Merge pull request #100 from alleyinteractive/fix/issue-95/force-2fa-…

…causes-502-errors-vip Issue-95: force_two_factor_authentication feature causing 502 errors on VIP
alleyinteractive · Jul 22, 2024 · 1c694d5 · 1c694d5
2 parents e345f16 + 84504e7
commit 1c694d5
Showing 1 changed file with 11 additions and 12 deletions.
diff --git a/src/alley/wp/alleyvate/features/class-force-two-factor-authentication.php b/src/alley/wp/alleyvate/features/class-force-two-factor-authentication.php
@@ -26,7 +26,7 @@ final class Force_Two_Factor_Authentication implements Feature {
 	 */
 	public function boot(): void {
 		if ( self::is_vip_environment() ) {
-			add_filter( 'wpcom_vip_is_two_factor_forced', [ self::class, 'filter__wpcom_vip_is_two_factor_forced' ], \PHP_INT_MAX );
+			add_filter( 'wpcom_vip_two_factor_enforcement_cap', [ self::class, 'filter__wpcom_vip_two_factor_enforcement_cap' ], \PHP_INT_MAX );
 			return;
 		}
 
@@ -36,16 +36,6 @@ public function boot(): void {
 		add_action( 'admin_notices', [ self::class, 'action__admin_notices' ] );
 	}
 
-	/**
-	 * For VIP environments we can skip all of the functionality, and only focus on returning true if the current user
-	 * can edit posts.
-	 *
-	 * @return bool
-	 */
-	public static function filter__wpcom_vip_is_two_factor_forced(): bool {
-		return self::force_to_enable_2fa();
-	}
-
 	/**
 	 * Filter the user capabilities to restrict them to just those capabilities required to enabled two factor authentication.
 	 *
@@ -89,6 +79,15 @@ public static function action__admin_notices(): void {
 		}
 	}
 
+	/**
+	 * Returns the capability level that accounts will be required to use 2fa.
+	 *
+	 * @return string
+	 */
+	public static function filter__wpcom_vip_two_factor_enforcement_cap(): string {
+		return apply_filters( 'alleyvate_force_2fa_capability', 'edit_posts' );
+	}
+
 	/**
 	 * Adds an Admin Notice notifying the end user that they need to enable Two Factor authentication.
 	 */
@@ -165,7 +164,7 @@ private static function should_use_two_factor_authentication(): bool {
 	 * @return bool
 	 */
 	private static function force_to_enable_2fa(): bool {
-		$capability_min = apply_filters( 'alleyvate_force_2fa_capability', 'edit_posts' );
+		$capability_min = self::filter__wpcom_vip_two_factor_enforcement_cap();
 
 		// Remove the filter to avoid infinite loops.
 		$removed = remove_filter( 'map_meta_cap', [ self::class, 'filter__map_meta_cap' ], 0 );