1
0
Fork 0
mirror of https://we.phorge.it/source/phorge.git synced 2024-11-23 23:32:40 +01:00
Commit graph

5106 commits

Author SHA1 Message Date
epriestley
7ca3f066f4 Generate PHP function documentation in Diviner
Summary:
Ref T988. Various improvements:

  - Generate function documentation, mostly correctly.
  - Raise some warnings about bad documentation.
  - Allow `.book` files to exclude paths from generation.
  - Add a book for technical docs.
  - Exclude "ghosts" from common queries (atoms which used to exist, but no longer do, but which we want to keep the PHIDs around for in case they come back later).

This is a bit rough still, but puts us much closer to being able to get rid of the old Diviner.

Test Plan: See screenshots.

Reviewers: btrahan, chad

Reviewed By: btrahan

CC: aran

Maniphest Tasks: T988

Differential Revision: https://secure.phabricator.com/D6812
2013-08-27 03:14:00 -07:00
epriestley
caf4a086d4 Add missing $port property
Summary: See rPd27e7c52b21865563bd56f37d5d422515aa40bb7.

Test Plan: eyeballed it

Reviewers: wez

Reviewed By: wez

CC: aran

Differential Revision: https://secure.phabricator.com/D6818
2013-08-26 17:14:57 -07:00
Wez Furlong
ec8162bcfc fix broken DatabaseConfigurationProvider interface
Summary: broken by rPd27e7c52b21865563bd56f37d5d422515aa40bb7

Test Plan: sigh

Reviewers: epriestley, edward, levijackson

Reviewed By: epriestley

CC: Korvin, aran

Differential Revision: https://secure.phabricator.com/D6816
2013-08-26 17:04:56 -07:00
Chad Little
bb9be01d55 Update forms to use PHUIFormBoxView
Summary: Some more callsites, let me know if you see others, I think think is 98% of them now.

Test Plan: tested each page

Reviewers: epriestley, btrahan

Reviewed By: btrahan

CC: Korvin, aran

Differential Revision: https://secure.phabricator.com/D6814
2013-08-26 15:45:58 -07:00
Chad Little
fe2a96e37f Update Form Layouts
Summary:
This attempts some consistency in form layouts. Notably, they all now contain headers and are 16px off the sides and tops of pages. Also updated dialogs to the same look and feel. I think I got 98% of forms with this pass, but it's likely I missed some buried somewhere.

TODO: will take another pass as consolidating these colors and new gradients in another diff.

Test Plan: Played in my sandbox all week. Please play with it too and let me know how they feel.

Reviewers: epriestley, btrahan

Reviewed By: epriestley

CC: Korvin, aran

Differential Revision: https://secure.phabricator.com/D6806
2013-08-26 11:53:11 -07:00
Bob Trahan
320498d3d0 Transactions - make the details stuff generic and ajaxy
Summary: Fixes T2213

Test Plan: Updated a pholio mock description. Observed that when I first showed details there was a round trip made. Toggled show / hide noting no more trips made to server.

Reviewers: epriestley

Reviewed By: epriestley

CC: Korvin, aran

Maniphest Tasks: T2213

Differential Revision: https://secure.phabricator.com/D6801
2013-08-22 16:45:14 -07:00
epriestley
099695ab61 Fix unacceptably light-hearted string in serious business mode
Summary: A serious business lost a bunch of serious business partners today because of this string, I assume.

Test Plan: Enabled serious mode, clicked button, was relieved to see no jokes.

Reviewers: btrahan

Reviewed By: btrahan

CC: aran

Differential Revision: https://secure.phabricator.com/D6799
2013-08-22 15:01:22 -07:00
epriestley
ca6f13d90c Fix Releeph project creation crumb generation
Summary: Ref T3657. We currently try to generate a project crumb on the "Create Project" page, but fail. Paper that over until I can sort out T3657.

Test Plan: Loaded project create page.

Reviewers: btrahan

Reviewed By: btrahan

CC: aran

Maniphest Tasks: T3657

Differential Revision: https://secure.phabricator.com/D6793
2013-08-22 14:56:50 -07:00
epriestley
7a24548a3c Provide a history controller for Releeph branches
Summary: Ref T3663. Same as D6785, but for branches. No writes to this table yet.

Test Plan: Clicked "View History", got a blank but non-broken page.

Reviewers: btrahan

Reviewed By: btrahan

CC: aran

Maniphest Tasks: T3663

Differential Revision: https://secure.phabricator.com/D6787
2013-08-21 12:32:07 -07:00
epriestley
f034fd80db Remove getApplicationObjectTypeName from ApplicationTransactions
Summary:
We can get this out of PHIDType reasonably in all cases and simplify implementation here.

None of these translate correctly anyway so they're basically debugging/development strings.

Test Plan: `grep`, browsed some transactions

Reviewers: btrahan

Reviewed By: btrahan

CC: aran

Differential Revision: https://secure.phabricator.com/D6786
2013-08-21 12:32:06 -07:00
epriestley
8769759c15 Add a project history controller to Releeph
Summary: Ref T3663. There's no data recorded in this table yet, but add the UI and controller for it. Edits and such will eventually go here.

Test Plan: Clicked "View History" on a project, got an empty but non-broken page.

Reviewers: btrahan

Reviewed By: btrahan

CC: aran

Maniphest Tasks: T3663

Differential Revision: https://secure.phabricator.com/D6785
2013-08-21 12:32:05 -07:00
epriestley
596a531ed6 Remove ReleephEvent
Summary:
Ref T3663. This is a proto-transaction record which is obsoleted by real transactions. It has no UI, so I'm not bothering to retain/migrate the data since there's no regression.

Just get rid of it and all its writers. I'm keeping the table for now in case something crazy uses this somehow, so no data is actually destroyed.

Test Plan: `grep`

Reviewers: btrahan

Reviewed By: btrahan

CC: aran

Maniphest Tasks: T3663

Differential Revision: https://secure.phabricator.com/D6784
2013-08-21 12:32:04 -07:00
epriestley
d243c30190 Remove ReleephRequestException
Summary: This has two use sites and no special logic.

Test Plan: `grep`

Reviewers: btrahan

Reviewed By: btrahan

CC: aran

Differential Revision: https://secure.phabricator.com/D6783
2013-08-21 12:32:02 -07:00
epriestley
7b2ab80c66 Replace ReleephFieldSpecificationIncompleteException with the CustomField version
Summary: Ref T3718. Releeph has a custom implementation of this exception; a more general version exists in CustomField. Use the more general one. Nothing catches the specific one.

Test Plan: `grep`

Reviewers: btrahan

Reviewed By: btrahan

CC: aran

Maniphest Tasks: T3718

Differential Revision: https://secure.phabricator.com/D6782
2013-08-21 12:32:01 -07:00
epriestley
686d2f87af Remove ReleephPHIDConstants
Summary: Ref T2715. This isn't used anywhere anymore.

Test Plan: `grep`

Reviewers: btrahan

Reviewed By: btrahan

CC: aran

Maniphest Tasks: T2715

Differential Revision: https://secure.phabricator.com/D6781
2013-08-21 12:32:00 -07:00
epriestley
a91771801d Remove ReleephBranchBoxView
Summary: Ref T3092. This was obsoleted recently and has no more call/use sites.

Test Plan: `grep`

Reviewers: btrahan

Reviewed By: btrahan

CC: aran

Maniphest Tasks: T3092

Differential Revision: https://secure.phabricator.com/D6779
2013-08-21 12:31:52 -07:00
epriestley
49e0aa203c Add storage for Releeph project and branch transactions
Summary: Ref T3663. Does what it says on the tin.

Test Plan: Ran `storage upgrade`.

Reviewers: btrahan

Reviewed By: btrahan

CC: aran

Maniphest Tasks: T3663

Differential Revision: https://secure.phabricator.com/D6778
2013-08-21 12:31:51 -07:00
epriestley
973bb0c76e Remove ReleephRequestEvent
Summary: Ref T3663. This is obsolete code which is used only in this migration, which Facebook has already performed and which isn't relevant for any other installs.

Test Plan: `grep`

Reviewers: btrahan

Reviewed By: btrahan

CC: aran

Maniphest Tasks: T3663

Differential Revision: https://secure.phabricator.com/D6777
2013-08-21 12:31:50 -07:00
epriestley
43b35a02ce Use hybrid properties + search for Releeph branches, too
Summary: Ref T3092. Same deal as D6771, but for branches rather than projects.

Test Plan: {F54855}

Reviewers: btrahan, chad

Reviewed By: chad

CC: chad, aran

Maniphest Tasks: T3092

Differential Revision: https://secure.phabricator.com/D6775
2013-08-21 12:31:48 -07:00
epriestley
dcec8e60cc Move edit/deactivate operations onto project view page in Releeph
Summary:
Ref T3092.

Releeph's objects basically go like this:

  - At the top level, we have Projects (like "www" or "libphutil")
  - Each project has Branches (like "LATEST" or "v1.1.3")
  - Each branch has Requests (like pull requests, e.g. "please merge commit X into branch Y (in project Z)")

Currently, there's no real "project detail" or "branch detail" page. Instead, we have a search results page for their contained objects. That is, the "project detail" page shows a list of branches in the project, using ApplicationSearch.

This means that operations like "edit" and "deactivate" are one level up, on the respective list pages.

Instead, move details onto the detail pages. This gives us more room for actions and information, and simplifies the list views.

Basically, these are "detail pages" where the object content is a search interface. We do something simliar to this in Phame right now, although it's messier there (no ApplicationSearch yet).

@chad, you might have some ideas here. Roughly, the design question is "How should we present an object's detail view when its content is really a search interface (Phame Blog for Posts, Releeph Project for Branches)?"

I think the simple approach I've taken here (see screenshot) gives us reasonable results, but overall it's something we haven't done much or done too much thinking about, I think.

Test Plan: {F54774}

Reviewers: btrahan

Reviewed By: btrahan

CC: chad, aran

Maniphest Tasks: T3092

Differential Revision: https://secure.phabricator.com/D6771
2013-08-19 18:30:30 -07:00
Chad Little
9ef0ea91c4 Remove dust pattern for common bg color.
Summary: Depends on D6769, removes 'dust' and uses a similar color background.

Test Plan: Review colors in sandbox.

Reviewers: epriestley

Reviewed By: epriestley

CC: Korvin, aran

Differential Revision: https://secure.phabricator.com/D6772
2013-08-19 18:15:52 -07:00
epriestley
751cd547c2 Remove dust from page construction
Summary:
  ^\s+(['"])dust\1\s*=>\s*true,?\s*$\n

Test Plan: Looked through the diff.

Reviewers: chad

Reviewed By: chad

CC: aran

Differential Revision: https://secure.phabricator.com/D6769
2013-08-19 18:09:35 -07:00
Bob Trahan
e1d2523efe make commit message worker savvier around revision ids
Summary: Fixes T2836

Test Plan: make a diff, get it approved, arc land, verify things okay. ask users on T2836 to try.

Reviewers: epriestley

Reviewed By: epriestley

CC: Korvin, aran

Maniphest Tasks: T2836

Differential Revision: https://secure.phabricator.com/D6770
2013-08-19 12:39:20 -07:00
Bob Trahan
3f0ffaa9eb Pholio - make create stories include the mock description, if there is one.
Summary:
This diff accomplishes this task by adding an arbitrary metadata store to PhabricatorObjectHandle. This seemed like it would be "necessary eventually"; for example if / when we decide we want to show images in these stories we'd need to add some more arbitrary data. A point of debate is this technique will yield the _current_ data and not the data at the time the transaction was originally made. I can see this being both desirable and non-desirable.

Otherwise, the best way to do this is to make a new transaction type specifically for create and store exactly what data we think we would need.

(and there's probably many other ways but they require much more work...)

Test Plan: viewed some pholio create stories and yes, they had the description showing.

Reviewers: epriestley

Reviewed By: epriestley

CC: Korvin, aran

Maniphest Tasks: T3685

Differential Revision: https://secure.phabricator.com/D6767
2013-08-19 11:51:22 -07:00
epriestley
e8c2b2c3b5 Add followers to Asana diff tasks silently
Summary: Ref T2852. Asana is launching some kind of silent follow thing today; I don't know what the API is but it's probably something like this. I'll update this to actually make the right call once the call exists, this is mostly just a placeholder so I don't forget about it.

Test Plan: None yet, this API isn't documented or live and doesn't work yet so it can't be tested.

Reviewers: btrahan

Reviewed By: btrahan

CC: aran, moskov

Maniphest Tasks: T2852

Differential Revision: https://secure.phabricator.com/D6740
2013-08-19 08:52:53 -07:00
epriestley
bd17fac935 Modernize Releeph branch edit and create interfaces
Summary: Ref T3092. Fixes T3724. Use modern/flexible UI for these interfaces. Removes the ability to retarget an existing branch (you can just close it and open a new one if you made a mistake).

Test Plan: {F54437} {F54438}

Reviewers: btrahan

Reviewed By: btrahan

CC: aran

Maniphest Tasks: T3092, T3724

Differential Revision: https://secure.phabricator.com/D6765
2013-08-16 18:58:26 -07:00
epriestley
210e30c257 Use ApplicationSearch for Releeph branch lists
Summary:
Releeph branch lists in project views have a bunch of custom UI right now; give them more standard UI and ApplicationSearch.

This drops a small piece of functionality: we now show only a total open request count instead of a detailed enumeration of each request status. I assume this is reasonable (that is, the important piece is "is there something to do on this branch?"), but we can muck with it if the more detailed status is important.

Test Plan: {F54344}

Reviewers: btrahan

Reviewed By: btrahan

CC: LegNeato, aran

Maniphest Tasks: T3656

Differential Revision: https://secure.phabricator.com/D6764
2013-08-16 18:55:35 -07:00
Bob Trahan
f909a295f7 Integrate Pholio with Herald
Summary: Ref T2766. Does the integration via ApplicationTransactionsEditor. Only did addCC and Flag for proof of concept.

Test Plan: Made a rule to cc, made a rule to flag. They worked!  (will attach screens to diff)

Reviewers: epriestley

Reviewed By: epriestley

CC: Korvin, aran

Maniphest Tasks: T2766

Differential Revision: https://secure.phabricator.com/D6766
2013-08-15 13:10:45 -07:00
epriestley
13d18376c1 Log and continue when trying to register an invalid event listener
Summary: We currently die if an event listener throws when registering (e.g., because it is misconfigured), but this prevents you from running `bin/config` to fix it, which is a bit silly.

Test Plan: Created this revision with an invalid listener in config.

Reviewers: btrahan

Reviewed By: btrahan

CC: aran

Differential Revision: https://secure.phabricator.com/D6761
2013-08-14 19:14:16 -07:00
Bob Trahan
3d8eb641ea Conpherence - fix conpherence create
Summary: somewhere along the line this broke. Before this patch we fail the visibility check since its based on Conpherence Participants which don't get created and attached until applyExternalEffects. Believe it or not, this was the least gross fix I could come up with; since the permission check is done SO early most other ideas I had involved creating a dummy participant object to pass the check then handling things for real later on...  Ref T3723.

Test Plan: created a conpherence with myself - great success

Reviewers: epriestley

Reviewed By: epriestley

CC: chad, Korvin, aran

Maniphest Tasks: T3723

Differential Revision: https://secure.phabricator.com/D6762
2013-08-14 17:32:16 -07:00
epriestley
23e68ee8cb Use ApplicationSearch in ReleephBranchView
Summary:
Ref T3721. Releeph currently attempts to implement a flexible, field-driven search for branches, but it's building all of its own infrastructure and it ends up heading down some weird paths. In particular, it loads **every** request and then makes calls into fields to filter them. It also tries to be very very general, which isn't really necessary (for example, I think it's reasonable for us to assume that we won't let you disable the "requestor" field).

ApplicationSearch and CustomField provide more scalable approaches to this problem; move search on top of them. The query still ends up doing some filtering in-process, but it's now far more limited in scope and can be denormalized later.

Test Plan: {F54304}

Reviewers: btrahan

Reviewed By: btrahan

CC: chad, aran

Maniphest Tasks: T3721

Differential Revision: https://secure.phabricator.com/D6758
2013-08-14 15:38:52 -07:00
epriestley
42a81554ac Add src/extensions/ to Phabricator
Summary: I added this easier-extension mechanism a while ago but only added the actual directories to libphutil and arcanist. This one should work, it just wasn't checked into the repository.

Test Plan: Added a file with an exception in it to the directory, verified the exception was thrown at runtime.

Reviewers: btrahan

Reviewed By: btrahan

CC: aran

Differential Revision: https://secure.phabricator.com/D6759
2013-08-14 15:38:06 -07:00
epriestley
7821c98053 Use PhabricatorCustomField infrastructure to render Releeph custom fields on the edit screen
Summary:
Ref T3718. This moves custom field rendering on the edit screen to PhabricatorCustomField and makes all the APIs conformant.

We still run through edit with both old-school and new-school sets of fields, because the actual editing isn't on the new stuff yet. That will happen in a diff or two.

Test Plan: Edited a request; intentionally introduced errors and verified the form behaved as expected.

Reviewers: btrahan, testuser1122344

Reviewed By: btrahan

CC: aran

Maniphest Tasks: T3718

Differential Revision: https://secure.phabricator.com/D6756
2013-08-14 15:36:13 -07:00
Chad Little
d02eb46ad6 Add hovercard on/off option to PhabricatorFeedStory
Summary: Defaults hovercards off everywhere feed stories are shown. I tried to find where to put this in so /feed/ could display them, but got horribly lost and confused in SearchQueryLandView

Test Plan: turn hovercards on and off, inspect elements.

Reviewers: epriestley, btrahan

Reviewed By: epriestley

CC: Korvin, aran

Differential Revision: https://secure.phabricator.com/D6757
2013-08-14 13:20:25 -07:00
epriestley
e3f3017b20 Delete "Risk" field specification from Releeph
Summary: Ref T3718. This is not used and does not seem particularly useful.

Test Plan: Grep.

Reviewers: btrahan

Reviewed By: btrahan

CC: LegNeato, aran

Maniphest Tasks: T3718

Differential Revision: https://secure.phabricator.com/D6755
2013-08-14 12:34:12 -07:00
epriestley
8c3d1af627 Partially fix a policy issue with ApplicationTransactions
Summary: Currently, we check that the user can view and edit their own transaction, which is always true. Instead, check that they can view the object. I'll fix this with a more tailored check against the EDIT capability that's per-transaction later.

Test Plan: Applying no transactions no longer fatals with undefined `$xaction`.

Reviewers: btrahan

Reviewed By: btrahan

CC: aran

Differential Revision: https://secure.phabricator.com/D6754
2013-08-14 12:34:11 -07:00
epriestley
f7b289e3a4 Make ReleephRequest implement PhabricatorCustomFieldInterface
Summary: Ref T3718. Doesn't do anything yet.

Test Plan: Viewed and edited a request.

Reviewers: btrahan

Reviewed By: btrahan

CC: aran

Maniphest Tasks: T3718

Differential Revision: https://secure.phabricator.com/D6753
2013-08-14 12:34:10 -07:00
epriestley
026137f92f Further simplify PhabricatorCustomFieldInterface
Summary:
Ref T1703. Ref T3718. This introduces `PhabricatorCustomFieldAttachment`, which is just a fancy `array()`. The goal here is to simplify `PhabricatorCustomFieldInterface` as much as possible.

In particular, it can now use common infrastructure (`assertAttached()`) and is more difficult to get wrong.

Test Plan: Edited custom fields on profile.

Reviewers: btrahan

Reviewed By: btrahan

CC: aran

Maniphest Tasks: T1703, T3718

Differential Revision: https://secure.phabricator.com/D6752
2013-08-14 12:34:09 -07:00
epriestley
938b63aaa9 Simplify and improve PhabricatorCustomField APIs
Summary:
Ref T1703. Ref T3718. The `PhabricatorCustomFieldList` seems like a pretty good idea. Move more code into it to make it harder to get wrong.

Also the sequencing on old/new values for these transactions was a bit off; fix that up.

Test Plan: Edited standard and custom profile fields.

Reviewers: btrahan

Reviewed By: btrahan

CC: aran

Maniphest Tasks: T1703, T3718

Differential Revision: https://secure.phabricator.com/D6751
2013-08-14 12:34:08 -07:00
epriestley
74de24909b Partially move Releeph custom fields to PhabricatorCustomField
Summary:
Fixes T3661. Ref T3718. This makes Releeph custom fields extend PhabricatorCustomField so we can start moving over other pieces of infrastructure (rendering, storage, etc) to run through the same pathways. It's roughly the minimum amount of work required to be able to move forward.

NOTE: This removes per-project custom field selectors. Fields are now configured for an entire install. My understanding is that Facebook does not use this feature, and modern field infrastructure has moved away from selectors.

Test Plan: Viewed and edited projects, branches, and requests in Releeph. Grepped for removed config. Grepped for `field_selector`.

Reviewers: btrahan

Reviewed By: btrahan

CC: LegNeato, aran

Maniphest Tasks: T3661, T3718

Differential Revision: https://secure.phabricator.com/D6750
2013-08-14 12:34:07 -07:00
epriestley
ca0115b361 Support configuration-driven custom fields
Summary:
Ref T1702. Ref T3718. There are a couple of things going on here:

**PhabricatorCustomFieldList**: I added `PhabricatorCustomFieldList`, which is just a convenience class for dealing with lists of fields. Often, current field code does something like this inline in a Controller:

  foreach ($fields as $field) {
    // do some junk
  }

Often, that junk has some slightly subtle implications. Move all of it to `$list->doSomeJunk()` methods (like `appendFieldsToForm()`, `loadFieldsFromStorage()`) to reduce code duplication and prevent errors. This additionally moves an existing list-convenience method there, out of `PhabricatorPropertyListView`.

**PhabricatorUserConfiguredCustomFieldStorage**: Adds `PhabricatorUserConfiguredCustomFieldStorage` for storing custom field data (like "ICQ Handle", "Phone Number", "Desk", "Favorite Flower", etc).

**Configuration-Driven Custom Fields**: Previously, I was thinking about doing these with interfaces, but as I thought about it more I started to dislike that approach. Instead, I built proxies into `PhabricatorCustomField`. Basically, this means that fields (like a custom, configuration-driven "Favorite Flower" field) can just use some other Field to actually provide their implementation (like a "standard" field which knows how to render text areas). The previous approach would have involed subclasssing the "standard" field and implementing an interface, but that would mean that every application would have at least two "base" fields and generally just seemed bleh as I worked through it.

The cost of this approach is that we need a bunch of `proxy` junk in the base class, but that's a one-time cost and I think it simplifies all the implementations and makes them a lot less magical (e.g., all of the custom fields now extend the right base field classes).

**Fixed Some Bugs**: Some of this code hadn't really been run yet and had minor bugs.

Test Plan:
{F54240}
{F54241}
{F54242}

Reviewers: btrahan

Reviewed By: btrahan

CC: aran

Maniphest Tasks: T1702, T1703, T3718

Differential Revision: https://secure.phabricator.com/D6749
2013-08-14 12:33:53 -07:00
epriestley
9f41032693 Remove "cut point commit identifier" from Releeph
Summary: Ref T3656. Releeph denormalizes branch cut point identifiers into Branch objects, but this information isn't useful or used for sorting, filtering, or enforcing unique constraints. Instead, derive it via noramlized pathways from the `cutPointCommitPHID`.

Test Plan: Ran storage upgrade. Ran `releephwork.getbranch` and `releeph.getbranches`. Grepped for `cutPointCommitIdentifier`.

Reviewers: btrahan

Reviewed By: btrahan

CC: LegNeato, aran

Maniphest Tasks: T3656

Differential Revision: https://secure.phabricator.com/D6636
2013-08-14 09:01:38 -07:00
epriestley
a84cc777c8 Remove "Project ID" from Releeph Projects
Summary:
Fixes T3660. Releeph Projects currently have an unused one-to-one mapping to Phabricator projects. This isn't consistent with other applications and has no integrations or uses. Get rid of it.

NOTE: Waiting for signoff from @legneato on T3660 before pulling the trigger here.

Test Plan: Created and edited Releeph projects. Grepped for references to project ID; there are a dozen or so but they're all either Releeph projects or Arcanist projects.

Reviewers: btrahan

Reviewed By: btrahan

CC: LegNeato, aran

Maniphest Tasks: T3660

Differential Revision: https://secure.phabricator.com/D6635
2013-08-14 09:00:56 -07:00
epriestley
296818e129 Remove ReleephProject->repositoryID writes
Summary: Ref T3655. Depends on D6633. This removes the writes and the column.

Test Plan: Created a project, edited a project. Verified the table doesn't have any keys including this column.

Reviewers: btrahan

Reviewed By: btrahan

CC: LegNeato, aran

Maniphest Tasks: T3655

Differential Revision: https://secure.phabricator.com/D6634
2013-08-14 09:00:25 -07:00
epriestley
a7955e919c Remove all reads of ReleephProject->repositoryID
Summary:
Ref T3655. ReleephProject currently has both `repositoryID` and `repositoryPHID`, which point to the same object and are reudundant. Get rid of all reads of `repositoryID`.

NOTE: This makes project loads depend on repository loads. The eventual rule here will be that you must be able to see a repository in order to see projects for that repository, which seems like a reasonable rule. We might need to tailor it more than this (e.g., if there are branch read permissions down the line) but this seems like a reasonable minimum.

Test Plan: Grepped for `repositoryID` in `releeph/`. Called `releeph.getbranches`.

Reviewers: btrahan

Reviewed By: btrahan

CC: LegNeato, aran

Maniphest Tasks: T3655

Differential Revision: https://secure.phabricator.com/D6633
2013-08-14 08:59:28 -07:00
epriestley
c8061d5da8 Implement ApplicationSearch in Flags
Summary:
Ref T1809. Provide ApplicationSearch to Flags and allow the user to select flags by color.

@chad might have some design feedback on my control.

Test Plan: {F54131}

Reviewers: btrahan, chad

Reviewed By: chad

CC: aran

Maniphest Tasks: T1809

Differential Revision: https://secure.phabricator.com/D6747
2013-08-13 16:27:26 -07:00
epriestley
275f67294c Make Flags policy aware
Summary:
Ref T1809. Ref T603. Ref T3599. Makes flags policy aware.

This change reduces the utility of flag search/browse; the next change will switch it to ApplicationSearch to restore utility. Representing all that ordering in terms of cursor paging is also a giant pain.

Test Plan: Viewed Differential, Flags, etc. Grepped for all PhabricatorFlagQuery callsites.

Reviewers: btrahan

Reviewed By: btrahan

CC: aran

Maniphest Tasks: T603, T1809, T3599

Differential Revision: https://secure.phabricator.com/D6746
2013-08-13 16:17:42 -07:00
Bob Trahan
d8a1e7e15f Differential - add an undo element when you collapse a file
Summary: Fixes T2258.

Test Plan: collapsed and expanded file via the dropdown - good stuff. got the "undo" element into the mix - also good stuff.

Reviewers: epriestley

Reviewed By: epriestley

CC: chad, Korvin, aran

Maniphest Tasks: T2258

Differential Revision: https://secure.phabricator.com/D6742
2013-08-13 16:05:09 -07:00
epriestley
3021e1d52d Allow only one global top menu to be open at a time
Summary: Fixes T3715. Makes "visible" global instead of per-menu, so all the menus share a visible state.

Test Plan: For menus A and B, clicked "A, A", "A, B, A", "A, B, B", "A, B, B, A", etc. Couldn't figure out a way to break it.

Reviewers: btrahan, chad

Reviewed By: chad

CC: aran

Maniphest Tasks: T3715

Differential Revision: https://secure.phabricator.com/D6745
2013-08-13 14:57:52 -07:00
epriestley
a530004ac7 Raise an error if a user tries to register with an excessively long username
Summary: Fixes T2348. We should probably do some of this more broadly, but can tackle them one at a time as they arise, since many fields have no effective length limit.

Test Plan: {F54126}

Reviewers: btrahan, asherkin

Reviewed By: asherkin

CC: aran

Maniphest Tasks: T2348

Differential Revision: https://secure.phabricator.com/D6744
2013-08-13 14:37:23 -07:00
epriestley
f852a09e1c Whitelist blacklisting pcntl_ functions for setup checks so Debian installs don't fatal instantly
Summary: See IRC. This is dumb but I think we should try to work by default on Debian, and it doesn't cost us too much. See inline comment for more.

Test Plan:
  - No `disable_functions`, restarted, worked fine.
  - Set `disable_functions = pcntl_derp`, restarted, worked fine.
  - Set `disable_functions = derp`, restarted, setup fatal.

Reviewers: btrahan

Reviewed By: btrahan

CC: aran

Differential Revision: https://secure.phabricator.com/D6741
2013-08-13 12:23:29 -07:00
epriestley
796007a85e Publish inline comments in Asana notification stories
Summary: Ref T2852. Bleh, gross. Does what it says in the title.

Test Plan: {F54024}

Reviewers: btrahan

Reviewed By: btrahan

CC: aran

Maniphest Tasks: T2852

Differential Revision: https://secure.phabricator.com/D6735
2013-08-13 10:16:56 -07:00
epriestley
c7a84876c9 Add some missing rendering code to textual feed stories
Summary: Ref T2852. Token given stories currently try to `strip_tags()` a `PHUIFeedView` or similar, which doesn't work. Cast it to a string before stripping. This is super gross but I don't want to clean it up until after ApplicationTransactions so we can really clean up all of Feed.

Test Plan: Ran `bin/feed republish <id>` on a feed story about giving a token to a revision.

Reviewers: btrahan

Reviewed By: btrahan

CC: aran

Maniphest Tasks: T2852

Differential Revision: https://secure.phabricator.com/D6733
2013-08-13 10:11:47 -07:00
epriestley
f11a4d5ef0 Pass branch information to local Conduit calls in Diffusion
Summary: Fixes T3697. Currently, we don't pass "branch" implicitly, so, e.g., when viewing a branch you don't get the right commit hash when looking up the README.

Test Plan: Viewed a non-`master` branch with a README, no fatal. Poked around and couldn't find anything suspicious.

Reviewers: btrahan

Reviewed By: btrahan

CC: aran

Maniphest Tasks: T3697

Differential Revision: https://secure.phabricator.com/D6734
2013-08-13 10:11:15 -07:00
epriestley
b7387f314b Raise a setup fatal for 'disable_functions' or 'disable_classes'
Summary:
Fixes T3709. PHP has two configuration options ('disable_functions', 'disable_classes') which allow functions and classes to be blacklisted at runtime.

Since these break things in an unclear way, raise a setup fatal if they are set.

We take a slightly more tailored approach to these in `phd` already, but I'd rather try just saying "no, this is bad" and see if we can get away with it. I suspect we can, and there's no legitimate reason to blacklist functions given that Phabricator must have access to, e.g., `proc_open()`.

Test Plan: {F54058}

Reviewers: btrahan

Reviewed By: btrahan

CC: aran

Maniphest Tasks: T3709

Differential Revision: https://secure.phabricator.com/D6739
2013-08-13 10:11:05 -07:00
epriestley
f37b315dec Correct switched-around configuration descriptions for metamta.herald.show-hints and metamta.reply.show-hints
Summary: Fixes T3710. The text on these options is switched around.

Test Plan: {F54051} {F54052}

Reviewers: btrahan, nmalcolm, chad

Reviewed By: chad

CC: aran

Maniphest Tasks: T3710

Differential Revision: https://secure.phabricator.com/D6737
2013-08-13 08:33:56 -07:00
Bob Trahan
65b875d29d Pholio - back end for image re-ordering
Summary:
companion diff to D6729. This is the back-end stuff, plus calls the JS in D6729 for when images are removed, un-removed, uploaded, or replaced.

Fixes T3640.

Test Plan: messed around with images. hit save - new order! temporarily showed these stories and got text about re-ordering stuff.

Reviewers: epriestley, chad

Reviewed By: epriestley

CC: Korvin, aran

Maniphest Tasks: T3640

Differential Revision: https://secure.phabricator.com/D6731
2013-08-12 13:09:07 -07:00
Chad Little
fe0873408d Clean up Notification colors a smidge
Summary: Picked better colors and hover states.

Test Plan: test new colors, stare intently.

Reviewers: epriestley, btrahan

Reviewed By: epriestley

CC: Korvin, aran

Differential Revision: https://secure.phabricator.com/D6730
2013-08-12 12:19:09 -07:00
epriestley
a167d7463d Allow Pholio mock images to be drag-reordered
Summary:
Ref T3640. JS part only, should give you a list in `imageOrder` on the server that you can read with `$request->getStrList('imageOrder')`.

NOTE: You can't drag images into the first position; this is an existing thing that I just need to fix with DraggableList.

@chad might have some design feedback.

Test Plan: Dragged images around, things seemed to work?

Reviewers: btrahan, chad

Reviewed By: btrahan

CC: aran

Maniphest Tasks: T3640

Differential Revision: https://secure.phabricator.com/D6729
2013-08-12 12:08:54 -07:00
Chad Little
fe766ff683 Fix twitch name
Summary: fix spelling

Test Plan: i didn't test this, but seems ok?

Reviewers: epriestley, btrahan

Reviewed By: epriestley

CC: Korvin, aran

Differential Revision: https://secure.phabricator.com/D6728
2013-08-12 11:41:03 -07:00
epriestley
da8ffbac12 Don't synchronize Asana objects with no CCs and no responsible, non-author users
Summary: Ref T2852. Currently, we publish commits with no audit requests and reviews with no CCs or reviewers into Asana. This creates undesired notifications, so drop events which would publish an object that doesn't exist yet and has no followers or respible users.

Test Plan: Used `bin/feed republish` to publish a story about an object with no related users, saw the publish abort with the new message. Added a CC, published again, got a publish.

Reviewers: btrahan

Reviewed By: btrahan

CC: aran

Maniphest Tasks: T2852

Differential Revision: https://secure.phabricator.com/D6727
2013-08-12 11:20:30 -07:00
epriestley
a0f0ba6acd Stop using process/filesystem-based checks to determine if daemons are running
Summary:
We currently check if daemons are running using the filesystem and process list. These checks reach the wrong result for a lot of users because their webservers can't read the filesystem or process list. They also reach the wrong result for daemons running on other machines.

Instead, query the active daemon list to see if daemons are running. This should be significantly more reliable.

(We didn't do this before because the running daemon list mechanism didn't exist when the check was written, and at the time it was more complex than doing a simple filesystem/process list thing.)

Test Plan: Viewed `/repositories/` with and without daemons running, saw appropriate warning or lack of warning.

Reviewers: btrahan

Reviewed By: btrahan

CC: aran

Differential Revision: https://secure.phabricator.com/D6722
2013-08-12 11:20:22 -07:00
epriestley
262475d151 Clean up a couple more doc references to the old MetaMTA application
Summary: This moved to CLI.

Test Plan: Read.

Reviewers: btrahan, chad

Reviewed By: chad

CC: aran

Differential Revision: https://secure.phabricator.com/D6724
2013-08-12 08:58:27 -07:00
epriestley
a02075698c When viewing a Ponder question, clear notifications about it
Summary: Fixes T3703. Clear question notifications when viewing a question.

Test Plan: Gave a question a token, logged in as author, saw notification, viewed question page, notification was marked read.

Reviewers: chad, btrahan

Reviewed By: chad

CC: aran

Maniphest Tasks: T3703

Differential Revision: https://secure.phabricator.com/D6723
2013-08-12 08:20:10 -07:00
Eric Stern
563f3ea236 Create 'Add Task' link on project/view page
Reviewed by: epriestley

See: https://github.com/facebook/phabricator/pull/368
2013-08-12 08:13:31 -07:00
epriestley
8ac2da9850 Provide hasChildren() to replace isEmptyContent()
Summary:
Fixes T3698. Sometimes views need to render differently depending on whether they contain content or not. The existing approach for this is `isEmptyContent()`, which doesn't work well and is sort of hacky (it implies double-rendering content, which is not always free or side-effect free).

Instead, provide a test for an element without children. This test is powerful enough to catch the easy cases of `null`, etc., and just do the expected thing, but will not catch a View which is reduced upon rendering. Since this is rare and we have no actual need for it today, just accept that as a limitation.

Test Plan:
Viewed Timeline and Feed UI examples. Viewed Feed (feed), Pholio (timelineview), and Differential (old transactionview).

{F53915}

Reviewers: chad, btrahan

Reviewed By: chad

CC: aran

Maniphest Tasks: T3698

Differential Revision: https://secure.phabricator.com/D6718
2013-08-12 07:51:01 -07:00
Tarmo Lehtpuu
52225f7eb9 Fix bug with macros search being global.
Summary: This fixed a bug with macros search finding macros flagged by any user. We should only look at flags by the current user.

Test Plan: Verify that no macros flagged by another user show up in macros search.

Reviewers: epriestley

Reviewed By: epriestley

CC: Korvin, aran

Differential Revision: https://secure.phabricator.com/D6717
2013-08-11 13:35:20 -07:00
Chad Little
4657158e71 Jira, TwitchTV login icons
Summary: icons

Test Plan: photoshop

Reviewers: epriestley, btrahan

Reviewed By: epriestley

CC: Korvin, aran

Differential Revision: https://secure.phabricator.com/D6716
2013-08-11 11:00:38 -07:00
Tarmo Lehtpuu
dc28d161ad Change (No Filtering) to be the default selected option.
Summary: Cleaning up my mess, (No Filtering) should be the default selected option in macros search form.

Test Plan: Go to /macro/query/advanced/ and verify that (No Filtering) is the default selected option.

Reviewers: epriestley

Reviewed By: epriestley

CC: Korvin, aran

Maniphest Tasks: T3692

Differential Revision: https://secure.phabricator.com/D6715
2013-08-11 10:05:47 -07:00
Bob Trahan
7225dc4525 Sort arcanist projects by name
Summary: Fixes T3691.

Test Plan: they be sorted now

Reviewers: epriestley

Reviewed By: epriestley

CC: edward, Korvin, aran

Maniphest Tasks: T3691

Differential Revision: https://secure.phabricator.com/D6714
2013-08-09 18:09:28 -07:00
Bob Trahan
ada749236a Herald - restore create an audit as an action for commit objects
Summary: I think we accidentally forgot to include this action in D6660.

Test Plan: verified it showed up in the UI to have the action be an audit

Reviewers: chad, epriestley

Reviewed By: epriestley

CC: Korvin, aran

Differential Revision: https://secure.phabricator.com/D6712
2013-08-09 13:01:00 -07:00
Bob Trahan
46c4459dc0 Conpherence notifications - fix ordering
Summary: we get participation data ordered, then query conpherences by phid... be sure to resort the conpherences based on participation data. I missed this in testing 'cuz my test data is so trashy, but it is glaringly obvious in production. :/

Test Plan: replied to a very old conpherence and noted it was first in the notification panel

Reviewers: chad, epriestley

Reviewed By: epriestley

CC: Korvin, aran

Maniphest Tasks: T3641

Differential Revision: https://secure.phabricator.com/D6711
2013-08-09 13:00:49 -07:00
Chad Little
e6f3c24bc3 Tweak colors on Conpherence Notification Menu
Summary: Fixes T3690. Uses standard colors, smaller borders.

Test Plan: Review Menu with and without a notification

Reviewers: epriestley, btrahan

Reviewed By: btrahan

CC: Korvin, aran

Maniphest Tasks: T3690

Differential Revision: https://secure.phabricator.com/D6710
2013-08-09 12:47:31 -07:00
Tarmo Lehtpuu
8c01cc97f4 Implement macros search by flags.
Summary: Reuse the existing flags functionality for searching macros. Currently implemented as a simple select element (for color).

Test Plan: Flagged some macros and tried searching by them.

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, Korvin

Differential Revision: https://secure.phabricator.com/D6709
2013-08-08 18:55:27 -07:00
Bob Trahan
399c3e4ee6 Conpherence - add dropdown menu
Summary: Fixes T3641. Probably needs some @chad love though on colors and what have you. Technique was to jam this into the existing notifications stuff as much as possible. I think its "okay" but if we were to add more stuff here (like a 3rd application) this could get a quality pass to consolidate even more code.

Test Plan: played with it in Chrome and Safari - looks reasonable

Reviewers: chad, epriestley

Reviewed By: epriestley

CC: aran, Korvin

Maniphest Tasks: T3641

Differential Revision: https://secure.phabricator.com/D6708
2013-08-08 13:43:33 -07:00
epriestley
07dd5df33b Support Twitch.tv as an OAuth provider
Summary:
This is mostly for personal reasons / lols, but they have a perfectly functional OAuth2 API and it takes like 15 minutes to add a provider now and I was in this code anyway...

@chad, we could use JIRA, Twitter and Twitch.tv auth icons if you have a chance.

Test Plan: {F53564}

Reviewers: btrahan, chad

Reviewed By: btrahan

CC: aran

Differential Revision: https://secure.phabricator.com/D6706
2013-08-08 13:34:30 -07:00
epriestley
d7c712a855 Remove actor as a follower from unowned Asana subtasks after touching them
Summary: Ref T2852. Asana adds the actor as a follower when they create a task, so subtasks currently have up to two followers (the actor and the reviewer) when they should have only one (the reviewer). Simply removing the actor is an effective remedy for this because unfollowing tasks occurs with sneaky ninja stealth in Asana and doesn't generate notifications or even transaction activity.

Test Plan: Synchronized a revision without this patch, saw two followers on the subtask. Synchronized a revision after this patch, saw the "removeFollowers" fire and only one follower on the subtask, with no record of the removal in notifications or the transaction log.

Reviewers: btrahan

Reviewed By: btrahan

CC: aran

Maniphest Tasks: T2852

Differential Revision: https://secure.phabricator.com/D6700
2013-08-08 12:01:48 -07:00
Jakub Vrana
8c93e3c941 Allow using colon in Depends On
Test Plan: Used it.

Reviewers: epriestley

Reviewed By: epriestley

CC: tdrhq, aran, Korvin

Differential Revision: https://secure.phabricator.com/D6705
2013-08-08 11:43:25 -07:00
Edward Speyer
bca9dfa10e Fix for D6260
Summary: Fixes a query in √D6260.

Test Plan: View a Releeph RQ and verify that the "churn" field renders and has the right numbers in it.

Reviewers: epriestley, btrahan

Reviewed By: epriestley

CC: aran, Korvin

Differential Revision: https://secure.phabricator.com/D6702
2013-08-08 16:32:05 +01:00
Chad Little
f6e22a1ec0 Update status icons
Summary: Use standard colors.

Test Plan: create status

Reviewers: epriestley, btrahan

Reviewed By: epriestley

CC: aran, Korvin

Differential Revision: https://secure.phabricator.com/D6701
2013-08-08 06:51:22 -07:00
epriestley
4f49ec1cff Remove HeraldDryRunAdapter
Summary: Ref T2769. This isn't a real adapter and its methods are increasingly hacky messes. Make "dry run" a first-class concept on the HeraldEngine instead and remove the adapter.

Test Plan: Ran Herald via test console and via CLI.

Reviewers: btrahan

Reviewed By: btrahan

CC: aran

Maniphest Tasks: T2769

Differential Revision: https://secure.phabricator.com/D6693
2013-08-07 18:04:40 -07:00
epriestley
ce163536ca Add a normal "view" page for Herald rules
Summary:
Ref T2769. This will house the transaction list and replace the "edit log" stuff.

The UI is a little bit rough and can probably share more code with the transaction history, but seems mostly-reasonable.

Test Plan: {F53253}

Reviewers: btrahan

Reviewed By: btrahan

CC: aran

Maniphest Tasks: T2769

Differential Revision: https://secure.phabricator.com/D6690
2013-08-07 18:04:39 -07:00
epriestley
b767bd3f2d Move Herald rule querying into HeraldRuleQuery
Summary: Ref T2769. The `HeraldRule` class has some query logic; move it into `HeraldRuleQuery`. Also some minor cleanup.

Test Plan: Ran test console, created a new revision, used `reparse.php --herald`. Verified rules triggered correctly.

Reviewers: btrahan

Reviewed By: btrahan

CC: aran

Maniphest Tasks: T2769

Differential Revision: https://secure.phabricator.com/D6689
2013-08-07 18:04:38 -07:00
epriestley
75e43513c2 Remove HeraldActionConfig, HeraldFieldConfig
Summary:
Ref T2769. Move all of this stuff into Adapters and get rid of the hard-coded classes.

I cheated in two places.

Test Plan: Edited and activated Herald rules.

Reviewers: btrahan

Reviewed By: btrahan

CC: aran, chad

Maniphest Tasks: T2769

Differential Revision: https://secure.phabricator.com/D6688
2013-08-07 18:04:37 -07:00
epriestley
2c2fcc58ca Remove HeraldConditionConfig
Summary: Ref T2769. Moves all traces of HeraldConditionConfig into Adapters.

Test Plan: Edited rules and used Test Console to exercise both affected code paths. Tried to save invalid rules to hit error pat.

Reviewers: btrahan

Reviewed By: btrahan

CC: aran

Maniphest Tasks: T2769

Differential Revision: https://secure.phabricator.com/D6679
2013-08-07 18:04:36 -07:00
epriestley
ca66eeb07c Remove HeraldContentTypeConfig and move repetition to Adapters
Summary: Ref T2769. Get rid of the last use of `HeraldContentTypeConfig` by moving repetition options into Adapters.

Test Plan: Viewed / edited Herald rules.

Reviewers: btrahan

Reviewed By: btrahan

CC: aran

Maniphest Tasks: T2769

Differential Revision: https://secure.phabricator.com/D6664
2013-08-07 18:04:35 -07:00
epriestley
0640931d30 Use Adapters to render Herald transcripts
Summary: Ref T2769. Use Adapters to build all the strings for transcripts, then get rid of the old maps.

Test Plan: Viewed revision and commit transcripts.

Reviewers: btrahan

Reviewed By: btrahan

CC: aran

Maniphest Tasks: T2769

Differential Revision: https://secure.phabricator.com/D6663
2013-08-07 18:04:34 -07:00
epriestley
78eb81ffd0 Remove almost all instances of HeraldContentTypeConfig
Summary: Ref T2769. This cleans up almost every use of the HeraldContentTypeConfig class.

Test Plan: Viewed and edited Herald rules.

Reviewers: btrahan

Reviewed By: btrahan

CC: aran

Maniphest Tasks: T2769

Differential Revision: https://secure.phabricator.com/D6662
2013-08-07 18:04:33 -07:00
epriestley
9c637604a2 Move most Herald actions and values into dynamic adapters
Summary: Ref T2769. Shift the bulk of value and action config into Adapters.

Test Plan: Viewed and edited Herald list and rules.

Reviewers: btrahan

Reviewed By: btrahan

CC: aran, vrana

Maniphest Tasks: T2769

Differential Revision: https://secure.phabricator.com/D6660
2013-08-07 18:03:54 -07:00
epriestley
2e87f9f53c Move most Herald condition config into dynamic adapters
Summary: Ref T2769. Pushes most condition configuration into Adapters, out of the hard-coded class.

Test Plan: Looked at, edited, and dry-run'd Herald rules.

Reviewers: btrahan

Reviewed By: btrahan

CC: aran

Maniphest Tasks: T2769

Differential Revision: https://secure.phabricator.com/D6658
2013-08-07 18:03:53 -07:00
epriestley
3490b6dd11 Move most Herald field configuration into dynamic Adapters
Summary: Ref T2769. Herald has a giant hard-coded list of fields. Primarily make these dynamic and adapter-based.

Test Plan: Viewed and edited Herald rules.

Reviewers: btrahan

Reviewed By: btrahan

CC: aran

Maniphest Tasks: T2769

Differential Revision: https://secure.phabricator.com/D6657
2013-08-07 18:03:52 -07:00
epriestley
6badb05d64 Make Herald adapters provide content types
Summary:
Ref T2769. Get content types out of hard-coded config and into dynamic adapters.

This removes the "MERGE" and "OWNERS" content types, which were vestigal. These needs are likely better addressed through subscriptions/transactions, and are obsolete, and haven't existed for 2+ years and no one has asked for them to be restored.

Test Plan: Mostly a bunch of grep. Viewed rule list, rule edit. Edited a revision.

Reviewers: btrahan

Reviewed By: btrahan

CC: aran

Maniphest Tasks: T2769

Differential Revision: https://secure.phabricator.com/D6656
2013-08-07 18:03:51 -07:00
epriestley
307a41e895 Rename "HeraldObjectAdapter" to "HeraldAdapter"
Summary: Ref T2769. The term "Object" is redundant.

Test Plan: grep

Reviewers: btrahan

Reviewed By: btrahan

CC: aran

Maniphest Tasks: T2769

Differential Revision: https://secure.phabricator.com/D6655
2013-08-07 18:03:50 -07:00
epriestley
b1c4a258c9 Add ApplicationTransactions to Herald
Summary: Ref T2769. I'm planning to keep this pretty simple, but we have this ad-hoc edit log for rules already and some other mess that we can clean up.

Test Plan: No effect yet; see future changes.

Reviewers: btrahan

Reviewed By: btrahan

CC: aran

Maniphest Tasks: T2769

Differential Revision: https://secure.phabricator.com/D6654
2013-08-07 18:03:49 -07:00
epriestley
589ae8d26d Use ApplicationSearch in Herald
Summary: Ref T2769. Ref T2625. Herald is currently a giant mishmash of hard-codes and weird special cases. Move toward modernization and normality.

Test Plan: {F52716}

Reviewers: btrahan

Reviewed By: btrahan

CC: aran

Maniphest Tasks: T2625, T2769

Differential Revision: https://secure.phabricator.com/D6652
2013-08-07 18:03:47 -07:00
epriestley
a7ce55e3ca Remove extra side navs in Herald
Summary: Ref T2769. Removes some nonstandard side navs.

Test Plan: Viewed affected pages.

Reviewers: btrahan

Reviewed By: btrahan

CC: aran

Maniphest Tasks: T2769

Differential Revision: https://secure.phabricator.com/D6651
2013-08-07 18:03:46 -07:00
epriestley
ceb7f830a4 Make HeraldRuleQuery policy-aware
Summary: Ref T2769. dem policy checks

Test Plan: Loaded `/herald/`; loaded rule editor.

Reviewers: btrahan

Reviewed By: btrahan

CC: aran

Maniphest Tasks: T2769

Differential Revision: https://secure.phabricator.com/D6650
2013-08-07 18:03:45 -07:00
epriestley
8eed5b1f14 Make HeraldRule implement PhabricatorPolicyInterface
Summary:
Ref T603. Ref T2769. Herald currently interacts with policies in a bad way; specifically, I can create a rule which emails me for everything, and thus learn about objects I can't otherwise see.

This shouldn't be possible, so I'm going to reduce personal rules to have only the viewer's scope.

For global rules, I think I'm always going to let any user edit them, but make who the rule acts as part of the configuration. There will be an option to make a rule omnipotent, but only admins (or some other special subset of users) will be able to select it.

Transactions/subscriptions will provide a check against users editing global rules in ways that are bad.

Test Plan: Next diffs.

Reviewers: btrahan

Reviewed By: btrahan

CC: aran

Maniphest Tasks: T603, T2769

Differential Revision: https://secure.phabricator.com/D6649
2013-08-07 18:03:44 -07:00
epriestley
2820fdc89b Add PHIDs to Herald Rules
Summary: Ref T2769. Precursor to various Herald-related modernizations.

Test Plan: Ran migration; loaded Herald via web.

Reviewers: btrahan

Reviewed By: btrahan

CC: aran

Maniphest Tasks: T2769

Differential Revision: https://secure.phabricator.com/D6648
2013-08-07 18:03:37 -07:00
epriestley
d3e700ce19 Further mitigate BREACH by reducing reflectiveness
Summary:
Ref T3684. The URI itself is reflected in a few places. It is generally not dangerous because we only let you add random stuff to the end of it for one or two controllers (e.g., the file download controller lets you add "/whatever.jpg"), but:

  - Remove it entirely in the main request, since it serves no purpose.
  - Remove query parameters in Ajax requests. These are available in DarkConsole proper.

Also mask a few things in the "Request" tab; I've never used these fields when debugging or during support, and they leak quasi-sensitive information that could get screenshotted or over-the-shoulder'd.

I didn't mitgate `__metablock__` because I think the threat is so close to 0 that it's not worthwhile.

Test Plan: Used Darkconsole, examined Requests tab.

Reviewers: btrahan

Reviewed By: btrahan

CC: aran

Maniphest Tasks: T3684

Differential Revision: https://secure.phabricator.com/D6699
2013-08-07 16:09:25 -07:00