0001-authenticators-forbid-disabling-all-authenticators-6.patch
src/authentic2/apps/authenticators/templates/authentic2/authenticators/authenticator_detail.html | ||
---|---|---|
6 | 6 |
<span class="actions"> |
7 | 7 |
<a class="extra-actions-menu-opener"></a> |
8 | 8 | |
9 |
{% if not object.internal %} |
|
9 | 10 |
<a href="{% url 'a2-manager-authenticator-toggle' pk=object.pk %}">{{ object.enabled|yesno:_("Disable,Enable") }}</a> |
11 |
{% endif %} |
|
10 | 12 |
<a href="{% url 'a2-manager-authenticator-edit' pk=object.pk %}">{% trans "Edit" %}</a> |
11 | 13 |
<ul class="extra-actions-menu"> |
12 | 14 |
{% if not object.internal %} |
src/authentic2/apps/authenticators/views.py | ||
---|---|---|
89 | 89 |
delete = AuthenticatorDeleteView.as_view() |
90 | 90 | |
91 | 91 | |
92 |
class AuthenticatorToggleView(DetailView): |
|
92 |
class AuthenticatorToggleView(AuthenticatorsMixin, DetailView):
|
|
93 | 93 |
model = BaseAuthenticator |
94 | 94 | |
95 |
def dispatch(self, *args, **kwargs): |
|
96 |
if self.get_object().internal: |
|
97 |
raise PermissionDenied |
|
98 |
return super().dispatch(*args, **kwargs) |
|
99 | ||
95 | 100 |
def get(self, request, *args, **kwargs): |
96 | 101 |
authenticator = self.get_object() |
97 | 102 |
tests/test_manager_authenticators.py | ||
---|---|---|
73 | 73 |
"Show condition: 'backoffice' in login_hint or remotre_addr == '1.2.3.4'" |
74 | 74 |
in resp.text |
75 | 75 |
) |
76 |
resp = resp.click('Disable').follow() |
|
77 |
assert 'Authenticator has been disabled.' in resp.text |
|
78 | ||
79 |
resp = app.get('/manage/authenticators/') |
|
80 |
assert 'class="section disabled"' in resp.text |
|
81 | 76 | |
82 |
resp = resp.click('Configure')
|
|
83 |
resp = resp.click('Enable').follow()
|
|
84 |
assert 'Authenticator has been enabled.' in resp.text
|
|
77 |
# password authenticator cannot be disabled
|
|
78 |
assert 'Disable' not in resp.text
|
|
79 |
app.get('/manage/authenticators/1/toggle/', status=403)
|
|
85 | 80 | |
86 | 81 |
# cannot add another password authenticator |
87 | 82 |
resp = app.get('/manage/authenticators/add/') |
... | ... | |
148 | 143 |
assert 'This field is required' in resp.text |
149 | 144 | |
150 | 145 |
resp = app.get('/manage/authenticators/') |
146 |
resp = resp.click('Configure', index=1) |
|
147 |
resp = resp.click('Disable').follow() |
|
148 |
assert 'Authenticator has been disabled.' in resp.text |
|
149 | ||
150 |
resp = app.get('/manage/authenticators/') |
|
151 |
assert 'class="section disabled"' in resp.text |
|
152 | ||
151 | 153 |
resp = resp.click('Configure', index=1) |
152 | 154 |
resp = resp.click('Delete') |
153 | 155 |
resp = resp.form.submit().follow() |
154 |
- |