Add new user types reserved, bot, and remote (#24026)

This allows for usernames, and emails connected to them to be reserved
and not reused.

Use case, I manage an instance with open registration, and sometimes
when users are deleted for spam (or other purposes), their usernames are
freed up and they sign up again with the same information.

This could also be used to reserve usernames, and block them from being
registered (in case an instance would like to block certain things
without hardcoding the list in code and compiling from scratch).

This is an MVP, that will allow for future work where you can set
something as reserved via the interface.

---------

Co-authored-by: delvh <dev.lh@web.de>
Co-authored-by: John Olheiser <john.olheiser@gmail.com>
This commit is contained in:
techknowlogick 2023-04-17 12:36:50 -04:00 committed by GitHub
parent f20057271d
commit 1819c4b59b
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
2 changed files with 23 additions and 1 deletions

View file

@ -41,6 +41,18 @@ const (
// UserTypeOrganization defines an organization // UserTypeOrganization defines an organization
UserTypeOrganization UserTypeOrganization
// UserTypeReserved reserves a (non-existing) user, i.e. to prevent a spam user from re-registering after being deleted, or to reserve the name until the user is actually created later on
UserTypeUserReserved
// UserTypeOrganizationReserved reserves a (non-existing) organization, to be used in combination with UserTypeUserReserved
UserTypeOrganizationReserved
// UserTypeBot defines a bot user
UserTypeBot
// UserTypeRemoteUser defines a remote user for federated users
UserTypeRemoteUser
) )
const ( const (
@ -312,6 +324,7 @@ func GetUserFollowers(ctx context.Context, u, viewer *User, listOptions db.ListO
Select("`user`.*"). Select("`user`.*").
Join("LEFT", "follow", "`user`.id=follow.user_id"). Join("LEFT", "follow", "`user`.id=follow.user_id").
Where("follow.follow_id=?", u.ID). Where("follow.follow_id=?", u.ID).
And("`user`.type=?", UserTypeIndividual).
And(isUserVisibleToViewerCond(viewer)) And(isUserVisibleToViewerCond(viewer))
if listOptions.Page != 0 { if listOptions.Page != 0 {
@ -333,6 +346,7 @@ func GetUserFollowing(ctx context.Context, u, viewer *User, listOptions db.ListO
Select("`user`.*"). Select("`user`.*").
Join("LEFT", "follow", "`user`.id=follow.follow_id"). Join("LEFT", "follow", "`user`.id=follow.follow_id").
Where("follow.user_id=?", u.ID). Where("follow.user_id=?", u.ID).
And("`user`.type=?", UserTypeIndividual).
And(isUserVisibleToViewerCond(viewer)) And(isUserVisibleToViewerCond(viewer))
if listOptions.Page != 0 { if listOptions.Page != 0 {
@ -959,7 +973,7 @@ func GetUserByName(ctx context.Context, name string) (*User, error) {
if len(name) == 0 { if len(name) == 0 {
return nil, ErrUserNotExist{0, name, 0} return nil, ErrUserNotExist{0, name, 0}
} }
u := &User{LowerName: strings.ToLower(name)} u := &User{LowerName: strings.ToLower(name), Type: UserTypeIndividual}
has, err := db.GetEngine(ctx).Get(u) has, err := db.GetEngine(ctx).Get(u)
if err != nil { if err != nil {
return nil, err return nil, err

View file

@ -40,5 +40,13 @@ func Authenticate(user *user_model.User, login, password string) (*user_model.Us
} }
} }
// attempting to login as a non-user account
if user.Type != user_model.UserTypeIndividual {
return nil, user_model.ErrUserProhibitLogin{
UID: user.ID,
Name: user.Name,
}
}
return user, nil return user, nil
} }