Prevent users from resigning from audits they've already resigned from

Summary: Ref T10978. Since "Resigned" is a status in Audit, you could repeatedly resign. This is confusing; prevent it. Test Plan: Tried to resign twice; was only allowed to resign once. Reviewers: chad Reviewed By: chad Maniphest Tasks: T10978 Differential Revision: https://secure.phabricator.com/D17187
2025-01-11 07:11:04 +01:00 · 2017-01-11 15:25:41 -08:00 · 2017-01-11 15:25:41 -08:00 · b941331bdf
commit b941331bdf
parent 11861265fe
2 changed files with 20 additions and 3 deletions
--- a/src/applications/diffusion/xaction/DiffusionCommitAuditTransaction.php
+++ b/src/applications/diffusion/xaction/DiffusionCommitAuditTransaction.php
@ -13,6 +13,23 @@ abstract class DiffusionCommitAuditTransaction
    return ($this->getViewerAuditStatus($commit, $viewer) !== null);
  }
  protected function isViewerAnyActiveAuditor(
    PhabricatorRepositoryCommit $commit,
    PhabricatorUser $viewer) {
    // This omits various inactive states like "Resigned" and "Not Required".
    return $this->isViewerAuditStatusAmong(
      $commit,
      $viewer,
      array(
        PhabricatorAuditStatusConstants::AUDIT_REQUIRED,
        PhabricatorAuditStatusConstants::CONCERNED,
        PhabricatorAuditStatusConstants::ACCEPTED,
        PhabricatorAuditStatusConstants::AUDIT_REQUESTED,
      ));
  }
  protected function isViewerAcceptingAuditor(
    PhabricatorRepositoryCommit $commit,
    PhabricatorUser $viewer) {
--- a/src/applications/diffusion/xaction/DiffusionCommitResignTransaction.php
+++ b/src/applications/diffusion/xaction/DiffusionCommitResignTransaction.php
@ -28,7 +28,7 @@ final class DiffusionCommitResignTransaction
  public function generateOldValue($object) {
    $actor = $this->getActor();
-    return !$this->isViewerAnyAuditor($object, $actor);
+    return !$this->isViewerAnyActiveAuditor($object, $actor);
  }
  public function applyExternalEffects($object, $value) {
@ -38,11 +38,11 @@ final class DiffusionCommitResignTransaction
  }
  protected function validateAction($object, PhabricatorUser $viewer) {
-    if (!$this->isViewerAnyAuditor($object, $viewer)) {
+    if (!$this->isViewerAnyActiveAuditor($object, $viewer)) {
      throw new Exception(
        pht(
          'You can not resign from this commit because you are not an '.
-          'auditor.'));
+          'active auditor.'));
    }
  }