Summary: Fixes T12160. Lightbox thread view should be visible if file is public.
Test Plan:
Add a file to a task, log out, click on file in task, get lightbox and no error. Expand comments, see login box.
{F2867067}
{F2867088}
{F2867098}
{F2867114}
{F2867124}
Reviewers: epriestley
Reviewed By: epriestley
Subscribers: Korvin
Maniphest Tasks: T12160
Differential Revision: https://secure.phabricator.com/D17347
Summary: Fixes T12258. I think these constants are just flipped.
Test Plan: Kinda winged it.
Reviewers: chad
Reviewed By: chad
Maniphest Tasks: T12258
Differential Revision: https://secure.phabricator.com/D17346
Summary: Aligns the search result list to the right of the input box, adds a little space, removes a double border.
Test Plan: Search on desktop, mobile, tablet breakpoints. Double check normal typeahead results.
Reviewers: epriestley
Reviewed By: epriestley
Subscribers: Korvin
Differential Revision: https://secure.phabricator.com/D17345
Summary:
Ref T12237. This adds a UI cue for users who have unverified primary addresses, since we no longer send them mail.
Also adds a new `bin/mail unverify` to unverify an address (for example, because mail is bouncing).
Test Plan:
- Unverified my address, saw setup issue.
- Verified my address, no more setup issue.
{F2861820}
Reviewers: chad
Reviewed By: chad
Maniphest Tasks: T12237
Differential Revision: https://secure.phabricator.com/D17344
Summary: Fixes T12253.
Test Plan:
- Before change: used "Quote Comment", saw "In null, alice wrote:" in quoted text.
- After change: used "Quote Comment", saw proper reference to the commit/page. Clicked reference, was sent to the comment properly.
{F2859093}
Reviewers: chad, avivey
Reviewed By: avivey
Maniphest Tasks: T12253
Differential Revision: https://secure.phabricator.com/D17343
Summary: Ref T10390. This removes the "Copy Dashboard" feature, which was more of a crutch to assist in the complexity of building and maintaining dashboards. I think we're close enough now that removing this and adding in some simpler edit dialogs should negate any benefit to keeping this around. Also removed an un-used "Uninstall Dashboard" dialog.
Test Plan: Visit manage, edit, no longer see option to copy dashboard. grep /dashboards/ for "copy" and remove all traces. Add some panels to a dashboard I own.
Reviewers: epriestley
Reviewed By: epriestley
Subscribers: Korvin
Maniphest Tasks: T10390
Differential Revision: https://secure.phabricator.com/D17338
Summary: Fixes T4984. This is about as fancy as I want to get this pass. Adds in the list of panel titles and the author. This does give me a rough idea what's on each dashboard.
Test Plan:
Visit a list of dashboards and see various authors and panels.
{F2810876}
Reviewers: epriestley
Reviewed By: epriestley
Subscribers: Korvin
Maniphest Tasks: T4984
Differential Revision: https://secure.phabricator.com/D17340
Test Plan: attempted to create a new auth provider; observed that "enabled" ui element does not render. viewed existing auth provider and observed that "enabled" ui element still renders
Reviewers: #blessed_reviewers, epriestley
Reviewed By: #blessed_reviewers, epriestley
Subscribers: Korvin
Maniphest Tasks: T12245
Differential Revision: https://secure.phabricator.com/D17337
Summary: Fixes T12252.
Test Plan:
I just faked this, but likely repro is:
- Call method `x.y`.
- Remove method `x.y` from the codebase.
- View log.
Reviewers: chad
Reviewed By: chad
Maniphest Tasks: T12252
Differential Revision: https://secure.phabricator.com/D17342
Summary: Fixes T12224. This brings "Autopay" on the View controller into line with how it works on the Edit controller.
Test Plan:
- Viewed subscriptions with no autopay, valid autopay, and deleted autopay.
{F2750725}
Reviewers: chad
Reviewed By: chad
Maniphest Tasks: T12224
Differential Revision: https://secure.phabricator.com/D17334
Summary: Fixes T12213. Removes truncation and allows titles to be full width if needed.
Test Plan:
Chrome / Firefox / Safari on Mac, mobile and desktop widths.
{F2754679}
Reviewers: epriestley
Reviewed By: epriestley
Subscribers: Korvin
Maniphest Tasks: T12213
Differential Revision: https://secure.phabricator.com/D17336
Summary: Fixes T12243. That error occured due to network flakiness with some mounted filesystems so I'm not sure how best to simulate it. But you can look and see that the PhutilProxyException does indeed expect an exception as its second arg.
Test Plan: Look at method signature... look at callsite... now back at the method. Smile and nod.
Reviewers: #blessed_reviewers, yelirekim, epriestley
Reviewed By: #blessed_reviewers, epriestley
Subscribers: epriestley
Maniphest Tasks: T12243
Differential Revision: https://secure.phabricator.com/D17335
Summary: Ref T12232. I can't reproduce the original issue, but this should probably fix it without side effects?
Test Plan: Added a card with Stripe, but I could do that before too.
Reviewers: chad
Reviewed By: chad
Maniphest Tasks: T12232
Differential Revision: https://secure.phabricator.com/D17333
Summary: Fixes T12236. Headers are currently trying to generate an edit transaction for `maniphest.edit` and similar, but should not, since you can't edit them.
Test Plan:
- Configured Maniphest with a custom header field.
- Before change: `maniphest.edit` API console page fataled.
- After change: all good, no weird "header" transaction.
- Header still shows up on "Edit Task" form in web UI.
Reviewers: chad
Reviewed By: chad
Maniphest Tasks: T12236
Differential Revision: https://secure.phabricator.com/D17332
Summary: Ref T12240. When you "Reply All" to a Phabricator mail, we make an effort not to send the response to recipients who you hit with the original message. This isn't perfect and we can't always get it right, but the old description implies it's a bigger problem than it should be in practice.
Test Plan: Read text.
Reviewers: chad, eadler
Reviewed By: chad
Maniphest Tasks: T12240
Differential Revision: https://secure.phabricator.com/D17331
Summary: Ref T10390. This mostly shuffles layout into "View" and keepts "Manage" around for Edit/Copy/History. This feels better to me overall. Also tweaked some spacing and color.
Test Plan:
New Dashboard, edit Dashboard, shuffle panels. Create new panels.
{F2684043}
Reviewers: epriestley
Reviewed By: epriestley
Subscribers: Korvin
Maniphest Tasks: T10390
Differential Revision: https://secure.phabricator.com/D17326
Summary:
Ref T12237. This tightens our delivery rules, which previously sent normal mail to unverified addresses:
- We sent general mail to unverified addresses so that you wouldn't miss anything between the time you sign up (or have an account created) and the time you verify your address. This was imagined as a slight convenience for users.
- We sent automatic reply mail to unverified addresses if they sent mail to us first, saying "we don't recognize that address". This was imagined as a convenience for users who accidentally send mail "From" the wrong address (personal vs work, for example).
I think both behaviors are probably a little better for users on the balance, but not having mail providers randomly shut us off without warning is better for me, personally -- so stop doing this stuff.
This creates a problem which we likely need to solve before the release is cut:
- On installs which do not require mail verification, mail to you will now mostly-silently be dropped if you never bothered to verify your address.
I'd like to solve this by adding some kind of per-user alert that says "We recently tried to send you some mail but you haven't verified your address.", and giving them links to verify the address and review the mail. I'll pursue this after restoring mail service to `secure.phabricator.com`.
Test Plan:
- Added a unit test.
- Unverified my address, sent mail, saw it get dropped.
- Reverified my address, sent mail, saw it go through.
- Verified that important mail (password reset, invite, confirm-this-address) either uses "Force Delivery" (skips this check) or "Raw To Addresses" (also skips this check).
- Verified that Phacility instance stuff is also covered: it uses the same invite flow.
Reviewers: chad
Reviewed By: chad
Maniphest Tasks: T12237
Differential Revision: https://secure.phabricator.com/D17329
Summary: These colors are also off from the icon change.
Test Plan: Project -> Manage -> Edit Picture -> Choose Icon
Reviewers: epriestley, 20after4
Reviewed By: epriestley
Subscribers: Korvin
Differential Revision: https://secure.phabricator.com/D17328
Summary: Fixes T9336. Kind of a bit to back up and find the source, but works easily.
Test Plan: View feed, click on my image.
Reviewers: epriestley
Reviewed By: epriestley
Subscribers: Korvin
Maniphest Tasks: T9336
Differential Revision: https://secure.phabricator.com/D17322
Summary: Moves profile/project to use more standard colored boxes. Reverts dashboard border colors. Ensures better High-Contrast application more consistently across these projects. Also fix T12211.
Test Plan: Home, People, Projects in High Contrast / Standard
Reviewers: epriestley
Reviewed By: epriestley
Subscribers: Korvin
Maniphest Tasks: T12211
Differential Revision: https://secure.phabricator.com/D17321
Summary: These just cut off currently if the menu item name is too wide (like mobile). Add some ellipsis
Test Plan: Check long name on mobile action list menu
Reviewers: epriestley
Reviewed By: epriestley
Subscribers: Korvin
Differential Revision: https://secure.phabricator.com/D17319
Summary:
Fixes T12215. Two issues:
- We build this `$session` link out of `$ip`, which is (a) wrong even if `$ip` was the IP and (b) super wrong since `$ip` is a tag.
- These links don't work even if we'd built them right: searching by the //prefix// of a session identifier does nothing.
At least for now, just get rid of the links rather than trying to make this behavior work.
Test Plan:
On People > Activity logs:
- Before patch: Saw bad links with bogus targets in "session" column.
- After patch: Saw plain text in "session" column.
Reviewers: chad
Reviewed By: chad
Maniphest Tasks: T12215
Differential Revision: https://secure.phabricator.com/D17316
Summary: Fixes T12216. I'd like to remove this option eventually, but just narrow its scope in the config description for now.
Test Plan: Read config description.
Reviewers: chad
Reviewed By: chad
Maniphest Tasks: T12216
Differential Revision: https://secure.phabricator.com/D17317
Summary: Lots of little details, fix workboard bg colors, darken up global backgrounds just a hair, add more "widgety" look to dashboard panels, remove underline on anchors on mobile. Also Fixes T12210
Test Plan: Use lots of pages on mobile and desktop.
Reviewers: epriestley
Reviewed By: epriestley
Subscribers: Korvin
Maniphest Tasks: T12210
Differential Revision: https://secure.phabricator.com/D17315
Summary:
Ref T12207. Currently, to remove a panel from a dashboard, it must be a valid panel which you can see.
Instead, only require that the panel PHID actually be listed somewhere in the dashboard's internal list of panels.
This interacts with the "multiple instances of a panel" issue described in some more depth in T12207. In particular:
- Currently, you can sort of add multiple copies of a panel to a dashboard, sometimes? Maybe?
- This leads to great tragedy.
This doesn't fix up the workflow with respect to multiple copies of a panel. We still remove by panel PHID (not by column/position or internal ID) so if a dashboard has multiple copies of the same panel for some reason, I think this workflow removes one of them arbitrarily (at best) or perhaps does something worse. I'm just treating this behavior as undefined for the moment.
Test Plan:
- Removed an invalid/hidden panel from a dashboard as a user with permission to edit that dashboard.
- Tried to remove a made-up panel with a totally bogus PHID, got 404'd.
- Viewed a dashboard with a restricted panel.
- Put a hidden panel inside a tab panel, viewed it as a user who could not see it and a user who could.
Reviewers: chad
Reviewed By: chad
Subscribers: swisspol
Maniphest Tasks: T12207
Differential Revision: https://secure.phabricator.com/D17314
Summary: Provides additional hint on where to find and clarification.
Test Plan: read
Reviewers: epriestley
Reviewed By: epriestley
Subscribers: Korvin
Differential Revision: https://secure.phabricator.com/D17313
Summary: Fixes T12205. These got over-ridden at a global scale (correctly) and need to adjust local scopes better. Also make it more bluer.
Test Plan: Go to Edit Dashboard, and pick a new icon for a Dashboard.
Reviewers: epriestley
Reviewed By: epriestley
Subscribers: Korvin
Maniphest Tasks: T12205
Differential Revision: https://secure.phabricator.com/D17312
Summary:
Fixes T12203. If you tried to //manage// a dashboard which had a panel you can't see, we'd try to render bogus actions for it and fatal.
Instead, for the moment, survive. Presumably we'll ship a real fix for this in the next release or so, and tackle T10612 / T10145, which I think are closely related.
Test Plan: {F2570418}
Reviewers: chad
Reviewed By: chad
Maniphest Tasks: T12203
Differential Revision: https://secure.phabricator.com/D17311
Summary: This could hit an obscure fatal.
Test Plan:
- Create a macro.
- Upload a file, but don't give it a name.
- Before: fatal.
- After:
{F2569846}
Reviewers: chad, 20after4
Reviewed By: chad
Differential Revision: https://secure.phabricator.com/D17310
Summary:
Fixes T12195. For the past few years, Recaptcha (now part of Google) has supported
a new, "no captcha" one-click user interface. This new UI is stable, doesn't
require any typing or reading words, and can even work without JavaScript (if
the administrator enables it on the Recaptcha side).
Furthermore, the new Recaptcha has a completely trivial API that can be dealt
with in a few lines of code. Thus, the external `recaptcha` php library is now
gone.
This API is a complete replacement for the old one, and does not require any
upgrade path for users or Phabricator administrators - public and secret keys
for the "new" Recaptcha UI are the exact same as the "classic" Recaptcha. Any
old Recaptcha keys for a domain will continue to work.
Note that Google is currently testing Yet Another new Captcha API, called
"Invisible reCAPTCHA", that will not require user interaction at all. In fact,
the user will not even be aware there //is even a captcha form//, as far as I
understand. However, this new API is 1) in beta, 2) requires new Recaptcha keys
(so it cannot be a drop-in replacement), and 3) requires more drastic API
changes, as form submission buttons must instead invoke JavaScript code, rather
than a token being passed along with the form submission. This would require far
more extensive changes to the controllers. Maybe when it's several years old, it
can be considered.
Signed-off-by: Austin Seipp <aseipp@pobox.com>
Test Plan:
Created a brand-new Phabricator installation, saw the new Captcha UI
on administrator sign up. Logged out, made 5 invalid login attempts, and saw the
new Captcha UI. Reworked the conditional to invert the condition, etc to test
and make sure the API responded properly.
Reviewers: epriestley, #blessed_reviewers, chad
Reviewed By: epriestley, #blessed_reviewers
Subscribers: avivey, Korvin
Maniphest Tasks: T12195
Differential Revision: https://secure.phabricator.com/D17304
Summary:
Ref T12174. Ref T8033. Currently, if you can't see one panel on a dashboard, you can't see the dashboard at all. This is confusing and hard to debug.
Improve this behavior at least slightly: render the dashboard, with a big "you can't see this" panel in place of any panels you can't see. This should at least make the behavior obvious, even if it isn't the best or most comprehensive way we can handle it in all cases.
Test Plan: {F2566003}
Reviewers: chad
Reviewed By: chad
Maniphest Tasks: T12174, T8033
Differential Revision: https://secure.phabricator.com/D17308
Summary: Ref T12174. Drag-and-drop-to-upload requires some stuff in the document. Put that stuff on all the content pages (currently: dashboards, magic home), not just the builtin home.
Test Plan:
- Dragged-and-dropped onto a Home dashbboard to upload.
- Viewed, and dragged-and-dropped onto "builtin home" to upload.
- Dragged onto "Edit Menu" for home, no upload.
Reviewers: chad
Reviewed By: chad
Maniphest Tasks: T12174
Differential Revision: https://secure.phabricator.com/D17307
Summary:
Fixes T12197. I //think// this field was never recognized by Differential (it doesn't appear in D17070, but maybe that isn't the right change).
It was recognized by the ad-hoc regular expression which I replaced with a formal parser in D17262.
Allow the former parser to accept "Auditor" as an alias for "Auditors".
Test Plan: Committed a change with `Auditor: dog`, saw the audit trigger correctly in the web UI.
Reviewers: chad
Reviewed By: chad
Maniphest Tasks: T12197
Differential Revision: https://secure.phabricator.com/D17306
Summary: Ref T12180. Seems we widened the value side, but not the key.
Test Plan: Review application property page. Set item to stacked, see non-cutoff layout.
Reviewers: epriestley
Reviewed By: epriestley
Subscribers: Korvin
Maniphest Tasks: T12180
Differential Revision: https://secure.phabricator.com/D17302
Summary: Ref T5307, Makes these buttons a little more clear visually and verbosely. Adds white icons for blue buttons.
Test Plan: Test saving a search, viewing button changes on various form pages / uiexamples.
Reviewers: epriestley
Reviewed By: epriestley
Subscribers: Korvin
Maniphest Tasks: T5307
Differential Revision: https://secure.phabricator.com/D17305
Summary:
Ref T12174.
- Home now always uses the topmost item (falling back to "magic home") and no longer supports pinning. If any personal item may be a default item, it will always be picked over any global item.
- Favorites doesn't use defaults anyway, but no longer has misleading UI suggesting it might.
Test Plan:
- Saw no pinning UI on Home/Favorites.
- Added a personal dashboard on Home, it automatically became the new default.
- Pinned stuff normally on Projects.
Reviewers: chad
Reviewed By: chad
Maniphest Tasks: T12174
Differential Revision: https://secure.phabricator.com/D17298
Summary: Fixes T12163. We don't send txt files through a pygment highlighter, so the break-word needs to also just apply to diffusion-source.
Test Plan: Test in Chrome Inspector
Reviewers: epriestley
Reviewed By: epriestley
Subscribers: Korvin
Maniphest Tasks: T12163
Differential Revision: https://secure.phabricator.com/D17303
Summary: Just making profiles a little nicer, adds a big picture, easier mechanism for updating photos. Also larger profile pictures... need to re-thumb?
Test Plan:
View my profile, edit my picture, view a stranger, see profile. Check mobile, tablet, desktop. Check action menu on mobile.
{F2559394}
Reviewers: epriestley
Reviewed By: epriestley
Subscribers: Korvin
Differential Revision: https://secure.phabricator.com/D17295
Summary: This just cleans up a method call that was missed in D15986. It's been causing fatal errors in one of our workflows.
Test Plan: Grep'd for other instances of `withIsTag` and didn't find any
Reviewers: #blessed_reviewers, epriestley
Reviewed By: #blessed_reviewers, epriestley
Subscribers: epriestley, yelirekim
Differential Revision: https://secure.phabricator.com/D17299
Summary: Fixes T12187. Ref T12190. See T12190 for discussion of why this escaped notice.
Test Plan:
- Commented out the `error_reporting()` clause around file inclusion.
- Reproduced the error in PHP7.
- Corrected the method signature.
- Reloaded the page, no more error.
Reviewers: chad
Reviewed By: chad
Maniphest Tasks: T12190, T12187
Differential Revision: https://secure.phabricator.com/D17297
Summary: Adds most up to date version of FontAwesome
Test Plan: {icon snowflake-o}
Reviewers: epriestley
Reviewed By: epriestley
Subscribers: Korvin
Differential Revision: https://secure.phabricator.com/D17293
Summary: Ref T12174. Removed selected state CSS on mobile devices.
Test Plan: Set Chrome to responsive and check each break point.
Reviewers: epriestley
Reviewed By: epriestley
Subscribers: Korvin
Maniphest Tasks: T12174
Differential Revision: https://secure.phabricator.com/D17292
Summary: Ref T12174. This could be a little more verbose.
Test Plan: Review Global Menu Items
Reviewers: epriestley
Reviewed By: epriestley
Subscribers: Korvin
Maniphest Tasks: T12174
Differential Revision: https://secure.phabricator.com/D17294
Summary: I removed this for cleaner UI on desktop, but still looks nice on mobile.
Test Plan: Test mobile, tablet, desktop search box.
Reviewers: epriestley
Reviewed By: epriestley
Subscribers: Korvin
Differential Revision: https://secure.phabricator.com/D17291