[pve-devel] applied: [PATCH access-control] store the tfa type in user.cfg
Thomas Lamprecht
t.lamprecht at proxmox.com
Fri Apr 12 16:32:57 CEST 2019
On 4/11/19 11:31 AM, Wolfgang Bumiller wrote:
> This allows some improvements to the user experience on the
> web ui.
>
> Signed-off-by: Wolfgang Bumiller <w.bumiller at proxmox.com>
> ---
> PVE/AccessControl.pm | 5 +++--
> 1 file changed, 3 insertions(+), 2 deletions(-)
>
> diff --git a/PVE/AccessControl.pm b/PVE/AccessControl.pm
> index bec962f..de353b1 100644
> --- a/PVE/AccessControl.pm
> +++ b/PVE/AccessControl.pm
> @@ -1434,7 +1434,7 @@ sub user_set_tfa {
> $tfa->{data} = $data;
> cfs_write_file('priv/tfa.cfg', $tfa_cfg);
>
> - $user->{keys} = 'x';
> + $user->{keys} = "x!$type";
> } else {
> delete $tfa_cfg->{users}->{$userid};
> cfs_write_file('priv/tfa.cfg', $tfa_cfg);
> @@ -1463,7 +1463,8 @@ sub user_get_tfa {
> $realm_tfa = PVE::Auth::Plugin::parse_tfa_config($realm_tfa)
> if $realm_tfa;
>
> - if ($keys ne 'x') {
> + # new style config starts with an 'x' and optionally contains a !<type> suffix
> + if ($keys != /^x(?:!.*)?$/) {
> # old style config, find the type via the realm
> return if !$realm_tfa;
> return ($realm_tfa->{type}, {
>
applied, thanks!
More information about the pve-devel
mailing list