mirror of
https://git.proxmox.com/git/pve-access-control
synced 2025-10-04 17:06:57 +00:00
drop assert_new_tfa_config_available for Proxmox VE 8
All nodes should be new enough, especially as this is understood since pve-manager 7.0-15 and users must upgrade to 7.4 before upgrading to Proxmox VE 8 Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
This commit is contained in:
Thomas Lamprecht
parent
aba03c966e
commit
b3edff39f9
@ -242,8 +242,6 @@ __PACKAGE__->register_method ({
|
||||
code => sub {
|
||||
my ($param) = @_;
|
||||
|
||||
PVE::AccessControl::assert_new_tfa_config_available();
|
||||
|
||||
my $rpcenv = PVE::RPCEnvironment::get();
|
||||
my $authuser = $rpcenv->get_user();
|
||||
my $userid =
|
||||
@ -378,8 +376,6 @@ __PACKAGE__->register_method ({
|
||||
code => sub {
|
||||
my ($param) = @_;
|
||||
|
||||
PVE::AccessControl::assert_new_tfa_config_available();
|
||||
|
||||
my $rpcenv = PVE::RPCEnvironment::get();
|
||||
my $authuser = $rpcenv->get_user();
|
||||
my ($userid, $realm) =
|
||||
@ -473,8 +469,6 @@ __PACKAGE__->register_method ({
|
||||
code => sub {
|
||||
my ($param) = @_;
|
||||
|
||||
PVE::AccessControl::assert_new_tfa_config_available();
|
||||
|
||||
my $rpcenv = PVE::RPCEnvironment::get();
|
||||
my $authuser = $rpcenv->get_user();
|
||||
my $userid =
|
||||
|
||||
@ -1706,8 +1706,6 @@ sub parse_priv_tfa_config {
|
||||
sub write_priv_tfa_config {
|
||||
my ($filename, $cfg) = @_;
|
||||
|
||||
assert_new_tfa_config_available();
|
||||
|
||||
return $cfg->write();
|
||||
}
|
||||
|
||||
@ -1903,39 +1901,9 @@ my $USER_CONTROLLED_TFA_TYPES = {
|
||||
oath => 1,
|
||||
};
|
||||
|
||||
sub assert_new_tfa_config_available() {
|
||||
PVE::Cluster::cfs_update();
|
||||
my $version_info = PVE::Cluster::get_node_kv('version-info');
|
||||
die "cannot update tfa config, please make sure all cluster nodes are up to date\n"
|
||||
if !$version_info;
|
||||
my $members = PVE::Cluster::get_members() or return; # get_members returns undef on no cluster
|
||||
my $old = '';
|
||||
foreach my $node (keys $members->%*) {
|
||||
my $info = $version_info->{$node};
|
||||
if (!$info) {
|
||||
$old .= " cluster node '$node' is too old, did not broadcast its version info\n";
|
||||
next;
|
||||
}
|
||||
$info = from_json($info);
|
||||
my $ver = $info->{version};
|
||||
if ($ver !~ /^(\d+\.\d+)(?:[.-](\d+))?/) {
|
||||
$old .= " cluster node '$node' provided an invalid version string: '$ver'\n";
|
||||
next;
|
||||
}
|
||||
my ($maj, $rel) = ($1, $2);
|
||||
if (!($maj > 7.0 || ($maj == 7.0 && $rel >= 15))) {
|
||||
$old .= " cluster node '$node' is too old ($ver < 7.0-15)\n";
|
||||
next;
|
||||
}
|
||||
}
|
||||
die "cannot update tfa config, following nodes are not up to date:\n$old" if length($old);
|
||||
}
|
||||
|
||||
sub user_remove_tfa : prototype($) {
|
||||
my ($userid) = @_;
|
||||
|
||||
assert_new_tfa_config_available();
|
||||
|
||||
my $tfa_cfg = cfs_read_file('priv/tfa.cfg');
|
||||
$tfa_cfg->remove_user($userid);
|
||||
cfs_write_file('priv/tfa.cfg', $tfa_cfg);
|
||||
|
||||
@ -135,8 +135,6 @@ __PACKAGE__->register_method({
|
||||
my $userid = extract_param($param, "userid");
|
||||
my $tfa_id = extract_param($param, "id");
|
||||
|
||||
PVE::AccessControl::assert_new_tfa_config_available();
|
||||
|
||||
PVE::AccessControl::lock_tfa_config(sub {
|
||||
my $tfa_cfg = cfs_read_file('priv/tfa.cfg');
|
||||
if (defined($tfa_id)) {
|
||||
@ -166,8 +164,6 @@ __PACKAGE__->register_method({
|
||||
|
||||
my $userid = extract_param($param, "userid");
|
||||
|
||||
PVE::AccessControl::assert_new_tfa_config_available();
|
||||
|
||||
my sub format_tfa_entries : prototype($;$) {
|
||||
my ($entries, $indent) = @_;
|
||||
|
||||
|
||||
Loading…
Reference in New Issue
Block a user