Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Team admins don't see user 2fa setting correctly #25956

Open
jacobshandling opened this issue Jan 31, 2025 · 1 comment
Open

Team admins don't see user 2fa setting correctly #25956

jacobshandling opened this issue Jan 31, 2025 · 1 comment
Assignees
@jacobshandling
Labels
bug Something isn't working as documented ~frontend Frontend-related issue. #g-orchestration Orchestration product group :release Ready to write code. Scheduled in a release. See "Making changes" in handbook. ~released bug This bug was found in a stable release.
Milestone
4.64.0

Comments

@jacobshandling
Copy link
Contributor

jacobshandling commented Jan 31, 2025
edited
Loading

Fleet version: 4.62.0

💥  Actual behavior

  1. Log in asteam admin.
  2. Enable 2fa for a user
  3. Save
  4. Edit that user again
  5. The "Enable two-factor authentication (email)" box is not checked. API response contains "mfa_enabled": true, UI is not reading it correctly

🛠️ To fix
Correctly render user 2fa setting when viewing as team admin

QA

  • As team admin:
    • Confirm ability to enable and disable MFA from the UI, and that those changes are reflected in the UI
  • As a global admin:
    • Confirm same
  • No permissions outlined for MFA in our permissions docs – assuming team and global maintainers and observers should not be able to edit this field, confirm that is still the case. @rachaelshaw please let Reed know if intended permissions are different than this
@jacobshandling jacobshandling added #g-orchestration Orchestration product group :release Ready to write code. Scheduled in a release. See "Making changes" in handbook. bug Something isn't working as documented ~frontend Frontend-related issue. labels Jan 31, 2025
@jacobshandling jacobshandling mentioned this issue Jan 31, 2025
Closed
16 tasks
@jacobshandling jacobshandling added #g-orchestration Orchestration product group and removed #g-orchestration Orchestration product group labels Feb 3, 2025
@jacobshandling jacobshandling self-assigned this Feb 3, 2025
@jacobshandling jacobshandling added this to the 4.64.0-tentative milestone Feb 3, 2025
@jacobshandling jacobshandling mentioned this issue Feb 4, 2025
Merged
3 tasks
jacobshandling added a commit that referenced this issue Feb 4, 2025
@jacobshandling
UI - Fix team admin ability to edit MFA (#26002)
ee47556 
## For #25956 

- include the `mfa_enabled` field when rendering the edit user modal
- Include `mfa_enabled` as a changeable field in the form submission
logic


![ezgif-119080b112463](https://github.com/user-attachments/assets/83baafff-d7ec-4732-a5c0-c1878965d8ce)

- [x] Changes file added for user-visible changes in `changes/`
- [x] A detailed QA plan exists on the associated ticket (if it isn't
there, work with the product group's QA engineer to add it)
- [x] Manual QA for all new/changed functionality

---------

Co-authored-by: Jacob Shandling <[email protected]>
@sgress454
Copy link
Contributor

QA:

✅ As a global admin, I can set and unset the 2FA checkbox for a user and see my choice maintained when I re-open the edit modal.
✅ As a team admin, I can set and unset the 2FA checkbox for a user and see my choice maintained when I re-open the edit modal.
✅ 2FA setting is respected when attempting to login
✅ Observers and maintainers can't set the 2FA for themselves or for another user (they can't edit other users at all)

@lukeheath lukeheath added the ~released bug This bug was found in a stable release. label Feb 7, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@jacobshandling jacobshandling

Labels
bug Something isn't working as documented ~frontend Frontend-related issue. #g-orchestration Orchestration product group :release Ready to write code. Scheduled in a release. See "Making changes" in handbook. ~released bug This bug was found in a stable release.
Projects
None yet
Milestone
4.64.0
Development

No branches or pull requests
3 participants
@sgress454 @lukeheath @jacobshandling