revi-archive/phorge-phorge
1
0
Fork 0
mirror of https://we.phorge.it/source/phorge.git synced 2024-11-22 14:52:41 +01:00
Code Issues Releases Wiki Activity

can now tell phabricator you trust an auth provider's emails (useful for Google OAuth), which will mark emails as "verified" and will skip email verification.

Browse source 
Summary: This is useful when you're trying to onboard an entire office and you end up using the Google OAuth anyway.

Test Plan: tested locally. Maybe I should write some tests?

Reviewers: #blessed_reviewers, epriestley

Reviewed By: #blessed_reviewers, epriestley

Subscribers: epriestley, Korvin

Differential Revision: https://secure.phabricator.com/D9150
This commit is contained in:
Tal Shiri 2014-05-16 14:14:06 -07:00 committed by epriestley
parent cf6353e516
commit 43d45c4956
8 changed files with 67 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
resources/sql/autopatches/20140515.trust-emails.sql Normal file
View file

@ -0,0 +1,2 @@
ALTER TABLE {$NAMESPACE}_auth.auth_providerconfig
ADD `shouldTrustEmails` tinyint(1) NOT NULL DEFAULT 0 AFTER shouldAllowUnlink;

5
src/applications/auth/controller/PhabricatorAuthRegisterController.php
View file

@ -249,6 +249,11 @@ final class PhabricatorAuthRegisterController
($value_email === $default_email);
}
if ($provider->shouldTrustEmails() &&
$value_email === $default_email) {
$verify_email = true;
}
$email_obj = id(new PhabricatorUserEmail())
->setAddress($value_email)
->setIsVerified((int)$verify_email);

23
src/applications/auth/controller/config/PhabricatorAuthEditController.php
View file

@ -85,6 +85,7 @@ final class PhabricatorAuthEditController
$v_registration = $config->getShouldAllowRegistration();
$v_link = $config->getShouldAllowLink();
$v_unlink = $config->getShouldAllowUnlink();
$v_trust_email = $config->getShouldTrustEmails();
if ($request->isFormPost()) {
@ -120,6 +121,11 @@ final class PhabricatorAuthEditController
PhabricatorAuthProviderConfigTransaction::TYPE_UNLINK)
->setNewValue($request->getInt('allowUnlink', 0));
$xactions[] = id(new PhabricatorAuthProviderConfigTransaction())
->setTransactionType(
PhabricatorAuthProviderConfigTransaction::TYPE_TRUST_EMAILS)
->setNewValue($request->getInt('trustEmails', 0));
foreach ($properties as $key => $value) {
$xactions[] = id(new PhabricatorAuthProviderConfigTransaction())
->setTransactionType(
@ -212,6 +218,13 @@ final class PhabricatorAuthEditController
'existing Phabricator accounts. If you disable this, Phabricator '.
'accounts will be permanently bound to provider accounts.'));
$str_trusted_email = hsprintf(
'<strong>%s:</strong> %s',
pht('Trust Email Addresses'),
pht(
'Phabricator will skip email verification for accounts registered '.
'through this provider.'));
$status_tag = id(new PHUITagView())
->setType(PHUITagView::TYPE_STATE);
if ($is_new) {
@ -262,6 +275,16 @@ final class PhabricatorAuthEditController
$str_unlink,
$v_unlink));
if ($provider->shouldAllowEmailTrustConfiguration()) {
$form->appendChild(
id(new AphrontFormCheckboxControl())
->addCheckbox(
'trustEmails',
1,
$str_trusted_email,
$v_trust_email));
}
$provider->extendEditForm($request, $form, $properties, $issues);
$form

7
src/applications/auth/editor/PhabricatorAuthProviderConfigEditor.php
View file

@ -10,6 +10,7 @@ final class PhabricatorAuthProviderConfigEditor
$types[] = PhabricatorAuthProviderConfigTransaction::TYPE_REGISTRATION;
$types[] = PhabricatorAuthProviderConfigTransaction::TYPE_LINK;
$types[] = PhabricatorAuthProviderConfigTransaction::TYPE_UNLINK;
$types[] = PhabricatorAuthProviderConfigTransaction::TYPE_TRUST_EMAILS;
$types[] = PhabricatorAuthProviderConfigTransaction::TYPE_PROPERTY;
return $types;
@ -32,6 +33,8 @@ final class PhabricatorAuthProviderConfigEditor
return (int)$object->getShouldAllowLink();
case PhabricatorAuthProviderConfigTransaction::TYPE_UNLINK:
return (int)$object->getShouldAllowUnlink();
case PhabricatorAuthProviderConfigTransaction::TYPE_UNLINK:
return (int)$object->getShouldTrustEmails();
case PhabricatorAuthProviderConfigTransaction::TYPE_PROPERTY:
$key = $xaction->getMetadataValue(
PhabricatorAuthProviderConfigTransaction::PROPERTY_KEY);
@ -48,6 +51,7 @@ final class PhabricatorAuthProviderConfigEditor
case PhabricatorAuthProviderConfigTransaction::TYPE_REGISTRATION:
case PhabricatorAuthProviderConfigTransaction::TYPE_LINK:
case PhabricatorAuthProviderConfigTransaction::TYPE_UNLINK:
case PhabricatorAuthProviderConfigTransaction::TYPE_TRUST_EMAILS:
case PhabricatorAuthProviderConfigTransaction::TYPE_PROPERTY:
return $xaction->getNewValue();
}
@ -66,6 +70,8 @@ final class PhabricatorAuthProviderConfigEditor
return $object->setShouldAllowLink($v);
case PhabricatorAuthProviderConfigTransaction::TYPE_UNLINK:
return $object->setShouldAllowUnlink($v);
case PhabricatorAuthProviderConfigTransaction::TYPE_TRUST_EMAILS:
return $object->setShouldTrustEmails($v);
case PhabricatorAuthProviderConfigTransaction::TYPE_PROPERTY:
$key = $xaction->getMetadataValue(
PhabricatorAuthProviderConfigTransaction::PROPERTY_KEY);
@ -89,6 +95,7 @@ final class PhabricatorAuthProviderConfigEditor
case PhabricatorAuthProviderConfigTransaction::TYPE_REGISTRATION:
case PhabricatorAuthProviderConfigTransaction::TYPE_LINK:
case PhabricatorAuthProviderConfigTransaction::TYPE_UNLINK:
case PhabricatorAuthProviderConfigTransaction::TYPE_TRUST_EMAILS:
// For these types, last transaction wins.
return $v;
}

14
src/applications/auth/provider/PhabricatorAuthProvider.php
View file

@ -141,6 +141,20 @@ abstract class PhabricatorAuthProvider {
return $this->getProviderConfig()->getShouldAllowUnlink();
}
public function shouldTrustEmails() {
return $this->shouldAllowEmailTrustConfiguration() &&
$this->getProviderConfig()->getShouldTrustEmails();
}
/**
* Should we allow the adapter to be marked as "trusted"
* This is true for all adapters except those that allow the user to type in
* emails (@see PhabricatorAuthProviderPassword)
*/
public function shouldAllowEmailTrustConfiguration() {
return true;
}
public function buildLoginForm(
PhabricatorAuthStartController $controller) {
return $this->renderLoginForm($controller->getRequest(), $mode = 'start');

3
src/applications/auth/provider/PhabricatorAuthProviderPassword.php
View file

@ -350,4 +350,7 @@ final class PhabricatorAuthProviderPassword
return false;
}
public function shouldAllowEmailTrustConfiguration() {
return false;
}
}

1
src/applications/auth/storage/PhabricatorAuthProviderConfig.php
View file

@ -12,6 +12,7 @@ final class PhabricatorAuthProviderConfig extends PhabricatorAuthDAO
protected $shouldAllowRegistration = 0;
protected $shouldAllowLink = 0;
protected $shouldAllowUnlink = 0;
protected $shouldTrustEmails = 0;
protected $properties = array();

12
src/applications/auth/storage/PhabricatorAuthProviderConfigTransaction.php
View file

@ -7,6 +7,7 @@ final class PhabricatorAuthProviderConfigTransaction
const TYPE_REGISTRATION = 'config:registration';
const TYPE_LINK = 'config:link';
const TYPE_UNLINK = 'config:unlink';
const TYPE_TRUST_EMAILS = "config:trustEmails";
const TYPE_PROPERTY = 'config:property';
const PROPERTY_KEY = 'auth:property';
@ -121,6 +122,17 @@ final class PhabricatorAuthProviderConfigTransaction
$this->renderHandleLink($author_phid));
}
break;
case self::TYPE_TRUST_EMAILS:
if ($new) {
return pht(
'%s enabled email trust.',
$this->renderHandleLink($author_phid));
} else {
return pht(
'%s disabled email trust.',
$this->renderHandleLink($author_phid));
}
break;
case self::TYPE_PROPERTY:
$provider = $this->getProvider();
if ($provider) {