don't allow self registration of accounts where first name = last name (#48162)
This commit is contained in:
parent
564291559f
commit
6be11d73c7
1
init.rb
1
init.rb
|
@ -5,6 +5,7 @@ require_dependency 'project_model_patch'
|
|||
require_dependency 'mailer_patch'
|
||||
require_dependency 'attachments_controller_patch'
|
||||
require_dependency 'git_adapter_patch'
|
||||
require_dependency 'account_controller_patch'
|
||||
|
||||
Redmine::Plugin.register :redmine_entrouvert do
|
||||
name 'Redmine Entr\'ouvert plugin'
|
||||
|
|
|
@ -0,0 +1,53 @@
|
|||
module AccountControllerNameCheckPatch
|
||||
def self.included(base)
|
||||
base.class_eval do
|
||||
def register
|
||||
(redirect_to(home_url); return) unless Setting.self_registration? || session[:auth_source_registration]
|
||||
if request.get?
|
||||
session[:auth_source_registration] = nil
|
||||
@user = User.new(:language => current_language.to_s)
|
||||
else
|
||||
user_params = params[:user] || {}
|
||||
@user = User.new
|
||||
@user.safe_attributes = user_params
|
||||
@user.pref.attributes = params[:pref] if params[:pref]
|
||||
@user.admin = false
|
||||
if @user.firstname == @user.lastname
|
||||
# common spam pattern
|
||||
flash[:error] = "Error registering account."
|
||||
redirect_to home_url
|
||||
return
|
||||
end
|
||||
@user.register
|
||||
if session[:auth_source_registration]
|
||||
@user.activate
|
||||
@user.login = session[:auth_source_registration][:login]
|
||||
@user.auth_source_id = session[:auth_source_registration][:auth_source_id]
|
||||
if @user.save
|
||||
session[:auth_source_registration] = nil
|
||||
self.logged_user = @user
|
||||
flash[:notice] = l(:notice_account_activated)
|
||||
redirect_to my_account_path
|
||||
end
|
||||
else
|
||||
@user.login = params[:user][:login]
|
||||
unless user_params[:identity_url].present? && user_params[:password].blank? && user_params[:password_confirmation].blank?
|
||||
@user.password, @user.password_confirmation = user_params[:password], user_params[:password_confirmation]
|
||||
end
|
||||
|
||||
case Setting.self_registration
|
||||
when '1'
|
||||
register_by_email_activation(@user)
|
||||
when '3'
|
||||
register_automatically(@user)
|
||||
else
|
||||
register_manually_by_administrator(@user)
|
||||
end
|
||||
end
|
||||
end
|
||||
end
|
||||
end
|
||||
end
|
||||
end
|
||||
|
||||
AccountController.send(:include, AccountControllerNameCheckPatch)
|
Reference in New Issue