mirror of
https://we.phorge.it/source/phorge.git
synced 2024-11-22 14:52:41 +01:00
can now tell phabricator you trust an auth provider's emails (useful for Google OAuth), which will mark emails as "verified" and will skip email verification.
Summary: This is useful when you're trying to onboard an entire office and you end up using the Google OAuth anyway. Test Plan: tested locally. Maybe I should write some tests? Reviewers: #blessed_reviewers, epriestley Reviewed By: #blessed_reviewers, epriestley Subscribers: epriestley, Korvin Differential Revision: https://secure.phabricator.com/D9150
This commit is contained in:
Tal Shiri
epriestley
parent
cf6353e516
commit
43d45c4956
8 changed files with 67 additions and 0 deletions
2
resources/sql/autopatches/20140515.trust-emails.sql
Normal file
2
resources/sql/autopatches/20140515.trust-emails.sql
Normal file
|
|
@ -0,0 +1,2 @@
|
||||||
|
ALTER TABLE {$NAMESPACE}_auth.auth_providerconfig
|
||||||
|
ADD `shouldTrustEmails` tinyint(1) NOT NULL DEFAULT 0 AFTER shouldAllowUnlink;
|
||||||
|
|
@ -249,6 +249,11 @@ final class PhabricatorAuthRegisterController
|
||||||
($value_email === $default_email);
|
($value_email === $default_email);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
if ($provider->shouldTrustEmails() &&
|
||||||
|
$value_email === $default_email) {
|
||||||
|
$verify_email = true;
|
||||||
|
}
|
||||||
|
|
||||||
$email_obj = id(new PhabricatorUserEmail())
|
$email_obj = id(new PhabricatorUserEmail())
|
||||||
->setAddress($value_email)
|
->setAddress($value_email)
|
||||||
->setIsVerified((int)$verify_email);
|
->setIsVerified((int)$verify_email);
|
||||||
|
|
|
||||||
|
|
@ -85,6 +85,7 @@ final class PhabricatorAuthEditController
|
||||||
$v_registration = $config->getShouldAllowRegistration();
|
$v_registration = $config->getShouldAllowRegistration();
|
||||||
$v_link = $config->getShouldAllowLink();
|
$v_link = $config->getShouldAllowLink();
|
||||||
$v_unlink = $config->getShouldAllowUnlink();
|
$v_unlink = $config->getShouldAllowUnlink();
|
||||||
|
$v_trust_email = $config->getShouldTrustEmails();
|
||||||
|
|
||||||
if ($request->isFormPost()) {
|
if ($request->isFormPost()) {
|
||||||
|
|
||||||
|
|
@ -120,6 +121,11 @@ final class PhabricatorAuthEditController
|
||||||
PhabricatorAuthProviderConfigTransaction::TYPE_UNLINK)
|
PhabricatorAuthProviderConfigTransaction::TYPE_UNLINK)
|
||||||
->setNewValue($request->getInt('allowUnlink', 0));
|
->setNewValue($request->getInt('allowUnlink', 0));
|
||||||
|
|
||||||
|
$xactions[] = id(new PhabricatorAuthProviderConfigTransaction())
|
||||||
|
->setTransactionType(
|
||||||
|
PhabricatorAuthProviderConfigTransaction::TYPE_TRUST_EMAILS)
|
||||||
|
->setNewValue($request->getInt('trustEmails', 0));
|
||||||
|
|
||||||
foreach ($properties as $key => $value) {
|
foreach ($properties as $key => $value) {
|
||||||
$xactions[] = id(new PhabricatorAuthProviderConfigTransaction())
|
$xactions[] = id(new PhabricatorAuthProviderConfigTransaction())
|
||||||
->setTransactionType(
|
->setTransactionType(
|
||||||
|
|
@ -212,6 +218,13 @@ final class PhabricatorAuthEditController
|
||||||
'existing Phabricator accounts. If you disable this, Phabricator '.
|
'existing Phabricator accounts. If you disable this, Phabricator '.
|
||||||
'accounts will be permanently bound to provider accounts.'));
|
'accounts will be permanently bound to provider accounts.'));
|
||||||
|
|
||||||
|
$str_trusted_email = hsprintf(
|
||||||
|
'<strong>%s:</strong> %s',
|
||||||
|
pht('Trust Email Addresses'),
|
||||||
|
pht(
|
||||||
|
'Phabricator will skip email verification for accounts registered '.
|
||||||
|
'through this provider.'));
|
||||||
|
|
||||||
$status_tag = id(new PHUITagView())
|
$status_tag = id(new PHUITagView())
|
||||||
->setType(PHUITagView::TYPE_STATE);
|
->setType(PHUITagView::TYPE_STATE);
|
||||||
if ($is_new) {
|
if ($is_new) {
|
||||||
|
|
@ -262,6 +275,16 @@ final class PhabricatorAuthEditController
|
||||||
$str_unlink,
|
$str_unlink,
|
||||||
$v_unlink));
|
$v_unlink));
|
||||||
|
|
||||||
|
if ($provider->shouldAllowEmailTrustConfiguration()) {
|
||||||
|
$form->appendChild(
|
||||||
|
id(new AphrontFormCheckboxControl())
|
||||||
|
->addCheckbox(
|
||||||
|
'trustEmails',
|
||||||
|
1,
|
||||||
|
$str_trusted_email,
|
||||||
|
$v_trust_email));
|
||||||
|
}
|
||||||
|
|
||||||
$provider->extendEditForm($request, $form, $properties, $issues);
|
$provider->extendEditForm($request, $form, $properties, $issues);
|
||||||
|
|
||||||
$form
|
$form
|
||||||
|
|
|
||||||
|
|
@ -10,6 +10,7 @@ final class PhabricatorAuthProviderConfigEditor
|
||||||
$types[] = PhabricatorAuthProviderConfigTransaction::TYPE_REGISTRATION;
|
$types[] = PhabricatorAuthProviderConfigTransaction::TYPE_REGISTRATION;
|
||||||
$types[] = PhabricatorAuthProviderConfigTransaction::TYPE_LINK;
|
$types[] = PhabricatorAuthProviderConfigTransaction::TYPE_LINK;
|
||||||
$types[] = PhabricatorAuthProviderConfigTransaction::TYPE_UNLINK;
|
$types[] = PhabricatorAuthProviderConfigTransaction::TYPE_UNLINK;
|
||||||
|
$types[] = PhabricatorAuthProviderConfigTransaction::TYPE_TRUST_EMAILS;
|
||||||
$types[] = PhabricatorAuthProviderConfigTransaction::TYPE_PROPERTY;
|
$types[] = PhabricatorAuthProviderConfigTransaction::TYPE_PROPERTY;
|
||||||
|
|
||||||
return $types;
|
return $types;
|
||||||
|
|
@ -32,6 +33,8 @@ final class PhabricatorAuthProviderConfigEditor
|
||||||
return (int)$object->getShouldAllowLink();
|
return (int)$object->getShouldAllowLink();
|
||||||
case PhabricatorAuthProviderConfigTransaction::TYPE_UNLINK:
|
case PhabricatorAuthProviderConfigTransaction::TYPE_UNLINK:
|
||||||
return (int)$object->getShouldAllowUnlink();
|
return (int)$object->getShouldAllowUnlink();
|
||||||
|
case PhabricatorAuthProviderConfigTransaction::TYPE_UNLINK:
|
||||||
|
return (int)$object->getShouldTrustEmails();
|
||||||
case PhabricatorAuthProviderConfigTransaction::TYPE_PROPERTY:
|
case PhabricatorAuthProviderConfigTransaction::TYPE_PROPERTY:
|
||||||
$key = $xaction->getMetadataValue(
|
$key = $xaction->getMetadataValue(
|
||||||
PhabricatorAuthProviderConfigTransaction::PROPERTY_KEY);
|
PhabricatorAuthProviderConfigTransaction::PROPERTY_KEY);
|
||||||
|
|
@ -48,6 +51,7 @@ final class PhabricatorAuthProviderConfigEditor
|
||||||
case PhabricatorAuthProviderConfigTransaction::TYPE_REGISTRATION:
|
case PhabricatorAuthProviderConfigTransaction::TYPE_REGISTRATION:
|
||||||
case PhabricatorAuthProviderConfigTransaction::TYPE_LINK:
|
case PhabricatorAuthProviderConfigTransaction::TYPE_LINK:
|
||||||
case PhabricatorAuthProviderConfigTransaction::TYPE_UNLINK:
|
case PhabricatorAuthProviderConfigTransaction::TYPE_UNLINK:
|
||||||
|
case PhabricatorAuthProviderConfigTransaction::TYPE_TRUST_EMAILS:
|
||||||
case PhabricatorAuthProviderConfigTransaction::TYPE_PROPERTY:
|
case PhabricatorAuthProviderConfigTransaction::TYPE_PROPERTY:
|
||||||
return $xaction->getNewValue();
|
return $xaction->getNewValue();
|
||||||
}
|
}
|
||||||
|
|
@ -66,6 +70,8 @@ final class PhabricatorAuthProviderConfigEditor
|
||||||
return $object->setShouldAllowLink($v);
|
return $object->setShouldAllowLink($v);
|
||||||
case PhabricatorAuthProviderConfigTransaction::TYPE_UNLINK:
|
case PhabricatorAuthProviderConfigTransaction::TYPE_UNLINK:
|
||||||
return $object->setShouldAllowUnlink($v);
|
return $object->setShouldAllowUnlink($v);
|
||||||
|
case PhabricatorAuthProviderConfigTransaction::TYPE_TRUST_EMAILS:
|
||||||
|
return $object->setShouldTrustEmails($v);
|
||||||
case PhabricatorAuthProviderConfigTransaction::TYPE_PROPERTY:
|
case PhabricatorAuthProviderConfigTransaction::TYPE_PROPERTY:
|
||||||
$key = $xaction->getMetadataValue(
|
$key = $xaction->getMetadataValue(
|
||||||
PhabricatorAuthProviderConfigTransaction::PROPERTY_KEY);
|
PhabricatorAuthProviderConfigTransaction::PROPERTY_KEY);
|
||||||
|
|
@ -89,6 +95,7 @@ final class PhabricatorAuthProviderConfigEditor
|
||||||
case PhabricatorAuthProviderConfigTransaction::TYPE_REGISTRATION:
|
case PhabricatorAuthProviderConfigTransaction::TYPE_REGISTRATION:
|
||||||
case PhabricatorAuthProviderConfigTransaction::TYPE_LINK:
|
case PhabricatorAuthProviderConfigTransaction::TYPE_LINK:
|
||||||
case PhabricatorAuthProviderConfigTransaction::TYPE_UNLINK:
|
case PhabricatorAuthProviderConfigTransaction::TYPE_UNLINK:
|
||||||
|
case PhabricatorAuthProviderConfigTransaction::TYPE_TRUST_EMAILS:
|
||||||
// For these types, last transaction wins.
|
// For these types, last transaction wins.
|
||||||
return $v;
|
return $v;
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -141,6 +141,20 @@ abstract class PhabricatorAuthProvider {
|
||||||
return $this->getProviderConfig()->getShouldAllowUnlink();
|
return $this->getProviderConfig()->getShouldAllowUnlink();
|
||||||
}
|
}
|
||||||
|
|
||||||
|
public function shouldTrustEmails() {
|
||||||
|
return $this->shouldAllowEmailTrustConfiguration() &&
|
||||||
|
$this->getProviderConfig()->getShouldTrustEmails();
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Should we allow the adapter to be marked as "trusted"
|
||||||
|
* This is true for all adapters except those that allow the user to type in
|
||||||
|
* emails (@see PhabricatorAuthProviderPassword)
|
||||||
|
*/
|
||||||
|
public function shouldAllowEmailTrustConfiguration() {
|
||||||
|
return true;
|
||||||
|
}
|
||||||
|
|
||||||
public function buildLoginForm(
|
public function buildLoginForm(
|
||||||
PhabricatorAuthStartController $controller) {
|
PhabricatorAuthStartController $controller) {
|
||||||
return $this->renderLoginForm($controller->getRequest(), $mode = 'start');
|
return $this->renderLoginForm($controller->getRequest(), $mode = 'start');
|
||||||
|
|
|
||||||
|
|
@ -350,4 +350,7 @@ final class PhabricatorAuthProviderPassword
|
||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
public function shouldAllowEmailTrustConfiguration() {
|
||||||
|
return false;
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -12,6 +12,7 @@ final class PhabricatorAuthProviderConfig extends PhabricatorAuthDAO
|
||||||
protected $shouldAllowRegistration = 0;
|
protected $shouldAllowRegistration = 0;
|
||||||
protected $shouldAllowLink = 0;
|
protected $shouldAllowLink = 0;
|
||||||
protected $shouldAllowUnlink = 0;
|
protected $shouldAllowUnlink = 0;
|
||||||
|
protected $shouldTrustEmails = 0;
|
||||||
|
|
||||||
protected $properties = array();
|
protected $properties = array();
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -7,6 +7,7 @@ final class PhabricatorAuthProviderConfigTransaction
|
||||||
const TYPE_REGISTRATION = 'config:registration';
|
const TYPE_REGISTRATION = 'config:registration';
|
||||||
const TYPE_LINK = 'config:link';
|
const TYPE_LINK = 'config:link';
|
||||||
const TYPE_UNLINK = 'config:unlink';
|
const TYPE_UNLINK = 'config:unlink';
|
||||||
|
const TYPE_TRUST_EMAILS = "config:trustEmails";
|
||||||
const TYPE_PROPERTY = 'config:property';
|
const TYPE_PROPERTY = 'config:property';
|
||||||
|
|
||||||
const PROPERTY_KEY = 'auth:property';
|
const PROPERTY_KEY = 'auth:property';
|
||||||
|
|
@ -121,6 +122,17 @@ final class PhabricatorAuthProviderConfigTransaction
|
||||||
$this->renderHandleLink($author_phid));
|
$this->renderHandleLink($author_phid));
|
||||||
}
|
}
|
||||||
break;
|
break;
|
||||||
|
case self::TYPE_TRUST_EMAILS:
|
||||||
|
if ($new) {
|
||||||
|
return pht(
|
||||||
|
'%s enabled email trust.',
|
||||||
|
$this->renderHandleLink($author_phid));
|
||||||
|
} else {
|
||||||
|
return pht(
|
||||||
|
'%s disabled email trust.',
|
||||||
|
$this->renderHandleLink($author_phid));
|
||||||
|
}
|
||||||
|
break;
|
||||||
case self::TYPE_PROPERTY:
|
case self::TYPE_PROPERTY:
|
||||||
$provider = $this->getProvider();
|
$provider = $this->getProvider();
|
||||||
if ($provider) {
|
if ($provider) {
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue