Page MenuHomePhabricator
Files F13176154

D20045.id47907.diff
No OneTemporary
Actions

D20045.id47907.diff
View Options

diff --git a/src/applications/transactions/editengine/PhabricatorEditEngine.php b/src/applications/transactions/editengine/PhabricatorEditEngine.php
--- a/src/applications/transactions/editengine/PhabricatorEditEngine.php
+++ b/src/applications/transactions/editengine/PhabricatorEditEngine.php
@@ -1279,14 +1279,41 @@
$fields = $this->willBuildEditForm($object, $fields);
+ $request_path = $request->getRequestURI()
+ ->setQueryParams(array());
+
$form = id(new AphrontFormView())
->setUser($viewer)
+ ->setAction($request_path)
->addHiddenInput('editEngine', 'true');
foreach ($this->contextParameters as $param) {
$form->addHiddenInput($param, $request->getStr($param));
}
+ $requires_mfa = false;
+ if ($object instanceof PhabricatorEditEngineMFAInterface) {
+ $mfa_engine = PhabricatorEditEngineMFAEngine::newEngineForObject($object)
+ ->setViewer($viewer);
+ $requires_mfa = $mfa_engine->shouldRequireMFA();
+ }
+
+ if ($requires_mfa) {
+ $message = pht(
+ 'You will be required to provide multi-factor credentials to make '.
+ 'changes.');
+ $form->appendChild(
+ id(new PHUIInfoView())
+ ->setSeverity(PHUIInfoView::SEVERITY_MFA)
+ ->setErrors(array($message)));
+
+ // TODO: This should also set workflow on the form, so the user doesn't
+ // lose any form data if they "Cancel". However, Maniphest currently
+ // overrides "newEditResponse()" if the request is Ajax and returns a
+ // bag of view data. This can reasonably be cleaned up when workboards
+ // get their next iteration.
+ }
+
foreach ($fields as $field) {
if (!$field->getIsFormField()) {
continue;

File Metadata

Mime Type
text/plain
Expires
Thu, May 9, 11:03 AM (4 w, 8 h ago)
Storage Engine
blob
Storage Format
Encrypted (AES-256-CBC)
Storage Handle
6274686
Default Alt Text
D20045.id47907.diff (1 KB)

Event Timeline

Phabricator · Built by Phacility