user->isAdmin() && $userId !== $this->user->getId()) { throw new Forbidden(); } $this->checkAllowed(); /** @var ?User $user */ $user = $this->entityManager->getEntity(User::ENTITY_TYPE, $userId); if (!$user) { throw new NotFound(); } $this->util->sendCode($user, $phoneNumber); $this->util->storePhoneNumber($user, $phoneNumber); } /** * @throws Forbidden */ private function checkAllowed(): void { if (!$this->config->get('auth2FA')) { throw new Forbidden("2FA is not enabled."); } if ($this->user->isPortal() && !$this->config->get('auth2FAInPortal')) { throw new Forbidden("2FA is not enabled in portals."); } $methodList = $this->config->get('auth2FAMethodList') ?? []; if (!in_array(SmsLogin::NAME, $methodList)) { throw new Forbidden("Sms 2FA is not allowed."); } } }