Closes #168: UI for disabling TOTP as admin

docs-web/src/main/java/com/sismics/docs/rest/resource/UserResource.java

@@ -576,7 +576,7 @@ public class UserResource extends BaseResource {
     @POST
     @Path("{username: [a-zA-Z0-9_]+}/disable_totp")
     public Response disableTotpUsername(@PathParam("username") String username) {
-        if (!authenticate() || principal.isGuest()) {
+        if (!authenticate()) {
             throw new ForbiddenClientException();
         }
         checkBaseFunction(BaseFunction.ADMIN);

docs-web/src/main/webapp/src/app/docs/controller/settings/SettingsUserEdit.js

@@ -77,6 +77,9 @@ angular.module('docs').controller('SettingsUserEdit', function($scope, $dialog,
     });
   };
 
+  /**
+   * Send a password reset email.
+   */
   $scope.passwordReset = function () {
       Restangular.one('user').post('password_lost', {
           username: $stateParams.username
@@ -87,4 +90,21 @@ angular.module('docs').controller('SettingsUserEdit', function($scope, $dialog,
           $dialog.messageBox(title, msg, btns);
       });
   };
+
+  $scope.disableTotp = function () {
+    var title = $translate.instant('settings.user.edit.disable_totp_title');
+    var msg = $translate.instant('settings.user.edit.disable_totp_message');
+    var btns = [
+      { result:'cancel', label: $translate.instant('cancel') },
+      { result:'ok', label: $translate.instant('ok'), cssClass: 'btn-primary' }
+    ];
+
+    $dialog.messageBox(title, msg, btns, function (result) {
+      if (result === 'ok') {
+        Restangular.one('user/' + $stateParams.username + '/disable_totp').post('').then(function() {
+          $scope.user.totp_enabled = false;
+        });
+      }
+    });
+  };
 });

docs-web/src/main/webapp/src/locale/en.json

@@ -291,7 +291,10 @@
         "disabled": "Disabled user",
         "password_reset_btn": "Send a password reset email to this user",
         "password_lost_sent_title": "Password reset email sent",
-        "password_lost_sent_message": "A password reset email has been sent to <strong>{{ username }}</strong>"
+        "password_lost_sent_message": "A password reset email has been sent to <strong>{{ username }}</strong>",
+        "disable_totp_btn": "Disable two-factor authentification for this user",
+        "disable_totp_title": "Disable two-factor authentication",
+        "disable_totp_message": "Are you sure you want to disable two-factor authentication for this user?"
       }
     },
     "workflow": {

docs-web/src/main/webapp/src/partial/docs/settings.user.edit.html

@@ -113,10 +113,18 @@
 
     <div class="form-group">
       <div class="col-sm-offset-2 col-sm-10">
-        <button type="button" class="btn btn-warning" ng-click="passwordReset()" ng-show="isEdit() && user.username != 'guest'">
+        <button type="button" class="btn btn-info" ng-click="passwordReset()" ng-show="isEdit() && user.username != 'guest'">
           <span class="fas fa-redo-alt"></span> {{ 'settings.user.edit.password_reset_btn' | translate }}
         </button>
       </div>
     </div>
+
+    <div class="form-group">
+      <div class="col-sm-offset-2 col-sm-10">
+        <button type="button" class="btn btn-warning" ng-click="disableTotp()" ng-show="isEdit() && user.totp_enabled">
+          <span class="fas fa-unlock"></span> {{ 'settings.user.edit.disable_totp_btn' | translate }}
+        </button>
+      </div>
+    </div>
   </form>
 </div>