1
0
Fork 0
mirror of https://we.phorge.it/source/phorge.git synced 2024-12-24 06:20:56 +01:00

Don't allow welcome mail to be sent to users who can't login

Summary:
Fixes T9446. We allow administrators to send "Welcome" mail to bots and mailing lists.

This is harmless (these links do not function), but confusing.

Instead, disable this option in the UI and explain why it is disabled when it is clicked. Also prevent generation of this mail lower in the stack.

Test Plan:
  - Viewed a bot page, saw action disabled, clicked it, got explanation.
  - Viewed a normal user page, saw action enabled, clicked it, sent welcome email.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T9446

Differential Revision: https://secure.phabricator.com/D14134
This commit is contained in:
epriestley 2015-09-20 04:28:33 -07:00
parent 9ea6249a18
commit a0ed843d47
3 changed files with 25 additions and 10 deletions

View file

@ -136,11 +136,14 @@ final class PhabricatorPeopleProfileController
->setWorkflow(true) ->setWorkflow(true)
->setHref($this->getApplicationURI('delete/'.$user->getID().'/'))); ->setHref($this->getApplicationURI('delete/'.$user->getID().'/')));
$can_welcome = $user->canEstablishWebSessions();
$actions->addAction( $actions->addAction(
id(new PhabricatorActionView()) id(new PhabricatorActionView())
->setIcon('fa-envelope') ->setIcon('fa-envelope')
->setName(pht('Send Welcome Email')) ->setName(pht('Send Welcome Email'))
->setWorkflow(true) ->setWorkflow(true)
->setDisabled(!$can_welcome)
->setHref($this->getApplicationURI('welcome/'.$user->getID().'/'))); ->setHref($this->getApplicationURI('welcome/'.$user->getID().'/')));
} }

View file

@ -3,19 +3,12 @@
final class PhabricatorPeopleWelcomeController final class PhabricatorPeopleWelcomeController
extends PhabricatorPeopleController { extends PhabricatorPeopleController {
private $id; public function handleRequest(AphrontRequest $request) {
$admin = $this->getViewer();
public function willProcessRequest(array $data) {
$this->id = $data['id'];
}
public function processRequest() {
$request = $this->getRequest();
$admin = $request->getUser();
$user = id(new PhabricatorPeopleQuery()) $user = id(new PhabricatorPeopleQuery())
->setViewer($admin) ->setViewer($admin)
->withIDs(array($this->id)) ->withIDs(array($request->getURIData('id')))
->executeOne(); ->executeOne();
if (!$user) { if (!$user) {
return new Aphront404Response(); return new Aphront404Response();
@ -23,6 +16,18 @@ final class PhabricatorPeopleWelcomeController
$profile_uri = '/p/'.$user->getUsername().'/'; $profile_uri = '/p/'.$user->getUsername().'/';
if (!$user->canEstablishWebSessions()) {
return $this->newDialog()
->setTitle(pht('Not a Normal User'))
->appendParagraph(
pht(
'You can not send this user a welcome mail because they are not '.
'a normal user and can not log in to the web interface. Special '.
'users (like bots and mailing lists) are unable to establish web '.
'sessions.'))
->addCancelButton($profile_uri, pht('Done'));
}
if ($request->isFormPost()) { if ($request->isFormPost()) {
$user->sendWelcomeEmail($admin); $user->sendWelcomeEmail($admin);
return id(new AphrontRedirectResponse())->setURI($profile_uri); return id(new AphrontRedirectResponse())->setURI($profile_uri);

View file

@ -587,6 +587,13 @@ final class PhabricatorUser
} }
public function sendWelcomeEmail(PhabricatorUser $admin) { public function sendWelcomeEmail(PhabricatorUser $admin) {
if (!$this->canEstablishWebSessions()) {
throw new Exception(
pht(
'Can not send welcome mail to users who can not establish '.
'web sessions!'));
}
$admin_username = $admin->getUserName(); $admin_username = $admin->getUserName();
$admin_realname = $admin->getRealName(); $admin_realname = $admin->getRealName();
$user_username = $this->getUserName(); $user_username = $this->getUserName();