fixes #3532

Closes #3532 Merge request studip/studip!2426
author: Jan-Hendrik Willms <tleilax+studip@gmail.com> 2023-12-06 11:26:20 +0000
committer: Jan-Hendrik Willms <tleilax+studip@gmail.com> 2023-12-06 11:26:20 +0000
commit: 55d3689ae8808f89b9d9b87a9af3d94acdb2585a (patch)
tree: d831316d3e22903b8029858ad181578c420c81c5 /app/controllers/tfa.php
parent: cda5cbe132debf296f48aff619630f93d8ef4d0f (diff)
1 files changed, 8 insertions, 0 deletions
diff --git a/app/controllers/tfa.php b/app/controllers/tfa.php
index 1b57f26..370d883 100644
--- a/app/controllers/tfa.php
+++ b/app/controllers/tfa.php
@@ -11,6 +11,8 @@ class TfaController extends AuthenticatedController
         $this->user = User::findCurrent();
         $this->is_root = $GLOBALS['perm']->have_perm('root');
 
+        $this->own_profile = true;
+
         if ($this->is_root && Request::submitted('username')) {
             $username = Request::username('username');
             $this->user = User::findOneByUsername($username);
@@ -19,6 +21,8 @@ class TfaController extends AuthenticatedController
                 throw new Exception(_('Diesen Nutzer gibt es nicht'));
             }
 
+            $this->own_profile = false;
+
             URLHelper::addLinkParam('username', Request::username('username'));
 
             PageLayout::postMessage(
@@ -33,6 +37,10 @@ class TfaController extends AuthenticatedController
         }
 
         $this->secret = new TFASecret($this->user->id);
+
+        if (!$this->own_profile) {
+            PageLayout::postWarning(_('Sie können die Zwei-Faktor-Authentifizierung nicht für andere Personen einrichten.'));
+        }
     }
 
     public function index_action()
author	Jan-Hendrik Willms <tleilax+studip@gmail.com>	2023-12-06 11:26:20 +0000
committer	Jan-Hendrik Willms <tleilax+studip@gmail.com>	2023-12-06 11:26:20 +0000
commit	55d3689ae8808f89b9d9b87a9af3d94acdb2585a (patch)
tree	d831316d3e22903b8029858ad181578c420c81c5 /app/controllers/tfa.php
parent	cda5cbe132debf296f48aff619630f93d8ef4d0f (diff)