mirror of
https://we.phorge.it/source/phorge.git
synced 2024-11-23 07:12:41 +01:00
87207b2f4e
Summary: - Move email to a separate table. - Migrate existing email to new storage. - Allow users to add and remove email addresses. - Allow users to verify email addresses. - Allow users to change their primary email address. - Convert all the registration/reset/login code to understand these changes. - There are a few security considerations here but I think I've addressed them. Principally, it is important to never let a user acquire a verified email address they don't actually own. We ensure this by tightening the scoping of token generation rules to be (user, email) specific. - This should have essentially zero impact on Facebook, but may require some minor changes in the registration code -- I don't exactly remember how it is set up. Not included here (next steps): - Allow configuration to restrict email to certain domains. - Allow configuration to require validated email. Test Plan: This is a fairly extensive, difficult-to-test change. - From "Email Addresses" interface: - Added new email (verified email verifications sent). - Changed primary email (verified old/new notificactions sent). - Resent verification emails (verified they sent). - Removed email. - Tried to add already-owned email. - Created new users with "accountadmin". Edited existing users with "accountadmin". - Created new users with "add_user.php". - Created new users with web interface. - Clicked welcome email link, verified it verified email. - Reset password. - Linked/unlinked oauth accounts. - Logged in with oauth account. - Logged in with email. - Registered with Oauth account. - Tried to register with OAuth account with duplicate email. - Verified errors for email verification with bad tokens, etc. Reviewers: btrahan, vrana, jungejason Reviewed By: btrahan CC: aran Maniphest Tasks: T1184 Differential Revision: https://secure.phabricator.com/D2393
75 lines
2 KiB
PHP
Executable file
75 lines
2 KiB
PHP
Executable file
#!/usr/bin/env php
|
|
<?php
|
|
|
|
/*
|
|
* Copyright 2012 Facebook, Inc.
|
|
*
|
|
* Licensed under the Apache License, Version 2.0 (the "License");
|
|
* you may not use this file except in compliance with the License.
|
|
* You may obtain a copy of the License at
|
|
*
|
|
* http://www.apache.org/licenses/LICENSE-2.0
|
|
*
|
|
* Unless required by applicable law or agreed to in writing, software
|
|
* distributed under the License is distributed on an "AS IS" BASIS,
|
|
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
* See the License for the specific language governing permissions and
|
|
* limitations under the License.
|
|
*/
|
|
|
|
$root = dirname(dirname(dirname(__FILE__)));
|
|
require_once $root.'/scripts/__init_script__.php';
|
|
|
|
phutil_require_module('phutil', 'console');
|
|
phutil_require_module('phutil', 'future/exec');
|
|
|
|
if ($argc !== 5) {
|
|
echo "usage: add_user.php <username> <email> <realname> <admin_user>\n";
|
|
exit(1);
|
|
}
|
|
|
|
$username = $argv[1];
|
|
$email = $argv[2];
|
|
$realname = $argv[3];
|
|
$admin = $argv[4];
|
|
|
|
$admin = id(new PhabricatorUser())->loadOneWhere(
|
|
'username = %s',
|
|
$argv[4]);
|
|
if (!$admin) {
|
|
throw new Exception(
|
|
"Admin user must be the username of a valid Phabricator account, used ".
|
|
"to send the new user a welcome email.");
|
|
}
|
|
|
|
$existing_user = id(new PhabricatorUser())->loadOneWhere(
|
|
'username = %s',
|
|
$username);
|
|
if ($existing_user) {
|
|
throw new Exception(
|
|
"There is already a user with the username '{$username}'!");
|
|
}
|
|
|
|
$existing_email = id(new PhabricatorUserEmail())->loadOneWhere(
|
|
'address = %s',
|
|
$email);
|
|
if ($existing_email) {
|
|
throw new Exception(
|
|
"There is already a user with the email '{$email}'!");
|
|
}
|
|
|
|
$user = new PhabricatorUser();
|
|
$user->setUsername($username);
|
|
$user->setRealname($realname);
|
|
$user->save();
|
|
|
|
$email_object = id(new PhabricatorUserEmail())
|
|
->setUserPHID($user->getPHID())
|
|
->setAddress($email)
|
|
->setIsVerified(1)
|
|
->setIsPrimary(1)
|
|
->save();
|
|
|
|
$user->sendWelcomeEmail($admin);
|
|
|
|
echo "Created user '{$username}' (realname='{$realname}', email='{$email}').\n";
|