diff options
author | Zoltan Flamis <zoltan@innocraft.com> | 2021-05-27 01:28:59 +0300 |
---|---|---|
committer | GitHub <noreply@github.com> | 2021-05-27 01:28:59 +0300 |
commit | 70b05de003487a31495bb9927017606a2faab7dd (patch) | |
tree | 3dcdcf0d6dc2298f356248f88d8f2e51e214afb2 /plugins/TwoFactorAuth | |
parent | 30583c72fbb57469ee953536f69af2859fef61db (diff) |
Email notifications for critical actions (#17531)
* wip email notifications
* use Mail class
* token and login settings notification emails
* more notification emails
* user created/deleted notification
* use an abstract class
* import class
* catch email ex
* wip
* change settings changed emails
* import loggerinterface
* simpler email bodies
* some small tweaks to the translations
Co-authored-by: diosmosis <diosmosis@users.noreply.github.com>
Diffstat (limited to 'plugins/TwoFactorAuth')
-rw-r--r-- | plugins/TwoFactorAuth/Controller.php | 33 |
1 files changed, 33 insertions, 0 deletions
diff --git a/plugins/TwoFactorAuth/Controller.php b/plugins/TwoFactorAuth/Controller.php index 5c7b451e1f..daa97f21eb 100644 --- a/plugins/TwoFactorAuth/Controller.php +++ b/plugins/TwoFactorAuth/Controller.php @@ -21,6 +21,10 @@ use Piwik\Session\SessionNamespace; use Piwik\Url; use Piwik\View; use Exception; +use Piwik\Plugins\CoreAdminHome\Emails\RecoveryCodesShowedEmail; +use Piwik\Plugins\CoreAdminHome\Emails\TwoFactorAuthEnabledEmail; +use Piwik\Plugins\CoreAdminHome\Emails\TwoFactorAuthDisabledEmail; +use Piwik\Plugins\CoreAdminHome\Emails\RecoveryCodesRegeneratedEmail; class Controller extends \Piwik\Plugin\Controller { @@ -148,6 +152,13 @@ class Controller extends \Piwik\Plugin\Controller $this->twoFa->disable2FAforUser(Piwik::getCurrentUserLogin()); $this->passwordVerify->forgetVerifiedPassword(); + $container = StaticContainer::getContainer(); + $email = $container->make(TwoFactorAuthDisabledEmail::class, array( + 'login' => Piwik::getCurrentUserLogin(), + 'emailAddress' => Piwik::getCurrentUserEmail() + )); + $email->safeSend(); + $this->redirectToIndex('UsersManager', 'userSecurity', null, null, null, array( 'disableNonce' => false )); @@ -218,6 +229,13 @@ class Controller extends \Piwik\Plugin\Controller Piwik::postEvent('TwoFactorAuth.enabled', array($login)); + $container = StaticContainer::getContainer(); + $email = $container->make(TwoFactorAuthEnabledEmail::class, array( + 'login' => Piwik::getCurrentUserLogin(), + 'emailAddress' => Piwik::getCurrentUserEmail() + )); + $email->safeSend(); + if ($standalone) { $this->redirectToIndex('CoreHome', 'index'); return; @@ -274,11 +292,18 @@ class Controller extends \Piwik\Plugin\Controller $regenerateSuccess = false; $regenerateError = false; + $container = StaticContainer::getContainer(); if ($postedValidNonce && $this->passwordVerify->hasBeenVerified()) { $this->passwordVerify->forgetVerifiedPassword(); $this->recoveryCodeDao->createRecoveryCodesForLogin(Piwik::getCurrentUserLogin()); $regenerateSuccess = true; + + $email = $container->make(RecoveryCodesRegeneratedEmail::class, array( + 'login' => Piwik::getCurrentUserLogin(), + 'emailAddress' => Piwik::getCurrentUserEmail() + )); + $email->safeSend(); // no need to redirect as password was verified nonce // if user has posted a valid nonce, we do not need to require password again as nonce must have been generated recent // avoids use case where eg password verify is only valid for one more minute when opening the page but user regenerates 2min later @@ -293,6 +318,14 @@ class Controller extends \Piwik\Plugin\Controller $recoveryCodes = $this->recoveryCodeDao->getAllRecoveryCodesForLogin(Piwik::getCurrentUserLogin()); + if (!$regenerateSuccess && !$regenerateError) { + $email = $container->make(RecoveryCodesShowedEmail::class, array( + 'login' => Piwik::getCurrentUserLogin(), + 'emailAddress' => Piwik::getCurrentUserEmail() + )); + $email->safeSend(); + } + return $this->renderTemplate('showRecoveryCodes', array( 'codes' => $recoveryCodes, 'regenerateNonce' => Nonce::getNonce(self::REGENERATE_CODES_2FA_NONCE), |