Details
-
Type: Improvement
-
Status: Resolved
-
Priority: Minor
-
Resolution: Obsolete
-
Affects Version/s: Current Version
-
Fix Version/s: None
-
Component/s: OIOIOI
-
Labels:None
Description
For security reason, add to contest settings option "Contests admins must have 2FA enabled.". Otherwise, their contest admin privileges will be revoked until they enable 2FA. They should see message that they need to enable 2FA while having activated contest to which they have admin privileges (analogous to: https://gerrit.sio2project.mimuw.edu.pl/#/c/2953/3/oioioi/base/templates/base.html).
PS following the rule "sum(security mechanisms) = min(security mechanisms)", consider if effective superusers should have revoked privileges or not (I guess effective superusers shouldn't be an exception).
PS following the rule "sum(security mechanisms) = min(security mechanisms)", consider if effective superusers should have revoked privileges or not (I guess effective superusers shouldn't be an exception).
Feel free to reopen it or create a new one if it's still relevant.