require_once $_SERVER["DOCUMENT_ROOT"] . "/bitrix/modules/main/include/prolog_admin_before.php";
/**
* @global CMain $APPLICATION
* @global CUser $USER
*/
IncludeModuleLangFile(__FILE__);
$request = Bitrix\Main\Context::getCurrent()->getRequest();
$userId = (int) ($request['user'] ?: $USER->getId());
$userOtp = Otp::getByUser($userId);
if (!CModule::includeModule('security')) {
ShowError('Security module not installed');
}
if (!$userOtp->isActivated()) {
ShowError('OTP inactive');
}
if (!Otp::isRecoveryCodesEnabled()) {
ShowError('OTP Recovery codes are disabled');
}
if (!$userId || $userId != $USER->getId() && !$USER->CanDoOperation('security_edit_user_otp')) {
ShowError('Not enough permissions');
}
if (isset($request['action']) && $request['action'] === 'download') {
$codes = getRecoveryCodes($userId);
$response = '';
$counter = 0;
foreach ($codes as $code) {
$counter++;
$response .= sprintf("%d. %s\r\n", $counter, $code);
}
header('Content-Type: text/plain', true);
header('Content-Disposition: attachment; filename="recovery_codes.txt"');
$arResult["SUBORDINATE"] = $subordinate_users;
}
// user activity status
if ($arResult["User"]["ACTIVE"] == "Y") {
$arResult["User"]["ACTIVITY_STATUS"] = "active";
}
$obUser = new CUser();
$arGroups = $obUser->GetUserGroup($arResult["User"]['ID']);
if (in_array(1, $arGroups)) {
$arResult["User"]["ACTIVITY_STATUS"] = "admin";
}
$arGroups = CUser::GetUserGroup($arResult["User"]['ID']);
if (CModule::IncludeModule('extranet') && in_array(CExtranet::GetExtranetUserGroupID(), $arGroups) && (!is_array($arResult["User"]['UF_DEPARTMENT']) || empty($arResult["User"]['UF_DEPARTMENT'][0]))) {
$arResult["User"]["ACTIVITY_STATUS"] = "extranet";
$arResult["User"]["IS_EXTRANET"] = true;
} else {
$arResult["User"]["IS_EXTRANET"] = false;
}
if ($arResult["User"]["ACTIVE"] == "N") {
$arResult["User"]["ACTIVITY_STATUS"] = "fired";
}
if ($arResult["User"]["ACTIVE"] == "Y" && !empty($arResult["User"]["CONFIRM_CODE"])) {
$arResult["User"]["ACTIVITY_STATUS"] = "invited";
}
if ($arResult["User"]["ID"] == $GLOBALS["USER"]->GetID() && CSocNetUser::IsCurrentUserModuleAdmin(SITE_ID, false) && !isset($_SESSION["SONET_ADMIN"])) {
$arResult["SHOW_SONET_ADMIN"] = true;
}
}
if (\Bitrix\Main\Loader::includeModule("security")) {
$arResult["IS_OTP_RECOVERY_CODES_ENABLE"] = \Bitrix\Security\Mfa\Otp::isRecoveryCodesEnabled();
}
protected function checkRequirements()
{
/** @global CUser $USER */
global $USER;
if (!$USER->IsAuthorized()) {
return Loc::getMessage("SECURITY_USER_RECOVERY_CODES_AUTH_ERROR");
}
if (!CModule::includeModule('security')) {
return Loc::getMessage("SECURITY_USER_RECOVERY_CODES_MODULE_ERROR");
}
$otp = Otp::getByUser($USER->getID());
if (!$otp->isActivated()) {
return Loc::getMessage("SECURITY_USER_RECOVERY_CODES_OTP_NOT_ACTIVE");
}
if (!Otp::isRecoveryCodesEnabled()) {
return Loc::getMessage("SECURITY_USER_RECOVERY_CODES_DISABLED");
}
return null;
}
<td style="text-align: left;">
<span><?php
echo GetMessage('SEC_OTP_CONNECTED');
?>
</span>
<?if(
!Otp::isMandatoryUsing()
|| $otp->canSkipMandatory()
|| $USER->CanDoOperation('security_edit_user_otp')
):?>
<span class="otp-link-button" id="otp-deactivate"><?php
echo GetMessage('SEC_OTP_DISABLE');
?>
</span>
<?endif;?>
<?if (Otp::isRecoveryCodesEnabled()):?>
<span class="otp-link-button" id="otp-show-recovery-codes"><?php
echo GetMessage('SEC_OTP_RECOVERY_CODES_BUTTON');
?>
</span>
<?endif;?>
<?if ($USER->CanDoOperation('security_edit_user_otp')):?>
<span class="otp-link-button" id="otp-reinitialize"><?php
echo GetMessage('SEC_OTP_SYNC_NOW');
?>
</span>
<?endif;?>
</td>
<td style="text-align: right;">
<a class="adm-btn-save adm-btn adm-btn-menu" id="otp-connect-device"><?php
echo GetMessage('SEC_OTP_CONNECT_NEW_DEVICE');