Add reset 2fa column and action (#7)

* Add reset 2fa column and action

---------

Co-authored-by: kasparas <[email protected]>

README.md

@@ -83,3 +83,31 @@ class UserDependencyProvider extends SprykerUserDependencyProvider
     }
 }
 ```
+
+## Add Reset 2FA column to the User Table
+
+In order to see the Reset 2FA column with buttons to reset second factor authentification for each user in the administration GUI add the following line to your `config_default.php`:
+
+```php
+use SprykerUFirst\Shared\SecondFactorAuth\SecondFactorAuthConstants;
+...
+$config[SecondFactorAuthConstants::SHOW_SECOND_FACTOR_AUTH_RESET] = true;
+```
+
+If this column is enabled, we recomended allowing it to the highest permissions having roles by adding a rule:
+
+| Param      | Value              |
+|------------|--------------------|
+| Bundle     | second-factor-auth |
+| controller | user               |
+| action     | unregister         |
+| type       | allow              |
+
+Or if the entire `second-factor-auth` bundle allowed add this rule to the roles that should not be able to unregister other users.
+
+| Param      | Value              |
+|------------|--------------------|
+| Bundle     | second-factor-auth |
+| controller | user               |
+| action     | unregister         |
+| type       | deny               |

src/SprykerUFirst/Shared/SecondFactorAuth/SecondFactorAuthConstants.php

@@ -26,4 +26,9 @@ interface SecondFactorAuthConstants
      * @var string
      */
     public const SECOND_FACTOR_AUTH_IGNORABLE_USERS = 'SECOND_FACTOR_AUTH_IGNORABLE_USERS';
-}
+
+    /**
+     * @var string
+     */
+    public const SHOW_SECOND_FACTOR_AUTH_RESET = 'SHOW_SECOND_FACTOR_AUTH_RESET';
+}

src/SprykerUFirst/Zed/SecondFactorAuth/Communication/Plugin/Table/SecondFactorAuthUserTableConfigExpanderPlugin.php

@@ -8,15 +8,24 @@
 namespace SprykerUFirst\Zed\SecondFactorAuth\Communication\Plugin\Table;
 
 use Spryker\Zed\Gui\Communication\Table\TableConfiguration;
+use Spryker\Zed\Kernel\Communication\AbstractPlugin;
 use Spryker\Zed\UserExtension\Dependency\Plugin\UserTableConfigExpanderPluginInterface;
 
-class SecondFactorAuthUserTableConfigExpanderPlugin implements UserTableConfigExpanderPluginInterface
+/**
+ * @method \SprykerUFirst\Zed\SecondFactorAuth\SecondFactorAuthConfig getConfig()
+ */
+class SecondFactorAuthUserTableConfigExpanderPlugin extends AbstractPlugin implements UserTableConfigExpanderPluginInterface
 {
     /**
      * @var string
      */
     public const SECOND_FACTOR_AUTH_STATUS = '2fa status';
 
+    /**
+     * @var string
+     */
+    public const SECOND_FACTOR_AUTH_RESET = 'reset 2fa';
+
     /**
      * {@inheritDoc}
      *
@@ -29,10 +38,14 @@ class SecondFactorAuthUserTableConfigExpanderPlugin implements UserTableConfigEx
     public function expandConfig(TableConfiguration $config): TableConfiguration
     {
         $header = $config->getHeader();
+        $config->addRawColumn(static::SECOND_FACTOR_AUTH_STATUS);
         $header = $this->addAfterPosition($header, 5, [static::SECOND_FACTOR_AUTH_STATUS => static::SECOND_FACTOR_AUTH_STATUS]);
-        $config->setHeader($header);
 
-        $config->addRawColumn(static::SECOND_FACTOR_AUTH_STATUS);
+        if ($this->getConfig()->getShouldShowSecondFAReset()) {
+            $config->addRawColumn(static::SECOND_FACTOR_AUTH_RESET);
+            $header = $this->addAfterPosition($header, 6, [static::SECOND_FACTOR_AUTH_RESET => static::SECOND_FACTOR_AUTH_RESET]);
+        }
+        $config->setHeader($header);
 
         return $config;
     }
@@ -50,4 +63,4 @@ private function addAfterPosition(array $array, int $position, array $element):
             $element +
             array_slice($array, $position, count($array) - $position, true);
     }
-}
+}

src/SprykerUFirst/Zed/SecondFactorAuth/Communication/Plugin/Table/SecondFactorAuthUserTableDataExpanderPlugin.php

@@ -32,6 +32,7 @@ class SecondFactorAuthUserTableDataExpanderPlugin extends AbstractPlugin impleme
     public function expandData(array $item): array
     {
         $item[SecondFactorAuthUserTableConfigExpanderPlugin::SECOND_FACTOR_AUTH_STATUS] = $this->createSecondFAStatusLabel($item);
+        $item[SecondFactorAuthUserTableConfigExpanderPlugin::SECOND_FACTOR_AUTH_RESET] = $this->createSecondFAResetButton($item);
 
         return $item;
     }
@@ -55,4 +56,27 @@ public function createSecondFAStatusLabel(array $user): string
 
         return '<span class="label label-danger" title="Deactivated">Deactivated</span>';
     }
-}
+
+    /**
+     * {@inheritDoc}
+     *
+     * @api
+     *
+     * @param array $user
+     *
+     * @return string
+     */
+    public function createSecondFAResetButton(array $user): string
+    {
+        $userIsRegistered = $this->getRepository()->doesUserHaveSecret($user[SpyUserTableMap::COL_ID_USER]);
+
+        /* TODO: Localise static strings */
+        $buttonHTML = '<a href="/second-factor-auth/user/unregister?id-user=' . $user[SpyUserTableMap::COL_ID_USER] . '" class="btn btn-xs btn-outline btn-danger">Reset 2fa</a>';
+
+        if ($userIsRegistered) {
+            return $buttonHTML;
+        }
+
+        return '<span class="btn btn-xs btn-outline btn-view disabled">Reset 2fa</span>';
+    }
+}

src/SprykerUFirst/Zed/SecondFactorAuth/SecondFactorAuthConfig.php

@@ -172,4 +172,12 @@ public function getIsSecondFactorAuthRequired(): bool
     {
         return $this->get(SecondFactorAuthConstants::SECOND_FACTOR_AUTH_REQUIRED, false);
     }
-}
+
+    /**
+     * @return bool
+     */
+    public function getShouldShowSecondFAReset(): bool
+    {
+        return $this->get(SecondFactorAuthConstants::SHOW_SECOND_FACTOR_AUTH_RESET);
+    }
+}