Admin: split clear user's credentials into 2 actions, mail & all others

This commit is contained in:
nathangray 2021-01-11 11:53:04 -07:00
parent b911da6eb8
commit e864fb9c5d
4 changed files with 53 additions and 16 deletions

View File

@ -202,7 +202,19 @@ class admin_hooks
'caption' => 'Clear credentials',
'icon' => 'password',
'onExecute' => 'javaScript:app.admin.clear_credentials_handler',
'confirm' => 'Clear credentials'
'confirm' => 'Clear credentials',
'children' => array (
'clear_2fa' => array (
'caption' => 'Clear security tokens',
'icon' => 'password',
'allowOnMultiple' => true
),
'clear_mail' => array (
'caption' => 'Clear mail credentials',
'icon' => 'mail',
'allowOnMultiple' => true
)
)
);
if (!$GLOBALS['egw']->acl->check('current_sessions',1,'admin')) // no rights to view

View File

@ -14,6 +14,9 @@ include_once(EGW_INCLUDE_ROOT.'/setup/inc/hook_config.inc.php'); // functions to
use EGroupware\Api;
use EGroupware\Api\Framework;
use EGroupware\Api\Mail\Credentials;
use EGroupware\OpenID\Repositories\AccessTokenRepository;
use EGroupware\WebAuthn\PublicKeyCredentialSourceRepository;
/**
* Reset passwords
@ -287,19 +290,28 @@ class admin_passwordreset
));
}
public function ajax_clear_credentials($account_ids)
public function ajax_clear_credentials($action_id, $account_ids)
{
$msg = [];
if($count = Api\Mail\Credentials::delete(0,$account_ids))
if($action_id == 'clear_mail')
{
$count = Api\Mail\Credentials::delete(0,$account_ids);
$msg[] = lang("%1 mail credentials deleted", $count);
}
$action['action'] = 'delete';
$action['selected'] = $account_ids;
$hook_data = array();
if($action_id == 'clear_2fa')
{
if (Credentials::delete(0, $GLOBALS['egw_info']['user']['account_id'], Credentials::TWOFA))
{
$msg[] = lang('Secret deleted, two factor authentication disabled.');
}
$hook_data = Api\Hooks::process(array('location' => 'preferences_security'), ['openid'], true);
}
foreach($hook_data as $extra_tab)
{
if($extra_tab['delete'])
@ -308,11 +320,25 @@ class admin_passwordreset
}
else
{
switch ($extra_tab['name'])
{
case 'openid.access_tokens':
// We need to get all access tokens, no easy way to delete by account
$token_repo = new AccessTokenRepository();
$token_repo->revokeAccessToken(['account_id' => $action['selected']]);
$count = $GLOBALS['egw']->db->affected_rows();
$msg[] = ($count > 1 ? $count.' ' : '') . lang('Access Token revoked.');
break;
case 'webauthn.tokens':
$token_repo = new PublicKeyCredentialSourceRepository();
$count = $token_repo->delete(['account_id' => $action['selected']]);
$msg[] = ($count > 1 ? $count.' ' : '') . lang($extra_tab['label']) . ' ' . lang('deleted');
default:
// Each credential / security option can have its nm as a different ID
$content['tabs'] = $extra_tab['name'];
foreach($extra_tab['data'] as $id => $datum)
{
if($datum['get_rows'])
if(is_array($datum) && array_key_exists('get_rows',$datum))
{
$content[$id] = $action;
}
@ -320,6 +346,7 @@ class admin_passwordreset
$msg[] = call_user_func_array($extra_tab['save_callback'], [$content]);
}
}
}
Framework::message(implode("\n",$msg), 'success');
Framework::redirect_link('/index.php', 'menuaction=admin.admin_ui.index','admin');
}

View File

@ -1150,12 +1150,11 @@ var AdminApp = /** @class */ (function (_super) {
*/
AdminApp.prototype.clear_credentials_handler = function (action, selected) {
var ids = [];
debugger;
for (var _i = 0, selected_1 = selected; _i < selected_1.length; _i++) {
var row = selected_1[_i];
ids.push(row.id.split("::").pop());
}
this.egw.request("admin.admin_passwordreset.ajax_clear_credentials", [ids]);
this.egw.request("admin.admin_passwordreset.ajax_clear_credentials", [action.id, ids]);
};
/**
* Export content of given field into relevant file

View File

@ -1391,12 +1391,11 @@ class AdminApp extends EgwApp
clear_credentials_handler(action : egwAction, selected: egwActionObject[])
{
let ids = [];
debugger;
for(let row of selected)
{
ids.push(row.id.split("::").pop());
}
this.egw.request("admin.admin_passwordreset.ajax_clear_credentials", [ids]);
this.egw.request("admin.admin_passwordreset.ajax_clear_credentials", [action.id, ids]);
}
/**