Skip to content
Snippets Groups Projects
Unverified Commit 1d2707ad authored by Morris Jobke's avatar Morris Jobke Committed by GitHub
Browse files

Merge pull request #25273 from nextcloud/enhancement/hide-two-factor-settings-if-no-providers 

Do not show 2FA settings if the user has no providers available
parents 47b10c37 378f116a
No related branches found
No related tags found
No related merge requests found
Hide whitespace changes
Inline Side-by-side
apps/settings/lib/Settings/Personal/Security/TwoFactor.php
+ 41
1
View file @ 1d2707ad
...@@ -26,6 +26,9 @@ declare(strict_types=1); ...@@ -26,6 +26,9 @@ declare(strict_types=1);
namespace OCA\Settings\Settings\Personal\Security; namespace OCA\Settings\Settings\Personal\Security;
use Exception;
use OC\Authentication\TwoFactorAuth\MandatoryTwoFactor;
use OCA\TwoFactorBackupCodes\Provider\BackupCodesProvider;
use function array_filter; use function array_filter;
use function array_map; use function array_map;
use function is_null; use function is_null;
...@@ -42,6 +45,9 @@ class TwoFactor implements ISettings { ...@@ -42,6 +45,9 @@ class TwoFactor implements ISettings {
/** @var ProviderLoader */ /** @var ProviderLoader */
private $providerLoader; private $providerLoader;
/** @var MandatoryTwoFactor */
private $mandatoryTwoFactor;
/** @var IUserSession */ /** @var IUserSession */
private $userSession; private $userSession;
...@@ -52,10 +58,12 @@ class TwoFactor implements ISettings { ...@@ -52,10 +58,12 @@ class TwoFactor implements ISettings {
private $config; private $config;
public function __construct(ProviderLoader $providerLoader, public function __construct(ProviderLoader $providerLoader,
MandatoryTwoFactor $mandatoryTwoFactor,
IUserSession $userSession, IUserSession $userSession,
IConfig $config, IConfig $config,
?string $UserId) { ?string $UserId) {
$this->providerLoader = $providerLoader; $this->providerLoader = $providerLoader;
$this->mandatoryTwoFactor = $mandatoryTwoFactor;
$this->userSession = $userSession; $this->userSession = $userSession;
$this->uid = $UserId; $this->uid = $UserId;
$this->config = $config; $this->config = $config;
...@@ -68,7 +76,10 @@ class TwoFactor implements ISettings { ...@@ -68,7 +76,10 @@ class TwoFactor implements ISettings {
]); ]);
} }
public function getSection(): string { public function getSection(): ?string {
if (!$this->shouldShow()) {
return null;
}
return 'security'; return 'security';
} }
...@@ -76,6 +87,35 @@ class TwoFactor implements ISettings { ...@@ -76,6 +87,35 @@ class TwoFactor implements ISettings {
return 15; return 15;
} }
private function shouldShow(): bool {
$user = $this->userSession->getUser();
if (is_null($user)) {
// Actually impossible, but still …
return false;
}
// Anyone who's supposed to use 2FA should see 2FA settings
if ($this->mandatoryTwoFactor->isEnforcedFor($user)) {
return true;
}
// If there is at least one provider with personal settings but it's not
// the backup codes provider, then these settings should show.
try {
$providers = $this->providerLoader->getProviders($user);
} catch (Exception $e) {
// Let's hope for the best
return true;
}
foreach ($providers as $provider) {
if ($provider instanceof IProvidesPersonalSettings
&& !($provider instanceof BackupCodesProvider)) {
return true;
}
}
return false;
}
private function getTwoFactorProviderData(): array { private function getTwoFactorProviderData(): array {
$user = $this->userSession->getUser(); $user = $this->userSession->getUser();
if (is_null($user)) { if (is_null($user)) {
......
lib/public/Settings/ISettings.php
+ 1
1
View file @ 1d2707ad
...@@ -38,7 +38,7 @@ interface ISettings { ...@@ -38,7 +38,7 @@ interface ISettings {
public function getForm(); public function getForm();
/** /**
* @return string the section ID, e.g. 'sharing' * @return string|null the section ID, e.g. 'sharing' or null to not show the setting
* @since 9.1 * @since 9.1
*/ */
public function getSection(); public function getSection();
......
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment