Skip to content

Commit

Permalink
Do not display trust prompt on 0 weight factors
Browse files Browse the repository at this point in the history
  • Loading branch information
Peterburnett committed Oct 23, 2023
1 parent 33ab177 commit aef971b
Showing 1 changed file with 12 additions and 6 deletions.
18 changes: 12 additions & 6 deletions factor/token/classes/factor.php
Original file line number Diff line number Diff line change
Expand Up @@ -144,10 +144,14 @@ public function global_definition_after_data($mform) {
// First thing, we need to decide on whether we should show the checkbox.
$noproperty = !property_exists($SESSION, 'tool_mfa_factor_token');
$nostate = $this->get_state() !== \tool_mfa\plugininfo\factor::STATE_PASS;
// We shouldn't show if the current factor does not give points. Nothing to "trust" in that case.
$factor = \tool_mfa\plugininfo\factor::get_next_user_factor();
$weight = $factor->get_weight();
// We also shouldn't display if the duration for the user is 0;
$expiryconfig = is_siteadmin() ? 'adminexpiry' : 'expiry';
$expiry = get_config('factor_token', $expiryconfig);

if ($noproperty && $nostate) {
$expiryconfig = is_siteadmin() ? 'adminexpiry' : 'expiry';
$expiry = get_config('factor_token', $expiryconfig);
if ($noproperty && $nostate && $weight !== 0 && !empty($expiry)) {
$expirystring = format_time($expiry);
$mform->addElement('advcheckbox', 'factor_token_trust', '', get_string('form:trust', 'factor_token', $expirystring));
$mform->setType('factor_token_trust', PARAM_BOOL);
Expand All @@ -164,9 +168,11 @@ public function global_definition_after_data($mform) {
public function global_submit($data) {
global $SESSION;

// Store any kind of response here, we shouldnt show again.
$trust = $data->factor_token_trust;
$SESSION->tool_mfa_factor_token = $trust;
if (property_exists($data, "factor_token_trust")) {
// Store any kind of response here, we shouldnt show again.
$trust = $data->factor_token_trust;
$SESSION->tool_mfa_factor_token = $trust;
}
}

/**
Expand Down

0 comments on commit aef971b

Please sign in to comment.