fix Bug 70245

ONLYOFFICE · Oct 2, 2024 · 4ac113f · 4ac113f
1 parent 97f3c4c
commit 4ac113f
Showing 1 changed file with 21 additions and 15 deletions.
diff --git a/web/ASC.Web.Api/Api/Settings/TfaappController.cs b/web/ASC.Web.Api/Api/Settings/TfaappController.cs
@@ -304,7 +304,12 @@ public async Task<SetupCode> TfaAppGenerateSetupCodeAsync()
         await ApiContext.AuthByClaimAsync();
         var currentUser = await userManager.GetUsersAsync(authContext.CurrentAccount.ID);
 
-        await CheckTfa(currentUser);
+        if (!tfaAppAuthSettingsHelper.IsVisibleSettings ||
+            !(await settingsManager.LoadAsync<TfaAppAuthSettings>()).EnableSetting ||
+            await TfaAppUserSettings.EnableForUserAsync(settingsManager, currentUser.Id))
+        {
+            throw new Exception(Resource.TfaAppNotAvailable);
+        }
 
         if (await userManager.IsOutsiderAsync(currentUser))
         {
@@ -328,7 +333,12 @@ public async Task<IEnumerable<object>> TfaAppGetCodesAsync()
     {
         var currentUser = await userManager.GetUsersAsync(authContext.CurrentAccount.ID);
 
-        await CheckTfa(currentUser);
+        if (!tfaAppAuthSettingsHelper.IsVisibleSettings ||
+            !(await settingsManager.LoadAsync<TfaAppAuthSettings>()).EnableSetting ||
+            !await TfaAppUserSettings.EnableForUserAsync(settingsManager, currentUser.Id))
+        {
+            throw new Exception(Resource.TfaAppNotAvailable);
+        }
 
         if (await userManager.IsOutsiderAsync(currentUser))
         {
@@ -352,7 +362,10 @@ public async Task<IEnumerable<object>> TfaAppRequestNewCodesAsync()
     {
         var currentUser = await userManager.GetUsersAsync(authContext.CurrentAccount.ID);
 
-        await CheckTfa(currentUser);
+        if (!tfaAppAuthSettingsHelper.IsVisibleSettings || !await TfaAppUserSettings.EnableForUserAsync(settingsManager, currentUser.Id))
+        {
+            throw new Exception(Resource.TfaAppNotAvailable);
+        }
 
         if (await userManager.IsOutsiderAsync(currentUser))
         {
@@ -392,7 +405,10 @@ public async Task<object> TfaAppNewAppAsync(TfaRequestsDto inDto)
             throw new SecurityAccessDeniedException(Resource.ErrorAccessDenied);
         }
 
-        await CheckTfa(user);
+        if (!tfaAppAuthSettingsHelper.IsVisibleSettings || !await TfaAppUserSettings.EnableForUserAsync(settingsManager, user.Id))
+        {
+            throw new Exception(Resource.TfaAppNotAvailable);
+        }
 
         if (await userManager.IsOutsiderAsync(user))
         {
@@ -413,14 +429,4 @@ public async Task<object> TfaAppNewAppAsync(TfaRequestsDto inDto)
         await studioNotifyService.SendMsgTfaResetAsync(user);
         return string.Empty;
     }
-
-    private async Task CheckTfa(UserInfo currentUser)
-    {
-        if (!tfaAppAuthSettingsHelper.IsVisibleSettings ||
-            !(await settingsManager.LoadAsync<TfaAppAuthSettings>()).EnableSetting ||
-            await TfaAppUserSettings.EnableForUserAsync(settingsManager, currentUser.Id))
-        {
-            throw new Exception(Resource.TfaAppNotAvailable);
-        }
-    }
-}
+}