FEATURE: add site setting allow_new_registrations which can be used to block all new account registrations

This commit is contained in:
Neil Lalonde 2014-07-14 15:42:14 -04:00
parent ac3827f700
commit 766196af87
8 changed files with 57 additions and 1 deletions

View file

@ -37,7 +37,10 @@ export default Discourse.Controller.extend(Discourse.ModalFunctionality, {
}.property('loggingIn'), }.property('loggingIn'),
showSignupLink: function() { showSignupLink: function() {
return !Discourse.SiteSettings.invite_only && !this.get('loggingIn') && this.blank('authenticate'); return !Discourse.SiteSettings.invite_only &&
Discourse.SiteSettings.allow_new_registrations &&
!this.get('loggingIn') &&
this.blank('authenticate');
}.property('loggingIn', 'authenticate'), }.property('loggingIn', 'authenticate'),
showSpinner: function() { showSpinner: function() {

View file

@ -4,6 +4,7 @@ class InvitesController < ApplicationController
skip_before_filter :redirect_to_login_if_required skip_before_filter :redirect_to_login_if_required
before_filter :ensure_logged_in, only: [:destroy, :create, :check_csv_chunk, :upload_csv_chunk] before_filter :ensure_logged_in, only: [:destroy, :create, :check_csv_chunk, :upload_csv_chunk]
before_filter :ensure_new_registrations_allowed, only: [:show, :redeem_disposable_invite]
def show def show
invite = Invite.find_by(invite_key: params[:id]) invite = Invite.find_by(invite_key: params[:id])
@ -137,4 +138,11 @@ class InvitesController < ApplicationController
params[:email] params[:email]
end end
def ensure_new_registrations_allowed
unless SiteSetting.allow_new_registrations
flash[:error] = I18n.t('login.new_registrations_disabled')
render layout: 'no_js'
false
end
end
end end

View file

@ -146,6 +146,11 @@ class UsersController < ApplicationController
end end
def create def create
unless SiteSetting.allow_new_registrations
render json: { success: false, message: I18n.t("login.new_registrations_disabled") }
return
end
user = User.new(user_params) user = User.new(user_params)
authentication = UserAuthenticator.new(user, session) authentication = UserAuthenticator.new(user, session)

View file

@ -0,0 +1,7 @@
<div id='simple-container'>
<%if flash[:error]%>
<div class='alert alert-error'>
<%=flash[:error]%>
</div>
<%end%>
</div>

View file

@ -765,6 +765,7 @@ en:
sso_overrides_name: "Overrides local name with external site name from SSO payload (WARNING: discrepancies can occur due to normalization of local names)" sso_overrides_name: "Overrides local name with external site name from SSO payload (WARNING: discrepancies can occur due to normalization of local names)"
enable_local_logins: "Enable local username and password login based accounts. (Note: this must be enabled for invites to work)" enable_local_logins: "Enable local username and password login based accounts. (Note: this must be enabled for invites to work)"
allow_new_registrations: "Allow new user registrations. Uncheck this to prevent anyone from creating a new account."
enable_google_logins: "(deprecated) Enable Google authentication. This is the OpenID method of authentication which Google has deprecated. New installs will NOT work with this. Use Google Oauth2 instead. Existing installs must move to Google Oauth2 by April 20, 2015." enable_google_logins: "(deprecated) Enable Google authentication. This is the OpenID method of authentication which Google has deprecated. New installs will NOT work with this. Use Google Oauth2 instead. Existing installs must move to Google Oauth2 by April 20, 2015."
enable_yahoo_logins: "Enable Yahoo authentication" enable_yahoo_logins: "Enable Yahoo authentication"
@ -1058,6 +1059,7 @@ en:
something_already_taken: "Something went wrong, perhaps the username or email is already registered. Try the forgot password link." something_already_taken: "Something went wrong, perhaps the username or email is already registered. Try the forgot password link."
omniauth_error: "Sorry, there was an error authorizing your %{strategy} account. Perhaps you did not approve authorization?" omniauth_error: "Sorry, there was an error authorizing your %{strategy} account. Perhaps you did not approve authorization?"
omniauth_error_unknown: "Something went wrong processing your log in, please try again." omniauth_error_unknown: "Something went wrong processing your log in, please try again."
new_registrations_disabled: "New account registrations are not allowed at this time."
user: user:
username: username:

View file

@ -178,6 +178,9 @@ login:
enable_local_logins: enable_local_logins:
client: true client: true
default: true default: true
allow_new_registrations:
client: true
default: true
# The default value of enable_google_logins changed from true to false. # The default value of enable_google_logins changed from true to false.
# See db/migrate/20140521220115_google_openid_default_has_changed.rb # See db/migrate/20140521220115_google_openid_default_has_changed.rb
enable_google_logins: enable_google_logins:

View file

@ -148,6 +148,17 @@ describe InvitesController do
end end
context 'new registrations are disabled' do
let(:topic) { Fabricate(:topic) }
let(:invite) { topic.invite_by_email(topic.user, "iceking@adventuretime.ooo") }
before { SiteSetting.stubs(:allow_new_registrations).returns(false) }
it "doesn't redeem the invite" do
Invite.any_instance.stubs(:redeem).never
get :show, id: invite.invite_key
end
end
end end
context '.create_disposable_invite' do context '.create_disposable_invite' do

View file

@ -269,6 +269,7 @@ describe UsersController do
describe '#create' do describe '#create' do
before do before do
SiteSetting.stubs(:allow_new_registrations).returns(true)
@user = Fabricate.build(:user) @user = Fabricate.build(:user)
@user.password = "strongpassword" @user.password = "strongpassword"
DiscourseHub.stubs(:register_username).returns([true, nil]) DiscourseHub.stubs(:register_username).returns([true, nil])
@ -291,6 +292,14 @@ describe UsersController do
expect(response.status).to eq(500) expect(response.status).to eq(500)
end end
it 'returns an error when new registrations are disabled' do
SiteSetting.stubs(:allow_new_registrations).returns(false)
post_user
json = JSON.parse(response.body)
json['success'].should be_false
json['message'].should be_present
end
it 'creates a user correctly' do it 'creates a user correctly' do
Jobs.expects(:enqueue).with(:user_email, has_entries(type: :signup)) Jobs.expects(:enqueue).with(:user_email, has_entries(type: :signup))
User.any_instance.expects(:enqueue_welcome_message).with('welcome_user').never User.any_instance.expects(:enqueue_welcome_message).with('welcome_user').never
@ -355,6 +364,14 @@ describe UsersController do
expect(JSON.parse(response.body)['active']).to be_true expect(JSON.parse(response.body)['active']).to be_true
end end
it 'returns 500 status when new registrations are disabled' do
SiteSetting.stubs(:allow_new_registrations).returns(false)
post_user
json = JSON.parse(response.body)
json['success'].should be_false
json['message'].should be_present
end
context 'authentication records for' do context 'authentication records for' do
before do before do