Proyectos de Subversion Moodle

<?php

// This file is part of Moodle - http://moodle.org/

//

// Moodle is free software: you can redistribute it and/or modify

// it under the terms of the GNU General Public License as published by

// the Free Software Foundation, either version 3 of the License, or

// (at your option) any later version.

//

// Moodle is distributed in the hope that it will be useful,

// but WITHOUT ANY WARRANTY; without even the implied warranty of

// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the

// GNU General Public License for more details.

//

// You should have received a copy of the GNU General Public License

// along with Moodle.  If not, see <http://www.gnu.org/licenses/>.

/**

 * Moodle MFA plugin lib

 *

 * @package     tool_mfa

 * @author      Mikhail Golenkov <golenkovm@gmail.com>

 * @copyright   Catalyst IT

 * @license     http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later

 */

use core\context;

/**

 * Main hook.

 *

 * e.g. Add permissions logic across a site or course

 *

 * @param mixed $courseorid

 * @param mixed $autologinguest

 * @param mixed $cm

 * @param mixed $setwantsurltome

 * @param mixed $preventredirect

 * @return void

 * @throws \moodle_exception

 */

function tool_mfa_after_require_login($courseorid = null, $autologinguest = null, $cm = null,

    $setwantsurltome = null, $preventredirect = null): void {

    global $SESSION;

    // Tests for hooks being fired to test patches.

    if (PHPUNIT_TEST) {

        $SESSION->mfa_login_hook_test = true;

    }

    if (empty($SESSION->tool_mfa_authenticated)) {

        \tool_mfa\manager::require_auth($courseorid, $autologinguest, $cm, $setwantsurltome, $preventredirect);

    }

}

/**

 * Extends navigation bar and injects MFA Preferences menu to user preferences.

 *

 * @param navigation_node $navigation

 * @param stdClass $user

 * @param context_user $usercontext

 * @param stdClass $course

 * @param context_course $coursecontext

 *

 * @return mix void or null

 * @throws \moodle_exception

 */

function tool_mfa_extend_navigation_user_settings(navigation_node $navigation, stdClass $user, $usercontext, stdClass $course, $coursecontext) {

    global $PAGE;

    // Only inject if user is on the preferences page.

    $onpreferencepage = $PAGE->url->compare(new moodle_url('/user/preferences.php'), URL_MATCH_BASE);

    if (!$onpreferencepage) {

        return null;

    }

    if (\tool_mfa\manager::is_ready() && \tool_mfa\manager::possible_factor_setup()) {

        $url = new moodle_url('/admin/tool/mfa/user_preferences.php');

        $node = navigation_node::create(get_string('preferences:header', 'tool_mfa'), $url,

            navigation_node::TYPE_SETTING);

        $usernode = $navigation->find('useraccount', navigation_node::TYPE_CONTAINER);

        $usernode->add_node($node);

    }

}

/**

 * Triggered as soon as practical on every moodle bootstrap after config has

 * been loaded. The $USER object is available at this point too.

 *

 * @return void

 */

function tool_mfa_after_config(): void {

    global $CFG, $SESSION;

    // Tests for hooks being fired to test patches.

    // Store in $CFG, $SESSION not present at this point.

    if (PHPUNIT_TEST) {

        $CFG->mfa_config_hook_test = true;

    }

    // Check for not logged in.

    if (isloggedin() && !isguestuser()) {

        // If not authenticated, force login required.

        if (empty($SESSION->tool_mfa_authenticated)) {

            \tool_mfa\manager::require_auth();

        }

    }

}

/**

 * Any plugin typically an admin tool can add new bulk user actions

 *

 * @return array

 */

function tool_mfa_bulk_user_actions(): array {

    if (!has_capability('moodle/site:config', context_system::instance())) {

        return [];

    }

    return [

        'tool_mfa_reset_factors' => new action_link(

            new moodle_url('/admin/tool/mfa/reset_factor.php'),

            get_string('resetfactor', 'tool_mfa'),

        ),

    ];

}

/**

 * Serves any files for the guidance page.

 *

 * @param stdClass|null $course

 * @param stdClass|null $cm

 * @param context $context

 * @param string $filearea

 * @param array $args

 * @param bool $forcedownload

 * @param array $options

 * @return bool

 */

function tool_mfa_pluginfile(stdClass|null $course, stdClass|null $cm, context $context, string $filearea,

    array $args, bool $forcedownload, array $options = []): bool {

    // Hardcode to only send guidance files from the top level.

    $fs = get_file_storage();

    $file = $fs->get_file(

        $context->id,

        'tool_mfa',

        'guidance',

        0,

        '/',

        $args[1]

    );

    if (!$file) {

        send_file_not_found();

        return false;

    }

    send_file($file, $file->get_filename());

    return true;

}

/**

 * Fragment to confirm a factor action using the confirmation form.

 *

 * @param array $args Arguments to the form.

 * @return null|string The rendered form.

 */

function tool_mfa_output_fragment_factor_action_confirmation_form(

    array $args,

): ?string {

    // Check args are not empty.

    foreach ($args as $key => $arg) {

        if (empty($arg)) {

            throw new \moodle_exception('missingparam', 'error', '', $key);

        }

    }

    $customdata = [

        'action' => $args['action'],

        'factor' => $args['factor'],

        'factorid' => $args['factorid'],

        'devicename' => $args['devicename'],

    ];

    // Indicate we are performing a replacement by include the replace id.

    if ($args['action'] === 'replace') {

        $customdata['replaceid'] = $args['factorid'];

    }

    $mform = new tool_mfa\local\form\factor_action_confirmation_form($args['actionurl'], $customdata);

    return $mform->render();

}