diff --git a/src/__phutil_library_map__.php b/src/__phutil_library_map__.php index 27c25fafa1..0354ef878b 100644 --- a/src/__phutil_library_map__.php +++ b/src/__phutil_library_map__.php @@ -1808,6 +1808,7 @@ phutil_register_library_map(array( 'PhabricatorPeopleDeleteController' => 'applications/people/controller/PhabricatorPeopleDeleteController.php', 'PhabricatorPeopleDisableController' => 'applications/people/controller/PhabricatorPeopleDisableController.php', 'PhabricatorPeopleEditController' => 'applications/people/controller/PhabricatorPeopleEditController.php', + 'PhabricatorPeopleEmpowerController' => 'applications/people/controller/PhabricatorPeopleEmpowerController.php', 'PhabricatorPeopleHovercardEventListener' => 'applications/people/event/PhabricatorPeopleHovercardEventListener.php', 'PhabricatorPeopleLdapController' => 'applications/people/controller/PhabricatorPeopleLdapController.php', 'PhabricatorPeopleListController' => 'applications/people/controller/PhabricatorPeopleListController.php', @@ -4613,6 +4614,7 @@ phutil_register_library_map(array( 'PhabricatorPeopleDeleteController' => 'PhabricatorPeopleController', 'PhabricatorPeopleDisableController' => 'PhabricatorPeopleController', 'PhabricatorPeopleEditController' => 'PhabricatorPeopleController', + 'PhabricatorPeopleEmpowerController' => 'PhabricatorPeopleController', 'PhabricatorPeopleHovercardEventListener' => 'PhabricatorEventListener', 'PhabricatorPeopleLdapController' => 'PhabricatorPeopleController', 'PhabricatorPeopleListController' => diff --git a/src/applications/people/application/PhabricatorApplicationPeople.php b/src/applications/people/application/PhabricatorApplicationPeople.php index c937cad4e5..99f52c4d68 100644 --- a/src/applications/people/application/PhabricatorApplicationPeople.php +++ b/src/applications/people/application/PhabricatorApplicationPeople.php @@ -42,7 +42,11 @@ final class PhabricatorApplicationPeople extends PhabricatorApplication { '(query/(?P[^/]+)/)?' => 'PhabricatorPeopleListController', 'logs/' => 'PhabricatorPeopleLogsController', 'approve/(?P[1-9]\d*)/' => 'PhabricatorPeopleApproveController', - 'disable/(?P[1-9]\d*)/' => 'PhabricatorPeopleDisableController', + '(?Pdisapprove)/(?P[1-9]\d*)/' + => 'PhabricatorPeopleDisableController', + '(?Pdisable)/(?P[1-9]\d*)/' + => 'PhabricatorPeopleDisableController', + 'empower/(?P[1-9]\d*)/' => 'PhabricatorPeopleEmpowerController', 'delete/(?P[1-9]\d*)/' => 'PhabricatorPeopleDeleteController', 'rename/(?P[1-9]\d*)/' => 'PhabricatorPeopleRenameController', 'edit/(?:(?P[1-9]\d*)/(?:(?P\w+)/)?)?' diff --git a/src/applications/people/controller/PhabricatorPeopleDisableController.php b/src/applications/people/controller/PhabricatorPeopleDisableController.php index 16fab2e10c..a1715dffda 100644 --- a/src/applications/people/controller/PhabricatorPeopleDisableController.php +++ b/src/applications/people/controller/PhabricatorPeopleDisableController.php @@ -4,13 +4,14 @@ final class PhabricatorPeopleDisableController extends PhabricatorPeopleController { private $id; + private $via; public function willProcessRequest(array $data) { - $this->id = idx($data, 'id'); + $this->id = $data['id']; + $this->via = $data['via']; } public function processRequest() { - $request = $this->getRequest(); $admin = $request->getUser(); @@ -22,27 +23,65 @@ final class PhabricatorPeopleDisableController return new Aphront404Response(); } - $done_uri = $this->getApplicationURI('query/approval/'); + // NOTE: We reach this controller via the administrative "Disable User" + // on profiles and also via the "X" action on the approval queue. We do + // things slightly differently depending on the context the actor is in. + + $is_disapprove = ($this->via == 'disapprove'); + if ($is_disapprove) { + $done_uri = $this->getApplicationURI('query/approval/'); + $should_disable = true; + } else { + $done_uri = '/p/'.$user->getUsername().'/'; + $should_disable = !$user->getIsDisabled(); + } + + if ($admin->getPHID() == $user->getPHID()) { + return $this->newDialog() + ->setTitle(pht('Something Stays Your Hand')) + ->appendParagraph( + pht( + 'Try as you might, you find you can not disable your '. + 'own account.')) + ->addCancelButton($done_uri, pht('Curses!')); + } if ($request->isFormPost()) { id(new PhabricatorUserEditor()) ->setActor($admin) - ->disableUser($user, true); + ->disableUser($user, $should_disable); return id(new AphrontRedirectResponse())->setURI($done_uri); } - $dialog = id(new AphrontDialogView()) - ->setUser($admin) - ->setTitle(pht('Confirm Disable')) - ->appendChild( - pht( - 'Disable %s? They will no longer be able to access Phabricator or '. - 'receive email.', - phutil_tag('strong', array(), $user->getUsername()))) - ->addCancelButton($done_uri) - ->addSubmitButton(pht('Disable Account')); + if ($should_disable) { + $title = pht('Disable User?'); + $short_title = pht('Disable User'); - return id(new AphrontDialogResponse())->setDialog($dialog); + $body = pht( + 'Disable %s? They will no longer be able to access Phabricator or '. + 'receive email.', + phutil_tag('strong', array(), $user->getUsername())); + + $submit = pht('Disable User'); + } else { + $title = pht('Enable User?'); + $short_title = pht('Enable User'); + + $body = pht( + 'Enable %s? They will be able to access Phabricator and receive '. + 'email again.', + phutil_tag('strong', array(), $user->getUsername())); + + $submit = pht('Enable User'); + } + + return $this->newDialog() + ->setTitle($title) + ->setShortTitle($short_title) + ->appendParagraph($body) + ->addCancelButton($done_uri) + ->addSubmitButton($submit); } + } diff --git a/src/applications/people/controller/PhabricatorPeopleEditController.php b/src/applications/people/controller/PhabricatorPeopleEditController.php index 2f01ea6cb5..1f0d2fe909 100644 --- a/src/applications/people/controller/PhabricatorPeopleEditController.php +++ b/src/applications/people/controller/PhabricatorPeopleEditController.php @@ -35,7 +35,6 @@ final class PhabricatorPeopleEditController $nav->setBaseURI(new PhutilURI($base_uri)); $nav->addLabel(pht('User Information')); $nav->addFilter('basic', pht('Basic Information')); - $nav->addFilter('role', pht('Edit Roles')); $nav->addFilter('cert', pht('Conduit Certificate')); $nav->addFilter('profile', pht('View Profile'), '/p/'.$user->getUsername().'/'); @@ -61,9 +60,6 @@ final class PhabricatorPeopleEditController case 'basic': $response = $this->processBasicRequest($user); break; - case 'role': - $response = $this->processRoleRequest($user); - break; case 'cert': $response = $this->processCertificateRequest($user); break; @@ -331,103 +327,6 @@ final class PhabricatorPeopleEditController return array($form_box); } - private function processRoleRequest(PhabricatorUser $user) { - $request = $this->getRequest(); - $admin = $request->getUser(); - - $is_self = ($user->getID() == $admin->getID()); - - $errors = array(); - - if ($request->isFormPost()) { - - $log_template = PhabricatorUserLog::initializeNewLog( - $admin, - $user->getPHID(), - null); - - $logs = array(); - - if ($is_self) { - $errors[] = pht("You can not edit your own role."); - } else { - $new_admin = (bool)$request->getBool('is_admin'); - $old_admin = (bool)$user->getIsAdmin(); - if ($new_admin != $old_admin) { - id(new PhabricatorUserEditor()) - ->setActor($admin) - ->makeAdminUser($user, $new_admin); - } - - $new_disabled = (bool)$request->getBool('is_disabled'); - $old_disabled = (bool)$user->getIsDisabled(); - if ($new_disabled != $old_disabled) { - id(new PhabricatorUserEditor()) - ->setActor($admin) - ->disableUser($user, $new_disabled); - } - } - - if (!$errors) { - return id(new AphrontRedirectResponse()) - ->setURI($request->getRequestURI()->alter('saved', 'true')); - } - } - - $form = id(new AphrontFormView()) - ->setUser($admin) - ->setAction($request->getRequestURI()->alter('saved', null)); - - if ($is_self) { - $inst = pht('NOTE: You can not edit your own role.'); - $form->appendChild( - phutil_tag('p', array('class' => 'aphront-form-instructions'), $inst)); - } - - $form - ->appendChild($this->getRoleInstructions()) - ->appendChild( - id(new AphrontFormCheckboxControl()) - ->addCheckbox( - 'is_admin', - 1, - pht('Administrator'), - $user->getIsAdmin()) - ->setDisabled($is_self)) - ->appendChild( - id(new AphrontFormCheckboxControl()) - ->addCheckbox( - 'is_disabled', - 1, - pht('Disabled'), - $user->getIsDisabled()) - ->setDisabled($is_self)) - ->appendChild( - id(new AphrontFormCheckboxControl()) - ->addCheckbox( - 'is_agent', - 1, - pht('System Agent (Bot/Script User)'), - $user->getIsSystemAgent()) - ->setDisabled(true)); - - if (!$is_self) { - $form - ->appendChild( - id(new AphrontFormSubmitControl()) - ->setValue(pht('Edit Role'))); - } - - $title = pht('Edit Role'); - - $form_box = id(new PHUIObjectBoxView()) - ->setHeaderText($title) - ->setFormErrors($errors) - ->setForm($form); - - return array($form_box); - } - private function processCertificateRequest($user) { $request = $this->getRequest(); $admin = $request->getUser(); diff --git a/src/applications/people/controller/PhabricatorPeopleEmpowerController.php b/src/applications/people/controller/PhabricatorPeopleEmpowerController.php new file mode 100644 index 0000000000..743059905a --- /dev/null +++ b/src/applications/people/controller/PhabricatorPeopleEmpowerController.php @@ -0,0 +1,71 @@ +id = $data['id']; + } + + public function processRequest() { + $request = $this->getRequest(); + $admin = $request->getUser(); + + $user = id(new PhabricatorPeopleQuery()) + ->setViewer($admin) + ->withIDs(array($this->id)) + ->executeOne(); + if (!$user) { + return new Aphront404Response(); + } + + $profile_uri = '/p/'.$user->getUsername(); + + if ($user->getPHID() == $admin->getPHID()) { + return $this->newDialog() + ->setTitle(pht('Your Way is Blocked')) + ->appendParagraph( + pht( + 'After a time, your efforts fail. You can not adjust your own '. + 'status as an administrator.')) + ->addCancelButton($profile_uri, pht('Accept Fate')); + } + + if ($request->isFormPost()) { + id(new PhabricatorUserEditor()) + ->setActor($admin) + ->makeAdminUser($user, !$user->getIsAdmin()); + + return id(new AphrontRedirectResponse())->setURI($profile_uri); + } + + if ($user->getIsAdmin()) { + $title = pht('Remove as Administrator?'); + $short = pht('Remove Administrator'); + $body = pht( + 'Remove %s as an administrator? They will no longer be able to '. + 'perform administrative functions on this Phabricator install.', + phutil_tag('strong', array(), $user->getUsername())); + $submit = pht('Remove Administrator'); + } else { + $title = pht('Make Administrator?'); + $short = pht('Make Administrator'); + $body = pht( + 'Empower %s as an admistrator? They will be able to create users, '. + 'approve users, make and remove administrators, delete accounts, and '. + 'perform other administrative functions on this Phabricator install.', + phutil_tag('strong', array(), $user->getUsername())); + $submit = pht('Make Administrator'); + } + + return $this->newDialog() + ->setTitle($title) + ->setShortTitle($short) + ->appendParagraph($body) + ->addCancelButton($profile_uri) + ->addSubmitButton($submit); + } + +} diff --git a/src/applications/people/controller/PhabricatorPeopleListController.php b/src/applications/people/controller/PhabricatorPeopleListController.php index 2a84867ec1..0a035e1231 100644 --- a/src/applications/people/controller/PhabricatorPeopleListController.php +++ b/src/applications/people/controller/PhabricatorPeopleListController.php @@ -92,7 +92,7 @@ final class PhabricatorPeopleListController extends PhabricatorPeopleController ->setIcon('disable') ->setName(pht('Disable')) ->setWorkflow(true) - ->setHref($this->getApplicationURI('disable/'.$user_id.'/'))); + ->setHref($this->getApplicationURI('disapprove/'.$user_id.'/'))); $item->addAction( id(new PHUIListItemView()) ->setIcon('like') diff --git a/src/applications/people/controller/PhabricatorPeopleProfileController.php b/src/applications/people/controller/PhabricatorPeopleProfileController.php index 7654d7d3cc..18d6390da7 100644 --- a/src/applications/people/controller/PhabricatorPeopleProfileController.php +++ b/src/applications/people/controller/PhabricatorPeopleProfileController.php @@ -64,6 +64,22 @@ final class PhabricatorPeopleProfileController ->setWorkflow(!$can_edit)); if ($viewer->getIsAdmin()) { + if ($user->getIsAdmin()) { + $empower_icon = 'lower-priority'; + $empower_name = pht('Remove Administrator'); + } else { + $empower_icon = 'raise-priority'; + $empower_name = pht('Make Administrator'); + } + + $actions->addAction( + id(new PhabricatorActionView()) + ->setIcon($empower_icon) + ->setName($empower_name) + ->setDisabled(($user->getPHID() == $viewer->getPHID())) + ->setWorkflow(true) + ->setHref($this->getApplicationURI('empower/'.$user->getID().'/'))); + $actions->addAction( id(new PhabricatorActionView()) ->setIcon('tag') @@ -71,6 +87,22 @@ final class PhabricatorPeopleProfileController ->setWorkflow(true) ->setHref($this->getApplicationURI('rename/'.$user->getID().'/'))); + if ($user->getIsDisabled()) { + $disable_icon = 'enable'; + $disable_name = pht('Enable User'); + } else { + $disable_icon = 'disable'; + $disable_name = pht('Disable User'); + } + + $actions->addAction( + id(new PhabricatorActionView()) + ->setIcon($disable_icon) + ->setName($disable_name) + ->setDisabled(($user->getPHID() == $viewer->getPHID())) + ->setWorkflow(true) + ->setHref($this->getApplicationURI('disable/'.$user->getID().'/'))); + $actions->addAction( id(new PhabricatorActionView()) ->setIcon('delete')