Differential D17212 Diff 41400 src/applications/auth/controller/PhabricatorAuthRegisterController.php
Changeset View
Changeset View
Standalone View
Standalone View
src/applications/auth/controller/PhabricatorAuthRegisterController.php
| Show First 20 Lines • Show All 48 Lines • ▼ Show 20 Lines | if (!$provider->shouldAllowRegistration()) { | ||||
| 'The account you are attempting to register with uses an '. | 'The account you are attempting to register with uses an '. | ||||
| 'authentication provider ("%s") which does not allow '. | 'authentication provider ("%s") which does not allow '. | ||||
| 'registration. An administrator may have recently disabled '. | 'registration. An administrator may have recently disabled '. | ||||
| 'registration with this provider.', | 'registration with this provider.', | ||||
| $provider->getProviderName())); | $provider->getProviderName())); | ||||
| } | } | ||||
| } | } | ||||
| $errors = array(); | |||||
| $user = new PhabricatorUser(); | $user = new PhabricatorUser(); | ||||
| $default_username = $account->getUsername(); | $default_username = $account->getUsername(); | ||||
| $default_realname = $account->getRealName(); | $default_realname = $account->getRealName(); | ||||
| $default_email = $account->getEmail(); | $default_email = $account->getEmail(); | ||||
| if ($invite) { | if ($invite) { | ||||
| $default_email = $invite->getEmailAddress(); | $default_email = $invite->getEmailAddress(); | ||||
| } | } | ||||
| if ($default_email !== null) { | |||||
| if (!PhabricatorUserEmail::isValidAddress($default_email)) { | if (!PhabricatorUserEmail::isValidAddress($default_email)) { | ||||
| $errors[] = pht( | |||||
| 'The email address associated with this external account ("%s") is '. | |||||
| 'not a valid email address and can not be used to register a '. | |||||
| 'Phabricator account. Choose a different, valid address.', | |||||
| phutil_tag('strong', array(), $default_email)); | |||||
| $default_email = null; | $default_email = null; | ||||
| } | } | ||||
| } | |||||
| if ($default_email !== null) { | if ($default_email !== null) { | ||||
| // We should bypass policy here becase e.g. limiting an application use | // We should bypass policy here becase e.g. limiting an application use | ||||
| // to a subset of users should not allow the others to overwrite | // to a subset of users should not allow the others to overwrite | ||||
| // configured application emails | // configured application emails. | ||||
| $application_email = id(new PhabricatorMetaMTAApplicationEmailQuery()) | $application_email = id(new PhabricatorMetaMTAApplicationEmailQuery()) | ||||
| ->setViewer(PhabricatorUser::getOmnipotentUser()) | ->setViewer(PhabricatorUser::getOmnipotentUser()) | ||||
| ->withAddresses(array($default_email)) | ->withAddresses(array($default_email)) | ||||
| ->executeOne(); | ->executeOne(); | ||||
| if ($application_email) { | if ($application_email) { | ||||
| $errors[] = pht( | |||||
| 'The email address associated with this account ("%s") is '. | |||||
| 'already in use by an application and can not be used to '. | |||||
| 'register a new Phabricator account. Choose a different, valid '. | |||||
| 'address.', | |||||
| phutil_tag('strong', array(), $default_email)); | |||||
| $default_email = null; | $default_email = null; | ||||
| } | } | ||||
| } | } | ||||
| $show_existing = null; | |||||
| if ($default_email !== null) { | if ($default_email !== null) { | ||||
| // If the account source provided an email, but it's not allowed by | // If the account source provided an email, but it's not allowed by | ||||
| // the configuration, roadblock the user. Previously, we let the user | // the configuration, roadblock the user. Previously, we let the user | ||||
| // pick a valid email address instead, but this does not align well with | // pick a valid email address instead, but this does not align well with | ||||
| // user expectation and it's not clear the cases it enables are valuable. | // user expectation and it's not clear the cases it enables are valuable. | ||||
| // See discussion in T3472. | // See discussion in T3472. | ||||
| if (!PhabricatorUserEmail::isAllowedAddress($default_email)) { | if (!PhabricatorUserEmail::isAllowedAddress($default_email)) { | ||||
| $debug_email = new PHUIInvisibleCharacterView($default_email); | $debug_email = new PHUIInvisibleCharacterView($default_email); | ||||
| return $this->renderError( | return $this->renderError( | ||||
| array( | array( | ||||
| pht( | pht( | ||||
| 'The account you are attempting to register with has an invalid '. | 'The account you are attempting to register with has an invalid '. | ||||
| 'email address (%s). This Phabricator install only allows '. | 'email address (%s). This Phabricator install only allows '. | ||||
| 'registration with specific email addresses:', | 'registration with specific email addresses:', | ||||
| $debug_email), | $debug_email), | ||||
| phutil_tag('br'), | phutil_tag('br'), | ||||
| phutil_tag('br'), | phutil_tag('br'), | ||||
| PhabricatorUserEmail::describeAllowedAddresses(), | PhabricatorUserEmail::describeAllowedAddresses(), | ||||
| )); | )); | ||||
| } | } | ||||
| // If the account source provided an email, but another account already | // If the account source provided an email, but another account already | ||||
| // has that email, just pretend we didn't get an email. | // has that email, just pretend we didn't get an email. | ||||
| // TODO: See T3472. | |||||
| if ($default_email !== null) { | if ($default_email !== null) { | ||||
| $same_email = id(new PhabricatorUserEmail())->loadOneWhere( | $same_email = id(new PhabricatorUserEmail())->loadOneWhere( | ||||
| 'address = %s', | 'address = %s', | ||||
| $default_email); | $default_email); | ||||
| if ($same_email) { | if ($same_email) { | ||||
| if ($invite) { | if ($invite) { | ||||
| // We're allowing this to continue. The fact that we loaded the | // We're allowing this to continue. The fact that we loaded the | ||||
| // invite means that the address is nonprimary and unverified and | // invite means that the address is nonprimary and unverified and | ||||
| // we're OK to steal it. | // we're OK to steal it. | ||||
| } else { | } else { | ||||
| $show_existing = $default_email; | |||||
| $default_email = null; | $default_email = null; | ||||
| } | } | ||||
| } | } | ||||
| } | } | ||||
| } | } | ||||
| if ($show_existing !== null) { | |||||
| if (!$request->getInt('phase')) { | |||||
| return $this->newDialog() | |||||
| ->setTitle(pht('Email Address Already in Use')) | |||||
| ->addHiddenInput('phase', 1) | |||||
| ->appendParagraph( | |||||
| pht( | |||||
| 'You are creating a new Phabricator account linked to an '. | |||||
| 'existing external account from outside Phabricator.')) | |||||
| ->appendParagraph( | |||||
| pht( | |||||
| 'The email address ("%s") associated with the external account '. | |||||
| 'is already in use by an existing Phabricator account. Multiple '. | |||||
| 'Phabricator accounts may not have the same email address, so '. | |||||
| 'you can not use this email address to register a new '. | |||||
| 'Phabricator account.', | |||||
| phutil_tag('strong', array(), $show_existing))) | |||||
| ->appendParagraph( | |||||
| pht( | |||||
| 'If you want to register a new account, continue with this '. | |||||
| 'registration workflow and choose a new, unique email address '. | |||||
| 'for the new account.')) | |||||
| ->appendParagraph( | |||||
| pht( | |||||
| 'If you want to link an existing Phabricator account to this '. | |||||
| 'external account, do not continue. Instead: log in to your '. | |||||
| 'existing account, then go to "Settings" and link the account '. | |||||
| 'in the "External Accounts" panel.')) | |||||
| ->appendParagraph( | |||||
| pht( | |||||
| 'If you continue, you will create a new account. You will not '. | |||||
| 'be able to link this external account to an existing account.')) | |||||
| ->addCancelButton('/auth/login/', pht('Cancel')) | |||||
| ->addSubmitButton(pht('Create New Account')); | |||||
| } else { | |||||
| $errors[] = pht( | |||||
| 'The external account you are registering with has an email address '. | |||||
| 'that is already in use ("%s") by an existing Phabricator account. '. | |||||
| 'Choose a new, valid email address to register a new Phabricator '. | |||||
| 'account.', | |||||
| phutil_tag('strong', array(), $show_existing)); | |||||
| } | |||||
| } | |||||
| $profile = id(new PhabricatorRegistrationProfile()) | $profile = id(new PhabricatorRegistrationProfile()) | ||||
| ->setDefaultUsername($default_username) | ->setDefaultUsername($default_username) | ||||
| ->setDefaultEmail($default_email) | ->setDefaultEmail($default_email) | ||||
| ->setDefaultRealName($default_realname) | ->setDefaultRealName($default_realname) | ||||
| ->setCanEditUsername(true) | ->setCanEditUsername(true) | ||||
| ->setCanEditEmail(($default_email === null)) | ->setCanEditEmail(($default_email === null)) | ||||
| ->setCanEditRealName(true) | ->setCanEditRealName(true) | ||||
| ->setShouldVerifyEmail(false); | ->setShouldVerifyEmail(false); | ||||
| Show All 27 Lines | if ($is_setup) { | ||||
| $force_verify = true; | $force_verify = true; | ||||
| } | } | ||||
| $value_username = $default_username; | $value_username = $default_username; | ||||
| $value_realname = $default_realname; | $value_realname = $default_realname; | ||||
| $value_email = $default_email; | $value_email = $default_email; | ||||
| $value_password = null; | $value_password = null; | ||||
| $errors = array(); | |||||
| $require_real_name = PhabricatorEnv::getEnvConfig('user.require-real-name'); | $require_real_name = PhabricatorEnv::getEnvConfig('user.require-real-name'); | ||||
| $e_username = strlen($value_username) ? null : true; | $e_username = strlen($value_username) ? null : true; | ||||
| $e_realname = $require_real_name ? true : null; | $e_realname = $require_real_name ? true : null; | ||||
| $e_email = strlen($value_email) ? null : true; | $e_email = strlen($value_email) ? null : true; | ||||
| $e_password = true; | $e_password = true; | ||||
| $e_captcha = true; | $e_captcha = true; | ||||
| $skip_captcha = false; | $skip_captcha = false; | ||||
| if ($invite) { | if ($invite) { | ||||
| // If the user is accepting an invite, assume they're trustworthy enough | // If the user is accepting an invite, assume they're trustworthy enough | ||||
| // that we don't need to CAPTCHA them. | // that we don't need to CAPTCHA them. | ||||
| $skip_captcha = true; | $skip_captcha = true; | ||||
| } | } | ||||
| $min_len = PhabricatorEnv::getEnvConfig('account.minimum-password-length'); | $min_len = PhabricatorEnv::getEnvConfig('account.minimum-password-length'); | ||||
| $min_len = (int)$min_len; | $min_len = (int)$min_len; | ||||
| $from_invite = $request->getStr('invite'); | $from_invite = $request->getStr('invite'); | ||||
| if ($from_invite && $can_edit_username) { | if ($from_invite && $can_edit_username) { | ||||
| $value_username = $request->getStr('username'); | $value_username = $request->getStr('username'); | ||||
| $e_username = null; | $e_username = null; | ||||
| } | } | ||||
| if (($request->isFormPost() || !$can_edit_anything) && !$from_invite) { | $try_register = | ||||
| ($request->isFormPost() || !$can_edit_anything) && | |||||
| !$from_invite && | |||||
| ($request->getInt('phase') != 1); | |||||
| if ($try_register) { | |||||
| $errors = array(); | |||||
| $unguarded = AphrontWriteGuard::beginScopedUnguardedWrites(); | $unguarded = AphrontWriteGuard::beginScopedUnguardedWrites(); | ||||
| if ($must_set_password && !$skip_captcha) { | if ($must_set_password && !$skip_captcha) { | ||||
| $e_captcha = pht('Again'); | $e_captcha = pht('Again'); | ||||
| $captcha_ok = AphrontFormRecaptchaControl::processCaptcha($request); | $captcha_ok = AphrontFormRecaptchaControl::processCaptcha($request); | ||||
| if (!$captcha_ok) { | if (!$captcha_ok) { | ||||
| $errors[] = pht('Captcha response is incorrect, try again.'); | $errors[] = pht('Captcha response is incorrect, try again.'); | ||||
| ▲ Show 20 Lines • Show All 192 Lines • ▼ Show 20 Lines | if ($try_register) { | ||||
| } | } | ||||
| } | } | ||||
| } | } | ||||
| unset($unguarded); | unset($unguarded); | ||||
| } | } | ||||
| $form = id(new AphrontFormView()) | $form = id(new AphrontFormView()) | ||||
| ->setUser($request->getUser()); | ->setUser($request->getUser()) | ||||
| ->addHiddenInput('phase', 2); | |||||
| if (!$is_default) { | if (!$is_default) { | ||||
| $form->appendChild( | $form->appendChild( | ||||
| id(new AphrontFormMarkupControl()) | id(new AphrontFormMarkupControl()) | ||||
| ->setLabel(pht('External Account')) | ->setLabel(pht('External Account')) | ||||
| ->setValue( | ->setValue( | ||||
| id(new PhabricatorAuthAccountView()) | id(new PhabricatorAuthAccountView()) | ||||
| ->setUser($request->getUser()) | ->setUser($request->getUser()) | ||||
| ▲ Show 20 Lines • Show All 244 Lines • Show Last 20 Lines | |||||