Move 2FA disable button

- Removed disable button from /profile/account - Added disable button to /profile/two_factor_auth - Changed 2FA breadcrumb from 'User Settings > Account > Account' to 'User Settings > Account > Two-Factor Authentication'
2018-01-02 15:07:13 +02:00 · 2018-01-02 15:07:13 +02:00 · 540a2b6709
parent ff077cf7dc
commit 540a2b6709
4 changed files with 13 additions and 7 deletions
--- a/app/views/profiles/accounts/show.html.haml
+++ b/app/views/profiles/accounts/show.html.haml
@ -17,10 +17,6 @@
      Status: #{current_user.two_factor_enabled? ? 'Enabled' : 'Disabled'}
    - if current_user.two_factor_enabled?
      = link_to 'Manage two-factor authentication', profile_two_factor_auth_path, class: 'btn btn-info'
-      = link_to 'Disable', profile_two_factor_auth_path,
-                method: :delete,
-                data: { confirm: "Are you sure? This will invalidate your registered applications and U2F devices." },
-                class: 'btn btn-danger'
    - else
      .append-bottom-10
        = link_to 'Enable two-factor authentication', profile_two_factor_auth_path, class: 'btn btn-success'
--- a/app/views/profiles/two_factor_auths/show.html.haml
+++ b/app/views/profiles/two_factor_auths/show.html.haml
@ -1,5 +1,5 @@
 - page_title 'Two-Factor Authentication', 'Account'
- add_to_breadcrumbs("Account", profile_account_path)
+- add_to_breadcrumbs("Two-Factor Authentication", profile_account_path)
 - @content_class = "limit-container-width" unless fluid_layout

 = render 'profiles/head'
@ -18,7 +18,12 @@
        Use an app on your mobile device to enable two-factor authentication (2FA).
    .col-lg-8
      - if current_user.two_factor_otp_enabled?
-        = icon "check inverse", base: "circle", class: "text-success", text: "You've already enabled two-factor authentication using mobile authenticator applications. You can disable it from your account settings page."
+        %p
+          You've already enabled two-factor authentication using mobile authenticator applications. In order to register a different device, you must first disable two-factor authentication.
+          = link_to 'Disable two-factor authentication', profile_two_factor_auth_path,
+                method: :delete,
+                data: { confirm: "Are you sure? This will invalidate your registered applications and U2F devices." },
+                class: 'btn btn-danger'
      - else
        %p
          Download the Google Authenticator application from App Store or Google Play Store and scan this code.
--- a/changelogs/unreleased/fix-move-2fa-disable-button.yml
+++ b/changelogs/unreleased/fix-move-2fa-disable-button.yml
@ -0,0 +1,5 @@
+---
+title: Move 2FA disable button
+merge_request: 16177
+author: George Tsiolis
+type: fixed
--- a/spec/features/u2f_spec.rb
+++ b/spec/features/u2f_spec.rb
@ -264,7 +264,7 @@ feature 'Using U2F (Universal 2nd Factor) Devices for Authentication', :js do
      end

      it "deletes u2f registrations" do
-        visit profile_account_path
+        visit profile_two_factor_auth_path
        expect do
          accept_confirm { click_on "Disable" }
        end.to change { U2fRegistration.count }.by(-1)