archive/phabricator
1
0
Fork 0
Code Issues 1 Pull Requests Packages Projects Releases Wiki Activity

Drive auth config with the database

Browse Source 
Summary: Ref T1536. This is the last major migration. Moves us over to the DB and drops all the config stuff.

Test Plan:
  - Ran the migration.
  - Saw all my old config brought forward and respected, with accurate settings.
  - Ran LDAP import.
  - Grepped for all removed config options.

Reviewers: btrahan, chad

Reviewed By: btrahan

CC: aran, wez

Maniphest Tasks: T1536

Differential Revision: https://secure.phabricator.com/D6243
This commit is contained in:
epriestley
2013-06-20 11:18:11 -07:00
parent d8394b2ee0
commit 3b9ccf11f2
27 changed files with 323 additions and 1216 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
src/applications/people/controller/PhabricatorPeopleController.php
View File

@@ -18,7 +18,7 @@ abstract class PhabricatorPeopleController extends PhabricatorController {
if ($viewer->getIsAdmin()) {
$nav->addLabel(pht('User Administration'));
if (PhabricatorEnv::getEnvConfig('ldap.auth-enabled') === true) {
if (PhabricatorAuthProviderLDAP::getLDAPProvider()) {
$nav->addFilter('ldap', pht('Import from LDAP'));
}

89
src/applications/people/controller/PhabricatorPeopleLdapController.php
View File

@@ -129,50 +129,65 @@ final class PhabricatorPeopleLdapController
private function processSearchRequest($request) {
$panel = new AphrontPanelView();
$admin = $request->getUser();
$username = $request->getStr('username');
$password = $request->getStr('password');
$search = $request->getStr('query');
$search = $request->getStr('query');
try {
$ldap_provider = new PhabricatorLDAPProvider();
$envelope = new PhutilOpaqueEnvelope($password);
$ldap_provider->auth($username, $envelope);
$results = $ldap_provider->search($search);
foreach ($results as $key => $result) {
$results[$key][] = $this->renderUserInputs($result);
$ldap_provider = PhabricatorAuthProviderLDAP::getLDAPProvider();
if (!$ldap_provider) {
throw new Exception("No LDAP provider enabled!");
}
$ldap_adapter = $ldap_provider->getAdapter();
$ldap_adapter->setLoginUsername($request->getStr('username'));
$ldap_adapter->setLoginPassword(
new PhutilOpaqueEnvelope($request->getStr('password')));
// This causes us to connect and bind.
// TODO: Clean up this discard mode stuff.
DarkConsoleErrorLogPluginAPI::enableDiscardMode();
$ldap_adapter->getAccountID();
DarkConsoleErrorLogPluginAPI::disableDiscardMode();
$results = $ldap_adapter->searchLDAP('%Q', $search);
foreach ($results as $key => $record) {
$account_id = $ldap_adapter->readLDAPRecordAccountID($record);
if (!$account_id) {
unset($results[$key]);
continue;
}
$form = id(new AphrontFormView())
->setUser($admin);
$table = new AphrontTableView($results);
$table->setHeaders(
array(
pht('Username'),
pht('Email'),
pht('Real Name'),
pht('Import?'),
));
$form->appendChild($table);
$form->setAction($request->getRequestURI()
->alter('import', 'true')->alter('search', null))
->appendChild(
id(new AphrontFormSubmitControl())
->setValue(pht('Import')));
$panel->appendChild($form);
} catch (Exception $ex) {
$error_view = new AphrontErrorView();
$error_view->setTitle(pht('LDAP Search Failed'));
$error_view->setErrors(array($ex->getMessage()));
return $error_view;
$info = array(
$account_id,
$ldap_adapter->readLDAPRecordEmail($record),
$ldap_adapter->readLDAPRecordRealName($record),
);
$results[$key] = $info;
$results[$key][] = $this->renderUserInputs($info);
}
return $panel;
$form = id(new AphrontFormView())
->setUser($admin);
$table = new AphrontTableView($results);
$table->setHeaders(
array(
pht('Username'),
pht('Email'),
pht('Real Name'),
pht('Import?'),
));
$form->appendChild($table);
$form->setAction($request->getRequestURI()
->alter('import', 'true')->alter('search', null))
->appendChild(
id(new AphrontFormSubmitControl())
->setValue(pht('Import')));
$panel->appendChild($form);
return $panel;
}
private function renderUserInputs($user) {