1
0
Fork 0
mirror of https://we.phorge.it/source/phorge.git synced 2024-12-27 16:00:59 +01:00
Commit graph

246 commits

Author SHA1 Message Date
epriestley
3c30ea41f1 Enable multiple web sessions
Summary:
Conduit already has multiple-session code, just move it to the main
establishSession() method and set a web session limit larger than 1.

NOTE: This will log everyone out since we no longer look for the "web" session,
only for "web-1", "web-2", ..., etc. Presumably this doesn't matter.

Test Plan:
Applied patch, was logged out. Logged in in Safari. Verified I was issued
"web-1". Logged in in Firefox. Verified I was issued "web-2".

Kept logging in and out until I got issued "web-5", then did it again and was
issued "web-1" with a new key.

Ran conduit methods and verified they work and correctly cycled session keys.

Reviewed By: tuomaspelkonen
Reviewers: tuomaspelkonen, jungejason, aran
Commenters: jungejason
CC: rm, fzamore, ola, aran, epriestley, jungejason, tuomaspelkonen
Differential Revision: 264
2011-05-12 18:45:19 -07:00
epriestley
f9f8ef0e6e Admin and disabled flags for users
Summary:
Provide an "isAdmin" flag for users, to designate administrative users.

Restore the account editing interface and allow it to set role flags and reset
passwords.

Provide an "isDisabled" flag for users and shut down all system access for them.

Test Plan:
Created "admin" and "disabled" users. Did administrative things with the admin
user. Tried to do stuff with the disabled user and was rebuffed. Tried to access
administrative interfaces with a normal non-admin user and was denied.

Reviewed By: aran
Reviewers: tuomaspelkonen, jungejason, aran
CC: ccheever, aran
Differential Revision: 278
2011-05-12 11:17:50 -07:00
epriestley
8391767d8c Improve setup process / documentation for outbound email configuration
Summary:
ccheever did an install and gave me some feedback about issues he hit. This
tries to:

  - properly document how to configure outbound email;
  - test outbound email configuration in the setup mode;
  - provide basic daemon documentation;
  - document that phabricator.base-uri is required for all installs.

Test Plan:
read documentation, jumped through all the setup branches to test configuration
error detection

Reviewed By: aran
Reviewers: tuomaspelkonen, jungejason, aran, rm
CC: ccheever, aran
Differential Revision: 276
2011-05-12 11:01:03 -07:00
epriestley
71efb46ba7 Support email multiplexing for private Reply-To addresses
Summary:
Provide a base PhabricatorMailReplyHandler class which handles the plumbing for
multiplexing email if necessary and supporting public and private reply handler
addressses. DifferentialReplyHandler now extends it, and a new
ManiphestReplyHandler also does.

The general approach here is that we have three supported cases:

  - no reply handler, default config, same as what we're doing now
  - public reply handler, requires overriding classes but just sets "reply-to"
to some address the install generates and still sends only one email
  - private reply handler, provides a default generation mechanism or you can
override it and splits mail apart so we send one to each recipient

Test Plan:
Sent email from Maniphest and Differential with and without
reply-handler-domains set.

Reviewed By: aran
Reviewers: jungejason, tuomaspelkonen, aran
CC: aran, epriestley
Differential Revision: 254
2011-05-11 20:21:57 -07:00
epriestley
3b8ff34f9b Fix some minor Celerity / ShapedRequest bugs:
- Force celerity to do disk reads in dev.
  - Clean up some ShapedRequest clownery.
2011-05-11 03:43:40 -07:00
epriestley
f7e2b03077 Add a "setup" mode which guides new users through application configuration
Summary:
Alters the installation instructions to guide installers into a "setup" mode
which does config file sanity checking.

Test Plan:
Put myself in setup mode, simulated all the failures it detects, took myself out
of setup mode, Phabricator works OK.

Reviewed By: tuomaspelkonen
Reviewers: jungejason, tuomaspelkonen, aran
CC: aran, tuomaspelkonen, epriestley
Differential Revision: 230
2011-05-10 15:12:30 -07:00
epriestley
e27c5f26e5 Allow Celerity to return "304 Not Modified" responses
Summary:
We always return HTTP 200 right now and don't send a "Last-Modified" header, so
browsers download more data then necessary if you sit on a page mashing reload
(for example).

Test Plan:
Used Charles to verify HTTP response codes from 400, 404 and 304 responses.

Mashed reload a bunch and saw that the server sent back 304s.

Changed the resource hash seed and saw 200s, then 304s on reload.

Reviewed By: tuomaspelkonen
Reviewers: tuomaspelkonen, jungejason, aran
CC: bmaurer, aran, tuomaspelkonen
Differential Revision: 253
2011-05-10 14:33:11 -07:00
jungejason
162f34b8c8 Add reply handler for differential revision
Summary:
add email reply handler so that the user can reply to a
differential email to act on the revision. It generates the reply-to
email address, creates email body text with supported commands list, and
handle the action request on the differential revision.

Right now the reply-to handing is disabled in the config file. But a
site using Phabricator can enable it and implement a class
inheriting from DifferentialReplyHandler to enable customized email
handing.

Later we will need to add code to DifferentialMail.php to support
sending separate email to each email recipient to achieve better
security (see D226). The reply-to will be something like
D<revision_id>+<user_id>+<hash>@domain.com. We will create separate task
for it.

Test Plan:
tried comment on a revision from web UI and the email was
sent out as before without any change. When a subclass of
DifferentialReplyHandler is implemented and enabled, email's reply-to is
set and email text is added. Reply to the email with valid command did
create action to the revision.

Reviewed By: epriestley
Reviewers: tuomaspelkonen, epriestley, slawekbiel, dpepper
CC: aran, epriestley, jungejason
Differential Revision: 224
2011-05-08 17:08:47 -07:00
epriestley
25dee6ecd2 Support email replies in Phabricator
Summary:
Provides support for per-user x per-object unique reply-to email addresses, plus
SMTP integration.

This does not actually make Phabricator use these in outbound email.

Test Plan:
Used test console to validate in-Phabricator routing and handling.

Piped emails into the "mail_handler.php" script to validate mail parsing.

Configured sendmail and sent mail to Phabricator.

Technically I haven't conducted all parts of this test on the same machine since
I lost the will to configure more SMTP servers after configuring phabricator.com

Reviewed By: jungejason
Reviewers: jungejason, tuomaspelkonen, aran
CC: aran, epriestley, jungejason
Differential Revision: 226
2011-05-05 14:58:57 -07:00
epriestley
03ebbccbc9 Restore image proxying to Remarkup
Summary:
Previously, Remarkup allowed you to paste in an image URI and get an inline
image. However, it did this by hotlinking the image which isn't so hot in an
open source product.

Restore this feature, but use image proxying instead. The existing image macro
code does most of the work.

There is a mild security risk depending on the network setup so I've left this
default-disabled and made a note about it. It should be safe to enable for
Facebook.

Test Plan:
Pasted in image and non-image links, got reasonable behavior. Verified proxying
appears to work. Verified that file:// shenanigans produce 400.

Reviewed By: tuomaspelkonen
Reviewers: aran, jungejason, tuomaspelkonen
Commenters: cpiro
CC: aran, cpiro, tuomaspelkonen
Differential Revision: 214
2011-05-03 18:49:06 -07:00
epriestley
7ca4835438 Simplify database initialization, fix default data
Summary:
Some users have had problems with the database initialization process, simplify
it by creating a new "initialize.sql" dump at v34.

I also populated this dump with the right landing screen (so all the tools
actually have links) and a default avatar.

Test Plan:
Dropped all databases, initialized according to documentation, ended up in a
good state with sensible defaults.

Reviewed By: jungejason
Reviewers: aran, jungejason, tuomaspelkonen
CC: aran, jungejason
Differential Revision: 210
2011-05-02 13:38:46 -07:00
epriestley
0e06cd85b7 Pygments support for Phabricator
Summary:
Thread a config option through, see D197.

Test Plan:
Source code gets highlighted.

Reviewed By: aran
Reviewers: aran, tomo, jungejason, tuomaspelkonen
CC: aran
Differential Revision: 198
2011-04-30 22:01:02 -07:00
epriestley
baab61a01e Correct a mask config value
Summary:
The correct name of this key is 'github.application-secret', not
'github.secret'. Make DarkConsole check that all the masked keys exist to
prevent this from happening again. This isn't super important since this
is just intended to protected against casual security lapses (taking a
screenshot with DarkCnosole's "Config" tab open, for instance) but it's easy
to check for so it seems worthwhile to get right.

Test Plan:
Loaded page without the actual config file change, got an exception.
Fixed the config, reloaded the page, good news goats (really trying to get this
to catch on since goats are adorable).

Reviewed By: aran
Reviewers: tuomaspelkonen, jungejason, aran
CC: aran
Differential Revision: 189
2011-04-30 11:56:16 -07:00
adonohue
c2893d8670 Hook for database configuration plugin
Summary:
This permits individual deployments to better configure their
database configuration, e.g. to allow more dynamic configuration that reacts
to database moves or master/slave replication.

Test Plan:
Browse

Reviewed By: epriestley
Reviewers: Girish, epriestley
CC: aran, epriestley
Differential Revision: 183
2011-04-29 19:41:16 -07:00
gpatangay
4a2981252f [phabricator] Add mysql slave and read-only database connections
Summary:
Add ability to define mysql slaves and then use that connection on 'r'
connection modes. 'w' connections go to the master server.

Test Plan:
- php -l and checkModule
 - worked in my devbox

Reviewed By: jungejason
Reviewers: dpepper, tuomaspelkonen, jungejason
CC: jungejason, aran
Revert Plan:
sure

Differential Revision: 175
2011-04-28 15:27:19 -07:00
epriestley
d7c27dafd2 Add config flags for Differential action link stuff. 2011-04-13 12:12:02 -07:00
epriestley
fa38b70ba6 Fix message IDs and Herald URIs. 2011-04-10 08:46:39 -07:00
epriestley
bb79418615 Don't send sandbox URIs in Herald messages. 2011-04-04 14:23:03 -07:00
epriestley
3af9919e1c Add 'phabricator.timezone' config for HPHP installs. 2011-04-02 17:21:16 -07:00
epriestley
370ba966db Rough cut of herald transcripts and Differential adapter. 2011-03-24 21:32:26 -07:00
epriestley
2b6f16dccd Merge branch 'master' of github.com:facebook/phabricator 2011-03-14 12:33:39 -07:00
epriestley
0986f8cbb9 Improve featureset for phd. 2011-03-14 12:33:20 -07:00
jungejason
4194e78943 Remove phabricator.conduit-uri config setting
Summary:
We have phabricator.conduit-uri in the config setting, but it
is always the phabricator uir appended with '/api'. So we just remove
this setting.

Test Plan:
test arc diff to make sure it still work.

Reviewed By: epriestley
Reviewers: epriestley
CC: jungejason, epriestley
Differential Revision: 71
2011-03-14 12:32:28 -07:00
epriestley
5970f9a0ec Get rid of git.path configuration, this is really an artifact of my system
being broken and probably macports' fault.
2011-03-14 09:43:06 -07:00
epriestley
0d8bac97ae Diffusion: basic browse view
Summary:
Synthesizes elements of Diffusion's browse view, Confusion's git
support and Phabricator's repository infrastructure to provide a basic browse
view for Phabricator Diffusion.

This is basically a straight port of Confusion but uses Phabricator's
Repository object and uses a real data object instead of arrays.

Test Plan:
Browsed Javelin in Phabricator at a very basic level.

Reviewed By: jwilson
Reviewers: aran, jwilson
CC: jwilson, epriestley
Differential Revision: 58
2011-03-07 18:28:39 -08:00
epriestley
2f3d98b24b Further OAuth modularization. 2011-02-28 10:15:42 -08:00
epriestley
d3efdcff03 Modularize oauth. 2011-02-27 20:38:11 -08:00
epriestley
0114a29681 Improve some of the top-level application hooks and setup messages.
Summary:

Test Plan:

Reviewers:

CC:
2011-02-24 14:52:57 -08:00
epriestley
21286a723e Lint slop and some cleanup.
Summary:

Test Plan:

Reviewers:

CC:
2011-02-22 09:22:57 -08:00
epriestley
17a4069f01 Security: tighten up the File tool against clowning around.
Summary:

Test Plan:

Reviewers:

CC:
2011-02-22 09:19:14 -08:00
epriestley
c3c16d0ac0 Github OAuth
Summary:

Test Plan:

Reviewers:

CC:
2011-02-21 00:23:24 -08:00
epriestley
3b7d73c41b Add a "Config" plugin to DarkConsole.
Summary: This plugin lets you see how the host is configured at runtime.

Test Plan:

Reviewers:

CC:
2011-02-11 16:48:43 -08:00
epriestley
3671f88a52 Minor conf tweaks.
Summary:

Test Plan:

Reviewers:

CC:
2011-02-11 16:12:24 -08:00
epriestley
2e4022aca8 Improve docs to a semi-defensible level.
Summary:

Test Plan:

Reviewers:

CC:
2011-02-11 14:58:45 -08:00
epriestley
616c22eae2 I think this improves email a good deal, although it's hard to really test it
since Exchange has been down for like 30 minutes now. Push & Pray!

Summary:

Test Plan:

Reviewers:

CC:
2011-02-09 11:11:24 -08:00
epriestley
8098954776 Add basic Amazon SES support.
Summary:

Test Plan:

Reviewers:

CC:
2011-02-07 21:08:32 -08:00
epriestley
f07e4f2c16 Make some email stuff work better.
Summary:

Test Plan:

Reviewers:

CC:
2011-02-06 14:22:09 -08:00
epriestley
0653270ac2 Update some config settings. 2011-02-06 11:54:45 -08:00
epriestley
605268f9aa Some acutal conduit authentication. 2011-02-05 22:36:21 -08:00
epriestley
de2a9c634c Differential lazyweb diff create workflow. 2011-02-05 12:20:18 -08:00
epriestley
addfe3aa79 DarkConsole toggle, workflow behavior. 2011-02-05 11:45:13 -08:00
epriestley
9dac0ed9f1 Bring in JX.Workflow and the inline commenting behavior, plus sync Javelin. 2011-02-01 15:52:04 -08:00
epriestley
4faad5b3f1 Add a default-send behavior to MetaMTA. 2011-01-31 21:13:38 -08:00
epriestley
1e561a2bbc Make MySQL stuff configurable 2011-01-31 16:50:08 -08:00
epriestley
e28c2e8899 Profile image stuff 2011-01-31 16:00:42 -08:00
epriestley
03fec6e911 PhabricatorEnv
'infratructure' -> 'infrastructure' (rofl)
Recaptcha
Email Login / Forgot Password
Password Reset
2011-01-31 11:55:26 -08:00