Implement an approval queue

Summary: - Add an option for the queue. - By default, enable it. - Dump new users into the queue. - Send admins an email to approve them. Test Plan: - Registered new accounts with queue on and off. - As an admin, approved accounts and disabled the queue from email. Reviewers: btrahan Reviewed By: btrahan CC: aran Differential Revision: https://secure.phabricator.com/D7576
2013-11-13 11:24:56 -08:00
parent 0fa411083f
commit c0e1a63a63
8 changed files with 101 additions and 16 deletions
--- a/src/applications/auth/controller/PhabricatorAuthRegisterController.php
+++ b/src/applications/auth/controller/PhabricatorAuthRegisterController.php
@@ -232,6 +232,19 @@ final class PhabricatorAuthRegisterController
          $user->setUsername($value_username);
          $user->setRealname($value_realname);

+          if ($is_setup) {
+            $must_approve = false;
+          } else {
+            $must_approve = PhabricatorEnv::getEnvConfig(
+              'auth.require-approval');
+          }
+
+          if ($must_approve) {
+            $user->setIsApproved(0);
+          } else {
+            $user->setIsApproved(1);
+          }
+
          $user->openTransaction();

            $editor = id(new PhabricatorUserEditor())
@@ -257,6 +270,10 @@ final class PhabricatorAuthRegisterController
            $email_obj->sendVerificationEmail($user);
          }

+          if ($must_approve) {
+            $this->sendWaitingForApprovalEmail($user);
+          }
+
          return $this->loginUser($user);
        } catch (AphrontQueryDuplicateKeyException $exception) {
          $same_username = id(new PhabricatorUser())->loadOneWhere(
@@ -506,4 +523,43 @@ final class PhabricatorAuthRegisterController
      array($message));
  }

+  private function sendWaitingForApprovalEmail(PhabricatorUser $user) {
+    $title = '[Phabricator] '.pht(
+      'New User "%s" Awaiting Approval',
+      $user->getUsername());
+
+    $body = new PhabricatorMetaMTAMailBody();
+
+    $body->addRawSection(
+      pht(
+        'Newly registered user "%s" is awaiting account approval by an '.
+        'administrator.',
+        $user->getUsername()));
+
+    $body->addTextSection(
+      pht('APPROVAL QUEUE'),
+      PhabricatorEnv::getProductionURI(
+        '/people/query/approval/'));
+
+    $body->addTextSection(
+      pht('DISABLE APPROVAL QUEUE'),
+      PhabricatorEnv::getProductionURI(
+        '/config/edit/auth.require-approval/'));
+
+    $admins = id(new PhabricatorPeopleQuery())
+      ->setViewer(PhabricatorUser::getOmnipotentUser())
+      ->withIsAdmin(true)
+      ->execute();
+
+    if (!$admins) {
+      return;
+    }
+
+    $mail = id(new PhabricatorMetaMTAMail())
+      ->addTos(mpull($admins, 'getPHID'))
+      ->setSubject($title)
+      ->setBody($body->render())
+      ->saveAndSend();
+  }
+
 }