Bug 1838861 - Offer to email manager an account creation invitation

Add manager invite text to email template.
Add API call to send invite.
Expose API call in UI.

Change-Id: I62cc5a723c3353ada16ea343f3190ab18dc51bd4

5 files changed, 127 insertions, 2 deletions

diff --git a/extensions/RedHat/Extension.pm b/extensions/RedHat/Extension.pm
index 03868513f..995023d84 100644
--- a/extensions/RedHat/Extension.pm
+++ b/extensions/RedHat/Extension.pm
@@ -101,6 +101,8 @@ BEGIN {
   *Bugzilla::User::prefs_admin_group     = \&_user_prefs_admin_group;
   *Bugzilla::User::set_prefs_admin_group = \&_user_set_prefs_admin_group;
   ## RED HAT EXTENSION END 1840943
+
+  *Bugzilla::validate_redhat_addr = \&_validate_redhat_addr;
 }
 
 #################
diff --git a/extensions/RedHat/web/js/redhat.js b/extensions/RedHat/web/js/redhat.js
index a0e22050a..61963b18a 100644
--- a/extensions/RedHat/web/js/redhat.js
+++ b/extensions/RedHat/web/js/redhat.js
@@ -111,4 +111,22 @@ function edit_comment(comment_id, comment_count, allow_secure) {
   var text_elem = document.getElementById('comment_text_' + comment_count);
   var text = getText(text_elem);
   alertify.editCommentBox(text_elem, comment_id, comment_count, text, allow_secure).resizeTo('80%', '70%');
-}
\ No newline at end of file
+}
+
+function invite_manager(manager) {
+  $('#thelink')._onAjaxSend();
+  // RPC to update message
+  var rpc = new Rpc('GroupRequest', 'invite_manager', {
+    manager: manager
+    })
+    .complete(function () {
+      $('#thelink')._onAjaxComplete();
+    })
+    .fail(function (error) {
+      alertify.error(error.message);
+    })
+    .done(function (res) {
+      alertify.success(res);
+    });
+}
+
diff --git a/extensions/Workflows/lib/WebService/GroupRequest.pm b/extensions/Workflows/lib/WebService/GroupRequest.pm
index c817f0643..e34ee6e33 100644
--- a/extensions/Workflows/lib/WebService/GroupRequest.pm
+++ b/extensions/Workflows/lib/WebService/GroupRequest.pm
@@ -21,6 +21,7 @@ use Bugzilla::Extension::Workflows::GroupRequest;
 use constant PUBLIC_METHODS => qw(
   update_group
   get_groups
+  invite_manager
 );
 
 sub update_group {
@@ -109,6 +110,26 @@ sub get_groups {
   return (\@rows);
 
 }
+
+sub invite_manager {
+  my ($self, $args) = validate(@_);
+
+  my $user = Bugzilla->login(LOGIN_REQUIRED);
+  $user->can_admin_group_workflow();
+
+  my $manager = $args->{manager}
+    // ThrowCodeError('param_required', {param => 'manager'});
+
+  Bugzilla::validate_redhat_addr($manager . '@redhat.com')
+    || ThrowUserError('invalid_manager_uid', {'uid' => $manager});
+
+  Bugzilla->request_cache->{invite_manager} = 1;
+  $user->check_and_send_account_creation_confirmation($manager . '@redhat.com');
+  delete Bugzilla->request_cache->{invite_manager};
+
+  return ("An account invitation has been mailed to $manager\@redhat.com");
+}
+
 1;
 
 __END__
diff --git a/extensions/Workflows/template/en/default/account/email/request-new.txt.tmpl b/extensions/Workflows/template/en/default/account/email/request-new.txt.tmpl
new file mode 100644
index 000000000..42eb6413f
--- /dev/null
+++ b/extensions/Workflows/template/en/default/account/email/request-new.txt.tmpl
@@ -0,0 +1,70 @@
+[%# This Source Code Form is subject to the terms of the Mozilla Public
+  # License, v. 2.0. If a copy of the MPL was not distributed with this
+  # file, You can obtain one at http://mozilla.org/MPL/2.0/.
+  #%]
+
+[%# INTERFACE:
+  # token: random string used to authenticate the transaction.
+  # expiration_ts: expiration date of the token.
+  # email: email address of the new account.
+  #%]
+
+From: [% Param('mailfrom') %]
+To: [% email %]
+[% IF  Bugzilla.request_cache.invite_manager %]
+Subject: Account creation invitation from [% user.login %]
+X-Bugzilla-Type: admin
+
+Group membership in [% terms.Bugzilla %] is managed using a self-serve process
+where users apply for groups in the UI and managers approve or disapprove those
+requests in the UI.
+
+[%+ user.identity %] has been prevented from applying for groups because your
+account cannot be found; they have asked for you to create an account.
+
+If you do not create an account then associates you manage cannot be granted
+membership of internal groups.
+
+To create an account using this email address, visit the following link by
+[% expiration_ts FILTER time("%B %e, %Y at %H:%M %Z") %].
+
+[%+ urlbase %]token.cgi?t=[% token FILTER uri %]&a=request_new_account
+
+If you do not wish to create an account you can do nothing or visit the following
+link to cancel the request:
+
+[%+ urlbase %]token.cgi?t=[% token FILTER uri %]&a=cancel_new_account
+
+[% ELSE %]
+Subject: [% terms.Bugzilla %]: confirm account creation
+X-Bugzilla-Type: admin
+
+[%+ terms.Bugzilla %] has received a request to create a user account
+using your email address ([% email %]).
+
+To continue creating an account using this email address, visit the 
+following link by [% expiration_ts FILTER time("%B %e, %Y at %H:%M %Z") %]:
+
+[%+ urlbase %]token.cgi?t=[% token FILTER uri %]&a=request_new_account
+
+If you did not receive this email before [% expiration_ts FILTER time("%B %e, %Y at %H:%M %Z") %] or
+you wish to create an account using a different email address you can begin
+again by going to:
+
+[%+ urlbase %]createaccount.cgi
+
+[% IF Param('createemailregexp') == '.*' && Param('emailsuffix') == '' %]
+PRIVACY NOTICE: [% terms.Bugzilla %] is an open [% terms.bug %] tracking system. Activity on most
+[%+ terms.bugs %], including email addresses, will be visible to the public. We recommend
+using a secondary account or free web email service (such as Gmail, Yahoo,
+Hotmail, or similar) to avoid receiving spam at your primary email address.
+[% END %]
+
+If you do not wish to create an account, or if this request was made in
+error you can do nothing or visit the following link:
+
+[%+ urlbase %]token.cgi?t=[% token FILTER uri %]&a=cancel_new_account
+[% END %]
+
+If the above links do not work, or you have any other issues regarding
+your account, please contact administration at [% Param('maintainer') %].
diff --git a/extensions/Workflows/template/en/default/hook/global/user-error-errors.html.tmpl b/extensions/Workflows/template/en/default/hook/global/user-error-errors.html.tmpl
index 96a191c15..a80c3faca 100644
--- a/extensions/Workflows/template/en/default/hook/global/user-error-errors.html.tmpl
+++ b/extensions/Workflows/template/en/default/hook/global/user-error-errors.html.tmpl
@@ -35,7 +35,18 @@
     The uid for address "[% login FILTER html %]" could not be calculated, possibly LDAP is unavailable, outdated, or there is not a valid Red Hat MX record for this account.
   [% END %]
   [% IF man_uid %]
-    <br>Your manager's uid was calculated as [% man_uid FILTER html %], but their Bugzilla account could not be found.
+    <p>Your manager's uid was calculated as "[% man_uid FILTER html %]", but
+    their Bugzilla account could not be found.
+    <p>
+    Manager sign-off is <b>mandatory</b> and you will not be able to
+    apply for, or be granted membership in, groups requiring manager sign-off
+    without your manager, or their manager, having a Bugzilla account.
+    </p>
+    <p>
+    If you would like to send an account invitation e-mail to your manager, click
+    <a href="#" id="thelink" onclick="invite_manager('[% man_uid FILTER js %]')">
+    here</a>. This invitation will contain a link your manager can click on to
+    create an account.
   [% ELSE %]
     Your manager's uid could not be calculated, possibly LDAP is unavailable or outdated.
   [% END %]
@@ -44,6 +55,9 @@
   You have applied for a group requiring manager sign off, but your manager's
   account ([% man_login FILTER html %]) is disabled.
 
+[% ELSIF error == "invalid_manager_uid" %]
+  The supplied UID could not be mapped to a Red Hat LDAP entry.
+
 [% ELSIF error == "approvals_flag_mismatch" %]
   The flag name calculated for the flag change "[% flag_name FILTER html %]" did
   not match the flag on the groups workflow