[pve-devel] applied: [manager] Protect the user's tfa key setting.
Thomas Lamprecht
t.lamprecht at proxmox.com
Tue Jan 28 13:54:57 CET 2020
On 1/17/20 2:48 PM, Wolfgang Link wrote:
> If oath or U2F is set, it should not be possible to change it
> in the GUI on the user edit window.
> It disables the second factor, but leave the tfa key behind
> in the file tfa.cfg.
> The key in the tfa.cfg file is a problem when the user tries to recreate a key.
> The old key must be deleted before a new one can be created.
> ---
> www/manager6/dc/UserEdit.js | 5 +++++
> 1 file changed, 5 insertions(+)
>
> diff --git a/www/manager6/dc/UserEdit.js b/www/manager6/dc/UserEdit.js
> index 1665f4b0..40c4044f 100644
> --- a/www/manager6/dc/UserEdit.js
> +++ b/www/manager6/dc/UserEdit.js
> @@ -198,6 +198,11 @@ Ext.define('PVE.dc.UserEdit', {
> }
> }
> me.setValues(data);
> + if (data.keys) {
> + if ( data.keys === 'x!oath' || data.keys === 'x!u2f' ) {
> + me.down('[name="keys"]').setDisabled(1);
> + }
> + }
> }
> });
> }
>
applied, thanks!
More information about the pve-devel
mailing list