- 29 Mar, 2020 36 commits
-
-
Ana Rute Mendes authored
The fields item dimensions and weight won't be used anymore in the purchasing ticket.
-
Ana Rute Mendes authored
-
Ana Rute Mendes authored
Allows a ticket to have up to 5 items in the same purchasing request. Handle the hiding/displaying of a mini form for each asset and control display of properties that are used only in Snipe-IT.
-
Ana Rute Mendes authored
Replicate the logic to auto-fill approver for `event` subtype. Until now event and purchasing forms used the same template but they were split in two - `purchasing` and `event` - after the Snipe-IT integration that applied major changes in the purchasing request form.
-
Ana Rute Mendes authored
The only way I found to add a custom js file was directly in the webroot folder. To make sure it never generate conflicts when updaitng phab, I created an extensions folder in the js directory. This file is called by the SnipeHelper class.
-
Ana Rute Mendes authored
Some customization are not being used in Phabricator Apertis instance. So some features were breaking when calling functions in variables that were null
-
Ana Rute Mendes authored
Make sure phab won't raise errors if the SnipeHelper methods or API requests fail.
-
Ana Rute Mendes authored
If a Shipping Request is edited and it has the asset id field filled, trigger the method that will fetch the data from Snipe-IT and fill the item details in the task.
-
Ana Rute Mendes authored
When a Purchasing Request changes status to "To Relase" an asset must be created in the inventory system, external from Phabricator. Trigger the create asset method that is placed in the extensions folder.
-
Ana Rute Mendes authored
These conditions will increase, to keep the code cleaner replace 3 if statements with a switch
-
Ana Rute Mendes authored
-
Ana Rute Mendes authored
Set sysadmin resquests policies according to confidentiality chosen by the user.
-
Ana Rute Mendes authored
Restrict the creation of a new top-level document if visibility or edition policies are set to "All users". See T4759
-
Phriction's view policy is ancestral: in order to access /w/foo/bar/baz, you must be able to access /w/foo and /w/bar in addition to /w/foo/bar/baz itself. This is fine and makes life easy: by setting restrictive policies on top-level pages, we can lessen the risk of someone exposing information they shouldn't, by accidentally making /w/cold-fusion/secret-research/funding-meeting/2018-09-14 public, when the rest of the hierarchy is super locked down. Phriction also recently gained Spaces support, which is nice: rather than trying to lock down with groups and harmonise permissions, we can just move top-level wiki pages to a particular Space, and then we don't need to worry about groups. Our clients don't know Spaces even exist, which is great since it avoids us having to explain the two-tier permission model to them. The reason they don't know it exists is because if you can only see a single Space, then Phabricator hides the entire Spaces UI away from you. Great! Unfortunately one detail ruins everything: /w/ is a top-level page itself, it counts for permission checks, and it _must be in a Space_. So, there is no way to have wiki documents in mutually-invisible Spaces unless you also have a common Space, at which point the whole Spaces UI suddenly becomes very visible everywhere. In order to try to keep our wiki partitioned, but to not confuse our clients (and give them the chance to potentially expose confidential information!), we: - have a magic 'Visible to Everyone' space - actually hide that space from everyone with policies - hack policy filters to make this space visible to everyone _only for the purpose of checking policies on wiki objects_ - only allow admins to change view/edit policies on the root wiki page (see comment for reason why) This actual patch can obviously never go anywhere near upstream, but on the other hand we should probably make them aware of the problem and see if they're interested in discussing a solution, which is probably just to bless the root page with magic semantics. Signed-off-by:
Daniel Stone <daniels@collabora.com>
-
Add a colour scheme for tagging objects in lists.
-
This is a UI tweak.
-
Encode policy, allowing patches to land on feature branches without closing tasks.
-
It would be nice, as the comment notes, to have this customisable perhaps per-repository, but for the meantime this is unambiguously the better solution.
-
Sort tags alphabetically, rather than order of (PHID) appearance in the database. From https://secure.phabricator.com/p/epriestley at: https://secure.phabricator.com/T11420#188498
-
In the Maniphest query result view, show the story points as well as the review/CI status on each task as we currently show them in workboard column cards, along with the project tags. This is local UI policy; the correct fix (of rewriting hover/card views to be more generic and extensible) is pretty much impossible to achieve, and isn't approachable by non-Phacility contributors.
-
Show the status of every task in workboard cards using the icons explicitly, rather than just differentiating between closed and not-closed. This is a local UI choice.
-
On project workboard cards, also show the status of linked code reviews; both the review itself, and any attached Harbormaster CI buildables. This is already taken care of in the task-detail view by 45c740ac, and extends it to the workboard view. It should probably share more code with the task-detail view. It will not be accepted upstream in its current form; it was felt in https://secure.phabricator.com/T7076 discussion that performing multiple queries for each revision to get the current state was too much. This makes it exceedingly unlikely that doing the same number of queries for every task in a workboard would be acceptable. There was discussion of how to fix that, but it was essentially impossible, and explicitly discouraged for anyone to even try.
-
Enforce a local policy, that on purchasing tasks, the approver will be auto-assigned if there is no assignee. The 'correct' fix would probably be a Herald rule, if it were actually possible to implement. An EditEngine extension might work as well, but this was easier.
-
Enforce a local policy that all tasks must have an associated project.
-
When we attach a new diff to a Differential revision, clear out its 'Depends On' field. This is so we don't end up with dependency cycles when we rebase/cherry-pick commits out of order. As upstream do not use rebasing/chery-picking/multi-patch-branch workflows, this is unlikely to be accepted.
-
This is really lame. The Ruby OAuth2 client can only pass its token in the form data (which Phab is not prepared to accept), or as part of the Authorization header (which PHP strips out). Use a function only available in newer PHP to scrape the Authorization header from the raw stream. I have no idea what the correct fix is.
-
Mattermost OAuth requires two separate URIs, whereas the Phabricator OAuth server only allows returning to a single URI. Special case Mattermost and get on with life. The correct fix is to actually allow multiple values in the OAuth configuration. I don't know off the top of my head how this would work, e.g. a tokenising field, or a multi-line field (which I don't know how to achieve without Remarkup), or ... ?
-
PhabricatorApplicationTransactionEditor contains logic (inside combineTransactions -> mergeTransactions -> mergePHIDOrEdgeTransactions), which will combine two transactions of the same edge type and author, then apply the operations in a deterministic order. This breaks our change to remove dependencies when updating a Differential revision, since we (acting as the user who uploaded the revision) remove the DifferentialRevisionDependsOn edge, then have the Remarkup block parser add the dependencies from the commit message later. The two (simplified) transactions of: { "1-from-our-change-to-differential": { "type": "edge", "-": { "PHID-DREV-1234": [...], // remove previous dep } }, "2-from-remarkup-parsing": { "type": "edge", "+": { "PHID-DREV-1234": [...], // add dep from commit message } } } get merged into: { "1-combined": { "type": "edge", "-": { "PHID-DREV-1234": [...], // remove previous dep }, "+": { "PHID-DREV-1234": [...], // add dep from commit message } } } getPHIDTransactionNewValue() then returns an empty dictionary, because it always executes the add before the remove, regardless of ordering. The correct fix would be quite invasive to the transaction editor (making the combine function considerably less naïve, and always preserving order of operation WRT identical PHIDs); the quick fix for now (at least) is to just make add operations execute after remove, thus 'fixing' it for the only case we really care about. The correct fix is more time than worthwhile to achieve, especially since it's extremely difficult to achieve without code modifications.
-
This is completely broken with modern transactions. It should also be rewritten to match Phabricator's coding style.
-
If a transaction has an object that a particular user cannot see, then mark the transaction as hidden for the default transaction view. This particularly elides 'foo moved this task from Restricted Workboard Column to Restricted Workboard Column on the Restricted Project board' messages in the timeline, which are not hugely useful. This would need a fair bit more work to go upstream, especially eliding notifications for restricted-only transactions as well.
-
If the viewer doesn't have permission to see something a task has been tagged with, then don't show it to them in the Maniphest task list view, the task detail view, or the workboard view. This should be extended further to also eliminate it from the transaction history (in the task detail view) and also from notifications, but it's a start. This would need quite a bit more work to go upstream.
-
Add a 'subtype' parameter to custom fields, which means they will only be visible on (and validated with) tasks of a particular subtype. Suitable for upstream after much rework: https://secure.phabricator.com/D17593
-
By taking the story time from the transaction creation date we ensure that the times reported in the feed view match the ones reported in the item-specific change lists.
-
This implements an Applications > Phriction configuration option that allows the administrators to specify default view and edit ACL policies for root-level Phriction documents. Test Plan: 1. Create a clean test install of Phabricator, login as the admin user 2. Go to Applications, configure settings for Phriction, set up the ACL you want 3. Upon creating the first document in Phriction, the ACL chosen by default should be the one you configured in step 2.
-
As setValueFromStorage() notes, we can accept either JSON strings or arrays for PHID-type custom fields. Handle this in decodeValue by passing through an array if we've received one. Test Plan: - Add Maniphest custom field with PhabricatorPeopleDatasource - Create task with field filled - Go to Maniphest task detail view - Observe no errors in DarkConsole / PHP error log
-
Ref T13042. Updating blocked tasks creates a new ManiphestTransactionEditor instance from within the current transaction application, which fails to carry over all of the current properties. Failing to update silent means that mails will be generated for updates to blocked tasks, regardless of the setting for the original transaction editor. Failing to preserve the time can also give large time deltas in corner cases, such as running an importer which pulls tasks from yesteryear. This equally applies to inverse-edge transactions, though I don't have a ready-made usecase for those.
-
- 12 Feb, 2020 1 commit
-
-
epriestley authored
-
- 06 Feb, 2020 1 commit
-
-
epriestley authored
Summary: Fixes T5427. See PHI1630. See also T13160 and D20568. In the full HTML table syntax with "<table>", respect linebreaks as literals inside "<td>" cells. Test Plan: Previewed some full-HTML tables with and without linebreaks, saw what seemed like sensible rendering behavior. Maniphest Tasks: T5427 Differential Revision: https://secure.phabricator.com/D20971
-
- 05 Feb, 2020 1 commit
-
-
epriestley authored
Summary: Ref T10635. An install with large blocks of remarkup (4MB) in test details is reporting slow page rendering. This is expected, but I've mostly given up on fighting this unless I absolutely have to. Degrade the interface more aggressively. Test Plan: - Submitted a large block of test details in remarkup format. - Before patch: they rendered inline. - After patch: degraded display. - Verified small blocks are not changed. {F7180727} {F7180728} Subscribers: PHID-OPKG-gm6ozazyms6q6i22gyam Maniphest Tasks: T10635 Differential Revision: https://secure.phabricator.com/D20970
-
- 04 Feb, 2020 1 commit
-
-
epriestley authored
Summary: Ref T13486. Currently, "Zarbo" sorts above "alice", but this isn't expected for a list of (mostly) human usernames. Test Plan: Loaded a task with subscribers with mixed-case usernames. Maniphest Tasks: T13486 Differential Revision: https://secure.phabricator.com/D20969
-