From: Tim Düsterhus <duesterhus@woltlab.com>
Date: Tue, 17 Nov 2020 13:09:59 +0000 (+0100)
Subject: Set multifactorActive = 1 in MultifactorMangeForm
X-Git-Tag: 5.4.0_Alpha_1~555^2~47^2~10
X-Git-Url: https://git.stricted.de/?a=commitdiff_plain;h=aec17dfb714d2e3103a7f56a5223fe30f894d03b;p=GitHub%2FWoltLab%2FWCF.git

Set multifactorActive = 1 in MultifactorMangeForm
---

diff --git a/wcfsetup/install/files/lib/form/MultifactorManageForm.class.php b/wcfsetup/install/files/lib/form/MultifactorManageForm.class.php
index 8eea7c7517..a9592aa91c 100644
--- a/wcfsetup/install/files/lib/form/MultifactorManageForm.class.php
+++ b/wcfsetup/install/files/lib/form/MultifactorManageForm.class.php
@@ -2,6 +2,7 @@
 namespace wcf\form;
 use wcf\data\object\type\ObjectType;
 use wcf\data\object\type\ObjectTypeCache;
+use wcf\data\user\UserEditor;
 use wcf\form\AbstractFormBuilderForm;
 use wcf\system\exception\IllegalLinkException;
 use wcf\system\exception\PermissionDeniedException;
@@ -99,7 +100,7 @@ class MultifactorManageForm extends AbstractFormBuilderForm {
 	
 	public function save() {
 		AbstractForm::save();
-
+		
 		WCF::getDB()->beginTransaction();
 		
 		/** @var Setup|null $setup */
@@ -123,6 +124,8 @@ class MultifactorManageForm extends AbstractFormBuilderForm {
 			$this->generateBackupCodes();
 		}
 		
+		$this->enableMultifactorAuth();
+		
 		WCF::getDB()->commitTransaction();
 		
 		$this->saved();
@@ -179,6 +182,28 @@ class MultifactorManageForm extends AbstractFormBuilderForm {
 		$this->backupForm = $form;
 	}
 	
+	/**
+	 * Enables multifactor authentication for the user.
+	 */
+	protected function enableMultifactorAuth(): void {
+		// This method intentionally does not use UserAction to prevent
+		// events from firing.
+		//
+		// This method is being run from within a transaction to ensure
+		// a consistent database state in case any part of the MFA setup
+		// fails. Event listeners could run complex logic, including
+		// queries that modify the database state, possibly leading to
+		// a very large transaction and much more surface area for
+		// unexpected failures.
+		//
+		// Use the saved@MultifactorManageForm event if you need to run
+		// logic in response to a user enabling MFA.
+		$editor = new UserEditor(WCF::getUser());
+		$editor->update([
+			'multifactorActive' => 1,
+		]);
+	}
+	
 	/**
 	 * @inheritDoc
 	 */