Page Menu
Home
Phabricator
Search
Configure Global Search
Log In
Files
F13183943
D20024.id47796.diff
No One
Temporary
Actions
View File
Edit File
Delete File
View Transforms
Subscribe
Mute Notifications
Award Token
Flag For Later
Size
6 KB
Referenced Files
None
Subscribers
None
D20024.id47796.diff
View Options
diff --git a/src/__phutil_library_map__.php b/src/__phutil_library_map__.php
--- a/src/__phutil_library_map__.php
+++ b/src/__phutil_library_map__.php
@@ -2205,6 +2205,7 @@
'PhabricatorAuthContactNumberEditController' => 'applications/auth/controller/contact/PhabricatorAuthContactNumberEditController.php',
'PhabricatorAuthContactNumberEditEngine' => 'applications/auth/editor/PhabricatorAuthContactNumberEditEngine.php',
'PhabricatorAuthContactNumberEditor' => 'applications/auth/editor/PhabricatorAuthContactNumberEditor.php',
+ 'PhabricatorAuthContactNumberMFAEngine' => 'applications/auth/engine/PhabricatorAuthContactNumberMFAEngine.php',
'PhabricatorAuthContactNumberNumberTransaction' => 'applications/auth/xaction/PhabricatorAuthContactNumberNumberTransaction.php',
'PhabricatorAuthContactNumberPHIDType' => 'applications/auth/phid/PhabricatorAuthContactNumberPHIDType.php',
'PhabricatorAuthContactNumberPrimaryController' => 'applications/auth/controller/contact/PhabricatorAuthContactNumberPrimaryController.php',
@@ -7909,12 +7910,14 @@
'PhabricatorApplicationTransactionInterface',
'PhabricatorPolicyInterface',
'PhabricatorDestructibleInterface',
+ 'PhabricatorEditEngineMFAInterface',
),
'PhabricatorAuthContactNumberController' => 'PhabricatorAuthController',
'PhabricatorAuthContactNumberDisableController' => 'PhabricatorAuthContactNumberController',
'PhabricatorAuthContactNumberEditController' => 'PhabricatorAuthContactNumberController',
'PhabricatorAuthContactNumberEditEngine' => 'PhabricatorEditEngine',
'PhabricatorAuthContactNumberEditor' => 'PhabricatorApplicationTransactionEditor',
+ 'PhabricatorAuthContactNumberMFAEngine' => 'PhabricatorEditEngineMFAEngine',
'PhabricatorAuthContactNumberNumberTransaction' => 'PhabricatorAuthContactNumberTransactionType',
'PhabricatorAuthContactNumberPHIDType' => 'PhabricatorPHIDType',
'PhabricatorAuthContactNumberPrimaryController' => 'PhabricatorAuthContactNumberController',
diff --git a/src/applications/auth/controller/contact/PhabricatorAuthContactNumberDisableController.php b/src/applications/auth/controller/contact/PhabricatorAuthContactNumberDisableController.php
--- a/src/applications/auth/controller/contact/PhabricatorAuthContactNumberDisableController.php
+++ b/src/applications/auth/controller/contact/PhabricatorAuthContactNumberDisableController.php
@@ -24,7 +24,7 @@
$id = $number->getID();
$cancel_uri = $number->getURI();
- if ($request->isFormPost()) {
+ if ($request->isFormOrHisecPost()) {
$xactions = array();
if ($is_disable) {
@@ -42,7 +42,8 @@
->setActor($viewer)
->setContentSourceFromRequest($request)
->setContinueOnNoEffect(true)
- ->setContinueOnMissingFields(true);
+ ->setContinueOnMissingFields(true)
+ ->setCancelURI($cancel_uri);
try {
$editor->applyTransactions($number, $xactions);
diff --git a/src/applications/auth/controller/contact/PhabricatorAuthContactNumberPrimaryController.php b/src/applications/auth/controller/contact/PhabricatorAuthContactNumberPrimaryController.php
--- a/src/applications/auth/controller/contact/PhabricatorAuthContactNumberPrimaryController.php
+++ b/src/applications/auth/controller/contact/PhabricatorAuthContactNumberPrimaryController.php
@@ -41,7 +41,7 @@
->addCancelButton($cancel_uri);
}
- if ($request->isFormPost()) {
+ if ($request->isFormOrHisecPost()) {
$xactions = array();
$xactions[] = id(new PhabricatorAuthContactNumberTransaction())
@@ -53,7 +53,8 @@
->setActor($viewer)
->setContentSourceFromRequest($request)
->setContinueOnNoEffect(true)
- ->setContinueOnMissingFields(true);
+ ->setContinueOnMissingFields(true)
+ ->setCancelURI($cancel_uri);
try {
$editor->applyTransactions($number, $xactions);
diff --git a/src/applications/auth/engine/PhabricatorAuthContactNumberMFAEngine.php b/src/applications/auth/engine/PhabricatorAuthContactNumberMFAEngine.php
new file mode 100644
--- /dev/null
+++ b/src/applications/auth/engine/PhabricatorAuthContactNumberMFAEngine.php
@@ -0,0 +1,10 @@
+<?php
+
+final class PhabricatorAuthContactNumberMFAEngine
+ extends PhabricatorEditEngineMFAEngine {
+
+ public function shouldTryMFA() {
+ return true;
+ }
+
+}
diff --git a/src/applications/auth/storage/PhabricatorAuthContactNumber.php b/src/applications/auth/storage/PhabricatorAuthContactNumber.php
--- a/src/applications/auth/storage/PhabricatorAuthContactNumber.php
+++ b/src/applications/auth/storage/PhabricatorAuthContactNumber.php
@@ -6,7 +6,8 @@
implements
PhabricatorApplicationTransactionInterface,
PhabricatorPolicyInterface,
- PhabricatorDestructibleInterface {
+ PhabricatorDestructibleInterface,
+ PhabricatorEditEngineMFAInterface {
protected $objectPHID;
protected $contactNumber;
@@ -232,4 +233,11 @@
}
+/* -( PhabricatorEditEngineMFAInterface )---------------------------------- */
+
+
+ public function newEditEngineMFAEngine() {
+ return new PhabricatorAuthContactNumberMFAEngine();
+ }
+
}
diff --git a/src/applications/transactions/editengine/PhabricatorEditEngineMFAEngine.php b/src/applications/transactions/editengine/PhabricatorEditEngineMFAEngine.php
--- a/src/applications/transactions/editengine/PhabricatorEditEngineMFAEngine.php
+++ b/src/applications/transactions/editengine/PhabricatorEditEngineMFAEngine.php
@@ -34,6 +34,28 @@
->setObject($object);
}
- abstract public function shouldRequireMFA();
+ /**
+ * Is this an edit that MUST be accompanied by MFA?
+ *
+ * This is a strict requirement: users will need to add MFA to their accounts
+ * if they don't already have it.
+ *
+ * @return bool True to strictly require MFA.
+ */
+ public function shouldRequireMFA() {
+ return false;
+ }
+
+ /**
+ * Is this an edit that we should prompt for MFA if available?
+ *
+ * This is advisory: users without MFA on their accounts will be able to
+ * perform the edit without being required to add it.
+ *
+ * @return bool True to prompt for MFA if available.
+ */
+ public function shouldTryMFA() {
+ return false;
+ }
}
diff --git a/src/applications/transactions/editor/PhabricatorApplicationTransactionEditor.php b/src/applications/transactions/editor/PhabricatorApplicationTransactionEditor.php
--- a/src/applications/transactions/editor/PhabricatorApplicationTransactionEditor.php
+++ b/src/applications/transactions/editor/PhabricatorApplicationTransactionEditor.php
@@ -4916,6 +4916,10 @@
$require_mfa = $engine->shouldRequireMFA();
if (!$require_mfa) {
+ $try_mfa = $engine->shouldTryMFA();
+ if ($try_mfa) {
+ $this->setShouldRequireMFA(true);
+ }
return $xactions;
}
File Metadata
Details
Attached
Mime Type
text/plain
Expires
Sat, May 11, 1:26 PM (2 w, 6 d ago)
Storage Engine
blob
Storage Format
Encrypted (AES-256-CBC)
Storage Handle
6286107
Default Alt Text
D20024.id47796.diff (6 KB)
Attached To
Mode
D20024: Always require MFA to edit contact numbers
Attached
Detach File
Event Timeline
Log In to Comment