2011-01-24 03:09:16 +01:00
|
|
|
<?php
|
|
|
|
|
|
|
|
|
|
abstract class PhabricatorPeopleController extends PhabricatorController {
|
|
|
|
|
|
2013-03-19 21:48:50 +01:00
|
|
|
public function shouldRequireAdmin() {
|
|
|
|
|
return true;
|
|
|
|
|
}
|
|
|
|
|
|
2012-08-14 00:27:21 +02:00
|
|
|
public function buildSideNavView() {
|
|
|
|
|
$nav = new AphrontSideNavFilterView();
|
|
|
|
|
$nav->setBaseURI(new PhutilURI($this->getApplicationURI()));
|
|
|
|
|
|
2013-03-19 21:48:50 +01:00
|
|
|
$nav->addLabel(pht('User Administration'));
|
|
|
|
|
$nav->addFilter('edit', pht('Create New User'));
|
|
|
|
|
if (PhabricatorEnv::getEnvConfig('ldap.auth-enabled') === true) {
|
|
|
|
|
$nav->addFilter('ldap', pht('Import from LDAP'));
|
Provide an activity log for login and administrative actions
Summary: This isn't complete, but I figured I'd ship it for review while it's still smallish.
Provide an activity log for high-level system actions (logins, admin actions). This basically allows two things to happen:
- The log itself is useful if there are shenanigans.
- Password login can check it and start CAPTCHA'ing users after a few failed attempts.
I'm going to change how the admin stuff works a little bit too, since right now you can make someone an agent, grab their certificate, revert them back to a normal user, and then act on their behalf over Conduit. This is a little silly, I'm going to move "agent" to the create workflow instead. I'll also add a confirm/email step to the administrative password reset flow.
Test Plan: Took various administrative and non-administrative actions, they appeared in the logs. Filtered the logs in a bunch of different ways.
Reviewers: jungejason, tuomaspelkonen, aran
CC:
Differential Revision: 302
2011-05-18 03:42:21 +02:00
|
|
|
}
|
|
|
|
|
|
2013-02-21 23:10:22 +01:00
|
|
|
$nav->addFilter('people',
|
|
|
|
|
pht('User Directory'),
|
|
|
|
|
$this->getApplicationURI());
|
Provide an activity log for login and administrative actions
Summary: This isn't complete, but I figured I'd ship it for review while it's still smallish.
Provide an activity log for high-level system actions (logins, admin actions). This basically allows two things to happen:
- The log itself is useful if there are shenanigans.
- Password login can check it and start CAPTCHA'ing users after a few failed attempts.
I'm going to change how the admin stuff works a little bit too, since right now you can make someone an agent, grab their certificate, revert them back to a normal user, and then act on their behalf over Conduit. This is a little silly, I'm going to move "agent" to the create workflow instead. I'll also add a confirm/email step to the administrative password reset flow.
Test Plan: Took various administrative and non-administrative actions, they appeared in the logs. Filtered the logs in a bunch of different ways.
Reviewers: jungejason, tuomaspelkonen, aran
CC:
Differential Revision: 302
2011-05-18 03:42:21 +02:00
|
|
|
|
2013-03-19 21:48:50 +01:00
|
|
|
$nav->addFilter('logs', pht('Activity Logs'));
|
2011-01-24 03:09:16 +01:00
|
|
|
|
2012-08-14 00:27:21 +02:00
|
|
|
return $nav;
|
2011-01-24 03:09:16 +01:00
|
|
|
}
|
|
|
|
|
|
2013-02-21 23:10:22 +01:00
|
|
|
public function buildApplicationMenu() {
|
|
|
|
|
return $this->buildSideNavView()->getMenu();
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
public function buildApplicationCrumbs() {
|
|
|
|
|
$crumbs = parent::buildApplicationCrumbs();
|
2013-03-19 21:48:50 +01:00
|
|
|
|
|
|
|
|
$crumbs->addAction(
|
|
|
|
|
id(new PhabricatorMenuItemView())
|
|
|
|
|
->setName(pht('Create New User'))
|
|
|
|
|
->setHref($this->getApplicationURI('edit'))
|
|
|
|
|
->setIcon('create'));
|
2013-02-21 23:10:22 +01:00
|
|
|
|
|
|
|
|
return $crumbs;
|
|
|
|
|
}
|
|
|
|
|
|
2011-01-24 03:09:16 +01:00
|
|
|
}
|
