Page Menu
Home
Phabricator
Search
Configure Global Search
Log In
Files
F15382157
D14325.id34578.diff
No One
Temporary
Actions
View File
Edit File
Delete File
View Transforms
Subscribe
Mute Notifications
Award Token
Flag For Later
Size
2 KB
Referenced Files
None
Subscribers
None
D14325.id34578.diff
View Options
diff --git a/src/applications/auth/controller/PhabricatorAuthOneTimeLoginController.php b/src/applications/auth/controller/PhabricatorAuthOneTimeLoginController.php
--- a/src/applications/auth/controller/PhabricatorAuthOneTimeLoginController.php
+++ b/src/applications/auth/controller/PhabricatorAuthOneTimeLoginController.php
@@ -84,6 +84,22 @@
->addCancelButton('/login/email/', pht('Send Another Email'));
}
+ if (!$target_user->canEstablishWebSessions()) {
+ return $this->newDialog()
+ ->setTitle(pht('Unable to Establish Web Session'))
+ ->setShortTitle(pht('Login Failure'))
+ ->appendParagraph(
+ pht(
+ 'You are trying to gain access to an account ("%s") that can not '.
+ 'establish a web session.',
+ $target_user->getUsername()))
+ ->appendParagraph(
+ pht(
+ 'Special users like daemons and mailing lists are not permitted '.
+ 'to log in via the web. Log in as a normal user instead.'))
+ ->addCancelButton('/');
+ }
+
if ($request->isFormPost()) {
// If we have an email bound into this URI, verify email so that clicking
// the link in the "Welcome" email is good enough, without requiring users
diff --git a/src/applications/auth/management/PhabricatorAuthManagementRecoverWorkflow.php b/src/applications/auth/management/PhabricatorAuthManagementRecoverWorkflow.php
--- a/src/applications/auth/management/PhabricatorAuthManagementRecoverWorkflow.php
+++ b/src/applications/auth/management/PhabricatorAuthManagementRecoverWorkflow.php
@@ -71,6 +71,16 @@
$can_recover));
}
+ if (!$user->canEstablishWebSessions()) {
+ throw new PhutilArgumentUsageException(
+ pht(
+ 'This account ("%s") can not establish web sessions, so it is '.
+ 'not possible to generate a functional recovery link. Special '.
+ 'accounts like daemons and mailing lists can not log in via the '.
+ 'web UI.',
+ $username));
+ }
+
$engine = new PhabricatorAuthSessionEngine();
$onetime_uri = $engine->getOneTimeLoginURI(
$user,
File Metadata
Details
Attached
Mime Type
text/plain
Expires
Sat, Mar 15, 11:00 AM (3 w, 2 d ago)
Storage Engine
blob
Storage Format
Encrypted (AES-256-CBC)
Storage Handle
7223866
Default Alt Text
D14325.id34578.diff (2 KB)
Attached To
Mode
D14325: Prevent mailing lists from being bin/auth recover'd
Attached
Detach File
Event Timeline
Log In to Comment