Allow administrators to manage addresses for mailing list users

Summary: Ref T8387. Mostly just modernizes this panel to work for viewers vs users. Auto-verify these edits since they aren't otherwise verifiable. Test Plan: - Added, changed, removed addresses for a list. - Used panel normally for my own account. - Verified bots don't get a panel. Reviewers: btrahan Reviewed By: btrahan Subscribers: eadler, epriestley Maniphest Tasks: T8387 Differential Revision: https://secure.phabricator.com/D13125
2024-12-19 03:50:54 +01:00 · 2015-06-02 11:56:11 -07:00 · 2015-06-02 11:56:11 -07:00 · e0a3e6ba3b
commit e0a3e6ba3b
parent 992c199577
1 changed files with 39 additions and 20 deletions
--- a/src/applications/settings/panel/PhabricatorEmailAddressesSettingsPanel.php
+++ b/src/applications/settings/panel/PhabricatorEmailAddressesSettingsPanel.php
@ -15,8 +15,16 @@ final class PhabricatorEmailAddressesSettingsPanel
    return pht('Email');
  }

+  public function isEditableByAdministrators() {
+    if ($this->getUser()->getIsMailingList()) {
+      return true;
+    }
+
+    return false;
+  }
+
  public function processRequest(AphrontRequest $request) {
-    $user = $request->getUser();
+    $user = $this->getUser();
    $editable = PhabricatorEnv::getEnvConfig('account.editable');

    $uri = $request->getRequestURI();
@ -157,7 +165,8 @@ final class PhabricatorEmailAddressesSettingsPanel
    PhutilURI $uri,
    $new) {

-    $user = $request->getUser();
+    $user = $this->getUser();
+    $viewer = $this->getViewer();

    $e_email = true;
    $email   = null;
@ -171,7 +180,7 @@ final class PhabricatorEmailAddressesSettingsPanel
      }

      PhabricatorSystemActionEngine::willTakeAction(
-        array($user->getPHID()),
+        array($viewer->getPHID()),
        new PhabricatorSettingsAddEmailAction(),
        1);

@ -201,12 +210,24 @@ final class PhabricatorEmailAddressesSettingsPanel
          ->setAddress($email)
          ->setIsVerified(0);

-        try {
+        // If an administrator is editing a mailing list, automatically verify
+        // the address.
+        if ($viewer->getPHID() != $user->getPHID()) {
+          if ($viewer->getIsAdmin()) {
+            $object->setIsVerified(1);
+          }
+        }

+        try {
          id(new PhabricatorUserEditor())
-            ->setActor($user)
+            ->setActor($viewer)
            ->addEmail($user, $object);

+          if ($object->getIsVerified()) {
+            // If we autoverified the address, just reload the page.
+            return id(new AphrontReloadResponse())->setURI($uri);
+          }
+
          $object->sendVerificationEmail($user);

          $dialog = id(new AphrontDialogView())
@ -242,7 +263,7 @@ final class PhabricatorEmailAddressesSettingsPanel
          ->setError($e_email));

    $dialog = id(new AphrontDialogView())
-      ->setUser($user)
+      ->setUser($viewer)
      ->addHiddenInput('new', 'true')
      ->setTitle(pht('New Address'))
      ->appendChild($errors)
@ -257,8 +278,8 @@ final class PhabricatorEmailAddressesSettingsPanel
    AphrontRequest $request,
    PhutilURI $uri,
    $email_id) {
-
-    $user = $request->getUser();
+    $user = $this->getUser();
+    $viewer = $this->getViewer();

    // NOTE: You can only delete your own email addresses, and you can not
    // delete your primary address.
@ -272,9 +293,8 @@ final class PhabricatorEmailAddressesSettingsPanel
    }

    if ($request->isFormPost()) {
-
      id(new PhabricatorUserEditor())
-        ->setActor($user)
+        ->setActor($viewer)
        ->removeEmail($user, $email);

      return id(new AphrontRedirectResponse())->setURI($uri);
@ -283,7 +303,7 @@ final class PhabricatorEmailAddressesSettingsPanel
    $address = $email->getAddress();

    $dialog = id(new AphrontDialogView())
-      ->setUser($user)
+      ->setUser($viewer)
      ->addHiddenInput('delete', $email_id)
      ->setTitle(pht("Really delete address '%s'?", $address))
      ->appendParagraph(
@ -304,8 +324,8 @@ final class PhabricatorEmailAddressesSettingsPanel
    AphrontRequest $request,
    PhutilURI $uri,
    $email_id) {
-
-    $user = $request->getUser();
+    $user = $this->getUser();
+    $viewer = $this->getViewer();

    // NOTE: You can only send more email for your unverified addresses.
    $email = id(new PhabricatorUserEmail())->loadOneWhere(
@ -325,7 +345,7 @@ final class PhabricatorEmailAddressesSettingsPanel
    $address = $email->getAddress();

    $dialog = id(new AphrontDialogView())
-      ->setUser($user)
+      ->setUser($viewer)
      ->addHiddenInput('verify', $email_id)
      ->setTitle(pht('Send Another Verification Email?'))
      ->appendChild(phutil_tag('p', array(), pht(
@ -341,11 +361,11 @@ final class PhabricatorEmailAddressesSettingsPanel
    AphrontRequest $request,
    PhutilURI $uri,
    $email_id) {
-
-    $user = $request->getUser();
+    $user = $this->getUser();
+    $viewer = $this->getViewer();

    $token = id(new PhabricatorAuthSessionEngine())->requireHighSecuritySession(
-      $user,
+      $viewer,
      $request,
      $this->getPanelURI());

@ -360,9 +380,8 @@ final class PhabricatorEmailAddressesSettingsPanel
    }

    if ($request->isFormPost()) {
-
      id(new PhabricatorUserEditor())
-        ->setActor($user)
+        ->setActor($viewer)
        ->changePrimaryEmail($user, $email);

      return id(new AphrontRedirectResponse())->setURI($uri);
@ -371,7 +390,7 @@ final class PhabricatorEmailAddressesSettingsPanel
    $address = $email->getAddress();

    $dialog = id(new AphrontDialogView())
-      ->setUser($user)
+      ->setUser($viewer)
      ->addHiddenInput('primary', $email_id)
      ->setTitle(pht('Change primary email address?'))
      ->appendParagraph(