mirror of
https://we.phorge.it/source/phorge.git
synced 2024-12-23 14:00:56 +01:00
Update a factor query in TransactionEditor for providers
Summary: This query didn't get updated and could let you through an explicit "Sign with MFA" action if you have only disabled factors on your account. Test Plan: - Disabled all factors. - Used explicit "Sign With MFA". - Before: Went through. - After: Sensible error. Reviewers: amckinley Reviewed By: amckinley Differential Revision: https://secure.phabricator.com/D20072
This commit is contained in:
parent
612e9c6e09
commit
93b512b63c
1 changed files with 9 additions and 3 deletions
|
@ -2669,9 +2669,15 @@ abstract class PhabricatorApplicationTransactionEditor
|
|||
$transaction_type) {
|
||||
$errors = array();
|
||||
|
||||
$factors = id(new PhabricatorAuthFactorConfig())->loadAllWhere(
|
||||
'userPHID = %s',
|
||||
$this->getActingAsPHID());
|
||||
$factors = id(new PhabricatorAuthFactorConfigQuery())
|
||||
->setViewer($this->getActor())
|
||||
->withUserPHIDs(array($this->getActingAsPHID()))
|
||||
->withFactorProviderStatuses(
|
||||
array(
|
||||
PhabricatorAuthFactorProviderStatus::STATUS_ACTIVE,
|
||||
PhabricatorAuthFactorProviderStatus::STATUS_DEPRECATED,
|
||||
))
|
||||
->execute();
|
||||
|
||||
foreach ($xactions as $xaction) {
|
||||
if (!$factors) {
|
||||
|
|
Loading…
Reference in a new issue