Merge pull request #105 from Neraste/admin-validation-simple
New Feature: Optionally require an admin to approve the registration − new implementation
This commit is contained in:
Pellaeon Lin
GitHub
commit
3903e36b25
|
|
@ -149,7 +149,17 @@ class RegisterController extends Controller {
|
|||
], 'guest');
|
||||
}
|
||||
|
||||
return $this->registrationService->loginUser($user->getUID(), $username, $password, false);
|
||||
if ($user->isEnabled()) {
|
||||
// log the user
|
||||
return $this->registrationService->loginUser($user->getUID(), $username, $password, false);
|
||||
} else {
|
||||
// warn the user their account needs admin validation
|
||||
return new TemplateResponse(
|
||||
'registration',
|
||||
'message',
|
||||
array('msg' => $this->l10n->t("Your account has been successfully created, but it still needs approval from an administrator.")),
|
||||
'guest');
|
||||
}
|
||||
}
|
||||
|
||||
private function renderError($error, $hint="") {
|
||||
|
|
|
|||
|
|
@ -47,14 +47,21 @@ class SettingsController extends Controller {
|
|||
*
|
||||
* @param string $registered_user_group all newly registered user will be put in this group
|
||||
* @param string $allowed_domains Registrations are only allowed for E-Mailadresses with these domains
|
||||
* @param bool $admin_approval_required newly registered users have to be validated by an admin
|
||||
* @return DataResponse
|
||||
*/
|
||||
public function admin($registered_user_group, $allowed_domains) {
|
||||
public function admin($registered_user_group, $allowed_domains, $admin_approval_required) {
|
||||
// handle domains
|
||||
if ( ( $allowed_domains==='' ) || ( $allowed_domains === NULL ) ){
|
||||
$this->config->deleteAppValue($this->appName, 'allowed_domains');
|
||||
}else{
|
||||
$this->config->setAppValue($this->appName, 'allowed_domains', $allowed_domains);
|
||||
}
|
||||
|
||||
// handle admin validation
|
||||
$this->config->setAppValue($this->appName, 'admin_approval_required', $admin_approval_required ? "yes" : "no");
|
||||
|
||||
// handle groups
|
||||
$groups = $this->groupmanager->search('');
|
||||
$group_id_list = array();
|
||||
foreach ( $groups as $group ) {
|
||||
|
|
@ -92,17 +99,25 @@ class SettingsController extends Controller {
|
|||
* @return TemplateResponse
|
||||
*/
|
||||
public function displayPanel() {
|
||||
// handle groups
|
||||
$groups = $this->groupmanager->search('');
|
||||
$group_id_list = [];
|
||||
foreach ( $groups as $group ) {
|
||||
$group_id_list[] = $group->getGid();
|
||||
}
|
||||
$current_value = $this->config->getAppValue($this->appName, 'registered_user_group', 'none');
|
||||
|
||||
// handle domains
|
||||
$allowed_domains = $this->config->getAppValue($this->appName, 'allowed_domains', '');
|
||||
|
||||
// handle admin validation
|
||||
$admin_approval_required = $this->config->getAppValue($this->appName, 'admin_approval_required', "no");
|
||||
|
||||
return new TemplateResponse('registration', 'admin', [
|
||||
'groups' => $group_id_list,
|
||||
'current' => $current_value,
|
||||
'allowed' => $allowed_domains
|
||||
'allowed' => $allowed_domains,
|
||||
'approval_required' => $admin_approval_required
|
||||
], '');
|
||||
}
|
||||
}
|
||||
|
|
|
|||
|
|
@ -38,6 +38,9 @@ OC.L10N.register(
|
|||
"Email" : "E-Mail",
|
||||
"Request verification link" : "Bestätigungslink anfragen",
|
||||
"Please re-enter a valid email address" : "Bitte nochmals eine gültige E-Mail-Adresse angeben",
|
||||
"You will receive an email with a verification link" : "Du wirst eine E-Mail mit einem Bestätigungslink erhalten"
|
||||
"You will receive an email with a verification link" : "Du wirst eine E-Mail mit einem Bestätigungslink erhalten",
|
||||
"A new user \"%s\" has created an account on %s and awaits admin approbation" : "Ein neuer Benutzer \"%s\" hat ein Konto auf %s erstellt und erwarte den Administrator Approbation ",
|
||||
"Your account has been successfully created, but it still needs approval from an administrator." : "Ihr Konto wurde erfolgreich erstellt, aber es muss von einem Administrator genehmigt werden.",
|
||||
"Require admin approval?" : "Ist der Administrator Approbation erforderlich?"
|
||||
},
|
||||
"nplurals=2; plural=(n != 1);");
|
||||
|
|
|
|||
|
|
@ -36,6 +36,9 @@
|
|||
"Email" : "E-Mail",
|
||||
"Request verification link" : "Bestätigungslink anfragen",
|
||||
"Please re-enter a valid email address" : "Bitte nochmals eine gültige E-Mail-Adresse angeben",
|
||||
"You will receive an email with a verification link" : "Du wirst eine E-Mail mit einem Bestätigungslink erhalten"
|
||||
"You will receive an email with a verification link" : "Du wirst eine E-Mail mit einem Bestätigungslink erhalten",
|
||||
"A new user \"%s\" has created an account on %s and awaits admin approbation" : "Ein neuer Benutzer \"%s\" hat ein Konto auf %s erstellt und erwarte den Administrator Approbation ",
|
||||
"Your account has been successfully created, but it still needs approval from an administrator." : "Ihr Konto wurde erfolgreich erstellt, aber es muss von einem Administrator genehmigt werden.",
|
||||
"Require admin approval?" : "Ist der Administrator Approbation erforderlich?"
|
||||
},"pluralForm" :"nplurals=2; plural=(n != 1);"
|
||||
}
|
||||
}
|
||||
|
|
|
|||
|
|
@ -30,6 +30,9 @@ OC.L10N.register(
|
|||
"Email" : "Adresse courriel",
|
||||
"Request verification link" : "Demander un lien de vérification.",
|
||||
"Please re-enter a valid email address" : "Veuillez indiquer une adresse courriel valide",
|
||||
"You will receive an email with a verification link" : "Vous allez recevoir un courriel avec un lien de vérification"
|
||||
"You will receive an email with a verification link" : "Vous allez recevoir un courriel avec un lien de vérification",
|
||||
"A new user \"%s\" has created an account on %s and awaits admin approbation" : "Un nouvel utilisateur \"%s\" a créé un compte sur %s et attend l'approbation d'un administrateur",
|
||||
"Your account has been successfully created, but it still needs approval from an administrator." : "Votre compte a bien été créé, il doit maintenant être approuvé par un administrateur.",
|
||||
"Require admin approval?" : "Nécessite l'approbation d'un administrateur ?"
|
||||
},
|
||||
"nplurals=2; plural=(n > 1);");
|
||||
|
|
|
|||
|
|
@ -28,6 +28,9 @@
|
|||
"Email" : "Adresse courriel",
|
||||
"Request verification link" : "Demander un lien de vérification.",
|
||||
"Please re-enter a valid email address" : "Veuillez indiquer une adresse courriel valide",
|
||||
"You will receive an email with a verification link" : "Vous allez recevoir un courriel avec un lien de vérification"
|
||||
"You will receive an email with a verification link" : "Vous allez recevoir un courriel avec un lien de vérification",
|
||||
"A new user \"%s\" has created an account on %s and awaits admin approbation" : "Un nouvel utilisateur \"%s\" a créé un compte sur %s et attend l'approbation d'un administrateur",
|
||||
"Your account has been successfully created, but it still needs approval from an administrator." : "Votre compte a bien été créé, il doit maintenant être approuvé par un administrateur.",
|
||||
"Require admin approval?" : "Nécessite l'approbation d'un administrateur ?"
|
||||
},"pluralForm" :"nplurals=2; plural=(n > 1);"
|
||||
}
|
||||
}
|
||||
|
|
|
|||
|
|
@ -30,6 +30,9 @@ OC.L10N.register(
|
|||
"Email" : "メール",
|
||||
"Request verification link" : "確認URLリンクをリクエスト",
|
||||
"Please re-enter a valid email address" : "有効なメールアドレスを再度入力してください。",
|
||||
"You will receive an email with a verification link" : "確認URLの入ったメールをお送り致します。"
|
||||
"You will receive an email with a verification link" : "確認URLの入ったメールをお送り致します。",
|
||||
"A new user \"%s\" has created an account on %s and awaits admin approbation" : "新しいユーザー \"%s\" を アカウント名 \"%s\" として作成しました、今管理者の承認は必要です",
|
||||
"Your account has been successfully created, but it still needs approval from an administrator." : "アカウントは作成成功しましたけど、管理者の承認は必要です。",
|
||||
"Require admin approval?" : "管理者の承認は必要ですか"
|
||||
},
|
||||
"nplurals=1; plural=0;");
|
||||
|
|
|
|||
|
|
@ -28,6 +28,9 @@
|
|||
"Email" : "メール",
|
||||
"Request verification link" : "確認URLリンクをリクエスト",
|
||||
"Please re-enter a valid email address" : "有効なメールアドレスを再度入力してください。",
|
||||
"You will receive an email with a verification link" : "確認URLの入ったメールをお送り致します。"
|
||||
"You will receive an email with a verification link" : "確認URLの入ったメールをお送り致します。",
|
||||
"A new user \"%s\" has created an account on %s and awaits admin approbation" : "新しいユーザー \"%s\" を アカウント名 \"%s\" として作成しました、今管理者の承認は必要です",
|
||||
"Your account has been successfully created, but it still needs approval from an administrator." : "アカウントは作成成功しましたけど、管理者の承認は必要です。",
|
||||
"Require admin approval?" : "管理者の承認は必要ですか"
|
||||
},"pluralForm" :"nplurals=1; plural=0;"
|
||||
}
|
||||
}
|
||||
|
|
|
|||
|
|
@ -106,10 +106,25 @@ class MailService {
|
|||
|
||||
/**
|
||||
* @param string $userId
|
||||
* @param string $userGroupId
|
||||
* @param bool $userIsEnabled
|
||||
*/
|
||||
public function notifyAdmins($userId) {
|
||||
public function notifyAdmins($userId, $userIsEnabled, $userGroupId) {
|
||||
// Notify admin
|
||||
$admin_users = $this->groupManager->get('admin')->getUsers();
|
||||
|
||||
// if the user is disabled and belongs to a group
|
||||
// add subadmins of this group to notification list
|
||||
if (!$userIsEnabled and $userGroupId) {
|
||||
$group = $this->groupManager->get($userGroupId);
|
||||
$subadmin_users = $this->groupManager->getSubAdmin()->getGroupsSubAdmins($group);
|
||||
foreach ($subadmin_users as $user) {
|
||||
if (!in_array($user, $admin_users)) {
|
||||
$admin_users[] = $user;
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
$to_arr = array();
|
||||
foreach ( $admin_users as $au ) {
|
||||
$au_email = $au->getEMailAddress();
|
||||
|
|
@ -118,7 +133,7 @@ class MailService {
|
|||
}
|
||||
}
|
||||
try {
|
||||
$this->sendNewUserNotifEmail($to_arr, $userId);
|
||||
$this->sendNewUserNotifEmail($to_arr, $userId, $userIsEnabled);
|
||||
} catch (\Exception $e) {
|
||||
$this->logger->error('Sending admin notification email failed: '. $e->getMessage());
|
||||
}
|
||||
|
|
@ -128,16 +143,27 @@ class MailService {
|
|||
* Sends new user notification email to admin
|
||||
* @param array $to
|
||||
* @param string $username the new user
|
||||
* @param bool $userIsEnabled the new user account is enabled
|
||||
* @throws \Exception
|
||||
*/
|
||||
private function sendNewUserNotifEmail(array $to, $username) {
|
||||
private function sendNewUserNotifEmail(array $to, $username, $userIsEnabled) {
|
||||
$template_var = [
|
||||
'user' => $username,
|
||||
'sitename' => $this->defaults->getName()
|
||||
];
|
||||
$html_template = new TemplateResponse('registration', 'email.newuser_html', $template_var, 'blank');
|
||||
|
||||
// handle user enableness
|
||||
if ($userIsEnabled) {
|
||||
$html_template_file = 'email.newuser_html';
|
||||
$plaintext_template_file = 'email.newuser_plaintext';
|
||||
} else {
|
||||
$html_template_file = 'email.newuser.disabled_html';
|
||||
$plaintext_template_file = 'email.newuser.disabled_plaintext';
|
||||
}
|
||||
|
||||
$html_template = new TemplateResponse('registration', $html_template_file, $template_var, 'blank');
|
||||
$html_part = $html_template->render();
|
||||
$plaintext_template = new TemplateResponse('registration', 'email.newuser_plaintext', $template_var, 'blank');
|
||||
$plaintext_template = new TemplateResponse('registration', $plaintext_template_file, $template_var, 'blank');
|
||||
$plaintext_part = $plaintext_template->render();
|
||||
$subject = $this->l10n->t('A new user "%s" has created an account on %s', [$username, $this->defaults->getName()]);
|
||||
|
||||
|
|
|
|||
|
|
@ -288,9 +288,18 @@ class RegistrationService {
|
|||
try {
|
||||
$group = $this->groupManager->get($registered_user_group);
|
||||
$group->addUser($user);
|
||||
$groupId = $group->getGID();
|
||||
} catch (\Exception $e) {
|
||||
throw new RegistrationException($e->getMessage());
|
||||
}
|
||||
} else {
|
||||
$groupId = "";
|
||||
}
|
||||
|
||||
// disable user if this is requested by config
|
||||
$admin_approval_required = $this->config->getAppValue($this->appName, 'admin_approval_required', "no");
|
||||
if ($admin_approval_required == "yes") {
|
||||
$user->setEnabled(false);
|
||||
}
|
||||
|
||||
// Delete pending registration if no client secret is stored
|
||||
|
|
@ -301,7 +310,7 @@ class RegistrationService {
|
|||
}
|
||||
}
|
||||
|
||||
$this->mailService->notifyAdmins($userId);
|
||||
$this->mailService->notifyAdmins($userId, $user->isEnabled(), $groupId);
|
||||
return $user;
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -23,4 +23,9 @@ foreach ( $_['groups'] as $group ) {
|
|||
<em><?php p($l->t('Enter a semicolon-separated list of allowed domains. Example: owncloud.com;github.com'));?></em>
|
||||
</p>
|
||||
|
||||
<p>
|
||||
<label for="admin_approval_required"><?php p($l->t('Require admin approval?')); ?>
|
||||
<input type="checkbox" id="admin_approval_required" name="admin_approval_required" <?php if($_['approval_required'] == "yes" ) echo " checked"; ?>>
|
||||
</label>
|
||||
</p>
|
||||
</form>
|
||||
|
|
|
|||
|
|
@ -0,0 +1,2 @@
|
|||
<?php
|
||||
echo $l->t('A new user "%s" has created an account on %s and awaits admin approbation', [$_['user'], $_['sitename']]);
|
||||
|
|
@ -0,0 +1,2 @@
|
|||
<?php
|
||||
echo $l->t('A new user "%s" has created an account on %s and awaits admin approbation', [$_['user'], $_['sitename']]);
|
||||
Loading…
Reference in New Issue