Ensure 2FA is not loaded when safemode is triggered #18501
Merged
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Description:
While testing another PR including some db schema changes I observed some weird issue, where while loading the update page the page for setting up 2FA was displayed.
The reason for that took me a while to figure out:
When opening Matomo the updater was triggered due to the version change. While the update is being prepared those components not having an update file are already updated (e.g. version is adjusted in option table). That update triggers an event, which causes the TagManager to update the containers. In my case updating the containers ran into a
maximum execution time exceeded error
. That error should then actually be displayed in the safemode screen. But as this error happened within a method running withinAccess::doAsSuperUser
, the login was temporary set tosuper user was set
. This caused the2FA is forced
screen to be rendered instead (as I had force 2FA enabled).Steps to reproduce the error on
4.x-dev
Enforce 2FA
UPDATE matomo_option SET option_value='4.5.0-b1' WHERE option_value='4.7.0-b1'
plugins\TagManager\TagManager.php
and add this lines somewhere withinAccess::doAsSuperUser
(around line 270)Review