From 5af831c6fad0cd462f6abe3645d8c26b3481bab7 Mon Sep 17 00:00:00 2001 From: Dessalines Date: Wed, 14 Jun 2023 19:02:17 -0400 Subject: [PATCH] Fix unapproved users being able to log in after registration mode set to closed. (#3096) - Fixes #3095 --- crates/api_common/src/utils.rs | 3 ++- crates/api_crud/src/user/create.rs | 5 +++++ 2 files changed, 7 insertions(+), 1 deletion(-) diff --git a/crates/api_common/src/utils.rs b/crates/api_common/src/utils.rs index 522a35647..1912221e1 100644 --- a/crates/api_common/src/utils.rs +++ b/crates/api_common/src/utils.rs @@ -523,7 +523,8 @@ pub async fn check_registration_application( local_site: &LocalSite, pool: &DbPool, ) -> Result<(), LemmyError> { - if local_site.registration_mode == RegistrationMode::RequireApplication + if (local_site.registration_mode == RegistrationMode::RequireApplication + || local_site.registration_mode == RegistrationMode::Closed) && !local_user_view.local_user.accepted_application && !local_user_view.person.admin { diff --git a/crates/api_crud/src/user/create.rs b/crates/api_crud/src/user/create.rs index c88833930..d0aa05acc 100644 --- a/crates/api_crud/src/user/create.rs +++ b/crates/api_crud/src/user/create.rs @@ -103,12 +103,17 @@ impl PerformCrud for Register { .await .map_err(|e| LemmyError::from_error_message(e, "user_already_exists"))?; + // Automatically set their application as accepted, if they created this with open registration. + // Also fixes a bug which allows users to log in when registrations are changed to closed. + let accepted_application = Some(!require_registration_application); + // Create the local user let local_user_form = LocalUserInsertForm::builder() .person_id(inserted_person.id) .email(data.email.as_deref().map(str::to_lowercase)) .password_encrypted(data.password.to_string()) .show_nsfw(Some(data.show_nsfw)) + .accepted_application(accepted_application) .build(); let inserted_local_user = match LocalUser::create(context.pool(), &local_user_form).await {