Page MenuHomestyx hydra
Files F208684

No OneTemporary
Actions

View Options

diff --git a/src/applications/config/option/PhabricatorAuthenticationConfigOptions.php b/src/applications/config/option/PhabricatorAuthenticationConfigOptions.php
index 8034f82a37..84742e9fbe 100644
--- a/src/applications/config/option/PhabricatorAuthenticationConfigOptions.php
+++ b/src/applications/config/option/PhabricatorAuthenticationConfigOptions.php
@@ -1,120 +1,123 @@
<?php
final class PhabricatorAuthenticationConfigOptions
extends PhabricatorApplicationConfigOptions {
public function getName() {
return pht("Authentication");
}
public function getDescription() {
return pht("Options relating to authentication.");
}
public function getOptions() {
return array(
$this->newOption(
'auth.password-auth-enabled', 'bool', true)
->setOptions(
array(
pht("Allow password authentication"),
- pht("Don't allow password authentication")))
+ pht("Don't allow password authentication")
+ ))
->setSummary(pht("Enables password-based authentication."))
->setDescription(
pht(
"Can users login with a username/password, or by following the ".
"link from a password reset email? You can disable this and ".
"configure one or more OAuth providers instead.")),
$this->newOption('auth.sessions.web', 'int', 5)
->setSummary(
pht("Number of web sessions a user can have simultaneously."))
->setDescription(
pht(
"Maximum number of simultaneous web sessions each user is ".
"permitted to have. Setting this to '1' will prevent a user from ".
"logging in on more than one browser at the same time.")),
$this->newOption('auth.sessions.conduit', 'int', 5)
->setSummary(
pht(
"Number of simultaneous Conduit sessions each user is permitted."))
->setDescription(
pht(
"Maximum number of simultaneous Conduit sessions each user is ".
"permitted to have.")),
$this->newOption('auth.sshkeys.enabled', 'bool', false)
->setOptions(
array(
pht("Enable SSH key storage"),
pht("Disable SSH key storage")))
->setSummary(
pht("Allow users to associate SSH keys with their accounts."))
->setDescription(
pht(
"Set this true to enable the Settings -> SSH Public Keys panel, ".
"which will allow users to associated SSH public keys with their ".
"accounts. This is only really useful if you're setting up ".
"services over SSH and want to use Phabricator for ".
"authentication; in most situations you can leave this ".
"disabled.")),
$this->newOption('auth.require-email-verification', 'bool', false)
->setOptions(
array(
pht("Require email verification"),
- pht("Don't require email verification")))
+ pht("Don't require email verification")
+ ))
->setSummary(
pht("Require email verification before a user can log in."))
->setDescription(
pht(
"If true, email addresses must be verified (by clicking a link ".
"in an email) before a user can login. By default, verification ".
"is optional unless 'auth.email-domains' is nonempty.")),
$this->newOption('auth.email-domains', 'list<string>', array())
->setSummary(pht("Only allow registration from particular domains."))
->setDescription(
pht(
"You can restrict allowed email addresses to certain domains ".
"(like 'yourcompany.com') by setting a list of allowed domains ".
"here. Users will only be allowed to register using email ".
"addresses at one of the domains, and will only be able to add ".
"new email addresses for these domains. If you configure this, ".
"it implies 'auth.require-email-verification'.\n\n".
"You should omit the '@' from domains. Note that the domain must ".
"match exactly. If you allow 'yourcompany.com', that permits ".
"'joe@yourcompany.com' but rejects 'joe@mail.yourcompany.com'."))
->addExample(
"yourcompany.com\nmail.yourcompany.com",
pht('Valid Setting')),
$this->newOption('auth.login-message', 'string', null)
->setLocked(true)
->setSummary(pht("A block of HTML displayed on the login screen."))
->setDescription(
pht(
"You can provide an arbitrary block of HTML here, which will ".
"appear on the login screen. Normally, you'd use this to provide ".
"login or registration instructions to users.")),
$this->newOption('account.editable', 'bool', true)
->setOptions(
array(
pht("Allow editing"),
- pht("Prevent editing")))
+ pht("Prevent editing")
+ ))
->setSummary(
pht(
"Determines whether or not basic account information is ".
"editable."))
->setDescription(
pht(
"Is basic account information (email, real name, profile ".
"picture) editable? If you set up Phabricator to automatically ".
"synchronize account information from some other authoritative ".
"system, you can disable this to ensure information remains ".
"consistent across both systems.")),
$this->newOption('account.minimum-password-length', 'int', 8)
->setSummary(pht("Minimum password length."))
->setDescription(
pht(
"When users set or reset a password, it must have at least this ".
"many characters.")),
);
}
}
diff --git a/src/applications/config/option/PhabricatorCoreConfigOptions.php b/src/applications/config/option/PhabricatorCoreConfigOptions.php
index d00656a27b..50395654d8 100644
--- a/src/applications/config/option/PhabricatorCoreConfigOptions.php
+++ b/src/applications/config/option/PhabricatorCoreConfigOptions.php
@@ -1,151 +1,151 @@
<?php
final class PhabricatorCoreConfigOptions
extends PhabricatorApplicationConfigOptions {
public function getName() {
return pht("Core");
}
public function getDescription() {
return pht("Configure core options, including URIs.");
}
public function getOptions() {
return array(
$this->newOption('phabricator.base-uri', 'string', null)
->setSummary(pht("URI where Phabricator is installed."))
->setDescription(
pht(
"Set the URI where Phabricator is installed. Setting this ".
"improves security by preventing cookies from being set on other ".
"domains, and allows daemons to send emails with links that have ".
"the correct domain."))
->addExample('http://phabricator.example.com/', pht('Valid Setting')),
$this->newOption('phabricator.production-uri', 'string', null)
->setSummary(
pht("Primary install URI, for multi-environment installs."))
->setDescription(
pht(
"If you have multiple Phabricator environments (like a ".
"development/staging environment for working on testing ".
"Phabricator, and a production environment for deploying it), ".
"set the production environment URI here so that emails and other ".
"durable URIs will always generate with links pointing at the ".
"production environment. If unset, defaults to ".
"{{phabricator.base-uri}}. Most installs do not need to set ".
"this option."))
->addExample('http://phabricator.example.com/', pht('Valid Setting')),
$this->newOption('phabricator.timezone', 'string', null)
->setSummary(
pht("The timezone Phabricator should use."))
->setDescription(
pht(
"PHP requires that you set a timezone in your php.ini before ".
"using date functions, or it will emit a warning. If this isn't ".
"possible (for instance, because you are using HPHP) you can set ".
"some valid constant for date_default_timezone_set() here and ".
"Phabricator will set it on your behalf, silencing the warning."))
->addExample('America/New_York', pht('US East (EDT)'))
->addExample('America/Chicago', pht('US Central (CDT)'))
->addExample('America/Boise', pht('US Mountain (MDT)'))
->addExample('America/Los_Angeles', pht('US West (PDT)')),
$this->newOption('phabricator.serious-business', 'bool', false)
->setOptions(
array(
- pht('Shenanigans'), // That should be interesting to translate. :P
pht('Serious business'),
+ pht('Shenanigans'), // That should be interesting to translate. :P
))
->setSummary(
pht("Should Phabricator be serious?"))
->setDescription(
pht(
"By default, Phabricator includes some silly nonsense in the UI, ".
"such as a submit button called 'Clowncopterize' in Differential ".
"and a call to 'Leap Into Action'. If you'd prefer more ".
"traditional UI strings like 'Submit', you can set this flag to ".
"disable most of the jokes and easter eggs.")),
$this->newOption('environment.append-paths', 'list<string>', null)
->setSummary(
pht("These paths get appended to your \$PATH envrionment variable."))
->setDescription(
pht(
"Phabricator occasionally shells out to other binaries on the ".
"server. An example of this is the \"pygmentize\" command, used ".
"to syntax-highlight code written in languages other than PHP. ".
"By default, it is assumed that these binaries are in the \$PATH ".
"of the user running Phabricator (normally 'apache', 'httpd', or ".
"'nobody'). Here you can add extra directories to the \$PATH ".
"environment variable, for when these binaries are in ".
"non-standard locations."))
->addExample('/usr/local/bin', pht('Add One Path'))
->addExample("/usr/bin\n/usr/local/bin", pht('Add Multiple Paths')),
);
}
protected function didValidateOption(
PhabricatorConfigOption $option,
$value) {
$key = $option->getKey();
if ($key == 'phabricator.base-uri' ||
$key == 'phabricator.production-uri') {
$uri = new PhutilURI($value);
$protocol = $uri->getProtocol();
if ($protocol !== 'http' && $protocol !== 'https') {
throw new PhabricatorConfigValidationException(
pht(
"Config option '%s' is invalid. The URI must start with ".
"'http://' or 'https://'.",
$key));
}
$domain = $uri->getDomain();
if (strpos($domain, '.') === false) {
throw new PhabricatorConfigValidationException(
pht(
"Config option '%s' is invalid. The URI must contain a dot ('.'), ".
"like 'http://example.com/', not just a bare name like ".
"'http://example/'. Some web browsers will not set cookies on ".
"domains with no TLD.",
$key));
}
$path = $uri->getPath();
if ($path !== '' && $path !== '/') {
throw new PhabricatorConfigValidationException(
pht(
"Config option '%s' is invalid. The URI must NOT have a path, ".
"e.g. 'http://phabricator.example.com/' is OK, but ".
"'http://example.com/phabricator/' is not. Phabricator must be ".
"installed on an entire domain; it can not be installed on a ".
"path.",
$key));
}
}
if ($key === 'phabricator.timezone') {
$old = date_default_timezone_get();
$ok = @date_default_timezone_set($value);
@date_default_timezone_set($old);
if (!$ok) {
throw new PhabricatorConfigValidationException(
pht(
"Config option '%s' is invalid. The timezone identifier must ".
"be a valid timezone identifier recognized by PHP, like ".
"'America/Los_Angeles'. You can find a list of valid identifiers ".
"here: %s",
$key,
'http://php.net/manual/timezones.php'));
}
}
}
}
diff --git a/src/applications/config/option/PhabricatorDeveloperConfigOptions.php b/src/applications/config/option/PhabricatorDeveloperConfigOptions.php
index 84f91b08e4..46092c43be 100644
--- a/src/applications/config/option/PhabricatorDeveloperConfigOptions.php
+++ b/src/applications/config/option/PhabricatorDeveloperConfigOptions.php
@@ -1,145 +1,145 @@
<?php
final class PhabricatorDeveloperConfigOptions
extends PhabricatorApplicationConfigOptions {
public function getName() {
return pht("Developer / Debugging");
}
public function getDescription() {
return pht("Options for Phabricator developers, including debugging.");
}
public function getOptions() {
return array(
$this->newOption('darkconsole.enabled', 'bool', false)
->setOptions(
array(
- pht("Disable DarkConsole"),
pht("Enable DarkConsole"),
+ pht("Disable DarkConsole"),
))
->setSummary(pht("Enable Phabricator's debugging console."))
->setDescription(
pht(
"DarkConsole is a development and profiling tool built into ".
"Phabricator's web interface. You should leave it disabled unless ".
"you are developing or debugging Phabricator.\n\n".
"Set this option to enable DarkConsole, which will put a link ".
"in the page footer to actually activate it. Once activated, ".
"it will appear at the top of every page and can be toggled ".
"by pressing the '`' key.\n\n".
"DarkConsole exposes potentially sensitive data (like queries, ".
"stack traces, and configuration) so you generally should not ".
"turn it on in production.")),
$this->newOption('darkconsole.always-on', 'bool', false)
->setOptions(
array(
- pht("Require DarkConsole Activation"),
pht("Always Activate DarkConsole"),
+ pht("Require DarkConsole Activation"),
))
->setSummary(pht("Activate DarkConsole on every page."))
->setDescription(
pht(
"This option allows you to enable DarkConsole on every page, ".
"even for logged-out users. This is only really useful if you ".
"need to debug something on a logged-out page. You should not ".
"enable this option in production.\n\n".
"You must enable DarkConsole by setting {{darkconsole.enabled}} ".
"before this option will have any effect.")),
$this->newOption('debug.stop-on-redirect', 'bool', false)
->setOptions(
array(
- pht("Use Normal HTTP Redirects"),
pht("Stop Before HTTP Redirect"),
+ pht("Use Normal HTTP Redirects"),
))
->setSummary(
pht(
"Confirm before redirecting so DarkConsole can be examined."))
->setDescription(
pht(
"Normally, Phabricator issues HTTP redirects after a successful ".
"POST. This can make it difficult to debug things which happen ".
"while processing the POST, because service and profiling ".
"information are lost. By setting this configuration option, ".
"Phabricator will show a page instead of automatically ".
"redirecting, allowing you to examine service and profiling ".
"information. It also makes the UX awful, so you should only ".
"enable it when debugging.")),
$this->newOption('debug.profile-rate', 'int', 0)
->addExample(0, pht('No profiling'))
->addExample(1, pht('Profile every request (slow)'))
->addExample(1000, pht('Profile 0.1%% of all requests'))
->setSummary(pht("Automatically profile some percentage of pages."))
->setDescription(
pht(
"Normally, Phabricator profiles pages only when explicitly ".
"requested via DarkConsole. However, it may be useful to profile ".
"some pages automatically.\n\n".
"Set this option to a positive integer N to profile 1 / N pages ".
"automatically. For example, setting it to 1 will profile every ".
"page, while setting it to 1000 will profile 1 page per 1000 ".
"requests (i.e., 0.1%% of requests).\n\n".
"Since profiling is slow and generates a lot of data, you should ".
"set this to 0 in production (to disable it) or to a large number ".
"(to collect a few samples, if you're interested in having some ".
"data to look at eventually). In development, it may be useful to ".
"set it to 1 in order to debug performance problems.\n\n".
"NOTE: You must install XHProf for profiling to work.")),
$this->newOption('phabricator.show-stack-traces', 'bool', false)
->setOptions(
array(
- pht('Hide stack traces'),
pht('Show stack traces'),
+ pht('Hide stack traces'),
))
->setSummary(pht("Show stack traces when unhandled exceptions occur."))
->setDescription(
pht(
"When unhandled exceptions occur, stack traces are hidden by ".
"default. You can enable traces for development to make it easier ".
"to debug problems.")),
$this->newOption('phabricator.show-error-callout', 'bool', false)
->setOptions(
array(
- pht('Hide error callout'),
pht('Show error callout'),
+ pht('Hide error callout'),
))
->setSummary(pht("Show error callout."))
->setDescription(
pht(
"Shows an error callout if a page generated PHP errors, warnings ".
"or notices. This makes it harder to miss problems while ".
"developing Phabricator. A callout is simply a red error at the ".
"top of the page.")),
$this->newOption('celerity.force-disk-reads', 'bool', false)
->setOptions(
array(
- pht("Don't force disk reads"),
pht('Force disk reads'),
+ pht("Don't force disk reads"),
))
->setSummary(pht("Force Celerity to read from disk on every request."))
->setDescription(
pht(
"In a development environment, it is desirable to force static ".
"resources (CSS and JS) to be read from disk on every request, so ".
"that edits to them appear when you reload the page even if you ".
"haven't updated the resource maps. This setting ensures requests ".
"will be verified against the state on disk. Generally, you ".
"should leave this off in production (caching behavior and ".
"performance improve with it off) but turn it on in development. ".
"(These settings are the defaults.)")),
$this->newOption('celerity.minify', 'bool', false)
->setOptions(
array(
- pht("Don't minify static resources."),
pht('Minify static resources.'),
+ pht("Don't minify static resources."),
))
->setSummary(pht("Minify static Celerity resources."))
->setDescription(
pht(
"Minify static resources by removing whitespace and comments. You ".
"should enable this in production, but disable it in ".
"development.")),
);
}
}
diff --git a/src/applications/config/option/PhabricatorDisqusConfigOptions.php b/src/applications/config/option/PhabricatorDisqusConfigOptions.php
index de773e07ac..decafe9907 100644
--- a/src/applications/config/option/PhabricatorDisqusConfigOptions.php
+++ b/src/applications/config/option/PhabricatorDisqusConfigOptions.php
@@ -1,64 +1,64 @@
<?php
final class PhabricatorDisqusConfigOptions
extends PhabricatorApplicationConfigOptions {
public function getName() {
return pht("Integration with Disqus");
}
public function getDescription() {
return pht("Disqus authentication and integration options.");
}
public function getOptions() {
return array(
$this->newOption('disqus.auth-enabled', 'bool', false)
->setOptions(
array(
- pht("Disable Disqus Authentication"),
pht("Enable Disqus Authentication"),
+ pht("Disable Disqus Authentication"),
))
->setDescription(
pht(
'Allow users to login to Phabricator using Disqus credentials.')),
$this->newOption('disqus.registration-enabled', 'bool', true)
->setOptions(
array(
- pht("Disable Disqus Registration"),
pht("Enable Disqus Registration"),
+ pht("Disable Disqus Registration"),
))
->setDescription(
pht(
'Allow users to create new Phabricator accounts using Disqus '.
'credentials.')),
$this->newOption('disqus.auth-permanent', 'bool', false)
->setOptions(
array(
- pht("Allow Disqus Account Unlinking"),
pht("Permanently Bind Disqus Accounts"),
+ pht("Allow Disqus Account Unlinking"),
))
->setDescription(
pht(
'Are Phabricator accounts permanently bound to Disqus '.
'accounts?')),
$this->newOption('disqus.application-id', 'string', null)
->setDescription(
pht(
'Disqus "Client ID" to use for Disqus API access.')),
$this->newOption('disqus.application-secret', 'string', null)
->setDescription(
pht(
'Disqus "Secret" to use for Diqsus API access.')),
$this->newOption('disqus.shortname', 'string', null)
->setSummary(pht("Shortname for Disqus comment widget."))
->setDescription(
pht(
"Website shortname to use for Disqus comment widget in Phame. ".
"For more information, see:\n\n".
"[[http://docs.disqus.com/help/4/ | Disqus Quick Start Guide]]\n".
"[[http://docs.disqus.com/help/68/ | Information on Shortnames]]")),
);
}
}
diff --git a/src/applications/config/option/PhabricatorFacebookConfigOptions.php b/src/applications/config/option/PhabricatorFacebookConfigOptions.php
index 9be18876a7..fdf828701f 100644
--- a/src/applications/config/option/PhabricatorFacebookConfigOptions.php
+++ b/src/applications/config/option/PhabricatorFacebookConfigOptions.php
@@ -1,75 +1,75 @@
<?php
final class PhabricatorFacebookConfigOptions
extends PhabricatorApplicationConfigOptions {
public function getName() {
return pht("Integration with Facebook");
}
public function getDescription() {
return pht("Facebook authentication and integration options.");
}
public function getOptions() {
return array(
$this->newOption('facebook.auth-enabled', 'bool', false)
->setOptions(
array(
- pht("Disable Facebook Authentication"),
pht("Enable Facebook Authentication"),
+ pht("Disable Facebook Authentication"),
))
->setDescription(
pht(
'Allow users to login to Phabricator using Facebook credentials.')),
$this->newOption('facebook.registration-enabled', 'bool', true)
->setOptions(
array(
- pht("Disable Facebook Registration"),
pht("Enable Facebook Registration"),
+ pht("Disable Facebook Registration"),
))
->setDescription(
pht(
'Allow users to create new Phabricator accounts using Facebook '.
'credentials.')),
$this->newOption('facebook.auth-permanent', 'bool', false)
->setOptions(
array(
- pht("Allow Facebook Account Unlinking"),
pht("Permanently Bind Facebook Accounts"),
+ pht("Allow Facebook Account Unlinking"),
))
->setDescription(
pht(
'Are Phabricator accounts permanently bound to Facebook '.
'accounts?')),
$this->newOption('facebook.application-id', 'string', null)
->setDescription(
pht(
'Facebook "Application ID" to use for Facebook API access.')),
$this->newOption('facebook.application-secret', 'string', null)
->setDescription(
pht(
'Facebook "Application Secret" to use for Facebook API access.')),
$this->newOption('facebook.require-https-auth', 'bool', false)
->setOptions(
array(
- pht("Do Not Require HTTPS"),
pht("Require HTTPS"),
+ pht("Do Not Require HTTPS"),
))
->setSummary(
pht(
'Reject Facebook logins from accounts that do not have Facebook '.
'configured in HTTPS-only mode.'))
->setDescription(
pht(
'You can require users logging in via Facebook auth have Facebook '.
'set to HTTPS-only, which ensures their Facebook cookies are '.
'SSL-only. This makes it more difficult for an attacker to '.
'escalate a cookie-sniffing attack which captures Facebook '.
'credentials into Phabricator access, but will require users '.
'change their Facebook settings if they do not have this mode '.
'enabled.')),
);
}
}
diff --git a/src/applications/config/option/PhabricatorGitHubConfigOptions.php b/src/applications/config/option/PhabricatorGitHubConfigOptions.php
index 662a887c63..d7c0531b01 100644
--- a/src/applications/config/option/PhabricatorGitHubConfigOptions.php
+++ b/src/applications/config/option/PhabricatorGitHubConfigOptions.php
@@ -1,56 +1,56 @@
<?php
final class PhabricatorGitHubConfigOptions
extends PhabricatorApplicationConfigOptions {
public function getName() {
return pht("Integration with GitHub");
}
public function getDescription() {
return pht("GitHub authentication and integration options.");
}
public function getOptions() {
return array(
$this->newOption('github.auth-enabled', 'bool', false)
->setOptions(
array(
- pht("Disable GitHub Authentication"),
pht("Enable GitHub Authentication"),
+ pht("Disable GitHub Authentication"),
))
->setDescription(
pht(
'Allow users to login to Phabricator using GitHub credentials.')),
$this->newOption('github.registration-enabled', 'bool', true)
->setOptions(
array(
- pht("Disable GitHub Registration"),
pht("Enable GitHub Registration"),
+ pht("Disable GitHub Registration"),
))
->setDescription(
pht(
'Allow users to create new Phabricator accounts using GitHub '.
'credentials.')),
$this->newOption('github.auth-permanent', 'bool', false)
->setOptions(
array(
- pht("Allow GitHub Account Unlinking"),
pht("Permanently Bind GitHub Accounts"),
+ pht("Allow GitHub Account Unlinking"),
))
->setDescription(
pht(
'Are Phabricator accounts permanently bound to GitHub '.
'accounts?')),
$this->newOption('github.application-id', 'string', null)
->setDescription(
pht(
'GitHub "Client ID" to use for GitHub API access.')),
$this->newOption('github.application-secret', 'string', null)
->setDescription(
pht(
'GitHub "Secret" to use for GitHub API access.')),
);
}
}
diff --git a/src/applications/config/option/PhabricatorGoogleConfigOptions.php b/src/applications/config/option/PhabricatorGoogleConfigOptions.php
index bae00d4927..6e35637b13 100644
--- a/src/applications/config/option/PhabricatorGoogleConfigOptions.php
+++ b/src/applications/config/option/PhabricatorGoogleConfigOptions.php
@@ -1,56 +1,56 @@
<?php
final class PhabricatorGoogleConfigOptions
extends PhabricatorApplicationConfigOptions {
public function getName() {
return pht("Integration with Google");
}
public function getDescription() {
return pht("Google authentication and integration options.");
}
public function getOptions() {
return array(
$this->newOption('google.auth-enabled', 'bool', false)
->setOptions(
array(
- pht("Disable Google Authentication"),
pht("Enable Google Authentication"),
+ pht("Disable Google Authentication"),
))
->setDescription(
pht(
'Allow users to login to Phabricator using Google credentials.')),
$this->newOption('google.registration-enabled', 'bool', true)
->setOptions(
array(
- pht("Disable Google Registration"),
pht("Enable Google Registration"),
+ pht("Disable Google Registration"),
))
->setDescription(
pht(
'Allow users to create new Phabricator accounts using Google '.
'credentials.')),
$this->newOption('google.auth-permanent', 'bool', false)
->setOptions(
array(
- pht("Allow Google Account Unlinking"),
pht("Permanently Bind Google Accounts"),
+ pht("Allow Google Account Unlinking"),
))
->setDescription(
pht(
'Are Phabricator accounts permanently bound to Google '.
'accounts?')),
$this->newOption('google.application-id', 'string', null)
->setDescription(
pht(
'Google "Client ID" to use for Google API access.')),
$this->newOption('google.application-secret', 'string', null)
->setDescription(
pht(
'Google "Secret" to use for Google API access.')),
);
}
}
diff --git a/src/applications/config/option/PhabricatorLDAPConfigOptions.php b/src/applications/config/option/PhabricatorLDAPConfigOptions.php
index 8f3f7f92d6..c67a7a748a 100644
--- a/src/applications/config/option/PhabricatorLDAPConfigOptions.php
+++ b/src/applications/config/option/PhabricatorLDAPConfigOptions.php
@@ -1,68 +1,68 @@
<?php
final class PhabricatorLDAPConfigOptions
extends PhabricatorApplicationConfigOptions {
public function getName() {
return pht("Integration with LDAP");
}
public function getDescription() {
return pht("LDAP authentication and integration options.");
}
public function getOptions() {
return array(
$this->newOption('ldap.auth-enabled', 'bool', false)
->setOptions(
array(
- pht("Disable LDAP Authentication"),
pht("Enable LDAP Authentication"),
+ pht("Disable LDAP Authentication"),
))
->setDescription(
pht('Enable LDAP for authentication and registration.')),
$this->newOption('ldap.hostname', 'string', null)
->setDescription(pht('LDAP server host name.')),
$this->newOption('ldap.port', 'int', 389)
->setDescription(pht('LDAP server port.')),
$this->newOption('ldap.anonymous-user-name', 'string', null)
->setDescription(
pht('Username to login to LDAP server with.')),
$this->newOption('ldap.anonymous-user-password', 'string', null)
->setDescription(
pht('Password to login to LDAP server with.')),
// TODO: I have only a vague understanding of what these options do;
// improve the documentation here and provide examples.
$this->newOption('ldap.base_dn', 'string', null)
->setDescription(pht('LDAP base domain name.')),
$this->newOption('ldap.search_attribute', 'string', null),
$this->newOption('ldap.search-first', 'bool', false)
->setOptions(
array(
- pht("Disabled"),
pht("Enabled"),
+ pht("Disabled"),
)),
$this->newOption('ldap.username-attribute', 'string', null),
$this->newOption('ldap.real_name_attributes', 'list<string>', array())
->setDescription(
pht(
"Attribute or attributes to use as the user's real name. If ".
"multiple attributes are provided, they will be joined with ".
"spaces.")),
$this->newOption('ldap.activedirectory_domain', 'string', null),
$this->newOption('ldap.version', 'int', 3),
$this->newOption('ldap.referrals', 'bool', true)
->setOptions(
array(
- pht("Do Not Follow Referrals"),
pht("Follow Referrals"),
+ pht("Do Not Follow Referrals"),
))
->setDescription(
pht("You may need to disable this if you use Windows 2003 ".
"Active Directory.")),
);
}
}
diff --git a/src/applications/config/option/PhabricatorNotificationConfigOptions.php b/src/applications/config/option/PhabricatorNotificationConfigOptions.php
index 028651a6aa..3304079915 100644
--- a/src/applications/config/option/PhabricatorNotificationConfigOptions.php
+++ b/src/applications/config/option/PhabricatorNotificationConfigOptions.php
@@ -1,59 +1,59 @@
<?php
final class PhabricatorNotificationConfigOptions
extends PhabricatorApplicationConfigOptions {
public function getName() {
return pht("Notifications");
}
public function getDescription() {
return pht("Configure real-time notifications.");
}
public function getOptions() {
return array(
$this->newOption('notification.enabled', 'bool', false)
->setOptions(
array(
- pht("Disable Real-Time Notifications"),
pht("Enable Real-Time Notifications"),
+ pht("Disable Real-Time Notifications"),
))
->setSummary(pht('Enable real-time notifications.'))
->setDescription(
pht(
"Enable real-time notifications. You must also run a Node.js ".
"based notification server for this to work. Consult the ".
"documentation in 'Notifications User Guide: Setup and ".
"Configuration' for instructions.")),
$this->newOption(
'notification.client-uri',
'string',
'http://localhost:22280')
->setDescription(pht('Location of the client server.')),
$this->newOption(
'notification.server-uri',
'string',
'http://localhost:22281')
->setDescription(pht('Location of the notification receiver server.')),
$this->newOption('notification.user', 'string', null)
->setSummary(pht('Drop permissions to a less-privileged user.'))
->setDescription(
pht(
"The notifcation server must be started as root so it can bind ".
"to privileged ports, but if you specify a system user here it ".
"will drop permissions to that user after binding to the ports ".
"it needs.")),
$this->newOption('notification.log', 'string', '/var/log/aphlict.log')
->setDescription(pht('Location of the server log file.')),
$this->newOption(
'notification.pidfile',
'string',
'/var/run/aphlict.pid')
->setDescription(pht('Location of the server PID file.')),
$this->newOption('notification.debug', 'bool', false)
->setDescription(pht('Enable debug output in the browser.')),
);
}
}
diff --git a/src/applications/config/option/PhabricatorRecaptchaConfigOptions.php b/src/applications/config/option/PhabricatorRecaptchaConfigOptions.php
index 27deaf3a03..3355d3fee7 100644
--- a/src/applications/config/option/PhabricatorRecaptchaConfigOptions.php
+++ b/src/applications/config/option/PhabricatorRecaptchaConfigOptions.php
@@ -1,39 +1,39 @@
<?php
final class PhabricatorRecaptchaConfigOptions
extends PhabricatorApplicationConfigOptions {
public function getName() {
return pht("Integration with Recaptcha");
}
public function getDescription() {
return pht("Configure Recaptcha captchas.");
}
public function getOptions() {
return array(
$this->newOption('recaptcha.enabled', 'bool', false)
->setOptions(
array(
- pht("Disable Recaptcha"),
pht("Enable Recaptcha"),
+ pht("Disable Recaptcha"),
))
->setSummary(pht('Enable captchas with Recaptcha.'))
->setDescription(
pht(
"Enable recaptcha to require users solve captchas after a few ".
"failed login attempts. This hinders brute-force attacks against ".
"user passwords. For more information, see http://recaptcha.net/")),
$this->newOption('recaptcha.public-key', 'string', null)
->setDescription(
pht('Recaptcha public key, obtained by signing up for Recaptcha.')),
$this->newOption('recaptcha.private-key', 'string', null)
->setMasked(true)
->setDescription(
pht('Recaptcha private key, obtained by signing up for Recaptcha.')),
);
}
}
diff --git a/src/applications/config/option/PhabricatorSecurityConfigOptions.php b/src/applications/config/option/PhabricatorSecurityConfigOptions.php
index e69f15122d..24e9df9cf5 100644
--- a/src/applications/config/option/PhabricatorSecurityConfigOptions.php
+++ b/src/applications/config/option/PhabricatorSecurityConfigOptions.php
@@ -1,182 +1,182 @@
<?php
final class PhabricatorSecurityConfigOptions
extends PhabricatorApplicationConfigOptions {
public function getName() {
return pht("Security");
}
public function getDescription() {
return pht("Security options.");
}
public function getOptions() {
return array(
$this->newOption('security.alternate-file-domain', 'string', null)
->setSummary(pht("Alternate domain to serve files from."))
->setDescription(
pht(
"IMPORTANT: By default, Phabricator serves files from the same ".
"domain the application lives on. This is convenient but not ".
"secure: it creates a large class of vulnerabilities which can ".
"not be generally mitigated.\n\n".
"To avoid this, you should configure a second domain in the same ".
"way you have the primary domain configured (i.e., point it at ".
"the same machine and set up the same vhost rules) and provide ".
"it here. For instance, if your primary install is on ".
"'http://www.phabricator-example.com/', you could configure ".
"'http://www.phabricator-files.com/' and specify the entire ".
"domain (with protocol) here. This will enforce that files are ".
"served only from the alternate domain. Ideally, you should use ".
"a completely separate domain name rather than just a different ".
"subdomain.\n\n".
"It is **STRONGLY RECOMMENDED** that you configure this. Your ".
"install is **NOT SECURE** unless you do so."))
->addExample('http://www.phabricator-files.com/', pht('Valid Setting')),
$this->newOption(
'security.hmac-key',
'string',
'[D\t~Y7eNmnQGJ;rnH6aF;m2!vJ8@v8C=Cs:aQS\.Qw')
->setSummary(
pht("Key for HMAC digests."))
->setDescription(
pht(
"Default key for HMAC digests where the key is not important ".
"(i.e., the hash itself is secret). You can change this if you ".
"want (to any other string), but doing so will break existing ".
"sessions and CSRF tokens.")),
$this->newOption('security.require-https', 'bool', false)
->setSummary(
pht("Force users to connect via https instead of http."))
->setDescription(
pht(
"If the web server responds to both HTTP and HTTPS requests but ".
"you want users to connect with only HTTPS, you can set this ".
"to true to make Phabricator redirect HTTP requests to HTTPS.\n\n".
"Normally, you should just configure your server not to accept ".
"HTTP traffic, but this setting may be useful if you originally ".
"used HTTP and have now switched to HTTPS but don't want to ".
"break old links, or if your webserver sits behind a load ".
"balancer which terminates HTTPS connections and you can not ".
"reasonably configure more granular behavior there.\n\n".
"NOTE: Phabricator determines if a request is HTTPS or not by ".
"examining the PHP \$_SERVER['HTTPS'] variable. If you run ".
"Apache/mod_php this will probably be set correctly for you ".
"automatically, but if you run Phabricator as CGI/FCGI (e.g., ".
"through nginx or lighttpd), you need to configure your web ".
"server so that it passes the value correctly based on the ".
"connection type. Alternatively, you can add a PHP snippet to ".
"the top of this configuration file to directly set ".
"\$_SERVER['HTTPS'] to the correct value."))
->setOptions(
array(
- pht('Allow HTTP'),
pht('Force HTTPS'),
+ pht('Allow HTTP'),
)),
$this->newOption(
'phabricator.csrf-key',
'string',
'0b7ec0592e0a2829d8b71df2fa269b2c6172eca3')
->setSummary(
pht("Hashed with other inputs to generate CSRF tokens."))
->setDescription(
pht(
"This is hashed with other inputs to generate CSRF tokens. If ".
"you want, you can change it to some other string which is ".
"unique to your install. This will make your install more secure ".
"in a vague, mostly theoretical way. But it will take you like 3 ".
"seconds of mashing on your keyboard to set it up so you might ".
"as well.")),
$this->newOption(
'phabricator.mail-key',
'string',
'5ce3e7e8787f6e40dfae861da315a5cdf1018f12')
->setSummary(
pht("Hashed with other inputs to generate mail tokens."))
->setDescription(
pht(
"This is hashed with other inputs to generate mail tokens. If ".
"you want, you can change it to some other string which is ".
"unique to your install. In particular, you will want to do ".
"this if you accidentally send a bunch of mail somewhere you ".
"shouldn't have, to invalidate all old reply-to addresses.")),
// TODO: This should really be dict<string,bool> but that doesn't exist
// yet.
$this->newOption('uri.allowed-protocols', 'wild', null)
->setSummary(
pht("Determines which URI protocols are auto-linked."))
->setDescription(
pht(
"When users write comments which have URIs, they'll be ".
"automatically linked if the protocol appears in this set. This ".
"whitelist is primarily to prevent security issues like ".
"javascript:// URIs."))
->addExample(
'{"http": true, "https": true"}', pht('Valid Setting')),
$this->newOption(
'celerity.resource-hash',
'string',
'd9455ea150622ee044f7931dabfa52aa')
->setSummary(
pht("An input to the hash function when building resource hashes."))
->setDescription(
pht(
"This value is an input to the hash function when building ".
"resource hashes. It has no security value, but if you ".
"accidentally poison user caches (by pushing a bad patch or ".
"having something go wrong with a CDN, e.g.) you can change this ".
"to something else and rebuild the Celerity map to break user ".
"caches. Unless you are doing Celerity development, it is ".
"exceptionally unlikely that you need to modify this.")),
);
}
protected function didValidateOption(
PhabricatorConfigOption $option,
$value) {
$key = $option->getKey();
if ($key == 'security.alternate-file-domain') {
$uri = new PhutilURI($value);
$protocol = $uri->getProtocol();
if ($protocol !== 'http' && $protocol !== 'https') {
throw new PhabricatorConfigValidationException(
pht(
"Config option '%s' is invalid. The URI must start with ".
"'http://' or 'https://'.",
$key));
}
$domain = $uri->getDomain();
if (strpos($domain, '.') === false) {
throw new PhabricatorConfigValidationException(
pht(
"Config option '%s' is invalid. The URI must contain a dot ('.'), ".
"like 'http://example.com/', not just a bare name like ".
"'http://example/'. Some web browsers will not set cookies on ".
"domains with no TLD.",
$key));
}
$path = $uri->getPath();
if ($path !== '' && $path !== '/') {
throw new PhabricatorConfigValidationException(
pht(
"Config option '%s' is invalid. The URI must NOT have a path, ".
"e.g. 'http://phabricator.example.com/' is OK, but ".
"'http://example.com/phabricator/' is not. Phabricator must be ".
"installed on an entire domain; it can not be installed on a ".
"path.",
$key));
}
}
}
}

File Metadata

Mime Type
text/x-diff
Expires
Thu, Jul 3, 5:16 PM (12 h, 10 m)
Storage Engine
blob
Storage Format
Raw Data
Storage Handle
166083
Default Alt Text
(45 KB)

Event Timeline

styx copyright 2020 sirocyl / ellie (kymkdd) / ncommander / styx contributors
Use of other names and brands is not intended to reflect a claim of, or right to, use the name or brand.
styx is an operating system using the Linux kernel and components, and "styx Linux" as a phrase does not reflect the inclusion of the Linux brand or trademark in the styx project.
Linux® is the registered trademark of Linus Torvalds in the U.S. and other countries.
Terms and Conditions (TODO: fix this!)