Zabbix
Public
Source
'Cannot delete MFA method "DUO test case 2", because it is used by user group "User group with MFA".'<?php/*** Copyright (C) 2001-2025 Zabbix SIA**** This program is free software: you can redistribute it and/or modify it under the terms of** the GNU Affero General Public License as published by the Free Software Foundation, version 3.**** This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY;** without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.** See the GNU Affero General Public License for more details.**** You should have received a copy of the GNU Affero General Public License along with this program.** If not, see <https://www.gnu.org/licenses/>.**/require_once dirname(__FILE__) . '/../include/CAPITest.php';/** * @backup mfa, config, usrgrp, users, mfa_totp_secret * * @onBefore prepareTestData * * @onAfter cleanTestData */class testMfa extends CAPITest { public static $data = [ 'mfaids' => [], 'mfas' => [ 'TOTP test case 1' => [ 'type' => MFA_TYPE_TOTP, 'name' => 'TOTP test case 1', 'hash_function' => TOTP_HASH_SHA1, 'code_length' => TOTP_CODE_LENGTH_8 ], 'DUO test case 1' => [ 'type' => MFA_TYPE_DUO, 'name' => 'DUO test case 1', 'api_hostname' => 'api-999a9a99.duosecurity.com', 'clientid' => 'AAA58NOODEGUA6ST7AAA', 'client_secret' => '1AaAaAaaAaA7OoB4AaQfV547ARiqOqRNxP32Cult' ], 'DUO test case 2' => [ 'type' => MFA_TYPE_DUO, 'name' => 'DUO test case 2', 'api_hostname' => 'api-999a9a99.duosecurity.com', 'clientid' => 'AAA58NOODEGUA6ST7AAA', 'client_secret' => '1AaAaAaaAaA7OoB4AaQfV547ARiqOqRNxP32Cult' ] ], 'usrgrpids' => [], 'userids' => [] ]; public function prepareTestData() { $mfaids = CDataHelper::call('mfa.create', array_values(self::$data['mfas'])); $this->assertArrayHasKey('mfaids', $mfaids); self::$data['mfaids'] = array_combine(array_keys(self::$data['mfas']), $mfaids['mfaids']); CDataHelper::call('authentication.update', [ 'mfaid' => self::$data['mfaids']['DUO test case 1'], 'mfa_status' => MFA_ENABLED ]); $usrgrpids = CDataHelper::call('usergroup.create', [ 'name' => 'User group with MFA', 'mfa_status' => GROUP_MFA_ENABLED, 'mfaid' => self::$data['mfaids']['DUO test case 2'] ]); $this->assertArrayHasKey('usrgrpids', $usrgrpids); self::$data['usrgrpids'] = array_combine(['User group with MFA'], $usrgrpids['usrgrpids']); $userids = CDataHelper::call('user.create', [ 'username' => 'User with MFA TOTP method', 'roleid' => 1, 'passwd' => 'Z@bb1x1234', 'usrgrps' => [ ['usrgrpid' => 7] ] ]); $this->assertArrayHasKey('userids', $userids); self::$data['userids'] = array_combine(['User with MFA TOTP method'], $userids['userids']); DB::insert('mfa_totp_secret', [[ 'mfaid' => self::$data['mfaids']['TOTP test case 1'], 'userid' => self::$data['userids']['User with MFA TOTP method'], 'totp_secret' => '123asdf123asdf13asdf123asdf123as', 'status' => TOTP_SECRET_CONFIRMED ]]);