Page MenuHomestyx hydra
Files F83262

No OneTemporary
Actions

View Options

diff --git a/src/applications/people/controller/PhabricatorPeopleEmpowerController.php b/src/applications/people/controller/PhabricatorPeopleEmpowerController.php
index 09021bf73e..22e7c22b68 100644
--- a/src/applications/people/controller/PhabricatorPeopleEmpowerController.php
+++ b/src/applications/people/controller/PhabricatorPeopleEmpowerController.php
@@ -1,75 +1,70 @@
<?php
final class PhabricatorPeopleEmpowerController
extends PhabricatorPeopleController {
public function handleRequest(AphrontRequest $request) {
$viewer = $this->getViewer();
$id = $request->getURIData('id');
$user = id(new PhabricatorPeopleQuery())
->setViewer($viewer)
->withIDs(array($id))
->executeOne();
if (!$user) {
return new Aphront404Response();
}
$done_uri = $this->getApplicationURI("manage/{$id}/");
- id(new PhabricatorAuthSessionEngine())->requireHighSecuritySession(
- $viewer,
- $request,
- $done_uri);
-
$validation_exception = null;
-
- if ($request->isFormPost()) {
+ if ($request->isFormOrHisecPost()) {
$xactions = array();
$xactions[] = id(new PhabricatorUserTransaction())
->setTransactionType(
PhabricatorUserEmpowerTransaction::TRANSACTIONTYPE)
->setNewValue(!$user->getIsAdmin());
$editor = id(new PhabricatorUserTransactionEditor())
->setActor($viewer)
->setContentSourceFromRequest($request)
- ->setContinueOnMissingFields(true);
+ ->setContinueOnMissingFields(true)
+ ->setCancelURI($done_uri);
try {
$editor->applyTransactions($user, $xactions);
return id(new AphrontRedirectResponse())->setURI($done_uri);
} catch (PhabricatorApplicationTransactionValidationException $ex) {
$validation_exception = $ex;
}
}
if ($user->getIsAdmin()) {
$title = pht('Remove as Administrator?');
$short = pht('Remove Administrator');
$body = pht(
'Remove %s as an administrator? They will no longer be able to '.
'perform administrative functions on this Phabricator install.',
phutil_tag('strong', array(), $user->getUsername()));
$submit = pht('Remove Administrator');
} else {
$title = pht('Make Administrator?');
$short = pht('Make Administrator');
$body = pht(
'Empower %s as an administrator? They will be able to create users, '.
'approve users, make and remove administrators, delete accounts, and '.
'perform other administrative functions on this Phabricator install.',
phutil_tag('strong', array(), $user->getUsername()));
$submit = pht('Make Administrator');
}
return $this->newDialog()
->setValidationException($validation_exception)
->setTitle($title)
->setShortTitle($short)
->appendParagraph($body)
->addCancelButton($done_uri)
->addSubmitButton($submit);
}
}
diff --git a/src/applications/people/xaction/PhabricatorUserEmpowerTransaction.php b/src/applications/people/xaction/PhabricatorUserEmpowerTransaction.php
index 5499f5d8cb..d17418636f 100644
--- a/src/applications/people/xaction/PhabricatorUserEmpowerTransaction.php
+++ b/src/applications/people/xaction/PhabricatorUserEmpowerTransaction.php
@@ -1,89 +1,96 @@
<?php
final class PhabricatorUserEmpowerTransaction
extends PhabricatorUserTransactionType {
const TRANSACTIONTYPE = 'user.admin';
public function generateOldValue($object) {
return (bool)$object->getIsAdmin();
}
public function generateNewValue($object, $value) {
return (bool)$value;
}
public function applyInternalEffects($object, $value) {
$object->setIsAdmin((int)$value);
}
public function validateTransactions($object, array $xactions) {
$user = $object;
$actor = $this->getActor();
$errors = array();
foreach ($xactions as $xaction) {
$old = $xaction->getOldValue();
$new = $xaction->getNewValue();
if ($old === $new) {
continue;
}
if ($user->getPHID() === $actor->getPHID()) {
$errors[] = $this->newInvalidError(
pht('After a time, your efforts fail. You can not adjust your own '.
'status as an administrator.'), $xaction);
}
$is_admin = $actor->getIsAdmin();
$is_omnipotent = $actor->isOmnipotent();
if (!$is_admin && !$is_omnipotent) {
$errors[] = $this->newInvalidError(
pht('You must be an administrator to create administrators.'),
$xaction);
}
}
return $errors;
}
public function getTitle() {
$new = $this->getNewValue();
if ($new) {
return pht(
'%s empowered this user as an administrator.',
$this->renderAuthor());
} else {
return pht(
'%s defrocked this user.',
$this->renderAuthor());
}
}
public function getTitleForFeed() {
$new = $this->getNewValue();
if ($new) {
return pht(
'%s empowered %s as an administrator.',
$this->renderAuthor(),
$this->renderObject());
} else {
return pht(
'%s defrocked %s.',
$this->renderAuthor(),
$this->renderObject());
}
}
public function getRequiredCapabilities(
$object,
PhabricatorApplicationTransaction $xaction) {
// Unlike normal user edits, admin promotions require admin
// permissions, which is enforced by validateTransactions().
return null;
}
+
+ public function shouldTryMFA(
+ $object,
+ PhabricatorApplicationTransaction $xaction) {
+ return true;
+ }
+
}

File Metadata

Mime Type
text/x-diff
Expires
Fri, Mar 14, 10:59 AM (22 h, 29 m)
Storage Engine
blob
Storage Format
Raw Data
Storage Handle
71810
Default Alt Text
(5 KB)

Event Timeline

styx copyright 2020 sirocyl / ellie (kymkdd) / ncommander / styx contributors
Use of other names and brands is not intended to reflect a claim of, or right to, use the name or brand.
styx is an operating system using the Linux kernel and components, and "styx Linux" as a phrase does not reflect the inclusion of the Linux brand or trademark in the styx project.
Linux® is the registered trademark of Linus Torvalds in the U.S. and other countries.
Terms and Conditions (TODO: fix this!)