2011-01-24 03:09:16 +01:00
|
|
|
<?php
|
|
|
|
|
|
|
|
abstract class PhabricatorPeopleController extends PhabricatorController {
|
|
|
|
|
2013-03-19 21:48:50 +01:00
|
|
|
public function shouldRequireAdmin() {
|
|
|
|
return true;
|
|
|
|
}
|
|
|
|
|
2012-08-14 00:27:21 +02:00
|
|
|
public function buildSideNavView() {
|
|
|
|
$nav = new AphrontSideNavFilterView();
|
|
|
|
$nav->setBaseURI(new PhutilURI($this->getApplicationURI()));
|
|
|
|
|
2013-05-31 19:51:20 +02:00
|
|
|
$viewer = $this->getRequest()->getUser();
|
|
|
|
|
|
|
|
id(new PhabricatorPeopleSearchEngine())
|
|
|
|
->setViewer($viewer)
|
|
|
|
->addNavigationItems($nav->getMenu());
|
Provide an activity log for login and administrative actions
Summary: This isn't complete, but I figured I'd ship it for review while it's still smallish.
Provide an activity log for high-level system actions (logins, admin actions). This basically allows two things to happen:
- The log itself is useful if there are shenanigans.
- Password login can check it and start CAPTCHA'ing users after a few failed attempts.
I'm going to change how the admin stuff works a little bit too, since right now you can make someone an agent, grab their certificate, revert them back to a normal user, and then act on their behalf over Conduit. This is a little silly, I'm going to move "agent" to the create workflow instead. I'll also add a confirm/email step to the administrative password reset flow.
Test Plan: Took various administrative and non-administrative actions, they appeared in the logs. Filtered the logs in a bunch of different ways.
Reviewers: jungejason, tuomaspelkonen, aran
CC:
Differential Revision: 302
2011-05-18 03:42:21 +02:00
|
|
|
|
2013-05-31 19:51:20 +02:00
|
|
|
if ($viewer->getIsAdmin()) {
|
|
|
|
$nav->addLabel(pht('User Administration'));
|
2013-06-20 20:18:11 +02:00
|
|
|
if (PhabricatorAuthProviderLDAP::getLDAPProvider()) {
|
2013-05-31 19:51:20 +02:00
|
|
|
$nav->addFilter('ldap', pht('Import from LDAP'));
|
|
|
|
}
|
Provide an activity log for login and administrative actions
Summary: This isn't complete, but I figured I'd ship it for review while it's still smallish.
Provide an activity log for high-level system actions (logins, admin actions). This basically allows two things to happen:
- The log itself is useful if there are shenanigans.
- Password login can check it and start CAPTCHA'ing users after a few failed attempts.
I'm going to change how the admin stuff works a little bit too, since right now you can make someone an agent, grab their certificate, revert them back to a normal user, and then act on their behalf over Conduit. This is a little silly, I'm going to move "agent" to the create workflow instead. I'll also add a confirm/email step to the administrative password reset flow.
Test Plan: Took various administrative and non-administrative actions, they appeared in the logs. Filtered the logs in a bunch of different ways.
Reviewers: jungejason, tuomaspelkonen, aran
CC:
Differential Revision: 302
2011-05-18 03:42:21 +02:00
|
|
|
|
2013-05-31 19:51:20 +02:00
|
|
|
$nav->addFilter('logs', pht('Activity Logs'));
|
|
|
|
}
|
2011-01-24 03:09:16 +01:00
|
|
|
|
2012-08-14 00:27:21 +02:00
|
|
|
return $nav;
|
2011-01-24 03:09:16 +01:00
|
|
|
}
|
|
|
|
|
2013-02-21 23:10:22 +01:00
|
|
|
public function buildApplicationMenu() {
|
|
|
|
return $this->buildSideNavView()->getMenu();
|
|
|
|
}
|
|
|
|
|
|
|
|
public function buildApplicationCrumbs() {
|
|
|
|
$crumbs = parent::buildApplicationCrumbs();
|
2013-03-19 21:48:50 +01:00
|
|
|
|
2013-05-31 19:51:20 +02:00
|
|
|
$viewer = $this->getRequest()->getUser();
|
|
|
|
|
|
|
|
if ($viewer->getIsAdmin()) {
|
|
|
|
$crumbs->addAction(
|
2013-06-05 17:41:43 +02:00
|
|
|
id(new PHUIListItemView())
|
2013-05-31 19:51:20 +02:00
|
|
|
->setName(pht('Create New User'))
|
2014-04-02 21:06:27 +02:00
|
|
|
->setHref($this->getApplicationURI('create/'))
|
2014-05-12 19:08:32 +02:00
|
|
|
->setIcon('fa-plus-square'));
|
2013-05-31 19:51:20 +02:00
|
|
|
}
|
2013-02-21 23:10:22 +01:00
|
|
|
|
|
|
|
return $crumbs;
|
|
|
|
}
|
|
|
|
|
2011-01-24 03:09:16 +01:00
|
|
|
}
|