Changeset 14088 for sites/trunk/wordpress.org/public_html/wp-content/plugins/plugin-directory/shortcodes/class-upload.php

Timestamp:

10/01/2024 06:20:40 AM (8 months ago)

Author:

dd32

Message:

Plugin Directory: Require 2FA to be enabled to submit new plugins.

See ​https://make.wordpress.org/plugins/2024/09/04/upcoming-security-changes-for-plugin-and-theme-authors-on-wordpress-org/

File:

• sites/trunk/wordpress.org/public_html/wp-content/plugins/plugin-directory/shortcodes/class-upload.php (modified) (2 diffs)

sites/trunk/wordpress.org/public_html/wp-content/plugins/plugin-directory/shortcodes/class-upload.php

@@ -2 +2 @@
 namespace WordPressdotorg\Plugin_Directory\Shortcodes;
 use WordPressdotorg\Plugin_Directory\Template;
+use Two_Factor_Core;
+use function WordPressdotorg\Two_Factor\{ user_requires_2fa, get_onboarding_account_url };
 
 class Upload {
@@ -53 +55 @@
                 __( 'Before you can upload a new plugin, <a href="%s">please log in</a>.', 'wporg-plugins' ),
                 esc_url( wp_login_url() )
+            ) . '</p></div>';
+        }
+
+        // Require 2FA for plugin authors on upload.
+        if (
+            user_requires_2fa( wp_get_current_user() ) &&
+            ! Two_Factor_Core::is_user_using_two_factor( get_current_user_id() )
+        ) {
+            return '<div class="notice notice-error notice-alt"><p>' . sprintf(
+                /* translators: Setup 2FA url */
+                __( 'Before you can upload a new plugin, <a href="%s">please enable two-factor authentication</a>.', 'wporg-plugins' ),
+                esc_url( get_onboarding_account_url() )
             ) . '</p></div>';
         }