Differential D20111 Diff 48127 src/applications/auth/controller/PhabricatorAuthRegisterController.php
Changeset View
Changeset View
Standalone View
Standalone View
src/applications/auth/controller/PhabricatorAuthRegisterController.php
Show All 15 Lines | public function handleRequest(AphrontRequest $request) { | ||||
} | } | ||||
$is_setup = false; | $is_setup = false; | ||||
if (strlen($account_key)) { | if (strlen($account_key)) { | ||||
$result = $this->loadAccountForRegistrationOrLinking($account_key); | $result = $this->loadAccountForRegistrationOrLinking($account_key); | ||||
list($account, $provider, $response) = $result; | list($account, $provider, $response) = $result; | ||||
$is_default = false; | $is_default = false; | ||||
} else if ($this->isFirstTimeSetup()) { | } else if ($this->isFirstTimeSetup()) { | ||||
list($account, $provider, $response) = $this->loadSetupAccount(); | $account = null; | ||||
$provider = null; | |||||
$response = null; | |||||
$is_default = true; | $is_default = true; | ||||
$is_setup = true; | $is_setup = true; | ||||
} else { | } else { | ||||
list($account, $provider, $response) = $this->loadDefaultAccount(); | list($account, $provider, $response) = $this->loadDefaultAccount(); | ||||
$is_default = true; | $is_default = true; | ||||
} | } | ||||
if ($response) { | if ($response) { | ||||
return $response; | return $response; | ||||
} | } | ||||
$invite = $this->loadInvite(); | $invite = $this->loadInvite(); | ||||
if (!$is_setup) { | |||||
if (!$provider->shouldAllowRegistration()) { | if (!$provider->shouldAllowRegistration()) { | ||||
if ($invite) { | if ($invite) { | ||||
// If the user has an invite, we allow them to register with any | // If the user has an invite, we allow them to register with any | ||||
// provider, even a login-only provider. | // provider, even a login-only provider. | ||||
} else { | } else { | ||||
// TODO: This is a routine error if you click "Login" on an external | // TODO: This is a routine error if you click "Login" on an external | ||||
// auth source which doesn't allow registration. The error should be | // auth source which doesn't allow registration. The error should be | ||||
// more tailored. | // more tailored. | ||||
return $this->renderError( | return $this->renderError( | ||||
pht( | pht( | ||||
'The account you are attempting to register with uses an '. | 'The account you are attempting to register with uses an '. | ||||
'authentication provider ("%s") which does not allow '. | 'authentication provider ("%s") which does not allow '. | ||||
'registration. An administrator may have recently disabled '. | 'registration. An administrator may have recently disabled '. | ||||
'registration with this provider.', | 'registration with this provider.', | ||||
$provider->getProviderName())); | $provider->getProviderName())); | ||||
} | } | ||||
} | } | ||||
} | |||||
$errors = array(); | $errors = array(); | ||||
$user = new PhabricatorUser(); | $user = new PhabricatorUser(); | ||||
if ($is_setup) { | |||||
$default_username = null; | |||||
$default_realname = null; | |||||
$default_email = null; | |||||
} else { | |||||
$default_username = $account->getUsername(); | $default_username = $account->getUsername(); | ||||
$default_realname = $account->getRealName(); | $default_realname = $account->getRealName(); | ||||
$default_email = $account->getEmail(); | |||||
} | |||||
$account_type = PhabricatorAuthPassword::PASSWORD_TYPE_ACCOUNT; | $account_type = PhabricatorAuthPassword::PASSWORD_TYPE_ACCOUNT; | ||||
$content_source = PhabricatorContentSource::newFromRequest($request); | $content_source = PhabricatorContentSource::newFromRequest($request); | ||||
$default_email = $account->getEmail(); | |||||
if ($invite) { | if ($invite) { | ||||
$default_email = $invite->getEmailAddress(); | $default_email = $invite->getEmailAddress(); | ||||
} | } | ||||
if ($default_email !== null) { | if ($default_email !== null) { | ||||
if (!PhabricatorUserEmail::isValidAddress($default_email)) { | if (!PhabricatorUserEmail::isValidAddress($default_email)) { | ||||
$errors[] = pht( | $errors[] = pht( | ||||
'The email address associated with this external account ("%s") is '. | 'The email address associated with this external account ("%s") is '. | ||||
▲ Show 20 Lines • Show All 130 Lines • ▼ Show 20 Lines | public function handleRequest(AphrontRequest $request) { | ||||
$default_username = $profile->getDefaultUsername(); | $default_username = $profile->getDefaultUsername(); | ||||
$default_email = $profile->getDefaultEmail(); | $default_email = $profile->getDefaultEmail(); | ||||
$default_realname = $profile->getDefaultRealName(); | $default_realname = $profile->getDefaultRealName(); | ||||
$can_edit_username = $profile->getCanEditUsername(); | $can_edit_username = $profile->getCanEditUsername(); | ||||
$can_edit_email = $profile->getCanEditEmail(); | $can_edit_email = $profile->getCanEditEmail(); | ||||
$can_edit_realname = $profile->getCanEditRealName(); | $can_edit_realname = $profile->getCanEditRealName(); | ||||
if ($is_setup) { | |||||
$must_set_password = false; | |||||
} else { | |||||
$must_set_password = $provider->shouldRequireRegistrationPassword(); | $must_set_password = $provider->shouldRequireRegistrationPassword(); | ||||
} | |||||
$can_edit_anything = $profile->getCanEditAnything() || $must_set_password; | $can_edit_anything = $profile->getCanEditAnything() || $must_set_password; | ||||
$force_verify = $profile->getShouldVerifyEmail(); | $force_verify = $profile->getShouldVerifyEmail(); | ||||
// Automatically verify the administrator's email address during first-time | // Automatically verify the administrator's email address during first-time | ||||
// setup. | // setup. | ||||
if ($is_setup) { | if ($is_setup) { | ||||
$force_verify = true; | $force_verify = true; | ||||
▲ Show 20 Lines • Show All 105 Lines • ▼ Show 20 Lines | if ($try_register) { | ||||
$e_realname = pht('Required'); | $e_realname = pht('Required'); | ||||
$errors[] = pht('Real name is required.'); | $errors[] = pht('Real name is required.'); | ||||
} else { | } else { | ||||
$e_realname = null; | $e_realname = null; | ||||
} | } | ||||
} | } | ||||
if (!$errors) { | if (!$errors) { | ||||
if (!$is_setup) { | |||||
$image = $this->loadProfilePicture($account); | $image = $this->loadProfilePicture($account); | ||||
if ($image) { | if ($image) { | ||||
$user->setProfileImagePHID($image->getPHID()); | $user->setProfileImagePHID($image->getPHID()); | ||||
} | } | ||||
} | |||||
try { | try { | ||||
$verify_email = false; | $verify_email = false; | ||||
if ($force_verify) { | if ($force_verify) { | ||||
$verify_email = true; | $verify_email = true; | ||||
} | } | ||||
if (!$is_setup) { | |||||
if ($value_email === $default_email) { | if ($value_email === $default_email) { | ||||
if ($account->getEmailVerified()) { | if ($account->getEmailVerified()) { | ||||
$verify_email = true; | $verify_email = true; | ||||
} | } | ||||
if ($provider->shouldTrustEmails()) { | if ($provider->shouldTrustEmails()) { | ||||
$verify_email = true; | $verify_email = true; | ||||
} | } | ||||
if ($invite) { | if ($invite) { | ||||
$verify_email = true; | $verify_email = true; | ||||
} | } | ||||
} | } | ||||
} | |||||
$email_obj = null; | $email_obj = null; | ||||
if ($invite) { | if ($invite) { | ||||
// If we have a valid invite, this email may exist but be | // If we have a valid invite, this email may exist but be | ||||
// nonprimary and unverified, so we'll reassign it. | // nonprimary and unverified, so we'll reassign it. | ||||
$email_obj = id(new PhabricatorUserEmail())->loadOneWhere( | $email_obj = id(new PhabricatorUserEmail())->loadOneWhere( | ||||
'address = %s', | 'address = %s', | ||||
$value_email); | $value_email); | ||||
▲ Show 20 Lines • Show All 63 Lines • ▼ Show 20 Lines | if ($try_register) { | ||||
->setActor($actor) | ->setActor($actor) | ||||
->setActingAsPHID($people_application_phid) | ->setActingAsPHID($people_application_phid) | ||||
->setContentSource($content_source) | ->setContentSource($content_source) | ||||
->setContinueOnMissingFields(true); | ->setContinueOnMissingFields(true); | ||||
$transaction_editor->applyTransactions($user, $xactions); | $transaction_editor->applyTransactions($user, $xactions); | ||||
} | } | ||||
if (!$is_setup) { | |||||
$account->setUserPHID($user->getPHID()); | $account->setUserPHID($user->getPHID()); | ||||
$provider->willRegisterAccount($account); | $provider->willRegisterAccount($account); | ||||
$account->save(); | $account->save(); | ||||
} | |||||
$user->saveTransaction(); | $user->saveTransaction(); | ||||
if (!$email_obj->getIsVerified()) { | if (!$email_obj->getIsVerified()) { | ||||
$email_obj->sendVerificationEmail($user); | $email_obj->sendVerificationEmail($user); | ||||
} | } | ||||
if ($must_approve) { | if ($must_approve) { | ||||
▲ Show 20 Lines • Show All 44 Lines • ▼ Show 20 Lines | if (!$is_default) { | ||||
->setLabel(pht('External Account')) | ->setLabel(pht('External Account')) | ||||
->setValue( | ->setValue( | ||||
id(new PhabricatorAuthAccountView()) | id(new PhabricatorAuthAccountView()) | ||||
->setUser($request->getUser()) | ->setUser($request->getUser()) | ||||
->setExternalAccount($account) | ->setExternalAccount($account) | ||||
->setAuthProvider($provider))); | ->setAuthProvider($provider))); | ||||
} | } | ||||
if ($can_edit_username) { | if ($can_edit_username) { | ||||
$form->appendChild( | $form->appendChild( | ||||
id(new AphrontFormTextControl()) | id(new AphrontFormTextControl()) | ||||
->setLabel(pht('Username')) | ->setLabel(pht('Username')) | ||||
->setName('username') | ->setName('username') | ||||
->setValue($value_username) | ->setValue($value_username) | ||||
->setError($e_username)); | ->setError($e_username)); | ||||
} else { | } else { | ||||
▲ Show 20 Lines • Show All 77 Lines • ▼ Show 20 Lines | public function handleRequest(AphrontRequest $request) { | ||||
if ($is_setup) { | if ($is_setup) { | ||||
$welcome_view = id(new PHUIInfoView()) | $welcome_view = id(new PHUIInfoView()) | ||||
->setSeverity(PHUIInfoView::SEVERITY_NOTICE) | ->setSeverity(PHUIInfoView::SEVERITY_NOTICE) | ||||
->setTitle(pht('Welcome to Phabricator')) | ->setTitle(pht('Welcome to Phabricator')) | ||||
->appendChild( | ->appendChild( | ||||
pht( | pht( | ||||
'Installation is complete. Register your administrator account '. | 'Installation is complete. Register your administrator account '. | ||||
'below to log in. You will be able to configure options and add '. | 'below to log in. You will be able to configure options and add '. | ||||
'other authentication mechanisms (like LDAP or OAuth) later on.')); | 'authentication mechanisms later on.')); | ||||
} | } | ||||
$object_box = id(new PHUIObjectBoxView()) | $object_box = id(new PHUIObjectBoxView()) | ||||
->setForm($form) | ->setForm($form) | ||||
->setFormErrors($errors); | ->setFormErrors($errors); | ||||
$invite_header = null; | $invite_header = null; | ||||
if ($invite) { | if ($invite) { | ||||
$invite_header = $this->renderInviteHeader($invite); | $invite_header = $this->renderInviteHeader($invite); | ||||
} | } | ||||
$header = id(new PHUIHeaderView()) | $header = id(new PHUIHeaderView()) | ||||
->setHeader($title); | ->setHeader($title); | ||||
$view = id(new PHUITwoColumnView()) | $view = id(new PHUITwoColumnView()) | ||||
->setHeader($header) | ->setHeader($header) | ||||
->setFooter(array( | ->setFooter( | ||||
array( | |||||
$welcome_view, | $welcome_view, | ||||
$invite_header, | $invite_header, | ||||
$object_box, | $object_box, | ||||
)); | )); | ||||
return $this->newPage() | return $this->newPage() | ||||
->setTitle($title) | ->setTitle($title) | ||||
->setCrumbs($crumbs) | ->setCrumbs($crumbs) | ||||
->appendChild($view); | ->appendChild($view); | ||||
} | } | ||||
private function loadDefaultAccount() { | private function loadDefaultAccount() { | ||||
Show All 24 Lines | private function loadDefaultAccount() { | ||||
} | } | ||||
$provider = head($providers); | $provider = head($providers); | ||||
$account = $provider->getDefaultExternalAccount(); | $account = $provider->getDefaultExternalAccount(); | ||||
return array($account, $provider, $response); | return array($account, $provider, $response); | ||||
} | } | ||||
private function loadSetupAccount() { | |||||
$provider = new PhabricatorPasswordAuthProvider(); | |||||
$provider->attachProviderConfig( | |||||
id(new PhabricatorAuthProviderConfig()) | |||||
->setShouldAllowRegistration(1) | |||||
->setShouldAllowLogin(1) | |||||
->setIsEnabled(true)); | |||||
$account = $provider->getDefaultExternalAccount(); | |||||
$response = null; | |||||
return array($account, $provider, $response); | |||||
} | |||||
private function loadProfilePicture(PhabricatorExternalAccount $account) { | private function loadProfilePicture(PhabricatorExternalAccount $account) { | ||||
$phid = $account->getProfileImagePHID(); | $phid = $account->getProfileImagePHID(); | ||||
if (!$phid) { | if (!$phid) { | ||||
return null; | return null; | ||||
} | } | ||||
// NOTE: Use of omnipotent user is okay here because the registering user | // NOTE: Use of omnipotent user is okay here because the registering user | ||||
// can not control the field value, and we can't use their user object to | // can not control the field value, and we can't use their user object to | ||||
▲ Show 20 Lines • Show All 63 Lines • Show Last 20 Lines |