From 573918b1de081ef85ed9dc406d87aee5f421d7ac Mon Sep 17 00:00:00 2001 From: CI Date: Wed, 17 Jan 2018 00:05:46 +0000 Subject: [PATCH 1/4] update locales from crowdin --- config/locales/crowdin/de.yml | 11 +++++++++-- config/locales/crowdin/es-ES.yml | 11 +++++++++-- config/locales/crowdin/fi.yml | 11 +++++++++-- config/locales/crowdin/fr.yml | 11 +++++++++-- config/locales/crowdin/id.yml | 11 +++++++++-- config/locales/crowdin/it.yml | 11 +++++++++-- config/locales/crowdin/ko.yml | 11 +++++++++-- config/locales/crowdin/nl.yml | 11 +++++++++-- config/locales/crowdin/no.yml | 11 +++++++++-- config/locales/crowdin/pl.yml | 11 +++++++++-- config/locales/crowdin/pt-BR.yml | 11 +++++++++-- config/locales/crowdin/pt-PT.yml | 11 +++++++++-- config/locales/crowdin/ru.yml | 11 +++++++++-- config/locales/crowdin/tr.yml | 11 +++++++++-- config/locales/crowdin/zh-CN.yml | 11 +++++++++-- 15 files changed, 135 insertions(+), 30 deletions(-) diff --git a/config/locales/crowdin/de.yml b/config/locales/crowdin/de.yml index 5ae025dc78..950df797b0 100644 --- a/config/locales/crowdin/de.yml +++ b/config/locales/crowdin/de.yml @@ -80,7 +80,7 @@ de: registration_failed_update: 'Registrierung Ihres 2FA-Gerät abgeschlossen, weil das Gerät nicht aktualisiert werden konnte.' confirm_send_failed: 'Registrierung Ihres 2FA-Gerät fehlgeschlagen.' button_complete_registration: 'Registrierung Ihres 2FA-Gerät abschließen' - text_confirm_to_complete_html: "Schließen Sie die Registrierung ihres 2FA-Gerätes %{identifier} durch die Eingabe des Einmalpasswortes ab." + text_confirm_to_complete_html: "Please complete the registration of your device %{identifier} by entering a one-time password from your default device." text_confirm_to_change_default_html: "Bitte bestätigen Sie den Wechsel des Standardgerätes auf %{new_identifier} durch die Eingabe des Einmalpasswortes auf ihrem aktuellen Standardgerät." text_identifier: 'Mit diesem Freitextfeld können Sie Ihrem 2FA-Gerät einen eigene Bezeichnung geben.' failed_to_delete: 'Fehler beim Entfernen des 2FA-Gerätes.' @@ -90,7 +90,7 @@ de: totp: title: 'Verwenden Sie einen App-basierten Authenticator' provisioning_uri: 'Bereitstellungs-URI' - secret_key: 'Geheimer Schlüssel' + secret_key: 'Secret key' time_based: 'Zeitbasiert' account: 'Aussteller' setup: | @@ -116,6 +116,13 @@ de: label_two_factor_authentication: 'Zwei-Faktor-Authentifizierung' forced_registration: required_to_add_device: 'Eine aktive Sicherheitsrichtlinie erfordert die Zwei-Faktor-Authentifizierung (2FA) für Ihren Account. Bitte verwenden Sie das folgende Formular, um ein 2FA-Gerät zu registrieren.' + remember: + active_session_notice: > + Your account has an active remember cookie valid until %{expires_on}. This cookie allows you to log in without a second factor to your account until that time. + label: 'Remember' + clear_cookie: 'Click here to remove this cookie' + cookie_removed: 'The remember cookie has been removed.' + dont_ask_again: "Create cookie to remember 2FA authentication on this client for %{days} days." field_phone: "Mobiltelefon" field_otp: "Einmalpasswort" notice_account_otp_invalid: "Ungültiges Einmalpasswort." diff --git a/config/locales/crowdin/es-ES.yml b/config/locales/crowdin/es-ES.yml index 48ccc712d7..ff9cc5d9c5 100644 --- a/config/locales/crowdin/es-ES.yml +++ b/config/locales/crowdin/es-ES.yml @@ -81,7 +81,7 @@ es: registration_failed_update: 'Error en el registro del dispositivo 2FA, el token es válido pero el dispositivo no pudo ser actualizado.' confirm_send_failed: 'Falló la confirmación del dispositivo 2FA.' button_complete_registration: 'Completar el registro del 2FA' - text_confirm_to_complete_html: "Complete el registro de tu dispositivo %{identifier} introduciendo una contraseña de un solo uso de su dispositivo." + text_confirm_to_complete_html: "Please complete the registration of your device %{identifier} by entering a one-time password from your default device." text_confirm_to_change_default_html: "Confirme el cambio de dispositivo predeterminado a %{new_identifier} introduciendo una contraseña de un solo uso, del dispositivo predeterminado actual." text_identifier: 'Puede dar al dispositivo un identificador personalizado utilizando este campo.' failed_to_delete: 'Error al eliminar dispositivo 2FA.' @@ -91,7 +91,7 @@ es: totp: title: 'Utilice su autenticador basado en software' provisioning_uri: 'Aprovisionamiento URI' - secret_key: 'Clave secreta' + secret_key: 'Secret key' time_based: 'Basado en tiempo' account: 'Nombre de cuenta / emisor' setup: | @@ -116,6 +116,13 @@ es: label_two_factor_authentication: 'Autenticación de dos factores' forced_registration: required_to_add_device: 'Una política de seguridad activa requiere habilitar autenticación de dos factores. Utilice el siguiente formulario para registrar un dispositivo.' + remember: + active_session_notice: > + Your account has an active remember cookie valid until %{expires_on}. This cookie allows you to log in without a second factor to your account until that time. + label: 'Remember' + clear_cookie: 'Click here to remove this cookie' + cookie_removed: 'The remember cookie has been removed.' + dont_ask_again: "Create cookie to remember 2FA authentication on this client for %{days} days." field_phone: "Teléfono móvil" field_otp: "Contraseña de un solo uso" notice_account_otp_invalid: "Contraseña de un solo uso no válida." diff --git a/config/locales/crowdin/fi.yml b/config/locales/crowdin/fi.yml index e50d40c604..6067ff1ab6 100644 --- a/config/locales/crowdin/fi.yml +++ b/config/locales/crowdin/fi.yml @@ -80,7 +80,7 @@ fi: registration_failed_update: '2FA laitteen rekisteröinti epäonnistui, merkki oli voimassa, mutta laitetta ei voitu päivittää.' confirm_send_failed: 'Confirmation of your 2FA device failed.' button_complete_registration: 'Complete 2FA registration' - text_confirm_to_complete_html: "Please complete the registration of your device %{identifier} by entering a one-time password from your device." + text_confirm_to_complete_html: "Please complete the registration of your device %{identifier} by entering a one-time password from your default device." text_confirm_to_change_default_html: "Please confirm changing your default device to %{new_identifier} by entering a one-time password from your current default device." text_identifier: 'You can give the device a custom identifier using this field.' failed_to_delete: 'Failed to delete 2FA device.' @@ -90,7 +90,7 @@ fi: totp: title: 'Use your app-based authenticator' provisioning_uri: 'Provisioning URI' - secret_key: 'Seceret key' + secret_key: 'Secret key' time_based: 'Time based' account: 'Account name / Issuer' setup: | @@ -117,6 +117,13 @@ fi: label_two_factor_authentication: 'Two-factor authentication' forced_registration: required_to_add_device: 'An active security policy requires you to enable two-factor authentication. Please use the following form to register a device.' + remember: + active_session_notice: > + Your account has an active remember cookie valid until %{expires_on}. This cookie allows you to log in without a second factor to your account until that time. + label: 'Remember' + clear_cookie: 'Click here to remove this cookie' + cookie_removed: 'The remember cookie has been removed.' + dont_ask_again: "Create cookie to remember 2FA authentication on this client for %{days} days." field_phone: "Cell phone" field_otp: "One-time password" notice_account_otp_invalid: "Invalid one-time password." diff --git a/config/locales/crowdin/fr.yml b/config/locales/crowdin/fr.yml index dddd1eb516..48f9c35804 100644 --- a/config/locales/crowdin/fr.yml +++ b/config/locales/crowdin/fr.yml @@ -80,7 +80,7 @@ fr: registration_failed_update: 'L’enregistrement du appareil 2FA a échoué, le jeton était valide, mais l’appareil ne pourrait pas être actualisé.' confirm_send_failed: 'Confirmation de votre appareil 2FA a échoué.' button_complete_registration: 'Enregistrement 2FA complet' - text_confirm_to_complete_html: "Veuillez remplir l’enregistrement de votre appareil %{identifier} en entrant un mot de passe unique de votre appareil." + text_confirm_to_complete_html: "Please complete the registration of your device %{identifier} by entering a one-time password from your default device." text_confirm_to_change_default_html: "S’il vous plaît confirmer modifier le appareil par défaut à %{new_identifier} en entrant un mot de passe unique de votre appareil par défaut actuel." text_identifier: 'Vous pouvez donner à l’appareil un identifiant personnalisé à l’aide de ce champ.' failed_to_delete: 'Impossible de supprimer le appareil 2FA.' @@ -90,7 +90,7 @@ fr: totp: title: 'Utilisez votre authentificateur axée sur l’app' provisioning_uri: 'Provisionnement URI' - secret_key: 'Seceret clé' + secret_key: 'Secret key' time_based: 'Basé de temps' account: 'Nom de compte / émetteur' setup: | @@ -115,6 +115,13 @@ fr: label_two_factor_authentication: 'Authentification à deux facteurs' forced_registration: required_to_add_device: 'Une politique de sécurité active nécessite d’activer l’authentification à deux facteurs. Veuillez utiliser le formulaire ci-dessous pour enregistrer un appareil.' + remember: + active_session_notice: > + Your account has an active remember cookie valid until %{expires_on}. This cookie allows you to log in without a second factor to your account until that time. + label: 'Remember' + clear_cookie: 'Click here to remove this cookie' + cookie_removed: 'The remember cookie has been removed.' + dont_ask_again: "Create cookie to remember 2FA authentication on this client for %{days} days." field_phone: "Téléphone cellulaire" field_otp: "Mot de passe unique" notice_account_otp_invalid: "Mot de passe unique non valide." diff --git a/config/locales/crowdin/id.yml b/config/locales/crowdin/id.yml index b3de0b4e5a..c8cb753367 100644 --- a/config/locales/crowdin/id.yml +++ b/config/locales/crowdin/id.yml @@ -81,7 +81,7 @@ id: registration_failed_update: '2FA perangkat pendaftaran gagal, token ini berlaku tetapi perangkat tidak dapat diperbarui.' confirm_send_failed: 'Konfirmasi perangkat 2FA Anda gagal.' button_complete_registration: 'Pendaftaran lengkap 2FA' - text_confirm_to_complete_html: "Silahkan lengkapi pendaftaran perangkat %{identifier} dengan memasukkan sandi satu kali dari perangkat Anda." + text_confirm_to_complete_html: "Please complete the registration of your device %{identifier} by entering a one-time password from your default device." text_confirm_to_change_default_html: "Harap mengkonfirmasi mengubah perangkat default untuk %{new_identifier} dengan memasukkan sandi satu kali dari default perangkat Anda saat ini." text_identifier: 'Anda dapat memberikan perangkat identifier kustom menggunakan bidang ini.' failed_to_delete: 'Gagal untuk menghapus perangkat 2FA.' @@ -91,7 +91,7 @@ id: totp: title: 'Menggunakan authenticator berbasis aplikasi Anda' provisioning_uri: 'Penyediaan URI' - secret_key: 'Kunci Seceret' + secret_key: 'Secret key' time_based: 'Berdasarkan waktu' account: 'Nama akun / penerbit' setup: | @@ -116,6 +116,13 @@ id: label_two_factor_authentication: 'Autentikasi dua faktor' forced_registration: required_to_add_device: 'Kebijakan keamanan aktif mengharuskan Anda untuk mengaktifkan otentikasi dua-faktor. Silakan gunakan formulir berikut untuk mendaftar perangkat.' + remember: + active_session_notice: > + Your account has an active remember cookie valid until %{expires_on}. This cookie allows you to log in without a second factor to your account until that time. + label: 'Remember' + clear_cookie: 'Click here to remove this cookie' + cookie_removed: 'The remember cookie has been removed.' + dont_ask_again: "Create cookie to remember 2FA authentication on this client for %{days} days." field_phone: "Ponsel" field_otp: "One-time password" notice_account_otp_invalid: "Sandi sekali pakai yang tidak valid." diff --git a/config/locales/crowdin/it.yml b/config/locales/crowdin/it.yml index df08100416..9789661f8f 100644 --- a/config/locales/crowdin/it.yml +++ b/config/locales/crowdin/it.yml @@ -80,7 +80,7 @@ it: registration_failed_update: '2FA registrazione dispositivo non riuscita, il token è valido, ma il dispositivo potrebbe non essere aggiornato.' confirm_send_failed: 'Conferma del dispositivo 2FA non riuscita.' button_complete_registration: 'Completa la registrazione 2FA' - text_confirm_to_complete_html: "Si prega di compilare la registrazione del suo dispositivo %{identifier} inserendo una password monouso dal suo dispositivo." + text_confirm_to_complete_html: "Please complete the registration of your device %{identifier} by entering a one-time password from your default device." text_confirm_to_change_default_html: "Si prega di confermare cambiando dispositivo predefinito a %{new_identifier} inserendo una password monouso dal dispositivo predefinito corrente." text_identifier: 'Puoi dare al dispositivo un identificativo personalizzato usando questo campo.' failed_to_delete: 'Impossibile eliminare 2FA dispositivo.' @@ -90,7 +90,7 @@ it: totp: title: 'Usa il suo autenticatore basato su app' provisioning_uri: 'URI di provisioning' - secret_key: 'Chiave segreta' + secret_key: 'Secret key' time_based: 'Basato sul tempo' account: 'Nome account / emittente' setup: | @@ -115,6 +115,13 @@ it: label_two_factor_authentication: 'Two-factor authentication' forced_registration: required_to_add_device: 'Una politica di sicurezza attiva richiede l''abilitazione di two-factor authentication. Si prega di utilizzare il seguente modulo per registrare un dispositivo.' + remember: + active_session_notice: > + Your account has an active remember cookie valid until %{expires_on}. This cookie allows you to log in without a second factor to your account until that time. + label: 'Remember' + clear_cookie: 'Click here to remove this cookie' + cookie_removed: 'The remember cookie has been removed.' + dont_ask_again: "Create cookie to remember 2FA authentication on this client for %{days} days." field_phone: "Telefono cellulare" field_otp: "Password monouso" notice_account_otp_invalid: "One-Time Password non valido." diff --git a/config/locales/crowdin/ko.yml b/config/locales/crowdin/ko.yml index ed709ef4b8..7179e3049f 100644 --- a/config/locales/crowdin/ko.yml +++ b/config/locales/crowdin/ko.yml @@ -81,7 +81,7 @@ ko: registration_failed_update: '2FA 장치 등록 실패, 토큰이 유효하지만 장치를 업데이트할 수 없습니다.' confirm_send_failed: '2FA 장치 확인에 실패했습니다.' button_complete_registration: '2FA 등록 완료' - text_confirm_to_complete_html: "장치에서 일회용 암호를 입력하여 장치 %{identifier} 등록을 완료하세요." + text_confirm_to_complete_html: "Please complete the registration of your device %{identifier} by entering a one-time password from your default device." text_confirm_to_change_default_html: "현재 기본 장치에서 일회용 암호를 입력하여 기본 장치를 %{new_identifier}(으)로 변경을 확인하세요." text_identifier: '이 필드를 사용하여 사용자 지정 식별자를 장치에 지정할 수 있습니다.' failed_to_delete: '2FA 장치를 삭제하지 못했습니다.' @@ -91,7 +91,7 @@ ko: totp: title: '앱 기반 인증자 사용' provisioning_uri: '프로비저닝 URI' - secret_key: '비밀 키' + secret_key: 'Secret key' time_based: '시간 기반' account: '계정 이름/발급자' setup: | @@ -118,6 +118,13 @@ ko: label_two_factor_authentication: '2단계 인증' forced_registration: required_to_add_device: '활성 보안 정책에서는 2단계 인증을 사용하도록 요구합니다. 다음 양식을 사용하여 장치를 등록하세요.' + remember: + active_session_notice: > + Your account has an active remember cookie valid until %{expires_on}. This cookie allows you to log in without a second factor to your account until that time. + label: 'Remember' + clear_cookie: 'Click here to remove this cookie' + cookie_removed: 'The remember cookie has been removed.' + dont_ask_again: "Create cookie to remember 2FA authentication on this client for %{days} days." field_phone: "휴대폰" field_otp: "일회용 암호" notice_account_otp_invalid: "일회용 암호가 잘못되었습니다 ." diff --git a/config/locales/crowdin/nl.yml b/config/locales/crowdin/nl.yml index a4541b7136..d24bb07bc7 100644 --- a/config/locales/crowdin/nl.yml +++ b/config/locales/crowdin/nl.yml @@ -80,7 +80,7 @@ nl: registration_failed_update: '2FA registratie van het apparaat mislukt, het token was geldig, maar het apparaat kan niet worden bijgewerkt.' confirm_send_failed: 'Bevestiging van uw 2FA-apparaat is mislukt.' button_complete_registration: 'Voltooi 2FA-registratie' - text_confirm_to_complete_html: "Voltooi de registratie van uw apparaat %{identifier} door een eenmalig wachtwoord in te voeren vanaf uw apparaat." + text_confirm_to_complete_html: "Please complete the registration of your device %{identifier} by entering a one-time password from your default device." text_confirm_to_change_default_html: "Bevestig uw standaardapparaat aan %{new_identifier} door een eenmalig wachtwoord in te voeren vanaf uw huidige standaardapparaat." text_identifier: 'U kunt het apparaat een aangepaste Id geven met behulp van dit veld.' failed_to_delete: 'Kan het 2FA-apparaat niet verwijderen.' @@ -90,7 +90,7 @@ nl: totp: title: 'Gebruik uw app-gebaseerde authenticator' provisioning_uri: 'Voorbereiden van URI' - secret_key: 'Geheime sleutel' + secret_key: 'Secret key' time_based: 'Tijdgebonden' account: 'Accountnaam / verstrekker' setup: | @@ -116,6 +116,13 @@ nl: label_two_factor_authentication: 'Twee-factor-authenticatie' forced_registration: required_to_add_device: 'Voor een actief beveiligingsbeleid moet u authenticatie met twee factoren inschakelen. Gebruik het volgende formulier om een apparaat te registreren.' + remember: + active_session_notice: > + Your account has an active remember cookie valid until %{expires_on}. This cookie allows you to log in without a second factor to your account until that time. + label: 'Remember' + clear_cookie: 'Click here to remove this cookie' + cookie_removed: 'The remember cookie has been removed.' + dont_ask_again: "Create cookie to remember 2FA authentication on this client for %{days} days." field_phone: "Mobiele telefoon" field_otp: "Eenmalig wachtwoord" notice_account_otp_invalid: "Ongeldig éénmalig wachtwoord." diff --git a/config/locales/crowdin/no.yml b/config/locales/crowdin/no.yml index 0b34d54ef9..c2e5720a14 100644 --- a/config/locales/crowdin/no.yml +++ b/config/locales/crowdin/no.yml @@ -81,7 +81,7 @@ registration_failed_update: '2FA-enhetsregistrering mislyktes, symbolet var gyldig, men enheten kunne ikke oppdateres.' confirm_send_failed: 'Bekreftelse av 2FA-enheten din mislyktes.' button_complete_registration: 'Fullfør 2FA-registrering' - text_confirm_to_complete_html: "Vennligst fyll ut registreringen av enheten din %{identifier} ved å skrive inn et engangspassord fra enheten." + text_confirm_to_complete_html: "Please complete the registration of your device %{identifier} by entering a one-time password from your default device." text_confirm_to_change_default_html: "Vennligst bekreft at standardinnstillingen din endres til %{new_identifier} ved å skrive inn et engangspassord fra den gjeldende standard enheten din." text_identifier: 'Du kan gi enheten en egendefinert Id ved hjelp av dette feltet.' failed_to_delete: 'Kunne ikke slette 2FA-enheten.' @@ -91,7 +91,7 @@ totp: title: 'Bruk appbasert godkjenning' provisioning_uri: 'Levering av URI' - secret_key: 'Hemmelig nøkkel' + secret_key: 'Secret key' time_based: 'Tidsbasert' account: 'Kontonavn / Utsteder' setup: | @@ -118,6 +118,13 @@ label_two_factor_authentication: 'Tofaktorautentisering' forced_registration: required_to_add_device: 'En aktiv sikkerhetspolicy krever at du aktiverer tofaktorautentisering. Vennligst bruk følgende skjema for å registrere en enhet.' + remember: + active_session_notice: > + Your account has an active remember cookie valid until %{expires_on}. This cookie allows you to log in without a second factor to your account until that time. + label: 'Remember' + clear_cookie: 'Click here to remove this cookie' + cookie_removed: 'The remember cookie has been removed.' + dont_ask_again: "Create cookie to remember 2FA authentication on this client for %{days} days." field_phone: "Mobiltelefon" field_otp: "Engangspassord" notice_account_otp_invalid: "Ugyldig engangspassord." diff --git a/config/locales/crowdin/pl.yml b/config/locales/crowdin/pl.yml index 5de24dfe8c..69adea0b45 100644 --- a/config/locales/crowdin/pl.yml +++ b/config/locales/crowdin/pl.yml @@ -81,7 +81,7 @@ pl: registration_failed_update: 'Rejestracja urządzenia 2FA nie powiodła się, token był ważny, ale urządzenie nie mogło zostać zaktualizowane.' confirm_send_failed: 'Potwierdzenie twojego urządzenia 2FA nie powiodło się.' button_complete_registration: 'Ukończ rejestrację 2FA' - text_confirm_to_complete_html: "Proszę zakończyć rejestrację Twojego urządzenia %{identifier} wpisując hasło jednorazowe z urządzenia." + text_confirm_to_complete_html: "Please complete the registration of your device %{identifier} by entering a one-time password from your default device." text_confirm_to_change_default_html: "Proszę potwierdzić, zmiana domyślnego urządzenia do %{new_identifier} poprzez wpisanie hasła jednorazowego z bieżącego urządzenia domyślnego." text_identifier: 'Możesz nadać urządzeniu niestandardowy identyfikator za pomocą tego pola.' failed_to_delete: 'Nie można usunąć urządzenia 2FA.' @@ -91,7 +91,7 @@ pl: totp: title: 'Użyj uwierzytelniacza opartego na aplikacji' provisioning_uri: 'Inicjowanie obsługi URI' - secret_key: 'Sekretny klucz' + secret_key: 'Secret key' time_based: 'Oparte na czasie' account: 'Nazwa rachunku / wystawcy' setup: | @@ -118,6 +118,13 @@ pl: label_two_factor_authentication: 'Uwierzytelnianie dwuskładnikowe' forced_registration: required_to_add_device: 'Aktywna polityka bezpieczeństwa wymaga włączenia uwierzytelniania dwuskładnikowego. Użyj poniższego formularza, aby zarejestrować urządzenie.' + remember: + active_session_notice: > + Your account has an active remember cookie valid until %{expires_on}. This cookie allows you to log in without a second factor to your account until that time. + label: 'Remember' + clear_cookie: 'Click here to remove this cookie' + cookie_removed: 'The remember cookie has been removed.' + dont_ask_again: "Create cookie to remember 2FA authentication on this client for %{days} days." field_phone: "Komórka" field_otp: "Jednorazowe hasło" notice_account_otp_invalid: "Nieprawidłowe hasło jednorazowe." diff --git a/config/locales/crowdin/pt-BR.yml b/config/locales/crowdin/pt-BR.yml index fb155a345a..77f0b2bf71 100644 --- a/config/locales/crowdin/pt-BR.yml +++ b/config/locales/crowdin/pt-BR.yml @@ -81,7 +81,7 @@ pt-BR: registration_failed_update: 'O registro do dispositivo 2FA falhou, o token era válido, mas o dispositivo não pôde ser atualizado.' confirm_send_failed: 'Não foi possível confirmar seu dispositivo 2FA.' button_complete_registration: 'Registo 2FA concluído' - text_confirm_to_complete_html: "Conclua o registro de seu dispositivo %{identifier} inserindo uma senha de uso único de seu dispositivo." + text_confirm_to_complete_html: "Please complete the registration of your device %{identifier} by entering a one-time password from your default device." text_confirm_to_change_default_html: "Confirme a alteração de seu dispositivo padrão para %{new_identifier} inserindo uma senha de uso único de seu dispositivo padrão atual." text_identifier: 'Você pode fornecer ao dispositivo um identificador personalizado usando este campo.' failed_to_delete: 'Falha ao excluir o dispositivo 2FA.' @@ -91,7 +91,7 @@ pt-BR: totp: title: 'Use o seu autenticador com base no aplicativo' provisioning_uri: 'Posicionando URI' - secret_key: 'Chave secreta' + secret_key: 'Secret key' time_based: 'Com base no tempo' account: 'Nome da conta / Emissor' setup: | @@ -118,6 +118,13 @@ pt-BR: label_two_factor_authentication: 'Autenticação de dois fatores' forced_registration: required_to_add_device: 'Uma política de segurança ativa exige que você ative a autenticação de dois fatores. Use o seguinte formulário para registrar um dispositivo.' + remember: + active_session_notice: > + Your account has an active remember cookie valid until %{expires_on}. This cookie allows you to log in without a second factor to your account until that time. + label: 'Remember' + clear_cookie: 'Click here to remove this cookie' + cookie_removed: 'The remember cookie has been removed.' + dont_ask_again: "Create cookie to remember 2FA authentication on this client for %{days} days." field_phone: "Telefone celular" field_otp: "Senha de uso único" notice_account_otp_invalid: "Senha de uso único inválida." diff --git a/config/locales/crowdin/pt-PT.yml b/config/locales/crowdin/pt-PT.yml index 1e40529232..03be8b8822 100644 --- a/config/locales/crowdin/pt-PT.yml +++ b/config/locales/crowdin/pt-PT.yml @@ -81,7 +81,7 @@ pt: registration_failed_update: 'O registro do dispositivo 2FA falhou, o token foi válido, mas o dispositivo não pôde ser atualizado.' confirm_send_failed: 'A confirmação do seu dispositivo 2FA falhou.' button_complete_registration: 'Registo 2FA Completo' - text_confirm_to_complete_html: "Complete o registro do seu dispositivo %{identifier} inserindo uma senha única de seu dispositivo." + text_confirm_to_complete_html: "Please complete the registration of your device %{identifier} by entering a one-time password from your default device." text_confirm_to_change_default_html: "Confirme a alteração do seu dispositivo padrão para %{new_identifier} inserindo uma senha única de seu dispositivo padrão atual." text_identifier: 'Você pode fornecer ao dispositivo um identificador personalizado usando este campo.' failed_to_delete: 'Falha ao excluir o dispositivo 2FA.' @@ -91,7 +91,7 @@ pt: totp: title: 'Use o seu autenticador baseado em aplicativos' provisioning_uri: 'URI de provisionamento' - secret_key: 'Chave secreta' + secret_key: 'Secret key' time_based: 'Baseada no tempo' account: 'Nome da conta / Emissor' setup: | @@ -118,6 +118,13 @@ pt: label_two_factor_authentication: 'Autenticação de dois fatores' forced_registration: required_to_add_device: 'Uma política de segurança ativa exige que você habilite a autenticação de dois fatores. Use o seguinte formulário para registrar um dispositivo.' + remember: + active_session_notice: > + Your account has an active remember cookie valid until %{expires_on}. This cookie allows you to log in without a second factor to your account until that time. + label: 'Remember' + clear_cookie: 'Click here to remove this cookie' + cookie_removed: 'The remember cookie has been removed.' + dont_ask_again: "Create cookie to remember 2FA authentication on this client for %{days} days." field_phone: "Telemóvel" field_otp: "Palavra-passe de utilização única" notice_account_otp_invalid: "Palavra-passe de utilização única inválida." diff --git a/config/locales/crowdin/ru.yml b/config/locales/crowdin/ru.yml index bcdc33144a..4b1da7eddc 100644 --- a/config/locales/crowdin/ru.yml +++ b/config/locales/crowdin/ru.yml @@ -81,7 +81,7 @@ ru: registration_failed_update: 'Ошибка регистрации устройства 2ФА: токен действителен, однако обновить устройство не удалось.' confirm_send_failed: 'Не удалось подтвердить устройство 2ФА.' button_complete_registration: 'Завершить регистрацию 2ФА' - text_confirm_to_complete_html: "Завершите регистрацию устройства %{identifier}: введите с него одноразовый пароль." + text_confirm_to_complete_html: "Please complete the registration of your device %{identifier} by entering a one-time password from your default device." text_confirm_to_change_default_html: "Подтвердите новое устройство по умолчанию — %{new_identifier}: введите одноразовый пароль с текущего устройства по умолчанию." text_identifier: 'С помощью этого поля устройству можно присвоить идентификатор.' failed_to_delete: 'Не удалось удалить устройство 2ФА.' @@ -91,7 +91,7 @@ ru: totp: title: 'Использование приложения для аутентификации' provisioning_uri: 'URI для подключения' - secret_key: 'Секретный ключ' + secret_key: 'Secret key' time_based: 'С синхронизацией по времени' account: 'Имя учетной записи / эмитент' setup: | @@ -118,6 +118,13 @@ ru: label_two_factor_authentication: 'Двухфакторная аутентификация' forced_registration: required_to_add_device: 'Активная политика безопасности требует использования двухфакторной аутентификации. Зарегистрируйте устройство с помощью следующей формы.' + remember: + active_session_notice: > + Your account has an active remember cookie valid until %{expires_on}. This cookie allows you to log in without a second factor to your account until that time. + label: 'Remember' + clear_cookie: 'Click here to remove this cookie' + cookie_removed: 'The remember cookie has been removed.' + dont_ask_again: "Create cookie to remember 2FA authentication on this client for %{days} days." field_phone: "Сотовый телефон" field_otp: "Одноразовый пароль" notice_account_otp_invalid: "Неправильный одноразовый пароль." diff --git a/config/locales/crowdin/tr.yml b/config/locales/crowdin/tr.yml index 94716ab177..87d1639368 100644 --- a/config/locales/crowdin/tr.yml +++ b/config/locales/crowdin/tr.yml @@ -80,7 +80,7 @@ tr: registration_failed_update: '2FA cihaz kaydı başarısız oldu, belirteç geçerli ancak cihaz güncellenemedi.' confirm_send_failed: '2FA cihazınızın onayı başarısız oldu.' button_complete_registration: '2FA kaydı tamamlayın' - text_confirm_to_complete_html: "Lütfen cihazınızdan %{identifier} bir seferlik şifre girerek cihazınızın kaydını tamamlayın." + text_confirm_to_complete_html: "Please complete the registration of your device %{identifier} by entering a one-time password from your default device." text_confirm_to_change_default_html: "Mevcut varsayılan cihazınızdan bir kerelik şifre girerek varsayılan cihazınızı %{new_identifier} olarak değiştirmenizi onaylayın." text_identifier: 'Bu alanı kullanarak cihaza özel bir tanımlayıcı verebilirsiniz.' failed_to_delete: '2FA cihazı silinemedi.' @@ -90,7 +90,7 @@ tr: totp: title: 'Uygulama dayalı kimlik doğrulayıcınızı kullanın' provisioning_uri: 'URI Hazırlama' - secret_key: 'Gizli anahtar' + secret_key: 'Secret key' time_based: 'Zaman bazlı' account: 'Hesap adı / veren' setup: | @@ -117,6 +117,13 @@ tr: label_two_factor_authentication: 'İki faktörlü kimlik doğrulama' forced_registration: required_to_add_device: 'Etkin bir güvenlik ilkesi, iki faktörlü kimlik doğrulamayı etkinleştirmenizi gerektirir. Bir cihazı kaydetmek için lütfen aşağıdaki formu kullanın.' + remember: + active_session_notice: > + Your account has an active remember cookie valid until %{expires_on}. This cookie allows you to log in without a second factor to your account until that time. + label: 'Remember' + clear_cookie: 'Click here to remove this cookie' + cookie_removed: 'The remember cookie has been removed.' + dont_ask_again: "Create cookie to remember 2FA authentication on this client for %{days} days." field_phone: "Cep Telefonu" field_otp: "Tek-kullanımlık Şifre" notice_account_otp_invalid: "Geçersiz tek kullanımlık şifre." diff --git a/config/locales/crowdin/zh-CN.yml b/config/locales/crowdin/zh-CN.yml index 592a770692..908fb31fe5 100644 --- a/config/locales/crowdin/zh-CN.yml +++ b/config/locales/crowdin/zh-CN.yml @@ -81,7 +81,7 @@ zh-CN: registration_failed_update: '2FA 设备注册失败,令牌有效,但设备无法更新。' confirm_send_failed: '确认您的 2FA 设备失败。' button_complete_registration: '完成 2FA 注册' - text_confirm_to_complete_html: "请从您的设备输入一次性密码,完成设备 %{identifier} 的注册。" + text_confirm_to_complete_html: "Please complete the registration of your device %{identifier} by entering a one-time password from your default device." text_confirm_to_change_default_html: "请从您的当前默认设备输入一次性密码,确认将您的默认设备更改为 %{new_identifier}。" text_identifier: '您可以使用此字段为设备提供自定义标识符。' failed_to_delete: '删除 2FA 设备失败。' @@ -91,7 +91,7 @@ zh-CN: totp: title: '使用您的基于应用程序的身份验证器' provisioning_uri: '配置 URI' - secret_key: '密钥' + secret_key: 'Secret key' time_based: '基于时间' account: '帐户名/颁发者' setup: | @@ -118,6 +118,13 @@ zh-CN: label_two_factor_authentication: '双重身份验证' forced_registration: required_to_add_device: '活动安全策略要求您启用双重身份验证。请使用以下表单注册设备。' + remember: + active_session_notice: > + Your account has an active remember cookie valid until %{expires_on}. This cookie allows you to log in without a second factor to your account until that time. + label: 'Remember' + clear_cookie: 'Click here to remove this cookie' + cookie_removed: 'The remember cookie has been removed.' + dont_ask_again: "Create cookie to remember 2FA authentication on this client for %{days} days." field_phone: "手机" field_otp: "一次性密码" notice_account_otp_invalid: "一次性密码无效。" From b6e7009f3162763984d5ec220f0d6a78718aa3f4 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Oliver=20G=C3=BCnther?= Date: Tue, 30 Jan 2018 13:50:44 +0100 Subject: [PATCH 2/4] Expire the token correctly, otherwise it is removed on close https://community.openproject.com/wp/27089 --- .../two_factor_authentication/concerns/remember_token.rb | 1 + 1 file changed, 1 insertion(+) diff --git a/app/controllers/two_factor_authentication/concerns/remember_token.rb b/app/controllers/two_factor_authentication/concerns/remember_token.rb index 20f913093d..253169d666 100644 --- a/app/controllers/two_factor_authentication/concerns/remember_token.rb +++ b/app/controllers/two_factor_authentication/concerns/remember_token.rb @@ -29,6 +29,7 @@ module ::TwoFactorAuthentication cookies.encrypted[remember_cookie_name] = { value: new_token!(@authenticated_user), httponly: true, + expires: remember_2fa_days.days.from_now, secure: Setting.protocol == 'https' } end From ef235c871160f35d89619f5037c380fe5c912d7e Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Oliver=20G=C3=BCnther?= Date: Tue, 30 Jan 2018 14:06:33 +0100 Subject: [PATCH 3/4] Add default settings --- lib/open_project/two_factor_authentication/engine.rb | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/lib/open_project/two_factor_authentication/engine.rb b/lib/open_project/two_factor_authentication/engine.rb index 71348adbc4..7b339c8ced 100644 --- a/lib/open_project/two_factor_authentication/engine.rb +++ b/lib/open_project/two_factor_authentication/engine.rb @@ -10,8 +10,12 @@ module OpenProject::TwoFactorAuthentication author_url: 'http://openproject.com', settings: { default: { + # Only app-based 2FA allowed per default + active_strategies: [:totp], + # Don't force users to register device enforced: false, - active_strategies: [] + # Don't allow remember cookie + allow_remember_for_days: 0 } }, requires_openproject: '>= 4.0.0' do From 0a34d6c649a52de5df513d84551e97a552d57e65 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Oliver=20G=C3=BCnther?= Date: Wed, 31 Jan 2018 08:22:03 +0100 Subject: [PATCH 4/4] Add menu item to change enforced and remember function --- .../settings_controller.rb | 55 +++++++++++++ .../settings.html.erb | 80 +++++++++++++++++++ .../two_factor_authentication/upsale.html.erb | 30 +++++++ config/locales/en.yml | 20 +++++ config/routes.rb | 3 + .../two_factor_authentication/engine.rb | 13 ++- .../token_strategy_manager.rb | 34 ++++++-- openproject-two_factor_authentication.gemspec | 4 +- .../authentication_controller_spec.rb | 3 + .../two_factor_devices_controller_spec.rb | 3 + .../my/two_factor_devices_controller_spec.rb | 3 + .../two_factor_devices_controller_spec.rb | 3 + spec/lib/token_strategy_manager_spec.rb | 5 ++ spec/services/token_service_spec.rb | 12 +++ 14 files changed, 259 insertions(+), 9 deletions(-) create mode 100644 app/controllers/two_factor_authentication/settings_controller.rb create mode 100644 app/views/two_factor_authentication/settings.html.erb create mode 100644 app/views/two_factor_authentication/upsale.html.erb diff --git a/app/controllers/two_factor_authentication/settings_controller.rb b/app/controllers/two_factor_authentication/settings_controller.rb new file mode 100644 index 0000000000..72207585dd --- /dev/null +++ b/app/controllers/two_factor_authentication/settings_controller.rb @@ -0,0 +1,55 @@ +module ::TwoFactorAuthentication + class SettingsController < ApplicationController + + before_action :require_admin + before_action :check_enabled + + layout 'admin' + menu_item :two_factor_authentication + + def show + render template: 'two_factor_authentication/settings', + locals: { + settings: Setting.plugin_openproject_two_factor_authentication, + strategy_manager: manager, + configuration: manager.configuration + } + end + + def update + current_settings = Setting.plugin_openproject_two_factor_authentication + begin + merge_settings!(current_settings, permitted_params) + manager.validate_configuration! + flash[:notice] = I18n.t(:notice_successful_update) + rescue ArgumentError => e + Setting.plugin_openproject_two_factor_authentication = current_settings + flash[:error] = I18n.t('two_factor_authentication.settings.failed_to_save_settings', message: e.message) + Rails.logger.error "Failed to save 2FA settings: #{e.message}" + end + + redirect_to action: :show + end + + private + + def permitted_params + params.require(:settings).permit(:enforced, :allow_remember_for_days) + end + + def merge_settings!(current, permitted) + Setting.plugin_openproject_two_factor_authentication = current.merge( + enforced: !!permitted[:enforced], + allow_remember_for_days: permitted[:allow_remember_for_days] + ) + end + + def check_enabled + render_403 unless manager.configurable_by_ui? + end + + def manager + ::OpenProject::TwoFactorAuthentication::TokenStrategyManager + end + end +end diff --git a/app/views/two_factor_authentication/settings.html.erb b/app/views/two_factor_authentication/settings.html.erb new file mode 100644 index 0000000000..b45bfd242f --- /dev/null +++ b/app/views/two_factor_authentication/settings.html.erb @@ -0,0 +1,80 @@ +<% html_title(t(:label_administration), t('two_factor_authentication.settings.title')) -%> + +<%= breadcrumb_toolbar(t('two_factor_authentication.settings.title')) %> +
+ <%= styled_form_tag({ action: :update }, + method: :post, + id: 'update-ldap-group-settings-form') do %> +
+ <%= t('two_factor_authentication.settings.current_configuration') %> +

+ <%= t('two_factor_authentication.settings.text_configuration') %> +
+ <% configuration_link = OpenProject::Static::Links.links.fetch :configuration_guide %> + <%= link_to t('two_factor_authentication.settings.text_configuration_guide'), configuration_link[:href] %> +

+
+
<%= t('two_factor_authentication.settings.label_active_strategies') %>
+
+
+ <%= t(:label_none) if configuration[:active_strategies].empty? %> + <% configuration[:active_strategies].each do |key| %> + + <%= t("two_factor_authentication.strategies.#{key}") %> + +
+ <% end %> +
+
+
<%= t('two_factor_authentication.settings.label_enforced') %>
+
+
+ <%= !!configuration[:enforced] %> +
+
+
<%= t('two_factor_authentication.settings.label_remember') %>
+
+
+ <% if configuration[:allow_remember_for_days].to_i == 0 %> + <%= t(:label_disabled) %> + <% else %> + <%= configuration[:allow_remember_for_days] %> (<%= t(:label_day_plural) %>) + <% end %> +
+
+
+
+
+ <%= t(:label_settings) %> +
+ +
+ <%= styled_check_box_tag 'settings[enforced]', + '1', + !!configuration[:enforced], + disabled: strategy_manager.enforced_by_configuration?(:enforced) || configuration[:active_strategies].empty?, + container_class: '-middle' %> +
+
+ <%= I18n.t('two_factor_authentication.settings.text_enforced') %> +
+
+
+ +
+ <%= styled_number_field_tag 'settings[allow_remember_for_days]', + configuration[:allow_remember_for_days], + min: '0', + max: '365', + step: '1', + disabled: strategy_manager.enforced_by_configuration?(:allow_remember_for_days), + container_class: '-middle' %> +
+
+ <%= I18n.t('two_factor_authentication.settings.text_remember') %> +
+
+
+ <%= styled_submit_tag l(:button_apply), class: '-highlight' %> + <% end %> +
diff --git a/app/views/two_factor_authentication/upsale.html.erb b/app/views/two_factor_authentication/upsale.html.erb new file mode 100644 index 0000000000..20438dc31c --- /dev/null +++ b/app/views/two_factor_authentication/upsale.html.erb @@ -0,0 +1,30 @@ +<% html_title(t(:label_administration), t('two_factor_authentication.settings.title')) -%> + +<%= breadcrumb_toolbar(t('two_factor_authentication.settings.title')) %> +
+
+

<%= t('admin.enterprise.upgrade_to_ee') %>

+ <%= image_tag "enterprise_edition.png", class: "widget-box--teaser-image" %> + +

<%= t('homescreen.blocks.upsale.description') %>

+ +
    +
  • + <%= t('homescreen.blocks.upsale.additional_features') %> +
    • +
  • + <%= t('homescreen.blocks.upsale.professional_support') %> +
    • +
+

+ <%= t('homescreen.blocks.upsale.become_hero') %> <%= t('homescreen.blocks.upsale.you_contribute') %> +

+ <%= link_to( "#{OpenProject::Static::Links.links[:upsale][:href]}/?utm_source=unknown&utm_medium=community-edition&utm_campaign=2fa", + { class: 'button -alt-highlight', + aria: {label: t('admin.enterprise.order')}, + title: t('admin.enterprise.order')}) do %> + <%= op_icon('button--icon icon-add') %> + <%= t('admin.enterprise.order') %> + <% end %> +
+
\ No newline at end of file diff --git a/config/locales/en.yml b/config/locales/en.yml index fdfe84997f..02ac63474d 100644 --- a/config/locales/en.yml +++ b/config/locales/en.yml @@ -44,6 +44,21 @@ en: enter_backup_code_title: Enter backup code enter_backup_code_text: Please enter a valid backup code from your list of codes in case you can no longer access your registered 2FA devices. other_device: 'Use another device or backup code' + settings: + title: '2FA settings' + current_configuration: 'Current configuration' + label_active_strategies: 'Active 2FA strategies' + label_enforced: 'Enforce 2FA' + label_remember: 'Remember 2FA login' + text_configuration: | + Note: These values represent the current application-wide configuration. You cannot disable settings enforced by the configuration or change the current active strategies, since they require a server restart. + text_configuration_guide: For more information, check the configuration guide. + text_enforced: 'Enable this setting to force all users to register a 2FA device on their next login. Can only be disabled when not enforced by configuration.' + text_remember: | + Set this to greater than zero to allow users to remember their 2FA authentication for the given number of days. + They will not be requested to re-enter it during that period. Can only be set when not enforced by configuration. + error_invalid_settings: 'The 2FA strategies you selected are invalid' + failed_to_save_settings: 'Failed to update 2FA settings: %{message}' admin: self_edit_path: 'To add or modify your own 2FA devices, please go to %{self_edit_link}' self_edit_link_name: 'Two-factor authentication on your account page' @@ -118,6 +133,11 @@ en: restdt: delivery_failed_with_code: 'Token delivery failed. (Error code %{code})' + strategies: + totp: 'Authenticator application' + sns: 'Amazon SNS' + resdt: 'SMS Rest API' + mobile_transmit_notification: "A one-time password has been sent to your cell phone." label_two_factor_authentication: 'Two-factor authentication' diff --git a/config/routes.rb b/config/routes.rb index 32c7d74680..1ffe120d79 100644 --- a/config/routes.rb +++ b/config/routes.rb @@ -6,6 +6,9 @@ OpenProject::Application::routes.draw do post :retry, to: 'authentication#retry' get :backup_code, to: 'authentication#enter_backup_code' post :backup_code, to: 'authentication#verify_backup_code' + + get :settings, to: 'settings#show', as: 'settings_2fa' + post :settings, to: 'settings#update', as: 'update_settings_2fa' end scope 'two_factor_authentication' do # Avoids adding the namespace prefix diff --git a/lib/open_project/two_factor_authentication/engine.rb b/lib/open_project/two_factor_authentication/engine.rb index 7b339c8ced..6d973b716c 100644 --- a/lib/open_project/two_factor_authentication/engine.rb +++ b/lib/open_project/two_factor_authentication/engine.rb @@ -11,14 +11,15 @@ module OpenProject::TwoFactorAuthentication settings: { default: { # Only app-based 2FA allowed per default - active_strategies: [:totp], + # (will be added in token strategy manager) + active_strategies: [], # Don't force users to register device enforced: false, # Don't allow remember cookie allow_remember_for_days: 0 } }, - requires_openproject: '>= 4.0.0' do + requires_openproject: '>= 7.2.0' do menu :my_menu, :two_factor_authentication, { controller: 'two_factor_authentication/my/two_factor_devices', action: :index }, @@ -26,6 +27,14 @@ module OpenProject::TwoFactorAuthentication after: :password, if: ->(*) { ::OpenProject::TwoFactorAuthentication::TokenStrategyManager.enabled? }, icon: 'icon2 icon-types' + + menu :admin_menu, + :two_factor_authentication, + { controller: 'two_factor_authentication/settings', action: :show }, + caption: ->(*) { I18n.t('two_factor_authentication.label_two_factor_authentication') }, + after: :ldap_authentication, + if: ->(*) { ::OpenProject::TwoFactorAuthentication::TokenStrategyManager.configurable_by_ui? }, + icon: 'icon2 icon-types' end initializer 'two_factor_authentication.precompile_assets' do |app| diff --git a/lib/open_project/two_factor_authentication/token_strategy_manager.rb b/lib/open_project/two_factor_authentication/token_strategy_manager.rb index 52d7993222..4488b1a9c0 100644 --- a/lib/open_project/two_factor_authentication/token_strategy_manager.rb +++ b/lib/open_project/two_factor_authentication/token_strategy_manager.rb @@ -54,6 +54,12 @@ module OpenProject::TwoFactorAuthentication !!configuration[:enforced] end + ## + # Determine whether the plugin settings can be changed from the UI + def configurable_by_ui? + !configuration[:hide_settings_menu_item] + end + def allow_remember_for_days configuration[:allow_remember_for_days].to_i end @@ -68,6 +74,8 @@ module OpenProject::TwoFactorAuthentication # Fetch all active strategies def active_strategies configuration.fetch(:active_strategies, []) + .map(&:to_s) + .uniq .map { |strategy| lookup_active_strategy strategy } end @@ -100,16 +108,32 @@ module OpenProject::TwoFactorAuthentication config end - def merge_with_settings!(config, settings) - # Allow enforcing from settings if not true in configuration - unless config[:enforced] - config[:enforced] = settings[:enforced] - end + def enforced_by_configuration?(key) + (OpenProject::Configuration['2fa'] || {}).has_key? key + end + def merge_with_settings!(config, settings) predefined_strategies = config.fetch(:active_strategies, []) additional_strategies = settings.fetch(:active_strategies, []) config[:active_strategies] = predefined_strategies | additional_strategies + # Always enable totp if nothing is enabled + config[:active_strategies] << :totp if add_default_strategy?(config) + # Allow enforcing from settings if not true in configuration + config[:enforced] ||= settings[:enforced] + config[:allow_remember_for_days] = config.fetch(:allow_remember_for_days, settings[:allow_remember_for_days]) + end + + def add_default_strategy?(config) + config[:active_strategies].empty? + end + + def available_strategies + { + totp: I18n.t("activerecord.models.two_factor_authentication/device/totp"), + sns: I18n.t("activerecord.models.two_factor_authentication/device/sms"), + restdt: I18n.t("activerecord.models.two_factor_authentication/device/restdt") + } end def lookup_active_strategy(klazz) diff --git a/openproject-two_factor_authentication.gemspec b/openproject-two_factor_authentication.gemspec index 27452bb198..0b9c123ff7 100644 --- a/openproject-two_factor_authentication.gemspec +++ b/openproject-two_factor_authentication.gemspec @@ -10,10 +10,10 @@ Gem::Specification.new do |s| s.version = OpenProject::TwoFactorAuthentication::VERSION s.authors = "OpenProject GmbH" s.email = "info@openproject.com" - s.homepage = "https://community.openproject.org/projects/mobile-otp" + s.homepage = "https://community.openproject.org/projects/two-factor-authentication" s.summary = "OpenProject Two-factor authentication" s.description = "This OpenProject plugin authenticates your users using two-factor authentication by means of one-time password " \ - "through the TOTP standard (Google Authenticator) or sent to the user\'s cell phone via SMS or voice call" + "through the TOTP standard (Google Authenticator) or sent to the user's cell phone via SMS or voice call" s.files = Dir["{app,config,db,lib}/**/*", "CHANGELOG.md", "README.rdoc"] s.test_files = Dir["spec/**/*"] diff --git a/spec/controllers/two_factor_authentication/authentication_controller_spec.rb b/spec/controllers/two_factor_authentication/authentication_controller_spec.rb index 950725d488..2b57abc20a 100644 --- a/spec/controllers/two_factor_authentication/authentication_controller_spec.rb +++ b/spec/controllers/two_factor_authentication/authentication_controller_spec.rb @@ -24,6 +24,9 @@ describe ::TwoFactorAuthentication::AuthenticationController, with_2fa_ee: true, describe 'with no active strategy, but 2FA enforced as configuration', with_config: { '2fa' => { active_strategies: [], enforced: true } } do before do + allow(OpenProject::TwoFactorAuthentication::TokenStrategyManager) + .to receive(:add_default_strategy?) + .and_return false session[:authenticated_user_id] = user.id get :request_otp end diff --git a/spec/controllers/two_factor_authentication/forced_registration/two_factor_devices_controller_spec.rb b/spec/controllers/two_factor_authentication/forced_registration/two_factor_devices_controller_spec.rb index f3b142ea50..1c6a1d350e 100644 --- a/spec/controllers/two_factor_authentication/forced_registration/two_factor_devices_controller_spec.rb +++ b/spec/controllers/two_factor_authentication/forced_registration/two_factor_devices_controller_spec.rb @@ -20,6 +20,9 @@ describe ::TwoFactorAuthentication::ForcedRegistration::TwoFactorDevicesControll allow(OpenProject::Configuration) .to receive(:[]).with('2fa') .and_return({ active_strategies: active_strategies }.merge(config).with_indifferent_access) + allow(OpenProject::TwoFactorAuthentication::TokenStrategyManager) + .to receive(:add_default_strategy?) + .and_return false end describe 'accessing' do diff --git a/spec/controllers/two_factor_authentication/my/two_factor_devices_controller_spec.rb b/spec/controllers/two_factor_authentication/my/two_factor_devices_controller_spec.rb index 2a0a7d9ad0..c706b8b666 100644 --- a/spec/controllers/two_factor_authentication/my/two_factor_devices_controller_spec.rb +++ b/spec/controllers/two_factor_authentication/my/two_factor_devices_controller_spec.rb @@ -14,6 +14,9 @@ describe ::TwoFactorAuthentication::My::TwoFactorDevicesController, with_2fa_ee: allow(OpenProject::Configuration) .to receive(:[]).with('2fa') .and_return({ active_strategies: active_strategies }.merge(config).with_indifferent_access) + allow(OpenProject::TwoFactorAuthentication::TokenStrategyManager) + .to receive(:add_default_strategy?) + .and_return false end describe 'accessing' do diff --git a/spec/controllers/two_factor_authentication/users/two_factor_devices_controller_spec.rb b/spec/controllers/two_factor_authentication/users/two_factor_devices_controller_spec.rb index 1c8498eceb..9e3c73d0fb 100644 --- a/spec/controllers/two_factor_authentication/users/two_factor_devices_controller_spec.rb +++ b/spec/controllers/two_factor_authentication/users/two_factor_devices_controller_spec.rb @@ -15,6 +15,9 @@ describe ::TwoFactorAuthentication::Users::TwoFactorDevicesController, with_2fa_ allow(OpenProject::Configuration) .to receive(:[]).with('2fa') .and_return({ active_strategies: active_strategies }.merge(config).with_indifferent_access) + allow(OpenProject::TwoFactorAuthentication::TokenStrategyManager) + .to receive(:add_default_strategy?) + .and_return false end describe 'accessing' do diff --git a/spec/lib/token_strategy_manager_spec.rb b/spec/lib/token_strategy_manager_spec.rb index a13c33b0ff..49343272e2 100644 --- a/spec/lib/token_strategy_manager_spec.rb +++ b/spec/lib/token_strategy_manager_spec.rb @@ -122,6 +122,11 @@ describe ::OpenProject::TwoFactorAuthentication::TokenStrategyManager do subject { described_class.validate_active_strategies! } context 'when no strategy is set' do let(:active_strategies) { [] } + before do + allow(OpenProject::TwoFactorAuthentication::TokenStrategyManager) + .to receive(:add_default_strategy?) + .and_return false + end context 'and enforced is false' do let(:enforced) { false } diff --git a/spec/services/token_service_spec.rb b/spec/services/token_service_spec.rb index 858c246f9f..8b6afa81a0 100644 --- a/spec/services/token_service_spec.rb +++ b/spec/services/token_service_spec.rb @@ -25,6 +25,12 @@ describe ::TwoFactorAuthentication::TokenService, with_2fa_ee: true do let(:active_strategies) { [] } context 'when enforced' do + before do + allow(OpenProject::TwoFactorAuthentication::TokenStrategyManager) + .to receive(:add_default_strategy?) + .and_return false + end + let(:enforced) { true } it 'requires a token' do expect(subject.requires_token?).to be_truthy @@ -38,6 +44,12 @@ describe ::TwoFactorAuthentication::TokenService, with_2fa_ee: true do context 'when not enforced' do let(:enforced) { false } + before do + allow(OpenProject::TwoFactorAuthentication::TokenStrategyManager) + .to receive(:add_default_strategy?) + .and_return false + end + it 'requires no token' do expect(subject.requires_token?).to be_falsey end