nhyatt/bitwarden
1
0
Fork 0
mirror of https://github.com/bitwarden/server.git synced 2025-06-30 23:52:50 -05:00
Code Activity

Auth/PM-10130 - Registration with Email Verification - Respect Self-hosted Disable Open Registration flag (#4561)

Browse Source 
* PM-10130 - Registration with email verification - respect self hosted disable open registration setting properly in non-org invite scenarios.

* PM-10130 - Fix unit tests.

* PM-10130 - Update integration tests.
This commit is contained in:
Jared Snider
2024-07-26 13:30:47 -04:00
committed by GitHub
parent f9017f8e8c
commit 54bd5fa894
6 changed files with 113 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

16
src/Core/Auth/UserFeatures/Registration/Implementations/RegisterUserCommand.cs
View File

@ -37,6 +37,8 @@ public class RegisterUserCommand : IRegisterUserCommand
private readonly IUserService _userService;
private readonly IMailService _mailService;
private readonly string _disabledUserRegistrationExceptionMsg = "Open registration has been disabled by the system administrator.";
public RegisterUserCommand(
IGlobalSettings globalSettings,
IOrganizationUserRepository organizationUserRepository,
@ -124,8 +126,6 @@ public class RegisterUserCommand : IRegisterUserCommand
private void ValidateOrgInviteToken(string orgInviteToken, Guid? orgUserId, User user)
{
const string disabledUserRegistrationExceptionMsg = "Open registration has been disabled by the system administrator.";
var orgInviteTokenProvided = !string.IsNullOrWhiteSpace(orgInviteToken);
if (orgInviteTokenProvided && orgUserId.HasValue)
@ -140,7 +140,7 @@ public class RegisterUserCommand : IRegisterUserCommand
if (_globalSettings.DisableUserRegistration)
{
throw new BadRequestException(disabledUserRegistrationExceptionMsg);
throw new BadRequestException(_disabledUserRegistrationExceptionMsg);
}
throw new BadRequestException("Organization invite token is invalid.");
@ -152,7 +152,7 @@ public class RegisterUserCommand : IRegisterUserCommand
// as you can't register without them.
if (_globalSettings.DisableUserRegistration)
{
throw new BadRequestException(disabledUserRegistrationExceptionMsg);
throw new BadRequestException(_disabledUserRegistrationExceptionMsg);
}
// Open registration is allowed
@ -233,6 +233,14 @@ public class RegisterUserCommand : IRegisterUserCommand
public async Task<IdentityResult> RegisterUserViaEmailVerificationToken(User user, string masterPasswordHash,
string emailVerificationToken)
{
// We validate open registration on send of initial email and here b/c a user could technically start the
// account creation process while open registration is enabled and then finish it after it has been
// disabled by the self hosted admin.
if (_globalSettings.DisableUserRegistration)
{
throw new BadRequestException(_disabledUserRegistrationExceptionMsg);
}
var tokenable = ValidateRegistrationEmailVerificationTokenable(emailVerificationToken, user.Email);
user.EmailVerified = true;

5
src/Core/Auth/UserFeatures/Registration/Implementations/SendVerificationEmailForRegistrationCommand.cs
View File

@ -39,6 +39,11 @@ public class SendVerificationEmailForRegistrationCommand : ISendVerificationEmai
public async Task<string?> Run(string email, string? name, bool receiveMarketingEmails)
{
if (_globalSettings.DisableUserRegistration)
{
throw new BadRequestException("Open registration has been disabled by the system administrator.");
}
if (string.IsNullOrWhiteSpace(email))
{
throw new ArgumentNullException(nameof(email));