[5.x]: Non-admin users cant't create 2FA connection

[smnedelko]

What happened?

Description

If the user is not an administrator and has CP login rights, an error appears after scanning the 2FA QR and entering the code. Tested with Goggle Authenticator on Android and iPhone. For Android the QR code is modified as specified in #16552 (removed spaces from the url). The problem doesn't occur all the time.

Steps to reproduce

1. Enable 2FA authentication
2. Create a non-administrator user using the CP or console
3. Add CP login permissions for the user

3. Login to the created user account.
4. Scan QR code with Google Authenticator app on iPhone. On Android modify the QR code as mentioned in [5.x]: Google Authenticator app shows dashes for 2FA (Two-Factor auth issue) #16552.
5. Enter the code from the app.
6. The error appears.

Expected behavior

The user should connect the 2FA code and login to the account.

Actual behavior

The permission denied error appears.

Craft CMS version

5.6.1

PHP version

8.2.26

Operating system and version

No response

Database type and version

No response

Image driver and version

No response

Installed plugins and versions

No response

[i-just]

Hi, thanks for reaching out! Can you please post a stack trace for this error?

[Romanavr]

Hi @i-just

I think there is a big misunderstanding because the translation for our customer language is wrong:

We came across this error when we tried to add TOTP. And since our website is in the Dutch language (NL), we thought from the error text that it had something to do with administrator rights.

However, after checking the code for the TOTP service, I found no reference to administrator rights. I checked the translation for the “elevated session” and found that it contains a text for the NL that means you have problems with your administrator rights.
Obviously the problem was in the elevated session and not with the administrator rights.

I would ask you to check this for the NL version, and it is probably worth doing this for other languages as well.

cms/src/translations/nl/app.php

Line 1708 in 951b907

'This action may only be performed with an elevated session.' => 'Deze handeling mag alleen uitgevoerd worden als administrator.',

'This action may only be performed with an elevated session.' => 'Deze handeling mag alleen uitgevoerd worden als administrator.',

[brandonkelly]

@Romanavr Can you provide a better translation?

[Romanavr]

@Romanavr Can you provide a better translation?

@brandonkelly

I asked my native Dutch-speaking colleague and he said that this option should be understandable:
"Deze actie kan alleen worden uitgevoerd met een elevated session."

Just in case, I checked it in my native language (RU) and everything looks good.
So, If it's not a big secret, how do you translate these phrases into other languages?
With the help of the community or with automatic tools like Google, DeepL, ChatGPT, etc.?

[brandonkelly]

Thank you! I’ve updated the translation for the next release.

Translation work is primarily provided by Alconost, but the community can suggest better translations either here on GitHub or via CrowdIn (translate.craftcms.com).

[Romanavr]

Thank you! I’ve updated the translation for the next release.

Translation work is primarily provided by Alconost, but the community can suggest better translations either here on GitHub or via CrowdIn (translate.craftcms.com).

Nice, thanks!