HomePhabricator
Diffusion Phabricator c7718d3a2126

Ask users to sign Legalpad documents before requiring they enroll in MFA
c7718d3a2126
Actions

Description

Ask users to sign Legalpad documents before requiring they enroll in MFA

Summary:
Depends on D18789. Ref T13024. See PHI223. Currently, if security.require-multi-factor-auth and Legalpad "Signature Required" documents are both set, it's not possible to survive account registration, since MFA is requiried to sign and signatures are required to add MFA.

Instead, check for signatures before requiring MFA enrollment. This makes logical sense, since it's silly to add MFA if you don't agree to a Terms of Service or whatever.

(Note that if you already have MFA, we prompt for that first, before either of these steps, which also makes sense.)

Test Plan: Configured security.require-multi-factor-auth. Added a signature-required document. Loaded a page as a new user. Went through signature workflow, then through the MFA enrollment workflow.

Reviewers: amckinley

Reviewed By: amckinley

Maniphest Tasks: T13024

Differential Revision: https://secure.phabricator.com/D18790

Details

Provenance
epriestleyAuthored on Nov 28 2017, 1:02 AM
epriestleyPushed on Nov 28 2017, 5:59 PM
Reviewer
amckinley
Differential Revision
D18790: Ask users to sign Legalpad documents before requiring they enroll in MFA
Parents
rPe850bc6b957a: When requiring login signatures, order documents from oldest to newest
Branches
Unknown
Tags
Unknown
Tasks
T13024: Fix various session initialization order issues
Build Status
Buildable 18880
Build 25454: Run Core Tests

Changes (1)

PathSize
src/
applications/
base/
controller/

rPc7718d3a2126

View Options

src/applications/base/controller/PhabricatorController.php

Loading...
Phabricator ยท Built by Phacility