def response_domain_security(domain, new_plan_version):
"""
turn off any domain enforced security features and alert user of deactivated features
"""
two_factor = domain.two_factor_auth
secure_sessions = domain.secure_sessions
strong_mobile_passwords = domain.strong_mobile_passwords
msgs = []
if secure_sessions:
msgs.append(
_("Your project has enabled a {} minute session timeout setting. "
"By changing to a different plan, you will lose the ability to "
"enforce this shorter timeout policy.").format(
Domain.secure_timeout(domain.name)))
if two_factor:
msgs.append(
_("Two factor authentication is currently required of all of your "
"web users for this project space. By changing to a different "
"plan you will lose the ability to enforce this requirement. "
"However, any web user who still wants to use two factor "
"authentication will be able to continue using it."))
if strong_mobile_passwords:
msgs.append(
_("Your project currently requires all mobile workers to have "
"strong passwords. By changing to a different plan, you will "
"lose the ability to enforce these password requirements."))
if msgs:
return _fmt_alert(
_("The following security features will be affected if you select this plan:"
), msgs)
