src/applications/auth/storage/PhabricatorAuthInvite.php at upstream/main

@recaptime-dev's working patches + fork for Phorge, a community fork of Phabricator. (Upstream dev and stable branches are at upstream/main and upstream/stable respectively.) hq.recaptime.dev/wiki/Phorge

phorge phabricator

fork atom

phorge / src / applications / auth / storage / PhabricatorAuthInvite.php

at upstream/main 117 lines 3.0 kB view raw

wrap content

epriestley Send emails for email invites 11y ago

6f90fbde

  1<?php
  2
  3final class PhabricatorAuthInvite
  4  extends PhabricatorUserDAO
  5  implements PhabricatorPolicyInterface {
  6
  7  protected $authorPHID;
  8  protected $emailAddress;
  9  protected $verificationHash;
 10  protected $acceptedByPHID;
 11
 12  private $verificationCode;
 13  private $viewerHasVerificationCode;
 14
 15  protected function getConfiguration() {
 16    return array(
 17      self::CONFIG_AUX_PHID => true,
 18      self::CONFIG_COLUMN_SCHEMA => array(
 19        'emailAddress' => 'sort128',
 20        'verificationHash' => 'bytes12',
 21        'acceptedByPHID' => 'phid?',
 22      ),
 23      self::CONFIG_KEY_SCHEMA => array(
 24        'key_address' => array(
 25          'columns' => array('emailAddress'),
 26          'unique' => true,
 27        ),
 28        'key_code' => array(
 29          'columns' => array('verificationHash'),
 30          'unique' => true,
 31        ),
 32      ),
 33    ) + parent::getConfiguration();
 34  }
 35
 36  public function generatePHID() {
 37    return PhabricatorPHID::generateNewPHID(
 38      PhabricatorAuthInvitePHIDType::TYPECONST);
 39  }
 40
 41  public function regenerateVerificationCode() {
 42    $this->verificationCode = Filesystem::readRandomCharacters(16);
 43    $this->verificationHash = null;
 44    return $this;
 45  }
 46
 47  public function getVerificationCode() {
 48    if (!$this->verificationCode) {
 49      if ($this->verificationHash) {
 50        throw new Exception(
 51          pht(
 52            'Verification code can not be regenerated after an invite is '.
 53            'created.'));
 54      }
 55      $this->regenerateVerificationCode();
 56    }
 57    return $this->verificationCode;
 58  }
 59
 60  public function save() {
 61    if (!$this->getVerificationHash()) {
 62      $hash = PhabricatorHash::digestForIndex($this->getVerificationCode());
 63      $this->setVerificationHash($hash);
 64    }
 65
 66    return parent::save();
 67  }
 68
 69  public function setViewerHasVerificationCode($loaded) {
 70    $this->viewerHasVerificationCode = $loaded;
 71    return $this;
 72  }
 73
 74
 75/* -(  PhabricatorPolicyInterface  )----------------------------------------- */
 76
 77
 78  public function getCapabilities() {
 79    return array(
 80      PhabricatorPolicyCapability::CAN_VIEW,
 81    );
 82  }
 83
 84  public function getPolicy($capability) {
 85    switch ($capability) {
 86      case PhabricatorPolicyCapability::CAN_VIEW:
 87        return PhabricatorPolicies::POLICY_ADMIN;
 88    }
 89  }
 90
 91  public function hasAutomaticCapability($capability, PhabricatorUser $viewer) {
 92    if ($this->viewerHasVerificationCode) {
 93      return true;
 94    }
 95
 96    if ($viewer->getPHID()) {
 97      if ($viewer->getPHID() == $this->getAuthorPHID()) {
 98        // You can see invites you sent.
 99        return true;
100      }
101
102      if ($viewer->getPHID() == $this->getAcceptedByPHID()) {
103        // You can see invites you have accepted.
104        return true;
105      }
106    }
107
108    return false;
109  }
110
111  public function describeAutomaticCapability($capability) {
112    return pht(
113      'Invites are visible to administrators, the inviting user, users with '.
114      'an invite code, and the user who accepts the invite.');
115  }
116
117}