New mix task: pleroma.user reset_mfa <nickname>

author Haelwenn (lanodan) Monnier <contact@hacktivis.me>

Thu, 11 Jun 2020 20:54:39 +0000 (22:54 +0200)

committer Haelwenn (lanodan) Monnier <contact@hacktivis.me>

Thu, 11 Jun 2020 20:54:48 +0000 (22:54 +0200)
author Haelwenn (lanodan) Monnier <contact@hacktivis.me>
Thu, 11 Jun 2020 20:54:39 +0000 (22:54 +0200)
committer Haelwenn (lanodan) Monnier <contact@hacktivis.me>
Thu, 11 Jun 2020 20:54:48 +0000 (22:54 +0200)
diff --git a/docs/administration/CLI_tasks/user.md b/docs/administration/CLI_tasks/user.md

index afeb8d52f72512d2b8cc87a48e07395c3d0ebba0..1e6f4a8b43ddcb88256bb3a0e30a469998025000 100644 (file)
--- a/docs/administration/CLI_tasks/user.md
+++ b/docs/administration/CLI_tasks/user.md
@@ -135,6 +135,16 @@ mix pleroma.user reset_password <nickname>
  ```
  
  
+## Disable Multi Factor Authentication (MFA/2FA) for a user
+```sh tab="OTP"
+ ./bin/pleroma_ctl user reset_mfa <nickname>
+```
+
+```sh tab="From Source"
+mix pleroma.user reset_mfa <nickname>
+```
+
+
  ## Set the value of the given user's settings
  ```sh tab="OTP"
   ./bin/pleroma_ctl user set <nickname> [option ...]
diff --git a/lib/mix/tasks/pleroma/user.ex b/lib/mix/tasks/pleroma/user.ex

index 3635c02bc4d21aaf0b29c5f25434e3d83e624ebf..bca7e87bf533c01391f681a79dfaa7dfe2b7ff8e 100644 (file)
--- a/lib/mix/tasks/pleroma/user.ex
+++ b/lib/mix/tasks/pleroma/user.ex
@@ -144,6 +144,18 @@ defmodule Mix.Tasks.Pleroma.User do
      end
    end
  
+  def run(["reset_mfa", nickname]) do
+    start_pleroma()
+
+    with %User{local: true} = user <- User.get_cached_by_nickname(nickname),
+         {:ok, _token} <- Pleroma.MFA.disable(user) do
+      shell_info("Multi-Factor Authentication disabled for #{user.nickname}")
+    else
+      _ ->
+        shell_error("No local user #{nickname}")
+    end
+  end
+
    def run(["deactivate", nickname]) do
      start_pleroma()
  
diff --git a/test/tasks/user_test.exs b/test/tasks/user_test.exs

index b55aa1cdb8475bed2eb13239b1afa5246ddcd377..9220d23fcbaf0a4d2167c822eb3f5f9a523cc6b9 100644 (file)
--- a/test/tasks/user_test.exs
+++ b/test/tasks/user_test.exs
@@ -4,6 +4,7 @@
  
  defmodule Mix.Tasks.Pleroma.UserTest do
    alias Pleroma.Activity
+  alias Pleroma.MFA
    alias Pleroma.Object
    alias Pleroma.Repo
    alias Pleroma.Tests.ObanHelpers
@@ -278,6 +279,35 @@ defmodule Mix.Tasks.Pleroma.UserTest do
      end
    end
  
+  describe "running reset_mfa" do
+    test "disables MFA" do
+      user =
+        insert(:user,
+          multi_factor_authentication_settings: %MFA.Settings{
+            enabled: true,
+            totp: %MFA.Settings.TOTP{secret: "xx", confirmed: true}
+          }
+        )
+
+      Mix.Tasks.Pleroma.User.run(["reset_mfa", user.nickname])
+
+      assert_received {:mix_shell, :info, [message]}
+      assert message == "Multi-Factor Authentication disabled for #{user.nickname}"
+
+      assert %{enabled: false, totp: false} ==
+               user.nickname
+               |> User.get_cached_by_nickname()
+               |> MFA.mfa_settings()
+    end
+
+    test "no user to reset MFA" do
+      Mix.Tasks.Pleroma.User.run(["reset_password", "nonexistent"])
+
+      assert_received {:mix_shell, :error, [message]}
+      assert message =~ "No local user"
+    end
+  end
+
    describe "running invite" do
      test "invite token is generated" do
        assert capture_io(fn ->
author	Haelwenn (lanodan) Monnier <contact@hacktivis.me>
	Thu, 11 Jun 2020 20:54:39 +0000 (22:54 +0200)
committer	Haelwenn (lanodan) Monnier <contact@hacktivis.me>
	Thu, 11 Jun 2020 20:54:48 +0000 (22:54 +0200)
docs/administration/CLI_tasks/user.md		patch \| blob \| history
lib/mix/tasks/pleroma/user.ex		patch \| blob \| history
test/tasks/user_test.exs		patch \| blob \| history