public function buildMainMenuItems(PhabricatorUser $user, PhabricatorController $controller = null) { $items = array(); if ($user->isLoggedIn() && $user->isUserActivated()) { $image = $user->loadProfileImageURI(); $item = id(new PHUIListItemView())->setName($user->getUsername())->setHref('/p/' . $user->getUsername() . '/')->addClass('core-menu-item')->setAural(pht('Profile'))->setOrder(100); $classes = array('phabricator-core-menu-icon', 'phabricator-core-menu-profile-image'); $item->appendChild(phutil_tag('span', array('class' => implode(' ', $classes), 'style' => 'background-image: url(' . $image . ')'), '')); $items[] = $item; } return $items; }
protected function buildUserInformationDictionary(PhabricatorUser $user, PhabricatorUserStatus $current_status = null) { $roles = array(); if ($user->getIsDisabled()) { $roles[] = 'disabled'; } if ($user->getIsSystemAgent()) { $roles[] = 'agent'; } if ($user->getIsAdmin()) { $roles[] = 'admin'; } $primary = $user->loadPrimaryEmail(); if ($primary && $primary->getIsVerified()) { $roles[] = 'verified'; } else { $roles[] = 'unverified'; } $return = array('phid' => $user->getPHID(), 'userName' => $user->getUserName(), 'realName' => $user->getRealName(), 'image' => $user->loadProfileImageURI(), 'uri' => PhabricatorEnv::getURI('/p/' . $user->getUsername() . '/'), 'roles' => $roles); if ($current_status) { $return['currentStatus'] = $current_status->getTextStatus(); $return['currentStatusUntil'] = $current_status->getDateTo(); } return $return; }
public function buildIconNavView(PhabricatorUser $user) { $viewer = $this->getViewer(); $picture = $user->getProfileImageURI(); $name = $user->getUsername(); $nav = new AphrontSideNavFilterView(); $nav->setIconNav(true); $nav->setBaseURI(new PhutilURI('/p/')); $nav->addIcon("{$name}/", $name, null, $picture); $class = 'PhabricatorCalendarApplication'; if (PhabricatorApplication::isClassInstalledForViewer($class, $viewer)) { $nav->addIcon("{$name}/calendar/", pht('Calendar'), 'fa-calendar'); } $class = 'PhabricatorManiphestApplication'; if (PhabricatorApplication::isClassInstalledForViewer($class, $viewer)) { $phid = $user->getPHID(); $view_uri = sprintf('/maniphest/?statuses=open()&assigned=%s#R', $phid); $nav->addIcon('maniphest', pht('Open Tasks'), 'fa-anchor', null, $view_uri); } $class = 'PhabricatorDifferentialApplication'; if (PhabricatorApplication::isClassInstalledForViewer($class, $viewer)) { $username = phutil_escape_uri($name); $view_uri = '/differential/?authors=' . $username; $nav->addIcon('differential', pht('Revisions'), 'fa-cog', null, $view_uri); } $class = 'PhabricatorAuditApplication'; if (PhabricatorApplication::isClassInstalledForViewer($class, $viewer)) { $username = phutil_escape_uri($name); $view_uri = '/audit/?authors=' . $username; $nav->addIcon('audit', pht('Commits'), 'fa-code', null, $view_uri); } return $nav; }
private function handleLoggedInInvite(PhabricatorAuthInvite $invite, PhabricatorUser $viewer, PhabricatorUserEmail $email = null) { if ($email && $email->getUserPHID() !== $viewer->getPHID()) { $other_user = $this->loadUserForEmail($email); if ($email->getIsVerified()) { throw id(new PhabricatorAuthInviteAccountException(pht('Wrong Account'), pht('You are logged in as %s, but the email address you just ' . 'clicked a link from is already verified and associated ' . 'with another account (%s). Switch accounts, then try again.', phutil_tag('strong', array(), $viewer->getUsername()), phutil_tag('strong', array(), $other_user->getName()))))->setSubmitButtonText(pht('Log Out'))->setSubmitButtonURI($this->getLogoutURI())->setCancelButtonURI('/'); } else { if ($email->getIsPrimary()) { // NOTE: We never steal primary addresses from other accounts, even // if they are unverified. This would leave the other account with // no address. Users can use password recovery to access the other // account if they really control the address. throw id(new PhabricatorAuthInviteAccountException(pht('Wrong Acount'), pht('You are logged in as %s, but the email address you just ' . 'clicked a link from is already the primary email address ' . 'for another account (%s). Switch accounts, then try again.', phutil_tag('strong', array(), $viewer->getUsername()), phutil_tag('strong', array(), $other_user->getName()))))->setSubmitButtonText(pht('Log Out'))->setSubmitButtonURI($this->getLogoutURI())->setCancelButtonURI('/'); } else { if (!$this->shouldVerify()) { throw id(new PhabricatorAuthInviteVerifyException(pht('Verify Email'), pht('You are logged in as %s, but the email address (%s) you just ' . 'clicked a link from is already associated with another ' . 'account (%s). You can log out to switch accounts, or verify ' . 'the address and attach it to your current account. Attach ' . 'email address %s to user account %s?', phutil_tag('strong', array(), $viewer->getUsername()), phutil_tag('strong', array(), $invite->getEmailAddress()), phutil_tag('strong', array(), $other_user->getName()), phutil_tag('strong', array(), $invite->getEmailAddress()), phutil_tag('strong', array(), $viewer->getUsername()))))->setSubmitButtonText(pht('Verify %s', $invite->getEmailAddress()))->setCancelButtonText(pht('Log Out'))->setCancelButtonURI($this->getLogoutURI()); } } } } if (!$email) { $email = id(new PhabricatorUserEmail())->setAddress($invite->getEmailAddress())->setIsVerified(0)->setIsPrimary(0); } if (!$email->getIsVerified()) { // We're doing this check here so that we can verify the address if // it's already attached to the viewer's account, just not verified. if (!$this->shouldVerify()) { throw id(new PhabricatorAuthInviteVerifyException(pht('Verify Email'), pht('Verify this email address (%s) and attach it to your ' . 'account (%s)?', phutil_tag('strong', array(), $invite->getEmailAddress()), phutil_tag('strong', array(), $viewer->getUsername()))))->setSubmitButtonText(pht('Verify %s', $invite->getEmailAddress()))->setCancelButtonURI('/'); } $editor = id(new PhabricatorUserEditor())->setActor($viewer); // If this is a new email, add it to the user's account. if (!$email->getUserPHID()) { $editor->addEmail($viewer, $email); } // If another user added this email (but has not verified it), // take it from them. $editor->reassignEmail($viewer, $email); $editor->verifyEmail($viewer, $email); } $invite->setAcceptedByPHID($viewer->getPHID()); $invite->save(); // If we make it here, the user was already logged in with the email // address attached to their account and verified, or we attached it to // their account (if it was not already attached) and verified it. throw new PhabricatorAuthInviteRegisteredException(); }
public function validateSender(PhabricatorMetaMTAReceivedMail $mail, PhabricatorUser $sender) { $failure_reason = null; if ($sender->getIsDisabled()) { $failure_reason = pht('Your account (%s) is disabled, so you can not interact with ' . 'Phabricator over email.', $sender->getUsername()); } else { if ($sender->getIsStandardUser()) { if (!$sender->getIsApproved()) { $failure_reason = pht('Your account (%s) has not been approved yet. You can not interact ' . 'with Phabricator over email until your account is approved.', $sender->getUsername()); } else { if (PhabricatorUserEmail::isEmailVerificationRequired() && !$sender->getIsEmailVerified()) { $failure_reason = pht('You have not verified the email address for your account (%s). ' . 'You must verify your email address before you can interact ' . 'with Phabricator over email.', $sender->getUsername()); } } } } if ($failure_reason) { throw new PhabricatorMetaMTAReceivedMailProcessingException(MetaMTAReceivedMailStatus::STATUS_DISABLED_SENDER, $failure_reason); } }
public function buildMainMenuItems(PhabricatorUser $user, PhabricatorController $controller = null) { $items = array(); if ($controller instanceof PhabricatorPeopleProfileController && $controller->getProfileUser() && $controller->getProfileUser()->getPHID() == $user->getPHID()) { $class = 'main-menu-item-icon-profile-selected'; } else { $class = 'main-menu-item-icon-profile-not-selected'; } if ($user->isLoggedIn()) { $image = $user->loadProfileImageURI(); $item = new PhabricatorMainMenuIconView(); $item->setName($user->getUsername()); $item->addClass('main-menu-item-icon-profile ' . $class); $item->addStyle('background-image: url(' . $image . ')'); $item->setHref('/p/' . $user->getUsername() . '/'); $item->setSortOrder(0.0); $items[] = $item; } return $items; }
protected function buildUserInformationDictionary(PhabricatorUser $user) { $src_phid = $user->getProfileImagePHID(); $file = id(new PhabricatorFile())->loadOneWhere('phid = %s', $src_phid); if ($file) { $picture = $file->getBestURI(); } else { $picture = null; } return array('phid' => $user->getPHID(), 'userName' => $user->getUserName(), 'realName' => $user->getRealName(), 'email' => $user->getEmail(), 'image' => $picture, 'uri' => PhabricatorEnv::getURI('/p/' . $user->getUsername() . '/')); }
public function processRequest() { $request = $this->getRequest(); $viewer = $request->getUser(); $is_admin = $viewer->getIsAdmin(); $user = new PhabricatorUser(); $count = queryfx_one($user->establishConnection('r'), 'SELECT COUNT(*) N FROM %T', $user->getTableName()); $count = idx($count, 'N', 0); $pager = new AphrontPagerView(); $pager->setOffset($request->getInt('page', 0)); $pager->setCount($count); $pager->setURI($request->getRequestURI(), 'page'); $users = id(new PhabricatorPeopleQuery())->needPrimaryEmail(true)->executeWithOffsetPager($pager); $rows = array(); foreach ($users as $user) { $primary_email = $user->loadPrimaryEmail(); if ($primary_email && $primary_email->getIsVerified()) { $email = 'Verified'; } else { $email = 'Unverified'; } $status = array(); if ($user->getIsDisabled()) { $status[] = 'Disabled'; } if ($user->getIsAdmin()) { $status[] = 'Admin'; } if ($user->getIsSystemAgent()) { $status[] = 'System Agent'; } $status = implode(', ', $status); $rows[] = array(phabricator_date($user->getDateCreated(), $viewer), phabricator_time($user->getDateCreated(), $viewer), phutil_render_tag('a', array('href' => '/p/' . $user->getUsername() . '/'), phutil_escape_html($user->getUserName())), phutil_escape_html($user->getRealName()), $status, $email, phutil_render_tag('a', array('class' => 'button grey small', 'href' => '/people/edit/' . $user->getID() . '/'), 'Administrate User')); } $table = new AphrontTableView($rows); $table->setHeaders(array('Join Date', 'Time', 'Username', 'Real Name', 'Roles', 'Email', '')); $table->setColumnClasses(array(null, 'right', 'pri', 'wide', null, null, 'action')); $table->setColumnVisibility(array(true, true, true, true, $is_admin, $is_admin, $is_admin)); $panel = new AphrontPanelView(); $panel->setHeader('People (' . number_format($count) . ')'); $panel->appendChild($table); $panel->appendChild($pager); if ($is_admin) { $panel->addButton(phutil_render_tag('a', array('href' => '/people/edit/', 'class' => 'button green'), 'Create New Account')); if (PhabricatorEnv::getEnvConfig('ldap.auth-enabled')) { $panel->addButton(phutil_render_tag('a', array('href' => '/people/ldap/', 'class' => 'button green'), 'Import from LDAP')); } } $nav = $this->buildSideNavView(); $nav->selectFilter('people'); $nav->appendChild($panel); return $this->buildApplicationPage($nav, array('title' => 'People')); }
protected function buildUserInformationDictionary(PhabricatorUser $user, $with_email = false, $with_availability = false) { $roles = array(); if ($user->getIsDisabled()) { $roles[] = 'disabled'; } if ($user->getIsSystemAgent()) { $roles[] = 'agent'; } if ($user->getIsMailingList()) { $roles[] = 'list'; } if ($user->getIsAdmin()) { $roles[] = 'admin'; } $primary = $user->loadPrimaryEmail(); if ($primary && $primary->getIsVerified()) { $email = $primary->getAddress(); $roles[] = 'verified'; } else { $email = null; $roles[] = 'unverified'; } if ($user->getIsApproved()) { $roles[] = 'approved'; } if ($user->isUserActivated()) { $roles[] = 'activated'; } $return = array('phid' => $user->getPHID(), 'userName' => $user->getUserName(), 'realName' => $user->getRealName(), 'image' => $user->getProfileImageURI(), 'uri' => PhabricatorEnv::getURI('/p/' . $user->getUsername() . '/'), 'roles' => $roles); if ($with_email) { $return['primaryEmail'] = $email; } if ($with_availability) { // TODO: Modernize this once we have a more long-term view of what the // data looks like. $until = $user->getAwayUntil(); if ($until) { $return['currentStatus'] = 'away'; $return['currentStatusUntil'] = $until; } } return $return; }
public function processRequest() { $request = $this->getRequest(); $viewer = $request->getUser(); $is_admin = $viewer->getIsAdmin(); $user = new PhabricatorUser(); $count = queryfx_one($user->establishConnection('r'), 'SELECT COUNT(*) N FROM %T', $user->getTableName()); $count = idx($count, 'N', 0); $pager = new AphrontPagerView(); $pager->setOffset($request->getInt('page', 0)); $pager->setCount($count); $pager->setURI($request->getRequestURI(), 'page'); $users = id(new PhabricatorUser())->loadAllWhere('1 = 1 ORDER BY id DESC LIMIT %d, %d', $pager->getOffset(), $pager->getPageSize()); $rows = array(); foreach ($users as $user) { $status = ''; if ($user->getIsDisabled()) { $status = 'Disabled'; } else { if ($user->getIsAdmin()) { $status = 'Admin'; } else { $status = '-'; } } $rows[] = array(phabricator_date($user->getDateCreated(), $viewer), phabricator_time($user->getDateCreated(), $viewer), phutil_render_tag('a', array('href' => '/p/' . $user->getUsername() . '/'), phutil_escape_html($user->getUserName())), phutil_escape_html($user->getRealName()), $status, phutil_render_tag('a', array('class' => 'button grey small', 'href' => '/people/edit/' . $user->getID() . '/'), 'Administrate User')); } $table = new AphrontTableView($rows); $table->setHeaders(array('Join Date', 'Time', 'Username', 'Real Name', 'Status', '')); $table->setColumnClasses(array(null, 'right', 'pri', 'wide', null, 'action')); $table->setColumnVisibility(array(true, true, true, true, $is_admin, $is_admin)); $panel = new AphrontPanelView(); $panel->setHeader('People (' . number_format($count) . ')'); $panel->appendChild($table); $panel->appendChild($pager); if ($is_admin) { $panel->addButton(phutil_render_tag('a', array('href' => '/people/edit/', 'class' => 'button green'), 'Create New Account')); } return $this->buildStandardPageResponse($panel, array('title' => 'People', 'tab' => 'directory')); }
private function getCommonEnvironment(PhabricatorUser $viewer) { $remote_address = $this->getRequest()->getRemoteAddress(); return array(DiffusionCommitHookEngine::ENV_USER => $viewer->getUsername(), DiffusionCommitHookEngine::ENV_REMOTE_ADDRESS => $remote_address, DiffusionCommitHookEngine::ENV_REMOTE_PROTOCOL => 'http'); }
private function processBasicRequest(PhabricatorUser $user) { $request = $this->getRequest(); $admin = $request->getUser(); $e_username = true; $e_realname = true; $e_email = true; $errors = array(); $welcome_checked = true; $request = $this->getRequest(); if ($request->isFormPost()) { $welcome_checked = $request->getInt('welcome'); if (!$user->getID()) { $user->setUsername($request->getStr('username')); $user->setEmail($request->getStr('email')); if ($request->getStr('role') == 'agent') { $user->setIsSystemAgent(true); } } $user->setRealName($request->getStr('realname')); if (!strlen($user->getUsername())) { $errors[] = "Username is required."; $e_username = '******'; } else { if (!preg_match('/^[a-z0-9]+$/', $user->getUsername())) { $errors[] = "Username must consist of only numbers and letters."; $e_username = '******'; } else { $e_username = null; } } if (!strlen($user->getRealName())) { $errors[] = 'Real name is required.'; $e_realname = 'Required'; } else { $e_realname = null; } if (!strlen($user->getEmail())) { $errors[] = 'Email is required.'; $e_email = 'Required'; } else { $e_email = null; } if (!$errors) { try { $is_new = !$user->getID(); $user->save(); if ($is_new) { $log = PhabricatorUserLog::newLog($admin, $user, PhabricatorUserLog::ACTION_CREATE); $log->save(); if ($welcome_checked) { $admin_username = $admin->getUserName(); $admin_realname = $admin->getRealName(); $user_username = $user->getUserName(); $base_uri = PhabricatorEnv::getProductionURI('/'); $uri = $user->getEmailLoginURI(); $body = <<<EOBODY Welcome to Phabricator! {$admin_username} ({$admin_realname}) has created an account for you. Username: {$user_username} To login to Phabricator, follow this link and set a password: {$uri} After you have set a password, you can login in the future by going here: {$base_uri} Love, Phabricator EOBODY; $mail = id(new PhabricatorMetaMTAMail())->addTos(array($user->getPHID()))->setSubject('[Phabricator] Welcome to Phabricator')->setBody($body)->setFrom($admin->getPHID())->saveAndSend(); } } $response = id(new AphrontRedirectResponse())->setURI('/people/edit/' . $user->getID() . '/?saved=true'); return $response; } catch (AphrontQueryDuplicateKeyException $ex) { $errors[] = 'Username and email must be unique.'; $same_username = id(new PhabricatorUser())->loadOneWhere('username = %s', $user->getUsername()); $same_email = id(new PhabricatorUser())->loadOneWhere('email = %s', $user->getEmail()); if ($same_username) { $e_username = '******'; } if ($same_email) { $e_email = 'Duplicate'; } } } } $error_view = null; if ($errors) { $error_view = id(new AphrontErrorView())->setTitle('Form Errors')->setErrors($errors); } $form = new AphrontFormView(); $form->setUser($admin); if ($user->getID()) { $form->setAction('/people/edit/' . $user->getID() . '/'); } else { $form->setAction('/people/edit/'); } if ($user->getID()) { $is_immutable = true; } else { $is_immutable = false; } $form->appendChild(id(new AphrontFormTextControl())->setLabel('Username')->setName('username')->setValue($user->getUsername())->setError($e_username)->setDisabled($is_immutable)->setCaption('Usernames are permanent and can not be changed later!'))->appendChild(id(new AphrontFormTextControl())->setLabel('Real Name')->setName('realname')->setValue($user->getRealName())->setError($e_realname))->appendChild(id(new AphrontFormTextControl())->setLabel('Email')->setName('email')->setDisabled($is_immutable)->setValue($user->getEmail())->setError($e_email)); if (!$user->getID()) { $form->appendChild(id(new AphrontFormSelectControl())->setLabel('Role')->setName('role')->setValue('user')->setOptions(array('user' => 'Normal User', 'agent' => 'System Agent'))->setCaption('You can create a "system agent" account for bots, scripts, ' . 'etc.'))->appendChild(id(new AphrontFormCheckboxControl())->addCheckbox('welcome', 1, 'Send "Welcome to Phabricator" email.', $welcome_checked)); } else { $form->appendChild(id(new AphrontFormStaticControl())->setLabel('Role')->setValue($user->getIsSystemAgent() ? 'System Agent' : 'Normal User')); } $form->appendChild(id(new AphrontFormSubmitControl())->setValue('Save')); $panel = new AphrontPanelView(); if ($user->getID()) { $panel->setHeader('Edit User'); } else { $panel->setHeader('Create New User'); } $panel->appendChild($form); $panel->setWidth(AphrontPanelView::WIDTH_FORM); return array($error_view, $panel); }
public function processRequest() { $provider = $this->getLDAProvider(); $ldap_info = $this->getLDAPInfo(); $request = $this->getRequest(); $errors = array(); $e_username = true; $e_email = true; $e_realname = true; $user = new PhabricatorUser(); $user->setUsername(); $user->setRealname($provider->retrieveUserRealName()); $new_email = $provider->retrieveUserEmail(); if ($new_email) { // If the user's LDAP provider account has an email address but the // email address domain is not allowed by the Phabricator configuration, // we just pretend the provider did not supply an address. // // For instance, if the user uses LDAP Auth and their email address // is "*****@*****.**" but Phabricator is configured to require users // use "@company.com" addresses, we show a prompt below and tell the user // to provide their "@company.com" address. They can still use the LDAP // account to login, they just need to associate their account with an // allowed address. // // If the email address is fine, we just use it and don't prompt the user. if (!PhabricatorUserEmail::isAllowedAddress($new_email)) { $new_email = null; } } $show_email_input = $new_email === null; if ($request->isFormPost()) { $user->setUsername($request->getStr('username')); $username = $user->getUsername(); if (!strlen($user->getUsername())) { $e_username = '******'; $errors[] = 'Username is required.'; } else { if (!PhabricatorUser::validateUsername($username)) { $e_username = '******'; $errors[] = PhabricatorUser::describeValidUsername(); } else { $e_username = null; } } if (!$new_email) { $new_email = trim($request->getStr('email')); if (!$new_email) { $e_email = 'Required'; $errors[] = 'Email is required.'; } else { $e_email = null; } } if ($new_email) { if (!PhabricatorUserEmail::isAllowedAddress($new_email)) { $e_email = 'Invalid'; $errors[] = PhabricatorUserEmail::describeAllowedAddresses(); } } if (!strlen($user->getRealName())) { $user->setRealName($request->getStr('realname')); if (!strlen($user->getRealName())) { $e_realname = 'Required'; $errors[] = 'Real name is required.'; } else { $e_realname = null; } } if (!$errors) { try { // NOTE: We don't verify LDAP email addresses by default because // LDAP providers might associate email addresses with accounts that // haven't actually verified they own them. We could selectively // auto-verify some providers that we trust here, but the stakes for // verifying an email address are high because having a corporate // address at a company is sometimes the key to the castle. $email_obj = id(new PhabricatorUserEmail())->setAddress($new_email)->setIsVerified(0); id(new PhabricatorUserEditor())->setActor($user)->createNewUser($user, $email_obj); $ldap_info->setUserID($user->getID()); $ldap_info->save(); $session_key = $user->establishSession('web'); $request->setCookie('phusr', $user->getUsername()); $request->setCookie('phsid', $session_key); $email_obj->sendVerificationEmail($user); return id(new AphrontRedirectResponse())->setURI('/'); } catch (AphrontQueryDuplicateKeyException $exception) { $same_username = id(new PhabricatorUser())->loadOneWhere('userName = %s', $user->getUserName()); $same_email = id(new PhabricatorUserEmail())->loadOneWhere('address = %s', $new_email); if ($same_username) { $e_username = '******'; $errors[] = 'That username or email is not unique.'; } else { if ($same_email) { $e_email = 'Duplicate'; $errors[] = 'That email is not unique.'; } else { throw $exception; } } } } } $error_view = null; if ($errors) { $error_view = new AphrontErrorView(); $error_view->setTitle('Registration Failed'); $error_view->setErrors($errors); } // Strip the URI down to the path, because otherwise we'll trigger // external CSRF protection (by having a protocol in the form "action") // and generate a form with no CSRF token. $action_uri = new PhutilURI('/ldap/login/'); $action_path = $action_uri->getPath(); $form = new AphrontFormView(); $form->setUser($request->getUser())->setAction($action_path)->appendChild(id(new AphrontFormTextControl())->setLabel('Username')->setName('username')->setValue($user->getUsername())->setError($e_username)); $form->appendChild(id(new AphrontFormPasswordControl())->setLabel('Password')->setName('password')); if ($show_email_input) { $form->appendChild(id(new AphrontFormTextControl())->setLabel('Email')->setName('email')->setValue($request->getStr('email'))->setError($e_email)); } if ($provider->retrieveUserRealName() === null) { $form->appendChild(id(new AphrontFormTextControl())->setLabel('Real Name')->setName('realname')->setValue($request->getStr('realname'))->setError($e_realname)); } $form->appendChild(id(new AphrontFormSubmitControl())->setValue('Create Account')); $panel = new AphrontPanelView(); $panel->setHeader('Create New Account'); $panel->setWidth(AphrontPanelView::WIDTH_FORM); $panel->appendChild($form); return $this->buildStandardPageResponse(array($error_view, $panel), array('title' => 'Create New Account')); }
private function sendWaitingForApprovalEmail(PhabricatorUser $user) { $title = '[Phabricator] ' . pht('New User "%s" Awaiting Approval', $user->getUsername()); $body = new PhabricatorMetaMTAMailBody(); $body->addRawSection(pht('Newly registered user "%s" is awaiting account approval by an ' . 'administrator.', $user->getUsername())); $body->addLinkSection(pht('APPROVAL QUEUE'), PhabricatorEnv::getProductionURI('/people/query/approval/')); $body->addLinkSection(pht('DISABLE APPROVAL QUEUE'), PhabricatorEnv::getProductionURI('/config/edit/auth.require-approval/')); $admins = id(new PhabricatorPeopleQuery())->setViewer(PhabricatorUser::getOmnipotentUser())->withIsAdmin(true)->execute(); if (!$admins) { return; } $mail = id(new PhabricatorMetaMTAMail())->addTos(mpull($admins, 'getPHID'))->setSubject($title)->setBody($body->render())->saveAndSend(); }
/** * @task edit */ public function changeUsername(PhabricatorUser $user, $username) { $actor = $this->requireActor(); if (!$user->getID()) { throw new Exception("User has not been created yet!"); } if (!PhabricatorUser::validateUsername($username)) { $valid = PhabricatorUser::describeValidUsername(); throw new Exception("Username is invalid! {$valid}"); } $old_username = $user->getUsername(); $user->openTransaction(); $user->reload(); $user->setUsername($username); try { $user->save(); } catch (AphrontQueryDuplicateKeyException $ex) { $user->setUsername($old_username); $user->killTransaction(); throw $ex; } $log = PhabricatorUserLog::newLog($this->actor, $user, PhabricatorUserLog::ACTION_CHANGE_USERNAME); $log->setOldValue($old_username); $log->setNewValue($username); $log->save(); $user->saveTransaction(); $user->sendUsernameChangeEmail($actor, $old_username); }
} $changed_pass = false; // This disables local echo, so the user's password is not shown as they type // it. phutil_passthru('stty -echo'); $password = phutil_console_prompt("Enter a password for this user [blank to leave unchanged]:"); phutil_passthru('stty echo'); if (strlen($password)) { $changed_pass = $password; } $is_admin = $user->getIsAdmin(); $set_admin = phutil_console_confirm('Should this user be an administrator?', $default_no = !$is_admin); echo "\n\nACCOUNT SUMMARY\n\n"; $tpl = "%12s %-30s %-30s\n"; printf($tpl, null, 'OLD VALUE', 'NEW VALUE'); printf($tpl, 'Username', $original->getUsername(), $user->getUsername()); printf($tpl, 'Real Name', $original->getRealName(), $user->getRealName()); if ($new_email) { printf($tpl, 'Email', '', $new_email); } printf($tpl, 'Password', null, $changed_pass !== false ? 'Updated' : 'Unchanged'); printf($tpl, 'Admin', $original->getIsAdmin() ? 'Y' : 'N', $set_admin ? 'Y' : 'N'); echo "\n"; if (!phutil_console_confirm("Save these changes?", $default_no = false)) { echo "Cancelled.\n"; exit(1); } $user->openTransaction(); $editor = new PhabricatorUserEditor(); // TODO: This is wrong, but we have a chicken-and-egg problem when you use // this script to create the first user.
public function processRequest() { $provider = $this->getOAuthProvider(); $oauth_info = $this->getOAuthInfo(); $request = $this->getRequest(); $errors = array(); $e_username = true; $e_email = true; $e_realname = true; $user = new PhabricatorUser(); $user->setUsername($provider->retrieveUserAccountName()); $user->setRealName($provider->retrieveUserRealName()); $user->setEmail($provider->retrieveUserEmail()); if ($request->isFormPost()) { $user->setUsername($request->getStr('username')); $username = $user->getUsername(); if (!strlen($user->getUsername())) { $e_username = '******'; $errors[] = 'Username is required.'; } else { if (!PhabricatorUser::validateUsername($username)) { $e_username = '******'; $errors[] = 'Username must consist of only numbers and letters.'; } else { $e_username = null; } } if ($user->getEmail() === null) { $user->setEmail($request->getStr('email')); if (!strlen($user->getEmail())) { $e_email = 'Required'; $errors[] = 'Email is required.'; } else { $e_email = null; } } if (!strlen($user->getRealName())) { $user->setRealName($request->getStr('realname')); if (!strlen($user->getRealName())) { $e_realname = 'Required'; $errors[] = 'Real name is required.'; } else { $e_realname = null; } } if (!$errors) { $image = $provider->retrieveUserProfileImage(); if ($image) { $file = PhabricatorFile::newFromFileData($image, array('name' => $provider->getProviderKey() . '-profile.jpg', 'authorPHID' => $user->getPHID())); $user->setProfileImagePHID($file->getPHID()); } try { $user->save(); $oauth_info->setUserID($user->getID()); $oauth_info->save(); $session_key = $user->establishSession('web'); $request->setCookie('phusr', $user->getUsername()); $request->setCookie('phsid', $session_key); return id(new AphrontRedirectResponse())->setURI('/'); } catch (AphrontQueryDuplicateKeyException $exception) { $same_username = id(new PhabricatorUser())->loadOneWhere('userName = %s', $user->getUserName()); $same_email = id(new PhabricatorUser())->loadOneWhere('email = %s', $user->getEmail()); if ($same_username) { $e_username = '******'; $errors[] = 'That username or email is not unique.'; } else { if ($same_email) { $e_email = 'Duplicate'; $errors[] = 'That email is not unique.'; } else { throw $exception; } } } } } $error_view = null; if ($errors) { $error_view = new AphrontErrorView(); $error_view->setTitle('Registration Failed'); $error_view->setErrors($errors); } // Strip the URI down to the path, because otherwise we'll trigger // external CSRF protection (by having a protocol in the form "action") // and generate a form with no CSRF token. $action_uri = new PhutilURI($provider->getRedirectURI()); $action_path = $action_uri->getPath(); $form = new AphrontFormView(); $form->addHiddenInput('token', $provider->getAccessToken())->addHiddenInput('expires', $oauth_info->getTokenExpires())->addHiddenInput('state', $this->getOAuthState())->setUser($request->getUser())->setAction($action_path)->appendChild(id(new AphrontFormTextControl())->setLabel('Username')->setName('username')->setValue($user->getUsername())->setError($e_username)); if ($provider->retrieveUserEmail() === null) { $form->appendChild(id(new AphrontFormTextControl())->setLabel('Email')->setName('email')->setValue($request->getStr('email'))->setError($e_email)); } if ($provider->retrieveUserRealName() === null) { $form->appendChild(id(new AphrontFormTextControl())->setLabel('Real Name')->setName('realname')->setValue($request->getStr('realname'))->setError($e_realname)); } $form->appendChild(id(new AphrontFormSubmitControl())->setValue('Create Account')); $panel = new AphrontPanelView(); $panel->setHeader('Create New Account'); $panel->setWidth(AphrontPanelView::WIDTH_FORM); $panel->appendChild($form); return $this->buildStandardPageResponse(array($error_view, $panel), array('title' => 'Create New Account')); }
private function buildCalendarDayView(PhabricatorUser $user) { $viewer = $this->getViewer(); $class = 'PhabricatorCalendarApplication'; if (!PhabricatorApplication::isClassInstalledForViewer($class, $viewer)) { return null; } $midnight = PhabricatorTime::getTodayMidnightDateTime($viewer); $week_end = clone $midnight; $week_end = $week_end->modify('+3 days'); $range_start = $midnight->format('U'); $range_end = $week_end->format('U'); $events = id(new PhabricatorCalendarEventQuery())->setViewer($viewer)->withDateRange($range_start, $range_end)->withInvitedPHIDs(array($user->getPHID()))->withIsCancelled(false)->needRSVPs(array($viewer->getPHID()))->execute(); $event_views = array(); foreach ($events as $event) { $viewer_is_invited = $event->isRSVPInvited($viewer->getPHID()); $can_edit = PhabricatorPolicyFilter::hasCapability($viewer, $event, PhabricatorPolicyCapability::CAN_EDIT); $epoch_min = $event->getStartDateTimeEpoch(); $epoch_max = $event->getEndDateTimeEpoch(); $event_view = id(new AphrontCalendarEventView())->setCanEdit($can_edit)->setEventID($event->getID())->setEpochRange($epoch_min, $epoch_max)->setIsAllDay($event->getIsAllDay())->setIcon($event->getIcon())->setViewerIsInvited($viewer_is_invited)->setName($event->getName())->setDatetimeSummary($event->renderEventDate($viewer, true))->setURI($event->getURI()); $event_views[] = $event_view; } $event_views = msort($event_views, 'getEpochStart'); $day_view = id(new PHUICalendarWeekView())->setViewer($viewer)->setView('week')->setEvents($event_views)->setWeekLength(3)->render(); $header = id(new PHUIHeaderView())->setHeader(pht('Calendar'))->setHref(urisprintf('/calendar/?invited=%s#R', $user->getUsername())); $box = id(new PHUIObjectBoxView())->setHeader($header)->appendChild($day_view)->addClass('calendar-profile-box')->setBackground(PHUIObjectBoxView::GREY); return $box; }
/** * Send a notification email from $user to this address, informing the * recipient that this is now their account's new primary email address. * * @param PhabricatorUser The user sending the verification. * @return this * @task email */ public function sendNewPrimaryEmail(PhabricatorUser $user) { $username = $user->getUsername(); $new_address = $this->getAddress(); $body = sprintf("%s\n\n%s\n", pht('Hi %s', $username), pht('This is now your primary email address (%s). Going forward, ' . 'Phabricator will send all email here.', $new_address)); id(new PhabricatorMetaMTAMail())->addRawTos(array($new_address))->setForceDelivery(true)->setSubject(pht('[Phabricator] Primary Address Changed'))->setBody($body)->setFrom($user->getPHID())->setRelatedPHID($user->getPHID())->saveAndSend(); return $this; }
public function processRequest() { $request = $this->getRequest(); $admin = $request->getUser(); switch ($this->type) { case 'standard': $is_bot = false; break; case 'bot': $is_bot = true; break; default: return new Aphront404Response(); } $user = new PhabricatorUser(); $require_real_name = PhabricatorEnv::getEnvConfig('user.require-real-name'); $e_username = true; $e_realname = $require_real_name ? true : null; $e_email = true; $errors = array(); $welcome_checked = true; $new_email = null; $request = $this->getRequest(); if ($request->isFormPost()) { $welcome_checked = $request->getInt('welcome'); $user->setUsername($request->getStr('username')); $new_email = $request->getStr('email'); if (!strlen($new_email)) { $errors[] = pht('Email is required.'); $e_email = pht('Required'); } else { if (!PhabricatorUserEmail::isAllowedAddress($new_email)) { $e_email = pht('Invalid'); $errors[] = PhabricatorUserEmail::describeAllowedAddresses(); } else { $e_email = null; } } $user->setRealName($request->getStr('realname')); if (!strlen($user->getUsername())) { $errors[] = pht('Username is required.'); $e_username = pht('Required'); } else { if (!PhabricatorUser::validateUsername($user->getUsername())) { $errors[] = PhabricatorUser::describeValidUsername(); $e_username = pht('Invalid'); } else { $e_username = null; } } if (!strlen($user->getRealName()) && $require_real_name) { $errors[] = pht('Real name is required.'); $e_realname = pht('Required'); } else { $e_realname = null; } if (!$errors) { try { $email = id(new PhabricatorUserEmail())->setAddress($new_email)->setIsVerified(0); // Automatically approve the user, since an admin is creating them. $user->setIsApproved(1); // If the user is a bot, approve their email too. if ($is_bot) { $email->setIsVerified(1); } id(new PhabricatorUserEditor())->setActor($admin)->createNewUser($user, $email); if ($is_bot) { id(new PhabricatorUserEditor())->setActor($admin)->makeSystemAgentUser($user, true); } if ($welcome_checked && !$is_bot) { $user->sendWelcomeEmail($admin); } $response = id(new AphrontRedirectResponse())->setURI('/p/' . $user->getUsername() . '/'); return $response; } catch (AphrontDuplicateKeyQueryException $ex) { $errors[] = pht('Username and email must be unique.'); $same_username = id(new PhabricatorUser())->loadOneWhere('username = %s', $user->getUsername()); $same_email = id(new PhabricatorUserEmail())->loadOneWhere('address = %s', $new_email); if ($same_username) { $e_username = pht('Duplicate'); } if ($same_email) { $e_email = pht('Duplicate'); } } } } $form = id(new AphrontFormView())->setUser($admin); if ($is_bot) { $form->appendRemarkupInstructions(pht('You are creating a new **bot/script** user account.')); } else { $form->appendRemarkupInstructions(pht('You are creating a new **standard** user account.')); } $form->appendChild(id(new AphrontFormTextControl())->setLabel(pht('Username'))->setName('username')->setValue($user->getUsername())->setError($e_username))->appendChild(id(new AphrontFormTextControl())->setLabel(pht('Real Name'))->setName('realname')->setValue($user->getRealName())->setError($e_realname))->appendChild(id(new AphrontFormTextControl())->setLabel(pht('Email'))->setName('email')->setValue($new_email)->setCaption(PhabricatorUserEmail::describeAllowedAddresses())->setError($e_email)); if (!$is_bot) { $form->appendChild(id(new AphrontFormCheckboxControl())->addCheckbox('welcome', 1, pht('Send "Welcome to Phabricator" email with login instructions.'), $welcome_checked)); } $form->appendChild(id(new AphrontFormSubmitControl())->addCancelButton($this->getApplicationURI())->setValue(pht('Create User'))); if ($is_bot) { $form->appendChild(id(new AphrontFormDividerControl()))->appendRemarkupInstructions(pht('**Why do bot/script accounts need an email address?**' . "\n\n" . 'Although bots do not normally receive email from Phabricator, ' . 'they can interact with other systems which require an email ' . 'address. Examples include:' . "\n\n" . " - If the account takes actions which //send// email, we need " . " an address to use in the //From// header.\n" . " - If the account creates commits, Git and Mercurial require " . " an email address for authorship.\n" . " - If you send email //to// Phabricator on behalf of the " . " account, the address can identify the sender.\n" . " - Some internal authentication functions depend on accounts " . " having an email address.\n" . "\n\n" . "The address will automatically be verified, so you do not need " . "to be able to receive mail at this address, and can enter some " . "invalid or nonexistent (but correctly formatted) address like " . "`bot@yourcompany.com` if you prefer.")); } $title = pht('Create New User'); $form_box = id(new PHUIObjectBoxView())->setHeaderText($title)->setFormErrors($errors)->setForm($form); $crumbs = $this->buildApplicationCrumbs(); $crumbs->addTextCrumb($title); return $this->buildApplicationPage(array($crumbs, $form_box), array('title' => $title)); }
/** * Send a notification email from $user to this address, informing the * recipient that this is now their account's new primary email address. * * @param PhabricatorUser The user sending the verification. * @return this * @task email */ public function sendNewPrimaryEmail(PhabricatorUser $user) { $username = $user->getUsername(); $new_address = $this->getAddress(); $body = <<<EOBODY Hi {$username}, This is now your primary email address ({$new_address}). Going forward, Phabricator will send all email here. EOBODY; id(new PhabricatorMetaMTAMail())->addRawTos(array($new_address))->setForceDelivery(true)->setSubject('[Phabricator] Primary Address Changed')->setBody($body)->setFrom($user->getPHID())->setRelatedPHID($user->getPHID())->saveAndSend(); return $this; }
private function processDeleteRequest(PhabricatorUser $user) { $request = $this->getRequest(); $admin = $request->getUser(); if ($user->getPHID() == $admin->getPHID()) { $error = new AphrontErrorView(); $error->setTitle('You Shall Journey No Farther'); $error->appendChild('<p>As you stare into the gaping maw of the abyss, something holds ' . 'you back.</p>' . '<p>You can not delete your own account.</p>'); return $error; } $e_username = true; $username = null; $errors = array(); if ($request->isFormPost()) { $username = $request->getStr('username'); if (!strlen($username)) { $e_username = '******'; $errors[] = 'You must type the username to confirm deletion.'; } else { if ($username != $user->getUsername()) { $e_username = '******'; $errors[] = 'You must type the username correctly.'; } } if (!$errors) { id(new PhabricatorUserEditor())->setActor($admin)->deleteUser($user); return id(new AphrontRedirectResponse())->setURI('/people/'); } } if ($errors) { $errors = id(new AphrontErrorView())->setTitle('Form Errors')->setErrors($errors); } else { $errors = null; } $form = new AphrontFormView(); $form->setUser($admin)->setAction($request->getRequestURI())->appendChild('<p class="aphront-form-instructions">' . '<strong>Be careful when deleting users!</strong> ' . 'If this user interacted with anything, it is generally better ' . 'to disable them, not delete them. If you delete them, it will ' . 'no longer be possible to search for their objects, for example, ' . 'and you will lose other information about their history. Disabling ' . 'them instead will prevent them from logging in but not destroy ' . 'any of their data.' . '</p>' . '<p class="aphront-form-instructions">' . 'It is generally safe to delete newly created users (and test users ' . 'and so on), but less safe to delete established users. If ' . 'possible, disable them instead.' . '</p>')->appendChild(id(new AphrontFormStaticControl())->setLabel('Username')->setValue($user->getUsername()))->appendChild(id(new AphrontFormTextControl())->setLabel('Confirm')->setValue($username)->setName('username')->setCaption("Type the username again to confirm deletion.")->setError($e_username))->appendChild(id(new AphrontFormSubmitControl())->setValue('Delete User')); $panel = new AphrontPanelView(); $panel->setHeader('Delete User'); $panel->setWidth(AphrontPanelView::WIDTH_FORM); $panel->appendChild($form); return array($errors, $panel); }
// on create.) if (!$is_new) { $verify_email = $user->loadPrimaryEmail(); if (!$verify_email->getIsVerified()) { $set_verified = phutil_console_confirm(pht('Should the primary email address be verified?'), $default_no = true); } else { // Already verified so let's not make a fuss. $verify_email = null; } } $is_admin = $user->getIsAdmin(); $set_admin = phutil_console_confirm(pht('Should this user be an administrator?'), $default_no = !$is_admin); echo "\n\n" . pht('ACCOUNT SUMMARY') . "\n\n"; $tpl = "%12s %-30s %-30s\n"; printf($tpl, null, pht('OLD VALUE'), pht('NEW VALUE')); printf($tpl, pht('Username'), $original->getUsername(), $user->getUsername()); printf($tpl, pht('Real Name'), $original->getRealName(), $user->getRealName()); if ($is_new) { printf($tpl, pht('Email'), '', $create_email); } printf($tpl, pht('Password'), null, $changed_pass !== false ? pht('Updated') : pht('Unchanged')); printf($tpl, pht('Bot'), $original->getIsSystemAgent() ? 'Y' : 'N', $set_system_agent ? 'Y' : 'N'); if ($verify_email) { printf($tpl, pht('Verify Email'), $verify_email->getIsVerified() ? 'Y' : 'N', $set_verified ? 'Y' : 'N'); } printf($tpl, pht('Admin'), $original->getIsAdmin() ? 'Y' : 'N', $set_admin ? 'Y' : 'N'); echo "\n"; if (!phutil_console_confirm(pht('Save these changes?'), $default_no = false)) { echo pht('Cancelled.') . "\n"; exit(1); }
private function buildLoginValidateResponse(PhabricatorUser $user) { $validate_uri = new PhutilURI($this->getApplicationURI('validate/')); $validate_uri->setQueryParam('expect', $user->getUsername()); return id(new AphrontRedirectResponse())->setURI((string) $validate_uri); }
private function processBasicRequest(PhabricatorUser $user) { $request = $this->getRequest(); $admin = $request->getUser(); $e_username = true; $e_realname = true; $e_email = true; $errors = array(); $welcome_checked = true; $request = $this->getRequest(); if ($request->isFormPost()) { $welcome_checked = $request->getInt('welcome'); if (!$user->getID()) { $user->setUsername($request->getStr('username')); $user->setEmail($request->getStr('email')); if ($request->getStr('role') == 'agent') { $user->setIsSystemAgent(true); } } $user->setRealName($request->getStr('realname')); if (!strlen($user->getUsername())) { $errors[] = "Username is required."; $e_username = '******'; } else { if (!PhabricatorUser::validateUsername($user->getUsername())) { $errors[] = "Username must consist of only numbers and letters."; $e_username = '******'; } else { $e_username = null; } } if (!strlen($user->getRealName())) { $errors[] = 'Real name is required.'; $e_realname = 'Required'; } else { $e_realname = null; } if (!strlen($user->getEmail())) { $errors[] = 'Email is required.'; $e_email = 'Required'; } else { $e_email = null; } if (!$errors) { try { $is_new = !$user->getID(); $user->save(); if ($is_new) { $log = PhabricatorUserLog::newLog($admin, $user, PhabricatorUserLog::ACTION_CREATE); $log->save(); if ($welcome_checked) { $user->sendWelcomeEmail($admin); } } $response = id(new AphrontRedirectResponse())->setURI('/people/edit/' . $user->getID() . '/?saved=true'); return $response; } catch (AphrontQueryDuplicateKeyException $ex) { $errors[] = 'Username and email must be unique.'; $same_username = id(new PhabricatorUser())->loadOneWhere('username = %s', $user->getUsername()); $same_email = id(new PhabricatorUser())->loadOneWhere('email = %s', $user->getEmail()); if ($same_username) { $e_username = '******'; } if ($same_email) { $e_email = 'Duplicate'; } } } } $error_view = null; if ($errors) { $error_view = id(new AphrontErrorView())->setTitle('Form Errors')->setErrors($errors); } $form = new AphrontFormView(); $form->setUser($admin); if ($user->getID()) { $form->setAction('/people/edit/' . $user->getID() . '/'); } else { $form->setAction('/people/edit/'); } if ($user->getID()) { $is_immutable = true; } else { $is_immutable = false; } $form->appendChild(id(new AphrontFormTextControl())->setLabel('Username')->setName('username')->setValue($user->getUsername())->setError($e_username)->setDisabled($is_immutable)->setCaption('Usernames are permanent and can not be changed later!'))->appendChild(id(new AphrontFormTextControl())->setLabel('Real Name')->setName('realname')->setValue($user->getRealName())->setError($e_realname))->appendChild(id(new AphrontFormTextControl())->setLabel('Email')->setName('email')->setDisabled($is_immutable)->setValue($user->getEmail())->setError($e_email))->appendChild($this->getRoleInstructions()); if (!$user->getID()) { $form->appendChild(id(new AphrontFormSelectControl())->setLabel('Role')->setName('role')->setValue('user')->setOptions(array('user' => 'Normal User', 'agent' => 'System Agent'))->setCaption('You can create a "system agent" account for bots, scripts, ' . 'etc.'))->appendChild(id(new AphrontFormCheckboxControl())->addCheckbox('welcome', 1, 'Send "Welcome to Phabricator" email.', $welcome_checked)); } else { $form->appendChild(id(new AphrontFormStaticControl())->setLabel('Role')->setValue($user->getIsSystemAgent() ? 'System Agent' : 'Normal User')); } $form->appendChild(id(new AphrontFormSubmitControl())->setValue('Save')); $panel = new AphrontPanelView(); if ($user->getID()) { $panel->setHeader('Edit User'); } else { $panel->setHeader('Create New User'); } $panel->appendChild($form); $panel->setWidth(AphrontPanelView::WIDTH_FORM); return array($error_view, $panel); }