recaptime.dev / phorge
@recaptime-dev's working patches + fork for Phorge, a community fork of Phabricator. (Upstream dev and stable branches are at upstream/main and upstream/stable respectively.) hq.recaptime.dev/wiki/Phorge
phorge phabricator
1
fork

Configure Feed

Select the types of activity you want to include in your feed.

Warn users about MFA requirements when interacting with "MFA Required" objects via the comment form

Summary:
Ref T13242. Warn user that they'll need to MFA (so they can go dig their phone out of their bag first or whatever, or don't type a giant comment on mobile if their U2F key is back at the office) on the comment form.

Also, when they'll need MFA and won't be able to provide it (no MFA on account), stop them from typing up a big comment that they can't actually submit: point them at MFA setup first.

Test Plan:
{F6164448}

{F6164449}

Reviewers: amckinley

Reviewed By: amckinley

Maniphest Tasks: T13242

Differential Revision: https://secure.phabricator.com/D20044

epriestley 13c5b427 f7e8fa07

+53 -7
+8
src/applications/transactions/editengine/PhabricatorEditEngine.php
··· 1565 1565 1566 1566 $comment_uri = $this->getEditURI($object, 'comment/'); 1567 1567 1568 + $requires_mfa = false; 1569 + if ($object instanceof PhabricatorEditEngineMFAInterface) { 1570 + $mfa_engine = PhabricatorEditEngineMFAEngine::newEngineForObject($object) 1571 + ->setViewer($viewer); 1572 + $requires_mfa = $mfa_engine->shouldRequireMFA(); 1573 + } 1574 + 1568 1575 $view = id(new PhabricatorApplicationTransactionCommentView()) 1569 1576 ->setUser($viewer) 1570 1577 ->setObjectPHID($object_phid) 1571 1578 ->setHeaderText($header_text) 1572 1579 ->setAction($comment_uri) 1580 + ->setRequiresMFA($requires_mfa) 1573 1581 ->setSubmitButtonName($button_text); 1574 1582 1575 1583 $draft = PhabricatorVersionedDraft::loadDraft(
+45 -7
src/applications/transactions/view/PhabricatorApplicationTransactionCommentView.php
··· 1 1 <?php 2 2 3 - /** 4 - * @concrete-extensible 5 - */ 6 - class PhabricatorApplicationTransactionCommentView extends AphrontView { 3 + final class PhabricatorApplicationTransactionCommentView 4 + extends AphrontView { 7 5 8 6 private $submitButtonName; 9 7 private $action; ··· 24 22 private $infoView; 25 23 private $editEngineLock; 26 24 private $noBorder; 25 + private $requiresMFA; 27 26 28 27 private $currentVersion; 29 28 private $versionedDraft; ··· 160 159 return $this->editEngineLock; 161 160 } 162 161 162 + public function setRequiresMFA($requires_mfa) { 163 + $this->requiresMFA = $requires_mfa; 164 + return $this; 165 + } 166 + 167 + public function getRequiresMFA() { 168 + return $this->requiresMFA; 169 + } 170 + 163 171 public function setTransactionTimeline( 164 172 PhabricatorApplicationTransactionView $timeline) { 165 173 ··· 187 195 )); 188 196 } 189 197 190 - $user = $this->getUser(); 191 - if (!$user->isLoggedIn()) { 198 + $viewer = $this->getViewer(); 199 + if (!$viewer->isLoggedIn()) { 192 200 $uri = id(new PhutilURI('/login/')) 193 201 ->setQueryParam('next', (string)$this->getRequestURI()); 194 202 return id(new PHUIObjectBoxView()) ··· 203 211 pht('Log In to Comment'))); 204 212 } 205 213 214 + if ($this->getRequiresMFA()) { 215 + if (!$viewer->getIsEnrolledInMultiFactor()) { 216 + $viewer->updateMultiFactorEnrollment(); 217 + if (!$viewer->getIsEnrolledInMultiFactor()) { 218 + $messages = array(); 219 + $messages[] = pht( 220 + 'You must provide multi-factor credentials to comment or make '. 221 + 'changes, but you do not have multi-factor authentication '. 222 + 'configured on your account.'); 223 + $messages[] = pht( 224 + 'To continue, configure multi-factor authentication in Settings.'); 225 + 226 + return id(new PHUIInfoView()) 227 + ->setSeverity(PHUIInfoView::SEVERITY_MFA) 228 + ->setErrors($messages); 229 + } 230 + } 231 + } 232 + 206 233 $data = array(); 207 234 208 235 $comment = $this->renderCommentPanel(); ··· 226 253 } 227 254 228 255 require_celerity_resource('phui-comment-form-css'); 229 - $image_uri = $user->getProfileImageURI(); 256 + $image_uri = $viewer->getProfileImageURI(); 230 257 $image = phutil_tag( 231 258 'div', 232 259 array( ··· 386 413 $info_view = $this->getInfoView(); 387 414 if ($info_view) { 388 415 $form->appendChild($info_view); 416 + } 417 + 418 + if ($this->getRequiresMFA()) { 419 + $message = pht( 420 + 'You will be required to provide multi-factor credentials to '. 421 + 'comment or make changes.'); 422 + 423 + $form->appendChild( 424 + id(new PHUIInfoView()) 425 + ->setSeverity(PHUIInfoView::SEVERITY_MFA) 426 + ->setErrors(array($message))); 389 427 } 390 428 391 429 $form->appendChild($invisi_bar);