From 71112eb81d28b7baee09bf7d73e80a81cb38c17a Mon Sep 17 00:00:00 2001
From: Frederic Guillot <fred@kanboard.net>
Date: Tue, 21 Apr 2015 19:53:33 -0400
Subject: Allow admins to disable the 2FA for a standard user

---
 app/Controller/Twofactor.php | 27 +++++++++++++++++++++++++++
 1 file changed, 27 insertions(+)

(limited to 'app/Controller')

diff --git a/app/Controller/Twofactor.php b/app/Controller/Twofactor.php
index e3451d33..c21729ba 100644
--- a/app/Controller/Twofactor.php
+++ b/app/Controller/Twofactor.php
@@ -137,4 +137,31 @@ class Twofactor extends User
             'title' => t('Check two factor authentication code'),
         )));
     }
+
+    /**
+     * Disable 2FA for a user
+     *
+     * @access public
+     */
+    public function disable()
+    {
+        $user = $this->getUser();
+
+        if ($this->request->getStringParam('disable') === 'yes') {
+
+            $this->checkCSRFParam();
+
+            $this->user->update(array(
+                'id' => $user['id'],
+                'twofactor_activated' => 0,
+                'twofactor_secret' => '',
+            ));
+
+            $this->response->redirect($this->helper->url('user', 'show', array('user_id' => $user['id'])));
+        }
+
+        $this->response->html($this->layout('twofactor/disable', array(
+            'user' => $user,
+        )));
+    }
 }
-- 
cgit v1.2.3