Improve GUI & unit tests (#2332)
This commit is contained in:
Christophe Maudoux
parent
bf9ecc35ad
commit
605d724453
|
|
@ -500,8 +500,9 @@ sub _displayRegister {
|
|||
$self->userLogger->warn("Do not diplay 2F Devices!");
|
||||
}
|
||||
|
||||
# Parse second factors to display delete button if allowed
|
||||
my $action = '';
|
||||
# Parse second factors to display delete button if allowed and upgrade button
|
||||
my $displayUpgBtn = 0;
|
||||
my $action = '';
|
||||
foreach
|
||||
my $type ( split /,\s*/, $self->conf->{available2FSelfRegistration} )
|
||||
{
|
||||
|
|
@ -511,10 +512,15 @@ sub _displayRegister {
|
|||
my $t = lc($type);
|
||||
$t =~ s/2f$//i;
|
||||
|
||||
# Display delete button
|
||||
$_->{delAllowed} =
|
||||
$self->conf->{ $t . '2fActivation' }
|
||||
&& $self->conf->{ $t . '2fUserCanRemoveKey' }
|
||||
&& $self->conf->{ $t . '2fSelfRegistration' };
|
||||
|
||||
# Display upgrade button
|
||||
$displayUpgBtn ||= $self->conf->{ $t . '2fAuthnLevel' } >
|
||||
$req->userData->{authenticationLevel};
|
||||
}
|
||||
$action ||= $_->{delAllowed};
|
||||
$_->{type} =~ s/^Yubikey$/UBK/;
|
||||
|
|
@ -533,6 +539,7 @@ sub _displayRegister {
|
|||
SFDEVICES => $_2fDevices,
|
||||
ACTION => $action,
|
||||
REG_REQUIRED => $req->data->{sfRegRequired},
|
||||
DISPLAY_UPG => $displayUpgBtn
|
||||
}
|
||||
);
|
||||
}
|
||||
|
|
|
|||
|
|
@ -37,7 +37,7 @@ sub run {
|
|||
unless $user;
|
||||
|
||||
# Check if TOTP can be updated
|
||||
return $self->p->sendError( $req, 'notAuthorized', 400 )
|
||||
return $self->p->sendError( $req, 'notAuthorizedAuthLevel', 400 )
|
||||
unless $self->allowedUpdateSfa( $req, $action );
|
||||
|
||||
# Verification that user has a valid TOTP app
|
||||
|
|
|
|||
|
|
@ -34,7 +34,7 @@ sub run {
|
|||
unless $user;
|
||||
|
||||
# Check if U2F key can be updated
|
||||
return $self->p->sendError( $req, 'notAuthorized', 400 )
|
||||
return $self->p->sendError( $req, 'notAuthorizedAuthLevel', 400 )
|
||||
unless $self->allowedUpdateSfa( $req, $action );
|
||||
|
||||
if ( $action eq 'register' ) {
|
||||
|
|
|
|||
|
|
@ -39,7 +39,7 @@ sub run {
|
|||
$req, 'error',
|
||||
params => {
|
||||
MAIN_LOGO => $self->conf->{portalMainLogo},
|
||||
RAW_ERROR => 'notAuthorized',
|
||||
RAW_ERROR => 'notAuthorizedAuthLevel',
|
||||
AUTH_ERROR_TYPE => 'warning',
|
||||
}
|
||||
) unless $self->allowedUpdateSfa( $req, $action );
|
||||
|
|
|
|||
|
|
@ -207,6 +207,7 @@
|
|||
"noNotification":"None accepted notification found",
|
||||
"notAnEncryptedValue":"It is not an encrypted value",
|
||||
"notAuthorized":"You're not authorized to do this",
|
||||
"notAuthorizedAuthLevel":"This action requires a higher authentication level",
|
||||
"notFound":"لم يتم العثور: محاولة الدخول إلى صفحة غير متوفرة",
|
||||
"noTOTPFound":"No TOTP found",
|
||||
"noU2FKeyFound":"No U2F key found",
|
||||
|
|
|
|||
|
|
@ -207,6 +207,7 @@
|
|||
"noNotification":"None accepted notification found",
|
||||
"notAnEncryptedValue":"It is not an encrypted value",
|
||||
"notAuthorized":"Du bist nicht dazu berechtigt",
|
||||
"notAuthorizedAuthLevel":"This action requires a higher authentication level",
|
||||
"notFound":"Nicht gefunden: Du versuchst, auf eine nicht verfügbare Seite zuzugreifen",
|
||||
"noTOTPFound":"Kein TOTP gefunden",
|
||||
"noU2FKeyFound":"Kein U2F Schlüssel gefunden",
|
||||
|
|
|
|||
|
|
@ -207,6 +207,7 @@
|
|||
"noNotification":"None accepted notification found",
|
||||
"notAnEncryptedValue":"It is not an encrypted value",
|
||||
"notAuthorized":"You're not authorized to do this",
|
||||
"notAuthorizedAuthLevel":"This action requires a higher authentication level",
|
||||
"notFound":"Not found: you try to access to an unavailable page",
|
||||
"noTOTPFound":"No TOTP found",
|
||||
"noU2FKeyFound":"No U2F key found",
|
||||
|
|
|
|||
|
|
@ -207,6 +207,7 @@
|
|||
"noNotification":"None accepted notification found",
|
||||
"notAnEncryptedValue":"No es un valor encriptado",
|
||||
"notAuthorized":"Usted no está autorizado a hacer esto",
|
||||
"notAuthorizedAuthLevel":"This action requires a higher authentication level",
|
||||
"notFound":"No encontrado: página no disponible",
|
||||
"noTOTPFound":"TOTP no encontrado",
|
||||
"noU2FKeyFound":"Llave U2F no encontrada",
|
||||
|
|
|
|||
|
|
@ -207,6 +207,7 @@
|
|||
"noNotification":"None accepted notification found",
|
||||
"notAnEncryptedValue":"It is not an encrypted value",
|
||||
"notAuthorized":"You're not authorized to do this",
|
||||
"notAuthorizedAuthLevel":"This action requires a higher authentication level",
|
||||
"notFound":"Not found: you try to access to an unavailable page",
|
||||
"noTOTPFound":"No TOTP found",
|
||||
"noU2FKeyFound":"No U2F key found",
|
||||
|
|
|
|||
|
|
@ -207,6 +207,7 @@
|
|||
"noNotification":"Aucune notification acceptée trouvée",
|
||||
"notAnEncryptedValue":"Ce n'est pas une valeur cryptée",
|
||||
"notAuthorized":"Vous n'êtes pas autorisé à faire cette requête",
|
||||
"notAuthorizedAuthLevel":"Cette action requiert un niveau d'authentification supérieur",
|
||||
"notFound": "Non trouvé : vous tentez d'accéder à une page non disponible",
|
||||
"noTOTPFound":"Aucun secret TOTP trouvé",
|
||||
"noU2FKeyFound": "Aucune clef U2F trouvée",
|
||||
|
|
|
|||
|
|
@ -207,6 +207,7 @@
|
|||
"noNotification":"None accepted notification found",
|
||||
"notAnEncryptedValue":"It is not an encrypted value",
|
||||
"notAuthorized":"Non sei autorizzato a farlo",
|
||||
"notAuthorizedAuthLevel":"This action requires a higher authentication level",
|
||||
"notFound":"Non trovato: si tenta di accedere ad una pagina non disponibile",
|
||||
"noTOTPFound":"Nessun TOTP trovato",
|
||||
"noU2FKeyFound":"Nessuna chiave U2F trovata",
|
||||
|
|
|
|||
|
|
@ -207,6 +207,7 @@
|
|||
"noNotification":"None accepted notification found",
|
||||
"notAnEncryptedValue":"It is not an encrypted value",
|
||||
"notAuthorized":"You're not authorized to do this",
|
||||
"notAuthorizedAuthLevel":"This action requires a higher authentication level",
|
||||
"notFound":"Not found: you try to access to an unavailable page",
|
||||
"noTOTPFound":"No TOTP found",
|
||||
"noU2FKeyFound":"No U2F key found",
|
||||
|
|
|
|||
|
|
@ -207,6 +207,7 @@
|
|||
"noNotification":"Nie znaleziono zaakceptowanego powiadomienia",
|
||||
"notAnEncryptedValue":"To nie jest zaszyfrowana wartość",
|
||||
"notAuthorized":"Nie masz do tego uprawnień",
|
||||
"notAuthorizedAuthLevel":"This action requires a higher authentication level",
|
||||
"notFound":"Nie znaleziono: próbujesz uzyskać dostęp do niedostępnej strony",
|
||||
"noTOTPFound":"Nie znaleziono TOTP",
|
||||
"noU2FKeyFound":"Nie znaleziono klucza U2F",
|
||||
|
|
|
|||
|
|
@ -207,6 +207,7 @@
|
|||
"noNotification":"None accepted notification found",
|
||||
"notAnEncryptedValue":"It is not an encrypted value",
|
||||
"notAuthorized":"You're not authorized to do this",
|
||||
"notAuthorizedAuthLevel":"This action requires a higher authentication level",
|
||||
"notFound":"Not found: you try to access to an unavailable page",
|
||||
"noTOTPFound":"No TOTP found",
|
||||
"noU2FKeyFound":"No U2F key found",
|
||||
|
|
|
|||
|
|
@ -207,6 +207,7 @@
|
|||
"noNotification":"None accepted notification found",
|
||||
"notAnEncryptedValue":"It is not an encrypted value",
|
||||
"notAuthorized":"You're not authorized to do this",
|
||||
"notAuthorizedAuthLevel":"This action requires a higher authentication level",
|
||||
"notFound":"Not found: you try to access to an unavailable page",
|
||||
"noTOTPFound":"No TOTP found",
|
||||
"noU2FKeyFound":"No U2F key found",
|
||||
|
|
|
|||
|
|
@ -207,6 +207,7 @@
|
|||
"noNotification":"Kabul edilen bildirim bulunamadı",
|
||||
"notAnEncryptedValue":"Bu şifrelenmiş bir değer değil",
|
||||
"notAuthorized":"Bunu yapmak için yetkili değilsiniz",
|
||||
"notAuthorizedAuthLevel":"This action requires a higher authentication level",
|
||||
"notFound":"Bulunamadı: mevcut olmayan bir sayfaya erişmeyi deniyorsunuz",
|
||||
"noTOTPFound":"TOTP bulunamadi",
|
||||
"noU2FKeyFound":"U2F anahtarı bulunamadı",
|
||||
|
|
|
|||
|
|
@ -207,6 +207,7 @@
|
|||
"noNotification":"None accepted notification found",
|
||||
"notAnEncryptedValue":"It is not an encrypted value",
|
||||
"notAuthorized":"You're not authorized to do this",
|
||||
"notAuthorizedAuthLevel":"This action requires a higher authentication level",
|
||||
"notFound":"Không tìm thấy: bạn cố gắng truy cập vào một trang không có sẵn",
|
||||
"noTOTPFound":"Đăng xuất khỏi các ứng dụng khác",
|
||||
"noU2FKeyFound":"No U2F key found",
|
||||
|
|
|
|||
|
|
@ -207,6 +207,7 @@
|
|||
"noNotification":"None accepted notification found",
|
||||
"notAnEncryptedValue":"It is not an encrypted value",
|
||||
"notAuthorized":"您没有权限进行该项操作",
|
||||
"notAuthorizedAuthLevel":"This action requires a higher authentication level",
|
||||
"notFound":"无法找到:您请求的网页不存在。",
|
||||
"noTOTPFound":"No TOTP found",
|
||||
"noU2FKeyFound":"No U2F key found",
|
||||
|
|
|
|||
|
|
@ -64,6 +64,12 @@
|
|||
</div>
|
||||
|
||||
<div class="buttons">
|
||||
<TMPL_IF NAME="DISPLAY_UPG">
|
||||
<a href="<TMPL_VAR NAME="PORTAL_URL">upgradesession" class="btn btn-success" role="button">
|
||||
<span class="fa fa-sign-in"></span>
|
||||
<span trspan="upgradeSession">Upgrade session</span>
|
||||
</a>
|
||||
</TMPL_IF>
|
||||
<a href="<TMPL_VAR NAME="PORTAL_URL">?cancel=1&skin=<TMPL_VAR NAME="SKIN">" class="btn btn-primary" role="button">
|
||||
<span class="fa fa-home"></span>
|
||||
<span trspan="goToPortal">Go to portal</span>
|
||||
|
|
|
|||
|
|
@ -369,7 +369,7 @@ JjTJecOOS+88fK8qL1TrYv5rapIdqUI7aQ==
|
|||
eval { $res = JSON::from_json( $res->[2]->[0] ) };
|
||||
ok( not($@), 'Content is JSON' )
|
||||
or explain( $res->[2]->[0], 'JSON content' );
|
||||
ok( $res->{error} eq 'notAuthorized', 'Not authorized to register a TOTP' )
|
||||
ok( $res->{error} eq 'notAuthorizedAuthLevel', 'Not authorized to register a TOTP' )
|
||||
or explain( $res, 'Bad result' );
|
||||
|
||||
# Try to unregister TOTP
|
||||
|
|
@ -386,7 +386,7 @@ JjTJecOOS+88fK8qL1TrYv5rapIdqUI7aQ==
|
|||
ok( not($@), ' Content is JSON' )
|
||||
or explain( [ $@, $res->[2] ], 'JSON content' );
|
||||
ok(
|
||||
$data->{error} eq 'notAuthorized',
|
||||
$data->{error} eq 'notAuthorizedAuthLevel',
|
||||
'Not authorized to unregister a TOTP'
|
||||
) or explain( $data, 'Bad result' );
|
||||
|
||||
|
|
@ -404,7 +404,7 @@ JjTJecOOS+88fK8qL1TrYv5rapIdqUI7aQ==
|
|||
eval { $data = JSON::from_json( $res->[2]->[0] ) };
|
||||
ok( not($@), ' Content is JSON' )
|
||||
or explain( [ $@, $res->[2] ], 'JSON content' );
|
||||
ok( $data->{error} eq 'notAuthorized', 'Not authorized to verify a TOTP' )
|
||||
ok( $data->{error} eq 'notAuthorizedAuthLevel', 'Not authorized to verify a TOTP' )
|
||||
or explain( $data, 'Bad result' );
|
||||
|
||||
## Try to register an U2F key
|
||||
|
|
@ -437,7 +437,7 @@ JjTJecOOS+88fK8qL1TrYv5rapIdqUI7aQ==
|
|||
ok( not($@), ' Content is JSON' )
|
||||
or explain( [ $@, $res->[2] ], 'JSON content' );
|
||||
ok(
|
||||
$data->{error} eq 'notAuthorized',
|
||||
$data->{error} eq 'notAuthorizedAuthLevel',
|
||||
'Not authorized to register an U2F key'
|
||||
) or explain( $data, 'Bad result' );
|
||||
|
||||
|
|
@ -455,7 +455,7 @@ JjTJecOOS+88fK8qL1TrYv5rapIdqUI7aQ==
|
|||
ok( not($@), ' Content is JSON' )
|
||||
or explain( [ $@, $res->[2] ], 'JSON content' );
|
||||
ok(
|
||||
$data->{error} eq 'notAuthorized',
|
||||
$data->{error} eq 'notAuthorizedAuthLevel',
|
||||
'Not authorized to unregister an U2F key'
|
||||
) or explain( $data, 'Bad result' );
|
||||
|
||||
|
|
|
|||
|
|
@ -309,7 +309,7 @@ JjTJecOOS+88fK8qL1TrYv5rapIdqUI7aQ==
|
|||
eval { $res = JSON::from_json( $res->[2]->[0] ) };
|
||||
ok( not($@), 'Content is JSON' )
|
||||
or explain( $res->[2]->[0], 'JSON content' );
|
||||
ok( $res->{error} eq 'notAuthorized', 'Not authorized to register a TOTP' )
|
||||
ok( $res->{error} eq 'notAuthorizedAuthLevel', 'Not authorized to register a TOTP' )
|
||||
or explain( $res, 'Bad result' );
|
||||
|
||||
# Try to unregister TOTP
|
||||
|
|
@ -326,7 +326,7 @@ JjTJecOOS+88fK8qL1TrYv5rapIdqUI7aQ==
|
|||
ok( not($@), ' Content is JSON' )
|
||||
or explain( [ $@, $res->[2] ], 'JSON content' );
|
||||
ok(
|
||||
$data->{error} eq 'notAuthorized',
|
||||
$data->{error} eq 'notAuthorizedAuthLevel',
|
||||
'Not authorized to unregister a TOTP'
|
||||
) or explain( $data, 'Bad result' );
|
||||
|
||||
|
|
@ -344,7 +344,7 @@ JjTJecOOS+88fK8qL1TrYv5rapIdqUI7aQ==
|
|||
eval { $data = JSON::from_json( $res->[2]->[0] ) };
|
||||
ok( not($@), ' Content is JSON' )
|
||||
or explain( [ $@, $res->[2] ], 'JSON content' );
|
||||
ok( $data->{error} eq 'notAuthorized', 'Not authorized to verify a TOTP' )
|
||||
ok( $data->{error} eq 'notAuthorizedAuthLevel', 'Not authorized to verify a TOTP' )
|
||||
or explain( $data, 'Bad result' );
|
||||
|
||||
## Try to register an U2F key
|
||||
|
|
@ -377,7 +377,7 @@ JjTJecOOS+88fK8qL1TrYv5rapIdqUI7aQ==
|
|||
ok( not($@), ' Content is JSON' )
|
||||
or explain( [ $@, $res->[2] ], 'JSON content' );
|
||||
ok(
|
||||
$data->{error} eq 'notAuthorized',
|
||||
$data->{error} eq 'notAuthorizedAuthLevel',
|
||||
'Not authorized to register an U2F key'
|
||||
) or explain( $data, 'Bad result' );
|
||||
|
||||
|
|
@ -395,7 +395,7 @@ JjTJecOOS+88fK8qL1TrYv5rapIdqUI7aQ==
|
|||
ok( not($@), ' Content is JSON' )
|
||||
or explain( [ $@, $res->[2] ], 'JSON content' );
|
||||
ok(
|
||||
$data->{error} eq 'notAuthorized',
|
||||
$data->{error} eq 'notAuthorizedAuthLevel',
|
||||
'Not authorized to unregister an U2F key'
|
||||
) or explain( $data, 'Bad result' );
|
||||
|
||||
|
|
|
|||
Loading…
Reference in New Issue
Block a user