[pve-devel] [manager] Protect the user's tfa key setting.

Wolfgang Link w.link at proxmox.com
Fri Jan 17 14:48:59 CET 2020


If oath or U2F is set, it should not be possible to change it
in the GUI on the user edit window.
It disables the second factor, but leave the tfa key behind
in the file tfa.cfg.
The key in the tfa.cfg file is a problem when the user tries to recreate a key.
The old key must be deleted before a new one can be created.
---
 www/manager6/dc/UserEdit.js | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/www/manager6/dc/UserEdit.js b/www/manager6/dc/UserEdit.js
index 1665f4b0..40c4044f 100644
--- a/www/manager6/dc/UserEdit.js
+++ b/www/manager6/dc/UserEdit.js
@@ -198,6 +198,11 @@ Ext.define('PVE.dc.UserEdit', {
 			}
 		    }
 		    me.setValues(data);
+		    if (data.keys) {
+			if ( data.keys === 'x!oath' || data.keys === 'x!u2f' ) {
+			    me.down('[name="keys"]').setDisabled(1);
+			}
+		    }
                 }
             });
         }
-- 
2.20.1




More information about the pve-devel mailing list