Cosmetic bug: TOTP app checkbox is not unmarked when disabling the app from the CLI

[davitol]

Step to reproduce

1. Enable TOTP app for user1
2. Via CLI run occ twofactorauth:disable user1
3. Browse to Security section of user1

Current behavior

The checkbox is marked

Expected behavior

The checkbox should be unmarked. Note that TOTP is disabled for user1, it is just a cosmetic bug.

[davitol]

that wrong connection between disabling via CLI and the webUI i think it makes a lot scenarios of wrong enable status What i mean is, if you run for example

occ twofactorauth:disable admin

the only way to enable totp for the user is via CLI, the webUI won't work for enable it again

[PVince81]

as far as I remember, these two options are unrelated.

The CLI option exists in core and is related to "two factor authentication", not TOTP. I don't remember whether it enforces two factor auth for that user.

The option in the web UI is specific to this TOTP app, which is a specific implementation / style of two factor authentication. So the checkbox is only here to enable this type for this user.

We can leave this ticket open to reword the web UI setting to make it clearer.

[karakayasemi]

IMHO, if two-factor is disabled by the admin, the user should not see any two-factor provider app's settings in the personal panel. Maybe, we can add a control for here: https://github.com/owncloud/twofactor_totp/blob/master/lib/Settings/PersonalPanel.php#L39 or for a more common fix, we should add something on the core.