Some settings are blocked by OTP authentication requirement although 2FA is disabled

[KZumbusch]

Describe the bug I deployed a fresh instance of Froxlor 2.1.6 on Debian 12 to prepare a configuration for a production deployment. Although I have 2FA disabled for now, some settings require 2FA authentication which is not possible in this scenario. Especially the blocked settings for the DNS server configuration are problematic, as I cannot change the configuration from Bind to PowerDNS. The restart command is blocked.

Although having 2FA for admins is a really good idea and I will definitely have that configured in my production environments, getting forced to use it is rather inconvenient.

System information

• Froxlor version: 2.1.6
• Web server: nginx
• DNS server: PowerDNS (Bind-backend)
• POP/IMAP server: Dovecot
• SMTP server: postfix
• FTP server: proftpd
• OS/Version: Debian 12.5

To Reproduce Steps to reproduce the behavior:

1. Install Froxlor
2. Login as admin
3. Navigator to /admin_settings.php?page=overview&part=accounts
4. Disable "Activate Two-factor authentication (2FA) "
5. Navigate to /admin_settings.php?page=overview&part=nameserver
6. Some settings for the DNS servers are read only as they require OTP

Expected behavior If 2FA is disabled, I would expect any setting to be changeable.

[realrellek]

To bypass this check, you just need to adjust a setting in config.inc.php: https://docs.froxlor.org/latest/admin-guide/settings/#_3-settings-in-config-inc-php

[d00p]

Intended behaviour