[Summary view] [Print] [Text view]

   1  <?php
   2  
   3  /**
   4   * @package     Joomla.Administrator
   5   * @subpackage  com_users
   6   *
   7   * @copyright   (C) 2022 Open Source Matters, Inc. <https://www.joomla.org>
   8   * @license     GNU General Public License version 2 or later; see LICENSE.txt
   9   */
  10  
  11  namespace Joomla\Component\Users\Administrator\View\Method;
  12  
  13  use Joomla\CMS\Factory;
  14  use Joomla\CMS\MVC\View\HtmlView as BaseHtmlView;
  15  use Joomla\CMS\Router\Route;
  16  use Joomla\CMS\Toolbar\Button\BasicButton;
  17  use Joomla\CMS\Toolbar\Button\LinkButton;
  18  use Joomla\CMS\Toolbar\Toolbar;
  19  use Joomla\CMS\Toolbar\ToolbarHelper;
  20  use Joomla\CMS\User\User;
  21  use Joomla\CMS\User\UserFactoryInterface;
  22  use Joomla\Component\Users\Administrator\Model\MethodModel;
  23  
  24  // phpcs:disable PSR1.Files.SideEffects
  25  \defined('_JEXEC') or die;
  26  // phpcs:enable PSR1.Files.SideEffects
  27  
  28  /**
  29   * View for Multi-factor Authentication method add/edit page
  30   *
  31   * @since 4.2.0
  32   */
  33  class HtmlView extends BaseHtmlView
  34  {
  35      /**
  36       * Is this an administrator page?
  37       *
  38       * @var   boolean
  39       * @since 4.2.0
  40       */
  41      public $isAdmin = false;
  42  
  43      /**
  44       * The editor page render options
  45       *
  46       * @var   array
  47       * @since 4.2.0
  48       */
  49      public $renderOptions = [];
  50  
  51      /**
  52       * The MFA Method record being edited
  53       *
  54       * @var   object
  55       * @since 4.2.0
  56       */
  57      public $record = null;
  58  
  59      /**
  60       * The title text for this page
  61       *
  62       * @var  string
  63       * @since 4.2.0
  64       */
  65      public $title = '';
  66  
  67      /**
  68       * The return URL to use for all links and forms
  69       *
  70       * @var   string
  71       * @since 4.2.0
  72       */
  73      public $returnURL = null;
  74  
  75      /**
  76       * The user object used to display this page
  77       *
  78       * @var   User
  79       * @since 4.2.0
  80       */
  81      public $user = null;
  82  
  83      /**
  84       * The backup codes for the current user. Only applies when the backup codes record is being "edited"
  85       *
  86       * @var   array
  87       * @since 4.2.0
  88       */
  89      public $backupCodes = [];
  90  
  91      /**
  92       * Am I editing an existing Method? If it's false then I'm adding a new Method.
  93       *
  94       * @var   boolean
  95       * @since 4.2.0
  96       */
  97      public $isEditExisting = false;
  98  
  99      /**
 100       * Execute and display a template script.
 101       *
 102       * @param   string  $tpl  The name of the template file to parse; automatically searches through the template paths.
 103       *
 104       * @return  void
 105       *
 106       * @throws  \Exception
 107       * @see     \JViewLegacy::loadTemplate()
 108       * @since   4.2.0
 109       */
 110      public function display($tpl = null): void
 111      {
 112          $app = Factory::getApplication();
 113  
 114          if (empty($this->user)) {
 115              $this->user = Factory::getApplication()->getIdentity()
 116                  ?: Factory::getContainer()->get(UserFactoryInterface::class)->loadUserById(0);
 117          }
 118  
 119          /** @var MethodModel $model */
 120          $model = $this->getModel();
 121          $this->setLayout('edit');
 122          $this->renderOptions = $model->getRenderOptions($this->user);
 123          $this->record        = $model->getRecord($this->user);
 124          $this->title         = $model->getPageTitle();
 125          $this->isAdmin       = $app->isClient('administrator');
 126  
 127          // Backup codes are a special case, rendered with a special layout
 128          if ($this->record->method == 'backupcodes') {
 129              $this->setLayout('backupcodes');
 130  
 131              $backupCodes = $this->record->options;
 132  
 133              if (!is_array($backupCodes)) {
 134                  $backupCodes = [];
 135              }
 136  
 137              $backupCodes = array_filter(
 138                  $backupCodes,
 139                  function ($x) {
 140                      return !empty($x);
 141                  }
 142              );
 143  
 144              if (count($backupCodes) % 2 != 0) {
 145                  $backupCodes[] = '';
 146              }
 147  
 148              /**
 149               * The call to array_merge resets the array indices. This is necessary since array_filter kept the indices,
 150               * meaning our elements are completely out of order.
 151               */
 152              $this->backupCodes = array_merge($backupCodes);
 153          }
 154  
 155          // Set up the isEditExisting property.
 156          $this->isEditExisting = !empty($this->record->id);
 157  
 158          // Back-end: always show a title in the 'title' module position, not in the page body
 159          if ($this->isAdmin) {
 160              ToolbarHelper::title($this->title, 'users user-lock');
 161  
 162              $helpUrl = $this->renderOptions['help_url'];
 163  
 164              if (!empty($helpUrl)) {
 165                  ToolbarHelper::help('', false, $helpUrl);
 166              }
 167  
 168              $this->title = '';
 169          }
 170  
 171          $returnUrl = empty($this->returnURL) ? '' : base64_decode($this->returnURL);
 172          $returnUrl = $returnUrl ?: Route::_('index.php?option=com_users&task=methods.display&user_id=' . $this->user->id);
 173  
 174          if ($this->isAdmin && $this->getLayout() === 'edit') {
 175              $bar = Toolbar::getInstance();
 176              $button = (new BasicButton('user-mfa-edit-save'))
 177                  ->text($this->renderOptions['submit_text'])
 178                  ->icon($this->renderOptions['submit_icon'])
 179                  ->onclick('document.getElementById(\'user-mfa-edit-save\').click()');
 180  
 181              if ($this->renderOptions['show_submit'] || $this->isEditExisting) {
 182                  $bar->appendButton($button);
 183              }
 184  
 185              $button = (new LinkButton('user-mfa-edit-cancel'))
 186                  ->text('JCANCEL')
 187                  ->buttonClass('btn btn-danger')
 188                  ->icon('icon-cancel-2')
 189                  ->url($returnUrl);
 190              $bar->appendButton($button);
 191          } elseif ($this->isAdmin && $this->getLayout() === 'backupcodes') {
 192              $bar = Toolbar::getInstance();
 193  
 194              $arrow  = Factory::getApplication()->getLanguage()->isRtl() ? 'arrow-right' : 'arrow-left';
 195              $button = (new LinkButton('user-mfa-edit-cancel'))
 196                  ->text('JTOOLBAR_BACK')
 197                  ->icon('icon-' . $arrow)
 198                  ->url($returnUrl);
 199              $bar->appendButton($button);
 200  
 201              $button = (new LinkButton('user-mfa-edit-cancel'))
 202                  ->text('COM_USERS_MFA_BACKUPCODES_RESET')
 203                  ->buttonClass('btn btn-danger')
 204                  ->icon('icon-refresh')
 205                  ->url(
 206                      Route::_(
 207                          sprintf(
 208                              "index.php?option=com_users&task=method.regenerateBackupCodes&user_id=%s&%s=1&returnurl=%s",
 209                              $this->user->id,
 210                              Factory::getApplication()->getFormToken(),
 211                              base64_encode($returnUrl)
 212                          )
 213                      )
 214                  );
 215              $bar->appendButton($button);
 216          }
 217  
 218          // Display the view
 219          parent::display($tpl);
 220      }
 221  }