2012-05-07 22:35:09 +02:00
|
|
|
<?php
|
|
|
|
|
|
2013-05-31 19:51:20 +02:00
|
|
|
final class PhabricatorPeopleQuery
|
|
|
|
|
extends PhabricatorCursorPagedPolicyAwareQuery {
|
|
|
|
|
|
2012-05-07 22:35:09 +02:00
|
|
|
private $usernames;
|
|
|
|
|
private $realnames;
|
|
|
|
|
private $emails;
|
|
|
|
|
private $phids;
|
|
|
|
|
private $ids;
|
2013-05-31 19:51:20 +02:00
|
|
|
private $dateCreatedAfter;
|
|
|
|
|
private $dateCreatedBefore;
|
|
|
|
|
private $isAdmin;
|
|
|
|
|
private $isSystemAgent;
|
|
|
|
|
private $isDisabled;
|
|
|
|
|
private $nameLike;
|
2012-05-07 22:35:09 +02:00
|
|
|
|
Allow installs to require email verification
Summary:
Allow installs to require users to verify email addresses before they can use Phabricator. If a user logs in without a verified email address, they're given instructions to verify their address.
This isn't too useful on its own since we don't actually have arbitrary email registration, but the next step is to allow installs to restrict email to only some domains (e.g., @mycompany.com).
Test Plan:
- Verification
- Set verification requirement to `true`.
- Tried to use Phabricator with an unverified account, was told to verify.
- Tried to use Conduit, was given a verification error.
- Verified account, used Phabricator.
- Unverified account, reset password, verified implicit verification, used Phabricator.
- People Admin Interface
- Viewed as admin. Clicked "Administrate User".
- Viewed as non-admin
- Sanity Checks
- Used Conduit normally from web/CLI with a verified account.
- Logged in/out.
- Sent password reset email.
- Created a new user.
- Logged in with an unverified user but with the configuration set to off.
Reviewers: btrahan, vrana, jungejason
Reviewed By: btrahan
CC: aran, csilvers
Maniphest Tasks: T1184
Differential Revision: https://secure.phabricator.com/D2520
2012-05-21 21:47:38 +02:00
|
|
|
private $needPrimaryEmail;
|
2013-03-24 14:42:31 +01:00
|
|
|
private $needProfile;
|
|
|
|
|
private $needProfileImage;
|
2013-07-26 23:05:19 +02:00
|
|
|
private $needStatus;
|
Allow installs to require email verification
Summary:
Allow installs to require users to verify email addresses before they can use Phabricator. If a user logs in without a verified email address, they're given instructions to verify their address.
This isn't too useful on its own since we don't actually have arbitrary email registration, but the next step is to allow installs to restrict email to only some domains (e.g., @mycompany.com).
Test Plan:
- Verification
- Set verification requirement to `true`.
- Tried to use Phabricator with an unverified account, was told to verify.
- Tried to use Conduit, was given a verification error.
- Verified account, used Phabricator.
- Unverified account, reset password, verified implicit verification, used Phabricator.
- People Admin Interface
- Viewed as admin. Clicked "Administrate User".
- Viewed as non-admin
- Sanity Checks
- Used Conduit normally from web/CLI with a verified account.
- Logged in/out.
- Sent password reset email.
- Created a new user.
- Logged in with an unverified user but with the configuration set to off.
Reviewers: btrahan, vrana, jungejason
Reviewed By: btrahan
CC: aran, csilvers
Maniphest Tasks: T1184
Differential Revision: https://secure.phabricator.com/D2520
2012-05-21 21:47:38 +02:00
|
|
|
|
2013-05-31 19:51:20 +02:00
|
|
|
public function withIDs(array $ids) {
|
2012-05-07 22:35:09 +02:00
|
|
|
$this->ids = $ids;
|
|
|
|
|
return $this;
|
|
|
|
|
}
|
2013-05-31 19:51:20 +02:00
|
|
|
|
|
|
|
|
public function withPHIDs(array $phids) {
|
2012-05-07 22:35:09 +02:00
|
|
|
$this->phids = $phids;
|
|
|
|
|
return $this;
|
|
|
|
|
}
|
2013-05-31 19:51:20 +02:00
|
|
|
|
2012-05-07 22:35:09 +02:00
|
|
|
public function withEmails(array $emails) {
|
|
|
|
|
$this->emails = $emails;
|
|
|
|
|
return $this;
|
|
|
|
|
}
|
2013-05-31 19:51:20 +02:00
|
|
|
|
2012-05-07 22:35:09 +02:00
|
|
|
public function withRealnames(array $realnames) {
|
|
|
|
|
$this->realnames = $realnames;
|
|
|
|
|
return $this;
|
|
|
|
|
}
|
2013-05-31 19:51:20 +02:00
|
|
|
|
2012-05-07 22:35:09 +02:00
|
|
|
public function withUsernames(array $usernames) {
|
|
|
|
|
$this->usernames = $usernames;
|
|
|
|
|
return $this;
|
|
|
|
|
}
|
|
|
|
|
|
2013-05-31 19:51:20 +02:00
|
|
|
public function withDateCreatedBefore($date_created_before) {
|
|
|
|
|
$this->dateCreatedBefore = $date_created_before;
|
|
|
|
|
return $this;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
public function withDateCreatedAfter($date_created_after) {
|
|
|
|
|
$this->dateCreatedAfter = $date_created_after;
|
|
|
|
|
return $this;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
public function withIsAdmin($admin) {
|
|
|
|
|
$this->isAdmin = $admin;
|
|
|
|
|
return $this;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
public function withIsSystemAgent($system_agent) {
|
|
|
|
|
$this->isSystemAgent = $system_agent;
|
|
|
|
|
return $this;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
public function withIsDisabled($disabled) {
|
|
|
|
|
$this->isDisabled = $disabled;
|
|
|
|
|
return $this;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
public function withNameLike($like) {
|
|
|
|
|
$this->nameLike = $like;
|
|
|
|
|
return $this;
|
|
|
|
|
}
|
|
|
|
|
|
Allow installs to require email verification
Summary:
Allow installs to require users to verify email addresses before they can use Phabricator. If a user logs in without a verified email address, they're given instructions to verify their address.
This isn't too useful on its own since we don't actually have arbitrary email registration, but the next step is to allow installs to restrict email to only some domains (e.g., @mycompany.com).
Test Plan:
- Verification
- Set verification requirement to `true`.
- Tried to use Phabricator with an unverified account, was told to verify.
- Tried to use Conduit, was given a verification error.
- Verified account, used Phabricator.
- Unverified account, reset password, verified implicit verification, used Phabricator.
- People Admin Interface
- Viewed as admin. Clicked "Administrate User".
- Viewed as non-admin
- Sanity Checks
- Used Conduit normally from web/CLI with a verified account.
- Logged in/out.
- Sent password reset email.
- Created a new user.
- Logged in with an unverified user but with the configuration set to off.
Reviewers: btrahan, vrana, jungejason
Reviewed By: btrahan
CC: aran, csilvers
Maniphest Tasks: T1184
Differential Revision: https://secure.phabricator.com/D2520
2012-05-21 21:47:38 +02:00
|
|
|
public function needPrimaryEmail($need) {
|
|
|
|
|
$this->needPrimaryEmail = $need;
|
|
|
|
|
return $this;
|
|
|
|
|
}
|
|
|
|
|
|
2013-03-24 14:42:31 +01:00
|
|
|
public function needProfile($need) {
|
|
|
|
|
$this->needProfile = $need;
|
|
|
|
|
return $this;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
public function needProfileImage($need) {
|
|
|
|
|
$this->needProfileImage = $need;
|
|
|
|
|
return $this;
|
|
|
|
|
}
|
|
|
|
|
|
2013-07-26 23:05:19 +02:00
|
|
|
public function needStatus($need) {
|
|
|
|
|
$this->needStatus = $need;
|
|
|
|
|
return $this;
|
|
|
|
|
}
|
|
|
|
|
|
2013-05-31 19:51:20 +02:00
|
|
|
public function loadPage() {
|
2012-05-07 22:35:09 +02:00
|
|
|
$table = new PhabricatorUser();
|
|
|
|
|
$conn_r = $table->establishConnection('r');
|
|
|
|
|
|
|
|
|
|
$data = queryfx_all(
|
|
|
|
|
$conn_r,
|
2013-05-31 19:51:20 +02:00
|
|
|
'SELECT * FROM %T user %Q %Q %Q %Q',
|
2012-05-07 22:35:09 +02:00
|
|
|
$table->getTableName(),
|
2013-05-31 19:51:20 +02:00
|
|
|
$this->buildJoinsClause($conn_r),
|
|
|
|
|
$this->buildWhereClause($conn_r),
|
|
|
|
|
$this->buildOrderClause($conn_r),
|
|
|
|
|
$this->buildLimitClause($conn_r));
|
2012-05-07 22:35:09 +02:00
|
|
|
|
2012-05-25 22:11:33 +02:00
|
|
|
if ($this->needPrimaryEmail) {
|
|
|
|
|
$table->putInSet(new LiskDAOSet());
|
Allow installs to require email verification
Summary:
Allow installs to require users to verify email addresses before they can use Phabricator. If a user logs in without a verified email address, they're given instructions to verify their address.
This isn't too useful on its own since we don't actually have arbitrary email registration, but the next step is to allow installs to restrict email to only some domains (e.g., @mycompany.com).
Test Plan:
- Verification
- Set verification requirement to `true`.
- Tried to use Phabricator with an unverified account, was told to verify.
- Tried to use Conduit, was given a verification error.
- Verified account, used Phabricator.
- Unverified account, reset password, verified implicit verification, used Phabricator.
- People Admin Interface
- Viewed as admin. Clicked "Administrate User".
- Viewed as non-admin
- Sanity Checks
- Used Conduit normally from web/CLI with a verified account.
- Logged in/out.
- Sent password reset email.
- Created a new user.
- Logged in with an unverified user but with the configuration set to off.
Reviewers: btrahan, vrana, jungejason
Reviewed By: btrahan
CC: aran, csilvers
Maniphest Tasks: T1184
Differential Revision: https://secure.phabricator.com/D2520
2012-05-21 21:47:38 +02:00
|
|
|
}
|
|
|
|
|
|
2012-05-25 22:11:33 +02:00
|
|
|
$users = $table->loadAllFromArray($data);
|
2013-03-24 14:42:31 +01:00
|
|
|
|
|
|
|
|
if ($this->needProfile) {
|
|
|
|
|
$user_list = mpull($users, null, 'getPHID');
|
|
|
|
|
$profiles = new PhabricatorUserProfile();
|
|
|
|
|
$profiles = $profiles->loadAllWhere('userPHID IN (%Ls)',
|
|
|
|
|
array_keys($user_list));
|
|
|
|
|
|
|
|
|
|
$profiles = mpull($profiles, null, 'getUserPHID');
|
|
|
|
|
foreach ($user_list as $user_phid => $user) {
|
|
|
|
|
$profile = idx($profiles, $user_phid);
|
|
|
|
|
if (!$profile) {
|
|
|
|
|
$profile = new PhabricatorUserProfile();
|
|
|
|
|
$profile->setUserPHID($user_phid);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
$user->attachUserProfile($profile);
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if ($this->needProfileImage) {
|
2013-09-08 18:43:27 +02:00
|
|
|
$user_profile_file_phids = mpull($users, 'getProfileImagePHID');
|
|
|
|
|
$user_profile_file_phids = array_filter($user_profile_file_phids);
|
|
|
|
|
if ($user_profile_file_phids) {
|
|
|
|
|
$files = id(new PhabricatorFileQuery())
|
|
|
|
|
->setViewer($this->getViewer())
|
|
|
|
|
->withPHIDs($user_profile_file_phids)
|
|
|
|
|
->execute();
|
|
|
|
|
$files = mpull($files, null, 'getPHID');
|
|
|
|
|
} else {
|
|
|
|
|
$files = array();
|
|
|
|
|
}
|
2013-03-24 14:42:31 +01:00
|
|
|
foreach ($users as $user) {
|
|
|
|
|
$image_phid = $user->getProfileImagePHID();
|
|
|
|
|
if (isset($files[$image_phid])) {
|
|
|
|
|
$profile_image_uri = $files[$image_phid]->getBestURI();
|
|
|
|
|
} else {
|
|
|
|
|
$profile_image_uri = PhabricatorUser::getDefaultProfileImageURI();
|
|
|
|
|
}
|
|
|
|
|
$user->attachProfileImageURI($profile_image_uri);
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2013-07-26 23:05:19 +02:00
|
|
|
if ($this->needStatus) {
|
|
|
|
|
$user_list = mpull($users, null, 'getPHID');
|
|
|
|
|
$statuses = id(new PhabricatorUserStatus())->loadCurrentStatuses(
|
|
|
|
|
array_keys($user_list));
|
|
|
|
|
foreach ($user_list as $phid => $user) {
|
|
|
|
|
$status = idx($statuses, $phid);
|
|
|
|
|
if ($status) {
|
|
|
|
|
$user->attachStatus($status);
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2012-05-07 22:35:09 +02:00
|
|
|
return $users;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
private function buildJoinsClause($conn_r) {
|
|
|
|
|
$joins = array();
|
|
|
|
|
|
|
|
|
|
if ($this->emails) {
|
|
|
|
|
$email_table = new PhabricatorUserEmail();
|
|
|
|
|
$joins[] = qsprintf(
|
|
|
|
|
$conn_r,
|
|
|
|
|
'JOIN %T email ON email.userPHID = user.PHID',
|
|
|
|
|
$email_table->getTableName());
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
$joins = implode(' ', $joins);
|
|
|
|
|
return $joins;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
private function buildWhereClause($conn_r) {
|
|
|
|
|
$where = array();
|
|
|
|
|
|
|
|
|
|
if ($this->usernames) {
|
2013-05-31 19:51:20 +02:00
|
|
|
$where[] = qsprintf(
|
|
|
|
|
$conn_r,
|
|
|
|
|
'user.userName IN (%Ls)',
|
|
|
|
|
$this->usernames);
|
2012-05-07 22:35:09 +02:00
|
|
|
}
|
2013-05-31 19:51:20 +02:00
|
|
|
|
2012-05-07 22:35:09 +02:00
|
|
|
if ($this->emails) {
|
2013-05-31 19:51:20 +02:00
|
|
|
$where[] = qsprintf(
|
|
|
|
|
$conn_r,
|
|
|
|
|
'email.address IN (%Ls)',
|
|
|
|
|
$this->emails);
|
2012-05-07 22:35:09 +02:00
|
|
|
}
|
2013-05-31 19:51:20 +02:00
|
|
|
|
2012-05-07 22:35:09 +02:00
|
|
|
if ($this->realnames) {
|
2013-05-31 19:51:20 +02:00
|
|
|
$where[] = qsprintf(
|
|
|
|
|
$conn_r,
|
|
|
|
|
'user.realName IN (%Ls)',
|
|
|
|
|
$this->realnames);
|
2012-05-07 22:35:09 +02:00
|
|
|
}
|
2013-05-31 19:51:20 +02:00
|
|
|
|
2012-05-07 22:35:09 +02:00
|
|
|
if ($this->phids) {
|
2013-05-31 19:51:20 +02:00
|
|
|
$where[] = qsprintf(
|
|
|
|
|
$conn_r,
|
|
|
|
|
'user.phid IN (%Ls)',
|
|
|
|
|
$this->phids);
|
2012-05-07 22:35:09 +02:00
|
|
|
}
|
2013-05-31 19:51:20 +02:00
|
|
|
|
2012-05-07 22:35:09 +02:00
|
|
|
if ($this->ids) {
|
2013-05-31 19:51:20 +02:00
|
|
|
$where[] = qsprintf(
|
|
|
|
|
$conn_r,
|
|
|
|
|
'user.id IN (%Ld)',
|
|
|
|
|
$this->ids);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if ($this->dateCreatedAfter) {
|
|
|
|
|
$where[] = qsprintf(
|
|
|
|
|
$conn_r,
|
|
|
|
|
'user.dateCreated >= %d',
|
|
|
|
|
$this->dateCreatedAfter);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if ($this->dateCreatedBefore) {
|
|
|
|
|
$where[] = qsprintf(
|
|
|
|
|
$conn_r,
|
|
|
|
|
'user.dateCreated <= %d',
|
|
|
|
|
$this->dateCreatedBefore);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if ($this->isAdmin) {
|
|
|
|
|
$where[] = qsprintf(
|
|
|
|
|
$conn_r,
|
|
|
|
|
'user.isAdmin = 1');
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if ($this->isDisabled) {
|
|
|
|
|
$where[] = qsprintf(
|
|
|
|
|
$conn_r,
|
|
|
|
|
'user.isDisabled = 1');
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if ($this->isSystemAgent) {
|
|
|
|
|
$where[] = qsprintf(
|
|
|
|
|
$conn_r,
|
|
|
|
|
'user.isSystemAgent = 1');
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if (strlen($this->nameLike)) {
|
|
|
|
|
$where[] = qsprintf(
|
|
|
|
|
$conn_r,
|
|
|
|
|
'user.username LIKE %~ OR user.realname LIKE %~',
|
|
|
|
|
$this->nameLike,
|
|
|
|
|
$this->nameLike);
|
2012-05-07 22:35:09 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return $this->formatWhereClause($where);
|
|
|
|
|
}
|
2013-03-24 14:42:31 +01:00
|
|
|
|
2013-06-19 20:18:40 +02:00
|
|
|
protected function getPagingColumn() {
|
|
|
|
|
return 'user.id';
|
|
|
|
|
}
|
|
|
|
|
|
2012-05-07 22:35:09 +02:00
|
|
|
}
|
