From d297f88d022f45e4d6341e7eca49049a4947cd8f Mon Sep 17 00:00:00 2001 From: "bugreport%peshkin.net" <> Date: Mon, 9 Dec 2002 08:24:34 +0000 Subject: Bug 86029 create permission restrictions for createaccount.cgi (prevent people from creating accounts) r=burnus a=justdave --- createaccount.cgi | 7 +++++++ defparams.pl | 13 +++++++++++++ template/en/default/account/login.html.tmpl | 10 ++++++---- template/en/default/global/useful-links.html.tmpl | 4 +++- template/en/default/global/user-error.html.tmpl | 6 ++++++ template/en/default/index.html.tmpl | 4 +++- 6 files changed, 38 insertions(+), 6 deletions(-) diff --git a/createaccount.cgi b/createaccount.cgi index 37776a780..4ce347fcf 100755 --- a/createaccount.cgi +++ b/createaccount.cgi @@ -69,6 +69,13 @@ if (defined($login)) { || ThrowTemplateError($template->error()); exit; } + + my $createexp = Param('createemailregexp'); + if (!($createexp) + || ($login !~ /$createexp/)) { + ThrowUserError("account_creation_disabled"); + exit; + } # Create account my $password = InsertNewUser($login, $realname); diff --git a/defparams.pl b/defparams.pl index 3e4807dc2..fc3fe8245 100644 --- a/defparams.pl +++ b/defparams.pl @@ -693,6 +693,19 @@ You will get this message once a day until you\'ve dealt with these bugs! default => '' }, + { + name => 'createemailregexp', + desc => 'This defines the regexp to use for email addresses that are ' . + 'permitted to self-register using a "New Account" feature. The ' . + 'default (.*) permits any account matching the emailregexp ' . + 'to be created. If this parameter is left blank, no users ' . + 'will be permitted to create their own accounts and all accounts ' . + 'will have to be created by an administrator', + type => 't', + default => q:.*:, + checker => \&check_regexp + }, + { name => 'voteremovedmail', desc => 'This is a mail message to send to anyone who gets a vote removed ' . diff --git a/template/en/default/account/login.html.tmpl b/template/en/default/account/login.html.tmpl index 16a49580f..7d6e298d2 100644 --- a/template/en/default/account/login.html.tmpl +++ b/template/en/default/account/login.html.tmpl @@ -102,10 +102,12 @@ [% UNLESS Param("useLDAP") %]
-

- If you don't have a Bugzilla account, you can - create a new account. -

+ [% IF Param("createemailregexp") %] +

+ If you don't have a Bugzilla account, you can + create a new account. +

+ [% END %]
diff --git a/template/en/default/global/useful-links.html.tmpl b/template/en/default/global/useful-links.html.tmpl index e172a0f55..fac714b0e 100644 --- a/template/en/default/global/useful-links.html.tmpl +++ b/template/en/default/global/useful-links.html.tmpl @@ -121,7 +121,9 @@ [% ELSE %] - New Account | + [% IF Param('createemailregexp') %] + New Account | + [% END %] Log In diff --git a/template/en/default/global/user-error.html.tmpl b/template/en/default/global/user-error.html.tmpl index 0d43b62a5..965a3fb27 100644 --- a/template/en/default/global/user-error.html.tmpl +++ b/template/en/default/global/user-error.html.tmpl @@ -41,6 +41,12 @@ to any [% parameters %] which you may have set before calling ThrowUserError. + [% ELSIF error == "account_creation_disabled" %] + [% title = "Account Creation Disabled" %] + Account self-creation has been disabled or restricted. +
+ New accounts must be created by an administrator. + [% ELSIF error == "account_disabled" %] [% title = "Account Disabled" %] [% disabled_reason %] diff --git a/template/en/default/index.html.tmpl b/template/en/default/index.html.tmpl index 07cdf63b5..dccf43f58 100644 --- a/template/en/default/index.html.tmpl +++ b/template/en/default/index.html.tmpl @@ -65,7 +65,9 @@ function addSidebar() { Logout [% username FILTER html %]
[% ELSE %] Log in to an existing account
- Open a new Bugzilla account
+ [% IF Param('createemailregexp') %] + Open a new Bugzilla account
+ [% END %] [% END %]

Add to Sidebar (Requires Mozilla or Netscape 6)
-- cgit v1.2.3-24-g4f1b