Browse Source
Allow admins to disable 2FA backup codes via occ
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
pull/28421/head
Christoph Wurst
4 years ago
No known key found for this signature in database
GPG Key ID: CC42AC2A7F0E56D8
4 changed files with
28 additions and
2 deletions
-
apps/twofactor_backupcodes/lib/Provider/BackupCodesProvider.php
-
apps/twofactor_backupcodes/lib/Service/BackupCodeStorage.php
-
apps/twofactor_backupcodes/tests/Unit/Provider/BackupCodesProviderTest.php
-
apps/twofactor_backupcodes/tests/Unit/Service/BackupCodeStorageTest.php
|
|
|
@ -30,15 +30,15 @@ namespace OCA\TwoFactorBackupCodes\Provider; |
|
|
|
use OC\App\AppManager; |
|
|
|
use OCA\TwoFactorBackupCodes\Service\BackupCodeStorage; |
|
|
|
use OCA\TwoFactorBackupCodes\Settings\Personal; |
|
|
|
use OCP\Authentication\TwoFactorAuth\IDeactivatableByAdmin; |
|
|
|
use OCP\Authentication\TwoFactorAuth\IPersonalProviderSettings; |
|
|
|
use OCP\Authentication\TwoFactorAuth\IProvider; |
|
|
|
use OCP\Authentication\TwoFactorAuth\IProvidesPersonalSettings; |
|
|
|
use OCP\IInitialStateService; |
|
|
|
use OCP\IL10N; |
|
|
|
use OCP\IUser; |
|
|
|
use OCP\Template; |
|
|
|
|
|
|
|
class BackupCodesProvider implements IProvider, IProvidesPersonalSettings { |
|
|
|
class BackupCodesProvider implements IDeactivatableByAdmin, IProvidesPersonalSettings { |
|
|
|
|
|
|
|
/** @var string */ |
|
|
|
private $appName; |
|
|
|
@ -164,4 +164,8 @@ class BackupCodesProvider implements IProvider, IProvidesPersonalSettings { |
|
|
|
$this->initialStateService->provideInitialState($this->appName, 'state', $state); |
|
|
|
return new Personal(); |
|
|
|
} |
|
|
|
|
|
|
|
public function disableFor(IUser $user) { |
|
|
|
$this->storage->deleteCodes($user); |
|
|
|
} |
|
|
|
} |
|
|
|
@ -136,4 +136,8 @@ class BackupCodeStorage { |
|
|
|
} |
|
|
|
return false; |
|
|
|
} |
|
|
|
|
|
|
|
public function deleteCodes(IUser $user): void { |
|
|
|
$this->mapper->deleteCodes($user); |
|
|
|
} |
|
|
|
} |
|
|
|
@ -159,4 +159,13 @@ class BackupCodesProviderTest extends TestCase { |
|
|
|
|
|
|
|
$this->assertTrue($this->provider->isActive($user)); |
|
|
|
} |
|
|
|
|
|
|
|
public function testDisable(): void { |
|
|
|
$user = $this->getMockBuilder(IUser::class)->getMock(); |
|
|
|
$this->storage->expects(self::once()) |
|
|
|
->method('deleteCodes') |
|
|
|
->with($user); |
|
|
|
|
|
|
|
$this->provider->disableFor($user); |
|
|
|
} |
|
|
|
} |
|
|
|
@ -236,4 +236,13 @@ class BackupCodeStorageTest extends TestCase { |
|
|
|
|
|
|
|
$this->assertFalse($this->storage->validateCode($user, 'CHALLENGE')); |
|
|
|
} |
|
|
|
|
|
|
|
public function testDeleteCodes(): void { |
|
|
|
$user = $this->createMock(IUser::class); |
|
|
|
$this->mapper->expects($this->once()) |
|
|
|
->method('deleteCodes') |
|
|
|
->with($user); |
|
|
|
|
|
|
|
$this->storage->deleteCodes($user); |
|
|
|
} |
|
|
|
} |
