Merge pull request #14469 from snipe/feature/sc-19515/2fa_reset_log

Added 2FA reset log entry
2025-03-05 20:52:15 -08:00 · 2024-03-21 12:52:22 +00:00 · 2024-03-21 12:52:22 +00:00 · 91c7180bfd
parent 7c39f516b9 945e8b402f
commit 91c7180bfd
6 changed files with 37 additions and 19 deletions
--- a/app/Http/Controllers/Api/UsersController.php
+++ b/app/Http/Controllers/Api/UsersController.php
@ -661,7 +661,17 @@ class UsersController extends Controller
                $user = User::find($request->get('id'));
                $user->two_factor_secret = null;
                $user->two_factor_enrolled = 0;
-                $user->save();
+                $user->saveQuietly();
                // Log the reset
                $logaction = new Actionlog();
                $logaction->target_type = User::class;
                $logaction->target_id = $user->id;
                $logaction->item_type = User::class;
                $logaction->item_id = $user->id;
                $logaction->created_at = date('Y-m-d H:i:s');
                $logaction->user_id = Auth::user()->id;
                $logaction->logaction('2FA reset');
                return response()->json(['message' => trans('admin/settings/general.two_factor_reset_success')], 200);
            } catch (\Exception $e) {
--- a/app/Presenters/ActionlogPresenter.php
+++ b/app/Presenters/ActionlogPresenter.php
@ -42,6 +42,10 @@ class ActionlogPresenter extends Presenter
        // User related icons
        if ($this->itemType() == 'user') {
            if ($this->actionType()=='2fa reset') {
                return 'fa-solid fa-mobile-screen';
            }
            if ($this->actionType()=='create new') {
                return 'fa-solid fa-user-plus';
            }
@ -61,6 +65,7 @@ class ActionlogPresenter extends Presenter
            if ($this->actionType()=='update') {
                return 'fa-solid fa-user-pen';
            }
             return 'fa-solid fa-user';
        }
--- a/resources/lang/en-US/admin/settings/general.php
+++ b/resources/lang/en-US/admin/settings/general.php
@ -261,7 +261,7 @@ return [
    'two_factor_enrollment'        => 'Two-Factor Enrollment',
    'two_factor_enabled_text'        => 'Enable Two Factor',
    'two_factor_reset'        => 'Reset Two-Factor Secret',
-    'two_factor_reset_help'        => 'This will force the user to enroll their device with Google Authenticator again. This can be useful if their currently enrolled device is lost or stolen. ',
+    'two_factor_reset_help'        => 'This will force the user to enroll their device with their authenticator app again. This can be useful if their currently enrolled device is lost or stolen. ',
    'two_factor_reset_success'          => 'Two factor device successfully reset',
    'two_factor_reset_error'          => 'Two factor device reset failed',
    'two_factor_enabled_warning'        => 'Enabling two-factor if it is not currently enabled will immediately force you to authenticate with a Google Auth enrolled device. You will have the ability to enroll your device if one is not currently enrolled.',
--- a/resources/lang/en-US/general.php
+++ b/resources/lang/en-US/general.php
@ -1,6 +1,7 @@
 <?php
 return [
    '2FA_reset'             => '2FA reset',
    'accessories'			=> 'Accessories',
    'activated'			    => 'Activated',
    'accepted_date'         => 'Date Accepted',
--- a/resources/views/users/edit.blade.php
+++ b/resources/views/users/edit.blade.php
@ -499,6 +499,7 @@
                                  </div>
                              @endif
                              @if ((Auth::user()->isSuperUser()) && ($user->two_factor_active_and_enrolled()) && ($snipeSettings->two_factor_enabled!='0') && ($snipeSettings->two_factor_enabled!=''))
                                  <!-- Reset Two Factor -->
                                  <div class="form-group">
                                      <div class="col-md-8 col-md-offset-3 two_factor_resetrow">
@ -513,6 +514,8 @@
                                  </div>
                              @endif
                          @endif
                          <!-- Groups -->
                          <div class="form-group{{ $errors->has('groups') ? ' has-error' : '' }}">
                              <label class="col-md-3 control-label" for="groups[]"> {{ trans('general.groups') }}</label>
@ -715,13 +718,12 @@ $(document).ready(function() {
            success: function (data) {
                $("#two_factor_reseticon").html('');
-                $("#two_factor_resetstatus").html('<i class="fas fa-check text-success"></i>' + data.message);
+                $("#two_factor_resetstatus").html('<span class="text-success"><i class="fas fa-check"></i> ' + data.message + '</span>');
            },
            error: function (data) {
                $("#two_factor_reseticon").html('');
-                $("#two_factor_reseticon").html('<i class="fas fa-exclamation-triangle text-danger"></i>');
+                $("#two_factor_resetstatus").html('<span class="text-danger"><i class="fas fa-exclamation-triangle text-danger"></i> ' + data.message + '</span>');
                $('#two_factor_resetstatus').text(data.message);
            }
--- a/resources/views/users/view.blade.php
+++ b/resources/views/users/view.blade.php
@ -597,7 +597,7 @@
                            </div>
                          </div>
-                          @if ((Auth::user()->isSuperUser()) && ($snipeSettings->two_factor_enabled!='0') && ($snipeSettings->two_factor_enabled!=''))
+                          @if ((Auth::user()->isSuperUser()) && ($user->two_factor_active_and_enrolled()) && ($snipeSettings->two_factor_enabled!='0') && ($snipeSettings->two_factor_enabled!=''))
                            <!-- 2FA reset -->
                            <div class="row">