[Koha-bugs] [Bug 32404] New: Two-factor authentication for staff client doesn't work for all staff accounts
bugzilla-daemon at bugs.koha-community.org
bugzilla-daemon at bugs.koha-community.org
Mon Dec 5 15:56:14 CET 2022
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=32404
Bug ID: 32404
Summary: Two-factor authentication for staff client doesn't
work for all staff accounts
Change sponsored?: ---
Product: Koha
Version: master
Hardware: All
OS: All
Status: NEW
Severity: enhancement
Priority: P5 - low
Component: Authentication
Assignee: koha-bugs at lists.koha-community.org
Reporter: kelly at bywatersolutions.com
QA Contact: testopia at bugs.koha-community.org
CC: dpavlin at rot13.org
With the new feature, Two-factor authentication for staff client - TOTP, staff
permissions seem to be needed to activate this:
my ( $template, $loggedinuser, $cookie ) = get_template_and_user(
{
template_name => 'members/two_factor_auth.tt',
query => $cgi,
type => 'intranet',
flagsrequired => { editcatalogue => '*' },
}
);
which means that only staff with top-level catalogue permissions can activate
their two-factor authentication.
However, I believe this should be allowed by all staff accounts which would
change this feature to allow staff to have just the "Staff access, allows
viewing of catalogue in staff interface (catalogue) " permission.
--
You are receiving this mail because:
You are the assignee for the bug.
You are watching all bug changes.
More information about the Koha-bugs
mailing list