Differential D20028 Diff 47835 src/aphront/handler/PhabricatorHighSecurityRequestExceptionHandler.php
Changeset View
Changeset View
Standalone View
Standalone View
src/aphront/handler/PhabricatorHighSecurityRequestExceptionHandler.php
Show All 32 Lines | public function handleRequestThrowable( | ||||
$form = id(new PhabricatorAuthSessionEngine())->renderHighSecurityForm( | $form = id(new PhabricatorAuthSessionEngine())->renderHighSecurityForm( | ||||
$throwable->getFactors(), | $throwable->getFactors(), | ||||
$results, | $results, | ||||
$viewer, | $viewer, | ||||
$request); | $request); | ||||
$is_wait = false; | $is_wait = false; | ||||
$is_continue = false; | |||||
foreach ($results as $result) { | foreach ($results as $result) { | ||||
if ($result->getIsWait()) { | if ($result->getIsWait()) { | ||||
$is_wait = true; | $is_wait = true; | ||||
break; | } | ||||
if ($result->getIsContinue()) { | |||||
epriestley: This appears later on in greater depth, but "continue" responses are "click the button to… | |||||
$is_continue = true; | |||||
} | } | ||||
} | } | ||||
$is_upgrade = $throwable->getIsSessionUpgrade(); | $is_upgrade = $throwable->getIsSessionUpgrade(); | ||||
if ($is_upgrade) { | if ($is_upgrade) { | ||||
$title = pht('Enter High Security'); | $title = pht('Enter High Security'); | ||||
} else { | } else { | ||||
$title = pht('Provide MFA Credentials'); | $title = pht('Provide MFA Credentials'); | ||||
} | } | ||||
if ($is_wait) { | if ($is_wait) { | ||||
$submit = pht('Wait Patiently'); | $submit = pht('Wait Patiently'); | ||||
} else if ($is_upgrade) { | } else if ($is_upgrade && !$is_continue) { | ||||
$submit = pht('Enter High Security'); | $submit = pht('Enter High Security'); | ||||
} else { | } else { | ||||
$submit = pht('Continue'); | $submit = pht('Continue'); | ||||
} | } | ||||
$dialog = id(new AphrontDialogView()) | $dialog = id(new AphrontDialogView()) | ||||
->setUser($viewer) | ->setUser($viewer) | ||||
->setTitle($title) | ->setTitle($title) | ||||
->setShortTitle(pht('Security Checkpoint')) | ->setShortTitle(pht('Security Checkpoint')) | ||||
->setWidth(AphrontDialogView::WIDTH_FORM) | ->setWidth(AphrontDialogView::WIDTH_FORM) | ||||
->addHiddenInput(AphrontRequest::TYPE_HISEC, true) | ->addHiddenInput(AphrontRequest::TYPE_HISEC, true) | ||||
->setSubmitURI($request->getPath()) | ->setSubmitURI($request->getPath()) | ||||
->addCancelButton($throwable->getCancelURI()) | ->addCancelButton($throwable->getCancelURI()) | ||||
->addSubmitButton($submit); | ->addSubmitButton($submit); | ||||
$form_layout = $form->buildLayoutView(); | $form_layout = $form->buildLayoutView(); | ||||
if ($is_upgrade) { | if ($is_upgrade) { | ||||
$dialog | $messages = array( | ||||
->setErrors( | |||||
array( | |||||
pht( | pht( | ||||
'You are taking an action which requires you to enter '. | 'You are taking an action which requires you to enter '. | ||||
'high security.'), | 'high security.'), | ||||
)) | ); | ||||
$info_view = id(new PHUIInfoView()) | |||||
->setSeverity(PHUIInfoView::SEVERITY_MFA) | |||||
->setErrors($messages); | |||||
$dialog | |||||
->appendChild($info_view) | |||||
->appendParagraph( | ->appendParagraph( | ||||
pht( | pht( | ||||
'High security mode helps protect your account from security '. | 'To enter high security mode, confirm your credentials:')) | ||||
'threats, like session theft or someone messing with your stuff '. | |||||
'while you\'re grabbing a coffee. To enter high security mode, '. | |||||
'confirm your credentials.')) | |||||
Done Inline ActionsI streamlined this text slightly and made the header less scary. epriestley: I streamlined this text slightly and made the header less scary. | |||||
->appendChild($form_layout) | ->appendChild($form_layout) | ||||
->appendParagraph( | ->appendParagraph( | ||||
pht( | pht( | ||||
'Your account will remain in high security mode for a short '. | 'Your account will remain in high security mode for a short '. | ||||
'period of time. When you are finished taking sensitive '. | 'period of time. When you are finished taking sensitive '. | ||||
'actions, you should leave high security.')); | 'actions, you should leave high security.')); | ||||
} else { | } else { | ||||
$dialog | $dialog | ||||
Show All 19 Lines |
This appears later on in greater depth, but "continue" responses are "click the button to continue".
Two cases for them: