mirror of
https://we.phorge.it/source/phorge.git
synced 2024-11-26 00:32:42 +01:00
can now tell phabricator you trust an auth provider's emails (useful for Google OAuth), which will mark emails as "verified" and will skip email verification.
Summary: This is useful when you're trying to onboard an entire office and you end up using the Google OAuth anyway. Test Plan: tested locally. Maybe I should write some tests? Reviewers: #blessed_reviewers, epriestley Reviewed By: #blessed_reviewers, epriestley Subscribers: epriestley, Korvin Differential Revision: https://secure.phabricator.com/D9150
This commit is contained in:
parent
cf6353e516
commit
43d45c4956
8 changed files with 67 additions and 0 deletions
2
resources/sql/autopatches/20140515.trust-emails.sql
Normal file
2
resources/sql/autopatches/20140515.trust-emails.sql
Normal file
|
@ -0,0 +1,2 @@
|
|||
ALTER TABLE {$NAMESPACE}_auth.auth_providerconfig
|
||||
ADD `shouldTrustEmails` tinyint(1) NOT NULL DEFAULT 0 AFTER shouldAllowUnlink;
|
|
@ -249,6 +249,11 @@ final class PhabricatorAuthRegisterController
|
|||
($value_email === $default_email);
|
||||
}
|
||||
|
||||
if ($provider->shouldTrustEmails() &&
|
||||
$value_email === $default_email) {
|
||||
$verify_email = true;
|
||||
}
|
||||
|
||||
$email_obj = id(new PhabricatorUserEmail())
|
||||
->setAddress($value_email)
|
||||
->setIsVerified((int)$verify_email);
|
||||
|
|
|
@ -85,6 +85,7 @@ final class PhabricatorAuthEditController
|
|||
$v_registration = $config->getShouldAllowRegistration();
|
||||
$v_link = $config->getShouldAllowLink();
|
||||
$v_unlink = $config->getShouldAllowUnlink();
|
||||
$v_trust_email = $config->getShouldTrustEmails();
|
||||
|
||||
if ($request->isFormPost()) {
|
||||
|
||||
|
@ -120,6 +121,11 @@ final class PhabricatorAuthEditController
|
|||
PhabricatorAuthProviderConfigTransaction::TYPE_UNLINK)
|
||||
->setNewValue($request->getInt('allowUnlink', 0));
|
||||
|
||||
$xactions[] = id(new PhabricatorAuthProviderConfigTransaction())
|
||||
->setTransactionType(
|
||||
PhabricatorAuthProviderConfigTransaction::TYPE_TRUST_EMAILS)
|
||||
->setNewValue($request->getInt('trustEmails', 0));
|
||||
|
||||
foreach ($properties as $key => $value) {
|
||||
$xactions[] = id(new PhabricatorAuthProviderConfigTransaction())
|
||||
->setTransactionType(
|
||||
|
@ -212,6 +218,13 @@ final class PhabricatorAuthEditController
|
|||
'existing Phabricator accounts. If you disable this, Phabricator '.
|
||||
'accounts will be permanently bound to provider accounts.'));
|
||||
|
||||
$str_trusted_email = hsprintf(
|
||||
'<strong>%s:</strong> %s',
|
||||
pht('Trust Email Addresses'),
|
||||
pht(
|
||||
'Phabricator will skip email verification for accounts registered '.
|
||||
'through this provider.'));
|
||||
|
||||
$status_tag = id(new PHUITagView())
|
||||
->setType(PHUITagView::TYPE_STATE);
|
||||
if ($is_new) {
|
||||
|
@ -262,6 +275,16 @@ final class PhabricatorAuthEditController
|
|||
$str_unlink,
|
||||
$v_unlink));
|
||||
|
||||
if ($provider->shouldAllowEmailTrustConfiguration()) {
|
||||
$form->appendChild(
|
||||
id(new AphrontFormCheckboxControl())
|
||||
->addCheckbox(
|
||||
'trustEmails',
|
||||
1,
|
||||
$str_trusted_email,
|
||||
$v_trust_email));
|
||||
}
|
||||
|
||||
$provider->extendEditForm($request, $form, $properties, $issues);
|
||||
|
||||
$form
|
||||
|
|
|
@ -10,6 +10,7 @@ final class PhabricatorAuthProviderConfigEditor
|
|||
$types[] = PhabricatorAuthProviderConfigTransaction::TYPE_REGISTRATION;
|
||||
$types[] = PhabricatorAuthProviderConfigTransaction::TYPE_LINK;
|
||||
$types[] = PhabricatorAuthProviderConfigTransaction::TYPE_UNLINK;
|
||||
$types[] = PhabricatorAuthProviderConfigTransaction::TYPE_TRUST_EMAILS;
|
||||
$types[] = PhabricatorAuthProviderConfigTransaction::TYPE_PROPERTY;
|
||||
|
||||
return $types;
|
||||
|
@ -32,6 +33,8 @@ final class PhabricatorAuthProviderConfigEditor
|
|||
return (int)$object->getShouldAllowLink();
|
||||
case PhabricatorAuthProviderConfigTransaction::TYPE_UNLINK:
|
||||
return (int)$object->getShouldAllowUnlink();
|
||||
case PhabricatorAuthProviderConfigTransaction::TYPE_UNLINK:
|
||||
return (int)$object->getShouldTrustEmails();
|
||||
case PhabricatorAuthProviderConfigTransaction::TYPE_PROPERTY:
|
||||
$key = $xaction->getMetadataValue(
|
||||
PhabricatorAuthProviderConfigTransaction::PROPERTY_KEY);
|
||||
|
@ -48,6 +51,7 @@ final class PhabricatorAuthProviderConfigEditor
|
|||
case PhabricatorAuthProviderConfigTransaction::TYPE_REGISTRATION:
|
||||
case PhabricatorAuthProviderConfigTransaction::TYPE_LINK:
|
||||
case PhabricatorAuthProviderConfigTransaction::TYPE_UNLINK:
|
||||
case PhabricatorAuthProviderConfigTransaction::TYPE_TRUST_EMAILS:
|
||||
case PhabricatorAuthProviderConfigTransaction::TYPE_PROPERTY:
|
||||
return $xaction->getNewValue();
|
||||
}
|
||||
|
@ -66,6 +70,8 @@ final class PhabricatorAuthProviderConfigEditor
|
|||
return $object->setShouldAllowLink($v);
|
||||
case PhabricatorAuthProviderConfigTransaction::TYPE_UNLINK:
|
||||
return $object->setShouldAllowUnlink($v);
|
||||
case PhabricatorAuthProviderConfigTransaction::TYPE_TRUST_EMAILS:
|
||||
return $object->setShouldTrustEmails($v);
|
||||
case PhabricatorAuthProviderConfigTransaction::TYPE_PROPERTY:
|
||||
$key = $xaction->getMetadataValue(
|
||||
PhabricatorAuthProviderConfigTransaction::PROPERTY_KEY);
|
||||
|
@ -89,6 +95,7 @@ final class PhabricatorAuthProviderConfigEditor
|
|||
case PhabricatorAuthProviderConfigTransaction::TYPE_REGISTRATION:
|
||||
case PhabricatorAuthProviderConfigTransaction::TYPE_LINK:
|
||||
case PhabricatorAuthProviderConfigTransaction::TYPE_UNLINK:
|
||||
case PhabricatorAuthProviderConfigTransaction::TYPE_TRUST_EMAILS:
|
||||
// For these types, last transaction wins.
|
||||
return $v;
|
||||
}
|
||||
|
|
|
@ -141,6 +141,20 @@ abstract class PhabricatorAuthProvider {
|
|||
return $this->getProviderConfig()->getShouldAllowUnlink();
|
||||
}
|
||||
|
||||
public function shouldTrustEmails() {
|
||||
return $this->shouldAllowEmailTrustConfiguration() &&
|
||||
$this->getProviderConfig()->getShouldTrustEmails();
|
||||
}
|
||||
|
||||
/**
|
||||
* Should we allow the adapter to be marked as "trusted"
|
||||
* This is true for all adapters except those that allow the user to type in
|
||||
* emails (@see PhabricatorAuthProviderPassword)
|
||||
*/
|
||||
public function shouldAllowEmailTrustConfiguration() {
|
||||
return true;
|
||||
}
|
||||
|
||||
public function buildLoginForm(
|
||||
PhabricatorAuthStartController $controller) {
|
||||
return $this->renderLoginForm($controller->getRequest(), $mode = 'start');
|
||||
|
|
|
@ -350,4 +350,7 @@ final class PhabricatorAuthProviderPassword
|
|||
return false;
|
||||
}
|
||||
|
||||
public function shouldAllowEmailTrustConfiguration() {
|
||||
return false;
|
||||
}
|
||||
}
|
||||
|
|
|
@ -12,6 +12,7 @@ final class PhabricatorAuthProviderConfig extends PhabricatorAuthDAO
|
|||
protected $shouldAllowRegistration = 0;
|
||||
protected $shouldAllowLink = 0;
|
||||
protected $shouldAllowUnlink = 0;
|
||||
protected $shouldTrustEmails = 0;
|
||||
|
||||
protected $properties = array();
|
||||
|
||||
|
|
|
@ -7,6 +7,7 @@ final class PhabricatorAuthProviderConfigTransaction
|
|||
const TYPE_REGISTRATION = 'config:registration';
|
||||
const TYPE_LINK = 'config:link';
|
||||
const TYPE_UNLINK = 'config:unlink';
|
||||
const TYPE_TRUST_EMAILS = "config:trustEmails";
|
||||
const TYPE_PROPERTY = 'config:property';
|
||||
|
||||
const PROPERTY_KEY = 'auth:property';
|
||||
|
@ -121,6 +122,17 @@ final class PhabricatorAuthProviderConfigTransaction
|
|||
$this->renderHandleLink($author_phid));
|
||||
}
|
||||
break;
|
||||
case self::TYPE_TRUST_EMAILS:
|
||||
if ($new) {
|
||||
return pht(
|
||||
'%s enabled email trust.',
|
||||
$this->renderHandleLink($author_phid));
|
||||
} else {
|
||||
return pht(
|
||||
'%s disabled email trust.',
|
||||
$this->renderHandleLink($author_phid));
|
||||
}
|
||||
break;
|
||||
case self::TYPE_PROPERTY:
|
||||
$provider = $this->getProvider();
|
||||
if ($provider) {
|
||||
|
|
Loading…
Reference in a new issue