[pve-devel] [PATCH access-control 4/5] delete TFA entries when deleting a user
Wolfgang Bumiller
w.bumiller at proxmox.com
Wed Mar 27 11:16:20 CET 2019
Signed-off-by: Wolfgang Bumiller <w.bumiller at proxmox.com>
---
PVE/API2/User.pm | 5 ++++-
1 file changed, 4 insertions(+), 1 deletion(-)
diff --git a/PVE/API2/User.pm b/PVE/API2/User.pm
index 4c859dc..4458fc1 100644
--- a/PVE/API2/User.pm
+++ b/PVE/API2/User.pm
@@ -355,11 +355,14 @@ __PACKAGE__->register_method ({
$plugin->delete_user($cfg, $realm, $ruid);
}
+ # Remove TFA data before removing the user entry as the user entry tells us whether
+ # we need ot update priv/tfa.cfg.
+ PVE::AccessControl::user_set_tfa($userid, $realm, undef, undef, $usercfg, $domain_cfg);
+
delete $usercfg->{users}->{$userid};
PVE::AccessControl::delete_user_group($userid, $usercfg);
PVE::AccessControl::delete_user_acl($userid, $usercfg);
-
cfs_write_file("user.cfg", $usercfg);
}, "delete user failed");
--
2.11.0
More information about the pve-devel
mailing list