Source of file MemberExtension.php
Size: 4,328 Bytes - Last Modified: 2021-12-24T06:47:27+00:00
/var/www/docs.ssmods.com/process/src/src/extensions/MemberExtension.php
123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120 | <?php namespace Firesphere\HaveIBeenPwned\Extensions; use SilverStripe\Forms\CheckboxField; use SilverStripe\Forms\FieldList; use SilverStripe\Forms\LiteralField; use SilverStripe\Forms\ReadonlyField; use SilverStripe\ORM\DataExtension; use SilverStripe\Security\Member; /** * Class \Firesphere\HaveIBeenPwned\Extensions\MemberExtension * * @property Member|MemberExtension $owner * @property int $PasswordIsPwnd * @property string $BreachedSites */ class MemberExtension extends DataExtension { /** * Name of the tab that is used for HaveIBeenPwned */ const PWND_TAB = 'Root.HaveIBeenPwned'; /** * @var array */ private static $db = [ 'PasswordIsPwnd' => 'Int', 'BreachedSites' => 'Text' ]; protected $fallbackHelp = 'If the error says that you "have been Pwnd", it means your password appears in the ' . '<a href="https://haveibeenpwned.com/Privacy">Have I Been Pwnd</a> database. ' . 'Therefore, we can not accept your password, because it is insecure or known to have been breached. ' . 'Before a password is safely stored in our database, we test if the password has been breached. ' . 'We do not share your password. ' . 'We run a safe test against the HaveIBeenPwned database to. ' . 'None of your data is shared or stored at HaveIBeenPwned. ' . 'For more information, you can read up on "Password safety", ' . 'and we strongly recommend installing a password manager if you haven\'t already. ' . 'Several options are LastPass, BitWarden and 1Password. ' . 'These services are also able to test your passwords against the HaveIBeenPwned database, ' . 'to see if your passwords are secure and safe.<br />' . 'Furthermore, <a href="https://www.troyhunt.com/introducing-306-million-freely-downloadable-pwned-passwords/">' . 'Troy Hunt explains why and how this service is important</a>.'; /** * @param FieldList $fields */ public function updateCMSFields(FieldList $fields) { // PwndDisabled always needs to be false $this->owner->PwndDisabled = false; $fields->removeByName(['BreachedSites', 'PasswordIsPwnd']); $this->breachFound($fields); $this->breachedSites($fields); $fields->addFieldsToTab('Root.Main', [ ReadonlyField::create( 'PasswordIsPwnd', _t(self::class . '.PWNCOUNT', 'Pwnd Count') )->setDescription(_t( self::class . '.AMOUNT', 'Amount of times the password appears in the Have I Been Pwnd database' )), CheckboxField::create( 'PwndDisabled', _t(self::class . '.TMPDISABLE', 'Disable "Have I Been Pwnd" temporarily') )->setDescription(_t( self::class . '.TMPDISABLEDESCR', 'Allow the password to be a compromised password once (only from the CMS), ' . 'to reset a users password manually and let the user reset the password on first login.' )) ]); } /** * @param FieldList $fields */ protected function breachFound(FieldList $fields) { if ($this->owner->BreachedSites || $this->owner->PasswordIsPwnd) { $fields->findOrMakeTab( static::PWND_TAB, _t(self::class . '.PWNDTAB', 'Have I Been Pwnd?') ); $text = _t( self::class . '.PWNDHelp', $this->fallbackHelp ); $help = LiteralField::create('Helptext', '<p>' . $text . '</p>'); $fields->addFieldToTab(static::PWND_TAB, $help); } } /** * @param FieldList $fields */ protected function breachedSites(FieldList $fields) { if ($this->owner->BreachedSites) { $fields->addFieldToTab( static::PWND_TAB, ReadonlyField::create( 'BreachedSites', _t(self::class . '.BREACHEDSITES', 'Known breaches') )->setDescription(_t( self::class . '.BREACHEDDESCRIPTION', 'Sites on which your email address or username has been found in known breaches.' )) ); } } } |