Page MenuHomePhabricator

D20044.id47869.diff
No OneTemporary

D20044.id47869.diff

diff --git a/src/applications/transactions/editengine/PhabricatorEditEngine.php b/src/applications/transactions/editengine/PhabricatorEditEngine.php
--- a/src/applications/transactions/editengine/PhabricatorEditEngine.php
+++ b/src/applications/transactions/editengine/PhabricatorEditEngine.php
@@ -1565,11 +1565,19 @@
$comment_uri = $this->getEditURI($object, 'comment/');
+ $requires_mfa = false;
+ if ($object instanceof PhabricatorEditEngineMFAInterface) {
+ $mfa_engine = PhabricatorEditEngineMFAEngine::newEngineForObject($object)
+ ->setViewer($viewer);
+ $requires_mfa = $mfa_engine->shouldRequireMFA();
+ }
+
$view = id(new PhabricatorApplicationTransactionCommentView())
->setUser($viewer)
->setObjectPHID($object_phid)
->setHeaderText($header_text)
->setAction($comment_uri)
+ ->setRequiresMFA($requires_mfa)
->setSubmitButtonName($button_text);
$draft = PhabricatorVersionedDraft::loadDraft(
diff --git a/src/applications/transactions/view/PhabricatorApplicationTransactionCommentView.php b/src/applications/transactions/view/PhabricatorApplicationTransactionCommentView.php
--- a/src/applications/transactions/view/PhabricatorApplicationTransactionCommentView.php
+++ b/src/applications/transactions/view/PhabricatorApplicationTransactionCommentView.php
@@ -1,9 +1,7 @@
<?php
-/**
- * @concrete-extensible
- */
-class PhabricatorApplicationTransactionCommentView extends AphrontView {
+final class PhabricatorApplicationTransactionCommentView
+ extends AphrontView {
private $submitButtonName;
private $action;
@@ -24,6 +22,7 @@
private $infoView;
private $editEngineLock;
private $noBorder;
+ private $requiresMFA;
private $currentVersion;
private $versionedDraft;
@@ -160,6 +159,15 @@
return $this->editEngineLock;
}
+ public function setRequiresMFA($requires_mfa) {
+ $this->requiresMFA = $requires_mfa;
+ return $this;
+ }
+
+ public function getRequiresMFA() {
+ return $this->requiresMFA;
+ }
+
public function setTransactionTimeline(
PhabricatorApplicationTransactionView $timeline) {
@@ -187,8 +195,8 @@
));
}
- $user = $this->getUser();
- if (!$user->isLoggedIn()) {
+ $viewer = $this->getViewer();
+ if (!$viewer->isLoggedIn()) {
$uri = id(new PhutilURI('/login/'))
->setQueryParam('next', (string)$this->getRequestURI());
return id(new PHUIObjectBoxView())
@@ -203,6 +211,25 @@
pht('Log In to Comment')));
}
+ if ($this->getRequiresMFA()) {
+ if (!$viewer->getIsEnrolledInMultiFactor()) {
+ $viewer->updateMultiFactorEnrollment();
+ if (!$viewer->getIsEnrolledInMultiFactor()) {
+ $messages = array();
+ $messages[] = pht(
+ 'You must provide multi-factor credentials to comment or make '.
+ 'changes, but do not have multi-factor authentication configured '.
+ 'on your account.');
+ $messages[] = pht(
+ 'To continue, configure multi-factor authentication in Settings.');
+
+ return id(new PHUIInfoView())
+ ->setSeverity(PHUIInfoView::SEVERITY_MFA)
+ ->setErrors($messages);
+ }
+ }
+ }
+
$data = array();
$comment = $this->renderCommentPanel();
@@ -226,7 +253,7 @@
}
require_celerity_resource('phui-comment-form-css');
- $image_uri = $user->getProfileImageURI();
+ $image_uri = $viewer->getProfileImageURI();
$image = phutil_tag(
'div',
array(
@@ -388,6 +415,17 @@
$form->appendChild($info_view);
}
+ if ($this->getRequiresMFA()) {
+ $message = pht(
+ 'You will be required to provide multi-factor credentials to '.
+ 'comment or make changes.');
+
+ $form->appendChild(
+ id(new PHUIInfoView())
+ ->setSeverity(PHUIInfoView::SEVERITY_MFA)
+ ->setErrors(array($message)));
+ }
+
$form->appendChild($invisi_bar);
$form->addClass('phui-comment-has-actions');

File Metadata

Mime Type
text/plain
Expires
Thu, Dec 26, 1:48 AM (11 h, 39 m)
Storage Engine
blob
Storage Format
Encrypted (AES-256-CBC)
Storage Handle
6928149
Default Alt Text
D20044.id47869.diff (4 KB)

Event Timeline