[Bug 32404] New: Two-factor authentication for staff client doesn't work for all staff accounts
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=32404 Bug ID: 32404 Summary: Two-factor authentication for staff client doesn't work for all staff accounts Change sponsored?: --- Product: Koha Version: master Hardware: All OS: All Status: NEW Severity: enhancement Priority: P5 - low Component: Authentication Assignee: koha-bugs@lists.koha-community.org Reporter: kelly@bywatersolutions.com QA Contact: testopia@bugs.koha-community.org CC: dpavlin@rot13.org With the new feature, Two-factor authentication for staff client - TOTP, staff permissions seem to be needed to activate this: my ( $template, $loggedinuser, $cookie ) = get_template_and_user( { template_name => 'members/two_factor_auth.tt', query => $cgi, type => 'intranet', flagsrequired => { editcatalogue => '*' }, } ); which means that only staff with top-level catalogue permissions can activate their two-factor authentication. However, I believe this should be allowed by all staff accounts which would change this feature to allow staff to have just the "Staff access, allows viewing of catalogue in staff interface (catalogue) " permission. -- You are receiving this mail because: You are the assignee for the bug. You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=32404 Kelly McElligott <kelly@bywatersolutions.com> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |nick@bywatersolutions.com -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=32404 Kelly McElligott <kelly@bywatersolutions.com> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |nick@bywatersolutions.com -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=32404 Kelly McElligott <kelly@bywatersolutions.com> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |kelly@bywatersolutions.com -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=32404 Kelly McElligott <kelly@bywatersolutions.com> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |jzairo@bywatersolutions.com -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=32404 Kelly McElligott <kelly@bywatersolutions.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Severity|enhancement |major -- You are receiving this mail because: You are the assignee for the bug. You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=32404 Nick Clemens <nick@bywatersolutions.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Depends on| |28786 CC| |jonathan.druart+koha@gmail. | |com Referenced Bugs: https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=28786 [Bug 28786] Two-factor authentication for staff client - TOTP -- You are receiving this mail because: You are the assignee for the bug. You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=32404 --- Comment #1 from Jonathan Druart <jonathan.druart+koha@gmail.com> --- Correct, it should be { catalogue => 1 } -- You are receiving this mail because: You are watching all bug changes. You are the assignee for the bug.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=32404 hebah@bywatersolutions.com changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |hebah@bywatersolutions.com -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=32404 Nick Clemens <nick@bywatersolutions.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Resolution|--- |DUPLICATE Status|NEW |RESOLVED --- Comment #2 from Nick Clemens <nick@bywatersolutions.com> --- This is correct in master - we may have been testing an earlier version *** This bug has been marked as a duplicate of bug 30588 *** -- You are receiving this mail because: You are the assignee for the bug. You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=32404 Laura O'Neil <laura@bywatersolutions.com> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |laura@bywatersolutions.com --- Comment #3 from Laura O'Neil <laura@bywatersolutions.com> --- Workaround: superlibrarians can give cataloging permissions to staff in order for staff to activate 2FA. Cataloging permissions can then be removed after the staff person has completed 2FA setup. -- You are receiving this mail because: You are the assignee for the bug. You are watching all bug changes.
participants (1)
-
bugzilla-daemon@bugs.koha-community.org