Differential D20008 Diff 47808 src/applications/auth/controller/PhabricatorAuthNeedsMultiFactorController.php
Changeset View
Changeset View
Standalone View
Standalone View
src/applications/auth/controller/PhabricatorAuthNeedsMultiFactorController.php
| Show All 24 Lines | public function handleRequest(AphrontRequest $request) { | ||||
| $viewer = $this->getViewer(); | $viewer = $this->getViewer(); | ||||
| if ($viewer->getIsDisabled()) { | if ($viewer->getIsDisabled()) { | ||||
| // We allowed unapproved and disabled users to hit this controller, but | // We allowed unapproved and disabled users to hit this controller, but | ||||
| // want to kick out disabled users now. | // want to kick out disabled users now. | ||||
| return new Aphront400Response(); | return new Aphront400Response(); | ||||
| } | } | ||||
| $panel = id(new PhabricatorMultiFactorSettingsPanel()) | $panels = $this->loadPanels(); | ||||
| ->setUser($viewer) | |||||
| ->setViewer($viewer) | $multifactor_key = id(new PhabricatorMultiFactorSettingsPanel()) | ||||
| ->setOverrideURI($this->getApplicationURI('/multifactor/')) | ->getPanelKey(); | ||||
| ->processRequest($request); | |||||
| $panel_key = $request->getURIData('pageKey'); | |||||
| if (!strlen($panel_key)) { | |||||
| $panel_key = $multifactor_key; | |||||
| } | |||||
| if ($panel instanceof AphrontResponse) { | if (!isset($panels[$panel_key])) { | ||||
| return $panel; | return new Aphront404Response(); | ||||
| } | } | ||||
| $crumbs = $this->buildApplicationCrumbs(); | $nav = $this->newNavigation(); | ||||
| $crumbs->addTextCrumb(pht('Add Multi-Factor Auth')); | $nav->selectFilter($panel_key); | ||||
| $panel = $panels[$panel_key]; | |||||
| $viewer->updateMultiFactorEnrollment(); | $viewer->updateMultiFactorEnrollment(); | ||||
| if (!$viewer->getIsEnrolledInMultiFactor()) { | if ($panel_key === $multifactor_key) { | ||||
| $help = id(new PHUIInfoView()) | $header_text = pht('Add Multi-Factor Auth'); | ||||
| ->setTitle(pht('Add Multi-Factor Authentication To Your Account')) | $help = $this->newGuidance(); | ||||
| ->setSeverity(PHUIInfoView::SEVERITY_WARNING) | $panel->setIsEnrollment(true); | ||||
| ->setErrors( | |||||
| array( | |||||
| pht( | |||||
| 'Before you can use Phabricator, you need to add multi-factor '. | |||||
| 'authentication to your account.'), | |||||
| pht( | |||||
| 'Multi-factor authentication helps secure your account by '. | |||||
| 'making it more difficult for attackers to gain access or '. | |||||
| 'take sensitive actions.'), | |||||
| pht( | |||||
| 'To learn more about multi-factor authentication, click the '. | |||||
| '%s button below.', | |||||
| phutil_tag('strong', array(), pht('Help'))), | |||||
| pht( | |||||
| 'To add an authentication factor, click the %s button below.', | |||||
| phutil_tag('strong', array(), pht('Add Authentication Factor'))), | |||||
| pht( | |||||
| 'To continue, add at least one authentication factor to your '. | |||||
| 'account.'), | |||||
| )); | |||||
| } else { | } else { | ||||
| $help = id(new PHUIInfoView()) | $header_text = $panel->getPanelName(); | ||||
| ->setTitle(pht('Multi-Factor Authentication Configured')) | $help = null; | ||||
| ->setSeverity(PHUIInfoView::SEVERITY_NOTICE) | |||||
| ->setErrors( | |||||
| array( | |||||
| pht( | |||||
| 'You have successfully configured multi-factor authentication '. | |||||
| 'for your account.'), | |||||
| pht( | |||||
| 'You can make adjustments from the Settings panel later.'), | |||||
| pht( | |||||
| 'When you are ready, %s.', | |||||
| phutil_tag( | |||||
| 'strong', | |||||
| array(), | |||||
| phutil_tag( | |||||
| 'a', | |||||
| array( | |||||
| 'href' => '/', | |||||
| ), | |||||
| pht('continue to Phabricator')))), | |||||
| )); | |||||
| } | } | ||||
| $view = array( | $response = $panel | ||||
| ->setController($this) | |||||
| ->setNavigation($nav) | |||||
| ->processRequest($request); | |||||
| if (($response instanceof AphrontResponse) || | |||||
| ($response instanceof AphrontResponseProducerInterface)) { | |||||
| return $response; | |||||
| } | |||||
| $crumbs = $this->buildApplicationCrumbs() | |||||
| ->addTextCrumb(pht('Add Multi-Factor Auth')) | |||||
| ->setBorder(true); | |||||
| $header = id(new PHUIHeaderView()) | |||||
| ->setHeader($header_text); | |||||
| $view = id(new PHUITwoColumnView()) | |||||
| ->setHeader($header) | |||||
| ->setFooter( | |||||
| array( | |||||
| $help, | $help, | ||||
| $panel, | $response, | ||||
| ); | )); | ||||
| return $this->newPage() | return $this->newPage() | ||||
| ->setTitle(pht('Add Multi-Factor Authentication')) | ->setTitle(pht('Add Multi-Factor Authentication')) | ||||
| ->setCrumbs($crumbs) | ->setCrumbs($crumbs) | ||||
| ->setNavigation($nav) | |||||
| ->appendChild($view); | ->appendChild($view); | ||||
| } | } | ||||
| private function loadPanels() { | |||||
| $viewer = $this->getViewer(); | |||||
| $preferences = PhabricatorUserPreferences::loadUserPreferences($viewer); | |||||
| $panels = PhabricatorSettingsPanel::getAllDisplayPanels(); | |||||
| $base_uri = $this->newEnrollBaseURI(); | |||||
| $result = array(); | |||||
| foreach ($panels as $key => $panel) { | |||||
| $panel | |||||
| ->setPreferences($preferences) | |||||
| ->setViewer($viewer) | |||||
| ->setUser($viewer) | |||||
| ->setOverrideURI(urisprintf('%s%s/', $base_uri, $key)); | |||||
| if (!$panel->isEnabled()) { | |||||
| continue; | |||||
| } | |||||
| if (!$panel->isUserPanel()) { | |||||
| continue; | |||||
| } | |||||
| if (!$panel->isMultiFactorEnrollmentPanel()) { | |||||
| continue; | |||||
| } | |||||
| if (!empty($result[$key])) { | |||||
| throw new Exception(pht( | |||||
| "Two settings panels share the same panel key ('%s'): %s, %s.", | |||||
| $key, | |||||
| get_class($panel), | |||||
| get_class($result[$key]))); | |||||
| } | |||||
| $result[$key] = $panel; | |||||
| } | |||||
| return $result; | |||||
| } | |||||
| private function newNavigation() { | |||||
| $viewer = $this->getViewer(); | |||||
| $enroll_uri = $this->newEnrollBaseURI(); | |||||
| $nav = id(new AphrontSideNavFilterView()) | |||||
| ->setBaseURI(new PhutilURI($enroll_uri)); | |||||
| $multifactor_key = id(new PhabricatorMultiFactorSettingsPanel()) | |||||
| ->getPanelKey(); | |||||
| $nav->addFilter( | |||||
| $multifactor_key, | |||||
| pht('Enroll in MFA'), | |||||
| null, | |||||
| 'fa-exclamation-triangle blue'); | |||||
| $panels = $this->loadPanels(); | |||||
| if ($panels) { | |||||
| $nav->addLabel(pht('Settings')); | |||||
| } | |||||
| foreach ($panels as $panel_key => $panel) { | |||||
| if ($panel_key === $multifactor_key) { | |||||
| continue; | |||||
| } | |||||
| $nav->addFilter( | |||||
| $panel->getPanelKey(), | |||||
| $panel->getPanelName(), | |||||
| null, | |||||
| $panel->getPanelMenuIcon()); | |||||
| } | |||||
| return $nav; | |||||
| } | |||||
| private function newEnrollBaseURI() { | |||||
| return $this->getApplicationURI('enroll/'); | |||||
| } | |||||
| private function newGuidance() { | |||||
| $viewer = $this->getViewer(); | |||||
| if ($viewer->getIsEnrolledInMultiFactor()) { | |||||
| $guidance = pht( | |||||
| '{icon check, color="green"} **Setup Complete!**'. | |||||
| "\n\n". | |||||
| 'You have successfully configured multi-factor authentication '. | |||||
| 'for your account.'. | |||||
| "\n\n". | |||||
| 'You can make adjustments from the [[ /settings/ | Settings ]] panel '. | |||||
| 'later.'); | |||||
| return $this->newDialog() | |||||
| ->setTitle(pht('Multi-Factor Authentication Setup Complete')) | |||||
| ->setWidth(AphrontDialogView::WIDTH_FULL) | |||||
| ->appendChild(new PHUIRemarkupView($viewer, $guidance)) | |||||
| ->addCancelButton('/', pht('Continue')); | |||||
| } | |||||
| $messages = array(); | |||||
| $messages[] = pht( | |||||
| 'Before you can use Phabricator, you need to add multi-factor '. | |||||
| 'authentication to your account. Multi-factor authentication helps '. | |||||
| 'secure your account by making it more difficult for attackers to '. | |||||
| 'gain access or take sensitive actions.'); | |||||
| $view = id(new PHUIInfoView()) | |||||
| ->setTitle(pht('Add Multi-Factor Authentication To Your Account')) | |||||
| ->setSeverity(PHUIInfoView::SEVERITY_WARNING) | |||||
| ->setErrors($messages); | |||||
| return $view; | |||||
| } | |||||
| } | } | ||||