1
0
Fork 0
mirror of https://we.phorge.it/source/phorge.git synced 2024-11-30 02:32:42 +01:00
phorge-phorge/scripts
epriestley aa3b582c7b Remove "set password" from bin/accountadmin and let bin/auth recover recover anyone
Summary:
Ref T13043. This cleans some things up to prepare for moving account passwords to shared infrastructure.

Currently, the (very old, fairly unusual) `bin/accountadmin` tool can set account passwords. This is a bit weird, generally not great, and makes upgrading to shared infrastructure more difficult. Just get rid of this to simplify things. Many installs don't have passwords and this is pointless and unhelpful in those cases.

Instead, let `bin/auth recover` recover any account, not just administrator accounts. This was a guardrail against administrative abuse, but it has always seemed especially flimsy (since anyone who can run the tool can easily comment out the checks) and I use this tool in cluster support with some frequency, occasionally just commenting out the checks. This is generally a better solution than actually setting a password on accounts anyway. Just get rid of the check and give users enough rope to shoot themselves in the foot with if they truly desire.

Test Plan:
  - Ran `bin/accountadmin`, didn't get prompted to swap passwords anymore.
  - Ran `bin/auth recover` to recover a non-admin account.

Reviewers: amckinley

Reviewed By: amckinley

Maniphest Tasks: T13043

Differential Revision: https://secure.phabricator.com/D18901
2018-01-23 10:58:11 -08:00
..
almanac Use PhutilClassMapQuery instead of PhutilSymbolLoader 2015-08-14 07:49:01 +10:00
cache Use PhutilClassMapQuery instead of PhutilSymbolLoader 2015-08-14 07:49:01 +10:00
celerity Add some sort of sort to Emoji Autocomplete 2017-01-24 20:21:06 -08:00
daemon When available, use async_signals in Phabricator 2017-01-12 16:00:13 -08:00
diviner Use PhutilClassMapQuery instead of PhutilSymbolLoader 2015-08-14 07:49:01 +10:00
drydock Use PhutilClassMapQuery instead of PhutilSymbolLoader 2015-08-14 07:49:01 +10:00
fact Use PhutilClassMapQuery instead of PhutilSymbolLoader 2015-08-14 07:49:01 +10:00
files Use PhutilClassMapQuery instead of PhutilSymbolLoader 2015-08-14 07:49:01 +10:00
fpm Delete license headers from files 2012-11-05 11:16:51 -08:00
init Allow bin/aphlict to start without a valid database connection 2016-11-13 16:43:23 -08:00
install Use HTTPS, not HTTP, in install scripts 2016-11-29 12:11:04 -08:00
lipsum Improve bin/lipsum UX 2015-12-24 09:06:35 -08:00
mail Fix inbound mail handling for messages with no HTML body part 2017-11-22 11:14:24 -08:00
people Add a profileimage generation workflow for the cli 2017-03-04 15:43:13 -08:00
repository Treat commit hook execution in observed repositories as a no-op, not an error 2017-08-01 08:32:42 -07:00
search Use PhutilClassMapQuery instead of PhutilSymbolLoader 2015-08-14 07:49:01 +10:00
setup Allow bulk edits to be made silently if you have CLI access 2018-01-19 13:24:54 -08:00
sms Use PhutilClassMapQuery instead of PhutilSymbolLoader 2015-08-14 07:49:01 +10:00
sql Respect user/pass flags to bin/storage for direct DatabaseRef-based queries 2016-11-19 08:39:45 -08:00
ssh When available, use async_signals in Phabricator 2017-01-12 16:00:13 -08:00
symbols Update import/clear symbols scripts for callsigns 2016-02-18 09:55:57 -08:00
user Remove "set password" from bin/accountadmin and let bin/auth recover recover anyone 2018-01-23 10:58:11 -08:00
util phtize all the things 2015-05-22 21:16:39 +10:00
__init_script__.php Continue on bad database configuration from select scripts 2016-09-06 14:20:57 -07:00
manage_bulk.php Allow bulk edits to be made silently if you have CLI access 2018-01-19 13:24:54 -08:00