recaptime.dev / phorge
@recaptime-dev's working patches + fork for Phorge, a community fork of Phabricator. (Upstream dev and stable branches are at upstream/main and upstream/stable respectively.) hq.recaptime.dev/wiki/Phorge
phorge phabricator
1
fork

Configure Feed

Select the types of activity you want to include in your feed.

Some formatting changes for showing auth provider config guidance

Summary:
Ref T7667. On the road to locking the auth config, also clean up some minor UI issues:

* Only show the warning about not Phacility instance auth if the user isn't a manager (see next diff).
* When rendering more than one warning in the guidance, add bullets.
* I didn't like the text in the `auth.config-lock` config setting.

Test Plan: Loaded the page, saw more reasonable-looking guidance: {F6369405}

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: Korvin

Maniphest Tasks: T7667

Differential Revision: https://secure.phabricator.com/D20400

Austin McKinley 0583f6dc e7a31832

+49 -15
+3 -3
resources/celerity/map.php
··· 9 9 'names' => array( 10 10 'conpherence.pkg.css' => '3c8a0668', 11 11 'conpherence.pkg.js' => '020aebcf', 12 - 'core.pkg.css' => '77c4f199', 12 + 'core.pkg.css' => '20f3fea5', 13 13 'core.pkg.js' => '69247edd', 14 14 'differential.pkg.css' => '8d8360fb', 15 15 'differential.pkg.js' => '67e02996', ··· 160 160 'rsrc/css/phui/phui-icon-set-selector.css' => '7aa5f3ec', 161 161 'rsrc/css/phui/phui-icon.css' => '4cbc684a', 162 162 'rsrc/css/phui/phui-image-mask.css' => '62c7f4d2', 163 - 'rsrc/css/phui/phui-info-view.css' => '37b8d9ce', 163 + 'rsrc/css/phui/phui-info-view.css' => 'a10a909b', 164 164 'rsrc/css/phui/phui-invisible-character-view.css' => 'c694c4a4', 165 165 'rsrc/css/phui/phui-left-right.css' => '68513c34', 166 166 'rsrc/css/phui/phui-lightbox.css' => '4ebf22da', ··· 842 842 'phui-icon-set-selector-css' => '7aa5f3ec', 843 843 'phui-icon-view-css' => '4cbc684a', 844 844 'phui-image-mask-css' => '62c7f4d2', 845 - 'phui-info-view-css' => '37b8d9ce', 845 + 'phui-info-view-css' => 'a10a909b', 846 846 'phui-inline-comment-view-css' => '48acce5b', 847 847 'phui-invisible-character-view-css' => 'c694c4a4', 848 848 'phui-left-right-css' => '68513c34',
+4 -2
src/applications/auth/controller/config/PhabricatorAuthListController.php
··· 13 13 $list = new PHUIObjectItemListView(); 14 14 $can_manage = $this->hasApplicationCapability( 15 15 AuthManageProvidersCapability::CAPABILITY); 16 + $is_locked = PhabricatorEnv::getEnvConfig('auth.lock-config'); 16 17 17 18 foreach ($configs as $config) { 18 19 $item = new PHUIObjectItemView(); ··· 69 70 $crumbs->addTextCrumb(pht('Login and Registration')); 70 71 $crumbs->setBorder(true); 71 72 72 - $guidance_context = new PhabricatorAuthProvidersGuidanceContext(); 73 + $guidance_context = id(new PhabricatorAuthProvidersGuidanceContext()) 74 + ->setCanManage($can_manage); 73 75 74 76 $guidance = id(new PhabricatorGuidanceEngine()) 75 77 ->setViewer($viewer) ··· 81 83 ->setButtonType(PHUIButtonView::BUTTONTYPE_SIMPLE) 82 84 ->setHref($this->getApplicationURI('config/new/')) 83 85 ->setIcon('fa-plus') 84 - ->setDisabled(!$can_manage) 86 + ->setDisabled(!$can_manage || $is_locked) 85 87 ->setText(pht('Add Provider')); 86 88 87 89 $list->setFlush(true);
+14 -1
src/applications/auth/guidance/PhabricatorAuthProvidersGuidanceContext.php
··· 1 1 <?php 2 2 3 3 final class PhabricatorAuthProvidersGuidanceContext 4 - extends PhabricatorGuidanceContext {} 4 + extends PhabricatorGuidanceContext { 5 + 6 + private $canManage = false; 7 + 8 + public function setCanManage($can_manage) { 9 + $this->canManage = $can_manage; 10 + return $this; 11 + } 12 + 13 + public function getCanManage() { 14 + return $this->canManage; 15 + } 16 + 17 + }
+19
src/applications/auth/guidance/PhabricatorAuthProvidersGuidanceEngineExtension.php
··· 92 92 ->setMessage($message); 93 93 } 94 94 95 + $locked_config_key = 'auth.lock-config'; 96 + $is_locked = PhabricatorEnv::getEnvConfig($locked_config_key); 97 + if ($is_locked) { 98 + $message = pht( 99 + 'Authentication provider configuration is locked, and can not be '. 100 + 'changed without being unlocked. See the configuration setting %s '. 101 + 'for details.', 102 + phutil_tag( 103 + 'a', 104 + array( 105 + 'href' => '/config/edit/'.$locked_config_key, 106 + ), 107 + $locked_config_key)); 108 + 109 + $results[] = $this->newWarning('auth.locked-config') 110 + ->setPriority(500) 111 + ->setMessage($message); 112 + } 113 + 95 114 return $results; 96 115 } 97 116
+7 -7
src/applications/config/option/PhabricatorAuthenticationConfigOptions.php
··· 85 85 'configuration from the CLI before it can be edited.')) 86 86 ->setDescription( 87 87 pht( 88 - 'Normally, administrators configure authentication providers only '. 89 - 'once, immediately after instance creation. To further secure '. 90 - 'your instance, you can set this configuration option to `true`, '. 91 - 'which will require an adminstrator with CLI access to run '. 92 - '`bin/auth unlock` to make any later changes to authentication '. 93 - "provider configuration.\n\nAfter changing the config, you should ". 94 - 'run `bin/auth lock` again from the CLI.')) 88 + 'When set to `true`, the authentication provider configuration '. 89 + 'for this instance can not be modified without first running '. 90 + '`bin/auth unlock` from the command line. This is to reduce '. 91 + 'the security impact of a compromised administrator account. '. 92 + "\n\n". 93 + 'After running `bin/auth unlock` and making your changes to the '. 94 + 'authentication provider config, you should run `bin/auth lock`.')) 95 95 ->setLocked(true), 96 96 $this->newOption('account.editable', 'bool', true) 97 97 ->setBoolOptions(
+2 -2
webroot/rsrc/css/phui/phui-info-view.css
··· 74 74 } 75 75 76 76 .phui-info-view-list { 77 - margin: 0; 78 - list-style: none; 77 + margin-left: 30px; 78 + list-style: disc; 79 79 line-height: 1.6em; 80 80 } 81 81