phorge-phorge/src/applications/people/controller/PhabricatorPeopleEmpowerController.php

<?php

final class PhabricatorPeopleEmpowerController
  extends PhabricatorPeopleController {

  public function handleRequest(AphrontRequest $request) {
    $viewer = $this->getViewer();
    $id = $request->getURIData('id');

    $user = id(new PhabricatorPeopleQuery())
      ->setViewer($viewer)
      ->withIDs(array($id))
      ->executeOne();
    if (!$user) {
      return new Aphront404Response();
    }

    $done_uri = $this->getApplicationURI("manage/{$id}/");

    id(new PhabricatorAuthSessionEngine())->requireHighSecuritySession(
      $viewer,
      $request,
      $done_uri);

    if ($user->getPHID() == $viewer->getPHID()) {
      return $this->newDialog()
        ->setTitle(pht('Your Way is Blocked'))
        ->appendParagraph(
          pht(
            'After a time, your efforts fail. You can not adjust your own '.
            'status as an administrator.'))
        ->addCancelButton($done_uri, pht('Accept Fate'));
    }

    if ($request->isFormPost()) {
      id(new PhabricatorUserEditor())
        ->setActor($viewer)
        ->makeAdminUser($user, !$user->getIsAdmin());

      return id(new AphrontRedirectResponse())->setURI($done_uri);
    }

    if ($user->getIsAdmin()) {
      $title = pht('Remove as Administrator?');
      $short = pht('Remove Administrator');
      $body = pht(
        'Remove %s as an administrator? They will no longer be able to '.
        'perform administrative functions on this Phabricator install.',
        phutil_tag('strong', array(), $user->getUsername()));
      $submit = pht('Remove Administrator');
    } else {
      $title = pht('Make Administrator?');
      $short = pht('Make Administrator');
      $body = pht(
        'Empower %s as an administrator? They will be able to create users, '.
        'approve users, make and remove administrators, delete accounts, and '.
        'perform other administrative functions on this Phabricator install.',
        phutil_tag('strong', array(), $user->getUsername()));
      $submit = pht('Make Administrator');
    }

    return $this->newDialog()
      ->setTitle($title)
      ->setShortTitle($short)
      ->appendParagraph($body)
      ->addCancelButton($done_uri)
      ->addSubmitButton($submit);
  }

}
Put Disable/Admin flags on profiles Summary: Ref T4065. Moves the "disable / enable" and "make / unmake administrator" actions to profiles. Test Plan: Disabled and enabled users, and made and unmade administrators. Reviewers: btrahan Reviewed By: btrahan Subscribers: epriestley Maniphest Tasks: T4065 Differential Revision: https://secure.phabricator.com/D8666 2014-04-02 12:05:49 -07:00			`<?php`

			`final class PhabricatorPeopleEmpowerController`
			`extends PhabricatorPeopleController {`

Move user editing/management actions to a separate "Manage" item, like projects Summary: This improves consistency (by making this UI more similar to the projects UI) and gives us more flexibility the next time we update user profiles. Test Plan: {F1068889} Took all the actions (probably?) to check that all the redirects were updated. Reviewers: chad Reviewed By: chad Differential Revision: https://secure.phabricator.com/D15104 2016-01-24 07:07:17 -08:00			`public function handleRequest(AphrontRequest $request) {`
			`$viewer = $this->getViewer();`
			`$id = $request->getURIData('id');`
Put Disable/Admin flags on profiles Summary: Ref T4065. Moves the "disable / enable" and "make / unmake administrator" actions to profiles. Test Plan: Disabled and enabled users, and made and unmade administrators. Reviewers: btrahan Reviewed By: btrahan Subscribers: epriestley Maniphest Tasks: T4065 Differential Revision: https://secure.phabricator.com/D8666 2014-04-02 12:05:49 -07:00
			`$user = id(new PhabricatorPeopleQuery())`
Move user editing/management actions to a separate "Manage" item, like projects Summary: This improves consistency (by making this UI more similar to the projects UI) and gives us more flexibility the next time we update user profiles. Test Plan: {F1068889} Took all the actions (probably?) to check that all the redirects were updated. Reviewers: chad Reviewed By: chad Differential Revision: https://secure.phabricator.com/D15104 2016-01-24 07:07:17 -08:00			`->setViewer($viewer)`
			`->withIDs(array($id))`
Put Disable/Admin flags on profiles Summary: Ref T4065. Moves the "disable / enable" and "make / unmake administrator" actions to profiles. Test Plan: Disabled and enabled users, and made and unmade administrators. Reviewers: btrahan Reviewed By: btrahan Subscribers: epriestley Maniphest Tasks: T4065 Differential Revision: https://secure.phabricator.com/D8666 2014-04-02 12:05:49 -07:00			`->executeOne();`
			`if (!$user) {`
			`return new Aphront404Response();`
			`}`

Move user editing/management actions to a separate "Manage" item, like projects Summary: This improves consistency (by making this UI more similar to the projects UI) and gives us more flexibility the next time we update user profiles. Test Plan: {F1068889} Took all the actions (probably?) to check that all the redirects were updated. Reviewers: chad Reviewed By: chad Differential Revision: https://secure.phabricator.com/D15104 2016-01-24 07:07:17 -08:00			`$done_uri = $this->getApplicationURI("manage/{$id}/");`
Put Disable/Admin flags on profiles Summary: Ref T4065. Moves the "disable / enable" and "make / unmake administrator" actions to profiles. Test Plan: Disabled and enabled users, and made and unmade administrators. Reviewers: btrahan Reviewed By: btrahan Subscribers: epriestley Maniphest Tasks: T4065 Differential Revision: https://secure.phabricator.com/D8666 2014-04-02 12:05:49 -07:00
Make many actions require high security Summary: Ref T4398. Protects these actions behind a security barrier: - Link external account. - Retrieve Conduit token. - Reveal Passphrase credential. - Create user. - Admin/de-admin user. - Rename user. - Show conduit certificate. - Make primary email. - Change password. - Change VCS password. - Add SSH key. - Generate SSH key. Test Plan: Tried to take each action and was prompted for two-factor. Reviewers: btrahan Reviewed By: btrahan Subscribers: epriestley Maniphest Tasks: T4398 Differential Revision: https://secure.phabricator.com/D8921 2014-04-30 17:44:59 -07:00			`id(new PhabricatorAuthSessionEngine())->requireHighSecuritySession(`
Move user editing/management actions to a separate "Manage" item, like projects Summary: This improves consistency (by making this UI more similar to the projects UI) and gives us more flexibility the next time we update user profiles. Test Plan: {F1068889} Took all the actions (probably?) to check that all the redirects were updated. Reviewers: chad Reviewed By: chad Differential Revision: https://secure.phabricator.com/D15104 2016-01-24 07:07:17 -08:00			`$viewer,`
Make many actions require high security Summary: Ref T4398. Protects these actions behind a security barrier: - Link external account. - Retrieve Conduit token. - Reveal Passphrase credential. - Create user. - Admin/de-admin user. - Rename user. - Show conduit certificate. - Make primary email. - Change password. - Change VCS password. - Add SSH key. - Generate SSH key. Test Plan: Tried to take each action and was prompted for two-factor. Reviewers: btrahan Reviewed By: btrahan Subscribers: epriestley Maniphest Tasks: T4398 Differential Revision: https://secure.phabricator.com/D8921 2014-04-30 17:44:59 -07:00			`$request,`
Move user editing/management actions to a separate "Manage" item, like projects Summary: This improves consistency (by making this UI more similar to the projects UI) and gives us more flexibility the next time we update user profiles. Test Plan: {F1068889} Took all the actions (probably?) to check that all the redirects were updated. Reviewers: chad Reviewed By: chad Differential Revision: https://secure.phabricator.com/D15104 2016-01-24 07:07:17 -08:00			`$done_uri);`
Make many actions require high security Summary: Ref T4398. Protects these actions behind a security barrier: - Link external account. - Retrieve Conduit token. - Reveal Passphrase credential. - Create user. - Admin/de-admin user. - Rename user. - Show conduit certificate. - Make primary email. - Change password. - Change VCS password. - Add SSH key. - Generate SSH key. Test Plan: Tried to take each action and was prompted for two-factor. Reviewers: btrahan Reviewed By: btrahan Subscribers: epriestley Maniphest Tasks: T4398 Differential Revision: https://secure.phabricator.com/D8921 2014-04-30 17:44:59 -07:00
Move user editing/management actions to a separate "Manage" item, like projects Summary: This improves consistency (by making this UI more similar to the projects UI) and gives us more flexibility the next time we update user profiles. Test Plan: {F1068889} Took all the actions (probably?) to check that all the redirects were updated. Reviewers: chad Reviewed By: chad Differential Revision: https://secure.phabricator.com/D15104 2016-01-24 07:07:17 -08:00			`if ($user->getPHID() == $viewer->getPHID()) {`
Put Disable/Admin flags on profiles Summary: Ref T4065. Moves the "disable / enable" and "make / unmake administrator" actions to profiles. Test Plan: Disabled and enabled users, and made and unmade administrators. Reviewers: btrahan Reviewed By: btrahan Subscribers: epriestley Maniphest Tasks: T4065 Differential Revision: https://secure.phabricator.com/D8666 2014-04-02 12:05:49 -07:00			`return $this->newDialog()`
			`->setTitle(pht('Your Way is Blocked'))`
			`->appendParagraph(`
			`pht(`
			`'After a time, your efforts fail. You can not adjust your own '.`
			`'status as an administrator.'))`
Move user editing/management actions to a separate "Manage" item, like projects Summary: This improves consistency (by making this UI more similar to the projects UI) and gives us more flexibility the next time we update user profiles. Test Plan: {F1068889} Took all the actions (probably?) to check that all the redirects were updated. Reviewers: chad Reviewed By: chad Differential Revision: https://secure.phabricator.com/D15104 2016-01-24 07:07:17 -08:00			`->addCancelButton($done_uri, pht('Accept Fate'));`
Put Disable/Admin flags on profiles Summary: Ref T4065. Moves the "disable / enable" and "make / unmake administrator" actions to profiles. Test Plan: Disabled and enabled users, and made and unmade administrators. Reviewers: btrahan Reviewed By: btrahan Subscribers: epriestley Maniphest Tasks: T4065 Differential Revision: https://secure.phabricator.com/D8666 2014-04-02 12:05:49 -07:00			`}`

			`if ($request->isFormPost()) {`
			`id(new PhabricatorUserEditor())`
Move user editing/management actions to a separate "Manage" item, like projects Summary: This improves consistency (by making this UI more similar to the projects UI) and gives us more flexibility the next time we update user profiles. Test Plan: {F1068889} Took all the actions (probably?) to check that all the redirects were updated. Reviewers: chad Reviewed By: chad Differential Revision: https://secure.phabricator.com/D15104 2016-01-24 07:07:17 -08:00			`->setActor($viewer)`
Put Disable/Admin flags on profiles Summary: Ref T4065. Moves the "disable / enable" and "make / unmake administrator" actions to profiles. Test Plan: Disabled and enabled users, and made and unmade administrators. Reviewers: btrahan Reviewed By: btrahan Subscribers: epriestley Maniphest Tasks: T4065 Differential Revision: https://secure.phabricator.com/D8666 2014-04-02 12:05:49 -07:00			`->makeAdminUser($user, !$user->getIsAdmin());`

Move user editing/management actions to a separate "Manage" item, like projects Summary: This improves consistency (by making this UI more similar to the projects UI) and gives us more flexibility the next time we update user profiles. Test Plan: {F1068889} Took all the actions (probably?) to check that all the redirects were updated. Reviewers: chad Reviewed By: chad Differential Revision: https://secure.phabricator.com/D15104 2016-01-24 07:07:17 -08:00			`return id(new AphrontRedirectResponse())->setURI($done_uri);`
Put Disable/Admin flags on profiles Summary: Ref T4065. Moves the "disable / enable" and "make / unmake administrator" actions to profiles. Test Plan: Disabled and enabled users, and made and unmade administrators. Reviewers: btrahan Reviewed By: btrahan Subscribers: epriestley Maniphest Tasks: T4065 Differential Revision: https://secure.phabricator.com/D8666 2014-04-02 12:05:49 -07:00			`}`

			`if ($user->getIsAdmin()) {`
			`$title = pht('Remove as Administrator?');`
			`$short = pht('Remove Administrator');`
			`$body = pht(`
			`'Remove %s as an administrator? They will no longer be able to '.`
			`'perform administrative functions on this Phabricator install.',`
			`phutil_tag('strong', array(), $user->getUsername()));`
			`$submit = pht('Remove Administrator');`
			`} else {`
			`$title = pht('Make Administrator?');`
			`$short = pht('Make Administrator');`
			`$body = pht(`
Fix typo in people controller 2014-12-19 09:48:55 -08:00			`'Empower %s as an administrator? They will be able to create users, '.`
Put Disable/Admin flags on profiles Summary: Ref T4065. Moves the "disable / enable" and "make / unmake administrator" actions to profiles. Test Plan: Disabled and enabled users, and made and unmade administrators. Reviewers: btrahan Reviewed By: btrahan Subscribers: epriestley Maniphest Tasks: T4065 Differential Revision: https://secure.phabricator.com/D8666 2014-04-02 12:05:49 -07:00			`'approve users, make and remove administrators, delete accounts, and '.`
			`'perform other administrative functions on this Phabricator install.',`
			`phutil_tag('strong', array(), $user->getUsername()));`
			`$submit = pht('Make Administrator');`
			`}`

			`return $this->newDialog()`
			`->setTitle($title)`
			`->setShortTitle($short)`
			`->appendParagraph($body)`
Move user editing/management actions to a separate "Manage" item, like projects Summary: This improves consistency (by making this UI more similar to the projects UI) and gives us more flexibility the next time we update user profiles. Test Plan: {F1068889} Took all the actions (probably?) to check that all the redirects were updated. Reviewers: chad Reviewed By: chad Differential Revision: https://secure.phabricator.com/D15104 2016-01-24 07:07:17 -08:00			`->addCancelButton($done_uri)`
Put Disable/Admin flags on profiles Summary: Ref T4065. Moves the "disable / enable" and "make / unmake administrator" actions to profiles. Test Plan: Disabled and enabled users, and made and unmade administrators. Reviewers: btrahan Reviewed By: btrahan Subscribers: epriestley Maniphest Tasks: T4065 Differential Revision: https://secure.phabricator.com/D8666 2014-04-02 12:05:49 -07:00			`->addSubmitButton($submit);`
			`}`

			`}`