+1

bin/auth

··· 1 1 + ../scripts/setup/manage_auth.php

+22

scripts/setup/manage_auth.php

··· 1 1 + #!/usr/bin/env php 2 2 + <?php 3 3 + 4 4 + $root = dirname(dirname(dirname(__FILE__))); 5 5 + require_once $root.'/scripts/__init_script__.php'; 6 6 + 7 7 + $args = new PhutilArgumentParser($argv); 8 8 + $args->setTagline('manage authentication'); 9 9 + $args->setSynopsis(<<<EOSYNOPSIS 10 10 + **auth** __command__ [__options__] 11 11 + Manage Phabricator authentication configuration. 12 12 + 13 13 + EOSYNOPSIS 14 14 + ); 15 15 + $args->parseStandardArguments(); 16 16 + 17 17 + $workflows = array( 18 18 + new PhabricatorAuthManagementListWorkflow(), 19 19 + new PhutilHelpArgumentWorkflow(), 20 20 + ); 21 21 + 22 22 + $args->parseWorkflows($workflows);

+4

src/__phutil_library_map__.php

··· 823 823 'PhabricatorAuthLinkController' => 'applications/auth/controller/PhabricatorAuthLinkController.php', 824 824 'PhabricatorAuthListController' => 'applications/auth/controller/config/PhabricatorAuthListController.php', 825 825 'PhabricatorAuthLoginController' => 'applications/auth/controller/PhabricatorAuthLoginController.php', 826 826 + 'PhabricatorAuthManagementRecoverWorkflow' => 'applications/auth/management/PhabricatorAuthManagementRecoverWorkflow.php', 827 827 + 'PhabricatorAuthManagementWorkflow' => 'applications/auth/management/PhabricatorAuthManagementWorkflow.php', 826 828 'PhabricatorAuthNewController' => 'applications/auth/controller/config/PhabricatorAuthNewController.php', 827 829 'PhabricatorAuthProvider' => 'applications/auth/provider/PhabricatorAuthProvider.php', 828 830 'PhabricatorAuthProviderConfig' => 'applications/auth/storage/PhabricatorAuthProviderConfig.php', ··· 2704 2706 1 => 'PhabricatorApplicationSearchResultsControllerInterface', 2705 2707 ), 2706 2708 'PhabricatorAuthLoginController' => 'PhabricatorAuthController', 2709 2709 + 'PhabricatorAuthManagementRecoverWorkflow' => 'PhabricatorAuthManagementWorkflow', 2710 2710 + 'PhabricatorAuthManagementWorkflow' => 'PhutilArgumentWorkflow', 2707 2711 'PhabricatorAuthNewController' => 'PhabricatorAuthProviderConfigController', 2708 2712 'PhabricatorAuthProviderConfig' => 2709 2713 array(

+4 -1

src/applications/auth/controller/PhabricatorAuthStartController.php

··· 47 47 return $this->renderError( 48 48 pht( 49 49 "This Phabricator install is not configured with any enabled ". 50 50 - "authentication providers which can be used to log in.")); 50 50 + "authentication providers which can be used to log in. If you ". 51 51 + "have accidentally locked yourself out by disabling all providers, ". 52 52 + "you can use `phabricator/bin/auth recover <username>` to ". 53 53 + "recover access to an administrative account.")); 51 54 } 52 55 53 56 $next_uri = $request->getStr('next');

+89

src/applications/auth/management/PhabricatorAuthManagementRecoverWorkflow.php

··· 1 1 + <?php 2 2 + 3 3 + final class PhabricatorAuthManagementRecoverWorkflow 4 4 + extends PhabricatorAuthManagementWorkflow { 5 5 + 6 6 + protected function didConstruct() { 7 7 + $this 8 8 + ->setName('recover') 9 9 + ->setExamples('**recover** __username__') 10 10 + ->setSynopsis( 11 11 + 'Recover access to an administrative account if you have locked '. 12 12 + 'yourself out of Phabricator.') 13 13 + ->setArguments( 14 14 + array( 15 15 + 'username' => array( 16 16 + 'name' => 'username', 17 17 + 'wildcard' => true, 18 18 + ), 19 19 + )); 20 20 + } 21 21 + 22 22 + public function execute(PhutilArgumentParser $args) { 23 23 + 24 24 + $can_recover = id(new PhabricatorPeopleQuery()) 25 25 + ->setViewer(PhabricatorUser::getOmnipotentUser()) 26 26 + ->withIsAdmin(true) 27 27 + ->execute(); 28 28 + if (!$can_recover) { 29 29 + throw new PhutilArgumentUsageException( 30 30 + pht( 31 31 + 'This Phabricator installation has no recoverable administrator '. 32 32 + 'accounts. You can use `bin/accountadmin` to create a new '. 33 33 + 'administrator account or make an existing user an administrator.')); 34 34 + } 35 35 + $can_recover = mpull($can_recover, 'getUsername'); 36 36 + sort($can_recover); 37 37 + $can_recover = implode(', ', $can_recover); 38 38 + 39 39 + $usernames = $args->getArg('username'); 40 40 + if (!$usernames) { 41 41 + throw new PhutilArgumentUsageException( 42 42 + pht('You must specify the username of the account to recover.')); 43 43 + } else if (count($usernames) > 1) { 44 44 + throw new PhutilArgumentUsageException( 45 45 + pht('You can only recover the username for one account.')); 46 46 + } 47 47 + 48 48 + $username = head($usernames); 49 49 + 50 50 + $user = id(new PhabricatorPeopleQuery()) 51 51 + ->setViewer(PhabricatorUser::getOmnipotentUser()) 52 52 + ->withUsernames(array($username)) 53 53 + ->executeOne(); 54 54 + 55 55 + if (!$user) { 56 56 + throw new PhutilArgumentUsageException( 57 57 + pht( 58 58 + 'No such user "%s". Recoverable administrator accounts are: %s.', 59 59 + $username, 60 60 + $can_recover)); 61 61 + } 62 62 + 63 63 + if (!$user->getIsAdmin()) { 64 64 + throw new PhutilArgumentUsageException( 65 65 + pht( 66 66 + 'You can only recover administrator accounts, but %s is not an '. 67 67 + 'administrator. Recoverable administrator accounts are: %s.', 68 68 + $username, 69 69 + $can_recover)); 70 70 + } 71 71 + 72 72 + $console = PhutilConsole::getConsole(); 73 73 + $console->writeOut( 74 74 + pht( 75 75 + 'Use this link to recover access to the "%s" account:', 76 76 + $username)); 77 77 + $console->writeOut("\n\n"); 78 78 + $console->writeOut(" %s", $user->getEmailLoginURI()); 79 79 + $console->writeOut("\n\n"); 80 80 + $console->writeOut( 81 81 + pht( 82 82 + 'After logging in, you can use the "Auth" application to add or '. 83 83 + 'restore authentication providers and allow normal logins to '. 84 84 + 'succeed.')."\n"); 85 85 + 86 86 + return 0; 87 87 + } 88 88 + 89 89 + }

+10

src/applications/auth/management/PhabricatorAuthManagementWorkflow.php

··· 1 1 + <?php 2 2 + 3 3 + abstract class PhabricatorAuthManagementWorkflow 4 4 + extends PhutilArgumentWorkflow { 5 5 + 6 6 + final public function isExecutable() { 7 7 + return true; 8 8 + } 9 9 + 10 10 + }