.

Test Plan: Kinda poked around `bin/search index` a bit, yell if you hit more issues deeper down the stack?

Reviewers: amckinley

Reviewed By: amckinley

Maniphest Tasks: T8788

Differential Revision: https://secure.phabricator.com/D17704
2017-04-17 12:59:41 -07:00
Chad Little
2d00f56837 Use PHUIListItemView in ConpherenceThreadList
Summary: Fixes T12556 Uses more common components in ConpherenceThreadList by moving to PHUIListItemView. Reduces clutter by moving privacy into the header. Gets ride of "See More" double interchanges.

Test Plan:
I need to test this more, doesn't seem to auto-select top room any more, also might build a lipsum generator.

 - Create lots of rooms with various policies
 - Test clicking on policy object
 - Click on different rooms
 - Post in rooms
 - Load up second account, see room numbers
 - Clear room message count by clicking on room

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: Korvin

Maniphest Tasks: T12556

Differential Revision: https://secure.phabricator.com/D17698
2017-04-17 11:21:49 -07:00
Austin McKinley
f801c7ae29 Change PhabricatorPhurlURLViewController to use EditEngine for commenting
Test Plan: Created a phurl, added some comments, confirmed that "Change Subscribers" and "Change Project Tags" are now available in the comment form.

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: chad, Korvin

Maniphest Tasks: T11661

Differential Revision: https://secure.phabricator.com/D17686
2017-04-17 10:19:21 -07:00
Chad Little
a56f9a1a55 Clean up remove participant language in Conpherence
Summary: Updates the language to use "Remove Participant" instead of "Banish User"

Test Plan: Read through the various cases, test them by removing myself or others

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: Korvin

Differential Revision: https://secure.phabricator.com/D17697
2017-04-15 16:07:54 +00:00
Chad Little
c1e8b394cc Fix join and remove policy checks for Conpherence
Summary:
I think these got munged when I removed CAN_JOIN.

 - If you can view the room, you can join it.
 - ~~If you can view the room, you can add others to it.~~ This rule adjustment was removed, see discussion on the revision.
 - If you are a participant in the room, you can remove yourself.
 - If you can edit a room, you can remove anyone.

Test Plan:
Normal feature set:

 - Create a new room that only I can edit, viewable by all users.
 - Leave room (bye k thx)
 - Create another room, myself only
 - Join room from second account
 - See ability to only remove myself
 - Remove myself
 - Rejoin
 - Add third account
 - Log into first account
 - Boot off randos
 - Test joining by green button, message, and by + sign.

Policy consistency:

  - As a user who can not edit the room, tried to add other members. Received policy exception. The `+` button is currently visible and enabled for all users (even users who have not joined the room) but this is pre-existing.

Reviewers: chad

Subscribers: Korvin

Differential Revision: https://secure.phabricator.com/D17696
2017-04-15 06:16:45 -07:00
epriestley
aec19d2acf Reduce code duplication in Phortune account controllers
Summary:
Ref T12451. This is a GREAT comment (A++) but we only need one copy of it.

This uses a pattern similar to Projects, which is a little weird but works well enough.

Test Plan:
  - Viewed all four tabs of an account.
  - Viewed a page with a bad account ID which 404'd properly.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T12451

Differential Revision: https://secure.phabricator.com/D17694
2017-04-14 10:24:56 -07:00
epriestley
7fbb5f2d92 Reduce some code duplication in PhortuneLandingController
Summary: Ref T12451. This code is the same as the other code.

Test Plan: Went through the default-account case with this code, worked the same as the other code.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T12451

Differential Revision: https://secure.phabricator.com/D17693
2017-04-14 10:24:32 -07:00
epriestley
505b1d8379 Fix member edit transaction validation so it works for both implicit and explicit account creation
Summary:
Ref T12451. Ref T12484. This should deal with all the `+` / `-` / `=` cases correctly, I think.

Also makes sure that members are real users, not commits or tokens or whatever. And expands the creation test case to make some other basic sanity checks.

Test Plan:
  - Went through implicit first-time creation flow.
  - Went through explicit second-time creation flow.
  - Unit test now passes.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T12484, T12451

Differential Revision: https://secure.phabricator.com/D17692
2017-04-14 10:24:15 -07:00
epriestley
71d933d496 Add a failing test case for new Phortune account initialization
Summary:
Ref T12451. Ref T12484. I think D17657 fixed this, but caused the bug in D17690. The fix for that causes this bug again.

Put a unit test on it. This test currently fails; I'll correct the bug in the next change.

Test Plan: Ran `arc unit`, saw a failure.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T12484, T12451

Differential Revision: https://secure.phabricator.com/D17691
2017-04-14 10:23:10 -07:00
epriestley
e1a8b5d3e9 Fix a bug where Phortune accounts created via "Create Account" would not have the viewer added as a member
Summary:
Ref T12451. When you explicitly created a second or third account or whatever, you wouldn't be added as a member.

(The editor sees that you're "already a member", so it doesn't add you.)

Test Plan:
  - Go to `/phortune/`.
  - Click "Switch Accounts".
  - Click "Create Account".
  - Create an account.
  - Before patch: unable to view it since you don't get added as a member.
  - After patch: account created with you as member.
  - Also created an accont with multiple members.
  - Tried to create an account with no members.
  - Tried to create an account with just someone else as a member.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T12451

Differential Revision: https://secure.phabricator.com/D17690
2017-04-14 10:22:54 -07:00
epriestley
7274e4857c Fix a bug where Phortune could fatal while building crumbs
Summary: Ref T12451. `$this->getAccount()` may not return an account.

Test Plan:
  - Visit `/phortune/X/`, where `X` is the ID of an account you don't have permission to view.
  - Before patch: fatal.
  - After patch: normal policy exception page.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T12451

Differential Revision: https://secure.phabricator.com/D17689
2017-04-14 10:22:42 -07:00
epriestley
1e43d57c81 When closing tasks with "Fixes xxx", try to act more authentically as the acting user
Summary:
Via HackerOne (<https://hackerone.com/reports/220909>). When we close commits in response to "Fixes Txxx", we currently act as the omnipotent user. This allows users to close tasks they can't see by pushing commits with "Fixes Txxx" in the message.

However, we can't actually tell who authored or committed a change: we're just using the "Author" and "Committer" values from Git in most cases, and anyone can forge those. So we can't really get this right, in a security sense.

(We can tell who //pushed// a change if we host it, but that's often not the right user. If GPG signing was more prevalent, we could use that. In the future, we could use side channels like having `arc land` tell Phabrcator who was pushing changes.)

Since I think the impact of this is fairly minor and this isn't //really// a security issue (more of a confusion/abuse/product issue) I think the behavior is okay more-or-less as-is, but we can do better when we do identify an author: drop permissions, and use their privileges to load the tasks which the commit "fixes".

This effectively implements this rule:

> If we identify the author of a commit as user X, that commit can only affect tasks which user X can see and edit.

Note that:

  - Commits which we can't identify the author for can still affect any task.
  - Any user can forge any other user's identity (or an invalid identity) and affect any task.

So this is just a guard rail to prevent mistakes by good-faith users who type the wrong task IDs, not a real security measure.

Also note that to perform this "attack" you must already have commit access to a repository (or permission to create a repository).

Test Plan:
  - Used `bin/repository reparse --message <commit> --force-autoclose` to run the relevant code.
  - Made the code `throw` before it actually applied the edit.
  - Verified that the edit was rejected if the author was recognized and can not see or could not edit the task.
  - Verified that the edit is accepted if the author can see+edit the task.
  - Verified that the edit is accepted if we can't figure out who the author is.

Reviewers: chad

Reviewed By: chad

Differential Revision: https://secure.phabricator.com/D17688
2017-04-14 08:03:46 -07:00
epriestley
69053a40f9 Dirty the SSH key cache when usernames change
Summary:
Fixes T12554. The SSH key cache contains usernames, but is not currently dirtied on username changes.

An alternative solution would be to use user PHIDs instead of usernames in the file, which would make this unnecessary, but that would make debugging a bit harder. For now, I think this small added complexity is worth the easier debugging, but we could look at this again if cache management gets harder in the future.

Test Plan:
  - Added a key as `ducksey`, ran `bin/ssh-auth`, saw key immediately.
  - Renamed `ducksey` to `ducker`, ran `bin/ssh-auth`, saw username change immediately.
  - Added another key as `ducker`, ran `bin/ssh-auth`, saw key immediately.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T12554

Differential Revision: https://secure.phabricator.com/D17687
2017-04-14 08:03:00 -07:00
Austin McKinley
980d6cb70b Add validation for config settings of type regex
Summary: Also fixes insufficiently-escaped regex examples

Test Plan: Made several changes to http://local.phacility.com/config/edit/syntax.filemap/ and observed validation failures on malformed regexes, and success on well-formed regexes.

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: Korvin

Maniphest Tasks: T12532

Differential Revision: https://secure.phabricator.com/D17684
2017-04-13 13:57:03 -07:00
Austin McKinley
bfffd807d6 Change syntax highlighting for custom phabricator dot configs
Test Plan:
Created new paste with title '.arcconfig' without choosing a language; observed that the paste gets highlighted as JSON.

JSON mode:
{F4901762}

Javascript mode:
{F4901763}

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: Korvin

Maniphest Tasks: T11667

Differential Revision: https://secure.phabricator.com/D17682
2017-04-13 13:55:33 -07:00
Chad Little
5587abf04c Remove recentParticipants from ConpherenceThread
Summary: We no longer display this any more in the UI, so go ahead and remove the callsites and db column.

Test Plan: New Room, with and without participants.

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: Korvin

Differential Revision: https://secure.phabricator.com/D17683
2017-04-13 13:55:08 -07:00
Austin McKinley
ce06a051a5 Remove old Countdown route
Summary: removes old phabricator.com/countdown/{id} route and code that uses that URL scheme

Test Plan: loaded phabricator.com/countdown, verified that generated links point to phabricator.com/CXXX

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: Korvin

Maniphest Tasks: T12524

Differential Revision: https://secure.phabricator.com/D17681
2017-04-13 13:04:55 -07:00
Chad Little
5c5d3c35a7 Convert date-marker to ModularTransaction in Conpherence
Summary: Swaps this transaction over.

Test Plan: Load up a few rooms with date markers, still render as expected.

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: Korvin

Maniphest Tasks: T12550

Differential Revision: https://secure.phabricator.com/D17680
2017-04-13 13:01:36 -07:00
Austin McKinley
d902d2ac6b Implement countdown.search and countdown.edit
Summary: adds new conduit methods for countdown.edit and countdown.search

Test Plan:
Search: {P2037}
Edit: {P2038}

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: Korvin

Maniphest Tasks: T12524

Differential Revision: https://secure.phabricator.com/D17679
2017-04-13 12:57:10 -07:00
Chad Little
4189eb810b Use violet with not-verified user tags
Summary: Will see how this goes in practice. Uses violet where color is used for non responsive peeps.

Test Plan: Create a user without email verification, test hover card, profile, mentions and lists.

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: Korvin

Differential Revision: https://secure.phabricator.com/D17678
2017-04-13 12:19:49 -07:00
Chad Little
2c5ee2a225 Fix Durable Column CSS-Overload
Summary: This moves the count on the Conpherence Menu Item into a phui-list-item-count, and removes the CSS call to the entire Conphrence stack when durable column is open.

Test Plan: Test with and without the chat column, and a menu with a count

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: Korvin

Differential Revision: https://secure.phabricator.com/D17677
2017-04-13 11:29:30 -07:00
Austin McKinley
9d56a3d86e Reimplement Countdown transactions using Modular Transaction framework
Test Plan: owls

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: Korvin

Differential Revision: https://secure.phabricator.com/D17671
2017-04-13 10:53:57 -07:00
Chad Little
3d6049d0da Remove CAN_JOIN policy from Conpherence
Summary: Fixes T12178, Fixes T11704 Not sure this feature gets any use and I can't find a similar option in other software, so removing it I think simiplifies a number of things. Removes CAN_JOIN and joinable is basically now CAN_VIEW and !$participating. Also removed some old transaction strings for other policies. Don't seem used.

Test Plan: Create a new room, edit room policies, see changes. Log into second account, search for rooms, everything now is visible.

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: Korvin

Maniphest Tasks: T12178, T11704

Differential Revision: https://secure.phabricator.com/D17675
2017-04-13 09:19:50 -07:00
Chad Little
03f2a41b16 Clean up Conpherence Transactions and notifications
Summary: Does a few things. Turns off feed stories (again), removes "action" transactions from notificiations, and only updates message count on actual messages. This feels a bit cleaner and less spammy... I guess... I think @epriestley will really like it and do me a favor or something.

Test Plan: Pull up two windows. test a message, see message count on second screen. Edit a topic or title, get no notification. At all. Ever.

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: Korvin, epriestley

Differential Revision: https://secure.phabricator.com/D17674
2017-04-13 07:20:15 -07:00
epriestley
ada9046e31 Fix a fulltext search issue where finding token length and stopwords could fail
Summary:
Ref T12137. If a database is missing the InnoDB or MyISAM table engines, the big combined query to get both will fail.

Instead, try InnoDB first and then MyISAM.

(I have both engines locally so this worked until I deployed it.)

Test Plan: Faked an InnoDB error like `secure`, got a MyISAM result.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T12137

Differential Revision: https://secure.phabricator.com/D17673
2017-04-12 19:22:46 -07:00
epriestley
3245e74f16 Show users how fulltext search queries are parsed and executed; don't query stopwords or short tokens
Summary:
Depends on D17670. Fixes T12137. Fixes T12003. Ref T2632.

This shows users a readout of which terms were actually searched for.

This also drops those terms from the query we submit to the backend, dodging the weird behaviors / search engine bugs in T12137.

This might need some design tweaking.

Test Plan: {F4899825}

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T12137, T12003, T2632

Differential Revision: https://secure.phabricator.com/D17672
2017-04-12 19:07:54 -07:00
epriestley
cb49acc2ca Update Phabricator to use intermediate tokens from the query compiler
Summary:
Depends on D17669. Ref T12137. Ref T12003. Ref T2632. Ref T7860.

Converts Phabricator to the new parse + compile workflow with intermediate tokens.

Also fixes a bug where searches for `cat"` or similar (unmatched quotes) wouldn't produce a nice exception.

Test Plan:
  - Fulltext searched.
  - Fulltext searched in Conpherence.
  - Fulltext searched with bad syntax.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T12137, T12003, T7860, T2632

Differential Revision: https://secure.phabricator.com/D17670
2017-04-12 19:07:33 -07:00
epriestley
4bf968148c Fix pagination of fulltext search results
Summary:
Fixes T8285. Fulltext search relies on an underlying engine which can not realistically use cursor paging. This is unusual and creates some oddness.

Tweak a few numbers -- and how offsets are handled -- to separate the filtered offset and unfiltered offset.

Test Plan:
  - Set page size to 2.
  - Ran a query.
  - Paged forward and backward through results sensibly, seeing the full result set.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T8285

Differential Revision: https://secure.phabricator.com/D17667
2017-04-12 17:57:46 -07:00
Chad Little
a7ebfc12c0 Modernize Conpherence with Modular Transactions
Summary: Begin converting Conpherence to ModularTransactions, this converts title, topic, and picture to use modular transactions. Participants seems hairy so I'll do that in another diff

Test Plan: Create a room with a topic, change room name, topic. Add people, remove people. Set a room image. Unset topic.

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: Korvin

Differential Revision: https://secure.phabricator.com/D17668
2017-04-12 16:33:57 -07:00
Chad Little
a9845b0b1d Remove picture crop transaction from Conpherence
Summary: Fixes T11730. Removes an old transaction that hasn't been used in a year.

Test Plan: Run sql, check various rooms.

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: Korvin

Maniphest Tasks: T11730

Differential Revision: https://secure.phabricator.com/D17666
2017-04-12 14:18:54 -07:00
Austin McKinley
c6c25b055b Cleanup Countdown manual construction of monograms/uris
Summary: looked for places where Countdown monograms/uris were being constructed by hand, and updated with modern versions

Test Plan: clicked around the Countdown UI, looking for broken links

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: chad, Korvin

Maniphest Tasks: T12524

Differential Revision: https://secure.phabricator.com/D17665
2017-04-12 13:33:19 -07:00
Chad Little
6bf595b951 Check is viewer is a participant before showing count
Summary: In Conpherence ProfileMenuItem we show an unread count if you're a participant, but all message count if you're not. Just remove that.

Test Plan: Log out of room in Conpherence, leave messages on second account, check menu item on both accounts.

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: Korvin

Differential Revision: https://secure.phabricator.com/D17664
2017-04-12 13:27:07 -07:00
Chad Little
75303567b3 Add a Conpherence Profile Menu Item
Summary: Builds a Conpherence Profile Menu Item, complete with counts for the unreads. This allows pinning to home as well as swapping out thread list in Conpherence for pinning eventually.

Test Plan: Add a menu item, chat in room, log into other account, see room count. Room count disappears after viewing.

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: Korvin

Differential Revision: https://secure.phabricator.com/D17662
2017-04-12 13:07:44 -07:00
Chad Little
099c90e7ec Remove "First Message" from New Conpherence Room workflow
Summary: Removes this feature, makes creating a room simpler and less confusing.

Test Plan: Create a room on Conpherence.

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: Korvin

Differential Revision: https://secure.phabricator.com/D17661
2017-04-12 09:15:50 -07:00
Chad Little
cd7547dc57 Update UI for PhortuneAccount
Summary: Primarily, this splits individual sections of the single account page into a more managable and robust sidenav for subscriptions, billing, and managers. The functionality on the subpages is light, but I expect to build on then in coming diffs. This also starts building out a more effective "status" area on the lead page.

Test Plan:
- Load up default account
- Make some edits
- Click on each of the new navigation items
- Verify links to "see all" work
- Test overdue and no payment states for status

{F4337317}

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: Korvin

Differential Revision: https://secure.phabricator.com/D17589
2017-04-11 16:54:58 -07:00
Austin McKinley
6886e9c12d Remove "Destroy" action for Countdown objects
Summary: fixes T12523

Test Plan:
- view Countdown edit screen, Destroy action missing
- checked that `./bin/remove destroy <some-countdown-phid>` removes the DB rows as expected

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: Korvin

Maniphest Tasks: T12523

Differential Revision: https://secure.phabricator.com/D17659
2017-04-11 16:52:35 -07:00
Chad Little
149c1a6de7 Correctly initialize new PhortuneAccount automatically
Summary: There is currently a validation error triggered if you initialize a new account without a member set. I think this is the correct fix, but let me know.

Test Plan: truncate phortune_account database, navigate to phortune, see account automatically created to "Default Account".

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: Korvin

Differential Revision: https://secure.phabricator.com/D17657
2017-04-11 22:46:40 +00:00
epriestley
eeef60a678 Update "bin/policy show" to use PolicyCodex
Summary: Fixes T12541. `describeAutomaticCapability()` is no longer required to implement `PolicyInterface`. Use PolicyCodex instead.

Test Plan: {F4889642}

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T12541

Differential Revision: https://secure.phabricator.com/D17658
2017-04-11 15:21:18 -07:00
Chad Little
58a127f2f9 Update Phortune Merchant UI
Summary: Builds out Phortune Merchant pages to have a sidenav and sub-pages for further expansion. For now this links Orders and Subscriptions to the query engine pages, but could be split out to be more informative (unpaid, upcoming, etc).

Test Plan:
Create a new merchant, edit some information, add a manager in new UI, edit logo, click through to subscriptions, orders.

{F4883013}

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: Korvin

Differential Revision: https://secure.phabricator.com/D17655
2017-04-11 14:36:49 -07:00
Chad Little
5dd18a7ec1 Modernize PhortuneAccount with EditEngine/Modular Transactions
Summary: This updates the backend of PhortuneAccount to use EditEngine and Modular Transactions and updates language to "account manager" for clarity of role.

Test Plan:
- Wiped `phortune_account` table
- Visit Phortune, see new account automatically created.
- Edit name and managers
- Try to set no name or remove myself as a manager, get error messages
- Visit `/phortune/` and create another new account

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: Korvin

Differential Revision: https://secure.phabricator.com/D17585
2017-04-11 12:33:15 -07:00
epriestley
21709a2bbc Remove 'isPartial' parameter with no effect
Summary: Fixes T12536. Nothing reads this parameter; `PhabricatorFile::newChunkedFile` sets the `isPartial` flag automatically.

Test Plan: Grepped for `isPartial`.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T12536

Differential Revision: https://secure.phabricator.com/D17654
2017-04-11 11:29:23 -07:00
epriestley
af1d494d66 Fix an issue where rejecting reviewers weren't powerful enough
Summary:
Previously, "reject" and "reject older" were separate statuses. Now, they're both shades of "reject".

Set the "older reject" flag properly when we find a non-current reject.

Test Plan:
  - User A accepts a revision.
  - User B rejects it.
  - Author updates it.
  - Before patch: incorrectly transitions to "accepted" ("older" reject is ignored).
  - After patch: correctly transitions to "needs review".

Reviewers: chad

Reviewed By: chad

Differential Revision: https://secure.phabricator.com/D17653
2017-04-11 09:54:34 -07:00
Chad Little
28941b3105 Update PhortuneMerchant to Modular Transactions
Summary: Modernize PhortuneMerchant for Modular Transactions. Also changed the language of "Members" to "Managers", which I think fits better given the power/capability.

Test Plan:
- Create a new Merchant
- Test not filling in a name, see error
- Test removing myself, see error
- Edit an existing Merchant
- Add new managers
- Test removing myself, see error
- Replace Picture
- Update various fields, contact info, email, footer
- Verify transactions are now nice and pretty

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: Korvin

Differential Revision: https://secure.phabricator.com/D17584
2017-04-11 09:32:12 -07:00
epriestley
26d6096e0a When reviewing, always show "Accept" checkboxes for packages/projects, even if there's only one checkbox
Summary: Fixes T12533.

Test Plan: {F4853371}

Reviewers: chad, lvital

Reviewed By: lvital

Maniphest Tasks: T12533

Differential Revision: https://secure.phabricator.com/D17652
2017-04-10 17:28:02 -07:00
epriestley
a7a068f84c Correct two parameter strictness issues with file uploads
Summary:
Fixes T12531. Strictness fallout from adding typechecking in D17616.

  - `chunkedHash` is not a real parameter, so the new typechecking was unhappy about it.
  - `mime-type` no longer allows `null`.

Test Plan:
  - Ran `arc upload --conduit-uri ... 12MB.zero` on a 12MB file full of zeroes.
  - Before patch: badness, failure, fallback to one-shot uploads.
  - After patch: success and glory.

Reviewers: chad

Subscribers: joshuaspence

Maniphest Tasks: T12531

Differential Revision: https://secure.phabricator.com/D17651
2017-04-10 16:01:15 -07:00
epriestley
49132b884b Sell Yellow! Buy Indigo!
Summary: Fixes T12504. Replaces all tags with indigo.

Test Plan: {F4849487}

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T12504

Differential Revision: https://secure.phabricator.com/D17649
2017-04-10 15:01:10 -07:00
Chad Little
4a84954957 Prevent Send on Enter in Fullscreen Remarkup Mode
Summary: Fixes T12138. Test for the presence of being in fullscreen mode, and disable send on enter if present. Side note, I'd love a first class "hasClass" type Javelin function.

Test Plan:
- Go to Conpherence
- Type some smack, see it send on enter
- Go fullscreen like a boss
- Let the words flow
- Close fullscreen, then send on enter.
- (might be nice someday to add a "submit" button to fullscreen editor)

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: Korvin

Maniphest Tasks: T12138

Differential Revision: https://secure.phabricator.com/D17590
2017-04-10 14:39:50 -07:00
epriestley
00a1dec7a6 Render timezones in event reminder mail, and render them more nicely
Summary:
Fixes T12356.

  - In this mail, we currently render "6:00 AM". Instead, render "6:00 AM (PDT)" or similar. This is consistent with times in other modern Transaction mail.
  - Previously, we would render "UTC-7". Render "PDT" instead. For obscure zones with no known timezone abbreviation, fall back to "UTC-7".

Test Plan:
  - Used `bin/calendar notify --minutes X` to trigger notifications, read email bodies.
  - Used this script to list all `T` values and checked them for sanity:

```lang=php
<?php

$now = new DateTime();

$locales = DateTimeZone::listIdentifiers();
foreach ($locales as $locale) {
  $zone = new DateTimeZone($locale);
  $now->setTimeZone($zone);

  printf(
    "%s (%s)\n",
    $locale,
    $now->format('T'));
}
```

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T12356

Differential Revision: https://secure.phabricator.com/D17646
2017-04-10 08:48:37 -07:00
epriestley
50e809e06f Fix an issue where recurring ghost events could go missing if queried with a limit
Summary:
Ref T11816. Depends on D17644. When you executed a query like "upcoming, limit 5 events" you might match some recurring events starting from, say, a year ago and repeating every month.

We'd then generate the first 5 ghosts for these events (say, last January, February, ... May) and later throw them out, so the correct events in the query window (say, this April) would never get generated.

Instead, generate ghosts beginning with the start of the window. The fix in D17644 to number results correctly allows us to do this.

Test Plan:
  - Made a query panel showing 5 events, scheduled an event long in the past, did not visit any of the instances of it so they didn't generate concrete objects.
  - Before the patch, near-future instances failed to show; after the patch, they show.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T11816

Differential Revision: https://secure.phabricator.com/D17645
2017-04-10 08:48:21 -07:00
epriestley
ab06a9681c Fix two issues with user Calendar event availability cache display
Summary:
Ref T11816. Two minor issues:

  - We used `$event`, not `$next_event`, as the event providing the PHID for "Busy at <event name>". This rendered "Busy at <most future event>" on the profile instead of "Busy at <next upcoming event".
  - The TTL computation used the event start, not the event end, so we could end up rebuilding the cache too often for users busy at an event.

Test Plan:
  - Attended an event in the near future and one later on.
  - Saw profile now say "busy at <near future event>" correctly.
  - In DarkConsole "Services" tab, no longer saw unnecessary cache refills while attending an event.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T11816

Differential Revision: https://secure.phabricator.com/D17643
2017-04-10 08:47:27 -07:00
epriestley
7707685733 Fix two strings with missing pht()
Summary: Fixes T12517.

Test Plan: Viewed Config application; viewed repository list.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T12517

Differential Revision: https://secure.phabricator.com/D17639
2017-04-07 10:07:01 -07:00
Rabah Meradi
0bf106eeea Fix 4 typos in code
Summary: Fixes T12516

Test Plan: grep for those typos

Reviewers: #blessed_reviewers, epriestley

Reviewed By: #blessed_reviewers, epriestley

Subscribers: epriestley, PHID-OPKG-gm6ozazyms6q6i22gyam

Maniphest Tasks: T12516

Differential Revision: https://secure.phabricator.com/D17638
2017-04-07 04:09:56 -07:00
epriestley
9856802ba2 Disallow /source/ in robots.txt
Summary: Ref T4245. We disallow `/diffusion/` in robots.txt already because indexers tend to get lost blaming every line of every file throughout history, but didn't update the list for the `/source/` alias. Update it.

Test Plan: Visited `/robots.txt` locally.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T4245

Differential Revision: https://secure.phabricator.com/D17637
2017-04-06 16:28:09 -07:00
epriestley
3d816e94df Rename "PhabricatorHash::digest()" to "weakDigest()"
Summary: Ref T12509. This encourages code to move away from HMAC+SHA1 by making the method name more obviously undesirable.

Test Plan: `grep`, browsed around.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T12509

Differential Revision: https://secure.phabricator.com/D17632
2017-04-06 15:43:33 -07:00
epriestley
3a3626834e Replace Remarkup calls to PhabricatorHash::digest() with SHA256
Summary:
Ref T12509. Many of the calls to HMAC+SHA1 are just to compute cachekeys for remarkup objects.

Make these use HMAC+SHA256 instead. There is no downside to swapping these since they just cause a cache miss in the worst case.

I also plan to get rid of `PhabricatorMarkupInterface` eventually, but this doesn't go that far.

Test Plan: Browsed some different types of documents (tasks, legalpad documents, phame blogs / posts, pholio mocks, etc).

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T12509

Differential Revision: https://secure.phabricator.com/D17631
2017-04-06 15:43:18 -07:00
epriestley
d450a08890 Support HMAC+SHA256 with automatic key generation and management
Summary:
Ref T12509. This adds support for HMAC+SHA256 (instead of HMAC+SHA1). Although HMAC+SHA1 is not currently broken in any sense, SHA1 has a well-known collision and it's good to look at moving away from HMAC+SHA1.

The new mechanism also automatically generates and stores HMAC keys.

Currently, HMAC keys largely use a per-install constant defined in `security.hmac-key`. In theory this can be changed, but in practice essentially no install changes it.

We generally (in fact, always, I think?) don't use HMAC digests in a way where it matters that this key is well-known, but it's slightly better if this key is unique per class of use cases. Principally, if use cases have unique HMAC keys they are generally less vulnerable to precomputation attacks where an attacker might generate a large number of HMAC hashes of well-known values and use them in a nefarious way. The actual threat here is probably close to nonexistent, but we can harden against it without much extra effort.

Beyond that, this isn't something users should really have to think about or bother configuring.

Test Plan:
  - Added unit tests.
  - Used `bin/files integrity` to verify, strip, and recompute hashes.
  - Tampered with a generated HMAC key, verified it invalidated hashes.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T12509

Differential Revision: https://secure.phabricator.com/D17630
2017-04-06 15:42:59 -07:00
epriestley
08a4225437 Provide "bin/files integrity" for debugging, maintaining and backfilling integrity hashes
Summary:
Ref T12470. Provides an "integrity" utility which runs in these modes:

  - Verify: check that hashes match.
  - Compute: backfill missing hashes.
  - Strip: remove hashes. Useful for upgrading across a hash change.
  - Corrupt: intentionally corrupt hashes. Useful for debugging.
  - Overwrite: force hash recomputation.

Users normally shouldn't need to run any of this stuff, but this provides a reasonable toolkit for managing integrity hashes.

I'll recommend existing installs use `bin/files integrity --compute all` in the upgrade guidance to backfill hashes for existing files.

Test Plan:
  - Ran the script in many modes against various files, saw expected operation, including:
  - Verified a file, corrupted it, saw it fail.
  - Verified a file, stripped it, saw it have no hash.
  - Stripped a file, computed it, got a clean verify.
  - Stripped a file, overwrote it, got a clean verify.
  - Corrupted a file, overwrote it, got a clean verify.
  - Overwrote a file, overwrote again, got a no-op.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T12470

Differential Revision: https://secure.phabricator.com/D17629
2017-04-06 15:42:43 -07:00
epriestley
845a7d8716 Allow the PullLocal daemon to actually hibernate
Summary:
Ref T12298. The PullLocal daemon has had hibernation code for a little while, but it never actually activated because we don't sleep for more than 15 seconds in any case.

Add a maximum sleep instead and use that to control the longest sleep we'll do for hibernation purposes.

Also, when a repository or repository URI is edited, write a NEEDS_UPDATE event into the message table to make sure the daemons de-hibernate.

Test Plan: Used `bin/phd debug pull`, saw the daemon actually hibernate instead of just sleeping for 15 seconds.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T12298

Differential Revision: https://secure.phabricator.com/D17635
2017-04-06 15:41:19 -07:00
epriestley
f1eeaaf59f Fix scope of "Accept" when you don't check all the "Force Accept" boxes
Summary:
Ref T12272. I wrote this correctly, then broke it by adding the simplification which treats "accept the defaults" as "accept everything".

This simplification lets us render "epriestley accepted this revision." instead of "epriestley accepted this revision onbehalf of: long, list, of, every, default, reviewer, they, have, authority, over." so it's a good thing, but make it only affect the reviewers it's supposed to affect.

Test Plan:
  - Did an accept with a force-accept available but unchecked.
  - Before patch: incorrectly accepted all possible reviewers.
  - After patch: accepted only checked reviewers.
  - Also checked the force-accept box, accepted, got a proper force-accept.

Reviewers: chad, lvital

Reviewed By: lvital

Maniphest Tasks: T12272

Differential Revision: https://secure.phabricator.com/D17634
2017-04-06 15:03:32 -07:00
epriestley
cefbdbcffe Provide a "Reviewers" attachment to "differential.revision.search"
Summary: Allow API callers to retrieve reviewer information via a new "reviewers" attachment.

Test Plan: {F4675784}

Reviewers: chad, lvital

Reviewed By: lvital

Subscribers: lvital

Differential Revision: https://secure.phabricator.com/D17633
2017-04-06 14:46:39 -07:00
epriestley
2f4ff6a850 Fix bad "editPolicy" key in Paste
Summary: Fixes T12508. Files don't have an `editPolicy`, and we started actually checking that the keys are real things in D17616.

Test Plan:
  - Before patch: created a paste, got an "editPolicy" exception.
  - After patch: created a paste that worked properly.

Reviewers: avivey, chad

Reviewed By: avivey

Maniphest Tasks: T12508

Differential Revision: https://secure.phabricator.com/D17628
2017-04-05 13:09:51 -07:00
epriestley
d1a971e221 Support "Range: bytes=123-" requests
Summary:
Ref T12219. We currently only support Range requests like "bytes=123-456", but "bytes=123-", meaning "until end of file", is valid, and Chrome can send these requests.

I suspect this is the issue with T12219.

Test Plan: Used `nc local.phacility.com 80` to pipe raw requests, saw both "bytes=123-456" and "bytes=123-" requests satisfied correctly.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T12219

Differential Revision: https://secure.phabricator.com/D17626
2017-04-05 11:25:44 -07:00
epriestley
63828f5806 Store and verify content integrity checksums for files
Summary:
Ref T12470. This helps defuse attacks where an adversary can directly take control of whatever storage engine files are being stored in and change data there. These attacks would require a significant level of access.

Such attackers could potentially attack ranges of AES-256-CBC encrypted files by using Phabricator as a decryption oracle if they were also able to compromise a Phabricator account with read access to the files.

By storing a hash of the data (and, in the case of AES-256-CBC files, the IV) when we write files, and verifying it before we decrypt or read them, we can detect and prevent this kind of tampering.

This also helps detect mundane corruption and integrity issues.

Test Plan:
  - Added unit tests.
  - Uploaded new files, saw them get integrity hashes.
  - Manually corrupted file data, saw it fail. Used `bin/files cat --salvage` to read it anyway.
  - Tampered with IVs, saw integrity failures.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T12470

Differential Revision: https://secure.phabricator.com/D17625
2017-04-05 11:12:31 -07:00
epriestley
45fc4f6f64 Iterate over ranges correctly for encryped files
Summary:
Fixes T12079. Currently, when a file is encrypted and a request has "Content-Range", we apply the range first, //then// decrypt the result. This doesn't work since you can't start decrypting something from somewhere in the middle (at least, not with our cipher selection).

Instead: decrypt the result, //then// apply the range.

Test Plan: Added failing unit tests, made them pass

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T12079

Differential Revision: https://secure.phabricator.com/D17623
2017-04-05 09:56:30 -07:00
epriestley
f70ff34d97 Fix a copy/paste typo with sticky accept
The root issue here is actually just that I cherry-picked stable locally
but did not push it. However, this is a minor issue I also caught while
double-checking things.

Auditors: chad
2017-04-04 18:33:59 -07:00
epriestley
58011a4e8e Upgrade File content hashing to SHA256
Summary:
Ref T12464. This defuses any possible SHA1-collision attacks by using SHA256, for which there is no known collision.

(SHA256 hashes are larger -- 256 bits -- so expand the storage column to 64 bytes to hold them.)

Test Plan:
  - Uploaded the same file twice, saw the two files generate the same SHA256 content hash and use the same underlying data.
  - Tried with a fake hash algorihtm ("quackxyz") to make sure the failure mode worked/degraded correctly if we don't have SHA256 for some reason. Got two valid files with two copies of the same data, as expected.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T12464

Differential Revision: https://secure.phabricator.com/D17620
2017-04-04 16:23:08 -07:00
epriestley
440ef5b7a7 Remove SHA1 file content hashing and make Files work without any hashing
Summary:
Ref T12464. We currently use SHA1 to detect when two files have the same content so we don't have to store two copies of the data.

Now that a SHA1 collision is known, this is theoretically dangerous. T12464 describes the shape of a possible attack.

Before replacing this with something more robust, shore things up so things work correctly if we don't hash at all. This mechanism is entirely optional; it only helps us store less data if some files are duplicates.

(This mechanism is also less important now than it once was, before we added temporary files.)

Test Plan: Uploaded multiple identical files, saw the uploads work and the files store separate copies of the same data.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T12464

Differential Revision: https://secure.phabricator.com/D17619
2017-04-04 16:22:10 -07:00
epriestley
1e181f0781 Deprecate "file.uploadhash"
Summary:
Ref T12464. This is a very old method which let you create a file on the server by referring to data which already existed in another file.

Basically, long ago, `arc` could say "Do you already have a file with hash X?" and just skip some work if the server did.

`arc` has not called this method since D13017, in May 2015.

Since it's easy to do so, just make this method pretend that it never has the file. Very old clients will continue to work, since they would expect this response in the common case and continue by uploading data.

Test Plan:
  - Grepped for `uploadhash` in Phabricator and Arcanist.
  - Called the method with the console, verified it returned `null`.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T12464

Differential Revision: https://secure.phabricator.com/D17618
2017-04-04 16:18:26 -07:00
epriestley
873b39be82 Remove PhabricatorFile::buildFromFileDataOrHash()
Summary:
Ref T12464. This is a very old method which can return an existing file instead of creating a new one, if there's some existing file with the same content.

In the best case this is a bad idea. This being somewhat reasonable predates policies, temporary files, etc. Modern methods like `newFromFileData()` do this right: they share underlying data in storage, but not the actual `File` records.

Specifically, this is the case where we get into trouble:

  - I upload a private file with content "X".
  - You somehow generate a file with the same content by, say, viewing a raw diff in Differential.
  - If the diff had the same content, you get my file, but you don't have permission to see it or whatever so everything breaks and is terrible.

Just get rid of this.

Test Plan:
  - Generated an SSH key.
  - Viewed a raw diff in Differential.
  - (Did not test Phragment.)

Reviewers: chad

Reviewed By: chad

Subscribers: hach-que

Maniphest Tasks: T12464

Differential Revision: https://secure.phabricator.com/D17617
2017-04-04 16:18:00 -07:00
epriestley
45b386596e Make the Files "TTL" API more structured
Summary:
Ref T11357. When creating a file, callers can currently specify a `ttl`. However, it isn't unambiguous what you're supposed to pass, and some callers get it wrong.

For example, to mean "this file expires in 60 minutes", you might pass either of these:

  - `time() + phutil_units('60 minutes in seconds')`
  - `phutil_units('60 minutes in seconds')`

The former means "60 minutes from now". The latter means "1 AM, January 1, 1970". In practice, because the GC normally runs only once every four hours (at least, until recently), and all the bad TTLs are cases where files are normally accessed immediately, these 1970 TTLs didn't cause any real problems.

Split `ttl` into `ttl.relative` and `ttl.absolute`, and make sure the values are sane. Then correct all callers, and simplify out the `time()` calls where possible to make switching to `PhabricatorTime` easier.

Test Plan:
- Generated an SSH keypair.
- Viewed a changeset.
- Viewed a raw diff.
- Viewed a commit's file data.
- Viewed a temporary file's details, saw expiration date and relative time.
- Ran unit tests.
- (Didn't really test Phragment.)

Reviewers: chad

Reviewed By: chad

Subscribers: hach-que

Maniphest Tasks: T11357

Differential Revision: https://secure.phabricator.com/D17616
2017-04-04 16:16:28 -07:00
epriestley
2896da384c Only require POST to fetch file data if the viewer is logged in
Summary:
Ref T11357. In D17611, I added `file.search`, which includes a `"dataURI"`. Partly, this is building toward resolving T8348.

However, in some cases you can't GET this URI because of a security measure:

  - You have not configured `security.alternate-file-domain`.
  - The file isn't web-viewable.
  - (The request isn't an LFS request.)

The goal of this security mechanism is just to protect against session hijacking, so it's also safe to disable it if the viewer didn't present any credentials (since that means there's nothing to hijack). Add that exception, and reorganize the code a little bit.

Test Plan:
  - From the browser (with a session), tried to GET a binary data file. Got redirected.
  - Got a download with POST.
  - From the CLI (without a session), tried to GET a binary data file. Go a download.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T11357

Differential Revision: https://secure.phabricator.com/D17613
2017-04-04 16:16:01 -07:00
epriestley
2369fa38e1 Provide a modern ("v3") API for querying files ("file.search")
Summary: Ref T11357. Implements a modern `file.search` for files, and freezes `file.info`.

Test Plan: Ran `file.search` from the Conduit console.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T11357

Differential Revision: https://secure.phabricator.com/D17612
2017-04-04 16:15:36 -07:00
epriestley
260a08a128 Move Files editing and commenting to EditEngine
Summary:
Ref T11357. This moves editing and commenting (but not creation) to EditEngine.

Since only the name is really editable, this is pretty straightforward.

Test Plan: Renamed files; commented on files.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T11357

Differential Revision: https://secure.phabricator.com/D17611
2017-04-04 16:15:11 -07:00
epriestley
8500f78e45 Move Files to ModularTransactions
Summary: Ref T11357. A lot of file creation doesn't go through transactions, so we only actually have one real transaction type: editing a file name.

Test Plan:
Created and edited files.

{F4559287}

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T11357

Differential Revision: https://secure.phabricator.com/D17610
2017-04-04 10:25:05 -07:00
epriestley
5e44711218 Provide a missing feed transaction string for space creation
Summary:
Fixes T12502. This transaction probably should not be getting picked for feed rendering, but it currently does get selected in some cases.

This should probably be revisited eventually (e.g., when Maniphest moves to ModularTransactions) but just fix the brokenness for now.

Test Plan:
  - Created a task in a space.
  - Viewed feed.
  - Saw the story render with readable text.

{F4555747}

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T12502

Differential Revision: https://secure.phabricator.com/D17609
2017-04-04 10:24:11 -07:00
epriestley
9ebb5f8cda Don't downgrade accepts on update (fix "sticky accept")
Summary:
Fixes T12496. Sticky accept was accidentally impacted by the "void" changes in D17566.

Instead, don't always downgrade all accepts/rejects: on update, we only want to downgrade accepts.

Test Plan:
  - With sticky accept off, updated an accepted revision: new state is "needs review".
  - With sticky accept on, updated an accepted revision: new state is "accepted" (sticky accept working correctly).
  - Did "reject" + "request review" to make sure that still works, worked fine.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T12496

Differential Revision: https://secure.phabricator.com/D17605
2017-04-03 09:55:22 -07:00
epriestley
163e1ec442 Expose the commit/task/revision relationship edges to "edge.search"
Summary: Fixes T12480.

Test Plan: {F4465908}

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T12480

Differential Revision: https://secure.phabricator.com/D17604
2017-04-02 19:49:55 -07:00
epriestley
009aff1a23 Return task descriptions from "maniphest.search"
Summary:
Fixes T12461. This returns the field as a dictionary with a `"raw"` value, so we could eventually do this if we want without breaking the API:

```
{
  "type": "remarkup",
  "raw": "**raw**",
  "html": "<strong>raw</strong>",
  "text": "raw"
}
```

Test Plan: Called `maniphest.search`, reviewed output.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T12461

Differential Revision: https://secure.phabricator.com/D17603
2017-04-02 17:44:22 -07:00
epriestley
7e6f37fffb Rename "ElasticSearch" filenames to "Elasticsearch" (2/2)
Sometimes git does some odd magic on case-insensitive filesystems, try to
trick it.

Auditors: chad
2017-04-02 14:59:36 -07:00
epriestley
a9e2732a5c Spell "Elasticsearch" correctly, not "ElasticSearch"
Summary: Ref T12450. These are like 95% my fault, but Elastic appears to spell the name "Elasticsearch" consistently in their branding.

Test Plan: `grep ElasticSearch`

Reviewers: chad, 20after4

Maniphest Tasks: T12450

Differential Revision: https://secure.phabricator.com/D17601
2017-04-02 14:58:59 -07:00
epriestley
0f144d29e9 When "cluster.search" changes, don't trust the old index versions
Summary:
Ref T12450. We track a "document version" for updating search indexes, so that if a document is rapidly updated many times in a row we can skip most of the work.

However, this version doesn't consider "cluster.search" configuration, so if you add a new service (like a new ElasticSearch host) we still think that every document is up-to-date. When you run `bin/search index` to populate the index (without `--force`), we just do nothing.

This isn't necessarily very obvious. D17597 makes it more clear, by printing "everything was skipped and nothing happened" at the end.

Here, fix the issue by considering the content of "cluster.search" when computing fulltext document versions: if you change `cluster.search`, we throw away the version index and reindex everything.

This is slightly more work than we need to do, but changes to "cluster.search" are rare and this is much easier than trying to individually track which versions of which documents are in which services, which probably isn't very useful anyway.

Test Plan:
  - Ran `bin/search index --type project`, saw everything get skipped.
  - Changed `cluster.search`.
  - Ran `search index` again, saw everything get updated.
  - Ran a third time without changing `cluster.search`, everything was properly skipped.

Reviewers: chad, 20after4

Reviewed By: 20after4

Maniphest Tasks: T12450

Differential Revision: https://secure.phabricator.com/D17598
2017-04-02 13:45:48 -07:00
epriestley
bd93978200 Count and report skipped documents from "bin/search index"
Summary:
Ref T12450. There's currently a bad behavior where inserting a document into one search service marks it as up to date everywhere.

This isn't nearly as obvious as it should be because `bin/search index` doesn't make it terribly clear when a document was skipped because the index version was already up to date.

When running `bin/seach index` without `--force` or `--background`, keep track of updated vs not-updated documents and print out some guidance. In other configurations, try to provide more help too.

Test Plan: {F4452134}

Reviewers: chad, 20after4

Reviewed By: 20after4

Maniphest Tasks: T12450

Differential Revision: https://secure.phabricator.com/D17597
2017-04-02 13:45:30 -07:00
epriestley
6d81675032 Remove "url" from Elasticsearch index
Summary:
Ref T12450. This was added a very very long time ago (D2298).

I don't want to put this in the upstream index anymore because I don't want to encourage third parties to develop software which reads the index directly. Reading the index directly is a big skeleton key which bypasses policy checks.

This was added before much of the policy model existed, when that wasn't as much of a concern. On a tecnhnical note, this also doesn't update when `phabricator.base-uri` changes.

This can be written as a search index extension if an install relies on it for some bizarre reason, although none should and I'm unaware of any actual use cases in the wild for it, even at Facebook.

Test Plan: Indexed some random stuff into ElasticSearch.

Reviewers: chad, 20after4

Reviewed By: chad

Maniphest Tasks: T12450

Differential Revision: https://secure.phabricator.com/D17600
2017-04-02 13:26:45 -07:00
epriestley
64234535e3 Remove FIELD_KEYWORDS, index project slugs as body content
Summary:
D17384 added a "keywords" field but only partially implemented it.

  - Remove this field.
  - Index project slugs as part of the document body instead.

Test Plan:
  - Ran `bin/search index PHID-PROJ-... --force`.
  - Found project by searching for a unique slug.

Reviewers: chad, 20after4

Reviewed By: chad

Differential Revision: https://secure.phabricator.com/D17596
2017-04-02 09:36:32 -07:00
Chad Little
7ab4e7dbce Allow Owner Packages to be in a Dashboard Panel
Summary: Ref T12324. Add back Owners.

Test Plan: read carefully

Reviewers: epriestley, eadler

Reviewed By: eadler

Subscribers: Korvin

Maniphest Tasks: T12324

Differential Revision: https://secure.phabricator.com/D17588
2017-03-30 15:13:40 -07:00
Chad Little
eb6f4c4a28 Update PhortuneLanding page UI
Summary: Minor, uses 'user-circle' for account, and merchant logo for merchants in lists.

Test Plan: View the landing page, see updated logos and icons.

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: Korvin

Differential Revision: https://secure.phabricator.com/D17586
2017-03-30 12:27:41 -07:00
Chad Little
86673486c0 Move Phortune Contollers into folders
Summary: Move individual controller files into cooresponding folders. Makes it easier to locate sections and expand without clutter. Also made "chargelist" part of account since it's tied to having an account specifically.

Test Plan: Vist charges, merchants, subscription, accounts, and other pages. No errors from file move.

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: Korvin

Differential Revision: https://secure.phabricator.com/D17587
2017-03-30 12:26:15 -07:00
Mukunda Modell
cb1d904654 Make sure writes go to the right cluster
Summary:
Two little issues

1. there was an extra call to getHostForWrite,
2. The engine instance was shared between multiple service definitions so it
was overwriting the list of writable hosts from one service with hosts from another.

Test Plan:
tested in wikimedia production with multiple services defined like this:

```language=json
 [
        {
          "hosts": [
            {
              "host": "search.svc.codfw.wmnet",
              "protocol": "https",
              "roles": {
                "read": true,
                "write": true
              },
              "version": 5
            }
          ],
          "path": "/phabricator",
          "port": 9243,
          "type": "elasticsearch"
        },
        {
          "hosts": [
            {
              "host": "search.svc.eqiad.wmnet",
              "protocol": "https",
              "roles": {
                "read": true,
                "write": true
              },
              "version": 5
            }
          ],
          "path": "/phabricator",
          "port": 9243,
          "type": "elasticsearch"
        }
      ]
```

Reviewers: #blessed_reviewers, epriestley

Reviewed By: #blessed_reviewers, epriestley

Subscribers: epriestley

Differential Revision: https://secure.phabricator.com/D17581
2017-03-30 18:08:05 +00:00
Mukunda Modell
67a1c40476 Set content-type to application/json
Summary:
Elasticsearch really wants a raw json body and it fails to accept
the request as of es version 5.3

Test Plan:
Tested with elasticsearch 5.2 and 5.3.

Before this change 5.2 worked but 5.3 failed with
`HTTP/406 "Content-Type header [application/x-www-form-urlencoded] is not supported"` [1]

After this change, both worked.

[1] https://phabricator.wikimedia.org/P5158

Reviewers: epriestley, #blessed_reviewers

Reviewed By: epriestley, #blessed_reviewers

Subscribers: Korvin

Differential Revision: https://secure.phabricator.com/D17580
2017-03-30 18:07:47 +00:00
Mukunda Modell
654f0f6043 Make messages translatable and more sensible.
Summary:
These exception messages & comments didn't quite match reality.
Fixed and added pht() around a couple of them.

Test Plan: I didn't test this :P

Reviewers: epriestley, #blessed_reviewers

Reviewed By: epriestley, #blessed_reviewers

Subscribers: Korvin

Differential Revision: https://secure.phabricator.com/D17578
2017-03-28 23:17:35 +00:00
epriestley
5f939dcce0 Re-run config validation from bin/search
Summary:
Ref T12450. Normally, we validate config when:

  - You restart the webserver.
  - You edit it with `bin/config set ...`.
  - You edit it with the web UI.

However, you can also change config by editing `local.json`, `some_env.conf.php`, a `SiteConfig` class, etc. In these cases, you may miss config warnings.

Explicitly re-run search config checks from `bin/search`, similar to the additional database checks we run from `bin/storage`, to try to produce a better error message if the user has made a configuration error.

Test Plan:
```
$ ./bin/search init
Usage Exception: Setting "cluster.search" is misconfigured: Invalid search engine type: elastic. Valid types are: elasticsearch, mysql.
```

Reviewers: chad, 20after4

Reviewed By: 20after4

Maniphest Tasks: T12450

Differential Revision: https://secure.phabricator.com/D17574
2017-03-28 14:53:26 -07:00
epriestley
c22693ff29 Remove PhabricatorSearchEngineTestCase
Summary:
Ref T12450. This is now pointless and just asserts that `cluster.search` has a default value.

We might restore a fancier version of this eventually, but get rid of this for now.

Test Plan: Scruitinized the test case.

Reviewers: chad, 20after4

Reviewed By: 20after4

Maniphest Tasks: T12450

Differential Revision: https://secure.phabricator.com/D17573
2017-03-28 13:57:55 -07:00
epriestley
e7c76d92d5 Make bin/search init messaging a little more consistent
Summary:
Ref T12450. This mostly just smooths out the text a little to improve consistency. Also:

  - Use `isWritable()`.
  - Make the "skipping because not writable" message more clear and tailored.
  - Try not to use the word "index" too much to avoid confusion with `bin/search index` -- instead, talk about "initialize a service".

Test Plan: Ran `bin/search init` with a couple of different (writable / not writable) configs, saw slightly clearer messaging.

Reviewers: chad, 20after4

Reviewed By: 20after4

Maniphest Tasks: T12450

Differential Revision: https://secure.phabricator.com/D17572
2017-03-28 13:57:37 -07:00
Mukunda Modell
699228c73b Address some New Search Configuration Errata
Summary:
  [ ] Write an "Upgrading: ..." guidance task with narrow instructions for installs that are upgrading.
  [ ] Do we need to add an indexing activity (T11932) for installs with ElasticSearch?
  [ ] We should more clearly detail exactly which versions of ElasticSearch are supported (for example, is ElasticSearch <2 no longer supported)? From T9893 it seems like we may //only// have supported ElasticSearch <2 before, so are the two regions of support totally nonoverlapping and all ElasticSearch users will need to upgrade?
  [ ] Documentation should provide stronger guidance toward MySQL and away from Elastic for the vast majority of installs, because we've historically seen users choosing Elastic when they aren't actually trying to solve any specific problem.
  [ ] When users search for fulltext results in Maniphest and hit too many documents, the current behavior is approximately silent failure (see T12443). D17384 has also lowered the ceiling for ElasticSearch, although previous changes lowered it for MySQL search. We should not fail silently, and ideally should build toward T12003.
  [ ] D17384 added a new "keywords" field, but MySQL does not search it (I think?). The behavior should be as consistent across MySQL and Elastic as we can make it. Likely cleaner is giving "Project" objects a body, with "slugs" and "description" separated by newlines?
  [ ] `PhabricatorSearchEngineTestCase` is now pointless and only detects local misconfigurations.
  [ ] It would be nice to build a practical test suite instead, where we put specific documents into the index and then search for them. The upstream test could run against MySQL, and some `bin/search test` could run against a configured engine like ElasticSearch. This would make it easier to make sure that behavior was as uniform as possible across engine implementations.
  [ ] Does every assigned task now match "user" in ElasticSearch?
  [x] `PhabricatorElasticFulltextStorageEngine` has a `json_encode()` which should be `phutil_json_encode()`.
  [ ] `PhabricatorSearchService` throws an untranslated exception.
  [ ] When a search cluster is down, we probably don't degrade with much grace (unhandled exception)?
  [ ] I haven't run bin/search init, but bin/search index doesn't warn me that I may want to. This might be worth adding. The UI does warn me.
  [ ] bin/search init warns me that the index is "incorrect". It might be more clear to distinguish between "missing" and "incorrect", since it's more comforting to users to see "everything is as we expect, doing normal first-time setup now" than "something is wrong, fixing it".
  [ ] CLI message "Initializing search service "ElasticSearch"" does not end with a period, which is inconsistent with other UI messages.
  [ ] It might be nice to let bin/search commands like init and index select a specific service (or even service + host) to act on, as bin/storage --ref ... now does. You can generally get the result you want by fiddling with config.
  [ ] When a service isn't writable, bin/search init reports "Search cluster has no hosts for role "write".". This is accurate but does not provide guidance: it might be more useful to the user to explain "This service is not writable, so we're skipping index check for it.".
  [x] Even with write off for MySQL, bin/search index --type task --trace still updates MySQL, I think? I may be misreading the trace output. But this behavior doesn't make sense if it is the actual behavior, and it seems like reindexAbstractDocument() uses "all services", not "writable services", and the MySQL engine doesn't make sure it's writable before indexing.
  [x] Searching or user fails to find task Grant users tokens when a mention is created, suggesting that stemming is not working.
  [x] Searching for users finds that task, but fails to find a task containing "per user per month" in a comment, also suggesting that stemming is not working.
  [x] Searching for maniphest fails to find task maniphest.query elephant, suggesting that tokenization in ElasticSearch is not as good as the MySQL tokenization for these words (see D17330).
  [x] The "index incorrect" warning UI uses inconsistent title case.
  [x] The "index incorrect" warning UI could format the command to be run more cleanly (with addCommand(), I think).

refs T12450

Test Plan:
* Stared blankly at the code.
* Disabled 'write' role on mysql fulltext service.
* Edited a task, ran search indexer, verified that the mysql index wasn't being updated.

Reviewers: epriestley, #blessed_reviewers

Reviewed By: epriestley, #blessed_reviewers

Subscribers: Korvin

Maniphest Tasks: T12450

Differential Revision: https://secure.phabricator.com/D17564
2017-03-28 20:19:38 +00:00
epriestley
2fbc9a52da Allow users to "Force accept" package reviews if they own a more general package
Summary:
Ref T12272. If you own a package which owns "/", this allows you to force-accept package reviews for packages which own sub-paths, like "/src/adventure/".

The default UI looks something like this:

```
[X] Accept as epriestley
[X] Accept as Root Package
[ ] Force accept as Adventure Package
```

By default, force-accepts are not selected.

(I may do some UI cleanup and/or annotate "because you own X" in the future and/or mark these accepts specially in some way, particularly if this proves confusing along whatever dimension.)

Test Plan: {F4314747}

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T12272

Differential Revision: https://secure.phabricator.com/D17569
2017-03-28 11:51:40 -07:00
epriestley
ddc02ce420 When voiding "Accept" reviews, also void "Reject" reviews
Summary: Ref T10967. This change is similar to D17566, but for rejects.

Test Plan:
  - Create a revision as A, with reviewer B.
  - Reject as B.
  - Request review as A.
  - Before patch: stuck in "rejected".
  - After patch: transitions back to "needs review".

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T10967

Differential Revision: https://secure.phabricator.com/D17568
2017-03-28 11:51:06 -07:00
epriestley
415ad78484 Remove old code for "Request Review" action from Differential
Summary: Ref T10967. This moves all remaining "request review" pathways (just `differential.createcomment`) to the new code, and removes the old action.

Test Plan: Requested review on a revision, `grep`'d for the action constant.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T10967

Differential Revision: https://secure.phabricator.com/D17567
2017-03-28 11:50:40 -07:00
epriestley
aea46e55da Fix an issue where "Request Review" of a fully-accepted revision would transition to "Accepted"
Summary:
Ref T10967. This is explained in more detail in T10967#217125

When an author does "Request Review" on an accepted revision, void (in the sense of "cancel out", like a bank check) any "accepted" reviewers on the current diff.

Test Plan:
  - Create a revision with author A and reviewer B.
  - Accept as B.
  - "Request Review" as A.
  - (With sticky accepts enabled.)
  - Before patch: revision swithced back to "accepted".
  - After patch: the earlier review is "voided" by te "Request Review", and the revision switches to "Review Requested".

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T10967

Differential Revision: https://secure.phabricator.com/D17566
2017-03-28 11:50:15 -07:00
epriestley
7d3956bec1 Correct spelling of "Dasbhoard"
Summary: Before the speling pollice lock us in prisun.

Test Plan: Used a dicationairey.

Reviewers: chad, jmeador

Reviewed By: jmeador

Differential Revision: https://secure.phabricator.com/D17570
2017-03-28 10:04:26 -07:00
Mukunda Modell
9e2f263bb4 Add repositories to fulltext search index.
Summary:
This implements a simplistic `PhabricatorRepositoryFulltextEngine`
Currently only the repository name, description, timestamps and
status are indexed.

Note: I had to change the `search index` workflow to disambiguate
PhabricatorRepository from PhabricatorRepositoryCommit

Test Plan:
* ran `./bin/search index --type PhabricatorRepository --force`
 * searched for some repositories. Saw reasonable results matching on either title or description.
* Edited a repository in the web ui
 * Added unique key words to the repo description.
 * I was then able to find that repo by searching for the new keywords.

Reviewers: #blessed_reviewers, epriestley

Reviewed By: #blessed_reviewers, epriestley

Subscribers: Korvin

Tags: #search, #diffusion

Differential Revision: https://secure.phabricator.com/D17300
2017-03-28 07:58:22 +00:00
Mukunda Modell
e41c25de50 Support multiple fulltext search clusters with 'cluster.search' config
Summary:
The goal is to make fulltext search back-ends more extensible, configurable and robust.

When this is finished it will be possible to have multiple search storage back-ends and
potentially multiple instances of each.

Individual instances can be configured with roles such as 'read', 'write' which control
which hosts will receive writes to the index and which hosts will respond to queries.

These two roles make it possible to have any combination of:

* read-only
* write-only
* read-write
* disabled

This 'roles' mechanism is extensible to add new roles should that be needed in the future.

In addition to supporting multiple elasticsearch and mysql search instances, this refactors
the connection health monitoring infrastructure from PhabricatorDatabaseHealthRecord and
utilizes the same system for monitoring the health of elasticsearch nodes. This will
allow Wikimedia's phabricator to be redundant across data centers (mysql already is,
elasticsearch should be as well).

The real-world use-case I have in mind here is writing to two indexes (two elasticsearch clusters
in different data centers) but reading from only one. Then toggling the 'read' property when
we want to migrate to the other data center (and when we migrate from elasticsearch 2.x to 5.x)

Hopefully this is useful in the upstream as well.

Remaining TODO:

* test cases
* documentation

Test Plan:
(WARNING) This will most likely require the elasticsearch index to be deleted and re-created due to schema changes.

Tested with elasticsearch versions 2.4 and 5.2 using the following config:

```lang=json
  "cluster.search": [
    {
      "type": "elasticsearch",
      "hosts": [
        {
          "host": "localhost",
          "roles": { "read": true, "write": true }
        }
      ],
      "port": 9200,
      "protocol": "http",
      "path": "/phabricator",
      "version": 5
    },
    {
      "type": "mysql",
      "roles": { "write": true }
     }
  ]

Also deployed the same changes to Wikimedia's production Phabricator instance without any issues whatsoever.
```

Reviewers: epriestley, #blessed_reviewers

Reviewed By: epriestley, #blessed_reviewers

Subscribers: Korvin, epriestley

Tags: #elasticsearch, #clusters, #wikimedia

Differential Revision: https://secure.phabricator.com/D17384
2017-03-26 08:16:47 +00:00
epriestley
b4effdf26c Fix a rendering fatal for unknown edge constants
If we try to render an edge transaction which uses unknown edge constants,
it turns out we fatal. Degrade instead. This happened when viewing very old
badges.

Auditors: chad
2017-03-24 16:58:48 -07:00
Chad Little
186460888d Funbeta Badges
Summary: Ships Badges. I can write up some basic docs too if needed.

Test Plan: /applications/

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: Korvin

Maniphest Tasks: T12270

Differential Revision: https://secure.phabricator.com/D17360
2017-03-24 21:15:42 +00:00
epriestley
080bf064c4 Remove obsolete Badges edge types
Summary: Ref T12270. These no longer have any callsites.

Test Plan: Used `grep` to search for each edge class constant, found no hits.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T12270

Differential Revision: https://secure.phabricator.com/D17562
2017-03-24 14:11:46 -07:00
epriestley
6f80a04699 Paginate the profile badges view
Summary: Ref T12270. Adds a pager, plus a few little cleanups from copy/paste and accumulated cruft.

Test Plan:
  - Paginated a user with 180 badges.
  - Viewed a user with 0 badges.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T12270

Differential Revision: https://secure.phabricator.com/D17561
2017-03-24 14:10:59 -07:00
epriestley
3cdabb9588 Provide a hint that submitting a Conduit call shows you how to encode particular parameters
Summary: Ref T12447.

Test Plan: {F4270003}

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T12447

Differential Revision: https://secure.phabricator.com/D17557
2017-03-24 13:15:03 -07:00
epriestley
24b6c7d718 Allow users to resign if they have authority over any reviewer
Summary:
Ref T11050. The old rule was "you can only resign if you're a reviewer".

With the new behavior of "resign", the rule should be "you can resign if you're a reviewer, or you have authority over any reviewer". Make it so.

Also fixes T12446. I don't know how to reproduce that but I'm pretty sure this'll fix it?

Test Plan:
  - Could not resign from a revision with no authority/reviewer.
  - Resigned from a revision with myself as a reviewer.
  - Resigned from a revision with a package I owned as a reviewer.
  - Could not resign from a revision I had already resigned from.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T12446, T11050

Differential Revision: https://secure.phabricator.com/D17558
2017-03-24 13:14:47 -07:00
epriestley
daeb94561f When destroying Calendar events, destroy invitees and notifications
Summary: Fixes T12395.

Test Plan: Ran `bin/remove destroy E... --trace`, saw invitee and notification destruction.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T12395

Differential Revision: https://secure.phabricator.com/D17555
2017-03-24 09:21:13 -07:00
epriestley
0ffde484e5 Give Daemons a mobile menu
Summary: Fixes T12422.

Test Plan: {F4269080}

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T12422

Differential Revision: https://secure.phabricator.com/D17554
2017-03-24 09:19:56 -07:00
epriestley
f13637627d Improve daemon "waiting" message, config reload behavior
Summary:
Ref T12298. Two minor daemon improvements:

  - Make the "waiting" message reflect hibernation.
  - Don't trigger a reload right after launching.

Test Plan:
- Read "waiting" message.
- Ran "bin/phd start", didn't see an immediate SIGHUP in the log.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T12298

Differential Revision: https://secure.phabricator.com/D17550
2017-03-24 08:32:08 -07:00
Chad Little
2707681b48 Restrict Audit buckets to just ApplicationSearch views
Summary: Fixes T9363. This drops empty buckets from dashboard panel context. Still see full results in Audit.

Test Plan: Create an "Active Audits" panel, add to Dashboard. See no commits found. Check Audit, see all buckets.

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: Korvin

Maniphest Tasks: T9363

Differential Revision: https://secure.phabricator.com/D17545
2017-03-23 12:46:19 -07:00
Chad Little
ffab52f17e Restrict Differential buckets to just ApplicationSearch views
Summary: Ref T9363, If we're in a dashboard panel, only show buckets with data, or a fallback if nothing exists.

Test Plan: Test 'active revisions' panel in a dashboard and in Differential.

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: Korvin

Maniphest Tasks: T9363

Differential Revision: https://secure.phabricator.com/D17544
2017-03-23 12:09:44 -07:00
epriestley
9099485a71 Allow the PullLocal daemon to hibernate, and wake it when repositories need an update
Summary: Ref T12298. This allows the PullLocal daemon to hibernate like the Trigger daemon, but automatically wakes it back up when it needs to do something.

Test Plan:
  - Ran `bin/phd debug pulllocal --trace`.
  - Saw the daemon hibernate after doing a checkup on repositories.
  - Saw periodic queries to look for new update messages.
  - After clicking "Update Now" in the web UI to schedule an update, saw the daemon wake up immediately.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T12298

Differential Revision: https://secure.phabricator.com/D17540
2017-03-23 10:52:28 -07:00
epriestley
9326b4d131 Fix some range issues and 32-bit issues with avatar generation
Summary:
Ref T12444. A few issues:

   - `x % (y - z)` doesn't generate values in the full range: the largest value is never generated. Instead, use `x % (1 + y - z)`.
   - `digestToRange(1, count)` never generates 0. After fixing the first bug, it could generate `count`. The range of the arrays is `0..(count-1)`, inclusive. Generate the correct range instead.
   - `unpack('L', ...)` can unpack a negative number on a 32-bit system. Use `& 0x7FFFFFFF` to mask off the sign bit so the result is always a positive integer.
   - FileFinder might return arbitrary keys, but we rely on sequential keys (0, 1, 2, ...)

Test Plan:
  - Used `bin/people profileimage ... --force` to regenerate images.
  - Added some debugging to verify that the math seemed to be working.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T12444

Differential Revision: https://secure.phabricator.com/D17543
2017-03-23 10:51:33 -07:00
epriestley
1953ab98be Don't show the "Override Lock" prompt when creating objects
Summary:
Fixes T12369. When you create objects they may technically be locked: either because the default state is legitimately locked, or because the default policies prevent you from viewing so we sort of technically end in a locked state.

Regardless, don't prompt during creation, since this prompt isn't useful even if the lock detection is completely legitimate.

Test Plan:
  - In {nav Applications > Maniphest > Configure}, set "Default View Policy" to "No One".
  - Tried to create a task.
  - Before patch: prompted to override lock.
  - After patch: no override prompt.

Reviewers: chad

Reviewed By: chad

Subscribers: d.maznekov

Maniphest Tasks: T12369

Differential Revision: https://secure.phabricator.com/D17541
2017-03-23 06:40:14 -07:00
epriestley
aa91dc992e Record which user accepted on behalf of packages/owners reviewers
Summary:
Ref T12271. Don't do anything with this yet, but store who accepted/rejected/whatever on behalf of reviewers.

In the future, we could use this to render stuff like "Blessed Committers (accepted by epriestley)" or whatever. I don't know that this is necessarily super useful, but it's easy to track, seems likely to be useful, and would be a gigantic pain to backfill later if we decide we want it.

Test Plan: Accepted/rejected a revision, saw reviewers update appropriately.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T12271

Differential Revision: https://secure.phabricator.com/D17537
2017-03-22 14:26:37 -07:00
epriestley
fab37aa4e3 When accepting revisions, allow users to accept on behalf of a subset of reviewers
Summary:
Ref T12271. Currenty, when you "Accept" a revision, you always accept it for all reviewers you have authority over.

There are some situations where communication can be more clear if users can accept as only themselves, or for only some packages, etc. T12271 discusses some of these use cases in more depth.

Instead of making "Accept" a blanket action, default it to doing what it does now but let the user uncheck reviewers.

In cases where project/package reviewers aren't in use, this doesn't change anything.

For now, "reject" still acts the old way (reject everything). We could make that use checkboxes too, but I'm not sure there's as much of a use case for it, and I generally want users who are blocking stuff to have more direct accountability in a product sense.

Test Plan:
  - Accepted normally.
  - Accepted a subset.
  - Tried to accept none.
  - Tried to accept bogus reviewers.
  - Accepted with myself not a reviewer
  - Accepted with only one reviewer (just got normal "this will be accepted" text).

{F4251255}

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T12271

Differential Revision: https://secure.phabricator.com/D17533
2017-03-22 14:25:04 -07:00
epriestley
e1ee8ba428 Fix a bad getStatus() call which is fataling during Herald rule evaluation
Summary: Hit this while `arc diff`'ing something which is triggering 2+ rules which add reviewers, I think.

Test Plan: Dug this out of a production stack trace; will push and `arc diff` again.

Reviewers: chad

Reviewed By: chad

Differential Revision: https://secure.phabricator.com/D17534
2017-03-22 10:03:38 -07:00
epriestley
9c998e988b Don't require mentioned objects to have all required fields when editing comments
Summary: Fixes T12439. This pathway was just missing a `setContinueOnMissingFields(...)` to skip enforcement of required fields.

Test Plan:
  - Added a required custom field.
  - Mentioned any task without a field value in a comment.
  - Edited that comment.
  - Saved changes.
  - Before fix: fatal in log.
  - After fix: clean edit.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T12439

Differential Revision: https://secure.phabricator.com/D17536
2017-03-22 09:59:40 -07:00
epriestley
3e7b63aa73 Add a <reviewer, revision> key to the reviewers table
Summary:
Ref T10967. I'm not 100% sure we need this, but the old edge table had it and I recall an issue long ago where not having this key left us with a bad query plan.

Our data doesn't really provide a way to test this key (we have many revisions and few reviewers, so the query planner always uses revision keys), and building a convincing test case would take a while (lipsum needs some improvements to add reviewers). But in the worst case this key is mostly useless and wastes a few MB of disk space, which isn't a big deal.

So I can't conclusively prove that this key does anything to the dashboard query, but the migration removed it and I'm more comfortable keeping it so I'm not worried about breaking stuff.

At the very least, MySQL does select this key in the query plan when I do a "Reviewers:" query explicitly so it isn't //useless//.

Test Plan: Ran `bin/storage upgrade`, ran dashboard query, the query plan didn't get any worse.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T10967

Differential Revision: https://secure.phabricator.com/D17532
2017-03-22 09:51:06 -07:00
epriestley
8913552970 Store "resigned" as an explicit reviewer state
Summary:
Fixes T11050. Today, when a user resigns, we just delete the record of them ever being a reviewer.

However, this means you have no way to say "I don't care about this and don't want to see it on my dashboard" if you are a member of any project or package reviewers.

Instead, store "resigned" as a distinct state from "not a reviewer", and treat it a little differently in the UI:

  - On the bucketing screen, discard revisions any responsible user has resigned from.
  - On the main `/Dxxx` page, show these users as resigned explicitly (we could just hide them, too, but I think this is good to start with).
  - In the query, don't treat a "resigned" state as a real "reviewer" (this change happened earlier, in D17517).
  - When resigning, write a "resigned" state instead of deleting the row.
  - When editing a list of reviewers, I'm still treating this reviewer as a reviewer and not special casing it. I think that's sufficiently clear but we could tailor this behavior later.

Test Plan:
  - Resigned from a revision.
  - Saw "Resigned" in reviewers list.
  - Saw revision disappear from my dashboard.
  - Edited revision, saw user still appear as an editable reviewer. Saved revision, saw no weird side effects.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T11050

Differential Revision: https://secure.phabricator.com/D17531
2017-03-22 09:50:50 -07:00
epriestley
3d35d6d3f9 Remove duplicate "Change Default Values" action in form editing workflow
Summary: Fixes T12434. I accidentally copy/pasted this too much in D17442.

Test Plan: Viewed a form edit page, no longer saw two copies of this action.

Reviewers: chad, cspeckmim

Reviewed By: chad, cspeckmim

Maniphest Tasks: T12434

Differential Revision: https://secure.phabricator.com/D17530
2017-03-22 09:50:38 -07:00
Chad Little
5e423c5fe0 Provide a 'no dashboards' fallback state if you can't add any
Summary: Ref T10390. Catch if the user doesn't have any dashboards they can edit and give them a helpful message instead.

Test Plan: Clean install, no dashboards, Click "Add to Dashboard" on ApplicationSearch results, see no dashboards message

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: Korvin

Maniphest Tasks: T10390

Differential Revision: https://secure.phabricator.com/D17528
2017-03-21 11:43:02 -07:00
Chad Little
3a838ba312 Add Dashboards as a default pinned application
Summary: Ref T10390. Dashboard usability is high enough that I think we should pin it by default for users to create custom home pages.

Test Plan: Review order of applications in sandbox.

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: Korvin

Maniphest Tasks: T10390

Differential Revision: https://secure.phabricator.com/D17527
2017-03-21 11:10:20 -07:00
Chad Little
d6f7da8685 Add some new Dashboard icons
Summary: Ref T10390. Fixes the missing "fa-dashboard" icon and adds a few more for an even 25.

Test Plan: Create new dashboard, see dashboard icon, select new dashboard icon.

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: Korvin

Maniphest Tasks: T10390

Differential Revision: https://secure.phabricator.com/D17526
2017-03-21 11:00:16 -07:00
Chad Little
7d4c0f002f Allow searching Dashboards by Editable
Summary: Ref T10390. I find myself wanting to find dashboards I can edit, even if I am not the author. I think this is useful for larger installs with multiple admins. Also make disabled Dashboards more grey in UI results.

Test Plan: Log in a test user, create a dashboard with I cannot edit. Log into my account, search for editable dashboards and only see mine. Set dashboard to all users, search under test account and see editable dashboards.

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: Korvin

Maniphest Tasks: T10390

Differential Revision: https://secure.phabricator.com/D17524
2017-03-21 09:39:04 -07:00
Chad Little
1a5d92184c Try to guess a name for the 'Add to Dashboard' workflow
Summary: Ref T5307. Just makes the dialog a little easier to use. Picks a name if we already have one.

Test Plan: Test a builtin, custom saved, and a new advanced search (no name).

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: Korvin

Maniphest Tasks: T5307

Differential Revision: https://secure.phabricator.com/D17523
2017-03-20 18:02:34 -07:00
epriestley
0ceab7d36f Rename "getReviewerStatus()" to "getReviewers()"
Summary:
Ref T10967. Improves some method names:

  - `Revision->getReviewerStatus()` -> `Revision->getReviewers()`
  - `Revision->attachReviewerStatus()` -> `Revision->attachReviewers()`
  - `Reviewer->getStatus()` -> `Reviewer->getReviewerStatus()` (this is mostly to make this more greppable)

Test Plan:
  - bunch o' `grep`
  - Browsed around.
  - If I missed anything, it should fatal in an obvious way. We have a lot of other `getStatus()` calls and it's hard to be sure I got them all.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T10967

Differential Revision: https://secure.phabricator.com/D17522
2017-03-20 17:11:40 -07:00
epriestley
a15df4f8d5 Rename "needReviewerStatus()" into "needReviewers()"
Summary: Ref T10967. The old name was because we had a `getReviewers()` tied to `needRelationships()`, rename this method to use a simpler and more clear name.

Test Plan: `grep`, browsed around.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T10967

Differential Revision: https://secure.phabricator.com/D17519
2017-03-20 16:46:16 -07:00
epriestley
d179d0150c Remove obsolete "relationships" code from Differential
Summary:
Ref T10967. There have been two different ways to load reviewers for a while: `needReviewerStatus()` and `needRelationships()`.

The `needRelationships()` stuff was a false start along time ago that didn't really go anywhere. I believe the idea was that we might want to load several different types of edges (subscribers, reviewers, etc) on lots of different types of objects. However, all that stuff pretty much ended up modularizing so that main `Query` classes did not need to know about it, so `needRelationships()` never got generalized or went anywhere.

A handful of things still use it, but get rid of them: they should either `needReviewerStatus()` to get reviewer info, or the ~3 callsites that care about subscribers can just load them directly.

Test Plan:
  - Grepped for removed methods (`needRelationships()`, `getReviewers()`, `getCCPHIDs()`, etc).
  - Browsed Diffusion, Differential.
  - Called `differential.query`.

It's possible I missed some stuff, but it should mostly show up as super obvious fatals ("call needReviewerStatus() before getReviewerStatus()!").

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T10967

Differential Revision: https://secure.phabricator.com/D17518
2017-03-20 16:45:48 -07:00
epriestley
dccd799b1b Move many "reviewers" readers to new storage
Summary:
Ref T10967.

When we query for revisions with particular reviewers, use the new table to drive the query.

When we load revisions for use in the application, also use the new table to drive the query.

This doesn't convert everything: there's some old `loadRelationships()` stuff still using the old table. But this moves the major stuff over.

(This also changes the icon for "commented" from a question mark to a speech bubble.)

Test Plan:
  - Viewed revision lists and detail views on old and new code, saw identical outcomes.
  - Updated revisions, accepted/rejected/commented on revisions.
  - Hit the "Accepted Older" and "Commented Older" states by taking an action and then updating.
  - Grepped for removed methods (like `getEdgeData()` and `getDiffID()`).

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T10967

Differential Revision: https://secure.phabricator.com/D17517
2017-03-20 16:45:28 -07:00
epriestley
794b456530 Store "last comment" and "last action" diffs on reviewers
Summary:
Ref T10967. We have a "commented" state to help reviewers get a better sense of who is part of a discussion, and a "last action" state to help distinguish between "accept" and "accepted an older version", for the purposes of sticky accepts and as a UI hint.

Currently, these are first-class states, partly beacuse we were somewhat limited in what we could do with edges. However, a more flexible way to represent them is as flags separate from the primary state flag.

In the new storage, write them as separate state information: `lastActionDiffPHID` stores the Diff PHID of the last review action (accept, reject, etc). `lastCommentDiffPHID` stores the Diff PHID of the last comment (top-level or inline).

Test Plan: Applied storage changes, commented and acted on a revision. Saw appropriate state reflected in the database.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T10967

Differential Revision: https://secure.phabricator.com/D17514
2017-03-20 16:44:05 -07:00
epriestley
77b3efafbd Use ModularTransactions for accept/reject/resign in "differential.createcomment"
Summary:
Ref T10967. `differential.createcomment` is a frozen API method which has been obsoleted by `differential.revision.edit`.

It is the only remaining way to apply an "accept", "reject", or "resign" action using the old "ACTION" code.

Instead of using the old code, sneakly apply a new type of transaction in these cases instead.

Then, remove all the remaining old code for this stuff on the write pathways.

Test Plan:
  - Used "differential.createcomment" to accept, reject, and resign from a revision.
  - Grepped for all removed ACTION_X constants, found them only in rendering code.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T10967

Differential Revision: https://secure.phabricator.com/D17513
2017-03-20 16:43:43 -07:00
epriestley
a9cbbf3e5e Apply Owners reviewers using ModularTransactions
Summary: Ref T10967. See that task for some discussion. This lets us do double writes on this pathway.

Test Plan: Set an Owners package to auto-review. Created revisions which triggered it: one with no reviewers (autoreview added); one with the package as a blocking reviewer explicitly (no automatic stuff happened, as expected).

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T10967

Differential Revision: https://secure.phabricator.com/D17512
2017-03-20 16:43:17 -07:00
epriestley
216052baf9 Apply reviewer changes from Herald via ModularTransactions
Summary:
Ref T10967. This converts the reviewer update action in Herald from an older edge write to a newer ModularTransactions write.

The major value from this is that we get a double-write to the new reviewers table.

Test Plan:
  - Wrote a Herald rule to add a reviewer and a blocking reviewer.
  - Saw them added properly to a revision with: no reviewers; both as blocking; A as blocking, B as nonblocking; A as nonblocking, B as blocking.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T10967

Differential Revision: https://secure.phabricator.com/D17511
2017-03-20 16:42:54 -07:00
Chad Little
e69f8f717b Fix 'Add to Dashboard' issue with builtins
Summary: Ref T5307. Actually check the built in query with query, not engine.

Test Plan: Try a builtin query, and a custom query when making a dashboard panel.

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: Korvin

Maniphest Tasks: T5307

Differential Revision: https://secure.phabricator.com/D17521
2017-03-20 15:07:26 -07:00
Chad Little
9b07adb8da Add better error checking to 'Add to Dashboard'
Summary: Ref T5307. Adds a better query check query, sets required for the name, adds the correct URI for cancelling.

Test Plan: Test a form without a name, fake a query string, test cancel button.

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: Korvin

Maniphest Tasks: T5307

Differential Revision: https://secure.phabricator.com/D17520
2017-03-20 14:55:13 -07:00
Chad Little
2921bad1ff Add an action to adding Panels from ApplicationSearch
Summary: Ref T5307. This adds an additional action to Use Results for creating a panel from the query.

Test Plan:
Navigate to Maniphest, select dropdown for Use Results. Try any of the following:

 - Try to set a panel without a name (fail)
 - Muck up query or engine (fail)
 - Set a fake Dashboard ID (fail)

Give panel a name and select a dashboard I have edit permissions to, get taken to dashboard.

Reviewers: epriestley

Subscribers: Korvin

Maniphest Tasks: T5307

Differential Revision: https://secure.phabricator.com/D17516
2017-03-20 14:15:31 -07:00
epriestley
d19fc2335e Don't use "--" to separate flags and arguments in "git ls-remote"
Summary: Fixes T12416. See that task for discussion. Slightly older versions of `git` do not appear to support use of `--` to separate flags and arguments.

Test Plan:
  - Ran `bin/repository update PHABX`.
  - In T12416, had a user with Git 2.1.4 confirm that `git ls-remote X` worked while `git ls-remote -- X` failed.
  - Read `git help ls-remote` to look for any kind of suspicious `--destroy-the-world` flags, didn't see any that made me uneasy.

Reviewers: chad, avivey

Reviewed By: avivey

Maniphest Tasks: T12416

Differential Revision: https://secure.phabricator.com/D17508
2017-03-18 17:54:09 -07:00
epriestley
688c120f9f Provide PhabricatorEnv::isSelfURI to test if a URI points at the current install
Summary:
Ref T5378. This repackages an existing check to see if a URI is a URI for the current install into a more reasonable form.

In an upcoming change, I'll use this new check to test whether `http://example.whatever.com/T123` is a link to a task on the current install or not.

Test Plan: This stuff has good test coverage already; added some more.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T5378

Differential Revision: https://secure.phabricator.com/D17502
2017-03-17 16:44:53 -07:00
epriestley
20892ae502 Simplify "git fetch" behavior in the Pull daemon
Summary:
Ref T12392. The logic currently goes like this:

  - Try a fetch.
  - If that fails, try repairing the origin URI.
  - Then try again.

This is pretty complicated, and we can use this simpler logic instead:

  - Set the origin URI to the right value.
  - Try a fetch.

Setting the origin URI is very fast. This can normally only get us in any trouble in very obscure situations which haven't occurred for many years:

  - Pretty much all of this is already covered by `verifyGitOrigin()`, which we run earlier.
  - Origins could be configured to have multiple URIs for some reason, but shouldn't be.
  - Years ago, you could configure Phabricator to point at a local repository it didn't own and that could conceivably have a different "origin" that you might not want us to delete. If you did this, the daemons have been spewing errors for 3-4 years without you fixing it. The cost of fixing the remote URI is very small even if anyone is affected by this (just set it back to the old value) and there's zero reason to do this and the scenario is ridiculous.

Test Plan: Ran `bin/repository update PHABX --trace --verbose`, saw fetches go through cleanly after URI adjustment.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T12392

Differential Revision: https://secure.phabricator.com/D17498
2017-03-17 16:43:37 -07:00
epriestley
2b0ad243d1 Use "git ls-remote" to guess if "git fetch" is a no-op
Summary:
Ref T12296. Ref T12392. Currently, when we're observing a remote repository, we periodically run `git fetch ...`.

Instead, periodically run `git ls-remote` (to list refs in the remote) and `git for-each-ref` (to list local refs) and only continue if the two lists are different.

The motivations for this are:

  - In T12296, it appears that doing this is //faster// than doing a no-op `git fetch`. This effect seems to reproduce locally in a clean environment (900ms for `ls-remote` + 100ms for `for-each-ref` vs about 1.4s for `fetch`). I don't have any explanation for why this is, but there it is. This isn't a huge change, although the time we're saving does appear to mostly be local CPU time, which is good for us.
  - Because we control all writes, we could cache `git for-each-ref` in the future and do fewer disk operations. This doesn't necessarily seem too valuable, though.
  - This allows us to tell if a fetch will do anything or not, and make better decisions around clustering (in particular, simplify how observed repository versioning works). With `git fetch`, we can't easily distinguish between "fetch, but nothing changed" and "legitimate fetch".

If a repository updates very regularly we end up doing slightly more work this way (that is, if `ls-remote` always comes back with changes, we do a little extra work), but this is normally very rare.

This might not get non-bare repositories quite right in some cases (i.e., incorrectly detect them as changed when they are unchanged) but we haven't created non-bare repositories for many years.

Test Plan: Ran `bin/repository update --trace --verbose PHABX`, saw sensible construction of local and remote maps and accurate detection of whether a fetch would do anything or not.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T12392, T12296

Differential Revision: https://secure.phabricator.com/D17497
2017-03-17 16:43:04 -07:00
Chad Little
aef2a39a81 Add Badges to UserCache
Summary: Ref T12270. Builds out a BadgeCache for PhabricatorUser, primarily for Timeline, potentially feed? This should still work if we later let people pick which two, just switch query in BadgeCache.

Test Plan: Give out badges, test timeline for displaying badges from handles and without queries. Revoke a badge, see cache change.

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: Korvin

Maniphest Tasks: T12270

Differential Revision: https://secure.phabricator.com/D17503
2017-03-17 10:38:17 -07:00
epriestley
65de9e9f5e Ignore "Auditors: author" when inferring auditors from commit messages
Summary:
Fixes T12406. When importing commits, we automatically add auditors if the message lists "Auditors: username".

If the list of auditors includes the commit author, this edit fails because you can't audit your own commits (previously, you sometimes could and/or we didn't validate).

Instead, just ignore "Auditors: author".

Test Plan:
  - Made a commit with "Auditors: epriestley".
  - Pushed it.
  - Saw the HeraldWorker get stuck with the error in T12406.
  - Applied the change; worker now succeeded.

Reviewers: chad

Reviewed By: chad

Subscribers: alexmv

Maniphest Tasks: T12406

Differential Revision: https://secure.phabricator.com/D17507
2017-03-16 13:57:51 -07:00
epriestley
ba2ee3a66e Make "bin/config set --database ..." resurrect deleted values
Summary:
Fixes T12409. Config entries may be marked as "deleted", and `bin/config set --database` doesn't un-delete them, so the edit doesn't do anything.

The "most correct" fix here is to swap to transactions so we run the same code, but just fix this narrowly for now since it's one line of code.

Test Plan:
  - Set `maniphest.default-priority` to `123`.
  - Deleted `maniphest.default-priority` from the web UI by deleting all the text in the box.
  - Before patch: `bin/config set --database maniphest.default-priority 789` had no effect.
  - After patch: `bin/config set --database maniphest.default-priority 789` worked.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T12409

Differential Revision: https://secure.phabricator.com/D17506
2017-03-16 12:26:33 -07:00
Chad Little
de4e8728b2 Add ActionIcon to PHUIListItemView, use in Dashboards
Summary: Extends PHUIListItemView to take an icon, link as an "Action Item" that displays on the right side of the menu link. Does not display on Favorites. This allows for adding edit, external, or other links (documentation?) to any menu item. Right now the secondary link is only visible when the item is selected. This feels right, but if we offer it in other ways, users may always want it visible. We could look at making it onhover.

Test Plan:
Add a bunch of random global and personal dashboards to my menu. Add a menu to Favorites, see no link. Test mobile, link works.

{F4136699}

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: Korvin

Differential Revision: https://secure.phabricator.com/D17505
2017-03-16 11:32:16 -07:00
epriestley
7626ec0ce1 Correct an issue where "View Raw File" in Differential generated a file with overbroad permissions
Summary:
Via HackerOne. When you view a raw file in Differential, we currently generate a permanent file with default permissions. This may be incorrect: default permissions may be broader than the diff's permissions.

The other three methods of downloading/viewing raw files ("Download" in Diffusion and Differential, "View Raw" in Diffusion and Differential) already apply policies correctly and generate temporary files. However, this workflow was missed when other workflows were updated.

Beyond updating the workflow, delete any files we've generated in the past. This wipes the slate clean on any security issues and frees up a little disk space.

Test Plan:
  - Ran migration script, saw existing files get purged.
  - Did "View Raw File", got a new file.
  - Verified that the file was temporary and properly attached to the diff, with "NO ONE" permissions.
  - Double-checked that Diffusion already runs policy logic correctly and applies appropriate policies.
  - Double-checked that "Download Raw Diff" in Differential already runs policy logic correctly.
  - Double-chekced that "Download Raw Diff" in Diffusion already runs policy logic correctly.

Reviewers: chad

Reviewed By: chad

Differential Revision: https://secure.phabricator.com/D17504
2017-03-16 09:51:48 -07:00
epriestley
d6d3ad6f80 Allow administrators to get a list of users who don't have MFA configured
Summary:
Fixes T12400. Adds a "Has MFA" filter to People so you can figure out who you need to harass before turning on "require MFA".

When you run this as a non-admin, you don't currently actually hit the exception: the query just doesn't work. I think this is probably okay, but if we add more of these it might be better to make the "this didn't work" more explicit since it could be confusing in some weird edge cases (like, an administrator sending a non-administrator a link which they expect will show the non-administrator some interesting query results, but they actually just get no constraint). The exception is more of a fail-safe in case we make application changes in the future and don't remember this weird special case.

Test Plan:
  - As an administrator and non-administrator, used People and Conduit to query MFA, no-MFA, and don't-care-about-MFA. These queries worked for an admin and didn't work for a non-admin.
  - Viewed the list as an administrator, saw MFA users annotated.
  - Viewed config help, clicked link as an admin, ended up in the right place.

{F4093033}

{F4093034}

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T12400

Differential Revision: https://secure.phabricator.com/D17500
2017-03-15 17:49:01 -07:00
Chad Little
fd69dfaa9a Allow searching for Badge Awards by Badge status
Summary: Fixes T12398. This adds `withBadgeStatuses` as a query parameter when searching for Awards to show. In most (all?) cases we currently only show active badges.

Test Plan: Assign myself a badge, archive it and verify it does not appear on profile, comment form, or timeline.

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: Korvin

Maniphest Tasks: T12398

Differential Revision: https://secure.phabricator.com/D17499
2017-03-15 12:44:01 -07:00
Chad Little
a72d18765f Basic "Install Dashboard" workflow
Summary: Ref T12264. This allows users to install a dashboard they are viewing to their personal home menu or as a global home menu item. Has some basic ability to be extended later for maybe projects.

Test Plan:
Build a dashboard, click "Install Dashboard".

 - As user only get personal option
 - As HomeApp edit person, see both options
 - Try installation as either, with and without label set
 - Fake "global" form as user, get error
 - Don't set anything, get error

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: Korvin

Maniphest Tasks: T12264

Differential Revision: https://secure.phabricator.com/D17492
2017-03-14 14:21:56 -07:00
epriestley
251ee9b660 Add dedicated "reviewers" storage to Differential and do double writes
Summary:
Ref T10967. This is an incremental step toward removing "reviewers" back to a dedicated storage table so we can handle changes like T11050.

This adds the storage table, and starts doing double writes to it (so new or updated reviewers write to both the old edge table and the new "reviewers" table).

Then we can do a migration, swap readers over one at a time, and eventually remove the old write and old storage and then implement new features.

This change has no user-facing impact, it just causes us to write new data to two places instead of one.

This is not completely exhaustive: the Herald "Add Reviewers" action is still doing a manual EDGE transaction. I'll clean that up next and do another pass to look for anything else I missed.

This is also a bit copy/pastey for now but the logic around "RESIGN" is a little different in the two cases until T11050. I'll unify it in future changes.

Test Plan:
  - Did a no-op edit.
  - Did a no-op comment.
  - Added reviewers.
  - Removed reviewers.
  - Accepted and rejected revisions.

After all of these edits, did a `SELECT * FROM differential_reviewer` manually and saw consistent-looking rows in the database.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T10967

Differential Revision: https://secure.phabricator.com/D17495
2017-03-14 11:51:51 -07:00
epriestley
a36b1e8f64 Fix two typos ("Adminstrator", "Recipents")
Summary: Fixes T12387.

Test Plan: Consulted a dictionary.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T12387

Differential Revision: https://secure.phabricator.com/D17493
2017-03-12 14:23:43 -07:00
Chad Little
4457c3866b Fix project hovercard tag alignment
Summary: Fix tag alignment on project cards when there are multiple tags. Also fixes T12381.

Test Plan: Review a project and people hovercard in sandbox, ensure multiple tags look as expected.

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: Korvin

Maniphest Tasks: T12381

Differential Revision: https://secure.phabricator.com/D17488
2017-03-11 09:41:39 -08:00
Chad Little
40391d089e Add a sort order to the favorites menu
Summary: These were once ordered, but I think we switched to being defined in the Engine and never implemented the sorts there. This adds sort ordering to Tasks, Projects, and Repositories.

Test Plan: Review Favorites Menu in local install, see order is now set per the engine. Click Edit Favorites, and re-order. See order sticks.

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: Korvin

Differential Revision: https://secure.phabricator.com/D17490
2017-03-11 09:40:06 -08:00
epriestley
2b5bf4b911 Allow "bin/mail send-test" to accept raw email addresses via "--to"
Summary: Ref T12372. This supports testing the `wordwrap()` patch discussed in that task.

Test Plan:
  - Ran `bin/mail send-test --to email@domain.com`
  - Ran `bin/mail send-test --to username`

Reviewers: chad, lvital

Reviewed By: lvital

Maniphest Tasks: T12372

Differential Revision: https://secure.phabricator.com/D17489
2017-03-10 14:52:33 -08:00
epriestley
d73df58cc6 Prevent use of the "quality" constraint in the Badge search API
Summary:
Ref T12270. This just drops the constraint for now, rather than dealing with all the typecasting stuff and putting us in a position which will almost certainly require backward compatibility breaks in the future.

Also renames "badges.*" to "badge.*" for consistency (all other methods are singular: token.*, project.*, differential.revision.*, etc).

Test Plan:
Saw "qualities" now "Not Supported", while other constraints continue to work:

{F3887194}

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T12270

Differential Revision: https://secure.phabricator.com/D17487
2017-03-09 12:26:58 -08:00
Chad Little
fa569c35d3 Add award and revoke conduit calls to Badges
Summary: Allow people to award and remove badges via conduit, but not from the standard badges form.

Test Plan:
Build a generator and generate awards. Didn't test the revoke yet.

{F3857766}

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: Korvin

Maniphest Tasks: T12270

Differential Revision: https://secure.phabricator.com/D17482
2017-03-09 11:31:43 -08:00
epriestley
d0c648dfa5 Make "Can Interact" and logged-out users interact more gracefully
Summary:
Fixes T12378. Two minor issues here:

  - CAN_INTERACT on tasks uses "USER", but should just use the view policy, which may be more permissive ("PUBLIC").
  - CAN_INTERACT is currently prevented from being "PUBLIC" by additional safeguards. Define an explicit capability object for the permission which returns `true` from `shouldAllowPublicPolicySetting()`.

Test Plan:
  - Viewed an unlocked task as a logged-out user, saw "login to comment" instead of "locked".
  - Viewed a locked task as a logged-out user, saw "locked".

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T12378

Differential Revision: https://secure.phabricator.com/D17485
2017-03-09 08:50:57 -08:00
Chad Little
abff6dc8a9 Scope commits page on people to just your commits
Summary: This is overly broad and I missed it in local testing with just a single account. Let's pull just the author in.

Test Plan: Review a commit page that wasn't my own, see other authors commits.

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: Korvin

Differential Revision: https://secure.phabricator.com/D17481
2017-03-08 08:40:19 -08:00
Chad Little
3422b4205b Fix milestone widget header color on projects profile
Summary: This should be blue, not grey.

Test Plan: Add a milestone and subproject to a project

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: Korvin

Differential Revision: https://secure.phabricator.com/D17477
2017-03-07 16:01:50 -08:00
Chad Little
614c8497bb Add badges to TransactionCommentView
Summary: Fixes T10698. This shows badges under the comment preview if the application uses TransactionCommentView. I suspect not everything does, but will pick the fix up for free when modernized.

Test Plan: Test commenting on a task with and without a user that has a badge. See badge preview.

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: Korvin

Maniphest Tasks: T10698

Differential Revision: https://secure.phabricator.com/D17480
2017-03-07 15:57:48 -08:00
Chad Little
0b4ccdade9 Show only open tasks on Tasks people profile panel
Summary: This currently queries all tasks, make it limit to only open tasks.

Test Plan: Assign myself an open and a resolved task. See only open on profile.

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: Korvin

Differential Revision: https://secure.phabricator.com/D17476
2017-03-07 07:34:20 -08:00
Chad Little
129483d5ea Attach commit data to commit list on people
Summary: Fixes T12360. I'll probably make a non-audit commit list for this, maybe, eventually, until then add all the needed audit information.

Test Plan: Review commits in my profile, see data and not a fatal.

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: Korvin

Maniphest Tasks: T12360

Differential Revision: https://secure.phabricator.com/D17475
2017-03-07 01:23:59 +00:00
Chad Little
814c28d39a Add quality and icon to Badge Lipsum generator
Summary: This just adds a few more dimensions to the generator.

Test Plan: run `bin/lipsum generate badges`, verify new icons and quality work.

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: Korvin

Differential Revision: https://secure.phabricator.com/D17474
2017-03-06 19:58:08 +00:00
Chad Little
b28da10336 Allow Phrequent to be used in dashboard panels
Summary: Probably useful if you use Phrequent.

Test Plan: I did not test this beyond lint/unit.

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: Korvin

Differential Revision: https://secure.phabricator.com/D17473
2017-03-06 11:00:55 -08:00
Chad Little
26d3d41693 Update tasks/commits, remove diffs from Profile
Summary: Mostly a minor nit-pick, but I hate sending users off the profile and disorient them onto application search. These pages are pretty easy to maintain, I don't expect to need to do more here. I dropped Differential outright. Kept Tasks and Commits. Now you can browse everything about a user on their profile without leaving. Maybe add a link to ApplicationSearch? Not sure it's important.

Test Plan: Review tasks and commits on mine and other user profiles.

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: Korvin

Differential Revision: https://secure.phabricator.com/D17470
2017-03-06 10:13:51 -08:00
Chad Little
e0918883e7 Add date awarded to profile badges
Summary: Ref T12270. Adds the date the badge was awarded.

Test Plan: Award a badge, see date on profile badge when card is flipped.

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: Korvin

Maniphest Tasks: T12270

Differential Revision: https://secure.phabricator.com/D17471
2017-03-06 10:13:02 -08:00
Chad Little
eb73c50e87 Auto-generate profile images for sad psyducks
Summary: Fixes T10319. This looks for custom profile image, then falls back to a generated profile image.

Test Plan: Create a new user, log in, and see new profile image. Note this seems to break `bin/lipsum generate user`

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: Korvin

Maniphest Tasks: T10319

Differential Revision: https://secure.phabricator.com/D17467
2017-03-05 08:25:02 -08:00
epriestley
8e26916f7f Expose "parent task" and "subtask" relationships to "edge.search"
Summary: Ref T12337. This just fills out a couple more task relationships.

Test Plan: Viewed the edges in the Conduit console, queried for them.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T12337

Differential Revision: https://secure.phabricator.com/D17465
2017-03-04 15:54:24 -08:00
Chad Little
19ecd0be65 Remove unused argument from ProfileImageWorkflow
Summary: Ref T10319. Removing an unused arg from the workflow script for building profile images.

Test Plan: Rerun `bin/people profileimage --users chad 007 --force`

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: Korvin

Maniphest Tasks: T10319

Differential Revision: https://secure.phabricator.com/D17466
2017-03-04 15:49:30 -08:00
Chad Little
3a868940c7 Add a profileimage generation workflow for the cli
Summary: Ref T10319. This adds a basic means of generating default profile images for users. You can generate them for everyone, a group of users, or force updates. This only generated images and stores them in files. It does not assign them to users.

Test Plan:
`bin/people profileimage --all` to generate all images.
`bin/people profileimage --users chad` to generate a user.
`bin/people profileimage --all --force` to force rebuilding all images.

{F3662810}

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: Korvin

Maniphest Tasks: T10319

Differential Revision: https://secure.phabricator.com/D17464
2017-03-04 15:43:13 -08:00
epriestley
be16f9b2cd Add a generic "edge.search" method
Summary:
Ref T12337. Ref T5873. This provides a generic "edge.search" method which feels like other "verison 3" `*.search` methods.

The major issues here are:

  1. Edges use constants internally, which aren't great for an API.
  2. A lot of edges are internal and probably not useful to query.
  3. Edges don't have a real "id", so paginating them properly is challenging.

I've solved these things like this:

  - Edges must opt-in to being available via Conduit by providing a human-readable key (like "mention" instead of "52"). This solvs (1) and (2).
  - I faked a mostly-reasonable behavior for paginating.

Test Plan:
Ran various valid and invalid searches. Paginated a large search. Reviewed UI.

{F3651818}

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T12337, T5873

Differential Revision: https://secure.phabricator.com/D17462
2017-03-04 15:26:29 -08:00
epriestley
9ccef52d6c Prevent awarding/revoking tokens when a task is locked
Summary: Ref T12335. Allows you to lock tasks to keep your precious tokens.

Test Plan:
  - Awarded tokens to an unlocked task.
  - Locked the task.
  - Could no longer award/rescind tokens.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T12335

Differential Revision: https://secure.phabricator.com/D17461
2017-03-04 09:55:35 -08:00
epriestley
d5baf2fe37 Fix a constant typo in Diviner ("DECLARATAION" -> "TION")
Summary: Fixes T12351. This got typo'd in D17377.

Test Plan: `bin/diviner generate --clean --book src/docs/book/phabricator.book`

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T12351

Differential Revision: https://secure.phabricator.com/D17460
2017-03-04 09:54:10 -08:00
Chad Little
f2e013c2e9 Prep user table for default images
Summary: Ref T10319. Adds in database columns for upcoming default generated avatar support.

Test Plan: Ran storage upgrade, log into local site to verify it didn't blow up.

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: Korvin

Maniphest Tasks: T10319

Differential Revision: https://secure.phabricator.com/D17459
2017-03-04 08:18:07 -08:00
Chad Little
f095a81b00 Allow custom image generation when choosing a profile image
Summary: Ref T10319. This swaps the default in the Picture Chooser to allow picking of the custom unique avatar. We're currently going with 100k unique possibilities. The logic roughly hashes a user name and picks an image pack, color, and border. Based on that, we select the first character of their username, or fall back to Psyduck if not [a-z][0-9].

Test Plan:
Set the following usernames from ProfilePicture as a test: chad, epriestley, sally, 007, _cat_, -doggie-.

{F3453979}

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: Korvin

Maniphest Tasks: T10319

Differential Revision: https://secure.phabricator.com/D17430
2017-03-03 20:21:31 -08:00
epriestley
8ce25838f5 Provide "bin/auth revoke" with a revoker for Conduit tokens
Summary:
Ref T12313. This puts a UI on revoking credentials after a widespread compromise like Cloudbleed or a local one like copy/pasting a token into public chat.

For now, I'm only providing a revoker for conduit tokens since that's the immediate use case.

Test Plan:
 - Revoked in user + type, everything + user, everywhere + type, and everything + everywhere modes.
 - Verified that conduit tokens were destroyed in all cases.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T12313

Differential Revision: https://secure.phabricator.com/D17458
2017-03-03 14:38:55 -08:00
Chad Little
1460f2b85c Add more icon choices to Badges
Summary: Ref T9010. This adds more icons and lets the IconChooser handle more icons more easier.

Test Plan: Test Project Icons, Badges Icons

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: Korvin

Maniphest Tasks: T9006, T9010

Differential Revision: https://secure.phabricator.com/D17456
2017-03-03 13:45:53 -08:00
epriestley
5ed90b2235 Only validate form subtype edits if subtype transactions are present
Summary: Fixes T12347. Ref T12314. Validation gets called no matter what, but is only relevant if the form supports subtypes.

Test Plan: Marked/unmarked a Paste form as editable.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T12347, T12314

Differential Revision: https://secure.phabricator.com/D17457
2017-03-03 13:44:32 -08:00
Chad Little
d2a420d13a Remove needRecipients and needAwards from Badges
Summary: Fixes T10798. Separates these two since they don't need to be combined and it allows for more flexibility / scalability.

Test Plan:
- Add Badge
- Edit Badge
- Add myself as Recipient
- Remove myself
- Go to my profile
- Award Badge from there
- Assign myself a badge, try to re-assign it, see validation error.

Also, validation errors on dialog forms are ugly.

{F3495630}

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: Korvin

Maniphest Tasks: T10798, T12270

Differential Revision: https://secure.phabricator.com/D17447
2017-03-03 08:41:58 -08:00
epriestley
c102620a29 Lock files.video-mime-types config option for consistency
Summary:
This is a consistency change to make this option consistent with `audio-mime-types`, `image-mime-types` and `icon-mime-types`, all of which are locked.

(They're locked because SVG is definitely dangerous, and other types might be dangerous or might become dangerous in the future, although I'm not aware of any actual dangers from video types today.)

Test Plan: Viewed `files.video-mime-types` in Config, saw it was locked.

Reviewers: chad

Reviewed By: chad

Differential Revision: https://secure.phabricator.com/D17454
2017-03-03 08:38:02 -08:00
epriestley
0e7a5623e3 Allow task statuses to "lock" them, preventing additional comments and interactions
Summary:
Ref T12335. See that task for discussion. Here are the behavioral changes:

  - Statuses can be flagged with `locked`, which means that tasks in that status are locked to further discussion and interaction.
  - A new "CAN_INTERACT" permission facilitates this. For most objects, "CAN_INTERACT" is just the same as "CAN_VIEW".
  - For tasks, "CAN_INTERACT" is everyone if the status is a normal status, and no one if the status is a locked status.
  - If a user doesn't have "Interact" permission:
    - They can not submit the comment form.
    - The comment form is replaced with text indicating "This thing is locked.".
    - The "Edit" workflow prompts them.

This is a mixture of advisory and hard policy checks but sholuld represent a reasonable starting point.

Test Plan: Created a new "Locked" status, locked a task. Couldn't comment, saw lock warning, saw lock prompt on edit. Unlocked a task.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T12335

Differential Revision: https://secure.phabricator.com/D17453
2017-03-02 16:57:10 -08:00
epriestley
0a0ac1302f Prevent users from taking "edit"-like actions via comment forms if they don't have edit permission
Summary:
Ref T12335. Fixes T11207. Edit-like interactions which are not performed via "Edit <object>" are a bit of a grey area, policy-wise.

For example, you can correctly do these things to an object you can't edit:

  - Comment on it.
  - Award tokens.
  - Subscribe or unsubscribe.
  - Subscribe other users by mentioning them.
  - Perform review.
  - Perform audit.
  - (Maybe some other stuff.)

These behaviors are all desirable and correct. But, particularly now that we offer stacked actions, you can do a bunch of other stuff which you shouldn't really be able to, like changing the status and priority of tasks you can't edit, as long as you submit the change via the comment form.

(Before the advent of stacked actions there were fewer things you could do via the comment form, and more of them were very "grey area", especially since "Change Subscribers" was just "Add Subscribers", which you can do via mentions.)

This isn't too much of a problem in practice because we won't //show// you those actions if the edit form you'd end up on doesn't have those fields. So on intalls like ours where we've created simple + advanced flows, users who shouldn't be changing task priorities generally don't see an option to do so, even though they technically could if they mucked with the HTML.

Change this behavior to be more strict: unless an action explicitly says that it doesn't need edit permission (comment, review, audit) don't show it to users who don't have edit permission and don't let them take the action.

Test Plan:
  - As a user who could not edit a task, tried to change status via comment form; received policy exception.
  - As a user who could not edit a task, viewed a comment form: no actions available (just "comment").
  - As a user who could not edit a revision, viewed a revision form: only "review" actions available (accept, resign, etc).
  - Viewed a commit form but these are kind of moot because there's no separate edit permission.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T12335, T11207

Differential Revision: https://secure.phabricator.com/D17452
2017-03-02 16:56:57 -08:00
Chad Little
08b18ac5f5 Remove needBadges from PhabricatorUser
Summary: Ref T12270. We don't really need these, timeline does it's own thing, badges is now a profile page, and hovercards have been removed.

Test Plan: Visit timeline, still see badges, visit my profile page, bask in the warmth of fake awards.

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: Korvin

Maniphest Tasks: T12270

Differential Revision: https://secure.phabricator.com/D17448
2017-03-02 06:30:23 -08:00
Chad Little
664d9fa3ed Touch up Badges emails
Summary: Ref T12270. Adds the name of the badge to the subject, fixes the double description.

Test Plan: Edit lots of badges with and without descriptions, see good emails.

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: Korvin

Maniphest Tasks: T12270

Differential Revision: https://secure.phabricator.com/D17449
2017-03-02 06:30:04 -08:00
Chad Little
87304e360f Remove dashboard footer
Summary: Doesn't seem popular, will rethink dashboard editing again in the future at some point.

Test Plan: Review a dashboard, edit, install.

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: Korvin

Differential Revision: https://secure.phabricator.com/D17450
2017-03-02 06:29:39 -08:00
epriestley
6f7bb8c91a On workboards, provide all of the supported "create task" forms in the dropdown
Summary:
Ref T12314. Ref T6064. Ref T11580. If an install defines several different task create forms (like "Create Plant" and "Create Animal"), allow any of them to be created directly onto a workboard column.

This is just a general consistency improvement that makes Custom Forms and Workboards work together a bit better. We might do something fancier eventually for T6064 (which wants fewer clicks) and/or T11580 (which wants per-workboard control over forms or defaults).

Test Plan:
  - Created several different types of tasks directly onto a workboard.
  - Faked just one create form, saw the UI unchanged (except that it respects any renaming).

{F3492928}

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T12314, T11580, T6064

Differential Revision: https://secure.phabricator.com/D17446
2017-03-02 04:24:40 -08:00
epriestley
7eab75410a When editing a subtyped object, use edit forms of the same subtype
Summary:
Ref T12314. When we pick an "Edit" form for a subtyped object, only consider forms with the same subtype.

For example, editing an "Animal" uses the forms with subtype "animal" which are marked as edit forms.

This also makes "Create Subtask" carry the parent task's type.

Test Plan:
  - Edited an Animal, got an animal edit form.
  - Edited a normal task, got a normal task form.
  - Edited a paste, got the normal workflow.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T12314

Differential Revision: https://secure.phabricator.com/D17445
2017-03-02 04:24:28 -08:00
epriestley
4948a21959 Allow tasks to be searched by subtype
Summary:
Ref T12314. Allow tasks to be queried by subtype using a typeahead.

Open to a better default icon. I'll probably let you configure them later.

Just hide this constraint if there's only one subtype.

Test Plan:
  - Searched for subtypes.
  - Verified that the control hides if there is only one subtype.

{F3492293}

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T12314

Differential Revision: https://secure.phabricator.com/D17444
2017-03-02 04:20:38 -08:00
epriestley
4a061b1def When an object which supports subtypes is created, set its subtype to the creating form's subtype
Summary:
Ref T12314. If you set a form to have the "plant" subtype, then create a task with it, save "plant" as the task subtype.

For Conduit, the default subtype is used by default, but a new "subtype" transaction is exposed. You can apply this transaction at create time to create an object of a certain subtype, or at any later time to change the subtype of an object.

This still doesn't do anything particularly useful or interesting.

Test Plan:
  - Created a non-subtyped object (a Paste).
  - Created "task" and "plant" tasks via different forms.
  - Created "default" and "plant" tasks via Conduit.
  - Changed the subtype of a task via Conduit.
  - Tried to set a bad subtype.

{F3492061}

{F3492066}

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T12314

Differential Revision: https://secure.phabricator.com/D17443
2017-03-02 04:18:23 -08:00
epriestley
b9d60d2653 Allow EditEngine forms for objects which support subtyping to have a subtype configured
Summary:
Ref T12314. This adds a "Change Form Subtype" workflow to the EditEngine form configuration screen, for forms that edit/create objects which support subtyping (for now, only tasks).

For example, this allows you to switch a form from being a "task" form to a "plant" or "animal" form.

Doing this doesn't yet do anything useful or interesting. I'm also not showing it in the UI yet since I'm not sure what we should make that look like (presumably, we should just echo whatever UI we end up with on tasks).

Test Plan:
  - Changed the subtype of a task form.
  - Verified that the "Change Subtype" action doesn't appear on other forms (for example, those for Pastes).

{F3491374}

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T12314

Differential Revision: https://secure.phabricator.com/D17442
2017-03-02 04:18:06 -08:00
epriestley
dc7ecf5875 Add "subtype" storage to Maniphest tasks
Summary: Ref T12314. Provides a field on tasks for storing subtypes. Does nothing interesting yet.

Test Plan:
  - Ran storage upgrade.
  - Created some tasks.
  - Looked in the database.
  - Used Conduit to query some tasks.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T12314

Differential Revision: https://secure.phabricator.com/D17441
2017-03-02 04:17:47 -08:00
epriestley
1b96f2fc28 Add maniphest.subtypes for configuring task subtypes
Summary:
Ref T12314. Builds toward letting you define "animal" and "plant" tasks.

This just adds some configuration. I'll probably add some more quality-of-life options (like "icon") later but these are the only bits I'm sure I'll need.

Test Plan:
  - Configured sensible subtypes.
  - Tried to configure bad subtypes: bad key, missing "default", duplicate keys. Got sensible error messages.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T12314

Differential Revision: https://secure.phabricator.com/D17440
2017-03-02 04:16:51 -08:00
epriestley
91ef237290 Add a "subtype" field to EditEngine forms
Summary:
Ref T12314. This adds storage so EditEngine forms can later be marked as edit fields for particular types of objects (like an "animal edit form" vs a "plant edit form").

We'll take you to the right edit form when you click "Edit" by selecting among forms with the same subtype as the task.

This doesn't do anything very interesting on its own.

Test Plan:
  - Ran `bin/storage upgrade`.
  - Verified database got the field with proper values.
  - Created a new form, checked the database.
  - Ran unit tests.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T12314

Differential Revision: https://secure.phabricator.com/D17439
2017-03-02 04:16:27 -08:00
Joshua Spence
fcd8c9c240 Update phd launch
Summary: Ref T12298. `phd launch` was missed in D17390 and thus broken by D17389.

Test Plan: Launched a daemon with great success.

Reviewers: #blessed_reviewers, epriestley

Reviewed By: #blessed_reviewers, epriestley

Subscribers: Korvin

Maniphest Tasks: T12298

Differential Revision: https://secure.phabricator.com/D17429
2017-03-02 21:37:02 +11:00
Christopher Wetherill
5fad7eb1f9 Get line count before truncating Paste snippets
Summary: Fixes T12338. Resolves an issue where long pastes would be truncated before getting a line count, resulting in an inaccurate line count being returned.

Test Plan: Made a large paste, verified that it displayed the correct number of lines.

Reviewers: #blessed_reviewers, epriestley

Reviewed By: #blessed_reviewers, epriestley

Subscribers: Korvin

Maniphest Tasks: T12338

Differential Revision: https://secure.phabricator.com/D17438
2017-03-01 22:30:18 +00:00
Chad Little
3f1ee67972 Add a tooltip option to Link menu items
Summary: Ref T12174. Let's users add a tooltip to LinkProfileMenuItem

Test Plan: Add a tooltip, remove tooltip. Menu appears as expected

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: Korvin

Maniphest Tasks: T12174

Differential Revision: https://secure.phabricator.com/D17437
2017-03-01 11:16:25 -08:00
Chad Little
bf0a7cbec6 Remove "disabled" look to subprojects/workboard nav items
Summary: Fixes T12330. Minor UI nit, since we use "disabled" to usually mean "no permission". Makes these links always normal looking.

Test Plan: Review a new project in sandbox.

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: Korvin

Maniphest Tasks: T12330

Differential Revision: https://secure.phabricator.com/D17436
2017-03-01 09:20:48 -08:00
epriestley
90ec21f999 Add "--pool" and "--duration" flags to daemon CLI tools
Summary: Ref T12331. These changes are intended to make it easier to debug T12331 since I'm having difficulty reproducing the issue locally.

Test Plan:
  - Ran `bin/phd debug task --pool 4` and got an autoscaling pool.
  - Ran `bin/worker flood --duration 3` and got some 3-second-long tasks to execute with `bin/worker execute ...`.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T12331

Differential Revision: https://secure.phabricator.com/D17431
2017-02-28 07:43:46 -08:00
Chad Little
54059b0a9d Add fulltext search results panel back for dashboards
Summary: Ref T12324. Adds back this query for search results in dashboards.

Test Plan: Use panel in Dashboard.

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: Korvin

Maniphest Tasks: T12324

Differential Revision: https://secure.phabricator.com/D17428
2017-02-27 12:45:17 -08:00
epriestley
a9cd146745 Filter archived packages out of the "controlling packages" query earlier
Summary:
Ref T12319. Currently, we end up filtering archived packages out once for each path. This shows up on a profile from an install as meaningfully expensive:

https://secure.phabricator.com/xhprof/profile/PHID-FILE-7kmpevyr22aih4s2vyln/?symbol=PhabricatorOwnersPackage::isArchived

Instead, filter them out before we do any work.

Test Plan:
Viewed a revision, still saw packages.

{F3425553}

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T12319

Differential Revision: https://secure.phabricator.com/D17427
2017-02-27 12:37:08 -08:00
Chad Little
05377bea19 Add an avatar builtin file generator
Summary: Ref T10319. This builds out a reasonably decent avatar generator. 256 colors x 74 images x 2 borders, 38k options. Not completely sure though how names disburse though, so likely half that number. I can add lowercase lettering to double the footprint if needed though.

Test Plan:
UIExamples. Color generator here: http://tools.medialab.sciences-po.fr/iwanthue/

{F3416622}

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: Korvin

Maniphest Tasks: T10319

Differential Revision: https://secure.phabricator.com/D17418
2017-02-27 11:09:30 -08:00
epriestley
6c21646b5f Put revisions waiting on other reviewers in their own bucket
Summary: Fixes T12323. See that task for discussion.

Test Plan: {F3424441}

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T12323

Differential Revision: https://secure.phabricator.com/D17425
2017-02-27 10:47:15 -08:00
epriestley
c5fa7421c2 Allow commits to be queried by repository using the tagged(...) typehaead function
Summary:
Fixes T12322. Allows you to search for commits using the `tagged(...)` repository function, so you can find "any commmit in any repository tagged with android" or similar.

I moved the function from Differential (which was the application using it) to Diffusion (which is more accurately the application which provides it).

I fixed a bug where searching for `tagged(xyz)` would have no effect (constraint was ignored) if there were no repositories tagged with "xyz". The fix isn't perfectly clean, but should work properly for the moment.

Test Plan:
  - Searched with `tagged(...)` in Diffusion and Differential.
  - Searched by repository.
  - Searched with `tagged(...)` for a project with no tagged repositories.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T12322

Differential Revision: https://secure.phabricator.com/D17426
2017-02-27 10:46:55 -08:00
epriestley
3bea3fbb12 When computing revision ownership, cache some intermediate results for performance
Summary:
Ref T12319. With large datasets, the computation of which packages own paths in a revision is needlessly slow.

Improve performance through caching:

  - Cache which paths belong to each repository.
  - Cache the split fragments of each path.
  - Cache the path fragment counts.
  - Micro-optimize accessing `$this->path`.

Test Plan:
  - Used `bin/lipsum` to generate 4,000 packages with 150,000 paths.
  - Created a revision affecting 100 paths in `phabricator/` (these paths mostly overlap with `bin/lipsum` path rules, since Lipsum uses Phabricator-like rules to generate paths).
  - Before optimizations, this revision spent about 5.5 seconds computing paths.
  - After optimizations, it spends about 275ms.

{F3423414}

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T12319

Differential Revision: https://secure.phabricator.com/D17424
2017-02-27 09:11:57 -08:00
epriestley
b9568646ac Add an owners package generator for Lipsum
Summary: Ref T12319. Allow `bin/lipsum generate` to generate owners packages.

Test Plan: Generated ~4,000 packages with ~150,000 paths.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T12319

Differential Revision: https://secure.phabricator.com/D17423
2017-02-27 09:11:04 -08:00
epriestley
5cb4c76bef Add a lipsum generator for Badges
Summary: Ref T12319. Ref T12270. Allow badges to be generated with `bin/lipsum`. These aren't hugely sophisticated but I'm not sure about the fate of T9010 yet or what's happening with the quality levels, and didn't want to make those changes more difficult.

Test Plan:
  - Used `bin/lipsum generate badges --force --quickly` to generate badges.
  - Made some coffee and came back to 20K badges.

{F3422200}

Reviewers: chad

Reviewed By: chad

Subscribers: cspeckmim

Maniphest Tasks: T12319, T12270

Differential Revision: https://secure.phabricator.com/D17422
2017-02-27 09:10:05 -08:00
epriestley
3b8ccb0b78 Add "--force" and "--quickly" flags to bin/lipsum
Summary:
Ref T12319.

  - Lipsum can trash an install by creating a lot of junk that's hard to get rid of, so we're cautious about letting you run it. Add a `--force` flag if you're sure you know what you're doing. This makes the edit/test cycle a bit easier when actually writing Lipsum generators.
  - Lipsum normally sleeps for a second before creating objects, to give users more control over how much stuff they create and limit the amount of damage caused by mistakes. Sometimes, you want to generate a LOT of stuff because you want to reproduce a performance/scale issue (like T12319). Add a `--quickly` flag to generate objects as fast as possible.
  - When loading random users (used as authors, assignees, etc), also load user settings so we can `ConduitCall` with them.
  - Allow generators to return a PHID instead of an actual object (more convenient for Conduit-based generators).

Test Plan:
  - With next change, ran `lipsum generate badges --force --quickly`.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T12319

Differential Revision: https://secure.phabricator.com/D17421
2017-02-27 09:09:41 -08:00
epriestley
99bcf5f112 Make bin/lipsum generate hanldle generator keys and arguments more clearly
Summary:
Ref T12319. Currently, `bin/lipsum` uses substring matches against human-readable text to chose which objects to generate.

Instead:

  - Use separate selector keys which are guaranteed to be unique.
  - When a match is exact, select only that generator.
  - When a match is ambiguous, fail and warn the user.

Test Plan: Generated several types of objects, tried to generate ambiguous objects like "e".

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T12319

Differential Revision: https://secure.phabricator.com/D17420
2017-02-27 09:09:28 -08:00
epriestley
1b2c047ce0 Correct spelling of "phabrictor" in Lipsum and elsewhere
Summary: Ref T12319. The product name is misspelled in some methods, and a few places in the documentation.

Test Plan: `grep`

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T12319

Differential Revision: https://secure.phabricator.com/D17419
2017-02-27 09:09:13 -08:00
Chad Little
44b307f28d Add some higher resolution default user images
Summary: Looks nicer on profiles, cards. Added some additional colors.

Test Plan: change my avatar a few times

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: avivey, Korvin

Differential Revision: https://secure.phabricator.com/D17416
2017-02-26 09:56:21 -08:00
Chad Little
59207fcfac Fix italics issue with nux state on homepage
Summary: We moved to having "no data" strings render in italics, but sometimes it doesn't make sense. This renders out the panel a little more expected.

Test Plan: Clean install of Phabricator, read home page activity box.

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: Korvin

Differential Revision: https://secure.phabricator.com/D17415
2017-02-25 15:30:17 -08:00
Chad Little
eec6cd865c Miscellanous badge fixes
Summary: Ref T12270. Add transaction validation for name, alias, award, revoke. Change auto subscribe for authors. Fix some typos.

Test Plan: Add badge, award badge, revoke badge, edit badge.

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: Korvin

Maniphest Tasks: T12270

Differential Revision: https://secure.phabricator.com/D17412
2017-02-24 15:51:26 -08:00
Chad Little
80cccebca2 Build a Badges page for Profiles
Summary: Ref T12270. Moves badges into their own page and menu item. Capable of displaying hundreds of useful tokens of appreciation and dedication.

Test Plan:
Test blank state, mobile, awards badges.

{F3284139}

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: Korvin

Maniphest Tasks: T12270

Differential Revision: https://secure.phabricator.com/D17410
2017-02-24 13:15:42 -08:00
epriestley
4270649abe Increase the size of the Diffusion commit cache
Summary:
Ref T12296. This cache is used to cache Git ref heads (branches, tags, etc). Reasonable repositories may have more than 2048 of these.

When we miss the cache, we need to single-get refs to check them, which is relatively expensive.

Increasing the size of the cache to 65535 should only require about 7.5MB of RAM.

Additionally, fill only as much of the cache as actually fits. The FIFO nature of the cache can get us into trouble otherwise.

If we insert "A, B, C, D" and then lookup A, B, C, D, but the cache has maximum size 3, we get this:

  - Insert A, B, C, D: cache is now "B, C, D".
  - Lookup A: miss, single get, insert, purge, cache is now "C, D, A".
  - Lookup B: miss, singel get, insert, purge, cache is now "D, A, B".

Test Plan:
  - Reduced cache size to 5, observed reasonable behavior on the `array_slice()` locally with `bin/repository update` + `var_dump()`.
  - Used this script to estimate the size of 65535 cache entries as 7.5MB:

```
epriestley@orbital ~ $ cat size.php
<?php

$cache = array();

$mem_start = memory_get_usage();
for ($ii = 0; $ii < 65535; $ii++) {
  $cache[sha1($ii)] = true;
}

echo number_format(memory_get_usage() - $mem_start)." bytes\n";
epriestley@orbital ~ $ php -f size.php
7,602,176 bytes
```

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T12296

Differential Revision: https://secure.phabricator.com/D17409
2017-02-24 10:54:19 -08:00
Chad Little
d38ee2d79a Update Phurl for modular transactions
Summary: Ref T6049. This moves Phurl to modular transactions.

Test Plan: Everything works here, add phurl, edit phurl, use phurl. Test various error states. Left a TODO on the validate dupe keys, not sure how to implement that in modular-land.

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: Korvin

Maniphest Tasks: T6049

Differential Revision: https://secure.phabricator.com/D17405
2017-02-24 08:30:47 -08:00
epriestley
89d1403fe8 Explicitly decline to add commit authors as auditors from Herald
Summary:
Fixes T12304. If you have a Herald rule which tries to add a commit author as an auditor, it fails validation when trying to apply.

Stop trying to apply these transactions, and explicitly tell the user why. Differential already uses a similar ruleset around reviewers, but Audit was using older code.

Test Plan:
  - Wrote a Herald rule to add A, B and C as auditors.
  - Committed as A.
  - After change, saw B and C added with transacript guidance that A was the author.

{F3235660}

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T12304

Differential Revision: https://secure.phabricator.com/D17404
2017-02-23 15:19:23 -08:00
epriestley
3b6a651b69 Merge multiple Auditors transactions from Herald
Summary:
Fixes T12302. Currently, we aren't merging multiple "AddAuditors" transactions correctly.

This can occur when Herald triggers multiple auditor rules.

Instead, merge them.

Test Plan:
  - Wrote two different Herald rules that add auditors.
  - Pushed a commit which triggered them.
  - After the change, saw all the auditors get added correctly.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T12302

Differential Revision: https://secure.phabricator.com/D17403
2017-02-23 15:14:58 -08:00
Chad Little
3eae9a368d Modular Transactions for Badges
Summary: Ref T12270. This converts Badges to modular transactions for editing and awarding.

Test Plan: Add Badge, edit badge, award and revoke... Still going to test this some more but feel free to comment on anything obviously wrong?

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: Korvin

Maniphest Tasks: T12270

Differential Revision: https://secure.phabricator.com/D17402
2017-02-23 14:22:52 -08:00
epriestley
ee2d8ce94b Allow XHProf profiles to be drag-and-dropped to upload them
Summary: Ref T12297. This could be fancier, but should make pulling profiles off `admin.phacility.com` significantly more realistic.

Test Plan: Dragged and dropped some profiles to upload them, then reviewed them via web UI.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T12297

Differential Revision: https://secure.phabricator.com/D17401
2017-02-23 11:16:19 -08:00
epriestley
4254702271 Use ApplicationSearch in XHProf
Summary:
Ref T12297. This slightly modernizes the XHProf UI. Not included here:

  - Some of the code acts like samples have PHIDs, but they currently do not. I plan to add them in the next change.
  - I've intentionally left the actual list untouched for now -- it has some old/buggy code (like `flag-6` is no longer an icon) that I'll fix in a future change.

Test Plan: {F3224264}

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T12297

Differential Revision: https://secure.phabricator.com/D17400
2017-02-23 11:15:58 -08:00
epriestley
84aff44bcd Add a "Red/Green Colorblind" accessibility mode, make all web UIs and email respect it
Summary:
Fixes T12172. Fixes T12060. This allows runtime code building CSS for mail to read CSS variables, then makes all the code do that.

It reverts the non-colorblind red/green to the colors in use before T12060, which seem better for non-colorblind users since no one really complained?

Test Plan:
  - Viewed code diffs in Web UI.
  - Viewed prose diffs in Web UI.
  - Viewed code diffs in email.
  - Viewed prose diffs in email.

All modes respected the accessibility color scheme.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T12172, T12060

Differential Revision: https://secure.phabricator.com/D17269
2017-02-23 10:57:39 -08:00
Chad Little
568a3877d1 Simplify dashboard panel creation
Summary: Ref T10390. Basically hides policy controls when creating a panel on a dashboard. Shows when you edit them or through normal workflow. I think we should maybe also get rid of view policy? Not sure the benefit since results will be filtered anyways. Maybe Text panels? Not sure the use case.

Test Plan: Add a panel, edit a panel.

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: hskiba, Korvin

Maniphest Tasks: T10390

Differential Revision: https://secure.phabricator.com/D17393
2017-02-22 17:50:29 -08:00
epriestley
4540ae028a Fix "Create Form" link destinations when editing edit forms
Summary:
Fixes T12301. In D17372, this changed to use generic EditEngines instead of the proper runtime engine. Normally this doesn't matter, but can in this case.

After loading the configurations normally, swap their attached engines for the specific configured runtime engine we're currently executing.

Test Plan: Clicked "Create Form" from the Maniphest form list, saw it go to "Create Maniphest Form", not "Create Generic Meta-Form".

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T12301

Differential Revision: https://secure.phabricator.com/D17398
2017-02-22 15:00:05 -08:00
epriestley
939fb69aa6 Be less strict when detecting dead daemons
Summary:
Fixes T12306. Currently, we warn about daemons not running even if they're in normal "alive" states, particularly "waiting to restart after a failure".

This check was made more strict in D12088, back when we tried to version check running daemons. Since we implemented auto-restart-after-config-change we don't do this anymore, so it should be fine to make this more lax again.

Test Plan:
  - Faked an exception for all tasks.
  - Before patch: reloading the daemon setup error sometimes raised a false positive ("waiting" daemon detected as dead).
  - After patch: daemon setup error no longer triggers.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T12306

Differential Revision: https://secure.phabricator.com/D17397
2017-02-22 14:11:28 -08:00
epriestley
6f50729a91 Update Phabricator for new daemon pool changes
Summary:
Ref T12298. This updates `bin/phd` for minor changes to daemon configuration. In particular:

  - Every daemon now has an autoscale pool (for trigger/pull, the maximum pool size is 1).
  - Pools now have labels to make debugging a little easier.
  - Some minor structural changes.

Test Plan: See D17389.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T12298

Differential Revision: https://secure.phabricator.com/D17390
2017-02-22 13:15:14 -08:00
Chad Little
bf44210dc8 Reduce application search engine results list for Dashboards
Summary: Ref T10390. Simplifies dropdown by rolling out canUseInPanel in useless panels

Test Plan: Add a query panel, see less options.

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: Korvin

Maniphest Tasks: T10390

Differential Revision: https://secure.phabricator.com/D17341
2017-02-22 12:42:43 -08:00
Chad Little
e2868a0da2 Remove ability to edit Badge forms
Summary: Ref T12270. Remove the EditEngine form configuration option on Badges.

Test Plan: View edit page, don't see configure form.

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: Korvin

Maniphest Tasks: T12270

Differential Revision: https://secure.phabricator.com/D17392
2017-02-21 14:53:25 -08:00
Chad Little
89ce42c15c Update people hovercard UI
Summary: Removes Badges, they felt awkward. Updates UI, larger image, better layout, more icons.

Test Plan: Review numerous layouts with fancy new search tool.

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: Korvin

Differential Revision: https://secure.phabricator.com/D17391
2017-02-21 14:41:10 -08:00
epriestley
ab9c1b73b5 Fix bad JS rendering in "Allow Desktop Notifications" workflow
Summary:
See downstream <https://phabricator.kde.org/T5404>. This code was doing some `.firstChild` shenanigans which didn't survive some UI refactoring.

This whole UI is a little iffy but just unbreak it for now.

Test Plan: Allowed and rejected desktop notifications, got largely reasonable UI rendering.

Reviewers: chad

Reviewed By: chad

Differential Revision: https://secure.phabricator.com/D17388
2017-02-20 12:55:34 -08:00
Jakub Vrana
9f3cde4db7 Fix errors found by PHPStan
Test Plan: None.

Reviewers: #blessed_reviewers, epriestley

Reviewed By: #blessed_reviewers, epriestley

Subscribers: epriestley

Differential Revision: https://secure.phabricator.com/D17377
2017-02-18 09:24:56 +00:00
epriestley
a439ea7190 Fix a bad parameter read in hovercard
Summary: I broke this at the last second in D17374. `getStrList()` doesn't read arrays. It probably should (more modern analogs do) but don't rock the boat in the leadup to the release cut.

Test Plan: Hovered over a thing, saw a hovercard and no `getStrList()` error in my logs.

Reviewers: chad

Reviewed By: chad

Differential Revision: https://secure.phabricator.com/D17383
2017-02-17 16:42:10 -08:00
epriestley
81a9726fa1 Make the new "Unverified Email" behavior more clear to other users
Summary:
Ref T12268. Ref T12157. When you mention or interact with a user who is unlikely to be able to respond (for example, because their account is disabled), we try to show a colored dot to provide a hint about this.

Recently, we no longer send any normal mail to unverified addresses. However, the rules for showing a dot haven't been updated yet, so they only care about this if `auth.require-verification` is set. This can be misleading, because if you say `Hey @alice, what do you think about this?` and she hasn't verified her email, you may not get a response.

Update the rule so users with unverified email addresses get a grey dot in all cases. The hint is basically "you shouldn't expect a response from this user".

Make the meaning of this hint more clear on the hovercard and profile.

Also:

  - Allow the non-ajax version of the hovercard page (which is basically only useful for testing hovercards) accept `?names=...` so you can just plug usernames, hashtags, etc., in there.
  - Fix a bug where the user's join date was based on their profile creation date instead of account creation date on the hovercard. Users may not have a profile creation date (if they never changed any account details), and it may be different from their account creation date.

Test Plan: {F2998517}

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T12268, T12157

Differential Revision: https://secure.phabricator.com/D17374
2017-02-17 10:28:44 -08:00
epriestley
7448cb0c3a Replace exciting fantasy word "subtasktask" with plain old "subtask"
Summary: Fixes T12284. This isn't actually a word.

Test Plan: Read carefully.

Reviewers: chad, avivey

Reviewed By: avivey

Maniphest Tasks: T12284

Differential Revision: https://secure.phabricator.com/D17373
2017-02-17 06:08:55 -08:00
Jakub Vrana
a778151f28 Fix errors found by PHPStan
Test Plan: Ran `phpstan analyze -a autoload.php phabricator/src`.

Reviewers: #blessed_reviewers, epriestley

Reviewed By: #blessed_reviewers, epriestley

Subscribers: Korvin, hach-que

Differential Revision: https://secure.phabricator.com/D17371
2017-02-17 10:10:15 +00:00
epriestley
b2739710ba Don't allow forms which can't create objects to be added to profile menus
Summary:
Fixes T12281. Some forms (like Settings) can't actually create new objects. Currently, though, you can select them and add them to profile menus; if you do, they fail when building an item.

Kick them out of the typeahead, and decline to render them in menus.

Test Plan:
Added "Create Settings" to a menu, no longer fatals after patch (item vanished from menu, still editable normally to get rid of it).

Tried to add another "Create Settings", no longer available in typehaead.

Added some normal stuff.

Viewed a choose-among-forms dropdown in Maniphest, which still worked normally.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T12281

Differential Revision: https://secure.phabricator.com/D17372
2017-02-16 15:45:11 -08:00
epriestley
01f277cef2 Fix a CalendarExport issue when an existing export has an unsupported mode
Summary:
See D16676. When an export has an unsupported mode (bad database value, out-of-date object, etc) the intent of this code is to put it into the `<select />` so that you can save the form without silently changing the object.

However, it incorrectly calls `array_shift()` instead of `array_unshift()`.

Test Plan:
Edited a Calendar export with an invalid mode, saw the mode appear properly in the dropdown:

{F2957321}

Reviewers: vrana, chad

Reviewed By: vrana

Differential Revision: https://secure.phabricator.com/D17369
2017-02-16 06:22:21 -08:00
Chad Little
9716e83d60 Build Badges View page into more of a profile
Summary: Ref T10798. Cleans up the UI a little and adds a sidenav.

Test Plan: Review badge and recipients in sandbox.

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: Korvin

Maniphest Tasks: T10798

Differential Revision: https://secure.phabricator.com/D17358
2017-02-15 11:32:23 -08:00
Chad Little
2f69cb5fe7 Add more transation data to panel tab changes
Summary: Fixes T10473. Clever, didn't know we could do this, but works well. Renders out the tab names by ', '.

Test Plan:
Add a tab panel, change some names, review transactions.

{F2929594}

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: Korvin

Maniphest Tasks: T10473

Differential Revision: https://secure.phabricator.com/D17359
2017-02-15 11:05:39 -08:00
Chad Little
37ac0ada17 Restrict movable panels to non-tab panels
Summary: Fixes T12248. Adds a flag for movable panels, and only allows those to be moved. Also cleaned up some CSS rules missing once a panel was drug into a new position.

Test Plan: Try to drag a tab panel content pane, cannot. Drag normal pane, see CSS, grab and drag same panel back, CSS looks the same.

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: Korvin

Maniphest Tasks: T12248

Differential Revision: https://secure.phabricator.com/D17356
2017-02-14 14:15:59 -08:00
Chad Little
b28b2b8ab8 Use typeahead for tab panel selection
Summary: Fixes T11449. Feels.... magical? Probably a more efficient way of doing this, but only 6 tabs so...

Test Plan: Create a tab panel in old UI. Edit panel in new UI. Create a panel in new UI, edit panel in new UI.

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: Korvin

Maniphest Tasks: T11449

Differential Revision: https://secure.phabricator.com/D17355
2017-02-14 13:43:52 -08:00
Chad Little
5556f0e45a Don't allow duplicate panels on dashboards
Summary: Fixes T10145. I went with "don't add two panels", since panels are easy to create, I expect this to be a reasonable limit until we have better use cases.

Test Plan: Try to add the same panel twice, get error. Add panel normally fine, move panels fine, edit panels fine.

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: Korvin

Maniphest Tasks: T10145

Differential Revision: https://secure.phabricator.com/D17351
2017-02-14 07:24:03 -08:00
Chad Little
2c09fc5605 Make Panels slightly easier to find and use
Summary: Ref T10390, turns "add existing panel" into a typeahead, and add lots more information to search.

Test Plan: Add an existing panel, click the search icon, see more information (type, engine).

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: Korvin

Maniphest Tasks: T10390

Differential Revision: https://secure.phabricator.com/D17348
2017-02-13 19:38:41 -08:00
Chad Little
1cb924ce68 Fix duplicating panel when editing in column 2
Summary: Fixes T10612. We're writing a new panel to any dashboard even if it already exists. No need when just updating a panel title.

Test Plan: Add "welcome" panel to column 2 of a clean dashboard. Edit title, save. See correct panel in correct place.

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: Korvin

Maniphest Tasks: T10612

Differential Revision: https://secure.phabricator.com/D17349
2017-02-14 02:52:29 +00:00
Chad Little
f9163bf065 Allow lightbox comments to be viewed logged out
Summary: Fixes T12160. Lightbox thread view should be visible if file is public.

Test Plan:
Add a file to a task, log out, click on file in task, get lightbox and no error. Expand comments, see login box.

{F2867067}

{F2867088}

{F2867098}

{F2867114}

{F2867124}

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: Korvin

Maniphest Tasks: T12160

Differential Revision: https://secure.phabricator.com/D17347
2017-02-13 13:54:13 -08:00
epriestley
6f37685a75 Fix flipped open/closed status for Diviner atoms in search index
Summary: Fixes T12258. I think these constants are just flipped.

Test Plan: Kinda winged it.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T12258

Differential Revision: https://secure.phabricator.com/D17346
2017-02-13 13:12:32 -08:00
epriestley
3cf6f746f0 Raise an "Account Setup Issue" if your primary address is unverified
Summary:
Ref T12237. This adds a UI cue for users who have unverified primary addresses, since we no longer send them mail.

Also adds a new `bin/mail unverify` to unverify an address (for example, because mail is bouncing).

Test Plan:
  - Unverified my address, saw setup issue.
  - Verified my address, no more setup issue.

{F2861820}

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T12237

Differential Revision: https://secure.phabricator.com/D17344
2017-02-13 10:41:32 -08:00
epriestley
037c749ef3 Fix missing setQuoteRef() on Commit detail pages in Diffusion
Summary: Fixes T12253.

Test Plan:
  - Before change: used "Quote Comment", saw "In null, alice wrote:" in quoted text.
  - After change: used "Quote Comment", saw proper reference to the commit/page. Clicked reference, was sent to the comment properly.

{F2859093}

Reviewers: chad, avivey

Reviewed By: avivey

Maniphest Tasks: T12253

Differential Revision: https://secure.phabricator.com/D17343
2017-02-13 07:44:01 -08:00
Chad Little
554c4f10c5 Remove Copy Dashboard
Summary: Ref T10390. This removes the "Copy Dashboard" feature, which was more of a crutch to assist in the complexity of building and maintaining dashboards. I think we're close enough now that removing this and adding in some simpler edit dialogs should negate any benefit to keeping this around. Also removed an un-used "Uninstall Dashboard" dialog.

Test Plan: Visit manage, edit, no longer see option to copy dashboard. grep /dashboards/ for "copy" and remove all traces. Add some panels to a dashboard I own.

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: Korvin

Maniphest Tasks: T10390

Differential Revision: https://secure.phabricator.com/D17338
2017-02-13 07:25:27 -08:00
Chad Little
5a850ab235 Add more information to Dashboard ApplicationSearch list
Summary: Fixes T4984. This is about as fancy as I want to get this pass. Adds in the list of panel titles and the author. This does give me a rough idea what's on each dashboard.

Test Plan:
Visit a list of dashboards and see various authors and panels.

{F2810876}

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: Korvin

Maniphest Tasks: T4984

Differential Revision: https://secure.phabricator.com/D17340
2017-02-13 07:24:43 -08:00
Austin McKinley
8dd7b544fe Don't show an auth provider as enabled if it's still being created
Test Plan: attempted to create a new auth provider; observed that "enabled" ui element does not render. viewed existing auth provider and observed that "enabled" ui element still renders

Reviewers: #blessed_reviewers, epriestley

Reviewed By: #blessed_reviewers, epriestley

Subscribers: Korvin

Maniphest Tasks: T12245

Differential Revision: https://secure.phabricator.com/D17337
2017-02-13 07:02:52 -08:00
epriestley
b71e089669 Fix a fatal when viewing methods which no longer exist in the Conduit call log
Summary: Fixes T12252.

Test Plan:
I just faked this, but likely repro is:

  - Call method `x.y`.
  - Remove method `x.y` from the codebase.
  - View log.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T12252

Differential Revision: https://secure.phabricator.com/D17342
2017-02-13 06:24:48 -08:00
Chad Little
8b2880cfb7 Add a Phurl Typeahead
Summary: Adds a basic typeahead for Phurl Objects.

Test Plan: http://local.phacility.com/typeahead/browse/PhabricatorPhurlURLDatasource/

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: Korvin

Differential Revision: https://secure.phabricator.com/D17339
2017-02-11 15:31:07 -08:00
epriestley
29dc9e9ae1 Make the Phortune Subscription view show "Deleted Payment Method" for deleted payment methods
Summary: Fixes T12224. This brings "Autopay" on the View controller into line with how it works on the Edit controller.

Test Plan:
  - Viewed subscriptions with no autopay, valid autopay, and deleted autopay.

{F2750725}

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T12224

Differential Revision: https://secure.phabricator.com/D17334
2017-02-10 16:02:26 -08:00
Josh Cox
e0675b28d8 Pass exception to PhutilProxyException
Summary: Fixes T12243. That error occured due to network flakiness with some mounted filesystems so I'm not sure how best to simulate it. But you can look and see that the PhutilProxyException does indeed expect an exception as its second arg.

Test Plan: Look at method signature... look at callsite... now back at the method. Smile and nod.

Reviewers: #blessed_reviewers, yelirekim, epriestley

Reviewed By: #blessed_reviewers, epriestley

Subscribers: epriestley

Maniphest Tasks: T12243

Differential Revision: https://secure.phabricator.com/D17335
2017-02-08 13:24:44 -05:00
epriestley
56b1ff833b Fix some outdated help text about "Reply All" in "metamta.one-mail-per-recipient"
Summary: Ref T12240. When you "Reply All" to a Phabricator mail, we make an effort not to send the response to recipients who you hit with the original message. This isn't perfect and we can't always get it right, but the old description implies it's a bigger problem than it should be in practice.

Test Plan: Read text.

Reviewers: chad, eadler

Reviewed By: chad

Maniphest Tasks: T12240

Differential Revision: https://secure.phabricator.com/D17331
2017-02-10 07:17:10 -08:00
Chad Little
d1c253de94 Touch up basic usability of Dashboards
Summary: Ref T10390. This mostly shuffles layout into "View" and keepts "Manage" around for Edit/Copy/History. This feels better to me overall. Also tweaked some spacing and color.

Test Plan:
New Dashboard, edit Dashboard, shuffle panels. Create new panels.

{F2684043}

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: Korvin

Maniphest Tasks: T10390

Differential Revision: https://secure.phabricator.com/D17326
2017-02-09 14:20:47 -08:00
epriestley
4997b6bd02 Never send normal mail to unverified addresses
Summary:
Ref T12237. This tightens our delivery rules, which previously sent normal mail to unverified addresses:

  - We sent general mail to unverified addresses so that you wouldn't miss anything between the time you sign up (or have an account created) and the time you verify your address. This was imagined as a slight convenience for users.
  - We sent automatic reply mail to unverified addresses if they sent mail to us first, saying "we don't recognize that address". This was imagined as a convenience for users who accidentally send mail "From" the wrong address (personal vs work, for example).

I think both behaviors are probably a little better for users on the balance, but not having mail providers randomly shut us off without warning is better for me, personally -- so stop doing this stuff.

This creates a problem which we likely need to solve before the release is cut:

  - On installs which do not require mail verification, mail to you will now mostly-silently be dropped if you never bothered to verify your address.

I'd like to solve this by adding some kind of per-user alert that says "We recently tried to send you some mail but you haven't verified your address.", and giving them links to verify the address and review the mail. I'll pursue this after restoring mail service to `secure.phabricator.com`.

Test Plan:
  - Added a unit test.
  - Unverified my address, sent mail, saw it get dropped.
  - Reverified my address, sent mail, saw it go through.
  - Verified that important mail (password reset, invite, confirm-this-address) either uses "Force Delivery" (skips this check) or "Raw To Addresses" (also skips this check).
    - Verified that Phacility instance stuff is also covered: it uses the same invite flow.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T12237

Differential Revision: https://secure.phabricator.com/D17329
2017-02-09 10:20:57 -08:00
Chad Little
3b558d7dd0 Add back the motivator panel
Summary: Fixes T12226, Ref D17233. Resurrects the motivator panel.

Test Plan: Add panel, see fact on hover.

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: yelirekim, jcox, Korvin

Maniphest Tasks: T12226

Differential Revision: https://secure.phabricator.com/D17324
2017-02-08 09:09:30 -08:00
Chad Little
638f2a012b Add AuthorHref to feed story images
Summary: Fixes T9336. Kind of a bit to back up and find the source, but works easily.

Test Plan: View feed, click on my image.

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: Korvin

Maniphest Tasks: T9336

Differential Revision: https://secure.phabricator.com/D17322
2017-02-07 10:09:00 -08:00
Chad Little
1f4a89b613 More minor CSS tweaks globally
Summary: Moves profile/project to use more standard colored boxes. Reverts dashboard border colors. Ensures better High-Contrast application more consistently across these projects. Also fix T12211.

Test Plan: Home, People, Projects in High Contrast / Standard

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: Korvin

Maniphest Tasks: T12211

Differential Revision: https://secure.phabricator.com/D17321
2017-02-06 11:06:46 -08:00
epriestley
75abf79953 Remove bad "Session" link in User activity logs
Summary:
Fixes T12215. Two issues:

  - We build this `$session` link out of `$ip`, which is (a) wrong even if `$ip` was the IP and (b) super wrong since `$ip` is a tag.
  - These links don't work even if we'd built them right: searching by the //prefix// of a session identifier does nothing.

At least for now, just get rid of the links rather than trying to make this behavior work.

Test Plan:
On People > Activity logs:

  - Before patch: Saw bad links with bogus targets in "session" column.
  - After patch: Saw plain text in "session" column.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T12215

Differential Revision: https://secure.phabricator.com/D17316
2017-02-06 08:38:17 -08:00
epriestley
3d44208e4f Clarify that "account.editable" no longer extends to profile pictures
Summary: Fixes T12216. I'd like to remove this option eventually, but just narrow its scope in the config description for now.

Test Plan: Read config description.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T12216

Differential Revision: https://secure.phabricator.com/D17317
2017-02-06 08:37:26 -08:00
Chad Little
70135d0ca8 Lots of little minor CSS tweaks
Summary: Lots of little details, fix workboard bg colors, darken up global backgrounds just a hair, add more "widgety" look to dashboard panels, remove underline on anchors on mobile. Also Fixes T12210

Test Plan: Use lots of pages on mobile and desktop.

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: Korvin

Maniphest Tasks: T12210

Differential Revision: https://secure.phabricator.com/D17315
2017-02-05 20:45:27 +00:00
epriestley
f64edb993f Allow users who can edit a dashboard to remove invalid / restricted panels
Summary:
Ref T12207. Currently, to remove a panel from a dashboard, it must be a valid panel which you can see.

Instead, only require that the panel PHID actually be listed somewhere in the dashboard's internal list of panels.

This interacts with the "multiple instances of a panel" issue described in some more depth in T12207. In particular:

  - Currently, you can sort of add multiple copies of a panel to a dashboard, sometimes? Maybe?
  - This leads to great tragedy.

This doesn't fix up the workflow with respect to multiple copies of a panel. We still remove by panel PHID (not by column/position or internal ID) so if a dashboard has multiple copies of the same panel for some reason, I think this workflow removes one of them arbitrarily (at best) or perhaps does something worse. I'm just treating this behavior as undefined for the moment.

Test Plan:
- Removed an invalid/hidden panel from a dashboard as a user with permission to edit that dashboard.
- Tried to remove a made-up panel with a totally bogus PHID, got 404'd.
- Viewed a dashboard with a restricted panel.
- Put a hidden panel inside a tab panel, viewed it as a user who could not see it and a user who could.

Reviewers: chad

Reviewed By: chad

Subscribers: swisspol

Maniphest Tasks: T12207

Differential Revision: https://secure.phabricator.com/D17314
2017-02-04 16:33:47 -08:00
epriestley
29114bea5f Fix a policy error for restricted applications in a profile menu
Ref T12174. This could improperly raise a policy error. Instead, hide the menu item.

Auditors: chad
2017-02-04 07:08:49 -08:00
epriestley
9c62a10989 Limit damage caused by bad panels on dashboards you can manage
Summary:
Fixes T12203. If you tried to //manage// a dashboard which had a panel you can't see, we'd try to render bogus actions for it and fatal.

Instead, for the moment, survive. Presumably we'll ship a real fix for this in the next release or so, and tackle T10612 / T10145, which I think are closely related.

Test Plan: {F2570418}

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T12203

Differential Revision: https://secure.phabricator.com/D17311
2017-02-03 18:34:36 -08:00
epriestley
281e9849ed Fix display of current file on Macro creation
Summary: This could hit an obscure fatal.

Test Plan:
  - Create a macro.
  - Upload a file, but don't give it a name.
  - Before: fatal.
  - After:

{F2569846}

Reviewers: chad, 20after4

Reviewed By: chad

Differential Revision: https://secure.phabricator.com/D17310
2017-02-03 17:10:02 -08:00
Austin Seipp
ab923e0a75 Implement new reCAPTCHA interface
Summary:
Fixes T12195. For the past few years, Recaptcha (now part of Google) has supported
a new, "no captcha" one-click user interface. This new UI is stable, doesn't
require any typing or reading words, and can even work without JavaScript (if
the administrator enables it on the Recaptcha side).

Furthermore, the new Recaptcha has a completely trivial API that can be dealt
with in a few lines of code. Thus, the external `recaptcha` php library is now
gone.

This API is a complete replacement for the old one, and does not require any
upgrade path for users or Phabricator administrators - public and secret keys
for the "new" Recaptcha UI are the exact same as the "classic" Recaptcha. Any
old Recaptcha keys for a domain will continue to work.

Note that Google is currently testing Yet Another new Captcha API, called
"Invisible reCAPTCHA", that will not require user interaction at all. In fact,
the user will not even be aware there //is even a captcha form//, as far as I
understand. However, this new API is 1) in beta, 2) requires new Recaptcha keys
(so it cannot be a drop-in replacement), and 3) requires more drastic API
changes, as form submission buttons must instead invoke JavaScript code, rather
than a token being passed along with the form submission. This would require far
more extensive changes to the controllers. Maybe when it's several years old, it
can be considered.

Signed-off-by: Austin Seipp <aseipp@pobox.com>

Test Plan:
Created a brand-new Phabricator installation, saw the new Captcha UI
on administrator sign up. Logged out, made 5 invalid login attempts, and saw the
new Captcha UI. Reworked the conditional to invert the condition, etc to test
and make sure the API responded properly.

Reviewers: epriestley, #blessed_reviewers, chad

Reviewed By: epriestley, #blessed_reviewers

Subscribers: avivey, Korvin

Maniphest Tasks: T12195

Differential Revision: https://secure.phabricator.com/D17304
2017-02-03 20:06:29 +00:00
epriestley
42743810e9 When a viewer can't see some of a dashboard's panels, only hide those panels
Summary:
Ref T12174. Ref T8033. Currently, if you can't see one panel on a dashboard, you can't see the dashboard at all. This is confusing and hard to debug.

Improve this behavior at least slightly: render the dashboard, with a big "you can't see this" panel in place of any panels you can't see. This should at least make the behavior obvious, even if it isn't the best or most comprehensive way we can handle it in all cases.

Test Plan: {F2566003}

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T12174, T8033

Differential Revision: https://secure.phabricator.com/D17308
2017-02-03 10:14:14 -08:00
epriestley
d054f87f93 Make drag-and-drop to upload files work on any Home dashboard, not just "Magic Home"
Summary: Ref T12174. Drag-and-drop-to-upload requires some stuff in the document. Put that stuff on all the content pages (currently: dashboards, magic home), not just the builtin home.

Test Plan:
  - Dragged-and-dropped onto a Home dashbboard to upload.
  - Viewed, and dragged-and-dropped onto "builtin home" to upload.
  - Dragged onto "Edit Menu" for home, no upload.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T12174

Differential Revision: https://secure.phabricator.com/D17307
2017-02-03 09:33:46 -08:00
Chad Little
f54dfe7567 Add a basic icon typeahead
Summary: Fixes T11971, adds a basic typeahead for selecting an icon.

Test Plan:
http://local.phacility.com/typeahead/browse/PhabricatorIconDatasource/

{F2561013}

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: Korvin

Maniphest Tasks: T11971

Differential Revision: https://secure.phabricator.com/D17301
2017-02-03 09:19:29 -08:00
epriestley
fd0591e168 Restore "Auditor" as an alias for the commit message field "Auditors"
Summary:
Fixes T12197. I //think// this field was never recognized by Differential (it doesn't appear in D17070, but maybe that isn't the right change).

It was recognized by the ad-hoc regular expression which I replaced with a formal parser in D17262.

Allow the former parser to accept "Auditor" as an alias for "Auditors".

Test Plan: Committed a change with `Auditor: dog`, saw the audit trigger correctly in the web UI.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T12197

Differential Revision: https://secure.phabricator.com/D17306
2017-02-03 09:14:32 -08:00
Chad Little
dd068a071e Add clearer saved search options in ApplicationSearch
Summary: Ref T5307, Makes these buttons a little more clear visually and verbosely. Adds white icons for blue buttons.

Test Plan: Test saving a search, viewing button changes on various form pages / uiexamples.

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: Korvin

Maniphest Tasks: T5307

Differential Revision: https://secure.phabricator.com/D17305
2017-02-03 08:47:49 -08:00
epriestley
d182d7eaf1 Remove menu item pinning from Home and Favorites profile menus
Summary:
Ref T12174.

  - Home now always uses the topmost item (falling back to "magic home") and no longer supports pinning. If any personal item may be a default item, it will always be picked over any global item.
  - Favorites doesn't use defaults anyway, but no longer has misleading UI suggesting it might.

Test Plan:
  - Saw no pinning UI on Home/Favorites.
  - Added a personal dashboard on Home, it automatically became the new default.
  - Pinned stuff normally on Projects.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T12174

Differential Revision: https://secure.phabricator.com/D17298
2017-02-03 05:37:05 -08:00
Chad Little
e980b94a2f Add a Picture Menu Item for Profiles
Summary: Just making profiles a little nicer, adds a big picture, easier mechanism for updating photos. Also larger profile pictures... need to re-thumb?

Test Plan:
View my profile, edit my picture, view a stranger, see profile. Check mobile, tablet, desktop. Check action menu on mobile.

{F2559394}

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: Korvin

Differential Revision: https://secure.phabricator.com/D17295
2017-02-02 08:52:38 -08:00
Josh Cox
1b8b64aae6 Stop calling the undefined withIsTag method
Summary: This just cleans up a method call that was missed in D15986. It's been causing fatal errors in one of our workflows.

Test Plan: Grep'd for other instances of `withIsTag` and didn't find any

Reviewers: #blessed_reviewers, epriestley

Reviewed By: #blessed_reviewers, epriestley

Subscribers: epriestley, yelirekim

Differential Revision: https://secure.phabricator.com/D17299
2016-12-14 14:56:40 -05:00
epriestley
d0258a8981 Fix a mismatched method definition in PhabricatorHomeProfileMenuItem
Summary: Fixes T12187. Ref T12190. See T12190 for discussion of why this escaped notice.

Test Plan:
  - Commented out the `error_reporting()` clause around file inclusion.
  - Reproduced the error in PHP7.
  - Corrected the method signature.
  - Reloaded the page, no more error.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T12190, T12187

Differential Revision: https://secure.phabricator.com/D17297
2017-02-02 07:02:21 -08:00
Chad Little
67d9568fb5 Add better description to built-in Home
Summary: Ref T12174. This could be a little more verbose.

Test Plan: Review Global Menu Items

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: Korvin

Maniphest Tasks: T12174

Differential Revision: https://secure.phabricator.com/D17294
2017-02-01 16:32:12 -08:00
epriestley
fe33041681 Restore old Home mobile menu behavior, hide crumbs
Summary:
Ref T12174.

  - Go back to the old mobile behavior (full-screen menu by default, click to see content).
  - Hide crumbs from all Home content UIs. I left them on the edit/configure UIs since they feel a little less out-of-place there and some have multiple levels.

Test Plan:
Viewed Home on mobile, viewed `/home/` on mobile.

Also, saw no crumbs.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T12174

Differential Revision: https://secure.phabricator.com/D17290
2017-02-01 10:29:13 -08:00
epriestley
6abdae8e73 Allow "Magic Home" to be hidden
Summary: Ref T12174. Fallback behavior on this already appears to be sensible.

Test Plan:
  - Hid "Magic Home".
  - Viewed homepage with no dashboards on the menu.
  - Saw "Magic Home" content, with no item in the menu selected, which seems reasonable.

{F2557022}

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T12174

Differential Revision: https://secure.phabricator.com/D17289
2017-02-01 10:28:35 -08:00
epriestley
3fc03c0da1 Show magic "Home" menu item for logged-out users on public installs
Summary:
Ref T12174. Setup is:

  - Allow public access.
  - Don't touch the default menu.
  - Visit `/` while logged out.

Currently, you see "magic home" as content, but don't actually see the menu item.

Instead, show the menu item.

Test Plan: {F2557000}

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T12174

Differential Revision: https://secure.phabricator.com/D17288
2017-02-01 10:28:11 -08:00
Chad Little
113bdd9f79 Fix application name toolip hover
Summary: Ref T12174. We were always setting a name via builtins so the tooltip was always set. Fix the calls here.

Test Plan: Add "Badges", see tooltip, give "Badges" a name of "Badges", don't see tooltip.

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: Korvin

Maniphest Tasks: T12174

Differential Revision: https://secure.phabricator.com/D17284
2017-02-01 07:20:43 -08:00
Chad Little
7fc8e19786 Add some style to label in Favorites Menu
Summary: Ref T12174. Always sets the correct type when converting to ActionList, adds a type to Divider.

Test Plan:
Add a Label, 2 applications to the personal favorites menu, see nice styles.

{F2554901}

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: Korvin

Maniphest Tasks: T12174

Differential Revision: https://secure.phabricator.com/D17285
2017-02-01 07:20:31 -08:00
Chad Little
f4dbe6330a Use a label for default home menu
Summary: Ref T12174, I think this feels slightly nicer having "Applications"

Test Plan: Review home changes

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: Korvin

Maniphest Tasks: T12174

Differential Revision: https://secure.phabricator.com/D17287
2017-02-01 07:20:13 -08:00
epriestley
9b92e56dfc Don't link "Dxxx" on Differential revision pages
Summary: Ref T12027. See T12043 for discussion.

Test Plan: Double-clicked "Dxxx" to select it.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T12027

Differential Revision: https://secure.phabricator.com/D17283
2017-01-31 18:55:22 -08:00
epriestley
bd9e54b621 Navigage Buildkite builds with more nuance
Summary:
Ref T12173.

  - If we want to fetch a tag, Buildkite needs it as a "branch" (this means more like "ref to fetch").
  - The API gets upset if we pass "refs/tags/...", so just pass the tag name without the prefix, which works.
  - Do a better job with commits and pass a real branch to fetch.

Test Plan:
  - Built a commit with Buildkite.
  - Build a revision with Buildkite.

Reviewers: chad

Reviewed By: chad

Subscribers: PHID-OPKG-gm6ozazyms6q6i22gyam

Maniphest Tasks: T12173

Differential Revision: https://secure.phabricator.com/D17282
2017-01-31 17:26:45 -08:00
Chad Little
206b16d2bb Slightly better "Simple Dashboard"
Summary: Fix copy for installing dashboard, add a revision panel, and change the default name to make it easier to find. Ref T12174

Test Plan: Go to dashboards, click New, then Simple. Visit home and install my dashboard

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: Korvin

Maniphest Tasks: T12174

Differential Revision: https://secure.phabricator.com/D17277
2017-01-31 22:36:14 +00:00
epriestley
e8c5758192 Improve page titles for menu items that render in-context content
Summary: Ref T12174. Dashboards and "Home" currently use the page title "Configure Menu". Give them more appropriate titles instead.

Test Plan: Viewed dashboards, Home. Saw relevant page titles.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T12174

Differential Revision: https://secure.phabricator.com/D17281
2017-01-31 13:37:20 -08:00
epriestley
4890d66795 Excluded authored commits from "Ready to Audit"; handle unreachable commits better
Summary:
Ref T10978. I'm inching toward cleaning up our audit state. Two issues are:

  - Authored commits show up in "Ready to Audit", but should not.
  - Unreachable commits (like that stacked of unsquashed stuff) show up too, but we don't really care about them.

Kick authored stuff out of the "Ready to Audit" bucket and hide unreachable commits by default, with constraints for filtering. Also give them a closed/disabled/strikethru style.

Test Plan:
  - Viewed audit buckets.
  - Searched for reachable/unreachable commits.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T10978

Differential Revision: https://secure.phabricator.com/D17279
2017-01-31 13:37:05 -08:00
epriestley
b2de149009 Allow menu items to be edited again
Summary:
Ref T12174. We now require that we can figure out a valid "edit mode" (global vs custom/personal) before we hit EditEngine. Since the EditEngine routes don't have an `itemID`, they would failu to figure out the mode and just 404.

Let the engine use `id` (from EditEngine) if `itemID` (from MenuEngine) isn't present in the route.

Test Plan:
  - Edited some menu items on Home / Projects.
  - (I think I tested this, then broke it, originally.)

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T12174

Differential Revision: https://secure.phabricator.com/D17280
2017-01-31 13:36:45 -08:00
Chad Little
f7c3813586 Add Label MenuItem
Summary: Ref T12174, lets you set labels as well for dividing content.

Test Plan: Add a label, review on homepage.

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: Korvin

Maniphest Tasks: T12174

Differential Revision: https://secure.phabricator.com/D17278
2017-01-31 13:17:53 -08:00
epriestley
a3417ccd78 Make "bin/audit synchronize" actually save changes
Summary: Ref T10978. Although this script prints out some very good changes, it does not currently persist them to the database.

Test Plan: Ran `bin/audit synchronize`, saw the change appear both on the CLI and in the database.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T10978

Differential Revision: https://secure.phabricator.com/D17276
2017-01-31 12:23:49 -08:00
epriestley
2a527a51f2 Put Project "Manage" item back
Summary:
Ref T12174. This isn't really a "newManageItem()" since Projects have a separate manage screen.

That is, I incorrectly changed the "Manage [This Project]" item into a "Edit Menu" item, so some options (like "Archive Project") incorrectly became inaccessible.

Test Plan: Viewed a project, saw the right menu item, clicked it, could archive/etc project. Also edited the menu.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T12174

Differential Revision: https://secure.phabricator.com/D17275
2017-01-31 12:06:22 -08:00
epriestley
27a33896ff Fix a couple of home menu issues for logged-out viewers
Summary: Ref T12174. These items could fatal (`$item not defined`) if the viewer was not logged in.

Test Plan: - Viewed home as a logged-out user.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T12174

Differential Revision: https://secure.phabricator.com/D17274
2017-01-31 11:43:47 -08:00
epriestley
f23bfccc04 Replace ProfileMenu bugs with different bugs
Summary:
Ref T12174. This fixes more bugs than it creates, I think:

  - Dashboards now show the whole menu.
  - Project and home items now show selected state correctly.
  - The "choose global vs personal" thing is now part of MenuEngine, and the same code builds it for Home and Favorites.
  - Home now handles defaults correctly, I think.

Maybe regression/bad/still buggy?:

  - Mobile home is now whatever the default thing was, not the menu?
  - Title for dashboard content or other items that render their own content is incorrectly always "Configure Menu" (this was preexisting).

Test Plan:
  - Created, edited, reordered, disabled, deleted and pinned personal and global items on home, favorites, and projects.
  - Also checked User profiles.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T12174

Differential Revision: https://secure.phabricator.com/D17273
2017-01-31 11:22:01 -08:00
epriestley
bd99a2b81e Integrate Harbormaster with Buildkite
Summary: Ref T12173. This might need some additional work but the basics seem like they're in good shape.

Test Plan:
  - Buildkite is "bring your own hardware", so you need to launch a host to test anything.
  - Launched a host in AWS.
  - Configured Buildkite to use that host to run builds.
  - Added a Buildkite build step to a new Harbormaster build plan.
  - Used `bin/harbormaster build ...` to run the plan.
  - Saw buildkite execute builds and report status back to Harbormaster

{F2553076}

{F2553077}

Reviewers: chad

Reviewed By: chad

Subscribers: PHID-OPKG-gm6ozazyms6q6i22gyam

Maniphest Tasks: T12173

Differential Revision: https://secure.phabricator.com/D17270
2017-01-31 09:19:43 -08:00
epriestley
aca0f642a3 Add a "bin/audit synchronize" command
Summary: Ref T10978. This is just a maintenance convenience script. It can fix up overall commit state after you `bin/audit delete` stuff or nuke a bunch of stuff from the database, as I did on `secure.phabricator.com`.

Test Plan: Ran `bin/audit synchronize`, and `bin/audit update-owners`.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T10978

Differential Revision: https://secure.phabricator.com/D17271
2017-01-31 09:19:31 -08:00
epriestley
ad01e26af7 Redesign Home/Profile/Projects side navigation
Summary: Ref T11957. Needs some more polish, but I think everything here is square.

Test Plan: Add personal/global items to home, test mobile. Test workboards / colors.

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: 20after4, rfreebern, Korvin

Maniphest Tasks: T11957

Differential Revision: https://secure.phabricator.com/D17259
2017-01-31 08:59:01 -08:00
epriestley
bcbd4035fd Remove several pieces of audit-related code
Summary: Ref T10978. This code (mostly related to the old ADD_AUDIT transaction and some to the "store English text in the database" audit reasons) is no longer reachable.

Test Plan:
Grepped for removed symbols:

  - withAuditStatus
  - getActionNameMap (unrelated callsites exist)
  - getActionName (unrelated callsites exist)
  - getActionPastTenseVerb
  - addAuditReason
  - getAuditReasons
  - auditReasonMap

Also audited some commits.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T10978

Differential Revision: https://secure.phabricator.com/D17267
2017-01-30 15:26:26 -08:00
epriestley
2e9cc5e8e8 Make implicit audits by the Owners tool use modern code
Summary:
Ref T10978. This updates audits triggered by Owners to use a modern transaction. Minor changes:

  - After D17264, we no longer need the "AUDIT_NOT_REQUIRED" fake-audits to record package membership. This no longer creates them.
  - This previously saved English-language, untranslatable text strings about audit details onto the audit relationship. I've removed them, per discussion in D17263.

The "Audit Reasons" here are potentially a little more useful than the Herald/Explicit-By-Owner ones were, since the rules are a little more complex, but I'd still like to see evidence that we need them.

In particular, the transaction record now says "Owners added auditors: ...", just like Differential, so the source of the auditors should be clear:

{F2549087}

T11118 (roughly "add several Owners audit modes", despite the title at time of writing) might impact this too. Basically, this is simple and maybe good enough; if it's not quite good enough we can refine it.

Test Plan: Ran `bin/repository reparse --owners <commit>` saw appropriate owners audits trigger.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T10978

Differential Revision: https://secure.phabricator.com/D17266
2017-01-30 15:23:48 -08:00
epriestley
5e7a091737 Write an explicit edge for commit membership in packages
Summary:
Ref T10978. Currently, during commit import, we write an "Audit Not Required" auditor for commits which don't require an audit.

This auditor is used to power the "Commits in this package" query in Owners.

This conflates audits and commit/package membership. I think it might even predate edges. Code needs to dance around this mess and we get the wrong result in some cases, since auditors are now editable.

Instead, write an explicit edge which just says "this commit is part of such-and-such packages". Then use that to run the query. Logical!

I'll issue guidance on this but I'm not migrating it, since it fixes itself going forward and only really affects the UI in Owners.

Test Plan:
  - Ran `bin/audit update-owners` with various arguments.
  - Viewed packages in web UI, saw them load the proper commits.
  - Queried by packages in Diffusion explicitly.
  - Clicked the "View All" link in Owners and got to the right search UI.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T10978

Differential Revision: https://secure.phabricator.com/D17264
2017-01-30 15:23:34 -08:00
epriestley
4b248e3545 Make the "Add Auditors" Herald rules use modern transactions
Summary:
Ref T10978. Convert "Add Auditors" rules in Herald to modern modular transactions.

Here and in D17262 (and in the next change), I've removed "audit reasons". There are several reasons for this:

  - They're pretty hacky.
  - They store English-language (well, usually) text in the database, which can't be translated.
  - I think they may not be necessary. When they were written, Herald did not apply transactions, so it was less clear when Herald was doing something. In modern code, it does, so Herald auditors are clear. The owenrs/package rules are now more clear, too. I'd like to see evidence that confusion still exists before rebuilding this feature in a modern, translatable way, since I think we may not need it at all.

Test Plan: Ran `bin/repository reparse --herald <commit>` to re-run Herald rules. Saw rules add auditors appropriately.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T10978

Differential Revision: https://secure.phabricator.com/D17263
2017-01-30 15:23:20 -08:00
epriestley
bc41c3f5a5 Use DifferentialCommitMessageParser and Modular Transactions to implement "Auditors: ..."
Summary:
Ref T10978. Updates how we implement "Auditors: ..." in commit messages:

  - Use the same parsing code as everything else.
    - (Also: parse package names.)
  - Use the new transaction code.

Also, fix some UI strings.

Test Plan: Used `bin/repository reparse --herald <commit>` to re-run this code on commits with various messages (valid Auditors, invalid Auditors, no Auditors). Saw appropriate auditors added in the UI.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T10978

Differential Revision: https://secure.phabricator.com/D17262
2017-01-30 15:23:05 -08:00
Sébastien Santoro
e16080ce7e Fix typo in DifferentialRevisionCommandeerTransaction
Test Plan: Check at /applications/mailcommands/PhabricatorDifferentialApplication/revision/

Reviewers: #blessed_reviewers, epriestley

Reviewed By: #blessed_reviewers, epriestley

Subscribers: epriestley

Differential Revision: https://secure.phabricator.com/D17265
2017-01-30 12:23:07 -08:00
Chad Little
7a947947a3 Fix operator error in Pholio with PHP 7.1
Summary: Fixes T12166. We don't actually need this variable, so removing it.

Test Plan: Upload a new mock, edit a mock, view list of mocks.

Reviewers: epriestley, Mnkras, acs-ferreira

Reviewed By: epriestley, Mnkras, acs-ferreira

Subscribers: acs-ferreira, Korvin

Maniphest Tasks: T12166

Differential Revision: https://secure.phabricator.com/D17260
2017-01-28 15:18:47 +00:00
epriestley
1be3ef0227 Make some Audit status comparisons more lax, so state transactions only post once
Summary:
Ref T10978. Currently, too many "This audit now <something something>" transactions are posting, because this strict `===` check is failing to detect that the audit is already in the same state.

This is because audit states are currently integers, and saving an integer to the database and then reading it back turns it into a string. This is a whole separate can of worms. For now, just weaken the comparison. I'd eventually like to use string constants here instead of integer constants.

Test Plan:
Commented on a "no audit required" commit, didn't see a double "this doesn't need audit" transaction anymore.

Also made a legit state change and did see a state transaction.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T10978

Differential Revision: https://secure.phabricator.com/D17258
2017-01-27 11:10:32 -08:00
epriestley
9829ecddd6 Clean up "reorder" permissions in MenuEngine for personal favorites
Summary:
Fixes T12159. This is similar to D17228, which fixed this for the main configuration operation.

Most other edit operations only test for edit capability on the MenuItem itself, which we already do correctly. However, because reordering affects all items, we test for capability on the object.

Weaken this when reordering custom items.

Test Plan: Reordered custom items in Favorites as a non-administrator.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T12159

Differential Revision: https://secure.phabricator.com/D17257
2017-01-26 19:47:07 -08:00
Christopher Wetherill
bee043b163 Display paste line count alongside snippets
Summary: Fixes T11547. I //think// this mostly gets about addressing @epriestley's comments in D16465 and stores each paste's line count in its snippet so that we can display the actual number of lines in the paste rather than '5 Lines'. Let me know if this is on the right track!

Test Plan: Open /paste and see that each paste's actual line count is reported.

Reviewers: epriestley, #blessed_reviewers

Reviewed By: epriestley, #blessed_reviewers

Subscribers: Korvin, epriestley

Maniphest Tasks: T11547

Differential Revision: https://secure.phabricator.com/D17256
2017-01-26 19:06:23 -05:00
epriestley
2e3e078358 Remove "diffusion.createcomment" Conduit API method
Summary: Ref T10978. This was introduced in D6923 in 2013 as a deprecated method (before methods were extensible) and has only ever been deprecated. It no longer works after D17250 (despite my mistaken claim there that we never had an API for actions), and has been superceded by `diffusion.commit.edit` which is a modern, fully-power method.

Test Plan: Viewed Conduit console, no longer saw method.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T10978

Differential Revision: https://secure.phabricator.com/D17254
2017-01-26 12:57:15 -08:00
epriestley
5960b1c8a3 Allow menu items to render their own content; make Dashboard items render on-page
Summary:
Ref T11957. When you click a dashboard item, it now sends you to `/<app>/item/view/123/`, which renders the proper crumbs, navigation, etc., with the dashboard as page content.

This works as you'd expect in Projects:

{F2508568}

It's sliiiightly odd in Favorites since we nuke the nav menu, but seems basically fine?

{F2508571}

Test Plan:
  - Created a dashboard panel on a project.
  - Clicked it, saw it render.
  - Made it the default panel, viewed project default screen, saw dashboard.
  - Disabled every panel I could, still saw reasonable behavior (this is silly anyway).

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T11957

Differential Revision: https://secure.phabricator.com/D17255
2017-01-26 12:57:03 -08:00
epriestley
97cac83e9b Add a "Needs Verification" state to Audit
Summary:
Fixes T2393. This allows authors to explicitly say "I think I fixed everything, please accept my commit now thank you".

Also improves behavior of "re-accept" and "re-reject" after new auditors you have authority over get added.

Test Plan:
  - Kicked a commit back and forth between an author and auditor by alternately using "Request Verification" and "Raise Concern".
  - Verified it showed up properly in bucketing for both users.
  - Accepted, added a project, accepted again (works now; didn't before).
  - Audited on behalf of projects / packages.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T2393

Differential Revision: https://secure.phabricator.com/D17252
2017-01-25 13:08:59 -08:00
epriestley
ca182c7f48 Clean up "Audit Authority" code, at least mostly
Summary:
Ref T2393. We had three copies of this code ("which packages/projects can a user accept on behalf of?"). I removed one in D17250. This consolidates the other two.

This still isn't perfect and it should probably live in a Query or something some day, but there's some weird stuff going on with the viewer in the editor context, and at least the code handles the viewer correctly now and isn't living somewhere weird and totally unrelated to auditing, and the callsites don't need to do a bunch of extra work.

This also moves towards fixing the "re-accept if you've already accepted but then a new package you have authority over was added" bug, which we fixed recently in Differential. This should be less common in Audit, but should still be fixed.

Test Plan: Viewed and audited commits with a mixture of user, package, and project auditors. Saw actions apply to the expected set of auditors.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T2393

Differential Revision: https://secure.phabricator.com/D17251
2017-01-25 13:08:25 -08:00
epriestley
b3912dd088 Remove old Audit code "Action" transaction editing code
Summary:
Ref T2393. This code is no longer reachable (we never had an API for auditing in Diffusion) and unused. Clean it up before implementing new states/actions.

(Note that code for displaying these transactions still needs to stick around for a bit, we'll just never apply new ones from here on out. They've been replaced with modular transactions.)

Test Plan: Grepped for usage, commentd on / audited a commit.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T2393

Differential Revision: https://secure.phabricator.com/D17250
2017-01-25 13:08:10 -08:00
epriestley
36d936fe8a Remove an unused method in Audit for building comment actions
Summary: Ref T2393. This has been obsoleted by stacked actions and is no longer used.

Test Plan: Grepped for callsites, viwed commits.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T2393

Differential Revision: https://secure.phabricator.com/D17249
2017-01-25 13:07:48 -08:00
epriestley
df939f1337 Fix two issues with embedding other fields inside "Summary" or "Test Plan" in Differential with the web UI
Summary:
Ref T11114. Converting to EditEngine caused us to stop running this validation, since these fields no longer subclass this parent. Restore the validation.

Also, make sure we check the //first// line of the value, too. After the change to make "Tests: xyz" a valid title, you could write silly summaries / test plans and escape the check if the first line was bogus.

Test Plan: {F2493228}

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T11114

Differential Revision: https://secure.phabricator.com/D17248
2017-01-25 13:07:30 -08:00
Chad Little
ce09ab9b0e Use new menu contsants in home menu item
Summary: Ref T11957, just lays in some minor bug fixes. Sets correct menu, removes sidebar on edit.

Test Plan: Test /menu/ on home with Admin and Normal accounts.

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: Korvin

Maniphest Tasks: T11957

Differential Revision: https://secure.phabricator.com/D17247
2017-01-25 09:22:05 -08:00
epriestley
ed38642afc Give Audit an informational "This commit now requires (something)..." transaction
Summary: Ref T2393. This adds a state-change transaction hint to Audit, like we have in Differential. This is partly for consistency and partly to make it more clear what should happen next.

Test Plan: {F2477848}

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T2393

Differential Revision: https://secure.phabricator.com/D17243
2017-01-25 07:53:18 -08:00
Chad Little
01b35cdc12 Add some sort of sort to Emoji Autocomplete
Summary: Ref T12139. Adds sorting by shortname. Also I sorted everything else. No reason. It didn't help

Test Plan: `:star`

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: Korvin

Maniphest Tasks: T12139

Differential Revision: https://secure.phabricator.com/D17246
2017-01-24 20:21:06 -08:00
Chad Little
1fed61cf9d Jiggle Fonts for Windows
Summary: Moves the fonts around for better Windows fallback

Test Plan: Windows 10 Edge / Chrome

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: Korvin

Differential Revision: https://secure.phabricator.com/D17245
2017-01-24 15:59:26 -08:00
Chad Little
f930fd2e00 Add an Emoji Typeahead
Summary:
This adds a more complete emoji datasource, with a typeahead and autocomplete. It works by pulling in a raw datasource from EmojiOne (I chose Unicode 8, but they have a Unicode 9 datasource as well) and transforming it for speed/need. If we build more robustness or an actual picker into the Remarkup bar, having the additional keywords, etc, might be important. When Unicode 9 support is more prevalent, we should only need to update the single file.

 Tossing up as a proof of concept on engineering direction. Also I can't quite get the autocomplete to complete.

Test Plan: Test UIExamples, Autocomplete, and TypeaheadSource

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: Korvin

Maniphest Tasks: T12139

Differential Revision: https://secure.phabricator.com/D17244
2017-01-24 13:13:10 -08:00
Chad Little
e9e4c6f6a0 Enable color emoji on Windows
Summary: Ref T12139, installs 'Segoe UI Emoji' as a standard font call for color emoji on Windows devices.

Test Plan: Review Emoji on Win 10 Chrome / Edge, Mac Chrome / Safari.

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: Korvin

Maniphest Tasks: T12139

Differential Revision: https://secure.phabricator.com/D17241
2017-01-24 01:39:59 +00:00
Chad Little
3749ecaa66 Fix fatal saving menu items without custom validation
Summary: Fixes T12142. Correct spelling of method.

Test Plan: Edit the name of a Details menu item in projects, or add a divider.

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: Korvin

Maniphest Tasks: T12142

Differential Revision: https://secure.phabricator.com/D17240
2017-01-22 08:42:22 -08:00
Chad Little
20d1bb8fdf Remove counts from home navigation
Summary: Ref T12136. This just yanks the band-aid off. Fundamentally these were useful well before Dashboards and advanced bucketing, but not so much any more. They also have some performance hit.

Test Plan: Add some tasks and diffs onto a new instance, see there is no count on the home menu bar.

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: Korvin

Maniphest Tasks: T12136

Differential Revision: https://secure.phabricator.com/D17238
2017-01-21 13:55:40 -08:00
epriestley
402b6473d8 Move Favorites and User menus to MenuBarExtensions
Summary:
Ref T12140. The major effect of this change is that uninstalling "Home" (as we do on admin.phacility.com) no longer uninstalls the user menu (which is required to access settings or log out).

This also simplifies the code a bit, by consolidating how menus are built into MenuBarExtensions instead of some in Applications and some in Extensions.

Test Plan:
  - While logged in and logged out, saw main menus in the correct order.
  - Uninstalled Favorites, saw the menu vanish.
  - Uninstalled Home, still had a user menu.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T12140

Differential Revision: https://secure.phabricator.com/D17239
2017-01-21 08:50:08 -08:00
epriestley
ddf82a815b Remove duplicate setIsRequired()
Summary: See D17235.

Test Plan: tarnation

Reviewers: chad

Reviewed By: chad

Differential Revision: https://secure.phabricator.com/D17237
2017-01-20 12:26:50 -08:00
epriestley
d24739ee3c Minor consistency/order updates for menu items which reference other objects
Summary:
See T11957#208140.

  - Let Applications have a custom name, like other object items (for example, so you can call Maniphest "Tasks" if you prefer).
  - Put the optional name field after the required typeahead field for these items.
    - (I left "Link" in "Name, URI" order since both are required, but there's maybe an argument for swapping them?)

Test Plan:
  - Created each type of item, saw "thing, name" order.
  - Created an application with a cusotm name, saw custom name.
  - Removed custom name, saw original name.

Reviewers: chad

Reviewed By: chad

Differential Revision: https://secure.phabricator.com/D17236
2017-01-20 11:58:39 -08:00
epriestley
8113b76910 Validate menu item fields (links, projects, dashboards, applications, forms, etc)
Summary:
Ref T12128. This adds validation to menu items.

This feels a touch flimsy-ish (kind of copy/paste heavy?) but maybe it can be cleaned up a bit once some similar lightweight modular item types (build steps in Harbormaster, blueprints in Drydock) convert.

Test Plan:
  - Tried to create each item with errors (no dashboard, no project, etc). Got appropriate form errors.
  - Created valid items of each type.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T12128

Differential Revision: https://secure.phabricator.com/D17235
2017-01-20 11:58:25 -08:00
Chad Little
58c857a681 Remove motivator panel
Summary: Removes the often funny, but never really used but will cause us bug reports someday.... cat facts.

Test Plan: Install cat facts, run storage upgrade, see no cat facts in menu.

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: Korvin

Maniphest Tasks: T12126

Differential Revision: https://secure.phabricator.com/D17233
2017-01-19 14:55:19 -08:00
Chad Little
14dfff9c99 Mark fields as required on MenuItems
Summary: Mark required fields as required. Though in testing, none of these work.

Test Plan: Try to save a form without an app/project/dashboard and see success (not expected)

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: Korvin

Differential Revision: https://secure.phabricator.com/D17231
2017-01-19 13:41:18 -08:00
Chad Little
1bcc8a3d98 Remove timeline from Profile Manage
Summary: Not sure this page is really providing any value, the timeline always says "edited this object" and there is a list of actions. Seems we could move actions back to the profile proper, but they feel very... engineery to me. Or we could fix the timeline stories, but my guess is they aren't useful or we would have gotten such feedback.

Test Plan: Review manage page, timeline is gone. Page is clean.

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: Korvin

Differential Revision: https://secure.phabricator.com/D17230
2017-01-19 13:15:25 -08:00
epriestley
a9158d34d4 Show commit audit status in repository history tables, including merge commit lists
Summary:
Fixes T6024. Ref T12121. Currently, we show build status in commit history tables; show audit status alongside it.

Also:

  - Change the "Author/Committer" header to just "Author"; I think it's reasonably obvious what "x/y" means (if you can't guess, you can click the commit and likely figure it out) and this gives us a little more space.
  - Make the audit list look more like the corresponding list in Differential, with similar formatting.

Test Plan:
  - Viewed history of a repostiory, saw audit status.
  - Viewed a merge commit, saw audit status in the list of merged commits.
  - Viewed a commit search results list.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T12121, T6024

Differential Revision: https://secure.phabricator.com/D17227
2017-01-19 11:43:21 -08:00
epriestley
b0dfd42eef Don't require edit capability on the Favorites application to edit personal menu items
Summary:
Ref T11096. Currently, editing ProfileMenuItemConfigurations always requires that you can edit the corresponding object.

This is correct for global items (for example: you can't change the global menu for a project unless you can edit the project) but not for personal items.

For personal items, only require that the user can edit the `customPHID` object. Today, this is always their own profile.

Test Plan: As a non-admin, edited personal menu items.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T11096

Differential Revision: https://secure.phabricator.com/D17228
2017-01-19 11:15:50 -08:00
epriestley
269dd81f91 Allow users to re-accept or re-reject a revision if they have authority over package/project reviewers not yet in the target state
Summary:
To set this up:

  - alice accepts a revision.
  - Something adds a package or project she has authority over as a reviewer.
  - Because alice has already accepted, she can not re-accept, but she should be able to (in order to accept on behalf of the new project or package).

Test Plan:
  - Created a revision.
  - Accepted as user "dog".
  - Added "dog project".
  - Re-accepted.
  - Could not three-accept.
  - Removed "dog project.
  - Rejected.
  - Added "dog project".
  - Re-rejected.
  - Could not three-reject.

Reviewers: chad, eadler

Reviewed By: chad, eadler

Differential Revision: https://secure.phabricator.com/D17226
2017-01-18 13:16:01 -08:00
epriestley
b8e04fe041 Improve handle batching behavior for commit list view
Summary: Ref T10978. Handle loads can be batched a bit more efficiently by doing them upfront.

Test Plan: Queries dropped a bit locally, but I mostly have the same autors/auditors. I'm seeing 286 queries on my account in production, so I'll check what happens with that.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T10978

Differential Revision: https://secure.phabricator.com/D17225
2017-01-18 13:15:45 -08:00
Chad Little
35f4514e3f Fancier user menu
Summary: Builds out more UI to reinforce just who you are in this world... A perfect person.

Test Plan:
Look at myself a lot.

{F2435202}

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: Korvin

Differential Revision: https://secure.phabricator.com/D17224
2017-01-18 12:33:31 -08:00
epriestley
545dad319e Add an "Auditors" rule for Commits
Summary: Fixes T5889. You can't write a rule like "if no other Herald rules did anything...", but you can use this rule to check for Owners or an explicit "Auditors" field doing things.

Test Plan: Using the test console, ran an "Auditors" rule against a commit with and without an auditor. Got expected pass/fail outcomes.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T5889

Differential Revision: https://secure.phabricator.com/D17221
2017-01-18 10:05:30 -08:00
epriestley
b21cd24341 When Favorites is uninstalled or not visible to the viewer, hide the menu
Summary: Ref T5867. The `executeOne()` currently raises a policy exception if the application isn't visible to the viewer, or we fatal if the application has been uninstalled.

Test Plan:
  - Viewed pages with the application uninstalled, saw working pages with no favorites menu.
  - Viewed pages with the application restricted, saw working pages with no favorites menu.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T5867

Differential Revision: https://secure.phabricator.com/D17219
2017-01-18 07:45:42 -08:00
epriestley
0513a24235 Fix a bad constant in "audit.query"
Summary: Fixes T12117. I typed or copy/pasted this constant wrong while refactoring during T10978.

Test Plan: Called `audit.query`.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T12117

Differential Revision: https://secure.phabricator.com/D17218
2017-01-18 07:45:27 -08:00
Chad Little
2d4eb460ab Fix MenuItem names not getting attached
Summary:
- Attach objects when showing configuration screen
- Fix "Forms" to make more sense
- Alter EditEngine title to load correct name by loading object

Fixes T12116

Test Plan: Load up Apps/Projects/Forms on a configure menu, see proper names

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: Korvin

Maniphest Tasks: T12116

Differential Revision: https://secure.phabricator.com/D17217
2017-01-17 21:37:41 -08:00
epriestley
9d3f09ab47 Modularize global quick create builtin items
Summary: Ref T5867. Instead of hard-coding projects, tasks and repositories, let EditEngines say "I want a quick create item" so third-party code can also hook into the menu without upstream changes.

Test Plan: Saw same default items in menu.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T5867

Differential Revision: https://secure.phabricator.com/D17215
2017-01-17 15:56:31 -08:00
epriestley
a886969c48 Make documentation items in user menu update as you navigate in Quicksand
Summary: Ref T5867. I sure love Javascript.

Test Plan: Navigated between Home, Diffusion and Differential, opening the user profile menu. Saw appropraite help items.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T5867

Differential Revision: https://secure.phabricator.com/D17214
2017-01-17 15:55:52 -08:00
epriestley
d7e5a8b978 Load global and custom profile menu items in a single query
Summary: Ref T5867. Use a single query to load both personal and global items, then reorder them and add a divider if both groups have some stuff.

Test Plan: Viewed menu, edited personal and global items, viewed/edited existing project menus.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T5867

Differential Revision: https://secure.phabricator.com/D17213
2017-01-17 13:02:14 -08:00
Chad Little
6f5dab634d Redesign header menus and search
Summary:
Still lots to fix here, punting up since I'm running into a few roadblocks.

TODO:
[] Sort Personal/Global correctly
[] Quicksand in Help Items correctly on page changes

Test Plan: Verify new menus work on desktop, tablet, mobile. Test logged in menus, logged out menus. Logging out via a menu, verify each link works as expected. Help menus get build when using an app like Maniphest, Differential. Check that search works, preferences still save.

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: Korvin

Maniphest Tasks: T12107

Differential Revision: https://secure.phabricator.com/D17209
2017-01-17 12:13:06 -08:00
epriestley
23721799fd Explicitly warn the user multiple times when they try to register an external account with an existing email
Summary: Ref T3472. Ref T12113. This implements the gigantic roadblock nonsense in T3472.

Test Plan: {F2425916}

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T12113, T3472

Differential Revision: https://secure.phabricator.com/D17212
2017-01-17 11:35:49 -08:00
epriestley
903e37a21b Show yellow "draft" bubble in Audit
Summary: Fixes T6660. Uses the new stuff in Audit to build an EditEngine-aware icon.

Test Plan: {F2364304}

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T6660

Differential Revision: https://secure.phabricator.com/D17208
2017-01-16 10:28:59 -08:00
epriestley
62cf4e6b95 Remove some remnants of the old ways commit mesage fields worked from Differential
Summary:
Ref T11114. Ref T12085. I missed a few pieces of cleanup when moving all this stuff over.

In particular, load all fields which use Custom Field storage before doing commit-message-related stuff, instead of just the ones that claim they appear on commit messages.

Test Plan: Edited revisions and made API calls without apparent issues. See followup on T12085, shortly.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T12085, T11114

Differential Revision: https://secure.phabricator.com/D17207
2017-01-13 15:29:07 -08:00
Chad Little
36e53fd5d0 Remove collapsable option from ProfileMenu
Summary: Never really used this to full potential and takes up a lot of code and space. Remove option for now and make all profile nav menus small by default.

Test Plan: Review user, project, workboard. Set new menus.

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: Korvin

Maniphest Tasks: T5867

Differential Revision: https://secure.phabricator.com/D17206
2017-01-13 15:03:31 -08:00
epriestley
7276af6a81 Make yellow "draft" bubbles more generic
Summary:
Fixes T12095. Ref T6660. The old code for this was specific to Differential, using the `DifferentialDraft` table.

Instead, make the `EditEngine` / `VersionedDraft` code create and remove a `<objectPHID, authorPHID>` edge when a particular author creates drafts.

Some applications have drafts beyond `VersionedDrafts`, notably inline comments. Before writing "yes, draft" or "no, no draft", ask the object if it has any custom draft stuff we need to know about.

This should fix all the yellow bubble bugs I created in T11114 and allow us to bring the feature to Audit fairly easily.

Test Plan: Created and deleted comments and inlines, reloading the list view after each change. Couldn't find a way to break the list view anymore.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T12095, T6660

Differential Revision: https://secure.phabricator.com/D17205
2017-01-13 09:02:19 -08:00
epriestley
e684794bf3 Get "Create Revision" out of Quick Create menu for now
Summary:
Ref T12098.

We have two methods (`supportsEditEngineConfiguration()` and `isEngineConfigurable()`) which sort of do the same thing and probably should be merged.

For now, just swap which one we override to get "Create Revision" out of the Quick Create menu.

Test Plan: No more "Create Revision" in Quick Create menu.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T12098

Differential Revision: https://secure.phabricator.com/D17204
2017-01-13 09:00:44 -08:00
epriestley
4d0a03e3d0 Improve commit audit status icons
Summary:
Ref T9482. These may need a little more work (feel free to shoot me a counter-diff) but try to:

  - Never use only color to distinguish between states (for colorblind, etc users).
  - Give the "nothing needs to be done" state a more obvious "okay" icon (instead of a question mark).

Test Plan: Looked at some linked commits in Maniphest, the icons made a bit more sense?

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T9482

Differential Revision: https://secure.phabricator.com/D17203
2017-01-12 16:35:43 -08:00
epriestley
7ccc4cea43 With APCu 5+, use apcu_* function to examine cache state
Summary: Ref T9640. APCu 5.0+ (for PHP7) uses `apcu_*` functions instead of `apc_` functions. Test for function existence and call the appropriate functions.

Test Plan: {F2352695}

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T9640

Differential Revision: https://secure.phabricator.com/D17198
2017-01-12 15:59:44 -08:00
epriestley
a2cd3d9a89 Change PHP 7 setup warning to complain about 7.0 only, not 7.1+
Summary: Ref T9640. On 7.0 we had signal handling issues so we can never support it, but async signals should resolve them on 7.1 or newer.

Test Plan: On PHP 7.1, got through the setup warning.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T9640

Differential Revision: https://secure.phabricator.com/D17197
2017-01-12 15:59:28 -08:00
epriestley
4a34f26a44 Don't warn about "always_populate_raw_post_data" on PHP7
Summary: Ref T9640. This option was removed in PHP7, so there's no reason to warn about it.

Test Plan: No longer saw a setup warning on PHP7.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T9640

Differential Revision: https://secure.phabricator.com/D17196
2017-01-12 15:59:14 -08:00
epriestley
e66a03eaa3 In Audit list and Owners list, show overall commit audit status instead of semi-viewer status
Summary:
Fixes T9482. Historically, Audit was somewhat confused about whether queries and views should act on the viewer's status or the object's status.

This realigns Audit to work like Differential: we show overall status for the commit, just like we show overall status for revisions. This better aligns with expectation and isn't weird/confusing, and bucketing should handle all the "what do //I// need to do" stuff now (or, at least, seems to have in Differential).

This is also how every other type of object works in every other application, AFAIK (all of them show object status, not viewer's-relationship-to-the-object status).

Test Plan:
  - Viewed commit lists in Owners and Audit.
  - Saw commit overall statuses, not my personal status.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T9482

Differential Revision: https://secure.phabricator.com/D17195
2017-01-12 13:41:47 -08:00
epriestley
19525ed81a Add diffusion.commit.search Conduit API method
Summary: Ref T10978. This is bare bones, but the SearchEngine is at least mostly in reasonable shape now, so get it in place and freeze the old stuff. I previously froze `audit.query`, which did much the same thing.

Test Plan: Issued some queries with the API, technically got results back.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T10978

Differential Revision: https://secure.phabricator.com/D17194
2017-01-12 13:23:29 -08:00
epriestley
45c740ac98 Render revision and audit state icons in Maniphest
Summary:
Fixes T7076. This could probably use some tweaking but should get the basics in place.

This shows overall object state (e.g., "Needs Review"), not individual viewer state (e.g., "you need to review this"). After the bucketing changes it seems like we're mostly in a reasonable place on showing global state instead of viewer state. This makes the overall change much easier than it might otherwise have been.

Test Plan: {F2351867}

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T7076

Differential Revision: https://secure.phabricator.com/D17193
2017-01-12 13:23:13 -08:00
epriestley
a635da68d4 Provide bucketing for commits in Audit
Summary:
Fixes T9430. Fixes T9362. Fixes T9544. This changes the default view of Audit to work like Differential, where commits you need to audit or respond to are shown in buckets.

This is a bit messy and probably needs some followups. This stuff has changed from a compatibility viewpoint:

  - The query works differently now (but in a better, modern way), so existing saved queries will need to be updated.
  - I've removed the counters from the home page instead of updating them, since they're going to get wiped out by ProfileMenu soon anyway.
  - When bucketed queries return too many results (more than 1,000) we now show a warning about it. This isn't greaaaat but it seems good enough for now.

Test Plan: {F2351123}

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T9430, T9362, T9544

Differential Revision: https://secure.phabricator.com/D17192
2017-01-12 12:04:05 -08:00
epriestley
7d3d022407 Restore "[Action]" mail subject lines to Differential/Diffusion
Summary: Ref T11114. Ref T10978. These hadn't made it over to EditEngine yet.

Test Plan:
  - Took various actions on revisions and commits.
  - Used `bin/mail show-outbound --id ...` to examine the "Vary Subject", saw it properly generate "[Accepted]", "[Resigned]", etc.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T11114, T10978

Differential Revision: https://secure.phabricator.com/D17191
2017-01-12 11:44:24 -08:00
epriestley
69d6374646 Make new EditEngine Audit transactions apply old mail tags
Summary: Ref T10978. Until T10448 makes mail tags modular, keep the old tags working.

Test Plan: Made some commit edits, ran `bin/phd debug task` to process mail for them.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T10978

Differential Revision: https://secure.phabricator.com/D17190
2017-01-12 11:44:04 -08:00
epriestley
b941331bdf Prevent users from resigning from audits they've already resigned from
Summary: Ref T10978. Since "Resigned" is a status in Audit, you could repeatedly resign. This is confusing; prevent it.

Test Plan: Tried to resign twice; was only allowed to resign once.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T10978

Differential Revision: https://secure.phabricator.com/D17187
2017-01-11 16:28:57 -08:00
epriestley
11861265fe Merge "Audit" more completely into "Diffusion"
Summary:
Fixes T6630. Long ago, "Audit", "Diffusion" and "Repositories" were three totally separate applications.

This separation isn't useful and the three rapidly became intertwined. Ideally, they would all be one application.

This doesn't take us quite that far, but Audit no longer has any controllers and has little actual behavior.

The "Audit" screen has always just been a SearchEngine view of commits with some filters on it, and this formalizes that and puts a link to it in Diffusion. (This view has other uses, too.)

Test Plan:
  - Accessed audit from home page.
  - Accessed audit/commits from Diffusion.
  - Could no longer uninstall Audit on its own.
  - Grepped for `/audit/` and `AuditApplication`.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T6630

Differential Revision: https://secure.phabricator.com/D17186
2017-01-11 16:28:42 -08:00
epriestley
c05cb1ba6d Make "Audit Requested" put commits into the "Needs Audit" state
Summary: Fixes T7504. I think that task legitimately describes a bug and that the current behavior is counterintuitive.

Test Plan: Manually added an auditor to a commit with none; saw it become "Audit Required" as an overall state.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T7504

Differential Revision: https://secure.phabricator.com/D17185
2017-01-11 14:59:16 -08:00
epriestley
b471f6c07a Order inline comments in Diffusion consistently with Differential
Summary:
Fixes T8739. Currently, Diffusion inline comments in the timeline are sorted arbitrarily, mostly by creation order.

Instead, sort them by line number, like Differential.

Test Plan:
Made comments in "C", "B", "A" order, saw them in line order after submit:

{F2343032}

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T8739

Differential Revision: https://secure.phabricator.com/D17184
2017-01-11 14:57:06 -08:00
epriestley
b5722a9963 Use EditEngine stacked comments in Diffusion
Summary: Ref T10978. Ref T8739. Fixes T10446. Converts Diffusion to modern comment/preview code, like Differential.

Test Plan: {F2342933}

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T10978, T10446, T8739

Differential Revision: https://secure.phabricator.com/D17183
2017-01-11 14:46:48 -08:00
epriestley
82c891f586 Add modern "Accept", "Raise Concern" and "Resign" transactions to Audit
Summary:
Ref T10978. This prepares for swapping the comment UI to stacked actions.

These are only accessible via the API.

Test Plan: Used the API to accept, raise concern with, and reject commits.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T10978

Differential Revision: https://secure.phabricator.com/D17182
2017-01-11 13:56:48 -08:00
epriestley
255e3fb1e4 Allow auditors to be added and removed from commits in a modern way
Summary: Ref T10978. Ref T7676. Make auditors work more like reviewers, so they can be freely added or removed.

Test Plan:
  - Interacted with auditors via "Edit Commit" and API.
  - Comment area is still oldschool and doesn't work yet.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T10978, T7676

Differential Revision: https://secure.phabricator.com/D17181
2017-01-11 13:56:34 -08:00
Chad Little
dfee1352e9 Basic structure for MenuItem on Home
Summary: Ref T11957, builds out `/home/menu/` as a basic structure for adding/editing the homepage menu.

Test Plan: visit `/home/menu/` and add items to global and personal. Not wired to anything.

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: Korvin

Maniphest Tasks: T11957

Differential Revision: https://secure.phabricator.com/D17180
2017-01-11 12:44:56 -08:00
epriestley
2941b34acb Add "diffusion.commit.edit", a v3 edit API endpoint for commits
Summary: Ref T10978. This currently does almost nothing, but gets it in place so I can add stuff to it.

Test Plan: Made a comment on a commit using the API.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T10978

Differential Revision: https://secure.phabricator.com/D17178
2017-01-11 10:38:14 -08:00
epriestley
279273dc1c Replace old commit edit controller with new EditEngine controller
Summary: Ref T10978. The new controller now does everything the old one did, so swap 'em and nuke the old one.

Test Plan: Edited a commit, hit the new controller, things worked real good.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T10978

Differential Revision: https://secure.phabricator.com/D17177
2017-01-11 10:37:53 -08:00
epriestley
5e07358826 Preserve "Autoclose?" information on new Commit edit flow
Summary: Ref T10978. The current "Edit" flow has some autoclose info. This isn't necessarily the best place to put it in the long run, but preseve it for now since the documentation refers to it.

Test Plan: {F2340658}

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T10978

Differential Revision: https://secure.phabricator.com/D17176
2017-01-11 10:31:20 -08:00
epriestley
a27c824da6 Draw project PHIDs from repositories when evaluating Herald object rules for commits
Summary:
Fixes T12097. In D16413, I simplified this code but caused us to load the //commit's// projects instead of the //repository's// projects, which is incorrect.

Normally, commits don't have any project tags when Herald evaluates, so using the commit's projects is generally meaningless.

Test Plan:
  - Tagged a repository with `#X`.
  - Created a Herald object rule for commits with `#X` as the object ("Always ... do nothing.")
  - Ran a commit from the repository.
  - Before patch: rule failed to evaluate.
  - After patch: rule evaluated and passed.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T12097

Differential Revision: https://secure.phabricator.com/D17179
2017-01-11 10:29:39 -08:00
epriestley
7ff0be1bde Bring very basic EditEngine support to commits
Summary:
Ref T10978. After T11114, we have some features (like the old code for the haunted comment panel) which are only used by Diffusion. I want to modernize it so I can nuke them. T10978 also describes many bugs which are only fixable after modernizing.

This adds very basic EditEngine support for commits/audit. You can't create new commits with this workflow, just tag/update existing ones.

Test Plan: {F2340347}

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T10978

Differential Revision: https://secure.phabricator.com/D17175
2017-01-11 09:34:46 -08:00
Chad Little
452f5bce18 Make some defaults for Quick Create / Favorites
Summary: Add in some basic defaults, Tasks, Projects, Repositories... anything else? Also switches "manage" context if you are an admin or user. Hides link if you are not logged in.

Test Plan: Review Global/Personal in Favorites app, click on each link.

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: Korvin

Differential Revision: https://secure.phabricator.com/D17174
2017-01-11 08:46:33 -08:00
Chad Little
1e1a0182ca Add basic diff coloring to CelerityDefaultProcessor
Summary: Moves basic colors into the processor.

Test Plan: Review a diff in sandbox with and without change.

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: Korvin

Differential Revision: https://secure.phabricator.com/D17173
2017-01-10 17:54:24 -08:00
epriestley
52d563f8b8 Make differential.querydiffs more liberal about arguments
Summary:
Fixes T12092. D17164 made `DiffQuery` more strict about arguments using modern conventions, but `differential.querydiffs` uses bizarre ancient conventions.

Give it more modern conventions instead.

Test Plan: Made a `querydiffs` call with only revision IDs.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T12092

Differential Revision: https://secure.phabricator.com/D17172
2017-01-10 13:47:38 -08:00
epriestley
ccff47682f Provide more useful guidance if a repository is clusterized into an existing multi-device cluster
Summary:
Fixes T12087. When transitioning into a clustered configuration for the first time, the documentation recommends using a one-device cluster as a transitional step.

However, installs may not do this for whatever reason, and we aren't as clear as we could be in warning about clusterizing directly into a multi-device cluster.

Roughly, when you do this, we end up believing that working copies exist on several different devices, but have no information about which copy or copies are up to date. //Usually// they all were already synchronized and are all up to date, but we can't make this assumption safely without risking data.

Instead, we err on the side of caution, and require a human to tell us which copy we should consider to be up-to-date, using `bin/repository thaw --promote`.

Test Plan:
```
$ ./bin/repository clusterize rLOCKS --service repos001.phacility.net
Service "repos001.phacility.net" is actively bound to more than one device
(local002.local, local001.phacility.net).

If you clusterize a repository onto this service it will be unclear which
devices have up-to-date copies of the repository. This leader/follower
ambiguity will freeze the repository. You may need to manually promote a
device to unfreeze it. See "Ambiguous Leaders" in the documentation for
discussion.

    Continue anyway? [y/N]
```

Read other changes.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T12087

Differential Revision: https://secure.phabricator.com/D17169
2017-01-10 12:45:55 -08:00
epriestley
00e2755eab Provide tailored strings for revision creation
Summary: See D17169. Ref T11114.

Test Plan: {F2333825}

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T11114

Differential Revision: https://secure.phabricator.com/D17170
2017-01-10 12:45:36 -08:00
Chad Little
6816974d57 Basic Favorites application
Summary: Ref T5867. Rough in a Favorites application, not wired to anything.

Test Plan: tbd. currently 404s so... I messed up something. Tossing up to read.

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: Korvin

Maniphest Tasks: T5867

Differential Revision: https://secure.phabricator.com/D17160
2017-01-10 11:20:44 -08:00
epriestley
fda83094ac Restore missing behavior for Differential keyboard navigation
Summary: Fixes T12086. This got dropped by accident while cleaning up haunting.

Test Plan: Loaed a revision, hit "?", hit n/j/p/etc

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T12086

Differential Revision: https://secure.phabricator.com/D17166
2017-01-09 12:57:49 -08:00
epriestley
0e1388340c Make profile menu /edit/ requests explicitly 404
Summary:
See D17160. Previously, the `/edit/` route was never linked, but fataled when accessed. Make it 404 instead.

Also, fix an issue where editing "Application" menu items would fail because they didn't have a viewer.

Test Plan:
  - Hit `/edit/`, got a 404.
  - Edited an "Application" item.
  - Moved, added, deleted, and edited other items.

Reviewers: chad

Reviewed By: chad

Differential Revision: https://secure.phabricator.com/D17165
2017-01-09 12:13:57 -08:00
epriestley
2dfe79cfc7 When updating revisions in response to commits, reuse previously generated diffs
Summary:
Fixes T10968. In rare situations, we can generate a diff, then hit an error which causes this update to fail.

When it does, we tend to get stuck in a loop creating diffs, which can fill the database up with garbage. We saw this once in the Phacility cluster, and one instance hit it, too.

Instead: when we create a diff, keep track of which commit we generated it from. The next time through, reuse it if we already built it.

Test Plan:
  - Used `bin/differential attach-commit <commit> <revision>` to hit this code.
  - Simulated a filesystem write failure, saw the diff get reused.
  - Also did a normal update, which worked properly.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T10968

Differential Revision: https://secure.phabricator.com/D17164
2017-01-09 12:13:44 -08:00
epriestley
27ecedd1d5 Use some more human-readable Conduit keys in updated API methods
Summary:
Ref T12074. This uses more consistent Conduit keys for constraint names.

This is a minor compatibility break on watchers/members but since these methods are more useful now this is probably a good time to try to get away with it, and a more consistent API is better in the long run. I need to issue compatibility guidance for the milestones thing anyway and that one isn't avoidable, so try to rip the bandage off all in one go.

Test Plan: Reviewed new constraint names from console, called methods using them.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T12074

Differential Revision: https://secure.phabricator.com/D17161
2017-01-09 08:42:23 -08:00
epriestley
b08c9b3ffa Remove extra container tag on HandleListViews rendering from ModularTransactions in text mode
Summary:
Fixes T12082. Ref T11114. When modular transaction render a handle list, they use HandleListView, which has a text mode.

However, the HandleListView is a TagView, and currently TagViews always render a tag of some kind. Allow them to return `null` to decline to render any tag.

Test Plan:
  - Added a pile of debugging stuff to `ApplicationTransactionEditor` to throw during mail generation.
  - Added a reviewer to a revision.
  - Used `bin/worker execute --id ...` to hit the mail generation repeatedly.
  - Before patch: mail generated with a <span>, even in text mode.
  - After patch: clean mail generation.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T12082, T11114

Differential Revision: https://secure.phabricator.com/D17162
2017-01-09 08:41:59 -08:00
epriestley
425deeb523 Fix an issue which could prevent blocking reviewers from being removed from revisions
Summary: Ref T11114. After evaluating typeahead tokens, we could process blocking reviewer removals incorrectly: we may get structures back.

Test Plan: Removed blocking reviewers from the web UI.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T11114

Differential Revision: https://secure.phabricator.com/D17163
2017-01-09 08:41:46 -08:00
epriestley
aa6e788f36 Mark "v3" API methods as stable; mark obsoleted methods as "Frozen"
Summary:
Ref T12074. The "v3" API methods (`*.search`, `*.edit`) are currently marked as "unstable", but they're pretty stable and essentially all new code should be using them.

Although these methods are seeing some changes, almost all changes are additive (support for new constraints or attachemnts) and do not break backward compatibility. We have no major, compatibility-breaking changes planned.

I don't want to mark the older methods "deprecated" yet since `arc` still uses a lot of them and there are some capabilities not yet available on the v3 methods, but introduce a new "frozen" status with pointers to the new methods.

Overall, this should gently push users toward the newer methods.

Test Plan: {F2325323}

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T12074

Differential Revision: https://secure.phabricator.com/D17158
2017-01-09 07:16:27 -08:00
epriestley
63bfa5ccb5 Add "project.column.search" for querying workboard column information
Summary:
Ref T12074. Provide a basic but functional v3 API endpoint for reading workboard column information.

There is no equivalent to this in the UI yet, although there may be some day (perhaps adjacent to T5024).

Test Plan:
  - Queried for all columns.
  - Queried for columns on a particular board using `projectPHIDs`.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T12074

Differential Revision: https://secure.phabricator.com/D17157
2017-01-08 13:19:02 -08:00
epriestley
ad3745c801 Add a "columns" attachment to the maniphest.search API method
Summary:
Ref T12074. This allows callers to identify which columns an object appears in (currently, always tasks).

There are a few major cases:

  - Object is in a normal column: we return column information.
  - Object is in a proxy column (subproject or milestone). For example, when you look at the board for "Some Parent Project", the task might show up in a milestone column. I've chosen to not return anything in this case: you can figure out that the task is there by looking at the project structure, and this is kind of an internal artifact of the implementation and probably not useful to callers.
  - Project does not have a workboard: we return nothing.

These seem fairly reasonable, I think?

Test Plan:
  - Queried for tasks, using the "columns" attachment.
  - Dragged a task across a board, querying it repeatedly. Got expected results for normal column (the column), subprojects with no board (nothing), milestones with no board (nothing) and mielstones/subprojects with a board (the column on //that// board, only, not the proxy column on the parent).

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T12074

Differential Revision: https://secure.phabricator.com/D17156
2017-01-08 13:18:01 -08:00
epriestley
9fa7355edc Support "parentPHIDs" and "ancestorPHIDs" as constraints in project.search API
Summary:
Ref T12074. Allows querying for project by direct parent (find only immediate children) or any ancestor (find all descendants) using the API.

There's no proper web UI for this since I'm not sure how useful it is, but you can `/project/?parent=PHID-PROJ-...` or `/project/?ancestor=...` for now. We can add UI later if/when use cases arise, but it's not immediately clear to me that this is useful to do from the web.

Test Plan:
 - From API, queried with `parentPHIDs` and `ancestorPHIDs`, finding direct children only and all descendants, respectively.
 - From web UI, fiddled with `?parent=...` and `?ancestor=...` to make sure they work too. This isn't intended to be a user-facing feature.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T12074

Differential Revision: https://secure.phabricator.com/D17155
2017-01-08 13:16:03 -08:00
epriestley
c0bec6c0ed Add "parent" and "ancestor" information to the project.search API
Summary:
Ref T12074.

  - Adds a new "parent" property on main results. This shows an abbreviated version of the project's parent, or `null` if the project is a root project.
  - Adds a new "ancestor" attachment to pull the entire ancestor list.
  - Adds a new "depth" property on main results.
  - You can use "parent" or "depth" to tell if a project is a subproject or not.

These attempt to balance convenience, power, and performance: the full ancestor list can be big so I made it an attachment, but the other stuff isn't too big and is cheap and seems reasonable to always include.

Test Plan:
In API results:

  - Saw null parent (root projects) and non-null parent (subprojects/milestones).
  - Used "ancestors" attchment, got full list of ancestors.
  - Saw appropriate "depth" values.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T12074

Differential Revision: https://secure.phabricator.com/D17154
2017-01-08 13:14:19 -08:00
epriestley
e03103f349 Return milestone information in project.search
Summary:
Ref T12074.

  - `project.search` now returns milestones by default.
  - A new constraint, `isMilestone`, allows filtering to milestones, non-milestones, or both (API and web UI).
  - `project.search` now returns a milestone number for milestones, or `null` for non-milestones.

NOTE: Existing custom saved queries in projects which previously did not return milestones now will. I expect this to have little-to-no impact on users, and these queries are easy to correct, but I'll note this in changelogs.

Test Plan:
  - Ran various queries with `project.search` and in the web UI, searching for milestones, non-milestones, and both.
  - Web UI default behavior (no milestones) is unchanged, but you can now get milestones if you want them.
  - Queried a milestone by ID/PHID via API.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T12074

Differential Revision: https://secure.phabricator.com/D17153
2017-01-08 13:11:07 -08:00
epriestley
f16778fc18 Fix excessively strict "Can Use Application" policy filtering
Summary:
Ref T9058. The stricter filtering is over-filtering Handles. For example, in the Phacility cluster, users can not see Almanac services.

So this filtering happens:

  - The AlmanacServiceQuery filters the service beacuse they can't see the application.
  - The HandleQuery generates a "you can't see this" handle.
  - But then the HandleQuery filters that handle! It has a "service" PHID and the user can't see Almanac.

This violates the assumption that all application code makes about handles: it's OK to query handles for objects you can't see, and you'll get something back.

Instead, don't do application filtering on handles.

Test Plan:
  - Added a failing test and made it pass.
  - As a user who can not see Almanac, viewed an Instances timeline.
    - Before patch: fatal on trying to load a handle for a Service.
    - After patch: smooth sailing.

Reviewers: chad

Maniphest Tasks: T9058

Differential Revision: https://secure.phabricator.com/D17152
2017-01-08 11:01:36 -08:00
epriestley
d4248d231b Correct "Manage Password" link in Quickling in Diffusion
Summary: Fixes T12080. This was missing a "/", but stop hard-coding these URIs.

Test Plan: Clicked both links with Quickling as a logged-in and logged-out user, ended up in the right place.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T12080

Differential Revision: https://secure.phabricator.com/D17151
2017-01-08 08:20:23 -08:00
Chad Little
8a85ee7c15 Add CustomPHID to PhabricatorProfileMenuEngineConfiguration
Summary: Ref T5867, adds a customPHID field, nullable, and lets you query by it... i think? Not fully able to grok all the EditEngine stuff, but I think this is the right place for the query.

Test Plan: Not wired to anything, but pulling up project menu, editing, all still works.

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: Korvin

Maniphest Tasks: T5867

Differential Revision: https://secure.phabricator.com/D17149
2017-01-07 10:49:54 -08:00
epriestley
363084d4fa Fix an issue where setting a recurrence end date on a Calendar event without one could fatal
Summary: Ref T11816. The underlying format of recurrence end dates swapped around a bit and we now try to compare `null` to a valid date if you're setting it for the first time.

Test Plan:
  - On a new event, set a recurrence end date.
  - Then, removed a recurrence end date.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T11816

Differential Revision: https://secure.phabricator.com/D17150
2017-01-06 16:36:09 -08:00
epriestley
1f2306999b Fix a case where "Accept + Comment" would ignore the "Accept"
Summary:
Ref T11114. When you comment, we try to upgrade your review status to "commented".

This can conflict with upgrading it to "accepted" or "rejected", or removing it entirely.

For now, just avoid making this update. After T10967, I expect "you commented" to be orthogonal to accepted/rejected so it should stop conflicting on its own.

Test Plan:
  - As an "added" reviewer, accepted a revision with a comment in the same transaction.
  - Before patch: accept didn't stick.
  - After patch: accept sticks.

This may be somewhat magical/order-dependent but I was able to reproduce it locally.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T11114

Differential Revision: https://secure.phabricator.com/D17146
2017-01-05 11:30:20 -08:00
epriestley
68374aa264 Correct a "bin/mail" command in "Show Raw Email" help text
Summary: Fixes T12068. These are inbound messages, not outbound.

Test Plan: Read carefully.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T12068

Differential Revision: https://secure.phabricator.com/D17144
2017-01-05 08:59:39 -08:00
Chad Little
96fbf37dcc Bring up contrast on light green / red diffs
Summary: Minor color saturation here, ideal for low quality monitors.

Test Plan:
Review new colors in various scenarios.

{F2305178}

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: Korvin

Differential Revision: https://secure.phabricator.com/D17141
2017-01-04 15:18:24 -08:00
epriestley
2855470b31 Show an info view warning for ongoing or failed builds in Differential
Summary:
Fixes T10136. This reinforces ongoing or failed builds in the comment action area.

We already emit a similar message for unit test failures from `arc unit`. This should probably obsolete that, eventually.

Test Plan:
{F2304809}

{F2304810}

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T10136

Differential Revision: https://secure.phabricator.com/D17140
2017-01-04 15:12:45 -08:00
epriestley
10171e2101 Allow "O42" to find packages by monogram in Owners typeaheads
Summary: When a user queries by package monogram explicitly, search by package ID.

Test Plan: {F2305075}

Reviewers: chad

Reviewed By: chad

Differential Revision: https://secure.phabricator.com/D17142
2017-01-04 15:08:37 -08:00
epriestley
ef05bf335d Allow Harbormaster builds to publish to a different object
Summary:
Fixes T9276. Fixes T8650. The story so far:

  - We once published build updates to Revisions.
  - An unrelated fix (D10911) sent them to the Diffs instead of Revisions, which isn't useful, since you can't see a diff's timeline anywhere.
  - This also caused a race condition, where the RevisionEditor and DiffEditor would update the diff simultaneously (T8650).
  - The diff update was just disabled to avoid the race (part of D13441).
  - Instead, allow the updates to go somewhere else. In this case, we send commit updates to the commit but send diff updates to the revision so you can see 'em.
  - Since everything will be using the revision editor now, we should either get proper lock behavior for free or it should be easy to add if something whack is still happening.
  - Overall, this should pretty much put us back in working order like we were before D10911.

This behavior is undoubtedly refinable, but this should let us move forward.

Test Plan:
Saw a build failure in timeline:

{F2304575}

Reviewers: chad

Reviewed By: chad

Subscribers: PHID-OPKG-gm6ozazyms6q6i22gyam

Maniphest Tasks: T9276, T8650

Differential Revision: https://secure.phabricator.com/D17139
2017-01-04 13:46:39 -08:00
Chad Little
e9243f22b9 Add Form MenuItem, Fix EditEngine Typeahead
Summary: Adds a FormEditEngine MenuItem for adding forms to Projects, Home, QuickCreate. Also adds an EditEngine typeahead that has token rendering issues currently.

Test Plan: Set a normal form as a menu item, edit it, set the name. Set a custom form as a menu item, edit it, set a name.

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: Korvin

Differential Revision: https://secure.phabricator.com/D17098
2017-01-04 13:12:32 -08:00
Chad Little
aa9708c5d3 Update diff highlight colors for better color blindess distinction
Summary: Tweaks the diff colors here a bit, as well as making full diffs slightly easier to read in full. Ref T12060

Test Plan:
Tested prose diffs, email prose diffs, and a regular Differential revision.

{F2304056}

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: Korvin

Maniphest Tasks: T12060

Differential Revision: https://secure.phabricator.com/D17138
2017-01-04 11:35:19 -08:00
epriestley
4516109495 Survive hand-crafted Git commits which are missing timestamp information
Summary:
Fixes T12062. Like the commits from the year 3500, you can artificially build commits with no date information.

We could explicitly store these as `null` to fully respect the underlying datastore. However, I think it's very unlikely that these commits are intentional/meaningful or that this is valuable.

Additionally, "git show" interprets these commits as "Jan 1, 1970". Just store a `0` to mimic its behavior.

Test Plan:
  - Following the process in T11537#192019, artificially created a commit with //no// date information (I deleted all date information from the message).
  - Used `git show` / `git log --format ...` to inspect it: "Jan 1, 1970" on `git show`, no information at all on `%aD`, `%aT`, etc.
  - Pushed it.
  - Saw exception for trying to insert empty string into epoch colum from `bin/repository update`.
  - Applied patch.
  - Got a clean import.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T12062

Differential Revision: https://secure.phabricator.com/D17136
2017-01-04 09:07:46 -08:00
Chad Little
489587d607 Add download link to embedded files
Summary: Ref T3612. Doesn't render correctly, need help please. Adds a download icon into the renderfilelinkview to allow easier downloads.

Test Plan: Click on link, get download, click on file, get lightbox.

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: Korvin

Maniphest Tasks: T3612

Differential Revision: https://secure.phabricator.com/D16980
2017-01-03 10:50:26 -08:00
epriestley
50de3071ac Define Differential email action in terms of EditEngine
Summary: Ref T11114. Move email/command actions, like "!reject", to modular transactions + editengine.

Test Plan: Used `bin/mail receive-test` to pipe "!stuff" to an object, saw appropraite effects in web UI.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T11114

Differential Revision: https://secure.phabricator.com/D17133
2017-01-02 13:25:45 -08:00
epriestley
35750b9c61 Make some Differential comment actions (like "Accept" and "Reject") conflict with one another
Summary:
Ref T11114. When a user selects "Accept", and then selects "Reject", remove the "Accept". It does not make sense to both accept and reject a revision.

For now, every one of the "actions" conflicts: accept, reject, resign, claim, close, commandeer, etc, etc. I couldn't come up with any combinations that it seems like users are reasonably likely to want to try, and we haven't received combo-action requests in the past that I can recall.

Test Plan:
  - Selected "Accept", then selected "Reject". One replaced the other.
  - Selected "Accept", then selected "Change Subscribers". Both co-existed happily.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T11114

Differential Revision: https://secure.phabricator.com/D17132
2017-01-02 13:25:12 -08:00
Chad Little
34d279abde Add responsive spacing to comment form info view
Summary: Moves spacing to responsive CSS.

Test Plan: Test mobile, desktop, and tablet breakpoints.

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: Korvin

Differential Revision: https://secure.phabricator.com/D17130
2017-01-02 10:43:40 -08:00
epriestley
cf1ccc995e Apply application visibility checks during normal object filtering
Summary:
Fixes T9058. Normally, "Query" classes apply an application check and just don't load anything if it fails.

However, in some cases (like email recipient filtering) we run policy checks without having run a Query check first. In that case, one user (the actor) loads the object, then we filter it against other users (the recipeints).

Explicitly apply the application check during normal filtering.

Test Plan: Added a failing test case and made it pass.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T9058

Differential Revision: https://secure.phabricator.com/D17127
2017-01-02 10:00:00 -08:00
epriestley
71de5f2da2 Add more strings for Paste title changes
Summary: See downstream: <https://phabricator.wikimedia.org/T154367>

Test Plan: {F2286968}

Reviewers: chad

Reviewed By: chad

Differential Revision: https://secure.phabricator.com/D17126
2017-01-01 12:19:55 -08:00
epriestley
3d52f07ee7 Make restricted objects in commit messages work more consistently with the web UI
Summary:
Fixes T11344. In the web UI, if a field like "Subscribers" on an object (like a task) contains values you don't have permission to see, you see tokens for them (like "Restricted Project") but not their names.

Make commit messages work the same way: you see the PHID, and can remove it or leave it there, but can't see the underlying name.

(We have to render an actual PHID rather than just "Restricted Thing" because we have to be able to figure out what edit the user is actually trying to make.)

Test Plan: Interacted with a revision via the CLI that had project reviewers I couldn't see.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T11344

Differential Revision: https://secure.phabricator.com/D17124
2017-01-01 09:56:47 -08:00
epriestley
65c1c758ed Use extended policies in Differential diffs
Summary:
Fixes T9648. Diffs currently use `return $this->getRevision()->getViewPolicy();` to inherit their revision's view policy.

After the introduction of object policies, this is wrong for policies like "Subscribers", because it means "Subscribers to this object, the diff". Since Diffs have no subscribers, this always fails.

Instead, use extended policies so that the object policy evaluates in the context of the correct object (the revision).

Test Plan:
  - Create a revision.
  - Subscribe `alice` to it.
  - Set view policy to "Subscribers".
  - View revision as `alice`.
  - Before patch: nonsense fatal about missing diff because of policy error.
  - After patch: `alice` can see the revision.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T9648

Differential Revision: https://secure.phabricator.com/D17123
2017-01-01 09:56:30 -08:00
epriestley
81e2a1cf6b Always parse the first line of a commit message as a title
Summary: Fixes T10312. If your first line is "Reviewers: xyz", it's a title, not a "Reviewers" field.

Test Plan: Added unit test.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T10312

Differential Revision: https://secure.phabricator.com/D17122
2017-01-01 09:56:15 -08:00
epriestley
ab17a7d4bf Be more lenient when accepting "Differential Revision" in the presence of custom ad-hoc commit message fields
Summary:
Fixes T8360. We will now parse revisions out of "Differential Revision: X" followed by other ad-hoc fields which we do not recognize. Previously, these fields would be treated as part of the value.

(In the general case, other fields may line wrap so we can't assume that fields are only one line long. However, we can make that assumption safely for this field.)

Also maybe fix whatever was going on in T9965 although that didn't really have a reproduction case.

Test Plan: Added unit tests.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T8360

Differential Revision: https://secure.phabricator.com/D17121
2017-01-01 09:56:02 -08:00
epriestley
7bf49d254e Use a more conventional spelling of "CLOSED"
Summary: Ref T11114. Wow!

Test Plan: Spelling!

Reviewers: chad, eadler

Reviewed By: chad, eadler

Maniphest Tasks: T11114

Differential Revision: https://secure.phabricator.com/D17125
2017-01-01 09:27:50 -08:00
epriestley
69194fdaf5 Make marking comments as "Done" work cleanly on EditEngine
Summary: Ref T11114. Fixes T10323.

Test Plan:
  - Marked comments as done only: no warning about not leaving a comment.
  - Did nothing: warning about posting an empty comment.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T11114, T10323

Differential Revision: https://secure.phabricator.com/D17120
2016-12-31 10:12:01 -08:00
epriestley
a4ba7daf90 Add transitional support for mail tags to Differential on EditEngine
Summary: Ref T11114. Although I plan to rewrite this system eventually (T10448) it's easy enough to punt for now.

Test Plan: punt

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T11114

Differential Revision: https://secure.phabricator.com/D17119
2016-12-31 10:11:45 -08:00
epriestley
b373dcef74 Restore some minor state behaviors to Differential on EditEngine
Summary:
Ref T11114. This restores:

  - Commandeering should exeucte Herald.
  - Commandeering should swap reviewers.
  - "Request Review" on an "Accepted" revision should downgrade reviewers so they have to accept again.

Test Plan:
  - Commandeered, saw Herald run and reviewers swap.
  - Requested review of an accepted revision, saw it drop down to "Needs Review" with "Accepted Prior" on the reviewer.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T11114

Differential Revision: https://secure.phabricator.com/D17118
2016-12-31 10:11:28 -08:00
epriestley
9b4090af55 Restore quote and warning behaviors to Differential EditEngine comment area
Summary: Ref T11114. This restores warnings (e.g., failing unit tests) and fixes "Quote" behavior for comments.

Test Plan:
  - Quoted a comment.
  - Viewed a warning.

{F2283275}

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T11114

Differential Revision: https://secure.phabricator.com/D17117
2016-12-31 10:11:03 -08:00
epriestley
18249b097f Make inline comment preview and submission mostly work on EditEngine
Summary: Ref T11114. This comments nearly working on EditEngine. Only significant issue I caught is that the "View" link doesn't render properly because it depends on JS which is tricky to hook up. I'll clean that up in a future diff.

Test Plan: {F2279201}

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T11114

Differential Revision: https://secure.phabricator.com/D17116
2016-12-31 10:10:29 -08:00
epriestley
f7b5955d33 Order actions sensibly within Differential revision comment action groups
Summary:
Ref T11114. See D17114 for some discussion.

For review actions: accept, reject, resign.

For revision actions, order is basically least-severe to most-severe action pairs: plan changes, request review, close, reopen, abandon, reclaim, commandeer.

Test Plan: Viewed revisions as an author and a reviewer, saw sensible action order within action groups.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T11114

Differential Revision: https://secure.phabricator.com/D17115
2016-12-31 10:10:05 -08:00
epriestley
48fcfeadaf Allow comment actions to be grouped; group Differential "Review" and "Revision" actions
Summary:
Ref T11114. Differential has more actions than it once did, and may have further actions in the future.

Make this dropdown a little easier to parse by grouping similar types of actions, like "Accept" and "Reject".

(The action order still needs to be tweaked a bit.)

Test Plan: {F2274526}

Reviewers: chad

Reviewed By: chad

Subscribers: eadler

Maniphest Tasks: T11114

Differential Revision: https://secure.phabricator.com/D17114
2016-12-31 10:09:41 -08:00
epriestley
5a6643f36f Restore "Accept", "Reject" and "Resign" actions to Differential on EditEngine
Summary:
Ref T11114. Some rough edges, but this largely makes Accept, Reject and Resign work in the new EditEngine comment area.

Ref T11050. This lays a little bit of groundwork for having "resign" mean "I don't want to review this, even if projects or packages I'm a member of need to", not just "remove me personally as a user reviewer".

Test Plan: Accepted, rejected and resigned from revisions without any major state issues.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T11114, T11050

Differential Revision: https://secure.phabricator.com/D17113
2016-12-31 10:09:27 -08:00
epriestley
8b74cd481a Restore "Commandeer" action to Differential on EditEngine
Summary:
Ref T11114. This has two pieces of side-effect logic which I've noted locally:

  - Commandeer needs to apply Herald rules.
  - Commandeer needs to move the old author to become a reviewer and remove
    the actor as a reviewer.

Test Plan: Commandeered some revisions.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T11114

Differential Revision: https://secure.phabricator.com/D17111
2016-12-31 10:09:00 -08:00
epriestley
deb19b2d57 Restore "Plan Changes" and "Request Review" actions to Differential on EditEngine
Summary:
Ref T11114. This restores these actions.

One behavior is incomplete: "Request Review" on an accepted revision does not downgrade reviewers properly. I've noted this locally.

Test Plan: Planned changes and requested review of a revision.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T11114

Differential Revision: https://secure.phabricator.com/D17109
2016-12-31 10:08:05 -08:00
epriestley
a90ab7f403 Restore "Close" and "Reopen" actions to Differential on EditEngine
Summary:
Ref T11114. This restores these actions as selectable in the comment area.

This does not implement one special rule ("Closing a revision in response to a commit is OK from any status.") but I have a note about that separately.

Test Plan: Closed and reopened revisions.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T11114

Differential Revision: https://secure.phabricator.com/D17108
2016-12-31 10:07:27 -08:00
epriestley
3c5a17ba8a Restore "Reclaim" and "Abandon" actions to Differential on EditEngine
Summary: Ref T11114. This begins restoring comment actions to Differential, but on top of EditEngine.

Test Plan: {F2263148}

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T11114

Differential Revision: https://secure.phabricator.com/D17107
2016-12-31 10:06:46 -08:00
epriestley
c05306d746 Move Differential to EditEngine comments
Summary:
Ref T11114. This is a transitional change that breaks a bunch of stuff. I'll hold it until I've restored features.

This stuff works:

  - Commenting.
  - Subscribers/tags/reviewers.
  - Pinning.
  - Drafts.

This stuff does not work yet:

  - Preview of inline comments.
  - Probably submitting inlines, whatsoever.
  - Comment-area warnings like "There are failing tests."
  - All meaningful actions (accept, reject, etc).

Test Plan: Commented on a revision. Essentially nothing else works yet.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T11114

Differential Revision: https://secure.phabricator.com/D17106
2016-12-31 10:06:15 -08:00
epriestley
3fedc8c299 Allow any EditEngine comment form to be pinned
Summary:
Fixes T12049. This expands "Haunted" comment panels to EditEngine, and by extension to all EditEngine applications.

Eventual goal is to remove custom commenting code in Differential and replace it with EditEngine code.

Changes from current "haunt" mode:

  - This only has one mode ("pinned"), not two ("pinned", "pinned with preview"). There's an inline preview and scroll behavior is a little better.
  - Now has a UI action button.

Slightly tricky stuff:

  - This interacts with "Fullscreen" mode since it doesn't make sense to pin a full-screen comment area.
  - This should only be available for comments, not for remarkup fields like "Description" in "Edit Task".

Test Plan:
  - Pinned/unpinned in Maniphest.
  - Pinned/fullscreened/unfullscreened/unpinned.
  - Checked that "Edit Task" doesn't allow pinning for "Description", etc.
  - Pressed "?", read about pressing "Z".
  - Pressed "Z".

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T12049

Differential Revision: https://secure.phabricator.com/D17105
2016-12-29 12:49:18 -08:00
epriestley
4d8ac00602 Add missing "array" typehint to DifferentialCommitMessageParser
Summary: See D17058.

Test Plan: Ran `arc diff`, which parsed fields as a side effect.

Reviewers: chad

Reviewed By: chad

Differential Revision: https://secure.phabricator.com/D17112
2016-12-29 09:22:13 -08:00
epriestley
065d865bce In the "Version Information" panel, try to include branchpoints
Summary:
Fixes T12040. In T12039, a user running local patches followed the report instructions as far as grabbing version information, but didn't update or revert their local changes or try against a clean install before reporting.

This obviously isn't ideal for us, but it's understandable (grabbing version information is much easier than upgrading/reverting), and we can do better about making this information useful: when compiling version information, try to figure out the branchpoint from a known upstream `master` branch by listing remotes, then running `git merge-base` against them.

Additionally, explicitly document that we want upstream hashes. We have to have a fallback case in this document anyway (for when you can't get to Config) so hopefully this makes it more likely that we get useful information in initial reports.

Test Plan: {F2229574}

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T12040

Differential Revision: https://secure.phabricator.com/D17103
2016-12-23 11:42:20 -08:00
Alex Vandiver
972604e0e5 Set TERM to prevent No entry for terminal type "unknown" messages during fetch
Summary:
Fetches cause output in `/var/tmp/phd/log/daemons.log` as
follows:
```
PHLOG: 'Unexpected output while updating repository "rREPONAME": No entry for terminal type "unknown";
using dumb terminal settings.
' at [/path/to/phabricator/src/applications/repository/daemon/PhabricatorRepositoryPullLocalDaemon.php:455]
```

These warnings come from PHP itself.  Silence these warnings by providing a
known value for `TERM` before shelling out to the PHP script.

See also D9744 (reverted in D11644) and T4990/T7119, which are a similar issue,
but in the pre-receive hooks, not the pull daemons.

Test Plan:
Enabled in production, observed errors to be silenced and
no SSH hangs

Reviewers: #blessed_reviewers, epriestley

Reviewed By: #blessed_reviewers, epriestley

Subscribers: epriestley

Differential Revision: https://secure.phabricator.com/D17100
2016-12-21 15:17:46 -08:00
epriestley
8640ab5fc3 Redirect /source/x (no slash) to /source/x/ (canonical) when viewer is logged out and "x" is public
Summary:
Fixes T12035. Normally, the "abc" -> "abc/" redirect is handled automatically when "abc" hits a 404.

However, in this case, "source/x" does not 404. We route this to a valid controller because some VCS requests omit the slashes, then manually perform the redirect if we aren't serving a VCS request.

Allow this controller to serve public resources so we can serve the redirect to logged-out users instead of prompting them to login so they can be redirected.

Test Plan: Visited `/source/x` as a logged-out user, where `x` is a public repository.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T12035

Differential Revision: https://secure.phabricator.com/D17097
2016-12-20 07:48:20 -08:00
Sébastien Santoro
01ac745d9d Fixed typo
Summary: In Settings > Set VCS Pasword: artisinal → artisanal

Test Plan: Read again the sentence.

Reviewers: epriestley, #blessed_reviewers

Reviewed By: epriestley, #blessed_reviewers

Subscribers: Korvin

Differential Revision: https://secure.phabricator.com/D17095
2016-12-19 17:56:27 -08:00
Chad Little
5e6afa97bc Add a Dashboard MenuItem
Summary: Built similar to Projects, allows setting of a Dashboard to MenuItem.

Test Plan: Add a dashboard with and without a name / icon to a Project.

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: Korvin

Differential Revision: https://secure.phabricator.com/D17092
2016-12-16 13:33:03 -08:00
epriestley
28d74ae572 Rename Differenital "EditPro" controller back to "Edit"
Summary: Ref T11114. We seem to be in reasonable shape here and I don't think anything needs to revert, so rename this back to boring old "edit".

Test Plan: Created, updated, edited a revision via web UI.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T11114

Differential Revision: https://secure.phabricator.com/D17091
2016-12-16 13:17:12 -08:00
Chad Little
c6bdd2c56b Add Ngram support to Dashboards / Panels
Summary: Build ngram indexs, adds search by name capability.

Test Plan: Search for a dashboard by partial name, search for a panel by partial name.

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: Korvin

Differential Revision: https://secure.phabricator.com/D17090
2016-12-16 12:09:06 -08:00
epriestley
895cdaca5d Simplify "Blame Revision" field in Differential
Summary: Ref T11114. This is still mostly in use, but toss a few commit message parsing things.

Test Plan: Viewed/edited/upated blame rev from CLI/web UI.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T11114

Differential Revision: https://secure.phabricator.com/D17089
2016-12-16 12:03:46 -08:00
epriestley
60f41b87e9 Simplify "Tasks" field in Differential
Summary:
Ref T11114. Keep UI, throw everything else away.

Includes an imperfect-but-not-too-awful fix to keep the field actually working.

Test Plan: Edited tasks from CLI.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T11114

Differential Revision: https://secure.phabricator.com/D17088
2016-12-16 10:26:34 -08:00
epriestley
f1f24e0360 Simplify "Repository" field in Differential
Summary: Ref T11114. Keep mail and UI, toss the rest.

Test Plan: Edited/viewed repositories.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T11114

Differential Revision: https://secure.phabricator.com/D17087
2016-12-16 10:25:38 -08:00
epriestley
18debbfdb4 Simplify Differential "Reviewers" field
Summary: Ref T11114. Keep rendering and mail, toss the rest.

Test Plan: Edited and viewed reviewers.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T11114

Differential Revision: https://secure.phabricator.com/D17086
2016-12-16 10:25:22 -08:00
epriestley
2ebbac86de Simplify Differential "Summary" field
Summary: Ref T11114. Keep UI stuff and mail stuff, toss editing.

Test Plan: Viewed and edited revision summaries.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T11114

Differential Revision: https://secure.phabricator.com/D17085
2016-12-16 10:24:39 -08:00
epriestley
c458f09dcc Simplify "Test Plan" custom field
Summary: Ref T11114. This leaves mail integration and UI integration, but strips all the editing (now handled by EditEngine) and commit message stuff (now handled by CommitMessageField).

Test Plan: Viewed and edited test plans and test plan transactions.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T11114

Differential Revision: https://secure.phabricator.com/D17084
2016-12-16 10:24:18 -08:00
epriestley
9e4c16c4c3 Remove Differential "Title" custom field
Summary: Ref T11114. Obsoleted by Modular Transactions + EditEngine + CommitMessageField + we just "hard code" the title of revisions into the page because we're craaazy.

Test Plan:
  - Made an edit on `stable`.
  - Viewed the edit on this change, it still had the proper UI strings.
  - Edited/created/updated revisions.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T11114

Differential Revision: https://secure.phabricator.com/D17083
2016-12-16 10:23:26 -08:00
epriestley
f552a20c61 Remove Differential "View Policy" field
Summary: Ref T11114. Obsoleted by EditEngine.

Test Plan: Edited the view policy of a revision.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T11114

Differential Revision: https://secure.phabricator.com/D17082
2016-12-16 10:23:05 -08:00
epriestley
84572a3b93 Remove Differential subscribers field
Summary: Ref T11114. This is obsoleted by `DifferentialSubscribersCommitMessageField` and EditEngine.

Test Plan: Edited a revision's subscribers.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T11114

Differential Revision: https://secure.phabricator.com/D17081
2016-12-16 10:22:48 -08:00
epriestley
3893b5f1a5 Remove "Revision ID" custom field
Summary: Ref T11114. Obsoleted by `DifferentialRevisionIDCommitMessageField`.

Test Plan:
- Grepped for removed class.
- Created a new revision, verified that the amended message included a proper revision ID.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T11114

Differential Revision: https://secure.phabricator.com/D17080
2016-12-16 10:22:28 -08:00
epriestley
77601bf58c Remove "Reviewed By" Differential field
Summary: Ref T11114. This is replaced by `DifferentialReviewedByCommitMessageField.php`.

Test Plan:
  - Used `differential.getcommitmessage` to query an accepted revision, saw "Reviewed By".
  - Grepped for removed class name.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T11114

Differential Revision: https://secure.phabricator.com/D17079
2016-12-16 10:21:40 -08:00
epriestley
5e606504b7 Remove "DifferentialProjectsField" custom field
Summary: Ref T11114. This is entirely obsoleted by EditEngine.

Test Plan: Edited projects on a revision.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T11114

Differential Revision: https://secure.phabricator.com/D17078
2016-12-16 10:21:26 -08:00
epriestley
8bba1eba85 Remove "DifferentialParentRevisionsField" custom field
Summary: Ref T11114. This was obsoleted by UI changes and hacked around for performance in T11404. It no longer does anything.

Test Plan: Grepped for removed class name.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T11114

Differential Revision: https://secure.phabricator.com/D17077
2016-12-16 10:21:09 -08:00
epriestley
c57c39f5d2 Remove "Next Step" Differential custom field
Summary: Ref T12027. This is purely a UI hint for new users that I'd like to integrate into "Land Revision" in the future instead.

Test Plan: Grepped for removed class, browsed Differential.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T12027

Differential Revision: https://secure.phabricator.com/D17076
2016-12-16 10:20:35 -08:00
epriestley
5ea071f658 Remove "DifferentialGitSVNIDField" custom field in Differential
Summary: Ref T11114. This is obsolted by the narrower `DifferentialGitSVNIDCommitMessageField`.

Test Plan: Browsed around.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T11114

Differential Revision: https://secure.phabricator.com/D17075
2016-12-16 10:11:52 -08:00
epriestley
4df072cca6 Remove "DifferentialEditPolicyField" custom field
Summary: Ref T11114. This is now entirely handled by EditEngine and standard policy code.

Test Plan: Edited the edit policy of a revision.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T11114

Differential Revision: https://secure.phabricator.com/D17074
2016-12-16 10:11:18 -08:00
epriestley
bc6522dbca Remove "DifferentialConflictsField" custom field
Summary: Ref T11114. This is a pure paring field and now entirely handled by `DifferentialConflictsCommitMessageField`.

Test Plan: Grepped for removed class name.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T11114

Differential Revision: https://secure.phabricator.com/D17073
2016-12-16 10:10:45 -08:00
epriestley
93c0ffd02c Remove "Child Revisions" custom field in Differential
Summary: Ref T11114. This was obsoleted by the "Stack" graph and does nothing.

Test Plan: Viewed revisions, still saw dependency graphs.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T11114

Differential Revision: https://secure.phabricator.com/D17072
2016-12-16 10:10:13 -08:00
epriestley
74a0caf9ce Remove "Author" CustomField in Differential
Summary: Ref T11114. This hasn't done anything since we moved author information to the subheader.

Test Plan: Browsed Differential, still saw author information.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T11114

Differential Revision: https://secure.phabricator.com/D17071
2016-12-16 10:09:48 -08:00
epriestley
914d9fa8b9 Simplify Auditors custom field in Differential
Summary: Ref T11114. This field just stores the value of "Auditors" so you can trigger auditors explicitly later on if you want.

Test Plan: Created and edited revisions with "Auditors".

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T11114

Differential Revision: https://secure.phabricator.com/D17070
2016-12-16 10:09:30 -08:00
epriestley
d12856b5d4 Remove "Apply Patch" UI field from Differential
Summary: Ref T12026. This simplifies the UI and makes T11114 easier. I plan to integrate this into "Download Raw Diff" in the future.

Test Plan:
  - Browsed revisions.
  - Grepped for removed class name.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T12026

Differential Revision: https://secure.phabricator.com/D17069
2016-12-16 10:09:15 -08:00
epriestley
a74d602b3c Make stored custom fields work with v3 EditEngine API
Summary: Ref T11114. This makes the unusual stored custom fields ("Blame Rev", "Revert Plan", etc) work somewhat correctly (?) with EditEngine.

Test Plan:
  - Created, updated and edited revisions with unusual stored custom fields like "Blame Rev".
  - Observed that these fields now populate in "differential.revision.edit" when available.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T11114

Differential Revision: https://secure.phabricator.com/D17068
2016-12-16 10:09:03 -08:00
epriestley
64509dcca7 Drive CLI-based revision edits through "differential.revision.edit" API + EditEngine
Summary:
Ref T11114. This creates `differential.revision.edit` (a modern, v3 API method) and redefines the existing methods in terms of it.

Both `differential.createrevision` and `differential.updaterevision` are now internally implemented by building a `differential.revision.edit` API call and then executing it.

I //think// this covers everything except custom fields, which need some tweaking to work with EditEngine. I'll clean that up in the next change.

Test Plan:
  - Created, updated, and edited revisions via `arc`.
  - Called APIs manually via test console.
  - Stored custom fields ("Blame Rev", "Revert Plan") aren't exposed yet.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T11114

Differential Revision: https://secure.phabricator.com/D17067
2016-12-16 10:08:49 -08:00
epriestley
24926f9453 Move Differential commit message rendering to dedicated classes
Summary:
Ref T11114. This probably still has some bugs, but survives basic sanity checks.

Continue pulling commit message logic out of CustomField so we can reduce the amount of responsibility/bloat in the classtree and send more code through EditEngine.

Test Plan:
  - Called `differential.getcommitmessage` via API console for various revisions/parameters (edit and create mode, with and without fields, with and without revisions).
  - Used `--create`, `--edit` and `--update` modes of `arc diff` from the CLI.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T11114

Differential Revision: https://secure.phabricator.com/D17066
2016-12-16 10:08:34 -08:00
Chad Little
0387d62632 Add Dashboard typeaheads
Summary: Builds a basic typeahead for Dashboards and Panels

Test Plan: `/typeahead/browse/PhabricatorDashboardPanelDatasource/`

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: Korvin

Differential Revision: https://secure.phabricator.com/D17064
2016-12-16 08:41:28 -08:00
Chad Little
92db64c1b2 Add EditEngine typeahead
Summary: Allows you to set forms via typeahead

Test Plan: `/typeahead/browse/PhabricatorEditEngineDatasource/`

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: Korvin

Differential Revision: https://secure.phabricator.com/D17065
2016-12-16 08:40:23 -08:00
Aviv Eyal
8b7e99f68c Introduce ModularTransactionType::isRenderingTargetExternal
Summary: This is just some housekeeping - see note in D16287. Basically, "isTextMode" doesn't convey enough information.

Test Plan: `git grep isTextMode | grep -v Remarkup`, and visit all callsites; There are 4 of them left.

Reviewers: #blessed_reviewers, epriestley

Reviewed By: #blessed_reviewers, epriestley

Subscribers: Korvin

Differential Revision: https://secure.phabricator.com/D17063
2016-12-16 00:52:05 +00:00
Chad Little
f277de1d02 Add a basic ProjectProfileMenuItem
Summary: Allows you to name and set a project as a menu item navigation element.

Test Plan: Add a project, no name, see project. Remove. Add a project and give it a short name (bugs) and see project link.

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: Korvin

Differential Revision: https://secure.phabricator.com/D17021
2016-12-15 15:26:29 -08:00
epriestley
de4d7e1b10 Support arbitrarily long filenames in Differential
Summary:
Fixes T11660. Currently, if you try to diff a path with more than 255 total characters, we fail to create the diff because we have a `text255` column.

There are actually two issues here:

  - File names may be arbitrarily long (T11660).
  - File names may not be UTF8 (T6633, etc). This is much more complicated and has other issues -- largely that we can't JSON-encode non-UTF8 filenames. I'm punting on that for now and will deal with it later. This doesn't specifically address non-UTF8 paths, although it is a change that's (probably?) required to eventually support them.

This will cause some potentially slow migrations, but better to do them now, if possible, so we have fewer complicated/slow upgrades overall.

Test Plan:
Created a change touching file: //very_very_very_very_very_very_very_very_very_very_very_very_very_very_very_very_very_very_very_very_very_very_very_very_very_very_very_very_very_very_very_very_very_very_very_very_very_very_very_very_very_very_very_very_very_very_very_directory_name/very_very_very_very_very_very_very_very_very_very_very_very_very_very_very_very_very_very_very_very_very_very_very_very_very_very_very_very_very_very_very_very_very_very_very_very_very_very_very_very_very_very_very_very_very_very_very_long_filename.txt//

{F2137737}

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T11660

Differential Revision: https://secure.phabricator.com/D17062
2016-12-15 11:35:15 -08:00
epriestley
89d88dafcc Fix a Differential exception in invalid/missing fields
Summary: Ref T11114. Missed this while converting.

Test Plan: Tried to create a revision with no test plan. Before: fatal; after: helpful message.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T11114

Differential Revision: https://secure.phabricator.com/D17061
2016-12-15 11:34:54 -08:00
epriestley
8476ad1a28 Separate all commit message field parsing out of Differential custom fields
Summary:
Ref T11114. See that task for some discussion.

Overall, Differential custom fields ended up with too many responsibilities. Later work in EditEngine provides a more promising model for achieving modularity with smaller, more consistent components.

In particular, we have some custom fields like `DifferentialGitSVNIDField` and `DifferentialConflictsField` which serve //only// to support the field parser.

This starts pulling commit message responsibilities out of the core list of custom fields and into simpler dedicated parsers.

Test Plan: Created and edited revisions from the CLI. Added a bit of test coverage.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T11114

Differential Revision: https://secure.phabricator.com/D17058
2016-12-14 18:44:14 -08:00
epriestley
552c546689 Separate commit message parsing and validation from Conduit
Summary:
Ref T11114. I want to move this step away from custom fields. To start with, isolate all the parsing in one class with a clearer API boundary.

Next, I'll make this class use new field objects to perform parsing, without CustomField interactions.

Test Plan: Created and edited revisions from the CLI, using valid and invalid commit messages.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T11114

Differential Revision: https://secure.phabricator.com/D17055
2016-12-14 14:14:47 -08:00
epriestley
378387a078 Fix an issue with mentioning revisions on the new EditEngine code
Summary:
Ref T12020. Ref T11114. If we continue here on a mention, we try to generate `$old`, which requires reviewers to be attached. They won't be for simple codepaths like mentions.

Instead, just bail early: we don't need to do anything anyway since we can't possibly find any more errors with zero transactions.

Test Plan: Mentioned a revision on a task.

Reviewers: chad, avivey

Reviewed By: avivey

Maniphest Tasks: T11114, T12020

Differential Revision: https://secure.phabricator.com/D17059
2016-12-14 14:11:10 -08:00
Chad Little
e077d2f7a7 Reorganize phui-object-item CSS, add drag ui
Summary: Reorgaizes the CSS here a bit, by object list style, adds in a new drag ui class, which will be used in menu ordering.

Test Plan:
Workboards, Home Apps.

{F2126266}

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: Korvin

Differential Revision: https://secure.phabricator.com/D17057
2016-12-14 11:53:17 -08:00
epriestley
ae0e97a499 Remove unusual explicit calls to policy capability descriptions from Diviner
Summary: Fixes T12015. This is weird and probably got copy/pasted from something else that was also being weird, since the methods were empty and I previously removed them.

Test Plan: Edited a book in Diviner.

Reviewers: chad, avivey

Reviewed By: avivey

Maniphest Tasks: T12015

Differential Revision: https://secure.phabricator.com/D17056
2016-12-14 11:23:05 -08:00
epriestley
102ea3cfa4 Replace Differential Edit controller with EditEngine-driven EditPro controller
Summary:
Ref T11114. This replaces the old edit controller with a new one based entirely on EditEngine.

This removes the CustomFieldEditEngineExtension hack for Differential, since remaining field types are fairly straightforward and work with existing EditEngine support, as far as I can tell.

Test Plan:
  - Created a revision via web diffs.
  - Updated a revision via web diffs.
  - Edited a revision via web.
  - Edited nonstandard custom fields ("Blame Revision", "JIRA Issues").
  - Created a revision via CLI.
  - Updated a revision via CLI.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T11114

Differential Revision: https://secure.phabricator.com/D17054
2016-12-14 07:27:39 -08:00
epriestley
32ce21a181 Allow the new Differential EditEngine form to create/update diffs for revisions
Summary: Ref T11114. Much of this is around making the "comment-while-updating" flow work correctly.

Test Plan:
  - Created new diffs by copy/pasting, then:
    - used one to create a new revision;
    - used one to update an existing revision, with a comment.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T11114

Differential Revision: https://secure.phabricator.com/D17053
2016-12-14 07:27:25 -08:00
epriestley
0c6e03d5af Fix a ModularTransactions exception with custom fields that support change details
Summary: We're throwing here when we actually want to return `null` so we make it into custom field handling code. See Conpherence.

Test Plan: Found a failing task and re-executed it with `bin/worker execute --id <id>`; after this change, it didn't fatal.

Reviewers: chad

Reviewed By: chad

Differential Revision: https://secure.phabricator.com/D17051
2016-12-13 18:21:26 -08:00
epriestley
7f99f2cde8 Add EditEngine + Modular Transactions for reviewers
Summary: Ref T11114. This one is a bit more complex, but I think I covered everything.

Test Plan:
  - Added reviewers.
  - Removed reviewers.
  - Made reviewers blocking.
  - Made reviewers nonblocking.
  - Tried to make the author a reviewer.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T11114

Differential Revision: https://secure.phabricator.com/D17050
2016-12-13 18:20:58 -08:00
epriestley
6c9af81f7a Support "Test Plan" with modular transactions and EditEngine
Summary: Ref T11114. The only real trick here is that we respect configuration in `differential.fields`.

Test Plan: Turned plan on and off, tried to remove the plan, edited the plan.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T11114

Differential Revision: https://secure.phabricator.com/D17048
2016-12-13 18:20:16 -08:00
epriestley
5349d6bd5c Add Summary and Repository EditEngine fields + Modular Transactions to Differential
Summary: Ref T11114. These are unambiguous and always-enabled.

Test Plan: {F2117777}

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T11114

Differential Revision: https://secure.phabricator.com/D17047
2016-12-13 18:18:32 -08:00
epriestley
0906bf547b Begin adding "pro" modular transaction fields to Differential
Summary:
Ref T11114. Currently, all of Differential is extremely custom CustomFields. I want to back away from that somewhat and leverage more EditEngine / ModularTransactions infrastructure.

This allows EditEngine, ModularTransactions, and CustomFields to coexist in an uneasy peace. The "EditPro" controller applies a //different edit// than the CustomFields do, but everything works out in the end. I think.

Hopefully the horrible mess I am creating here will be short-lived.

Test Plan:
  - Edited a revision with the normal editor.
  - Edited a revision with the pro editor.
  - Created a revision with `arc diff`.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T11114

Differential Revision: https://secure.phabricator.com/D17044
2016-12-13 14:50:31 -08:00
epriestley
eda64b8549 Add a very basic EditPro controller for Differential
Summary: Ref T11114. This doesn't really support anything yet, but technically works if you manually go to `/editpro/`.

Test Plan: {F2117302}

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T11114

Differential Revision: https://secure.phabricator.com/D17043
2016-12-13 14:36:06 -08:00
epriestley
77fa1ea738 Rename "DifferentialReviewer" to "DifferentialReviewerProxy"
Summary: Ref T10967. This makes room for a `DifferentialReviewer` object which can be a real storage table.

Test Plan: Grepped for `DifferentialReviewer`, browsed Differential.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T10967

Differential Revision: https://secure.phabricator.com/D17041
2016-12-13 14:35:35 -08:00
epriestley
1e9a462baa Remove most of the legacy hunk code
Summary: Ref T8475. This gets rid of most of the old "legacy hunk" code. I'll nuke the rest (and drop the old table) once we're more sure that we're in the clear.

Test Plan: Browsed Differential.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T8475

Differential Revision: https://secure.phabricator.com/D17040
2016-12-13 14:34:36 -08:00
epriestley
fc6bfbdb10 Truncate the one-line diff update summary when updating a revision to 250 bytes
Summary:
Fixes T7899. If you create or update a revision and type an enormously long first line, we currently fatal trying to insert it into the database.

This text is only used to show a single-line summary of the diff in the "History" tab, which should probably be updated anyway. For now, stop fataling.

Test Plan:
Uploaded a diff with the description "MMMM..." (thousands of them).

Before patch: fatal on description being too long.
After patch: beautiful "MMMM" summary.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T7899

Differential Revision: https://secure.phabricator.com/D17038
2016-12-13 14:28:24 -08:00
epriestley
842710608e Don't combine automatic output compression with "Content-Length"
Summary:
Fixes T12013. Send either "Content-Length" or enable output compression, but not both.

Prefer compression for static resources (CSS, JS, etc).

Test Plan: Ran `curl -v ...`, no longer saw responses with both compression and `Content-Length`.

Reviewers: chad, avivey

Reviewed By: avivey

Subscribers: avivey

Maniphest Tasks: T12013

Differential Revision: https://secure.phabricator.com/D17045
2016-12-13 14:25:49 -08:00
Chad Little
26127b9c5f Allow Dashboards to set an icon
Summary: Allows users set an icon (for reuse on upcoming home) for their dashboard based on 16 descriminating choices.

Test Plan: Create a new dashboard, set new icon. Edit an existing dashboard, set icon.

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: Korvin

Differential Revision: https://secure.phabricator.com/D17042
2016-12-13 11:30:22 -08:00
Chad Little
c03a412d5c Add authorPHID to Dashboard Panels
Summary: Adds authorPHID to panels so we can default to the panels you made.

Test Plan: Run upgrade, visit manage panels, see my panels. Create a new panel. Edit a panel.

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: Korvin

Differential Revision: https://secure.phabricator.com/D17036
2016-12-13 10:07:16 -08:00
Chad Little
59f3b5125d Add authorPHID to Dashboards
Summary: Adds an authorPHIDs, populates olds ones.

Test Plan: Make a new Dashboard, see that I created it.

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: Korvin

Differential Revision: https://secure.phabricator.com/D17022
2016-12-12 15:26:43 -08:00
epriestley
39b618039f Remove a very old piece of config documentation
Summary: Ref T571. This was accidentally left behind in D12266.

Test Plan: Used {key command F} to search for "bulk".

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T571

Differential Revision: https://secure.phabricator.com/D17034
2016-12-12 23:22:21 +00:00
epriestley
8e0d936f72 Fix two overzealous renames of getPanelKey()
Summary: Fixes T11999. These are actual panels (SettingsPanel) which are panelley so it's OK.

Test Plan: Clicked "Customize Menu..." on Home.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T11999

Differential Revision: https://secure.phabricator.com/D17032
2016-12-12 10:33:30 -08:00
Chad Little
d8b028b51b Clean up Profile Menu Item page
Summary: Cleans up the UI on the page here, uses two column layout, places actions as actionlist instead of dropdown. Changes edit pages to dialogs.

Test Plan: Add an application, divider, link, and facts to a menu page.

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: Korvin

Differential Revision: https://secure.phabricator.com/D17030
2016-12-12 08:38:23 -08:00
epriestley
237f94b830 Fix flaky subscribers policy rule unit test
Summary:
I'm about 90% sure this fixes the intermittent test failure on `testObjectSubscribersPolicyRule()` or whatever.

We use `spl_object_hash()` to identify objects when passing hints about policy changes to policy rules. This is hacky, and I think it's the source of the unit test issue.

Specifically, `spl_object_hash()` is approximately just returning the memory address of the object, and two objects can occasionally use the same memory address (one gets garbage collected; another uses the same memory).

If I replace `spl_object_hash()` with a static value like "zebra", the test failure reproduces.

Instead, sneak an object ID onto a runtime property. This is at least as hacky but shouldn't suffer from the same intermittent failure.

Test Plan: Ran `arc unit --everything`, but I never got a reliable repro of the issue in the first place, so who knows.

Reviewers: chad

Reviewed By: chad

Differential Revision: https://secure.phabricator.com/D17029
2016-12-11 12:27:57 -08:00
epriestley
42896f9f90 Rename all ProfilePanels into ProfileMenuItems
Summary: Ref T11957.

Test Plan:
  - Viewed an existing project profile.
  - Viewed a user profile.
  - Created a new project.
  - Edited a profile menu.
  - Added new profile items.
  - Grepped for renamed symbols.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T11957

Differential Revision: https://secure.phabricator.com/D17028
2016-12-11 11:44:38 -08:00
epriestley
8480776ccd Rename "ProfilePanelConfiguration" to "ProfileMenuItemConfiguration"
Summary:
Ref T11957. This renames the Configuration storage, transaction, query, and PHID type.

No rename on the actual menu item types yet, that's next (and should be the end of this, I think).

Test Plan:
  - Viewed projects.
  - Viewed profiles.
  - Edited a project menu.
  - Grepped for all renamed symbols, I think?

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T11957

Differential Revision: https://secure.phabricator.com/D17027
2016-12-11 11:44:22 -08:00
epriestley
d6704705a7 Rename "ProfilePanelEditEngine" to "ProfileMenuEditEngine"
Summary: Ref T11957.

Test Plan: Edited profile menus, grepped for renamed symbol.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T11957

Differential Revision: https://secure.phabricator.com/D17026
2016-12-11 11:44:01 -08:00
epriestley
923d3d3060 Rename "PanelEngine" to "MenuEngine"
Summary: Ref T11957.

Test Plan:
Grepped for "PanelEngine", renamed everything except "PanelEditEngine".

Grepped for these changed symbols:

```
ispanelengineconfigurable
getprofilepanelengine
setprofilepanelengine
setpanelengine
getpanelengine
PhabricatorProfilePanelEditEngine
```

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T11957

Differential Revision: https://secure.phabricator.com/D17025
2016-12-11 11:43:42 -08:00
epriestley
f3d9a0b930 Fix two cache issues (global settings; initial setup)
Summary:
  - Fixes T11995. This got moved but I missed renaming this callsite.
  - Fixes T11993. If you have valid credentials, but haven't run `storage upgrade` yet, we can hit this exception during setup. Just ignore it instead.

Test Plan:
  - Saved global settings, no more fatal.
  - Changed `storage-namespace` to junk, loaded web UI with valid database credentials.

{F2106358}

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T11993, T11995

Differential Revision: https://secure.phabricator.com/D17024
2016-12-11 08:28:10 -08:00
Chad Little
f0b6952391 Add an ApplicationProfilePanel
Summary: Allows applications to be added as profile menu items

Test Plan: Add an application to a project, see menu item, click on menu. Uninstall application, see menu without application.

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: Korvin

Differential Revision: https://secure.phabricator.com/D17016
2016-12-09 13:35:17 -08:00
epriestley
9c72c1b1da When rendering the "you were invited" header, query the inviting user with the omnipotent viewer
Summary: Fixes T11982. If an install is not public, the registering user may not be able to see the inviting user.

Test Plan: {F2097656}

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T11982

Differential Revision: https://secure.phabricator.com/D17015
2016-12-09 08:35:34 -08:00
epriestley
9017bb9925 Add a setup check for installation on a burstable instance type
Summary: Fixes T11544. Attempt to detect if we're on a tiny, burstable-CPU AWS instance and complain.

Test Plan:
  - Completely faked this locally.
  - Hit the URI on an EC2 instance to check that it's correct (got back "m3.large", since that was the instance class).

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T11544

Differential Revision: https://secure.phabricator.com/D17014
2016-12-09 08:32:16 -08:00
epriestley
9c38b61e51 Fix an issue where tokenizers can sort milestone results into the wrong query phase
Summary:
Fixes T11955. Currently, milestones have an internal name of "Parent (Milestone) ...".

This makes them look like they're prefix matches for "Parent", but they're actually prefix matches for "Milestone".

Reorder the names so that the internal name is "Milestone Parent ...".

Test Plan: Created a project "AAA" with milestone "BBB". Searched for "AAA", found "AAA" and milestone "AAA (BBB)".

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T11955

Differential Revision: https://secure.phabricator.com/D17013
2016-12-09 08:07:12 -08:00
epriestley
5a95efaa4b Tokenize datasource indexes on "(" and ")"
Summary:
Fixes T11955. Milestone names are currently tokenizing and indexing awkwardly. For example, "A (B C D)" becomes the tokens "A", "(B", "C" and "D)".

The token "(B" can't be searched for since "(" is tokenized on the client.

Instead, tokenize "A (B C D)" into "A", "B", "C", "D".

Test Plan:
  - Added unit tests.
  - Used `bin/search index --type project --force` to reindex.
  - Searched for "A", "B", "C", "D", etc., for real examples.
  - Now, found milestones more consistently.
  - Also serached for `viewer()`, `members()`, etc.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T11955

Differential Revision: https://secure.phabricator.com/D17012
2016-12-09 08:06:47 -08:00
epriestley
ffdc082852 Add a wide range of HTTP-request-based setup checks
Summary:
Ref T11553. With some regularity, users make various configuration mistakes which we can detect by making a request to ourselves.

I use a magical header to make this request because we want to test everything else (parameters, path).

  - Fixes T4854, probably. Tries to detect mod_pagespeed by looking for a header. This is a documentation-based "fix", I didn't actually install mod_pagespeed or formally test this.
  - Fixes T6866. We now test for parameters (e.g., user somehow lost "QSA").
  - Ref T6709. We now test that stuff is decoded exactly once (e.g., user somehow lost "B").
  - Fixes T4921. We now test that Authorization survives the request.
  - Fixes T2226. Adds a setup check to determine whether gzip is enabled on the web server, and attempts to enable it at the PHP level.
  - Fixes `<space space newline newline space><?php` in `preamble.php`.

Test Plan: Tested all of these setup warnings, although mostly by faking them.

Reviewers: joshuaspence, chad

Reviewed By: chad

Subscribers: Korvin

Maniphest Tasks: T4854, T4921, T6709, T6866, T11553, T2226

Differential Revision: https://secure.phabricator.com/D12622
2016-12-08 15:46:23 -08:00
epriestley
be4f66a5a3 In Remarkup, render archived Herald rules with strikethrough for consistency
Summary: Fixes T11969.

Test Plan: {T11969}

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T11969

Differential Revision: https://secure.phabricator.com/D17010
2016-12-08 12:37:54 -08:00
epriestley
5f26dd9b66 Use futures to improve clustered repository main page performance
Summary:
Ref T11954. In cluster configurations, we get repository information by making HTTP calls over Conduit.

These are slower than local calls, so clustering imposes a performance penalty. However, we can use futures and parallelize them so that clustering actually improves overall performance.

When not running in clustered mode, this just makes us run stuff inline.

Test Plan:
  - Browsed Git, Mercurial and Subversion repositories.
  - Locally, saw a 700ms wall time page drop to 200ms.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T11954

Differential Revision: https://secure.phabricator.com/D17009
2016-12-08 07:26:32 -08:00
epriestley
4950926130 Validate settings before writing them to the user cache
Summary:
Fixes T11960. In D16998 I removed some code which validated settings on read to improve performance, but lost this replacement validation in shuffling the patch stack.

This restores similar validation before we write the cache. This has the same effect, it's just faster.

Also, bump the cache key to wipe out anything that got bitten (like my account on `secure` rendering dates wrong).

Test Plan:
  - Edited settings, verified the edits held.
  - Faked invalid settings, saw the check throw exceptions.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T11960

Differential Revision: https://secure.phabricator.com/D17008
2016-12-07 13:34:37 -08:00
epriestley
58ea40ad64 Hash Diffusion README cachekey components
Without this, we end up with an overlong cache key in some cases.

Auditors: chad
2016-12-06 10:03:10 -08:00
epriestley
b869e742b9 Cache README content for repositories
Summary:
Ref T11954. Especially with higher-latency file stores like S3, we can spend a lot of time reading README data and then pulling it out of file storage.

Instead, cache it.

Test Plan: Browsed a repostory with a README, saw faster pages.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T11954

Differential Revision: https://secure.phabricator.com/D17002
2016-12-06 09:59:17 -08:00
epriestley
e6ddd6d0e9 Cache Almanac URIs for repositories
Summary:
Ref T11954. This is kind of complex and I'm not sure I want to actually land it, but it gives us a fairly good improvement for clustered repositories so I'm leaning toward moving forward.

When we make (or receive) clustered repository requests, we must first load a bunch of stuff out of Almanac to figure out where to send the request (or if we can handle the request ourselves).

This involves several round trip queries into Almanac (service, device, interfaces, bindings, properties) and generally is fairly slow/expensive. The actual data we get out of it is just a list of URIs.

Caching this would be very easy, except that invalidating the cache is difficult, since editing any binding, property, interface, or device may invalidate the cache for indirectly connected services and repositories.

To address this, introduce `PhabricatorCacheEngine`, which is an extensible engine like `PhabricatorDestructionEngine` for propagating cache updates. It has two modes:

  - Discover linked objects (that is: find related objects which may need to have caches invalidated).
  - Invalidate caches (that is: nuke any caches which need to be nuked).

Both modes are extensible, so third-party code can build repository-dependent caches or whatever. This may be overkill but even if Almanac is the only thing we use it for it feels like a fairly clean solution to the problem.

With `CacheEngine`, make any edit to Almanac stuff propagate up to the Service, and then from the Service to any linked Repositories.

Once we hit repositories, invalidate their caches when Almanac changes.

Test Plan:
  - Observed a 20-30ms performance improvement with `ab -n 100`.
  - (The main page making Conduit calls also gets a performance improvement, although that's a little trickier to measure directly.)
  - Added debugging code to the cache engine stuff to observe the linking and invalidation phases.
  - Made invalidation throw; verified that editing properties, bindings, etc, properly invalidates the cache of any indirectly linked repositories.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T11954

Differential Revision: https://secure.phabricator.com/D17000
2016-12-06 09:14:45 -08:00
epriestley
f45a13cff4 Improve settings caches on fast paths like Conduit
Summary:
Ref T11954. This reduces how much work we need to do to load settings, particularly for Conduit (which currently can not benefit directly from the user cache, because it loads the user indirectly via a token).

Specifically:

  - Cache builtin defaults in the runtime cache. This means Phabricator may need to be restarted if you change a global setting default, but this is exceptionally rare.
  - Cache global defaults in the mutable cache. This means we do less work to load them.
  - Avoid loading settings classes if we don't have to.
  - If we missed the user cache for settings, try to read it from the cache table before we actually go regenerate it (we miss on Conduit pathways).

Test Plan: Used `ab -n100 ...` to observe a ~6-10ms performance improvement for `user.whoami`.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T11954

Differential Revision: https://secure.phabricator.com/D16998
2016-12-06 09:12:10 -08:00
epriestley
125fb332de Introduce a serializing key-value cache proxy
Summary:
Ref T11954. I want to store some lists/arrays in the mutable (database) cache, but it only supports string storage.

Provide a serializing wrapper which flattens when values are written and expands them when they're read.

Test Plan: Used by D16997. See that revision.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T11954

Differential Revision: https://secure.phabricator.com/D16999
2016-12-06 09:11:32 -08:00
epriestley
f8d6b6181e Use PhabricatorCachedClassMapQuery when querying object PHID types
Summary:
Ref T11954. When we query for Conduit tokens, we load the associated objects (users) by PHID.

Currently, querying objects by PHID requires us to load every PHIDType class, when we can know which specific classes we actually need (e.g., just `UserPHIDType`, if only user PHIDs are present in the query).

Use PhabricatorCachedClassMapQuery to reduce the number of classes we load on this pathway.

Test Plan:
- Used `ab -n100` to roughly measure a ~5% performance improvement?
- This measurement feels a little flimsy but the XHProf profile is cleaner, at least.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T11954

Differential Revision: https://secure.phabricator.com/D16997
2016-12-06 09:10:29 -08:00
epriestley
bfbf75a872 Slightly modernize ConduitTokenQuery
Summary: Ref T11954. This old query class can use slightly more modern code.

Test Plan: Ran Conduit methods, verified results are unchanged.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T11954

Differential Revision: https://secure.phabricator.com/D16996
2016-12-06 08:45:43 -08:00
epriestley
55a54facd5 Use PhabricatorCachedClassMapQuery in Conduit method lookups
Summary: Ref T11954. Depends on D16994. This implements the Conduit method cache described in that revision for a small global Conduit performance improvement.

Test Plan: Verified Conduit has the same behavior at lower cost. See D16994 for details.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T11954

Differential Revision: https://secure.phabricator.com/D16995
2016-12-06 08:38:46 -08:00
epriestley
1f3fcce6fe Provide a cached class map query for making key-based class lookups more efficient
Summary:
Ref T11954. Depends on D16993. We have a couple of "look up the class for this key" queries which are costly enough to show up on a profile.

These aren't huge wins, but they're pretty easy. We currently do this like this:

```
$class_map = load_every_subclass();
return idx($class_map, $key);
```

However, we don't need to load EVERY subclass if we're only looking for, say, the Conduit method subclass which implements `user.whoami`. This allows us to cache that map and find the right class efficiently.

This cache is self-validating and completely safe even in development.

Test Plan:
  - Used `curl` to make queries to `user.whoami`, verified that content was identical before and after the change.
  - Used `ab -n100` to roughly measure 99th percentile time, which dropped from 74ms to 65ms. This is a small improvement (13% in the best case, here) but it benefits every Conduit method call.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T11954

Differential Revision: https://secure.phabricator.com/D16994
2016-12-06 08:34:29 -08:00
epriestley
52112620a3 Provide a pure APC cache for runtime caching
Summary:
Ref T11954. Depends on D16992. We have some data which can be generated and cached at runtime. Three examples are:

  - Class map from Conduit method names to implementing classes.
  - Class map from PHID types to implementing classes.
  - The main routing map.

None of these are huge wins but they impose global costs and can be shaved down through caching without introducing an enormous amount of new complexity.

The cost to these maps is that sometimes you'll need to restart your webserver, even in development mode if these caches are active. However, in some cases these changes are very rare, and in other cases we can just leave the cache disabled in development mode without a huge complexity cost.

Specifically, the Conduit/PHID type class maps are self-validating and can not go bad, even in development mode.

The routing map will be able to, but I plan to just disable it in development mode.

This provides a general-purpose pure APC cache stack for storing this data.

Test Plan: See future changes.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T11954

Differential Revision: https://secure.phabricator.com/D16993
2016-12-06 08:34:13 -08:00
epriestley
4faa4b451f When viewing a branch, preview differences from master
Summary: Ref T929. When viewing a branch, show a few recent differences from the default branch (usually, "master").

Test Plan: {F2079220}

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T929

Differential Revision: https://secure.phabricator.com/D16991
2016-12-06 08:16:41 -08:00
epriestley
fc1adf9875 Modernize UI for "Compare" in Diffusion
Summary: Ref T929. We've made some UI updates since D15330.

Test Plan: {F2079125}

Reviewers: avivey, chad

Reviewed By: chad

Maniphest Tasks: T929

Differential Revision: https://secure.phabricator.com/D16990
2016-12-05 18:10:11 -08:00
Aviv Eyal
43f9927a38 Compare two branches
Summary:
This shows the commits list only (Actual `git diff` will show up at a later date).
The inputs are left as text-fields, to allow the form to accept anything that can be resolved. The form is GET, to allow sharing URIs.

The conduit method response array is compatible with that of `diffusion.historyquery`, to make it easy to build
the "history" table.

The hardest part here was, of course, Naming. I think "from" and "onto" are unconfusing, and I'm fairly confident that the "to merge"
instructions are in sync with the actual content of the page.

Test Plan: Look at several "compare" views, with various values of "from" and "onto".

Reviewers: #blessed_reviewers!, epriestley

Subscribers: caov297, 20after4, Sam2304, reardencode, baileyb, chad, Korvin

Maniphest Tasks: T929

Differential Revision: https://secure.phabricator.com/D15330
2016-12-05 16:25:49 -08:00
Eitan Adler
0ad1dd640a Remove the Persona login method
Summary:
Persona is going to be decommed November 30th, 2016.
It is highly unlikely that anyone is currently using persona as a real
login method at this point.

Test Plan: tried locally to add auth adapter.

Reviewers: chad, #blessed_reviewers, epriestley

Reviewed By: #blessed_reviewers, epriestley

Subscribers: epriestley

Differential Revision: https://secure.phabricator.com/D16371
2016-12-05 15:57:15 -08:00
epriestley
005d8493b0 Pass GIT_ENVIRONMENTAL_MAGIC through to hook subprocesses to support Git 2.11.0
Summary:
Fixes T11940. In 2.11.0, Git has made a change so that newly-pushed changes are held in a temporary area until the hook accepts or rejects them.

This magic temporary area is only readable if the appropriate `GIT_ENVIRONMENTAL_MAGIC` variables are available. When executing `git` commands, pass them through from the calling context.

We're intentionally conservative about which variables we pass, and with good reason (see "httpoxy" in T11359). I think this continues to be the correct default behavior.

Test Plan:
  - Upgraded to Git 2.11.0.
  - Tried to push over SSH, got a hook error.
  - Applied patch.
  - Pulled and pushed over SSH.
  - Pulled and pushed over HTTP.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T11940

Differential Revision: https://secure.phabricator.com/D16988
2016-12-05 12:45:30 -08:00
epriestley
6058d3305f Normalize remote IP addresses when writing to logs, etc
Summary:
Ref T11939. IPv4 addresses can normally only be written in one way, but IPv6 addresses have several formats.

For example, the addresses "FFF::", "FfF::", "fff::", "0ffF::", "0fFf:0::", and "0FfF:0:0:0:0:0:0:0" are all the same address.

Normalize all addresses before writing them to logs, etc, so we store the most-preferred form ("fff::", above).

Test Plan:
Ran an SSH clone over IPv6:

```
$ git fetch ssh://local@::1/diffusion/26/locktopia.git
```

It worked; verified that address read out of `SSH_CLIENT` sensibly.

Faked my remote address as a non-preferred-form IPv6 address using `preamble.php`.

Failed to login, verified that the preferred-form version of the address appeared in the user activity log.

Made IPv6 requests over HTTP:

```
$ curl -H "Host: local.phacility.com" "http://[::1]/"
```

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T11939

Differential Revision: https://secure.phabricator.com/D16987
2016-12-05 11:20:29 -08:00
epriestley
5a060b34df Add IPv6 reserved addresses to the default outbound blacklist
Summary:
Ref T11939. Depends on D16984. Now that CIDRLists can contain IPv6 addresses, blacklist all of the reserved IPv6 space.

This reserved blacklist is used to prevent users from accessing internal services via "Import Calendar" or "Add Macro".

They can't actually reach IPv6 addresses via these mechanisms yet because we need to do more work to support outbound IPv6 requests, but make sure reserved IPv6 space is blacklisted already when that support eventaully arrives.

Also, clean up some error messages (e.g., for trying to hit a bad URI in "Add Macro").

Test Plan:
  - Loaded pages with default blacklist.
  - Tried to make requests into IPv6 space.
  - Currently, this is impossible because of `parse_url()` and `gethostynamel()` calls.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T11939

Differential Revision: https://secure.phabricator.com/D16986
2016-12-05 11:20:13 -08:00
epriestley
4a6229ee69 Remove some no-op "canUninstall()" Application methods
Summary: The default behavior of these methods is to return `true`, so these overrides have no effect.

Test Plan: `grep`; poked around.

Reviewers: chad

Reviewed By: chad

Subscribers: hach-que

Differential Revision: https://secure.phabricator.com/D16985
2016-12-05 11:02:25 -08:00
epriestley
5f593aafb1 Allow logged-out users to load global preferences on installs without public viewers
Summary:
Fixes T11946. When a logged-out viewer is loading a page on a non-public install, there are two policy issues which prevent them from loading global settings:

  - They can not see the Settings application itself.
  - They can not see the global settings object.

Allow them to see Settings by making mandatory applications always visible. (This doesn't make any application pages public.)

Allow them to see the global settings object explicitly.

Test Plan:
Changed default language, viewed logged-out page:

{F2076924}

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T11946

Differential Revision: https://secure.phabricator.com/D16983
2016-12-05 11:00:39 -08:00
epriestley
faf983614c Improve error messages for running git clone against a Mercurial repository
Summary:
Fixes T11938.

Note that there's a subcase here: if you `hg clone` or `svn checkout` a short `/source/` URI that ends in `.git`, we miss the lookup and don't get this far, so you still get a generic error message.

Hopefully it is clear enough on its own that `proto://.../blah.git` is, in fact, a Git repository, since it says ".git" at the end.

If that doesn't prove to be true, we can be more surgical about this.

Test Plan:
```
$ git clone ssh://local@localvault.phacility.com/source/quack.notgit/
Cloning into 'quack.notgit'...
phabricator-ssh-exec: This repository ("quack.notgit") is not a Git repository. Use "hg" to interact with this repository.
fatal: Could not read from remote repository.

Please make sure you have the correct access rights
and the repository exists.
```

```
$ hg clone ssh://local@localvault.phacility.com/source/phabx
remote: phabricator-ssh-exec: This repository ("phabx") is not a Mercurial repository. Use "git" to interact with this repository.
abort: no suitable response from remote hg!
```

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T11938

Differential Revision: https://secure.phabricator.com/D16976
2016-12-02 07:30:03 -08:00
epriestley
7c37377e0d Set the viewer timezone properly on Calendar event RecurrenceSet objects
Summary: Ref T11801. In some cases, this could lead to us failing to generate the first recurrence in a series.

Test Plan: Imported `weekly.ics` (from D16974) and saw an event correctly occur on Aug 18, with my local timezone set to "America/Los_Angeles".

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T11801

Differential Revision: https://secure.phabricator.com/D16975
2016-12-02 07:29:48 -08:00
epriestley
99c6b53ab2 Explicitly update the repository URI index after making a URI edit
Summary:
Fixes T11936. After editing a repository URI, we were not correctly updating the URI index.

Any other edit to the repository //would// update the index, and this index is only really used by `arc` to figure out which repository a working copy belongs to, so that's how this evaded detection for this long. In particular, creating a repository would usually have an edit after any URI edits, to activate it, which would build the index correctly.

Test Plan:
  - Added a new URI to a repository.
  - Verified it was immediately reflected in the `repository_uriindex` table.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T11936

Differential Revision: https://secure.phabricator.com/D16972
2016-12-01 14:29:39 -08:00
epriestley
dc73785c4f Add a "--force" argument to "bin/config done"
Summary:
Ref T11922. When we deploy on Saturday I need to rebuild all the cluster indexes, but some instances won't have anything indexed so they won't actually trigger the activity.

Add a `--force` flag that just clears an activity even if the activity is not required.

Test Plan: Ran `bin/config done reindex --force` several times.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T11922

Differential Revision: https://secure.phabricator.com/D16970
2016-12-01 13:53:33 -08:00
epriestley
9730f5a34f Allow custom Sites to have custom 404 controllers
Summary:
Currently, custom Sites must match `.*` or similar to handle 404's, since the fallback is always generic.

This locks them out of the "redirect to canonicalize to `path/` code", so they currently have a choice between a custom 404 page or automatic correction of `/`.

Instead, allow the 404 controller to be constructed explicitly. Sites can now customize 404 by implementing this method and not matching everything.

(Sites can still match everything with a catchall rule if they don't want this behavior for some reason, so this should be strictly more powerful than the old behavior.)

See next diff for CORGI.

Test Plan:
  - Visited real 404 (like "/asdfafewfq"), missing-slash-404 (like "/maniphest") and real page (like "/maniphest/") URIs on blog, main, and CORGI sites.
  - Got 404 behavior, redirects, and real pages, respectively.

Reviewers: chad

Reviewed By: chad

Differential Revision: https://secure.phabricator.com/D16966
2016-11-30 15:25:09 -08:00
epriestley
29a3cd5121 Add "Manual Activities", to tell administrators to rebuild the search index
Summary:
Ref T11922. After updating to HEAD of `master`, you need to manually rebuild the index. We don't do this during `bin/storage upgrade` because it can take a very long time (`secure.phabricator.com` took roughly an hour) and can happen while Phabricator is running.

However, if we don't warn users about this they'll just get a broken index unless they go read the changelog (or file an issue, then we tell them to go read the changelog).

This adds a very simple table for notes to administrators so we can write a "you need to go rebuild the index" note, then adds one.

Administrators clear the note by completing the activity and running `bin/config done reindex`. This isn't automatic because there are various strategies you can use to approach the issue, which I'll discuss in greater detail in the linked documentation.

Also, fix an issue where `bin/storage upgrade --apply <patch>` could try to re-mark an already-applied patch as applied.

Test Plan:
  - Ran storage ugrades.
  - Got instructions to rebuild search index.
  - Cleared instructions with `bin/config done reindex`.

Reviewers: chad

Reviewed By: chad

Subscribers: avivey

Maniphest Tasks: T11922

Differential Revision: https://secure.phabricator.com/D16965
2016-11-30 11:23:54 -08:00
Chad Little
eeb80ba96b Add sidenav back to workboards
Summary: This is still reasonably functional and useful to people, and we don't have better mechanics to offset the change.

Test Plan: New Workboard, set Workboard color, test mobile, desktop.

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: Korvin

Differential Revision: https://secure.phabricator.com/D16964
2016-11-30 09:56:55 -08:00
epriestley
23a202866a When running a fulltext query with no query, enforce order by document creation date
Summary:
Fixes T11929. When running with a query, we no longer enforce an order on the subquery join to produce results more quickly when searching for common strings.

However, this means that empty queries (like those issued by "Close as Duplicate") don't order subquery results.

Restore a `dateCreated` order if there is no query text.

Test Plan: Artificially set limit to 10, still saw 10 most recent tasks.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T11929

Differential Revision: https://secure.phabricator.com/D16960
2016-11-29 12:14:57 -08:00
epriestley
5cc4f6407c Make the modal choice between "Edit This Event" and "Edit Future Events" more clear
Summary:
Fixes T11909. Ref T11816. Instead of offering a dropdown with choices between "Edit/Cancel/Reinstate This Event" and "Edit/Cancel/Reinstate Future Events", make the choice more explicit.

This dialog ends up pretty wordy but this edit is rare, so I think that's alright.

Test Plan: {F2046863}

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T11816, T11909

Differential Revision: https://secure.phabricator.com/D16956
2016-11-28 10:47:58 -08:00
epriestley
22a566f732 Ignore Calendar date edits which just change the internal date timezone without rescheduling it
Summary:
Ref T11816. Currently, if someone in California creates an event and then someone in New York edits it, we generate a no-op "<user> changed the start time from 3PM to 3PM." transaction.

This is because the internal timezone of the event is changing, but the actual absolute time is not.

Instead, when an edit wouldn't reschedule an event and would only change the internal timezone, ignore the edit.

Test Plan:
  - Edited non-all-day events in PST / EST with out making changes (ignored).
  - Edited non-all-day events in PST / EST with changes (changes worked).
  - Performed the same edits with all-day events, which also were ignored and worked, respectively.
  - Pulled events in and out of all-day mode in different timezones, behavior seemeed reasonable.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T11816

Differential Revision: https://secure.phabricator.com/D16955
2016-11-28 10:33:59 -08:00
epriestley
c5162074a1 Fix an issue where internal Calendar DateTimes would not be correctly set to all-day
Summary:
Ref T11816. I don't really know what happened here, maybe I rewrote and broke this at the last second?

In most cases, we directly respect the `isAllDay` flag on the event, so the internal date state doesn't matter too much.

However, in the case of mail notifications, the raw internal state is relevant. This should fix mail notifications for all-day events.

(I might still turn them off since I'm not sure they're too useful, but it's good to have them working.)

Test Plan:
  - Created a new all-day event, verified database values wrote correctly.
  - Ran `bin/calendar notify --trace`, verified it picked up an all-day event tomorrow with a large enough `--minutes` value.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T11816

Differential Revision: https://secure.phabricator.com/D16954
2016-11-28 08:54:28 -08:00
Chad Little
dece7af50b Prettier file embeds
Summary: Spruce up the file embeds a little more, hover state, icons, file size.

Test Plan:
Add a psd and pdf, see new icons. Check differential, still see icons there too. Test mobile, desktop.

{F2042539}

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: Korvin

Differential Revision: https://secure.phabricator.com/D16950
2016-11-27 14:57:06 -08:00