diff options
Diffstat (limited to 'app/controllers/profiles')
-rw-r--r-- | app/controllers/profiles/avatars_controller.rb | 2 | ||||
-rw-r--r-- | app/controllers/profiles/emails_controller.rb | 2 | ||||
-rw-r--r-- | app/controllers/profiles/groups_controller.rb | 2 | ||||
-rw-r--r-- | app/controllers/profiles/keys_controller.rb | 12 | ||||
-rw-r--r-- | app/controllers/profiles/preferences_controller.rb | 2 | ||||
-rw-r--r-- | app/controllers/profiles/saved_replies_controller.rb | 13 | ||||
-rw-r--r-- | app/controllers/profiles/two_factor_auths_controller.rb | 36 |
7 files changed, 60 insertions, 9 deletions
diff --git a/app/controllers/profiles/avatars_controller.rb b/app/controllers/profiles/avatars_controller.rb index 55a2904ce83..829a87b7d0a 100644 --- a/app/controllers/profiles/avatars_controller.rb +++ b/app/controllers/profiles/avatars_controller.rb @@ -1,7 +1,7 @@ # frozen_string_literal: true class Profiles::AvatarsController < Profiles::ApplicationController - feature_category :users + feature_category :user_profile def destroy @user = current_user diff --git a/app/controllers/profiles/emails_controller.rb b/app/controllers/profiles/emails_controller.rb index 7e332d9a498..c88616b6d6c 100644 --- a/app/controllers/profiles/emails_controller.rb +++ b/app/controllers/profiles/emails_controller.rb @@ -7,7 +7,7 @@ class Profiles::EmailsController < Profiles::ApplicationController before_action -> { check_rate_limit!(:profile_resend_email_confirmation, scope: current_user, redirect_back: true) }, only: [:resend_confirmation_instructions] - feature_category :users + feature_category :user_profile urgency :low, [:index] def index diff --git a/app/controllers/profiles/groups_controller.rb b/app/controllers/profiles/groups_controller.rb index 5962b10c44b..fdd76a7f7be 100644 --- a/app/controllers/profiles/groups_controller.rb +++ b/app/controllers/profiles/groups_controller.rb @@ -3,7 +3,7 @@ class Profiles::GroupsController < Profiles::ApplicationController include RoutableActions - feature_category :users + feature_category :user_profile def update group = find_routable!(Group, params[:id], request.fullpath) diff --git a/app/controllers/profiles/keys_controller.rb b/app/controllers/profiles/keys_controller.rb index 39e8f6c500d..31c758ac763 100644 --- a/app/controllers/profiles/keys_controller.rb +++ b/app/controllers/profiles/keys_controller.rb @@ -1,7 +1,7 @@ # frozen_string_literal: true class Profiles::KeysController < Profiles::ApplicationController - feature_category :users + feature_category :user_profile urgency :low, [:create, :index] def index @@ -34,6 +34,16 @@ class Profiles::KeysController < Profiles::ApplicationController end end + def revoke + @key = current_user.keys.find(params[:id]) + Keys::RevokeService.new(current_user).execute(@key) + + respond_to do |format| + format.html { redirect_to profile_keys_url, status: :found } + format.js { head :ok } + end + end + private def key_params diff --git a/app/controllers/profiles/preferences_controller.rb b/app/controllers/profiles/preferences_controller.rb index 974e7104c07..7786bad4251 100644 --- a/app/controllers/profiles/preferences_controller.rb +++ b/app/controllers/profiles/preferences_controller.rb @@ -3,7 +3,7 @@ class Profiles::PreferencesController < Profiles::ApplicationController before_action :user - feature_category :users + feature_category :user_profile urgency :low, [:show] urgency :medium, [:update] diff --git a/app/controllers/profiles/saved_replies_controller.rb b/app/controllers/profiles/saved_replies_controller.rb new file mode 100644 index 00000000000..5ac5d645efb --- /dev/null +++ b/app/controllers/profiles/saved_replies_controller.rb @@ -0,0 +1,13 @@ +# frozen_string_literal: true + +module Profiles + class SavedRepliesController < Profiles::ApplicationController + feature_category :user_profile + + before_action do + render_404 unless Feature.enabled?(:saved_replies, current_user) + + @hide_search_settings = true + end + end +end diff --git a/app/controllers/profiles/two_factor_auths_controller.rb b/app/controllers/profiles/two_factor_auths_controller.rb index c36f03d3e69..aded295bfab 100644 --- a/app/controllers/profiles/two_factor_auths_controller.rb +++ b/app/controllers/profiles/two_factor_auths_controller.rb @@ -3,7 +3,7 @@ class Profiles::TwoFactorAuthsController < Profiles::ApplicationController skip_before_action :check_two_factor_requirement before_action :ensure_verified_primary_email, only: [:show, :create] - before_action :validate_current_password, only: [:create, :codes, :destroy], if: :current_password_required? + before_action :validate_current_password, only: [:create, :codes, :destroy, :create_webauthn], if: :current_password_required? before_action :update_current_user_otp!, only: [:show] helper_method :current_password_required? @@ -21,8 +21,13 @@ class Profiles::TwoFactorAuthsController < Profiles::ApplicationController def create otp_validation_result = ::Users::ValidateManualOtpService.new(current_user).execute(params[:pin_code]) + validated = (otp_validation_result[:status] == :success) - if otp_validation_result[:status] == :success + if validated && current_user.otp_backup_codes? && Feature.enabled?(:webauthn_without_totp) + ActiveSession.destroy_all_but_current(current_user, session) + Users::UpdateService.new(current_user, user: current_user, otp_required_for_login: true).execute! + redirect_to profile_two_factor_auth_path, notice: _("Your Time-based OTP device was registered!") + elsif validated ActiveSession.destroy_all_but_current(current_user, session) Users::UpdateService.new(current_user, user: current_user, otp_required_for_login: true).execute! do |user| @@ -64,10 +69,27 @@ class Profiles::TwoFactorAuthsController < Profiles::ApplicationController def create_webauthn @webauthn_registration = Webauthn::RegisterService.new(current_user, device_registration_params, session[:challenge]).execute + + notice = _("Your WebAuthn device was registered!") if @webauthn_registration.persisted? session.delete(:challenge) - redirect_to profile_two_factor_auth_path, notice: s_("Your WebAuthn device was registered!") + if Feature.enabled?(:webauthn_without_totp) + + if current_user.otp_backup_codes? + redirect_to profile_two_factor_auth_path, notice: notice + else + + Users::UpdateService.new(current_user, user: current_user).execute! do |user| + @codes = current_user.generate_otp_backup_codes! + end + helpers.dismiss_two_factor_auth_recovery_settings_check + flash[:notice] = notice + render 'create' + end + else + redirect_to profile_two_factor_auth_path, notice: notice + end else @qr_code = build_qr_code @@ -119,11 +141,17 @@ class Profiles::TwoFactorAuthsController < Profiles::ApplicationController end def validate_current_password + return if Feature.disabled?(:webauthn_without_totp) && params[:action] == 'create_webauthn' return if current_user.valid_password?(params[:current_password]) current_user.increment_failed_attempts! - @error = { message: _('You must provide a valid current password') } + error_message = { message: _('You must provide a valid current password.') } + if params[:action] == 'create_webauthn' + @webauthn_error = error_message + else + @error = error_message + end setup_show_page |