Allow "MFA Required" objects to be edited without MFA if the edit is only creating inverse edges
Summary: Depends on D19900. Ref T13222. See PHI873. When an object requires MFA, we currently require MFA for every transaction. This includes some ambiguous cases like "unsubscribe", but also includes "mention", which seems like clearly bad behavior. Allow an "MFA" object to be the target of mentions, "edit child tasks", etc. Test Plan: - Mentioned an MFA object elsewhere (no MFA prompt). - Made an MFA object a subtask of a non-MFA object (no MFA prompt). - Tried to edit an MFA object normally (still got an MFA prompt). Reviewers: amckinley Reviewed By: amckinley Maniphest Tasks: T13222 Differential Revision: https://secure.phabricator.com/D19901
This commit is contained in:
@@ -4893,6 +4893,13 @@ abstract class PhabricatorApplicationTransactionEditor
|
|||||||
return $xactions;
|
return $xactions;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// If the user is mentioning an MFA object on another object or creating
|
||||||
|
// a relationship like "parent" or "child" to this object, we allow the
|
||||||
|
// edit to move forward without requiring MFA.
|
||||||
|
if ($this->getIsInverseEdgeEditor()) {
|
||||||
|
return $xactions;
|
||||||
|
}
|
||||||
|
|
||||||
$template = $object->getApplicationTransactionTemplate();
|
$template = $object->getApplicationTransactionTemplate();
|
||||||
|
|
||||||
$mfa_xaction = id(clone $template)
|
$mfa_xaction = id(clone $template)
|
||||||
|
Reference in New Issue
Block a user