Summary:
Ref T7689. This gives HandleLists `renderList()` and `renderHandle()` methods, which return views that can perform just-in-time data fetching and generally look and feel like other rendering code, instead of being odd pseudo-functional methods on `Controller`.
Also converts callsites on the Maniphest detail page to use these methods.
Next changes will wipe out more of the callsites.
Test Plan:
- Viewed Maniphest detail page with many relevant handles.
- Created a new subtask.
Reviewers: btrahan
Reviewed By: btrahan
Subscribers: epriestley
Maniphest Tasks: T7689
Differential Revision: https://secure.phabricator.com/D12205
Summary:
Ref T7689, which discusses some of the motivation here. Briefly, these methods are awkward:
- Controller->loadHandles()
- Controller->loadViewerHandles()
- Controller->renderHandlesForPHIDs()
This moves us toward better semantics, less awkwardness, and a more reasonable attack on T7688 which won't double-fetch a bunch of data.
Test Plan:
- Added unit tests.
- Converted one controller to the new stuff.
- Viewed countdown lists, saw handles render.
Reviewers: btrahan
Reviewed By: btrahan
Subscribers: epriestley
Maniphest Tasks: T7689
Differential Revision: https://secure.phabricator.com/D12202
Summary: pebkac issue of some sort and I didn't actually commit removing the defunct /conpherence/room/ uri route
Test Plan: made a new room and it worked
Reviewers: chad, epriestley
Reviewed By: epriestley
Subscribers: Korvin, epriestley
Differential Revision: https://secure.phabricator.com/D12216
Summary: Ref T7584. In Conpherence main view, this adds a "search" link right in the "Rooms" header. This piece addresses an outstanding item on T7584. This diff also adds a search button in the durable column that takes you to the application search. This kind of a big product bet that rooms are going to be dominating things and its most useful to find another room quickly from this view. That said, I think the application search should get massaged slightly to allow searching threads and this won't be much of a trade off at all.
Test Plan: verified new search links took me to correct place and displayed reasonably.
Reviewers: chad, epriestley
Reviewed By: epriestley
Subscribers: Korvin, epriestley
Maniphest Tasks: T7584
Differential Revision: https://secure.phabricator.com/D12215
Summary: Ref T7061. Quicksand still needs an ajax-style response here.
Test Plan: Clicked a file detail page (this redirects) with column open, ended up in the right place.
Reviewers: btrahan
Reviewed By: btrahan
Subscribers: epriestley
Maniphest Tasks: T7061
Differential Revision: https://secure.phabricator.com/D12206
Summary: Fixes T7690.
Test Plan: This fix worked when I applied it in the DOM inspector.
Reviewers: chad
Reviewed By: chad
Subscribers: epriestley
Maniphest Tasks: T7690
Differential Revision: https://secure.phabricator.com/D12211
Summary: Testing out using a gear instead of compass gif and background. Let me know how it feels
Test Plan:
UIExamples busy page
{F353571}
Reviewers: epriestley
Reviewed By: epriestley
Subscribers: Korvin, epriestley
Differential Revision: https://secure.phabricator.com/D12201
Summary: Swaps out search icon for font-awesome. Tweaks colors a bit for different color headers.
Test Plan: Test a number of colors in the search box. Click on button and still go to advanced search.
Reviewers: epriestley
Reviewed By: epriestley
Subscribers: Korvin, epriestley
Differential Revision: https://secure.phabricator.com/D12200
Summary: ¯\_(ツ)_/¯
Test Plan: Run bin/celerity map against HEAD
Reviewers: epriestley
Reviewed By: epriestley
Subscribers: Korvin, epriestley
Differential Revision: https://secure.phabricator.com/D12199
Summary: Ref T7062. The previous fix caused an extra, unnecessary thread load on mobile. Make this code a bit simpler and fix the unnecessary load.
Test Plan: No more load on mobile.
Reviewers: btrahan, chad
Reviewed By: chad
Subscribers: epriestley
Maniphest Tasks: T7062
Differential Revision: https://secure.phabricator.com/D12196
Summary:
Ref T7062. When we load a thread, we always show the column, even if it has been closed between the time we sent the request and when we're processing the response.
Normally this isn't a big deal, but it can specifically show up on mobile.
(This load also shouldn't be happening at all, but I'll fix that separately.)
Test Plan: Mobile no longer shows the column after it loads.
Reviewers: btrahan, chad
Reviewed By: chad
Subscribers: epriestley
Maniphest Tasks: T7062
Differential Revision: https://secure.phabricator.com/D12195
Summary:
Fixes T7061. Although it's very simple, I think this is a complete fix.
Quicksand technically is Ajax and uses Workflow as a transport mechanism, but the server should always pretend the user clicked a normal link when rendering.
Test Plan: Links that were autoconverting into dialogs (like "Edit Task") or otherwise making the wrong behavioral choices now work as expected.
Reviewers: btrahan, chad
Reviewed By: chad
Subscribers: epriestley
Maniphest Tasks: T7061
Differential Revision: https://secure.phabricator.com/D12194
Summary: This rule was missing.
Test Plan: Test a comment where "Not Done" was present. Hover over button, it doesn't change.
Reviewers: epriestley
Reviewed By: epriestley
Subscribers: Korvin, epriestley
Differential Revision: https://secure.phabricator.com/D12193
Summary: In cases where conpherence-edited is the last item in the pane, we should add padding.
Test Plan: Enter a Room, edit the title, see extra padding. Submit a new comment, padding returns to default.
Reviewers: btrahan, epriestley
Reviewed By: epriestley
Subscribers: Korvin, epriestley
Differential Revision: https://secure.phabricator.com/D12192
Summary:
Fixes T7558. This might not be 100% perfect but should solve most of the issue.
I briefly looked at things like `MutationObserver` (some fancy next-gen browser junk) but couldn't immediately get it working.
Other methods for handling this kind of thing involve polling, complicated polyfills, etc. We could give `MutationObserver` a more serious effort if this is too leaky.
Test Plan:
- In a thread with some images, reloaded the page and saw the scrollbar stay at the bottom.
- Tested with and without USB devices attached.
Reviewers: btrahan, chad
Reviewed By: chad
Subscribers: epriestley
Maniphest Tasks: T7558
Differential Revision: https://secure.phabricator.com/D12191
Summary: Fixes T7058. We weren't propagating `state` properly so some other code ended up doing the wrong thing.
Test Plan:
- Clicked from Home -> Anything -> Home under Quicksand, saw reloads with no double requests.
- Used "back", saw back button work properly.
Reviewers: btrahan, chad
Reviewed By: chad
Subscribers: epriestley
Maniphest Tasks: T7058
Differential Revision: https://secure.phabricator.com/D12190
Summary:
Fixes T7062. When the column is open, we only want to consider the screen width which is avilable for content when computing responsive breakpoints.
Specificially, if you have a 1000px wide browser window (normally "desktop") but the column is open (300px) so you only have 700px free for content (normally "tablet"), we should drop to the tablet breakpoint. This lets you have a narrow column of "tablet" content next to the chat column, instead of a really squished column of "desktop" contnet.
This also means the chat column can't directly use JX.Device to hide itself.
Test Plan: Resized screen with column open, saw content go from Desktop + Column -> Tablet + Column -> Tablet -> Mobile.
Reviewers: btrahan, chad
Reviewed By: chad
Subscribers: epriestley
Maniphest Tasks: T7062
Differential Revision: https://secure.phabricator.com/D12189
Summary:
Fixes T7063. Fixes T7059. We were running some extra unnecessary behaviors. In particular, we would render the menu but not actually send it over the wire, so some behaviors would execute, fail to find the nodes they expected, and throw. This cascaded into some other failures.
Do less work and don't activate behaviors which won't be able to run.
Test Plan: Clicked around, no more errors on page transition. Comment previews work.
Reviewers: btrahan, chad
Reviewed By: chad
Subscribers: epriestley
Maniphest Tasks: T7059, T7063
Differential Revision: https://secure.phabricator.com/D12188
Summary:
Ref T1460. Overall:
- Pass `objectOwnerPHID` consistently.
- Pass viewer consistently.
- Set the correct draft state for checkboxes on the client.
Test Plan:
- Made inline comments in Differential.
- Made inline comments in Diffusion.
Reviewers: chad
Reviewed By: chad
Subscribers: epriestley
Maniphest Tasks: T1460
Differential Revision: https://secure.phabricator.com/D12186
Summary:
Rebuilds the UI in Differential commenting. Specifically we look at the following design patterns:
**To the author:**
- The author of the diff should be able to easily identify what comments are done and not done.
- We keep undone comments yellow
- Clicking done turns comment block into 'unsubmitted state'
**To the reviewer:**
- Easier understanding of unsubmitted states
- All conversations to be yellow/important
**Todo**
- Not all color CSS states correct
- Unpulished checkbox support
Test Plan:
Test leaving comments, published and unpublished. Checking Done, unpublished and published. Check delete states.
From the Diff Author's perspective:
{F352094}
For a Diff commenter's perspective:
{F352095}
Reviewers: btrahan, epriestley
Reviewed By: epriestley
Subscribers: Korvin, epriestley
Maniphest Tasks: T1460, T7660, T7503
Differential Revision: https://secure.phabricator.com/D12171
Summary:
This returns the PHID of the current revision owner, or the commit author, if one exists.
NOTE: For drafts, we currently return `null`; I'll fix that in a future change. Should be correct for submitted comments.
Test Plan: Added an inline, nothing seemed broken.
Reviewers: chad
Reviewed By: chad
Subscribers: epriestley
Differential Revision: https://secure.phabricator.com/D12185
Summary: Using tooltips with icons is problematic because we currently draw the arrow after the tooltip location, meaning it goes 5px into the container. This gives a 5px padding around the outer container to better account for this.
Test Plan: tested tooltips in remarkup bar, project icon nav, and in durable column.
Reviewers: epriestley
Reviewed By: epriestley
Subscribers: Korvin, epriestley
Differential Revision: https://secure.phabricator.com/D12184
Summary: Fixes T7648. The existence of this file is not necessarily obvious and is important to backup, transfer, and restore.
Test Plan: Read documentation.
Reviewers: btrahan, chad
Reviewed By: chad
Subscribers: epriestley
Maniphest Tasks: T7648
Differential Revision: https://secure.phabricator.com/D12183
Summary: Fixes T7675. epriestley caught this in code review and I didn't implement it all the way
Test Plan: logicypoo
Reviewers: epriestley
Subscribers: Korvin, epriestley
Maniphest Tasks: T7675
Differential Revision: https://secure.phabricator.com/D12181
Summary: Fixes T7672. This had two `%d` conversions but only one parameter.
Test Plan: Adjusted limit to 0, viewed a merge, saw proper message.
Reviewers: chad, btrahan
Reviewed By: btrahan
Subscribers: epriestley
Maniphest Tasks: T7672
Differential Revision: https://secure.phabricator.com/D12180
Summary: Ref T7670. Add a few unit tests to make sure deleting everyone works. Also change remaining processRequest to handleRequest while in there.
Test Plan: `arc unit` passed
Reviewers: chad, epriestley
Reviewed By: epriestley
Subscribers: Korvin, epriestley
Maniphest Tasks: T7670
Differential Revision: https://secure.phabricator.com/D12179
Summary:
Ref T7566. This does a big chunk of what's left
- Main view
- "Rooms" sub header
- 5 Rooms shown at a time, with room you're looking at in the top on page load
- e.g. viewing /conpherence/x/ the room x is at top always
- solves corner case of when you have yet to "join" the room
- "See More" link takes you to application search for rooms you have participated in
- if no rooms, there is a "Create Room" and "Find Rooms" links.
- "Messages" sub header
- same as before
- policy icons showing up in the menu
- Durable column view - still just the latest N, no changes really there
- Transactions - special cased rendering to try to say room vs thread as appropos
- Bug fix - we weren't recording the initial participants transaction post D12177 / D12163. This fixes that.
Should probably test pagination, and if you want to show more than 5 rooms of have it behave more like messages (where you can wind up in the middle of a paginated list) that will be more work. Also, if lots of messages / rooms (100 is the limit) we might not display rooms if we're supposed to. Yay whale usage! :D
Test Plan: made a new room - success. made a new message - success. viewed a room from /conpherenece/room/ i wasn't a participant in and noted it showed up at the top of the five rooms. clicked around rooms and stuff loaded nicely.
Reviewers: chad, epriestley
Reviewed By: epriestley
Subscribers: Korvin, epriestley
Maniphest Tasks: T7566
Differential Revision: https://secure.phabricator.com/D12178
Summary: In new Conpherences, add some padding to the conpherence-edited rule if it's the first child of conpherence-messages.
Test Plan: Test a new Conpherence
Reviewers: epriestley, btrahan
Reviewed By: btrahan
Subscribers: Korvin, epriestley
Differential Revision: https://secure.phabricator.com/D12175
Summary: Fixes T7669. Broken by D12163 re-factoring and foolihardiness of test coverage. Notably / interestingly, this was broken before D12163 from not implementing policy correctly, so Conpherence has been broken for a bit with few reports.
Test Plan: had user send himself a message
Reviewers: chad, epriestley
Reviewed By: chad, epriestley
Subscribers: Korvin, epriestley
Maniphest Tasks: T7669
Differential Revision: https://secure.phabricator.com/D12177
Summary: Moving to an rgba color here to work better with all the various header colors.
Test Plan: Reload sandbox, see new icon color.
Reviewers: epriestley, btrahan
Reviewed By: btrahan
Subscribers: Korvin, epriestley
Differential Revision: https://secure.phabricator.com/D12176
Summary: This is just a quick pass to fix a few bugs and spacing issues, Phortune itself could probably use some more custom UI, but that'll require some thought and abstraction. This also adds a new taller table CSS, which I mayyyy make automatic on tables with few rows, we'll see.
Test Plan: Browsed my Phortune account, tested new spacing on `admin` for 'full effect'
Reviewers: epriestley, btrahan
Reviewed By: btrahan
Subscribers: Korvin, epriestley
Differential Revision: https://secure.phabricator.com/D12115
Summary: Fixes T7665. Unfortunately when the user messes this up its not easy to partially recover so we just reset that time to the default.
Test Plan: set time to "00:00 AM" and got a sensible error.
Reviewers: chad, epriestley
Reviewed By: epriestley
Subscribers: Korvin, epriestley
Maniphest Tasks: T7665
Differential Revision: https://secure.phabricator.com/D12174
Summary: Fixes T7655. We'll set tighter spacing around edit clusters. Also darkened up the date marker and remove unused `phabricator-transaction-view` CSS that was still scattered around the site.
Test Plan: Test a full and column multi-edit spam. Visited Ponder and Diffusion, noticed no issues using those apps. Grepped for other users of `phabricator-transaction-view`
Reviewers: epriestley, btrahan
Reviewed By: btrahan
Subscribers: Korvin, epriestley
Maniphest Tasks: T7655
Differential Revision: https://secure.phabricator.com/D12148
Summary:
Fixes T7629 plus an un filed bug that's breaking creating new threads since we need to add participants EVEN EARLIER than we were doing it now that policy is actually enforced.
Back to the main thrust of this, there is one UI corner case - in the main view if you go from 1:1 to 1:1:1 (i.e. add a 3rd recipient, or Nth in a row) the icon only updates on page reload. I figure this will get sorted out at a later refactor as we make the client better / share more code with durable column.
One other small behavioral oddity is in the main view sometime we start loading with no conpherence. in that case, rather than show some incorrect icon, we show no icon (and "no title") and then things change at load. Seems okay-ish.
Finally, @chad - the CSS is a very work-man-like "use the built in stuff you can specify from PHP" so I'm sure it needs some love.
Test Plan: made all sorts of rooms and threads and liked the icons. noted smooth loading action as i switched around
Reviewers: chad, epriestley
Reviewed By: epriestley
Subscribers: Korvin, chad, epriestley
Maniphest Tasks: T7629
Differential Revision: https://secure.phabricator.com/D12163
Summary:
Ref T6755. In Git and Subversion, running `git clone http://google.com/` or `svn checkout http://google.com/` does not echo the response body.
In Mercurial, it does. Censor it from the output of `hg pull` and `hg clone`. This prevents an attacker from:
- Creating a Mercurial remote repository with URI `http://10.0.0.1/secrets/`; and
- reading the secrets out of the error message after the clone fails.
Test Plan: Set a Mercurial remote URI to a non-Mercurial repository, ran `repository update`, saw censored error message.
Reviewers: btrahan
Reviewed By: btrahan
Subscribers: epriestley
Maniphest Tasks: T6755
Differential Revision: https://secure.phabricator.com/D12170
Summary: Ref T6755. I'll add some notes there about specifics.
Test Plan:
- Made connections to HTTP and HTTPS URIs.
- Added some debugging code to verify that HTTP URIs were pre-resolved.
Reviewers: btrahan
Reviewed By: btrahan
Subscribers: epriestley
Maniphest Tasks: T6755
Differential Revision: https://secure.phabricator.com/D12169
Summary:
Ref T6755. Although we do not return response bodies, it is possible to perform crude portscanning if you can execute a DNS rebinding attack (which, for now, remains theoretical).
Limit users to 60 requests / hour to make it less feasible. This would require ~30 years to portscan all ports on a `/32` netblock.
Users who can guess that services may exist can confirm their existence more quickly than this, but if the attacker already had a very small set of candidate services it seems unlikely that portscanning would be of much use in executing the attack.
This protection should eventually be applied to T4190, too (that task also has other considerations).
Test Plan: Set rate limit very low, hit rate limit.
Reviewers: btrahan
Reviewed By: btrahan
Subscribers: epriestley
Maniphest Tasks: T6755
Differential Revision: https://secure.phabricator.com/D12168
Summary:
Fixes T7602. This is similar to the existing behavior for "changes planned" and "needs revision" revisions.
Also fix the "Update Diff" workflow so it correctly selects closed revisions as attachable.
Test Plan: Updated an abandoned revision, saw it change to "Needs Review".
Reviewers: btrahan
Reviewed By: btrahan
Subscribers: epriestley
Maniphest Tasks: T7602
Differential Revision: https://secure.phabricator.com/D12167