1
0
Fork 0
mirror of https://we.phorge.it/source/phorge.git synced 2024-11-10 08:52:39 +01:00
No description
Find a file
epriestley 301fed1b43 Revise administrative workflow for user creation
Summary:
- When an administrator creates a user, provide an option to send a welcome
email. Right now this workflow kind of dead-ends.
  - Prevent administrators from changing the "System Agent" flag. If they can
change it, they can grab another user's certificate and then act as them. This
is a vaguely weaker security policy than is exhibited elsewhere in the
application. Instead, make user accounts immutably normal users or system agents
at creation time.
  - Prevent administrators from changing email addresses after account creation.
Same deal as conduit certs. The 'bin/accountadmin' script can still do this if a
user has a real problem.
  - Prevent administrators from resetting passwords. There's no need for this
anymore with welcome emails plus email login and it raises the same issues.

Test Plan:
- Created a new account, selected "send welcome email", got a welcome email,
logged in with the link inside it.
  - Created a new system agent.
  - Reset an account's password.

Reviewed By: aran
Reviewers: tuomaspelkonen, jungejason, aran
CC: anjali, aran, epriestley
Differential Revision: 379
2011-05-31 13:06:32 -07:00
bin Improve CLI script for account creation and document account/reg setup process 2011-05-12 18:44:53 -07:00
conf Document remarkup and bring over the <tt> rule from Diviner. 2011-05-29 10:20:24 -07:00
externals Add comment linking to Maniphest and Differential 2011-05-31 11:11:19 -07:00
resources Basic image thumbnailing 2011-05-27 09:33:33 -07:00
scripts Test for pcntl availability from the command line, not Apache 2011-05-30 21:02:08 -07:00
src Revise administrative workflow for user creation 2011-05-31 13:06:32 -07:00
support/aphlict Aphlict, simple notification server 2011-05-17 10:32:41 -07:00
webroot Add comment linking to Maniphest and Differential 2011-05-31 11:11:19 -07:00
.arcconfig Bring Javelin into Phabricator via git submodule, not copy-and-paste 2011-05-08 13:20:10 -07:00
.divinerconfig Documentation: improve Diffusion documentation 2011-05-19 13:40:40 -07:00
.gitignore Update standards documentation 2011-05-02 01:36:30 -07:00
.gitmodules Just change the location. 2011-05-28 15:14:54 -07:00
CHANGELOG Enable multiple web sessions 2011-05-12 18:45:19 -07:00
README Edited README via GitHub 2011-04-29 16:10:08 -07:00

PROJECT STATUS: CAVEAT EMPTOR

This is an unstable preview release. You can learn more at http://phabricator.org/
as well as click around our development install. Developer mailing list at
https://groups.google.com/group/phabricator-dev and please report issues using
GitHub.

WHAT IS PHABRICATOR?

Phabricator is a suite of web applications that facilitate software development
tasks, particularly code review. The primary application in the suite is
Differential, a code review tool.

Phabricator is highly unstable and has many missing features! These applications
are being brought over from Facebook's internal toolset, but there's a lot of
stuff that hasn't made it over yet. Feel free to follow the project but you
probably shouldn't try to install this yet unless you're extremely ambitious
or just want to take a look at it. 

LICENSE

Phabricator is released under the Apache 2.0 license except as otherwise noted.
http://www.apache.org/licenses/LICENSE-2.0