1
0
Fork 0
mirror of https://we.phorge.it/source/phorge.git synced 2024-11-15 19:32:40 +01:00
Commit graph

314 commits

Author SHA1 Message Date
epriestley
f9ac534f25 Support CSRF for logged-out users
Summary: Fixes T4339. If you're anonymous, we use a digest of your session key to generate a CSRF token. Otherwise, everything works normally.

Test Plan: Logged out, logged in, tweaked CSRF in forms -- I'll add some inlines.

Reviewers: btrahan

Reviewed By: btrahan

CC: aran

Maniphest Tasks: T4339

Differential Revision: https://secure.phabricator.com/D8046
2014-01-23 14:03:54 -08:00
epriestley
24544b1a2f Straighten out absolute/relative URIs in login providers
Summary:
Ref T4339. Login providers use absolute URIs, but the ones that rely on local form submits should not, because we want to include CSRF tokens where applicable.

Instead, make the default be relative URIs and turn them into absolute ones for the callback proivders.

Test Plan: Clicked, like, every login button.

Reviewers: btrahan

Reviewed By: btrahan

CC: aran

Maniphest Tasks: T4339

Differential Revision: https://secure.phabricator.com/D8045
2014-01-23 14:03:44 -08:00
epriestley
69ddb0ced6 Issue "anonymous" sessions for logged-out users
Summary:
Ref T4339. Ref T4310. Currently, sessions look like `"afad85d675fda87a4fadd54"`, and are only issued for logged-in users. To support logged-out CSRF and (eventually) external user sessions, I made two small changes:

  - First, sessions now have a "kind", which is indicated by a prefix, like `"A/ab987asdcas7dca"`. This mostly allows us to issue session queries more efficiently: we don't have to issue a query at all for anonymous sessions, and can join the correct table for user and external sessions and save a query. Generally, this gives us more debugging information and more opportunity to recover from issues in a user-friendly way, as with the "invalid session" error in this diff.
  - Secondly, if you load a page and don't have a session, we give you an anonymous session. This is just a secret with no special significance.

This does not implement CSRF yet, but gives us a client secret we can use to implement it.

Test Plan:
  - Logged in.
  - Logged out.
  - Browsed around.
  - Logged in again.
  - Went through link/register.

Reviewers: btrahan

Reviewed By: btrahan

CC: aran

Maniphest Tasks: T4310, T4339

Differential Revision: https://secure.phabricator.com/D8043
2014-01-23 14:03:22 -08:00
epriestley
0727418023 Consolidate use of magical cookie name strings
Summary: Ref T4339. We have more magical cookie names than we should, move them all to a central location.

Test Plan: Registered, logged in, linked account, logged out. See inlines.

Reviewers: btrahan

Reviewed By: btrahan

CC: aran

Maniphest Tasks: T4339

Differential Revision: https://secure.phabricator.com/D8041
2014-01-23 14:01:35 -08:00
epriestley
02aa193cb0 Add a common password blacklist
Summary:
Fixes T4143. This mitigates the "use a botnet to slowly try to login to every user account using the passwords '1234', 'password', 'asdfasdf', ..." attack, like the one that hit GitHub.

(I also donated some money to Openwall as a thanks for compiling this wordlist.)

Test Plan:
  - Tried to register with a weak password; registered with a strong password.
  - Tried to set VCS password to a weak password; set VCS password to a strong password.
  - Tried to change password to a weak password; changed password to a strong password.

Reviewers: btrahan

Reviewed By: btrahan

CC: aran, chad

Maniphest Tasks: T4143

Differential Revision: https://secure.phabricator.com/D8048
2014-01-23 14:01:18 -08:00
epriestley
2ec45d42a6 Remove session limits and sequencing
Summary:
Ref T4310. Fixes T3720. This change:

  - Removes concurrent session limits. Instead, unused sessions are GC'd after a while.
  - Collapses all existing "web-1", "web-2", etc., sessions into "web" sessions.
  - Dramatically simplifies the code for establishing a session (like omg).

Test Plan: Ran migration, checked Sessions panel and database for sanity. Used existing session. Logged out, logged in. Ran Conduit commands.

Reviewers: btrahan

Reviewed By: btrahan

CC: aran

Maniphest Tasks: T4310, T3720

Differential Revision: https://secure.phabricator.com/D7978
2014-01-15 17:27:59 -08:00
epriestley
acb141cf52 Expire and garbage collect unused sessions
Summary:
Ref T3720. Ref T4310. Currently, we limit the maximum number of concurrent sessions of each type. This is primarily because sessions predate garbage collection and we had no way to prevent the session table from growing fairly quickly and without bound unless we did this.

Now that we have GC (and it's modular!) we can just expire unused sessions after a while and throw them away:

  - Add a `sessionExpires` column to the table, with a key.
  - Add a GC for old sessions.
  - When we establish a session, set `sessionExpires` to the current time plus the session TTL.
  - When a user uses a session and has used up more than 20% of the time on it, extend the session.

In addition to this, we could also rotate sessions, but I think that provides very little value. If we do want to implement it, we should hold it until after T3720 / T4310.

Test Plan:
  - Ran schema changes.
  - Looked at database.
  - Tested GC:
    - Started GC.
    - Set expires on one row to the past.
    - Restarted GC.
    - Verified GC nuked the session.
  - Logged in.
  - Logged out.
  - Ran Conduit method.
  - Tested refresh:
    - Set threshold to 0.0001% instead of 20%.
    - Loaded page.
    - Saw a session extension ever few page loads.

Reviewers: btrahan

Reviewed By: btrahan

CC: aran

Maniphest Tasks: T4310, T3720

Differential Revision: https://secure.phabricator.com/D7976
2014-01-15 13:56:16 -08:00
epriestley
a64228b03f Give the session table a normal id column as a primary key
Summary:
Ref T4310. Ref T3720. Two major things are going on here:

  - I'm making this table work more like a standard table, which, e.g., makes `delete()` simpler to implement.
  - Currently, the primary key is `(userPHID, type)`. I want to get rid of this, issue unlimited sessions, and GC old sessions. This means we can't have a unique key on `(userPHID, type)` anymore. This removes it as the primary key and adds it as a normal key instead. There's no functional change -- the code to generate sessions guarantees that it will never write duplicate rows or write additional rows -- but allows us to drop the `-1`, `-2` qualifiers in the future.
  - Also of note, our task is made far simpler here because MySQL will automatically assign values to new `AUTO_INCREMENT` columns, so we don't have to migrate to get real IDs.

Test Plan: Ran migrations, verified table looked sane. Logged out, logged in.

Reviewers: btrahan

Reviewed By: btrahan

CC: aran

Maniphest Tasks: T3720, T4310

Differential Revision: https://secure.phabricator.com/D7975
2014-01-15 13:55:18 -08:00
Bob Trahan
41d2a09536 Legalpad - make it work for not logged in users
Summary: Adds "verified" and "secretKey" to Legalpad document signatures. For logged in users using an email address they own, things are verified right away. Otherwise, the email is sent a verification letter. When the user clicks the link the signature is marked verified.

Test Plan: signed the document with a bogus email address not logged in. verified the email that would be sent looked good from command line. followed link and successfully verified bogus email address

Reviewers: epriestley

Reviewed By: epriestley

CC: Korvin, epriestley, aran, asherkin

Maniphest Tasks: T4283

Differential Revision: https://secure.phabricator.com/D7930
2014-01-14 17:17:18 -08:00
Chad Little
31a2bebf63 Move PhabricatorTagView to PHUITagView
Summary: For consistency and great justice.

Test Plan: tested audit, uiexamples, action headers

Reviewers: epriestley, btrahan

Reviewed By: epriestley

CC: Korvin, epriestley, aran

Differential Revision: https://secure.phabricator.com/D7967
2014-01-14 14:09:52 -08:00
epriestley
d392a8f157 Replace "web" and "conduit" magic session strings with constants
Summary: Ref T4310. Ref T3720. We use bare strings to refer to session types in several places right now; use constants instead.

Test Plan: grep; logged out; logged in; ran Conduit commands.

Reviewers: btrahan

Reviewed By: btrahan

CC: aran

Maniphest Tasks: T4310, T3720

Differential Revision: https://secure.phabricator.com/D7963
2014-01-14 13:22:34 -08:00
epriestley
eef314b701 Separate session management from PhabricatorUser
Summary: Ref T4310. Ref T3720. Session operations are currently part of PhabricatorUser. This is more tightly coupled than needbe, and makes it difficult to establish login sessions for non-users. Move all the session management code to a `SessionEngine`.

Test Plan:
  - Viewed sessions.
  - Regenerated Conduit certificate.
  - Verified Conduit sessions were destroyed.
  - Logged out.
  - Logged in.
  - Ran conduit commands.
  - Viewed sessions again.

Reviewers: btrahan

Reviewed By: btrahan

CC: aran

Maniphest Tasks: T4310, T3720

Differential Revision: https://secure.phabricator.com/D7962
2014-01-14 13:22:27 -08:00
epriestley
3d9e328fb3 Add an "active login sessions" table to Settings
Summary: Ref T4310. Ref T3720. Partly, this makes it easier for users to understand login sessions. Partly, it makes it easier for me to make changes to login sessions for T4310 / T3720 without messing anything up.

Test Plan: {F101512}

Reviewers: btrahan

Reviewed By: btrahan

CC: aran

Maniphest Tasks: T3720, T4310

Differential Revision: https://secure.phabricator.com/D7954
2014-01-14 11:05:45 -08:00
epriestley
220d680f37 Allow PhabricatorUserLog to store non-user PHIDs
Summary:
Ref T4310. This is a small step toward separating out the session code so we can establish sessions for `ExternalAccount` and not just `User`.

Also fix an issue with strict MySQL and un-admin / un-disable from web UI.

Test Plan: Logged in, logged out, admined/de-admin'd user, added email address, checked user log for all those events.

Reviewers: btrahan

Reviewed By: btrahan

CC: aran

Maniphest Tasks: T4310

Differential Revision: https://secure.phabricator.com/D7953
2014-01-14 11:05:26 -08:00
Chad Little
b74c7a3d37 Simplify PHUIObjectBoxViews handling of Save and Error states
Summary: This removes the bulk of the "Form Errors" text, some variations likely exists. These are a bit redundant and space consuming. I'd also like to back ErrorView more into PHUIObjectBox.

Test Plan: Test out the forms, see errors without the text.

Reviewers: epriestley, btrahan

CC: Korvin, epriestley, aran, hach-que

Differential Revision: https://secure.phabricator.com/D7924
2014-01-10 09:17:37 -08:00
epriestley
324ee4e4d5 Fix rendering issue for LDAP configuration provider transactions
Summary: Fixes T4290. At least one of the fields (`realname`) may have a list of items, and `strlen(array('first', 'last'))` produces the warning and stack trace in T4290.

Test Plan:
  - Edited `realname` from an array value to an array value.
  - Hit error.
  - Applied patch.
  - No more error.

Reviewers: btrahan

Reviewed By: btrahan

CC: aran

Maniphest Tasks: T4290

Differential Revision: https://secure.phabricator.com/D7905
2014-01-08 13:27:08 -08:00
epriestley
3524ba3fb5 Add warnings to JIRA auth provider that we only support JIRA 6
Summary: Ref T4289. Make it clear that this provider does not currently work with JIRA 5.

Test Plan: Viewed JIRA provider from `/auth/`, saw warnings.

Reviewers: btrahan, chad

Reviewed By: chad

CC: aran

Maniphest Tasks: T4289

Differential Revision: https://secure.phabricator.com/D7906
2014-01-08 09:43:44 -08:00
epriestley
e397103bf2 Extend all "ManagementWorkflow" classes from a base class
Summary:
Ref T2015. Not directly related to Drydock, but I've wanted to do this for a bit.

Introduce a common base class for all the workflows in the scripts in `bin/*`. This slightly reduces code duplication by moving `isExecutable()` to the base, but also provides `getViewer()`. This is a little nicer than `PhabricatorUser::getOmnipotentUser()` and gives us a layer of indirection if we ever want to introduce more general viewer mechanisms in scripts.

Test Plan: Lint; ran some of the scripts.

Reviewers: btrahan

Reviewed By: btrahan

CC: aran

Maniphest Tasks: T2015

Differential Revision: https://secure.phabricator.com/D7838
2013-12-27 13:15:40 -08:00
epriestley
a5dc9067af Provide convenience method addTextCrumb() to PhabricatorCrumbsView
Summary: We currently have a lot of calls to `addCrumb(id(new PhabricatorCrumbView())->...)` which can be expressed much more simply with a convenience method. Nearly all crumbs are only textual.

Test Plan:
  - This was mostly automated, then I cleaned up a few unusual sites manually.
  - Bunch of grep / randomly clicking around.

Reviewers: btrahan, chad

Reviewed By: btrahan

CC: hach-que, aran

Differential Revision: https://secure.phabricator.com/D7787
2013-12-18 17:47:34 -08:00
epriestley
e4920cdf86 Provide an LDAPS example in LDAP auth
Summary: Fixes T4148. LDAPS works with "ldaps://", it just isn't documented or clear.

Test Plan: {F84893}

Reviewers: btrahan

Reviewed By: btrahan

CC: aran

Maniphest Tasks: T4148

Differential Revision: https://secure.phabricator.com/D7652
2013-11-25 14:55:44 -08:00
epriestley
3a035c02e7 Recover more flexibly from an already-verified email
Summary:
Ref T4140. We could hit a redirect loop for a user with a verified primary email address but no "is verified" flag on their account. This shouldn't be possible since the migration should have set the flag, but we can deal with it more gracefully when it does happen (maybe because users forgot to run `storage/upgrade`, or because of ghosts).

In the controller, check the same flag we check before forcing the user to the controller.

When verifying, allow the verification if either the email or user flag isn't set.

Test Plan: Hit `/login/mustverify/`; verified an address.

Reviewers: btrahan

Reviewed By: btrahan

CC: aran

Maniphest Tasks: T4140

Differential Revision: https://secure.phabricator.com/D7621
2013-11-21 14:41:32 -08:00
epriestley
a518626a85 Slightly improve behavior for unverified + unapproved users
Summary: Ref T4140. Allow unapproved users to verify their email addresses. Currently, unapproved blocks email verification, but should not.

Test Plan: Clicked email verification link as an unapproved user, got email verified.

Reviewers: btrahan, chad

Reviewed By: chad

CC: aran

Maniphest Tasks: T4140

Differential Revision: https://secure.phabricator.com/D7618
2013-11-21 12:58:58 -08:00
epriestley
6eb02af314 Allow "bin/auth recover" to succeed before phabricator.base-uri is set
Summary:
Fixes T4132. If you run "bin/auth recover" before setting the base URI, it throws when trying to generate a production URI.

Instead, just show the path. We can't figure out the domain, and I think this is less confusing than showing "your.phabricator.example.com", etc.

Test Plan: Ran `bin/auth recover <user>` for valid and missing base-uri.

Reviewers: btrahan

Reviewed By: btrahan

CC: aran

Maniphest Tasks: T4132

Differential Revision: https://secure.phabricator.com/D7615
2013-11-20 10:36:00 -08:00
Aviv Eyal
dcf909ba56 Land to GitHub + support stuff
Summary:
A usable, Land to GitHub flow.

Still to do:
- Refactor all git/hg stratagies to a sane structure.
- Make the dialogs Workflow + explain why it's disabled.
- Show button and request Link Account if GH is enabled, but user is not linked.
- After refreshing token, user ends up in the settings stage.

Hacked something in LandController to be able to show an arbitrary dialog from a strategy.
It's not very nice, but I want to make some more refactoring to the controller/strategy/ies anyway.

Also made PhabricatorRepository::getRemoteURIObject() public, because it was very useful in getting
the domain and path for the repo.

Test Plan:
Went through these flows:
- load revision in hosted, github-backed, non-github backed repos to see button as needed.
- hit land with weak token - sent to refresh it with the extra scope.
- Land to repo I'm not allowed - got proper error message.
- Successfully landed; Failed to apply patch.

Reviewers: epriestley, #blessed_reviewers

Reviewed By: epriestley

CC: Korvin, epriestley, aran

Maniphest Tasks: T182

Differential Revision: https://secure.phabricator.com/D7555
2013-11-13 17:25:24 -08:00
epriestley
87a655e8c5 Fix new logged-out "Login" button URI and workflowiness
Summary: Whelp apparently I never actually clicked this.

Auditors: btrahan
2013-11-13 11:48:24 -08:00
epriestley
fb6e38548b Respect "can edit username" in registration UI
Summary:
Fixes T3741. The flag is respected in terms of actually creating the account, but the UI is a bit unclear.

This can never occur naturally, but installs can register an event which locks it.

Test Plan:
Artificially locked it, verified I got more reasonable UI;

{F81282}

Reviewers: btrahan, datr

Reviewed By: datr

CC: aran

Maniphest Tasks: T3741

Differential Revision: https://secure.phabricator.com/D7577
2013-11-13 11:25:43 -08:00
epriestley
c0e1a63a63 Implement an approval queue
Summary:
  - Add an option for the queue.
  - By default, enable it.
  - Dump new users into the queue.
  - Send admins an email to approve them.

Test Plan:
  - Registered new accounts with queue on and off.
  - As an admin, approved accounts and disabled the queue from email.

Reviewers: btrahan

Reviewed By: btrahan

CC: aran

Differential Revision: https://secure.phabricator.com/D7576
2013-11-13 11:24:56 -08:00
epriestley
0fa411083f Show an "approval queue" item on the home page for admins, and sort out menu item visibility
Summary:
  - If you're an administrator and there are users waiting for approval, show a count on the home page.
  - Sort out the `isUserActivated()` access check.
  - Hide all the menu widgets except "Logout" for disabled and unapproved users.
  - Add a "Log In" item.
  - Add a bunch of unit tests.

Test Plan: Ran unit tests, clicked around as unapproved/approved/logged-in/logged-out users.

Reviewers: btrahan

Reviewed By: btrahan

CC: aran, chad

Differential Revision: https://secure.phabricator.com/D7574
2013-11-13 11:24:38 -08:00
epriestley
c8320923c4 Implement most of the administrative UI for approval queues
Summary:
Nothing fancy here, just:

  - UI to show users needing approval.
  - "Approve" and "Disable" actions.
  - Send "Approved" email on approve.
  - "Approve" edit + log operations.
  - "Wait for Approval" state for users who need approval.

There's still no natural way for users to end up not-approved -- you have to write directly to the database.

Test Plan: See screenshots.

Reviewers: btrahan

Reviewed By: btrahan

CC: aran

Differential Revision: https://secure.phabricator.com/D7573
2013-11-13 11:24:18 -08:00
epriestley
7f11e8d740 Improve handling of email verification and "activated" accounts
Summary:
Small step forward which improves existing stuff or lays groudwork for future stuff:

  - Currently, to check for email verification, we have to single-query the email address on every page. Instead, denoramlize it into the user object.
    - Migrate all the existing users.
    - When the user verifies an email, mark them as `isEmailVerified` if the email is their primary email.
    - Just make the checks look at the `isEmailVerified` field.
  - Add a new check, `isUserActivated()`, to cover email-verified plus disabled. Currently, a non-verified-but-not-disabled user could theoretically use Conduit over SSH, if anyone deployed it. Tighten that up.
  - Add an `isApproved` flag, which is always true for now. In a future diff, I want to add a default-on admin approval queue for new accounts, to prevent configuration mistakes. The way it will work is:
    - When the queue is enabled, registering users are created with `isApproved = false`.
    - Admins are sent an email, "[Phabricator] New User Approval (alincoln)", telling them that a new user is waiting for approval.
    - They go to the web UI and approve the user.
    - Manually-created accounts are auto-approved.
    - The email will have instructions for disabling the queue.

I think this queue will be helpful for new installs and give them peace of mind, and when you go to disable it we have a better opportunity to warn you about exactly what that means.

Generally, I want to improve the default safety of registration, since if you just blindly coast through the path of least resistance right now your install ends up pretty open, and realistically few installs are on VPNs.

Test Plan:
  - Ran migration, verified `isEmailVerified` populated correctly.
  - Created a new user, checked DB for verified (not verified).
  - Verified, checked DB (now verified).
  - Used Conduit, People, Diffusion.

Reviewers: btrahan

Reviewed By: btrahan

CC: chad, aran

Differential Revision: https://secure.phabricator.com/D7572
2013-11-12 14:37:04 -08:00
epriestley
cd73fe78db Roadblock users trying to register with external accounts that have invalid emails
Summary:
Ref T3472. Currently, if an install only allows "@mycompany.com" emails and you try to register with an "@personal.com" account, we let you pick an "@mycompany.com" address instead. This is secure: you still have to verify the email. However, it defies user expectation -- it's somewhat confusing that we let you register. Instead, provide a hard roadblock.

(These accounts can still be linked, just not used for registration.)

Test Plan: See screenshot.

Reviewers: btrahan

Reviewed By: btrahan

CC: aran

Maniphest Tasks: T3472

Differential Revision: https://secure.phabricator.com/D7571
2013-11-12 14:36:49 -08:00
epriestley
30a51dac36 Clarify registration rules more aggressively when configuring auth
Summary: See private chatter. Make it explicitly clear when adding a provider that anyone who can browse to Phabricator can register.

Test Plan: See screenshots.

Reviewers: btrahan

Reviewed By: btrahan

CC: aran

Differential Revision: https://secure.phabricator.com/D7570
2013-11-12 10:56:47 -08:00
Jakub Vrana
a29b5b070f Replace some hsprintf() by phutil_tag()
Test Plan: Looked at a diff with inline comment.

Reviewers: epriestley

Reviewed By: epriestley

CC: Korvin, epriestley, aran

Differential Revision: https://secure.phabricator.com/D7549
2013-11-11 09:23:23 -08:00
Aviv Eyal
2250ee6aa6 Allow null for token expiration date
Summary: At least under GitHub, the token value is stored as "null", and not missing. And `null > anything` is false, so Phabricator thinks the token is expired or not there.

Test Plan: http://ph.vm/settings/panel/external/ before shows "No OAuth Access Token," and after it says "Active OAuth Token".

Reviewers: epriestley, #blessed_reviewers

Reviewed By: epriestley

CC: Korvin, epriestley, aran

Differential Revision: https://secure.phabricator.com/D7466
2013-10-30 17:19:46 -07:00
epriestley
2a5c987c71 Lock policy queries to their applications
Summary:
While we mostly have reasonable effective object accessibility when you lock a user out of an application, it's primarily enforced at the controller level. Users can still, e.g., load the handles of objects they can't actually see. Instead, lock the queries to the applications so that you can, e.g., never load a revision if you don't have access to Differential.

This has several parts:

  - For PolicyAware queries, provide an application class name method.
  - If the query specifies a class name and the user doesn't have permission to use it, fail the entire query unconditionally.
  - For handles, simplify query construction and count all the PHIDs as "restricted" so we get a UI full of "restricted" instead of "unknown" handles.

Test Plan:
  - Added a unit test to verify I got all the class names right.
  - Browsed around, logged in/out as a normal user with public policies on and off.
  - Browsed around, logged in/out as a restricted user with public policies on and off. With restrictions, saw all traces of restricted apps removed or restricted.

Reviewers: btrahan

Reviewed By: btrahan

CC: aran

Differential Revision: https://secure.phabricator.com/D7367
2013-10-21 17:20:27 -07:00
Chad Little
d2895249ee Add Persona login icon
Summary: Adds the new icon 1x and 2x

Test Plan: photoshop

Reviewers: epriestley

Reviewed By: epriestley

CC: Korvin, epriestley, aran

Maniphest Tasks: T3958

Differential Revision: https://secure.phabricator.com/D7316
2013-10-14 16:33:49 -07:00
epriestley
0ce4f6d176 Add Persona auth provider
Summary: Ref T3958. Adds a provider for Mozilla's Persona auth.

Test Plan:
  - Created a Persona provider.
  - Registered a new account with Persona.
  - Logged in with Persona.
  - Linked an account with Persona.
  - Dissolved an account link with Persona.

Reviewers: btrahan

Reviewed By: btrahan

CC: aran

Maniphest Tasks: T3958

Differential Revision: https://secure.phabricator.com/D7313
2013-10-14 14:34:57 -07:00
epriestley
7dde01df76 Fix issues with first-time account registration
Summary: This worked originally, but the migration broke slightly after the
config was deprecated, and there was another minor issue during setup.
2013-10-05 08:02:41 -07:00
Chad Little
cad9e548bc Add Header to Registration
Summary: Adds an ObjectBox to Phabricator Registration

Test Plan: check logged out page for new header.

Reviewers: epriestley, btrahan

Reviewed By: epriestley

CC: Korvin, aran

Differential Revision: https://secure.phabricator.com/D7223
2013-10-04 15:13:05 -07:00
epriestley
2e5ac128b3 Explain policy exception rules to users
Summary:
Ref T603. Adds clarifying text which expands on policies and explains exceptions and rules. The goal is to provide an easy way for users to learn about special policy rules, like "task owners can always see a task".

This presentation might be a little aggressive. That's probably OK as we introduce policies, but something a little more tempered might be better down the road.

Test Plan: See screenshot.

Reviewers: btrahan, chad

Reviewed By: chad

CC: aran

Maniphest Tasks: T603

Differential Revision: https://secure.phabricator.com/D7150
2013-09-27 08:43:41 -07:00
Chad Little
9be7a948f9 Move PHUIFormBoxView to PHUIObjectBoxView
Summary: I'd like to reuse this for other content areas, renaming for now. This might be weird to keep setForm, but I can fix that later if we need.

Test Plan: reload a few forms in maniphest, projects, differential

Reviewers: epriestley, btrahan

Reviewed By: epriestley

CC: Korvin, aran

Differential Revision: https://secure.phabricator.com/D7120
2013-09-25 11:23:29 -07:00
Gareth Evans
e1892e9bfb Add reCaptcha to password registration
Summary: See task

Test Plan:
Attempt to signup with recaptcha disabled.
Attempt to signup with recaptcha enabled with incorrect value.
Attempt to signup with recaptcha enabled with correct value.

Reviewers: epriestley

Reviewed By: epriestley

CC: Korvin, aran

Maniphest Tasks: T3832

Differential Revision: https://secure.phabricator.com/D7053
2013-09-20 14:54:57 -07:00
Chad Little
5ba20b8924 Move PhabricatorObjectItem to PHUIObjectItem, add 'plain' setting for lists.
Summary: Adds plain support for object lists that just look like lists

Test Plan: review UIexamples and a number of other applications

Reviewers: epriestley, btrahan

Reviewed By: epriestley

CC: Korvin, aran

Differential Revision: https://secure.phabricator.com/D6922
2013-09-09 14:14:34 -07:00
epriestley
825fb9c85a Add JIRA doorkeeper and remarkup support
Summary:
Ref T3687. Adds a Doorkeeper bridge for JIRA issues, plus remarkup support. In particular:

  - The Asana and JIRA remarkup rules shared most of their implementation, so I refactored what I could into a base class.
  - Actual bridge implementation is straightforward and similar to Asana, although probably not similar enough to really justify refactoring.

Test Plan:
  - When logged in as a JIRA-connected user, pasted a JIRA issue link and saw it enriched at rendering time.
  - Logged in and out with JIRA.
  - Tested an Asana link, too (seems I haven't broken anything).

Reviewers: btrahan

Reviewed By: btrahan

CC: aran

Maniphest Tasks: T3687

Differential Revision: https://secure.phabricator.com/D6878
2013-09-03 17:27:38 -07:00
epriestley
e5b4ce5525 Reduce the amount of OAuth1/OAuth2 code duplication for rendering login buttons
Summary: Ref T3687. These buttons don't work quite the same way, but are similar enough that the code seems worth consolidating.

Test Plan: Viewed and clicked both OAuth1 (Twitter, JIRA) and OAuth2 (Facebook) login buttons. Got logins.

Reviewers: btrahan

Reviewed By: btrahan

CC: aran

Maniphest Tasks: T3687

Differential Revision: https://secure.phabricator.com/D6874
2013-09-03 10:30:53 -07:00
epriestley
25eb401e18 Handle user aborts during auth workflows in Phabricator
Summary: Depends on D6872. Ref T3687. Give the user a nice dialog instead of a bare exception.

Test Plan: Cancelled out of Twitter and JIRA workflows. We should probably do this for the OAuth2 workflows too, but they're a bit of a pain to de-auth and I am lazy.

Reviewers: btrahan

Reviewed By: btrahan

CC: aran

Maniphest Tasks: T3687

Differential Revision: https://secure.phabricator.com/D6873
2013-09-03 10:30:39 -07:00
epriestley
4e12a375f3 Add JIRA as an authentication provider
Summary:
Ref T3687. Depends on D6867. This allows login/registration through JIRA.

The notable difference between this and other providers is that we need to do configuration in two stages, since we need to generate and save a public/private keypair before we can give the user configuration instructions, which takes several seconds and can't change once we've told them to do it.

To this effect, the edit form renders two separate stages, a "setup" stage and a "configure" stage. In the setup stage the user identifies the install and provides the URL. They hit save, we generate a keypair, and take them to the configure stage. In the configure stage, they're walked through setting up all the keys. This ends up feeling a touch rough, but overall pretty reasonable, and we haven't lost much generality.

Test Plan: {F57059}

Reviewers: btrahan

Reviewed By: btrahan

CC: aran

Maniphest Tasks: T3687

Differential Revision: https://secure.phabricator.com/D6868
2013-09-03 05:53:21 -07:00
epriestley
25e43e872b Add Twitter as an authentication provider
Summary: Ref T3687. Depends on D6864. Implements the `OAuth1` provider in Phabricator (which is mostly similar to the OAuth2 provider, but doesn't share quite enough code to actually extend a common base class, I think) and Twitter as a concrete subclass.

Test Plan:
Created a Twitter provider. Registered, logged in, linked, refreshed account link.

{F57054}

{F57056}

Reviewers: btrahan

Reviewed By: btrahan

CC: aran

Maniphest Tasks: T3687

Differential Revision: https://secure.phabricator.com/D6865
2013-09-03 05:53:08 -07:00
Chad Little
fe2a96e37f Update Form Layouts
Summary:
This attempts some consistency in form layouts. Notably, they all now contain headers and are 16px off the sides and tops of pages. Also updated dialogs to the same look and feel. I think I got 98% of forms with this pass, but it's likely I missed some buried somewhere.

TODO: will take another pass as consolidating these colors and new gradients in another diff.

Test Plan: Played in my sandbox all week. Please play with it too and let me know how they feel.

Reviewers: epriestley, btrahan

Reviewed By: epriestley

CC: Korvin, aran

Differential Revision: https://secure.phabricator.com/D6806
2013-08-26 11:53:11 -07:00
epriestley
f034fd80db Remove getApplicationObjectTypeName from ApplicationTransactions
Summary:
We can get this out of PHIDType reasonably in all cases and simplify implementation here.

None of these translate correctly anyway so they're basically debugging/development strings.

Test Plan: `grep`, browsed some transactions

Reviewers: btrahan

Reviewed By: btrahan

CC: aran

Differential Revision: https://secure.phabricator.com/D6786
2013-08-21 12:32:06 -07:00
epriestley
751cd547c2 Remove dust from page construction
Summary:
  ^\s+(['"])dust\1\s*=>\s*true,?\s*$\n

Test Plan: Looked through the diff.

Reviewers: chad

Reviewed By: chad

CC: aran

Differential Revision: https://secure.phabricator.com/D6769
2013-08-19 18:09:35 -07:00
Chad Little
fe766ff683 Fix twitch name
Summary: fix spelling

Test Plan: i didn't test this, but seems ok?

Reviewers: epriestley, btrahan

Reviewed By: epriestley

CC: Korvin, aran

Differential Revision: https://secure.phabricator.com/D6728
2013-08-12 11:41:03 -07:00
epriestley
07dd5df33b Support Twitch.tv as an OAuth provider
Summary:
This is mostly for personal reasons / lols, but they have a perfectly functional OAuth2 API and it takes like 15 minutes to add a provider now and I was in this code anyway...

@chad, we could use JIRA, Twitter and Twitch.tv auth icons if you have a chance.

Test Plan: {F53564}

Reviewers: btrahan, chad

Reviewed By: btrahan

CC: aran

Differential Revision: https://secure.phabricator.com/D6706
2013-08-08 13:34:30 -07:00
epriestley
5cc3bbf721 Use application PHIDs for application transactions
Summary: Ref T2715. Ref T3578. Load application transactions through application PHID infrastructure.

Test Plan: Viewed feed, saw successful loads of application transaction objects and rendered feed stories.

Reviewers: btrahan

Reviewed By: btrahan

CC: aran

Maniphest Tasks: T2715, T3578

Differential Revision: https://secure.phabricator.com/D6617
2013-07-29 12:04:15 -07:00
epriestley
cf9dc5d189 Fix bug when multiple comment forms appear on a single page
Summary:
Ref T3373. The submit listener doesn't properly scope the form it listens to right now, so several forms on the page mean that comments post to one of them more or less at random.

Scope it properly by telling it which object PHID it is associated with.

Test Plan: Made Question comments, saw comments Ajax in on the question itself rather than on an arbitrary answer.

Reviewers: btrahan

Reviewed By: btrahan

CC: aran

Maniphest Tasks: T3373

Differential Revision: https://secure.phabricator.com/D6611
2013-07-29 12:04:10 -07:00
epriestley
db3a0c90bb Use Application PHIDs for XUSR
Summary: Ref T2715. XUSR -> apps

Test Plan: `phid.query`

Reviewers: btrahan

Reviewed By: btrahan

CC: aran

Maniphest Tasks: T2715

Differential Revision: https://secure.phabricator.com/D6558
2013-07-24 14:12:39 -07:00
epriestley
ab5ee5d193 Survive mild misconfiguration of Realname Attributes in LDAP
Summary: Currently, we'll fatal on array typehint issues if this is misconfigured. Instead, we should just reject the configuration. See some discussion in IRC.

Test Plan: Used LDAP to log in.

Reviewers: btrahan, totorico

Reviewed By: btrahan

CC: aran

Differential Revision: https://secure.phabricator.com/D6489
2013-07-18 12:40:57 -07:00
epriestley
cff8c50903 Modernize email verification page
Summary: Fixes T3517. Moves the email verification page out of People and into Auth. Makes it look less awful.

Test Plan: {F49636} {F49637}

Reviewers: chad, btrahan

Reviewed By: btrahan

CC: aran

Maniphest Tasks: T3517

Differential Revision: https://secure.phabricator.com/D6425
2013-07-10 18:53:09 -07:00
epriestley
2432a47997 Reduce invasiveness of bin/auth ldap
Summary: The once-choppy LDAP waters seem to have calmed down a bit. Use the service profile log to get a pretty good idea of what's going on with LDAP (see D6391) instead of invasive logging to get a slightly better idea.

Test Plan:
  $ ~/src/php-src/sapi/cli/php -f ./bin/auth ldap --trace
  >>> [2] <connect> phabricator2_auth
  <<< [2] <connect> 1,755 us
  >>> [3] <query> SELECT * FROM `auth_providerconfig`  ORDER BY id DESC
  <<< [3] <query> 423 us
  Enter LDAP Credentials

      LDAP Username:  ldapuser
  >>> [4] <exec> $ stty -echo
  <<< [4] <exec> 10,370 us

      LDAP Password:  >>> [5] <exec> $ stty echo
  <<< [5] <exec> 6,844 us

  Connecting to LDAP...
  >>> [6] <ldap> connect (127.0.0.1:389)
  <<< [6] <ldap> 12,932 us
  >>> [7] <ldap> bind (sn=ldapuser,ou=People, dc=aphront, dc=com)
  <<< [7] <ldap> 6,860 us
  >>> [8] <ldap> search (ou=People, dc=aphront, dc=com, sn=ldapuser)
  <<< [8] <ldap> 5,907 us
  Found LDAP Account: ldapuser

Reviewers: btrahan

Reviewed By: btrahan

CC: aran

Differential Revision: https://secure.phabricator.com/D6392
2013-07-09 16:23:12 -07:00
epriestley
1888a84b7e Fix an issue with setting "Real Name Attributes" in LDAP auth
Summary: We currently don't read/save this value correctly. Fix the issue. Ref T1536.

Test Plan: Set real name attributes to "x, y".

Reviewers: btrahan

Reviewed By: btrahan

CC: aran, colegleason

Maniphest Tasks: T1536

Differential Revision: https://secure.phabricator.com/D6388
2013-07-09 16:22:50 -07:00
epriestley
5ecb77427a Fix OAuth token refresh return value
Summary:
Ref T1536. Ref T2852. Currently, after refreshing the token we don't actually return it. This means that code relying on token refresh fails once per hour (for Asana) in a sort of subtle way. Derp.

Update `bin/auth refresh` to make this failure more clear.

Test Plan: Set `force refresh` flag and verified a return value.

Reviewers: btrahan, chad

Reviewed By: chad

CC: aran

Maniphest Tasks: T1536, T2852

Differential Revision: https://secure.phabricator.com/D6295
2013-06-25 16:31:01 -07:00
epriestley
fe71b34c68 Add a "refresh" action for external accounts
Summary:
Ref T1536. This is equivalent to logging out and logging back in again, but a bit less disruptive for users. For some providers (like Google), this may eventually do something different (Google has a "force" parameter which forces re-auth and is ostensibly required to refresh long-lived tokens).

Broadly, this process fixes OAuth accounts with busted access tokens so we can do API stuff. For other accounts, it mostly just syncs profile pictures.

Test Plan:
Refreshed LDAP and Oauth accounts, linked OAuth accounts, hit error conditions.

{F47390}
{F47391}
{F47392}
{F47393}
{F47394}
{F47395}

Reviewers: btrahan, chad

Reviewed By: btrahan

CC: aran

Maniphest Tasks: T1536

Differential Revision: https://secure.phabricator.com/D6290
2013-06-24 15:58:27 -07:00
epriestley
e826842179 Show more information about OAuth tokens in the Account Settings -> External Accounts screen
Summary:
Ref T1536.

  - Allow providers to customize the look of external accounts.
  - For username/password auth, don't show the account view (it's confusing and not useful).
  - For OAuth accounts, show token status.

Test Plan:
{F47374}

{F47375}

Reviewers: btrahan, chad

Reviewed By: btrahan

CC: aran

Maniphest Tasks: T1536

Differential Revision: https://secure.phabricator.com/D6289
2013-06-24 15:57:39 -07:00
epriestley
f8ed6422f8 Provide an auto-refresh mechanism for OAuth providers to deliver fresh tokens
Summary:
Ref T2852. Give OAuth providers a formal method so you can ask them for tokens; they issue a refresh request if necessary.

We could automatically refresh these tokens in daemons as they near expiry to improve performance; refreshes are blocking in-process round trip requests. If we do this for all tokens, it's a lot of requests (say, 20k users * 2 auth mechanisms * 1-hour tokens ~= a million requests a day). We could do it selectively for tokens that are actually in use (i.e., if we refresh a token in response to a user request, we keep refreshing it for 24 hours automatically). For now, I'm not pursuing any of this.

If we fail to refresh a token, we don't have a great way to communicate it to the user right now. The remedy is "log out and log in again", but there's no way for them to figure this out. The major issue is that a lot of OAuth integrations should not throw if they fail, or can't reasonably be rasied to the user (e.g., activity in daemons, loading profile pictures, enriching links, etc). For now, this shouldn't really happen. In future diffs, I plan to make the "External Accounts" settings page provide some information about tokens again, and possibly push some flag to accounts like "you should refresh your X link", but we'll see if issues crop up.

Test Plan: Used `bin/auth refresh` to verify refreshes. I'll wait an hour and reload a page with an Asana link to verify the auto-refresh part.

Reviewers: btrahan

Reviewed By: btrahan

CC: aran

Maniphest Tasks: T2852

Differential Revision: https://secure.phabricator.com/D6280
2013-06-24 15:56:01 -07:00
epriestley
c94ef134e4 Add bin/auth refresh for debugging OAuth token refresh issues
Summary: Ref T2852. Provide a script for inspecting/debugging OAuth token refresh.

Test Plan: Ran `bin/auth refresh` with various arguments, saw token refreshes.

Reviewers: btrahan

Reviewed By: btrahan

CC: aran

Maniphest Tasks: T2852

Differential Revision: https://secure.phabricator.com/D6276
2013-06-24 15:55:41 -07:00
epriestley
e723b7e119 Add DoorkeeperObjectRef, DoorkeeperBridge, DoorkeeperBridgeAsana
Summary:
  - `DoorkeeperObjectRef` is a convenience object to keep track of `<applicationType, applicationDomain, objectType, objectID>` tuples.
  - `DoorkeeperBridge` provides pull/push between Phabricator and external systems.
  - `DoorkeeperBridgeAsana` is a bridge to Asana.

Test Plan:
Ran this snippet and got a task from Asana:

{P871}

Reviewers: btrahan

Reviewed By: btrahan

CC: aran

Differential Revision: https://secure.phabricator.com/D6273
2013-06-24 15:54:54 -07:00
epriestley
71e4870a8e Fix OAuth Facebook Phame property access
Summary: Ref T1536. This is missing a call.

Test Plan: Viewed a public blog with Facebook comments.

Reviewers: btrahan, chad

Reviewed By: chad

CC: aran

Maniphest Tasks: T1536

Differential Revision: https://secure.phabricator.com/D6288
2013-06-24 12:02:53 -07:00
epriestley
705dfa25e6 Load LDAP provider correctly in bin/auth LDAP debug script
Summary: Ref T1536. After DB-driven auth config, we need to load this differently.

Test Plan: Ran `bin/auth ldap`.

Reviewers: btrahan, chad

Reviewed By: chad

CC: aran

Maniphest Tasks: T1536

Differential Revision: https://secure.phabricator.com/D6287
2013-06-24 10:37:40 -07:00
epriestley
edee95e355 Tailor the Asana OAuth help URI
Summary: Ref T2852. Asana supports a link directly to this panel, I just wasn't able to find it.

Test Plan:
Clicked the link and got to the apps panel.

{F47346}

Reviewers: isaac_asana, btrahan, chad

Reviewed By: chad

CC: aran

Maniphest Tasks: T2852

Differential Revision: https://secure.phabricator.com/D6285
2013-06-24 10:00:09 -07:00
epriestley
0a044ef275 Make old GitHub OAuth URIs work for now
Summary: Ref T1536. Like Google, GitHub is actually strict about callback URIs too. Keep them pointed at the old URIs until we can gradually migrate.

Test Plan: Logged in with GitHub.

Reviewers: garoevans, davidreuss, btrahan

Reviewed By: garoevans

CC: aran

Maniphest Tasks: T1536

Differential Revision: https://secure.phabricator.com/D6265
2013-06-21 06:11:57 -07:00
Chad Little
e275f94fd8 Update styles on Login Reset
Summary: Changes it to a dialog view, tweaks some layout bugs on full width forms.

Test Plan: Tested loging in and resetting my password. Chrome + Mobile

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, Korvin, nrp

Differential Revision: https://secure.phabricator.com/D6257
2013-06-20 17:11:57 -07:00
epriestley
46a7c61c80 Improve errors associated with adding new login providers
Summary:
Ref T1536.

  - When users try to add a one-of provider which already exists, give them a better error (a dialog explaining what's up with reasonable choices).
  - Disable such providers and label why they're disabled on the "new provider" screen.

Test Plan:
{F47012}

{F47013}

Reviewers: chad, btrahan

Reviewed By: chad

CC: aran

Maniphest Tasks: T1536

Differential Revision: https://secure.phabricator.com/D6256
2013-06-20 14:13:53 -07:00
epriestley
619069e234 Show providers in login order, not alphabetical order
Summary: Ref T1536. Mostly, this puts "username/password" (which is probably a common selection) first on the list.

Test Plan: {F47010}

Reviewers: chad, btrahan

Reviewed By: chad

CC: aran

Maniphest Tasks: T1536

Differential Revision: https://secure.phabricator.com/D6254
2013-06-20 14:04:36 -07:00
epriestley
052193ce2d Improve /auth/ behavior when a provider implementation is missing
Summary: Ref T1536. This "should never happen", but can if you're developing custom providers. Improve the robustness of this interface in the presence of missing provider implementations.

Test Plan: {F47008}

Reviewers: chad, btrahan

Reviewed By: chad

CC: aran

Maniphest Tasks: T1536

Differential Revision: https://secure.phabricator.com/D6253
2013-06-20 14:04:20 -07:00
Chad Little
de9cf72a64 Update Reset Password Page 2013-06-20 13:38:19 -07:00
epriestley
f7e27e36da Minor, clean up an obsolete hardcode (no password registration). 2013-06-20 11:25:57 -07:00
epriestley
7eb579788e Minor, fix an issue where creating a provider without changing anything
fails to save it because there are no effective transactions.
2013-06-20 11:23:58 -07:00
epriestley
e117b320e2 Add Amazon and Asana providers
Summary: Ref T1536. Ref T2852. Adds providers for Asana and Amazon. See D6248.

Test Plan:
{F46960}

{F46961}

Reviewers: btrahan, chad

Reviewed By: chad

CC: aran

Maniphest Tasks: T1536, T2852

Differential Revision: https://secure.phabricator.com/D6249
2013-06-20 11:19:11 -07:00
epriestley
1834584e98 Provide contextual help on auth provider configuration
Summary:
Ref T1536.

  - Move all the provider-specific help into contextual help in Auth.
  - This provides help much more contextually, and we can just tell the user the right values to use to configure things.
  - Rewrite account/registration help to reflect the newer state of the word.
  - Also clean up a few other loose ends.

Test Plan: {F46937}

Reviewers: chad, btrahan

Reviewed By: chad

CC: aran

Maniphest Tasks: T1536

Differential Revision: https://secure.phabricator.com/D6247
2013-06-20 11:18:48 -07:00
epriestley
3b9ccf11f2 Drive auth config with the database
Summary: Ref T1536. This is the last major migration. Moves us over to the DB and drops all the config stuff.

Test Plan:
  - Ran the migration.
  - Saw all my old config brought forward and respected, with accurate settings.
  - Ran LDAP import.
  - Grepped for all removed config options.

Reviewers: btrahan, chad

Reviewed By: btrahan

CC: aran, wez

Maniphest Tasks: T1536

Differential Revision: https://secure.phabricator.com/D6243
2013-06-20 11:18:11 -07:00
epriestley
d8394b2ee0 Prepare for db-driven auth configuration by making proviers operate in dual modes
Summary:
Ref T1536. This sets us for the "Config -> Database" migration. Basically:

  - If stuff is defined in the database, respect the database stuff (no installs have anything defined yet since they can't reach the interfaces/code).
  - Otherwise, respect the config stuff (all installs currently do this).

Test Plan: Saw database stuff respected when database stuff was defined; saw config stuff respected otherwise.

Reviewers: chad, btrahan

Reviewed By: btrahan

CC: aran

Maniphest Tasks: T1536

Differential Revision: https://secure.phabricator.com/D6240
2013-06-20 11:17:53 -07:00
epriestley
32f6c88896 Add first-time-setup registration flow
Summary:
Ref T1536. Currently, when you install Phabricator you're dumped on the login screen and have to consult the documentation to learn about `bin/accountadmin`.

Instead, detect that an install is running first-time setup:

  - It has no configured providers; and
  - it has no user accounts.

We can safely deduce that such an install isn't configured yet, and let the user create an admin account from the web UI.

After they login, we raise a setup issue and lead them to configure authentication.

(This could probably use some UI and copy tweaks.)

Test Plan:
{F46738}

{F46739}

Reviewers: chad, btrahan

Reviewed By: chad

CC: aran

Maniphest Tasks: T1536

Differential Revision: https://secure.phabricator.com/D6228
2013-06-19 16:28:48 -07:00
epriestley
6b1f15ac54 Build out Auth UI a little bit
Summary: Ref T1536. Make this UI a bit more human-friendly.

Test Plan: {F46873}

Reviewers: chad

Reviewed By: chad

CC: aran

Maniphest Tasks: T1536

Differential Revision: https://secure.phabricator.com/D6237
2013-06-19 15:00:37 -07:00
epriestley
73c2c1d2e6 Send old login code to the bottom of the sea
Summary:
Ref T1536. This is extremely reachable and changes the login code to the new stuff.

Notes:

  - I've hard-disabled password registration since I want installs to explicitly flip it on via config if they want it. New installs will get it by default in the future, but old installs shouldn't have their auth options change.
  - Google doesn't let us change the redirect URI, so keep the old one working.
  - We need to keep a bit of LDAP around for now for LDAP import.
  - **Facebook:** This causes substantive changes in what login code is executed.

Test Plan:
  - Logged in / logged out / registered, hit new flows.
  - Logged in with google.
  - Verified no password registration by default.

Reviewers: btrahan, chad

Reviewed By: chad

CC: wez, nh, aran, mbishopim3

Maniphest Tasks: T1536

Differential Revision: https://secure.phabricator.com/D6222
2013-06-19 01:33:27 -07:00
epriestley
8c8ab25fa1 Restore/respect "require secure browsing" for Facebook (phabricator)
Summary:
Ref T1536. Because Facebook publishes data from Phabricator to user profiles and that data is sensitive, it wants to require secure browsing to be enabled in order to login.

Respect the existing option, and support it in the UI.

The UI part isn't reachable yet.

Test Plan: {F46723}

Reviewers: chad, btrahan

Reviewed By: chad

CC: arice, wez, aran

Maniphest Tasks: T1536

Differential Revision: https://secure.phabricator.com/D6224
2013-06-18 15:52:01 -07:00
epriestley
26944e2876 Expose all LDAP configuration options in the web UI
Summary: Ref T1536. Love me some LDAP.

Test Plan: Viewed and edited form. Looked through transactions.

Reviewers: chad, btrahan

Reviewed By: chad

CC: aran

Maniphest Tasks: T1536

Differential Revision: https://secure.phabricator.com/D6227
2013-06-18 13:58:40 -07:00
epriestley
fe29b27582 Fix several issues with "Logout"
Summary:
Ref T1536.

  - When we render a dialog on a page by itself, put it on a dust background.
  - Currently, we render "Logout" in two different places. Stop doing that.
  - Make sure the surviving one has workflow so we get a modal ajax dialog if possible.

Test Plan: {F46731}

Reviewers: chad, btrahan

Reviewed By: chad

CC: aran

Maniphest Tasks: T1536

Differential Revision: https://secure.phabricator.com/D6226
2013-06-18 11:05:28 -07:00
epriestley
e58f383d91 Allow authentication providers to store and customize additional configuration
Summary:
Ref T1536. None of this code is reachable.

For the new web UI for auth edits, give providers more and better customization options for handling the form. Allow them to format transactions.

Also fix the "Auth" application icon.

Test Plan: {F46718}

Reviewers: btrahan, chad

Reviewed By: chad

CC: aran

Maniphest Tasks: T1536

Differential Revision: https://secure.phabricator.com/D6221
2013-06-18 10:02:34 -07:00
epriestley
c0cc7bbfdf Provide bin/auth ldap for LDAP diagnostics
Summary: Ref T1536.

Test Plan: Ran `bin/auth ldap`.

Reviewers: mbishopim3, chad

Reviewed By: mbishopim3

CC: aran

Maniphest Tasks: T1536

Differential Revision: https://secure.phabricator.com/D6218
2013-06-17 13:26:25 -07:00
epriestley
fded36cc21 Improve more crumbs and cancel buttons for auth
Summary:
Ref T1536.

  - When linking accounts after initially failing, make the crumb say "Link Account" instead of "Login".
  - When on the LDAP failure form, show a "Cancel" button returning to start (if logging in) or settings (if linking accounts).
  - Allow providers to distinguish between "start", "login" and "link" rendering.

Test Plan: Linked and logged in with LDAP and other registration mechainsms.

Reviewers: chad, btrahan

Reviewed By: chad

CC: aran

Maniphest Tasks: T1536

Differential Revision: https://secure.phabricator.com/D6214
2013-06-17 12:14:51 -07:00
epriestley
433c6550b2 Add a cancel button, provider crumb, and account card to registration
Summary:
Ref T1536.

  - Add a "Cancel" button, to get back to login.
  - Add a crumb showing the registering provider.
  - Add an account card when registering with an external account
  - Tailor some language to make it less ambiguous ("Phabricator Username", "Register Phabricator Account").

Test Plan:
{F46618}

{F46619}

Reviewers: chad, btrahan

Reviewed By: chad

CC: aran

Maniphest Tasks: T1536

Differential Revision: https://secure.phabricator.com/D6213
2013-06-17 12:14:25 -07:00
epriestley
30237aaa47 Clean up image loading for ExternalAccounts
Summary: Ref T1536. This gets the single queries out of the View and builds a propery Query class for ExternalAccount.

Test Plan: Linked/unlinked accounts, logged out, logged in.

Reviewers: chad, btrahan

Reviewed By: chad

CC: aran

Maniphest Tasks: T1536

Differential Revision: https://secure.phabricator.com/D6212
2013-06-17 12:14:00 -07:00
epriestley
278905543e Add very basic bin/auth tool
Summary: Ref T1536. This script basically exists to restore access if/when users shoot themselves in the foot by disabling all auth providers and can no longer log in.

Test Plan: {F46411}

Reviewers: btrahan

Reviewed By: btrahan

CC: aran

Maniphest Tasks: T1536

Differential Revision: https://secure.phabricator.com/D6205
2013-06-17 10:55:05 -07:00
epriestley
fc2973c5d3 Allow AuthenticationProviderConfig to be enabled and disabled
Summary: Ref T1536. Nothing too exciting here, one TODO about tailoring error messages.

Test Plan:
{F46403}

{F46404}

{F46405}

Reviewers: btrahan

Reviewed By: btrahan

CC: aran

Maniphest Tasks: T1536

Differential Revision: https://secure.phabricator.com/D6204
2013-06-17 10:54:08 -07:00
epriestley
07423211e9 Show edit transactions for AuthProviders
Summary: Ref T1536. When auth providers are edited, show the edit history.

Test Plan: {F46400}

Reviewers: btrahan

Reviewed By: btrahan

CC: aran, chad

Maniphest Tasks: T1536

Differential Revision: https://secure.phabricator.com/D6203
2013-06-17 10:53:29 -07:00
epriestley
c6374e25d5 Very rough edit workflow for AuthProvider configuration
Summary: Ref T1536. Many rough / broken edges, but adds the rough skeleton of the provider edit workflow.

Test Plan: {F46333}

Reviewers: btrahan

Reviewed By: btrahan

CC: aran, chad

Maniphest Tasks: T1536

Differential Revision: https://secure.phabricator.com/D6200
2013-06-17 10:52:38 -07:00
epriestley
abb367dd5b Add initial create screen for auth providers
Summary: Ref T1536. Adds an initial "choose a provider type" screen for adding a new provider. This doesn't go anywhere yet.

Test Plan: {F46316}

Reviewers: btrahan

Reviewed By: btrahan

CC: aran, chad

Maniphest Tasks: T1536

Differential Revision: https://secure.phabricator.com/D6199
2013-06-17 10:51:35 -07:00
epriestley
b927dc057d Add List/ApplicationSearch to AuthProviderConfig
Summary: Ref T1536. Adds a list controller and ApplicationSearch integration for listing providers.

Test Plan: {F46308}

Reviewers: btrahan

Reviewed By: btrahan

CC: aran

Maniphest Tasks: T1536

Differential Revision: https://secure.phabricator.com/D6198
2013-06-17 10:50:43 -07:00
epriestley
f0ddfe6565 Add PhabricatorAuthProviderConfigQuery
Summary: Ref T1536. See D6196. Code not called yet.

Test Plan: Static checks only.

Reviewers: btrahan

Reviewed By: btrahan

CC: aran

Maniphest Tasks: T1536

Differential Revision: https://secure.phabricator.com/D6197
2013-06-17 10:49:18 -07:00
epriestley
5f29ccaaca Add storage for Auth configuration in preparation for moving it into a web interface
Summary:
Ref T1536. Currently, we have about 40 auth-related configuration options. This is already roughly 20% of our config, and we want to add more providers. Additionally, we want to turn some of these auth options into multi-auth options (e.g., allow multiple Phabricator OAuth installs, or, theoretically multiple LDAP servers).

I'm going to move this into a separate "Auth" tool with a minimal CLI (`bin/auth`) interface and a more full web interface. Roughly:

  - Administrators will use the app to manage authentication providers.
  - The `bin/auth` CLI will provide a safety hatch if you lock yourself out by disabling all usable providers somehow.
  - We'll migrate existing configuration into the app and remove it.

General goals:

  - Make it much easier to configure authentication by providing an interface for it.
  - Make it easier to configure everything else by reducing the total number of available options.

Test Plan: Ran storage upgrade.

Reviewers: btrahan

Reviewed By: btrahan

CC: aran

Maniphest Tasks: T1536

Differential Revision: https://secure.phabricator.com/D6196
2013-06-17 10:48:41 -07:00