extern/egroupware_official
1
0
Fork 0
mirror of https://github.com/EGroupware/egroupware.git synced 2024-12-22 14:41:29 +01:00
Code Issues Packages Projects Releases Wiki Activity

Admin: split clear user's credentials into 2 actions, mail & all others

Browse Source
This commit is contained in:
nathangray 2021-01-11 11:53:04 -07:00
parent b911da6eb8
commit e864fb9c5d
4 changed files with 53 additions and 16 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
admin/inc/class.admin_hooks.inc.php
View File

@ -202,7 +202,19 @@ class admin_hooks
'caption' => 'Clear credentials', 'caption' => 'Clear credentials',
'icon' => 'password', 'icon' => 'password',
'onExecute' => 'javaScript:app.admin.clear_credentials_handler', 'onExecute' => 'javaScript:app.admin.clear_credentials_handler',
'confirm' => 'Clear credentials' 'confirm' => 'Clear credentials',
'children' => array (
'clear_2fa' => array (
'caption' => 'Clear security tokens',
'icon' => 'password',
'allowOnMultiple' => true
),
'clear_mail' => array (
'caption' => 'Clear mail credentials',
'icon' => 'mail',
'allowOnMultiple' => true
)
)
); );
if (!$GLOBALS['egw']->acl->check('current_sessions',1,'admin')) // no rights to view if (!$GLOBALS['egw']->acl->check('current_sessions',1,'admin')) // no rights to view

49
admin/inc/class.admin_passwordreset.inc.php
View File

@ -14,6 +14,9 @@ include_once(EGW_INCLUDE_ROOT.'/setup/inc/hook_config.inc.php'); // functions to
use EGroupware\Api; use EGroupware\Api;
use EGroupware\Api\Framework; use EGroupware\Api\Framework;
use EGroupware\Api\Mail\Credentials;
use EGroupware\OpenID\Repositories\AccessTokenRepository;
use EGroupware\WebAuthn\PublicKeyCredentialSourceRepository;
/** /**
* Reset passwords * Reset passwords
@ -287,19 +290,28 @@ class admin_passwordreset
)); ));
} }
public function ajax_clear_credentials($account_ids) public function ajax_clear_credentials($action_id, $account_ids)
{ {
$msg = []; $msg = [];
if($count = Api\Mail\Credentials::delete(0,$account_ids)) if($action_id == 'clear_mail')
{ {
$count = Api\Mail\Credentials::delete(0,$account_ids);
$msg[] = lang("%1 mail credentials deleted", $count); $msg[] = lang("%1 mail credentials deleted", $count);
} }
$action['action'] = 'delete'; $action['action'] = 'delete';
$action['selected'] = $account_ids; $action['selected'] = $account_ids;
$hook_data = array();
$hook_data = Api\Hooks::process(array('location' => 'preferences_security'), ['openid'], true); if($action_id == 'clear_2fa')
{
if (Credentials::delete(0, $GLOBALS['egw_info']['user']['account_id'], Credentials::TWOFA))
{
$msg[] = lang('Secret deleted, two factor authentication disabled.');
}
$hook_data = Api\Hooks::process(array('location' => 'preferences_security'), ['openid'], true);
}
foreach($hook_data as $extra_tab) foreach($hook_data as $extra_tab)
{ {
if($extra_tab['delete']) if($extra_tab['delete'])
@ -308,16 +320,31 @@ class admin_passwordreset
} }
else else
{ {
// Each credential / security option can have its nm as a different ID switch ($extra_tab['name'])
$content['tabs'] = $extra_tab['name'];
foreach($extra_tab['data'] as $id => $datum)
{ {
if($datum['get_rows']) case 'openid.access_tokens':
{ // We need to get all access tokens, no easy way to delete by account
$content[$id] = $action; $token_repo = new AccessTokenRepository();
} $token_repo->revokeAccessToken(['account_id' => $action['selected']]);
$count = $GLOBALS['egw']->db->affected_rows();
$msg[] = ($count > 1 ? $count.' ' : '') . lang('Access Token revoked.');
break;
case 'webauthn.tokens':
$token_repo = new PublicKeyCredentialSourceRepository();
$count = $token_repo->delete(['account_id' => $action['selected']]);
$msg[] = ($count > 1 ? $count.' ' : '') . lang($extra_tab['label']) . ' ' . lang('deleted');
default:
// Each credential / security option can have its nm as a different ID
$content['tabs'] = $extra_tab['name'];
foreach($extra_tab['data'] as $id => $datum)
{
if(is_array($datum) && array_key_exists('get_rows',$datum))
{
$content[$id] = $action;
}
}
$msg[] = call_user_func_array($extra_tab['save_callback'], [$content]);
} }
$msg[] = call_user_func_array($extra_tab['save_callback'], [$content]);
} }
} }
Framework::message(implode("\n",$msg), 'success'); Framework::message(implode("\n",$msg), 'success');

3
admin/js/app.js
View File

@ -1150,12 +1150,11 @@ var AdminApp = /** @class */ (function (_super) {
*/ */
AdminApp.prototype.clear_credentials_handler = function (action, selected) { AdminApp.prototype.clear_credentials_handler = function (action, selected) {
var ids = []; var ids = [];
debugger;
for (var _i = 0, selected_1 = selected; _i < selected_1.length; _i++) { for (var _i = 0, selected_1 = selected; _i < selected_1.length; _i++) {
var row = selected_1[_i]; var row = selected_1[_i];
ids.push(row.id.split("::").pop()); ids.push(row.id.split("::").pop());
} }
this.egw.request("admin.admin_passwordreset.ajax_clear_credentials", [ids]); this.egw.request("admin.admin_passwordreset.ajax_clear_credentials", [action.id, ids]);
}; };
/** /**
* Export content of given field into relevant file * Export content of given field into relevant file

3
admin/js/app.ts
View File

@ -1391,12 +1391,11 @@ class AdminApp extends EgwApp
clear_credentials_handler(action : egwAction, selected: egwActionObject[]) clear_credentials_handler(action : egwAction, selected: egwActionObject[])
{ {
let ids = []; let ids = [];
debugger;
for(let row of selected) for(let row of selected)
{ {
ids.push(row.id.split("::").pop()); ids.push(row.id.split("::").pop());
} }
this.egw.request("admin.admin_passwordreset.ajax_clear_credentials", [ids]); this.egw.request("admin.admin_passwordreset.ajax_clear_credentials", [action.id, ids]);
} }
/** /**