mirror of
https://github.com/moodle/moodle.git
synced 2025-08-11 11:56:40 +02:00
00db83d1bf
In this commit, there are couple of fixes based on the report: 1. Removed legacy polyfill from provider.php 2. Fixed phpunit warning detected by CodeChecker 3. Removed unused files 4. Fixed the PHPunit failures by removing "securityquestions" from the data_provider due to it has not been included as one of the factors 5. Added PHPunit test to the factors that can be unittested 6. Removed !important rule from tool_mfa/styles.css 7. Added (int) type to sleep method within sleep_timer method due to a php deprecation in too_mfa/classes/manager.php 8. Changed last param form bool to string in not_enough_factors() when initiating a new single_button object in tool_mfa/renderer.php 9. Add explanation text to login page 10. Fixed "Access to an undefined property .." from PHPStan 12. Fixed all the "Variable $.. might not be defined" from PHPStan 13. Fixed the issue from https://github.com/catalyst/moodle-tool_mfa/issues/379
154 lines
4.5 KiB
PHP
154 lines
4.5 KiB
PHP
<?php
|
|
// This file is part of Moodle - http://moodle.org/
|
|
//
|
|
// Moodle is free software: you can redistribute it and/or modify
|
|
// it under the terms of the GNU General Public License as published by
|
|
// the Free Software Foundation, either version 3 of the License, or
|
|
// (at your option) any later version.
|
|
//
|
|
// Moodle is distributed in the hope that it will be useful,
|
|
// but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
// GNU General Public License for more details.
|
|
//
|
|
// You should have received a copy of the GNU General Public License
|
|
// along with Moodle. If not, see <http://www.gnu.org/licenses/>.
|
|
|
|
/**
|
|
* Moodle MFA plugin lib
|
|
*
|
|
* @package tool_mfa
|
|
* @author Mikhail Golenkov <golenkovm@gmail.com>
|
|
* @copyright Catalyst IT
|
|
* @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
|
|
*/
|
|
|
|
use core\context;
|
|
|
|
/**
|
|
* Main hook.
|
|
*
|
|
* e.g. Add permissions logic across a site or course
|
|
*
|
|
* @param mixed $courseorid
|
|
* @param mixed $autologinguest
|
|
* @param mixed $cm
|
|
* @param mixed $setwantsurltome
|
|
* @param mixed $preventredirect
|
|
* @return void
|
|
* @throws \moodle_exception
|
|
*/
|
|
function tool_mfa_after_require_login($courseorid = null, $autologinguest = null, $cm = null,
|
|
$setwantsurltome = null, $preventredirect = null): void {
|
|
|
|
global $SESSION;
|
|
// Tests for hooks being fired to test patches.
|
|
if (PHPUNIT_TEST) {
|
|
$SESSION->mfa_login_hook_test = true;
|
|
}
|
|
|
|
if (empty($SESSION->tool_mfa_authenticated)) {
|
|
\tool_mfa\manager::require_auth($courseorid, $autologinguest, $cm, $setwantsurltome, $preventredirect);
|
|
}
|
|
}
|
|
|
|
/**
|
|
* Extends navigation bar and injects MFA Preferences menu to user preferences.
|
|
*
|
|
* @param navigation_node $navigation
|
|
* @param stdClass $user
|
|
* @param context_user $usercontext
|
|
* @param stdClass $course
|
|
* @param context_course $coursecontext
|
|
*
|
|
* @return mix void or null
|
|
* @throws \moodle_exception
|
|
*/
|
|
function tool_mfa_extend_navigation_user_settings(navigation_node $navigation, stdClass $user, $usercontext, stdClass $course, $coursecontext) {
|
|
global $PAGE;
|
|
|
|
// Only inject if user is on the preferences page.
|
|
$onpreferencepage = $PAGE->url->compare(new moodle_url('/user/preferences.php'), URL_MATCH_BASE);
|
|
if (!$onpreferencepage) {
|
|
return null;
|
|
}
|
|
|
|
if (\tool_mfa\manager::is_ready() && \tool_mfa\manager::possible_factor_setup()) {
|
|
$url = new moodle_url('/admin/tool/mfa/user_preferences.php');
|
|
$node = navigation_node::create(get_string('preferences:header', 'tool_mfa'), $url,
|
|
navigation_node::TYPE_SETTING);
|
|
$usernode = $navigation->find('useraccount', navigation_node::TYPE_CONTAINER);
|
|
$usernode->add_node($node);
|
|
}
|
|
}
|
|
|
|
/**
|
|
* Triggered as soon as practical on every moodle bootstrap after config has
|
|
* been loaded. The $USER object is available at this point too.
|
|
*
|
|
* @return void
|
|
*/
|
|
function tool_mfa_after_config(): void {
|
|
global $CFG, $SESSION;
|
|
|
|
// Tests for hooks being fired to test patches.
|
|
// Store in $CFG, $SESSION not present at this point.
|
|
if (PHPUNIT_TEST) {
|
|
$CFG->mfa_config_hook_test = true;
|
|
}
|
|
|
|
// Check for not logged in.
|
|
if (isloggedin() && !isguestuser()) {
|
|
// If not authenticated, force login required.
|
|
if (empty($SESSION->tool_mfa_authenticated)) {
|
|
\tool_mfa\manager::require_auth();
|
|
}
|
|
}
|
|
}
|
|
|
|
/**
|
|
* Any plugin typically an admin tool can add new bulk user actions
|
|
*
|
|
* @return array
|
|
*/
|
|
function tool_mfa_bulk_user_actions(): array {
|
|
return [
|
|
'tool_mfa_reset_factors' => new action_link(
|
|
new moodle_url('/admin/tool/mfa/reset_factor.php'),
|
|
get_string('resetfactor', 'tool_mfa')
|
|
),
|
|
];
|
|
}
|
|
|
|
/**
|
|
* Serves any files for the guidance page.
|
|
*
|
|
* @param stdClass $course
|
|
* @param stdClass $cm
|
|
* @param context $context
|
|
* @param string $filearea
|
|
* @param array $args
|
|
* @param bool $forcedownload
|
|
* @param array $options
|
|
* @return bool
|
|
*/
|
|
function tool_mfa_pluginfile(stdClass $course, stdClass $cm, context $context, string $filearea,
|
|
array $args, bool $forcedownload, array $options = []): bool {
|
|
// Hardcode to only send guidance files from the top level.
|
|
$fs = get_file_storage();
|
|
$file = $fs->get_file(
|
|
$context->id,
|
|
'tool_mfa',
|
|
'guidance',
|
|
0,
|
|
'/',
|
|
$args[1]
|
|
);
|
|
if (!$file) {
|
|
send_file_not_found();
|
|
return false;
|
|
}
|
|
send_file($file, $file->get_filename());
|
|
|
|
return true;
|
|
}
|