mirror of
https://we.phorge.it/source/phorge.git
synced 2024-11-26 08:42:41 +01:00
Warn users about MFA requirements when interacting with "MFA Required" objects via the comment form
Summary: Ref T13242. Warn user that they'll need to MFA (so they can go dig their phone out of their bag first or whatever, or don't type a giant comment on mobile if their U2F key is back at the office) on the comment form. Also, when they'll need MFA and won't be able to provide it (no MFA on account), stop them from typing up a big comment that they can't actually submit: point them at MFA setup first. Test Plan: {F6164448} {F6164449} Reviewers: amckinley Reviewed By: amckinley Maniphest Tasks: T13242 Differential Revision: https://secure.phabricator.com/D20044
This commit is contained in:
epriestley
parent
f7e8fa0764
commit
13c5b427d6
2 changed files with 53 additions and 7 deletions
|
|
@ -1565,11 +1565,19 @@ abstract class PhabricatorEditEngine
|
|||
|
||||
$comment_uri = $this->getEditURI($object, 'comment/');
|
||||
|
||||
$requires_mfa = false;
|
||||
if ($object instanceof PhabricatorEditEngineMFAInterface) {
|
||||
$mfa_engine = PhabricatorEditEngineMFAEngine::newEngineForObject($object)
|
||||
->setViewer($viewer);
|
||||
$requires_mfa = $mfa_engine->shouldRequireMFA();
|
||||
}
|
||||
|
||||
$view = id(new PhabricatorApplicationTransactionCommentView())
|
||||
->setUser($viewer)
|
||||
->setObjectPHID($object_phid)
|
||||
->setHeaderText($header_text)
|
||||
->setAction($comment_uri)
|
||||
->setRequiresMFA($requires_mfa)
|
||||
->setSubmitButtonName($button_text);
|
||||
|
||||
$draft = PhabricatorVersionedDraft::loadDraft(
|
||||
|
|
|
|||
|
|
@ -1,9 +1,7 @@
|
|||
<?php
|
||||
|
||||
/**
|
||||
* @concrete-extensible
|
||||
*/
|
||||
class PhabricatorApplicationTransactionCommentView extends AphrontView {
|
||||
final class PhabricatorApplicationTransactionCommentView
|
||||
extends AphrontView {
|
||||
|
||||
private $submitButtonName;
|
||||
private $action;
|
||||
|
|
@ -24,6 +22,7 @@ class PhabricatorApplicationTransactionCommentView extends AphrontView {
|
|||
private $infoView;
|
||||
private $editEngineLock;
|
||||
private $noBorder;
|
||||
private $requiresMFA;
|
||||
|
||||
private $currentVersion;
|
||||
private $versionedDraft;
|
||||
|
|
@ -160,6 +159,15 @@ class PhabricatorApplicationTransactionCommentView extends AphrontView {
|
|||
return $this->editEngineLock;
|
||||
}
|
||||
|
||||
public function setRequiresMFA($requires_mfa) {
|
||||
$this->requiresMFA = $requires_mfa;
|
||||
return $this;
|
||||
}
|
||||
|
||||
public function getRequiresMFA() {
|
||||
return $this->requiresMFA;
|
||||
}
|
||||
|
||||
public function setTransactionTimeline(
|
||||
PhabricatorApplicationTransactionView $timeline) {
|
||||
|
||||
|
|
@ -187,8 +195,8 @@ class PhabricatorApplicationTransactionCommentView extends AphrontView {
|
|||
));
|
||||
}
|
||||
|
||||
$user = $this->getUser();
|
||||
if (!$user->isLoggedIn()) {
|
||||
$viewer = $this->getViewer();
|
||||
if (!$viewer->isLoggedIn()) {
|
||||
$uri = id(new PhutilURI('/login/'))
|
||||
->setQueryParam('next', (string)$this->getRequestURI());
|
||||
return id(new PHUIObjectBoxView())
|
||||
|
|
@ -203,6 +211,25 @@ class PhabricatorApplicationTransactionCommentView extends AphrontView {
|
|||
pht('Log In to Comment')));
|
||||
}
|
||||
|
||||
if ($this->getRequiresMFA()) {
|
||||
if (!$viewer->getIsEnrolledInMultiFactor()) {
|
||||
$viewer->updateMultiFactorEnrollment();
|
||||
if (!$viewer->getIsEnrolledInMultiFactor()) {
|
||||
$messages = array();
|
||||
$messages[] = pht(
|
||||
'You must provide multi-factor credentials to comment or make '.
|
||||
'changes, but you do not have multi-factor authentication '.
|
||||
'configured on your account.');
|
||||
$messages[] = pht(
|
||||
'To continue, configure multi-factor authentication in Settings.');
|
||||
|
||||
return id(new PHUIInfoView())
|
||||
->setSeverity(PHUIInfoView::SEVERITY_MFA)
|
||||
->setErrors($messages);
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
$data = array();
|
||||
|
||||
$comment = $this->renderCommentPanel();
|
||||
|
|
@ -226,7 +253,7 @@ class PhabricatorApplicationTransactionCommentView extends AphrontView {
|
|||
}
|
||||
|
||||
require_celerity_resource('phui-comment-form-css');
|
||||
$image_uri = $user->getProfileImageURI();
|
||||
$image_uri = $viewer->getProfileImageURI();
|
||||
$image = phutil_tag(
|
||||
'div',
|
||||
array(
|
||||
|
|
@ -388,6 +415,17 @@ class PhabricatorApplicationTransactionCommentView extends AphrontView {
|
|||
$form->appendChild($info_view);
|
||||
}
|
||||
|
||||
if ($this->getRequiresMFA()) {
|
||||
$message = pht(
|
||||
'You will be required to provide multi-factor credentials to '.
|
||||
'comment or make changes.');
|
||||
|
||||
$form->appendChild(
|
||||
id(new PHUIInfoView())
|
||||
->setSeverity(PHUIInfoView::SEVERITY_MFA)
|
||||
->setErrors(array($message)));
|
||||
}
|
||||
|
||||
$form->appendChild($invisi_bar);
|
||||
$form->addClass('phui-comment-has-actions');
|
||||
|
||||
|
|
|
|||
Loading…
Reference in a new issue