0001-authenticators-forbid-disabling-all-authenticators-6.patch

Valentin Deniaud, 25 mai 2022 10:49

Voir les différences: en ligne côte à côte

Subject: [PATCH] authenticators: forbid disabling all authenticators (#65642)

 .../authenticators/authenticator_detail.html   |  2 ++
 src/authentic2/apps/authenticators/views.py    |  7 ++++++-
 tests/test_manager_authenticators.py           | 18 ++++++++++--------
 3 files changed, 18 insertions(+), 9 deletions(-)

       <span class="actions">
         <a class="extra-actions-menu-opener"></a>
         {% if not object.internal %}
         <a href="{% url 'a2-manager-authenticator-toggle' pk=object.pk %}">{{ object.enabled|yesno:_("Disable,Enable") }}</a>
         {% endif %}
         <a href="{% url 'a2-manager-authenticator-edit' pk=object.pk %}">{% trans "Edit" %}</a>
         <ul class="extra-actions-menu">
           {% if not object.internal %}

     delete = AuthenticatorDeleteView.as_view()
     class AuthenticatorToggleView(DetailView):
     class AuthenticatorToggleView(AuthenticatorsMixin, DetailView):
         model = BaseAuthenticator
         def dispatch(self, *args, **kwargs):
             if self.get_object().internal:
                 raise PermissionDenied
             return super().dispatch(*args, **kwargs)
         def get(self, request, *args, **kwargs):
             authenticator = self.get_object()

                 "Show condition: &#x27;backoffice&#x27; in login_hint or remotre_addr == &#x27;1.2.3.4&#x27;"
                 in resp.text
+            )
         resp = resp.click('Disable').follow()
         assert 'Authenticator has been disabled.' in resp.text
         resp = app.get('/manage/authenticators/')
         assert 'class="section disabled"' in resp.text
         resp = resp.click('Configure')
         resp = resp.click('Enable').follow()
         assert 'Authenticator has been enabled.' in resp.text
         # password authenticator cannot be disabled
         assert 'Disable' not in resp.text
         app.get('/manage/authenticators/1/toggle/', status=403)
         # cannot add another password authenticator
         resp = app.get('/manage/authenticators/add/')
-...
         assert 'This field is required' in resp.text
         resp = app.get('/manage/authenticators/')
         resp = resp.click('Configure', index=1)
         resp = resp.click('Disable').follow()
         assert 'Authenticator has been disabled.' in resp.text
         resp = app.get('/manage/authenticators/')
         assert 'class="section disabled"' in resp.text
         resp = resp.click('Configure', index=1)
         resp = resp.click('Delete')
         resp = resp.form.submit().follow()
+    -

Projet

Général

Profil

Produits Entr'ouvert » Authentic 2

0001-authenticators-forbid-disabling-all-authenticators-6.patch