No OneTemporary
Actions

Size

74 KB

Referenced Files

None

Subscribers

None

View Options

	diff --git a/src/aphront/configuration/AphrontDefaultApplicationConfiguration.php b/src/aphront/configuration/AphrontDefaultApplicationConfiguration.php
	index 26a080b371..4b6a45981d 100644
	--- a/src/aphront/configuration/AphrontDefaultApplicationConfiguration.php
	+++ b/src/aphront/configuration/AphrontDefaultApplicationConfiguration.php
	@@ -1,573 +1,570 @@
	<?php

	/*
	* Copyright 2012 Facebook, Inc.
	*
	* Licensed under the Apache License, Version 2.0 (the "License");
	* you may not use this file except in compliance with the License.
	* You may obtain a copy of the License at
	*
	* http://www.apache.org/licenses/LICENSE-2.0
	*
	* Unless required by applicable law or agreed to in writing, software
	* distributed under the License is distributed on an "AS IS" BASIS,
	* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
	* See the License for the specific language governing permissions and
	* limitations under the License.
	*/

	/**
	* @group aphront
	*/
	class AphrontDefaultApplicationConfiguration
	extends AphrontApplicationConfiguration {

	public function __construct() {

	}

	public function getApplicationName() {
	return 'aphront-default';
	}

	public function getURIMap() {
	return $this->getResourceURIMapRules() + array(
	'/(?:(?P<filter>(?:jump\|apps))/)?' =>
	'PhabricatorDirectoryMainController',
	'/(?:(?P<filter>feed)/)' => array(
	'public/' => 'PhabricatorFeedPublicStreamController',
	'(?:(?P<subfilter>[^/]+)/)?' =>
	'PhabricatorDirectoryMainController',
	),
	'/F(?P<id>\d+)' => 'PhabricatorFileShortcutController',
	'/file/' => array(
	'' => 'PhabricatorFileListController',
	'filter/(?P<filter>\w+)/' => 'PhabricatorFileListController',
	'upload/' => 'PhabricatorFileUploadController',
	'dropupload/' => 'PhabricatorFileDropUploadController',
	'delete/(?P<id>\d+)/' => 'PhabricatorFileDeleteController',
	'info/(?P<phid>[^/]+)/' => 'PhabricatorFileInfoController',

	'data/(?P<key>[^/]+)/(?P<phid>[^/]+)/.*'
	=> 'PhabricatorFileDataController',
	// TODO: This is a deprecated version of /data/. Remove it after
	// old links have had a chance to rot.
	'alt/(?P<key>[^/]+)/(?P<phid>[^/]+)/'
	=> 'PhabricatorFileDataController',

	'macro/' => array(
	'' => 'PhabricatorFileMacroListController',
	'edit/(?:(?P<id>\d+)/)?' => 'PhabricatorFileMacroEditController',
	'delete/(?P<id>\d+)/' => 'PhabricatorFileMacroDeleteController',
	),
	'proxy/' => 'PhabricatorFileProxyController',
	'xform/(?P<transform>[^/]+)/(?P<phid>[^/]+)/'
	=> 'PhabricatorFileTransformController',
	),
	'/phid/' => array(
	'' => 'PhabricatorPHIDLookupController',
	),
	'/conduit/' => array(
	'' => 'PhabricatorConduitListController',
	'method/(?P<method>[^/]+)/' => 'PhabricatorConduitConsoleController',
	'log/' => 'PhabricatorConduitLogController',
	'log/view/(?P<view>[^/]+)/' => 'PhabricatorConduitLogController',
	'token/' => 'PhabricatorConduitTokenController',
	),
	'/api/(?P<method>[^/]+)' => 'PhabricatorConduitAPIController',

	'/typeahead/' => array(
	'common/(?P<type>\w+)/'
	=> 'PhabricatorTypeaheadCommonDatasourceController',
	),

	'/login/' => array(
	'' => 'PhabricatorLoginController',
	'email/' => 'PhabricatorEmailLoginController',
	'etoken/(?P<token>\w+)/' => 'PhabricatorEmailTokenController',
	'refresh/' => 'PhabricatorRefreshCSRFController',
	'validate/' => 'PhabricatorLoginValidateController',
	'mustverify/' => 'PhabricatorMustVerifyEmailController',
	),

	'/logout/' => 'PhabricatorLogoutController',

	'/oauth/' => array(
	'(?P<provider>\w+)/' => array(
	'login/' => 'PhabricatorOAuthLoginController',
	'diagnose/' => 'PhabricatorOAuthDiagnosticsController',
	'unlink/' => 'PhabricatorOAuthUnlinkController',
	),
	),

	'/ldap/' => array(
	'login/' => 'PhabricatorLDAPLoginController',
	'unlink/' => 'PhabricatorLDAPUnlinkController',
	),

	'/oauthserver/' => array(
	'auth/' => 'PhabricatorOAuthServerAuthController',
	'test/' => 'PhabricatorOAuthServerTestController',
	'token/' => 'PhabricatorOAuthServerTokenController',
	'clientauthorization/' => array(
	'' => 'PhabricatorOAuthClientAuthorizationListController',
	'delete/(?P<phid>[^/]+)/' =>
	'PhabricatorOAuthClientAuthorizationDeleteController',
	'edit/(?P<phid>[^/]+)/' =>
	'PhabricatorOAuthClientAuthorizationEditController',
	),
	'client/' => array(
	'' => 'PhabricatorOAuthClientListController',
	'create/' => 'PhabricatorOAuthClientEditController',
	'delete/(?P<phid>[^/]+)/' => 'PhabricatorOAuthClientDeleteController',
	'edit/(?P<phid>[^/]+)/' => 'PhabricatorOAuthClientEditController',
	'view/(?P<phid>[^/]+)/' => 'PhabricatorOAuthClientViewController',
	),
	),

	'/xhprof/' => array(
	'profile/(?P<phid>[^/]+)/' => 'PhabricatorXHProfProfileController',
	),

	'/~/' => 'DarkConsoleController',

	'/repository/' => array(
	'' => 'PhabricatorRepositoryListController',
	'create/' => 'PhabricatorRepositoryCreateController',
	'edit/(?P<id>\d+)/(?:(?P<view>\w+)?/)?' =>
	'PhabricatorRepositoryEditController',
	'delete/(?P<id>\d+)/' => 'PhabricatorRepositoryDeleteController',
	'project/(?P<id>\d+)/' =>
	'PhabricatorRepositoryArcanistProjectEditController',
	),

	'/search/' => array(
	'' => 'PhabricatorSearchController',
	'(?P<key>[^/]+)/' => 'PhabricatorSearchController',
	'attach/(?P<phid>[^/]+)/(?P<type>\w+)/(?:(?P<action>\w+)/)?'
	=> 'PhabricatorSearchAttachController',
	'select/(?P<type>\w+)/'
	=> 'PhabricatorSearchSelectController',
	'index/(?P<phid>[^/]+)/' => 'PhabricatorSearchIndexController',
	),

	'/daemon/' => array(
	'task/(?P<id>\d+)/' => 'PhabricatorWorkerTaskDetailController',
	'task/(?P<id>\d+)/(?P<action>[^/]+)/'
	=> 'PhabricatorWorkerTaskUpdateController',
	'log/' => array(
	'' => 'PhabricatorDaemonLogListController',
	'combined/' => 'PhabricatorDaemonCombinedLogController',
	'(?P<id>\d+)/' => 'PhabricatorDaemonLogViewController',
	),
	'timeline/' => 'PhabricatorDaemonTimelineConsoleController',
	'timeline/(?P<id>\d+)/' => 'PhabricatorDaemonTimelineEventController',
	'' => 'PhabricatorDaemonConsoleController',
	),

	'/herald/' => array(
	'' => 'HeraldHomeController',
	'view/(?P<content_type>[^/]+)/(?:(?P<rule_type>[^/]+)/)?'
	=> 'HeraldHomeController',
	'new/(?:(?P<type>[^/]+)/(?:(?P<rule_type>[^/]+)/)?)?'
	=> 'HeraldNewController',
	'rule/(?:(?P<id>\d+)/)?' => 'HeraldRuleController',
	'history/(?:(?P<id>\d+)/)?' => 'HeraldRuleEditHistoryController',
	'delete/(?P<id>\d+)/' => 'HeraldDeleteController',
	'test/' => 'HeraldTestConsoleController',
	'transcript/' => 'HeraldTranscriptListController',
	'transcript/(?P<id>\d+)/(?:(?P<filter>\w+)/)?'
	=> 'HeraldTranscriptController',
	),

	'/uiexample/' => array(
	'' => 'PhabricatorUIExampleRenderController',
	'view/(?P<class>[^/]+)/' => 'PhabricatorUIExampleRenderController',
	),

	'/owners/' => array(
	'' => 'PhabricatorOwnersListController',
	'view/(?P<view>[^/]+)/' => 'PhabricatorOwnersListController',
	'edit/(?P<id>\d+)/' => 'PhabricatorOwnersEditController',
	'new/' => 'PhabricatorOwnersEditController',
	'package/(?P<id>\d+)/' => 'PhabricatorOwnersDetailController',
	'delete/(?P<id>\d+)/' => 'PhabricatorOwnersDeleteController',
	),

	'/xhpast/' => array(
	'' => 'PhabricatorXHPASTViewRunController',
	'view/(?P<id>\d+)/'
	=> 'PhabricatorXHPASTViewFrameController',
	'frameset/(?P<id>\d+)/'
	=> 'PhabricatorXHPASTViewFramesetController',
	'input/(?P<id>\d+)/'
	=> 'PhabricatorXHPASTViewInputController',
	'tree/(?P<id>\d+)/'
	=> 'PhabricatorXHPASTViewTreeController',
	'stream/(?P<id>\d+)/'
	=> 'PhabricatorXHPASTViewStreamController',
	),

	'/status/' => 'PhabricatorStatusController',

	'/paste/' => array(
	'' => 'PhabricatorPasteListController',
	'filter/(?P<filter>\w+)/' => 'PhabricatorPasteListController',
	),
	'/P(?P<id>\d+)' => 'PhabricatorPasteViewController',

	'/help/' => array(
	'keyboardshortcut/' => 'PhabricatorHelpKeyboardShortcutController',
	),

	'/countdown/' => array(
	''
	=> 'PhabricatorCountdownListController',
	'(?P<id>\d+)/'
	=> 'PhabricatorCountdownViewController',
	'edit/(?:(?P<id>\d+)/)?'
	=> 'PhabricatorCountdownEditController',
	'delete/(?P<id>\d+)/'
	=> 'PhabricatorCountdownDeleteController'
	),

	'/V(?P<id>\d+)' => 'PhabricatorSlowvotePollController',
	'/vote/' => array(
	'(?:view/(?P<view>\w+)/)?' => 'PhabricatorSlowvoteListController',
	'create/' => 'PhabricatorSlowvoteCreateController',
	),

	'/phame/' => array(
	'' => 'PhameAllPostListController',
	'post/' => array(
	'' => 'PhameUserPostListController',
	'delete/(?P<phid>[^/]+)/' => 'PhamePostDeleteController',
	'edit/(?P<phid>[^/]+)/' => 'PhamePostEditController',
	'new/' => 'PhamePostEditController',
	'preview/' => 'PhamePostPreviewController',
	'view/(?P<phid>[^/]+)/' => 'PhamePostViewController',
	),
	'draft/' => array(
	'' => 'PhameDraftListController',
	'new/' => 'PhamePostEditController',
	),
	'blog/' => array(
	'' => 'PhameUserBlogListController',
	'all/' => 'PhameAllBlogListController',
	'new/' => 'PhameBlogEditController',
	'delete/(?P<phid>[^/]+)/' => 'PhameBlogDeleteController',
	'edit/(?P<phid>[^/]+)/' => 'PhameBlogEditController',
	'view/(?P<phid>[^/]+)/' => 'PhameBlogViewController',
	),
	'posts/' => array(
	'' => 'PhameUserPostListController',
	'(?P<bloggername>\w+)/' => 'PhameBloggerPostListController',
	'(?P<bloggername>\w+)/(?P<phametitle>.+/)'
	=> 'PhamePostViewController',
	),
	),

	'/calendar/' => array(
	'' => 'PhabricatorCalendarBrowseController',
	),

	'/drydock/' => array(
	'' => 'DrydockResourceListController',
	'resource/' => 'DrydockResourceListController',
	'resource/allocate/' => 'DrydockResourceAllocateController',
	'host/' => array(
	'' => 'DrydockHostListController',
	'edit/' => 'DrydockHostEditController',
	'edit/(?P<id>\d+)/' => 'DrydockhostEditController',
	),
	'lease/' => 'DrydockLeaseListController',
	'log/' => 'DrydockLogController',
	),

	'/chatlog/' => array(
	'' =>
	'PhabricatorChatLogChannelListController',
	'channel/(?P<channel>[^/]+)/' =>
	'PhabricatorChatLogChannelLogController',
	),

	'/notification/' => array(
	'(?:(?P<filter>all\|unread)/)?'
	=> 'PhabricatorNotificationListController',
	'panel/' => 'PhabricatorNotificationPanelController',
	'individual/' => 'PhabricatorNotificationIndividualController',
	'status/' => 'PhabricatorNotificationStatusController',
	'clear/' => 'PhabricatorNotificationClearController',
	),

	'/phortune/' => array(
	'stripe/' => array(
	'testpaymentform/' => 'PhortuneStripeTestPaymentFormController',
	),
	),
	-
	- '/emailverify/(?P<code>[^/]+)/' =>
	- 'PhabricatorEmailVerificationController',
	);
	}

	protected function getResourceURIMapRules() {
	return array(
	'/res/' => array(
	'(?P<package>pkg/)?'.
	'(?P<hash>[a-f0-9]{8})/'.
	'(?P<path>.+\.(?:css\|js\|jpg\|png\|swf\|gif))'
	=> 'CelerityResourceController',
	),
	);
	}

	public function buildRequest() {
	$request = new AphrontRequest($this->getHost(), $this->getPath());
	$request->setRequestData($_GET + $_POST);
	$request->setApplicationConfiguration($this);
	return $request;
	}

	public function handleException(Exception $ex) {
	$request = $this->getRequest();

	// For Conduit requests, return a Conduit response.
	if ($request->isConduit()) {
	$response = new ConduitAPIResponse();
	$response->setErrorCode(get_class($ex));
	$response->setErrorInfo($ex->getMessage());

	return id(new AphrontJSONResponse())
	->setContent($response->toDictionary());
	}

	// For non-workflow requests, return a Ajax response.
	if ($request->isAjax() && !$request->isJavelinWorkflow()) {
	$response = new AphrontAjaxResponse();
	$response->setError(
	array(
	'code' => get_class($ex),
	'info' => $ex->getMessage(),
	));
	return $response;
	}

	$is_serious = PhabricatorEnv::getEnvConfig('phabricator.serious-business');

	$user = $request->getUser();
	if (!$user) {
	// If we hit an exception very early, we won't have a user.
	$user = new PhabricatorUser();
	}

	if ($ex instanceof PhabricatorPolicyException) {
	$content =
	'<div class="aphront-policy-exception">'.
	phutil_escape_html($ex->getMessage()).
	'</div>';

	$dialog = new AphrontDialogView();
	$dialog
	->setTitle(
	$is_serious
	? 'Access Denied'
	: "You Shall Not Pass")
	->setClass('aphront-access-dialog')
	->setUser($user)
	->appendChild($content);

	if ($this->getRequest()->isAjax()) {
	$dialog->addCancelButton('/', 'Close');
	} else {
	$dialog->addCancelButton('/', $is_serious ? 'OK' : 'Away With Thee');
	}

	$response = new AphrontDialogResponse();
	$response->setDialog($dialog);
	return $response;
	}

	if ($ex instanceof AphrontUsageException) {
	$error = new AphrontErrorView();
	$error->setTitle(phutil_escape_html($ex->getTitle()));
	$error->appendChild(phutil_escape_html($ex->getMessage()));

	$view = new PhabricatorStandardPageView();
	$view->setRequest($this->getRequest());
	$view->appendChild($error);

	$response = new AphrontWebpageResponse();
	$response->setContent($view->render());

	return $response;
	}


	// Always log the unhandled exception.
	phlog($ex);

	$class = phutil_escape_html(get_class($ex));
	$message = phutil_escape_html($ex->getMessage());

	if ($ex instanceof AphrontQuerySchemaException) {
	$message .=
	"\n\n".
	"NOTE: This usually indicates that the MySQL schema has not been ".
	"properly upgraded. Run 'bin/storage upgrade' to ensure your ".
	"schema is up to date.";
	}

	if (PhabricatorEnv::getEnvConfig('phabricator.show-stack-traces')) {
	$trace = $this->renderStackTrace($ex->getTrace(), $user);
	} else {
	$trace = null;
	}

	$content =
	'<div class="aphront-unhandled-exception">'.
	'<div class="exception-message">'.$message.'</div>'.
	$trace.
	'</div>';

	$dialog = new AphrontDialogView();
	$dialog
	->setTitle('Unhandled Exception ("'.$class.'")')
	->setClass('aphront-exception-dialog')
	->setUser($user)
	->appendChild($content);

	if ($this->getRequest()->isAjax()) {
	$dialog->addCancelButton('/', 'Close');
	}

	$response = new AphrontDialogResponse();
	$response->setDialog($dialog);

	return $response;
	}

	public function willSendResponse(AphrontResponse $response) {
	return $response;
	}

	public function build404Controller() {
	return array(new Phabricator404Controller($this->getRequest()), array());
	}

	public function buildRedirectController($uri) {
	return array(
	new PhabricatorRedirectController($this->getRequest()),
	array(
	'uri' => $uri,
	));
	}

	private function renderStackTrace($trace, PhabricatorUser $user) {

	$libraries = PhutilBootloader::getInstance()->getAllLibraries();

	$version = PhabricatorEnv::getEnvConfig('phabricator.version');
	if (preg_match('/[^a-f0-9]/i', $version)) {
	$version = '';
	}

	// TODO: Make this configurable?
	$path = 'https://secure.phabricator.com/diffusion/%s/browse/master/src/';

	$callsigns = array(
	'arcanist' => 'ARC',
	'phutil' => 'PHU',
	'phabricator' => 'P',
	);

	$rows = array();
	$depth = count($trace);
	foreach ($trace as $part) {
	$lib = null;
	$file = idx($part, 'file');
	$relative = $file;
	foreach ($libraries as $library) {
	$root = phutil_get_library_root($library);
	if (Filesystem::isDescendant($file, $root)) {
	$lib = $library;
	$relative = Filesystem::readablePath($file, $root);
	break;
	}
	}

	$where = '';
	if (isset($part['class'])) {
	$where .= $part['class'].'::';
	}
	if (isset($part['function'])) {
	$where .= $part['function'].'()';
	}

	if ($file) {
	if (isset($callsigns[$lib])) {
	$attrs = array('title' => $file);
	try {
	$attrs['href'] = $user->loadEditorLink(
	'/src/'.$relative,
	$part['line'],
	$callsigns[$lib]);
	} catch (Exception $ex) {
	// The database can be inaccessible.
	}
	if (empty($attrs['href'])) {
	$attrs['href'] = sprintf($path, $callsigns[$lib]).
	str_replace(DIRECTORY_SEPARATOR, '/', $relative).
	($version && $lib == 'phabricator' ? ';'.$version : '').
	'$'.$part['line'];
	$attrs['target'] = '_blank';
	}
	$file_name = phutil_render_tag(
	'a',
	$attrs,
	phutil_escape_html($relative));
	} else {
	$file_name = phutil_render_tag(
	'span',
	array(
	'title' => $file,
	),
	phutil_escape_html($relative));
	}
	$file_name = $file_name.' : '.(int)$part['line'];
	} else {
	$file_name = '<em>(Internal)</em>';
	}


	$rows[] = array(
	$depth--,
	phutil_escape_html($lib),
	$file_name,
	phutil_escape_html($where),
	);
	}
	$table = new AphrontTableView($rows);
	$table->setHeaders(
	array(
	'Depth',
	'Library',
	'File',
	'Where',
	));
	$table->setColumnClasses(
	array(
	'n',
	'',
	'',
	'wide',
	));

	return
	'<div class="exception-trace">'.
	'<div class="exception-trace-header">Stack Trace</div>'.
	$table->render().
	'</div>';
	}

	}
	diff --git a/src/applications/people/application/PhabricatorApplicationPeople.php b/src/applications/people/application/PhabricatorApplicationPeople.php
	index 30b8a6aed9..f371068123 100644
	--- a/src/applications/people/application/PhabricatorApplicationPeople.php
	+++ b/src/applications/people/application/PhabricatorApplicationPeople.php
	@@ -1,76 +1,82 @@
	<?php

	/*
	* Copyright 2012 Facebook, Inc.
	*
	* Licensed under the Apache License, Version 2.0 (the "License");
	* you may not use this file except in compliance with the License.
	* You may obtain a copy of the License at
	*
	* http://www.apache.org/licenses/LICENSE-2.0
	*
	* Unless required by applicable law or agreed to in writing, software
	* distributed under the License is distributed on an "AS IS" BASIS,
	* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
	* See the License for the specific language governing permissions and
	* limitations under the License.
	*/

	final class PhabricatorApplicationPeople extends PhabricatorApplication {

	public function getShortDescription() {
	return 'User Accounts';
	}

	public function getBaseURI() {
	return '/people/';
	}

	+ public function getTitleGlyph() {
	+ return "\xE2\x99\x9F";
	+ }
	+
	public function getIconURI() {
	return celerity_get_resource_uri('/rsrc/image/app/app_people.png');
	}

	public function getRoutes() {
	return array(
	'/people/' => array(
	'' => 'PhabricatorPeopleListController',
	'logs/' => 'PhabricatorPeopleLogsController',
	'edit/(?:(?P<id>\d+)/(?:(?P<view>\w+)/)?)?'
	=> 'PhabricatorPeopleEditController',
	'ldap/' => 'PhabricatorPeopleLdapController',
	),
	'/p/(?P<username>[\w._-]+)/(?:(?P<page>\w+)/)?'
	=> 'PhabricatorPeopleProfileController',
	+ '/emailverify/(?P<code>[^/]+)/' =>
	+ 'PhabricatorEmailVerificationController',
	);
	}

	public function buildMainMenuItems(
	PhabricatorUser $user,
	PhabricatorController $controller = null) {

	$items = array();

	if (($controller instanceof PhabricatorPeopleProfileController) &&
	($controller->getProfileUser()) &&
	($controller->getProfileUser()->getPHID() == $user->getPHID())) {
	$class = 'main-menu-item-icon-profile-selected';
	} else {
	$class = 'main-menu-item-icon-profile-not-selected';
	}

	if ($user->isLoggedIn()) {
	$image = $user->loadProfileImageURI();

	$item = new PhabricatorMainMenuIconView();
	$item->setName($user->getUsername());
	$item->addClass('main-menu-item-icon-profile '.$class);
	$item->addStyle('background-image: url('.$image.')');
	$item->setHref('/p/'.$user->getUsername().'/');
	$item->setSortOrder(0.0);
	$items[] = $item;
	}

	return $items;
	}

	}
	diff --git a/src/applications/people/controller/PhabricatorEmailVerificationController.php b/src/applications/people/controller/PhabricatorEmailVerificationController.php
	index 8e243356c4..78c3873d23 100644
	--- a/src/applications/people/controller/PhabricatorEmailVerificationController.php
	+++ b/src/applications/people/controller/PhabricatorEmailVerificationController.php
	@@ -1,97 +1,97 @@
	<?php

	/*
	* Copyright 2012 Facebook, Inc.
	*
	* Licensed under the Apache License, Version 2.0 (the "License");
	* you may not use this file except in compliance with the License.
	* You may obtain a copy of the License at
	*
	* http://www.apache.org/licenses/LICENSE-2.0
	*
	* Unless required by applicable law or agreed to in writing, software
	* distributed under the License is distributed on an "AS IS" BASIS,
	* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
	* See the License for the specific language governing permissions and
	* limitations under the License.
	*/

	final class PhabricatorEmailVerificationController
	extends PhabricatorPeopleController {

	private $code;

	public function willProcessRequest(array $data) {
	$this->code = $data['code'];
	}

	public function shouldRequireEmailVerification() {
	// Since users need to be able to hit this endpoint in order to verify
	// email, we can't ever require email verification here.
	return false;
	}

	public function processRequest() {
	$request = $this->getRequest();
	$user = $request->getUser();

	$email = id(new PhabricatorUserEmail())->loadOneWhere(
	'userPHID = %s AND verificationCode = %s',
	$user->getPHID(),
	$this->code);

	$home_link = phutil_render_tag(
	'a',
	array(
	'href' => '/',
	),
	'Continue to Phabricator');
	$home_link = '<br /><p><strong>'.$home_link.'</strong></p>';

	$settings_link = phutil_render_tag(
	'a',
	array(
	'href' => '/settings/panel/email/',
	),
	'Return to Email Settings');
	$settings_link = '<br /><p><strong>'.$settings_link.'</strong></p>';


	if (!$email) {
	$content = id(new AphrontErrorView())
	->setTitle('Unable To Verify')
	->appendChild(
	'<p>The verification code is incorrect, the email address has '.
	'been removed, or the email address is owned by another user. Make '.
	'sure you followed the link in the email correctly.</p>');
	} else if ($email->getIsVerified()) {
	$content = id(new AphrontErrorView())
	->setSeverity(AphrontErrorView::SEVERITY_NOTICE)
	->setTitle('Address Already Verified')
	->appendChild(
	'<p>This email address has already been verified.</p>'.
	$settings_link);
	} else {

	$guard = AphrontWriteGuard::beginScopedUnguardedWrites();
	$email->setIsVerified(1);
	$email->save();
	unset($guard);

	$content = id(new AphrontErrorView())
	->setSeverity(AphrontErrorView::SEVERITY_NOTICE)
	->setTitle('Address Verified')
	->appendChild(
	'<p>This email address has now been verified. Thanks!</p>'.
	$home_link.
	$settings_link);
	}

	- return $this->buildStandardPageResponse(
	+ return $this->buildApplicationPage(
	$content,
	array(
	'title' => 'Verify Email',
	));
	}

	}
	diff --git a/src/applications/people/controller/PhabricatorPeopleController.php b/src/applications/people/controller/PhabricatorPeopleController.php
	index 40b7b0d90a..6427ea1ed1 100644
	--- a/src/applications/people/controller/PhabricatorPeopleController.php
	+++ b/src/applications/people/controller/PhabricatorPeopleController.php
	@@ -1,55 +1,46 @@
	<?php

	/*
	- * Copyright 2011 Facebook, Inc.
	+ * Copyright 2012 Facebook, Inc.
	*
	* Licensed under the Apache License, Version 2.0 (the "License");
	* you may not use this file except in compliance with the License.
	* You may obtain a copy of the License at
	*
	* http://www.apache.org/licenses/LICENSE-2.0
	*
	* Unless required by applicable law or agreed to in writing, software
	* distributed under the License is distributed on an "AS IS" BASIS,
	* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
	* See the License for the specific language governing permissions and
	* limitations under the License.
	*/

	abstract class PhabricatorPeopleController extends PhabricatorController {

	- public function buildStandardPageResponse($view, array $data) {
	- $page = $this->buildStandardPageView();
	-
	- $page->setApplicationName('People');
	- $page->setBaseURI('/people/');
	- $page->setTitle(idx($data, 'title'));
	-
	- $tabs = array(
	- 'directory' => array(
	- 'name' => 'User Directory',
	- 'href' => '/people/',
	- ),
	- );
	-
	- if ($this->getRequest()->getUser()->getIsAdmin()) {
	- $tabs = array_merge(
	- $tabs,
	- array(
	- 'logs' => array(
	- 'name' => 'Activity Logs',
	- 'href' => '/people/logs/',
	- ),
	- ));
	+ public function buildSideNavView() {
	+ $nav = new AphrontSideNavFilterView();
	+ $nav->setBaseURI(new PhutilURI($this->getApplicationURI()));
	+
	+ $is_admin = $this->getRequest()->getUser()->getIsAdmin();
	+
	+ if ($is_admin) {
	+ $nav->addLabel('Create Users');
	+ $nav->addFilter('edit', 'Create New User');
	+ $nav->addFilter('ldap', 'Import from LDAP');
	+ $nav->addSpacer();
	}

	- $page->setTabs($tabs, idx($data, 'tab'));
	+ $nav->addLabel('Directory');
	+ $nav->addFilter('people', 'User Directory', $this->getApplicationURI());

	- $page->setGlyph("\xE2\x99\x9F");
	- $page->appendChild($view);
	+ if ($is_admin) {
	+ $nav->addSpacer();
	+ $nav->addLabel('Logs');
	+ $nav->addFilter('logs', 'Activity Logs');
	+ }

	- $response = new AphrontWebpageResponse();
	- return $response->setContent($page->render());
	+ return $nav;
	}

	}
	diff --git a/src/applications/people/controller/PhabricatorPeopleEditController.php b/src/applications/people/controller/PhabricatorPeopleEditController.php
	index a1612d990c..f27d3ee6de 100644
	--- a/src/applications/people/controller/PhabricatorPeopleEditController.php
	+++ b/src/applications/people/controller/PhabricatorPeopleEditController.php
	@@ -1,685 +1,692 @@
	<?php

	/*
	* Copyright 2012 Facebook, Inc.
	*
	* Licensed under the Apache License, Version 2.0 (the "License");
	* you may not use this file except in compliance with the License.
	* You may obtain a copy of the License at
	*
	* http://www.apache.org/licenses/LICENSE-2.0
	*
	* Unless required by applicable law or agreed to in writing, software
	* distributed under the License is distributed on an "AS IS" BASIS,
	* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
	* See the License for the specific language governing permissions and
	* limitations under the License.
	*/

	final class PhabricatorPeopleEditController
	extends PhabricatorPeopleController {

	public function shouldRequireAdmin() {
	return true;
	}

	private $id;
	private $view;

	public function willProcessRequest(array $data) {
	$this->id = idx($data, 'id');
	$this->view = idx($data, 'view');
	}

	public function processRequest() {

	$request = $this->getRequest();
	$admin = $request->getUser();

	if ($this->id) {
	$user = id(new PhabricatorUser())->load($this->id);
	if (!$user) {
	return new Aphront404Response();
	}
	$base_uri = '/people/edit/'.$user->getID().'/';
	} else {
	$user = new PhabricatorUser();
	$base_uri = '/people/edit/';
	}

	$nav = new AphrontSideNavFilterView();
	$nav->setBaseURI(new PhutilURI($base_uri));
	+ $nav->addLabel('User Information');
	$nav->addFilter('basic', 'Basic Information');
	$nav->addFilter('role', 'Edit Roles');
	$nav->addFilter('cert', 'Conduit Certificate');
	+ $nav->addFilter('profile', 'View Profile', '/p/'.$user->getUsername().'/');
	$nav->addSpacer();
	+ $nav->addLabel('Special');
	$nav->addFilter('rename', 'Change Username');
	$nav->addFilter('delete', 'Delete User');

	if (!$user->getID()) {
	$this->view = 'basic';
	}
	+
	$view = $nav->selectFilter($this->view, 'basic');

	$content = array();

	if ($request->getStr('saved')) {
	$notice = new AphrontErrorView();
	$notice->setSeverity(AphrontErrorView::SEVERITY_NOTICE);
	$notice->setTitle('Changes Saved');
	$notice->appendChild('<p>Your changes were saved.</p>');
	$content[] = $notice;
	}

	switch ($view) {
	case 'basic':
	$response = $this->processBasicRequest($user);
	break;
	case 'role':
	$response = $this->processRoleRequest($user);
	break;
	case 'cert':
	$response = $this->processCertificateRequest($user);
	break;
	case 'rename':
	$response = $this->processRenameRequest($user);
	break;
	case 'delete':
	$response = $this->processDeleteRequest($user);
	break;
	default:
	return new Aphront404Response();
	}

	if ($response instanceof AphrontResponse) {
	return $response;
	}

	$content[] = $response;

	if ($user->getID()) {
	$nav->appendChild($content);
	- $content = $nav;
	+ } else {
	+ $nav = $this->buildSideNavView();
	+ $nav->selectFilter('edit');
	+ $nav->appendChild($content);
	}

	- return $this->buildStandardPageResponse(
	- $content,
	+ return $this->buildApplicationPage(
	+ $nav,
	array(
	'title' => 'Edit User',
	));
	}

	private function processBasicRequest(PhabricatorUser $user) {
	$request = $this->getRequest();
	$admin = $request->getUser();

	$e_username = true;
	$e_realname = true;
	$e_email = true;
	$errors = array();

	$welcome_checked = true;

	$new_email = null;

	$request = $this->getRequest();
	if ($request->isFormPost()) {
	$welcome_checked = $request->getInt('welcome');

	if (!$user->getID()) {
	$user->setUsername($request->getStr('username'));

	$new_email = $request->getStr('email');
	if (!strlen($new_email)) {
	$errors[] = 'Email is required.';
	$e_email = 'Required';
	} else if (!PhabricatorUserEmail::isAllowedAddress($new_email)) {
	$e_email = 'Invalid';
	$errors[] = PhabricatorUserEmail::describeAllowedAddresses();
	} else {
	$e_email = null;
	}

	if ($request->getStr('role') == 'agent') {
	$user->setIsSystemAgent(true);
	}
	}
	$user->setRealName($request->getStr('realname'));

	if (!strlen($user->getUsername())) {
	$errors[] = "Username is required.";
	$e_username = 'Required';
	} else if (!PhabricatorUser::validateUsername($user->getUsername())) {
	$errors[] = PhabricatorUser::describeValidUsername();
	$e_username = 'Invalid';
	} else {
	$e_username = null;
	}

	if (!strlen($user->getRealName())) {
	$errors[] = 'Real name is required.';
	$e_realname = 'Required';
	} else {
	$e_realname = null;
	}

	if (!$errors) {
	try {
	$is_new = !$user->getID();

	if (!$is_new) {
	id(new PhabricatorUserEditor())
	->setActor($admin)
	->updateUser($user);
	} else {
	$email = id(new PhabricatorUserEmail())
	->setAddress($new_email)
	->setIsVerified(0);

	id(new PhabricatorUserEditor())
	->setActor($admin)
	->createNewUser($user, $email);
	}

	if ($welcome_checked) {
	$user->sendWelcomeEmail($admin);
	}

	$response = id(new AphrontRedirectResponse())
	->setURI('/people/edit/'.$user->getID().'/?saved=true');
	return $response;
	} catch (AphrontQueryDuplicateKeyException $ex) {
	$errors[] = 'Username and email must be unique.';

	$same_username = id(new PhabricatorUser())
	->loadOneWhere('username = %s', $user->getUsername());
	$same_email = id(new PhabricatorUserEmail())
	->loadOneWhere('address = %s', $new_email);

	if ($same_username) {
	$e_username = 'Duplicate';
	}

	if ($same_email) {
	$e_email = 'Duplicate';
	}
	}
	}
	}

	$error_view = null;
	if ($errors) {
	$error_view = id(new AphrontErrorView())
	->setTitle('Form Errors')
	->setErrors($errors);
	}

	$form = new AphrontFormView();
	$form->setUser($admin);
	if ($user->getID()) {
	$form->setAction('/people/edit/'.$user->getID().'/');
	} else {
	$form->setAction('/people/edit/');
	}

	if ($user->getID()) {
	$is_immutable = true;
	} else {
	$is_immutable = false;
	}

	$form
	->appendChild(
	id(new AphrontFormTextControl())
	->setLabel('Username')
	->setName('username')
	->setValue($user->getUsername())
	->setError($e_username)
	->setDisabled($is_immutable))
	->appendChild(
	id(new AphrontFormTextControl())
	->setLabel('Real Name')
	->setName('realname')
	->setValue($user->getRealName())
	->setError($e_realname));

	if (!$user->getID()) {
	$form->appendChild(
	id(new AphrontFormTextControl())
	->setLabel('Email')
	->setName('email')
	->setDisabled($is_immutable)
	->setValue($new_email)
	->setCaption(PhabricatorUserEmail::describeAllowedAddresses())
	->setError($e_email));
	} else {
	$email = $user->loadPrimaryEmail();
	if ($email) {
	$status = $email->getIsVerified() ? 'Verified' : 'Unverified';
	} else {
	$status = 'No Email Address';
	}

	$form->appendChild(
	id(new AphrontFormStaticControl())
	->setLabel('Email')
	->setValue($status));

	$form->appendChild(
	id(new AphrontFormCheckboxControl())
	->addCheckbox(
	'welcome',
	1,
	'Re-send "Welcome to Phabricator" email.',
	false));

	}

	$form->appendChild($this->getRoleInstructions());

	if (!$user->getID()) {
	$form
	->appendChild(
	id(new AphrontFormSelectControl())
	->setLabel('Role')
	->setName('role')
	->setValue('user')
	->setOptions(
	array(
	'user' => 'Normal User',
	'agent' => 'System Agent',
	))
	->setCaption(
	'You can create a "system agent" account for bots, scripts, '.
	'etc.'))
	->appendChild(
	id(new AphrontFormCheckboxControl())
	->addCheckbox(
	'welcome',
	1,
	'Send "Welcome to Phabricator" email.',
	$welcome_checked));
	} else {
	$roles = array();

	if ($user->getIsSystemAgent()) {
	$roles[] = 'System Agent';
	}
	if ($user->getIsAdmin()) {
	$roles[] = 'Admin';
	}
	if ($user->getIsDisabled()) {
	$roles[] = 'Disabled';
	}

	if (!$roles) {
	$roles[] = 'Normal User';
	}

	$roles = implode(', ', $roles);

	$form->appendChild(
	id(new AphrontFormStaticControl())
	->setLabel('Roles')
	->setValue($roles));
	}

	$form
	->appendChild(
	id(new AphrontFormSubmitControl())
	->setValue('Save'));

	$panel = new AphrontPanelView();
	if ($user->getID()) {
	$panel->setHeader('Edit User');
	} else {
	$panel->setHeader('Create New User');
	}

	$panel->appendChild($form);
	$panel->setWidth(AphrontPanelView::WIDTH_FORM);

	return array($error_view, $panel);
	}

	private function processRoleRequest(PhabricatorUser $user) {
	$request = $this->getRequest();
	$admin = $request->getUser();

	$is_self = ($user->getID() == $admin->getID());

	$errors = array();

	if ($request->isFormPost()) {

	$log_template = PhabricatorUserLog::newLog(
	$admin,
	$user,
	null);

	$logs = array();

	if ($is_self) {
	$errors[] = "You can not edit your own role.";
	} else {
	$new_admin = (bool)$request->getBool('is_admin');
	$old_admin = (bool)$user->getIsAdmin();
	if ($new_admin != $old_admin) {
	id(new PhabricatorUserEditor())
	->setActor($admin)
	->makeAdminUser($user, $new_admin);
	}

	$new_disabled = (bool)$request->getBool('is_disabled');
	$old_disabled = (bool)$user->getIsDisabled();
	if ($new_disabled != $old_disabled) {
	id(new PhabricatorUserEditor())
	->setActor($admin)
	->disableUser($user, $new_disabled);
	}
	}

	if (!$errors) {
	return id(new AphrontRedirectResponse())
	->setURI($request->getRequestURI()->alter('saved', 'true'));
	}
	}

	$error_view = null;
	if ($errors) {
	$error_view = id(new AphrontErrorView())
	->setTitle('Form Errors')
	->setErrors($errors);
	}


	$form = id(new AphrontFormView())
	->setUser($admin)
	->setAction($request->getRequestURI()->alter('saved', null));

	if ($is_self) {
	$form->appendChild(
	'<p class="aphront-form-instructions">NOTE: You can not edit your own '.
	'role.</p>');
	}

	$form
	->appendChild($this->getRoleInstructions())
	->appendChild(
	id(new AphrontFormCheckboxControl())
	->addCheckbox(
	'is_admin',
	1,
	'Administrator',
	$user->getIsAdmin())
	->setDisabled($is_self))
	->appendChild(
	id(new AphrontFormCheckboxControl())
	->addCheckbox(
	'is_disabled',
	1,
	'Disabled',
	$user->getIsDisabled())
	->setDisabled($is_self))
	->appendChild(
	id(new AphrontFormCheckboxControl())
	->addCheckbox(
	'is_agent',
	1,
	'System Agent (Bot/Script User)',
	$user->getIsSystemAgent())
	->setDisabled(true));

	if (!$is_self) {
	$form
	->appendChild(
	id(new AphrontFormSubmitControl())
	->setValue('Edit Role'));
	}

	$panel = new AphrontPanelView();
	$panel->setHeader('Edit Role');
	$panel->setWidth(AphrontPanelView::WIDTH_FORM);
	$panel->appendChild($form);

	return array($error_view, $panel);
	}

	private function processCertificateRequest($user) {
	$request = $this->getRequest();
	$admin = $request->getUser();

	$form = new AphrontFormView();
	$form
	->setUser($admin)
	->setAction($request->getRequestURI())
	->appendChild(
	'<p class="aphront-form-instructions">You can use this certificate '.
	'to write scripts or bots which interface with Phabricator over '.
	'Conduit.</p>');

	if ($user->getIsSystemAgent()) {
	$form
	->appendChild(
	id(new AphrontFormTextControl())
	->setLabel('Username')
	->setValue($user->getUsername()))
	->appendChild(
	id(new AphrontFormTextAreaControl())
	->setLabel('Certificate')
	->setValue($user->getConduitCertificate()));
	} else {
	$form->appendChild(
	id(new AphrontFormStaticControl())
	->setLabel('Certificate')
	->setValue(
	'You may only view the certificates of System Agents.'));
	}

	$panel = new AphrontPanelView();
	$panel->setHeader('Conduit Certificate');
	$panel->setWidth(AphrontPanelView::WIDTH_FORM);

	$panel->appendChild($form);

	return array($panel);
	}

	private function processRenameRequest(PhabricatorUser $user) {
	$request = $this->getRequest();
	$admin = $request->getUser();

	$e_username = true;
	$username = $user->getUsername();

	$errors = array();
	if ($request->isFormPost()) {

	$username = $request->getStr('username');
	if (!strlen($username)) {
	$e_username = 'Required';
	$errors[] = 'New username is required.';
	} else if ($username == $user->getUsername()) {
	$e_username = 'Invalid';
	$errors[] = 'New username must be different from old username.';
	} else if (!PhabricatorUser::validateUsername($username)) {
	$e_username = 'Invalid';
	$errors[] = PhabricatorUser::describeValidUsername();
	}

	if (!$errors) {
	try {

	id(new PhabricatorUserEditor())
	->setActor($admin)
	->changeUsername($user, $username);

	return id(new AphrontRedirectResponse())
	->setURI($request->getRequestURI()->alter('saved', true));
	} catch (AphrontQueryDuplicateKeyException $ex) {
	$e_username = 'Not Unique';
	$errors[] = 'Another user already has that username.';
	}
	}
	}

	if ($errors) {
	$errors = id(new AphrontErrorView())
	->setTitle('Form Errors')
	->setErrors($errors);
	} else {
	$errors = null;
	}

	$form = new AphrontFormView();
	$form
	->setUser($admin)
	->setAction($request->getRequestURI())
	->appendChild(
	'<p class="aphront-form-instructions">'.
	'<strong>Be careful when renaming users!</strong> '.
	'The old username will no longer be tied to the user, so anything '.
	'which uses it (like old commit messages) will no longer associate '.
	'correctly. And if you give a user a username which some other user '.
	'used to have, username lookups will begin returning the wrong '.
	'user.'.
	'</p>'.
	'<p class="aphront-form-instructions">'.
	'It is generally safe to rename newly created users (and test users '.
	'and so on), but less safe to rename established users and unsafe '.
	'to reissue a username.'.
	'</p>'.
	'<p class="aphront-form-instructions">'.
	'Users who rely on password auth will need to reset their password '.
	'after their username is changed (their username is part of the '.
	'salt in the password hash). They will receive an email with '.
	'instructions on how to do this.'.
	'</p>')
	->appendChild(
	id(new AphrontFormStaticControl())
	->setLabel('Old Username')
	->setValue($user->getUsername()))
	->appendChild(
	id(new AphrontFormTextControl())
	->setLabel('New Username')
	->setValue($username)
	->setName('username')
	->setError($e_username))
	->appendChild(
	id(new AphrontFormSubmitControl())
	->setValue('Change Username'));

	$panel = new AphrontPanelView();
	$panel->setHeader('Change Username');
	$panel->setWidth(AphrontPanelView::WIDTH_FORM);
	$panel->appendChild($form);

	return array($errors, $panel);
	}

	private function processDeleteRequest(PhabricatorUser $user) {
	$request = $this->getRequest();
	$admin = $request->getUser();

	if ($user->getPHID() == $admin->getPHID()) {
	$error = new AphrontErrorView();
	$error->setTitle('You Shall Journey No Farther');
	$error->appendChild(
	'<p>As you stare into the gaping maw of the abyss, something holds '.
	'you back.</p>'.
	'<p>You can not delete your own account.</p>');
	return $error;
	}

	$e_username = true;
	$username = null;

	$errors = array();
	if ($request->isFormPost()) {

	$username = $request->getStr('username');
	if (!strlen($username)) {
	$e_username = 'Required';
	$errors[] = 'You must type the username to confirm deletion.';
	} else if ($username != $user->getUsername()) {
	$e_username = 'Invalid';
	$errors[] = 'You must type the username correctly.';
	}

	if (!$errors) {
	id(new PhabricatorUserEditor())
	->setActor($admin)
	->deleteUser($user);

	return id(new AphrontRedirectResponse())->setURI('/people/');
	}
	}

	if ($errors) {
	$errors = id(new AphrontErrorView())
	->setTitle('Form Errors')
	->setErrors($errors);
	} else {
	$errors = null;
	}

	$form = new AphrontFormView();
	$form
	->setUser($admin)
	->setAction($request->getRequestURI())
	->appendChild(
	'<p class="aphront-form-instructions">'.
	'<strong>Be careful when deleting users!</strong> '.
	'If this user interacted with anything, it is generally better '.
	'to disable them, not delete them. If you delete them, it will '.
	'no longer be possible to search for their objects, for example, '.
	'and you will lose other information about their history. Disabling '.
	'them instead will prevent them from logging in but not destroy '.
	'any of their data.'.
	'</p>'.
	'<p class="aphront-form-instructions">'.
	'It is generally safe to delete newly created users (and test users '.
	'and so on), but less safe to delete established users. If '.
	'possible, disable them instead.'.
	'</p>')
	->appendChild(
	id(new AphrontFormStaticControl())
	->setLabel('Username')
	->setValue($user->getUsername()))
	->appendChild(
	id(new AphrontFormTextControl())
	->setLabel('Confirm')
	->setValue($username)
	->setName('username')
	->setCaption("Type the username again to confirm deletion.")
	->setError($e_username))
	->appendChild(
	id(new AphrontFormSubmitControl())
	->setValue('Delete User'));

	$panel = new AphrontPanelView();
	$panel->setHeader('Delete User');
	$panel->setWidth(AphrontPanelView::WIDTH_FORM);
	$panel->appendChild($form);

	return array($errors, $panel);
	}

	private function getRoleInstructions() {
	$roles_link = phutil_render_tag(
	'a',
	array(
	'href' => PhabricatorEnv::getDoclink(
	'article/User_Guide_Account_Roles.html'),
	'target' => '_blank',
	),
	'User Guide: Account Roles');

	return
	'<p class="aphront-form-instructions">'.
	'For a detailed explanation of account roles, see '.
	$roles_link.'.'.
	'</p>';
	}

	}
	diff --git a/src/applications/people/controller/PhabricatorPeopleLdapController.php b/src/applications/people/controller/PhabricatorPeopleLdapController.php
	index 57d47ae29b..817c981fcf 100644
	--- a/src/applications/people/controller/PhabricatorPeopleLdapController.php
	+++ b/src/applications/people/controller/PhabricatorPeopleLdapController.php
	@@ -1,198 +1,202 @@
	<?php

	/*
	* Copyright 2012 Facebook, Inc.
	*
	* Licensed under the Apache License, Version 2.0 (the "License");
	* you may not use this file except in compliance with the License.
	* You may obtain a copy of the License at
	*
	* http://www.apache.org/licenses/LICENSE-2.0
	*
	* Unless required by applicable law or agreed to in writing, software
	* distributed under the License is distributed on an "AS IS" BASIS,
	* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
	* See the License for the specific language governing permissions and
	* limitations under the License.
	*/

	final class PhabricatorPeopleLdapController
	extends PhabricatorPeopleController {

	public function shouldRequireAdmin() {
	return true;
	}

	private $view;

	public function processRequest() {

	$request = $this->getRequest();
	$admin = $request->getUser();

	$content = array();

	$form = id(new AphrontFormView())
	->setAction($request->getRequestURI()
	->alter('search', 'true')->alter('import', null))
	->setUser($admin)
	->appendChild(
	id(new AphrontFormTextControl())
	->setLabel('LDAP username')
	->setName('username'))
	->appendChild(
	id(new AphrontFormPasswordControl())
	->setLabel('Password')
	->setName('password'))
	->appendChild(
	id(new AphrontFormTextControl())
	->setLabel('LDAP query')
	->setCaption('A filter such as (objectClass=*)')
	->setName('query'))
	->appendChild(
	id(new AphrontFormSubmitControl())
	->setValue('Search'));

	$panel = new AphrontPanelView();
	$panel->setHeader('Import LDAP Users');
	$panel->appendChild($form);


	if ($request->getStr('import')) {
	$content[] = $this->processImportRequest($request);
	}

	$content[] = $panel;

	if ($request->getStr('search')) {
	$content[] = $this->processSearchRequest($request);
	}

	- return $this->buildStandardPageResponse(
	- $content,
	+ $nav = $this->buildSideNavView();
	+ $nav->selectFilter('ldap');
	+ $nav->appendChild($content);
	+
	+ return $this->buildApplicationPage(
	+ $nav,
	array(
	'title' => 'Import Ldap Users',
	));
	}

	private function processImportRequest($request) {
	$admin = $request->getUser();
	$usernames = $request->getArr('usernames');
	$emails = $request->getArr('email');
	$names = $request->getArr('name');

	$panel = new AphrontErrorView();
	$panel->setSeverity(AphrontErrorView::SEVERITY_NOTICE);
	$panel->setTitle("Import Successful");
	$errors = array("Successfully imported users from LDAP");


	foreach ($usernames as $username) {
	$user = new PhabricatorUser();
	$user->setUsername($username);
	$user->setRealname($names[$username]);

	$email_obj = id(new PhabricatorUserEmail())
	->setAddress($emails[$username])
	->setIsVerified(1);
	try {
	id(new PhabricatorUserEditor())
	->setActor($admin)
	->createNewUser($user, $email_obj);

	$ldap_info = new PhabricatorUserLDAPInfo();
	$ldap_info->setLDAPUsername($username);
	$ldap_info->setUserID($user->getID());
	$ldap_info->save();
	$errors[] = 'Successfully added ' . $username;
	} catch (Exception $ex) {
	$errors[] = 'Failed to add ' . $username . ' ' . $ex->getMessage();
	}
	}

	$panel->setErrors($errors);
	return $panel;

	}

	private function processSearchRequest($request) {
	$panel = new AphrontPanelView();

	$admin = $request->getUser();

	$username = $request->getStr('username');
	$password = $request->getStr('password');
	$search = $request->getStr('query');

	try {
	$ldap_provider = new PhabricatorLDAPProvider();
	$envelope = new PhutilOpaqueEnvelope($password);
	$ldap_provider->auth($username, $envelope);
	$results = $ldap_provider->search($search);
	foreach ($results as $key => $result) {
	$results[$key][] = $this->renderUserInputs($result);
	}

	$form = id(new AphrontFormView())
	->setUser($admin);

	$table = new AphrontTableView($results);
	$table->setHeaders(
	array(
	'Username',
	'Email',
	'RealName',
	'Import?',
	));
	$form->appendChild($table);
	$form->setAction($request->getRequestURI()
	->alter('import', 'true')->alter('search', null))
	->appendChild(
	id(new AphrontFormSubmitControl())
	->setValue('Import'));


	$panel->appendChild($form);
	} catch (Exception $ex) {
	$error_view = new AphrontErrorView();
	$error_view->setTitle('LDAP Search Failed');
	$error_view->setErrors(array($ex->getMessage()));
	return $error_view;
	}
	return $panel;

	}

	private function renderUserInputs($user) {
	$username = $user[0];
	$inputs = phutil_render_tag(
	'input',
	array(
	'type' => 'checkbox',
	'name' => 'usernames[]',
	'value' =>$username,
	),
	'');

	$inputs .= phutil_render_tag(
	'input',
	array(
	'type' => 'hidden',
	'name' => "email[$username]",
	'value' =>$user[1],
	),
	'');

	$inputs .= phutil_render_tag(
	'input',
	array(
	'type' => 'hidden',
	'name' => "name[$username]",
	'value' =>$user[2],
	),
	'');

	return $inputs;
	}

	}
	diff --git a/src/applications/people/controller/PhabricatorPeopleListController.php b/src/applications/people/controller/PhabricatorPeopleListController.php
	index b58fd6f6ed..82a0be1268 100644
	--- a/src/applications/people/controller/PhabricatorPeopleListController.php
	+++ b/src/applications/people/controller/PhabricatorPeopleListController.php
	@@ -1,150 +1,155 @@
	<?php

	/*
	* Copyright 2012 Facebook, Inc.
	*
	* Licensed under the Apache License, Version 2.0 (the "License");
	* you may not use this file except in compliance with the License.
	* You may obtain a copy of the License at
	*
	* http://www.apache.org/licenses/LICENSE-2.0
	*
	* Unless required by applicable law or agreed to in writing, software
	* distributed under the License is distributed on an "AS IS" BASIS,
	* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
	* See the License for the specific language governing permissions and
	* limitations under the License.
	*/

	final class PhabricatorPeopleListController
	extends PhabricatorPeopleController {

	public function processRequest() {
	$request = $this->getRequest();
	$viewer = $request->getUser();
	$is_admin = $viewer->getIsAdmin();

	$user = new PhabricatorUser();

	$count = queryfx_one(
	$user->establishConnection('r'),
	'SELECT COUNT(*) N FROM %T',
	$user->getTableName());
	$count = idx($count, 'N', 0);

	$pager = new AphrontPagerView();
	$pager->setOffset($request->getInt('page', 0));
	$pager->setCount($count);
	$pager->setURI($request->getRequestURI(), 'page');

	$users = id(new PhabricatorPeopleQuery())
	->needPrimaryEmail(true)
	->executeWithOffsetPager($pager);

	$rows = array();
	foreach ($users as $user) {
	$primary_email = $user->loadPrimaryEmail();
	if ($primary_email && $primary_email->getIsVerified()) {
	$email = 'Verified';
	} else {
	$email = 'Unverified';
	}

	$status = array();
	if ($user->getIsDisabled()) {
	$status[] = 'Disabled';
	}
	if ($user->getIsAdmin()) {
	$status[] = 'Admin';
	}
	if ($user->getIsSystemAgent()) {
	$status[] = 'System Agent';
	}
	$status = implode(', ', $status);

	$rows[] = array(
	phabricator_date($user->getDateCreated(), $viewer),
	phabricator_time($user->getDateCreated(), $viewer),
	phutil_render_tag(
	'a',
	array(
	'href' => '/p/'.$user->getUsername().'/',
	),
	phutil_escape_html($user->getUserName())),
	phutil_escape_html($user->getRealName()),
	$status,
	$email,
	phutil_render_tag(
	'a',
	array(
	'class' => 'button grey small',
	'href' => '/people/edit/'.$user->getID().'/',
	),
	'Administrate User'),
	);
	}

	$table = new AphrontTableView($rows);
	$table->setHeaders(
	array(
	'Join Date',
	'Time',
	'Username',
	'Real Name',
	'Roles',
	'Email',
	'',
	));
	$table->setColumnClasses(
	array(
	null,
	'right',
	'pri',
	'wide',
	null,
	null,
	'action',
	));
	$table->setColumnVisibility(
	array(
	true,
	true,
	true,
	true,
	$is_admin,
	$is_admin,
	$is_admin,
	));

	$panel = new AphrontPanelView();
	$panel->setHeader('People ('.number_format($count).')');
	$panel->appendChild($table);
	$panel->appendChild($pager);

	if ($is_admin) {
	$panel->addButton(
	phutil_render_tag(
	'a',
	array(
	'href' => '/people/edit/',
	'class' => 'button green',
	),
	'Create New Account'));
	if (PhabricatorEnv::getEnvConfig('ldap.auth-enabled')) {
	$panel->addButton(
	phutil_render_tag(
	'a',
	array(
	'href' => '/people/ldap/',
	'class' => 'button green'
	),
	- 'Import from Ldap'));
	+ 'Import from LDAP'));
	}
	}

	- return $this->buildStandardPageResponse($panel, array(
	- 'title' => 'People',
	- 'tab' => 'directory',
	+ $nav = $this->buildSideNavView();
	+ $nav->selectFilter('people');
	+ $nav->appendChild($panel);
	+
	+ return $this->buildApplicationPage(
	+ $nav,
	+ array(
	+ 'title' => 'People',
	));
	}
	}
	diff --git a/src/applications/people/controller/PhabricatorPeopleLogsController.php b/src/applications/people/controller/PhabricatorPeopleLogsController.php
	index 178b32fb04..64430ad1fc 100644
	--- a/src/applications/people/controller/PhabricatorPeopleLogsController.php
	+++ b/src/applications/people/controller/PhabricatorPeopleLogsController.php
	@@ -1,245 +1,250 @@
	<?php

	/*
	* Copyright 2012 Facebook, Inc.
	*
	* Licensed under the Apache License, Version 2.0 (the "License");
	* you may not use this file except in compliance with the License.
	* You may obtain a copy of the License at
	*
	* http://www.apache.org/licenses/LICENSE-2.0
	*
	* Unless required by applicable law or agreed to in writing, software
	* distributed under the License is distributed on an "AS IS" BASIS,
	* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
	* See the License for the specific language governing permissions and
	* limitations under the License.
	*/

	final class PhabricatorPeopleLogsController
	extends PhabricatorPeopleController {

	public function shouldRequireAdmin() {
	return true;
	}

	public function processRequest() {
	$request = $this->getRequest();
	$user = $request->getUser();

	$filter_activity = $request->getStr('activity');
	$filter_ip = $request->getStr('ip');
	$filter_session = $request->getStr('session');

	$filter_user = $request->getArr('user', array());
	$filter_actor = $request->getArr('actor', array());

	$user_value = array();
	$actor_value = array();

	$phids = array_merge($filter_user, $filter_actor);
	if ($phids) {
	$handles = id(new PhabricatorObjectHandleData($phids))->loadHandles();
	if ($filter_user) {
	$filter_user = reset($filter_user);
	$user_value = array(
	$filter_user => $handles[$filter_user]->getFullName(),
	);
	}

	if ($filter_actor) {
	$filter_actor = reset($filter_actor);
	$actor_value = array(
	$filter_actor => $handles[$filter_actor]->getFullName(),
	);
	}
	}

	$form = new AphrontFormView();
	$form
	->setUser($user)
	->appendChild(
	id(new AphrontFormTokenizerControl())
	->setLabel('Filter Actor')
	->setName('actor')
	->setLimit(1)
	->setValue($actor_value)
	->setDatasource('/typeahead/common/accounts/'))
	->appendChild(
	id(new AphrontFormTokenizerControl())
	->setLabel('Filter User')
	->setName('user')
	->setLimit(1)
	->setValue($user_value)
	->setDatasource('/typeahead/common/accounts/'))
	->appendChild(
	id(new AphrontFormSelectControl())
	->setLabel('Show Activity')
	->setName('activity')
	->setValue($filter_activity)
	->setOptions(
	array(
	'' => 'All Activity',
	'admin' => 'Admin Activity',
	)))
	->appendChild(
	id(new AphrontFormTextControl())
	->setLabel('Filter IP')
	->setName('ip')
	->setValue($filter_ip)
	->setCaption(
	'Enter an IP (or IP prefix) to show only activity by that remote '.
	'address.'))
	->appendChild(
	id(new AphrontFormTextControl())
	->setLabel('Filter Session')
	->setName('session')
	->setValue($filter_session))
	->appendChild(
	id(new AphrontFormSubmitControl())
	->setValue('Filter Logs'));

	$log_table = new PhabricatorUserLog();
	$conn_r = $log_table->establishConnection('r');

	$where_clause = array();
	$where_clause[] = '1 = 1';

	if ($filter_user) {
	$where_clause[] = qsprintf(
	$conn_r,
	'userPHID = %s',
	$filter_user);
	}

	if ($filter_actor) {
	$where_clause[] = qsprintf(
	$conn_r,
	'actorPHID = %s',
	$filter_actor);
	}

	if ($filter_activity == 'admin') {
	$where_clause[] = qsprintf(
	$conn_r,
	'action NOT IN (%Ls)',
	array(
	PhabricatorUserLog::ACTION_LOGIN,
	PhabricatorUserLog::ACTION_LOGOUT,
	PhabricatorUserLog::ACTION_LOGIN_FAILURE,
	));
	}

	if ($filter_ip) {
	$where_clause[] = qsprintf(
	$conn_r,
	'remoteAddr LIKE %>',
	$filter_ip);
	}

	if ($filter_session) {
	$where_clause[] = qsprintf(
	$conn_r,
	'session = %s',
	$filter_session);
	}

	$where_clause = '('.implode(') AND (', $where_clause).')';

	$pager = new AphrontPagerView();
	$pager->setURI($request->getRequestURI(), 'page');
	$pager->setOffset($request->getInt('page'));
	$pager->setPageSize(500);

	$logs = $log_table->loadAllWhere(
	'(%Q) ORDER BY dateCreated DESC LIMIT %d, %d',
	$where_clause,
	$pager->getOffset(),
	$pager->getPageSize() + 1);

	$logs = $pager->sliceResults($logs);

	$phids = array();
	foreach ($logs as $log) {
	$phids[$log->getActorPHID()] = true;
	$phids[$log->getUserPHID()] = true;
	}
	$phids = array_keys($phids);
	$handles = id(new PhabricatorObjectHandleData($phids))->loadHandles();

	$rows = array();
	foreach ($logs as $log) {
	$rows[] = array(
	phabricator_date($log->getDateCreated(),$user),
	phabricator_time($log->getDateCreated(),$user),
	$log->getAction(),
	$log->getActorPHID()
	? phutil_escape_html($handles[$log->getActorPHID()]->getName())
	: null,
	phutil_escape_html($handles[$log->getUserPHID()]->getName()),
	json_encode($log->getOldValue(), true),
	json_encode($log->getNewValue(), true),
	phutil_render_tag(
	'a',
	array(
	'href' => $request
	->getRequestURI()
	->alter('ip', $log->getRemoteAddr()),
	),
	phutil_escape_html($log->getRemoteAddr())),
	phutil_render_tag(
	'a',
	array(
	'href' => $request
	->getRequestURI()
	->alter('session', $log->getSession()),
	),
	phutil_escape_html($log->getSession())),
	);
	}

	$table = new AphrontTableView($rows);
	$table->setHeaders(
	array(
	'Date',
	'Time',
	'Action',
	'Actor',
	'User',
	'Old',
	'New',
	'IP',
	'Session',
	));
	$table->setColumnClasses(
	array(
	'',
	'right',
	'',
	'',
	'',
	'wrap',
	'wrap',
	'',
	'wide',
	));

	$panel = new AphrontPanelView();
	$panel->setHeader('Activity Logs');
	$panel->appendChild($table);
	$panel->appendChild($pager);

	$filter = new AphrontListFilterView();
	$filter->appendChild($form);

	- return $this->buildStandardPageResponse(
	+ $nav = $this->buildSideNavView();
	+ $nav->selectFilter('logs');
	+ $nav->appendChild(
	array(
	$filter,
	$panel,
	- ),
	+ ));
	+
	+
	+ return $this->buildApplicationPage(
	+ $nav,
	array(
	'title' => 'Activity Logs',
	- 'tab' => 'logs',
	));
	}
	}
	diff --git a/src/applications/people/controller/PhabricatorPeopleProfileController.php b/src/applications/people/controller/PhabricatorPeopleProfileController.php
	index 8f4a727fd2..05c73ba469 100644
	--- a/src/applications/people/controller/PhabricatorPeopleProfileController.php
	+++ b/src/applications/people/controller/PhabricatorPeopleProfileController.php
	@@ -1,237 +1,237 @@
	<?php

	/*
	* Copyright 2012 Facebook, Inc.
	*
	* Licensed under the Apache License, Version 2.0 (the "License");
	* you may not use this file except in compliance with the License.
	* You may obtain a copy of the License at
	*
	* http://www.apache.org/licenses/LICENSE-2.0
	*
	* Unless required by applicable law or agreed to in writing, software
	* distributed under the License is distributed on an "AS IS" BASIS,
	* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
	* See the License for the specific language governing permissions and
	* limitations under the License.
	*/

	final class PhabricatorPeopleProfileController
	extends PhabricatorPeopleController {

	private $username;
	private $page;
	private $profileUser;

	public function willProcessRequest(array $data) {
	$this->username = idx($data, 'username');
	$this->page = idx($data, 'page');
	}

	public function getProfileUser() {
	return $this->profileUser;
	}

	public function processRequest() {

	$viewer = $this->getRequest()->getUser();

	$user = id(new PhabricatorUser())->loadOneWhere(
	'userName = %s',
	$this->username);
	if (!$user) {
	return new Aphront404Response();
	}

	$this->profileUser = $user;

	require_celerity_resource('phabricator-profile-css');

	$profile = id(new PhabricatorUserProfile())->loadOneWhere(
	'userPHID = %s',
	$user->getPHID());
	if (!$profile) {
	$profile = new PhabricatorUserProfile();
	}
	$username = phutil_escape_uri($user->getUserName());

	$nav = new AphrontSideNavFilterView();
	$nav->setBaseURI(new PhutilURI('/p/'.$username.'/'));
	$nav->addFilter('feed', 'Feed');
	$nav->addFilter('about', 'About');

	$nav->addSpacer();
	$nav->addLabel('Activity');

	$external_arrow = "\xE2\x86\x97";
	$nav->addFilter(
	null,
	"Revisions {$external_arrow}",
	'/differential/filter/revisions/'.$username.'/');

	$nav->addFilter(
	null,
	"Tasks {$external_arrow}",
	'/maniphest/view/action/?users='.$user->getPHID());

	$nav->addFilter(
	null,
	"Commits {$external_arrow}",
	'/audit/view/author/'.$username.'/');

	$oauths = id(new PhabricatorUserOAuthInfo())->loadAllWhere(
	'userID = %d',
	$user->getID());
	$oauths = mpull($oauths, null, 'getOAuthProvider');

	$providers = PhabricatorOAuthProvider::getAllProviders();
	$added_spacer = false;
	foreach ($providers as $provider) {
	if (!$provider->isProviderEnabled()) {
	continue;
	}

	$provider_key = $provider->getProviderKey();

	if (!isset($oauths[$provider_key])) {
	continue;
	}

	$name = $provider->getProviderName().' Profile';
	$href = $oauths[$provider_key]->getAccountURI();

	if ($href) {
	if (!$added_spacer) {
	$nav->addSpacer();
	$nav->addLabel('Linked Accounts');
	$added_spacer = true;
	}
	$nav->addFilter(null, $name.' '.$external_arrow, $href);
	}
	}

	$this->page = $nav->selectFilter($this->page, 'feed');

	switch ($this->page) {
	case 'feed':
	$content = $this->renderUserFeed($user);
	break;
	case 'about':
	$content = $this->renderBasicInformation($user, $profile);
	break;
	default:
	throw new Exception("Unknown page '{$this->page}'!");
	}

	$picture = $user->loadProfileImageURI();

	$header = new PhabricatorProfileHeaderView();
	$header
	->setProfilePicture($picture)
	->setName($user->getUserName().' ('.$user->getRealName().')')
	->setDescription($profile->getTitle());

	if ($user->getIsDisabled()) {
	$header->setStatus('Disabled');
	} else {
	$statuses = id(new PhabricatorUserStatus())->loadCurrentStatuses(
	array($user->getPHID()));
	if ($statuses) {
	$header->setStatus(reset($statuses)->getStatusDescription($viewer));
	}
	}

	$header->appendChild($nav);
	$nav->appendChild(
	'<div style="padding: 1em;">'.$content.'</div>');

	if ($user->getPHID() == $viewer->getPHID()) {
	$nav->addSpacer();
	$nav->addFilter(null, 'Edit Profile...', '/settings/panel/profile/');
	}

	if ($viewer->getIsAdmin()) {
	$nav->addSpacer();
	$nav->addFilter(
	null,
	'Administrate User...',
	'/people/edit/'.$user->getID().'/');
	}

	- return $this->buildStandardPageResponse(
	+ return $this->buildApplicationPage(
	$header,
	array(
	'title' => $user->getUsername(),
	));
	}

	private function renderBasicInformation($user, $profile) {

	$blurb = nonempty(
	$profile->getBlurb(),
	'//Nothing is known about this rare specimen.//');

	$engine = PhabricatorMarkupEngine::newProfileMarkupEngine();
	$blurb = $engine->markupText($blurb);

	$viewer = $this->getRequest()->getUser();

	$content =
	'<div class="phabricator-profile-info-group">
	<h1 class="phabricator-profile-info-header">Basic Information</h1>
	<div class="phabricator-profile-info-pane">
	<table class="phabricator-profile-info-table">
	<tr>
	<th>PHID</th>
	<td>'.phutil_escape_html($user->getPHID()).'</td>
	</tr>
	<tr>
	<th>User Since</th>
	<td>'.phabricator_datetime($user->getDateCreated(),
	$viewer).
	'</td>
	</tr>
	</table>
	</div>
	</div>';
	$content .=
	'<div class="phabricator-profile-info-group">
	<h1 class="phabricator-profile-info-header">Flavor Text</h1>
	<div class="phabricator-profile-info-pane">
	<table class="phabricator-profile-info-table">
	<tr>
	<th>Blurb</th>
	<td>'.$blurb.'</td>
	</tr>
	</table>
	</div>
	</div>';

	return $content;
	}

	private function renderUserFeed(PhabricatorUser $user) {
	$viewer = $this->getRequest()->getUser();

	$query = new PhabricatorFeedQuery();
	$query->setFilterPHIDs(
	array(
	$user->getPHID(),
	));
	$query->setLimit(100);
	$query->setViewer($viewer);
	$stories = $query->execute();

	$builder = new PhabricatorFeedBuilder($stories);
	$builder->setUser($viewer);
	$view = $builder->buildView();

	return
	'<div class="phabricator-profile-info-group">
	<h1 class="phabricator-profile-info-header">Activity Feed</h1>
	<div class="phabricator-profile-info-pane">
	'.$view->render().'
	</div>
	</div>';
	}
	}

File Metadata

Mime Type: text/x-diff
Expires: Thu, Jul 24, 3:53 AM (1 d, 13 h)
Storage Engine: blob
Storage Format: Raw Data
Storage Handle: 182515
Default Alt Text: (74 KB)

No OneTemporaryActions

View Options

File Metadata

Event Timeline

No OneTemporary
Actions