1
0
Fork 0
mirror of https://we.phorge.it/source/phorge.git synced 2024-11-13 10:22:42 +01:00
phorge-phorge/src/applications
epriestley 7f11e8d740 Improve handling of email verification and "activated" accounts
Summary:
Small step forward which improves existing stuff or lays groudwork for future stuff:

  - Currently, to check for email verification, we have to single-query the email address on every page. Instead, denoramlize it into the user object.
    - Migrate all the existing users.
    - When the user verifies an email, mark them as `isEmailVerified` if the email is their primary email.
    - Just make the checks look at the `isEmailVerified` field.
  - Add a new check, `isUserActivated()`, to cover email-verified plus disabled. Currently, a non-verified-but-not-disabled user could theoretically use Conduit over SSH, if anyone deployed it. Tighten that up.
  - Add an `isApproved` flag, which is always true for now. In a future diff, I want to add a default-on admin approval queue for new accounts, to prevent configuration mistakes. The way it will work is:
    - When the queue is enabled, registering users are created with `isApproved = false`.
    - Admins are sent an email, "[Phabricator] New User Approval (alincoln)", telling them that a new user is waiting for approval.
    - They go to the web UI and approve the user.
    - Manually-created accounts are auto-approved.
    - The email will have instructions for disabling the queue.

I think this queue will be helpful for new installs and give them peace of mind, and when you go to disable it we have a better opportunity to warn you about exactly what that means.

Generally, I want to improve the default safety of registration, since if you just blindly coast through the path of least resistance right now your install ends up pretty open, and realistically few installs are on VPNs.

Test Plan:
  - Ran migration, verified `isEmailVerified` populated correctly.
  - Created a new user, checked DB for verified (not verified).
  - Verified, checked DB (now verified).
  - Used Conduit, People, Diffusion.

Reviewers: btrahan

Reviewed By: btrahan

CC: chad, aran

Differential Revision: https://secure.phabricator.com/D7572
2013-11-12 14:37:04 -08:00
..
arcanist/conduit Move Conduit methods inside applications 2012-12-21 12:21:59 -08:00
audit Make event-triggered actions more aware of application access 2013-10-21 17:00:50 -07:00
auth Improve handling of email verification and "activated" accounts 2013-11-12 14:37:04 -08:00
base Improve handling of email verification and "activated" accounts 2013-11-12 14:37:04 -08:00
cache Provide 'bin/cache', for managing caches 2013-05-20 10:16:35 -07:00
calendar Replace some hsprintf() by phutil_tag() 2013-11-11 09:23:23 -08:00
chatlog Fix chatlog application query integration 2013-10-22 13:47:47 -07:00
conduit Improve handling of email verification and "activated" accounts 2013-11-12 14:37:04 -08:00
config Remove differential.anonymous-access 2013-11-11 16:05:19 -08:00
conpherence Replace some hsprintf() by phutil_tag() 2013-11-11 09:23:23 -08:00
countdown Replace some hsprintf() by phutil_tag() 2013-11-11 09:23:23 -08:00
daemon Lock policy queries to their applications 2013-10-21 17:20:27 -07:00
differential Remove differential.anonymous-access 2013-11-11 16:05:19 -08:00
diffusion Improve handling of email verification and "activated" accounts 2013-11-12 14:37:04 -08:00
directory/controller Hide Audit information on Home when the application is uninstalled 2013-10-09 15:25:03 -07:00
diviner Lock policy queries to their applications 2013-10-21 17:20:27 -07:00
doorkeeper Lock policy queries to their applications 2013-10-21 17:20:27 -07:00
draft/storage Add draft support to ApplicationTransactions 2012-12-21 05:57:14 -08:00
drydock PHUIPropertyListView 2013-10-11 07:53:56 -07:00
fact Restore merge of phutil_tag. 2013-02-13 14:51:18 -08:00
feed Replace some hsprintf() by phutil_tag() 2013-11-11 09:23:23 -08:00
files Add filter by object ability to flag query 2013-10-25 12:52:00 -07:00
flag Work around a bug in PHP 5.3-ish with abstract methods in interfaces 2013-10-25 15:58:17 -07:00
harbormaster Replace some hsprintf() by phutil_tag() 2013-11-11 09:23:23 -08:00
help/controller Make Differential views capability-sensitive 2013-09-26 18:45:04 -07:00
herald Improve handling of email verification and "activated" accounts 2013-11-12 14:37:04 -08:00
legalpad Clean up legalpad sign UI 2013-10-30 15:50:46 -07:00
lipsum Kill PhabricatorObjectDataHandle 2013-09-11 12:27:28 -07:00
macro Fix incorrect check for CAN_EDIT in macro enable/disable controller 2013-11-09 16:34:26 -08:00
mailinglists Lock policy queries to their applications 2013-10-21 17:20:27 -07:00
maniphest Replace some hsprintf() by phutil_tag() 2013-11-11 09:23:23 -08:00
meta Update Apps Installed icons to match Projects. 2013-10-23 13:28:47 -07:00
metamta Improve handling of email verification and "activated" accounts 2013-11-12 14:37:04 -08:00
notification Replace some hsprintf() by phutil_tag() 2013-11-11 09:23:23 -08:00
nuance Naunce - capalities for Source object 2013-11-08 12:45:14 -08:00
oauthserver Initialize used variable 2013-07-09 21:55:27 -07:00
owners Replace some hsprintf() by phutil_tag() 2013-11-11 09:23:23 -08:00
paste Add filter by object ability to flag query 2013-10-25 12:52:00 -07:00
people Improve handling of email verification and "activated" accounts 2013-11-12 14:37:04 -08:00
phame Replace some hsprintf() by phutil_tag() 2013-11-11 09:23:23 -08:00
phid Work around a bug in PHP 5.3-ish with abstract methods in interfaces 2013-10-25 15:58:17 -07:00
phlux Add filter by object ability to flag query 2013-10-25 12:52:00 -07:00
pholio Pholio - fix a bug replacing multiple images 2013-11-08 17:13:36 -08:00
phortune Lock policy queries to their applications 2013-10-21 17:20:27 -07:00
phpast Replace some hsprintf() by phutil_tag() 2013-11-11 09:23:23 -08:00
phrequent Lock policy queries to their applications 2013-10-21 17:20:27 -07:00
phriction Replace some hsprintf() by phutil_tag() 2013-11-11 09:23:23 -08:00
policy Work around a bug in PHP 5.3-ish with abstract methods in interfaces 2013-10-25 15:58:17 -07:00
ponder Fix an issue where Ponder rename stories tried to render question bodies 2013-11-11 11:17:06 -08:00
project Replace some hsprintf() by phutil_tag() 2013-11-11 09:23:23 -08:00
releeph Lock policy queries to their applications 2013-10-21 17:20:27 -07:00
remarkup/conduit Support processing Remarkup in bulk with remarkup.processbulk Conduit method 2013-11-02 16:30:11 -07:00
repository Don't implement SVN over HTTP 2013-11-11 16:10:41 -08:00
search Replace some hsprintf() by phutil_tag() 2013-11-11 09:23:23 -08:00
settings Replace some hsprintf() by phutil_tag() 2013-11-11 09:23:23 -08:00
slowvote Add filter by object ability to flag query 2013-10-25 12:52:00 -07:00
subscriptions Tie application event listeners to the applications they listen for 2013-10-21 17:00:21 -07:00
system Replace some hsprintf() by phutil_tag() 2013-11-11 09:23:23 -08:00
tokens Lock policy queries to their applications 2013-10-21 17:20:27 -07:00
transactions Select all available bodies when rendering a feed story 2013-11-05 09:03:59 -08:00
typeahead Use herald to trigger builds of revisions and commits. 2013-11-08 16:58:39 -08:00
uiexample PHUIInfoPanel 2013-10-25 11:09:06 -07:00
xhprof Make most file reads policy-aware 2013-09-30 09:38:13 -07:00