Page Menu
Home
Phabricator
Search
Configure Global Search
Log In
Files
F14069275
D11708.id.diff
No One
Temporary
Actions
View File
Edit File
Delete File
View Transforms
Subscribe
Mute Notifications
Award Token
Flag For Later
Size
5 KB
Referenced Files
None
Subscribers
None
D11708.id.diff
View Options
diff --git a/src/applications/auth/controller/config/PhabricatorAuthListController.php b/src/applications/auth/controller/config/PhabricatorAuthListController.php
--- a/src/applications/auth/controller/config/PhabricatorAuthListController.php
+++ b/src/applications/auth/controller/config/PhabricatorAuthListController.php
@@ -92,37 +92,59 @@
$crumbs = $this->buildApplicationCrumbs();
$crumbs->addTextCrumb(pht('Auth Providers'));
- $config_name = 'auth.email-domains';
- $config_href = '/config/edit/'.$config_name.'/';
- $config_link = phutil_tag(
- 'a',
- array(
- 'href' => $config_href,
- 'target' => '_blank',
- ),
- $config_name);
-
- $warning = new PHUIErrorView();
-
- $email_domains = PhabricatorEnv::getEnvConfig($config_name);
- if ($email_domains) {
- $warning->setSeverity(PHUIErrorView::SEVERITY_NOTICE);
- $warning->appendChild(
- pht(
- 'Only users with a verified email address at one of the %s domains '.
- 'will be able to register a Phabricator account: %s',
- $config_link,
- phutil_tag('strong', array(), implode(', ', $email_domains))));
+ $domains_key = 'auth.email-domains';
+ $domains_link = $this->renderConfigLink($domains_key);
+ $domains_value = PhabricatorEnv::getEnvConfig($domains_key);
+
+ $approval_key = 'auth.require-approval';
+ $approval_link = $this->renderConfigLink($approval_key);
+ $approval_value = PhabricatorEnv::getEnvConfig($approval_key);
+
+ $issues = array();
+ if ($domains_value) {
+ $issues[] = pht(
+ 'Phabricator is configured with an email domain whitelist (in %s), so '.
+ 'only users with a verified email address at one of these %s '.
+ 'allowed domain(s) will be able to register an account: %s',
+ $domains_link,
+ new PhutilNumber(count($domains_value)),
+ phutil_tag('strong', array(), implode(', ', $domains_value)));
} else {
- $warning->setSeverity(PHUIErrorView::SEVERITY_WARNING);
- $warning->appendChild(
- pht(
- 'Anyone who can browse to this Phabricator install will be able to '.
- 'register an account. To restrict who can register an account, '.
- 'configure %s.',
- $config_link));
+ $issues[] = pht(
+ 'Anyone who can browse to this Phabricator install will be able to '.
+ 'register an account. To add email domain restrictions, configure '.
+ '%s.',
+ $domains_link);
}
+ if ($approval_value) {
+ $issues[] = pht(
+ 'Administrative approvals are enabled (in %s), so all new users must '.
+ 'have their accounts approved by an administrator.',
+ $approval_link);
+ } else {
+ $issues[] = pht(
+ 'Administrative approvals are disabled, so users who register will '.
+ 'be able to use their accounts immediately. To enable approvals, '.
+ 'configure %s.',
+ $approval_link);
+ }
+
+ if (!$domains_value && !$approval_value) {
+ $severity = PHUIErrorView::SEVERITY_WARNING;
+ $issues[] = pht(
+ 'You can safely ignore this warning if the install itself has '.
+ 'access controls (for example, it is deployed on a VPN) or if all of '.
+ 'the configured providers have access controls (for example, they are '.
+ 'all private LDAP or OAuth servers).');
+ } else {
+ $severity = PHUIErrorView::SEVERITY_NOTICE;
+ }
+
+ $warning = id(new PHUIErrorView())
+ ->setSeverity($severity)
+ ->setErrors($issues);
+
$image = id(new PHUIIconView())
->setIconFont('fa-plus');
$button = id(new PHUIButtonView())
@@ -152,4 +174,14 @@
));
}
+ private function renderConfigLink($key) {
+ return phutil_tag(
+ 'a',
+ array(
+ 'href' => '/config/edit/'.$key.'/',
+ 'target' => '_blank',
+ ),
+ $key);
+ }
+
}
diff --git a/src/infrastructure/internationalization/translation/PhabricatorBaseEnglishTranslation.php b/src/infrastructure/internationalization/translation/PhabricatorBaseEnglishTranslation.php
--- a/src/infrastructure/internationalization/translation/PhabricatorBaseEnglishTranslation.php
+++ b/src/infrastructure/internationalization/translation/PhabricatorBaseEnglishTranslation.php
@@ -911,6 +911,19 @@
'The configurations differ:',
'The configurations differ in these ways:',
),
+
+ 'Phabricator is configured with an email domain whitelist (in %s), so '.
+ 'only users with a verified email address at one of these %s '.
+ 'allowed domain(s) will be able to register an account: %s' => array(
+ array(
+ 'Phabricator is configured with an email domain whitelist (in %s), '.
+ 'so only users with a verified email address at %3$s will be '.
+ 'allowed to register an account.',
+ 'Phabricator is configured with an email domain whitelist (in %s), '.
+ 'so only users with a verified email address at one of these '.
+ 'allowed domains will be able to register an account: %3$s',
+ ),
+ ),
);
}
File Metadata
Details
Attached
Mime Type
text/plain
Expires
Thu, Nov 21, 4:57 AM (15 h, 17 m)
Storage Engine
blob
Storage Format
Encrypted (AES-256-CBC)
Storage Handle
6749592
Default Alt Text
D11708.id.diff (5 KB)
Attached To
Mode
D11708: Reduce severity of auth provider warning
Attached
Detach File
Event Timeline
Log In to Comment