diff --git a/src/__phutil_library_map__.php b/src/__phutil_library_map__.php index 66be45ff5f..6864cdb5c6 100644 --- a/src/__phutil_library_map__.php +++ b/src/__phutil_library_map__.php @@ -818,6 +818,7 @@ phutil_register_library_map(array( 'PhabricatorAuthConfirmLinkController' => 'applications/auth/controller/PhabricatorAuthConfirmLinkController.php', 'PhabricatorAuthController' => 'applications/auth/controller/PhabricatorAuthController.php', 'PhabricatorAuthDAO' => 'applications/auth/storage/PhabricatorAuthDAO.php', + 'PhabricatorAuthDisableController' => 'applications/auth/controller/config/PhabricatorAuthDisableController.php', 'PhabricatorAuthEditController' => 'applications/auth/controller/config/PhabricatorAuthEditController.php', 'PhabricatorAuthLinkController' => 'applications/auth/controller/PhabricatorAuthLinkController.php', 'PhabricatorAuthListController' => 'applications/auth/controller/config/PhabricatorAuthListController.php', @@ -2694,6 +2695,7 @@ phutil_register_library_map(array( 'PhabricatorAuthConfirmLinkController' => 'PhabricatorAuthController', 'PhabricatorAuthController' => 'PhabricatorController', 'PhabricatorAuthDAO' => 'PhabricatorLiskDAO', + 'PhabricatorAuthDisableController' => 'PhabricatorAuthProviderConfigController', 'PhabricatorAuthEditController' => 'PhabricatorAuthProviderConfigController', 'PhabricatorAuthLinkController' => 'PhabricatorAuthController', 'PhabricatorAuthListController' => diff --git a/src/applications/auth/application/PhabricatorApplicationAuth.php b/src/applications/auth/application/PhabricatorApplicationAuth.php index 8b288e6088..9607700b3a 100644 --- a/src/applications/auth/application/PhabricatorApplicationAuth.php +++ b/src/applications/auth/application/PhabricatorApplicationAuth.php @@ -43,6 +43,8 @@ final class PhabricatorApplicationAuth extends PhabricatorApplication { 'new/' => 'PhabricatorAuthNewController', 'new/(?P[^/]+)/' => 'PhabricatorAuthEditController', 'edit/(?P\d+)/' => 'PhabricatorAuthEditController', + '(?Penable|disable)/(?P\d+)/' => + 'PhabricatorAuthDisableController', ), */ diff --git a/src/applications/auth/controller/config/PhabricatorAuthDisableController.php b/src/applications/auth/controller/config/PhabricatorAuthDisableController.php new file mode 100644 index 0000000000..037d308d3e --- /dev/null +++ b/src/applications/auth/controller/config/PhabricatorAuthDisableController.php @@ -0,0 +1,95 @@ +configID = idx($data, 'id'); + $this->action = idx($data, 'action'); + } + + public function processRequest() { + $request = $this->getRequest(); + $viewer = $request->getUser(); + + $config = id(new PhabricatorAuthProviderConfigQuery()) + ->setViewer($viewer) + ->requireCapabilities( + array( + PhabricatorPolicyCapability::CAN_VIEW, + PhabricatorPolicyCapability::CAN_EDIT, + )) + ->withIDs(array($this->configID)) + ->executeOne(); + if (!$config) { + return new Aphront404Response(); + } + + $is_enable = ($this->action === 'enable'); + + if ($request->isDialogFormPost()) { + $xactions = array(); + + $xactions[] = id(new PhabricatorAuthProviderConfigTransaction()) + ->setTransactionType( + PhabricatorAuthProviderConfigTransaction::TYPE_ENABLE) + ->setNewValue((int)$is_enable); + + $editor = id(new PhabricatorAuthProviderConfigEditor()) + ->setActor($viewer) + ->setContentSourceFromRequest($request) + ->setContinueOnNoEffect(true) + ->applyTransactions($config, $xactions); + + return id(new AphrontRedirectResponse())->setURI( + $this->getApplicationURI()); + } + + if ($is_enable) { + $title = pht('Enable Provider?'); + if ($config->getShouldAllowRegistration()) { + $body = pht( + 'Do you want to enable this provider? Users will be able to use '. + 'their existing external accounts to register new Phabricator '. + 'accounts and log in using linked accounts.'); + } else { + $body = pht( + 'Do you want to enable this provider? Users will be able to log '. + 'in to Phabricator using linked accounts.'); + } + $button = pht('Enable Provider'); + } else { + // TODO: We could tailor this a bit more. In particular, we could + // check if this is the last provider and either prevent if from + // being disabled or force the user through like 35 prompts. We could + // also check if it's the last provider linked to the acting user's + // account and pop a warning like "YOU WILL NO LONGER BE ABLE TO LOGIN + // YOU GOOF, YOU PROBABLY DO NOT MEAN TO DO THIS". None of this is + // critical and we can wait to see how users manage to shoot themselves + // in the feet. Shortly, `bin/auth` will be able to recover from these + // types of mistakes. + + $title = pht('Disable Provider?'); + $body = pht( + 'Do you want to disable this provider? Users will not be able to '. + 'register or log in using linked accounts. If there are any users '. + 'without other linked authentication mechanisms, they will no longer '. + 'be able to log in. If you disable all providers, no one will be '. + 'able to log in.'); + $button = pht('Disable Provider'); + } + + $dialog = id(new AphrontDialogView()) + ->setUser($viewer) + ->setTitle($title) + ->appendChild($body) + ->addCancelButton($this->getApplicationURI()) + ->addSubmitButton($button); + + return id(new AphrontDialogResponse())->setDialog($dialog); + } + +} diff --git a/src/applications/auth/controller/config/PhabricatorAuthEditController.php b/src/applications/auth/controller/config/PhabricatorAuthEditController.php index f1c84c6e91..a7f4998657 100644 --- a/src/applications/auth/controller/config/PhabricatorAuthEditController.php +++ b/src/applications/auth/controller/config/PhabricatorAuthEditController.php @@ -158,6 +158,18 @@ final class PhabricatorAuthEditController 'existing Phabricator accounts. If you disable this, Phabricator '. 'accounts will be permanently bound to provider accounts.')); + $status_tag = id(new PhabricatorTagView()) + ->setType(PhabricatorTagView::TYPE_STATE); + if ($config->getIsEnabled()) { + $status_tag + ->setName(pht('Enabled')) + ->setBackgroundColor('green'); + } else { + $status_tag + ->setName(pht('Disabled')) + ->setBackgroundColor('red'); + } + $form = id(new AphrontFormView()) ->setUser($viewer) ->setFlexible(true) @@ -165,6 +177,10 @@ final class PhabricatorAuthEditController id(new AphrontFormStaticControl()) ->setLabel(pht('Provider')) ->setValue($provider->getProviderName())) + ->appendChild( + id(new AphrontFormStaticControl()) + ->setLabel(pht('Status')) + ->setValue($status_tag)) ->appendChild( id(new AphrontFormCheckboxControl()) ->setLabel(pht('Allow')) diff --git a/src/applications/auth/controller/config/PhabricatorAuthListController.php b/src/applications/auth/controller/config/PhabricatorAuthListController.php index 25a555ac5a..b4ae4fad29 100644 --- a/src/applications/auth/controller/config/PhabricatorAuthListController.php +++ b/src/applications/auth/controller/config/PhabricatorAuthListController.php @@ -28,13 +28,33 @@ final class PhabricatorAuthListController foreach ($configs as $config) { $item = new PhabricatorObjectItemView(); - $edit_uri = $this->getApplicationURI('config/edit/'.$config->getID().'/'); + $id = $config->getID(); + + $edit_uri = $this->getApplicationURI('config/edit/'.$id.'/'); + $enable_uri = $this->getApplicationURI('config/enable/'.$id.'/'); + $disable_uri = $this->getApplicationURI('config/disable/'.$id.'/'); // TODO: Needs to be built out. $item ->setHeader($config->getProviderType()) ->setHref($edit_uri); + if ($config->getIsEnabled()) { + $item->addAction( + id(new PHUIListItemView()) + ->setIcon('delete') + ->setHref($disable_uri) + ->addSigil('workflow')); + } else { + $item->setBarColor('grey'); + $item->addIcon('delete-grey', pht('Disabled')); + $item->addAction( + id(new PHUIListItemView()) + ->setIcon('new') + ->setHref($enable_uri) + ->addSigil('workflow')); + } + $list->addItem($item); }