1
0
Fork 0
mirror of https://we.phorge.it/source/phorge.git synced 2025-01-25 14:08:19 +01:00
Commit graph

2700 commits

Author SHA1 Message Date
epriestley
d450a08890 Support HMAC+SHA256 with automatic key generation and management
Summary:
Ref T12509. This adds support for HMAC+SHA256 (instead of HMAC+SHA1). Although HMAC+SHA1 is not currently broken in any sense, SHA1 has a well-known collision and it's good to look at moving away from HMAC+SHA1.

The new mechanism also automatically generates and stores HMAC keys.

Currently, HMAC keys largely use a per-install constant defined in `security.hmac-key`. In theory this can be changed, but in practice essentially no install changes it.

We generally (in fact, always, I think?) don't use HMAC digests in a way where it matters that this key is well-known, but it's slightly better if this key is unique per class of use cases. Principally, if use cases have unique HMAC keys they are generally less vulnerable to precomputation attacks where an attacker might generate a large number of HMAC hashes of well-known values and use them in a nefarious way. The actual threat here is probably close to nonexistent, but we can harden against it without much extra effort.

Beyond that, this isn't something users should really have to think about or bother configuring.

Test Plan:
  - Added unit tests.
  - Used `bin/files integrity` to verify, strip, and recompute hashes.
  - Tampered with a generated HMAC key, verified it invalidated hashes.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T12509

Differential Revision: https://secure.phabricator.com/D17630
2017-04-06 15:42:59 -07:00
Chad Little
4d29d8e2b7 Fix filetree drag nav CSS
Summary: Fixes T11630. Not sure what the max-width fixes, but I don't see anything off on various mobile, desktop.

Test Plan: Enable filetree in differential, drag navigation all over, see normal width calculations.

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: Korvin

Maniphest Tasks: T11630

Differential Revision: https://secure.phabricator.com/D17591
2017-03-31 08:37:45 -07:00
epriestley
130ebd2c42 Immediately deactivate remarkup autocomplete if there's no query
Summary:
Fixes T12479. If you end a line with a character like ":" in a context which can trigger autocomplete (e.g., `.:`), then try to make a newline, we swallow the keystroke.

Instead, allow the keystroke through if the user hasn't typed anything else yet.

Test Plan:
  - Autocompleted emoji and users normally.
  - In an empty textarea, typed `.:<return>`, got a newline instead of a swallowed keystroke.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T12479

Differential Revision: https://secure.phabricator.com/D17583
2017-03-30 11:29:54 -07:00
epriestley
add1038109 Don't summon the emoji autocompleter for ":3"
Summary:
Fixes T12460. Also ":)", ":(", ":/", and oldschool ":-)" variants.

Not included are variants with actual letters (`:D`, `:O`, `:P`) and obscure variants (`:^)`, `:*)`).

Test Plan: Typed `:3` (no emoji summoned). Typed `:dog3` (emoji summoned). Typed `@3` (user autocomplete summoned).

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T12460

Differential Revision: https://secure.phabricator.com/D17577
2017-03-28 15:50:56 -07:00
epriestley
aea46e55da Fix an issue where "Request Review" of a fully-accepted revision would transition to "Accepted"
Summary:
Ref T10967. This is explained in more detail in T10967#217125

When an author does "Request Review" on an accepted revision, void (in the sense of "cancel out", like a bank check) any "accepted" reviewers on the current diff.

Test Plan:
  - Create a revision with author A and reviewer B.
  - Accept as B.
  - "Request Review" as A.
  - (With sticky accepts enabled.)
  - Before patch: revision swithced back to "accepted".
  - After patch: the earlier review is "voided" by te "Request Review", and the revision switches to "Review Requested".

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T10967

Differential Revision: https://secure.phabricator.com/D17566
2017-03-28 11:50:15 -07:00
Chad Little
9e2ab4f80e Scope syntax css rules to direct descendants only in diffs
Summary: Fixes T11641. We're overbroad here (and this may need more scoping?) but this seems to resolve the immediate issue.

Test Plan: Upload a few diffs and ask disabled accounts to comment on them inline.

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: Korvin

Maniphest Tasks: T11641

Differential Revision: https://secure.phabricator.com/D17565
2017-03-27 10:25:37 -07:00
Chad Little
76404c5fdb Cleaner fullscreen / preview states for Remarkup bar
Summary: General CSS and usability touchup of the Remarkup bar states for fullscreen and preview. Larger fonts, more spacing, some hint of the underlying page. Disable buttons that can't be used in preview mode.

Test Plan:
Formal test coming with mobile, browsers. This is a kick the tires upload.

{F4283448}

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: Korvin

Differential Revision: https://secure.phabricator.com/D17563
2017-03-27 09:19:23 -07:00
Mukunda Modell
e41c25de50 Support multiple fulltext search clusters with 'cluster.search' config
Summary:
The goal is to make fulltext search back-ends more extensible, configurable and robust.

When this is finished it will be possible to have multiple search storage back-ends and
potentially multiple instances of each.

Individual instances can be configured with roles such as 'read', 'write' which control
which hosts will receive writes to the index and which hosts will respond to queries.

These two roles make it possible to have any combination of:

* read-only
* write-only
* read-write
* disabled

This 'roles' mechanism is extensible to add new roles should that be needed in the future.

In addition to supporting multiple elasticsearch and mysql search instances, this refactors
the connection health monitoring infrastructure from PhabricatorDatabaseHealthRecord and
utilizes the same system for monitoring the health of elasticsearch nodes. This will
allow Wikimedia's phabricator to be redundant across data centers (mysql already is,
elasticsearch should be as well).

The real-world use-case I have in mind here is writing to two indexes (two elasticsearch clusters
in different data centers) but reading from only one. Then toggling the 'read' property when
we want to migrate to the other data center (and when we migrate from elasticsearch 2.x to 5.x)

Hopefully this is useful in the upstream as well.

Remaining TODO:

* test cases
* documentation

Test Plan:
(WARNING) This will most likely require the elasticsearch index to be deleted and re-created due to schema changes.

Tested with elasticsearch versions 2.4 and 5.2 using the following config:

```lang=json
  "cluster.search": [
    {
      "type": "elasticsearch",
      "hosts": [
        {
          "host": "localhost",
          "roles": { "read": true, "write": true }
        }
      ],
      "port": 9200,
      "protocol": "http",
      "path": "/phabricator",
      "version": 5
    },
    {
      "type": "mysql",
      "roles": { "write": true }
     }
  ]

Also deployed the same changes to Wikimedia's production Phabricator instance without any issues whatsoever.
```

Reviewers: epriestley, #blessed_reviewers

Reviewed By: epriestley, #blessed_reviewers

Subscribers: Korvin, epriestley

Tags: #elasticsearch, #clusters, #wikimedia

Differential Revision: https://secure.phabricator.com/D17384
2017-03-26 08:16:47 +00:00
epriestley
aa91dc992e Record which user accepted on behalf of packages/owners reviewers
Summary:
Ref T12271. Don't do anything with this yet, but store who accepted/rejected/whatever on behalf of reviewers.

In the future, we could use this to render stuff like "Blessed Committers (accepted by epriestley)" or whatever. I don't know that this is necessarily super useful, but it's easy to track, seems likely to be useful, and would be a gigantic pain to backfill later if we decide we want it.

Test Plan: Accepted/rejected a revision, saw reviewers update appropriately.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T12271

Differential Revision: https://secure.phabricator.com/D17537
2017-03-22 14:26:37 -07:00
epriestley
fab37aa4e3 When accepting revisions, allow users to accept on behalf of a subset of reviewers
Summary:
Ref T12271. Currenty, when you "Accept" a revision, you always accept it for all reviewers you have authority over.

There are some situations where communication can be more clear if users can accept as only themselves, or for only some packages, etc. T12271 discusses some of these use cases in more depth.

Instead of making "Accept" a blanket action, default it to doing what it does now but let the user uncheck reviewers.

In cases where project/package reviewers aren't in use, this doesn't change anything.

For now, "reject" still acts the old way (reject everything). We could make that use checkboxes too, but I'm not sure there's as much of a use case for it, and I generally want users who are blocking stuff to have more direct accountability in a product sense.

Test Plan:
  - Accepted normally.
  - Accepted a subset.
  - Tried to accept none.
  - Tried to accept bogus reviewers.
  - Accepted with myself not a reviewer
  - Accepted with only one reviewer (just got normal "this will be accepted" text).

{F4251255}

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T12271

Differential Revision: https://secure.phabricator.com/D17533
2017-03-22 14:25:04 -07:00
Chad Little
5e16e46039 Remove "Aleo" as specialized font for headers
Summary: Fixes T11865. Part of a 'clean up remarkup' pass, removing Aleo helps simplify coding, is lighter on the wire, and gives a more consistent, clean look.

Test Plan: run celerity, grep for 'aleo' and 'Aleo', test Phriction, tasks

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: Korvin

Maniphest Tasks: T11865

Differential Revision: https://secure.phabricator.com/D17535
2017-03-22 09:57:00 -07:00
epriestley
8ad5d28686 Migrate old reviewer edges to new storage
Summary:
Ref T10967. We still have double writes, so all reviewers are being written to both old and new storage. This migrates all the data in the old storage to the new storage, so both storage tables should have a complete set of data and be getting identical updates as we move forward.

After this, I can move readers over one at a time and eventually get rid of the old writes and old storage.

This loads all of the edge data into memory in a big chunk. I reached out to one install to get some more information about their data size. Ours is quite manageable and I think even large installs will probably fit into memory, but we can do this in chunks if not.

However, because the Edge table doesn't have an `id` column, we can't use either the `RawMigrationIterator` or the `MigrationIterator`, and would need to write a new `EdgeMigrationIterator`. This isn't tons of work but might not be necessary.

Test Plan: Ran the migration locally, spot-checked the results in the database for sanity and correctness.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T10967

Differential Revision: https://secure.phabricator.com/D17515
2017-03-20 16:44:40 -07:00
epriestley
794b456530 Store "last comment" and "last action" diffs on reviewers
Summary:
Ref T10967. We have a "commented" state to help reviewers get a better sense of who is part of a discussion, and a "last action" state to help distinguish between "accept" and "accepted an older version", for the purposes of sticky accepts and as a UI hint.

Currently, these are first-class states, partly beacuse we were somewhat limited in what we could do with edges. However, a more flexible way to represent them is as flags separate from the primary state flag.

In the new storage, write them as separate state information: `lastActionDiffPHID` stores the Diff PHID of the last review action (accept, reject, etc). `lastCommentDiffPHID` stores the Diff PHID of the last comment (top-level or inline).

Test Plan: Applied storage changes, commented and acted on a revision. Saw appropriate state reflected in the database.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T10967

Differential Revision: https://secure.phabricator.com/D17514
2017-03-20 16:44:05 -07:00
Chad Little
de4e8728b2 Add ActionIcon to PHUIListItemView, use in Dashboards
Summary: Extends PHUIListItemView to take an icon, link as an "Action Item" that displays on the right side of the menu link. Does not display on Favorites. This allows for adding edit, external, or other links (documentation?) to any menu item. Right now the secondary link is only visible when the item is selected. This feels right, but if we offer it in other ways, users may always want it visible. We could look at making it onhover.

Test Plan:
Add a bunch of random global and personal dashboards to my menu. Add a menu to Favorites, see no link. Test mobile, link works.

{F4136699}

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: Korvin

Differential Revision: https://secure.phabricator.com/D17505
2017-03-16 11:32:16 -07:00
epriestley
7626ec0ce1 Correct an issue where "View Raw File" in Differential generated a file with overbroad permissions
Summary:
Via HackerOne. When you view a raw file in Differential, we currently generate a permanent file with default permissions. This may be incorrect: default permissions may be broader than the diff's permissions.

The other three methods of downloading/viewing raw files ("Download" in Diffusion and Differential, "View Raw" in Diffusion and Differential) already apply policies correctly and generate temporary files. However, this workflow was missed when other workflows were updated.

Beyond updating the workflow, delete any files we've generated in the past. This wipes the slate clean on any security issues and frees up a little disk space.

Test Plan:
  - Ran migration script, saw existing files get purged.
  - Did "View Raw File", got a new file.
  - Verified that the file was temporary and properly attached to the diff, with "NO ONE" permissions.
  - Double-checked that Diffusion already runs policy logic correctly and applies appropriate policies.
  - Double-checked that "Download Raw Diff" in Differential already runs policy logic correctly.
  - Double-chekced that "Download Raw Diff" in Diffusion already runs policy logic correctly.

Reviewers: chad

Reviewed By: chad

Differential Revision: https://secure.phabricator.com/D17504
2017-03-16 09:51:48 -07:00
Chad Little
a72d18765f Basic "Install Dashboard" workflow
Summary: Ref T12264. This allows users to install a dashboard they are viewing to their personal home menu or as a global home menu item. Has some basic ability to be extended later for maybe projects.

Test Plan:
Build a dashboard, click "Install Dashboard".

 - As user only get personal option
 - As HomeApp edit person, see both options
 - Try installation as either, with and without label set
 - Fake "global" form as user, get error
 - Don't set anything, get error

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: Korvin

Maniphest Tasks: T12264

Differential Revision: https://secure.phabricator.com/D17492
2017-03-14 14:21:56 -07:00
epriestley
251ee9b660 Add dedicated "reviewers" storage to Differential and do double writes
Summary:
Ref T10967. This is an incremental step toward removing "reviewers" back to a dedicated storage table so we can handle changes like T11050.

This adds the storage table, and starts doing double writes to it (so new or updated reviewers write to both the old edge table and the new "reviewers" table).

Then we can do a migration, swap readers over one at a time, and eventually remove the old write and old storage and then implement new features.

This change has no user-facing impact, it just causes us to write new data to two places instead of one.

This is not completely exhaustive: the Herald "Add Reviewers" action is still doing a manual EDGE transaction. I'll clean that up next and do another pass to look for anything else I missed.

This is also a bit copy/pastey for now but the logic around "RESIGN" is a little different in the two cases until T11050. I'll unify it in future changes.

Test Plan:
  - Did a no-op edit.
  - Did a no-op comment.
  - Added reviewers.
  - Removed reviewers.
  - Accepted and rejected revisions.

After all of these edits, did a `SELECT * FROM differential_reviewer` manually and saw consistent-looking rows in the database.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T10967

Differential Revision: https://secure.phabricator.com/D17495
2017-03-14 11:51:51 -07:00
Chad Little
81675e3302 Stronger scoping for Conpherence chat forms
Summary: Fixes T12391. Adds better scoping to these rules to contain changes to just Conpherence.

Test Plan: Test Conpherence, Task comment, persistent chat on mobile / desktop.

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: Korvin

Maniphest Tasks: T12391

Differential Revision: https://secure.phabricator.com/D17496
2017-03-13 18:03:46 -07:00
Chad Little
0cc1a5c4d5 Clean up Space select/dropdown UI alignment
Summary: This alignment is off on edit forms, from the new overflow rules. Let's re-align everything for forms too.

Test Plan:
Add 2 new spaces, go to Maniphest, edit a task, see proper alignment of [Space] [Policy] view dropdowns. Check mobile alignment and Safari/FF.

{F3942187}

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: Korvin

Differential Revision: https://secure.phabricator.com/D17491
2017-03-11 09:43:09 -08:00
Chad Little
4457c3866b Fix project hovercard tag alignment
Summary: Fix tag alignment on project cards when there are multiple tags. Also fixes T12381.

Test Plan: Review a project and people hovercard in sandbox, ensure multiple tags look as expected.

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: Korvin

Maniphest Tasks: T12381

Differential Revision: https://secure.phabricator.com/D17488
2017-03-11 09:41:39 -08:00
Chad Little
3277d8b8c8 Use text ellipsis on hovercard tags
Summary: Fixes T12326. Users can make really log tag titles, this forces ellipsis if it is too long.

Test Plan: Write a super long tag, see ellipisis. Test a small tag, see normal layout.

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: Korvin

Maniphest Tasks: T12326

Differential Revision: https://secure.phabricator.com/D17486
2017-03-09 11:08:57 -08:00
Chad Little
4c7d464f8b Fix firefox submenu arrows on action lists
Summary: Fixes T12370. Moves this to be absolutely positions so the float doesn't mess up text-overflow layouts.

Test Plan: Chrome, Safari, Firefox, mobile and desktop layouts of Maniphest submenus.

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: Korvin

Maniphest Tasks: T12370

Differential Revision: https://secure.phabricator.com/D17484
2017-03-09 07:25:13 -08:00
Chad Little
2fed5b6925 Fourth fix for the magical world of crumbs and text-overflow
Summary: The Safari hack in place casued a truncation issue in Firefox, so that hack is now gone. Instead the bug appears to be the creative inclusion of "space". In fiddling with this adding one space inside the span and one space outside the span seems to resolve all cases.

Test Plan: Chrome, Safari, Firefox. Test "hector" and copy paste of a Task ID.

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: Korvin

Differential Revision: https://secure.phabricator.com/D17483
2017-03-09 07:23:41 -08:00
Chad Little
2ebdf2e080 Remove server side limit on policy control names
Summary: Fixes T12367. CSS here already truncates (or should have been) and is generally more effective. Remove the unneeded server side truncation. Any other UI place these render?

Test Plan: Set Policy to a group name of "Stanford University: Alumni Association and Friends" and see better truncation.

Reviewers: epriestley, eliaspro

Reviewed By: epriestley, eliaspro

Subscribers: eliaspro, Korvin

Maniphest Tasks: T12367

Differential Revision: https://secure.phabricator.com/D17479
2017-03-07 16:37:57 -08:00
Chad Little
683b0221c3 Fix long project names in policy controls
Summary: Fixes T12366. Adds a text-overflow to policy buttons.

Test Plan: Set a view policy to MMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMM

Reviewers: epriestley, eliaspro

Reviewed By: epriestley, eliaspro

Subscribers: eliaspro, Korvin

Maniphest Tasks: T12366

Differential Revision: https://secure.phabricator.com/D17478
2017-03-07 16:36:41 -08:00
Chad Little
0d12bbb903 Set a max-width on crumbs just in case
Summary: Ref D17361. This sets a reasonable width on crumbs just in case a title is super long. Also fixes a weird Safari issue.

Test Plan:
Set a username to "hector" and check Safari. Create a badge named "MMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMM" and test length.

{F3771744}

{F3771747}

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: Korvin

Differential Revision: https://secure.phabricator.com/D17472
2017-03-06 10:47:17 -08:00
Chad Little
cd6b284678 Highlight strong tag in document headers
Summary: Fixes T12357. Adds some color to highlighted text in headers.

Test Plan: == Header with **strong** copy ==

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: Korvin

Maniphest Tasks: T12357

Differential Revision: https://secure.phabricator.com/D17469
2017-03-06 09:28:50 -08:00
Chad Little
f2e013c2e9 Prep user table for default images
Summary: Ref T10319. Adds in database columns for upcoming default generated avatar support.

Test Plan: Ran storage upgrade, log into local site to verify it didn't blow up.

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: Korvin

Maniphest Tasks: T10319

Differential Revision: https://secure.phabricator.com/D17459
2017-03-04 08:18:07 -08:00
Chad Little
f095a81b00 Allow custom image generation when choosing a profile image
Summary: Ref T10319. This swaps the default in the Picture Chooser to allow picking of the custom unique avatar. We're currently going with 100k unique possibilities. The logic roughly hashes a user name and picks an image pack, color, and border. Based on that, we select the first character of their username, or fall back to Psyduck if not [a-z][0-9].

Test Plan:
Set the following usernames from ProfilePicture as a test: chad, epriestley, sally, 007, _cat_, -doggie-.

{F3453979}

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: Korvin

Maniphest Tasks: T10319

Differential Revision: https://secure.phabricator.com/D17430
2017-03-03 20:21:31 -08:00
Chad Little
87304e360f Remove dashboard footer
Summary: Doesn't seem popular, will rethink dashboard editing again in the future at some point.

Test Plan: Review a dashboard, edit, install.

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: Korvin

Differential Revision: https://secure.phabricator.com/D17450
2017-03-02 06:29:39 -08:00
epriestley
6f7bb8c91a On workboards, provide all of the supported "create task" forms in the dropdown
Summary:
Ref T12314. Ref T6064. Ref T11580. If an install defines several different task create forms (like "Create Plant" and "Create Animal"), allow any of them to be created directly onto a workboard column.

This is just a general consistency improvement that makes Custom Forms and Workboards work together a bit better. We might do something fancier eventually for T6064 (which wants fewer clicks) and/or T11580 (which wants per-workboard control over forms or defaults).

Test Plan:
  - Created several different types of tasks directly onto a workboard.
  - Faked just one create form, saw the UI unchanged (except that it respects any renaming).

{F3492928}

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T12314, T11580, T6064

Differential Revision: https://secure.phabricator.com/D17446
2017-03-02 04:24:40 -08:00
epriestley
dc7ecf5875 Add "subtype" storage to Maniphest tasks
Summary: Ref T12314. Provides a field on tasks for storing subtypes. Does nothing interesting yet.

Test Plan:
  - Ran storage upgrade.
  - Created some tasks.
  - Looked in the database.
  - Used Conduit to query some tasks.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T12314

Differential Revision: https://secure.phabricator.com/D17441
2017-03-02 04:17:47 -08:00
epriestley
91ef237290 Add a "subtype" field to EditEngine forms
Summary:
Ref T12314. This adds storage so EditEngine forms can later be marked as edit fields for particular types of objects (like an "animal edit form" vs a "plant edit form").

We'll take you to the right edit form when you click "Edit" by selecting among forms with the same subtype as the task.

This doesn't do anything very interesting on its own.

Test Plan:
  - Ran `bin/storage upgrade`.
  - Verified database got the field with proper values.
  - Created a new form, checked the database.
  - Ran unit tests.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T12314

Differential Revision: https://secure.phabricator.com/D17439
2017-03-02 04:16:27 -08:00
Chad Little
05377bea19 Add an avatar builtin file generator
Summary: Ref T10319. This builds out a reasonably decent avatar generator. 256 colors x 74 images x 2 borders, 38k options. Not completely sure though how names disburse though, so likely half that number. I can add lowercase lettering to double the footprint if needed though.

Test Plan:
UIExamples. Color generator here: http://tools.medialab.sciences-po.fr/iwanthue/

{F3416622}

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: Korvin

Maniphest Tasks: T10319

Differential Revision: https://secure.phabricator.com/D17418
2017-02-27 11:09:30 -08:00
Chad Little
be785d1e8a Add some pre-built alphanumeric characters
Summary: Ref T10319. Builds out some decent looking letters and numbers.

Test Plan: Review alignment in Photoshop.

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: Korvin

Maniphest Tasks: T10319

Differential Revision: https://secure.phabricator.com/D17417
2017-02-26 11:39:05 -08:00
Chad Little
44b307f28d Add some higher resolution default user images
Summary: Looks nicer on profiles, cards. Added some additional colors.

Test Plan: change my avatar a few times

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: avivey, Korvin

Differential Revision: https://secure.phabricator.com/D17416
2017-02-26 09:56:21 -08:00
Chad Little
730d88c414 Re-center timeline badges
Summary: This layout inadvertantly changed, so make timeline badges always center.

Test Plan: Review in sandbox.

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: Korvin

Maniphest Tasks: T12270

Differential Revision: https://secure.phabricator.com/D17411
2017-02-24 14:04:13 -08:00
Chad Little
80cccebca2 Build a Badges page for Profiles
Summary: Ref T12270. Moves badges into their own page and menu item. Capable of displaying hundreds of useful tokens of appreciation and dedication.

Test Plan:
Test blank state, mobile, awards badges.

{F3284139}

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: Korvin

Maniphest Tasks: T12270

Differential Revision: https://secure.phabricator.com/D17410
2017-02-24 13:15:42 -08:00
epriestley
84aff44bcd Add a "Red/Green Colorblind" accessibility mode, make all web UIs and email respect it
Summary:
Fixes T12172. Fixes T12060. This allows runtime code building CSS for mail to read CSS variables, then makes all the code do that.

It reverts the non-colorblind red/green to the colors in use before T12060, which seem better for non-colorblind users since no one really complained?

Test Plan:
  - Viewed code diffs in Web UI.
  - Viewed prose diffs in Web UI.
  - Viewed code diffs in email.
  - Viewed prose diffs in email.

All modes respected the accessibility color scheme.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T12172, T12060

Differential Revision: https://secure.phabricator.com/D17269
2017-02-23 10:57:39 -08:00
Chad Little
254ee82a0c Hide Conpherence durable column when printing
Summary: Fixes T12303. Hides column.

Test Plan: Print a page with `__print__=1`

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: Korvin

Maniphest Tasks: T12303

Differential Revision: https://secure.phabricator.com/D17395
2017-02-22 12:31:05 -08:00
Chad Little
aaa81b4834 Center Pager buttons
Summary: Fixes T12305. Centers the buttons, which I prefer anyways.

Test Plan: Review buttons, now centered.

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: Korvin

Maniphest Tasks: T12305

Differential Revision: https://secure.phabricator.com/D17394
2017-02-22 08:34:33 -08:00
Chad Little
89ce42c15c Update people hovercard UI
Summary: Removes Badges, they felt awkward. Updates UI, larger image, better layout, more icons.

Test Plan: Review numerous layouts with fancy new search tool.

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: Korvin

Differential Revision: https://secure.phabricator.com/D17391
2017-02-21 14:41:10 -08:00
epriestley
ab9c1b73b5 Fix bad JS rendering in "Allow Desktop Notifications" workflow
Summary:
See downstream <https://phabricator.kde.org/T5404>. This code was doing some `.firstChild` shenanigans which didn't survive some UI refactoring.

This whole UI is a little iffy but just unbreak it for now.

Test Plan: Allowed and rejected desktop notifications, got largely reasonable UI rendering.

Reviewers: chad

Reviewed By: chad

Differential Revision: https://secure.phabricator.com/D17388
2017-02-20 12:55:34 -08:00
epriestley
c0cfd4e9aa Revert "Restrict all crumbs to 240 max width" for this release
Summary:
Ref T12287. See D17361. That fixed a mostly-theoretical bug with crumbs named things like "MMMMMMMMMMMMMMMMMMMM", but caused a less-theoretical buggy side effect in Safari.

For now, just keep the "MMMMMMMM" crumbs around since that's the easiest/least-bad/safest fix prior to the release cut. We can fix this more broadly when we have more time to look at it.

Test Plan: Looked at profiles, saw the entire name for "hector" and the too-long-crumb for "MMMMM".

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T12287

Differential Revision: https://secure.phabricator.com/D17382
2017-02-17 15:43:47 -08:00
Chad Little
e0cd3062d5 Restrict all crumbs to 240 max width
Summary: Ref T12270. Any project, badge, dashboard, etc, that uses names in crumbs can over generate a long title. Restrict to a sane but generous width.

Test Plan: Make a project with a really long name, test various crumb layouts, boards, tasks, desktop, mobile.

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: Korvin

Maniphest Tasks: T12270

Differential Revision: https://secure.phabricator.com/D17361
2017-02-15 13:06:11 -08:00
Chad Little
37ac0ada17 Restrict movable panels to non-tab panels
Summary: Fixes T12248. Adds a flag for movable panels, and only allows those to be moved. Also cleaned up some CSS rules missing once a panel was drug into a new position.

Test Plan: Try to drag a tab panel content pane, cannot. Drag normal pane, see CSS, grab and drag same panel back, CSS looks the same.

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: Korvin

Maniphest Tasks: T12248

Differential Revision: https://secure.phabricator.com/D17356
2017-02-14 14:15:59 -08:00
Chad Little
128a9d13fc Fix diviner documenation hover states
Summary: Bump up the CSS scope, since we altered the normal rule for device-desktop

Test Plan: /diviner/ in sandbox

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: Korvin

Differential Revision: https://secure.phabricator.com/D17352
2017-02-14 07:23:45 -08:00
Chad Little
006d74fde2 Clean up some search result alignment CSS
Summary: Aligns the search result list to the right of the input box, adds a little space, removes a double border.

Test Plan: Search on desktop, mobile, tablet breakpoints. Double check normal typeahead results.

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: Korvin

Differential Revision: https://secure.phabricator.com/D17345
2017-02-13 11:19:00 -08:00
Chad Little
4176bdeb5b Allow task graph task titles to go full width
Summary: Fixes T12213. Removes truncation and allows titles to be full width if needed.

Test Plan:
Chrome / Firefox / Safari on Mac, mobile and desktop widths.

{F2754679}

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: Korvin

Maniphest Tasks: T12213

Differential Revision: https://secure.phabricator.com/D17336
2017-02-10 10:58:15 -08:00
epriestley
4039f5f11b Don't try to access the Stripe object until the user submits the credit card form
Summary: Ref T12232. I can't reproduce the original issue, but this should probably fix it without side effects?

Test Plan: Added a card with Stripe, but I could do that before too.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T12232

Differential Revision: https://secure.phabricator.com/D17333
2017-02-10 08:40:14 -08:00