From fe40a0a677d7d902cc8ac08b7ad0fe01eccc708a Mon Sep 17 00:00:00 2001 From: Benjamin Gamard Date: Thu, 24 Jan 2019 20:20:03 +0100 Subject: [PATCH] Closes #168: UI for disabling TOTP as admin --- .../docs/rest/resource/UserResource.java | 2 +- .../controller/settings/SettingsUserEdit.js | 20 +++++++++++++++++++ docs-web/src/main/webapp/src/locale/en.json | 5 ++++- .../src/partial/docs/settings.user.edit.html | 10 +++++++++- 4 files changed, 34 insertions(+), 3 deletions(-) diff --git a/docs-web/src/main/java/com/sismics/docs/rest/resource/UserResource.java b/docs-web/src/main/java/com/sismics/docs/rest/resource/UserResource.java index 94097186..6a2ed09a 100644 --- a/docs-web/src/main/java/com/sismics/docs/rest/resource/UserResource.java +++ b/docs-web/src/main/java/com/sismics/docs/rest/resource/UserResource.java @@ -576,7 +576,7 @@ public class UserResource extends BaseResource { @POST @Path("{username: [a-zA-Z0-9_]+}/disable_totp") public Response disableTotpUsername(@PathParam("username") String username) { - if (!authenticate() || principal.isGuest()) { + if (!authenticate()) { throw new ForbiddenClientException(); } checkBaseFunction(BaseFunction.ADMIN); diff --git a/docs-web/src/main/webapp/src/app/docs/controller/settings/SettingsUserEdit.js b/docs-web/src/main/webapp/src/app/docs/controller/settings/SettingsUserEdit.js index 1b7b146b..87cf9ca3 100644 --- a/docs-web/src/main/webapp/src/app/docs/controller/settings/SettingsUserEdit.js +++ b/docs-web/src/main/webapp/src/app/docs/controller/settings/SettingsUserEdit.js @@ -77,6 +77,9 @@ angular.module('docs').controller('SettingsUserEdit', function($scope, $dialog, }); }; + /** + * Send a password reset email. + */ $scope.passwordReset = function () { Restangular.one('user').post('password_lost', { username: $stateParams.username @@ -87,4 +90,21 @@ angular.module('docs').controller('SettingsUserEdit', function($scope, $dialog, $dialog.messageBox(title, msg, btns); }); }; + + $scope.disableTotp = function () { + var title = $translate.instant('settings.user.edit.disable_totp_title'); + var msg = $translate.instant('settings.user.edit.disable_totp_message'); + var btns = [ + { result:'cancel', label: $translate.instant('cancel') }, + { result:'ok', label: $translate.instant('ok'), cssClass: 'btn-primary' } + ]; + + $dialog.messageBox(title, msg, btns, function (result) { + if (result === 'ok') { + Restangular.one('user/' + $stateParams.username + '/disable_totp').post('').then(function() { + $scope.user.totp_enabled = false; + }); + } + }); + }; }); \ No newline at end of file diff --git a/docs-web/src/main/webapp/src/locale/en.json b/docs-web/src/main/webapp/src/locale/en.json index 869760ac..135e4587 100644 --- a/docs-web/src/main/webapp/src/locale/en.json +++ b/docs-web/src/main/webapp/src/locale/en.json @@ -291,7 +291,10 @@ "disabled": "Disabled user", "password_reset_btn": "Send a password reset email to this user", "password_lost_sent_title": "Password reset email sent", - "password_lost_sent_message": "A password reset email has been sent to {{ username }}" + "password_lost_sent_message": "A password reset email has been sent to {{ username }}", + "disable_totp_btn": "Disable two-factor authentification for this user", + "disable_totp_title": "Disable two-factor authentication", + "disable_totp_message": "Are you sure you want to disable two-factor authentication for this user?" } }, "workflow": { diff --git a/docs-web/src/main/webapp/src/partial/docs/settings.user.edit.html b/docs-web/src/main/webapp/src/partial/docs/settings.user.edit.html index ab40ef13..879f7887 100644 --- a/docs-web/src/main/webapp/src/partial/docs/settings.user.edit.html +++ b/docs-web/src/main/webapp/src/partial/docs/settings.user.edit.html @@ -113,10 +113,18 @@
-
+ +
+
+ +
+
\ No newline at end of file