mirror of
https://we.phorge.it/source/phorge.git
synced 2024-11-25 16:22:43 +01:00
bin/accountadmin - allow creation of system accounts and create workflow for system accounts that are in trouble
Summary: the former is self explanatory. the latter is necessary for installations that require email verification. since many system agents are given bogus email address there can become a problem where these accounts can't be verified Test Plan: created system agent account from scratch. edited user and toggled system agent accountness. created system agent with unverified email address and verified it. Reviewers: epriestley Reviewed By: epriestley CC: aran, Korvin Maniphest Tasks: T1656 Differential Revision: https://secure.phabricator.com/D3401
This commit is contained in:
Bob Trahan
parent
c52d66e5ba
commit
cc0b74b01a
4 changed files with 103 additions and 13 deletions
|
|
@ -85,7 +85,7 @@ $user->setRealName($realname);
|
|||
// a reasonable CLI interface for editing multiple addresses and managing email
|
||||
// verification and primary addresses.
|
||||
|
||||
$new_email = null;
|
||||
$create_email = null;
|
||||
if ($is_new) {
|
||||
do {
|
||||
$email = phutil_console_prompt("Enter user email address:");
|
||||
|
|
@ -100,7 +100,7 @@ if ($is_new) {
|
|||
}
|
||||
} while (true);
|
||||
|
||||
$new_email = $email;
|
||||
$create_email = $email;
|
||||
}
|
||||
|
||||
$changed_pass = false;
|
||||
|
|
@ -114,6 +114,29 @@ if (strlen($password)) {
|
|||
$changed_pass = $password;
|
||||
}
|
||||
|
||||
$is_system_agent = $user->getIsSystemAgent();
|
||||
$set_system_agent = phutil_console_confirm(
|
||||
'Should this user be a system agent?',
|
||||
$default_no = !$is_system_agent);
|
||||
|
||||
$verify_email = null;
|
||||
$set_verified = false;
|
||||
// Allow administrators to verify primary email addresses at this time in edit
|
||||
// scenarios. (Create will work just fine from here as we auto-verify email
|
||||
// on create.)
|
||||
if (!$is_new) {
|
||||
$verify_email = $user->loadPrimaryEmail();
|
||||
if (!$verify_email->getIsVerified()) {
|
||||
$set_verified = phutil_console_confirm(
|
||||
'Should the primary email address be verified?',
|
||||
$default_no = true
|
||||
);
|
||||
} else {
|
||||
// already verified so let's not make a fuss
|
||||
$verify_email = null;
|
||||
}
|
||||
}
|
||||
|
||||
$is_admin = $user->getIsAdmin();
|
||||
$set_admin = phutil_console_confirm(
|
||||
'Should this user be an administrator?',
|
||||
|
|
@ -124,14 +147,28 @@ $tpl = "%12s %-30s %-30s\n";
|
|||
printf($tpl, null, 'OLD VALUE', 'NEW VALUE');
|
||||
printf($tpl, 'Username', $original->getUsername(), $user->getUsername());
|
||||
printf($tpl, 'Real Name', $original->getRealName(), $user->getRealName());
|
||||
if ($new_email) {
|
||||
printf($tpl, 'Email', '', $new_email);
|
||||
if ($is_new) {
|
||||
printf($tpl, 'Email', '', $create_email);
|
||||
}
|
||||
printf($tpl, 'Password', null,
|
||||
($changed_pass !== false)
|
||||
? 'Updated'
|
||||
: 'Unchanged');
|
||||
|
||||
printf(
|
||||
$tpl,
|
||||
'System Agent',
|
||||
$original->getIsSystemAgent() ? 'Y' : 'N',
|
||||
$set_system_agent ? 'Y' : 'N');
|
||||
|
||||
if ($verify_email) {
|
||||
printf(
|
||||
$tpl,
|
||||
'Verify Email',
|
||||
$verify_email->getIsVerified() ? 'Y' : 'N',
|
||||
$set_verified ? 'Y' : 'N');
|
||||
}
|
||||
|
||||
printf(
|
||||
$tpl,
|
||||
'Admin',
|
||||
|
|
@ -153,17 +190,21 @@ $user->openTransaction();
|
|||
// this script to create the first user.
|
||||
$editor->setActor($user);
|
||||
|
||||
if ($new_email) {
|
||||
if ($is_new) {
|
||||
$email = id(new PhabricatorUserEmail())
|
||||
->setAddress($new_email)
|
||||
->setAddress($create_email)
|
||||
->setIsVerified(1);
|
||||
|
||||
$editor->createNewUser($user, $email);
|
||||
} else {
|
||||
$editor->updateUser($user);
|
||||
if ($verify_email) {
|
||||
$verify_email->setIsVerified($set_verified ? 1 : 0);
|
||||
}
|
||||
$editor->updateUser($user, $verify_email);
|
||||
}
|
||||
|
||||
$editor->makeAdminUser($user, $set_admin);
|
||||
$editor->makeSystemAgentUser($user, $set_system_agent);
|
||||
|
||||
if ($changed_pass !== false) {
|
||||
$envelope = new PhutilOpaqueEnvelope($changed_pass);
|
||||
|
|
|
|||
|
|
@ -103,7 +103,9 @@ final class PhabricatorUserEditor {
|
|||
/**
|
||||
* @task edit
|
||||
*/
|
||||
public function updateUser(PhabricatorUser $user) {
|
||||
public function updateUser(
|
||||
PhabricatorUser $user,
|
||||
PhabricatorUserEmail $email = null) {
|
||||
if (!$user->getID()) {
|
||||
throw new Exception("User has not been created yet!");
|
||||
}
|
||||
|
|
@ -111,6 +113,9 @@ final class PhabricatorUserEditor {
|
|||
$actor = $this->requireActor();
|
||||
$user->openTransaction();
|
||||
$user->save();
|
||||
if ($email) {
|
||||
$email->save();
|
||||
}
|
||||
|
||||
$log = PhabricatorUserLog::newLog(
|
||||
$actor,
|
||||
|
|
@ -235,6 +240,45 @@ final class PhabricatorUserEditor {
|
|||
return $this;
|
||||
}
|
||||
|
||||
/**
|
||||
* @task role
|
||||
*/
|
||||
public function makeSystemAgentUser(PhabricatorUser $user, $system_agent) {
|
||||
$actor = $this->requireActor();
|
||||
|
||||
if (!$user->getID()) {
|
||||
throw new Exception("User has not been created yet!");
|
||||
}
|
||||
|
||||
$user->openTransaction();
|
||||
$user->beginWriteLocking();
|
||||
|
||||
$user->reload();
|
||||
if ($user->getIsSystemAgent() == $system_agent) {
|
||||
$user->endWriteLocking();
|
||||
$user->killTransaction();
|
||||
return $this;
|
||||
}
|
||||
|
||||
$log = PhabricatorUserLog::newLog(
|
||||
$actor,
|
||||
$user,
|
||||
PhabricatorUserLog::ACTION_SYSTEM_AGENT);
|
||||
$log->setOldValue($user->getIsSystemAgent());
|
||||
$log->setNewValue($system_agent);
|
||||
|
||||
$user->setIsSystemAgent($system_agent);
|
||||
$user->save();
|
||||
|
||||
$log->save();
|
||||
|
||||
$user->endWriteLocking();
|
||||
$user->saveTransaction();
|
||||
|
||||
return $this;
|
||||
}
|
||||
|
||||
|
||||
/**
|
||||
* @task role
|
||||
*/
|
||||
|
|
|
|||
|
|
@ -132,8 +132,9 @@ final class PhabricatorPeopleEditController
|
|||
$request = $this->getRequest();
|
||||
if ($request->isFormPost()) {
|
||||
$welcome_checked = $request->getInt('welcome');
|
||||
$is_new = !$user->getID();
|
||||
|
||||
if (!$user->getID()) {
|
||||
if ($is_new) {
|
||||
$user->setUsername($request->getStr('username'));
|
||||
|
||||
$new_email = $request->getStr('email');
|
||||
|
|
@ -147,9 +148,6 @@ final class PhabricatorPeopleEditController
|
|||
$e_email = null;
|
||||
}
|
||||
|
||||
if ($request->getStr('role') == 'agent') {
|
||||
$user->setIsSystemAgent(true);
|
||||
}
|
||||
}
|
||||
$user->setRealName($request->getStr('realname'));
|
||||
|
||||
|
|
@ -172,7 +170,6 @@ final class PhabricatorPeopleEditController
|
|||
|
||||
if (!$errors) {
|
||||
try {
|
||||
$is_new = !$user->getID();
|
||||
|
||||
if (!$is_new) {
|
||||
id(new PhabricatorUserEditor())
|
||||
|
|
@ -186,6 +183,13 @@ final class PhabricatorPeopleEditController
|
|||
id(new PhabricatorUserEditor())
|
||||
->setActor($admin)
|
||||
->createNewUser($user, $email);
|
||||
|
||||
if ($request->getStr('role') == 'agent') {
|
||||
id(new PhabricatorUserEditor())
|
||||
->setActor($admin)
|
||||
->makeSystemAgentUser($user, true);
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
if ($welcome_checked) {
|
||||
|
|
|
|||
|
|
@ -27,6 +27,7 @@ final class PhabricatorUserLog extends PhabricatorUserDAO {
|
|||
const ACTION_EDIT = 'edit';
|
||||
|
||||
const ACTION_ADMIN = 'admin';
|
||||
const ACTION_SYSTEM_AGENT = 'system-agent';
|
||||
const ACTION_DISABLE = 'disable';
|
||||
const ACTION_DELETE = 'delete';
|
||||
|
||||
|
|
|
|||
Loading…
Reference in a new issue