1
0
Fork 0
mirror of https://we.phorge.it/source/phorge.git synced 2024-11-24 07:42:40 +01:00
Commit graph

6270 commits

Author SHA1 Message Date
epriestley
888b3839e7 Prepare to route VCS connections through SSH
Summary:
Fixes T2229. This sets the stage for a patch similar to D7417, but for SSH. In particular, SSH 6.2 introduced an `AuthorizedKeysCommand` directive, which lets us do this in a mostly-reasonable way without needing users to patch sshd (if they have a recent enough version, at least).

The way the `AuthorizedKeysCommand` works is that it gets run and produces an `authorized_keys`-style file fragment. This isn't ideal, because we have to dump every key into the result, but should be fine for most installs. The earlier patch against `sshd` passes the public key itself, which allows the script to just look up the key. We might use this eventually, since it can scale much better, so I haven't removed it.

Generally, auth is split into two scripts now which mostly do the same thing:

  - `ssh-auth` is the AuthorizedKeysCommand auth, which takes nothing and dumps the whole keyfile.
  - `ssh-auth-key` is the slightly cleaner and more scalable (but patch-dependent) version, which takes the public key and dumps only matching options.

I also reworked the argument parsing to be a bit more sane.

Test Plan:
This is somewhat-intentionally a bit obtuse since I don't really want anyone using it yet, but basically:

  - Copy `phabricator-ssh-hook.sh` to somewhere like `/usr/libexec/openssh/`, chown it `root` and chmod it `500`.
    - This script should probably also do a username check in the future.
  - Create a copy of `sshd_config` and fix the paths/etc. Point the KeyScript at your copy of the hook.
  - Start a copy of sshd (6.2 or newer) with `-f <your config file>` and maybe `-d -d -d` to foreground and debug.
  - Run `ssh -p 2222 localhost` or similar.

Specifically, I did this setup and then ran a bunch of commands like:

  - `ssh host` (denied, no command)
  - `ssh host ls` (denied, not supported)
  - `echo '{}' | ssh host conduit conduit.ping` (works)

Reviewers: btrahan

Reviewed By: btrahan

CC: hach-que, aran

Maniphest Tasks: T2229, T2230

Differential Revision: https://secure.phabricator.com/D7419
2013-10-29 15:32:40 -07:00
epriestley
c7f23f522a Accept and route VCS HTTP requests
Summary:
Mostly ripped from D7391, with some changes:

  - Serve repositories at `/diffusion/X/`, with no special `/git/` or `/serve/` URI component.
    - This requires a little bit of magic, but I got the magic working for Git, Mercurial and SVN, and it seems reasonable.
    - I think having one URI for everything will make it easier for users to understand.
    - One downside is that git will clone into `X` by default, but I think that's not a big deal, and we can work around that in the future easily enough.
  - Accept HTTP requests for Git, SVN and Mercurial repositories.
  - Auth logic is a little different in order to be more consistent with how other things work.
  - Instead of AphrontBasicAuthResponse, added "VCSResponse". Mercurial can print strings we send it on the CLI if we're careful, so support that. I did a fair amount of digging and didn't have any luck with git or svn.
  - Commands we don't know about are assumed to require "Push" capability by default.

No actual VCS data going over the wire yet.

Test Plan:
Ran a bunch of stuff like this:

  $ hg clone http://local.aphront.com:8080/diffusion/P/
  abort: HTTP Error 403: This repository is not available over HTTP.

...and got pretty reasonable-seeming errors in all cases. All this can do is produce errors for now.

Reviewers: hach-que, btrahan

Reviewed By: hach-que

CC: aran

Maniphest Tasks: T2230

Differential Revision: https://secure.phabricator.com/D7417
2013-10-29 15:32:40 -07:00
epriestley
bb35f8ec9f Add hosting, serving, and push policy options to repository edit
Summary:
Basically straight from D7391. The differences are basically:

  - Policy stuff is all application-scope instead of global-scope.
  - Made a few strings a little nicer.
  - Deleted a bit of dead code.
  - Added a big "THIS DOESN'T WORK YET" warning.

Test Plan: See screenshots.

Reviewers: hach-que, btrahan

Reviewed By: hach-que

CC: aran

Maniphest Tasks: T2230

Differential Revision: https://secure.phabricator.com/D7416
2013-10-29 15:32:40 -07:00
epriestley
86fe020a97 Add global "push" policy to Repositories
Summary: No editing or view yet, just adds the schema and a policy default. Part of D7391.

Test Plan: `bin/storage upgrade`

Reviewers: hach-que, btrahan

Reviewed By: hach-que

CC: aran

Maniphest Tasks: T2230

Differential Revision: https://secure.phabricator.com/D7415
2013-10-29 15:32:40 -07:00
epriestley
ba63c5e426 Ship "Repositories" create button to new Diffusion workflow
Summary: Ref T2231. Get rid of the old create controller and make the button go to the new stuff instead. This will eventually get cleaned up more, but I don't have a clear plan for Arcanist Projects yet.

Test Plan: Clicked button, hit new workflow.

Reviewers: btrahan

Reviewed By: btrahan

CC: aran

Maniphest Tasks: T2231

Differential Revision: https://secure.phabricator.com/D7414
2013-10-29 15:32:39 -07:00
epriestley
5f6ea9f662 Activate the new Repository creation workflow
Summary:
Ref T2231. This:

  - Activates the new multi-step workflow, and exposes it in the UI.
  - Adds "can create", "default view" and "default edit" capabilities.
  - Provides a default value for `repository.default-local-path` and forces repositories into it by default. It's still editable, but Phabricator gets it correct (for some definition of correct) by default now.

Test Plan: Created some new repositories with the new workflow.

Reviewers: btrahan

Reviewed By: btrahan

CC: aran

Maniphest Tasks: T1286, T2231

Differential Revision: https://secure.phabricator.com/D7413
2013-10-29 15:32:39 -07:00
epriestley
c585f97e90 Remove horrible old repository edit controller
Summary:
Ref T2231. I didn't port these options over, so they're still supported but have no edit UI:

  - Pull Frequency (confusing/not useful, I think?)
  - Default Owners Path (probably used only by Facebook and only in the E repository)
  - Show user in public repository URL (probably mostly obsolete with hosting?)

We can add those back if users notice, but they seem like the three least useful options so I'm going to see if we can get away with removing them.

Test Plan: Clicked "Edit" from Repositories, got kicked into the nice new Diffusion edit UI instead of the old one.

Reviewers: btrahan

Reviewed By: btrahan

CC: aran

Maniphest Tasks: T2231

Differential Revision: https://secure.phabricator.com/D7410
2013-10-29 15:32:39 -07:00
Chad Little
6bdedfe679 Add ObjectBox to Condiut Cert Page
Summary: adds a box, Fixes T4033

Test Plan: look at box

Reviewers: epriestley

Reviewed By: epriestley

CC: Korvin, epriestley, aran

Maniphest Tasks: T4033

Differential Revision: https://secure.phabricator.com/D7437
2013-10-29 14:54:10 -07:00
Chad Little
ec83a844f8 Proteins 2013-10-29 14:23:30 -07:00
epriestley
d1ed816e61 Move "Delete Repository" stuff to Diffusion
Summary: Ref T2231. This just moves the "Delete" dialog from Repositories to Diffusion. This dialog just shows instructions and isn't interesting.

Test Plan: {F75093}

Reviewers: btrahan, chad

Reviewed By: chad

CC: aran

Maniphest Tasks: T2231

Differential Revision: https://secure.phabricator.com/D7412
2013-10-29 12:26:07 -07:00
epriestley
7c23960de8 Use status header stuff for "Edit Repository"
Summary: Ref T2231. Use status info element instead of tags.

Test Plan: {F75092}

Reviewers: chad, btrahan

Reviewed By: chad

CC: aran

Maniphest Tasks: T2231

Differential Revision: https://secure.phabricator.com/D7411
2013-10-29 12:24:03 -07:00
epriestley
c4cdb5c5f0 Move editing "Local Path" to modern UI/controller/etc
Summary: Fixes T1286. Ref T2231. See previous diffs; same as the others but does "Local Path".

Test Plan: See screenshots.

Reviewers: btrahan

Reviewed By: btrahan

CC: aran

Maniphest Tasks: T1286, T2231

Differential Revision: https://secure.phabricator.com/D7409
2013-10-29 12:20:26 -07:00
Chad Little
e1683f353e Add plain status icon colors
Summary: This adds a set of plain (blueish) icons for use instead of black.

Test Plan: Photoshop

Reviewers: epriestley, btrahan

Reviewed By: epriestley

CC: Korvin, epriestley, aran

Differential Revision: https://secure.phabricator.com/D7434
2013-10-28 09:25:18 -07:00
Chad Little
e04eeea7a5 Revert changeset css changes
Summary: I changed some CSS here that was not intended.

Test Plan: Reload a few Diffs, no bottom padding at last diff now.

Reviewers: epriestley, btrahan

CC: Korvin, epriestley, aran

Differential Revision: https://secure.phabricator.com/D7433
2013-10-28 08:27:41 -07:00
Chad Little
7757c9c867 Touch up comments are hidden box
Summary: Adds consistent spacing, color to this interactive box. Also, I changed it to yellow, if its too much lemme know but feels ok.

Test Plan: tested new colors in differential

Reviewers: epriestley

Reviewed By: epriestley

CC: Korvin, epriestley, aran

Differential Revision: https://secure.phabricator.com/D7422
2013-10-26 14:42:32 -07:00
Chad Little
fe8751bea6 Fix Remarkup sprite, tweak Transactions
Summary: This fixes the sprite for remarkup and does some minor tweaks for transactions (so Differential looks a little more like timeline)

Test Plan: tested remarkup, differential

Reviewers: epriestley, btrahan

CC: Korvin, epriestley, aran

Differential Revision: https://secure.phabricator.com/D7418
2013-10-26 08:43:34 -07:00
epriestley
796db9f9c6 Sort out application crumbs in new repository edit workflow
Summary: Ref T2231. Crumbs in the Diffusion edit workflow are a bit wonky, with stuff like "rP (master)" which isn't very useful and no link back to the main "Edit" page. Make them consistent across all the screens.

Test Plan: Loaded a bunch of these screens and saw sane crumbs on all of them.

Reviewers: btrahan

Reviewed By: btrahan

CC: aran

Maniphest Tasks: T2231

Differential Revision: https://secure.phabricator.com/D7407
2013-10-25 15:58:58 -07:00
epriestley
1975bdfb36 Work around a bug in PHP 5.3-ish with abstract methods in interfaces
Summary:
@chad is hitting an issue described in P961, which I think is this bug in PHP: https://bugs.php.net/bug.php?id=43200

Work around it by defining a "PHIDInterface" and having both "Flaggable" and "Policy" extend it, so that there is only one `getPHID()` declaration.

Test Plan: shrug~

Reviewers: chad, btrahan

Reviewed By: chad

CC: chad, aran

Differential Revision: https://secure.phabricator.com/D7408
2013-10-25 15:58:17 -07:00
epriestley
e81bad9ba2 Improve consistency of policy enforcement on new repository edit UI
Summary: Ref T2231. The policy rules are a little murky right now: the "Edit Repository" link requires CAN_EDIT, but the actualy page doesn't. Instead, require CAN_EDIT for the edit page.

Test Plan: As a user without CAN_EDIT, viewed a repository and clicked the edit link.

Reviewers: btrahan

Reviewed By: btrahan

CC: aran

Maniphest Tasks: T2231

Differential Revision: https://secure.phabricator.com/D7406
2013-10-25 15:58:02 -07:00
epriestley
b57b72368c Move "Remote URI" to modern repository editor thing
Summary:
Ref T2231. Allows you to edit the remote URI and credentials.

This is a little bit funky because I'm reusing some of the pages on the new (not-yet-hooked-up) create form. Specifically, it had pages like this:

  - Repo Type
  - Name/Callsign/Remote
  - Auth
  - Done

I split "Name/Callsign/Remote" into "Name/Callsign" and "Remote", then when editing the remote I just take you through "Remote" and "Auth" and then back. This lets us reuse the giant pile of protocol/URI sanity checking logic and ends up being pretty clean, although it's a little weird that the "Create" controller does both full-create and edit-remote.

Test Plan: See screenshots.

Reviewers: btrahan, chad

Reviewed By: btrahan

CC: chad, aran

Maniphest Tasks: T2231

Differential Revision: https://secure.phabricator.com/D7405
2013-10-25 13:59:02 -07:00
epriestley
52d4e66883 Move repository actions (notify, autoclose) to new UI
Summary: Ref T2231. Brings "Notify/Publish" and "Autoclose" to the new UI.

Test Plan: See screenshots.

Reviewers: btrahan, chad

Reviewed By: btrahan

CC: aran

Maniphest Tasks: T2231

Differential Revision: https://secure.phabricator.com/D7402
2013-10-25 13:58:15 -07:00
epriestley
49670e1a56 Move Subversion repository information to the new interface
Summary: Ref T2231. Moves "UUID" and "Subpath/Import Only" to Diffusion.

Test Plan: See screenshots.

Reviewers: btrahan, chad

Reviewed By: btrahan

CC: aran

Maniphest Tasks: T2231

Differential Revision: https://secure.phabricator.com/D7400
2013-10-25 13:58:03 -07:00
epriestley
dcb0b1b64f Add support for branch-related configuration to new Repository edit workflow
Summary: Ref T2231. Modernizes editing "Default Branch", "Track Only", and "Autoclose Only".

Test Plan: See screenshots.

Reviewers: btrahan, chad

Reviewed By: btrahan

CC: aran

Maniphest Tasks: T2231

Differential Revision: https://secure.phabricator.com/D7399
2013-10-25 13:57:14 -07:00
Bob Trahan
64f3c9b3da Forgot a pht on my last diff
Summary: also add a few more words

Test Plan: looks good!

Reviewers: epriestley

Reviewed By: epriestley

CC: Korvin, epriestley, aran

Differential Revision: https://secure.phabricator.com/D7404
2013-10-25 12:57:42 -07:00
Bob Trahan
da84546058 Add filter by object ability to flag query
Summary: See title. Fixes T1809.

Test Plan:
verified each type that has flaggable interface still can be flagged

verified that new custom query filter works

Reviewers: epriestley

Reviewed By: epriestley

CC: Korvin, epriestley, aran

Maniphest Tasks: T1809

Differential Revision: https://secure.phabricator.com/D7392
2013-10-25 12:52:00 -07:00
Erik Fercak
203d82083a Allow prefilling a task's assignee by his PHID
Summary: Some scripts might find it easier to work with PHIDs instead of user names.

Test Plan:
Use ?assign=<username> and ?assign=<PHID-USER> with the create task URI.
See assignee input being filled correctly.

Reviewers: #blessed_reviewers, epriestley

Reviewed By: epriestley

CC: epriestley, aran, Korvin

Differential Revision: https://secure.phabricator.com/D7401
2013-10-25 11:35:35 -07:00
Chad Little
e478706769 PHUIInfoPanel
Summary: First cut of an 'info panel' for phabricator. Basic concept is for display a list of items with a bit more info and depth and an object item list. Projects could be a good first example.

Test Plan: UIExamples

Reviewers: epriestley, btrahan

Reviewed By: epriestley

CC: Korvin, epriestley, aran

Differential Revision: https://secure.phabricator.com/D7398
2013-10-25 11:09:06 -07:00
Chad Little
d9c13fc979 Merge branches 'master' and 'master' of github.com:facebook/phabricator 2013-10-25 11:08:41 -07:00
Erik Fercak
1fb2f39fc0 Enable prefilling of projects and priority fields in Maniphest task creation
Summary:
Projects and priority inputs can be prefilled similar to how title
and description fields work.

Prefilling of projects already worked but used PHIDs instead of
more user friendly name so I changed that too.

Test Plan:
Visit [[/maniphest/task/create/?projects=Maniphest;Easy&priority=100&assign=vrana&title=Hip-hip&description=hooray!|example]]
and see prefilled form fields.

Reviewers: epriestley, #blessed_reviewers

Reviewed By: epriestley

CC: Korvin, epriestley, aran

Differential Revision: https://secure.phabricator.com/D7394
2013-10-25 10:20:32 -07:00
epriestley
6a169de967 Update install documentation to include FreeBSD
Summary:
Fixes T4024.

  - Mention FreeBSD by name.
  - Make "install this on a normal computer" more explicit.
  - Make "install this on a entire domain" more explicit.

Test Plan:
{F74892}

{F74891}

Reviewers: btrahan, chad

Reviewed By: chad

CC: aran

Maniphest Tasks: T4024

Differential Revision: https://secure.phabricator.com/D7397
2013-10-25 08:58:42 -07:00
epriestley
0c2b4dbfff Fix header of "Change Password" form
Summary: Fixes T4025.

Test Plan: {F74873}

Reviewers: btrahan, chad

Reviewed By: chad

CC: aran

Maniphest Tasks: T4025

Differential Revision: https://secure.phabricator.com/D7395
2013-10-25 08:57:35 -07:00
epriestley
9e87172166 Make remarkup rules runtime-pluggable in a reasonable way
Summary:
Gets rid of some old Differential-specific nonsense and replaces it with general runtime-pluggable Remarkup rules.

Facebook: This removes two options which may be in use. Have any classes being added via config here just subclass the new abstract bases instead. This should take 5 seconds to fix. You can adjust order by overriding `getPriority()` on the rules, if necessary.

Test Plan: See comments.

Reviewers: btrahan

Reviewed By: btrahan

CC: FacebookPOC, andrewjcg, aran

Differential Revision: https://secure.phabricator.com/D7393
2013-10-24 17:26:07 -07:00
Chad Little
87a440888d Minor Differential CSS
Summary: More Diffusion/Differential touch ups, ToC, etc.

Test Plan: Look at colors, see that they match or look better.

Reviewers: epriestley, btrahan

Reviewed By: btrahan

CC: Korvin, epriestley, aran

Maniphest Tasks: T3952

Differential Revision: https://secure.phabricator.com/D7386
2013-10-23 13:35:20 -07:00
Chad Little
18931ec4c0 Update Apps Installed icons to match Projects.
Summary: Changes to checkmark and crossed circle to match active projects

Test Plan: installed and uninstalled an application. poor conpherence.

Reviewers: epriestley, btrahan

Reviewed By: btrahan

CC: Korvin, epriestley, aran

Differential Revision: https://secure.phabricator.com/D7390
2013-10-23 13:28:47 -07:00
Chad Little
2b21b4e880 Add search app icon
Summary: It's an icon. For Search. Fixes T3966

Test Plan: Search

Reviewers: epriestley, btrahan

Reviewed By: epriestley

CC: Korvin, epriestley, aran

Maniphest Tasks: T3966

Differential Revision: https://secure.phabricator.com/D7389
2013-10-23 11:30:52 -07:00
Chad Little
e73ecb96e0 White hover policy icons
Summary: Makes a white hover icon show on the policy dropdown. Also fixed some spacing. Fixes T4017

Test Plan: hover over the policy dropdown

Reviewers: epriestley

Reviewed By: epriestley

CC: Korvin, epriestley, aran

Maniphest Tasks: T4017

Differential Revision: https://secure.phabricator.com/D7388
2013-10-23 10:16:09 -07:00
epriestley
2c3d071a26 Improve exception behavior for Herald commit rules which fail to load diff context
Summary:
This code is a little funky right now, and can return `array("error message")` and then try to call `getHunks()` on it. Additionally, each field loads the commit's changes separately.

Instead, load the commit's changes once and cache them, and handle exceptions appropriately.

Test Plan:
  - Created a rule like "changed, added, removed content all match /.*/" to force all fields to generate.
  - Ran it successfully.
  - Faked an error and ran it, got reasonable results.

Reviewers: btrahan

Reviewed By: btrahan

CC: bigo, aran

Differential Revision: https://secure.phabricator.com/D7384
2013-10-23 08:28:58 -07:00
epriestley
b5a009337f Harbormaster v(-2)
Summary:
Ref T1049. I don't really want to sink too much time into this right now, but a seemingly reasonable architecture came to me in a dream. Here's a high-level overview of how things fit together:

  - **"Build"**: In Harbormaster, "build" means any process we want to run against a working copy. It might actually be building an executable, but it might also be running lint, running unit tests, generating documentation, generating symbols, running a deploy, setting up a sandcastle, etc.
  - `HarbormasterBuildable`: A "buildable" is some piece of code which build operations can run on. Generally, this is either a Differential diff or a Diffusion commit. The Buildable class just wraps those objects and provides a layer of abstraction. Currently, you can manually create a buildable from a commit. In the future, this will be done automatically.
  - `HarbormasterBuildStep`: A "build step" is an individual build operation, like "run lint", "run unit", "build docs", etc. The step defines how to perform the operation (for example, "run unit tests by executing 'arc unit'"). In this diff, this barely exists.
  - `HarbormasterBuildPlan`: This glues together build steps into groups or sequences. For example, you might want to "run unit", and then "deploy" if the tests pass. You can create a build plan which says "run step "unit tests", then run step "deploy" on success" or whatever. In the future, these will also contain triggers/conditions ("Automatically run this build plan against every commit") and probably be able to define failure actions ("If this plan fails, send someone an email"). Because build plans will run commands, only administrators can manage them.
  - `HarbormasterBuild`: This is the concrete result of running a `BuildPlan` against a `Buildable`. It tracks the build status and collects results, so you can see if the build is running/successful/failed. A `Buildable` may have several `Build`s, because you can execute more than one `BuildPlan` against it. For example, you might have a "documentation" build plan which you run continuously against HEAD, but a "unit" build plan which you want to run against every commit.
  - `HarbormasterBuildTarget`: This is the concrete result of running a `BuildStep` against a `Buildable`. These are children of `Build`. A step might be able to produce multiple targets, but generally this is something like "Unit Tests" or "Lint" and has an overall status, so you can see at a glance that unit tests were fine but lint had some issues.
  - `HarbormasterBuildItem`: An optional subitem for a target. For lint, this might be an individual file. For unit tests, an individual test. For normal builds, an executable. For deploys, a server. For documentation generation, there might just not be subitems.
  - `HarbormasterBuildLog`: Provides extra information, like command/execution transcripts. This is where stdout/stderr will get dumped, and general details and other messages.
  - `HarbormasterBuildArtifact`: Stores side effects or results from build steps. For example, something which builds a binary might put the binary in "Files" and then put its PHID here. Unit tests might put coverage information here. Generally, any build step which produces some high-level output object can use this table to record its existence.

This diff implements almost nothing and does nothing useful, but puts most of these object relationships in place. The two major things you can't easily do with these objects are:

  1) Run arbitrary cron jobs. Jenkins does this, but it feels tacked on and I don't know of anyone using it for that. We could create fake Buildables to get a similar effect, but if we need to do this I'd rather do it elsewhere in general. Build and cron/service/monitoring feel like pretty different problems to me.
  2) Run parameterized/matrix steps (maybe?). Bamboo has this plan/stage/task/job breakdown where a build step can generate a zillion actual jobs, like "build client on x86", "build server on x86", "build client on ARM", "build server on ARM", etc. We can sort of do this by having a Step map to multiple Targets, but I haven't really thought about it too much and it may end up being not-great. I'd guess we have like an 80% chance of getting a clean implementation if/when we get there. I suspect no one actually needs this, or when they do they'll just implement a custom Step and it can be parameterized at that level. I'm not too worried about this overall.

The major difference between this and Jenkins/Bamboo/TravisCI is that all three of those are **plan-centric**: the primary object in the system is a build plan, and the dashboard shows you all your build plans and the current status. I don't think this is the right model. One disadvantage is that you basically end up with top-level messaging that says "Trunk is broken", not "Trunk was broken by commit af32f392f". Harbormaster is **buildable-centric**: the primary object in the system is stuff you can run build operations against (commits/branches/revisions), and actual build plans are secondary. The main view will be "recent commits on this branch, and whether they're good or not" -- which I think is what's most important in a larger/more complex product -- not the pass/fail status of all jobs. This also makes it easier and more natural to integrate with Differential and Diffusion, which both care about the overall status of the commit/revision, not the current status of jobs.

Test Plan: Poked around, but this doesn't really do anything yet.

Reviewers: btrahan

Reviewed By: btrahan

CC: zeeg, chad, aran, seporaitis

Maniphest Tasks: T1049

Differential Revision: https://secure.phabricator.com/D7368
2013-10-22 15:01:06 -07:00
epriestley
fd27538e89 Add project history and title strings
Summary: Ref T4010. Adds a history page and restores the transaction title strings, which previously sort-of existed in the defunct feed story class.

Test Plan: See screenshots.

Reviewers: chad, btrahan

Reviewed By: chad

CC: aran

Maniphest Tasks: T4010

Differential Revision: https://secure.phabricator.com/D7371
2013-10-22 13:49:37 -07:00
epriestley
9b89e137cf Move Project transaction storage to modern tables
Summary:
Ref T4010. Projects have a weird proto-version of ApplicationTransactions which is very similar but not quite the same.

Move the storage to a modern format, but keep all the other code for now.

Test Plan: Migrated project transactions; edited projects.

Reviewers: btrahan, chad

Reviewed By: btrahan

CC: aran

Maniphest Tasks: T4010

Differential Revision: https://secure.phabricator.com/D7370
2013-10-22 13:49:28 -07:00
epriestley
90b83d7a92 Fix logged-out Diffusion calls to Conduit
Summary:
Conduit doesn't currently have an analog to "shouldAllowPublic", so the recent policy checks added here caught legitimate Conduit calls when viewing Diffusion as a logged-out user.

Add `shouldAllowPublic()` and set it for all the Diffusion queries.

(More calls probably need this, but we can add it when we hit them.)

Test Plan: Looked at Diffusion as a logged-out user with public access enabled.

Reviewers: btrahan

Reviewed By: btrahan

CC: aran

Differential Revision: https://secure.phabricator.com/D7380
2013-10-22 13:47:52 -07:00
epriestley
7dd31a16d9 Fix chatlog application query integration
Summary: `class_exists()` is case-insensitive, but `PhabricatorApplication::getByClass()` is not.

Test Plan: Fixed unit test to fail, then fixed code to pass unit test.

Reviewers: btrahan

Reviewed By: btrahan

CC: aran

Differential Revision: https://secure.phabricator.com/D7379
2013-10-22 13:47:47 -07:00
Chad Little
e14ba56394 Add top border back to section-headers
Summary: This adds back the top border on section headers and cleans up the tab CSS just a hair.

Test Plan: tested files, tasks, and custom field profile.

Reviewers: epriestley, btrahan

CC: Korvin, epriestley, aran

Differential Revision: https://secure.phabricator.com/D7378
2013-10-22 08:49:13 -07:00
epriestley
d7a276346f Add a secret board view to Projects
Summary:
Ref T1344. This is //very// rough. Some UI issues:

  - Empty states for the board and columns are junky.
  - Column widths are crazy. I think we need to set them to fixed-width, since we may have an arbitrarily large number of columns?
  - I don't think we have the header UI elements in M10 yet and that mock is pretty old, so I sort of very roughly approximated it.
  - What should we do when you click a task title? Popping the whole task in a dialog is possible but needs a bunch of work to actually work. Might need to build "sheets" or something.
  - Icons are slightly clipped for some reason.
  - All the backend stuff is totally faked.

Generally, my plan is just to use these to implement all of T390. Specifically:

  - "Kanban" projects will have "Backlog" on the left. You'll drag them toward the right as you make progress.
  - "Milestone" projects will have "No Milestone" on the left, then "Milestone 9", "Milestone 8", etc.
  - "Sprint" projects will have "Backlog" on the left, then "Sprint 31", "Sprint 30", etc.

So all of these things end up being pretty much exactly the same, with some minor text changes and new columns showing up on the left vs the right or whatever.

Test Plan: See screenshot.

Reviewers: chad, btrahan

Reviewed By: btrahan

CC: chad, aran, sascha-egerer

Maniphest Tasks: T1344

Differential Revision: https://secure.phabricator.com/D7374
2013-10-21 21:11:36 -07:00
epriestley
2a5c987c71 Lock policy queries to their applications
Summary:
While we mostly have reasonable effective object accessibility when you lock a user out of an application, it's primarily enforced at the controller level. Users can still, e.g., load the handles of objects they can't actually see. Instead, lock the queries to the applications so that you can, e.g., never load a revision if you don't have access to Differential.

This has several parts:

  - For PolicyAware queries, provide an application class name method.
  - If the query specifies a class name and the user doesn't have permission to use it, fail the entire query unconditionally.
  - For handles, simplify query construction and count all the PHIDs as "restricted" so we get a UI full of "restricted" instead of "unknown" handles.

Test Plan:
  - Added a unit test to verify I got all the class names right.
  - Browsed around, logged in/out as a normal user with public policies on and off.
  - Browsed around, logged in/out as a restricted user with public policies on and off. With restrictions, saw all traces of restricted apps removed or restricted.

Reviewers: btrahan

Reviewed By: btrahan

CC: aran

Differential Revision: https://secure.phabricator.com/D7367
2013-10-21 17:20:27 -07:00
epriestley
32dd8af9e5 Reduce surface area of DifferentialComment API
Summary:
Ref T2222. Shrink the API to make it easier to move this object's storage to ApplicationTransactions.

Fixes T3415. This moves the "Summary" and "Test Plan" into the property list, and thereby fixes all the attribution problems associated with commandeering, creating a revision from another user's diff, etc.

Test Plan: Browsed several revisions.

Reviewers: btrahan

Reviewed By: btrahan

CC: aran

Maniphest Tasks: T3415, T2222

Differential Revision: https://secure.phabricator.com/D7375
2013-10-21 17:01:27 -07:00
epriestley
cf1c06e157 Add custom field storage to Projects
Summary: Ref T4010. Adds storage and indexes for custom fields. These tables are the same as people/maniphest/differential.

Test Plan: Ran `bin/storage upgrade`.

Reviewers: chad, btrahan

Reviewed By: chad

CC: aran

Maniphest Tasks: T4010

Differential Revision: https://secure.phabricator.com/D7369
2013-10-21 17:01:13 -07:00
epriestley
8994a81b35 Make event-triggered actions more aware of application access
Summary:
Fixes T3675.

  - Maniphest had a couple of old non-event listeners; move them to events.
  - Make most of the similar listeners a little more similar.
  - Add checks for access to the application.

Test Plan:
  - Viewed profile, project, task, revision.
  - Clicked all the actions.
  - Blocked access to various applications and verified the actions vanished.

Reviewers: btrahan

Reviewed By: btrahan

CC: aran

Maniphest Tasks: T3675

Differential Revision: https://secure.phabricator.com/D7365
2013-10-21 17:00:50 -07:00
epriestley
d66972c9f2 Tie application event listeners to the applications they listen for
Summary:
Ref T3675. Some of these listeners shouldn't do their thing if the viewer doesn't have access to an application (for example, users without access to Differential should not be able to "Edit Tasks"). Set the stage for that:

  - Introduce `PhabricatorEventListener`, which has an application.
  - Populate this for event listeners installed by applications.
  - Rename the "PeopleMenu" listeners to "ActionMenu" listeners, which better describes their modern behavior.

This doesn't actually change any behaviors.

Test Plan: Viewed Maniphest, Differntial, People.

Reviewers: btrahan, chad

Reviewed By: btrahan

CC: aran

Maniphest Tasks: T3675

Differential Revision: https://secure.phabricator.com/D7364
2013-10-21 17:00:21 -07:00
epriestley
c69beb7988 Stop writes to the old Relationship table
Summary: Ref T1279. The new stuff seems stable, so stop writes to the old tables.

Test Plan:
  - Added and removed reviewers.
  - Grepped for `::RELATIONSHIP_TABLE` to verify we really have no more reads.
  - Grepped for `::RELATION_REVIEWER`.

Reviewers: btrahan

Reviewed By: btrahan

CC: aran

Maniphest Tasks: T1279

Differential Revision: https://secure.phabricator.com/D7360
2013-10-21 16:59:22 -07:00