private function processImportRequest($request) { $admin = $request->getUser(); $usernames = $request->getArr('usernames'); $emails = $request->getArr('email'); $names = $request->getArr('name'); $notice_view = new PHUIInfoView(); $notice_view->setSeverity(PHUIInfoView::SEVERITY_NOTICE); $notice_view->setTitle(pht('Import Successful')); $notice_view->setErrors(array(pht('Successfully imported users from LDAP'))); $list = new PHUIObjectItemListView(); $list->setNoDataString(pht('No users imported?')); foreach ($usernames as $username) { $user = new PhabricatorUser(); $user->setUsername($username); $user->setRealname($names[$username]); $email_obj = id(new PhabricatorUserEmail())->setAddress($emails[$username])->setIsVerified(1); try { id(new PhabricatorUserEditor())->setActor($admin)->createNewUser($user, $email_obj); id(new PhabricatorExternalAccount())->setUserPHID($user->getPHID())->setAccountType('ldap')->setAccountDomain('self')->setAccountID($username)->save(); $header = pht('Successfully added %s', $username); $attribute = null; $color = 'fa-check green'; } catch (Exception $ex) { $header = pht('Failed to add %s', $username); $attribute = $ex->getMessage(); $color = 'fa-times red'; } $item = id(new PHUIObjectItemView())->setHeader($header)->addAttribute($attribute)->setStatusIcon($color); $list->addItem($item); } return array($notice_view, $list); }
private function processImportRequest($request) { $admin = $request->getUser(); $usernames = $request->getArr('usernames'); $emails = $request->getArr('email'); $names = $request->getArr('name'); $panel = new AphrontErrorView(); $panel->setSeverity(AphrontErrorView::SEVERITY_NOTICE); $panel->setTitle("Import Successful"); $errors = array("Successfully imported users from LDAP"); foreach ($usernames as $username) { $user = new PhabricatorUser(); $user->setUsername($username); $user->setRealname($names[$username]); $email_obj = id(new PhabricatorUserEmail())->setAddress($emails[$username])->setIsVerified(1); try { id(new PhabricatorUserEditor())->setActor($admin)->createNewUser($user, $email_obj); $ldap_info = new PhabricatorUserLDAPInfo(); $ldap_info->setLDAPUsername($username); $ldap_info->setUserID($user->getID()); $ldap_info->save(); $errors[] = 'Successfully added ' . $username; } catch (Exception $ex) { $errors[] = 'Failed to add ' . $username . ' ' . $ex->getMessage(); } } $panel->setErrors($errors); return $panel; }
public function generate() { while (true) { try { $realname = $this->generateRealname(); $username = $this->generateUsername($realname); $email = $this->generateEmail($username); $admin = PhabricatorUser::getOmnipotentUser(); $user = new PhabricatorUser(); $user->setUsername($username); $user->setRealname($realname); $email_object = id(new PhabricatorUserEmail())->setAddress($email)->setIsVerified(1); id(new PhabricatorUserEditor())->setActor($admin)->createNewUser($user, $email_object); return $user; } catch (AphrontDuplicateKeyQueryException $ex) { } } }
public function processRequest() { $provider = $this->getLDAProvider(); $ldap_info = $this->getLDAPInfo(); $request = $this->getRequest(); $errors = array(); $e_username = true; $e_email = true; $e_realname = true; $user = new PhabricatorUser(); $user->setUsername(); $user->setRealname($provider->retrieveUserRealName()); $new_email = $provider->retrieveUserEmail(); if ($new_email) { // If the user's LDAP provider account has an email address but the // email address domain is not allowed by the Phabricator configuration, // we just pretend the provider did not supply an address. // // For instance, if the user uses LDAP Auth and their email address // is "*****@*****.**" but Phabricator is configured to require users // use "@company.com" addresses, we show a prompt below and tell the user // to provide their "@company.com" address. They can still use the LDAP // account to login, they just need to associate their account with an // allowed address. // // If the email address is fine, we just use it and don't prompt the user. if (!PhabricatorUserEmail::isAllowedAddress($new_email)) { $new_email = null; } } $show_email_input = $new_email === null; if ($request->isFormPost()) { $user->setUsername($request->getStr('username')); $username = $user->getUsername(); if (!strlen($user->getUsername())) { $e_username = '******'; $errors[] = 'Username is required.'; } else { if (!PhabricatorUser::validateUsername($username)) { $e_username = '******'; $errors[] = PhabricatorUser::describeValidUsername(); } else { $e_username = null; } } if (!$new_email) { $new_email = trim($request->getStr('email')); if (!$new_email) { $e_email = 'Required'; $errors[] = 'Email is required.'; } else { $e_email = null; } } if ($new_email) { if (!PhabricatorUserEmail::isAllowedAddress($new_email)) { $e_email = 'Invalid'; $errors[] = PhabricatorUserEmail::describeAllowedAddresses(); } } if (!strlen($user->getRealName())) { $user->setRealName($request->getStr('realname')); if (!strlen($user->getRealName())) { $e_realname = 'Required'; $errors[] = 'Real name is required.'; } else { $e_realname = null; } } if (!$errors) { try { // NOTE: We don't verify LDAP email addresses by default because // LDAP providers might associate email addresses with accounts that // haven't actually verified they own them. We could selectively // auto-verify some providers that we trust here, but the stakes for // verifying an email address are high because having a corporate // address at a company is sometimes the key to the castle. $email_obj = id(new PhabricatorUserEmail())->setAddress($new_email)->setIsVerified(0); id(new PhabricatorUserEditor())->setActor($user)->createNewUser($user, $email_obj); $ldap_info->setUserID($user->getID()); $ldap_info->save(); $session_key = $user->establishSession('web'); $request->setCookie('phusr', $user->getUsername()); $request->setCookie('phsid', $session_key); $email_obj->sendVerificationEmail($user); return id(new AphrontRedirectResponse())->setURI('/'); } catch (AphrontQueryDuplicateKeyException $exception) { $same_username = id(new PhabricatorUser())->loadOneWhere('userName = %s', $user->getUserName()); $same_email = id(new PhabricatorUserEmail())->loadOneWhere('address = %s', $new_email); if ($same_username) { $e_username = '******'; $errors[] = 'That username or email is not unique.'; } else { if ($same_email) { $e_email = 'Duplicate'; $errors[] = 'That email is not unique.'; } else { throw $exception; } } } } } $error_view = null; if ($errors) { $error_view = new AphrontErrorView(); $error_view->setTitle('Registration Failed'); $error_view->setErrors($errors); } // Strip the URI down to the path, because otherwise we'll trigger // external CSRF protection (by having a protocol in the form "action") // and generate a form with no CSRF token. $action_uri = new PhutilURI('/ldap/login/'); $action_path = $action_uri->getPath(); $form = new AphrontFormView(); $form->setUser($request->getUser())->setAction($action_path)->appendChild(id(new AphrontFormTextControl())->setLabel('Username')->setName('username')->setValue($user->getUsername())->setError($e_username)); $form->appendChild(id(new AphrontFormPasswordControl())->setLabel('Password')->setName('password')); if ($show_email_input) { $form->appendChild(id(new AphrontFormTextControl())->setLabel('Email')->setName('email')->setValue($request->getStr('email'))->setError($e_email)); } if ($provider->retrieveUserRealName() === null) { $form->appendChild(id(new AphrontFormTextControl())->setLabel('Real Name')->setName('realname')->setValue($request->getStr('realname'))->setError($e_realname)); } $form->appendChild(id(new AphrontFormSubmitControl())->setValue('Create Account')); $panel = new AphrontPanelView(); $panel->setHeader('Create New Account'); $panel->setWidth(AphrontPanelView::WIDTH_FORM); $panel->appendChild($form); return $this->buildStandardPageResponse(array($error_view, $panel), array('title' => 'Create New Account')); }
* limitations under the License. */ $root = dirname(dirname(dirname(__FILE__))); require_once $root . '/scripts/__init_script__.php'; if ($argc !== 5) { echo "usage: add_user.php <username> <email> <realname> <admin_user>\n"; exit(1); } $username = $argv[1]; $email = $argv[2]; $realname = $argv[3]; $admin = $argv[4]; $admin = id(new PhabricatorUser())->loadOneWhere('username = %s', $argv[4]); if (!$admin) { throw new Exception("Admin user must be the username of a valid Phabricator account, used " . "to send the new user a welcome email."); } $existing_user = id(new PhabricatorUser())->loadOneWhere('username = %s', $username); if ($existing_user) { throw new Exception("There is already a user with the username '{$username}'!"); } $existing_email = id(new PhabricatorUserEmail())->loadOneWhere('address = %s', $email); if ($existing_email) { throw new Exception("There is already a user with the email '{$email}'!"); } $user = new PhabricatorUser(); $user->setUsername($username); $user->setRealname($realname); $email_object = id(new PhabricatorUserEmail())->setAddress($email)->setIsVerified(1); id(new PhabricatorUserEditor())->setActor($admin)->createNewUser($user, $email_object); $user->sendWelcomeEmail($admin); echo "Created user '{$username}' (realname='{$realname}', email='{$email}').\n";
if ($is_first_user) { echo "You must first create an admin user before being able to create a system agent.\n"; exit(1); } $username = $argv[1]; $email = $argv[2]; $realname = $argv[3]; if (!PhabricatorUser::validateUsername($username)) { $valid = PhabricatorUser::describeValidUsername(); echo "The username '{$username}' is invalid. {$valid}\n"; exit(1); } $existing_user = id(new PhabricatorUser())->loadOneWhere('username = %s', $username); if ($existing_user) { throw new Exception("There is already a user with the username '{$username}'!"); } $existing_email = id(new PhabricatorUserEmail())->loadOneWhere('address = %s', $email); if ($existing_email) { throw new Exception("There is already a user with the email '{$email}'!"); } $user_object = new PhabricatorUser(); $user_object->setUsername($username); $user_object->setRealname($realname); $user_object->setIsApproved(1); $user_object->openTransaction(); $email_object = id(new PhabricatorUserEmail())->setAddress($email)->setIsVerified(1); $editor = new PhabricatorUserEditor(); $editor->setActor($user_object); $editor->createNewUser($user_object, $email_object); $editor->makeSystemAgentUser($user_object, true); $user_object->saveTransaction();