Record account recovery email links in the user activity log and make the mail message reference the log

Summary:
Depends on D20672. Ref T13343. When a user requests an account access link via email:

  - log it in the activity log; and
  - reference the log in the mail.

This makes it easier to ban users misusing the feature, provided they're coming from a single remote address, and takes a few steps down the pathway toward a button in the mail that users can click to report the action, suspend account recovery for their account, etc.

Test Plan:
  - Requested an email recovery link.
  - Saw request appear in the user activity log.
  - Saw a reference to the log entry in the mail footer.

Reviewers: amckinley

Reviewed By: amckinley

Maniphest Tasks: T13343

Differential Revision: https://secure.phabricator.com/D20673

src/__phutil_library_map__.php

@@ -3216,6 +3216,7 @@ phutil_register_library_map(array(
     'PhabricatorEmailFormatSetting' => 'applications/settings/setting/PhabricatorEmailFormatSetting.php',
     'PhabricatorEmailFormatSettingsPanel' => 'applications/settings/panel/PhabricatorEmailFormatSettingsPanel.php',
     'PhabricatorEmailLoginController' => 'applications/auth/controller/PhabricatorEmailLoginController.php',
+    'PhabricatorEmailLoginUserLogType' => 'applications/people/userlog/PhabricatorEmailLoginUserLogType.php',
     'PhabricatorEmailNotificationsSetting' => 'applications/settings/setting/PhabricatorEmailNotificationsSetting.php',
     'PhabricatorEmailPreferencesSettingsPanel' => 'applications/settings/panel/PhabricatorEmailPreferencesSettingsPanel.php',
     'PhabricatorEmailRePrefixSetting' => 'applications/settings/setting/PhabricatorEmailRePrefixSetting.php',
@@ -9343,6 +9344,7 @@ phutil_register_library_map(array(
     'PhabricatorEmailFormatSetting' => 'PhabricatorSelectSetting',
     'PhabricatorEmailFormatSettingsPanel' => 'PhabricatorEditEngineSettingsPanel',
     'PhabricatorEmailLoginController' => 'PhabricatorAuthController',
+    'PhabricatorEmailLoginUserLogType' => 'PhabricatorUserLogType',
     'PhabricatorEmailNotificationsSetting' => 'PhabricatorSelectSetting',
     'PhabricatorEmailPreferencesSettingsPanel' => 'PhabricatorSettingsPanel',
     'PhabricatorEmailRePrefixSetting' => 'PhabricatorSelectSetting',

src/applications/auth/controller/PhabricatorEmailLoginController.php

@@ -104,10 +104,16 @@ final class PhabricatorEmailLoginController
         if (!$errors) {
           $target_address = new PhutilEmailAddress($target_email->getAddress());
 
+          $user_log = PhabricatorUserLog::initializeNewLog(
+            $viewer,
+            $target_user->getPHID(),
+            PhabricatorEmailLoginUserLogType::LOGTYPE);
+
           $mail_engine = id(new PhabricatorPeopleEmailLoginMailEngine())
             ->setSender($viewer)
             ->setRecipient($target_user)
-            ->setRecipientAddress($target_address);
+            ->setRecipientAddress($target_address)
+            ->setActivityLog($user_log);
 
           try {
             $mail_engine->validateMail();

src/applications/people/mail/PhabricatorPeopleMailEngine.php

@@ -6,6 +6,7 @@ abstract class PhabricatorPeopleMailEngine
   private $sender;
   private $recipient;
   private $recipientAddress;
+  private $activityLog;
 
   final public function setSender(PhabricatorUser $sender) {
     $this->sender = $sender;
@@ -47,6 +48,15 @@ abstract class PhabricatorPeopleMailEngine
     return ($this->recipientAddress !== null);
   }
 
+  final public function setActivityLog(PhabricatorUserLog $activity_log) {
+    $this->activityLog = $activity_log;
+    return $this;
+  }
+
+  final public function getActivityLog() {
+    return $this->activityLog;
+  }
+
   final public function canSendMail() {
     try {
       $this->validateMail();
@@ -68,6 +78,18 @@ abstract class PhabricatorPeopleMailEngine
       $mail->addTos(array($recipient->getPHID()));
     }
 
+    $activity_log = $this->getActivityLog();
+    if ($activity_log) {
+      $activity_log->save();
+
+      $body = array();
+      $body[] = rtrim($mail->getBody(), "\n");
+      $body[] = pht('Activity Log ID: #%d', $activity_log->getID());
+      $body = implode("\n\n", $body)."\n";
+
+      $mail->setBody($body);
+    }
+
     $mail
       ->setForceDelivery(true)
       ->save();

src/applications/people/userlog/PhabricatorEmailLoginUserLogType.php

@@ -0,0 +1,12 @@
+<?php
+
+final class PhabricatorEmailLoginUserLogType
+  extends PhabricatorUserLogType {
+
+  const LOGTYPE = 'email-login';
+
+  public function getLogTypeName() {
+    return pht('Email: Recovery Link');
+  }
+
+}