public function processRequest()
{
$rule = id(new HeraldRule())->load($this->id);
if (!$rule) {
return new Aphront404Response();
}
$request = $this->getRequest();
$user = $request->getUser();
if ($user->getPHID() != $rule->getAuthorPHID()) {
return new Aphront400Response();
}
if ($request->isFormPost()) {
$rule->delete();
if ($request->isAjax()) {
return new AphrontRedirectResponse();
} else {
return id(new AphrontRedirectResponse())->setURI('/herald/');
}
}
$dialog = new AphrontDialogView();
$dialog->setUser($request->getUser());
$dialog->setTitle('Really delete this rule?');
$dialog->appendChild("Are you sure you want to delete the rule " . "'<strong>" . phutil_escape_html($rule->getName()) . "</strong>'?");
$dialog->addSubmitButton('Delete');
$dialog->addCancelButton('/herald/');
$dialog->setSubmitURI($request->getPath());
return id(new AphrontDialogResponse())->setDialog($dialog);
}
public function processRequest()
{
$request = $this->getRequest();
$user = $request->getUser();
$provider = $this->provider;
if ($provider->isProviderLinkPermanent()) {
throw new Exception("You may not unlink accounts from this OAuth provider.");
}
$provider_key = $provider->getProviderKey();
$oauth_info = id(new PhabricatorUserOAuthInfo())->loadOneWhere('userID = %d AND oauthProvider = %s', $user->getID(), $provider_key);
if (!$oauth_info) {
return new Aphront400Response();
}
if (!$request->isDialogFormPost()) {
$dialog = new AphrontDialogView();
$dialog->setUser($user);
$dialog->setTitle('Really unlink account?');
$dialog->appendChild('<p><strong>You will not be able to login</strong> using this account ' . 'once you unlink it. Continue?</p>');
$dialog->addSubmitButton('Unlink Account');
$dialog->addCancelButton('/settings/page/' . $provider_key . '/');
return id(new AphrontDialogResponse())->setDialog($dialog);
}
$oauth_info->delete();
return id(new AphrontRedirectResponse())->setURI('/settings/page/' . $provider_key . '/');
}
public function processRequest()
{
$rule = id(new HeraldRule())->load($this->id);
if (!$rule) {
return new Aphront404Response();
}
$request = $this->getRequest();
$user = $request->getUser();
// Anyone can delete a global rule, but only the rule owner can delete a
// personal one.
if ($rule->getRuleType() == HeraldRuleTypeConfig::RULE_TYPE_PERSONAL) {
if ($user->getPHID() != $rule->getAuthorPHID()) {
return new Aphront400Response();
}
}
if ($request->isFormPost()) {
$rule->openTransaction();
$rule->logEdit($user->getPHID(), 'delete');
$rule->delete();
$rule->saveTransaction();
return id(new AphrontReloadResponse())->setURI('/herald/');
}
$dialog = new AphrontDialogView();
$dialog->setUser($request->getUser());
$dialog->setTitle('Really delete this rule?');
$dialog->appendChild("Are you sure you want to delete the rule " . "'<strong>" . phutil_escape_html($rule->getName()) . "</strong>'?");
$dialog->addSubmitButton('Delete');
$dialog->addCancelButton('/herald/');
$dialog->setSubmitURI($request->getPath());
return id(new AphrontDialogResponse())->setDialog($dialog);
}
public function processRequest()
{
$phid = $this->getClientPHID();
$title = 'Delete OAuth Client';
$request = $this->getRequest();
$current_user = $request->getUser();
$client = id(new PhabricatorOAuthServerClient())->loadOneWhere('phid = %s', $phid);
if (empty($client)) {
return new Aphront404Response();
}
if ($client->getCreatorPHID() != $current_user->getPHID()) {
$message = 'Access denied to client with phid ' . $phid . '. ' . 'Only the user who created the client has permission to ' . 'delete the client.';
return id(new Aphront403Response())->setForbiddenText($message);
}
if ($request->isFormPost()) {
$client->delete();
return id(new AphrontRedirectResponse())->setURI('/oauthserver/client/?deleted=1');
}
$client_name = phutil_escape_html($client->getName());
$title .= ' ' . $client_name;
$dialog = new AphrontDialogView();
$dialog->setUser($current_user);
$dialog->setTitle($title);
$dialog->appendChild('<p>Are you sure you want to delete this client?</p>');
$dialog->addSubmitButton();
$dialog->addCancelButton($client->getEditURI());
return id(new AphrontDialogResponse())->setDialog($dialog);
}
public function processRequest()
{
$request = $this->getRequest();
$chrono_key = $request->getStr('chronoKey');
$user = $request->getUser();
if ($request->isDialogFormPost()) {
$table = new PhabricatorFeedStoryNotification();
queryfx($table->establishConnection('w'), 'UPDATE %T SET hasViewed = 1 ' . 'WHERE userPHID = %s AND hasViewed = 0 and chronologicalKey <= %s', $table->getTableName(), $user->getPHID(), $chrono_key);
return id(new AphrontReloadResponse())->setURI('/notification/');
}
$dialog = new AphrontDialogView();
$dialog->setUser($user);
$dialog->addCancelButton('/notification/');
if ($chrono_key) {
$dialog->setTitle(pht('Really mark all notifications as read?'));
$dialog->addHiddenInput('chronoKey', $chrono_key);
$is_serious = PhabricatorEnv::getEnvConfig('phabricator.serious-business');
if ($is_serious) {
$dialog->appendChild(pht('All unread notifications will be marked as read. You can not ' . 'undo this action.'));
} else {
$dialog->appendChild(pht("You can't ignore your problems forever, you know."));
}
$dialog->addSubmitButton(pht('Mark All Read'));
} else {
$dialog->setTitle(pht('No notifications to mark as read.'));
$dialog->appendChild(pht('You have no unread notifications.'));
}
return id(new AphrontDialogResponse())->setDialog($dialog);
}
private function buildRescindTokenDialog(PhabricatorTokenGiven $token_given)
{
$dialog = new AphrontDialogView();
$dialog->setTitle(pht('Rescind Token'));
$dialog->appendChild(pht('Really rescind this lovely token?'));
$dialog->addSubmitButton(pht('Rescind Token'));
return $dialog;
}
public function processRequest()
{
$request = $this->getRequest();
$user = $request->getUser();
$capabilities = array(PhabricatorPolicyCapability::CAN_VIEW);
$process_action = false;
switch ($this->action) {
case 'join':
$capabilities[] = PhabricatorPolicyCapability::CAN_JOIN;
$process_action = $request->isFormPost();
break;
case 'leave':
$process_action = $request->isDialogFormPost();
break;
default:
return new Aphront404Response();
}
$project = id(new PhabricatorProjectQuery())->setViewer($user)->withIDs(array($this->id))->needMembers(true)->requireCapabilities($capabilities)->executeOne();
if (!$project) {
return new Aphront404Response();
}
$project_uri = '/project/view/' . $project->getID() . '/';
if ($process_action) {
$edge_action = null;
switch ($this->action) {
case 'join':
$edge_action = '+';
break;
case 'leave':
$edge_action = '-';
break;
}
$type_member = PhabricatorEdgeConfig::TYPE_PROJ_MEMBER;
$member_spec = array($edge_action => array($user->getPHID() => $user->getPHID()));
$xactions = array();
$xactions[] = id(new PhabricatorProjectTransaction())->setTransactionType(PhabricatorTransactions::TYPE_EDGE)->setMetadataValue('edge:type', $type_member)->setNewValue($member_spec);
$editor = id(new PhabricatorProjectTransactionEditor($project))->setActor($user)->setContentSourceFromRequest($request)->setContinueOnNoEffect(true)->setContinueOnMissingFields(true)->applyTransactions($project, $xactions);
return id(new AphrontRedirectResponse())->setURI($project_uri);
}
$dialog = null;
switch ($this->action) {
case 'leave':
$dialog = new AphrontDialogView();
$dialog->setUser($user);
$dialog->setTitle(pht('Really leave project?'));
$dialog->appendChild(phutil_tag('p', array(), pht('Your tremendous contributions to this project will be sorely ' . 'missed. Are you sure you want to leave?')));
$dialog->addCancelButton($project_uri);
$dialog->addSubmitButton(pht('Leave Project'));
break;
default:
return new Aphront404Response();
}
return id(new AphrontDialogResponse())->setDialog($dialog);
}
public function processRequest()
{
$request = $this->getRequest();
$user = $request->getUser();
$task = id(new PhabricatorWorkerTask())->load($this->id);
if (!$task) {
return new Aphront404Response();
}
if ($request->isFormPost()) {
switch ($this->action) {
case 'delete':
$task->delete();
break;
case 'release':
$task->setLeaseOwner(null);
$task->setLeaseExpires(time());
$task->save();
break;
}
return id(new AphrontRedirectResponse())->setURI('/daemon/');
}
$dialog = new AphrontDialogView();
$dialog->setUser($user);
switch ($this->action) {
case 'delete':
$dialog->setTitle('Really delete task?');
$dialog->appendChild('<p>The work this task represents will never be performed if you ' . 'delete it. Are you sure you want to delete it?</p>');
$dialog->addSubmitButton('Delete Task');
break;
case 'release':
$dialog->setTitle('Really free task lease?');
$dialog->appendChild('<p>If the process which owns the task lease is still doing work ' . 'on it, the work may be performed twice. Are you sure you ' . 'want to free the lease?</p>');
$dialog->addSubmitButton('Free Lease');
break;
default:
return new Aphront404Response();
}
$dialog->addCancelButton('/daemon/');
return id(new AphrontDialogResponse())->setDialog($dialog);
}
public function processRequest()
{
$request = $this->getRequest();
$user = $request->getUser();
$capabilities = array(PhabricatorPolicyCapability::CAN_VIEW);
$process_action = false;
switch ($this->action) {
case 'join':
$capabilities[] = PhabricatorPolicyCapability::CAN_JOIN;
$process_action = $request->isFormPost();
break;
case 'leave':
$process_action = $request->isDialogFormPost();
break;
default:
return new Aphront404Response();
}
$project = id(new PhabricatorProjectQuery())->setViewer($user)->withIDs(array($this->id))->needMembers(true)->requireCapabilities($capabilities)->executeOne();
if (!$project) {
return new Aphront404Response();
}
$project_uri = '/project/view/' . $project->getID() . '/';
if ($process_action) {
switch ($this->action) {
case 'join':
PhabricatorProjectEditor::applyJoinProject($project, $user);
break;
case 'leave':
PhabricatorProjectEditor::applyLeaveProject($project, $user);
break;
}
return id(new AphrontRedirectResponse())->setURI($project_uri);
}
$dialog = null;
switch ($this->action) {
case 'leave':
$dialog = new AphrontDialogView();
$dialog->setUser($user);
$dialog->setTitle('Really leave project?');
$dialog->appendChild('<p>Your tremendous contributions to this project will be sorely ' . 'missed. Are you sure you want to leave?</p>');
$dialog->addCancelButton($project_uri);
$dialog->addSubmitButton('Leave Project');
break;
default:
return new Aphront404Response();
}
return id(new AphrontDialogResponse())->setDialog($dialog);
}
public function processRequest()
{
$request = $this->getRequest();
$user = $request->getUser();
if ($request->isFormPost()) {
if (!$request->isDialogFormPost()) {
$dialog = new AphrontDialogView();
$dialog->setUser($user);
$dialog->setTitle('Really regenerate session?');
$dialog->setSubmitURI('/settings/page/conduit/');
$dialog->addSubmitButton('Regenerate');
$dialog->addCancelbutton('/settings/page/conduit/');
$dialog->appendChild('<p>Really destroy the old certificate? Any established ' . 'sessions will be terminated.');
return id(new AphrontDialogResponse())->setDialog($dialog);
}
$conn = $user->establishConnection('w');
queryfx($conn, 'DELETE FROM %T WHERE userPHID = %s AND type LIKE %>', PhabricatorUser::SESSION_TABLE, $user->getPHID(), 'conduit');
// This implicitly regenerates the certificate.
$user->setConduitCertificate(null);
$user->save();
return id(new AphrontRedirectResponse())->setURI('/settings/page/conduit/?regenerated=true');
}
if ($request->getStr('regenerated')) {
$notice = new AphrontErrorView();
$notice->setSeverity(AphrontErrorView::SEVERITY_NOTICE);
$notice->setTitle('Certificate Regenerated');
$notice->appendChild('<p>Your old certificate has been destroyed and you have been issued ' . 'a new certificate. Sessions established under the old certificate ' . 'are no longer valid.</p>');
$notice = $notice->render();
} else {
$notice = null;
}
$cert_form = new AphrontFormView();
$cert_form->setUser($user)->appendChild('<p class="aphront-form-instructions">This certificate allows you to ' . 'authenticate over Conduit, the Phabricator API. Normally, you just ' . 'run <tt>arc install-certificate</tt> to install it.')->appendChild(id(new AphrontFormTextAreaControl())->setLabel('Certificate')->setHeight(AphrontFormTextAreaControl::HEIGHT_SHORT)->setValue($user->getConduitCertificate()));
$cert = new AphrontPanelView();
$cert->setHeader('Arcanist Certificate');
$cert->appendChild($cert_form);
$cert->setWidth(AphrontPanelView::WIDTH_FORM);
$regen_form = new AphrontFormView();
$regen_form->setUser($user)->setAction('/settings/page/conduit/')->appendChild('<p class="aphront-form-instructions">You can regenerate this ' . 'certificate, which will invalidate the old certificate and create ' . 'a new one.</p>')->appendChild(id(new AphrontFormSubmitControl())->setValue('Regenerate Certificate'));
$regen = new AphrontPanelView();
$regen->setHeader('Regenerate Certificate');
$regen->appendChild($regen_form);
$regen->setWidth(AphrontPanelView::WIDTH_FORM);
return id(new AphrontNullView())->appendChild(array($notice, $cert, $regen));
}
public function processRequest()
{
$request = $this->getRequest();
if (!$request->isFormPost()) {
return new Aphront400Response();
}
$revision_id = $request->getInt('revision_id');
$revision = id(new DifferentialRevision())->load($revision_id);
if (!$revision) {
return new Aphront400Response();
}
$comment = $request->getStr('comment');
$action = $request->getStr('action');
$reviewers = $request->getArr('reviewers');
$ccs = $request->getArr('ccs');
$editor = new DifferentialCommentEditor($revision, $request->getUser()->getPHID(), $action);
$content_source = PhabricatorContentSource::newForSource(PhabricatorContentSource::SOURCE_WEB, array('ip' => $request->getRemoteAddr()));
try {
$editor->setMessage($comment)->setContentSource($content_source)->setAttachInlineComments(true)->setAddedReviewers($reviewers)->setAddedCCs($ccs)->save();
} catch (DifferentialActionHasNoEffectException $no_effect) {
$has_inlines = id(new DifferentialInlineComment())->loadAllWhere('authorPHID = %s AND revisionID = %d AND commentID IS NULL', $request->getUser()->getPHID(), $revision->getID());
$dialog = new AphrontDialogView();
$dialog->setUser($request->getUser());
$dialog->addCancelButton('/D' . $revision_id);
$dialog->addHiddenInput('revision_id', $revision_id);
$dialog->addHiddenInput('action', 'none');
$dialog->addHiddenInput('reviewers', $reviewers);
$dialog->addHiddenInput('ccs', $ccs);
$dialog->addHiddenInput('comment', $comment);
$dialog->setTitle('Action Has No Effect');
$dialog->appendChild('<p>' . phutil_escape_html($no_effect->getMessage()) . '</p>');
if (strlen($comment) || $has_inlines) {
$dialog->addSubmitButton('Post as Comment');
$dialog->appendChild('<br />');
$dialog->appendChild('<p>Do you want to post your feedback anyway, as a normal ' . 'comment?</p>');
}
return id(new AphrontDialogResponse())->setDialog($dialog);
}
// TODO: Diff change detection?
$draft = id(new PhabricatorDraft())->loadOneWhere('authorPHID = %s AND draftKey = %s', $request->getUser()->getPHID(), 'differential-comment-' . $revision->getID());
if ($draft) {
$draft->delete();
}
return id(new AphrontRedirectResponse())->setURI('/D' . $revision->getID());
}
public function processRequest()
{
$request = $this->getRequest();
$user = $request->getUser();
if ($request->isDialogFormPost()) {
$table = new PhabricatorFeedStoryNotification();
queryfx($table->establishConnection('w'), 'UPDATE %T SET hasViewed = 1 WHERE
userPHID = %s AND hasViewed = 0', $table->getTableName(), $user->getPHID());
return id(new AphrontReloadResponse())->setURI('/notification/');
}
$dialog = new AphrontDialogView();
$dialog->setUser($user);
$dialog->setTitle('Really mark all notifications as read?');
$dialog->appendChild("You can't ignore your problems forever, you know.");
$dialog->addCancelButton('/notification/');
$dialog->addSubmitButton('Mark All Read');
return id(new AphrontDialogResponse())->setDialog($dialog);
}
public function processRequest(AphrontRequest $request)
{
$user = $this->getUser();
$viewer = $request->getUser();
id(new PhabricatorAuthSessionEngine())->requireHighSecuritySession($viewer, $request, '/settings/');
if ($request->isFormPost()) {
if (!$request->isDialogFormPost()) {
$dialog = new AphrontDialogView();
$dialog->setUser($viewer);
$dialog->setTitle(pht('Really regenerate session?'));
$dialog->setSubmitURI($this->getPanelURI());
$dialog->addSubmitButton(pht('Regenerate'));
$dialog->addCancelbutton($this->getPanelURI());
$dialog->appendChild(phutil_tag('p', array(), pht('Really destroy the old certificate? Any established ' . 'sessions will be terminated.')));
return id(new AphrontDialogResponse())->setDialog($dialog);
}
$sessions = id(new PhabricatorAuthSessionQuery())->setViewer($user)->withIdentityPHIDs(array($user->getPHID()))->withSessionTypes(array(PhabricatorAuthSession::TYPE_CONDUIT))->execute();
foreach ($sessions as $session) {
$session->delete();
}
// This implicitly regenerates the certificate.
$user->setConduitCertificate(null);
$user->save();
return id(new AphrontRedirectResponse())->setURI($this->getPanelURI('?regenerated=true'));
}
if ($request->getStr('regenerated')) {
$notice = new AphrontErrorView();
$notice->setSeverity(AphrontErrorView::SEVERITY_NOTICE);
$notice->setTitle(pht('Certificate Regenerated'));
$notice->appendChild(phutil_tag('p', array(), pht('Your old certificate has been destroyed and you have been issued ' . 'a new certificate. Sessions established under the old certificate ' . 'are no longer valid.')));
$notice = $notice->render();
} else {
$notice = null;
}
Javelin::initBehavior('select-on-click');
$cert_form = new AphrontFormView();
$cert_form->setUser($viewer)->appendChild(phutil_tag('p', array('class' => 'aphront-form-instructions'), pht('This certificate allows you to authenticate over Conduit, ' . 'the Phabricator API. Normally, you just run %s to install it.', phutil_tag('tt', array(), 'arc install-certificate'))))->appendChild(id(new AphrontFormTextAreaControl())->setLabel(pht('Certificate'))->setHeight(AphrontFormTextAreaControl::HEIGHT_SHORT)->setReadonly(true)->setSigil('select-on-click')->setValue($user->getConduitCertificate()));
$cert_form = id(new PHUIObjectBoxView())->setHeaderText(pht('Arcanist Certificate'))->setForm($cert_form);
$regen_instruction = pht('You can regenerate this certificate, which ' . 'will invalidate the old certificate and create a new one.');
$regen_form = new AphrontFormView();
$regen_form->setUser($viewer)->setAction($this->getPanelURI())->setWorkflow(true)->appendChild(phutil_tag('p', array('class' => 'aphront-form-instructions'), $regen_instruction))->appendChild(id(new AphrontFormSubmitControl())->setValue(pht('Regenerate Certificate')));
$regen_form = id(new PHUIObjectBoxView())->setHeaderText(pht('Regenerate Certificate'))->setForm($regen_form);
return array($notice, $cert_form, $regen_form);
}
public function processRequest()
{
$request = $this->getRequest();
$user = $request->getUser();
$phid = $this->phid;
$handle = PhabricatorObjectHandleData::loadOneHandle($phid);
if (!$handle->isComplete()) {
return new Aphront404Response();
}
$flag = PhabricatorFlagQuery::loadUserFlag($user, $phid);
if (!$flag) {
$flag = new PhabricatorFlag();
$flag->setOwnerPHID($user->getPHID());
$flag->setType($handle->getType());
$flag->setObjectPHID($handle->getPHID());
$flag->setReasonPHID($user->getPHID());
}
if ($request->isDialogFormPost()) {
$flag->setColor($request->getInt('color'));
$flag->setNote($request->getStr('note'));
$flag->save();
return id(new AphrontReloadResponse())->setURI('/flag/');
}
$type_name = $handle->getTypeName();
$dialog = new AphrontDialogView();
$dialog->setUser($user);
$dialog->setTitle("Flag {$type_name}");
require_celerity_resource('phabricator-flag-css');
$form = new AphrontFormLayoutView();
$is_new = !$flag->getID();
if ($is_new) {
$form->appendChild("<p>You can flag this {$type_name} if you want to remember to look " . "at it later.</p><br />");
}
$radio = new AphrontFormRadioButtonControl();
foreach (PhabricatorFlagColor::getColorNameMap() as $color => $text) {
$class = 'phabricator-flag-radio phabricator-flag-color-' . $color;
$radio->addButton($color, $text, '', $class);
}
$form->appendChild($radio->setName('color')->setLabel('Flag Color')->setValue($flag->getColor()))->appendChild(id(new AphrontFormTextAreaControl())->setHeight(AphrontFormTextAreaControl::HEIGHT_VERY_SHORT)->setName('note')->setLabel('Note')->setValue($flag->getNote()));
$dialog->appendChild($form);
$dialog->addCancelButton($handle->getURI());
$dialog->addSubmitButton($is_new ? "Flag {$type_name}" : 'Save');
return id(new AphrontDialogResponse())->setDialog($dialog);
}
public function handleRequest(AphrontRequest $request)
{
$viewer = $request->getViewer();
$phid = $request->getURIData('phid');
$handle = id(new PhabricatorHandleQuery())->setViewer($viewer)->withPHIDs(array($phid))->executeOne();
if (!$handle->isComplete()) {
return new Aphront404Response();
}
$flag = PhabricatorFlagQuery::loadUserFlag($viewer, $phid);
if (!$flag) {
$flag = new PhabricatorFlag();
$flag->setOwnerPHID($viewer->getPHID());
$flag->setType($handle->getType());
$flag->setObjectPHID($handle->getPHID());
$flag->setReasonPHID($viewer->getPHID());
}
if ($request->isDialogFormPost()) {
$flag->setColor($request->getInt('color'));
$flag->setNote($request->getStr('note'));
$flag->save();
return id(new AphrontReloadResponse())->setURI('/flag/');
}
$type_name = $handle->getTypeName();
$dialog = new AphrontDialogView();
$dialog->setUser($viewer);
$dialog->setTitle(pht('Flag %s', $type_name));
require_celerity_resource('phabricator-flag-css');
$form = new PHUIFormLayoutView();
$is_new = !$flag->getID();
if ($is_new) {
$form->appendChild(hsprintf('<p>%s</p><br />', pht('You can flag this %s if you want to remember to look ' . 'at it later.', $type_name)));
}
$radio = new AphrontFormRadioButtonControl();
foreach (PhabricatorFlagColor::getColorNameMap() as $color => $text) {
$class = 'phabricator-flag-radio phabricator-flag-color-' . $color;
$radio->addButton($color, $text, '', $class);
}
$form->appendChild($radio->setName('color')->setLabel(pht('Flag Color'))->setValue($flag->getColor()))->appendChild(id(new AphrontFormTextAreaControl())->setHeight(AphrontFormTextAreaControl::HEIGHT_VERY_SHORT)->setName('note')->setLabel(pht('Note'))->setValue($flag->getNote()));
$dialog->appendChild($form);
$dialog->addCancelButton($handle->getURI());
$dialog->addSubmitButton($is_new ? pht('Create Flag') : pht('Save'));
return id(new AphrontDialogResponse())->setDialog($dialog);
}
public function processRequest()
{
$request = $this->getRequest();
$user = $request->getUser();
$ldap_info = id(new PhabricatorUserLDAPInfo())->loadOneWhere('userID = %d', $user->getID());
if (!$ldap_info) {
return new Aphront400Response();
}
if (!$request->isDialogFormPost()) {
$dialog = new AphrontDialogView();
$dialog->setUser($user);
$dialog->setTitle('Really unlink account?');
$dialog->appendChild('<p><strong>You will not be able to login</strong> using this account ' . 'once you unlink it. Continue?</p>');
$dialog->addSubmitButton('Unlink Account');
$dialog->addCancelButton('/settings/panel/ldap/');
return id(new AphrontDialogResponse())->setDialog($dialog);
}
$ldap_info->delete();
return id(new AphrontRedirectResponse())->setURI('/settings/panel/ldap/');
}
public function processRequest()
{
$category = id(new PhabricatorDirectoryCategory())->load($this->id);
if (!$category) {
return new Aphront404Response();
}
$request = $this->getRequest();
if ($request->isFormPost()) {
$category->delete();
return id(new AphrontRedirectResponse())->setURI('/directory/category/');
}
$dialog = new AphrontDialogView();
$dialog->setUser($request->getUser());
$dialog->setTitle('Really delete this category?');
$dialog->appendChild("Are you sure you want to delete this category?");
$dialog->addSubmitButton('Delete');
$dialog->addCancelButton('/directory/category/');
$dialog->setSubmitURI($request->getPath());
return id(new AphrontDialogResponse())->setDialog($dialog);
}
public function processRequest()
{
$request = $this->getRequest();
$user = $request->getUser();
$countdown = id(new PhabricatorCountdownQuery())->setViewer($user)->withIDs(array($this->id))->requireCapabilities(array(PhabricatorPolicyCapability::CAN_VIEW, PhabricatorPolicyCapability::CAN_EDIT))->executeOne();
if (!$countdown) {
return new Aphront404Response();
}
if ($request->isFormPost()) {
$countdown->delete();
return id(new AphrontRedirectResponse())->setURI('/countdown/');
}
$inst = pht('Are you sure you want to delete the countdown %s?', $countdown->getTitle());
$dialog = new AphrontDialogView();
$dialog->setUser($request->getUser());
$dialog->setTitle(pht('Really delete this countdown?'));
$dialog->appendChild(phutil_tag('p', array(), $inst));
$dialog->addSubmitButton(pht('Delete'));
$dialog->addCancelButton('/countdown/');
$dialog->setSubmitURI($request->getPath());
return id(new AphrontDialogResponse())->setDialog($dialog);
}
public function processRequest()
{
$request = $this->getRequest();
$user = $request->getUser();
$status = id(new PhabricatorCalendarEventQuery())->setViewer($user)->withIDs(array($this->id))->requireCapabilities(array(PhabricatorPolicyCapability::CAN_VIEW, PhabricatorPolicyCapability::CAN_EDIT))->executeOne();
if (!$status) {
return new Aphront404Response();
}
if ($request->isFormPost()) {
$status->delete();
$uri = new PhutilURI($this->getApplicationURI());
$uri->setQueryParams(array('deleted' => true));
return id(new AphrontRedirectResponse())->setURI($uri);
}
$dialog = new AphrontDialogView();
$dialog->setUser($user);
$dialog->setTitle(pht('Really delete status?'));
$dialog->appendChild(pht('Permanently delete this status? This action can not be undone.'));
$dialog->addSubmitButton(pht('Delete'));
$dialog->addCancelButton($this->getApplicationURI('event/'));
return id(new AphrontDialogResponse())->setDialog($dialog);
}
public function handleRequest(AphrontRequest $request)
{
$viewer = $request->getViewer();
$id = $request->getURIData('id');
$file = id(new PhabricatorFileQuery())->setViewer($viewer)->withIDs(array($id))->requireCapabilities(array(PhabricatorPolicyCapability::CAN_VIEW, PhabricatorPolicyCapability::CAN_EDIT))->executeOne();
if (!$file) {
return new Aphront404Response();
}
if ($viewer->getPHID() != $file->getAuthorPHID() && !$viewer->getIsAdmin()) {
return new Aphront403Response();
}
if ($request->isFormPost()) {
$file->delete();
return id(new AphrontRedirectResponse())->setURI('/file/');
}
$dialog = new AphrontDialogView();
$dialog->setUser($viewer);
$dialog->setTitle(pht('Really delete file?'));
$dialog->appendChild(hsprintf('<p>%s</p>', pht("Permanently delete '%s'? This action can not be undone.", $file->getName())));
$dialog->addSubmitButton(pht('Delete'));
$dialog->addCancelButton($file->getInfoURI());
return id(new AphrontDialogResponse())->setDialog($dialog);
}
public function processRequest()
{
$request = $this->getRequest();
$user = $request->getUser();
$file = id(new PhabricatorFile())->loadOneWhere('id = %d', $this->id);
if (!$file) {
return new Aphront404Response();
}
if ($user->getPHID() != $file->getAuthorPHID() && !$user->getIsAdmin()) {
return new Aphront403Response();
}
if ($request->isFormPost()) {
$file->delete();
return id(new AphrontRedirectResponse())->setURI('/file/');
}
$dialog = new AphrontDialogView();
$dialog->setUser($user);
$dialog->setTitle('Really delete file?');
$dialog->appendChild("<p>Permanently delete '" . phutil_escape_html($file->getName()) . "'? This " . "action can not be undone.");
$dialog->addSubmitButton('Delete');
$dialog->addCancelButton($file->getInfoURI());
return id(new AphrontDialogResponse())->setDialog($dialog);
}
public function processRequest()
{
$request = $this->getRequest();
$user = $request->getUser();
$timer = id(new PhabricatorTimer())->load($this->id);
if (!$timer) {
return new Aphront404Response();
}
if ($timer->getAuthorPHID() !== $user->getPHID() && $user->getIsAdmin() === false) {
return new Aphront404Response();
}
if ($request->isFormPost()) {
$timer->delete();
return id(new AphrontRedirectResponse())->setURI('/countdown/');
}
$dialog = new AphrontDialogView();
$dialog->setUser($request->getUser());
$dialog->setTitle('Really delete this countdown?');
$dialog->appendChild('<p>Are you sure you want to delete the countdown "' . phutil_escape_html($timer->getTitle()) . '"?</p>');
$dialog->addSubmitButton('Delete');
$dialog->addCancelButton('/countdown/');
$dialog->setSubmitURI($request->getPath());
return id(new AphrontDialogResponse())->setDialog($dialog);
}
public function processRequest()
{
$phid = $this->getAuthorizationPHID();
$title = 'Delete OAuth Client Authorization';
$request = $this->getRequest();
$current_user = $request->getUser();
$authorization = id(new PhabricatorOAuthClientAuthorization())->loadOneWhere('phid = %s', $phid);
if (empty($authorization)) {
return new Aphront404Response();
}
if ($authorization->getUserPHID() != $current_user->getPHID()) {
$message = 'Access denied to client authorization with phid ' . $phid . '. ' . 'Only the user who authorized the client has permission to ' . 'delete the authorization.';
return id(new Aphront403Response())->setForbiddenText($message);
}
if ($request->isFormPost()) {
$authorization->delete();
return id(new AphrontRedirectResponse())->setURI('/oauthserver/clientauthorization/?notice=deleted');
}
$client_phid = $authorization->getClientPHID();
$client = id(new PhabricatorOAuthServerClient())->loadOneWhere('phid = %s', $client_phid);
if ($client) {
$client_name = phutil_escape_html($client->getName());
$title .= ' for ' . $client_name;
} else {
// the client does not exist so token is dead already (but
// let's let the user clean this up anyway in that case)
$client_name = '';
}
$dialog = new AphrontDialogView();
$dialog->setUser($current_user);
$dialog->setTitle($title);
$dialog->appendChild('<p>Are you sure you want to delete this client authorization?</p>');
$dialog->addSubmitButton();
$dialog->addCancelButton($authorization->getEditURI());
return id(new AphrontDialogResponse())->setDialog($dialog);
}
private function processAjaxRequest()
{
$request = $this->getRequest();
$viewer = $request->getUser();
// We end up here if the user clicks a workflow link that they need to
// login to use. We give them a dialog saying "You need to login...".
if ($request->isDialogFormPost()) {
return id(new AphrontRedirectResponse())->setURI($request->getRequestURI());
}
$dialog = new AphrontDialogView();
$dialog->setUser($viewer);
$dialog->setTitle(pht('Login Required'));
$dialog->appendChild(pht('You must login to continue.'));
$dialog->addSubmitButton(pht('Login'));
$dialog->addCancelButton('/');
return id(new AphrontDialogResponse())->setDialog($dialog);
}
public function handleRequest(AphrontRequest $request)
{
$viewer = $request->getViewer();
$id = $request->getURIData('id');
$action = $request->getURIData('action');
$capabilities = array(PhabricatorPolicyCapability::CAN_VIEW);
$process_action = false;
switch ($action) {
case 'join':
$capabilities[] = PhabricatorPolicyCapability::CAN_JOIN;
$process_action = $request->isFormPost();
break;
case 'leave':
$process_action = $request->isDialogFormPost();
break;
default:
return new Aphront404Response();
}
$project = id(new PhabricatorProjectQuery())->setViewer($viewer)->withIDs(array($id))->needMembers(true)->requireCapabilities($capabilities)->executeOne();
if (!$project) {
return new Aphront404Response();
}
$project_uri = $this->getApplicationURI('profile/' . $project->getID() . '/');
if ($process_action) {
$edge_action = null;
switch ($action) {
case 'join':
$edge_action = '+';
break;
case 'leave':
$edge_action = '-';
break;
}
$type_member = PhabricatorProjectProjectHasMemberEdgeType::EDGECONST;
$member_spec = array($edge_action => array($viewer->getPHID() => $viewer->getPHID()));
$xactions = array();
$xactions[] = id(new PhabricatorProjectTransaction())->setTransactionType(PhabricatorTransactions::TYPE_EDGE)->setMetadataValue('edge:type', $type_member)->setNewValue($member_spec);
$editor = id(new PhabricatorProjectTransactionEditor($project))->setActor($viewer)->setContentSourceFromRequest($request)->setContinueOnNoEffect(true)->setContinueOnMissingFields(true)->applyTransactions($project, $xactions);
return id(new AphrontRedirectResponse())->setURI($project_uri);
}
$dialog = null;
switch ($action) {
case 'leave':
$dialog = new AphrontDialogView();
$dialog->setUser($viewer);
if ($this->userCannotLeave($project)) {
$dialog->setTitle(pht('You can not leave this project.'));
$body = pht('The membership is locked for this project.');
} else {
$dialog->setTitle(pht('Really leave project?'));
$body = pht('Your tremendous contributions to this project will be sorely ' . 'missed. Are you sure you want to leave?');
$dialog->addSubmitButton(pht('Leave Project'));
}
$dialog->appendParagraph($body);
$dialog->addCancelButton($project_uri);
break;
default:
return new Aphront404Response();
}
return id(new AphrontDialogResponse())->setDialog($dialog);
}
public function processRequest()
{
$request = $this->getRequest();
$user = $request->getUser();
$this->readRequestParameters();
switch ($this->getOperation()) {
case 'delete':
$inline = $this->loadCommentForEdit($this->getCommentID());
if ($request->isFormPost()) {
$inline->delete();
return $this->buildEmptyResponse();
}
$dialog = new AphrontDialogView();
$dialog->setUser($user);
$dialog->setSubmitURI($request->getRequestURI());
$dialog->setTitle('Really delete this comment?');
$dialog->addHiddenInput('id', $this->getCommentID());
$dialog->addHiddenInput('op', 'delete');
$dialog->appendChild('<p>Delete this inline comment?</p>');
$dialog->addCancelButton('#');
$dialog->addSubmitButton('Delete');
return id(new AphrontDialogResponse())->setDialog($dialog);
case 'edit':
$inline = $this->loadCommentForEdit($this->getCommentID());
$text = $this->getCommentText();
if ($request->isFormPost()) {
if (strlen($text)) {
$inline->setContent($text);
$inline->save();
return $this->buildRenderedCommentResponse($inline, $this->getIsOnRight());
} else {
$inline->delete();
return $this->buildEmptyResponse();
}
}
$edit_dialog = $this->buildEditDialog();
$edit_dialog->setTitle('Edit Inline Comment');
$edit_dialog->addHiddenInput('id', $this->getCommentID());
$edit_dialog->addHiddenInput('op', 'edit');
$edit_dialog->appendChild($this->renderTextArea(nonempty($text, $inline->getContent())));
return id(new AphrontAjaxResponse())->setContent($edit_dialog->render());
case 'create':
$text = $this->getCommentText();
if (!$request->isFormPost() || !strlen($text)) {
return $this->buildEmptyResponse();
}
$inline = $this->createComment()->setChangesetID($this->getChangesetID())->setAuthorPHID($user->getPHID())->setLineNumber($this->getLineNumber())->setLineLength($this->getLineLength())->setIsNewFile($this->getIsNewFile())->setContent($text)->save();
return $this->buildRenderedCommentResponse($inline, $this->getIsOnRight());
case 'reply':
default:
$edit_dialog = $this->buildEditDialog();
if ($this->getOperation() == 'reply') {
$inline = $this->loadComment($this->getCommentID());
$edit_dialog->setTitle('Reply to Inline Comment');
$changeset = $inline->getChangesetID();
$is_new = $inline->getIsNewFile();
$number = $inline->getLineNumber();
$length = $inline->getLineLength();
} else {
$edit_dialog->setTitle('New Inline Comment');
$changeset = $this->getChangesetID();
$is_new = $this->getIsNewFile();
$number = $this->getLineNumber();
$length = $this->getLineLength();
}
$edit_dialog->addHiddenInput('op', 'create');
$edit_dialog->addHiddenInput('changeset', $changeset);
$edit_dialog->addHiddenInput('is_new', $is_new);
$edit_dialog->addHiddenInput('number', $number);
$edit_dialog->addHiddenInput('length', $length);
$text_area = $this->renderTextArea($this->getCommentText());
$edit_dialog->appendChild($text_area);
return id(new AphrontAjaxResponse())->setContent($edit_dialog->render());
}
}
public function processRequest()
{
$current_user = $this->getRequest()->getUser();
$provider = $this->provider;
if (!$provider->isProviderEnabled()) {
return new Aphront400Response();
}
$provider_name = $provider->getProviderName();
$provider_key = $provider->getProviderKey();
$request = $this->getRequest();
if ($request->getStr('error')) {
$error_view = id(new PhabricatorOAuthFailureView())->setRequest($request);
return $this->buildErrorResponse($error_view);
}
$error_response = $this->retrieveAccessToken($provider);
if ($error_response) {
return $error_response;
}
$userinfo_uri = new PhutilURI($provider->getUserInfoURI());
$userinfo_uri->setQueryParams(array('access_token' => $this->accessToken));
$user_json = @file_get_contents($userinfo_uri);
$user_data = json_decode($user_json, true);
$provider->setUserData($user_data);
$provider->setAccessToken($this->accessToken);
$user_id = $provider->retrieveUserID();
$provider_key = $provider->getProviderKey();
$oauth_info = $this->retrieveOAuthInfo($provider);
if ($current_user->getPHID()) {
if ($oauth_info->getID()) {
if ($oauth_info->getUserID() != $current_user->getID()) {
$dialog = new AphrontDialogView();
$dialog->setUser($current_user);
$dialog->setTitle('Already Linked to Another Account');
$dialog->appendChild('<p>The ' . $provider_name . ' account you just authorized ' . 'is already linked to another Phabricator account. Before you can ' . 'associate your ' . $provider_name . ' account with this Phabriactor ' . 'account, you must unlink it from the Phabricator account it is ' . 'currently linked to.</p>');
$dialog->addCancelButton('/settings/page/' . $provider_key . '/');
return id(new AphrontDialogResponse())->setDialog($dialog);
} else {
return id(new AphrontRedirectResponse())->setURI('/settings/page/' . $provider_key . '/');
}
}
$existing_oauth = id(new PhabricatorUserOAuthInfo())->loadOneWhere('userID = %d AND oauthProvider = %s', $current_user->getID(), $provider_key);
if ($existing_oauth) {
$dialog = new AphrontDialogView();
$dialog->setUser($current_user);
$dialog->setTitle('Already Linked to an Account From This Provider');
$dialog->appendChild('<p>The account you are logged in with is already linked to a ' . $provider_name . ' account. Before you can link it to a different ' . $provider_name . ' account, you must unlink the old account.</p>');
$dialog->addCancelButton('/settings/page/' . $provider_key . '/');
return id(new AphrontDialogResponse())->setDialog($dialog);
}
if (!$request->isDialogFormPost()) {
$dialog = new AphrontDialogView();
$dialog->setUser($current_user);
$dialog->setTitle('Link ' . $provider_name . ' Account');
$dialog->appendChild('<p>Link your ' . $provider_name . ' account to your Phabricator ' . 'account?</p>');
$dialog->addHiddenInput('token', $provider->getAccessToken());
$dialog->addHiddenInput('expires', $oauth_info->getTokenExpires());
$dialog->addHiddenInput('state', $this->oauthState);
$dialog->addSubmitButton('Link Accounts');
$dialog->addCancelButton('/settings/page/' . $provider_key . '/');
return id(new AphrontDialogResponse())->setDialog($dialog);
}
$oauth_info->setUserID($current_user->getID());
$this->saveOAuthInfo($oauth_info);
return id(new AphrontRedirectResponse())->setURI('/settings/page/' . $provider_key . '/');
}
$next_uri = $request->getCookie('next_uri', '/');
// Login with known auth.
if ($oauth_info->getID()) {
$unguarded = AphrontWriteGuard::beginScopedUnguardedWrites();
$known_user = id(new PhabricatorUser())->load($oauth_info->getUserID());
$request->getApplicationConfiguration()->willAuthenticateUserWithOAuth($known_user, $oauth_info, $provider);
$session_key = $known_user->establishSession('web');
$this->saveOAuthInfo($oauth_info);
$request->setCookie('phusr', $known_user->getUsername());
$request->setCookie('phsid', $session_key);
$request->clearCookie('next_uri');
return id(new AphrontRedirectResponse())->setURI($next_uri);
}
$oauth_email = $provider->retrieveUserEmail();
if ($oauth_email) {
$known_email = id(new PhabricatorUser())->loadOneWhere('email = %s', $oauth_email);
if ($known_email) {
$dialog = new AphrontDialogView();
$dialog->setUser($current_user);
$dialog->setTitle('Already Linked to Another Account');
$dialog->appendChild('<p>The ' . $provider_name . ' account you just authorized has an ' . 'email address which is already in use by another Phabricator ' . 'account. To link the accounts, log in to your Phabricator ' . 'account and then go to Settings.</p>');
$dialog->addCancelButton('/login/');
return id(new AphrontDialogResponse())->setDialog($dialog);
}
}
if (!$provider->isProviderRegistrationEnabled()) {
$dialog = new AphrontDialogView();
$dialog->setUser($current_user);
$dialog->setTitle('No Account Registration With ' . $provider_name);
$dialog->appendChild('<p>You can not register a new account using ' . $provider_name . '; ' . 'you can only use your ' . $provider_name . ' account to log into an ' . 'existing Phabricator account which you have registered through ' . 'other means.</p>');
$dialog->addCancelButton('/login/');
return id(new AphrontDialogResponse())->setDialog($dialog);
}
$class = PhabricatorEnv::getEnvConfig('controller.oauth-registration');
PhutilSymbolLoader::loadClass($class);
$controller = newv($class, array($this->getRequest()));
$controller->setOAuthProvider($provider);
$controller->setOAuthInfo($oauth_info);
$controller->setOAuthState($this->oauthState);
return $this->delegateToController($controller);
}
/**
* @phutil-external-symbol class PHPExcel
* @phutil-external-symbol class PHPExcel_IOFactory
* @phutil-external-symbol class PHPExcel_Style_NumberFormat
*/
public function processRequest()
{
$request = $this->getRequest();
$user = $request->getUser();
$ok = @(include_once 'PHPExcel.php');
if (!$ok) {
$dialog = new AphrontDialogView();
$dialog->setUser($user);
$dialog->setTitle('Excel Export Not Configured');
$dialog->appendChild('<p>This system does not have PHPExcel installed. This software ' . 'component is required to export tasks to Excel. Have your system ' . 'administrator install it from:</p>' . '<br />' . '<p>' . '<a href="http://www.phpexcel.net/">http://www.phpexcel.net/</a>' . '</p>' . '<br />' . '<p>Your PHP "include_path" needs to be updated to include the ' . 'PHPExcel Classes/ directory.</p>');
$dialog->addCancelButton('/maniphest/');
return id(new AphrontDialogResponse())->setDialog($dialog);
}
$query = id(new PhabricatorSearchQuery())->loadOneWhere('queryKey = %s', $this->key);
if (!$query) {
return new Aphront404Response();
}
if (!$request->isDialogFormPost()) {
$dialog = new AphrontDialogView();
$dialog->setUser($user);
$dialog->setTitle('Export Tasks to Excel');
$dialog->appendChild('<p>Do you want to export the query results to Excel?</p>');
$dialog->addCancelButton('/maniphest/');
$dialog->addSubmitButton('Export to Excel');
return id(new AphrontDialogResponse())->setDialog($dialog);
}
$query->setParameter('limit', null);
$query->setParameter('offset', null);
$query->setParameter('order', 'p');
$query->setParameter('group', 'n');
list($tasks, $handles) = ManiphestTaskListController::loadTasks($query);
// Ungroup tasks.
$tasks = array_mergev($tasks);
$all_projects = array_mergev(mpull($tasks, 'getProjectPHIDs'));
$project_handles = $this->loadViewerHandles($all_projects);
$handles += $project_handles;
$workbook = new PHPExcel();
$sheet = $workbook->setActiveSheetIndex(0);
$sheet->setTitle('Tasks');
$widths = array(null, 15, null, 10, 15, 15, 60, 30, 20, 100);
foreach ($widths as $col => $width) {
if ($width !== null) {
$sheet->getColumnDimension($this->col($col))->setWidth($width);
}
}
$status_map = ManiphestTaskStatus::getTaskStatusMap();
$pri_map = ManiphestTaskPriority::getTaskPriorityMap();
$date_format = null;
$rows = array();
$rows[] = array('ID', 'Owner', 'Status', 'Priority', 'Date Created', 'Date Updated', 'Title', 'Projects', 'URI', 'Description');
$is_date = array(false, false, false, false, true, true, false, false, false, false);
$header_format = array('font' => array('bold' => true));
foreach ($tasks as $task) {
$task_owner = null;
if ($task->getOwnerPHID()) {
$task_owner = $handles[$task->getOwnerPHID()]->getName();
}
$projects = array();
foreach ($task->getProjectPHIDs() as $phid) {
$projects[] = $handles[$phid]->getName();
}
$projects = implode(', ', $projects);
$rows[] = array('T' . $task->getID(), $task_owner, idx($status_map, $task->getStatus(), '?'), idx($pri_map, $task->getPriority(), '?'), $this->computeExcelDate($task->getDateCreated()), $this->computeExcelDate($task->getDateModified()), $task->getTitle(), $projects, PhabricatorEnv::getProductionURI('/T' . $task->getID()), phutil_utf8_shorten($task->getDescription(), 512));
}
foreach ($rows as $row => $cols) {
foreach ($cols as $col => $spec) {
$cell_name = $this->col($col) . ($row + 1);
$sheet->setCellValue($cell_name, $spec);
if ($row == 0) {
$sheet->getStyle($cell_name)->applyFromArray($header_format);
}
if ($is_date[$col]) {
$code = PHPExcel_Style_NumberFormat::FORMAT_DATE_YYYYMMDD2;
$sheet->getStyle($cell_name)->getNumberFormat()->setFormatCode($code);
}
}
}
$writer = PHPExcel_IOFactory::createWriter($workbook, 'Excel2007');
ob_start();
$writer->save('php://output');
$data = ob_get_clean();
$mime = 'application/vnd.openxmlformats-officedocument.spreadsheetml.sheet';
return id(new AphrontFileResponse())->setMimeType($mime)->setDownload('maniphest_tasks_' . date('Ymd') . '.xlsx')->setContent($data);
}
public function handleRequest(AphrontRequest $request)
{
if (!PhabricatorPasswordAuthProvider::getPasswordProvider()) {
return new Aphront400Response();
}
$e_email = true;
$e_captcha = true;
$errors = array();
$is_serious = PhabricatorEnv::getEnvConfig('phabricator.serious-business');
if ($request->isFormPost()) {
$e_email = null;
$e_captcha = pht('Again');
$captcha_ok = AphrontFormRecaptchaControl::processCaptcha($request);
if (!$captcha_ok) {
$errors[] = pht('Captcha response is incorrect, try again.');
$e_captcha = pht('Invalid');
}
$email = $request->getStr('email');
if (!strlen($email)) {
$errors[] = pht('You must provide an email address.');
$e_email = pht('Required');
}
if (!$errors) {
// NOTE: Don't validate the email unless the captcha is good; this makes
// it expensive to fish for valid email addresses while giving the user
// a better error if they goof their email.
$target_email = id(new PhabricatorUserEmail())->loadOneWhere('address = %s', $email);
$target_user = null;
if ($target_email) {
$target_user = id(new PhabricatorUser())->loadOneWhere('phid = %s', $target_email->getUserPHID());
}
if (!$target_user) {
$errors[] = pht('There is no account associated with that email address.');
$e_email = pht('Invalid');
}
// If this address is unverified, only send a reset link to it if
// the account has no verified addresses. This prevents an opportunistic
// attacker from compromising an account if a user adds an email
// address but mistypes it and doesn't notice.
// (For a newly created account, all the addresses may be unverified,
// which is why we'll send to an unverified address in that case.)
if ($target_email && !$target_email->getIsVerified()) {
$verified_addresses = id(new PhabricatorUserEmail())->loadAllWhere('userPHID = %s AND isVerified = 1', $target_email->getUserPHID());
if ($verified_addresses) {
$errors[] = pht('That email address is not verified. You can only send ' . 'password reset links to a verified address.');
$e_email = pht('Unverified');
}
}
if (!$errors) {
$engine = new PhabricatorAuthSessionEngine();
$uri = $engine->getOneTimeLoginURI($target_user, null, PhabricatorAuthSessionEngine::ONETIME_RESET);
if ($is_serious) {
$body = pht("You can use this link to reset your Phabricator password:"******"\n\n %s\n", $uri);
} else {
$body = pht("Condolences on forgetting your password. You can use this " . "link to reset it:\n\n" . " %s\n\n" . "After you set a new password, consider writing it down on a " . "sticky note and attaching it to your monitor so you don't " . "forget again! Choosing a very short, easy-to-remember password " . "like \"cat\" or \"1234\" might also help.\n\n" . "Best Wishes,\nPhabricator\n", $uri);
}
$mail = id(new PhabricatorMetaMTAMail())->setSubject(pht('[Phabricator] Password Reset'))->setForceDelivery(true)->addRawTos(array($target_email->getAddress()))->setBody($body)->saveAndSend();
return $this->newDialog()->setTitle(pht('Check Your Email'))->setShortTitle(pht('Email Sent'))->appendParagraph(pht('An email has been sent with a link you can use to login.'))->addCancelButton('/', pht('Done'));
}
}
}
$error_view = null;
if ($errors) {
$error_view = new PHUIInfoView();
$error_view->setErrors($errors);
}
$email_auth = new PHUIFormLayoutView();
$email_auth->appendChild($error_view);
$email_auth->setUser($request->getUser())->setFullWidth(true)->appendChild(id(new AphrontFormTextControl())->setLabel(pht('Email'))->setName('email')->setValue($request->getStr('email'))->setError($e_email))->appendChild(id(new AphrontFormRecaptchaControl())->setLabel(pht('Captcha'))->setError($e_captcha));
$crumbs = $this->buildApplicationCrumbs();
$crumbs->addTextCrumb(pht('Reset Password'));
$dialog = new AphrontDialogView();
$dialog->setUser($request->getUser());
$dialog->setTitle(pht('Forgot Password / Email Login'));
$dialog->appendChild($email_auth);
$dialog->addSubmitButton(pht('Send Email'));
$dialog->setSubmitURI('/login/email/');
return $this->buildApplicationPage(array($crumbs, $dialog), array('title' => pht('Forgot Password')));
}
public function processRequest()
{
if (!$this->provider->isProviderEnabled()) {
return new Aphront400Response();
}
$current_user = $this->getRequest()->getUser();
$request = $this->getRequest();
$ldap_username = $request->getCookie('phusr');
if ($request->isFormPost()) {
$ldap_username = $request->getStr('username');
try {
$envelope = new PhutilOpaqueEnvelope($request->getStr('password'));
$this->provider->auth($ldap_username, $envelope);
} catch (Exception $e) {
$errors[] = $e->getMessage();
}
if (empty($errors)) {
$ldap_info = $this->retrieveLDAPInfo($this->provider);
if ($current_user->getPHID()) {
if ($ldap_info->getID()) {
$existing_ldap = id(new PhabricatorUserLDAPInfo())->loadOneWhere('userID = %d', $current_user->getID());
if ($ldap_info->getUserID() != $current_user->getID() || $existing_ldap) {
$dialog = new AphrontDialogView();
$dialog->setUser($current_user);
$dialog->setTitle('Already Linked to Another Account');
$dialog->appendChild('<p>The LDAP account you just authorized is already linked to ' . 'another Phabricator account. Before you can link it to a ' . 'different LDAP account, you must unlink the old account.</p>');
$dialog->addCancelButton('/settings/page/ldap/');
return id(new AphrontDialogResponse())->setDialog($dialog);
} else {
return id(new AphrontRedirectResponse())->setURI('/settings/page/ldap/');
}
}
if (!$request->isDialogFormPost()) {
$dialog = new AphrontDialogView();
$dialog->setUser($current_user);
$dialog->setTitle('Link LDAP Account');
$dialog->appendChild('<p>Link your LDAP account to your Phabricator account?</p>');
$dialog->addHiddenInput('username', $request->getStr('username'));
$dialog->addHiddenInput('password', $request->getStr('password'));
$dialog->addSubmitButton('Link Accounts');
$dialog->addCancelButton('/settings/page/ldap/');
return id(new AphrontDialogResponse())->setDialog($dialog);
}
$ldap_info->setUserID($current_user->getID());
$this->saveLDAPInfo($ldap_info);
return id(new AphrontRedirectResponse())->setURI('/settings/page/ldap/');
}
if ($ldap_info->getID()) {
$unguarded = AphrontWriteGuard::beginScopedUnguardedWrites();
$known_user = id(new PhabricatorUser())->load($ldap_info->getUserID());
$session_key = $known_user->establishSession('web');
$this->saveLDAPInfo($ldap_info);
$request->setCookie('phusr', $known_user->getUsername());
$request->setCookie('phsid', $session_key);
$uri = new PhutilURI('/login/validate/');
$uri->setQueryParams(array('phusr' => $known_user->getUsername()));
return id(new AphrontRedirectResponse())->setURI((string) $uri);
}
$controller = newv('PhabricatorLDAPRegistrationController', array($this->getRequest()));
$controller->setLDAPProvider($this->provider);
$controller->setLDAPInfo($ldap_info);
return $this->delegateToController($controller);
}
}
$ldap_form = new AphrontFormView();
$ldap_form->setUser($request->getUser())->setAction('/ldap/login/')->appendChild(id(new AphrontFormTextControl())->setLabel('LDAP username')->setName('username')->setValue($ldap_username))->appendChild(id(new AphrontFormPasswordControl())->setLabel('Password')->setName('password'));
$ldap_form->appendChild(id(new AphrontFormSubmitControl())->setValue('Login'));
$panel = new AphrontPanelView();
$panel->setWidth(AphrontPanelView::WIDTH_FORM);
$panel->appendChild('<h1>LDAP login</h1>');
$panel->appendChild($ldap_form);
if (isset($errors) && count($errors) > 0) {
$error_view = new AphrontErrorView();
$error_view->setTitle('Login Failed');
$error_view->setErrors($errors);
}
return $this->buildStandardPageResponse(array(isset($error_view) ? $error_view : null, $panel), array('title' => 'Login'));
}