2013-01-07 21:48:39 +01:00
|
|
|
<?php
|
|
|
|
|
|
|
|
|
|
final class PhabricatorAuthenticationConfigOptions
|
|
|
|
|
extends PhabricatorApplicationConfigOptions {
|
|
|
|
|
|
|
|
|
|
public function getName() {
|
2014-06-09 20:36:49 +02:00
|
|
|
return pht('Authentication');
|
2013-01-07 21:48:39 +01:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
public function getDescription() {
|
2014-06-09 20:36:49 +02:00
|
|
|
return pht('Options relating to authentication.');
|
2013-01-07 21:48:39 +01:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
public function getOptions() {
|
|
|
|
|
return array(
|
2013-11-13 20:24:56 +01:00
|
|
|
$this->newOption('auth.require-email-verification', 'bool', false)
|
2013-01-09 17:14:26 +01:00
|
|
|
->setBoolOptions(
|
2013-01-07 21:48:39 +01:00
|
|
|
array(
|
2014-06-09 20:36:49 +02:00
|
|
|
pht('Require email verification'),
|
2013-01-07 22:50:03 +01:00
|
|
|
pht("Don't require email verification")
|
|
|
|
|
))
|
2013-01-07 21:48:39 +01:00
|
|
|
->setSummary(
|
2014-06-09 20:36:49 +02:00
|
|
|
pht('Require email verification before a user can log in.'))
|
2013-01-07 21:48:39 +01:00
|
|
|
->setDescription(
|
|
|
|
|
pht(
|
2014-06-09 20:36:49 +02:00
|
|
|
'If true, email addresses must be verified (by clicking a link '.
|
|
|
|
|
'in an email) before a user can login. By default, verification '.
|
|
|
|
|
'is optional unless {{auth.email-domains}} is nonempty.')),
|
2013-11-13 20:24:56 +01:00
|
|
|
$this->newOption('auth.require-approval', 'bool', true)
|
|
|
|
|
->setBoolOptions(
|
|
|
|
|
array(
|
2014-06-09 20:36:49 +02:00
|
|
|
pht('Require Administrators to Approve Accounts'),
|
2013-11-13 20:24:56 +01:00
|
|
|
pht("Don't Require Manual Approval"),
|
|
|
|
|
))
|
|
|
|
|
->setSummary(
|
2014-06-09 20:36:49 +02:00
|
|
|
pht('Require administrators to approve new accounts.'))
|
2013-11-13 20:24:56 +01:00
|
|
|
->setDescription(
|
|
|
|
|
pht(
|
|
|
|
|
"Newly registered Phabricator accounts can either be placed ".
|
|
|
|
|
"into a manual approval queue for administrative review, or ".
|
|
|
|
|
"automatically activated immediately. The approval queue is ".
|
|
|
|
|
"enabled by default because it gives you greater control over ".
|
|
|
|
|
"who can register an account and access Phabricator.\n\n".
|
|
|
|
|
"If your install is completely public, or on a VPN, or users can ".
|
|
|
|
|
"only register with a trusted provider like LDAP, or you've ".
|
|
|
|
|
"otherwise configured Phabricator to prevent unauthorized ".
|
|
|
|
|
"registration, you can disable the queue to reduce administrative ".
|
|
|
|
|
"overhead.\n\n".
|
|
|
|
|
"NOTE: Before you disable the queue, make sure ".
|
|
|
|
|
"{{auth.email-domains}} is configured correctly for your ".
|
|
|
|
|
"install!")),
|
|
|
|
|
$this->newOption('auth.email-domains', 'list<string>', array())
|
2014-06-09 20:36:49 +02:00
|
|
|
->setSummary(pht('Only allow registration from particular domains.'))
|
2013-01-07 21:48:39 +01:00
|
|
|
->setDescription(
|
|
|
|
|
pht(
|
|
|
|
|
"You can restrict allowed email addresses to certain domains ".
|
2013-11-13 20:24:56 +01:00
|
|
|
"(like `yourcompany.com`) by setting a list of allowed domains ".
|
|
|
|
|
"here.\n\nUsers will only be allowed to register using email ".
|
2013-01-07 21:48:39 +01:00
|
|
|
"addresses at one of the domains, and will only be able to add ".
|
|
|
|
|
"new email addresses for these domains. If you configure this, ".
|
2013-11-13 20:24:56 +01:00
|
|
|
"it implies {{auth.require-email-verification}}.\n\n".
|
|
|
|
|
"You should omit the `@` from domains. Note that the domain must ".
|
|
|
|
|
"match exactly. If you allow `yourcompany.com`, that permits ".
|
|
|
|
|
"`joe@yourcompany.com` but rejects `joe@mail.yourcompany.com`."))
|
2013-01-07 21:48:39 +01:00
|
|
|
->addExample(
|
|
|
|
|
"yourcompany.com\nmail.yourcompany.com",
|
|
|
|
|
pht('Valid Setting')),
|
2013-11-13 20:24:56 +01:00
|
|
|
$this->newOption('auth.login-message', 'string', null)
|
2013-01-07 21:48:39 +01:00
|
|
|
->setLocked(true)
|
2014-06-09 20:36:49 +02:00
|
|
|
->setSummary(pht('A block of HTML displayed on the login screen.'))
|
2013-01-07 21:48:39 +01:00
|
|
|
->setDescription(
|
|
|
|
|
pht(
|
|
|
|
|
"You can provide an arbitrary block of HTML here, which will ".
|
|
|
|
|
"appear on the login screen. Normally, you'd use this to provide ".
|
|
|
|
|
"login or registration instructions to users.")),
|
2013-11-13 20:24:56 +01:00
|
|
|
$this->newOption('account.editable', 'bool', true)
|
2013-01-09 17:14:26 +01:00
|
|
|
->setBoolOptions(
|
2013-01-07 21:48:39 +01:00
|
|
|
array(
|
2014-06-09 20:36:49 +02:00
|
|
|
pht('Allow editing'),
|
|
|
|
|
pht('Prevent editing')
|
2013-01-07 22:50:03 +01:00
|
|
|
))
|
2013-01-07 21:48:39 +01:00
|
|
|
->setSummary(
|
|
|
|
|
pht(
|
2014-06-09 20:36:49 +02:00
|
|
|
'Determines whether or not basic account information is '.
|
|
|
|
|
'editable.'))
|
2013-01-07 21:48:39 +01:00
|
|
|
->setDescription(
|
|
|
|
|
pht(
|
2014-06-09 20:36:49 +02:00
|
|
|
'Is basic account information (email, real name, profile '.
|
|
|
|
|
'picture) editable? If you set up Phabricator to automatically '.
|
|
|
|
|
'synchronize account information from some other authoritative '.
|
|
|
|
|
'system, you can disable this to ensure information remains '.
|
|
|
|
|
'consistent across both systems.')),
|
2013-11-13 20:24:56 +01:00
|
|
|
$this->newOption('account.minimum-password-length', 'int', 8)
|
2014-06-09 20:36:49 +02:00
|
|
|
->setSummary(pht('Minimum password length.'))
|
2013-01-07 21:48:39 +01:00
|
|
|
->setDescription(
|
|
|
|
|
pht(
|
2014-06-09 20:36:49 +02:00
|
|
|
'When users set or reset a password, it must have at least this '.
|
|
|
|
|
'many characters.')),
|
2013-01-07 21:48:39 +01:00
|
|
|
);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
}
|
