perf: Enhance MFA settings and display

src/views/users/User/UserCreateUpdate.vue

@@ -9,6 +9,7 @@ import rules from '@/components/Form/DataForm/rules'
 import { mapGetters } from 'vuex'
 import { Select2 } from '@/components'
 import store from '@/store'
+import { MFASystemSetting, MFALevel } from '../const'
 
 export default {
   components: {
@@ -44,10 +45,7 @@ export default {
           }
         },
         mfa_level: {
-          disabled: false,
-          tips: {
-            2: this.$t('forceEnableMFAHelpText')
-          }
+          disabled: false
         },
         email: {
           rules: [
@@ -176,6 +174,7 @@ export default {
         if (obj?.id) {
           obj.org_roles = obj.org_roles?.map(({ id }) => id)
           obj.system_roles = obj.system_roles?.map(({ id }) => id)
+          obj.mfa_level.value = this.initial.mfa_level || obj.mfa_level.value
         }
         return obj
       },
@@ -193,6 +192,9 @@ export default {
         if (value.source !== 'local') {
           delete value.need_update_password
         }
+        if ([MFALevel.allUsers, MFALevel.onlyAdminUsers].indexOf(value.mfa_level) > -1) {
+          delete value.mfa_level
+        }
         return value
       }
     }
@@ -231,11 +233,26 @@ export default {
       this.initial.org_roles = roles.filter(role => role.name === 'OrgUser').map(role => role.id)
     },
     disableMFAFieldIfNeed(user) {
+      let options = null
+      let mfa_level = null
       // SECURITY_MFA_AUTH 0 不开启 1 全局开启 2 管理员开启
+      const securityMFAAuth = store.getters.publicSettings['SECURITY_MFA_AUTH']
       const adminUserIsNeed = (user?.is_superuser || user?.is_org_admin) && this.$route.meta.action === 'update' &&
-        store.getters.publicSettings['SECURITY_MFA_AUTH'] === 2
-      if (store.getters.publicSettings['SECURITY_MFA_AUTH'] === 1 || adminUserIsNeed) {
-        this.fieldsMeta['mfa_level'].disabled = true
+        securityMFAAuth === MFASystemSetting.onlyAdminUsers
+      if (securityMFAAuth === MFASystemSetting.allUsers) {
+        options = [{ 'value': MFALevel.allUsers, 'label': this.$t('MFAAllUsers') }]
+        mfa_level = MFALevel.allUsers
+      }
+      if (securityMFAAuth === MFASystemSetting.onlyAdminUsers && adminUserIsNeed) {
+        options = [{
+          'value': MFALevel.onlyAdminUsers,
+          'label': this.$t('MFAOnlyAdminUsers')
+        }]
+        mfa_level = MFALevel.onlyAdminUsers
+      }
+      if (mfa_level !== null && options !== null) {
+        this.fieldsMeta['mfa_level'].options = options
+        this.initial.mfa_level = mfa_level
       }
     }
   }

src/views/users/User/UserList.vue

@@ -23,6 +23,8 @@ import { createSourceIdCache } from '@/api/common'
 import { getDayFuture } from '@/utils/time'
 import InviteUsersDialog from './components/InviteUsersDialog'
 import AmountFormatter from '@/components/Table/TableFormatters/AmountFormatter.vue'
+import store from '@/store'
+import { MFASystemSetting } from '../const'
 
 export default {
   components: {
@@ -65,7 +67,17 @@ export default {
             }
           },
           mfa_level: {
-            width: '130px'
+            width: '130px',
+            formatter: (row) => {
+              const securityMFAAuth = store.getters.publicSettings['SECURITY_MFA_AUTH']
+              if (securityMFAAuth === MFASystemSetting.allUsers) {
+                return this.$t('MFAAllUsers')
+              } else if (securityMFAAuth === MFASystemSetting.onlyAdminUsers && (row?.is_superuser || row?.is_org_admin)) {
+                return this.$t('MFAOnlyAdminUsers')
+              } else {
+                return row['mfa_level'].label
+              }
+            }
           },
           source: {
             width: '120px',

src/views/users/const.js

@@ -100,3 +100,13 @@ export const userJSONSelectMeta = (vm, withoutOrgRole = false) => {
     }
   }
 }
+export const MFALevel = {
+  allUsers: 3,
+  onlyAdminUsers: 4
+}
+
+export const MFASystemSetting = {
+  notEnable: 0,
+  allUsers: 1,
+  onlyAdminUsers: 2
+}