Page Menu
Home
c4science
Search
Configure Global Search
Log In
Files
F93699896
PhabricatorAuthProviderShibboleth.php
No One
Temporary
Actions
Download File
Edit File
Delete File
View Transforms
Subscribe
Mute Notifications
Award Token
Subscribers
None
File Metadata
Details
File Info
Storage
Attached
Created
Sat, Nov 30, 19:52
Size
25 KB
Mime Type
text/x-php
Expires
Mon, Dec 2, 19:52 (2 d)
Engine
blob
Format
Raw Data
Handle
22690700
Attached To
rPH Phabricator
PhabricatorAuthProviderShibboleth.php
View Options
<?php
final
class
PhabricatorAuthProviderShibboleth
extends
PhabricatorAuthProvider
{
private
$adapter
;
public
function
getProviderName
()
{
return
pht
(
'Switch AAI for Swiss Univercities'
);
}
public
function
getDescriptionForCreate
()
{
return
pht
(
'Configure a trust relationship for Shibboleth (Single Sign On) '
.
'authenticated users to automatically log in to Phabricator.'
);
}
public
function
getLoginOrder
(){
return
'1-shibboleth'
;
}
public
function
getDefaultProviderConfig
()
{
return
parent
::
getDefaultProviderConfig
();
}
public
function
getAdapter
()
{
if
(!
$this
->
adapter
)
{
$conf
=
$this
->
getProviderConfig
();
$adapter
=
id
(
new
PhutilAuthAdapterShibboleth
())
->
setShibSessionIdField
(
$conf
->
getProperty
(
self
::
KEY_SHIB_SESSION_ID_FIELD
))
->
setShibApplicationIdField
(
$conf
->
getProperty
(
self
::
KEY_SHIB_APPLICATION_ID_FIELD
))
->
setUseridField
(
$conf
->
getProperty
(
self
::
KEY_USERID_FIELD
))
->
setUsernameField
(
$conf
->
getProperty
(
self
::
KEY_USERNAME_FIELD
))
->
setRealnameField
(
$conf
->
getProperty
(
self
::
KEY_REALNAME_FIELD
))
->
setFirstnameField
(
$conf
->
getProperty
(
self
::
KEY_FIRSTNAME_FIELD
))
->
setLastnameField
(
$conf
->
getProperty
(
self
::
KEY_LASTNAME_FIELD
))
->
setEmailField
(
$conf
->
getProperty
(
self
::
KEY_EMAIL_FIELD
))
->
setPageURIPattern
(
$conf
->
getProperty
(
self
::
KEY_PAGE_URI_PATTERN
))
->
setImageURIPattern
(
$conf
->
getProperty
(
self
::
KEY_IMAGE_URI_PATTERN
))
->
setAddUserToProject
(
$conf
->
getProperty
(
self
::
KEY_ADD_USER_TO_PROJECT
))
->
setUserProject
(
$conf
->
getProperty
(
self
::
KEY_USER_PROJECT
))
->
setIsGeneratedUsername
(
$conf
->
getProperty
(
self
::
KEY_USERNAME_FROM_REALNAME
))
->
setOrgField
(
$conf
->
getProperty
(
self
::
KEY_ORG_FIELD
))
->
setOrgCustomField
(
$conf
->
getProperty
(
self
::
KEY_ORG_CUSTOM_FIELD
))
->
setOrgTypeField
(
$conf
->
getProperty
(
self
::
KEY_ORG_TYPE_FIELD
));
$this
->
adapter
=
$adapter
;
}
return
$this
->
adapter
;
}
protected
function
renderLoginForm
(
AphrontRequest
$request
,
$mode
)
{
$viewer
=
$request
->
getUser
();
$dialog
=
id
(
new
AphrontDialogView
())
->
setSubmitURI
(
$this
->
getLoginURI
())
->
setUser
(
$viewer
)
->
setTitle
(
pht
(
'Login for Swiss Universities'
))
->
addSubmitButton
(
pht
(
'Login or Register'
));
$remarkup
=
new
PHUIRemarkupView
(
$viewer
,
pht
(
<<<EOCONTENT
Login using Switch AAI, if you have an account in a Swiss University.
(WARNING) Permission to create Repositories, Projects and Wiki pages.
EOCONTENT
));
$frame
=
id
(
new
PHUIBoxView
())
->
addPadding
(
PHUI
::
PADDING_LARGE
)
->
appendChild
(
$remarkup
);
$dialog
->
appendChild
(
$frame
);
$static_response
=
CelerityAPI
::
getStaticResourceResponse
();
$static_response
->
addContentSecurityPolicyURI
(
'form-action'
,
'https://wayf.switch.ch'
);
$static_response
->
addContentSecurityPolicyURI
(
'form-action'
,
'https://aai-login.balgrist.ch'
);
$static_response
->
addContentSecurityPolicyURI
(
'form-action'
,
'https://aai-logon.bfh.ch'
);
$static_response
->
addContentSecurityPolicyURI
(
'form-action'
,
'https://aai-login.careum.ch'
);
$static_response
->
addContentSecurityPolicyURI
(
'form-action'
,
'https://idp.chuv.ch'
);
$static_response
->
addContentSecurityPolicyURI
(
'form-action'
,
'https://aai.eawag.ch'
);
$static_response
->
addContentSecurityPolicyURI
(
'form-action'
,
'https://eduid.ch'
);
$static_response
->
addContentSecurityPolicyURI
(
'form-action'
,
'https://aai-login.ehb-schweiz.ch'
);
$static_response
->
addContentSecurityPolicyURI
(
'form-action'
,
'https://aai-login.ehsm.ch'
);
$static_response
->
addContentSecurityPolicyURI
(
'form-action'
,
'https://aai.empa.ch'
);
$static_response
->
addContentSecurityPolicyURI
(
'form-action'
,
'https://idp.epfl.ch'
);
$static_response
->
addContentSecurityPolicyURI
(
'form-action'
,
'https://aai-logon.ethz.ch'
);
$static_response
->
addContentSecurityPolicyURI
(
'form-action'
,
'https://aai-login.euresearch.ch'
);
$static_response
->
addContentSecurityPolicyURI
(
'form-action'
,
'https://idp.fernuni.ch'
);
$static_response
->
addContentSecurityPolicyURI
(
'form-action'
,
'https://idp.ffhs.ch'
);
$static_response
->
addContentSecurityPolicyURI
(
'form-action'
,
'https://aai-logon.fh-hwz.ch'
);
$static_response
->
addContentSecurityPolicyURI
(
'form-action'
,
'https://aai-login.fhgr.ch'
);
$static_response
->
addContentSecurityPolicyURI
(
'form-action'
,
'https://aai-logon.fhnw.ch'
);
$static_response
->
addContentSecurityPolicyURI
(
'form-action'
,
'http://adfs3.fmi.ch'
);
$static_response
->
addContentSecurityPolicyURI
(
'form-action'
,
'https://idp.graduateinstitute.ch'
);
$static_response
->
addContentSecurityPolicyURI
(
'form-action'
,
'https://aai.hcuge.ch'
);
$static_response
->
addContentSecurityPolicyURI
(
'form-action'
,
'https://aai-login.hep-bejune.ch'
);
$static_response
->
addContentSecurityPolicyURI
(
'form-action'
,
'https://aai-loginhep.edufr.ch'
);
$static_response
->
addContentSecurityPolicyURI
(
'form-action'
,
'https://aai-login.hepl.ch'
);
$static_response
->
addContentSecurityPolicyURI
(
'form-action'
,
'https://aai-logon.hepvs.ch'
);
$static_response
->
addContentSecurityPolicyURI
(
'form-action'
,
'https://aai-logon.hes-so.ch'
);
$static_response
->
addContentSecurityPolicyURI
(
'form-action'
,
'https://aai-login.hfh.ch'
);
$static_response
->
addContentSecurityPolicyURI
(
'form-action'
,
'https://aai.hftm.ch'
);
$static_response
->
addContentSecurityPolicyURI
(
'form-action'
,
'https://idp.hslu.ch'
);
$static_response
->
addContentSecurityPolicyURI
(
'form-action'
,
'https://aai-login.hsr.ch'
);
$static_response
->
addContentSecurityPolicyURI
(
'form-action'
,
'https://aai.idiap.ch'
);
$static_response
->
addContentSecurityPolicyURI
(
'form-action'
,
'https://aai.insel.ch'
);
$static_response
->
addContentSecurityPolicyURI
(
'form-action'
,
'https://login-idp.libraries.ch'
);
$static_response
->
addContentSecurityPolicyURI
(
'form-action'
,
'https://aai.ntb.ch'
);
$static_response
->
addContentSecurityPolicyURI
(
'form-action'
,
'https://aai-logon.ost.ch'
);
$static_response
->
addContentSecurityPolicyURI
(
'form-action'
,
'https://aai-login.ph-gr.ch'
);
$static_response
->
addContentSecurityPolicyURI
(
'form-action'
,
'https://aai-login.phbern.ch'
);
$static_response
->
addContentSecurityPolicyURI
(
'form-action'
,
'https://idp.phlu.ch'
);
$static_response
->
addContentSecurityPolicyURI
(
'form-action'
,
'https://aai-login.phsg.ch'
);
$static_response
->
addContentSecurityPolicyURI
(
'form-action'
,
'https://idp.phsz.ch'
);
$static_response
->
addContentSecurityPolicyURI
(
'form-action'
,
'https://aai-logon.phtg.ch'
);
$static_response
->
addContentSecurityPolicyURI
(
'form-action'
,
'https://aai.phzg.ch'
);
$static_response
->
addContentSecurityPolicyURI
(
'form-action'
,
'https://aai01.phzh.ch'
);
$static_response
->
addContentSecurityPolicyURI
(
'form-action'
,
'https://aai-login.pmodwrc.ch'
);
$static_response
->
addContentSecurityPolicyURI
(
'form-action'
,
'https://aai-logon.psi.ch'
);
$static_response
->
addContentSecurityPolicyURI
(
'form-action'
,
'https://aai-logon.slsp.ch'
);
$static_response
->
addContentSecurityPolicyURI
(
'form-action'
,
'https://aai-login.snf.ch'
);
$static_response
->
addContentSecurityPolicyURI
(
'form-action'
,
'https://login2.supsi.ch'
);
$static_response
->
addContentSecurityPolicyURI
(
'form-action'
,
'https://aai-login.swissuniversities.ch'
);
$static_response
->
addContentSecurityPolicyURI
(
'form-action'
,
'https://aai-logon.switch.ch'
);
$static_response
->
addContentSecurityPolicyURI
(
'form-action'
,
'https://login.teologialugano.ch'
);
$static_response
->
addContentSecurityPolicyURI
(
'form-action'
,
'https://aai-logon.uni.li'
);
$static_response
->
addContentSecurityPolicyURI
(
'form-action'
,
'https://aai-logon.unibas.ch'
);
$static_response
->
addContentSecurityPolicyURI
(
'form-action'
,
'https://aai-idp.unibe.ch'
);
$static_response
->
addContentSecurityPolicyURI
(
'form-action'
,
'https://aai.unifr.ch'
);
$static_response
->
addContentSecurityPolicyURI
(
'form-action'
,
'https://idp.unige.ch'
);
$static_response
->
addContentSecurityPolicyURI
(
'form-action'
,
'https://aai.unil.ch'
);
$static_response
->
addContentSecurityPolicyURI
(
'form-action'
,
'https://aai-logon.unilu.ch'
);
$static_response
->
addContentSecurityPolicyURI
(
'form-action'
,
'https://aai-login.unine.ch'
);
$static_response
->
addContentSecurityPolicyURI
(
'form-action'
,
'https://aai.unisg.ch'
);
$static_response
->
addContentSecurityPolicyURI
(
'form-action'
,
'https://login2.usi.ch'
);
$static_response
->
addContentSecurityPolicyURI
(
'form-action'
,
'https://aai-logon.unispital.ch'
);
$static_response
->
addContentSecurityPolicyURI
(
'form-action'
,
'https://aai-idp.uzh.ch'
);
$static_response
->
addContentSecurityPolicyURI
(
'form-action'
,
'https://aai-logon.vho-switchaai.ch'
);
$static_response
->
addContentSecurityPolicyURI
(
'form-action'
,
'https://aai-logon.wsl.ch'
);
$static_response
->
addContentSecurityPolicyURI
(
'form-action'
,
'https://aai.zhaw.ch'
);
$static_response
->
addContentSecurityPolicyURI
(
'form-action'
,
'https://aai-logon.zhbluzern.ch'
);
$static_response
->
addContentSecurityPolicyURI
(
'form-action'
,
'https://aai-logon.zhdk.ch'
);
$static_response
->
addContentSecurityPolicyURI
(
'form-action'
,
'https://cern.ch'
);
$static_response
->
addContentSecurityPolicyURI
(
'form-action'
,
'http://www.w3.org'
);
return
$dialog
;
}
public
function
isLoginFormAButton
()
{
return
false
;
}
private
function
populateAdapter
()
{
$adapter
=
$this
->
getAdapter
();
$env
=
array
();
$env_names
=
$adapter
->
getEnvNames
();
foreach
(
$env_names
as
$h
)
{
if
(
array_key_exists
(
$h
,
$_SERVER
))
{
$env
[
$h
]
=
$_SERVER
[
$h
];
}
}
return
$adapter
->
setUserDataFromRequest
(
$env
);
}
public
function
processLoginRequest
(
PhabricatorAuthLoginController
$controller
)
{
$adapter
=
$this
->
getAdapter
();
$request
=
$controller
->
getRequest
();
$response
=
null
;
$account
=
null
;
if
(!
$this
->
populateAdapter
())
{
$response
=
$controller
->
buildProviderPageResponse
(
$this
,
id
(
new
PHUIInfoView
())
->
setErrors
(
array
(
pht
(
'Invalid Shibboleth session.'
)))
->
addButton
(
id
(
new
PHUIButtonView
())
->
setTag
(
'a'
)
->
setText
(
pht
(
'Return to home'
))
->
setHref
(
'/'
)
)
);
return
array
(
$account
,
$response
);
}
$account_id
=
$adapter
->
getAccountID
();
return
array
(
$this
->
loadOrCreateAccount_custom
(
$account_id
,
$request
),
$response
);
}
private
function
updateOrganization
(
$userPHID
,
$adapter
)
{
$unguarded
=
AphrontWriteGuard
::
beginScopedUnguardedWrites
();
if
(
$adapter
==
null
){
$adapter
=
$this
->
getAdapter
();
}
if
(
strlen
(
$adapter
->
getOrg
())
&&
strlen
(
$adapter
->
getOrgType
())
&&
strlen
(
$adapter
->
getOrgCustom
())
)
{
$user
=
id
(
new
PhabricatorUser
())
->
loadOneWhere
(
'phid = %s'
,
$userPHID
);
$admin
=
id
(
new
PhabricatorUser
())
->
loadOneWhere
(
'username = %s'
,
'admin'
);
$field_list
=
PhabricatorCustomField
::
getObjectFields
(
$user
,
PhabricatorCustomField
::
ROLE_VIEW
);
$field_list
->
readFieldsFromStorage
(
$user
);
$orgvalue
=
null
;
foreach
(
$field_list
->
getFields
()
as
$field
){
try
{
if
(
$field
->
getFieldKey
()==
'std:user:'
.
$adapter
->
getOrgCustom
()){
$orgvalue
=
$field
->
getValueForStorage
();
break
;
}
}
catch
(
Exception
$e
)
{
}
}
// Create projects for organization
$org
=
$adapter
->
getOrg
();
$proj
=
id
(
new
PhabricatorProjectQuery
())
->
setViewer
(
$user
)
->
withNames
(
array
(
$org
))
->
executeOne
();
// Create the project
if
(!
$proj
)
{
$proj
=
PhabricatorProject
::
initializeNewProject
(
$user
)
->
setViewPolicy
(
'users'
)
->
setEditPolicy
(
PhabricatorPolicies
::
POLICY_ADMIN
);
$xactions
=
array
();
$xactions
[]
=
id
(
new
PhabricatorProjectTransaction
())
->
setMetadataValue
(
'c4s:hide'
,
true
)
->
setTransactionType
(
PhabricatorProjectNameTransaction
::
TRANSACTIONTYPE
)
->
setNewValue
(
$org
);
$xactions
[]
=
id
(
new
PhabricatorProjectTransaction
())
->
setMetadataValue
(
'c4s:hide'
,
true
)
->
setTransactionType
(
PhabricatorProjectIconTransaction
::
TRANSACTIONTYPE
)
->
setNewValue
(
'organization'
);
$xactions
[]
=
id
(
new
PhabricatorProjectTransaction
())
->
setMetadataValue
(
'c4s:hide'
,
true
)
->
setTransactionType
(
PhabricatorProjectStatusTransaction
::
TRANSACTIONTYPE
)
->
setNewValue
(
PhabricatorProjectStatus
::
STATUS_ACTIVE
);
$editor
=
id
(
new
PhabricatorProjectTransactionEditor
())
->
setActor
(
$admin
)
->
setContinueOnNoEffect
(
true
)
->
setContentSource
(
PhabricatorContentSource
::
newForSource
(
'web'
))
->
applyTransactions
(
$proj
,
$xactions
);
}
// Add the user to the project
$xactions
=
array
();
$type_member
=
PhabricatorProjectProjectHasMemberEdgeType
::
EDGECONST
;
$xactions
[]
=
id
(
new
PhabricatorProjectTransaction
())
->
setTransactionType
(
PhabricatorTransactions
::
TYPE_EDGE
)
->
setMetadataValue
(
'edge:type'
,
$type_member
)
->
setMetadataValue
(
'c4s:hide'
,
true
)
->
setNewValue
(
array
(
'+'
=>
array
(
$userPHID
=>
$userPHID
)));
$editor
=
id
(
new
PhabricatorProjectTransactionEditor
())
->
setActor
(
$admin
)
->
setContentSource
(
PhabricatorContentSource
::
newForSource
(
'web'
))
->
setContinueOnNoEffect
(
true
)
->
setContinueOnMissingFields
(
true
)
->
applyTransactions
(
$proj
,
$xactions
);
// Add organization to custom field in user profile
if
(
empty
(
$orgvalue
))
{
$xactions
=
array
();
$xactions
[]
=
id
(
new
PhabricatorUserTransaction
())
->
setTransactionType
(
PhabricatorTransactions
::
TYPE_CUSTOMFIELD
)
->
setMetadataValue
(
'customfield:key'
,
'std:user:'
.
$adapter
->
getOrgCustom
())
->
setOldValue
(
''
)
->
setNewValue
(
$adapter
->
getOrg
()
.
' ('
.
$adapter
->
getOrgType
()
.
')'
);
$xactions
[]
=
id
(
new
PhabricatorUserTransaction
())
->
setTransactionType
(
PhabricatorTransactions
::
TYPE_CUSTOMFIELD
)
->
setMetadataValue
(
'customfield:key'
,
'user:title'
)
->
setOldValue
(
''
)
->
setNewValue
(
' '
);
$xactions
[]
=
id
(
new
PhabricatorUserTransaction
())
->
setTransactionType
(
PhabricatorTransactions
::
TYPE_CUSTOMFIELD
)
->
setMetadataValue
(
'customfield:key'
,
'user:blurb'
)
->
setOldValue
(
''
)
->
setNewValue
(
' '
);
id
(
new
PhabricatorUserTransactionEditor
())
->
setActor
(
$user
)
->
setContentSource
(
PhabricatorContentSource
::
newForSource
(
'console'
))
->
setContinueOnNoEffect
(
true
)
->
applyTransactions
(
$user
,
$xactions
);
}
}
unset
(
$unguarded
);
}
private
function
updateProjects
(
$userPHID
,
$adapter
)
{
$unguarded
=
AphrontWriteGuard
::
beginScopedUnguardedWrites
();
if
(
$adapter
==
null
){
$adapter
=
$this
->
getAdapter
();
}
$projects
=
$adapter
->
getUserProject
();
if
(
count
(
$projects
))
{
$admin
=
id
(
new
PhabricatorUser
())
->
loadOneWhere
(
'username = %s'
,
'admin'
);
$user_projects
=
id
(
new
PhabricatorProjectQuery
())
->
setViewer
(
$admin
)
->
withMemberPHIDs
(
array
(
$userPHID
))
->
withPHIDs
(
$projects
)
->
execute
();
$check_proj
=
array
();
foreach
(
$user_projects
as
$r
){
$check_proj
[]
=
$r
->
getPHID
();
}
$results
=
id
(
new
PhabricatorProjectQuery
())
->
setViewer
(
$admin
)
->
withPHIDs
(
$projects
)
->
execute
();
// Add user to project
foreach
(
$results
as
$project
)
{
if
(
in_array
(
$project
->
getPHID
(),
$check_proj
)){
continue
;
}
$edge_type
=
PhabricatorProjectProjectHasMemberEdgeType
::
EDGECONST
;
$xactions
=
array
();
$xactions
[]
=
id
(
new
PhabricatorProjectTransaction
())
->
setTransactionType
(
PhabricatorTransactions
::
TYPE_EDGE
)
->
setMetadataValue
(
'edge:type'
,
$edge_type
)
->
setMetadataValue
(
'c4s:hide'
,
true
)
->
setNewValue
(
array
(
'+'
=>
array
(
$userPHID
=>
$userPHID
)));
$editor
=
id
(
new
PhabricatorProjectTransactionEditor
())
->
setActor
(
$admin
)
->
setContentSource
(
PhabricatorContentSource
::
newForSource
(
'web'
))
->
setContinueOnNoEffect
(
true
)
->
applyTransactions
(
$project
,
$xactions
);
}
}
unset
(
$unguarded
);
}
protected
function
loadOrCreateAccount_custom
(
$account_id
,
$request
)
{
$account
=
parent
::
loadOrCreateAccount
(
$account_id
);
$adapter
=
$this
->
getAdapter
();
if
(!
$adapter
)
{
return
$account
;
}
if
(!
$account
->
getUserPHID
()){
if
(
$account
instanceof
PhabricatorExternalAccount
&&
$request
->
getViewer
()->
getPHID
())
{
$this
->
updateProjects
(
$request
->
getViewer
()->
getPHID
(),
$adapter
);
}
// User account not yet created
return
$account
;
}
$this
->
updateOrganization
(
$account
->
getUserPHID
(),
$adapter
);
$this
->
updateProjects
(
$account
->
getUserPHID
(),
$adapter
);
return
$account
;
}
public
function
willRegisterAccount
(
PhabricatorExternalAccount
$account
)
{
parent
::
willRegisterAccount
(
$account
);
//$this->updateOrganization($account); // no shib env variables here :/
$this
->
updateProjects
(
$account
->
getUserPHID
(),
null
);
}
const
KEY_SHIB_SESSION_ID_FIELD
=
'shibboleth:session_id_field'
;
const
KEY_SHIB_APPLICATION_ID_FIELD
=
'shibboleth:application_id_field'
;
const
KEY_USERID_FIELD
=
'shibboleth:userid_field'
;
const
KEY_USERNAME_FIELD
=
'shibboleth:username_field'
;
const
KEY_REALNAME_FIELD
=
'shibboleth:realname_field'
;
const
KEY_FIRSTNAME_FIELD
=
'shibboleth:firstname_field'
;
const
KEY_LASTNAME_FIELD
=
'shibboleth:lastname_field'
;
const
KEY_EMAIL_FIELD
=
'shibboleth:email_field'
;
const
KEY_ORG_FIELD
=
'shibboleth:org'
;
const
KEY_ORG_TYPE_FIELD
=
'shibboleth:org_type'
;
const
KEY_ORG_CUSTOM_FIELD
=
'shibboleth:org_custom'
;
const
KEY_PAGE_URI_PATTERN
=
'shibboleth:page_uri_pattern'
;
const
KEY_IMAGE_URI_PATTERN
=
'shibboleth:image_uri_pattern'
;
const
KEY_USERNAME_FROM_REALNAME
=
'shibboleth:username_from_realname'
;
const
KEY_ADD_USER_TO_PROJECT
=
'shibboleth:add_user_to_project'
;
const
KEY_USER_PROJECT
=
'shibboleth:user_project'
;
private
function
getPropertyKeys
()
{
return
array
(
self
::
KEY_SHIB_SESSION_ID_FIELD
,
self
::
KEY_SHIB_APPLICATION_ID_FIELD
,
self
::
KEY_USERID_FIELD
,
self
::
KEY_USERNAME_FIELD
,
self
::
KEY_REALNAME_FIELD
,
self
::
KEY_FIRSTNAME_FIELD
,
self
::
KEY_LASTNAME_FIELD
,
self
::
KEY_EMAIL_FIELD
,
self
::
KEY_ORG_FIELD
,
self
::
KEY_ORG_CUSTOM_FIELD
,
self
::
KEY_ORG_TYPE_FIELD
,
self
::
KEY_PAGE_URI_PATTERN
,
self
::
KEY_IMAGE_URI_PATTERN
,
self
::
KEY_USERNAME_FROM_REALNAME
,
self
::
KEY_ADD_USER_TO_PROJECT
,
self
::
KEY_USER_PROJECT
);
}
private
function
getPropertyLabels
()
{
return
array
(
self
::
KEY_SHIB_SESSION_ID_FIELD
=>
pht
(
'Session ID'
),
self
::
KEY_SHIB_APPLICATION_ID_FIELD
=>
pht
(
'Application ID'
),
self
::
KEY_USERID_FIELD
=>
pht
(
'User ID'
),
self
::
KEY_USERNAME_FIELD
=>
pht
(
'Username'
),
self
::
KEY_REALNAME_FIELD
=>
pht
(
'Real name'
),
self
::
KEY_FIRSTNAME_FIELD
=>
pht
(
'Firstname'
),
self
::
KEY_LASTNAME_FIELD
=>
pht
(
'Lastname'
),
self
::
KEY_EMAIL_FIELD
=>
pht
(
'User emailname'
),
self
::
KEY_ORG_FIELD
=>
pht
(
'Organization'
),
self
::
KEY_ORG_CUSTOM_FIELD
=>
pht
(
'Organization custom field'
),
self
::
KEY_ORG_TYPE_FIELD
=>
pht
(
'Organization type'
),
self
::
KEY_PAGE_URI_PATTERN
=>
pht
(
'User page URI pattern'
),
self
::
KEY_IMAGE_URI_PATTERN
=>
pht
(
'User image URI pattern'
),
);
}
public
function
readFormValuesFromProvider
()
{
$properties
=
array
();
foreach
(
$this
->
getPropertyKeys
()
as
$key
)
{
$properties
[
$key
]
=
$this
->
getProviderConfig
()->
getProperty
(
$key
);
}
return
$properties
;
}
public
function
readFormValuesFromRequest
(
AphrontRequest
$request
)
{
$values
=
array
();
foreach
(
$this
->
getPropertyKeys
()
as
$key
)
{
if
(
$key
==
self
::
KEY_USER_PROJECT
)
{
$values
[
$key
]
=
$request
->
getArr
(
$key
);
}
else
{
$values
[
$key
]
=
$request
->
getStr
(
$key
);
}
}
return
$values
;
}
public
function
processEditForm
(
AphrontRequest
$request
,
array
$values
)
{
$errors
=
array
();
$issues
=
array
();
return
array
(
$errors
,
$issues
,
$values
);
}
public
function
extendEditForm
(
AphrontRequest
$request
,
AphrontFormView
$form
,
array
$values
,
array
$issues
)
{
$labels
=
$this
->
getPropertyLabels
();
$captions
=
array
(
self
::
KEY_SHIB_SESSION_ID_FIELD
=>
pht
(
'Shibboleth Session ID, e.g.: Shib-Session-ID'
),
self
::
KEY_SHIB_APPLICATION_ID_FIELD
=>
pht
(
'Shibboleth application id, e.g.: Shib-Application-ID'
),
self
::
KEY_USERID_FIELD
=>
pht
(
'Unique user id for internal Phabricator use. e.g.: uniqueID'
),
self
::
KEY_USERNAME_FIELD
=>
pht
(
'Visible username, can be left empty if you choose to autogenerate it. e.g.: username'
),
self
::
KEY_REALNAME_FIELD
=>
pht
(
'Visible in the user profile. e.g.: displayName'
),
self
::
KEY_FIRSTNAME_FIELD
=>
pht
(
'Use this only when you autogenerate username. e.g.: givenName'
),
self
::
KEY_LASTNAME_FIELD
=>
pht
(
'Use this only when you autogenerate username. e.g.: surname'
),
self
::
KEY_EMAIL_FIELD
=>
pht
(
'Unique email address. e.g.: email'
),
self
::
KEY_ORG_FIELD
=>
pht
(
'Organization name. e.g.: homeOrganization'
),
self
::
KEY_ORG_CUSTOM_FIELD
=>
pht
(
'Organization name custom field in Phabricator. e.g.: mycompany:org'
),
self
::
KEY_ORG_TYPE_FIELD
=>
pht
(
'Organization type. e.g.: homeOrganizationType'
),
self
::
KEY_PAGE_URI_PATTERN
=>
pht
(
'URI pattern to a user pag. Add %%s for replacement with the username'
),
self
::
KEY_IMAGE_URI_PATTERN
=>
pht
(
'URI pattern to an image for the user. Add %%s for replacement with the username'
),
self
::
KEY_USER_PROJECT
=>
pht
(
'Project ID to add the user to. e.g.: PHID-PROJ-itwdg3fgxutsrdnqjklb'
),
);
// Text fields
foreach
(
$labels
as
$key
=>
$label
)
{
$caption
=
idx
(
$captions
,
$key
);
$value
=
idx
(
$values
,
$key
);
$control
=
null
;
$control
=
id
(
new
AphrontFormTextControl
())
->
setName
(
$key
)
->
setLabel
(
$label
)
->
setCaption
(
$caption
)
->
setValue
(
$value
);
$form
->
appendChild
(
$control
);
}
// Add to project
$form
->
appendChild
(
id
(
new
AphrontFormCheckboxControl
())
->
addCheckbox
(
self
::
KEY_ADD_USER_TO_PROJECT
,
1
,
hsprintf
(
'<strong>%s:</strong> %s'
,
"Add to default Project"
,
"Automatically add the new user to a default project"
),
idx
(
$values
,
self
::
KEY_ADD_USER_TO_PROJECT
))
);
$projects
=
idx
(
$values
,
self
::
KEY_USER_PROJECT
,
array
());
$viewer
=
$request
->
getViewer
();
$form
->
appendChild
(
id
(
new
AphrontFormTokenizerControl
())
->
setLabel
(
pht
(
'Projects'
))
->
setName
(
self
::
KEY_USER_PROJECT
)
->
setValue
(
$projects
)
->
setUser
(
$viewer
)
//->setDisabled(!idx($values, self::KEY_ADD_USER_TO_PROJECT))
->
setDatasource
(
new
PhabricatorProjectDatasource
())
);
// Generate username
$form
->
appendChild
(
id
(
new
AphrontFormCheckboxControl
())
->
addCheckbox
(
self
::
KEY_USERNAME_FROM_REALNAME
,
1
,
hsprintf
(
'<strong>%s:</strong> %s'
,
"Generated username"
,
"Create a unique username from the surname and firstname which complies with Phabricator policies."
),
idx
(
$values
,
self
::
KEY_USERNAME_FROM_REALNAME
))
);
}
public
function
renderConfigPropertyTransactionTitle
(
PhabricatorAuthProviderConfigTransaction
$xaction
)
{
$author_phid
=
$xaction
->
getAuthorPHID
();
$old
=
$xaction
->
getOldValue
();
$new
=
$xaction
->
getNewValue
();
$key
=
$xaction
->
getMetadataValue
(
PhabricatorAuthProviderConfigTransaction
::
PROPERTY_KEY
);
$labels
=
$this
->
getPropertyLabels
();
if
(
isset
(
$labels
[
$key
]))
{
$label
=
$labels
[
$key
];
if
(!
strlen
(
$old
))
{
return
pht
(
'%s set the "%s" value to "%s".'
,
$xaction
->
renderHandleLink
(
$author_phid
),
$label
,
$new
);
}
else
{
return
pht
(
'%s changed the "%s" value from "%s" to "%s".'
,
$xaction
->
renderHandleLink
(
$author_phid
),
$label
,
$old
,
$new
);
}
}
return
parent
::
renderConfigPropertyTransactionTitle
(
$xaction
);
}
public
static
function
getShibbolethProvider
()
{
$providers
=
self
::
getAllEnabledProviders
();
foreach
(
$providers
as
$provider
)
{
if
(
$provider
instanceof
PhabricatorAuthProviderShibboleth
)
{
return
$provider
;
}
}
return
null
;
}
}
Event Timeline
Log In to Comment