delete TFA entries when deleting a user
authorWolfgang Bumiller <w.bumiller@proxmox.com>
Tue, 2 Apr 2019 10:21:54 +0000 (12:21 +0200)
committerThomas Lamprecht <t.lamprecht@proxmox.com>
Wed, 3 Apr 2019 06:04:00 +0000 (08:04 +0200)
Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
PVE/API2/User.pm

index 4c859dc..4458fc1 100644 (file)
@@ -355,11 +355,14 @@ __PACKAGE__->register_method ({
                    $plugin->delete_user($cfg, $realm, $ruid);
                }
 
+               # Remove TFA data before removing the user entry as the user entry tells us whether
+               # we need ot update priv/tfa.cfg.
+               PVE::AccessControl::user_set_tfa($userid, $realm, undef, undef, $usercfg, $domain_cfg);
+
                delete $usercfg->{users}->{$userid};
 
                PVE::AccessControl::delete_user_group($userid, $usercfg);
                PVE::AccessControl::delete_user_acl($userid, $usercfg);
-
                cfs_write_file("user.cfg", $usercfg);
            }, "delete user failed");