Problem/Motivation

When a passphrase-protected vault has idle-locked, any owner route that decrypts on build throws an uncaught Drupal\pdv\Exception\VaultLockedException and white-screens. Reproduction: open your vault while unlocked, leave until the unlock idle-timeout lapses, then click a still-loaded link such as a file Edit. The overview hides those sections while locked, but stale links and direct URLs (FileEditForm, RecordForm, the grant/trust item lists via VaultOptionsTrait, viewRecord) still reach a decrypt and crash.

Proposed resolution

  • Give VaultLockedException the locked owner uid.
  • Add an exception subscriber that catches it and redirects the owner to their unlock form with a return_to back to the page, so they continue after unlocking. Scoped to the owner on an interactive HTML request; a consumer cross-site read or an API/JSON request is left for the normal handling (that caller cannot unlock the vault).

Remaining tasks

  • Review.
  • Merge.

Issue fork pdv-3594933

Command icon Show commands

Start within a Git clone of the project using the version control instructions.

Or, if you do not have SSH keys set up on git.drupalcode.org:

About issue forks

Comments

mably created an issue. See original summary.

mably opened merge request !38

mably’s picture

mably commented
Status: Active » Needs review

  • mably committed 9aed6c86 on 1.x 
    fix: #3594933 Locked vault white-screens on direct decrypt routes (e.g....
mably’s picture

mably commented
Status: Needs review » Fixed

Now that this issue is closed, review the contribution record.

As a contributor, attribute any organization that helped you, or if you volunteered your own time.

Maintainers, credit people who helped resolve this issue.