Issue #3194488 by acbramley, tallytarik, jcnventura, mstrelan: Not possible to...

Issue #3194488 by acbramley, tallytarik, jcnventura, mstrelan: Not possible to administer TFA for another user

Issue #3194488 by acbramley, tallytarik, jcnventura, mstrelan: Not possible to...
1e6555a6 · João Ventura · Joao Ventura · 9dc57b5d · 1e6555a6 · 1e6555a6
Commit 1e6555a6 authored 2 years ago by João Ventura Committed by Joao Ventura 2 years ago
--- a/src/Form/BasicSetup.php
+++ b/src/Form/BasicSetup.php
@@ -231,7 +231,7 @@ class BasicSetup extends FormBase {
      // Record methods progressed.
      $storage['steps'][] = $method;
      $plugin = $this->findPlugin($method);
-      $setup_plugin = $this->tfaSetup->createInstance($plugin['setupPluginId'], ['uid' => $account->id()]);
+      $setup_plugin = $this->tfaSetup->createInstance($plugin['setupPluginId'], ['uid' => $user->id()]);
      $tfa_setup = new TfaSetup($setup_plugin);
      $form = $tfa_setup->getForm($form, $form_state, $reset);
      $storage[$method] = $tfa_setup;

--- a/tests/modules/tfa_test_plugins/src/Plugin/TfaSetup/TfaTestValidationPluginSetupPlugin.php
+++ b/tests/modules/tfa_test_plugins/src/Plugin/TfaSetup/TfaTestValidationPluginSetupPlugin.php
@@ -8,6 +8,7 @@ use Drupal\Core\StringTranslation\StringTranslationTrait;
 use Drupal\Core\Url;
 use Drupal\tfa\Plugin\TfaBasePlugin;
 use Drupal\tfa\Plugin\TfaSetupInterface;
+use Drupal\user\Entity\User;

 /**
 * TFA Test Validation Plugin Setup Plugin.
@@ -36,6 +37,9 @@ class TfaTestValidationPluginSetupPlugin extends TfaBasePlugin implements TfaSet
   * {@inheritdoc}
   */
  public function getSetupForm(array $form, FormStateInterface $form_state) {
+    $form['user']['#markup'] = $this->t('<p>TFA Setup for @name</p>', [
+      '@name' => User::load($this->configuration['uid'])->getDisplayName(),
+    ]);
    $form['expected_field'] = [
      '#type' => 'textfield',
      '#title' => $this->t('Expected field'),

--- a/tests/src/Functional/TfaLoginTest.php
+++ b/tests/src/Functional/TfaLoginTest.php
@@ -23,6 +23,13 @@ class TfaLoginTest extends TfaTestBase {
   */
  protected $adminUser;

+  /**
+   * Super administrator to edit other users TFA.
+   *
+   * @var \Drupal\user\Entity\User
+   */
+  protected $superAdmin;
+
  /**
   * {@inheritdoc}
   */
@@ -30,6 +37,9 @@ class TfaLoginTest extends TfaTestBase {
    parent::setUp();
    $this->webUser = $this->drupalCreateUser(['setup own tfa']);
    $this->adminUser = $this->drupalCreateUser(['admin tfa settings']);
+    $this->superAdmin = $this->drupalCreateUser(
+      ['administer users', 'admin tfa settings', 'setup own tfa']
+    );
    $this->canEnableValidationPlugin('tfa_test_plugins_validation');
  }

@@ -111,6 +121,18 @@ class TfaLoginTest extends TfaTestBase {
    $this->submitForm($edit, 'Log in');
    $assert_session->statusCodeEquals(200);
    $assert_session->addressMatches('/\/tfa\/' . $this->webUser->id() . '/');
+
+    // Check tfa setup as another user.
+    $another_user = $this->createUser();
+    $this->drupalLogin($this->superAdmin);
+    $this->drupalGet('user/' . $another_user->id() . '/security/tfa');
+    $assert_session->statusCodeEquals(200);
+    $this->clickLink('Set up test application');
+    $edit = [
+      'current_pass' => $this->superAdmin->passRaw,
+    ];
+    $this->submitForm($edit, 'Confirm');
+    $assert_session->pageTextContains('TFA Setup for ' . $another_user->getDisplayName());
  }

 }