Telecominfraproject/wlan-cloud-ucentralsec
1
0
Fork 0
mirror of https://github.com/Telecominfraproject/wlan-cloud-ucentralsec.git synced 2026-01-27 10:23:15 +00:00
Code Issues Packages Projects Releases Wiki Activity

Adding protection for enabling MFA when MFA is not available.

Browse Source
This commit is contained in:
stephb9959
2022-05-05 09:25:32 -07:00
parent c19ce8a92c
commit afc8a59267
4 changed files with 29 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
build
View File

@@ -1 +1 @@
47
48

13
src/RESTAPI/RESTAPI_subuser_handler.cpp
View File

@@ -6,6 +6,7 @@
#include "StorageService.h"
#include "framework/ow_constants.h"
#include "SMSSender.h"
#include "SMTPMailerService.h"
#include "ACLProcessor.h"
#include "AuthService.h"
#include "RESTAPI/RESTAPI_db_helpers.h"
@@ -252,6 +253,18 @@ namespace OpenWifi {
return BadRequest(RESTAPI::Errors::BadMFAMethod);
}
if( NewUser.userTypeProprietaryInfo.mfa.enabled &&
NewUser.userTypeProprietaryInfo.mfa.method == MFAMETHODS::SMS &&
!SMSSender()->Enabled()) {
return BadRequest(RESTAPI::Errors::SMSMFANotEnabled);
}
if( NewUser.userTypeProprietaryInfo.mfa.enabled &&
NewUser.userTypeProprietaryInfo.mfa.method == MFAMETHODS::EMAIL &&
!SMTPMailerService()->Enabled()) {
return BadRequest(RESTAPI::Errors::EMailMFANotEnabled);
}
bool ChangingMFA =
NewUser.userTypeProprietaryInfo.mfa.enabled && !Existing.userTypeProprietaryInfo.mfa.enabled;
Existing.userTypeProprietaryInfo.mfa.enabled = NewUser.userTypeProprietaryInfo.mfa.enabled;

13
src/RESTAPI/RESTAPI_user_handler.cpp
View File

@@ -6,6 +6,7 @@
#include "StorageService.h"
#include "framework/ow_constants.h"
#include "SMSSender.h"
#include "SMTPMailerService.h"
#include "ACLProcessor.h"
#include "AuthService.h"
#include "RESTAPI/RESTAPI_db_helpers.h"
@@ -260,6 +261,18 @@ namespace OpenWifi {
return BadRequest(RESTAPI::Errors::BadMFAMethod);
}
if( NewUser.userTypeProprietaryInfo.mfa.enabled &&
NewUser.userTypeProprietaryInfo.mfa.method == MFAMETHODS::SMS &&
!SMSSender()->Enabled()) {
return BadRequest(RESTAPI::Errors::SMSMFANotEnabled);
}
if( NewUser.userTypeProprietaryInfo.mfa.enabled &&
NewUser.userTypeProprietaryInfo.mfa.method == MFAMETHODS::EMAIL &&
!SMTPMailerService()->Enabled()) {
return BadRequest(RESTAPI::Errors::EMailMFANotEnabled);
}
bool ChangingMFA =
NewUser.userTypeProprietaryInfo.mfa.enabled && !Existing.userTypeProprietaryInfo.mfa.enabled;
Existing.userTypeProprietaryInfo.mfa.enabled = NewUser.userTypeProprietaryInfo.mfa.enabled;

2
src/framework/ow_constants.h
View File

@@ -102,6 +102,8 @@ namespace OpenWifi::RESTAPI::Errors {
static const std::string InvalidRegistrationOperatorId{"Invalid registration operator ID."};
static const std::string InvalidRegistrationOperatorName{"Invalid registration operator name."};
static const std::string RegistrationNameDuplicate{"Registration name must be unique."};
static const std::string SMSMFANotEnabled{"SMS is not enabled in the security service."};
static const std::string EMailMFANotEnabled{"email is not enabled in the security service."};
}
namespace OpenWifi::RESTAPI::Protocol {