1
0
Fork 0
mirror of https://we.phorge.it/source/phorge.git synced 2025-01-10 23:01:04 +01:00

Allow "MFA Required" objects to be edited without MFA if the edit is only creating inverse edges

Summary:
Depends on D19900. Ref T13222. See PHI873. When an object requires MFA, we currently require MFA for every transaction.

This includes some ambiguous cases like "unsubscribe", but also includes "mention", which seems like clearly bad behavior.

Allow an "MFA" object to be the target of mentions, "edit child tasks", etc.

Test Plan:
  - Mentioned an MFA object elsewhere (no MFA prompt).
  - Made an MFA object a subtask of a non-MFA object (no MFA prompt).
  - Tried to edit an MFA object normally (still got an MFA prompt).

Reviewers: amckinley

Reviewed By: amckinley

Maniphest Tasks: T13222

Differential Revision: https://secure.phabricator.com/D19901
This commit is contained in:
epriestley 2018-12-18 08:09:45 -08:00
parent 1c89b3175f
commit efb01bf34f

View file

@ -4893,6 +4893,13 @@ abstract class PhabricatorApplicationTransactionEditor
return $xactions;
}
// If the user is mentioning an MFA object on another object or creating
// a relationship like "parent" or "child" to this object, we allow the
// edit to move forward without requiring MFA.
if ($this->getIsInverseEdgeEditor()) {
return $xactions;
}
$template = $object->getApplicationTransactionTemplate();
$mfa_xaction = id(clone $template)