1. 06 Nov, 2018 1 commit
  2. 11 Oct, 2018 1 commit
  3. 09 Oct, 2018 24 commits
    • Ana Rute Mendes's avatar
      LOCAL: Restrict All users policy for top-level docs · b38277ab
      Ana Rute Mendes authored
      Restrict the creation of a new top-level document if visibility or
      edition policies are set to "All users".
      
      See T4759
      b38277ab
    • Daniel Stone's avatar
      LOCAL: Make 'All Users' space extremely magic · 365859d1
      Daniel Stone authored
      Phriction's view policy is ancestral: in order to access /w/foo/bar/baz,
      you must be able to access /w/foo and /w/bar in addition to
      /w/foo/bar/baz itself.
      
      This is fine and makes life easy: by setting restrictive policies on
      top-level pages, we can lessen the risk of someone exposing information
      they shouldn't, by accidentally making
      /w/cold-fusion/secret-research/funding-meeting/2018-09-14 public, when
      the rest of the hierarchy is super locked down.
      
      Phriction also recently gained Spaces support, which is nice: rather
      than trying to lock down with groups and harmonise permissions, we can
      just move top-level wiki pages to a particular Space, and then we don't
      need to worry about groups.
      
      Our clients don't know Spaces even exist, which is great since it avoids
      us having to explain the two-tier permission model to them. The reason
      they don't know it exists is because if you can only see a single Space,
      then Phabricator hides the entire Spaces UI away from you. Great!
      
      Unfortunately one detail ruins everything: /w/ is a top-level page
      itself, it counts for permission checks, and it _must be in a Space_.
      So, there is no way to have wiki documents in mutually-invisible Spaces
      unless you also have a common Space, at which point the whole Spaces UI
      suddenly becomes very visible everywhere.
      
      In order to try to keep our wiki partitioned, but to not confuse our
      clients (and give them the chance to potentially expose confidential
      information!), we:
        - have a magic 'Visible to Everyone' space
        - actually hide that space from everyone with policies
        - hack policy filters to make this space visible to everyone _only
          for the purpose of checking policies on wiki objects_
        - only allow admins to change view/edit policies on the root wiki
          page (see comment for reason why)
      
      This actual patch can obviously never go anywhere near upstream, but on
      the other hand we should probably make them aware of the problem and see
      if they're interested in discussing a solution, which is probably just
      to bless the root page with magic semantics.
      Signed-off-by: Daniel Stone's avatarDaniel Stone <daniels@collabora.com>
      365859d1
    • Daniel Stone's avatar
      LOCAL/UI: PHUI: Add custom Collabora colour scheme · eb5a5b8a
      Daniel Stone authored
      Add a colour scheme for tagging objects in lists.
      eb5a5b8a
    • Daniel Stone's avatar
      LOCAL/UI: Project: Reorder profile tabs · ebbca2b1
      Daniel Stone authored
      This is a UI tweak.
      ebbca2b1
    • Daniel Stone's avatar
      LOCAL/UI: Diffusion: Set default autoclose to 'master' · bc1156bd
      Daniel Stone authored
      Encode policy, allowing patches to land on feature branches without
      closing tasks.
      bc1156bd
    • Daniel Stone's avatar
      LOCAL/UI: Differential: Use tab width of 8 rather than 2 · de195df0
      Daniel Stone authored
      It would be nice, as the comment notes, to have this customisable perhaps
      per-repository, but for the meantime this is unambiguously the better
      solution.
      de195df0
    • Evan Priestley's avatar
      LOCAL/UI: PHUIHandleTagListView: Sort alphabetically · 853efe11
      Evan Priestley authored
      Sort tags alphabetically, rather than order of (PHID) appearance in the
      database.
      
      From https://secure.phabricator.com/p/epriestley at:
      https://secure.phabricator.com/T11420#188498
      853efe11
    • Daniel Stone's avatar
      LOCAL/UI: Maniphest: Show points and review status in task queries · c2595cc1
      Daniel Stone authored
      In the Maniphest query result view, show the story points as well as the
      review/CI status on each task as we currently show them in workboard
      column cards, along with the project tags.
      
      This is local UI policy; the correct fix (of rewriting hover/card views
      to be more generic and extensible) is pretty much impossible to achieve,
      and isn't approachable by non-Phacility contributors.
      c2595cc1
    • Daniel Stone's avatar
      LOCAL/UI: Project: Show task status in workboard cards · 9fde828c
      Daniel Stone authored
      Show the status of every task in workboard cards using the icons
      explicitly, rather than just differentiating between closed and
      not-closed.
      
      This is a local UI choice.
      9fde828c
    • Daniel Stone's avatar
      LOCAL/UI: Project: Show review/CI status on workboard · 7d2cf586
      Daniel Stone authored
      On project workboard cards, also show the status of linked code reviews;
      both the review itself, and any attached Harbormaster CI buildables.
      
      This is already taken care of in the task-detail view by 45c740ac,
      and extends it to the workboard view. It should probably share more code
      with the task-detail view.
      
      It will not be accepted upstream in its current form; it was felt in
      https://secure.phabricator.com/T7076 discussion that performing multiple
      queries for each revision to get the current state was too much. This
      makes it exceedingly unlikely that doing the same number of queries for
      every task in a workboard would be acceptable.
      
      There was discussion of how to fix that, but it was essentially
      impossible, and explicitly discouraged for anyone to even try.
      7d2cf586
    • Daniel Stone's avatar
      LOCAL/POLICY: Maniphest: Auto-assign purchasing tasks to approver · 80e30cc1
      Daniel Stone authored
      Enforce a local policy, that on purchasing tasks, the approver will be
      auto-assigned if there is no assignee.
      
      The 'correct' fix would probably be a Herald rule, if it were actually
      possible to implement. An EditEngine extension might work as well, but
      this was easier.
      80e30cc1
    • Daniel Stone's avatar
      LOCAL/POLICY: Project: Make project field required for Maniphest · 45662a7c
      Daniel Stone authored
      Enforce a local policy that all tasks must have an associated project.
      45662a7c
    • Daniel Stone's avatar
      LOCAL/POLICY: Differential: Clear 'Depends On' when attaching new diff · 2824a488
      Daniel Stone authored
      When we attach a new diff to a Differential revision, clear out its
      'Depends On' field. This is so we don't end up with dependency cycles
      when we rebase/cherry-pick commits out of order.
      
      As upstream do not use rebasing/chery-picking/multi-patch-branch
      workflows, this is unlikely to be accepted.
      2824a488
    • Daniel Stone's avatar
      HACK: Conduit: Accept OAuth2 Authorization header · 18b2fab5
      Daniel Stone authored
      This is really lame. The Ruby OAuth2 client can only pass its token in
      the form data (which Phab is not prepared to accept), or as part of the
      Authorization header (which PHP strips out).
      
      Use a function only available in newer PHP to scrape the Authorization
      header from the raw stream.
      
      I have no idea what the correct fix is.
      18b2fab5
    • Daniel Stone's avatar
      HACK: OAuth: Accept Mattermost double-URI · 994ad1cf
      Daniel Stone authored
      Mattermost OAuth requires two separate URIs, whereas the Phabricator
      OAuth server only allows returning to a single URI. Special case
      Mattermost and get on with life.
      
      The correct fix is to actually allow multiple values in the OAuth
      configuration. I don't know off the top of my head how this would work,
      e.g. a tokenising field, or a multi-line field (which I don't know how
      to achieve without Remarkup), or ... ?
      994ad1cf
    • Daniel Stone's avatar
      HACK: Reverse add/remove transaction application order · 496b657c
      Daniel Stone authored
      PhabricatorApplicationTransactionEditor contains logic (inside
      combineTransactions -> mergeTransactions ->
      mergePHIDOrEdgeTransactions), which will combine two transactions of the
      same edge type and author, then apply the operations in a deterministic
      order.
      
      This breaks our change to remove dependencies when updating a
      Differential revision, since we (acting as the user who uploaded the
      revision) remove the DifferentialRevisionDependsOn edge, then have the
      Remarkup block parser add the dependencies from the commit message
      later.
      
      The two (simplified) transactions of:
      {
          "1-from-our-change-to-differential": {
              "type": "edge",
              "-": {
      	    "PHID-DREV-1234": [...], // remove previous dep
      	}
          },
          "2-from-remarkup-parsing": {
              "type": "edge",
              "+": {
      	    "PHID-DREV-1234": [...], // add dep from commit message
      	}
          }
      }
      
      get merged into:
      {
          "1-combined": {
              "type": "edge",
      	"-": {
      	    "PHID-DREV-1234": [...], // remove previous dep
      	},
      	"+": {
      	    "PHID-DREV-1234": [...], // add dep from commit message
      	}
          }
      }
      
      getPHIDTransactionNewValue() then returns an empty dictionary, because
      it always executes the add before the remove, regardless of ordering.
      The correct fix would be quite invasive to the transaction editor
      (making the combine function considerably less naïve, and always
      preserving order of operation WRT identical PHIDs); the quick fix for
      now (at least) is to just make add operations execute after remove, thus
      'fixing' it for the only case we really care about.
      
      The correct fix is more time than worthwhile to achieve, especially
      since it's extremely difficult to achieve without code modifications.
      496b657c
    • Emanuele Aina's avatar
      BROKEN: Add the `phill` command line tool to import projects and tasks · 51091980
      Emanuele Aina authored
      This is completely broken with modern transactions. It should also be
      rewritten to match Phabricator's coding style.
      51091980
    • Daniel Stone's avatar
      WIP: Transactions: Hide transactions involving restricted objects · 9c4cb492
      Daniel Stone authored
      If a transaction has an object that a particular user cannot see, then
      mark the transaction as hidden for the default transaction view. This
      particularly elides 'foo moved this task from Restricted Workboard
      Column to Restricted Workboard Column on the Restricted Project board'
      messages in the timeline, which are not hugely useful.
      
      This would need a fair bit more work to go upstream, especially eliding
      notifications for restricted-only transactions as well.
      9c4cb492
    • Daniel Stone's avatar
      WIP: Maniphest: Hide hidden project tags for tasks · 7edf6023
      Daniel Stone authored
      If the viewer doesn't have permission to see something a task has been
      tagged with, then don't show it to them in the Maniphest task list view,
      the task detail view, or the workboard view.
      
      This should be extended further to also eliminate it from the
      transaction history (in the task detail view) and also from
      notifications, but it's a start.
      
      This would need quite a bit more work to go upstream.
      7edf6023
    • Daniel Stone's avatar
      WIP: Maniphest: Allow restricting custom fields to subtypes · 05c9b3d0
      Daniel Stone authored
      Add a 'subtype' parameter to custom fields, which means they will only
      be visible on (and validated with) tasks of a particular subtype.
      
      Suitable for upstream after much rework:
      https://secure.phabricator.com/D17593
      05c9b3d0
    • Emanuele Aina's avatar
      Derive story/mention time from transactions · 144ea3d3
      Emanuele Aina authored
      By taking the story time from the transaction creation date we ensure that the times reported in the feed view match the ones reported in the item-specific change lists.
      144ea3d3
    • Quinn Ebert's avatar
      Default Phriction ACL configuration support · bdfe8fab
      Quinn Ebert authored
      This implements an Applications > Phriction configuration option that allows the administrators to specify default view and edit ACL policies for root-level Phriction documents.
      
      Test Plan:
        1. Create a clean test install of Phabricator, login as the admin user
        2. Go to Applications, configure settings for Phriction, set up the ACL you want
        3. Upon creating the first document in Phriction, the ACL chosen by default should be the one you configured in step 2.
      bdfe8fab
    • Daniel Stone's avatar
      Accept arrays in PHID custom-field validation · e959489a
      Daniel Stone authored
      As setValueFromStorage() notes, we can accept either JSON strings or arrays for PHID-type custom fields. Handle this in decodeValue by passing through an array if we've received one.
      
      Test Plan:
        - Add Maniphest custom field with PhabricatorPeopleDatasource
        - Create task with field filled
        - Go to Maniphest task detail view
        - Observe no errors in DarkConsole / PHP error log
      e959489a
    • Daniel Stone's avatar
      Preserve silent and time when updating blocked tasks · da2bdcd1
      Daniel Stone authored
      Ref T13042. Updating blocked tasks creates a new ManiphestTransactionEditor instance from within the current transaction application, which fails to carry over all of the current properties. Failing to update silent means that mails will be generated for updates to blocked tasks, regardless of the setting for the original transaction editor.
      
      Failing to preserve the time can also give large time deltas in corner cases, such as running an importer which pulls tasks from yesteryear.
      
      This equally applies to inverse-edge transactions, though I don't have a ready-made usecase for those.
      da2bdcd1
  4. 06 Oct, 2018 1 commit
  5. 05 Oct, 2018 2 commits
    • epriestley's avatar
      Make Pholio mail render without a ton of over-escaped HTML · 99034efa
      epriestley authored
      Summary:
      Ref T13202. See PHI900. Fixes T12814. Pholio currently builds HTML comments in an older way that can dump a bunch of over-escaped HTML into mail bodies.
      
      Update the logic to be more similar to the Differential rendering logic and stop over-escaping things.
      
      The result isn't perfect, but is dramatically less broken.
      
      Test Plan: {F5919860}
      
      Reviewers: amckinley
      
      Reviewed By: amckinley
      
      Maniphest Tasks: T13202, T12814
      
      Differential Revision: https://secure.phabricator.com/D19733
      99034efa
    • epriestley's avatar
      Allow revisions to be filtered by created date · c6c1893d
      epriestley authored
      Summary:
      Ref T13202. See PHI906. This is a reasonable capability which we support in some other applications already.
      
      (The only real reason not to support this is that it creates some clutter in the UI, but I think we're generally in better shape now than we were in the past, and we could make this UI collapse/fold at some point.)
      
      Test Plan: Ran queries with a minimum date, a maximum date, both, and neither. Saw appropriate results in all cases.
      
      Reviewers: amckinley
      
      Reviewed By: amckinley
      
      Maniphest Tasks: T13202
      
      Differential Revision: https://secure.phabricator.com/D19732
      c6c1893d
  6. 01 Oct, 2018 4 commits
  7. 29 Sep, 2018 1 commit
  8. 26 Sep, 2018 1 commit
    • Austin McKinley's avatar
      Migrate DiffusionBlameController to use repo identities · 8065433e
      Austin McKinley authored
      Summary:
      Now on the blame page, identities get `avatar.png` and there are little tooltips that show a few characters of the committer identity string.
      
      Also add a default icon for repo identities.
      
      Test Plan: Loaded some blame pages for files touched by users with and without repo identities attached.
      
      Reviewers: epriestley
      
      Reviewed By: epriestley
      
      Subscribers: Korvin
      
      Differential Revision: https://secure.phabricator.com/D19587
      8065433e
  9. 24 Sep, 2018 2 commits
    • epriestley's avatar
      When we fail to acquire a repository lock, try to provide a hint about why · 021c612c
      epriestley authored
      Summary:
      Ref T13202. See PHI889. If the lock log is enabled, we can try to offer more details about lock holders.
      
      When we fail to acquire a lock:
      
        - check for recent acquisitions and suggest that this is a bottleneck issue;
        - if there are no recent acquisitions, check for the last acquisition and print details about it (what process, how long ago, whether or not we believe it was released).
      
      Test Plan:
        - Enabled the lock log.
        - Changed the lock wait time to 1 second.
        - Added a `sleep(10)` after grabbing the lock.
        - In one window, ran a Conduit call or a `git fetch`.
        - In another window, ran another operation.
        - Got useful/sensible errors for both ssh and web lock holders, for example:
      
      > PhutilProxyException: Failed to acquire read lock after waiting 1 second(s). You may be able to retry later. (This lock was most recently acquired by a process (pid=12609, host=orbital-3.local, sapi=apache2handler, controller=PhabricatorConduitAPIController, method=diffusion.rawdiffquery) 3 second(s) ago. There is no record of this lock being released.)
      
      > PhutilProxyException: Failed to acquire read lock after waiting 1 second(s). You may be able to retry later. (This lock was most recently acquired by a process (pid=65251, host=orbital-3.local, sapi=cli, argv=/Users/epriestley/dev/core/lib/phabricator/bin/ssh-exec --phabricator-ssh-device local.phacility.net --phabricator-ssh-key 2) 2 second(s) ago. There is no record of this lock being released.)
      
      Reviewers: amckinley
      
      Reviewed By: amckinley
      
      Maniphest Tasks: T13202
      
      Differential Revision: https://secure.phabricator.com/D19702
      021c612c
    • epriestley's avatar
      Parameterize the repository read and write locks · 7db265cd
      epriestley authored
      Summary:
      Ref T13202. See PHI889. Update the read and write locks to the modern parameterized verison, which handles hashing/normalization and can store better logs.
      
      This parameterized mode was added in D19173 and has been used successfully for some time, but not all locks have switched over to it yet.
      
      Test Plan:
      - Added an `fprintf(STDERR, $full_name)` to the lock code.
      - Pulled a repository.
      - Saw sensible lock name on stdout before "acquired read lock...".
      - Additional changes in this patch series will vet this more completely.
      
      Reviewers: amckinley
      
      Reviewed By: amckinley
      
      Maniphest Tasks: T13202
      
      Differential Revision: https://secure.phabricator.com/D19701
      7db265cd
  10. 23 Sep, 2018 1 commit
  11. 19 Sep, 2018 1 commit
    • epriestley's avatar
      Fix comment box borders in timelines after Phriction commenting · 3244324c
      epriestley authored
      Summary:
      Ref T13202. In D19660, I added comments to Phriction and tweaked some CSS.
      
      One of these tweaks was getting rid of an extra border which was rendering under the comment area. However, I took off too much and ended up removing borders from other applications.
      
      I think we don't actually need this `setNoBorder()` stuff after all -- a later change was sufficient to stop the actual border I was trying to get rid of from rendering. So this mostly just reverts part of D19660.
      
      This rendering still isn't perfect, but I'm fine leaving that for another day for now.
      
      Test Plan:
        - Viewed comment areas in Phriction. Saw correct number of borders (1).
        - Viewed comment areas in Maniphest. Saw correct number of borders (1).
        - Grepped for extraneous removed classs, no hits.
      
      Reviewers: amckinley
      
      Reviewed By: amckinley
      
      Maniphest Tasks: T13202
      
      Differential Revision: https://secure.phabricator.com/D19684
      3244324c
  12. 18 Sep, 2018 1 commit
    • epriestley's avatar
      (stable) Fix Phriction rendering for initial install and 404 pages · 8ab7859d
      epriestley authored
      Summary:
      Depends on D19682. Ref T13202. We currently fatal when trying to render a timeline if:
      
        - an install is fresh, so there are no pages yet, and you look at "/w/"; or
        - you're looking at a Phriction page which doesn't exist (yet) like "/w/aadsflknadsflnf/".
      
      Rendering a timeline and comment area doesn't make sense in these cases, so don't render them.
      
      Test Plan: Hit both cases described above, got "new/empty page" prompts instead of fatals.
      
      Reviewers: amckinley
      
      Maniphest Tasks: T13202
      
      Differential Revision: https://secure.phabricator.com/D19683
      8ab7859d