Closed
Bug 1364233
Opened 9 years ago
Closed 8 years ago
Add setting to force a group to require MFA and restrict users in that group who have not enabled MFA
Categories
(bugzilla.mozilla.org :: General, enhancement, P1)
Tracking
()
RESOLVED
FIXED
People
(Reporter: emceeaich, Assigned: dylan)
References
Details
Attachments
(1 file)
See the user story for the details.
:jeff, would the approach outlined in the user stories work for you?
Flags: needinfo?(jbryner)
|
||
Comment 3•8 years ago
|
||
Laura would like to see this done this quarter.
|
Assignee | |
Comment 4•8 years ago
|
||
Rather than having this be per-group, we'll make an admin param that takes a group.
We can use the group permission system to apply that to other groups if needed, but I suspect mozilla-employee is the right group for this.
We'll want to add code here: https://github.com/mozilla-bteam/bmo/blob/master/Bugzilla/Auth.pm#L299
if all of the following are true:
* the user is logged in
* the user is a member of $group (configured by a new data/params entry 'require_2fa_group')
* the page being accessed is anything other than userprefs.cgi
then
return a new page that explains that the user is required to setup MFA before using BMO
We'll work out exactly what the copy says later.
Severity: normal → major
User Story: (updated)
Priority: -- → P1
Summary: Allow group owners to require 2FA and restrict users in that group who have not enabled 2FA → Add setting to cause a group to require MFA and restrict users in that group who have not enabled MFA
|
|
Assignee | |
Updated•8 years ago
|
Assignee: nobody → dylan
|
|
Assignee | |
Updated•8 years ago
|
Summary: Add setting to cause a group to require MFA and restrict users in that group who have not enabled MFA → Add setting to force a group to require MFA and restrict users in that group who have not enabled MFA
|
|
Assignee | |
Comment 5•8 years ago
|
||
I'll have a proof of concept up for this today.
Status: NEW → ASSIGNED
|
|
Assignee | |
Comment 6•8 years ago
|
||
|
|
Assignee | |
Updated•8 years ago
|
Attachment #8899615 -
Flags: review?(glob)
|
|
Assignee | |
Updated•8 years ago
|
Attachment #8899615 -
Attachment description: Proof of concept → PR
|
|
Assignee | |
Comment 7•8 years ago
|
||
Comment on attachment 8899615 [details] [review]
PR
Adding Sebastin as reviewer too, since he has a working dev env.
Attachment #8899615 -
Flags: review?(sebastinssanty)
Attachment #8899615 -
Flags: review?(glob) → review-
|
|
Assignee | |
Updated•8 years ago
|
Attachment #8899615 -
Flags: review- → review?(glob)
Attachment #8899615 -
Flags: review?(glob) → review-
|
|
Assignee | |
Comment 8•8 years ago
|
||
probably r+ as I addressed the concern and will do additional testing.
Status: ASSIGNED → RESOLVED
Closed: 8 years ago
Resolution: --- → FIXED
|
|
Assignee | |
Updated•8 years ago
|
Attachment #8899615 -
Flags: review?(sebastinssanty)
You need to log in
before you can comment on or make changes to this bug.
Description
•