2013-01-07 21:48:39 +01:00
|
|
|
<?php
|
|
|
|
|
|
|
|
|
|
final class PhabricatorAuthenticationConfigOptions
|
|
|
|
|
extends PhabricatorApplicationConfigOptions {
|
|
|
|
|
|
|
|
|
|
public function getName() {
|
2014-06-09 20:36:49 +02:00
|
|
|
return pht('Authentication');
|
2013-01-07 21:48:39 +01:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
public function getDescription() {
|
2014-06-09 20:36:49 +02:00
|
|
|
return pht('Options relating to authentication.');
|
2013-01-07 21:48:39 +01:00
|
|
|
}
|
|
|
|
|
|
2016-01-28 17:40:22 +01:00
|
|
|
public function getIcon() {
|
2015-02-02 19:17:25 +01:00
|
|
|
return 'fa-key';
|
|
|
|
|
}
|
|
|
|
|
|
2015-02-09 22:10:56 +01:00
|
|
|
public function getGroup() {
|
|
|
|
|
return 'core';
|
|
|
|
|
}
|
|
|
|
|
|
2013-01-07 21:48:39 +01:00
|
|
|
public function getOptions() {
|
|
|
|
|
return array(
|
2013-11-13 20:24:56 +01:00
|
|
|
$this->newOption('auth.require-email-verification', 'bool', false)
|
2013-01-09 17:14:26 +01:00
|
|
|
->setBoolOptions(
|
2013-01-07 21:48:39 +01:00
|
|
|
array(
|
2014-06-09 20:36:49 +02:00
|
|
|
pht('Require email verification'),
|
2014-10-07 15:01:04 +02:00
|
|
|
pht("Don't require email verification"),
|
2013-01-07 22:50:03 +01:00
|
|
|
))
|
2013-01-07 21:48:39 +01:00
|
|
|
->setSummary(
|
2014-06-09 20:36:49 +02:00
|
|
|
pht('Require email verification before a user can log in.'))
|
2013-01-07 21:48:39 +01:00
|
|
|
->setDescription(
|
|
|
|
|
pht(
|
2014-06-09 20:36:49 +02:00
|
|
|
'If true, email addresses must be verified (by clicking a link '.
|
|
|
|
|
'in an email) before a user can login. By default, verification '.
|
|
|
|
|
'is optional unless {{auth.email-domains}} is nonempty.')),
|
2013-11-13 20:24:56 +01:00
|
|
|
$this->newOption('auth.require-approval', 'bool', true)
|
|
|
|
|
->setBoolOptions(
|
|
|
|
|
array(
|
2014-06-09 20:36:49 +02:00
|
|
|
pht('Require Administrators to Approve Accounts'),
|
2013-11-13 20:24:56 +01:00
|
|
|
pht("Don't Require Manual Approval"),
|
|
|
|
|
))
|
|
|
|
|
->setSummary(
|
2014-06-09 20:36:49 +02:00
|
|
|
pht('Require administrators to approve new accounts.'))
|
2013-11-13 20:24:56 +01:00
|
|
|
->setDescription(
|
|
|
|
|
pht(
|
|
|
|
|
"Newly registered Phabricator accounts can either be placed ".
|
|
|
|
|
"into a manual approval queue for administrative review, or ".
|
|
|
|
|
"automatically activated immediately. The approval queue is ".
|
|
|
|
|
"enabled by default because it gives you greater control over ".
|
|
|
|
|
"who can register an account and access Phabricator.\n\n".
|
|
|
|
|
"If your install is completely public, or on a VPN, or users can ".
|
|
|
|
|
"only register with a trusted provider like LDAP, or you've ".
|
|
|
|
|
"otherwise configured Phabricator to prevent unauthorized ".
|
|
|
|
|
"registration, you can disable the queue to reduce administrative ".
|
|
|
|
|
"overhead.\n\n".
|
|
|
|
|
"NOTE: Before you disable the queue, make sure ".
|
2015-05-22 09:27:56 +02:00
|
|
|
"{{auth.email-domains}} is configured correctly ".
|
|
|
|
|
"for your install!")),
|
2013-11-13 20:24:56 +01:00
|
|
|
$this->newOption('auth.email-domains', 'list<string>', array())
|
2014-06-09 20:36:49 +02:00
|
|
|
->setSummary(pht('Only allow registration from particular domains.'))
|
2013-01-07 21:48:39 +01:00
|
|
|
->setDescription(
|
|
|
|
|
pht(
|
|
|
|
|
"You can restrict allowed email addresses to certain domains ".
|
2013-11-13 20:24:56 +01:00
|
|
|
"(like `yourcompany.com`) by setting a list of allowed domains ".
|
|
|
|
|
"here.\n\nUsers will only be allowed to register using email ".
|
2013-01-07 21:48:39 +01:00
|
|
|
"addresses at one of the domains, and will only be able to add ".
|
|
|
|
|
"new email addresses for these domains. If you configure this, ".
|
2013-11-13 20:24:56 +01:00
|
|
|
"it implies {{auth.require-email-verification}}.\n\n".
|
|
|
|
|
"You should omit the `@` from domains. Note that the domain must ".
|
|
|
|
|
"match exactly. If you allow `yourcompany.com`, that permits ".
|
|
|
|
|
"`joe@yourcompany.com` but rejects `joe@mail.yourcompany.com`."))
|
2013-01-07 21:48:39 +01:00
|
|
|
->addExample(
|
|
|
|
|
"yourcompany.com\nmail.yourcompany.com",
|
|
|
|
|
pht('Valid Setting')),
|
2013-11-13 20:24:56 +01:00
|
|
|
$this->newOption('account.editable', 'bool', true)
|
2013-01-09 17:14:26 +01:00
|
|
|
->setBoolOptions(
|
2013-01-07 21:48:39 +01:00
|
|
|
array(
|
2014-06-09 20:36:49 +02:00
|
|
|
pht('Allow editing'),
|
2014-10-07 15:01:04 +02:00
|
|
|
pht('Prevent editing'),
|
2013-01-07 22:50:03 +01:00
|
|
|
))
|
2013-01-07 21:48:39 +01:00
|
|
|
->setSummary(
|
|
|
|
|
pht(
|
2015-05-22 09:27:56 +02:00
|
|
|
'Determines whether or not basic account information is editable.'))
|
2013-01-07 21:48:39 +01:00
|
|
|
->setDescription(
|
|
|
|
|
pht(
|
2017-02-06 14:01:03 +01:00
|
|
|
'This option controls whether users can edit account email '.
|
|
|
|
|
'addresses and profile real names.'.
|
|
|
|
|
"\n\n".
|
|
|
|
|
'If you set up Phabricator to automatically synchronize account '.
|
|
|
|
|
'information from some other authoritative system, you can '.
|
|
|
|
|
'prevent users from making these edits to ensure information '.
|
|
|
|
|
'remains consistent across both systems.')),
|
2013-11-13 20:24:56 +01:00
|
|
|
$this->newOption('account.minimum-password-length', 'int', 8)
|
2014-06-09 20:36:49 +02:00
|
|
|
->setSummary(pht('Minimum password length.'))
|
2013-01-07 21:48:39 +01:00
|
|
|
->setDescription(
|
|
|
|
|
pht(
|
2014-06-09 20:36:49 +02:00
|
|
|
'When users set or reset a password, it must have at least this '.
|
|
|
|
|
'many characters.')),
|
2013-01-07 21:48:39 +01:00
|
|
|
);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
}
|
