Allow only internal registration (#15795)
* Add ALLOW_ONLY_INTERNAL_REGISTRATION into settings * OpenID respect setting too
This commit is contained in:
6543
GitHub
parent
e818e9150f
commit
a229e34387
9 changed files with 30 additions and 8 deletions
|
|
@ -617,7 +617,7 @@ func SignInOAuthCallback(ctx *context.Context) {
|
|||
}
|
||||
|
||||
if u == nil {
|
||||
if setting.OAuth2Client.EnableAutoRegistration {
|
||||
if !(setting.Service.DisableRegistration || setting.Service.AllowOnlyInternalRegistration) && setting.OAuth2Client.EnableAutoRegistration {
|
||||
// create new user with details from oauth2 provider
|
||||
var missingFields []string
|
||||
if gothUser.UserID == "" {
|
||||
|
|
@ -828,6 +828,7 @@ func LinkAccount(ctx *context.Context) {
|
|||
ctx.Data["RecaptchaSitekey"] = setting.Service.RecaptchaSitekey
|
||||
ctx.Data["HcaptchaSitekey"] = setting.Service.HcaptchaSitekey
|
||||
ctx.Data["DisableRegistration"] = setting.Service.DisableRegistration
|
||||
ctx.Data["AllowOnlyInternalRegistration"] = setting.Service.AllowOnlyInternalRegistration
|
||||
ctx.Data["ShowRegistrationButton"] = false
|
||||
|
||||
// use this to set the right link into the signIn and signUp templates in the link_account template
|
||||
|
|
@ -993,7 +994,7 @@ func LinkAccountPostRegister(ctx *context.Context) {
|
|||
return
|
||||
}
|
||||
|
||||
if setting.Service.DisableRegistration {
|
||||
if setting.Service.DisableRegistration || setting.Service.AllowOnlyInternalRegistration {
|
||||
ctx.Error(http.StatusForbidden)
|
||||
return
|
||||
}
|
||||
|
|
|
|||
|
|
@ -249,7 +249,7 @@ func signInOpenIDVerify(ctx *context.Context) {
|
|||
log.Error("signInOpenIDVerify: Unable to save changes to the session: %v", err)
|
||||
}
|
||||
|
||||
if u != nil || !setting.Service.EnableOpenIDSignUp {
|
||||
if u != nil || !setting.Service.EnableOpenIDSignUp || setting.Service.AllowOnlyInternalRegistration {
|
||||
ctx.Redirect(setting.AppSubURL + "/user/openid/connect")
|
||||
} else {
|
||||
ctx.Redirect(setting.AppSubURL + "/user/openid/register")
|
||||
|
|
@ -267,6 +267,7 @@ func ConnectOpenID(ctx *context.Context) {
|
|||
ctx.Data["PageIsSignIn"] = true
|
||||
ctx.Data["PageIsOpenIDConnect"] = true
|
||||
ctx.Data["EnableOpenIDSignUp"] = setting.Service.EnableOpenIDSignUp
|
||||
ctx.Data["AllowOnlyInternalRegistration"] = setting.Service.AllowOnlyInternalRegistration
|
||||
ctx.Data["OpenID"] = oid
|
||||
userName, _ := ctx.Session.Get("openid_determined_username").(string)
|
||||
if userName != "" {
|
||||
|
|
@ -328,6 +329,7 @@ func RegisterOpenID(ctx *context.Context) {
|
|||
ctx.Data["PageIsSignIn"] = true
|
||||
ctx.Data["PageIsOpenIDRegister"] = true
|
||||
ctx.Data["EnableOpenIDSignUp"] = setting.Service.EnableOpenIDSignUp
|
||||
ctx.Data["AllowOnlyInternalRegistration"] = setting.Service.AllowOnlyInternalRegistration
|
||||
ctx.Data["EnableCaptcha"] = setting.Service.EnableCaptcha
|
||||
ctx.Data["Captcha"] = context.GetImageCaptcha()
|
||||
ctx.Data["CaptchaType"] = setting.Service.CaptchaType
|
||||
|
|
@ -367,6 +369,11 @@ func RegisterOpenIDPost(ctx *context.Context) {
|
|||
ctx.Data["HcaptchaSitekey"] = setting.Service.HcaptchaSitekey
|
||||
ctx.Data["OpenID"] = oid
|
||||
|
||||
if setting.Service.AllowOnlyInternalRegistration {
|
||||
ctx.Error(http.StatusForbidden)
|
||||
return
|
||||
}
|
||||
|
||||
if setting.Service.EnableCaptcha {
|
||||
var valid bool
|
||||
var err error
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue