DRCIT/snipe-it
1
0
Fork 0
mirror of https://github.com/snipe/snipe-it.git synced 2025-03-05 20:52:15 -08:00
Code Issues Actions 1 Packages Projects Releases Wiki Activity

Merge pull request #14469 from snipe/feature/sc-19515/2fa_reset_log

Browse source 
Added 2FA reset log entry
This commit is contained in:
snipe 2024-03-21 12:52:22 +00:00 committed by GitHub
parent 7c39f516b9 945e8b402f
commit 91c7180bfd
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
6 changed files with 37 additions and 19 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

12
app/Http/Controllers/Api/UsersController.php
View file

@ -661,7 +661,17 @@ class UsersController extends Controller
$user = User::find($request->get('id')); $user = User::find($request->get('id'));
$user->two_factor_secret = null; $user->two_factor_secret = null;
$user->two_factor_enrolled = 0; $user->two_factor_enrolled = 0;
$user->save(); $user->saveQuietly();
// Log the reset
$logaction = new Actionlog();
$logaction->target_type = User::class;
$logaction->target_id = $user->id;
$logaction->item_type = User::class;
$logaction->item_id = $user->id;
$logaction->created_at = date('Y-m-d H:i:s');
$logaction->user_id = Auth::user()->id;
$logaction->logaction('2FA reset');
return response()->json(['message' => trans('admin/settings/general.two_factor_reset_success')], 200); return response()->json(['message' => trans('admin/settings/general.two_factor_reset_success')], 200);
} catch (\Exception $e) { } catch (\Exception $e) {

7
app/Presenters/ActionlogPresenter.php
View file

@ -38,10 +38,14 @@ class ActionlogPresenter extends Presenter
public function icon() public function icon()
{ {
// User related icons // User related icons
if ($this->itemType() == 'user') { if ($this->itemType() == 'user') {
if ($this->actionType()=='2fa reset') {
return 'fa-solid fa-mobile-screen';
}
if ($this->actionType()=='create new') { if ($this->actionType()=='create new') {
return 'fa-solid fa-user-plus'; return 'fa-solid fa-user-plus';
} }
@ -61,6 +65,7 @@ class ActionlogPresenter extends Presenter
if ($this->actionType()=='update') { if ($this->actionType()=='update') {
return 'fa-solid fa-user-pen'; return 'fa-solid fa-user-pen';
} }
return 'fa-solid fa-user'; return 'fa-solid fa-user';
} }

2
resources/lang/en-US/admin/settings/general.php
View file

@ -261,7 +261,7 @@ return [
'two_factor_enrollment' => 'Two-Factor Enrollment', 'two_factor_enrollment' => 'Two-Factor Enrollment',
'two_factor_enabled_text' => 'Enable Two Factor', 'two_factor_enabled_text' => 'Enable Two Factor',
'two_factor_reset' => 'Reset Two-Factor Secret', 'two_factor_reset' => 'Reset Two-Factor Secret',
'two_factor_reset_help' => 'This will force the user to enroll their device with Google Authenticator again. This can be useful if their currently enrolled device is lost or stolen. ', 'two_factor_reset_help' => 'This will force the user to enroll their device with their authenticator app again. This can be useful if their currently enrolled device is lost or stolen. ',
'two_factor_reset_success' => 'Two factor device successfully reset', 'two_factor_reset_success' => 'Two factor device successfully reset',
'two_factor_reset_error' => 'Two factor device reset failed', 'two_factor_reset_error' => 'Two factor device reset failed',
'two_factor_enabled_warning' => 'Enabling two-factor if it is not currently enabled will immediately force you to authenticate with a Google Auth enrolled device. You will have the ability to enroll your device if one is not currently enrolled.', 'two_factor_enabled_warning' => 'Enabling two-factor if it is not currently enabled will immediately force you to authenticate with a Google Auth enrolled device. You will have the ability to enroll your device if one is not currently enrolled.',

1
resources/lang/en-US/general.php
View file

@ -1,6 +1,7 @@
<?php <?php
return [ return [
'2FA_reset' => '2FA reset',
'accessories' => 'Accessories', 'accessories' => 'Accessories',
'activated' => 'Activated', 'activated' => 'Activated',
'accepted_date' => 'Date Accepted', 'accepted_date' => 'Date Accepted',

32
resources/views/users/edit.blade.php
View file

@ -499,18 +499,21 @@
</div> </div>
@endif @endif
<!-- Reset Two Factor --> @if ((Auth::user()->isSuperUser()) && ($user->two_factor_active_and_enrolled()) && ($snipeSettings->two_factor_enabled!='0') && ($snipeSettings->two_factor_enabled!=''))
<div class="form-group"> <!-- Reset Two Factor -->
<div class="col-md-8 col-md-offset-3 two_factor_resetrow"> <div class="form-group">
<a class="btn btn-default btn-sm pull-left" id="two_factor_reset" style="margin-right: 10px;"> {{ trans('admin/settings/general.two_factor_reset') }}</a> <div class="col-md-8 col-md-offset-3 two_factor_resetrow">
<span id="two_factor_reseticon"></span> <a class="btn btn-default btn-sm pull-left" id="two_factor_reset" style="margin-right: 10px;"> {{ trans('admin/settings/general.two_factor_reset') }}</a>
<span id="two_factor_resetresult"></span> <span id="two_factor_reseticon"></span>
<span id="two_factor_resetstatus"></span> <span id="two_factor_resetresult"></span>
<span id="two_factor_resetstatus"></span>
</div>
<div class="col-md-8 col-md-offset-3 two_factor_resetrow">
<p class="help-block">{{ trans('admin/settings/general.two_factor_reset_help') }}</p>
</div>
</div> </div>
<div class="col-md-8 col-md-offset-3 two_factor_resetrow"> @endif
<p class="help-block">{{ trans('admin/settings/general.two_factor_reset_help') }}</p>
</div>
</div>
@endif @endif
<!-- Groups --> <!-- Groups -->
@ -702,7 +705,7 @@ $(document).ready(function() {
$("#two_factor_resetrow").removeClass('success'); $("#two_factor_resetrow").removeClass('success');
$("#two_factor_resetrow").removeClass('danger'); $("#two_factor_resetrow").removeClass('danger');
$("#two_factor_resetstatus").html(''); $("#two_factor_resetstatus").html('');
$("#two_factor_reseticon").html('<i class="fas fa-spinner spin"></i>'); $("#two_factor_reseticon").html('<i class="fas fa-spinner spin"></i> ');
$.ajax({ $.ajax({
url: '{{ route('api.users.two_factor_reset', ['id'=> $user->id]) }}', url: '{{ route('api.users.two_factor_reset', ['id'=> $user->id]) }}',
type: 'POST', type: 'POST',
@ -715,13 +718,12 @@ $(document).ready(function() {
success: function (data) { success: function (data) {
$("#two_factor_reseticon").html(''); $("#two_factor_reseticon").html('');
$("#two_factor_resetstatus").html('<i class="fas fa-check text-success"></i>' + data.message); $("#two_factor_resetstatus").html('<span class="text-success"><i class="fas fa-check"></i> ' + data.message + '</span>');
}, },
error: function (data) { error: function (data) {
$("#two_factor_reseticon").html(''); $("#two_factor_reseticon").html('');
$("#two_factor_reseticon").html('<i class="fas fa-exclamation-triangle text-danger"></i>'); $("#two_factor_resetstatus").html('<span class="text-danger"><i class="fas fa-exclamation-triangle text-danger"></i> ' + data.message + '</span>');
$('#two_factor_resetstatus').text(data.message);
} }

2
resources/views/users/view.blade.php
View file

@ -597,7 +597,7 @@
</div> </div>
</div> </div>
@if ((Auth::user()->isSuperUser()) && ($snipeSettings->two_factor_enabled!='0') && ($snipeSettings->two_factor_enabled!='')) @if ((Auth::user()->isSuperUser()) && ($user->two_factor_active_and_enrolled()) && ($snipeSettings->two_factor_enabled!='0') && ($snipeSettings->two_factor_enabled!=''))
<!-- 2FA reset --> <!-- 2FA reset -->
<div class="row"> <div class="row">