about summary refs log tree commit diff
path: root/app/controllers/auth
diff options
context:
space:
mode:
authorThibG <thib@sitedethib.com>2020-02-16 12:56:53 +0100
committerGitHub <noreply@github.com>2020-02-16 12:56:53 +0100
commitc48d895ea72451d40d5c1fdc91a1fd3bdb50335c (patch)
tree4db54bf3051e6e131fe28316591b1ef0a9701317 /app/controllers/auth
parent250ca99cb5d9f0492c93f30e247d441cb4fe5ccf (diff)
Fix sign-ups without checked user agreement being accepted through the web form (#13088)
* Fix user agreement not being verified

* Fix tests

* Fix up agreement field being dismissed
Diffstat (limited to 'app/controllers/auth')
-rw-r--r--app/controllers/auth/registrations_controller.rb3
1 files changed, 1 insertions, 2 deletions
diff --git a/app/controllers/auth/registrations_controller.rb b/app/controllers/auth/registrations_controller.rb
index 745b91d46..78feb1631 100644
--- a/app/controllers/auth/registrations_controller.rb
+++ b/app/controllers/auth/registrations_controller.rb
@@ -41,7 +41,6 @@ class Auth::RegistrationsController < Devise::RegistrationsController
 
     resource.locale             = I18n.locale
     resource.invite_code        = params[:invite_code] if resource.invite_code.blank?
-    resource.agreement          = true
     resource.current_sign_in_ip = request.remote_ip
 
     resource.build_account if resource.account.nil?
@@ -49,7 +48,7 @@ class Auth::RegistrationsController < Devise::RegistrationsController
 
   def configure_sign_up_params
     devise_parameter_sanitizer.permit(:sign_up) do |u|
-      u.permit({ account_attributes: [:username], invite_request_attributes: [:text] }, :email, :password, :password_confirmation, :invite_code)
+      u.permit({ account_attributes: [:username], invite_request_attributes: [:text] }, :email, :password, :password_confirmation, :invite_code, :agreement)
     end
   end