diff --git a/src/applications/auth/controller/config/PhabricatorAuthEditController.php b/src/applications/auth/controller/config/PhabricatorAuthEditController.php index 9662ca2764..0ea5b0e549 100644 --- a/src/applications/auth/controller/config/PhabricatorAuthEditController.php +++ b/src/applications/auth/controller/config/PhabricatorAuthEditController.php @@ -169,14 +169,35 @@ final class PhabricatorAuthEditController $cancel_uri = $this->getApplicationURI(); } - $str_registration = hsprintf( - '%s: %s', - pht('Allow Registration'), + $config_name = 'auth.email-domains'; + $config_href = '/config/edit/'.$config_name.'/'; + + $email_domains = PhabricatorEnv::getEnvConfig($config_name); + if ($email_domains) { + $registration_warning = pht( + "Users will only be able to register with a verified email address ". + "at one of the configured [[ %s | %s ]] domains: **%s**", + $config_href, + $config_name, + implode(', ', $email_domains)); + } else { + $registration_warning = pht( + "NOTE: Any user who can browse to this install's login page will be ". + "able to register a Phabricator account. To restrict who can register ". + "an account, configure [[ %s | %s ]].", + $config_href, + $config_name); + } + + $str_registration = array( + phutil_tag('strong', array(), pht('Allow Registration:')), + ' ', pht( 'Allow users to register new Phabricator accounts using this '. 'provider. If you disable registration, users can still use this '. 'provider to log in to existing accounts, but will not be able to '. - 'create new accounts.')); + 'create new accounts.'), + ); $str_link = hsprintf( '%s: %s', @@ -229,6 +250,7 @@ final class PhabricatorAuthEditController 1, $str_registration, $v_registration)) + ->appendRemarkupInstructions($registration_warning) ->appendChild( id(new AphrontFormCheckboxControl()) ->addCheckbox( diff --git a/src/applications/auth/controller/config/PhabricatorAuthListController.php b/src/applications/auth/controller/config/PhabricatorAuthListController.php index cf59f68a0f..7c24bbb4a4 100644 --- a/src/applications/auth/controller/config/PhabricatorAuthListController.php +++ b/src/applications/auth/controller/config/PhabricatorAuthListController.php @@ -90,9 +90,43 @@ final class PhabricatorAuthListController id(new PhabricatorCrumbView()) ->setName(pht('Auth Providers'))); + $config_name = 'auth.email-domains'; + $config_href = '/config/edit/'.$config_name.'/'; + $config_link = phutil_tag( + 'a', + array( + 'href' => $config_href, + 'target' => '_blank', + ), + $config_name); + + $warning = new AphrontErrorView(); + + $email_domains = PhabricatorEnv::getEnvConfig($config_name); + if ($email_domains) { + $warning->setSeverity(AphrontErrorView::SEVERITY_NOTICE); + $warning->setTitle(pht('Registration is Restricted')); + $warning->appendChild( + pht( + 'Only users with a verified email address at one of the %s domains '. + 'will be able to register a Phabricator account: %s', + $config_link, + phutil_tag('strong', array(), implode(', ', $email_domains)))); + } else { + $warning->setSeverity(AphrontErrorView::SEVERITY_WARNING); + $warning->setTitle(pht('Anyone Can Register an Account')); + $warning->appendChild( + pht( + 'Anyone who can browse to this Phabricator install will be able to '. + 'register an account. To restrict who can register an account, '. + 'configure %s.', + $config_link)); + } + return $this->buildApplicationPage( array( $crumbs, + $warning, $list, ), array(