diff --git a/application/Espo/Controllers/UserSecurity.php b/application/Espo/Controllers/UserSecurity.php index 2068ca8884..a810530df9 100644 --- a/application/Espo/Controllers/UserSecurity.php +++ b/application/Espo/Controllers/UserSecurity.php @@ -32,28 +32,32 @@ namespace Espo\Controllers; use Espo\Core\Exceptions\Forbidden; use Espo\Core\Exceptions\BadRequest; -use Espo\Core\{ - Controllers\Base, - Api\Request, -}; +use Espo\Core\Api\Request; -use StdClass; +use Espo\Services\UserSecurity as Service; -class UserSecurity extends Base +use Espo\Entities\User; + +use stdClass; + +class UserSecurity { - protected function checkAccess(): bool + private $service; + + public function __construct(Service $service, User $user) { + $this->service = $service; + $this->user = $user; + if ( !$this->user->isAdmin() && !$this->user->isRegular() ) { - return false; + throw new Forbidden(); } - - return true; } - public function getActionRead(Request $request): StdClass + public function getActionRead(Request $request): stdClass { $id = $request->getRouteParam('id'); @@ -65,27 +69,27 @@ class UserSecurity extends Base throw new Forbidden(); } - return $this->getService('UserSecurity')->read($id); + return $this->service->read($id); } - public function postActionGenerate2FAData(Request $request): StdClass + public function postActionGetTwoFactorUserSetupData(Request $request): stdClass { $data = $request->getParsedBody(); $id = $data->id ?? null; if (!$id) { - throw new BadRequest(); + throw new BadRequest("No 'id'."); } if (!$this->user->isAdmin() && $id !== $this->user->getId()) { throw new Forbidden(); } - return $this->getService('UserSecurity')->generate2FAData($id, $data); + return $this->service->getTwoFactorUserSetupData($id, $data); } - public function putActionUpdate(Request $request): StdClass + public function putActionUpdate(Request $request): stdClass { $id = $request->getRouteParam('id'); @@ -99,6 +103,6 @@ class UserSecurity extends Base throw new Forbidden(); } - return $this->getService('UserSecurity')->update($id, $data); + return $this->service->update($id, $data); } } diff --git a/application/Espo/Core/Authentication/TwoFactor/Totp/TotpUserSetup.php b/application/Espo/Core/Authentication/TwoFactor/Totp/TotpUserSetup.php index 1cdebdaaea..aacbf6b9aa 100644 --- a/application/Espo/Core/Authentication/TwoFactor/Totp/TotpUserSetup.php +++ b/application/Espo/Core/Authentication/TwoFactor/Totp/TotpUserSetup.php @@ -58,7 +58,7 @@ class TotpUserSetup implements UserSetup $this->entityManager = $entityManager; } - public function generateData(User $user): stdClass + public function getData(User $user): stdClass { $userName = $user->get('userName'); diff --git a/application/Espo/Core/Authentication/TwoFactor/UserSetup.php b/application/Espo/Core/Authentication/TwoFactor/UserSetup.php index a08678a2ba..a614c860c1 100644 --- a/application/Espo/Core/Authentication/TwoFactor/UserSetup.php +++ b/application/Espo/Core/Authentication/TwoFactor/UserSetup.php @@ -39,12 +39,12 @@ use stdClass; interface UserSetup { /** - * Generate data needed for configuration for a user. Data will be passed to the front-end. + * Get data needed for configuration for a user. Data will be passed to the front-end. */ - public function generateData(User $user): stdClass; + public function getData(User $user): stdClass; /** - * Verify data before making 2FA enabled for a user. + * Verify input data before making 2FA enabled for a user. */ public function verifyData(User $user, stdClass $payloadData): bool; } diff --git a/application/Espo/Services/UserSecurity.php b/application/Espo/Services/UserSecurity.php index e35c3a1c30..03eebd801f 100644 --- a/application/Espo/Services/UserSecurity.php +++ b/application/Espo/Services/UserSecurity.php @@ -106,7 +106,7 @@ class UserSecurity ]; } - public function generate2FAData(string $id, stdClass $data): stdClass + public function getTwoFactorUserSetupData(string $id, stdClass $data): stdClass { if (!$this->user->isAdmin() && $id !== $this->user->getId()) { throw new Forbidden(); @@ -148,7 +148,7 @@ class UserSecurity $generatedData = $this->twoFactorUserSetupFactory ->create($auth2FAMethod) - ->generateData($user); + ->getData($user); $userData->set($generatedData); diff --git a/client/src/views/user-security/modals/totp.js b/client/src/views/user-security/modals/totp.js index f15885ad52..37094ec64d 100644 --- a/client/src/views/user-security/modals/totp.js +++ b/client/src/views/user-security/modals/totp.js @@ -57,7 +57,7 @@ define('views/user-security/modals/totp', this.wait( Espo.Ajax - .postRequest('UserSecurity/action/generate2FAData', { + .postRequest('UserSecurity/action/getTwoFactorUserSetupData', { id: this.model.id, password: this.model.get('password'), auth2FAMethod: this.model.get('auth2FAMethod'), @@ -141,6 +141,7 @@ define('views/user-security/modals/totp', .save() .then(() => { Espo.Ui.notify(false); + this.trigger('done'); }) .catch(() => { diff --git a/client/src/views/user/modals/security.js b/client/src/views/user/modals/security.js index 6858e880ba..959071f5c7 100644 --- a/client/src/views/user/modals/security.js +++ b/client/src/views/user/modals/security.js @@ -111,7 +111,7 @@ define('views/user/modals/security', ['views/modal', 'model'], function (Dep, Mo ] } ], - }, function (view) { + }, (view) => { this.controlFieldsVisibility(view); this.listenTo(this.model, 'change:auth2FA', () => {