Page MenuHomePhabricator

Allow administrators to get a list of users who don't have MFA configured
ClosedPublic

Authored by epriestley on Mar 15 2017, 7:04 PM.
Tags
None
Referenced Files
Unknown Object (File)
Tue, Nov 26, 11:26 AM
Unknown Object (File)
Tue, Nov 26, 10:34 AM
Unknown Object (File)
Wed, Nov 20, 6:08 PM
Unknown Object (File)
Mon, Nov 18, 12:54 PM
Unknown Object (File)
Sat, Nov 9, 1:09 PM
Unknown Object (File)
Oct 26 2024, 12:26 AM
Unknown Object (File)
Oct 17 2024, 2:00 AM
Unknown Object (File)
Oct 15 2024, 6:10 PM
Subscribers
None

Details

Summary

Fixes T12400. Adds a "Has MFA" filter to People so you can figure out who you need to harass before turning on "require MFA".

When you run this as a non-admin, you don't currently actually hit the exception: the query just doesn't work. I think this is probably okay, but if we add more of these it might be better to make the "this didn't work" more explicit since it could be confusing in some weird edge cases (like, an administrator sending a non-administrator a link which they expect will show the non-administrator some interesting query results, but they actually just get no constraint). The exception is more of a fail-safe in case we make application changes in the future and don't remember this weird special case.

Test Plan
  • As an administrator and non-administrator, used People and Conduit to query MFA, no-MFA, and don't-care-about-MFA. These queries worked for an admin and didn't work for a non-admin.
  • Viewed the list as an administrator, saw MFA users annotated.
  • Viewed config help, clicked link as an admin, ended up in the right place.

Screen Shot 2017-03-15 at 11.59.20 AM.png (1×1 px, 188 KB)

Screen Shot 2017-03-15 at 11.51.49 AM.png (1×1 px, 184 KB)

Diff Detail

Repository
rP Phabricator
Branch
mfa1
Lint
Lint Passed
Unit
Tests Passed
Build Status
Buildable 15987
Build 21188: Run Core Tests
Build 21187: arc lint + arc unit