Book a Demo!
CoCalc Logo Icon
StoreFeaturesDocsShareSupportNewsAboutPoliciesSign UpSign In
freebsd
GitHub Repository: freebsd/phabricator
 Path: blob/master/src/applications/auth/controller/config/PhabricatorAuthDisableController.php
12261 views
1
<?php

2


3
final class PhabricatorAuthDisableController

4
  extends PhabricatorAuthProviderConfigController {

5


6
  public function handleRequest(AphrontRequest $request) {

7
    $this->requireApplicationCapability(

8
      AuthManageProvidersCapability::CAPABILITY);

9


10
    $viewer = $this->getViewer();

11
    $config_id = $request->getURIData('id');

12
    $action = $request->getURIData('action');

13


14
    $config = id(new PhabricatorAuthProviderConfigQuery())

15
      ->setViewer($viewer)

16
      ->requireCapabilities(

17
        array(

18
          PhabricatorPolicyCapability::CAN_VIEW,

19
          PhabricatorPolicyCapability::CAN_EDIT,

20
        ))

21
      ->withIDs(array($config_id))

22
      ->executeOne();

23
    if (!$config) {

24
      return new Aphront404Response();

25
    }

26


27
    $is_enable = ($action === 'enable');

28
    $done_uri = $config->getURI();

29


30
    if ($request->isDialogFormPost()) {

31
      $xactions = array();

32


33
      $xactions[] = id(new PhabricatorAuthProviderConfigTransaction())

34
        ->setTransactionType(

35
          PhabricatorAuthProviderConfigTransaction::TYPE_ENABLE)

36
        ->setNewValue((int)$is_enable);

37


38
      $editor = id(new PhabricatorAuthProviderConfigEditor())

39
        ->setActor($viewer)

40
        ->setContentSourceFromRequest($request)

41
        ->setContinueOnNoEffect(true)

42
        ->applyTransactions($config, $xactions);

43


44
      return id(new AphrontRedirectResponse())->setURI($done_uri);

45
    }

46


47
    if ($is_enable) {

48
      $title = pht('Enable Provider?');

49
      if ($config->getShouldAllowRegistration()) {

50
        $body = pht(

51
          'Do you want to enable this provider? Users will be able to use '.

52
          'their existing external accounts to register new accounts and '.

53
          'log in using linked accounts.');

54
      } else {

55
        $body = pht(

56
          'Do you want to enable this provider? Users will be able to log '.

57
          'in using linked accounts.');

58
      }

59
      $button = pht('Enable Provider');

60
    } else {

61
      // TODO: We could tailor this a bit more. In particular, we could

62
      // check if this is the last provider and either prevent if from

63
      // being disabled or force the user through like 35 prompts. We could

64
      // also check if it's the last provider linked to the acting user's

65
      // account and pop a warning like "YOU WILL NO LONGER BE ABLE TO LOGIN

66
      // YOU GOOF, YOU PROBABLY DO NOT MEAN TO DO THIS". None of this is

67
      // critical and we can wait to see how users manage to shoot themselves

68
      // in the feet.

69


70
      // `bin/auth` can recover from these types of mistakes.

71


72
      $title = pht('Disable Provider?');

73
      $body = pht(

74
        'Do you want to disable this provider? Users will not be able to '.

75
        'register or log in using linked accounts. If there are any users '.

76
        'without other linked authentication mechanisms, they will no longer '.

77
        'be able to log in. If you disable all providers, no one will be '.

78
        'able to log in.');

79
      $button = pht('Disable Provider');

80
    }

81


82
    return $this->newDialog()

83
      ->setTitle($title)

84
      ->appendChild($body)

85
      ->addCancelButton($done_uri)

86
      ->addSubmitButton($button);

87
  }

88


89
}

90


91