Allow all users to save two factor auth settings (#4741)

* allow all users to save 2fa settings * new user require 2fa setting * cleanup * cleanup --------- Co-authored-by: Ross Perry <[email protected]> Co-authored-by: Katherine Fleming <[email protected]>
SEED-platform · Aug 9, 2024 · 87bf731 · 87bf731
1 parent 65f7b22
commit 87bf731
Show file tree

Hide file tree

Showing 5 changed files with 4 additions and 15 deletions.
diff --git a/seed/static/seed/js/controllers/two_factor_profile_controller.js b/seed/static/seed/js/controllers/two_factor_profile_controller.js
@@ -9,7 +9,6 @@ angular.module('SEED.controller.two_factor_profile', []).controller('two_factor_
   'Notification',
   'two_factor_service',
   'user_service',
-  'auth_payload',
   'organization_payload',
   'user_profile_payload',
 
@@ -21,11 +20,9 @@ angular.module('SEED.controller.two_factor_profile', []).controller('two_factor_
     Notification,
     two_factor_service,
     user_service,
-    auth_payload,
     organization_payload,
     user_profile_payload
   ) {
-    $scope.is_superuser = auth_payload.auth.requires_superuser;
     $scope.organization = organization_payload.organization;
     $scope.require_2fa = $scope.organization.require_2fa;
     $scope.user = user_profile_payload;

diff --git a/seed/static/seed/js/seed.js b/seed/static/seed/js/seed.js
@@ -385,15 +385,6 @@
           templateUrl: `${static_url}seed/partials/two_factor_profile.html`,
           controller: 'two_factor_profile_controller',
           resolve: {
-            auth_payload: [
-              'auth_service',
-              '$q',
-              'user_service',
-              (auth_service, $q, user_service) => {
-                const organization_id = user_service.get_organization().id;
-                return auth_service.is_authorized(organization_id, ['requires_superuser']);
-              }
-            ],
             organization_payload: [
               'user_service',
               'organization_service',

diff --git a/seed/static/seed/partials/two_factor_profile.html b/seed/static/seed/partials/two_factor_profile.html
@@ -50,7 +50,7 @@ <h4 class="two_factor_current">
           </div>
         </div>
       </div>
-      <div class="section_content_container" style="margin: 30px 0" ng-if="::auth.requires_owner">
+      <div class="section_content_container" style="margin: 30px 0">
         <div class="section_content with_padding">
           <button type="button" class="btn btn-primary" ng-disabled="settings_unchanged()" ng-click="save_settings()">
             {$:: 'Save Changes' | translate $} <i class="fa-solid fa-check" ng-show="settings_updated"></i>

diff --git a/seed/utils/organizations.py b/seed/utils/organizations.py
@@ -182,5 +182,4 @@ def set_default_2fa_method(org):
     for user in org.users.iterator():
         devices = list(devices_for_user(user))
         if not devices:
-            email_device = EmailDevice.objects.create(user=user, name="default", email=user.username)
-            email_device.save()
+            EmailDevice.objects.create(user=user, name="default", email=user.username)
diff --git a/seed/views/v3/users.py b/seed/views/v3/users.py
@@ -207,6 +207,8 @@ def create(self, request):
             user.email = email
             user.first_name = first_name
             user.last_name = last_name
+            if org.require_2fa:
+                EmailDevice.objects.create(user=user, name="default", email=user.email)
         user.save()
 
         try: