diff options
Diffstat (limited to 'Bugzilla')
| -rw-r--r-- | Bugzilla/Auth.pm | 2 | ||||
| -rw-r--r-- | Bugzilla/Config/Auth.pm | 17 | ||||
| -rw-r--r-- | Bugzilla/DB/Schema.pm | 1 | ||||
| -rw-r--r-- | Bugzilla/Install/DB.pm | 1 | ||||
| -rw-r--r-- | Bugzilla/User.pm | 22 |
5 files changed, 42 insertions, 1 deletions
diff --git a/Bugzilla/Auth.pm b/Bugzilla/Auth.pm index 797ec1122..58ac248c5 100644 --- a/Bugzilla/Auth.pm +++ b/Bugzilla/Auth.pm @@ -111,6 +111,8 @@ sub login { }); } + + return $self->_handle_login_result($login_info, $type); } diff --git a/Bugzilla/Config/Auth.pm b/Bugzilla/Config/Auth.pm index 58a3d3cd7..612fd1f3f 100644 --- a/Bugzilla/Config/Auth.pm +++ b/Bugzilla/Config/Auth.pm @@ -183,6 +183,21 @@ sub get_param_list { type => 't', default => '', }, + + { + name => 'mfa_group', + type => 's', + choices => \&get_all_group_names, + default => '', + checker => \&check_group, + }, + + { + name => 'mfa_group_grace_period', + type => 't', + default => '7', + checker => \&check_numeric, + } ); return @param_list; } @@ -234,4 +249,4 @@ sub _check_passwdqc_random_bits { return ""; } -1; +1;
\ No newline at end of file diff --git a/Bugzilla/DB/Schema.pm b/Bugzilla/DB/Schema.pm index 2c8778c27..7448d8878 100644 --- a/Bugzilla/DB/Schema.pm +++ b/Bugzilla/DB/Schema.pm @@ -936,6 +936,7 @@ use constant ABSTRACT_SCHEMA => { password_change_required => { TYPE => 'BOOLEAN', NOTNULL => 1, DEFAULT => 'FALSE' }, password_change_reason => { TYPE => 'varchar(64)' }, mfa => {TYPE => 'varchar(8)', DEFAULT => "''" }, + mfa_required_date => {TYPE => 'DATETIME'}, ], INDEXES => [ profiles_login_name_idx => {FIELDS => ['login_name'], diff --git a/Bugzilla/Install/DB.pm b/Bugzilla/Install/DB.pm index 539a7cf78..3b1836c26 100644 --- a/Bugzilla/Install/DB.pm +++ b/Bugzilla/Install/DB.pm @@ -746,6 +746,7 @@ sub update_table_definitions { $dbh->bz_add_column('profiles', 'mfa', { TYPE => 'varchar(8)', , DEFAULT => "''" }); + $dbh->bz_add_column('profiles', 'mfa_required_date', { TYPE => 'DATETIME' }); _migrate_group_owners(); $dbh->bz_add_column('groups', 'idle_member_removal', diff --git a/Bugzilla/User.pm b/Bugzilla/User.pm index 2d8256080..68a3b8313 100644 --- a/Bugzilla/User.pm +++ b/Bugzilla/User.pm @@ -80,6 +80,7 @@ sub DB_COLUMNS { 'profiles.password_change_required', 'profiles.password_change_reason', 'profiles.mfa', + 'profiles.mfa_required_date' ), } @@ -112,6 +113,7 @@ sub UPDATE_COLUMNS { password_change_required password_change_reason mfa + mfa_required_date ); push(@cols, 'cryptpassword') if exists $self->{cryptpassword}; return @cols; @@ -502,6 +504,11 @@ sub set_mfa { delete $self->{mfa_provider}; } +sub set_mfa_required_date { + my ($self, $value) = @_; + $self->set('mfa_required_date', $value); +} + sub set_groups { my $self = shift; $self->_set_groups(GROUP_MEMBERSHIP, @_); @@ -670,6 +677,12 @@ sub authorizer { } sub mfa { $_[0]->{mfa} } + +sub mfa_required_date { + my $self = shift; + return $self->{mfa_required_date} ? datetime_from($self->{mfa_required_date}, @_) : undef; +} + sub mfa_provider { my ($self) = @_; my $mfa = $self->{mfa} || return undef; @@ -679,6 +692,15 @@ sub mfa_provider { return $self->{mfa_provider}; } + +sub in_mfa_group { + my $self = shift; + return $self->{in_mfa_group} if exists $self->{in_mfa_group}; + + my $mfa_group = Bugzilla->params->{mfa_group}; + return $self->{in_mfa_group} = ($mfa_group && $self->in_group($mfa_group)); +} + sub name_or_login { my $self = shift; |