From 5b25580d883f52238cb9faa1fa54c0dc071423c6 Mon Sep 17 00:00:00 2001
From: Wolfgang Link <w.link@proxmox.com>
Date: Fri, 17 Jan 2020 14:48:59 +0100
Subject: [PATCH] Protect the user's tfa key setting.

If oath or U2F is set, it should not be possible to change it
in the GUI on the user edit window.
It disables the second factor, but leave the tfa key behind
in the file tfa.cfg.
The key in the tfa.cfg file is a problem when the user tries to recreate a key.
The old key must be deleted before a new one can be created.
---
 www/manager6/dc/UserEdit.js | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/www/manager6/dc/UserEdit.js b/www/manager6/dc/UserEdit.js
index 1665f4b0..40c4044f 100644
--- a/www/manager6/dc/UserEdit.js
+++ b/www/manager6/dc/UserEdit.js
@@ -198,6 +198,11 @@ Ext.define('PVE.dc.UserEdit', {
 			}
 		    }
 		    me.setValues(data);
+		    if (data.keys) {
+			if ( data.keys === 'x!oath' || data.keys === 'x!u2f' ) {
+			    me.down('[name="keys"]').setDisabled(1);
+			}
+		    }
                 }
             });
         }