1
<?php
2

3
final class PhabricatorAuthFactorProviderDuoCredentialTransaction
4
  extends PhabricatorAuthFactorProviderTransactionType {
5

6
  const TRANSACTIONTYPE = 'duo.credential';
7

8
  public function generateOldValue($object) {
9
    $key = PhabricatorDuoAuthFactor::PROP_CREDENTIAL;
10
    return $object->getAuthFactorProviderProperty($key);
11
  }
12

13
  public function applyInternalEffects($object, $value) {
14
    $key = PhabricatorDuoAuthFactor::PROP_CREDENTIAL;
15
    $object->setAuthFactorProviderProperty($key, $value);
16
  }
17

18
  public function getTitle() {
19
    return pht(
20
      '%s changed the credential for this provider from %s to %s.',
21
      $this->renderAuthor(),
22
      $this->renderOldHandle(),
23
      $this->renderNewHandle());
24
  }
25

26
  public function validateTransactions($object, array $xactions) {
27
    $actor = $this->getActor();
28
    $errors = array();
29

30
    if (!$this->isDuoProvider($object)) {
31
      return $errors;
32
    }
33

34
    $old_value = $this->generateOldValue($object);
35
    if ($this->isEmptyTextTransaction($old_value, $xactions)) {
36
      $errors[] = $this->newRequiredError(
37
        pht('Duo providers must have an API credential.'));
38
    }
39

40
    foreach ($xactions as $xaction) {
41
      $new_value = $xaction->getNewValue();
42

43
      if (!strlen($new_value)) {
44
        continue;
45
      }
46

47
      if ($new_value === $old_value) {
48
        continue;
49
      }
50

51
      $credential = id(new PassphraseCredentialQuery())
52
        ->setViewer($actor)
53
        ->withIsDestroyed(false)
54
        ->withPHIDs(array($new_value))
55
        ->executeOne();
56
      if (!$credential) {
57
        $errors[] = $this->newInvalidError(
58
          pht(
59
            'Credential ("%s") is not valid.',
60
            $new_value),
61
          $xaction);
62
        continue;
63
      }
64
    }
65

66
    return $errors;
67
  }
68

69
}
70

71