1
0
Fork 0
mirror of https://we.phorge.it/source/phorge.git synced 2024-12-29 00:40:57 +01:00
Commit graph

5906 commits

Author SHA1 Message Date
Bob Trahan
e281c5ee90 Security - disable conduit act as user by default
Summary: Introduce a new configuration setting that by default disables the conduit as as user method. Wordily explain that turning it on is not recommended. Fixes T3818.

Test Plan:
```
15:25:19 ~/Dropbox/code/phalanx/src/applications/conduit (T3818)
~>  echo '{}' | arc call-conduit --conduit-uri http://phalanx.dev/ user.whoami
Waiting for JSON parameters on stdin...
{"error":null,"errorMessage":null,"response":{"phid":"PHID-USER-tghb3b2gbdyezdcuw2or","userName":"btrahan","realName":"Bob Trahan","image":"http:\/\/phalanx.dev\/file\/data\/yncjbh7phk7ktrdhuorn\/PHID-FILE-qyf4ui3x2ll3e52hpg5e\/profile-profile-gravatar","uri":"http:\/\/phalanx.dev\/p\/btrahan\/","roles":["admin","verified","approved","activated"]}}
15:25:34 ~/Dropbox/code/phalanx/src/applications/conduit (T3818)

<go edit libconfig/conduitclient to spoof another user...>

~>  echo '{}' | arc call-conduit --conduit-uri http://phalanx.dev/ user.whoami
Waiting for JSON parameters on stdin...
{"error":"ERR-CONDUIT-CORE","errorMessage":"ERR-CONDUIT-CORE: security.allow-conduit-act-as-user is disabled","response":null}
15:26:40 ~/Dropbox/code/phalanx/src/applications/conduit (T3818)

<enable option via bin/config....>

~>  echo '{}' | arc call-conduit --conduit-uri http://phalanx.dev/ user.whoami
Waiting for JSON parameters on stdin...
{"error":null,"errorMessage":null,"response":{"phid":"PHID-USER-6lcglnzbkiamdofishgi","userName":"xerxes","realName":"Xerxes Trahan","image":"http:\/\/phalanx.dev\/file\/data\/n2kyeevowetcuynbcxrg\/PHID-FILE-voquikectzpde256zzvm\/profile-1275455993.jpg","uri":"http:\/\/phalanx.dev\/p\/xerxes\/","roles":["verified","approved","activated"]}}
```

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: jevripio, sowedance, epriestley, Korvin

Maniphest Tasks: T3818

Differential Revision: https://secure.phabricator.com/D9881
2014-07-10 15:43:53 -07:00
epriestley
fae23e0860 Make column reordering after edits on workboards more general
Summary:
Ref T5476. Currently, the task edit code assumes it knows what the UI looks like and sends back where on the column an item should be inserted.

This is buggy after adding filters, and relatively complex. Instead, send down the ordering on the whole column and sort it in the UI. This is a bit simpler overall and more general. It makes it easier to further generalize this code for T5476.

Test Plan:
  - Edited a task on a board, changing priority. Saw it reorder properly.
  - Edited a task on a board in a field of other tasks at the same top-level priority. Saw it refresh without reordering.

Reviewers: chad

Reviewed By: chad

Subscribers: epriestley

Maniphest Tasks: T5476

Differential Revision: https://secure.phabricator.com/D9832
2014-07-10 10:19:03 -07:00
epriestley
3d804bf14d Fix some transaction issues when retitling projects
Summary:
Fixes T5530.

  - We currently fail if you rename a project so it has the same slug (e.g., "Example" -> "ExAmPlE").
  - We currently fail if you rename a project so one of its secondary hashtags becomes the primary hashtag.

Instead, succeed in these cases.

Test Plan: Successfully performed the renames described above.

Reviewers: btrahan, chad

Reviewed By: chad

Subscribers: epriestley

Maniphest Tasks: T5458, T5530

Differential Revision: https://secure.phabricator.com/D9829
2014-07-10 10:18:32 -07:00
epriestley
e46826ad36 Introduce CAN_EDIT for ExternalAccount, and make CAN_VIEW more liberal
Summary:
Fixes T3732. Ref T1205. Ref T3116.

External accounts (like emails used as identities, Facebook accounts, LDAP accounts, etc.) are stored in "ExternalAccount" objects.

Currently, we have a very restrictive `CAN_VIEW` policy for ExternalAccounts, to add an extra layer of protection to make sure users can't use them in unintended ways. For example, it would be bad if a user could link their Phabricator account to a Facebook account without proper authentication. All of the controllers which do sensitive things have checks anyway, but a restrictive CAN_VIEW provided an extra layer of protection. Se T3116 for some discussion.

However, this means that when grey/external users take actions (via email, or via applications like Legalpad) other users can't load the account handles and can't see anything about the actor (they just see "Restricted External Account" or similar).

Balancing these concerns is mostly about not making a huge mess while doing it. This seems like a reasonable approach:

  - Add `CAN_EDIT` on these objects.
  - Make that very restricted, but open up `CAN_VIEW`.
  - Require `CAN_EDIT` any time we're going to do something authentication/identity related.

This is slightly easier to get wrong (forget CAN_EDIT) than other approaches, but pretty simple, and we always have extra checks in place anyway -- this is just a safety net.

I'm not quite sure how we should identify external accounts, so for now we're just rendering "Email User" or similar -- clearly not a bug, but not identifying. We can figure out what to render in the long term elsewhere.

Test Plan:
  - Viewed external accounts.
  - Linked an external account.
  - Refreshed an external account.
  - Edited profile picture.
  - Viewed sessions panel.
  - Published a bunch of stuff to Asana/JIRA.
  - Legalpad signature page now shows external accounts.

{F171595}

Reviewers: chad, btrahan

Reviewed By: btrahan

Subscribers: epriestley

Maniphest Tasks: T3732, T1205, T3116

Differential Revision: https://secure.phabricator.com/D9767
2014-07-10 10:18:10 -07:00
epriestley
02c3200867 Respond more gracefully when a git push deletes a nonexistent ref
Summary:
Fixes T5534. If you `git push origin :refs/tags/doesnotexist` (for some non-existing tag), we get a change where both the old and new refs are empty.

We incorrectly call this an "add", because the old ref is empty. Instead, call this a "delete", but skip the logic which would normally mark it dangerous.

(Possibly we should just reject these outright, but Git allows them, so stick with that for now.)

Test Plan:
Pushed nonexistent refs:

```
  $ git push origin :refs/tags/doesnotexist
  remote: warning: Allowing deletion of corrupt ref.
  To ssh://dweller@localhost/diffusion/POEMS/
   - [deleted]         doesnotexist
  $
```

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: epriestley

Maniphest Tasks: T5534

Differential Revision: https://secure.phabricator.com/D9800
2014-07-10 10:17:17 -07:00
epriestley
16648c28bc Add GROUP BY to commit query
Summary:
Ref T4715. Some minor stuff I caught locally while poking around:

  - Since we don't `GROUP BY`, we can still get duplicate commits. These get silently de-duplicated by `loadAllFromArray()` because that returns an array keyed by `id`, but we fetch too much data and this can cause us to execute too many queries to fill pages. Instead, `GROUP BY` if we joined the audit table.
  - After adding `GROUP BY`, getting the audit IDs out of the query is no longer reliable. Instead, query audits by the commit PHIDs. This is approximately equiavlent.
  - Since we always `JOIN`, we currently never return commits that don't have any audits. If we don't know that all results will have an audit, just `LEFT JOIN`.
  - Add some `!== null` to catch the `withIDs(array())` issue that we hit with Khan Academy a little while ago.

Test Plan:
  - Verified that "All Commits" shows commits with no audits of any kind.
  - Verified that the raw data comes out of the query without duplicates.

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: epriestley

Maniphest Tasks: T5433, T4715

Differential Revision: https://secure.phabricator.com/D8879
2014-07-10 10:16:26 -07:00
epriestley
d83bf5ea06 After a file upload, take the user to the info page, not the view page
Summary: Fixes T5588. If you upload an image, we currently take you to the image URL, but this makes it hard to figure out the monogram for use elsewhere.

Test Plan: Uploaded a file and was taken to the info page.

Reviewers: joshuaspence

Reviewed By: joshuaspence

Subscribers: epriestley

Maniphest Tasks: T5588

Differential Revision: https://secure.phabricator.com/D9872
2014-07-10 06:39:23 -07:00
Lex
a230e0fab7 switch from term query to match query
Summary:
Switch to the `match` query.  The operator is set to `and` because it defaults to `or` which is likely to annoy users.  We might want to consider using `query_string` to get booleans, wildcards, and other features.  The only problem with `query_string` is that it can allow querying on other fields in the json document, and we may want to prevent that.  That might even expose information we don't want to expose.  Another option would be to parse booleans ourselves and translate them to the ES query DSL.

fixes T5488

Test Plan: Try the `vpn`/`VPN` test case described in T5488.

Reviewers: epriestley, #blessed_reviewers

Reviewed By: epriestley, #blessed_reviewers

Subscribers: WikiChad, epriestley, Korvin

Maniphest Tasks: T5488

Differential Revision: https://secure.phabricator.com/D9785
2014-07-09 15:47:07 -07:00
Lex
4dd9be5c94 change elasticsearch text query to match query for compat with 1.1.0
Summary:
ElasticSearch silently removed the long-deprecated `text` query in favor of the `match` query.  `match` works just like `text`, so the fix is simple.

fixes T5507

Test Plan: see if the breakage is fixed

Reviewers: epriestley, #blessed_reviewers

Reviewed By: epriestley, #blessed_reviewers

Subscribers: WikiChad, epriestley, Korvin

Maniphest Tasks: T5507

Differential Revision: https://secure.phabricator.com/D9784
2014-07-09 15:41:13 -07:00
Aviv Eyal
64e2aad46f set localpath in repository.create
Summary: Since there's no way to set it, it defaults to an empty value. Make the conduit call set up sane default.

Test Plan: Call method, repo get's built with expected localpath.

Reviewers: epriestley, #blessed_reviewers

Reviewed By: epriestley, #blessed_reviewers

Subscribers: epriestley, Korvin

Differential Revision: https://secure.phabricator.com/D9842
2014-07-09 15:35:25 -07:00
Joshua Spence
8756d82cf6 Remove @group annotations
Summary: I'm pretty sure that `@group` annotations are useless now... see D9855. Also fixed various other minor issues.

Test Plan: Eye-ball it.

Reviewers: #blessed_reviewers, epriestley, chad

Reviewed By: #blessed_reviewers, epriestley

Subscribers: epriestley, Korvin, hach-que

Differential Revision: https://secure.phabricator.com/D9859
2014-07-10 08:12:48 +10:00
epriestley
fe29db6b92 Use shouldAllowPublic(), not shouldRequireLogin(), for Legalpad
Summary: This got written a while ago and is using slightly incorrect gating on logged-out users. The names of these methods should probably be more clear too, but basically "shouldAllowPublic()" is for "this page may be usable to logged-out users, if policies allow it", while "shouldRequireLogin()" is for "this page should skip various credential checks". One of the skipped checks is email verification. This method should maybe be something like "isAuthenticationRelatedOrNoncredentialPage()" but I don't have a good name for that.

Test Plan: Unverified users are now prompted to verify email when viewing a legalpad document, instead of allowed to sign it.

Reviewers: rush898, chad

Reviewed By: chad

Subscribers: epriestley

Differential Revision: https://secure.phabricator.com/D9857
2014-07-09 08:01:34 -07:00
Dirkjan Ochtman
a89ce7e9a2 Fix typo in ConfigWelcomeController support text
See: <https://github.com/phacility/phabricator/pull/670>

Reviewed by: epriestley
2014-07-07 04:54:00 -07:00
epriestley
0cc32a9b8f Render hashtags as colored/icon'd project tags
Summary: In most cases we preserve what the user typed, but showing colors/icons/names is more useful than `#yolo` (and makes aliases more usable without loss of meaning).

Test Plan: {F174510}

Reviewers: chad

Reviewed By: chad

Subscribers: epriestley

Differential Revision: https://secure.phabricator.com/D9831
2014-07-05 10:16:58 -07:00
epriestley
a7c1f872a0 Show project hashtags prominently on project pages
Summary: Currently, it's unreasonably difficult for users to figure out some project hashtags because the rules aren't always intuitive.

Test Plan: {F174508}

Reviewers: chad

Reviewed By: chad

Subscribers: epriestley

Differential Revision: https://secure.phabricator.com/D9830
2014-07-05 10:16:47 -07:00
epriestley
eb28a7caef Add an optional preamble to Legalpad documents
Summary:
Fixes T5532. Allow documents to have a preamble in the header which can be used to explain who should sign a document and why.

Particularly, I plan to use this to navigate the corporate vs individual stuff more sensibly.

Test Plan: {F174228}

Reviewers: chad

Reviewed By: chad

Subscribers: epriestley

Maniphest Tasks: T5532

Differential Revision: https://secure.phabricator.com/D9819
2014-07-04 09:41:27 -07:00
James Rhodes
a3d50118e1 Allow users to specify names of build steps
Summary: Ref T1049.  This provides a user-configurable name field on build steps, which allows users to uniquely identify their steps.  The intention is that this field will be used in D9806 to better identify the dependencies (rather than showing an unhelpful PHID).

Test Plan: Set the name of some build steps, saw it appear in the correct places.

Reviewers: epriestley, #blessed_reviewers

Reviewed By: epriestley, #blessed_reviewers

Subscribers: epriestley, Korvin

Maniphest Tasks: T1049

Differential Revision: https://secure.phabricator.com/D9816
2014-07-05 01:56:02 +10:00
epriestley
e8d217b8bd Allow Legalpad documents to designate corporate signers
Summary:
Ref T5532. This adds:

  - Documents can designate that they should be signed by "Corporations" or "Individuals".
  - Corporate documents get different fields and a different exemption process.
  - Basically everything works the same but this is like a zillion lines of form code.

Test Plan: See screenshots.

Reviewers: btrahan, chad

Reviewed By: chad

Subscribers: epriestley

Maniphest Tasks: T5532

Differential Revision: https://secure.phabricator.com/D9812
2014-07-04 08:04:28 -07:00
epriestley
04d5402e2f Fatal during setup for "mbstring.func_overload"
Summary:
Fixes T5545. We assume `strlen()` returns the number of bytes in a string, which is the normal behavior (and the documented behavior).

There's a config option, `mbstring.func_overload`, which silently calls mb_strlen() instead. This may return some other result, might fail, etc., and there's no way to get the byte length of a string if this option is set.

If this option is set, fatal immediately. Nothing good can ever come of it.

Test Plan: {F173990}

Reviewers: btrahan, chad

Reviewed By: chad

Subscribers: epriestley

Maniphest Tasks: T5545

Differential Revision: https://secure.phabricator.com/D9811
2014-07-04 07:59:02 -07:00
James Rhodes
7baa0941b9 Inlines for custom herald actions
Summary: Ref D8784.  Didn't see all of the inlines before hitting `arc land`.  This fixes up the issues raised (and makes all the code nicer).

Test Plan: Made sure custom actions only appear for appropriate adapters and checked to ensure that they triggered correctly.

Reviewers: #blessed_reviewers, epriestley

Reviewed By: #blessed_reviewers, epriestley

Subscribers: edutibau, ite-klass, epriestley, Korvin

Differential Revision: https://secure.phabricator.com/D9796
2014-07-03 13:49:57 +10:00
epriestley
c1f7b72dd8 Add "device ready" flag to standalone dialog pages
Summary: Fixes T5541. Standalone dialog pages, including the high-security auth page, should all work fine on mobile.

Test Plan: {F173598}

Reviewers: chad, joshuaspence

Reviewed By: joshuaspence

Subscribers: epriestley

Maniphest Tasks: T5541

Differential Revision: https://secure.phabricator.com/D9799
2014-07-02 18:49:06 -07:00
epriestley
b6ea2735d7 Allow Legalpad document managers to add signature exemptions
Summary:
Ref T5532. Allow document managers to add exemptions, which act like signatures but are tracked a little differently.

The primary use case for us is users who sign a corporate CLA and need a user-level exemption if they don't want to sign an individual CLA.

Test Plan: See screenshots.

Reviewers: btrahan, chad

Reviewed By: chad

Subscribers: epriestley

Maniphest Tasks: T5532

Differential Revision: https://secure.phabricator.com/D9795
2014-07-02 04:59:35 -07:00
epriestley
20446252ff Add a header warning to revisions that need a legal document signature
Summary: This supplements the footer warning and makes it more visible for authors.

Test Plan: {F173277}

Reviewers: btrahan, chad

Reviewed By: chad

Subscribers: epriestley

Differential Revision: https://secure.phabricator.com/D9794
2014-07-02 04:59:15 -07:00
epriestley
5a158b5b19 Move revision header warnings into custom fields
Summary:
Ref T5495. We currently show one warning in revision headers, about not having any reviewers.

I want to add a second warning (for missing Legalpad signatures). At least one install would like to add custom warnings (see T5495) which are so specific that we can't reasonably cover them in the upstream.

Generalize these header warnings by moving them to CustomField, so I can implement the Legalpad stuff without making a mess and the install in T5495 can use an extension.

Test Plan:
Hit all three header states, they look exactly like they did before this change:

{F173265}

Reviewers: btrahan, chad

Reviewed By: chad

Subscribers: epriestley

Maniphest Tasks: T5495

Differential Revision: https://secure.phabricator.com/D9793
2014-07-02 04:58:51 -07:00
epriestley
394dcb7900 Fix an issue with Diviner symbol rule using incorrect logic
Auditors: btrahan
2014-07-02 04:58:23 -07:00
James Rhodes
88aba65d54 Support custom actions in Herald
Summary:
This was significantly easier than expected.  Here's an example of what an extension class might look like:

```
<?php

final class AddRiskReviewHeraldCustomAction extends HeraldCustomAction {

  public function appliesToAdapter(HeraldAdapter $adapter) {
    return $adapter instanceof HeraldDifferentialRevisionAdapter;
  }

  public function appliesToRuleType($rule_type) {
    return $rule_type == HeraldRuleTypeConfig::RULE_TYPE_GLOBAL ||
      $rule_type == HeraldRuleTypeConfig::RULE_TYPE_OBJECT;
  }

  public function getActionKey() {
    return 'custom:add-risk';
  }

  public function getActionName() {
    return 'Add risk rating (JSON)';
  }

  public function getActionType() {
    return HeraldAdapter::VALUE_TEXT;
  }

  public function applyEffect(
    HeraldAdapter $adapter,
    $object,
    HeraldEffect $effect) {

    $key = "phragile:risk-rating";

    // Read existing value.
    $field_list = PhabricatorCustomField::getObjectFields(
      $object,
      PhabricatorCustomField::ROLE_VIEW);
    $field_list->readFieldsFromStorage($object);
    $field_list = mpull($field_list->getFields(), null, 'getFieldKey');
    $field = $field_list[$key];
    $field->setObject($object);
    $field->setViewer(PhabricatorUser::getOmnipotentUser());

    $risk = $field->getValue();
    $old_risk = $risk; // PHP copies arrays by default!

    // Add new value to array.
    $herald_args = phutil_json_decode($effect->getTarget());
    $risk[$herald_args['key']] = array(
      'value' => $herald_args['value'],
      'reason' => $herald_args['reason']);
    $risk_key = $herald_args['key'];

    // Set new value.
    $adapter->queueTransaction(
      id(new DifferentialTransaction())
        ->setTransactionType(PhabricatorTransactions::TYPE_CUSTOMFIELD)
        ->setMetadataValue('customfield:key', $key)
        ->setOldValue($old_risk)
        ->setNewValue($risk));

    return new HeraldApplyTranscript(
      $effect,
      true,
      pht(
        'Modifying automatic risk ratings (key: %s)!',
        $risk_key));
  }

}
```

Test Plan: Created a custom action for differential revisions, set up a Herald rule to match and trigger the custom action, did 'arc diff' and saw the action trigger in the transcripts.

Reviewers: epriestley, #blessed_reviewers

Reviewed By: epriestley, #blessed_reviewers

Subscribers: locutus, edutibau, ite-klass, epriestley, Korvin

Maniphest Tasks: T4884

Differential Revision: https://secure.phabricator.com/D8784
2014-07-02 14:29:46 +10:00
epriestley
c9366acbec Allow dashboard panels to be archived
Summary: Ref T5471. Adds an archived state for panels. Archived panels don't show up in the default query view or in the "Add Existing Panel" workflow.

Test Plan:
  - Archived a panel.
  - Activated a panel.
  - Viewed / searched for archived/active panels.
  - Popped "Add Existing Panel" dropdown and saw it omit archived panels.

Reviewers: chad

Reviewed By: chad

Subscribers: epriestley

Maniphest Tasks: T5471

Differential Revision: https://secure.phabricator.com/D9779
2014-07-01 17:50:28 -07:00
epriestley
ae4a687da3 Fix bad method call name. 2014-07-01 13:07:55 -07:00
epriestley
8efae19655 Adjust remarkup rule precedence for embeds
Summary: The monospaced rule should still have higher precedence than these
rules, so use flat text tests to cover some rule interactions.

Auditors: btrahan
2014-07-01 11:19:59 -07:00
epriestley
90e75d4e50 Add flat text assertions to Phabricator remarkup rules
Summary: Remarkup rules can not safely use arbitrary text in tag attributes,
because it may include tokens which are later replaced. Precedence rules
should prevent this in general. Use flat text assertions and adjust precedence
rules in cases where they may not prevent tokens from appearing in attributes.

Auditors: btrahan
2014-07-01 11:04:05 -07:00
Eric Stern
ede6947dd1 Don't atomize closures
Summary: In a PHP5.3+ codebase with closures, Diviner would pick up anonymous functions and add them into the generated documentation. This causes them to be skipped.

Test Plan: Ran `bin/diviner generate --clean` before and after change, no longer got a bunch of unnamed functions dumped into the documentation.

Reviewers: epriestley, #blessed_reviewers

Reviewed By: epriestley, #blessed_reviewers

Subscribers: epriestley, Korvin

Differential Revision: https://secure.phabricator.com/D9786
2014-07-01 07:47:36 -07:00
epriestley
6d51958b5c Unbeta Legalpad
Summary: Fixes T3116. This app is still pretty basic, but solves a real problem and doesn't have any major missing features.

Test Plan: Observed no "Beta" on launcher.

Reviewers: btrahan, chad

Reviewed By: chad

Subscribers: epriestley

Maniphest Tasks: T3116

Differential Revision: https://secure.phabricator.com/D9774
2014-06-29 12:44:00 -07:00
epriestley
ea50ac32d3 Add a "Can Create Documents" permission for Legalpad
Summary: Ref T3116. Installs might reasonably want to restrict creation of these documents to actual lawyers or something.

Test Plan: Adjusted policy, tried to create document, set it back, created a document.

Reviewers: btrahan, chad

Reviewed By: chad

Subscribers: epriestley

Maniphest Tasks: T3116

Differential Revision: https://secure.phabricator.com/D9778
2014-06-29 12:43:13 -07:00
epriestley
c1af499ed7 Only show text encoding note in Differential if a change has hunks
Summary: Fixes T5503. We incorrectly render an encoding note for empty files. Only render an encoding note for text changes with at least one hunk.

Test Plan:
  - Viewed empty file, no note.
  - Viewed nonempty file with altered encoding, saw note.

Reviewers: btrahan, joshuaspence

Reviewed By: joshuaspence

Subscribers: epriestley

Maniphest Tasks: T5503

Differential Revision: https://secure.phabricator.com/D9780
2014-06-29 12:42:59 -07:00
epriestley
2ac37c6964 Add some basic documentation for Legalpad
Summary: Ref T3116. Explain a couple of core use cases and contextualize the app a bit.

Test Plan: Read application help screen and user guide.

Reviewers: btrahan, chad

Reviewed By: chad

Subscribers: epriestley

Maniphest Tasks: T3116

Differential Revision: https://secure.phabricator.com/D9777
2014-06-29 07:54:13 -07:00
epriestley
add7bc418d Allow Herald to "Require legal signatures" for reviews
Summary:
Ref T3116. Add a Herald action "Require legal signatures" which requires revision authors to accept legal agreements before their revisions can be accepted.

  - Herald will check which documents the author has signed, and trigger a "you have to sign X, Y, Z" for other documents.
  - If the author has already signed everything, we don't spam the revision -- basically, this only triggers when signatures are missing.
  - The UI will show which documents must be signed and warn that the revision can't be accepted until they're completed.
  - Users aren't allowed to "Accept" the revision until documents are cleared.

Fixes T1157. The original install making the request (Hive) no longer uses Phabricator, and this satisfies our requirements.

Test Plan:
  - Added a Herald rule.
  - Created a revision, saw the rule trigger.
  - Viewed as author and non-author, saw field UI (generic for non-author, specific for author), transaction UI, and accept-warning UI.
  - Tried to accept revision.
  - Signed document, saw UI update. Note that signatures don't currently //push// an update to the revision, but could eventually (like blocking tasks work).
  - Accepted revision.
  - Created another revision, saw rules not add the document (since it's already signed, this is the "no spam" case).

Reviewers: btrahan, chad

Reviewed By: chad

Subscribers: asherkin, epriestley

Maniphest Tasks: T1157, T3116

Differential Revision: https://secure.phabricator.com/D9771
2014-06-29 07:53:53 -07:00
epriestley
ffc1b5c26a Allow users to search for signatures by name and email substrings
Summary:
Ref T3116. In the case of anonymous signers, there's no way to do a quick way to check if someone has signed a doc since you can't query by their (nonexistent) external account ID.

Move "name" and "email" to first-class columns and let the engine search for them.

Test Plan: Searched for signatures with name and email fragments.

Reviewers: btrahan, chad

Reviewed By: chad

Subscribers: epriestley

Maniphest Tasks: T3116

Differential Revision: https://secure.phabricator.com/D9776
2014-06-29 07:51:03 -07:00
epriestley
94926698e0 Allow Legalpad documents to be destroyed with bin/remove destroy
Summary: Ref T3116. Support permanent destruction of legal document objects.

Test Plan: Ran `bin/remove destroy L1`, saw it clean up the document body, signatures, transactions and edges.

Reviewers: btrahan, chad

Reviewed By: chad

Subscribers: epriestley

Maniphest Tasks: T3116

Differential Revision: https://secure.phabricator.com/D9775
2014-06-29 07:50:53 -07:00
epriestley
c9184db94a Require high-security session to sign legal documents
Summary: Ref T3116. If you have MFA on your account, require a code to sign a legal document.

Test Plan: Signed legal documents, got checkpointed.

Reviewers: btrahan, chad

Reviewed By: chad

Subscribers: epriestley

Maniphest Tasks: T3116

Differential Revision: https://secure.phabricator.com/D9772
2014-06-29 06:16:48 -07:00
epriestley
bd9584d663 Make Legalpad documents have a little document icon in typeaheads
Summary: Ref T3116.

Test Plan: See screenshot.

Reviewers: chad

Reviewed By: chad

Subscribers: epriestley

Maniphest Tasks: T3116

Differential Revision: https://secure.phabricator.com/D9773
2014-06-28 21:44:09 -07:00
epriestley
88d9366701 Allow users to search for signatures across documents
Summary:
Ref T3116. You can already search for sigatures on a specific document, but allow them to be searched across documents too.

In particular, this lets users answer questions like "Which of these 5 documents has alincoln signed?" / "Has alincoln signed all the stuff I care about?" / "who has signed either L5 or equivalent document L22?", etc.

Test Plan: {F171658}

Reviewers: chad

Reviewed By: chad

Subscribers: epriestley

Maniphest Tasks: T3116

Differential Revision: https://secure.phabricator.com/D9770
2014-06-28 16:37:36 -07:00
epriestley
5242fb0572 Add a "documents I've signed" view to Legalpad
Summary:
Ref T3116. Allow documents to be queried for ones the viewer has signed, and make this the default view.

This also relaxes the versioning stuff a little bit, and stops invalidating signatures on older versions of documents. While I think we should do that eventually, it should be more explicit and have better coordination in the UI. For now, we'll track and show older signatures, but not invalidate them.

I imagine eventually differentiating between "minor edits" (typo / link fixes, for example) and major edits which actually require re-signature.

Test Plan: {F171650}

Reviewers: chad

Reviewed By: chad

Subscribers: epriestley

Maniphest Tasks: T3116

Differential Revision: https://secure.phabricator.com/D9769
2014-06-28 16:37:15 -07:00
epriestley
af9d6f593e Show signature status on Legalpad main view
Summary: Ref T3116. Tweak the main Legalpad view a bit -- in particular, show signature status.

Test Plan: {F171641}

Reviewers: chad

Reviewed By: chad

Subscribers: epriestley

Maniphest Tasks: T3116

Differential Revision: https://secure.phabricator.com/D9768
2014-06-28 16:37:04 -07:00
epriestley
8887febd84 Show signatures in a table instead of an object list
Summary:
Ref T3116. Since this UI was written we've moved away from footer icons and made tables work better on mobile. This seems reasonable to use a pure table for. I've also reduced the number of required fields here. Use a table and make this UI accessible.

The "Restricted External Account" stuff is T3732, which I'll tackle next.

Test Plan: {F171584}

Reviewers: chad

Reviewed By: chad

Subscribers: epriestley

Maniphest Tasks: T3116

Differential Revision: https://secure.phabricator.com/D9766
2014-06-28 16:36:52 -07:00
epriestley
d8bba221b5 Use ApplicationSearch to search for Legalpad signatures
Summary:
Ref T3116. Currently, document signatures are just in a big list that you can't search through.

  - Make it easier to check if a specific user has signed.
  - Restrict this UI to users who have edit permission on the document (roughly, you need to be a document manager to see the full signature list).

(It's currently possible to generate a Dashboard panel using this query, but it will just throw an exception. I'm going to leave it like that for now, we might reasonably expose some "view signatures across doucments" UI later so someone can quickly check if a user has signed 5 documents or something.)

Test Plan: {F171576}

Reviewers: chad

Reviewed By: chad

Subscribers: epriestley

Maniphest Tasks: T3116

Differential Revision: https://secure.phabricator.com/D9765
2014-06-28 16:36:37 -07:00
epriestley
45d61b7110 Make document signatures visible to only document owners and signers
Summary:
Ref T3116. Currently signatures are visible to anyone, but they should be more private than that. Instead, you can see a signature if:

  - It's a signature on a document you can edit; or
  - it's your signature.

I'm going to lock down the signatures page a bit in general, but this makes sure that the root policy is correct.

Test Plan:
  - Signed a document.
  - Viewed signatures of a document.

Reviewers: chad

Reviewed By: chad

Subscribers: epriestley

Maniphest Tasks: T3116

Differential Revision: https://secure.phabricator.com/D9764
2014-06-28 16:36:15 -07:00
epriestley
0398559c8e Support Bitbucket as an auth provider in Phabricator
Summary: Fixes T4251. Depends on D9761. See D9760 and discussion in D9202.

Test Plan: Authenticated using Bitbucket.

Reviewers: btrahan, asherkin

Reviewed By: asherkin

Subscribers: chad, epriestley

Maniphest Tasks: T4251

Differential Revision: https://secure.phabricator.com/D9762
2014-06-28 05:01:37 -07:00
epriestley
2d36afeaab Manage OAuth1 request token secrets in core OAuth1 workflow
Summary:
Ref T5096. Ref T4251. See D9202 for discussion.

  - Twitter seems to accept either one (?!?!?!??).
  - JIRA uses RSA-SHA1, which does not depend on the token secret.
  - This change makes Bitbucket work.

Test Plan:
  - OAuthed with Twitter.
  - OAuthed with JIRA.
  - OAuthed with some Bitbucket code I had partially laying around in a partial state, which works after this change.

Reviewers: csteipp, btrahan, 20after4

Reviewed By: 20after4

Subscribers: epriestley

Maniphest Tasks: T4251, T5096

Differential Revision: https://secure.phabricator.com/D9760
2014-06-28 05:00:52 -07:00
epriestley
32a42f37fe Set "max-width: 100%" on "size=full" Remarkup images
Summary: Fixes T5500. When an image is embedded with `{Fxx, size=full}`, add "max-width: 100%;" so that large images are scaled down to the size of the container. This seems like a better and more reasonable behavior than having them scroll. You can still lightbox them or right-click -> view if you really want the full image.

Test Plan: Dragged window around with a very large `size=full` image. At large window sizes, the image displayed at 100%. At smaller window sizes, the image was scaled to fit.

Reviewers: chad

Reviewed By: chad

Subscribers: epriestley

Maniphest Tasks: T5500

Differential Revision: https://secure.phabricator.com/D9758
2014-06-27 10:29:43 -07:00
epriestley
49d7201873 Remove hovercards from Feed panels on dashboards
Summary:
Fixes T5472.

I do imagine doing a pass on the Hovercard JS at some point to try to make them position more intelligently (I've hit a few cases where they do something silly, and we can probably fix many of them), but generally agree that this is inconsistent and questionably valuable on panels.

Test Plan:
  - Moused over feed stuff in a panel, no hovercards.
  - Moused over feed stuff in Feed, got hovercards.

Reviewers: chad

Reviewed By: chad

Subscribers: epriestley

Maniphest Tasks: T5472

Differential Revision: https://secure.phabricator.com/D9753
2014-06-27 08:36:56 -07:00