1
0
Fork 0
mirror of https://we.phorge.it/source/phorge.git synced 2024-12-23 05:50:55 +01:00

Prevent users from resigning from audits they've already resigned from

Summary: Ref T10978. Since "Resigned" is a status in Audit, you could repeatedly resign. This is confusing; prevent it.

Test Plan: Tried to resign twice; was only allowed to resign once.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T10978

Differential Revision: https://secure.phabricator.com/D17187
This commit is contained in:
epriestley 2017-01-11 15:25:41 -08:00
parent 11861265fe
commit b941331bdf
2 changed files with 20 additions and 3 deletions

View file

@ -13,6 +13,23 @@ abstract class DiffusionCommitAuditTransaction
return ($this->getViewerAuditStatus($commit, $viewer) !== null);
}
protected function isViewerAnyActiveAuditor(
PhabricatorRepositoryCommit $commit,
PhabricatorUser $viewer) {
// This omits various inactive states like "Resigned" and "Not Required".
return $this->isViewerAuditStatusAmong(
$commit,
$viewer,
array(
PhabricatorAuditStatusConstants::AUDIT_REQUIRED,
PhabricatorAuditStatusConstants::CONCERNED,
PhabricatorAuditStatusConstants::ACCEPTED,
PhabricatorAuditStatusConstants::AUDIT_REQUESTED,
));
}
protected function isViewerAcceptingAuditor(
PhabricatorRepositoryCommit $commit,
PhabricatorUser $viewer) {

View file

@ -28,7 +28,7 @@ final class DiffusionCommitResignTransaction
public function generateOldValue($object) {
$actor = $this->getActor();
return !$this->isViewerAnyAuditor($object, $actor);
return !$this->isViewerAnyActiveAuditor($object, $actor);
}
public function applyExternalEffects($object, $value) {
@ -38,11 +38,11 @@ final class DiffusionCommitResignTransaction
}
protected function validateAction($object, PhabricatorUser $viewer) {
if (!$this->isViewerAnyAuditor($object, $viewer)) {
if (!$this->isViewerAnyActiveAuditor($object, $viewer)) {
throw new Exception(
pht(
'You can not resign from this commit because you are not an '.
'auditor.'));
'active auditor.'));
}
}