1
0
Fork 0
mirror of https://we.phorge.it/source/phorge.git synced 2024-11-22 23:02:42 +01:00

can now tell phabricator you trust an auth provider's emails (useful for Google OAuth), which will mark emails as "verified" and will skip email verification.

Summary: This is useful when you're trying to onboard an entire office and you end up using the Google OAuth anyway.

Test Plan: tested locally. Maybe I should write some tests?

Reviewers: #blessed_reviewers, epriestley

Reviewed By: #blessed_reviewers, epriestley

Subscribers: epriestley, Korvin

Differential Revision: https://secure.phabricator.com/D9150
This commit is contained in:
Tal Shiri 2014-05-16 14:14:06 -07:00 committed by epriestley
parent cf6353e516
commit 43d45c4956
8 changed files with 67 additions and 0 deletions

View file

@ -0,0 +1,2 @@
ALTER TABLE {$NAMESPACE}_auth.auth_providerconfig
ADD `shouldTrustEmails` tinyint(1) NOT NULL DEFAULT 0 AFTER shouldAllowUnlink;

View file

@ -249,6 +249,11 @@ final class PhabricatorAuthRegisterController
($value_email === $default_email); ($value_email === $default_email);
} }
if ($provider->shouldTrustEmails() &&
$value_email === $default_email) {
$verify_email = true;
}
$email_obj = id(new PhabricatorUserEmail()) $email_obj = id(new PhabricatorUserEmail())
->setAddress($value_email) ->setAddress($value_email)
->setIsVerified((int)$verify_email); ->setIsVerified((int)$verify_email);

View file

@ -85,6 +85,7 @@ final class PhabricatorAuthEditController
$v_registration = $config->getShouldAllowRegistration(); $v_registration = $config->getShouldAllowRegistration();
$v_link = $config->getShouldAllowLink(); $v_link = $config->getShouldAllowLink();
$v_unlink = $config->getShouldAllowUnlink(); $v_unlink = $config->getShouldAllowUnlink();
$v_trust_email = $config->getShouldTrustEmails();
if ($request->isFormPost()) { if ($request->isFormPost()) {
@ -120,6 +121,11 @@ final class PhabricatorAuthEditController
PhabricatorAuthProviderConfigTransaction::TYPE_UNLINK) PhabricatorAuthProviderConfigTransaction::TYPE_UNLINK)
->setNewValue($request->getInt('allowUnlink', 0)); ->setNewValue($request->getInt('allowUnlink', 0));
$xactions[] = id(new PhabricatorAuthProviderConfigTransaction())
->setTransactionType(
PhabricatorAuthProviderConfigTransaction::TYPE_TRUST_EMAILS)
->setNewValue($request->getInt('trustEmails', 0));
foreach ($properties as $key => $value) { foreach ($properties as $key => $value) {
$xactions[] = id(new PhabricatorAuthProviderConfigTransaction()) $xactions[] = id(new PhabricatorAuthProviderConfigTransaction())
->setTransactionType( ->setTransactionType(
@ -212,6 +218,13 @@ final class PhabricatorAuthEditController
'existing Phabricator accounts. If you disable this, Phabricator '. 'existing Phabricator accounts. If you disable this, Phabricator '.
'accounts will be permanently bound to provider accounts.')); 'accounts will be permanently bound to provider accounts.'));
$str_trusted_email = hsprintf(
'<strong>%s:</strong> %s',
pht('Trust Email Addresses'),
pht(
'Phabricator will skip email verification for accounts registered '.
'through this provider.'));
$status_tag = id(new PHUITagView()) $status_tag = id(new PHUITagView())
->setType(PHUITagView::TYPE_STATE); ->setType(PHUITagView::TYPE_STATE);
if ($is_new) { if ($is_new) {
@ -262,6 +275,16 @@ final class PhabricatorAuthEditController
$str_unlink, $str_unlink,
$v_unlink)); $v_unlink));
if ($provider->shouldAllowEmailTrustConfiguration()) {
$form->appendChild(
id(new AphrontFormCheckboxControl())
->addCheckbox(
'trustEmails',
1,
$str_trusted_email,
$v_trust_email));
}
$provider->extendEditForm($request, $form, $properties, $issues); $provider->extendEditForm($request, $form, $properties, $issues);
$form $form

View file

@ -10,6 +10,7 @@ final class PhabricatorAuthProviderConfigEditor
$types[] = PhabricatorAuthProviderConfigTransaction::TYPE_REGISTRATION; $types[] = PhabricatorAuthProviderConfigTransaction::TYPE_REGISTRATION;
$types[] = PhabricatorAuthProviderConfigTransaction::TYPE_LINK; $types[] = PhabricatorAuthProviderConfigTransaction::TYPE_LINK;
$types[] = PhabricatorAuthProviderConfigTransaction::TYPE_UNLINK; $types[] = PhabricatorAuthProviderConfigTransaction::TYPE_UNLINK;
$types[] = PhabricatorAuthProviderConfigTransaction::TYPE_TRUST_EMAILS;
$types[] = PhabricatorAuthProviderConfigTransaction::TYPE_PROPERTY; $types[] = PhabricatorAuthProviderConfigTransaction::TYPE_PROPERTY;
return $types; return $types;
@ -32,6 +33,8 @@ final class PhabricatorAuthProviderConfigEditor
return (int)$object->getShouldAllowLink(); return (int)$object->getShouldAllowLink();
case PhabricatorAuthProviderConfigTransaction::TYPE_UNLINK: case PhabricatorAuthProviderConfigTransaction::TYPE_UNLINK:
return (int)$object->getShouldAllowUnlink(); return (int)$object->getShouldAllowUnlink();
case PhabricatorAuthProviderConfigTransaction::TYPE_UNLINK:
return (int)$object->getShouldTrustEmails();
case PhabricatorAuthProviderConfigTransaction::TYPE_PROPERTY: case PhabricatorAuthProviderConfigTransaction::TYPE_PROPERTY:
$key = $xaction->getMetadataValue( $key = $xaction->getMetadataValue(
PhabricatorAuthProviderConfigTransaction::PROPERTY_KEY); PhabricatorAuthProviderConfigTransaction::PROPERTY_KEY);
@ -48,6 +51,7 @@ final class PhabricatorAuthProviderConfigEditor
case PhabricatorAuthProviderConfigTransaction::TYPE_REGISTRATION: case PhabricatorAuthProviderConfigTransaction::TYPE_REGISTRATION:
case PhabricatorAuthProviderConfigTransaction::TYPE_LINK: case PhabricatorAuthProviderConfigTransaction::TYPE_LINK:
case PhabricatorAuthProviderConfigTransaction::TYPE_UNLINK: case PhabricatorAuthProviderConfigTransaction::TYPE_UNLINK:
case PhabricatorAuthProviderConfigTransaction::TYPE_TRUST_EMAILS:
case PhabricatorAuthProviderConfigTransaction::TYPE_PROPERTY: case PhabricatorAuthProviderConfigTransaction::TYPE_PROPERTY:
return $xaction->getNewValue(); return $xaction->getNewValue();
} }
@ -66,6 +70,8 @@ final class PhabricatorAuthProviderConfigEditor
return $object->setShouldAllowLink($v); return $object->setShouldAllowLink($v);
case PhabricatorAuthProviderConfigTransaction::TYPE_UNLINK: case PhabricatorAuthProviderConfigTransaction::TYPE_UNLINK:
return $object->setShouldAllowUnlink($v); return $object->setShouldAllowUnlink($v);
case PhabricatorAuthProviderConfigTransaction::TYPE_TRUST_EMAILS:
return $object->setShouldTrustEmails($v);
case PhabricatorAuthProviderConfigTransaction::TYPE_PROPERTY: case PhabricatorAuthProviderConfigTransaction::TYPE_PROPERTY:
$key = $xaction->getMetadataValue( $key = $xaction->getMetadataValue(
PhabricatorAuthProviderConfigTransaction::PROPERTY_KEY); PhabricatorAuthProviderConfigTransaction::PROPERTY_KEY);
@ -89,6 +95,7 @@ final class PhabricatorAuthProviderConfigEditor
case PhabricatorAuthProviderConfigTransaction::TYPE_REGISTRATION: case PhabricatorAuthProviderConfigTransaction::TYPE_REGISTRATION:
case PhabricatorAuthProviderConfigTransaction::TYPE_LINK: case PhabricatorAuthProviderConfigTransaction::TYPE_LINK:
case PhabricatorAuthProviderConfigTransaction::TYPE_UNLINK: case PhabricatorAuthProviderConfigTransaction::TYPE_UNLINK:
case PhabricatorAuthProviderConfigTransaction::TYPE_TRUST_EMAILS:
// For these types, last transaction wins. // For these types, last transaction wins.
return $v; return $v;
} }

View file

@ -141,6 +141,20 @@ abstract class PhabricatorAuthProvider {
return $this->getProviderConfig()->getShouldAllowUnlink(); return $this->getProviderConfig()->getShouldAllowUnlink();
} }
public function shouldTrustEmails() {
return $this->shouldAllowEmailTrustConfiguration() &&
$this->getProviderConfig()->getShouldTrustEmails();
}
/**
* Should we allow the adapter to be marked as "trusted"
* This is true for all adapters except those that allow the user to type in
* emails (@see PhabricatorAuthProviderPassword)
*/
public function shouldAllowEmailTrustConfiguration() {
return true;
}
public function buildLoginForm( public function buildLoginForm(
PhabricatorAuthStartController $controller) { PhabricatorAuthStartController $controller) {
return $this->renderLoginForm($controller->getRequest(), $mode = 'start'); return $this->renderLoginForm($controller->getRequest(), $mode = 'start');

View file

@ -350,4 +350,7 @@ final class PhabricatorAuthProviderPassword
return false; return false;
} }
public function shouldAllowEmailTrustConfiguration() {
return false;
}
} }

View file

@ -12,6 +12,7 @@ final class PhabricatorAuthProviderConfig extends PhabricatorAuthDAO
protected $shouldAllowRegistration = 0; protected $shouldAllowRegistration = 0;
protected $shouldAllowLink = 0; protected $shouldAllowLink = 0;
protected $shouldAllowUnlink = 0; protected $shouldAllowUnlink = 0;
protected $shouldTrustEmails = 0;
protected $properties = array(); protected $properties = array();

View file

@ -7,6 +7,7 @@ final class PhabricatorAuthProviderConfigTransaction
const TYPE_REGISTRATION = 'config:registration'; const TYPE_REGISTRATION = 'config:registration';
const TYPE_LINK = 'config:link'; const TYPE_LINK = 'config:link';
const TYPE_UNLINK = 'config:unlink'; const TYPE_UNLINK = 'config:unlink';
const TYPE_TRUST_EMAILS = "config:trustEmails";
const TYPE_PROPERTY = 'config:property'; const TYPE_PROPERTY = 'config:property';
const PROPERTY_KEY = 'auth:property'; const PROPERTY_KEY = 'auth:property';
@ -121,6 +122,17 @@ final class PhabricatorAuthProviderConfigTransaction
$this->renderHandleLink($author_phid)); $this->renderHandleLink($author_phid));
} }
break; break;
case self::TYPE_TRUST_EMAILS:
if ($new) {
return pht(
'%s enabled email trust.',
$this->renderHandleLink($author_phid));
} else {
return pht(
'%s disabled email trust.',
$this->renderHandleLink($author_phid));
}
break;
case self::TYPE_PROPERTY: case self::TYPE_PROPERTY:
$provider = $this->getProvider(); $provider = $this->getProvider();
if ($provider) { if ($provider) {