From aec17dfb714d2e3103a7f56a5223fe30f894d03b Mon Sep 17 00:00:00 2001 From: =?utf8?q?Tim=20D=C3=BCsterhus?= Date: Tue, 17 Nov 2020 14:09:59 +0100 Subject: [PATCH] Set multifactorActive = 1 in MultifactorMangeForm --- .../lib/form/MultifactorManageForm.class.php | 27 ++++++++++++++++++- 1 file changed, 26 insertions(+), 1 deletion(-) diff --git a/wcfsetup/install/files/lib/form/MultifactorManageForm.class.php b/wcfsetup/install/files/lib/form/MultifactorManageForm.class.php index 8eea7c7517..a9592aa91c 100644 --- a/wcfsetup/install/files/lib/form/MultifactorManageForm.class.php +++ b/wcfsetup/install/files/lib/form/MultifactorManageForm.class.php @@ -2,6 +2,7 @@ namespace wcf\form; use wcf\data\object\type\ObjectType; use wcf\data\object\type\ObjectTypeCache; +use wcf\data\user\UserEditor; use wcf\form\AbstractFormBuilderForm; use wcf\system\exception\IllegalLinkException; use wcf\system\exception\PermissionDeniedException; @@ -99,7 +100,7 @@ class MultifactorManageForm extends AbstractFormBuilderForm { public function save() { AbstractForm::save(); - + WCF::getDB()->beginTransaction(); /** @var Setup|null $setup */ @@ -123,6 +124,8 @@ class MultifactorManageForm extends AbstractFormBuilderForm { $this->generateBackupCodes(); } + $this->enableMultifactorAuth(); + WCF::getDB()->commitTransaction(); $this->saved(); @@ -179,6 +182,28 @@ class MultifactorManageForm extends AbstractFormBuilderForm { $this->backupForm = $form; } + /** + * Enables multifactor authentication for the user. + */ + protected function enableMultifactorAuth(): void { + // This method intentionally does not use UserAction to prevent + // events from firing. + // + // This method is being run from within a transaction to ensure + // a consistent database state in case any part of the MFA setup + // fails. Event listeners could run complex logic, including + // queries that modify the database state, possibly leading to + // a very large transaction and much more surface area for + // unexpected failures. + // + // Use the saved@MultifactorManageForm event if you need to run + // logic in response to a user enabling MFA. + $editor = new UserEditor(WCF::getUser()); + $editor->update([ + 'multifactorActive' => 1, + ]); + } + /** * @inheritDoc */ -- 2.20.1