From 9f501da3ed1f20b4ed3a6abc0fa52235d24ffcbf Mon Sep 17 00:00:00 2001
From: Jan-Hendrik Willms <tleilax+studip@gmail.com>
Date: Wed, 6 Dec 2023 11:26:20 +0000
Subject: [PATCH] fixes #3532
Closes #3532
Merge request studip/studip!2426
---
app/controllers/tfa.php | 8 ++++++++
app/views/tfa/index.php | 5 ++++-
app/views/tfa/setup.php | 11 ++++++++---
3 files changed, 20 insertions(+), 4 deletions(-)
diff --git a/app/controllers/tfa.php b/app/controllers/tfa.php
index 1b57f26d094..370d8837a91 100644
--- a/app/controllers/tfa.php
+++ b/app/controllers/tfa.php
@@ -11,6 +11,8 @@ class TfaController extends AuthenticatedController
$this->user = User::findCurrent();
$this->is_root = $GLOBALS['perm']->have_perm('root');
+ $this->own_profile = true;
+
if ($this->is_root && Request::submitted('username')) {
$username = Request::username('username');
$this->user = User::findOneByUsername($username);
@@ -19,6 +21,8 @@ class TfaController extends AuthenticatedController
throw new Exception(_('Diesen Nutzer gibt es nicht'));
}
+ $this->own_profile = false;
+
URLHelper::addLinkParam('username', Request::username('username'));
PageLayout::postMessage(
@@ -33,6 +37,10 @@ class TfaController extends AuthenticatedController
}
$this->secret = new TFASecret($this->user->id);
+
+ if (!$this->own_profile) {
+ PageLayout::postWarning(_('Sie können die Zwei-Faktor-Authentifizierung nicht für andere Personen einrichten.'));
+ }
}
public function index_action()
diff --git a/app/views/tfa/index.php b/app/views/tfa/index.php
index 25ab9533a15..b4367f03bbb 100644
--- a/app/views/tfa/index.php
+++ b/app/views/tfa/index.php
@@ -2,6 +2,7 @@
/**
* @var TFASecret $secret
* @var TfaController $controller
+ * @var bool $own_profile
*/
?>
<p>
@@ -9,5 +10,7 @@
<?= $secret->type == 'app' ? _('Authenticator-App') : _('E-Mail') ?>
</p>
<form action="<?= $controller->revoke() ?>" method="post">
- <?= Studip\Button::createAccept(_('Aufheben')) ?>
+ <?= Studip\Button::createAccept(_('Aufheben'), 'revoke', $own_profile ? [] : [
+ 'disabled' => ''
+ ]) ?>
</form>
diff --git a/app/views/tfa/setup.php b/app/views/tfa/setup.php
index 62278dd2b5f..e4a0a3defef 100644
--- a/app/views/tfa/setup.php
+++ b/app/views/tfa/setup.php
@@ -1,6 +1,7 @@
<?php
/**
* @var TfaController $controller
+ * @var bool $own_profile
*/
?>
<form class="default" action="<?= $controller->create() ?>" method="post">
@@ -12,17 +13,21 @@
<?= formatReady(Config::get()->TFA_TEXT_INTRODUCTION) ?>
<label>
- <input required type="radio" name="type" value="email">
+ <input required type="radio" name="type" value="email"
+ <? if (!$own_profile) echo 'disabled'; ?>>
<?= _('E-Mail') ?>
</label>
<label>
- <input required type="radio" name="type" value="app">
+ <input required type="radio" name="type" value="app"
+ <? if (!$own_profile) echo 'disabled'; ?>>
<?= _('Authenticator-App') ?>
</label>
</fieldset>
<footer>
- <?= Studip\Button::createAccept(_('Aktivieren')) ?>
+ <?= Studip\Button::createAccept(_('Aktivieren'), 'activate', $own_profile ? [] : [
+ 'disabled' => ''
+ ]) ?>
</footer>
</form>
--
GitLab