diff --git a/controller/registercontroller.php b/controller/registercontroller.php
index 2112e3a..9132681 100644
--- a/controller/registercontroller.php
+++ b/controller/registercontroller.php
@@ -149,7 +149,17 @@ class RegisterController extends Controller {
], 'guest');
}
- return $this->registrationService->loginUser($user->getUID(), $username, $password, false);
+ if ($user->isEnabled()) {
+ // log the user
+ return $this->registrationService->loginUser($user->getUID(), $username, $password, false);
+ } else {
+ // warn the user their account needs admin validation
+ return new TemplateResponse(
+ 'registration',
+ 'message',
+ array('msg' => $this->l10n->t("Your account has been successfully created, but it still needs approval from an administrator.")),
+ 'guest');
+ }
}
private function renderError($error, $hint="") {
diff --git a/controller/settingscontroller.php b/controller/settingscontroller.php
index f01eadc..0252317 100644
--- a/controller/settingscontroller.php
+++ b/controller/settingscontroller.php
@@ -47,14 +47,21 @@ class SettingsController extends Controller {
*
* @param string $registered_user_group all newly registered user will be put in this group
* @param string $allowed_domains Registrations are only allowed for E-Mailadresses with these domains
+ * @param bool $admin_approval_required newly registered users have to be validated by an admin
* @return DataResponse
*/
- public function admin($registered_user_group, $allowed_domains) {
+ public function admin($registered_user_group, $allowed_domains, $admin_approval_required) {
+ // handle domains
if ( ( $allowed_domains==='' ) || ( $allowed_domains === NULL ) ){
$this->config->deleteAppValue($this->appName, 'allowed_domains');
}else{
$this->config->setAppValue($this->appName, 'allowed_domains', $allowed_domains);
}
+
+ // handle admin validation
+ $this->config->setAppValue($this->appName, 'admin_approval_required', $admin_approval_required ? "yes" : "no");
+
+ // handle groups
$groups = $this->groupmanager->search('');
$group_id_list = array();
foreach ( $groups as $group ) {
@@ -92,17 +99,25 @@ class SettingsController extends Controller {
* @return TemplateResponse
*/
public function displayPanel() {
+ // handle groups
$groups = $this->groupmanager->search('');
$group_id_list = [];
foreach ( $groups as $group ) {
$group_id_list[] = $group->getGid();
}
$current_value = $this->config->getAppValue($this->appName, 'registered_user_group', 'none');
+
+ // handle domains
$allowed_domains = $this->config->getAppValue($this->appName, 'allowed_domains', '');
+
+ // handle admin validation
+ $admin_approval_required = $this->config->getAppValue($this->appName, 'admin_approval_required', "no");
+
return new TemplateResponse('registration', 'admin', [
'groups' => $group_id_list,
'current' => $current_value,
- 'allowed' => $allowed_domains
+ 'allowed' => $allowed_domains,
+ 'approval_required' => $admin_approval_required
], '');
}
}
diff --git a/l10n/de.js b/l10n/de.js
index a5f8233..ed79558 100644
--- a/l10n/de.js
+++ b/l10n/de.js
@@ -38,6 +38,9 @@ OC.L10N.register(
"Email" : "E-Mail",
"Request verification link" : "Bestätigungslink anfragen",
"Please re-enter a valid email address" : "Bitte nochmals eine gültige E-Mail-Adresse angeben",
- "You will receive an email with a verification link" : "Du wirst eine E-Mail mit einem Bestätigungslink erhalten"
+ "You will receive an email with a verification link" : "Du wirst eine E-Mail mit einem Bestätigungslink erhalten",
+ "A new user \"%s\" has created an account on %s and awaits admin approbation" : "Ein neuer Benutzer \"%s\" hat ein Konto auf %s erstellt und erwarte den Administrator Approbation ",
+ "Your account has been successfully created, but it still needs approval from an administrator." : "Ihr Konto wurde erfolgreich erstellt, aber es muss von einem Administrator genehmigt werden.",
+ "Require admin approval?" : "Ist der Administrator Approbation erforderlich?"
},
"nplurals=2; plural=(n != 1);");
diff --git a/l10n/de.json b/l10n/de.json
index f52c182..7aca01f 100644
--- a/l10n/de.json
+++ b/l10n/de.json
@@ -36,6 +36,9 @@
"Email" : "E-Mail",
"Request verification link" : "Bestätigungslink anfragen",
"Please re-enter a valid email address" : "Bitte nochmals eine gültige E-Mail-Adresse angeben",
- "You will receive an email with a verification link" : "Du wirst eine E-Mail mit einem Bestätigungslink erhalten"
+ "You will receive an email with a verification link" : "Du wirst eine E-Mail mit einem Bestätigungslink erhalten",
+ "A new user \"%s\" has created an account on %s and awaits admin approbation" : "Ein neuer Benutzer \"%s\" hat ein Konto auf %s erstellt und erwarte den Administrator Approbation ",
+ "Your account has been successfully created, but it still needs approval from an administrator." : "Ihr Konto wurde erfolgreich erstellt, aber es muss von einem Administrator genehmigt werden.",
+ "Require admin approval?" : "Ist der Administrator Approbation erforderlich?"
},"pluralForm" :"nplurals=2; plural=(n != 1);"
-}
\ No newline at end of file
+}
diff --git a/l10n/fr.js b/l10n/fr.js
index bb2a4da..1e36187 100644
--- a/l10n/fr.js
+++ b/l10n/fr.js
@@ -30,6 +30,9 @@ OC.L10N.register(
"Email" : "Adresse courriel",
"Request verification link" : "Demander un lien de vérification.",
"Please re-enter a valid email address" : "Veuillez indiquer une adresse courriel valide",
- "You will receive an email with a verification link" : "Vous allez recevoir un courriel avec un lien de vérification"
+ "You will receive an email with a verification link" : "Vous allez recevoir un courriel avec un lien de vérification",
+ "A new user \"%s\" has created an account on %s and awaits admin approbation" : "Un nouvel utilisateur \"%s\" a créé un compte sur %s et attend l'approbation d'un administrateur",
+ "Your account has been successfully created, but it still needs approval from an administrator." : "Votre compte a bien été créé, il doit maintenant être approuvé par un administrateur.",
+ "Require admin approval?" : "Nécessite l'approbation d'un administrateur ?"
},
"nplurals=2; plural=(n > 1);");
diff --git a/l10n/fr.json b/l10n/fr.json
index 89d800a..6328e81 100644
--- a/l10n/fr.json
+++ b/l10n/fr.json
@@ -28,6 +28,9 @@
"Email" : "Adresse courriel",
"Request verification link" : "Demander un lien de vérification.",
"Please re-enter a valid email address" : "Veuillez indiquer une adresse courriel valide",
- "You will receive an email with a verification link" : "Vous allez recevoir un courriel avec un lien de vérification"
+ "You will receive an email with a verification link" : "Vous allez recevoir un courriel avec un lien de vérification",
+ "A new user \"%s\" has created an account on %s and awaits admin approbation" : "Un nouvel utilisateur \"%s\" a créé un compte sur %s et attend l'approbation d'un administrateur",
+ "Your account has been successfully created, but it still needs approval from an administrator." : "Votre compte a bien été créé, il doit maintenant être approuvé par un administrateur.",
+ "Require admin approval?" : "Nécessite l'approbation d'un administrateur ?"
},"pluralForm" :"nplurals=2; plural=(n > 1);"
-}
\ No newline at end of file
+}
diff --git a/l10n/ja.js b/l10n/ja.js
index c5a5ff5..80d2cd2 100644
--- a/l10n/ja.js
+++ b/l10n/ja.js
@@ -30,6 +30,9 @@ OC.L10N.register(
"Email" : "メール",
"Request verification link" : "確認URLリンクをリクエスト",
"Please re-enter a valid email address" : "有効なメールアドレスを再度入力してください。",
- "You will receive an email with a verification link" : "確認URLの入ったメールをお送り致します。"
+ "You will receive an email with a verification link" : "確認URLの入ったメールをお送り致します。",
+ "A new user \"%s\" has created an account on %s and awaits admin approbation" : "新しいユーザー \"%s\" を アカウント名 \"%s\" として作成しました、今管理者の承認は必要です",
+ "Your account has been successfully created, but it still needs approval from an administrator." : "アカウントは作成成功しましたけど、管理者の承認は必要です。",
+ "Require admin approval?" : "管理者の承認は必要ですか"
},
"nplurals=1; plural=0;");
diff --git a/l10n/ja.json b/l10n/ja.json
index b7b1094..91af2c4 100644
--- a/l10n/ja.json
+++ b/l10n/ja.json
@@ -28,6 +28,9 @@
"Email" : "メール",
"Request verification link" : "確認URLリンクをリクエスト",
"Please re-enter a valid email address" : "有効なメールアドレスを再度入力してください。",
- "You will receive an email with a verification link" : "確認URLの入ったメールをお送り致します。"
+ "You will receive an email with a verification link" : "確認URLの入ったメールをお送り致します。",
+ "A new user \"%s\" has created an account on %s and awaits admin approbation" : "新しいユーザー \"%s\" を アカウント名 \"%s\" として作成しました、今管理者の承認は必要です",
+ "Your account has been successfully created, but it still needs approval from an administrator." : "アカウントは作成成功しましたけど、管理者の承認は必要です。",
+ "Require admin approval?" : "管理者の承認は必要ですか"
},"pluralForm" :"nplurals=1; plural=0;"
-}
\ No newline at end of file
+}
diff --git a/service/mailservice.php b/service/mailservice.php
index 25448ac..a9b0e57 100644
--- a/service/mailservice.php
+++ b/service/mailservice.php
@@ -106,10 +106,25 @@ class MailService {
/**
* @param string $userId
+ * @param string $userGroupId
+ * @param bool $userIsEnabled
*/
- public function notifyAdmins($userId) {
+ public function notifyAdmins($userId, $userIsEnabled, $userGroupId) {
// Notify admin
$admin_users = $this->groupManager->get('admin')->getUsers();
+
+ // if the user is disabled and belongs to a group
+ // add subadmins of this group to notification list
+ if (!$userIsEnabled and $userGroupId) {
+ $group = $this->groupManager->get($userGroupId);
+ $subadmin_users = $this->groupManager->getSubAdmin()->getGroupsSubAdmins($group);
+ foreach ($subadmin_users as $user) {
+ if (!in_array($user, $admin_users)) {
+ $admin_users[] = $user;
+ }
+ }
+ }
+
$to_arr = array();
foreach ( $admin_users as $au ) {
$au_email = $au->getEMailAddress();
@@ -118,7 +133,7 @@ class MailService {
}
}
try {
- $this->sendNewUserNotifEmail($to_arr, $userId);
+ $this->sendNewUserNotifEmail($to_arr, $userId, $userIsEnabled);
} catch (\Exception $e) {
$this->logger->error('Sending admin notification email failed: '. $e->getMessage());
}
@@ -128,16 +143,27 @@ class MailService {
* Sends new user notification email to admin
* @param array $to
* @param string $username the new user
+ * @param bool $userIsEnabled the new user account is enabled
* @throws \Exception
*/
- private function sendNewUserNotifEmail(array $to, $username) {
+ private function sendNewUserNotifEmail(array $to, $username, $userIsEnabled) {
$template_var = [
'user' => $username,
'sitename' => $this->defaults->getName()
];
- $html_template = new TemplateResponse('registration', 'email.newuser_html', $template_var, 'blank');
+
+ // handle user enableness
+ if ($userIsEnabled) {
+ $html_template_file = 'email.newuser_html';
+ $plaintext_template_file = 'email.newuser_plaintext';
+ } else {
+ $html_template_file = 'email.newuser.disabled_html';
+ $plaintext_template_file = 'email.newuser.disabled_plaintext';
+ }
+
+ $html_template = new TemplateResponse('registration', $html_template_file, $template_var, 'blank');
$html_part = $html_template->render();
- $plaintext_template = new TemplateResponse('registration', 'email.newuser_plaintext', $template_var, 'blank');
+ $plaintext_template = new TemplateResponse('registration', $plaintext_template_file, $template_var, 'blank');
$plaintext_part = $plaintext_template->render();
$subject = $this->l10n->t('A new user "%s" has created an account on %s', [$username, $this->defaults->getName()]);
diff --git a/service/registrationservice.php b/service/registrationservice.php
index bf4c67f..20f4e8c 100644
--- a/service/registrationservice.php
+++ b/service/registrationservice.php
@@ -288,9 +288,18 @@ class RegistrationService {
try {
$group = $this->groupManager->get($registered_user_group);
$group->addUser($user);
+ $groupId = $group->getGID();
} catch (\Exception $e) {
throw new RegistrationException($e->getMessage());
}
+ } else {
+ $groupId = "";
+ }
+
+ // disable user if this is requested by config
+ $admin_approval_required = $this->config->getAppValue($this->appName, 'admin_approval_required', "no");
+ if ($admin_approval_required == "yes") {
+ $user->setEnabled(false);
}
// Delete pending registration if no client secret is stored
@@ -301,7 +310,7 @@ class RegistrationService {
}
}
- $this->mailService->notifyAdmins($userId);
+ $this->mailService->notifyAdmins($userId, $user->isEnabled(), $groupId);
return $user;
}
diff --git a/templates/admin.php b/templates/admin.php
index 8695603..8641035 100644
--- a/templates/admin.php
+++ b/templates/admin.php
@@ -23,4 +23,9 @@ foreach ( $_['groups'] as $group ) {
t('Enter a semicolon-separated list of allowed domains. Example: owncloud.com;github.com'));?>
+
+
+
diff --git a/templates/email.newuser.disabled_html.php b/templates/email.newuser.disabled_html.php
new file mode 100644
index 0000000..6407ffb
--- /dev/null
+++ b/templates/email.newuser.disabled_html.php
@@ -0,0 +1,2 @@
+t('A new user "%s" has created an account on %s and awaits admin approbation', [$_['user'], $_['sitename']]);
diff --git a/templates/email.newuser.disabled_plaintext.php b/templates/email.newuser.disabled_plaintext.php
new file mode 100644
index 0000000..6407ffb
--- /dev/null
+++ b/templates/email.newuser.disabled_plaintext.php
@@ -0,0 +1,2 @@
+t('A new user "%s" has created an account on %s and awaits admin approbation', [$_['user'], $_['sitename']]);