1
0
Fork 0
mirror of https://we.phorge.it/source/phorge.git synced 2024-11-22 23:02:42 +01:00

Fix a looping workflow when trying to submit a partially-effectless transaction group

Summary:
Ref T13289. If you do this:

  - Subscribe to a task (so we don't generate a subscribe side-effect later).
  - Prepare a transaction group: sign with MFA, change projects (don't make any changes), add a comment.
  - Submit the transaction group.

...you'll get prompted "Some actions don't have any effect (the non-change to projects), apply remaining effects?".

If you confirm, you get MFA'd, but the MFA flow loses the "continue" confirmation, so you get trapped in a workflow loop of confirming and MFA'ing.

Instead, retain the "continue" bit through the MFA.

Also, don't show "You can't sign an empty transaction group" if there's a comment.

See also T13295, since the amount of magic here can probably be reduced. There's likely little reason for "continue" or "hisec" to be magic nowadays.

Test Plan:
  - Went through the workflow above.
  - Before: looping workflow.
  - After: "Continue" carries through the MFA gate.

Reviewers: amckinley

Reviewed By: amckinley

Maniphest Tasks: T13289

Differential Revision: https://secure.phabricator.com/D20552
This commit is contained in:
epriestley 2019-05-23 11:41:14 -07:00
parent 719dd6d3f4
commit ce6fc5be90
3 changed files with 9 additions and 2 deletions

View file

@ -663,7 +663,7 @@ final class AphrontRequest extends Phobject {
}
public function isContinueRequest() {
return $this->isFormPost() && $this->getStr('__continue__');
return $this->isFormOrHisecPost() && $this->getStr('__continue__');
}
public function isPreviewRequest() {

View file

@ -120,6 +120,13 @@ final class PhabricatorHighSecurityRequestExceptionHandler
$dialog->addHiddenInput($key, $value);
}
// See T13289. If the user hit a "some transactions have no effect" dialog
// and elected to continue, we want to pass that flag through the MFA
// dialog even though it is not normally a passthrough request parameter.
if ($request->isContinueRequest()) {
$dialog->addHiddenInput(AphrontRequest::TYPE_CONTINUE, 1);
}
return $dialog;
}

View file

@ -2535,7 +2535,7 @@ abstract class PhabricatorApplicationTransactionEditor
// If none of the transactions have an effect, the meta-transactions also
// have no effect. Add them to the "no effect" list so we get a full set
// of errors for everything.
if (!$any_effect) {
if (!$any_effect && !$has_comment) {
$no_effect += $meta_xactions;
}