From 27546fb558fce078cd39e8e2e5b3959831d95fda Mon Sep 17 00:00:00 2001 From: Neeraj Gupta <254676+ua741@users.noreply.github.com> Date: Sat, 24 Aug 2024 15:38:13 +0530 Subject: [PATCH] [server] Allow both enabling or removing email MFA --- server/cmd/museum/main.go | 2 +- server/ente/admin.go | 4 +++- server/pkg/api/admin.go | 14 +++++++++----- 3 files changed, 13 insertions(+), 7 deletions(-) diff --git a/server/cmd/museum/main.go b/server/cmd/museum/main.go index c12bfa83bf..0536871755 100644 --- a/server/cmd/museum/main.go +++ b/server/cmd/museum/main.go @@ -643,7 +643,7 @@ func main() { adminAPI.POST("/user/disable-2fa", adminHandler.DisableTwoFactor) adminAPI.POST("/user/update-referral", adminHandler.UpdateReferral) adminAPI.POST("/user/disable-passkeys", adminHandler.RemovePasskeys) - adminAPI.POST("/user/disable-email-verification", adminHandler.DisableEmailVerification) + adminAPI.POST("/user/update-email-mfa", adminHandler.UpdateEmailMFA) adminAPI.POST("/user/add-ott", adminHandler.AddOtt) adminAPI.POST("/user/close-family", adminHandler.CloseFamily) adminAPI.PUT("/user/change-email", adminHandler.ChangeEmail) diff --git a/server/ente/admin.go b/server/ente/admin.go index a51ee5698b..828173be7f 100644 --- a/server/ente/admin.go +++ b/server/ente/admin.go @@ -3,6 +3,7 @@ package ente import ( "errors" "fmt" + "time" ) // GetEmailsFromHashesRequest represents a request to convert hashes @@ -44,7 +45,8 @@ func (a AdminOttReq) Validate() error { } type AdminOpsForUserRequest struct { - UserID int64 `json:"userID" binding:"required"` + UserID int64 `json:"userID" binding:"required"` + EmailMFA *bool `json:"emailMFA"` } // ReQueueItemRequest puts an item back into the queue for processing. diff --git a/server/pkg/api/admin.go b/server/pkg/api/admin.go index 36680b3ab5..f1006a1d6b 100644 --- a/server/pkg/api/admin.go +++ b/server/pkg/api/admin.go @@ -281,15 +281,19 @@ func (h *AdminHandler) RemovePasskeys(c *gin.Context) { c.JSON(http.StatusOK, gin.H{}) } -func (h *AdminHandler) DisableEmailVerification(c *gin.Context) { +func (h *AdminHandler) UpdateEmailMFA(c *gin.Context) { var request ente.AdminOpsForUserRequest if err := c.ShouldBindJSON(&request); err != nil { handler.Error(c, stacktrace.Propagate(ente.ErrBadRequest, "Bad request")) return } + if request.EmailMFA == nil { + handler.Error(c, stacktrace.Propagate(ente.NewBadRequestWithMessage("emailMFA is required"), "")) + return + } go h.DiscordController.NotifyAdminAction( - fmt.Sprintf("Admin (%d) removing email mfa for account %d", auth.GetUserID(c.Request.Header), request.UserID)) + fmt.Sprintf("Admin (%d) updating email mfa (%v) for account %d", auth.GetUserID(c.Request.Header), request.EmailMFA, request.UserID)) logger := logrus.WithFields(logrus.Fields{ "user_id": request.UserID, "admin_id": auth.GetUserID(c.Request.Header), @@ -297,13 +301,13 @@ func (h *AdminHandler) DisableEmailVerification(c *gin.Context) { "req_ctx": "disable_email_mfa", }) logger.Info("Initiate remove passkeys") - err := h.UserController.UpdateEmailMFA(c, request.UserID, false) + err := h.UserController.UpdateEmailMFA(c, request.UserID, *request.EmailMFA) if err != nil { - logger.WithError(err).Error("Failed to disable email mfa") + logger.WithError(err).Error("Failed to update email mfa") handler.Error(c, stacktrace.Propagate(err, "")) return } - logger.Info("Email MFA successfully removed") + logger.Info("Email MFA successfully updated") c.JSON(http.StatusOK, gin.H{}) }