public inbox for pve-devel@lists.proxmox.com
 help / color / mirror / Atom feed
* [pve-devel] [PATCH access-control] fix user deletion when realm does not enforce TFA
@ 2021-10-19 11:52 Dominik Csapak
  2021-10-21 10:32 ` [pve-devel] applied: " Thomas Lamprecht
  0 siblings, 1 reply; 2+ messages in thread
From: Dominik Csapak @ 2021-10-19 11:52 UTC (permalink / raw)
  To: pve-devel

here the existance of the user is only interesting if we want to set
data, not if we delete it.

Signed-off-by: Dominik Csapak <d.csapak@proxmox.com>
---
 src/PVE/AccessControl.pm | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/PVE/AccessControl.pm b/src/PVE/AccessControl.pm
index fcb16bd..347c2a8 100644
--- a/src/PVE/AccessControl.pm
+++ b/src/PVE/AccessControl.pm
@@ -1628,7 +1628,7 @@ sub user_set_tfa {
 	    die "realm '$realm' does not allow removing the 2nd factor\n" if defined($user);
 	}
     } else {
-	die "user '$userid' not found\n" if !defined($user);
+	die "user '$userid' not found\n" if !defined($user) && defined($data);
 	# Without a realm-enforced TFA setting the user can add a u2f or totp entry by themselves.
 	# The 'yubico' type requires yubico server settings, which have to be configured on the
 	# realm, so this is not supported here:
-- 
2.30.2





^ permalink raw reply	[flat|nested] 2+ messages in thread

end of thread, other threads:[~2021-10-21 10:32 UTC | newest]

Thread overview: 2+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2021-10-19 11:52 [pve-devel] [PATCH access-control] fix user deletion when realm does not enforce TFA Dominik Csapak
2021-10-21 10:32 ` [pve-devel] applied: " Thomas Lamprecht

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox
Service provided by Proxmox Server Solutions GmbH | Privacy | Legal