From 2f7b10c023b96722dee3489419cfb5acd74f363a Mon Sep 17 00:00:00 2001
From: epriestley <git@epriestley.com>
Date: Mon, 27 Aug 2018 06:32:21 -0700
Subject: [PATCH] Replace "Disable User" web UI flow with transactions

Summary:
Ref T13189. See PHI642. Upgrades the "Disable" action in the web UI to be transaction-based.

This technically breaks things a little (you can't disable non-bot users, since they now require CAN_EDIT and you won't have it) but an upcoming change will fix the permissions issue.

Test Plan: Disabled and enabled a (bot) user from the web UI.

Reviewers: amckinley

Maniphest Tasks: T13189

Differential Revision: https://secure.phabricator.com/D19604
---
 .../PhabricatorPeopleDisableController.php          | 13 +++++++++++--
 1 file changed, 11 insertions(+), 2 deletions(-)

diff --git a/src/applications/people/controller/PhabricatorPeopleDisableController.php b/src/applications/people/controller/PhabricatorPeopleDisableController.php
index a556f8e519..f51f42047b 100644
--- a/src/applications/people/controller/PhabricatorPeopleDisableController.php
+++ b/src/applications/people/controller/PhabricatorPeopleDisableController.php
@@ -39,9 +39,18 @@ final class PhabricatorPeopleDisableController
     }
 
     if ($request->isFormPost()) {
-      id(new PhabricatorUserEditor())
+      $xactions = array();
+
+      $xactions[] = id(new PhabricatorUserTransaction())
+        ->setTransactionType(PhabricatorUserDisableTransaction::TRANSACTIONTYPE)
+        ->setNewValue($should_disable);
+
+      id(new PhabricatorUserTransactionEditor())
         ->setActor($viewer)
-        ->disableUser($user, $should_disable);
+        ->setContentSourceFromRequest($request)
+        ->setContinueOnMissingFields(true)
+        ->setContinueOnNoEffect(true)
+        ->applyTransactions($user, $xactions);
 
       return id(new AphrontRedirectResponse())->setURI($done_uri);
     }