extend: 'Ext.data.Model',
fields: [
'userid', 'firstname', 'lastname', 'email', 'comment',
- 'role', 'keys', 'realm',
+ 'role', 'keys', 'realm', 'totp-lock',
{ type: 'boolean', name: 'enable' },
{ type: 'date', dateFormat: 'timestamp', name: 'expire' },
],
var view = this.getView();
view.reload();
},
+
+ onUnlockTfa: function(btn, event, rec) {
+ let me = this;
+ let view = me.getView();
+ Ext.Msg.confirm(
+ Ext.String.format(gettext('Unlock TFA authentication for {0}'), rec.data.userid),
+ gettext("Locked 2nd factors can happen if the user's password was leaked. Are you sure you want to unlock the user?"),
+ function(btn_response) {
+ if (btn_response === 'yes') {
+ Proxmox.Utils.API2Request({
+ url: `/access/users/${rec.data.userid}/unlock-tfa`,
+ waitMsgTarget: view,
+ method: 'PUT',
+ failure: function(response, options) {
+ Ext.Msg.alert(gettext('Error'), response.htmlStatus);
+ },
+ success: function(response, options) {
+ view.reload();
+ },
+ });
+ }
+ },
+ );
+ },
},
listeners: {
disabled: true,
handler: 'onPassword',
},
+ '-',
+ {
+ xtype: 'proxmoxButton',
+ text: gettext('Unlock TFA'),
+ handler: 'onUnlockTfa',
+ disabled: true,
+ enableFn: ({ data }) =>
+ data['totp-locked'] || (data['tfa-locked-until'] > (new Date().getTime() / 1000)),
+ },
],
columns: [
renderer: 'renderFullName',
dataIndex: 'firstname',
},
+ {
+ header: gettext('TFA Lock'),
+ width: 120,
+ sortable: true,
+ dataIndex: 'totp-locked',
+ renderer: function(v, metaData, record) {
+ let locked_until = record.data['tfa-locked-until'];
+ if (locked_until !== undefined) {
+ let now = new Date().getTime() / 1000;
+ if (locked_until > now) {
+ return gettext('Locked');
+ }
+ }
+
+ if (record.data['totp-locked']) {
+ return gettext('TOTP Locked');
+ }
+
+ return Proxmox.Utils.noText;
+ },
+ },
{
header: gettext('Comment'),
sortable: false,