Closed
Bug 1364233
Opened 7 years ago
Closed 7 years ago
Add setting to force a group to require MFA and restrict users in that group who have not enabled MFA
Categories
(bugzilla.mozilla.org :: General, enhancement, P1)
Tracking
()
RESOLVED
FIXED
People
(Reporter: emceeaich, Assigned: dylan)
References
Details
Attachments
(1 file)
See the user story for the details. :jeff, would the approach outlined in the user stories work for you?
Flags: needinfo?(jbryner)
Comment 3•7 years ago
|
||
Laura would like to see this done this quarter.
Assignee | ||
Comment 4•7 years ago
|
||
Rather than having this be per-group, we'll make an admin param that takes a group. We can use the group permission system to apply that to other groups if needed, but I suspect mozilla-employee is the right group for this. We'll want to add code here: https://github.com/mozilla-bteam/bmo/blob/master/Bugzilla/Auth.pm#L299 if all of the following are true: * the user is logged in * the user is a member of $group (configured by a new data/params entry 'require_2fa_group') * the page being accessed is anything other than userprefs.cgi then return a new page that explains that the user is required to setup MFA before using BMO We'll work out exactly what the copy says later.
Severity: normal → major
User Story: (updated)
Priority: -- → P1
Summary: Allow group owners to require 2FA and restrict users in that group who have not enabled 2FA → Add setting to cause a group to require MFA and restrict users in that group who have not enabled MFA
Assignee | ||
Updated•7 years ago
|
Assignee: nobody → dylan
Assignee | ||
Updated•7 years ago
|
Summary: Add setting to cause a group to require MFA and restrict users in that group who have not enabled MFA → Add setting to force a group to require MFA and restrict users in that group who have not enabled MFA
Assignee | ||
Comment 5•7 years ago
|
||
I'll have a proof of concept up for this today.
Status: NEW → ASSIGNED
Assignee | ||
Comment 6•7 years ago
|
||
Assignee | ||
Updated•7 years ago
|
Attachment #8899615 -
Flags: review?(glob)
Assignee | ||
Updated•7 years ago
|
Attachment #8899615 -
Attachment description: Proof of concept → PR
Assignee | ||
Comment 7•7 years ago
|
||
Comment on attachment 8899615 [details] [review] PR Adding Sebastin as reviewer too, since he has a working dev env.
Attachment #8899615 -
Flags: review?(sebastinssanty)
Attachment #8899615 -
Flags: review?(glob) → review-
Assignee | ||
Updated•7 years ago
|
Attachment #8899615 -
Flags: review- → review?(glob)
Attachment #8899615 -
Flags: review?(glob) → review-
Assignee | ||
Comment 8•7 years ago
|
||
probably r+ as I addressed the concern and will do additional testing.
Status: ASSIGNED → RESOLVED
Closed: 7 years ago
Resolution: --- → FIXED
Assignee | ||
Updated•7 years ago
|
Attachment #8899615 -
Flags: review?(sebastinssanty)
You need to log in
before you can comment on or make changes to this bug.
Description
•