1
0
Fork 0
mirror of https://we.phorge.it/source/phorge.git synced 2024-11-10 00:42:41 +01:00

Allow users to register with non-registration providers if they are invited to an instance

Summary:
Depends on D20117. Fixes T10071. When you're sent an email invitation, it's intended to allow you to register an account even if you otherwise could not (see D11737).

Some time between D11737 and today, this stopped working (or perhaps it never worked and I got things wrong in D11737). I think this actually ended up not mattering for us, given the way Phacility auth was ultimately built.

This feature generally seems reasonable, though, and probably //should// work. Make it work in the "password" and "oauth" cases, at least. This may //still// not work for LDAP, but testing that is nontrivial.

Test Plan:
  - Enabled only passwords, turned off registration, sent an invite, registered with a password.
  - Enabled only Google OAuth, turned off registration, sent an invite, registered with Google OAuth.

Reviewers: amckinley

Reviewed By: amckinley

Maniphest Tasks: T10071

Differential Revision: https://secure.phabricator.com/D20118
This commit is contained in:
epriestley 2019-02-06 17:55:31 -08:00
parent d22495a820
commit 3f35c0068a
2 changed files with 13 additions and 9 deletions

View file

@ -35,6 +35,7 @@ final class PhabricatorAuthLoginController
return $response;
}
$invite = $this->loadInvite();
$provider = $this->provider;
try {
@ -103,7 +104,7 @@ final class PhabricatorAuthLoginController
// The account is not yet attached to a Phabricator user, so this is
// either a registration or an account link request.
if (!$viewer->isLoggedIn()) {
if ($provider->shouldAllowRegistration()) {
if ($provider->shouldAllowRegistration() || $invite) {
return $this->processRegisterUser($account);
} else {
return $this->renderError(

View file

@ -11,10 +11,12 @@ final class PhabricatorAuthRegisterController
$viewer = $this->getViewer();
$account_key = $request->getURIData('akey');
if ($request->getUser()->isLoggedIn()) {
if ($viewer->isLoggedIn()) {
return id(new AphrontRedirectResponse())->setURI('/');
}
$invite = $this->loadInvite();
$is_setup = false;
if (strlen($account_key)) {
$result = $this->loadAccountForRegistrationOrLinking($account_key);
@ -27,7 +29,7 @@ final class PhabricatorAuthRegisterController
$is_default = true;
$is_setup = true;
} else {
list($account, $provider, $response) = $this->loadDefaultAccount();
list($account, $provider, $response) = $this->loadDefaultAccount($invite);
$is_default = true;
}
@ -35,8 +37,6 @@ final class PhabricatorAuthRegisterController
return $response;
}
$invite = $this->loadInvite();
if (!$is_setup) {
if (!$provider->shouldAllowRegistration()) {
if ($invite) {
@ -643,17 +643,20 @@ final class PhabricatorAuthRegisterController
->appendChild($view);
}
private function loadDefaultAccount() {
private function loadDefaultAccount($invite) {
$providers = PhabricatorAuthProvider::getAllEnabledProviders();
$account = null;
$provider = null;
$response = null;
foreach ($providers as $key => $candidate_provider) {
if (!$candidate_provider->shouldAllowRegistration()) {
unset($providers[$key]);
continue;
if (!$invite) {
if (!$candidate_provider->shouldAllowRegistration()) {
unset($providers[$key]);
continue;
}
}
if (!$candidate_provider->isDefaultRegistrationProvider()) {
unset($providers[$key]);
}