Changeset View
Changeset View
Standalone View
Standalone View
src/applications/diffusion/panel/DiffusionSetPasswordPanel.php
| <?php | <?php | ||||
| final class DiffusionSetPasswordPanel extends PhabricatorSettingsPanel { | final class DiffusionSetPasswordPanel extends PhabricatorSettingsPanel { | ||||
| public function isEditableByAdministrators() { | |||||
| return true; | |||||
| } | |||||
| public function getPanelKey() { | public function getPanelKey() { | ||||
| return 'vcspassword'; | return 'vcspassword'; | ||||
| } | } | ||||
| public function getPanelName() { | public function getPanelName() { | ||||
| return pht('VCS Password'); | return pht('VCS Password'); | ||||
| } | } | ||||
| public function getPanelGroup() { | public function getPanelGroup() { | ||||
| return pht('Authentication'); | return pht('Authentication'); | ||||
| } | } | ||||
| public function isEnabled() { | public function isEnabled() { | ||||
| return PhabricatorEnv::getEnvConfig('diffusion.allow-http-auth'); | return PhabricatorEnv::getEnvConfig('diffusion.allow-http-auth'); | ||||
| } | } | ||||
| public function processRequest(AphrontRequest $request) { | public function processRequest(AphrontRequest $request) { | ||||
| $user = $request->getUser(); | $viewer = $request->getUser(); | ||||
| $user = $this->getUser(); | |||||
| $vcspassword = id(new PhabricatorRepositoryVCSPassword()) | $vcspassword = id(new PhabricatorRepositoryVCSPassword()) | ||||
| ->loadOneWhere( | ->loadOneWhere( | ||||
| 'userPHID = %s', | 'userPHID = %s', | ||||
| $user->getPHID()); | $user->getPHID()); | ||||
| if (!$vcspassword) { | if (!$vcspassword) { | ||||
| $vcspassword = id(new PhabricatorRepositoryVCSPassword()); | $vcspassword = id(new PhabricatorRepositoryVCSPassword()); | ||||
| $vcspassword->setUserPHID($user->getPHID()); | $vcspassword->setUserPHID($user->getPHID()); | ||||
| Show All 32 Lines | if ($request->isFormPost()) { | ||||
| if (!$errors) { | if (!$errors) { | ||||
| $envelope = new PhutilOpaqueEnvelope($new_password); | $envelope = new PhutilOpaqueEnvelope($new_password); | ||||
| if ($new_password !== $confirm) { | if ($new_password !== $confirm) { | ||||
| $e_password = pht('Does Not Match'); | $e_password = pht('Does Not Match'); | ||||
| $e_confirm = pht('Does Not Match'); | $e_confirm = pht('Does Not Match'); | ||||
| $errors[] = pht('Password and confirmation do not match.'); | $errors[] = pht('Password and confirmation do not match.'); | ||||
| } else if ($user->comparePassword($envelope)) { | } else if ($viewer->comparePassword($envelope)) { | ||||
| // NOTE: The above test is against $viewer (not $user), so that the | |||||
| // error message below makes sense in the case that the two are | |||||
| // different, and because an admin reusing their own password is bad, | |||||
| // while system agents generally do not have passwords anyway. | |||||
| $e_password = pht('Not Unique'); | $e_password = pht('Not Unique'); | ||||
| $e_confirm = pht('Not Unique'); | $e_confirm = pht('Not Unique'); | ||||
| $errors[] = pht( | $errors[] = pht( | ||||
| 'This password is the same as another password associated '. | 'This password is the same as another password associated '. | ||||
| 'with your account. You must use a unique password for '. | 'with your account. You must use a unique password for '. | ||||
| 'VCS access.'); | 'VCS access.'); | ||||
| } else if ( | } else if ( | ||||
| PhabricatorCommonPasswords::isCommonPassword($new_password)) { | PhabricatorCommonPasswords::isCommonPassword($new_password)) { | ||||
| Show All 12 Lines | if ($request->isFormPost()) { | ||||
| return id(new AphrontRedirectResponse())->setURI($panel_uri); | return id(new AphrontRedirectResponse())->setURI($panel_uri); | ||||
| } | } | ||||
| } | } | ||||
| } | } | ||||
| $title = pht('Set VCS Password'); | $title = pht('Set VCS Password'); | ||||
| $form = id(new AphrontFormView()) | $form = id(new AphrontFormView()) | ||||
| ->setUser($user) | ->setUser($viewer) | ||||
| ->appendRemarkupInstructions( | ->appendRemarkupInstructions( | ||||
| pht( | pht( | ||||
| 'To access repositories hosted by Phabricator over HTTP, you must '. | 'To access repositories hosted by Phabricator over HTTP, you must '. | ||||
| 'set a version control password. This password should be unique.'. | 'set a version control password. This password should be unique.'. | ||||
| "\n\n". | "\n\n". | ||||
| "This password applies to all repositories available over ". | "This password applies to all repositories available over ". | ||||
| "HTTP.")); | "HTTP.")); | ||||
| ▲ Show 20 Lines • Show All 79 Lines • ▼ Show 20 Lines | public function processRequest(AphrontRequest $request) { | ||||
| } | } | ||||
| $object_box = id(new PHUIObjectBoxView()) | $object_box = id(new PHUIObjectBoxView()) | ||||
| ->setHeaderText($title) | ->setHeaderText($title) | ||||
| ->setForm($form) | ->setForm($form) | ||||
| ->setFormErrors($errors); | ->setFormErrors($errors); | ||||
| $remove_form = id(new AphrontFormView()) | $remove_form = id(new AphrontFormView()) | ||||
| ->setUser($user); | ->setUser($viewer); | ||||
| if ($vcspassword->getID()) { | if ($vcspassword->getID()) { | ||||
| $remove_form | $remove_form | ||||
| ->addHiddenInput('remove', true) | ->addHiddenInput('remove', true) | ||||
| ->appendRemarkupInstructions( | ->appendRemarkupInstructions( | ||||
| pht( | pht( | ||||
| 'You can remove your VCS password, which will prevent your '. | 'You can remove your VCS password, which will prevent your '. | ||||
| 'account from accessing repositories.')) | 'account from accessing repositories.')) | ||||
| Show All 30 Lines | |||||