1. 12 Dec, 2019 1 commit
    • Ana Rute Mendes's avatar
      CCU: purchasing: Support for multiple items · 653e579d
      Ana Rute Mendes authored
      Allows a ticket to have up to 5 items in the same
      purchasing request.
      
      Handle the hiding/displaying of a mini form for each asset and
      control display of properties that are used only in Snipe-IT.
      653e579d
  2. 30 Oct, 2019 30 commits
    • Ana Rute Mendes's avatar
      LOCAL:Maniphest:Apply approver rule to event type · c9aa295d
      Ana Rute Mendes authored
      Replicate the logic to auto-fill approver for `event` subtype.
      
      Until now event and purchasing forms used the same template but
      they were split in two - `purchasing` and `event` - after the
      Snipe-IT integration that applied major changes in the purchasing
      request form.
      c9aa295d
    • Ana Rute Mendes's avatar
      Add snipe-it custom JavaScript validation · 5ece8e93
      Ana Rute Mendes authored
      The only way I found to add a custom js file was directly in the
      webroot folder. To make sure it never generate conflicts when updaitng
      phab, I created an extensions folder in the js directory.
      
      This file is called by the SnipeHelper class.
      5ece8e93
    • Ana Rute Mendes's avatar
      LOCAL: Validate variables before calling functions · 040bf938
      Ana Rute Mendes authored
      Some customization are not being used in Phabricator Apertis
      instance. So some features were breaking when calling functions
      in variables that were null
      040bf938
    • Ana Rute Mendes's avatar
      Add try/catch in the SnipeHelper calls · 58875304
      Ana Rute Mendes authored
      Make sure phab won't raise errors if the SnipeHelper methods
      or API requests fail.
      58875304
    • Ana Rute Mendes's avatar
      LOCAL: Maniphest: trigger Shipping Req. autofill · 6cb9a0e6
      Ana Rute Mendes authored
      If a Shipping Request is edited and it has the asset id field
      filled, trigger the method that will fetch the data from Snipe-IT
      and fill the item details in the task.
      6cb9a0e6
    • Ana Rute Mendes's avatar
      LOCAL: Maniphest: trigger asset item creation · e277f50e
      Ana Rute Mendes authored
      When a Purchasing Request changes status to "To Relase" an asset
      must be created in the inventory system, external from Phabricator.
      
      Trigger the create asset method that is placed in the extensions folder.
      e277f50e
    • Ana Rute Mendes's avatar
      Nit pick: replace if statements with switch · efe1f683
      Ana Rute Mendes authored
      These conditions will increase, to keep the code cleaner replace 3
      if statements with a switch
      efe1f683
    • Ana Rute Mendes's avatar
      3c158c34
    • Ana Rute Mendes's avatar
      Update sysadmin ticket project · 5f7d1e50
      Ana Rute Mendes authored
      5f7d1e50
    • Ana Rute Mendes's avatar
      LOCAL/POLICY: set sysadmin requests policies · 85a2c89f
      Ana Rute Mendes authored
      Set sysadmin resquests policies according to confidentiality
      chosen by the user.
      85a2c89f
    • Ana Rute Mendes's avatar
      LOCAL: Restrict All users policy for top-level docs · 58dbfec9
      Ana Rute Mendes authored
      Restrict the creation of a new top-level document if visibility or
      edition policies are set to "All users".
      
      See T4759
      58dbfec9
    • Daniel Stone's avatar
      LOCAL: Make 'All Users' space extremely magic · 08383e09
      Daniel Stone authored
      Phriction's view policy is ancestral: in order to access /w/foo/bar/baz,
      you must be able to access /w/foo and /w/bar in addition to
      /w/foo/bar/baz itself.
      
      This is fine and makes life easy: by setting restrictive policies on
      top-level pages, we can lessen the risk of someone exposing information
      they shouldn't, by accidentally making
      /w/cold-fusion/secret-research/funding-meeting/2018-09-14 public, when
      the rest of the hierarchy is super locked down.
      
      Phriction also recently gained Spaces support, which is nice: rather
      than trying to lock down with groups and harmonise permissions, we can
      just move top-level wiki pages to a particular Space, and then we don't
      need to worry about groups.
      
      Our clients don't know Spaces even exist, which is great since it avoids
      us having to explain the two-tier permission model to them. The reason
      they don't know it exists is because if you can only see a single Space,
      then Phabricator hides the entire Spaces UI away from you. Great!
      
      Unfortunately one detail ruins everything: /w/ is a top-level page
      itself, it counts for permission checks, and it _must be in a Space_.
      So, there is no way to have wiki documents in mutually-invisible Spaces
      unless you also have a common Space, at which point the whole Spaces UI
      suddenly becomes very visible everywhere.
      
      In order to try to keep our wiki partitioned, but to not confuse our
      clients (and give them the chance to potentially expose confidential
      information!), we:
        - have a magic 'Visible to Everyone' space
        - actually hide that space from everyone with policies
        - hack policy filters to make this space visible to everyone _only
          for the purpose of checking policies on wiki objects_
        - only allow admins to change view/edit policies on the root wiki
          page (see comment for reason why)
      
      This actual patch can obviously never go anywhere near upstream, but on
      the other hand we should probably make them aware of the problem and see
      if they're interested in discussing a solution, which is probably just
      to bless the root page with magic semantics.
      Signed-off-by: Daniel Stone's avatarDaniel Stone <daniels@collabora.com>
      08383e09
    • Daniel Stone's avatar
      LOCAL/UI: PHUI: Add custom Collabora colour scheme · c202fef1
      Daniel Stone authored
      Add a colour scheme for tagging objects in lists.
      c202fef1
    • Daniel Stone's avatar
      LOCAL/UI: Project: Reorder profile tabs · 0823f9ac
      Daniel Stone authored
      This is a UI tweak.
      0823f9ac
    • Daniel Stone's avatar
      LOCAL/UI: Diffusion: Set default autoclose to 'master' · 5a36cce6
      Daniel Stone authored
      Encode policy, allowing patches to land on feature branches without
      closing tasks.
      5a36cce6
    • Daniel Stone's avatar
      LOCAL/UI: Differential: Use tab width of 8 rather than 2 · 28b9c9af
      Daniel Stone authored
      It would be nice, as the comment notes, to have this customisable perhaps
      per-repository, but for the meantime this is unambiguously the better
      solution.
      28b9c9af
    • Evan Priestley's avatar
      LOCAL/UI: PHUIHandleTagListView: Sort alphabetically · bce0bfd9
      Evan Priestley authored
      Sort tags alphabetically, rather than order of (PHID) appearance in the
      database.
      
      From https://secure.phabricator.com/p/epriestley at:
      https://secure.phabricator.com/T11420#188498
      bce0bfd9
    • Daniel Stone's avatar
      LOCAL/UI: Maniphest: Show points and review status in task queries · 817d834c
      Daniel Stone authored
      In the Maniphest query result view, show the story points as well as the
      review/CI status on each task as we currently show them in workboard
      column cards, along with the project tags.
      
      This is local UI policy; the correct fix (of rewriting hover/card views
      to be more generic and extensible) is pretty much impossible to achieve,
      and isn't approachable by non-Phacility contributors.
      817d834c
    • Daniel Stone's avatar
      LOCAL/UI: Project: Show task status in workboard cards · d8ffcf53
      Daniel Stone authored
      Show the status of every task in workboard cards using the icons
      explicitly, rather than just differentiating between closed and
      not-closed.
      
      This is a local UI choice.
      d8ffcf53
    • Daniel Stone's avatar
      LOCAL/UI: Project: Show review/CI status on workboard · c3248f55
      Daniel Stone authored
      On project workboard cards, also show the status of linked code reviews;
      both the review itself, and any attached Harbormaster CI buildables.
      
      This is already taken care of in the task-detail view by 45c740ac,
      and extends it to the workboard view. It should probably share more code
      with the task-detail view.
      
      It will not be accepted upstream in its current form; it was felt in
      https://secure.phabricator.com/T7076 discussion that performing multiple
      queries for each revision to get the current state was too much. This
      makes it exceedingly unlikely that doing the same number of queries for
      every task in a workboard would be acceptable.
      
      There was discussion of how to fix that, but it was essentially
      impossible, and explicitly discouraged for anyone to even try.
      c3248f55
    • Daniel Stone's avatar
      LOCAL/POLICY: Maniphest: Auto-assign purchasing tasks to approver · 3cb3aeeb
      Daniel Stone authored
      Enforce a local policy, that on purchasing tasks, the approver will be
      auto-assigned if there is no assignee.
      
      The 'correct' fix would probably be a Herald rule, if it were actually
      possible to implement. An EditEngine extension might work as well, but
      this was easier.
      3cb3aeeb
    • Daniel Stone's avatar
      LOCAL/POLICY: Project: Make project field required for Maniphest · d057f7f0
      Daniel Stone authored
      Enforce a local policy that all tasks must have an associated project.
      d057f7f0
    • Daniel Stone's avatar
      LOCAL/POLICY: Differential: Clear 'Depends On' when attaching new diff · cc118eb9
      Daniel Stone authored
      When we attach a new diff to a Differential revision, clear out its
      'Depends On' field. This is so we don't end up with dependency cycles
      when we rebase/cherry-pick commits out of order.
      
      As upstream do not use rebasing/chery-picking/multi-patch-branch
      workflows, this is unlikely to be accepted.
      cc118eb9
    • Daniel Stone's avatar
      HACK: Conduit: Accept OAuth2 Authorization header · bb75be3c
      Daniel Stone authored
      This is really lame. The Ruby OAuth2 client can only pass its token in
      the form data (which Phab is not prepared to accept), or as part of the
      Authorization header (which PHP strips out).
      
      Use a function only available in newer PHP to scrape the Authorization
      header from the raw stream.
      
      I have no idea what the correct fix is.
      bb75be3c
    • Daniel Stone's avatar
      HACK: OAuth: Accept Mattermost double-URI · 9abd0ac9
      Daniel Stone authored
      Mattermost OAuth requires two separate URIs, whereas the Phabricator
      OAuth server only allows returning to a single URI. Special case
      Mattermost and get on with life.
      
      The correct fix is to actually allow multiple values in the OAuth
      configuration. I don't know off the top of my head how this would work,
      e.g. a tokenising field, or a multi-line field (which I don't know how
      to achieve without Remarkup), or ... ?
      9abd0ac9
    • Daniel Stone's avatar
      HACK: Reverse add/remove transaction application order · 37bdd076
      Daniel Stone authored
      PhabricatorApplicationTransactionEditor contains logic (inside
      combineTransactions -> mergeTransactions ->
      mergePHIDOrEdgeTransactions), which will combine two transactions of the
      same edge type and author, then apply the operations in a deterministic
      order.
      
      This breaks our change to remove dependencies when updating a
      Differential revision, since we (acting as the user who uploaded the
      revision) remove the DifferentialRevisionDependsOn edge, then have the
      Remarkup block parser add the dependencies from the commit message
      later.
      
      The two (simplified) transactions of:
      {
          "1-from-our-change-to-differential": {
              "type": "edge",
              "-": {
      	    "PHID-DREV-1234": [...], // remove previous dep
      	}
          },
          "2-from-remarkup-parsing": {
              "type": "edge",
              "+": {
      	    "PHID-DREV-1234": [...], // add dep from commit message
      	}
          }
      }
      
      get merged into:
      {
          "1-combined": {
              "type": "edge",
      	"-": {
      	    "PHID-DREV-1234": [...], // remove previous dep
      	},
      	"+": {
      	    "PHID-DREV-1234": [...], // add dep from commit message
      	}
          }
      }
      
      getPHIDTransactionNewValue() then returns an empty dictionary, because
      it always executes the add before the remove, regardless of ordering.
      The correct fix would be quite invasive to the transaction editor
      (making the combine function considerably less naïve, and always
      preserving order of operation WRT identical PHIDs); the quick fix for
      now (at least) is to just make add operations execute after remove, thus
      'fixing' it for the only case we really care about.
      
      The correct fix is more time than worthwhile to achieve, especially
      since it's extremely difficult to achieve without code modifications.
      37bdd076
    • Emanuele Aina's avatar
      BROKEN: Add the `phill` command line tool to import projects and tasks · f5d13355
      Emanuele Aina authored
      This is completely broken with modern transactions. It should also be
      rewritten to match Phabricator's coding style.
      f5d13355
    • Daniel Stone's avatar
      WIP: Transactions: Hide transactions involving restricted objects · d4708001
      Daniel Stone authored
      If a transaction has an object that a particular user cannot see, then
      mark the transaction as hidden for the default transaction view. This
      particularly elides 'foo moved this task from Restricted Workboard
      Column to Restricted Workboard Column on the Restricted Project board'
      messages in the timeline, which are not hugely useful.
      
      This would need a fair bit more work to go upstream, especially eliding
      notifications for restricted-only transactions as well.
      d4708001
    • Daniel Stone's avatar
      WIP: Maniphest: Hide hidden project tags for tasks · 4e407348
      Daniel Stone authored
      If the viewer doesn't have permission to see something a task has been
      tagged with, then don't show it to them in the Maniphest task list view,
      the task detail view, or the workboard view.
      
      This should be extended further to also eliminate it from the
      transaction history (in the task detail view) and also from
      notifications, but it's a start.
      
      This would need quite a bit more work to go upstream.
      4e407348
    • Daniel Stone's avatar
      WIP: Maniphest: Allow restricting custom fields to subtypes · a35b16d3
      Daniel Stone authored
      Add a 'subtype' parameter to custom fields, which means they will only
      be visible on (and validated with) tasks of a particular subtype.
      
      Suitable for upstream after much rework:
      https://secure.phabricator.com/D17593
      a35b16d3
  3. 11 Jul, 2019 4 commits
    • Emanuele Aina's avatar
      Derive story/mention time from transactions · 229119af
      Emanuele Aina authored
      By taking the story time from the transaction creation date we ensure that the times reported in the feed view match the ones reported in the item-specific change lists.
      229119af
    • Quinn Ebert's avatar
      Default Phriction ACL configuration support · a0446c6a
      Quinn Ebert authored
      This implements an Applications > Phriction configuration option that allows the administrators to specify default view and edit ACL policies for root-level Phriction documents.
      
      Test Plan:
        1. Create a clean test install of Phabricator, login as the admin user
        2. Go to Applications, configure settings for Phriction, set up the ACL you want
        3. Upon creating the first document in Phriction, the ACL chosen by default should be the one you configured in step 2.
      a0446c6a
    • Daniel Stone's avatar
      Accept arrays in PHID custom-field validation · 0b50c4a0
      Daniel Stone authored
      As setValueFromStorage() notes, we can accept either JSON strings or arrays for PHID-type custom fields. Handle this in decodeValue by passing through an array if we've received one.
      
      Test Plan:
        - Add Maniphest custom field with PhabricatorPeopleDatasource
        - Create task with field filled
        - Go to Maniphest task detail view
        - Observe no errors in DarkConsole / PHP error log
      0b50c4a0
    • Daniel Stone's avatar
      Preserve silent and time when updating blocked tasks · f3aa48e7
      Daniel Stone authored
      Ref T13042. Updating blocked tasks creates a new ManiphestTransactionEditor instance from within the current transaction application, which fails to carry over all of the current properties. Failing to update silent means that mails will be generated for updates to blocked tasks, regardless of the setting for the original transaction editor.
      
      Failing to preserve the time can also give large time deltas in corner cases, such as running an importer which pulls tasks from yesteryear.
      
      This equally applies to inverse-edge transactions, though I don't have a ready-made usecase for those.
      f3aa48e7
  4. 29 Jun, 2019 1 commit
  5. 28 Jun, 2019 1 commit
  6. 26 Jun, 2019 1 commit
  7. 25 Jun, 2019 2 commits