diff options
author | Joram Wilander <jwawilander@gmail.com> | 2016-05-27 11:36:53 -0400 |
---|---|---|
committer | Corey Hulen <corey@hulen.com> | 2016-05-27 08:36:53 -0700 |
commit | d2aacdbb07c0c0b97c0f45c99cfbbd2f28c56e7b (patch) | |
tree | edf41e49c0d099d852eeda0c38e775e29fb6a144 | |
parent | 0d0734ac9845ef32c55ebf4c3185ba85065c5940 (diff) | |
download | chat-d2aacdbb07c0c0b97c0f45c99cfbbd2f28c56e7b.tar.gz chat-d2aacdbb07c0c0b97c0f45c99cfbbd2f28c56e7b.tar.bz2 chat-d2aacdbb07c0c0b97c0f45c99cfbbd2f28c56e7b.zip |
Don't allow gitlab users to activate mfa (#3125)
-rw-r--r-- | api/user.go | 4 | ||||
-rw-r--r-- | i18n/en.json | 4 | ||||
-rw-r--r-- | webapp/components/user_settings/user_settings_security.jsx | 19 |
3 files changed, 26 insertions, 1 deletions
diff --git a/api/user.go b/api/user.go index c1b40852d..caf573463 100644 --- a/api/user.go +++ b/api/user.go @@ -2336,6 +2336,10 @@ func ActivateMfa(userId, token string) *model.AppError { user = result.Data.(*model.User) } + if len(user.AuthService) > 0 && user.AuthService != model.USER_AUTH_SERVICE_LDAP { + return model.NewLocAppError("ActivateMfa", "api.user.activate_mfa.email_and_ldap_only.app_error", nil, "") + } + if err := mfaInterface.Activate(user, token); err != nil { return err } diff --git a/i18n/en.json b/i18n/en.json index 35a9a3102..8d576fa8f 100644 --- a/i18n/en.json +++ b/i18n/en.json @@ -1736,6 +1736,10 @@ "translation": "MFA not configured or available on this server" }, { + "id": "api.user.activate_mfa.email_and_ldap_only.app_error", + "translation": "MFA is not available for this account type" + }, + { "id": "api.user.update_password.context.app_error", "translation": "Update password failed because context user_id did not match props user_id" }, diff --git a/webapp/components/user_settings/user_settings_security.jsx b/webapp/components/user_settings/user_settings_security.jsx index 433d08d5c..47a762442 100644 --- a/webapp/components/user_settings/user_settings_security.jsx +++ b/webapp/components/user_settings/user_settings_security.jsx @@ -61,6 +61,7 @@ class SecurityTab extends React.Component { this.state = this.getDefaultState(); } + getDefaultState() { return { currentPassword: '', @@ -71,6 +72,7 @@ class SecurityTab extends React.Component { mfaToken: '' }; } + submitPassword(e) { e.preventDefault(); @@ -117,6 +119,7 @@ class SecurityTab extends React.Component { } ); } + activateMfa() { Client.updateMfa( this.state.mfaToken, @@ -138,6 +141,7 @@ class SecurityTab extends React.Component { } ); } + deactivateMfa() { Client.updateMfa( '', @@ -159,22 +163,28 @@ class SecurityTab extends React.Component { } ); } + updateCurrentPassword(e) { this.setState({currentPassword: e.target.value}); } + updateNewPassword(e) { this.setState({newPassword: e.target.value}); } + updateConfirmPassword(e) { this.setState({confirmPassword: e.target.value}); } + updateMfaToken(e) { this.setState({mfaToken: e.target.value}); } + showQrCode(e) { e.preventDefault(); this.setState({mfaShowQr: true}); } + createMfaSection() { let updateSectionStatus; let submit; @@ -329,6 +339,7 @@ class SecurityTab extends React.Component { /> ); } + createPasswordSection() { let updateSectionStatus; @@ -519,6 +530,7 @@ class SecurityTab extends React.Component { /> ); } + createSignInSection() { let updateSectionStatus; const user = this.props.user; @@ -676,7 +688,10 @@ class SecurityTab extends React.Component { /> ); } + render() { + const user = this.props.user; + const passwordSection = this.createPasswordSection(); let numMethods = 0; @@ -690,7 +705,9 @@ class SecurityTab extends React.Component { } let mfaSection; - if (global.window.mm_config.EnableMultifactorAuthentication === 'true' && global.window.mm_license.IsLicensed === 'true') { + if (global.window.mm_config.EnableMultifactorAuthentication === 'true' && + global.window.mm_license.IsLicensed === 'true' && + (user.auth_service === '' || user.auth_service === Constants.LDAP_SERVICE)) { mfaSection = this.createMfaSection(); } |