Page Menu
Home
Phabricator
Search
Configure Global Search
Log In
Files
F15389707
D20111.id48127.diff
No One
Temporary
Actions
View File
Edit File
Delete File
View Transforms
Subscribe
Mute Notifications
Award Token
Flag For Later
Size
10 KB
Referenced Files
None
Subscribers
None
D20111.id48127.diff
View Options
diff --git a/src/applications/auth/controller/PhabricatorAuthRegisterController.php b/src/applications/auth/controller/PhabricatorAuthRegisterController.php
--- a/src/applications/auth/controller/PhabricatorAuthRegisterController.php
+++ b/src/applications/auth/controller/PhabricatorAuthRegisterController.php
@@ -21,7 +21,9 @@
list($account, $provider, $response) = $result;
$is_default = false;
} else if ($this->isFirstTimeSetup()) {
- list($account, $provider, $response) = $this->loadSetupAccount();
+ $account = null;
+ $provider = null;
+ $response = null;
$is_default = true;
$is_setup = true;
} else {
@@ -35,22 +37,24 @@
$invite = $this->loadInvite();
- if (!$provider->shouldAllowRegistration()) {
- if ($invite) {
- // If the user has an invite, we allow them to register with any
- // provider, even a login-only provider.
- } else {
- // TODO: This is a routine error if you click "Login" on an external
- // auth source which doesn't allow registration. The error should be
- // more tailored.
+ if (!$is_setup) {
+ if (!$provider->shouldAllowRegistration()) {
+ if ($invite) {
+ // If the user has an invite, we allow them to register with any
+ // provider, even a login-only provider.
+ } else {
+ // TODO: This is a routine error if you click "Login" on an external
+ // auth source which doesn't allow registration. The error should be
+ // more tailored.
- return $this->renderError(
- pht(
- 'The account you are attempting to register with uses an '.
- 'authentication provider ("%s") which does not allow '.
- 'registration. An administrator may have recently disabled '.
- 'registration with this provider.',
- $provider->getProviderName()));
+ return $this->renderError(
+ pht(
+ 'The account you are attempting to register with uses an '.
+ 'authentication provider ("%s") which does not allow '.
+ 'registration. An administrator may have recently disabled '.
+ 'registration with this provider.',
+ $provider->getProviderName()));
+ }
}
}
@@ -58,14 +62,19 @@
$user = new PhabricatorUser();
- $default_username = $account->getUsername();
- $default_realname = $account->getRealName();
+ if ($is_setup) {
+ $default_username = null;
+ $default_realname = null;
+ $default_email = null;
+ } else {
+ $default_username = $account->getUsername();
+ $default_realname = $account->getRealName();
+ $default_email = $account->getEmail();
+ }
$account_type = PhabricatorAuthPassword::PASSWORD_TYPE_ACCOUNT;
$content_source = PhabricatorContentSource::newFromRequest($request);
- $default_email = $account->getEmail();
-
if ($invite) {
$default_email = $invite->getEmailAddress();
}
@@ -212,7 +221,11 @@
$can_edit_email = $profile->getCanEditEmail();
$can_edit_realname = $profile->getCanEditRealName();
- $must_set_password = $provider->shouldRequireRegistrationPassword();
+ if ($is_setup) {
+ $must_set_password = false;
+ } else {
+ $must_set_password = $provider->shouldRequireRegistrationPassword();
+ }
$can_edit_anything = $profile->getCanEditAnything() || $must_set_password;
$force_verify = $profile->getShouldVerifyEmail();
@@ -334,9 +347,11 @@
}
if (!$errors) {
- $image = $this->loadProfilePicture($account);
- if ($image) {
- $user->setProfileImagePHID($image->getPHID());
+ if (!$is_setup) {
+ $image = $this->loadProfilePicture($account);
+ if ($image) {
+ $user->setProfileImagePHID($image->getPHID());
+ }
}
try {
@@ -346,17 +361,19 @@
$verify_email = true;
}
- if ($value_email === $default_email) {
- if ($account->getEmailVerified()) {
- $verify_email = true;
- }
+ if (!$is_setup) {
+ if ($value_email === $default_email) {
+ if ($account->getEmailVerified()) {
+ $verify_email = true;
+ }
- if ($provider->shouldTrustEmails()) {
- $verify_email = true;
- }
+ if ($provider->shouldTrustEmails()) {
+ $verify_email = true;
+ }
- if ($invite) {
- $verify_email = true;
+ if ($invite) {
+ $verify_email = true;
+ }
}
}
@@ -438,9 +455,11 @@
$transaction_editor->applyTransactions($user, $xactions);
}
- $account->setUserPHID($user->getPHID());
- $provider->willRegisterAccount($account);
- $account->save();
+ if (!$is_setup) {
+ $account->setUserPHID($user->getPHID());
+ $provider->willRegisterAccount($account);
+ $account->save();
+ }
$user->saveTransaction();
@@ -501,7 +520,6 @@
->setAuthProvider($provider)));
}
-
if ($can_edit_username) {
$form->appendChild(
id(new AphrontFormTextControl())
@@ -595,7 +613,7 @@
pht(
'Installation is complete. Register your administrator account '.
'below to log in. You will be able to configure options and add '.
- 'other authentication mechanisms (like LDAP or OAuth) later on.'));
+ 'authentication mechanisms later on.'));
}
$object_box = id(new PHUIObjectBoxView())
@@ -612,11 +630,12 @@
$view = id(new PHUITwoColumnView())
->setHeader($header)
- ->setFooter(array(
- $welcome_view,
- $invite_header,
- $object_box,
- ));
+ ->setFooter(
+ array(
+ $welcome_view,
+ $invite_header,
+ $object_box,
+ ));
return $this->newPage()
->setTitle($title)
@@ -657,19 +676,6 @@
return array($account, $provider, $response);
}
- private function loadSetupAccount() {
- $provider = new PhabricatorPasswordAuthProvider();
- $provider->attachProviderConfig(
- id(new PhabricatorAuthProviderConfig())
- ->setShouldAllowRegistration(1)
- ->setShouldAllowLogin(1)
- ->setIsEnabled(true));
-
- $account = $provider->getDefaultExternalAccount();
- $response = null;
- return array($account, $provider, $response);
- }
-
private function loadProfilePicture(PhabricatorExternalAccount $account) {
$phid = $account->getProfileImagePHID();
if (!$phid) {
diff --git a/src/applications/people/storage/PhabricatorUser.php b/src/applications/people/storage/PhabricatorUser.php
--- a/src/applications/people/storage/PhabricatorUser.php
+++ b/src/applications/people/storage/PhabricatorUser.php
@@ -557,7 +557,7 @@
public static function describeValidUsername() {
return pht(
- 'Usernames must contain only numbers, letters, period, underscore and '.
+ 'Usernames must contain only numbers, letters, period, underscore, and '.
'hyphen, and can not end with a period. They must have no more than %d '.
'characters.',
new PhutilNumber(self::MAXIMUM_USERNAME_LENGTH));
diff --git a/src/applications/people/storage/PhabricatorUserEmail.php b/src/applications/people/storage/PhabricatorUserEmail.php
--- a/src/applications/people/storage/PhabricatorUserEmail.php
+++ b/src/applications/people/storage/PhabricatorUserEmail.php
@@ -83,9 +83,8 @@
*/
public static function describeValidAddresses() {
return pht(
- "Email addresses should be in the form '%s'. The maximum ".
- "length of an email address is %s character(s).",
- 'user@domain.com',
+ 'Email addresses should be in the form "user@domain.com". The maximum '.
+ 'length of an email address is %s characters.',
new PhutilNumber(self::MAX_ADDRESS_LENGTH));
}
diff --git a/src/docs/user/configuration/configuring_accounts_and_registration.diviner b/src/docs/user/configuration/configuring_accounts_and_registration.diviner
--- a/src/docs/user/configuration/configuring_accounts_and_registration.diviner
+++ b/src/docs/user/configuration/configuring_accounts_and_registration.diviner
@@ -3,7 +3,8 @@
Describes how to configure user access to Phabricator.
-= Overview =
+Overview
+========
Phabricator supports a number of login systems. You can enable or disable these
systems to configure who can register for and access your install, and how users
@@ -28,24 +29,37 @@
associate an existing Phabricator account with a GitHub OAuth account) or users
can use it to register new accounts (assuming you enable these options).
-= Recovering Inaccessible Accounts =
+
+Recovering Inaccessible Accounts
+================================
If you accidentally lock yourself out of Phabricator (for example, by disabling
-all authentication providers), you can use the `bin/auth`
-script to recover access to an account. To recover access, run:
+all authentication providers), you can normally use the "send a login link"
+action from the login screen to email yourself a login link and regain access
+to your account.
+
+If that isn't working (perhaps because you haven't configured email yet), you
+can use the `bin/auth` script to recover access to an account. To recover
+access, run:
- phabricator/ $ ./bin/auth recover <username>
+```
+phabricator/ $ ./bin/auth recover <username>
+```
...where `<username>` is the account username you want to recover access
to. This will generate a link which will log you in as the specified user.
-= Managing Accounts with the Web Console =
+
+Managing Accounts with the Web Console
+======================================
To manage accounts from the web, login as an administrator account and go to
`/people/` or click "People" on the homepage. Provided you're an admin,
you'll see options to create or edit accounts.
-= Manually Creating New Accounts =
+
+Manually Creating New Accounts
+==============================
There are two ways to manually create new accounts: via the web UI using
the "People" application (this is easiest), or via the CLI using the
@@ -60,7 +74,9 @@
an administrator (if you accidentally remove your admin flag) or to create an
administrative account.
-= Next Steps =
+
+Next Steps
+==========
Continue by:
File Metadata
Details
Attached
Mime Type
text/plain
Expires
Sun, Mar 16, 5:35 AM (1 w, 3 d ago)
Storage Engine
blob
Storage Format
Encrypted (AES-256-CBC)
Storage Handle
7324359
Default Alt Text
D20111.id48127.diff (10 KB)
Attached To
Mode
D20111: During first-time setup, create an administrator account with no authentication instead of weird, detached authentication
Attached
Detach File
Event Timeline
Log In to Comment