1
0
Fork 0
mirror of https://we.phorge.it/source/phorge.git synced 2024-11-29 18:22:41 +01:00

Convert "Empower" from state-based MFA to one-shot MFA

Summary: Ref T13382. Currently, the "Make Administrator" action in the web UI does state-based MFA. Convert it to one-shot MFA.

Test Plan: Empowered and unempowered a user from the web UI, got one-shot MFA'd. Empowered a user from the CLI, no MFA issues.

Maniphest Tasks: T13382

Differential Revision: https://secure.phabricator.com/D20729
This commit is contained in:
epriestley 2019-08-22 07:05:38 -07:00
parent f1b054a20f
commit 109d7dcaf1
2 changed files with 10 additions and 8 deletions

View file

@ -17,14 +17,8 @@ final class PhabricatorPeopleEmpowerController
$done_uri = $this->getApplicationURI("manage/{$id}/"); $done_uri = $this->getApplicationURI("manage/{$id}/");
id(new PhabricatorAuthSessionEngine())->requireHighSecuritySession(
$viewer,
$request,
$done_uri);
$validation_exception = null; $validation_exception = null;
if ($request->isFormOrHisecPost()) {
if ($request->isFormPost()) {
$xactions = array(); $xactions = array();
$xactions[] = id(new PhabricatorUserTransaction()) $xactions[] = id(new PhabricatorUserTransaction())
->setTransactionType( ->setTransactionType(
@ -34,7 +28,8 @@ final class PhabricatorPeopleEmpowerController
$editor = id(new PhabricatorUserTransactionEditor()) $editor = id(new PhabricatorUserTransactionEditor())
->setActor($viewer) ->setActor($viewer)
->setContentSourceFromRequest($request) ->setContentSourceFromRequest($request)
->setContinueOnMissingFields(true); ->setContinueOnMissingFields(true)
->setCancelURI($done_uri);
try { try {
$editor->applyTransactions($user, $xactions); $editor->applyTransactions($user, $xactions);

View file

@ -86,4 +86,11 @@ final class PhabricatorUserEmpowerTransaction
return null; return null;
} }
public function shouldTryMFA(
$object,
PhabricatorApplicationTransaction $xaction) {
return true;
}
} }