Closes #168: UI for disabling TOTP as admin

This commit is contained in:
Benjamin Gamard 2019-01-24 20:20:03 +01:00
parent b8c2bd3564
commit fe40a0a677
4 changed files with 34 additions and 3 deletions

View File

@ -576,7 +576,7 @@ public class UserResource extends BaseResource {
@POST @POST
@Path("{username: [a-zA-Z0-9_]+}/disable_totp") @Path("{username: [a-zA-Z0-9_]+}/disable_totp")
public Response disableTotpUsername(@PathParam("username") String username) { public Response disableTotpUsername(@PathParam("username") String username) {
if (!authenticate() || principal.isGuest()) { if (!authenticate()) {
throw new ForbiddenClientException(); throw new ForbiddenClientException();
} }
checkBaseFunction(BaseFunction.ADMIN); checkBaseFunction(BaseFunction.ADMIN);

View File

@ -77,6 +77,9 @@ angular.module('docs').controller('SettingsUserEdit', function($scope, $dialog,
}); });
}; };
/**
* Send a password reset email.
*/
$scope.passwordReset = function () { $scope.passwordReset = function () {
Restangular.one('user').post('password_lost', { Restangular.one('user').post('password_lost', {
username: $stateParams.username username: $stateParams.username
@ -87,4 +90,21 @@ angular.module('docs').controller('SettingsUserEdit', function($scope, $dialog,
$dialog.messageBox(title, msg, btns); $dialog.messageBox(title, msg, btns);
}); });
}; };
$scope.disableTotp = function () {
var title = $translate.instant('settings.user.edit.disable_totp_title');
var msg = $translate.instant('settings.user.edit.disable_totp_message');
var btns = [
{ result:'cancel', label: $translate.instant('cancel') },
{ result:'ok', label: $translate.instant('ok'), cssClass: 'btn-primary' }
];
$dialog.messageBox(title, msg, btns, function (result) {
if (result === 'ok') {
Restangular.one('user/' + $stateParams.username + '/disable_totp').post('').then(function() {
$scope.user.totp_enabled = false;
});
}
});
};
}); });

View File

@ -291,7 +291,10 @@
"disabled": "Disabled user", "disabled": "Disabled user",
"password_reset_btn": "Send a password reset email to this user", "password_reset_btn": "Send a password reset email to this user",
"password_lost_sent_title": "Password reset email sent", "password_lost_sent_title": "Password reset email sent",
"password_lost_sent_message": "A password reset email has been sent to <strong>{{ username }}</strong>" "password_lost_sent_message": "A password reset email has been sent to <strong>{{ username }}</strong>",
"disable_totp_btn": "Disable two-factor authentification for this user",
"disable_totp_title": "Disable two-factor authentication",
"disable_totp_message": "Are you sure you want to disable two-factor authentication for this user?"
} }
}, },
"workflow": { "workflow": {

View File

@ -113,10 +113,18 @@
<div class="form-group"> <div class="form-group">
<div class="col-sm-offset-2 col-sm-10"> <div class="col-sm-offset-2 col-sm-10">
<button type="button" class="btn btn-warning" ng-click="passwordReset()" ng-show="isEdit() && user.username != 'guest'"> <button type="button" class="btn btn-info" ng-click="passwordReset()" ng-show="isEdit() && user.username != 'guest'">
<span class="fas fa-redo-alt"></span> {{ 'settings.user.edit.password_reset_btn' | translate }} <span class="fas fa-redo-alt"></span> {{ 'settings.user.edit.password_reset_btn' | translate }}
</button> </button>
</div> </div>
</div> </div>
<div class="form-group">
<div class="col-sm-offset-2 col-sm-10">
<button type="button" class="btn btn-warning" ng-click="disableTotp()" ng-show="isEdit() && user.totp_enabled">
<span class="fas fa-unlock"></span> {{ 'settings.user.edit.disable_totp_btn' | translate }}
</button>
</div>
</div>
</form> </form>
</div> </div>