mirror/Part-DB.Part-DB-server
1
0
Fork 1
mirror of https://github.com/Part-DB/Part-DB-server.git synced 2025-06-21 09:35:49 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions

Disable 2FA settings when demo mode is active.

Browse source
This commit is contained in:
Jan Böhmer 2019-12-31 18:12:15 +01:00
parent 5ee9d5ade0
commit 0c7a8bd85e
6 changed files with 100 additions and 20 deletions
Download patch file Download diff file Expand all files Collapse all files

2
config/services.yaml
View file

@ -26,6 +26,8 @@ services:
_defaults: _defaults:
autowire: true # Automatically injects dependencies in your services. autowire: true # Automatically injects dependencies in your services.
autoconfigure: true # Automatically registers your services as commands, event subscribers, etc. autoconfigure: true # Automatically registers your services as commands, event subscribers, etc.
bind:
bool $demo_mode: '%demo_mode%'
# makes classes in src/ available to be used as services # makes classes in src/ available to be used as services
# this creates a service per class whose id is the fully-qualified class name # this creates a service per class whose id is the fully-qualified class name

29
src/Controller/UserSettingsController.php
View file

@ -47,6 +47,13 @@ use Symfony\Component\Validator\Constraints\Length;
*/ */
class UserSettingsController extends AbstractController class UserSettingsController extends AbstractController
{ {
protected $demo_mode;
public function __construct(bool $demo_mode)
{
$this->demo_mode = $demo_mode;
}
/** /**
* @Route("/2fa_backup_codes", name="show_backup_codes") * @Route("/2fa_backup_codes", name="show_backup_codes")
*/ */
@ -78,6 +85,10 @@ class UserSettingsController extends AbstractController
*/ */
public function removeU2FToken(Request $request, EntityManagerInterface $entityManager, BackupCodeManager $backupCodeManager) public function removeU2FToken(Request $request, EntityManagerInterface $entityManager, BackupCodeManager $backupCodeManager)
{ {
if($this->demo_mode) {
throw new \RuntimeException('You can not do 2FA things in demo mode');
}
$user = $this->getUser(); $user = $this->getUser();
//When user change its settings, he should be logged in fully. //When user change its settings, he should be logged in fully.
@ -122,6 +133,10 @@ class UserSettingsController extends AbstractController
*/ */
public function resetTrustedDevices(Request $request, EntityManagerInterface $entityManager) public function resetTrustedDevices(Request $request, EntityManagerInterface $entityManager)
{ {
if($this->demo_mode) {
throw new \RuntimeException('You can not do 2FA things in demo mode');
}
$user = $this->getUser(); $user = $this->getUser();
//When user change its settings, he should be logged in fully. //When user change its settings, he should be logged in fully.
@ -170,7 +185,7 @@ class UserSettingsController extends AbstractController
$form->handleRequest($request); $form->handleRequest($request);
if ($form->isSubmitted() && $form->isValid()) { if ($form->isSubmitted() && $form->isValid() && !$this->demo_mode) {
//Check if user theme setting has changed //Check if user theme setting has changed
if ($user->getTheme() !== $em->getUnitOfWork()->getOriginalEntityData($user)['theme']) { if ($user->getTheme() !== $em->getUnitOfWork()->getOriginalEntityData($user)['theme']) {
$page_need_reload = true; $page_need_reload = true;
@ -184,8 +199,6 @@ class UserSettingsController extends AbstractController
* Password change form * Password change form
****************************/ ****************************/
$demo_mode = $this->getParameter('demo_mode');
$pw_form = $this->createFormBuilder() $pw_form = $this->createFormBuilder()
//Username field for autocomplete //Username field for autocomplete
->add('username', TextType::class, [ ->add('username', TextType::class, [
@ -196,11 +209,11 @@ class UserSettingsController extends AbstractController
]) ])
->add('old_password', PasswordType::class, [ ->add('old_password', PasswordType::class, [
'label' => 'user.settings.pw_old.label', 'label' => 'user.settings.pw_old.label',
'disabled' => $demo_mode, 'disabled' => $this->demo_mode,
'attr' => ['autocomplete' => 'current-password'], 'attr' => ['autocomplete' => 'current-password'],
'constraints' => [new UserPassword()], ]) //This constraint checks, if the current user pw was inputted. 'constraints' => [new UserPassword()], ]) //This constraint checks, if the current user pw was inputted.
->add('new_password', RepeatedType::class, [ ->add('new_password', RepeatedType::class, [
'disabled' => $demo_mode, 'disabled' => $this->demo_mode,
'type' => PasswordType::class, 'type' => PasswordType::class,
'first_options' => ['label' => 'user.settings.pw_new.label'], 'first_options' => ['label' => 'user.settings.pw_new.label'],
'second_options' => ['label' => 'user.settings.pw_confirm.label'], 'second_options' => ['label' => 'user.settings.pw_confirm.label'],
@ -219,7 +232,7 @@ class UserSettingsController extends AbstractController
$pw_form->handleRequest($request); $pw_form->handleRequest($request);
//Check if password if everything was correct, then save it to User and DB //Check if password if everything was correct, then save it to User and DB
if ($pw_form->isSubmitted() && $pw_form->isValid()) { if ($pw_form->isSubmitted() && $pw_form->isValid() && !$this->demo_mode) {
$password = $passwordEncoder->encodePassword($user, $pw_form['new_password']->getData()); $password = $passwordEncoder->encodePassword($user, $pw_form['new_password']->getData());
$user->setPassword($password); $user->setPassword($password);
@ -240,7 +253,7 @@ class UserSettingsController extends AbstractController
} }
$google_form->handleRequest($request); $google_form->handleRequest($request);
if($google_form->isSubmitted() && $google_form->isValid()) { if($google_form->isSubmitted() && $google_form->isValid() && !$this->demo_mode) {
if (!$google_enabled) { if (!$google_enabled) {
//Save 2FA settings (save secrets) //Save 2FA settings (save secrets)
$user->setGoogleAuthenticatorSecret($google_form->get('googleAuthenticatorSecret')->getData()); $user->setGoogleAuthenticatorSecret($google_form->get('googleAuthenticatorSecret')->getData());
@ -265,7 +278,7 @@ class UserSettingsController extends AbstractController
])->getForm(); ])->getForm();
$backup_form->handleRequest($request); $backup_form->handleRequest($request);
if ($backup_form->isSubmitted() && $backup_form->isValid()) { if ($backup_form->isSubmitted() && $backup_form->isValid() && !$this->demo_mode) {
$backupCodeManager->regenerateBackupCodes($user); $backupCodeManager->regenerateBackupCodes($user);
$em->flush(); $em->flush();
$this->addFlash('success', 'user.settings.2fa.backup_codes.regenerated'); $this->addFlash('success', 'user.settings.2fa.backup_codes.regenerated');

14
src/EventSubscriber/U2FRegistrationSubscriber.php
View file

@ -27,6 +27,7 @@ use Doctrine\ORM\EntityManagerInterface;
use R\U2FTwoFactorBundle\Event\RegisterEvent; use R\U2FTwoFactorBundle\Event\RegisterEvent;
use Symfony\Component\EventDispatcher\EventSubscriberInterface; use Symfony\Component\EventDispatcher\EventSubscriberInterface;
use Symfony\Component\HttpFoundation\RedirectResponse; use Symfony\Component\HttpFoundation\RedirectResponse;
use Symfony\Component\HttpFoundation\Session\Flash\FlashBagInterface;
use Symfony\Component\Routing\Generator\UrlGeneratorInterface; use Symfony\Component\Routing\Generator\UrlGeneratorInterface;
class U2FRegistrationSubscriber implements EventSubscriberInterface class U2FRegistrationSubscriber implements EventSubscriberInterface
@ -36,14 +37,17 @@ class U2FRegistrationSubscriber implements EventSubscriberInterface
protected $em; protected $em;
public function __construct(UrlGeneratorInterface $router, EntityManagerInterface $entityManager) protected $demo_mode;
protected $flashBag;
public function __construct(UrlGeneratorInterface $router, EntityManagerInterface $entityManager, FlashBagInterface $flashBag, bool $demo_mode)
{ {
$this->router = $router; $this->router = $router;
$this->em = $entityManager; $this->em = $entityManager;
$this->demo_mode = $demo_mode;
$this->flashBag = $flashBag;
} }
// ..
/** @return string[] **/ /** @return string[] **/
public static function getSubscribedEvents(): array public static function getSubscribedEvents(): array
{ {
@ -54,6 +58,8 @@ class U2FRegistrationSubscriber implements EventSubscriberInterface
public function onRegister(RegisterEvent $event): void public function onRegister(RegisterEvent $event): void
{ {
//Skip adding of U2F key on demo mode
if (!$this->demo_mode) {
$user = $event->getUser(); $user = $event->getUser();
$registration = $event->getRegistration(); $registration = $event->getRegistration();
$newKey = new U2FKey(); $newKey = new U2FKey();
@ -64,6 +70,8 @@ class U2FRegistrationSubscriber implements EventSubscriberInterface
// persist the new key // persist the new key
$this->em->persist($newKey); $this->em->persist($newKey);
$this->em->flush(); $this->em->flush();
$this->flashBag->add('success', 'tfa_u2f.key_added_successful');
}
// generate new response, here we redirect the user to the fos user // generate new response, here we redirect the user to the fos user
// profile // profile

19
tests/EventSubscriber/PasswordChangeNeededSubscriberTest.php
View file

@ -1,4 +1,23 @@
<?php <?php
/**
* This file is part of Part-DB (https://github.com/Part-DB/Part-DB-symfony).
*
* Copyright (C) 2019 Jan Böhmer (https://github.com/jbtronics)
*
* This program is free software; you can redistribute it and/or
* modify it under the terms of the GNU General Public License
* as published by the Free Software Foundation; either version 2
* of the License, or (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
*/
namespace App\Tests\EventSubscriber; namespace App\Tests\EventSubscriber;

19
tests/Services/TFA/BackupCodeGeneratorTest.php
View file

@ -1,4 +1,23 @@
<?php <?php
/**
* This file is part of Part-DB (https://github.com/Part-DB/Part-DB-symfony).
*
* Copyright (C) 2019 Jan Böhmer (https://github.com/jbtronics)
*
* This program is free software; you can redistribute it and/or
* modify it under the terms of the GNU General Public License
* as published by the Free Software Foundation; either version 2
* of the License, or (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
*/
namespace App\Tests\Services\TFA; namespace App\Tests\Services\TFA;

19
tests/Services/TFA/BackupCodeManagerTest.php
View file

@ -1,4 +1,23 @@
<?php <?php
/**
* This file is part of Part-DB (https://github.com/Part-DB/Part-DB-symfony).
*
* Copyright (C) 2019 Jan Böhmer (https://github.com/jbtronics)
*
* This program is free software; you can redistribute it and/or
* modify it under the terms of the GNU General Public License
* as published by the Free Software Foundation; either version 2
* of the License, or (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
*/
namespace App\Tests\Services\TFA; namespace App\Tests\Services\TFA;