DeleteGracePeriod.php
5 years ago
Enforce2FA.php
5 years ago
RemoveAllUserData.php
5 years ago
RemoveEnabledMethods.php
5 years ago
Enforce2FA.php
110 lines
| 1 | <?php // phpcs:ignore |
| 2 | |
| 3 | namespace WP2FA\BackgroundProcessing; |
| 4 | |
| 5 | use \WP2FA\Admin\SettingsPage as SettingsPage; |
| 6 | use WP2FA\Utils\DateTimeUtils; |
| 7 | use \WP2FA\WP2FA as WP2FA; |
| 8 | use \WP2FA\Authenticator\Authentication as Authentication; |
| 9 | |
| 10 | /** |
| 11 | * Class for handling our crons. |
| 12 | */ |
| 13 | class Enforce2FA extends \WP_Background_Process { |
| 14 | |
| 15 | /** |
| 16 | * Name of the cron we are going to attach these to. |
| 17 | * |
| 18 | * @var string |
| 19 | */ |
| 20 | protected $action = '2fa_bg_update_user_meta'; |
| 21 | |
| 22 | /** |
| 23 | * Task to perform in the BG |
| 24 | * |
| 25 | * @param object $item Consists of User ID, name of the job we want to do, and optional extras. |
| 26 | */ |
| 27 | protected function task( $item ) { |
| 28 | |
| 29 | if ( empty( $item ) || ! isset( $item ) ) { |
| 30 | return false; |
| 31 | } |
| 32 | // Turn a single user into an array. |
| 33 | $users = array(); |
| 34 | if ( isset( $item['user'] ) ) { |
| 35 | $users[] = $item['user']; |
| 36 | } elseif ( isset( $item['users'] ) ) { |
| 37 | $users = $item['users']; |
| 38 | } |
| 39 | |
| 40 | // If we still have no data, stop here. |
| 41 | if ( empty( $users ) ) { |
| 42 | return false; |
| 43 | } |
| 44 | |
| 45 | if ( ! is_array( $users ) ) { |
| 46 | $users = explode( ',', $users ); |
| 47 | } |
| 48 | |
| 49 | // Check if a policy has been posted, so we know the freshest setting. |
| 50 | if ( isset( $item['grace_policy'] ) ) { |
| 51 | $grace_policy = sanitize_text_field( $item['grace_policy'] ); |
| 52 | } else { |
| 53 | $grace_policy = WP2FA::get_wp2fa_setting( 'grace-policy' ); |
| 54 | } |
| 55 | |
| 56 | // Check if want to apply the custom period, or instant expiry. |
| 57 | if ( 'use-grace-period' === $grace_policy ) { |
| 58 | $grace_expiry = (int) $item['grace_expiry']; |
| 59 | } else { |
| 60 | $grace_expiry = time(); |
| 61 | } |
| 62 | |
| 63 | $grace_policy_string = DateTimeUtils::format_grace_period_expiration_string( $grace_policy, $grace_expiry ); |
| 64 | |
| 65 | foreach ( $users as $user ) { |
| 66 | $user_id = is_object( $user ) ? $user->ID : $user; |
| 67 | $current = (int) get_user_meta( $user_id, 'wp_2fa_grace_period_expiry', true ); |
| 68 | |
| 69 | // Ensure empty var has something so we dont accitdentally fallback to the currently saved setting. |
| 70 | $excluded_users = ( ! empty( $item['excluded_users'] ) ) ? $item['excluded_users'] : 'none'; |
| 71 | $excluded_roles = ( ! empty( $item['excluded_roles'] ) ) ? $item['excluded_roles'] : 'none'; |
| 72 | $excluded_sites = ( ! empty( $item['excluded_sites'] ) ) ? $item['excluded_sites'] : 'none'; |
| 73 | |
| 74 | if ( isset( $item['users'] ) ) { |
| 75 | |
| 76 | $is_user_excluded = WP2FA::is_user_excluded( $user_id, $excluded_users, $excluded_roles, $excluded_sites ); |
| 77 | |
| 78 | // Final check, if users is excluded, skip. |
| 79 | if ( $is_user_excluded ) { |
| 80 | continue; |
| 81 | } |
| 82 | } |
| 83 | |
| 84 | if ( $current !== $grace_expiry ) { |
| 85 | if ( 'use-grace-period' === $grace_policy ) { |
| 86 | delete_user_meta( $user_id, 'wp_2fa_user_enforced_instantly' ); |
| 87 | } |
| 88 | update_user_meta( $user_id, 'wp_2fa_grace_period_expiry', $grace_expiry ); |
| 89 | if ( 'no-grace-period' === $grace_policy ) { |
| 90 | update_user_meta( $user_id, 'wp_2fa_user_enforced_instantly', true ); |
| 91 | } |
| 92 | |
| 93 | if ( isset( $item['notify_users'] ) && ! empty( $item['notify_users'] ) ) { |
| 94 | SettingsPage::send_2fa_enforced_email( $user_id, $grace_policy_string ); |
| 95 | } |
| 96 | } |
| 97 | } |
| 98 | |
| 99 | return false; |
| 100 | } |
| 101 | |
| 102 | /** |
| 103 | * Fire off event so we know the above tasks have completed. |
| 104 | */ |
| 105 | protected function complete() { |
| 106 | parent::complete(); |
| 107 | } |
| 108 | |
| 109 | } |
| 110 |