Bug 86029 create permission restrictions for createaccount.cgi (prevent people…

Bug 86029 create permission restrictions for createaccount.cgi (prevent people from creating accounts) r=burnus a=justdave

Bug 86029 create permission restrictions for createaccount.cgi (prevent people…
d297f88d · bugreport%peshkin.net · 2e6c635d · d297f88d · d297f88d · d297f88d
Commit d297f88d authored Dec 09, 2002 by bugreport%peshkin.net
6 changed files
--- a/createaccount.cgi
+++ b/createaccount.cgi
@@ -69,6 +69,13 @@ if (defined($login)) {
          || ThrowTemplateError($template->error());
        exit;
    }
+
+    my $createexp = Param('createemailregexp');
+    if (!($createexp)
+        || ($login !~ /$createexp/)) {
+        ThrowUserError("account_creation_disabled");
+        exit;
+    }
    
    # Create account
    my $password = InsertNewUser($login, $realname);

--- a/defparams.pl
+++ b/defparams.pl
@@ -694,6 +694,19 @@ You will get this message once a day until you\'ve dealt with these bugs!
  },

  {
+   name => 'createemailregexp',
+   desc => 'This defines the regexp to use for email addresses that are ' .
+           'permitted to self-register using a "New Account" feature. The ' .
+           'default (.*) permits any account matching the emailregexp ' .
+           'to be created.  If this parameter is left blank, no users ' .
+           'will be permitted to create their own accounts and all accounts ' .
+           'will have to be created by an administrator',
+   type => 't',
+   default => q:.*:,
+   checker => \&check_regexp
+  },
+
+  {
   name => 'voteremovedmail',
   desc => 'This is a mail message to send to anyone who gets a vote removed ' .
           'from a bug for any reason.  %to% gets replaced by the person who ' .

--- a/template/en/default/account/login.html.tmpl
+++ b/template/en/default/account/login.html.tmpl
@@ -102,10 +102,12 @@
 [% UNLESS Param("useLDAP") %]
  <hr>

-  <p>
-    If you don't have a Bugzilla account, you can 
-    <a href="createaccount.cgi">create a new account</a>.
-  </p>
+  [% IF Param("createemailregexp") %]
+    <p>
+      If you don't have a Bugzilla account, you can 
+      <a href="createaccount.cgi">create a new account</a>.
+    </p>
+  [% END %]

  <form method="get" action="token.cgi">
    <input type="hidden" name="a" value="reqpw">

--- a/template/en/default/global/useful-links.html.tmpl
+++ b/template/en/default/global/useful-links.html.tmpl
@@ -121,7 +121,9 @@
      
    [% ELSE %]    
      <td valign="middle" align="right">
-        <a href="createaccount.cgi">New&nbsp;Account</a> | 
+        [% IF Param('createemailregexp') %]
+          <a href="createaccount.cgi">New&nbsp;Account</a> | 
+        [% END %]
        <a href="query.cgi?GoAheadAndLogIn=1">Log&nbsp;In</a>
      </td>
    </tr>

--- a/template/en/default/global/user-error.html.tmpl
+++ b/template/en/default/global/user-error.html.tmpl
@@ -41,6 +41,12 @@
    to any [% parameters %] which you may have set before calling
    ThrowUserError.

+  [% ELSIF error == "account_creation_disabled" %]
+    [% title = "Account Creation Disabled" %]
+    Account self-creation has been disabled or restricted.
+    <hr>
+    New accounts must be created by an administrator.
+
  [% ELSIF error == "account_disabled" %]
    [% title = "Account Disabled" %]
    [% disabled_reason %]

--- a/template/en/default/index.html.tmpl
+++ b/template/en/default/index.html.tmpl
@@ -65,7 +65,9 @@ function addSidebar() {
  <a href="relogin.cgi">Logout [% username FILTER html %]</a><br>
 [% ELSE %]
  <a href="query.cgi?GoAheadAndLogIn=1">Log in to an existing account</a><br>
-  <a href="createaccount.cgi">Open a new Bugzilla account</a><br>
+  [% IF Param('createemailregexp') %]
+    <a href="createaccount.cgi">Open a new Bugzilla account</a><br>
+  [% END %]
 [% END %]
  </p><p>
  <a href="javascript:addSidebar()">Add to Sidebar</a> (Requires Mozilla or Netscape 6)<br>