Move email verification into PhabricatorUserEditor

Summary: Both email verify and welcome links now verify email, centralize them and record them in the user activity log.

Test Plan:
  - Followed a "verify email" link and got verified.
  - Followed a "welcome" (verifying) link.
  - Followed a "reset" (non-verifying) link.
  - Looked in the activity log for the verifications.

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: epriestley

Differential Revision: https://secure.phabricator.com/D9284

src/applications/auth/controller/PhabricatorAuthOneTimeLoginController.php

@@ -102,18 +102,9 @@ final class PhabricatorAuthOneTimeLoginController
         $token->delete();
 
         if ($target_email) {
-          $target_user->openTransaction();
+          id(new PhabricatorUserEditor())
-            $target_email->setIsVerified(1);
+            ->setActor($target_user)
-            $target_email->save();
+            ->verifyEmail($target_user, $target_email);
-
-            // If this was the user's primary email address, also mark their
-            // account as verified.
-            $primary_email = $target_user->loadPrimaryEmail();
-            if ($primary_email->getID() == $target_email->getID()) {
-              $target_user->setIsEmailVerified(1);
-              $target_user->save();
-            }
-          $target_user->saveTransaction();
         }
       unset($unguarded);
 

src/applications/auth/controller/PhabricatorEmailVerificationController.php

@@ -52,20 +52,10 @@ final class PhabricatorEmailVerificationController
         'This email address has already been verified.');
       $continue = pht('Continue to Phabricator');
     } else if ($request->isFormPost()) {
-      $email->openTransaction();
 
-        $email->setIsVerified(1);
+      id(new PhabricatorUserEditor())
-        $email->save();
+        ->setActor($user)
-
+        ->verifyEmail($user, $email);
-        // If the user just verified their primary email address, mark their
-        // account as email verified.
-        $user_primary = $user->loadPrimaryEmail();
-        if ($user_primary->getID() == $email->getID()) {
-          $user->setIsEmailVerified(1);
-          $user->save();
-        }
-
-      $email->saveTransaction();
 
       $title = pht('Address Verified');
       $content = pht(

src/applications/people/editor/PhabricatorUserEditor.php

@@ -494,6 +494,65 @@ final class PhabricatorUserEditor extends PhabricatorEditor {
   }
 
 
+  /**
+   * Verify a user's email address.
+   *
+   * This verifies an individual email address. If the address is the user's
+   * primary address and their account was not previously verified, their
+   * account is marked as email verified.
+   *
+   * @task email
+   */
+  public function verifyEmail(
+    PhabricatorUser $user,
+    PhabricatorUserEmail $email) {
+    $actor = $this->requireActor();
+
+    if (!$user->getID()) {
+      throw new Exception('User has not been created yet!');
+    }
+    if (!$email->getID()) {
+      throw new Exception('Email has not been created yet!');
+    }
+
+    $user->openTransaction();
+      $user->beginWriteLocking();
+
+        $user->reload();
+        $email->reload();
+
+        if ($email->getUserPHID() != $user->getPHID()) {
+          throw new Exception(pht('User does not own email!'));
+        }
+
+        if (!$email->getIsVerified()) {
+          $email->setIsVerified(1);
+          $email->save();
+
+          $log = PhabricatorUserLog::initializeNewLog(
+            $actor,
+            $user->getPHID(),
+            PhabricatorUserLog::ACTION_EMAIL_VERIFY);
+          $log->setNewValue($email->getAddress());
+          $log->save();
+        }
+
+        if (!$user->getIsEmailVerified()) {
+          // If the user just verified their primary email address, mark their
+          // account as email verified.
+          $user_primary = $user->loadPrimaryEmail();
+          if ($user_primary->getID() == $email->getID()) {
+            $user->setIsEmailVerified(1);
+            $user->save();
+          }
+        }
+
+      $user->endWriteLocking();
+    $user->saveTransaction();
+
+  }
+
+
 /* -(  Internals  )---------------------------------------------------------- */
 
 

src/applications/people/storage/PhabricatorUserLog.php

@@ -25,6 +25,7 @@ final class PhabricatorUserLog extends PhabricatorUserDAO
   const ACTION_EMAIL_PRIMARY    = 'email-primary';
   const ACTION_EMAIL_REMOVE     = 'email-remove';
   const ACTION_EMAIL_ADD        = 'email-add';
+  const ACTION_EMAIL_VERIFY     = 'email-verify';
 
   const ACTION_CHANGE_PASSWORD  = 'change-password';
   const ACTION_CHANGE_USERNAME  = 'change-username';
@@ -67,6 +68,7 @@ final class PhabricatorUserLog extends PhabricatorUserDAO
       self::ACTION_EMAIL_PRIMARY => pht('Email: Change Primary'),
       self::ACTION_EMAIL_ADD => pht('Email: Add Address'),
       self::ACTION_EMAIL_REMOVE => pht('Email: Remove Address'),
+      self::ACTION_EMAIL_VERIFY => pht('Email: Verify'),
       self::ACTION_CHANGE_PASSWORD => pht('Change Password'),
       self::ACTION_CHANGE_USERNAME => pht('Change Username'),
       self::ACTION_ENTER_HISEC => pht('Hisec: Enter'),