1
0
Fork 0
mirror of https://we.phorge.it/source/phorge.git synced 2024-12-23 05:50:55 +01:00

Record account recovery email links in the user activity log and make the mail message reference the log

Summary:
Depends on D20672. Ref T13343. When a user requests an account access link via email:

  - log it in the activity log; and
  - reference the log in the mail.

This makes it easier to ban users misusing the feature, provided they're coming from a single remote address, and takes a few steps down the pathway toward a button in the mail that users can click to report the action, suspend account recovery for their account, etc.

Test Plan:
  - Requested an email recovery link.
  - Saw request appear in the user activity log.
  - Saw a reference to the log entry in the mail footer.

Reviewers: amckinley

Reviewed By: amckinley

Maniphest Tasks: T13343

Differential Revision: https://secure.phabricator.com/D20673
This commit is contained in:
epriestley 2019-07-19 14:59:36 -07:00
parent 57799bc82b
commit 60db658d52
4 changed files with 43 additions and 1 deletions

View file

@ -3216,6 +3216,7 @@ phutil_register_library_map(array(
'PhabricatorEmailFormatSetting' => 'applications/settings/setting/PhabricatorEmailFormatSetting.php',
'PhabricatorEmailFormatSettingsPanel' => 'applications/settings/panel/PhabricatorEmailFormatSettingsPanel.php',
'PhabricatorEmailLoginController' => 'applications/auth/controller/PhabricatorEmailLoginController.php',
'PhabricatorEmailLoginUserLogType' => 'applications/people/userlog/PhabricatorEmailLoginUserLogType.php',
'PhabricatorEmailNotificationsSetting' => 'applications/settings/setting/PhabricatorEmailNotificationsSetting.php',
'PhabricatorEmailPreferencesSettingsPanel' => 'applications/settings/panel/PhabricatorEmailPreferencesSettingsPanel.php',
'PhabricatorEmailRePrefixSetting' => 'applications/settings/setting/PhabricatorEmailRePrefixSetting.php',
@ -9343,6 +9344,7 @@ phutil_register_library_map(array(
'PhabricatorEmailFormatSetting' => 'PhabricatorSelectSetting',
'PhabricatorEmailFormatSettingsPanel' => 'PhabricatorEditEngineSettingsPanel',
'PhabricatorEmailLoginController' => 'PhabricatorAuthController',
'PhabricatorEmailLoginUserLogType' => 'PhabricatorUserLogType',
'PhabricatorEmailNotificationsSetting' => 'PhabricatorSelectSetting',
'PhabricatorEmailPreferencesSettingsPanel' => 'PhabricatorSettingsPanel',
'PhabricatorEmailRePrefixSetting' => 'PhabricatorSelectSetting',

View file

@ -104,10 +104,16 @@ final class PhabricatorEmailLoginController
if (!$errors) {
$target_address = new PhutilEmailAddress($target_email->getAddress());
$user_log = PhabricatorUserLog::initializeNewLog(
$viewer,
$target_user->getPHID(),
PhabricatorEmailLoginUserLogType::LOGTYPE);
$mail_engine = id(new PhabricatorPeopleEmailLoginMailEngine())
->setSender($viewer)
->setRecipient($target_user)
->setRecipientAddress($target_address);
->setRecipientAddress($target_address)
->setActivityLog($user_log);
try {
$mail_engine->validateMail();

View file

@ -6,6 +6,7 @@ abstract class PhabricatorPeopleMailEngine
private $sender;
private $recipient;
private $recipientAddress;
private $activityLog;
final public function setSender(PhabricatorUser $sender) {
$this->sender = $sender;
@ -47,6 +48,15 @@ abstract class PhabricatorPeopleMailEngine
return ($this->recipientAddress !== null);
}
final public function setActivityLog(PhabricatorUserLog $activity_log) {
$this->activityLog = $activity_log;
return $this;
}
final public function getActivityLog() {
return $this->activityLog;
}
final public function canSendMail() {
try {
$this->validateMail();
@ -68,6 +78,18 @@ abstract class PhabricatorPeopleMailEngine
$mail->addTos(array($recipient->getPHID()));
}
$activity_log = $this->getActivityLog();
if ($activity_log) {
$activity_log->save();
$body = array();
$body[] = rtrim($mail->getBody(), "\n");
$body[] = pht('Activity Log ID: #%d', $activity_log->getID());
$body = implode("\n\n", $body)."\n";
$mail->setBody($body);
}
$mail
->setForceDelivery(true)
->save();

View file

@ -0,0 +1,12 @@
<?php
final class PhabricatorEmailLoginUserLogType
extends PhabricatorUserLogType {
const LOGTYPE = 'email-login';
public function getLogTypeName() {
return pht('Email: Recovery Link');
}
}