From 847bbc51b61b4222503ae089f78124c2d18d5f22 Mon Sep 17 00:00:00 2001 From: Christoph Wurst Date: Tue, 17 May 2016 15:48:41 +0200 Subject: add OCC command to enable/disable 2FA for a user --- .../Authentication/TwoFactorAuth/Manager.php | 29 ++++++++++++++++++++-- lib/private/Server.php | 2 +- 2 files changed, 28 insertions(+), 3 deletions(-) (limited to 'lib/private') diff --git a/lib/private/Authentication/TwoFactorAuth/Manager.php b/lib/private/Authentication/TwoFactorAuth/Manager.php index 2fdadee6d3e..57d682ec620 100644 --- a/lib/private/Authentication/TwoFactorAuth/Manager.php +++ b/lib/private/Authentication/TwoFactorAuth/Manager.php @@ -26,6 +26,7 @@ use OC; use OC\App\AppManager; use OCP\AppFramework\QueryException; use OCP\Authentication\TwoFactorAuth\IProvider; +use OCP\IConfig; use OCP\ISession; use OCP\IUser; @@ -39,13 +40,18 @@ class Manager { /** @var ISession */ private $session; + /** @var IConfig */ + private $config; + /** * @param AppManager $appManager * @param ISession $session + * @param IConfig $config */ - public function __construct(AppManager $appManager, ISession $session) { + public function __construct(AppManager $appManager, ISession $session, IConfig $config) { $this->appManager = $appManager; $this->session = $session; + $this->config = $config; } /** @@ -55,7 +61,26 @@ class Manager { * @return boolean */ public function isTwoFactorAuthenticated(IUser $user) { - return count($this->getProviders($user)) > 0; + $twoFactorEnabled = ((int) $this->config->getUserValue($user->getUID(), 'core', 'two_factor_auth_disabled', 0)) === 0; + return $twoFactorEnabled && count($this->getProviders($user)) > 0; + } + + /** + * Disable 2FA checks for the given user + * + * @param IUser $user + */ + public function disableTwoFactorAuthentication(IUser $user) { + $this->config->setUserValue($user->getUID(), 'core', 'two_factor_auth_disabled', 1); + } + + /** + * Enable all 2FA checks for the given user + * + * @param IUser $user + */ + public function enableTwoFactorAuthentication(IUser $user) { + $this->config->deleteUserValue($user->getUID(), 'core', 'two_factor_auth_disabled'); } /** diff --git a/lib/private/Server.php b/lib/private/Server.php index 05945cc5c1f..c878afa0a0e 100644 --- a/lib/private/Server.php +++ b/lib/private/Server.php @@ -277,7 +277,7 @@ class Server extends ServerContainer implements IServerContainer { }); $this->registerService('\OC\Authentication\TwoFactorAuth\Manager', function (Server $c) { - return new \OC\Authentication\TwoFactorAuth\Manager($c->getAppManager(), $c->getSession()); + return new \OC\Authentication\TwoFactorAuth\Manager($c->getAppManager(), $c->getSession(), $c->getConfig()); }); $this->registerService('NavigationManager', function ($c) { -- cgit v1.2.3