1
0
Fork 0
mirror of https://we.phorge.it/source/phorge.git synced 2024-11-27 09:12:41 +01:00
Commit graph

1957 commits

Author SHA1 Message Date
epriestley
cccdc48883 Implement PhabricatorDestructibleInterface for event triggers
Summary: Ref T6881. When stuff with triggers is destroyed, it should destroy the triggers.

Test Plan: Will test in Instances.

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: epriestley

Maniphest Tasks: T6881

Differential Revision: https://secure.phabricator.com/D11435
2015-01-19 16:55:38 -08:00
epriestley
7cbbd7868f Add a "schedule task" trigger action
Summary: Ref T6881. Add a standard "just queue a task" trigger action; I expect almost all application code to use this.

Test Plan: Will test in Instances.

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: epriestley

Maniphest Tasks: T6881

Differential Revision: https://secure.phabricator.com/D11429
2015-01-19 16:55:23 -08:00
epriestley
a988a1a043 Add a "daily routine" trigger clock for backups, etc.
Summary: Ref T6881. Before implementing subscriptions, I'm going to vet triggers by using them to do backups. Each instance will get a daily trigger for backups, and that should give us a smaller-scale test to catch issues and limitations, with more opportunities for something to go wrong since it fires more often.

Test Plan: Added unit tests.

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: epriestley

Maniphest Tasks: T6881

Differential Revision: https://secure.phabricator.com/D11427
2015-01-19 16:54:23 -08:00
Bob Trahan
53b06408f4 MetaMTA - add (basic) application emails and deploy to Maniphest
Summary: Ref T5952, T3404. This lays the basic plumbing for how this will work, all the way to deploying on Maniphest. Aside from what is mentioned on T5952, I think page(s) on editing application emails could use a little more helpful text about what's going on, similar to how the config page that's getting deprecated works.

Test Plan: ran migration and noted my create email address migrated successfully. used bin/mail to make a task. added another email and used bin/mail to make a task. deleted an email. edited an email. invoked various error states and they all looked good.

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: Korvin, epriestley

Maniphest Tasks: T3404, T5952

Differential Revision: https://secure.phabricator.com/D11418
2015-01-19 16:07:26 -08:00
Chad Little
3bc54c2041 Project revamp part 2: Edit
Summary:
Taking a pass at revamping the edit pages in Projects. Specifically:

 - Remove EditMainController
 - Move actions from EditMain to Profile
 - Move properties from EditMain to Profile
 - Move timeline from EditMain to Profile
 - Move Open Tasks from Profile to sidenavicon
 - Add custom icons and colors to timeline

Feel free to bang on this a bit and give feedback, feels generally correct to me.

Test Plan: Edit everything I could on various projects. Check links, timelines, actions.

Reviewers: btrahan, epriestley

Reviewed By: epriestley

Subscribers: Korvin, epriestley

Differential Revision: https://secure.phabricator.com/D11421
2015-01-19 10:14:27 -08:00
epriestley
19be32656f Implement clock/trigger infrastructure for scheduling actions
Summary:
Ref T6881. Hopefully, this is the hard part.

This adds a new daemon (the "trigger" daemon) which processes triggers, schedules them, and then executes them at the scheduled time. The design is a little complicated, but has these goals:

  - High resistance to race conditions: only the application writes to the trigger table; only the daemon writes to the event table. We won't lose events if someone saves a meeting at the same time as we're sending a reminder out for it.
  - Execution guarantees: scheduled events are guaranteed to execute exactly once.
  - Support for arbitrarily large queues: the daemon will make progress even if there are millions of triggers in queue. The cost to update the queue is proportional to the number of changes in it; the cost to process the queue is proportional to the number of events to execute.
  - Relatively good observability: you can monitor the state of the trigger queue reasonably well from the web UI.
  - Modular Infrastructure: this is a very low-level construct that Calendar, Phortune, etc., should be able to build on top of.

It doesn't have this stuff yet:

  - Not very robust to bad actions: a misbehaving trigger can stop the queue fairly easily. This is OK for now since we aren't planning to make it part of any other applications for a while. We do still get execute-exaclty-once, but it might not happen for a long time (until someone goes and fixes the queue), when we could theoretically continue executing other events.
  - Doesn't start automatically: normal users don't need to run this thing yet so I'm not starting it by default.
  - Not super well tested: I've vetted the basics but haven't run real workloads through this yet.
  - No sophisticated tooling: I added some basic stuff but it's missing some pieces we'll have to build sooner or later, e.g. `bin/trigger cancel` or whatever.
  - Intentionally not realtime: This design puts execution guarantees far above realtime concerns, and will not give you precise event execution at 1-second resolution. I think this is the correct goal to pursue architecturally, and certainly correct for subscriptions and meeting reminders. Events which execute after they have become irrelevant can simply decline to do anything (like a meeting reminder which executes after the meeting is over).

In general, the expectation for applications is:

  - When creating an object (like a calendar event) that needs to trigger a scheduled action, write a trigger (and save the PHID if you plan to update it later).
  - The daemon will process the event and schedule the action efficiently, in a race-free way.
  - If you want to move the action, update the trigger and the daemon will take care of it.
  - Your action will eventually dump a task into the task queue, and the task daemons will actually perform it.

Test Plan:
Using a test script like this:

```
<?php

require_once 'scripts/__init_script__.php';

$trigger = id(new PhabricatorWorkerTrigger())
  ->setAction(
    new PhabricatorLogTriggerAction(
      array(
        'message' => 'test',
      )))
  ->setClock(
    new PhabricatorMetronomicTriggerClock(
      array(
        'period' => 33,
      )))
  ->save();

var_dump($trigger);
```

...I queued triggers and ran the daemon:

  - Verified triggers fire;
  - verified triggers reschedule;
  - verified trigger events show up in the web UI;
  - tried different periods;
  - added some triggers while the daemon was running;
  - examined `phd debug` output for anything suspicious.

It seems to work in trivial use case, at least.

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: epriestley

Maniphest Tasks: T6881

Differential Revision: https://secure.phabricator.com/D11419
2015-01-16 12:13:31 -08:00
epriestley
66975fa51b Implement "trigger clocks" for scheduling events
Summary:
Ref T6881. This will probably make more sense in a couple of diffs, but this is a class that implements scheduling/recurrence rules. Two rules are provided:

  - Trigger an event at a specific time (e.g., a meeting reminder notification).
  - Trigger an event on the Nth day of every month (e.g., a subscription bill).

At some point, we'll presumably add a rule for T2896 (maybe using the "RRULE" spec) so you can do stuff like "the second to last thursday of every month", etc., but we don't need that for now.

(The "Nth day of every month, or move it back if no such day exists" rule doesn't seem to be expressible with the "RRULE" format, so implementing that wouldn't give us a superset of this. I think this rule is correct and desirable for this purpose, though.)

Test Plan: Added and executed unit tests.

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: epriestley

Maniphest Tasks: T6881

Differential Revision: https://secure.phabricator.com/D11403
2015-01-15 15:57:45 -08:00
Bob Trahan
1cc81b1d0a OAuthServer - hide client secret behind a "View Secret" action
Summary: ...also adds policies on who can view and who can edit an action. Fixes T6949.

Test Plan: viewed a secret through the new UI and it worked

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: Korvin, epriestley

Maniphest Tasks: T6949

Differential Revision: https://secure.phabricator.com/D11401
2015-01-14 17:27:45 -08:00
epriestley
7ab5d108a4 Provide read and overwrite for Lisk counters
Summary:
Ref T6881. This is part 1 of my 35-step plan to support subscriptions that bill monthly.

Expanding the capabilities of counters will let me use them to create a logical clock on time-based event updates, build a daemon on top of that, and eventually get time-based triggers.

Test Plan: Added and executed unit tests.

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: chad, epriestley

Maniphest Tasks: T6881

Differential Revision: https://secure.phabricator.com/D11395
2015-01-14 12:15:47 -08:00
epriestley
2297a43d44 remarkup.css: Consistently zero top/bottom margins for first/last block-level children
Summary:
For block-level elements that have a margin-top or margin-bottom set
(generally to 12px), also reset the appropriate margin to 0 when
they're a first-child or last-child of their parents.

The change doesn't affect nested lists, their selector is more specific.

Test Plan:
Look at some comments or wiki documents that end with different
block elements, verify that the margins are pretty.

Reviewers: epriestley, #blessed_reviewers, chad

Reviewed By: #blessed_reviewers, chad

Subscribers: Korvin, epriestley

Projects: #remarkup

Maniphest Tasks: T6968

Differential Revision: https://secure.phabricator.com/D11382
2015-01-14 12:15:21 -08:00
Joshua Spence
ca80688733 Fix a filename
Summary: Third time lucky... the filename should match the class name now.

Test Plan: `arc lint`

Reviewers: epriestley, #blessed_reviewers

Reviewed By: epriestley, #blessed_reviewers

Subscribers: Korvin, epriestley

Differential Revision: https://secure.phabricator.com/D11362
2015-01-14 07:04:36 +11:00
epriestley
20e9cfac67 Add a "ClusterDatabase" Almanac service type
Summary: Ref T5833. This doesn't do anything yet, but will allow new instances to automaticaly bind to an open database without anything too hacky.

Test Plan:
Created a service of this type.

{F267059}

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: epriestley

Maniphest Tasks: T5833

Differential Revision: https://secure.phabricator.com/D11372
2015-01-13 11:59:23 -08:00
Bob Trahan
8cfc37f8fc Config - add an option to lock policy settings
Summary: Fixes T6947

Test Plan:
locked people.create.user and noted the UI only showed a link to the existing policy with no way to edit it.

tried to set the config to all the various bad things and saw helpful error messages telling me what I did wrong.

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: Korvin, epriestley

Maniphest Tasks: T6947

Differential Revision: https://secure.phabricator.com/D11358
2015-01-13 11:46:29 -08:00
Bob Trahan
e85dfcbeee People - add application policy on user creation
Summary: Ref T6947.

Test Plan: made the setting say only admin user a and noted admin user b lost access

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: Korvin, epriestley

Maniphest Tasks: T4137, T6947

Differential Revision: https://secure.phabricator.com/D11357
2015-01-12 15:18:16 -08:00
Bob Trahan
46913f651e Auth - add "manage providers" capability
Summary: Ref T6947.

Test Plan: toggled setting in application settings and changes stuck. set policy to admin user a only and could not add a provider as a admin user b.

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: Korvin, epriestley

Maniphest Tasks: T6947

Differential Revision: https://secure.phabricator.com/D11356
2015-01-12 14:37:58 -08:00
Chad Little
953f281dc0 Revamp Projects with new navigation
Summary:
A refresh of Projects including a new navigations UI.

 - New Navigation UI.
 - Auto switch default page if Workboard has been initialized
 - Move Feed to it's own page
 - Increase 'tasks' on Project Home to 50 over 10
 - Fix various display bugs on Workboards
 - Remove 'crumbs' from Project portal (unneeded).

Test Plan:
- clicked a link for a project with no workboard and saw the profile
- clicked a link for a project with a workboard and saw the workboard
- navigated around the various edit pages, inspecting links and making sure things linked back to the new profile uri

{F266460}

{F266461}

{F266462}

{F266463}

{F266464}

Reviewers: epriestley, btrahan

Reviewed By: epriestley, btrahan

Subscribers: Korvin, epriestley

Differential Revision: https://secure.phabricator.com/D11272
2015-01-12 10:04:01 -08:00
Joshua Spence
420f955c2a Fix an incorrect file name
Summary: Self explanatory. This was broken in D11185.

Test Plan: `arc lint`

Reviewers: #blessed_reviewers, epriestley

Reviewed By: #blessed_reviewers, epriestley

Subscribers: Korvin, epriestley

Differential Revision: https://secure.phabricator.com/D11280
2015-01-09 18:35:43 +11:00
Bob Trahan
2be746fb1f Auth - restore Phabricator OAuth as a provider
Summary: So meta it hurts. Fixes T887.

Test Plan: created a second instance of phabricator locally. made an account on oauth server phabricator. set up my normal dev phabricator to use this new oauth phabricator. noted the form worked. created an account via the oauth method and it worked.

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: Korvin, epriestley

Maniphest Tasks: T887

Differential Revision: https://secure.phabricator.com/D11287
2015-01-08 16:28:04 -08:00
epriestley
9e0f70e17d Rewrite Aphlict to use Websockets
Summary:
Fixes T6559. No more flash, use Websockets. This is less aggressive than the earlier version, and retains more server logic.

  - Support "wss".
  - Make the client work.
  - Remove "notification.user" entirely.
  - Seems ok?

Test Plan:
In Safari, Firefox and Chrome, saw the browsers connect. Made a bunch of comments/updates and saw notifications.

Notable holes in the test plan:

  - Haven't tested "wss" yet. I'll do this on secure.
  - Notifications are //too fast// now, locally. I get them after I hit submit but before the page reloads.
  - There are probably some other rough edges, this is a fairly big patch.

Reviewers: joshuaspence, btrahan

Reviewed By: joshuaspence, btrahan

Subscribers: fabe, btrahan, epriestley

Maniphest Tasks: T6713, T6559

Differential Revision: https://secure.phabricator.com/D11143
2015-01-08 10:03:00 -08:00
Joshua Spence
c2b4ed1f7e Use PhutilLibraryTestCase
Summary: Depends on D11231.

Test Plan: `arc unit`

Reviewers: btrahan, #blessed_reviewers, epriestley

Reviewed By: #blessed_reviewers, epriestley

Subscribers: Korvin, epriestley

Differential Revision: https://secure.phabricator.com/D11233
2015-01-07 07:38:08 +11:00
Bob Trahan
648fa2e1bc Repositories - Move scripts/repository/reparse.php to bin/repository reparse
Summary:
Fixes T5966. Accomplishes a few things

 - see title
 - adds a force-autoclose flag and the plumbing for it
 - removes references to some HarborMaster thing that used to key off commits and seems long dead, but forgotten :/

Test Plan:
ran a few commands. These first three had great success:

`./repository reparse --all FIRSTREPO --message --change  --herald --owners`
`./repository reparse --all FIRSTREPO --message --change  --herald --owners --min-date yesterday`
`./repository reparse --all FIRSTREPO --message --change  --herald --owners --min-date yesterday --force-autoclose`

...and these next two showed me some errors as expected:

`./repository reparse --all FIRSTREPO --message --change  --herald --owners --min-date garbagedata`
`./repository reparse --all GARBAGEREPO --message --change  --herald --owners`

Also, made a diff in a repository with autoclose disabled and commited the diff. Later, reparse the diff with force-autoclose. Verified the diff closed and that the reason "why" had the proper message text.

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: joshuaspence, epriestley, Korvin

Maniphest Tasks: T5966

Differential Revision: https://secure.phabricator.com/D10492
2015-01-06 11:42:15 -08:00
epriestley
a455e50e29 Build a Conpherence thread index
Summary:
Ref T3165. Builds a dedicated index for Conpherence to avoid scale/policy filtering concerns.

  - This is pretty one-off but I think it's generally OK.
  - There's no UI for it.
  - `ConpherenceFulltextQuery` is very low-level. You would need to do another query on the PHIDs it returns to actually show anything to the user.
  - The `previousTransactionPHID` is so you can load chat context efficiently. Specifically, if you want to show results like this:

> previous line of context
> **line of chat that matches the query**
> next line of context

...you can read the previous lines out of `previousTransactionPHID` directly, and the next lines by issuing one query with `WHERE previousTransactionPHID IN (...)`.

I'm not 100% sure this is useful, but it seemed like a reasonable thing to provide, since there's no way to query this efficiently otherwise and I figure a lot of chat might make way more sense with a couple of lines of context.

Test Plan:
  - Indexed a thread manually (whole thing indexed).
  - Indexed a thread by updating it (just the new comment indexed).
  - Wrote a hacky test script and got reasonable-looking query results.

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: epriestley

Maniphest Tasks: T3165

Differential Revision: https://secure.phabricator.com/D11234
2015-01-06 10:24:30 -08:00
Joshua Spence
f2e87aad89 Rename the PhabricatorAuthFactorTOTP class for consistency
Summary: Ref T5655.

Test Plan: `grep`

Reviewers: epriestley, #blessed_reviewers

Reviewed By: epriestley, #blessed_reviewers

Subscribers: Korvin, epriestley

Maniphest Tasks: T5655

Differential Revision: https://secure.phabricator.com/D11191
2015-01-06 22:56:04 +11:00
Joshua Spence
85a3636747 Write edges for commit reverts
Summary:
Ref T1751. When a commit reverts another commit:

  - Add an edge linking them;
  - Show the edge in Diffusion.

Next steps are:

  - If the reverted commit is associated with a Differential revision, leave a comment;
  - Also leave a comment on the commit (no API yet);
  - Also trigger an audit by the original commit's author.

Test Plan: Used `scripts/repository/reparse.php --message ...` to parse commits with revert language. Verified they appear correctly in Diffusion, and update Differential.

Reviewers: btrahan, epriestley

Reviewed By: btrahan, epriestley

Subscribers: Korvin, epriestley, cburroughs, joshuaspence, sascha-egerer, aran

Maniphest Tasks: T4896, T1751

Differential Revision: https://secure.phabricator.com/D5846
2015-01-05 07:09:02 +11:00
Joshua Spence
a7a3c90f14 Fix a file name to match the PHP class name
Summary: This was misnamed in D11177.

Test Plan: `arc lint`

Reviewers: #blessed_reviewers, epriestley

Reviewed By: #blessed_reviewers, epriestley

Subscribers: Korvin, epriestley

Differential Revision: https://secure.phabricator.com/D11193
2015-01-05 06:38:59 +11:00
Joshua Spence
e33f5b785e Remove unused phabricator_on_relative_date function
Summary: This function isn't used.

Test Plan: `grep`

Reviewers: epriestley, #blessed_reviewers

Reviewed By: epriestley, #blessed_reviewers

Subscribers: Korvin, epriestley

Differential Revision: https://secure.phabricator.com/D11190
2015-01-05 06:38:38 +11:00
Joshua Spence
78f5253964 Rename the _phabricator_time_format function for consistency
Summary: Ref T5655.

Test Plan: `grep`

Reviewers: epriestley, #blessed_reviewers

Reviewed By: epriestley, #blessed_reviewers

Subscribers: Korvin, epriestley

Maniphest Tasks: T5655

Differential Revision: https://secure.phabricator.com/D11187
2015-01-05 06:34:23 +11:00
Joshua Spence
3c64cb4d0a Rename DifferentialLandingStrategy subclasses for consistency
Summary: Ref T5655.

Test Plan: `grep`

Reviewers: epriestley, #blessed_reviewers

Reviewed By: epriestley, #blessed_reviewers

Subscribers: avivey, Korvin, epriestley

Maniphest Tasks: T5655

Differential Revision: https://secure.phabricator.com/D11186
2015-01-05 06:33:43 +11:00
Joshua Spence
97cd8c1c75 Rename DiffusionSSHWorkflow subclasses for consistency
Summary: Ref T5655.

Test Plan: `grep`

Reviewers: epriestley, #blessed_reviewers

Reviewed By: epriestley, #blessed_reviewers

Subscribers: Korvin, epriestley

Maniphest Tasks: T5655

Differential Revision: https://secure.phabricator.com/D11185
2015-01-05 06:33:19 +11:00
Joshua Spence
94ac3c084b Rename PhabricatorDashboardPanelType subclasses for consistency
Summary: Ref T5655.

Test Plan: `grep`

Reviewers: #blessed_reviewers, epriestley

Reviewed By: #blessed_reviewers, epriestley

Subscribers: Korvin, epriestley

Maniphest Tasks: T5655

Differential Revision: https://secure.phabricator.com/D11182
2015-01-05 06:32:08 +11:00
Joshua Spence
7b567f185c Rename PhabricatorUIExample subclasses for consistency
Summary: Ref T5655. Basically, rename all `PhabricatorUIExample` subclasses to be either `Phabricator*UIExample` or `PHUI*Example`.

Test Plan: `arc lint` and `arc unit`.

Reviewers: epriestley, #blessed_reviewers

Reviewed By: epriestley, #blessed_reviewers

Subscribers: Korvin, epriestley

Maniphest Tasks: T5655

Differential Revision: https://secure.phabricator.com/D11177
2015-01-04 08:36:47 +11:00
Joshua Spence
bb3db70f68 Rename DiffusionSetPasswordPanel for consistency
Summary: Ref T5655.

Test Plan: `arc lint` and `arc unit`

Reviewers: #blessed_reviewers, epriestley

Reviewed By: #blessed_reviewers, epriestley

Subscribers: Korvin, epriestley

Maniphest Tasks: T5655

Differential Revision: https://secure.phabricator.com/D11178
2015-01-04 08:34:30 +11:00
Joshua Spence
dffdb4ab8e Remove unused PhabricatorMainMenuGroupView class
Summary: This class is no longer used after D11125.

Test Plan: `grep`

Reviewers: #blessed_reviewers, epriestley

Reviewed By: #blessed_reviewers, epriestley

Subscribers: Korvin, epriestley

Differential Revision: https://secure.phabricator.com/D11170
2015-01-03 23:50:52 +11:00
Joshua Spence
cdf11c9fd1 Remove unused Phortune exceptions
Summary: These classes are no longer used after D10649.

Test Plan: `grep`

Reviewers: #blessed_reviewers, epriestley

Reviewed By: #blessed_reviewers, epriestley

Subscribers: Korvin, epriestley

Differential Revision: https://secure.phabricator.com/D11168
2015-01-03 23:50:32 +11:00
Joshua Spence
94f438f6a6 Remove unused PhrictionDocumentPreviewController class
Summary: This class is no longer required after D6675.

Test Plan: `grep`

Reviewers: epriestley, #blessed_reviewers

Reviewed By: epriestley, #blessed_reviewers

Subscribers: Korvin, epriestley

Differential Revision: https://secure.phabricator.com/D11169
2015-01-03 23:50:19 +11:00
Joshua Spence
114568df7a Remove unused ManiphestTaskDescriptionPreviewController class
Summary: This class is no longer used after D6673.

Test Plan: `grep`

Reviewers: #blessed_reviewers, epriestley

Reviewed By: #blessed_reviewers, epriestley

Subscribers: Korvin, epriestley

Differential Revision: https://secure.phabricator.com/D11167
2015-01-03 23:49:58 +11:00
Joshua Spence
b3e196b694 Rename PhabricatorPolicyRule subclasses for consistency
Summary: Ref T5655. Fixes T6849. This is another take on D11131, which was missing the DB migration and was reverted in rP7c4de0f6be77ddaea593e1f41ae27211ec179a55.

Test Plan: Ran `./bin/storage upgrade` and verified that the classes were renamed in the `phabricator_policy.policy` table.

Reviewers: #blessed_reviewers, epriestley

Reviewed By: #blessed_reviewers, epriestley

Subscribers: Korvin, epriestley

Maniphest Tasks: T6849, T5655

Differential Revision: https://secure.phabricator.com/D11166
2015-01-03 23:48:55 +11:00
Joshua Spence
a575350204 Remove an unused class
Summary: Self-explanatory.

Test Plan: `grep`

Reviewers: epriestley, #blessed_reviewers

Reviewed By: epriestley, #blessed_reviewers

Subscribers: Korvin, epriestley

Differential Revision: https://secure.phabricator.com/D11164
2015-01-03 12:23:18 +11:00
Joshua Spence
c7cd844a07 Remove deprecated task subscriber class
Summary: This class is no longer used after D10965.

Test Plan: `grep`

Reviewers: btrahan, epriestley, #blessed_reviewers

Reviewed By: epriestley, #blessed_reviewers

Subscribers: Korvin, epriestley

Differential Revision: https://secure.phabricator.com/D11133
2015-01-03 11:32:14 +11:00
Joshua Spence
7c2a7d0365 Modernize remaining edge types
Summary: Modernize remaining edges to subclass `PhabricatorEdgeType`. Largely based on D11045.

Test Plan: Browsed around and performed various actions include subscribing, unsubscribing and watching.

Reviewers: #blessed_reviewers, epriestley

Reviewed By: #blessed_reviewers, epriestley

Subscribers: epriestley

Differential Revision: https://secure.phabricator.com/D11116
2015-01-03 10:58:20 +11:00
Joshua Spence
d37c7013e5 Rename DoorkeeperFeedWorker subclasses for consistency
Summary: Ref T5655.

Test Plan: `arc lint` and `arc unit`

Reviewers: epriestley, #blessed_reviewers

Reviewed By: epriestley, #blessed_reviewers

Subscribers: Korvin, epriestley

Maniphest Tasks: T5655

Differential Revision: https://secure.phabricator.com/D11148
2015-01-03 10:25:25 +11:00
epriestley
fa7bb8ff7a Add cluster.addresses and require membership before accepting cluster authentication tokens
Summary:
Ref T2783. Ref T6706.

  - Add `cluster.addresses`. This is a whitelist of CIDR blocks which define cluster hosts.
  - When we recieve a request that has a cluster-based authentication token, require the cluster to be configured and require the remote address to be a cluster member before we accept it.
    - This provides a general layer of security for these mechanisms.
    - In particular, it means they do not work by default on unconfigured hosts.
  - When cluster addresses are configured, and we receive a request //to// an address not on the list, reject it.
    - This provides a general layer of security for getting the Ops side of cluster configuration correct.
    - If cluster nodes have public IPs and are listening on them, we'll reject requests.
    - Basically, this means that any requests which bypass the LB get rejected.

Test Plan:
  - With addresses not configured, tried to make requests; rejected for using a cluster auth mechanism.
  - With addresses configred wrong, tried to make requests; rejected for sending from (or to) an address outside of the cluster.
  - With addresses configured correctly, made valid requests.

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: epriestley

Maniphest Tasks: T6706, T2783

Differential Revision: https://secure.phabricator.com/D11159
2015-01-02 15:13:41 -08:00
epriestley
c84b9d408c Add bin/almanac register to associate a host with an Almanac device and trust it
Summary:
Ref T2783. This is basically a more refined version of D10400, which churned a bit on things like SSH key storage, the actual way the signing protocol shook out, etc.

  - When Phabricator tries to make an intra-cluster service call as the omnipotent user, sign it with the host's device key.
  - Add `bin/almanac register` to say "this host is X device, identified by private key Y". This stores the keypair locally, adds the public key to Almanac, and trusts it.

Net effect is that once a host has been registered, the daemons can make calls to other nodes as the omnipotent user. This is primarily necessary so they can access repository API methods on remote hosts.

Test Plan:
  - Ran `bin/almanac register` with various valid and invalid inputs.
  - Verified keys get generated/added/stored properly.
  - Made a device-signed cluster Conduit call.
  - Made a normal old user-signed cluster Conduit call.

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: epriestley

Maniphest Tasks: T2783

Differential Revision: https://secure.phabricator.com/D11158
2015-01-02 15:13:30 -08:00
Joshua Spence
1b80f6e09d Remove an unused class
Summary: This class is unused after D6679.

Test Plan: `grep`

Reviewers: #blessed_reviewers, epriestley

Reviewed By: #blessed_reviewers, epriestley

Subscribers: Korvin, epriestley

Differential Revision: https://secure.phabricator.com/D11149
2015-01-03 09:09:31 +11:00
Joshua Spence
70245da2ed Remove an unused class
Summary: Self-explanatory.

Test Plan: `grep`

Reviewers: epriestley, #blessed_reviewers

Reviewed By: epriestley, #blessed_reviewers

Subscribers: Korvin, epriestley

Differential Revision: https://secure.phabricator.com/D11150
2015-01-03 09:07:35 +11:00
Joshua Spence
dad8e7c78a Remove an unused class
Summary: This class is no longer used after D8168.

Test Plan: `grep`

Reviewers: epriestley, #blessed_reviewers

Reviewed By: epriestley, #blessed_reviewers

Subscribers: Korvin, epriestley

Differential Revision: https://secure.phabricator.com/D11152
2015-01-03 09:07:35 +11:00
Joshua Spence
6221f9d90f Remove an unused class
Summary: Self-explanatory.

Test Plan: `grep`

Reviewers: #blessed_reviewers, epriestley

Reviewed By: #blessed_reviewers, epriestley

Subscribers: Korvin, epriestley

Differential Revision: https://secure.phabricator.com/D11153
2015-01-03 09:07:35 +11:00
Joshua Spence
c2729b954e Remove an unused class
Summary: This class is no longer required after D10869.

Test Plan: `grep`

Reviewers: epriestley, #blessed_reviewers

Reviewed By: epriestley, #blessed_reviewers

Subscribers: Korvin, epriestley

Differential Revision: https://secure.phabricator.com/D11154
2015-01-03 09:07:32 +11:00
epriestley
08126d3904 Improve top-level exception handling
Summary:
Fixes T6692. Addresses two main issues:

  - The write guard would sometimes not get disposed of on exception pathways, generating an unnecessary secondary error which was just a symptom of the original root error.
    - This was generally confusing and reduced the quality of reports we received because users would report the symptomatic error sometimes instead of the real error.
    - Instead, reflow the handling so that we always dispose of the write guard if we create one.
  - If we missed the Controller-level error page generation (normally, a nice page with full CSS, etc), we'd jump straight to Startup-level error page generation (very basic plain text).
    - A large class of errors occur too early or too late to be handled by Controller-level pages, but many of these errors are not fundamental, and the plain text page is excessively severe.
    - Provide a mid-level simple HTML error page for errors which can't get full CSS, but also aren't so fundamental that we have no recourse but plain text.

Test Plan:
Mid-level errors now produce an intentional-looking error page:

{F259885}

Verified that setup errors still render properly.

@chad, feel free to tweak the exception page -- I just did a rough pass on it. Like the setup error stuff, it doesn't have Celerity, so we can't use `{$colors}` and no other CSS will be loaded.

Reviewers: chad, btrahan

Reviewed By: btrahan

Subscribers: epriestley, chad

Maniphest Tasks: T6692

Differential Revision: https://secure.phabricator.com/D11126
2015-01-02 10:49:27 -08:00
epriestley
7c4de0f6be Revert "Rename PhabricatorPolicyRule subclasses for consistency"
This reverts commit 8b7561776f.

See: https://secure.phabricator.com/rP8b7561776f3f5535c625b6d260811cfc51cf4b61
2015-01-02 06:39:36 -08:00