Page Menu
Home
Phabricator
Search
Configure Global Search
Log In
Files
F14090649
D20024.diff
No One
Temporary
Actions
View File
Edit File
Delete File
View Transforms
Subscribe
Mute Notifications
Award Token
Flag For Later
Size
6 KB
Referenced Files
None
Subscribers
None
D20024.diff
View Options
diff --git a/src/__phutil_library_map__.php b/src/__phutil_library_map__.php
--- a/src/__phutil_library_map__.php
+++ b/src/__phutil_library_map__.php
@@ -2205,6 +2205,7 @@
'PhabricatorAuthContactNumberEditController' => 'applications/auth/controller/contact/PhabricatorAuthContactNumberEditController.php',
'PhabricatorAuthContactNumberEditEngine' => 'applications/auth/editor/PhabricatorAuthContactNumberEditEngine.php',
'PhabricatorAuthContactNumberEditor' => 'applications/auth/editor/PhabricatorAuthContactNumberEditor.php',
+ 'PhabricatorAuthContactNumberMFAEngine' => 'applications/auth/engine/PhabricatorAuthContactNumberMFAEngine.php',
'PhabricatorAuthContactNumberNumberTransaction' => 'applications/auth/xaction/PhabricatorAuthContactNumberNumberTransaction.php',
'PhabricatorAuthContactNumberPHIDType' => 'applications/auth/phid/PhabricatorAuthContactNumberPHIDType.php',
'PhabricatorAuthContactNumberPrimaryController' => 'applications/auth/controller/contact/PhabricatorAuthContactNumberPrimaryController.php',
@@ -7909,12 +7910,14 @@
'PhabricatorApplicationTransactionInterface',
'PhabricatorPolicyInterface',
'PhabricatorDestructibleInterface',
+ 'PhabricatorEditEngineMFAInterface',
),
'PhabricatorAuthContactNumberController' => 'PhabricatorAuthController',
'PhabricatorAuthContactNumberDisableController' => 'PhabricatorAuthContactNumberController',
'PhabricatorAuthContactNumberEditController' => 'PhabricatorAuthContactNumberController',
'PhabricatorAuthContactNumberEditEngine' => 'PhabricatorEditEngine',
'PhabricatorAuthContactNumberEditor' => 'PhabricatorApplicationTransactionEditor',
+ 'PhabricatorAuthContactNumberMFAEngine' => 'PhabricatorEditEngineMFAEngine',
'PhabricatorAuthContactNumberNumberTransaction' => 'PhabricatorAuthContactNumberTransactionType',
'PhabricatorAuthContactNumberPHIDType' => 'PhabricatorPHIDType',
'PhabricatorAuthContactNumberPrimaryController' => 'PhabricatorAuthContactNumberController',
diff --git a/src/applications/auth/controller/contact/PhabricatorAuthContactNumberDisableController.php b/src/applications/auth/controller/contact/PhabricatorAuthContactNumberDisableController.php
--- a/src/applications/auth/controller/contact/PhabricatorAuthContactNumberDisableController.php
+++ b/src/applications/auth/controller/contact/PhabricatorAuthContactNumberDisableController.php
@@ -24,7 +24,7 @@
$id = $number->getID();
$cancel_uri = $number->getURI();
- if ($request->isFormPost()) {
+ if ($request->isFormOrHisecPost()) {
$xactions = array();
if ($is_disable) {
@@ -42,7 +42,8 @@
->setActor($viewer)
->setContentSourceFromRequest($request)
->setContinueOnNoEffect(true)
- ->setContinueOnMissingFields(true);
+ ->setContinueOnMissingFields(true)
+ ->setCancelURI($cancel_uri);
try {
$editor->applyTransactions($number, $xactions);
diff --git a/src/applications/auth/controller/contact/PhabricatorAuthContactNumberPrimaryController.php b/src/applications/auth/controller/contact/PhabricatorAuthContactNumberPrimaryController.php
--- a/src/applications/auth/controller/contact/PhabricatorAuthContactNumberPrimaryController.php
+++ b/src/applications/auth/controller/contact/PhabricatorAuthContactNumberPrimaryController.php
@@ -41,7 +41,7 @@
->addCancelButton($cancel_uri);
}
- if ($request->isFormPost()) {
+ if ($request->isFormOrHisecPost()) {
$xactions = array();
$xactions[] = id(new PhabricatorAuthContactNumberTransaction())
@@ -53,7 +53,8 @@
->setActor($viewer)
->setContentSourceFromRequest($request)
->setContinueOnNoEffect(true)
- ->setContinueOnMissingFields(true);
+ ->setContinueOnMissingFields(true)
+ ->setCancelURI($cancel_uri);
try {
$editor->applyTransactions($number, $xactions);
diff --git a/src/applications/auth/engine/PhabricatorAuthContactNumberMFAEngine.php b/src/applications/auth/engine/PhabricatorAuthContactNumberMFAEngine.php
new file mode 100644
--- /dev/null
+++ b/src/applications/auth/engine/PhabricatorAuthContactNumberMFAEngine.php
@@ -0,0 +1,10 @@
+<?php
+
+final class PhabricatorAuthContactNumberMFAEngine
+ extends PhabricatorEditEngineMFAEngine {
+
+ public function shouldTryMFA() {
+ return true;
+ }
+
+}
diff --git a/src/applications/auth/storage/PhabricatorAuthContactNumber.php b/src/applications/auth/storage/PhabricatorAuthContactNumber.php
--- a/src/applications/auth/storage/PhabricatorAuthContactNumber.php
+++ b/src/applications/auth/storage/PhabricatorAuthContactNumber.php
@@ -6,7 +6,8 @@
implements
PhabricatorApplicationTransactionInterface,
PhabricatorPolicyInterface,
- PhabricatorDestructibleInterface {
+ PhabricatorDestructibleInterface,
+ PhabricatorEditEngineMFAInterface {
protected $objectPHID;
protected $contactNumber;
@@ -232,4 +233,11 @@
}
+/* -( PhabricatorEditEngineMFAInterface )---------------------------------- */
+
+
+ public function newEditEngineMFAEngine() {
+ return new PhabricatorAuthContactNumberMFAEngine();
+ }
+
}
diff --git a/src/applications/transactions/editengine/PhabricatorEditEngineMFAEngine.php b/src/applications/transactions/editengine/PhabricatorEditEngineMFAEngine.php
--- a/src/applications/transactions/editengine/PhabricatorEditEngineMFAEngine.php
+++ b/src/applications/transactions/editengine/PhabricatorEditEngineMFAEngine.php
@@ -34,6 +34,28 @@
->setObject($object);
}
- abstract public function shouldRequireMFA();
+ /**
+ * Do edits to this object REQUIRE that the user submit MFA?
+ *
+ * This is a strict requirement: users will need to add MFA to their accounts
+ * if they don't already have it.
+ *
+ * @return bool True to strictly require MFA.
+ */
+ public function shouldRequireMFA() {
+ return false;
+ }
+
+ /**
+ * Should edits to this object prompt for MFA if it's available?
+ *
+ * This is advisory: users without MFA on their accounts will be able to
+ * perform edits without being required to add MFA.
+ *
+ * @return bool True to prompt for MFA if available.
+ */
+ public function shouldTryMFA() {
+ return false;
+ }
}
diff --git a/src/applications/transactions/editor/PhabricatorApplicationTransactionEditor.php b/src/applications/transactions/editor/PhabricatorApplicationTransactionEditor.php
--- a/src/applications/transactions/editor/PhabricatorApplicationTransactionEditor.php
+++ b/src/applications/transactions/editor/PhabricatorApplicationTransactionEditor.php
@@ -4916,6 +4916,10 @@
$require_mfa = $engine->shouldRequireMFA();
if (!$require_mfa) {
+ $try_mfa = $engine->shouldTryMFA();
+ if ($try_mfa) {
+ $this->setShouldRequireMFA(true);
+ }
return $xactions;
}
File Metadata
Details
Attached
Mime Type
text/plain
Expires
Mon, Nov 25, 7:24 PM (18 h, 31 m)
Storage Engine
blob
Storage Format
Encrypted (AES-256-CBC)
Storage Handle
6786757
Default Alt Text
D20024.diff (6 KB)
Attached To
Mode
D20024: Always require MFA to edit contact numbers
Attached
Detach File
Event Timeline
Log In to Comment