recaptime.dev / phorge
@recaptime-dev's working patches + fork for Phorge, a community fork of Phabricator. (Upstream dev and stable branches are at upstream/main and upstream/stable respectively.) hq.recaptime.dev/wiki/Phorge
phorge phabricator
1
fork

Configure Feed

Select the types of activity you want to include in your feed.

Refactor on-login Legalpad document signature requirement

Summary: Depends on D18786. Ref T13024. I'm going to change the order this occurs in, but move it to a separate method and clean it up a little first.

Test Plan: Added a new document as required, reloaded, signed it, got logged into a session.

Reviewers: amckinley

Reviewed By: amckinley

Maniphest Tasks: T13024

Differential Revision: https://secure.phabricator.com/D18788

epriestley ba4b9f71 71406ca9

+73 -39
+73 -39
src/applications/base/controller/PhabricatorController.php
··· 227 227 } 228 228 229 229 230 - if (!$this->shouldAllowLegallyNonCompliantUsers()) { 231 - $legalpad_class = 'PhabricatorLegalpadApplication'; 232 - $legalpad = id(new PhabricatorApplicationQuery()) 233 - ->setViewer($user) 234 - ->withClasses(array($legalpad_class)) 235 - ->withInstalled(true) 236 - ->execute(); 237 - $legalpad = head($legalpad); 238 - 239 - $doc_query = id(new LegalpadDocumentQuery()) 240 - ->setViewer($user) 241 - ->withSignatureRequired(1) 242 - ->needViewerSignatures(true); 243 - 244 - if ($user->hasSession() && 245 - !$user->getSession()->getIsPartial() && 246 - !$user->getSession()->getSignedLegalpadDocuments() && 247 - $user->isLoggedIn() && 248 - $legalpad) { 249 - 250 - $sign_docs = $doc_query->execute(); 251 - $must_sign_docs = array(); 252 - foreach ($sign_docs as $sign_doc) { 253 - if (!$sign_doc->getUserSignature($user->getPHID())) { 254 - $must_sign_docs[] = $sign_doc; 255 - } 256 - } 257 - if ($must_sign_docs) { 258 - $controller = new LegalpadDocumentSignController(); 259 - $this->getRequest()->setURIMap(array( 260 - 'id' => head($must_sign_docs)->getID(), 261 - )); 262 - $this->setCurrentApplication($legalpad); 263 - return $this->delegateToController($controller); 264 - } else { 265 - $engine = id(new PhabricatorAuthSessionEngine()) 266 - ->signLegalpadDocuments($user, $sign_docs); 267 - } 268 - } 230 + $result = $this->requireLegalpadSignatures(); 231 + if ($result !== null) { 232 + return $result; 269 233 } 270 234 271 235 // NOTE: We do this last so that users get a login page instead of a 403 ··· 556 520 // I can use it in EditEngine. We could do this without making it public 557 521 // by using controller delegation, or make it properly public. 558 522 return $this->buildApplicationCrumbs(); 523 + } 524 + 525 + private function requireLegalpadSignatures() { 526 + if ($this->shouldAllowLegallyNonCompliantUsers()) { 527 + return null; 528 + } 529 + 530 + $viewer = $this->getViewer(); 531 + 532 + if (!$viewer->hasSession()) { 533 + return null; 534 + } 535 + 536 + $session = $viewer->getSession(); 537 + if ($session->getIsPartial()) { 538 + // If the user hasn't made it through MFA yet, require they survive 539 + // MFA first. 540 + return null; 541 + } 542 + 543 + if ($session->getSignedLegalpadDocuments()) { 544 + return null; 545 + } 546 + 547 + if (!$viewer->isLoggedIn()) { 548 + return null; 549 + } 550 + 551 + $legalpad_class = 'PhabricatorLegalpadApplication'; 552 + $legalpad_installed = PhabricatorApplication::isClassInstalledForViewer( 553 + $legalpad_class, 554 + $viewer); 555 + if (!$legalpad_installed) { 556 + return null; 557 + } 558 + 559 + $sign_docs = id(new LegalpadDocumentQuery()) 560 + ->setViewer($viewer) 561 + ->withSignatureRequired(1) 562 + ->needViewerSignatures(true) 563 + ->execute(); 564 + 565 + $must_sign_docs = array(); 566 + foreach ($sign_docs as $sign_doc) { 567 + if (!$sign_doc->getUserSignature($viewer->getPHID())) { 568 + $must_sign_docs[] = $sign_doc; 569 + } 570 + } 571 + 572 + if (!$must_sign_docs) { 573 + // If nothing needs to be signed (either because there are no documents 574 + // which require a signature, or because the user has already signed 575 + // all of them) mark the session as good and continue. 576 + $engine = id(new PhabricatorAuthSessionEngine()) 577 + ->signLegalpadDocuments($viewer, $sign_docs); 578 + 579 + return null; 580 + } 581 + 582 + $request = $this->getRequest(); 583 + $request->setURIMap( 584 + array( 585 + 'id' => head($must_sign_docs)->getID(), 586 + )); 587 + 588 + $application = PhabricatorApplication::getByClass($legalpad_class); 589 + $this->setCurrentApplication($application); 590 + 591 + $controller = new LegalpadDocumentSignController(); 592 + return $this->delegateToController($controller); 559 593 } 560 594 561 595