[Summary view] [Print] [Text view]

   1  <?php
   2  
   3  final class PhabricatorAuthManagementRecoverWorkflow
   4    extends PhabricatorAuthManagementWorkflow {
   5  
   6    protected function didConstruct() {
   7      $this
   8        ->setName('recover')
   9        ->setExamples('**recover** __username__')
  10        ->setSynopsis(
  11          'Recover access to an administrative account if you have locked '.
  12          'yourself out of Phabricator.')
  13        ->setArguments(
  14          array(
  15            'username' => array(
  16              'name' => 'username',
  17              'wildcard' => true,
  18            ),
  19          ));
  20    }
  21  
  22    public function execute(PhutilArgumentParser $args) {
  23  
  24      $can_recover = id(new PhabricatorPeopleQuery())
  25        ->setViewer($this->getViewer())
  26        ->withIsAdmin(true)
  27        ->execute();
  28      if (!$can_recover) {
  29        throw new PhutilArgumentUsageException(
  30          pht(
  31            'This Phabricator installation has no recoverable administrator '.
  32            'accounts. You can use `bin/accountadmin` to create a new '.
  33            'administrator account or make an existing user an administrator.'));
  34      }
  35      $can_recover = mpull($can_recover, 'getUsername');
  36      sort($can_recover);
  37      $can_recover = implode(', ', $can_recover);
  38  
  39      $usernames = $args->getArg('username');
  40      if (!$usernames) {
  41        throw new PhutilArgumentUsageException(
  42          pht('You must specify the username of the account to recover.'));
  43      } else if (count($usernames) > 1) {
  44        throw new PhutilArgumentUsageException(
  45          pht('You can only recover the username for one account.'));
  46      }
  47  
  48      $username = head($usernames);
  49  
  50      $user = id(new PhabricatorPeopleQuery())
  51        ->setViewer($this->getViewer())
  52        ->withUsernames(array($username))
  53        ->executeOne();
  54  
  55      if (!$user) {
  56        throw new PhutilArgumentUsageException(
  57          pht(
  58            'No such user "%s". Recoverable administrator accounts are: %s.',
  59            $username,
  60            $can_recover));
  61      }
  62  
  63      if (!$user->getIsAdmin()) {
  64        throw new PhutilArgumentUsageException(
  65          pht(
  66            'You can only recover administrator accounts, but %s is not an '.
  67            'administrator. Recoverable administrator accounts are: %s.',
  68            $username,
  69            $can_recover));
  70      }
  71  
  72      $engine = new PhabricatorAuthSessionEngine();
  73      $onetime_uri = $engine->getOneTimeLoginURI(
  74        $user,
  75        null,
  76        PhabricatorAuthSessionEngine::ONETIME_RECOVER);
  77  
  78      $console = PhutilConsole::getConsole();
  79      $console->writeOut(
  80        pht(
  81          'Use this link to recover access to the "%s" account from the web '.
  82          'interface:',
  83          $username));
  84      $console->writeOut("\n\n");
  85      $console->writeOut('    %s', $onetime_uri);
  86      $console->writeOut("\n\n");
  87      $console->writeOut(
  88        pht(
  89          'After logging in, you can use the "Auth" application to add or '.
  90          'restore authentication providers and allow normal logins to '.
  91          'succeed.')."\n");
  92  
  93      return 0;
  94    }
  95  
  96  }