1
0
Fork 0
mirror of https://we.phorge.it/source/phorge.git synced 2024-12-24 06:20:56 +01:00
No description
Find a file
epriestley bc71888249 Mask typed passwords as they are entered into 'accountadmin'
Summary:
Currently, we echo the password as the user types it. This turns out to be a bit
of an issue in over-the-shoulder installs. Instead, disable tty echo while the
user is typing their password so nothing is shown (like how 'sudo' works).

Also show a better error message if the user chooses a duplicate email; without
testing for this we just throw a duplicate key exception when saving, which
isn't easy to understand. The other duplicate key exception is duplicate
username, which is impossible (the script updates rather than creating in this
case).

There's currently a bug where creating a user and setting their password at the
same time doesn't work. This is because we hash the PHID into the password hash,
but it's empty if the user hasn't been persisted yet. Make sure the user is
persisted before setting their password.

Finally, fix an issue where $original would have the new username set, creating
a somewhat confusing summary at the end.

I'm also going to improve the password behavior/explanation here once I add
welcome emails ("Hi Joe, epriestley created an account for you on Phabricator,
click here to login...").

Test Plan:
- Typed a password and didn't have it echoed. I also tested this on Ubuntu
without encountering problems.
  - Chose a duplicate email, got a useful error message instead of the exception
I'd encountered earlier.
  - Created a new user with a password in one pass and logged in as that user,
this worked properly.
  - Verified summary table does not contain username for new users.

Reviewed By: jungejason
Reviewers: jungejason, tuomaspelkonen, aran
CC: moskov, jr, aran, jungejason
Differential Revision: 358
2011-05-28 11:52:59 -07:00
bin Improve CLI script for account creation and document account/reg setup process 2011-05-12 18:44:53 -07:00
conf Ensure syntax errors and other configuration problems are surfaced to the user. 2011-05-27 16:59:21 -07:00
externals Raise PhabricatorShapedRequest request timeout 2011-05-22 14:48:26 -07:00
resources Basic image thumbnailing 2011-05-27 09:33:33 -07:00
scripts Mask typed passwords as they are entered into 'accountadmin' 2011-05-28 11:52:59 -07:00
src Mask typed passwords as they are entered into 'accountadmin' 2011-05-28 11:52:59 -07:00
support/aphlict Aphlict, simple notification server 2011-05-17 10:32:41 -07:00
webroot Improve file preview in Maniphest 2011-05-27 09:35:56 -07:00
.arcconfig Bring Javelin into Phabricator via git submodule, not copy-and-paste 2011-05-08 13:20:10 -07:00
.divinerconfig Documentation: improve Diffusion documentation 2011-05-19 13:40:40 -07:00
.gitignore Update standards documentation 2011-05-02 01:36:30 -07:00
.gitmodules Bring Javelin into Phabricator via git submodule, not copy-and-paste 2011-05-08 13:20:10 -07:00
CHANGELOG Enable multiple web sessions 2011-05-12 18:45:19 -07:00
README Edited README via GitHub 2011-04-29 16:10:08 -07:00

PROJECT STATUS: CAVEAT EMPTOR

This is an unstable preview release. You can learn more at http://phabricator.org/
as well as click around our development install. Developer mailing list at
https://groups.google.com/group/phabricator-dev and please report issues using
GitHub.

WHAT IS PHABRICATOR?

Phabricator is a suite of web applications that facilitate software development
tasks, particularly code review. The primary application in the suite is
Differential, a code review tool.

Phabricator is highly unstable and has many missing features! These applications
are being brought over from Facebook's internal toolset, but there's a lot of
stuff that hasn't made it over yet. Feel free to follow the project but you
probably shouldn't try to install this yet unless you're extremely ambitious
or just want to take a look at it. 

LICENSE

Phabricator is released under the Apache 2.0 license except as otherwise noted.
http://www.apache.org/licenses/LICENSE-2.0