Add metrics about accounts with two-factor auth to munin stats

src/Command/MuninAccountCommand.php

@@ -71,6 +71,9 @@ protected function execute(InputInterface $input, OutputInterface $output): void
             $output->writeln('mail_crypt_keys.label Active accounts with mailbox encryption');
             $output->writeln('mail_crypt_keys.type GAUGE');
             $output->writeln('mail_crypt_keys.min 0');
+            $output->writeln('twofactor.label Active accounts with two-factor authentication');
+            $output->writeln('twofactor.type GAUGE');
+            $output->writeln('twofactor.min 0');
             $output->writeln('openpgp_keys.label OpenPGP keys');
             $output->writeln('openpgp_keys.type GAUGE');
             $output->writeln('openpgp_keys.min 0');
@@ -82,6 +85,7 @@ protected function execute(InputInterface $input, OutputInterface $output): void
         $output->writeln(sprintf('deleted.value %d', $this->userRepository->countDeletedUsers()));
         $output->writeln(sprintf('recovery_tokens.value %d', $this->userRepository->countUsersWithRecoveryToken()));
         $output->writeln(sprintf('mail_crypt_keys.value %d', $this->userRepository->countUsersWithMailCrypt()));
+        $output->writeln(sprintf('twofactor.value %d', $this->userRepository->countUsersWithTwofactor()));
         $output->writeln(sprintf('openpgp_keys.value %d', $this->openPgpKeyRepository->countKeys()));
     }
 }

src/Repository/UserRepository.php

@@ -90,4 +90,13 @@ public function countUsersWithMailCrypt(): int
             ->andWhere(Criteria::expr()->eq('mailCrypt', true))
         )->count();
     }
+
+    public function countUsersWithTwofactor(): int
+    {
+        return $this->matching(Criteria::create()
+            ->where(Criteria::expr()->eq('deleted', false))
+            ->andWhere(Criteria::expr()->eq('totpConfirmed', 1))
+            ->andWhere(Criteria::expr()->neq('totpSecret', null))
+        )->count();
+    }
 }

tests/Command/MuninAccountCommandTest.php

@@ -20,6 +20,7 @@ public function testExecute(): void
         $userRepository->method('countDeletedUsers')->willReturn(3);
         $userRepository->method('countUsersWithRecoveryToken')->willReturn(5);
         $userRepository->method('countUsersWithMailCrypt')->willReturn(7);
+        $userRepository->method('countUsersWithTwofactor')->willReturn(9);
 
         $openPgpKeyRepository = $this->getMockBuilder(OpenPgpKeyRepository::class)
             ->disableOriginalConstructor()
@@ -40,7 +41,7 @@ public function testExecute(): void
 
         $output = $commandTester->getDisplay();
 
-        self::assertEquals("account.value 10\ndeleted.value 3\nrecovery_tokens.value 5\nmail_crypt_keys.value 7\nopenpgp_keys.value 2\n", $output);
+        self::assertEquals("account.value 10\ndeleted.value 3\nrecovery_tokens.value 5\nmail_crypt_keys.value 7\ntwofactor.value 9\nopenpgp_keys.value 2\n", $output);
 
         $commandTester->execute(['--autoconf' => true]);
 
@@ -61,6 +62,7 @@ public function testExecute(): void
         self::assertStringContainsString('deleted.label Deleted accounts', $output);
         self::assertStringContainsString('recovery_tokens.label Active accounts with recovery token', $output);
         self::assertStringContainsString('mail_crypt_keys.label Active accounts with mailbox encryption', $output);
+        self::assertStringContainsString('twofactor.label Active accounts with two-factor authentication', $output);
         self::assertStringContainsString('openpgp_keys.label OpenPGP keys', $output);
     }
 }