about summary refs log tree commit diff
path: root/app/controllers/auth
diff options
context:
space:
mode:
authorEugen Rochko <eugen@zeonfederated.com>2017-11-27 16:07:59 +0100
committerGitHub <noreply@github.com>2017-11-27 16:07:59 +0100
commit740f8a95a905e949b6a74bc69dcaf638d2d46248 (patch)
tree8e09ff52b47c0cd303a9681014b34e68b5e28c51 /app/controllers/auth
parent0ea4478b68e60e442e5b254c2d2bc511e27fea83 (diff)
Add consumable invites (#5814)
* Add consumable invites

* Add UI for generating invite codes

* Add tests

* Display max uses and expiration in invites table, delete invite

* Remove unused column and redundant validator

- Default follows not used, probably bad idea
- InviteCodeValidator is redundant because RegistrationsController
  checks invite code validity

* Add admin setting to disable invites

* Add admin UI for invites, configurable role for invite creation

- Admin UI that lists everyone's invites, always available
- Admin setting min_invite_role to control who can invite people
- Non-admin invite UI only visible if users are allowed to

* Do not remove invites from database, expire them instantly
Diffstat (limited to 'app/controllers/auth')
-rw-r--r--app/controllers/auth/registrations_controller.rb21
1 files changed, 18 insertions, 3 deletions
diff --git a/app/controllers/auth/registrations_controller.rb b/app/controllers/auth/registrations_controller.rb
index 223db96ff..da0b6512f 100644
--- a/app/controllers/auth/registrations_controller.rb
+++ b/app/controllers/auth/registrations_controller.rb
@@ -16,13 +16,16 @@ class Auth::RegistrationsController < Devise::RegistrationsController
 
   def build_resource(hash = nil)
     super(hash)
-    resource.locale = I18n.locale
+
+    resource.locale      = I18n.locale
+    resource.invite_code = params[:invite_code] if resource.invite_code.blank?
+
     resource.build_account if resource.account.nil?
   end
 
   def configure_sign_up_params
     devise_parameter_sanitizer.permit(:sign_up) do |u|
-      u.permit({ account_attributes: [:username] }, :email, :password, :password_confirmation)
+      u.permit({ account_attributes: [:username] }, :email, :password, :password_confirmation, :invite_code)
     end
   end
 
@@ -35,7 +38,19 @@ class Auth::RegistrationsController < Devise::RegistrationsController
   end
 
   def check_enabled_registrations
-    redirect_to root_path if single_user_mode? || !Setting.open_registrations
+    redirect_to root_path if single_user_mode? || !allowed_registrations?
+  end
+
+  def allowed_registrations?
+    Setting.open_registrations || (invite_code.present? && Invite.find_by(code: invite_code)&.valid_for_use?)
+  end
+
+  def invite_code
+    if params[:user]
+      params[:user][:invite_code]
+    else
+      params[:invite_code]
+    end
   end
 
   private