Allow AuthenticationProviderConfig to be enabled and disabled

Summary: Ref T1536. Nothing too exciting here, one TODO about tailoring error messages.

Test Plan:
{F46403}

{F46404}

{F46405}

Reviewers: btrahan

Reviewed By: btrahan

CC: aran

Maniphest Tasks: T1536

Differential Revision: https://secure.phabricator.com/D6204

src/__phutil_library_map__.php

@@ -818,6 +818,7 @@ phutil_register_library_map(array(
     'PhabricatorAuthConfirmLinkController' => 'applications/auth/controller/PhabricatorAuthConfirmLinkController.php',
     'PhabricatorAuthController' => 'applications/auth/controller/PhabricatorAuthController.php',
     'PhabricatorAuthDAO' => 'applications/auth/storage/PhabricatorAuthDAO.php',
+    'PhabricatorAuthDisableController' => 'applications/auth/controller/config/PhabricatorAuthDisableController.php',
     'PhabricatorAuthEditController' => 'applications/auth/controller/config/PhabricatorAuthEditController.php',
     'PhabricatorAuthLinkController' => 'applications/auth/controller/PhabricatorAuthLinkController.php',
     'PhabricatorAuthListController' => 'applications/auth/controller/config/PhabricatorAuthListController.php',
@@ -2694,6 +2695,7 @@ phutil_register_library_map(array(
     'PhabricatorAuthConfirmLinkController' => 'PhabricatorAuthController',
     'PhabricatorAuthController' => 'PhabricatorController',
     'PhabricatorAuthDAO' => 'PhabricatorLiskDAO',
+    'PhabricatorAuthDisableController' => 'PhabricatorAuthProviderConfigController',
     'PhabricatorAuthEditController' => 'PhabricatorAuthProviderConfigController',
     'PhabricatorAuthLinkController' => 'PhabricatorAuthController',
     'PhabricatorAuthListController' =>

src/applications/auth/application/PhabricatorApplicationAuth.php

@@ -43,6 +43,8 @@ final class PhabricatorApplicationAuth extends PhabricatorApplication {
           'new/' => 'PhabricatorAuthNewController',
           'new/(?P<className>[^/]+)/' => 'PhabricatorAuthEditController',
           'edit/(?P<id>\d+)/' => 'PhabricatorAuthEditController',
+          '(?P<action>enable|disable)/(?P<id>\d+)/' =>
+            'PhabricatorAuthDisableController',
         ),
 
 */

src/applications/auth/controller/config/PhabricatorAuthDisableController.php

@@ -0,0 +1,95 @@
+<?php
+
+final class PhabricatorAuthDisableController
+  extends PhabricatorAuthProviderConfigController {
+
+  private $configID;
+  private $action;
+
+  public function willProcessRequest(array $data) {
+    $this->configID = idx($data, 'id');
+    $this->action = idx($data, 'action');
+  }
+
+  public function processRequest() {
+    $request = $this->getRequest();
+    $viewer = $request->getUser();
+
+    $config = id(new PhabricatorAuthProviderConfigQuery())
+      ->setViewer($viewer)
+      ->requireCapabilities(
+        array(
+          PhabricatorPolicyCapability::CAN_VIEW,
+          PhabricatorPolicyCapability::CAN_EDIT,
+        ))
+      ->withIDs(array($this->configID))
+      ->executeOne();
+    if (!$config) {
+      return new Aphront404Response();
+    }
+
+    $is_enable = ($this->action === 'enable');
+
+    if ($request->isDialogFormPost()) {
+      $xactions = array();
+
+      $xactions[] = id(new PhabricatorAuthProviderConfigTransaction())
+        ->setTransactionType(
+          PhabricatorAuthProviderConfigTransaction::TYPE_ENABLE)
+        ->setNewValue((int)$is_enable);
+
+      $editor = id(new PhabricatorAuthProviderConfigEditor())
+        ->setActor($viewer)
+        ->setContentSourceFromRequest($request)
+        ->setContinueOnNoEffect(true)
+        ->applyTransactions($config, $xactions);
+
+      return id(new AphrontRedirectResponse())->setURI(
+        $this->getApplicationURI());
+    }
+
+    if ($is_enable) {
+      $title = pht('Enable Provider?');
+      if ($config->getShouldAllowRegistration()) {
+        $body = pht(
+          'Do you want to enable this provider? Users will be able to use '.
+          'their existing external accounts to register new Phabricator '.
+          'accounts and log in using linked accounts.');
+      } else {
+        $body = pht(
+          'Do you want to enable this provider? Users will be able to log '.
+          'in to Phabricator using linked accounts.');
+      }
+      $button = pht('Enable Provider');
+    } else {
+      // TODO: We could tailor this a bit more. In particular, we could
+      // check if this is the last provider and either prevent if from
+      // being disabled or force the user through like 35 prompts. We could
+      // also check if it's the last provider linked to the acting user's
+      // account and pop a warning like "YOU WILL NO LONGER BE ABLE TO LOGIN
+      // YOU GOOF, YOU PROBABLY DO NOT MEAN TO DO THIS". None of this is
+      // critical and we can wait to see how users manage to shoot themselves
+      // in the feet. Shortly, `bin/auth` will be able to recover from these
+      // types of mistakes.
+
+      $title = pht('Disable Provider?');
+      $body = pht(
+        'Do you want to disable this provider? Users will not be able to '.
+        'register or log in using linked accounts. If there are any users '.
+        'without other linked authentication mechanisms, they will no longer '.
+        'be able to log in. If you disable all providers, no one will be '.
+        'able to log in.');
+      $button = pht('Disable Provider');
+    }
+
+    $dialog = id(new AphrontDialogView())
+      ->setUser($viewer)
+      ->setTitle($title)
+      ->appendChild($body)
+      ->addCancelButton($this->getApplicationURI())
+      ->addSubmitButton($button);
+
+    return id(new AphrontDialogResponse())->setDialog($dialog);
+  }
+
+}

src/applications/auth/controller/config/PhabricatorAuthEditController.php

@@ -158,6 +158,18 @@ final class PhabricatorAuthEditController
         'existing Phabricator accounts. If you disable this, Phabricator '.
         'accounts will be permanently bound to provider accounts.'));
 
+    $status_tag = id(new PhabricatorTagView())
+      ->setType(PhabricatorTagView::TYPE_STATE);
+    if ($config->getIsEnabled()) {
+      $status_tag
+        ->setName(pht('Enabled'))
+        ->setBackgroundColor('green');
+    } else {
+      $status_tag
+        ->setName(pht('Disabled'))
+        ->setBackgroundColor('red');
+    }
+
     $form = id(new AphrontFormView())
       ->setUser($viewer)
       ->setFlexible(true)
@@ -165,6 +177,10 @@ final class PhabricatorAuthEditController
         id(new AphrontFormStaticControl())
           ->setLabel(pht('Provider'))
           ->setValue($provider->getProviderName()))
+      ->appendChild(
+        id(new AphrontFormStaticControl())
+          ->setLabel(pht('Status'))
+          ->setValue($status_tag))
       ->appendChild(
         id(new AphrontFormCheckboxControl())
           ->setLabel(pht('Allow'))

src/applications/auth/controller/config/PhabricatorAuthListController.php

@@ -28,13 +28,33 @@ final class PhabricatorAuthListController
     foreach ($configs as $config) {
       $item = new PhabricatorObjectItemView();
 
-      $edit_uri = $this->getApplicationURI('config/edit/'.$config->getID().'/');
+      $id = $config->getID();
+
+      $edit_uri = $this->getApplicationURI('config/edit/'.$id.'/');
+      $enable_uri = $this->getApplicationURI('config/enable/'.$id.'/');
+      $disable_uri = $this->getApplicationURI('config/disable/'.$id.'/');
 
       // TODO: Needs to be built out.
       $item
         ->setHeader($config->getProviderType())
         ->setHref($edit_uri);
 
+      if ($config->getIsEnabled()) {
+        $item->addAction(
+          id(new PHUIListItemView())
+            ->setIcon('delete')
+            ->setHref($disable_uri)
+            ->addSigil('workflow'));
+      } else {
+        $item->setBarColor('grey');
+        $item->addIcon('delete-grey', pht('Disabled'));
+        $item->addAction(
+          id(new PHUIListItemView())
+            ->setIcon('new')
+            ->setHref($enable_uri)
+            ->addSigil('workflow'));
+      }
+
       $list->addItem($item);
     }