public function handleRequest(AphrontRequest $request) { $this->requireApplicationCapability(AuthManageProvidersCapability::CAPABILITY); $request = $this->getRequest(); $viewer = $request->getUser(); $providers = PhabricatorAuthProvider::getAllBaseProviders(); $e_provider = null; $errors = array(); if ($request->isFormPost()) { $provider_string = $request->getStr('provider'); if (!strlen($provider_string)) { $e_provider = pht('Required'); $errors[] = pht('You must select an authentication provider.'); } else { $found = false; foreach ($providers as $provider) { if (get_class($provider) === $provider_string) { $found = true; break; } } if (!$found) { $e_provider = pht('Invalid'); $errors[] = pht('You must select a valid provider.'); } } if (!$errors) { return id(new AphrontRedirectResponse())->setURI($this->getApplicationURI('/config/new/' . $provider_string . '/')); } } $options = id(new AphrontFormRadioButtonControl())->setLabel(pht('Provider'))->setName('provider')->setError($e_provider); $configured = PhabricatorAuthProvider::getAllProviders(); $configured_classes = array(); foreach ($configured as $configured_provider) { $configured_classes[get_class($configured_provider)] = true; } // Sort providers by login order, and move disabled providers to the // bottom. $providers = msort($providers, 'getLoginOrder'); $providers = array_diff_key($providers, $configured_classes) + $providers; foreach ($providers as $provider) { if (isset($configured_classes[get_class($provider)])) { $disabled = true; $description = pht('This provider is already configured.'); } else { $disabled = false; $description = $provider->getDescriptionForCreate(); } $options->addButton(get_class($provider), $provider->getNameForCreate(), $description, $disabled ? 'disabled' : null, $disabled); } $form = id(new AphrontFormView())->setUser($viewer)->appendChild($options)->appendChild(id(new AphrontFormSubmitControl())->addCancelButton($this->getApplicationURI())->setValue(pht('Continue'))); $form_box = id(new PHUIObjectBoxView())->setHeaderText(pht('Provider'))->setFormErrors($errors)->setBackground(PHUIObjectBoxView::BLUE_PROPERTY)->setForm($form); $crumbs = $this->buildApplicationCrumbs(); $crumbs->addTextCrumb(pht('Add Provider')); $crumbs->setBorder(true); $title = pht('Add Auth Provider'); $header = id(new PHUIHeaderView())->setHeader($title)->setHeaderIcon('fa-plus-square'); $view = id(new PHUITwoColumnView())->setHeader($header)->setFooter(array($form_box)); return $this->newPage()->setTitle($title)->setCrumbs($crumbs)->appendChild($view); }
public function getProvider() { if (!$this->provider) { $base = PhabricatorAuthProvider::getAllBaseProviders(); $found = null; foreach ($base as $provider) { if (get_class($provider) == $this->providerClass) { $found = $provider; break; } } if ($found) { $this->provider = id(clone $found)->attachProviderConfig($this); } } return $this->provider; }
public function processRequest() { $request = $this->getRequest(); $viewer = $request->getUser(); if ($this->configID) { $config = id(new PhabricatorAuthProviderConfigQuery())->setViewer($viewer)->requireCapabilities(array(PhabricatorPolicyCapability::CAN_VIEW, PhabricatorPolicyCapability::CAN_EDIT))->withIDs(array($this->configID))->executeOne(); if (!$config) { return new Aphront404Response(); } $provider = $config->getProvider(); if (!$provider) { return new Aphront404Response(); } $is_new = false; } else { $providers = PhabricatorAuthProvider::getAllBaseProviders(); foreach ($providers as $candidate_provider) { if (get_class($candidate_provider) === $this->providerClass) { $provider = $candidate_provider; break; } } if (!$provider) { return new Aphront404Response(); } // TODO: When we have multi-auth providers, support them here. $configs = id(new PhabricatorAuthProviderConfigQuery())->setViewer($viewer)->withProviderClasses(array(get_class($provider)))->execute(); if ($configs) { $id = head($configs)->getID(); $dialog = id(new AphrontDialogView())->setUser($viewer)->setMethod('GET')->setSubmitURI($this->getApplicationURI('config/edit/' . $id . '/'))->setTitle(pht('Provider Already Configured'))->appendChild(pht('This provider ("%s") already exists, and you can not add more ' . 'than one instance of it. You can edit the existing provider, ' . 'or you can choose a different provider.', $provider->getProviderName()))->addCancelButton($this->getApplicationURI('config/new/'))->addSubmitButton(pht('Edit Existing Provider')); return id(new AphrontDialogResponse())->setDialog($dialog); } $config = $provider->getDefaultProviderConfig(); $provider->attachProviderConfig($config); $is_new = true; } $errors = array(); $v_registration = $config->getShouldAllowRegistration(); $v_link = $config->getShouldAllowLink(); $v_unlink = $config->getShouldAllowUnlink(); $v_trust_email = $config->getShouldTrustEmails(); if ($request->isFormPost()) { $properties = $provider->readFormValuesFromRequest($request); list($errors, $issues, $properties) = $provider->processEditForm($request, $properties); $xactions = array(); if (!$errors) { if ($is_new) { if (!strlen($config->getProviderType())) { $config->setProviderType($provider->getProviderType()); } if (!strlen($config->getProviderDomain())) { $config->setProviderDomain($provider->getProviderDomain()); } } $xactions[] = id(new PhabricatorAuthProviderConfigTransaction())->setTransactionType(PhabricatorAuthProviderConfigTransaction::TYPE_REGISTRATION)->setNewValue($request->getInt('allowRegistration', 0)); $xactions[] = id(new PhabricatorAuthProviderConfigTransaction())->setTransactionType(PhabricatorAuthProviderConfigTransaction::TYPE_LINK)->setNewValue($request->getInt('allowLink', 0)); $xactions[] = id(new PhabricatorAuthProviderConfigTransaction())->setTransactionType(PhabricatorAuthProviderConfigTransaction::TYPE_UNLINK)->setNewValue($request->getInt('allowUnlink', 0)); $xactions[] = id(new PhabricatorAuthProviderConfigTransaction())->setTransactionType(PhabricatorAuthProviderConfigTransaction::TYPE_TRUST_EMAILS)->setNewValue($request->getInt('trustEmails', 0)); foreach ($properties as $key => $value) { $xactions[] = id(new PhabricatorAuthProviderConfigTransaction())->setTransactionType(PhabricatorAuthProviderConfigTransaction::TYPE_PROPERTY)->setMetadataValue('auth:property', $key)->setNewValue($value); } if ($is_new) { $config->save(); } $editor = id(new PhabricatorAuthProviderConfigEditor())->setActor($viewer)->setContentSourceFromRequest($request)->setContinueOnNoEffect(true)->applyTransactions($config, $xactions); if ($provider->hasSetupStep() && $is_new) { $id = $config->getID(); $next_uri = $this->getApplicationURI('config/edit/' . $id . '/'); } else { $next_uri = $this->getApplicationURI(); } return id(new AphrontRedirectResponse())->setURI($next_uri); } } else { $properties = $provider->readFormValuesFromProvider(); $issues = array(); } if ($is_new) { $button = pht('Add Provider'); $crumb = pht('Add Provider'); $title = pht('Add Authentication Provider'); $cancel_uri = $this->getApplicationURI('/config/new/'); } else { $button = pht('Save'); $crumb = pht('Edit Provider'); $title = pht('Edit Authentication Provider'); $cancel_uri = $this->getApplicationURI(); } $config_name = 'auth.email-domains'; $config_href = '/config/edit/' . $config_name . '/'; $email_domains = PhabricatorEnv::getEnvConfig($config_name); if ($email_domains) { $registration_warning = pht('Users will only be able to register with a verified email address ' . 'at one of the configured [[ %s | %s ]] domains: **%s**', $config_href, $config_name, implode(', ', $email_domains)); } else { $registration_warning = pht("NOTE: Any user who can browse to this install's login page will be " . "able to register a Phabricator account. To restrict who can register " . "an account, configure [[ %s | %s ]].", $config_href, $config_name); } $str_registration = array(phutil_tag('strong', array(), pht('Allow Registration:')), ' ', pht('Allow users to register new Phabricator accounts using this ' . 'provider. If you disable registration, users can still use this ' . 'provider to log in to existing accounts, but will not be able to ' . 'create new accounts.')); $str_link = hsprintf('<strong>%s:</strong> %s', pht('Allow Linking Accounts'), pht('Allow users to link account credentials for this provider to ' . 'existing Phabricator accounts. There is normally no reason to ' . 'disable this unless you are trying to move away from a provider ' . 'and want to stop users from creating new account links.')); $str_unlink = hsprintf('<strong>%s:</strong> %s', pht('Allow Unlinking Accounts'), pht('Allow users to unlink account credentials for this provider from ' . 'existing Phabricator accounts. If you disable this, Phabricator ' . 'accounts will be permanently bound to provider accounts.')); $str_trusted_email = hsprintf('<strong>%s:</strong> %s', pht('Trust Email Addresses'), pht('Phabricator will skip email verification for accounts registered ' . 'through this provider.')); $status_tag = id(new PHUITagView())->setType(PHUITagView::TYPE_STATE); if ($is_new) { $status_tag->setName(pht('New Provider'))->setBackgroundColor('blue'); } else { if ($config->getIsEnabled()) { $status_tag->setName(pht('Enabled'))->setBackgroundColor('green'); } else { $status_tag->setName(pht('Disabled'))->setBackgroundColor('red'); } } $form = id(new AphrontFormView())->setUser($viewer)->appendChild(id(new AphrontFormStaticControl())->setLabel(pht('Provider'))->setValue($provider->getProviderName()))->appendChild(id(new AphrontFormStaticControl())->setLabel(pht('Status'))->setValue($status_tag))->appendChild(id(new AphrontFormCheckboxControl())->setLabel(pht('Allow'))->addCheckbox('allowRegistration', 1, $str_registration, $v_registration))->appendRemarkupInstructions($registration_warning)->appendChild(id(new AphrontFormCheckboxControl())->addCheckbox('allowLink', 1, $str_link, $v_link))->appendChild(id(new AphrontFormCheckboxControl())->addCheckbox('allowUnlink', 1, $str_unlink, $v_unlink)); if ($provider->shouldAllowEmailTrustConfiguration()) { $form->appendChild(id(new AphrontFormCheckboxControl())->addCheckbox('trustEmails', 1, $str_trusted_email, $v_trust_email)); } $provider->extendEditForm($request, $form, $properties, $issues); $form->appendChild(id(new AphrontFormSubmitControl())->addCancelButton($cancel_uri)->setValue($button)); $help = $provider->getConfigurationHelp(); if ($help) { $form->appendChild(id(new PHUIFormDividerControl())); $form->appendRemarkupInstructions($help); } $footer = $provider->renderConfigurationFooter(); $crumbs = $this->buildApplicationCrumbs(); $crumbs->addTextCrumb($crumb); $xaction_view = null; if (!$is_new) { $xactions = id(new PhabricatorAuthProviderConfigTransactionQuery())->withObjectPHIDs(array($config->getPHID()))->setViewer($viewer)->execute(); foreach ($xactions as $xaction) { $xaction->setProvider($provider); } $xaction_view = id(new PhabricatorApplicationTransactionView())->setUser($viewer)->setObjectPHID($config->getPHID())->setTransactions($xactions); } $form_box = id(new PHUIObjectBoxView())->setHeaderText($title)->setFormErrors($errors)->setForm($form); return $this->buildApplicationPage(array($crumbs, $form_box, $footer, $xaction_view), array('title' => $title)); }