IntenseWebs/discourse
3
0
Fork 0
mirror of https://github.com/discourse/discourse.git synced 2025-02-25 18:55:32 -06:00
Code Issues Packages Projects Releases Wiki Activity

FEATURE: Use second factor for admin confirmation (#14293)

Browse Source 
Administrators can use second factor to confirm granting admin access
without using email. The old method of confirmation via email is still
used as a fallback when second factor is unavailable.
This commit is contained in:
Bianca Nenciu
2021-09-14 15:19:28 +03:00
committed by GitHub
parent f517b6997c
commit 6a7ea66670
9 changed files with 253 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

11
app/assets/javascripts/admin/addon/controllers/admin-user-index.js
View File

@@ -218,8 +218,15 @@ export default Controller.extend(CanCheckEmails, {
grantAdmin() {
return this.model
.grantAdmin()
.then(() => {
bootbox.alert(I18n.t("admin.user.grant_admin_confirm"));
.then((result) => {
if (result.email_confirmation_required) {
bootbox.alert(I18n.t("admin.user.grant_admin_confirm"));
} else {
const controller = showModal("grant-admin-second-factor", {
model: this.model,
});
controller.setResult(result);
}
})
.catch(popupAjaxError);
},

13
app/assets/javascripts/admin/addon/models/admin-user.js
View File

@@ -99,9 +99,20 @@ const AdminUser = User.extend({
});
},
grantAdmin() {
grantAdmin(data) {
return ajax(`/admin/users/${this.id}/grant_admin`, {
type: "PUT",
data,
}).then((resp) => {
if (resp.success && !resp.email_confirmation_required) {
this.setProperties({
admin: true,
can_grant_admin: false,
can_revoke_admin: true,
});
}
return resp;
});
},

2
app/assets/javascripts/admin/addon/templates/user-index.hbs
View File

@@ -334,7 +334,7 @@
{{/if}}
{{#if model.can_grant_admin}}
{{d-button
class="btn-default"
class="btn-default grant-admin"
action=(action "grantAdmin")
icon="shield-alt"
label="admin.user.grant_admin"}}