Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Hide not configured gateways for users #358

Open
robrec opened this issue Jul 2, 2020 · 2 comments
Open

Hide not configured gateways for users #358

robrec opened this issue Jul 2, 2020 · 2 comments
Labels
1. to develop enhancement help wanted

Comments

@robrec
Copy link

robrec commented Jul 2, 2020

i cant find anything in the administrator documentation, so i hope to find answers here :)

i want to "not showup" the not configured gateways in settings/user/security

Is there a way already builtin? Thanks!!
@ChristophWurst
Copy link
Member

I thought this is a known issue but apparently nobody reported it.

So, yeah, I know about this. There is no setting right now.

Any help with an implementation is welcome. This is purely a community app.

@kffl
Copy link
Contributor

kffl commented Oct 16, 2021

I've briefly looked into this issue and it seems somewhat problematic to implement as the Vue component in personal settings only controls what is below the 2FA provider name and icon wrapped in an h3 tag and rendered server-side in apps/settings/templates/settings/personal/security/twofactor.php. Also, the way IProvider interface only supports determining whether a given 2FA provider is enabled for a given user and doesn't contain additional state indicating that a given method is configured/unconfigured, based on which personal settings of that method could be conditionally omitted. Given those entanglements, I have found 3 potential solutions to implement such functionality:

  1. Marking each top-level DOM element controlled by the Vue component with an appropriate CSS class if the gateway that it represents is unconfigured and creating a separate JS script which removes their parent elements once the page loads. I've already implemented that and it seems to be working fine: kffl@ec378ef, but it's a rather hacky solution.
  2. Conditionally adding/removing <provider> entries from info.xml based on occ commands used to configure various gateways offered by this app. Unfortunately, code that re-writes itself (even if it's XML) is a bad pattern and I would be more inclined to accept such a hacky solution on the frontend rather than on the backend, especially given the fact that this is a security-oriented app.
  3. Splitting this app into three separate ones: SMS, Signal and Telegram 2FA Providers. While I'm aware of the state of this project as described in Looking for a new maintainer #454, it seems to be the cleanest solution, although requiring additional maintenance efforts.

Would love to hear your feedback. Perhaps I'm still missing something.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
1. to develop enhancement help wanted
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@ChristophWurst @robrec @kffl