From 4ff1efa41883f80bb1764ea97dd9dd46b557a979 Mon Sep 17 00:00:00 2001 From: =?utf8?q?Nicolas=20L=C5=93uillet?= Date: Mon, 13 Apr 2020 16:59:02 +0200 Subject: [PATCH] Added a button to disable 2FA when enabled --- .../Controller/ConfigController.php | 55 +++++++++++++++++++ .../Resources/translations/messages.da.yml | 1 + .../Resources/translations/messages.de.yml | 1 + .../Resources/translations/messages.en.yml | 1 + .../Resources/translations/messages.es.yml | 1 + .../Resources/translations/messages.fa.yml | 1 + .../Resources/translations/messages.fr.yml | 1 + .../Resources/translations/messages.it.yml | 1 + .../Resources/translations/messages.ja.yml | 1 + .../Resources/translations/messages.oc.yml | 1 + .../Resources/translations/messages.pl.yml | 1 + .../Resources/translations/messages.pt.yml | 1 + .../Resources/translations/messages.ro.yml | 1 + .../Resources/translations/messages.ru.yml | 1 + .../Resources/translations/messages.th.yml | 1 + .../Resources/translations/messages.tr.yml | 1 + .../Resources/translations/messages.zh.yml | 1 + .../views/themes/baggy/Config/index.html.twig | 4 +- .../themes/material/Config/index.html.twig | 4 +- .../Controller/ConfigControllerTest.php | 47 ++++++++++++++++ 20 files changed, 122 insertions(+), 4 deletions(-) diff --git a/src/Wallabag/CoreBundle/Controller/ConfigController.php b/src/Wallabag/CoreBundle/Controller/ConfigController.php index 6655ef93..56efe82b 100644 --- a/src/Wallabag/CoreBundle/Controller/ConfigController.php +++ b/src/Wallabag/CoreBundle/Controller/ConfigController.php @@ -192,6 +192,30 @@ class ConfigController extends Controller ]); } + /** + * Disable 2FA using email. + * + * @Route("/config/otp/email/disable", name="disable_otp_email") + */ + public function disableOtpEmailAction() + { + if (!$this->getParameter('twofactor_auth')) { + return $this->createNotFoundException('two_factor not enabled'); + } + + $user = $this->getUser(); + $user->setEmailTwoFactor(false); + + $this->container->get('fos_user.user_manager')->updateUser($user, true); + + $this->addFlash( + 'notice', + 'flashes.config.notice.otp_disabled' + ); + + return $this->redirect($this->generateUrl('config') . '#set3'); + } + /** * Enable 2FA using email. * @@ -219,6 +243,32 @@ class ConfigController extends Controller return $this->redirect($this->generateUrl('config') . '#set3'); } + /** + * Disable 2FA using OTP app. + * + * @Route("/config/otp/app/disable", name="disable_otp_app") + */ + public function disableOtpAppAction() + { + if (!$this->getParameter('twofactor_auth')) { + return $this->createNotFoundException('two_factor not enabled'); + } + + $user = $this->getUser(); + + $user->setGoogleAuthenticatorSecret(''); + $user->setBackupCodes(null); + + $this->container->get('fos_user.user_manager')->updateUser($user, true); + + $this->addFlash( + 'notice', + 'flashes.config.notice.otp_disabled' + ); + + return $this->redirect($this->generateUrl('config') . '#set3'); + } + /** * Enable 2FA using OTP app, user will need to confirm the generated code from the app. * @@ -248,6 +298,11 @@ class ConfigController extends Controller $this->container->get('fos_user.user_manager')->updateUser($user, true); + $this->addFlash( + 'notice', + 'flashes.config.notice.otp_enabled' + ); + return $this->render('WallabagCoreBundle:Config:otp_app.html.twig', [ 'backupCodes' => $backupCodes, 'qr_code' => $this->get('scheb_two_factor.security.google_authenticator')->getQRContent($user), diff --git a/src/Wallabag/CoreBundle/Resources/translations/messages.da.yml b/src/Wallabag/CoreBundle/Resources/translations/messages.da.yml index 53b60c72..fc43e9fd 100644 --- a/src/Wallabag/CoreBundle/Resources/translations/messages.da.yml +++ b/src/Wallabag/CoreBundle/Resources/translations/messages.da.yml @@ -613,6 +613,7 @@ flashes: # entries_reset: Entries reset # archived_reset: Archived entries deleted # otp_enabled: Two-factor authentication enabled + # otp_disabled: Two-factor authentication disabled # tagging_rules_imported: Tagging rules imported # tagging_rules_not_imported: Error while importing tagging rules entry: diff --git a/src/Wallabag/CoreBundle/Resources/translations/messages.de.yml b/src/Wallabag/CoreBundle/Resources/translations/messages.de.yml index b9694be8..53c960b6 100644 --- a/src/Wallabag/CoreBundle/Resources/translations/messages.de.yml +++ b/src/Wallabag/CoreBundle/Resources/translations/messages.de.yml @@ -613,6 +613,7 @@ flashes: entries_reset: Einträge zurücksetzen archived_reset: Archiverte Einträge zurücksetzen # otp_enabled: Two-factor authentication enabled + # otp_disabled: Two-factor authentication disabled # tagging_rules_imported: Tagging rules imported # tagging_rules_not_imported: Error while importing tagging rules entry: diff --git a/src/Wallabag/CoreBundle/Resources/translations/messages.en.yml b/src/Wallabag/CoreBundle/Resources/translations/messages.en.yml index e8b1ea15..c6e3cd42 100644 --- a/src/Wallabag/CoreBundle/Resources/translations/messages.en.yml +++ b/src/Wallabag/CoreBundle/Resources/translations/messages.en.yml @@ -613,6 +613,7 @@ flashes: entries_reset: Entries reset archived_reset: Archived entries deleted otp_enabled: Two-factor authentication enabled + otp_disabled: Two-factor authentication disabled tagging_rules_imported: Tagging rules imported tagging_rules_not_imported: Error while importing tagging rules entry: diff --git a/src/Wallabag/CoreBundle/Resources/translations/messages.es.yml b/src/Wallabag/CoreBundle/Resources/translations/messages.es.yml index 6fd44f8e..72e36449 100644 --- a/src/Wallabag/CoreBundle/Resources/translations/messages.es.yml +++ b/src/Wallabag/CoreBundle/Resources/translations/messages.es.yml @@ -613,6 +613,7 @@ flashes: entries_reset: Artículos reiniciados archived_reset: Artículos archivados borrados otp_enabled: Autenticación de dos pasos activada + # otp_disabled: Two-factor authentication disabled tagging_rules_imported: Reglas de etiquetado importadas tagging_rules_not_imported: Un error se ha producico en la importación de las reglas de etiquetado entry: diff --git a/src/Wallabag/CoreBundle/Resources/translations/messages.fa.yml b/src/Wallabag/CoreBundle/Resources/translations/messages.fa.yml index 627923b0..8da90018 100644 --- a/src/Wallabag/CoreBundle/Resources/translations/messages.fa.yml +++ b/src/Wallabag/CoreBundle/Resources/translations/messages.fa.yml @@ -613,6 +613,7 @@ flashes: # entries_reset: Entries reset # archived_reset: Archived entries deleted # otp_enabled: Two-factor authentication enabled + # otp_disabled: Two-factor authentication disabled # tagging_rules_imported: Tagging rules imported # tagging_rules_not_imported: Error while importing tagging rules entry: diff --git a/src/Wallabag/CoreBundle/Resources/translations/messages.fr.yml b/src/Wallabag/CoreBundle/Resources/translations/messages.fr.yml index 542dc25c..d5454781 100644 --- a/src/Wallabag/CoreBundle/Resources/translations/messages.fr.yml +++ b/src/Wallabag/CoreBundle/Resources/translations/messages.fr.yml @@ -614,6 +614,7 @@ flashes: entries_reset: "Articles supprimés" archived_reset: "Articles archivés supprimés" otp_enabled: "Authentification à double-facteur activée" + otp_disabled: "Authentification à double-facteur désactivée" tagging_rules_imported: Règles bien importées tagging_rules_not_imported: Impossible d'importer les règles entry: diff --git a/src/Wallabag/CoreBundle/Resources/translations/messages.it.yml b/src/Wallabag/CoreBundle/Resources/translations/messages.it.yml index 5d017a40..99a8dc2d 100644 --- a/src/Wallabag/CoreBundle/Resources/translations/messages.it.yml +++ b/src/Wallabag/CoreBundle/Resources/translations/messages.it.yml @@ -613,6 +613,7 @@ flashes: entries_reset: Reset articoli # archived_reset: Archived entries deleted # otp_enabled: Two-factor authentication enabled + # otp_disabled: Two-factor authentication disabled # tagging_rules_imported: Tagging rules imported # tagging_rules_not_imported: Error while importing tagging rules entry: diff --git a/src/Wallabag/CoreBundle/Resources/translations/messages.ja.yml b/src/Wallabag/CoreBundle/Resources/translations/messages.ja.yml index 9de8c571..a1eaa5dd 100644 --- a/src/Wallabag/CoreBundle/Resources/translations/messages.ja.yml +++ b/src/Wallabag/CoreBundle/Resources/translations/messages.ja.yml @@ -613,6 +613,7 @@ flashes: entries_reset: 記事がリセットされました archived_reset: アーカイブ済みの記事がリセットされました otp_enabled: 2要素認証が有効化されました + # otp_disabled: Two-factor authentication disabled tagging_rules_imported: タグ付けルールがインポートされました tagging_rules_not_imported: タグ付けルールのインポート中にエラーが発生しました entry: diff --git a/src/Wallabag/CoreBundle/Resources/translations/messages.oc.yml b/src/Wallabag/CoreBundle/Resources/translations/messages.oc.yml index e0fb1933..598243db 100644 --- a/src/Wallabag/CoreBundle/Resources/translations/messages.oc.yml +++ b/src/Wallabag/CoreBundle/Resources/translations/messages.oc.yml @@ -613,6 +613,7 @@ flashes: entries_reset: Articles levats archived_reset: Articles archivat suprimits otp_enabled: Autentificacion en dos temps activada + # otp_disabled: Two-factor authentication disabled tagging_rules_imported: Règlas d’etiquetatge importadas tagging_rules_not_imported: Error en important las règlas d’etiquetatge entry: diff --git a/src/Wallabag/CoreBundle/Resources/translations/messages.pl.yml b/src/Wallabag/CoreBundle/Resources/translations/messages.pl.yml index dfaf9e89..af8447fe 100644 --- a/src/Wallabag/CoreBundle/Resources/translations/messages.pl.yml +++ b/src/Wallabag/CoreBundle/Resources/translations/messages.pl.yml @@ -613,6 +613,7 @@ flashes: entries_reset: Zresetuj wpisy archived_reset: Zarchiwizowane wpisy usunięte # otp_enabled: Two-factor authentication enabled + # otp_disabled: Two-factor authentication disabled # tagging_rules_imported: Tagging rules imported # tagging_rules_not_imported: Error while importing tagging rules entry: diff --git a/src/Wallabag/CoreBundle/Resources/translations/messages.pt.yml b/src/Wallabag/CoreBundle/Resources/translations/messages.pt.yml index 8908c0cc..d993cb05 100644 --- a/src/Wallabag/CoreBundle/Resources/translations/messages.pt.yml +++ b/src/Wallabag/CoreBundle/Resources/translations/messages.pt.yml @@ -613,6 +613,7 @@ flashes: entries_reset: Artigos reinicializados archived_reset: Artigos arquivados apagados otp_enabled: Autenticação de dois fatores ativada + # otp_disabled: Two-factor authentication disabled tagging_rules_imported: Regras de tags importadas tagging_rules_not_imported: Erro ao importar regras de tags entry: diff --git a/src/Wallabag/CoreBundle/Resources/translations/messages.ro.yml b/src/Wallabag/CoreBundle/Resources/translations/messages.ro.yml index b269578a..bc8b72e0 100644 --- a/src/Wallabag/CoreBundle/Resources/translations/messages.ro.yml +++ b/src/Wallabag/CoreBundle/Resources/translations/messages.ro.yml @@ -613,6 +613,7 @@ flashes: # entries_reset: Entries reset # archived_reset: Archived entries deleted # otp_enabled: Two-factor authentication enabled + # otp_disabled: Two-factor authentication disabled # tagging_rules_imported: Tagging rules imported # tagging_rules_not_imported: Error while importing tagging rules entry: diff --git a/src/Wallabag/CoreBundle/Resources/translations/messages.ru.yml b/src/Wallabag/CoreBundle/Resources/translations/messages.ru.yml index 648bbc80..2f7f55e5 100644 --- a/src/Wallabag/CoreBundle/Resources/translations/messages.ru.yml +++ b/src/Wallabag/CoreBundle/Resources/translations/messages.ru.yml @@ -613,6 +613,7 @@ flashes: entries_reset: "Записи сброшены" # archived_reset: Archived entries deleted # otp_enabled: Two-factor authentication enabled + # otp_disabled: Two-factor authentication disabled # tagging_rules_imported: Tagging rules imported # tagging_rules_not_imported: Error while importing tagging rules entry: diff --git a/src/Wallabag/CoreBundle/Resources/translations/messages.th.yml b/src/Wallabag/CoreBundle/Resources/translations/messages.th.yml index 4de87adc..48e1c34a 100644 --- a/src/Wallabag/CoreBundle/Resources/translations/messages.th.yml +++ b/src/Wallabag/CoreBundle/Resources/translations/messages.th.yml @@ -613,6 +613,7 @@ flashes: entries_reset: รีเซ็ตรายการ archived_reset: การลบเอกสารของรายการ # otp_enabled: Two-factor authentication enabled + # otp_disabled: Two-factor authentication disabled # tagging_rules_imported: Tagging rules imported # tagging_rules_not_imported: Error while importing tagging rules entry: diff --git a/src/Wallabag/CoreBundle/Resources/translations/messages.tr.yml b/src/Wallabag/CoreBundle/Resources/translations/messages.tr.yml index 9afa648c..19029c0b 100644 --- a/src/Wallabag/CoreBundle/Resources/translations/messages.tr.yml +++ b/src/Wallabag/CoreBundle/Resources/translations/messages.tr.yml @@ -613,6 +613,7 @@ flashes: # entries_reset: Entries reset # archived_reset: Archived entries deleted # otp_enabled: Two-factor authentication enabled + # otp_disabled: Two-factor authentication disabled # tagging_rules_imported: Tagging rules imported # tagging_rules_not_imported: Error while importing tagging rules entry: diff --git a/src/Wallabag/CoreBundle/Resources/translations/messages.zh.yml b/src/Wallabag/CoreBundle/Resources/translations/messages.zh.yml index a34e3852..f48ce37a 100644 --- a/src/Wallabag/CoreBundle/Resources/translations/messages.zh.yml +++ b/src/Wallabag/CoreBundle/Resources/translations/messages.zh.yml @@ -613,6 +613,7 @@ flashes: entries_reset: 项目列表已重置 archived_reset: 所有存档项目已删除 otp_enabled: 两步验证已启用 + # otp_disabled: Two-factor authentication disabled tagging_rules_imported: 标签规则已导入 tagging_rules_not_imported: 导入标签规则时发生了错误 entry: diff --git a/src/Wallabag/CoreBundle/Resources/views/themes/baggy/Config/index.html.twig b/src/Wallabag/CoreBundle/Resources/views/themes/baggy/Config/index.html.twig index f719bea2..eb395eac 100644 --- a/src/Wallabag/CoreBundle/Resources/views/themes/baggy/Config/index.html.twig +++ b/src/Wallabag/CoreBundle/Resources/views/themes/baggy/Config/index.html.twig @@ -195,12 +195,12 @@ {{ 'config.form_user.two_factor.emailTwoFactor_label'|trans }} {% if app.user.isEmailTwoFactor %}{{ 'config.form_user.two_factor.state_enabled'|trans }}{% else %}{{ 'config.form_user.two_factor.state_disabled'|trans }}{% endif %} - {{ 'config.form_user.two_factor.action_email'|trans }} + {{ 'config.form_user.two_factor.action_email'|trans }} {% if app.user.isEmailTwoFactor %}Disable{% endif %} {{ 'config.form_user.two_factor.googleTwoFactor_label'|trans }} {% if app.user.isGoogleTwoFactor %}{{ 'config.form_user.two_factor.state_enabled'|trans }}{% else %}{{ 'config.form_user.two_factor.state_disabled'|trans }}{% endif %} - {{ 'config.form_user.two_factor.action_app'|trans }} + {{ 'config.form_user.two_factor.action_app'|trans }} {% if app.user.isGoogleTwoFactor %}Disable{% endif %} diff --git a/src/Wallabag/CoreBundle/Resources/views/themes/material/Config/index.html.twig b/src/Wallabag/CoreBundle/Resources/views/themes/material/Config/index.html.twig index d8e9694d..42d1f2a6 100644 --- a/src/Wallabag/CoreBundle/Resources/views/themes/material/Config/index.html.twig +++ b/src/Wallabag/CoreBundle/Resources/views/themes/material/Config/index.html.twig @@ -229,12 +229,12 @@ {{ 'config.form_user.two_factor.emailTwoFactor_label'|trans }} {% if app.user.isEmailTwoFactor %}{{ 'config.form_user.two_factor.state_enabled'|trans }}{% else %}{{ 'config.form_user.two_factor.state_disabled'|trans }}{% endif %} - {{ 'config.form_user.two_factor.action_email'|trans }} + {{ 'config.form_user.two_factor.action_email'|trans }} {% if app.user.isEmailTwoFactor %}Disable{% endif %} {{ 'config.form_user.two_factor.googleTwoFactor_label'|trans }} {% if app.user.isGoogleTwoFactor %}{{ 'config.form_user.two_factor.state_enabled'|trans }}{% else %}{{ 'config.form_user.two_factor.state_disabled'|trans }}{% endif %} - {{ 'config.form_user.two_factor.action_app'|trans }} + {{ 'config.form_user.two_factor.action_app'|trans }} {% if app.user.isGoogleTwoFactor %}Disable{% endif %} diff --git a/tests/Wallabag/CoreBundle/Controller/ConfigControllerTest.php b/tests/Wallabag/CoreBundle/Controller/ConfigControllerTest.php index fa93c9c2..b3b3a19a 100644 --- a/tests/Wallabag/CoreBundle/Controller/ConfigControllerTest.php +++ b/tests/Wallabag/CoreBundle/Controller/ConfigControllerTest.php @@ -1045,6 +1045,29 @@ class ConfigControllerTest extends WallabagCoreTestCase $em->flush(); } + public function testUserDisable2faEmail() + { + $this->logInAs('admin'); + $client = $this->getClient(); + + $crawler = $client->request('GET', '/config/otp/email/disable'); + + $this->assertSame(302, $client->getResponse()->getStatusCode()); + + $crawler = $client->followRedirect(); + + $this->assertGreaterThan(1, $alert = $crawler->filter('body')->extract(['_text'])); + $this->assertContains('flashes.config.notice.otp_disabled', $alert[0]); + + // restore user + $em = $this->getEntityManager(); + $user = $em + ->getRepository('WallabagUserBundle:User') + ->findOneByUsername('admin'); + + $this->assertFalse($user->isEmailTwoFactor()); + } + public function testUserEnable2faGoogle() { $this->logInAs('admin'); @@ -1099,6 +1122,30 @@ class ConfigControllerTest extends WallabagCoreTestCase $this->assertEmpty($user->getBackupCodes()); } + public function testUserDisable2faGoogle() + { + $this->logInAs('admin'); + $client = $this->getClient(); + + $crawler = $client->request('GET', '/config/otp/app/disable'); + + $this->assertSame(302, $client->getResponse()->getStatusCode()); + + $crawler = $client->followRedirect(); + + $this->assertGreaterThan(1, $alert = $crawler->filter('body')->extract(['_text'])); + $this->assertContains('flashes.config.notice.otp_disabled', $alert[0]); + + // restore user + $em = $this->getEntityManager(); + $user = $em + ->getRepository('WallabagUserBundle:User') + ->findOneByUsername('admin'); + + $this->assertEmpty($user->getGoogleAuthenticatorSecret()); + $this->assertEmpty($user->getBackupCodes()); + } + public function testExportTaggingRule() { $this->logInAs('admin'); -- 2.41.0