protected function buildUserInformationDictionary(PhabricatorUser $user, PhabricatorUserStatus $current_status = null)
{
$roles = array();
if ($user->getIsDisabled()) {
$roles[] = 'disabled';
}
if ($user->getIsSystemAgent()) {
$roles[] = 'agent';
}
if ($user->getIsAdmin()) {
$roles[] = 'admin';
}
$primary = $user->loadPrimaryEmail();
if ($primary && $primary->getIsVerified()) {
$roles[] = 'verified';
} else {
$roles[] = 'unverified';
}
$return = array('phid' => $user->getPHID(), 'userName' => $user->getUserName(), 'realName' => $user->getRealName(), 'image' => $user->loadProfileImageURI(), 'uri' => PhabricatorEnv::getURI('/p/' . $user->getUsername() . '/'), 'roles' => $roles);
if ($current_status) {
$return['currentStatus'] = $current_status->getTextStatus();
$return['currentStatusUntil'] = $current_status->getDateTo();
}
return $return;
}
protected function buildUserInformationDictionary(PhabricatorUser $user)
{
$src_phid = $user->getProfileImagePHID();
$file = id(new PhabricatorFile())->loadOneWhere('phid = %s', $src_phid);
if ($file) {
$picture = $file->getBestURI();
} else {
$picture = null;
}
return array('phid' => $user->getPHID(), 'userName' => $user->getUserName(), 'realName' => $user->getRealName(), 'email' => $user->getEmail(), 'image' => $picture, 'uri' => PhabricatorEnv::getURI('/p/' . $user->getUsername() . '/'));
}
public static function indexUser(PhabricatorUser $user)
{
$doc = new PhabricatorSearchAbstractDocument();
$doc->setPHID($user->getPHID());
$doc->setDocumentType(PhabricatorPHIDConstants::PHID_TYPE_USER);
$doc->setDocumentTitle($user->getUserName() . '(' . $user->getRealName() . ')');
$doc->setDocumentCreated($user->getDateCreated());
$doc->setDocumentModified($user->getDateModified());
// TODO: Index the blurbs from their profile or something? Probably not
// actually useful...
PhabricatorSearchDocument::reindexAbstractDocument($doc);
}
public function processRequest()
{
$request = $this->getRequest();
$viewer = $request->getUser();
$is_admin = $viewer->getIsAdmin();
$user = new PhabricatorUser();
$count = queryfx_one($user->establishConnection('r'), 'SELECT COUNT(*) N FROM %T', $user->getTableName());
$count = idx($count, 'N', 0);
$pager = new AphrontPagerView();
$pager->setOffset($request->getInt('page', 0));
$pager->setCount($count);
$pager->setURI($request->getRequestURI(), 'page');
$users = id(new PhabricatorPeopleQuery())->needPrimaryEmail(true)->executeWithOffsetPager($pager);
$rows = array();
foreach ($users as $user) {
$primary_email = $user->loadPrimaryEmail();
if ($primary_email && $primary_email->getIsVerified()) {
$email = 'Verified';
} else {
$email = 'Unverified';
}
$status = array();
if ($user->getIsDisabled()) {
$status[] = 'Disabled';
}
if ($user->getIsAdmin()) {
$status[] = 'Admin';
}
if ($user->getIsSystemAgent()) {
$status[] = 'System Agent';
}
$status = implode(', ', $status);
$rows[] = array(phabricator_date($user->getDateCreated(), $viewer), phabricator_time($user->getDateCreated(), $viewer), phutil_render_tag('a', array('href' => '/p/' . $user->getUsername() . '/'), phutil_escape_html($user->getUserName())), phutil_escape_html($user->getRealName()), $status, $email, phutil_render_tag('a', array('class' => 'button grey small', 'href' => '/people/edit/' . $user->getID() . '/'), 'Administrate User'));
}
$table = new AphrontTableView($rows);
$table->setHeaders(array('Join Date', 'Time', 'Username', 'Real Name', 'Roles', 'Email', ''));
$table->setColumnClasses(array(null, 'right', 'pri', 'wide', null, null, 'action'));
$table->setColumnVisibility(array(true, true, true, true, $is_admin, $is_admin, $is_admin));
$panel = new AphrontPanelView();
$panel->setHeader('People (' . number_format($count) . ')');
$panel->appendChild($table);
$panel->appendChild($pager);
if ($is_admin) {
$panel->addButton(phutil_render_tag('a', array('href' => '/people/edit/', 'class' => 'button green'), 'Create New Account'));
if (PhabricatorEnv::getEnvConfig('ldap.auth-enabled')) {
$panel->addButton(phutil_render_tag('a', array('href' => '/people/ldap/', 'class' => 'button green'), 'Import from LDAP'));
}
}
$nav = $this->buildSideNavView();
$nav->selectFilter('people');
$nav->appendChild($panel);
return $this->buildApplicationPage($nav, array('title' => 'People'));
}
public static function indexUser(PhabricatorUser $user)
{
$doc = new PhabricatorSearchAbstractDocument();
$doc->setPHID($user->getPHID());
$doc->setDocumentType(PhabricatorPHIDConstants::PHID_TYPE_USER);
$doc->setDocumentTitle($user->getUserName() . ' (' . $user->getRealName() . ')');
$doc->setDocumentCreated($user->getDateCreated());
$doc->setDocumentModified($user->getDateModified());
// TODO: Index the blurbs from their profile or something? Probably not
// actually useful...
if (!$user->getIsDisabled()) {
$doc->addRelationship(PhabricatorSearchRelationship::RELATIONSHIP_OPEN, $user->getPHID(), PhabricatorPHIDConstants::PHID_TYPE_USER, time());
}
self::reindexAbstractDocument($doc);
}
protected function buildUserInformationDictionary(PhabricatorUser $user, $with_email = false, $with_availability = false)
{
$roles = array();
if ($user->getIsDisabled()) {
$roles[] = 'disabled';
}
if ($user->getIsSystemAgent()) {
$roles[] = 'agent';
}
if ($user->getIsMailingList()) {
$roles[] = 'list';
}
if ($user->getIsAdmin()) {
$roles[] = 'admin';
}
$primary = $user->loadPrimaryEmail();
if ($primary && $primary->getIsVerified()) {
$email = $primary->getAddress();
$roles[] = 'verified';
} else {
$email = null;
$roles[] = 'unverified';
}
if ($user->getIsApproved()) {
$roles[] = 'approved';
}
if ($user->isUserActivated()) {
$roles[] = 'activated';
}
$return = array('phid' => $user->getPHID(), 'userName' => $user->getUserName(), 'realName' => $user->getRealName(), 'image' => $user->getProfileImageURI(), 'uri' => PhabricatorEnv::getURI('/p/' . $user->getUsername() . '/'), 'roles' => $roles);
if ($with_email) {
$return['primaryEmail'] = $email;
}
if ($with_availability) {
// TODO: Modernize this once we have a more long-term view of what the
// data looks like.
$until = $user->getAwayUntil();
if ($until) {
$return['currentStatus'] = 'away';
$return['currentStatusUntil'] = $until;
}
}
return $return;
}
public function processRequest()
{
$request = $this->getRequest();
$viewer = $request->getUser();
$is_admin = $viewer->getIsAdmin();
$user = new PhabricatorUser();
$count = queryfx_one($user->establishConnection('r'), 'SELECT COUNT(*) N FROM %T', $user->getTableName());
$count = idx($count, 'N', 0);
$pager = new AphrontPagerView();
$pager->setOffset($request->getInt('page', 0));
$pager->setCount($count);
$pager->setURI($request->getRequestURI(), 'page');
$users = id(new PhabricatorUser())->loadAllWhere('1 = 1 ORDER BY id DESC LIMIT %d, %d', $pager->getOffset(), $pager->getPageSize());
$rows = array();
foreach ($users as $user) {
$status = '';
if ($user->getIsDisabled()) {
$status = 'Disabled';
} else {
if ($user->getIsAdmin()) {
$status = 'Admin';
} else {
$status = '-';
}
}
$rows[] = array(phabricator_date($user->getDateCreated(), $viewer), phabricator_time($user->getDateCreated(), $viewer), phutil_render_tag('a', array('href' => '/p/' . $user->getUsername() . '/'), phutil_escape_html($user->getUserName())), phutil_escape_html($user->getRealName()), $status, phutil_render_tag('a', array('class' => 'button grey small', 'href' => '/people/edit/' . $user->getID() . '/'), 'Administrate User'));
}
$table = new AphrontTableView($rows);
$table->setHeaders(array('Join Date', 'Time', 'Username', 'Real Name', 'Status', ''));
$table->setColumnClasses(array(null, 'right', 'pri', 'wide', null, 'action'));
$table->setColumnVisibility(array(true, true, true, true, $is_admin, $is_admin));
$panel = new AphrontPanelView();
$panel->setHeader('People (' . number_format($count) . ')');
$panel->appendChild($table);
$panel->appendChild($pager);
if ($is_admin) {
$panel->addButton(phutil_render_tag('a', array('href' => '/people/edit/', 'class' => 'button green'), 'Create New Account'));
}
return $this->buildStandardPageResponse($panel, array('title' => 'People', 'tab' => 'directory'));
}
exit(1);
}
$user = new PhabricatorUser();
$user->setUsername($username);
$is_new = true;
} else {
$original = clone $user;
echo pht("There is an existing user account '%s'.", $username) . "\n";
$ok = phutil_console_confirm(pht("Do you want to edit the existing '%s' account?", $username), $default_no = false);
if (!$ok) {
echo pht('Cancelled.') . "\n";
exit(1);
}
$is_new = false;
}
$user_realname = $user->getRealName();
if (strlen($user_realname)) {
$realname_prompt = ' [' . $user_realname . ']:';
} else {
$realname_prompt = ':';
}
$realname = nonempty(phutil_console_prompt(pht('Enter user real name') . $realname_prompt), $user_realname);
$user->setRealName($realname);
// When creating a new user we prompt for an email address; when editing an
// existing user we just skip this because it would be quite involved to provide
// a reasonable CLI interface for editing multiple addresses and managing email
// verification and primary addresses.
$create_email = null;
if ($is_new) {
do {
$email = phutil_console_prompt(pht('Enter user email address:'));
public function sendUsernameChangeEmail(PhabricatorUser $admin, $old_username)
{
$admin_username = $admin->getUserName();
$admin_realname = $admin->getRealName();
$new_username = $this->getUserName();
$password_instructions = null;
if (PhabricatorPasswordAuthProvider::getPasswordProvider()) {
$engine = new PhabricatorAuthSessionEngine();
$uri = $engine->getOneTimeLoginURI($this, null, PhabricatorAuthSessionEngine::ONETIME_USERNAME);
$password_instructions = <<<EOTXT
If you use a password to login, you'll need to reset it before you can login
again. You can reset your password by following this link:
{$uri}
And, of course, you'll need to use your new username to login from now on. If
you use OAuth to login, nothing should change.
EOTXT;
}
$body = <<<EOBODY
{$admin_username} ({$admin_realname}) has changed your Phabricator username.
Old Username: {$old_username}
New Username: {$new_username}
{$password_instructions}
EOBODY;
$mail = id(new PhabricatorMetaMTAMail())->addTos(array($this->getPHID()))->setForceDelivery(true)->setSubject('[Phabricator] Username Changed')->setBody($body)->saveAndSend();
}
public function sendUsernameChangeEmail(PhabricatorUser $admin, $old_username)
{
$admin_username = $admin->getUserName();
$admin_realname = $admin->getRealName();
$new_username = $this->getUserName();
$password_instructions = null;
if (PhabricatorPasswordAuthProvider::getPasswordProvider()) {
$engine = new PhabricatorAuthSessionEngine();
$uri = $engine->getOneTimeLoginURI($this, null, PhabricatorAuthSessionEngine::ONETIME_USERNAME);
$password_instructions = sprintf("%s\n\n %s\n\n%s\n", pht("If you use a password to login, you'll need to reset it " . "before you can login again. You can reset your password by " . "following this link:"), $uri, pht("And, of course, you'll need to use your new username to login " . "from now on. If you use OAuth to login, nothing should change."));
}
$body = sprintf("%s\n\n %s\n %s\n\n%s", pht('%s (%s) has changed your Phabricator username.', $admin_username, $admin_realname), pht('Old Username: %s', $old_username), pht('New Username: %s', $new_username), $password_instructions);
$mail = id(new PhabricatorMetaMTAMail())->addTos(array($this->getPHID()))->setForceDelivery(true)->setSubject(pht('[Phabricator] Username Changed'))->setBody($body)->saveAndSend();
}
/**
* Small helper function to make sure we format the username properly as
* specified by the `metamta.user-address-format` configuration value.
*/
private function getUserName(PhabricatorUser $user)
{
$format = PhabricatorEnv::getEnvConfig('metamta.user-address-format');
switch ($format) {
case 'short':
$name = $user->getUserName();
break;
case 'real':
$name = strlen($user->getRealName()) ? $user->getRealName() : $user->getUserName();
break;
case 'full':
default:
$name = $user->getFullName();
break;
}
return $name;
}
public function sendWelcomeEmail(PhabricatorUser $admin)
{
$admin_username = $admin->getUserName();
$admin_realname = $admin->getRealName();
$user_username = $this->getUserName();
$is_serious = PhabricatorEnv::getEnvConfig('phabricator.serious-business');
$base_uri = PhabricatorEnv::getProductionURI('/');
$uri = $this->getEmailLoginURI();
$body = <<<EOBODY
Welcome to Phabricator!
{$admin_username} ({$admin_realname}) has created an account for you.
Username: {$user_username}
To login to Phabricator, follow this link and set a password:
{$uri}
After you have set a password, you can login in the future by going here:
{$base_uri}
EOBODY;
if (!$is_serious) {
$body .= <<<EOBODY
Love,
Phabricator
EOBODY;
}
$mail = id(new PhabricatorMetaMTAMail())->addTos(array($this->getPHID()))->setSubject('[Phabricator] Welcome to Phabricator')->setBody($body)->setFrom($admin->getPHID())->saveAndSend();
}
private function processBasicRequest(PhabricatorUser $user)
{
$request = $this->getRequest();
$admin = $request->getUser();
$e_username = true;
$e_realname = true;
$e_email = true;
$errors = array();
$welcome_checked = true;
$request = $this->getRequest();
if ($request->isFormPost()) {
$welcome_checked = $request->getInt('welcome');
if (!$user->getID()) {
$user->setUsername($request->getStr('username'));
$user->setEmail($request->getStr('email'));
if ($request->getStr('role') == 'agent') {
$user->setIsSystemAgent(true);
}
}
$user->setRealName($request->getStr('realname'));
if (!strlen($user->getUsername())) {
$errors[] = "Username is required.";
$e_username = '******';
} else {
if (!PhabricatorUser::validateUsername($user->getUsername())) {
$errors[] = "Username must consist of only numbers and letters.";
$e_username = '******';
} else {
$e_username = null;
}
}
if (!strlen($user->getRealName())) {
$errors[] = 'Real name is required.';
$e_realname = 'Required';
} else {
$e_realname = null;
}
if (!strlen($user->getEmail())) {
$errors[] = 'Email is required.';
$e_email = 'Required';
} else {
$e_email = null;
}
if (!$errors) {
try {
$is_new = !$user->getID();
$user->save();
if ($is_new) {
$log = PhabricatorUserLog::newLog($admin, $user, PhabricatorUserLog::ACTION_CREATE);
$log->save();
if ($welcome_checked) {
$user->sendWelcomeEmail($admin);
}
}
$response = id(new AphrontRedirectResponse())->setURI('/people/edit/' . $user->getID() . '/?saved=true');
return $response;
} catch (AphrontQueryDuplicateKeyException $ex) {
$errors[] = 'Username and email must be unique.';
$same_username = id(new PhabricatorUser())->loadOneWhere('username = %s', $user->getUsername());
$same_email = id(new PhabricatorUser())->loadOneWhere('email = %s', $user->getEmail());
if ($same_username) {
$e_username = '******';
}
if ($same_email) {
$e_email = 'Duplicate';
}
}
}
}
$error_view = null;
if ($errors) {
$error_view = id(new AphrontErrorView())->setTitle('Form Errors')->setErrors($errors);
}
$form = new AphrontFormView();
$form->setUser($admin);
if ($user->getID()) {
$form->setAction('/people/edit/' . $user->getID() . '/');
} else {
$form->setAction('/people/edit/');
}
if ($user->getID()) {
$is_immutable = true;
} else {
$is_immutable = false;
}
$form->appendChild(id(new AphrontFormTextControl())->setLabel('Username')->setName('username')->setValue($user->getUsername())->setError($e_username)->setDisabled($is_immutable)->setCaption('Usernames are permanent and can not be changed later!'))->appendChild(id(new AphrontFormTextControl())->setLabel('Real Name')->setName('realname')->setValue($user->getRealName())->setError($e_realname))->appendChild(id(new AphrontFormTextControl())->setLabel('Email')->setName('email')->setDisabled($is_immutable)->setValue($user->getEmail())->setError($e_email))->appendChild($this->getRoleInstructions());
if (!$user->getID()) {
$form->appendChild(id(new AphrontFormSelectControl())->setLabel('Role')->setName('role')->setValue('user')->setOptions(array('user' => 'Normal User', 'agent' => 'System Agent'))->setCaption('You can create a "system agent" account for bots, scripts, ' . 'etc.'))->appendChild(id(new AphrontFormCheckboxControl())->addCheckbox('welcome', 1, 'Send "Welcome to Phabricator" email.', $welcome_checked));
} else {
$form->appendChild(id(new AphrontFormStaticControl())->setLabel('Role')->setValue($user->getIsSystemAgent() ? 'System Agent' : 'Normal User'));
}
$form->appendChild(id(new AphrontFormSubmitControl())->setValue('Save'));
$panel = new AphrontPanelView();
if ($user->getID()) {
$panel->setHeader('Edit User');
} else {
$panel->setHeader('Create New User');
}
$panel->appendChild($form);
$panel->setWidth(AphrontPanelView::WIDTH_FORM);
return array($error_view, $panel);
}
public function sendUsernameChangeEmail(PhabricatorUser $admin, $old_username)
{
$admin_username = $admin->getUserName();
$admin_realname = $admin->getRealName();
$new_username = $this->getUserName();
$password_instructions = null;
if (PhabricatorEnv::getEnvConfig('auth.password-auth-enabled')) {
$uri = $this->getEmailLoginURI();
$password_instructions = <<<EOTXT
If you use a password to login, you'll need to reset it before you can login
again. You can reset your password by following this link:
{$uri}
And, of course, you'll need to use your new username to login from now on. If
you use OAuth to login, nothing should change.
EOTXT;
}
$body = <<<EOBODY
{$admin_username} ({$admin_realname}) has changed your Phabricator username.
Old Username: {$old_username}
New Username: {$new_username}
{$password_instructions}
EOBODY;
$mail = id(new PhabricatorMetaMTAMail())->addTos(array($this->getPHID()))->setSubject('[Phabricator] Username Changed')->setBody($body)->setFrom($admin->getPHID())->saveAndSend();
}
protected function buildUserInformationDictionary(PhabricatorUser $user)
{
return array('phid' => $user->getPHID(), 'userName' => $user->getUserName(), 'realName' => $user->getRealName());
}
private function processBasicRequest(PhabricatorUser $user)
{
$request = $this->getRequest();
$admin = $request->getUser();
$e_username = true;
$e_realname = true;
$e_email = true;
$errors = array();
$welcome_checked = true;
$request = $this->getRequest();
if ($request->isFormPost()) {
$welcome_checked = $request->getInt('welcome');
if (!$user->getID()) {
$user->setUsername($request->getStr('username'));
$user->setEmail($request->getStr('email'));
if ($request->getStr('role') == 'agent') {
$user->setIsSystemAgent(true);
}
}
$user->setRealName($request->getStr('realname'));
if (!strlen($user->getUsername())) {
$errors[] = "Username is required.";
$e_username = '******';
} else {
if (!preg_match('/^[a-z0-9]+$/', $user->getUsername())) {
$errors[] = "Username must consist of only numbers and letters.";
$e_username = '******';
} else {
$e_username = null;
}
}
if (!strlen($user->getRealName())) {
$errors[] = 'Real name is required.';
$e_realname = 'Required';
} else {
$e_realname = null;
}
if (!strlen($user->getEmail())) {
$errors[] = 'Email is required.';
$e_email = 'Required';
} else {
$e_email = null;
}
if (!$errors) {
try {
$is_new = !$user->getID();
$user->save();
if ($is_new) {
$log = PhabricatorUserLog::newLog($admin, $user, PhabricatorUserLog::ACTION_CREATE);
$log->save();
if ($welcome_checked) {
$admin_username = $admin->getUserName();
$admin_realname = $admin->getRealName();
$user_username = $user->getUserName();
$base_uri = PhabricatorEnv::getProductionURI('/');
$uri = $user->getEmailLoginURI();
$body = <<<EOBODY
Welcome to Phabricator!
{$admin_username} ({$admin_realname}) has created an account for you.
Username: {$user_username}
To login to Phabricator, follow this link and set a password:
{$uri}
After you have set a password, you can login in the future by going here:
{$base_uri}
Love,
Phabricator
EOBODY;
$mail = id(new PhabricatorMetaMTAMail())->addTos(array($user->getPHID()))->setSubject('[Phabricator] Welcome to Phabricator')->setBody($body)->setFrom($admin->getPHID())->saveAndSend();
}
}
$response = id(new AphrontRedirectResponse())->setURI('/people/edit/' . $user->getID() . '/?saved=true');
return $response;
} catch (AphrontQueryDuplicateKeyException $ex) {
$errors[] = 'Username and email must be unique.';
$same_username = id(new PhabricatorUser())->loadOneWhere('username = %s', $user->getUsername());
$same_email = id(new PhabricatorUser())->loadOneWhere('email = %s', $user->getEmail());
if ($same_username) {
$e_username = '******';
}
if ($same_email) {
$e_email = 'Duplicate';
}
}
}
}
$error_view = null;
if ($errors) {
$error_view = id(new AphrontErrorView())->setTitle('Form Errors')->setErrors($errors);
}
$form = new AphrontFormView();
$form->setUser($admin);
if ($user->getID()) {
$form->setAction('/people/edit/' . $user->getID() . '/');
} else {
$form->setAction('/people/edit/');
}
if ($user->getID()) {
$is_immutable = true;
} else {
$is_immutable = false;
}
$form->appendChild(id(new AphrontFormTextControl())->setLabel('Username')->setName('username')->setValue($user->getUsername())->setError($e_username)->setDisabled($is_immutable)->setCaption('Usernames are permanent and can not be changed later!'))->appendChild(id(new AphrontFormTextControl())->setLabel('Real Name')->setName('realname')->setValue($user->getRealName())->setError($e_realname))->appendChild(id(new AphrontFormTextControl())->setLabel('Email')->setName('email')->setDisabled($is_immutable)->setValue($user->getEmail())->setError($e_email));
if (!$user->getID()) {
$form->appendChild(id(new AphrontFormSelectControl())->setLabel('Role')->setName('role')->setValue('user')->setOptions(array('user' => 'Normal User', 'agent' => 'System Agent'))->setCaption('You can create a "system agent" account for bots, scripts, ' . 'etc.'))->appendChild(id(new AphrontFormCheckboxControl())->addCheckbox('welcome', 1, 'Send "Welcome to Phabricator" email.', $welcome_checked));
} else {
$form->appendChild(id(new AphrontFormStaticControl())->setLabel('Role')->setValue($user->getIsSystemAgent() ? 'System Agent' : 'Normal User'));
}
$form->appendChild(id(new AphrontFormSubmitControl())->setValue('Save'));
$panel = new AphrontPanelView();
if ($user->getID()) {
$panel->setHeader('Edit User');
} else {
$panel->setHeader('Create New User');
}
$panel->appendChild($form);
$panel->setWidth(AphrontPanelView::WIDTH_FORM);
return array($error_view, $panel);
}
public function processRequest()
{
$provider = $this->getLDAProvider();
$ldap_info = $this->getLDAPInfo();
$request = $this->getRequest();
$errors = array();
$e_username = true;
$e_email = true;
$e_realname = true;
$user = new PhabricatorUser();
$user->setUsername();
$user->setRealname($provider->retrieveUserRealName());
$new_email = $provider->retrieveUserEmail();
if ($new_email) {
// If the user's LDAP provider account has an email address but the
// email address domain is not allowed by the Phabricator configuration,
// we just pretend the provider did not supply an address.
//
// For instance, if the user uses LDAP Auth and their email address
// is "*****@*****.**" but Phabricator is configured to require users
// use "@company.com" addresses, we show a prompt below and tell the user
// to provide their "@company.com" address. They can still use the LDAP
// account to login, they just need to associate their account with an
// allowed address.
//
// If the email address is fine, we just use it and don't prompt the user.
if (!PhabricatorUserEmail::isAllowedAddress($new_email)) {
$new_email = null;
}
}
$show_email_input = $new_email === null;
if ($request->isFormPost()) {
$user->setUsername($request->getStr('username'));
$username = $user->getUsername();
if (!strlen($user->getUsername())) {
$e_username = '******';
$errors[] = 'Username is required.';
} else {
if (!PhabricatorUser::validateUsername($username)) {
$e_username = '******';
$errors[] = PhabricatorUser::describeValidUsername();
} else {
$e_username = null;
}
}
if (!$new_email) {
$new_email = trim($request->getStr('email'));
if (!$new_email) {
$e_email = 'Required';
$errors[] = 'Email is required.';
} else {
$e_email = null;
}
}
if ($new_email) {
if (!PhabricatorUserEmail::isAllowedAddress($new_email)) {
$e_email = 'Invalid';
$errors[] = PhabricatorUserEmail::describeAllowedAddresses();
}
}
if (!strlen($user->getRealName())) {
$user->setRealName($request->getStr('realname'));
if (!strlen($user->getRealName())) {
$e_realname = 'Required';
$errors[] = 'Real name is required.';
} else {
$e_realname = null;
}
}
if (!$errors) {
try {
// NOTE: We don't verify LDAP email addresses by default because
// LDAP providers might associate email addresses with accounts that
// haven't actually verified they own them. We could selectively
// auto-verify some providers that we trust here, but the stakes for
// verifying an email address are high because having a corporate
// address at a company is sometimes the key to the castle.
$email_obj = id(new PhabricatorUserEmail())->setAddress($new_email)->setIsVerified(0);
id(new PhabricatorUserEditor())->setActor($user)->createNewUser($user, $email_obj);
$ldap_info->setUserID($user->getID());
$ldap_info->save();
$session_key = $user->establishSession('web');
$request->setCookie('phusr', $user->getUsername());
$request->setCookie('phsid', $session_key);
$email_obj->sendVerificationEmail($user);
return id(new AphrontRedirectResponse())->setURI('/');
} catch (AphrontQueryDuplicateKeyException $exception) {
$same_username = id(new PhabricatorUser())->loadOneWhere('userName = %s', $user->getUserName());
$same_email = id(new PhabricatorUserEmail())->loadOneWhere('address = %s', $new_email);
if ($same_username) {
$e_username = '******';
$errors[] = 'That username or email is not unique.';
} else {
if ($same_email) {
$e_email = 'Duplicate';
$errors[] = 'That email is not unique.';
} else {
throw $exception;
}
}
}
}
}
$error_view = null;
if ($errors) {
$error_view = new AphrontErrorView();
$error_view->setTitle('Registration Failed');
$error_view->setErrors($errors);
}
// Strip the URI down to the path, because otherwise we'll trigger
// external CSRF protection (by having a protocol in the form "action")
// and generate a form with no CSRF token.
$action_uri = new PhutilURI('/ldap/login/');
$action_path = $action_uri->getPath();
$form = new AphrontFormView();
$form->setUser($request->getUser())->setAction($action_path)->appendChild(id(new AphrontFormTextControl())->setLabel('Username')->setName('username')->setValue($user->getUsername())->setError($e_username));
$form->appendChild(id(new AphrontFormPasswordControl())->setLabel('Password')->setName('password'));
if ($show_email_input) {
$form->appendChild(id(new AphrontFormTextControl())->setLabel('Email')->setName('email')->setValue($request->getStr('email'))->setError($e_email));
}
if ($provider->retrieveUserRealName() === null) {
$form->appendChild(id(new AphrontFormTextControl())->setLabel('Real Name')->setName('realname')->setValue($request->getStr('realname'))->setError($e_realname));
}
$form->appendChild(id(new AphrontFormSubmitControl())->setValue('Create Account'));
$panel = new AphrontPanelView();
$panel->setHeader('Create New Account');
$panel->setWidth(AphrontPanelView::WIDTH_FORM);
$panel->appendChild($form);
return $this->buildStandardPageResponse(array($error_view, $panel), array('title' => 'Create New Account'));
}
public function processRequest()
{
$request = $this->getRequest();
$admin = $request->getUser();
switch ($this->type) {
case 'standard':
$is_bot = false;
break;
case 'bot':
$is_bot = true;
break;
default:
return new Aphront404Response();
}
$user = new PhabricatorUser();
$require_real_name = PhabricatorEnv::getEnvConfig('user.require-real-name');
$e_username = true;
$e_realname = $require_real_name ? true : null;
$e_email = true;
$errors = array();
$welcome_checked = true;
$new_email = null;
$request = $this->getRequest();
if ($request->isFormPost()) {
$welcome_checked = $request->getInt('welcome');
$user->setUsername($request->getStr('username'));
$new_email = $request->getStr('email');
if (!strlen($new_email)) {
$errors[] = pht('Email is required.');
$e_email = pht('Required');
} else {
if (!PhabricatorUserEmail::isAllowedAddress($new_email)) {
$e_email = pht('Invalid');
$errors[] = PhabricatorUserEmail::describeAllowedAddresses();
} else {
$e_email = null;
}
}
$user->setRealName($request->getStr('realname'));
if (!strlen($user->getUsername())) {
$errors[] = pht('Username is required.');
$e_username = pht('Required');
} else {
if (!PhabricatorUser::validateUsername($user->getUsername())) {
$errors[] = PhabricatorUser::describeValidUsername();
$e_username = pht('Invalid');
} else {
$e_username = null;
}
}
if (!strlen($user->getRealName()) && $require_real_name) {
$errors[] = pht('Real name is required.');
$e_realname = pht('Required');
} else {
$e_realname = null;
}
if (!$errors) {
try {
$email = id(new PhabricatorUserEmail())->setAddress($new_email)->setIsVerified(0);
// Automatically approve the user, since an admin is creating them.
$user->setIsApproved(1);
// If the user is a bot, approve their email too.
if ($is_bot) {
$email->setIsVerified(1);
}
id(new PhabricatorUserEditor())->setActor($admin)->createNewUser($user, $email);
if ($is_bot) {
id(new PhabricatorUserEditor())->setActor($admin)->makeSystemAgentUser($user, true);
}
if ($welcome_checked && !$is_bot) {
$user->sendWelcomeEmail($admin);
}
$response = id(new AphrontRedirectResponse())->setURI('/p/' . $user->getUsername() . '/');
return $response;
} catch (AphrontDuplicateKeyQueryException $ex) {
$errors[] = pht('Username and email must be unique.');
$same_username = id(new PhabricatorUser())->loadOneWhere('username = %s', $user->getUsername());
$same_email = id(new PhabricatorUserEmail())->loadOneWhere('address = %s', $new_email);
if ($same_username) {
$e_username = pht('Duplicate');
}
if ($same_email) {
$e_email = pht('Duplicate');
}
}
}
}
$form = id(new AphrontFormView())->setUser($admin);
if ($is_bot) {
$form->appendRemarkupInstructions(pht('You are creating a new **bot/script** user account.'));
} else {
$form->appendRemarkupInstructions(pht('You are creating a new **standard** user account.'));
}
$form->appendChild(id(new AphrontFormTextControl())->setLabel(pht('Username'))->setName('username')->setValue($user->getUsername())->setError($e_username))->appendChild(id(new AphrontFormTextControl())->setLabel(pht('Real Name'))->setName('realname')->setValue($user->getRealName())->setError($e_realname))->appendChild(id(new AphrontFormTextControl())->setLabel(pht('Email'))->setName('email')->setValue($new_email)->setCaption(PhabricatorUserEmail::describeAllowedAddresses())->setError($e_email));
if (!$is_bot) {
$form->appendChild(id(new AphrontFormCheckboxControl())->addCheckbox('welcome', 1, pht('Send "Welcome to Phabricator" email with login instructions.'), $welcome_checked));
}
$form->appendChild(id(new AphrontFormSubmitControl())->addCancelButton($this->getApplicationURI())->setValue(pht('Create User')));
if ($is_bot) {
$form->appendChild(id(new AphrontFormDividerControl()))->appendRemarkupInstructions(pht('**Why do bot/script accounts need an email address?**' . "\n\n" . 'Although bots do not normally receive email from Phabricator, ' . 'they can interact with other systems which require an email ' . 'address. Examples include:' . "\n\n" . " - If the account takes actions which //send// email, we need " . " an address to use in the //From// header.\n" . " - If the account creates commits, Git and Mercurial require " . " an email address for authorship.\n" . " - If you send email //to// Phabricator on behalf of the " . " account, the address can identify the sender.\n" . " - Some internal authentication functions depend on accounts " . " having an email address.\n" . "\n\n" . "The address will automatically be verified, so you do not need " . "to be able to receive mail at this address, and can enter some " . "invalid or nonexistent (but correctly formatted) address like " . "`bot@yourcompany.com` if you prefer."));
}
$title = pht('Create New User');
$form_box = id(new PHUIObjectBoxView())->setHeaderText($title)->setFormErrors($errors)->setForm($form);
$crumbs = $this->buildApplicationCrumbs();
$crumbs->addTextCrumb($title);
return $this->buildApplicationPage(array($crumbs, $form_box), array('title' => $title));
}
private function processBasicRequest(PhabricatorUser $user)
{
$request = $this->getRequest();
$admin = $request->getUser();
$e_username = true;
$e_realname = true;
$e_email = true;
$errors = array();
$welcome_checked = true;
$new_email = null;
$request = $this->getRequest();
if ($request->isFormPost()) {
$welcome_checked = $request->getInt('welcome');
if (!$user->getID()) {
$user->setUsername($request->getStr('username'));
$new_email = $request->getStr('email');
if (!strlen($new_email)) {
$errors[] = 'Email is required.';
$e_email = 'Required';
} else {
if (!PhabricatorUserEmail::isAllowedAddress($new_email)) {
$e_email = 'Invalid';
$errors[] = PhabricatorUserEmail::describeAllowedAddresses();
} else {
$e_email = null;
}
}
if ($request->getStr('role') == 'agent') {
$user->setIsSystemAgent(true);
}
}
$user->setRealName($request->getStr('realname'));
if (!strlen($user->getUsername())) {
$errors[] = "Username is required.";
$e_username = '******';
} else {
if (!PhabricatorUser::validateUsername($user->getUsername())) {
$errors[] = PhabricatorUser::describeValidUsername();
$e_username = '******';
} else {
$e_username = null;
}
}
if (!strlen($user->getRealName())) {
$errors[] = 'Real name is required.';
$e_realname = 'Required';
} else {
$e_realname = null;
}
if (!$errors) {
try {
$is_new = !$user->getID();
if (!$is_new) {
id(new PhabricatorUserEditor())->setActor($admin)->updateUser($user);
} else {
$email = id(new PhabricatorUserEmail())->setAddress($new_email)->setIsVerified(0);
id(new PhabricatorUserEditor())->setActor($admin)->createNewUser($user, $email);
}
if ($welcome_checked) {
$user->sendWelcomeEmail($admin);
}
$response = id(new AphrontRedirectResponse())->setURI('/people/edit/' . $user->getID() . '/?saved=true');
return $response;
} catch (AphrontQueryDuplicateKeyException $ex) {
$errors[] = 'Username and email must be unique.';
$same_username = id(new PhabricatorUser())->loadOneWhere('username = %s', $user->getUsername());
$same_email = id(new PhabricatorUserEmail())->loadOneWhere('address = %s', $new_email);
if ($same_username) {
$e_username = '******';
}
if ($same_email) {
$e_email = 'Duplicate';
}
}
}
}
$error_view = null;
if ($errors) {
$error_view = id(new AphrontErrorView())->setTitle('Form Errors')->setErrors($errors);
}
$form = new AphrontFormView();
$form->setUser($admin);
if ($user->getID()) {
$form->setAction('/people/edit/' . $user->getID() . '/');
} else {
$form->setAction('/people/edit/');
}
if ($user->getID()) {
$is_immutable = true;
} else {
$is_immutable = false;
}
$form->appendChild(id(new AphrontFormTextControl())->setLabel('Username')->setName('username')->setValue($user->getUsername())->setError($e_username)->setDisabled($is_immutable))->appendChild(id(new AphrontFormTextControl())->setLabel('Real Name')->setName('realname')->setValue($user->getRealName())->setError($e_realname));
if (!$user->getID()) {
$form->appendChild(id(new AphrontFormTextControl())->setLabel('Email')->setName('email')->setDisabled($is_immutable)->setValue($new_email)->setCaption(PhabricatorUserEmail::describeAllowedAddresses())->setError($e_email));
} else {
$email = $user->loadPrimaryEmail();
if ($email) {
$status = $email->getIsVerified() ? 'Verified' : 'Unverified';
} else {
$status = 'No Email Address';
}
$form->appendChild(id(new AphrontFormStaticControl())->setLabel('Email')->setValue($status));
$form->appendChild(id(new AphrontFormCheckboxControl())->addCheckbox('welcome', 1, 'Re-send "Welcome to Phabricator" email.', false));
}
$form->appendChild($this->getRoleInstructions());
if (!$user->getID()) {
$form->appendChild(id(new AphrontFormSelectControl())->setLabel('Role')->setName('role')->setValue('user')->setOptions(array('user' => 'Normal User', 'agent' => 'System Agent'))->setCaption('You can create a "system agent" account for bots, scripts, ' . 'etc.'))->appendChild(id(new AphrontFormCheckboxControl())->addCheckbox('welcome', 1, 'Send "Welcome to Phabricator" email.', $welcome_checked));
} else {
$roles = array();
if ($user->getIsSystemAgent()) {
$roles[] = 'System Agent';
}
if ($user->getIsAdmin()) {
$roles[] = 'Admin';
}
if ($user->getIsDisabled()) {
$roles[] = 'Disabled';
}
if (!$roles) {
$roles[] = 'Normal User';
}
$roles = implode(', ', $roles);
$form->appendChild(id(new AphrontFormStaticControl())->setLabel('Roles')->setValue($roles));
}
$form->appendChild(id(new AphrontFormSubmitControl())->setValue('Save'));
$panel = new AphrontPanelView();
if ($user->getID()) {
$panel->setHeader('Edit User');
} else {
$panel->setHeader('Create New User');
}
$panel->appendChild($form);
$panel->setWidth(AphrontPanelView::WIDTH_FORM);
return array($error_view, $panel);
}
public function processRequest()
{
$provider = $this->getOAuthProvider();
$oauth_info = $this->getOAuthInfo();
$request = $this->getRequest();
$errors = array();
$e_username = true;
$e_email = true;
$e_realname = true;
$user = new PhabricatorUser();
$user->setUsername($provider->retrieveUserAccountName());
$user->setRealName($provider->retrieveUserRealName());
$user->setEmail($provider->retrieveUserEmail());
if ($request->isFormPost()) {
$user->setUsername($request->getStr('username'));
$username = $user->getUsername();
if (!strlen($user->getUsername())) {
$e_username = '******';
$errors[] = 'Username is required.';
} else {
if (!PhabricatorUser::validateUsername($username)) {
$e_username = '******';
$errors[] = 'Username must consist of only numbers and letters.';
} else {
$e_username = null;
}
}
if ($user->getEmail() === null) {
$user->setEmail($request->getStr('email'));
if (!strlen($user->getEmail())) {
$e_email = 'Required';
$errors[] = 'Email is required.';
} else {
$e_email = null;
}
}
if (!strlen($user->getRealName())) {
$user->setRealName($request->getStr('realname'));
if (!strlen($user->getRealName())) {
$e_realname = 'Required';
$errors[] = 'Real name is required.';
} else {
$e_realname = null;
}
}
if (!$errors) {
$image = $provider->retrieveUserProfileImage();
if ($image) {
$file = PhabricatorFile::newFromFileData($image, array('name' => $provider->getProviderKey() . '-profile.jpg', 'authorPHID' => $user->getPHID()));
$user->setProfileImagePHID($file->getPHID());
}
try {
$user->save();
$oauth_info->setUserID($user->getID());
$oauth_info->save();
$session_key = $user->establishSession('web');
$request->setCookie('phusr', $user->getUsername());
$request->setCookie('phsid', $session_key);
return id(new AphrontRedirectResponse())->setURI('/');
} catch (AphrontQueryDuplicateKeyException $exception) {
$same_username = id(new PhabricatorUser())->loadOneWhere('userName = %s', $user->getUserName());
$same_email = id(new PhabricatorUser())->loadOneWhere('email = %s', $user->getEmail());
if ($same_username) {
$e_username = '******';
$errors[] = 'That username or email is not unique.';
} else {
if ($same_email) {
$e_email = 'Duplicate';
$errors[] = 'That email is not unique.';
} else {
throw $exception;
}
}
}
}
}
$error_view = null;
if ($errors) {
$error_view = new AphrontErrorView();
$error_view->setTitle('Registration Failed');
$error_view->setErrors($errors);
}
// Strip the URI down to the path, because otherwise we'll trigger
// external CSRF protection (by having a protocol in the form "action")
// and generate a form with no CSRF token.
$action_uri = new PhutilURI($provider->getRedirectURI());
$action_path = $action_uri->getPath();
$form = new AphrontFormView();
$form->addHiddenInput('token', $provider->getAccessToken())->addHiddenInput('expires', $oauth_info->getTokenExpires())->addHiddenInput('state', $this->getOAuthState())->setUser($request->getUser())->setAction($action_path)->appendChild(id(new AphrontFormTextControl())->setLabel('Username')->setName('username')->setValue($user->getUsername())->setError($e_username));
if ($provider->retrieveUserEmail() === null) {
$form->appendChild(id(new AphrontFormTextControl())->setLabel('Email')->setName('email')->setValue($request->getStr('email'))->setError($e_email));
}
if ($provider->retrieveUserRealName() === null) {
$form->appendChild(id(new AphrontFormTextControl())->setLabel('Real Name')->setName('realname')->setValue($request->getStr('realname'))->setError($e_realname));
}
$form->appendChild(id(new AphrontFormSubmitControl())->setValue('Create Account'));
$panel = new AphrontPanelView();
$panel->setHeader('Create New Account');
$panel->setWidth(AphrontPanelView::WIDTH_FORM);
$panel->appendChild($form);
return $this->buildStandardPageResponse(array($error_view, $panel), array('title' => 'Create New Account'));
}
