1
0
Fork 0
mirror of https://we.phorge.it/source/phorge.git synced 2024-11-26 00:32:42 +01:00

Convert "Empower" from state-based MFA to one-shot MFA

Summary: Ref T13382. Currently, the "Make Administrator" action in the web UI does state-based MFA. Convert it to one-shot MFA.

Test Plan: Empowered and unempowered a user from the web UI, got one-shot MFA'd. Empowered a user from the CLI, no MFA issues.

Maniphest Tasks: T13382

Differential Revision: https://secure.phabricator.com/D20729
This commit is contained in:
epriestley 2019-08-22 07:05:38 -07:00
parent f1b054a20f
commit 109d7dcaf1
2 changed files with 10 additions and 8 deletions

View file

@ -17,14 +17,8 @@ final class PhabricatorPeopleEmpowerController
$done_uri = $this->getApplicationURI("manage/{$id}/");
id(new PhabricatorAuthSessionEngine())->requireHighSecuritySession(
$viewer,
$request,
$done_uri);
$validation_exception = null;
if ($request->isFormPost()) {
if ($request->isFormOrHisecPost()) {
$xactions = array();
$xactions[] = id(new PhabricatorUserTransaction())
->setTransactionType(
@ -34,7 +28,8 @@ final class PhabricatorPeopleEmpowerController
$editor = id(new PhabricatorUserTransactionEditor())
->setActor($viewer)
->setContentSourceFromRequest($request)
->setContinueOnMissingFields(true);
->setContinueOnMissingFields(true)
->setCancelURI($done_uri);
try {
$editor->applyTransactions($user, $xactions);

View file

@ -86,4 +86,11 @@ final class PhabricatorUserEmpowerTransaction
return null;
}
public function shouldTryMFA(
$object,
PhabricatorApplicationTransaction $xaction) {
return true;
}
}