apitech
/
wekan
mirror of https://github.com/wekan/wekan
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

Merge branch 'soohwa-fix-admin-create-user' into devel

Browse Source 
REST API: Create user despite disabling registration.
Thanks to soohwa ! Closes #1232
reviewable/pr1290/r1
Lauri Ojansivu 8 years ago
parent 10cb2db94f ff7b001b00
commit dc82582391
2 changed files with 26 additions and 3 deletions
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Show Stats Download Patch File Download Diff File
  1. 5
      CHANGELOG.md
  2. 24
      models/users.js

5
CHANGELOG.md
Unescape View File

@ -2,13 +2,14 @@
This release adds the following new features: This release adds the following new features:
* [WIP Limits](https://github.com/wekan/wekan/pull/1278). * [WIP Limits](https://github.com/wekan/wekan/pull/1278);
* [REST API: Create user despite disabling registration](https://github.com/wekan/wekan/issues/1232).
and fixes the following bugs: and fixes the following bugs:
* [Admin announcement can be viewed without signing in](https://github.com/wekan/wekan/issues/1281). * [Admin announcement can be viewed without signing in](https://github.com/wekan/wekan/issues/1281).
Thanks to Github users amadilsons and nztqa for their contributions. Thanks to Github users amadilsons, nztqa and soohwa for their contributions.
# v0.47 2017-10-04 Wekan release # v0.47 2017-10-04 Wekan release

24
models/users.js
Unescape View File

@ -108,6 +108,10 @@ Users.attachSchema(new SimpleSchema({
type: Boolean, type: Boolean,
optional: true, optional: true,
}, },
createdThroughApi: {
type: Boolean,
optional: true,
},
})); }));
// Search a user in the complete server database by its name or username. This // Search a user in the complete server database by its name or username. This
@ -435,6 +439,12 @@ if (Meteor.isServer) {
user.isAdmin = true; user.isAdmin = true;
return user; return user;
} }
if (options.from === 'admin') {
user.createdThroughApi = true;
return user;
}
const disableRegistration = Settings.findOne().disableRegistration; const disableRegistration = Settings.findOne().disableRegistration;
if (!disableRegistration) { if (!disableRegistration) {
return user; return user;
@ -524,6 +534,17 @@ if (Meteor.isServer) {
Users.after.insert((userId, doc) => { Users.after.insert((userId, doc) => {
if (doc.createdThroughApi) {
// The admin user should be able to create a user despite disabling registration because
// it is two different things (registration and creation).
// So, when a new user is created via the api (only admin user can do that) one must avoid
// the disableRegistration check.
// Issue : https://github.com/wekan/wekan/issues/1232
// PR : https://github.com/wekan/wekan/pull/1251
Users.update(doc._id, { $set: { createdThroughApi: '' } });
return;
}
//invite user to corresponding boards //invite user to corresponding boards
const disableRegistration = Settings.findOne().disableRegistration; const disableRegistration = Settings.findOne().disableRegistration;
if (disableRegistration) { if (disableRegistration) {
@ -581,7 +602,8 @@ if (Meteor.isServer) {
const id = Accounts.createUser({ const id = Accounts.createUser({
username: req.body.username, username: req.body.username,
email: req.body.email, email: req.body.email,
password: 'default', password: req.body.password,
from: 'admin',
}); });
JsonRoutes.sendResult(res, { JsonRoutes.sendResult(res, {

Write Preview
Loading…
Cancel
Save