mirror of
https://we.phorge.it/source/phorge.git
synced 2024-12-22 13:30:55 +01:00
Allow AuthenticationProviderConfig to be enabled and disabled
Summary: Ref T1536. Nothing too exciting here, one TODO about tailoring error messages. Test Plan: {F46403} {F46404} {F46405} Reviewers: btrahan Reviewed By: btrahan CC: aran Maniphest Tasks: T1536 Differential Revision: https://secure.phabricator.com/D6204
This commit is contained in:
parent
07423211e9
commit
fc2973c5d3
5 changed files with 136 additions and 1 deletions
|
@ -818,6 +818,7 @@ phutil_register_library_map(array(
|
|||
'PhabricatorAuthConfirmLinkController' => 'applications/auth/controller/PhabricatorAuthConfirmLinkController.php',
|
||||
'PhabricatorAuthController' => 'applications/auth/controller/PhabricatorAuthController.php',
|
||||
'PhabricatorAuthDAO' => 'applications/auth/storage/PhabricatorAuthDAO.php',
|
||||
'PhabricatorAuthDisableController' => 'applications/auth/controller/config/PhabricatorAuthDisableController.php',
|
||||
'PhabricatorAuthEditController' => 'applications/auth/controller/config/PhabricatorAuthEditController.php',
|
||||
'PhabricatorAuthLinkController' => 'applications/auth/controller/PhabricatorAuthLinkController.php',
|
||||
'PhabricatorAuthListController' => 'applications/auth/controller/config/PhabricatorAuthListController.php',
|
||||
|
@ -2694,6 +2695,7 @@ phutil_register_library_map(array(
|
|||
'PhabricatorAuthConfirmLinkController' => 'PhabricatorAuthController',
|
||||
'PhabricatorAuthController' => 'PhabricatorController',
|
||||
'PhabricatorAuthDAO' => 'PhabricatorLiskDAO',
|
||||
'PhabricatorAuthDisableController' => 'PhabricatorAuthProviderConfigController',
|
||||
'PhabricatorAuthEditController' => 'PhabricatorAuthProviderConfigController',
|
||||
'PhabricatorAuthLinkController' => 'PhabricatorAuthController',
|
||||
'PhabricatorAuthListController' =>
|
||||
|
|
|
@ -43,6 +43,8 @@ final class PhabricatorApplicationAuth extends PhabricatorApplication {
|
|||
'new/' => 'PhabricatorAuthNewController',
|
||||
'new/(?P<className>[^/]+)/' => 'PhabricatorAuthEditController',
|
||||
'edit/(?P<id>\d+)/' => 'PhabricatorAuthEditController',
|
||||
'(?P<action>enable|disable)/(?P<id>\d+)/' =>
|
||||
'PhabricatorAuthDisableController',
|
||||
),
|
||||
|
||||
*/
|
||||
|
|
|
@ -0,0 +1,95 @@
|
|||
<?php
|
||||
|
||||
final class PhabricatorAuthDisableController
|
||||
extends PhabricatorAuthProviderConfigController {
|
||||
|
||||
private $configID;
|
||||
private $action;
|
||||
|
||||
public function willProcessRequest(array $data) {
|
||||
$this->configID = idx($data, 'id');
|
||||
$this->action = idx($data, 'action');
|
||||
}
|
||||
|
||||
public function processRequest() {
|
||||
$request = $this->getRequest();
|
||||
$viewer = $request->getUser();
|
||||
|
||||
$config = id(new PhabricatorAuthProviderConfigQuery())
|
||||
->setViewer($viewer)
|
||||
->requireCapabilities(
|
||||
array(
|
||||
PhabricatorPolicyCapability::CAN_VIEW,
|
||||
PhabricatorPolicyCapability::CAN_EDIT,
|
||||
))
|
||||
->withIDs(array($this->configID))
|
||||
->executeOne();
|
||||
if (!$config) {
|
||||
return new Aphront404Response();
|
||||
}
|
||||
|
||||
$is_enable = ($this->action === 'enable');
|
||||
|
||||
if ($request->isDialogFormPost()) {
|
||||
$xactions = array();
|
||||
|
||||
$xactions[] = id(new PhabricatorAuthProviderConfigTransaction())
|
||||
->setTransactionType(
|
||||
PhabricatorAuthProviderConfigTransaction::TYPE_ENABLE)
|
||||
->setNewValue((int)$is_enable);
|
||||
|
||||
$editor = id(new PhabricatorAuthProviderConfigEditor())
|
||||
->setActor($viewer)
|
||||
->setContentSourceFromRequest($request)
|
||||
->setContinueOnNoEffect(true)
|
||||
->applyTransactions($config, $xactions);
|
||||
|
||||
return id(new AphrontRedirectResponse())->setURI(
|
||||
$this->getApplicationURI());
|
||||
}
|
||||
|
||||
if ($is_enable) {
|
||||
$title = pht('Enable Provider?');
|
||||
if ($config->getShouldAllowRegistration()) {
|
||||
$body = pht(
|
||||
'Do you want to enable this provider? Users will be able to use '.
|
||||
'their existing external accounts to register new Phabricator '.
|
||||
'accounts and log in using linked accounts.');
|
||||
} else {
|
||||
$body = pht(
|
||||
'Do you want to enable this provider? Users will be able to log '.
|
||||
'in to Phabricator using linked accounts.');
|
||||
}
|
||||
$button = pht('Enable Provider');
|
||||
} else {
|
||||
// TODO: We could tailor this a bit more. In particular, we could
|
||||
// check if this is the last provider and either prevent if from
|
||||
// being disabled or force the user through like 35 prompts. We could
|
||||
// also check if it's the last provider linked to the acting user's
|
||||
// account and pop a warning like "YOU WILL NO LONGER BE ABLE TO LOGIN
|
||||
// YOU GOOF, YOU PROBABLY DO NOT MEAN TO DO THIS". None of this is
|
||||
// critical and we can wait to see how users manage to shoot themselves
|
||||
// in the feet. Shortly, `bin/auth` will be able to recover from these
|
||||
// types of mistakes.
|
||||
|
||||
$title = pht('Disable Provider?');
|
||||
$body = pht(
|
||||
'Do you want to disable this provider? Users will not be able to '.
|
||||
'register or log in using linked accounts. If there are any users '.
|
||||
'without other linked authentication mechanisms, they will no longer '.
|
||||
'be able to log in. If you disable all providers, no one will be '.
|
||||
'able to log in.');
|
||||
$button = pht('Disable Provider');
|
||||
}
|
||||
|
||||
$dialog = id(new AphrontDialogView())
|
||||
->setUser($viewer)
|
||||
->setTitle($title)
|
||||
->appendChild($body)
|
||||
->addCancelButton($this->getApplicationURI())
|
||||
->addSubmitButton($button);
|
||||
|
||||
return id(new AphrontDialogResponse())->setDialog($dialog);
|
||||
}
|
||||
|
||||
}
|
|
@ -158,6 +158,18 @@ final class PhabricatorAuthEditController
|
|||
'existing Phabricator accounts. If you disable this, Phabricator '.
|
||||
'accounts will be permanently bound to provider accounts.'));
|
||||
|
||||
$status_tag = id(new PhabricatorTagView())
|
||||
->setType(PhabricatorTagView::TYPE_STATE);
|
||||
if ($config->getIsEnabled()) {
|
||||
$status_tag
|
||||
->setName(pht('Enabled'))
|
||||
->setBackgroundColor('green');
|
||||
} else {
|
||||
$status_tag
|
||||
->setName(pht('Disabled'))
|
||||
->setBackgroundColor('red');
|
||||
}
|
||||
|
||||
$form = id(new AphrontFormView())
|
||||
->setUser($viewer)
|
||||
->setFlexible(true)
|
||||
|
@ -165,6 +177,10 @@ final class PhabricatorAuthEditController
|
|||
id(new AphrontFormStaticControl())
|
||||
->setLabel(pht('Provider'))
|
||||
->setValue($provider->getProviderName()))
|
||||
->appendChild(
|
||||
id(new AphrontFormStaticControl())
|
||||
->setLabel(pht('Status'))
|
||||
->setValue($status_tag))
|
||||
->appendChild(
|
||||
id(new AphrontFormCheckboxControl())
|
||||
->setLabel(pht('Allow'))
|
||||
|
|
|
@ -28,13 +28,33 @@ final class PhabricatorAuthListController
|
|||
foreach ($configs as $config) {
|
||||
$item = new PhabricatorObjectItemView();
|
||||
|
||||
$edit_uri = $this->getApplicationURI('config/edit/'.$config->getID().'/');
|
||||
$id = $config->getID();
|
||||
|
||||
$edit_uri = $this->getApplicationURI('config/edit/'.$id.'/');
|
||||
$enable_uri = $this->getApplicationURI('config/enable/'.$id.'/');
|
||||
$disable_uri = $this->getApplicationURI('config/disable/'.$id.'/');
|
||||
|
||||
// TODO: Needs to be built out.
|
||||
$item
|
||||
->setHeader($config->getProviderType())
|
||||
->setHref($edit_uri);
|
||||
|
||||
if ($config->getIsEnabled()) {
|
||||
$item->addAction(
|
||||
id(new PHUIListItemView())
|
||||
->setIcon('delete')
|
||||
->setHref($disable_uri)
|
||||
->addSigil('workflow'));
|
||||
} else {
|
||||
$item->setBarColor('grey');
|
||||
$item->addIcon('delete-grey', pht('Disabled'));
|
||||
$item->addAction(
|
||||
id(new PHUIListItemView())
|
||||
->setIcon('new')
|
||||
->setHref($enable_uri)
|
||||
->addSigil('workflow'));
|
||||
}
|
||||
|
||||
$list->addItem($item);
|
||||
}
|
||||
|
||||
|
|
Loading…
Reference in a new issue