Infra-Mirrors/BookStack
1
0
Fork 0
mirror of https://github.com/BookStackApp/BookStack.git synced 2024-10-01 01:36:00 -04:00
Code Issues Packages Projects Releases Wiki Activity

Fixed required email confirmation with domain restriction

Browse Source 
Added test to cover scenario.

Closes #573
This commit is contained in:
Dan Brown 2017-11-11 18:09:48 +00:00
parent 08e58bab79
commit d89440d198
No known key found for this signature in database
GPG Key ID: 46D9F943C24A2EF9
3 changed files with 45 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
app/Http/Controllers/Auth/RegisterController.php
View File

@ -53,7 +53,7 @@ class RegisterController extends Controller
*/ */
public function __construct(SocialAuthService $socialAuthService, EmailConfirmationService $emailConfirmationService, UserRepo $userRepo) public function __construct(SocialAuthService $socialAuthService, EmailConfirmationService $emailConfirmationService, UserRepo $userRepo)
{ {
$this->middleware('guest')->except(['socialCallback', 'detachSocialAccount']); $this->middleware('guest')->only(['getRegister', 'postRegister', 'socialRegister']);
$this->socialAuthService = $socialAuthService; $this->socialAuthService = $socialAuthService;
$this->emailConfirmationService = $emailConfirmationService; $this->emailConfirmationService = $emailConfirmationService;
$this->userRepo = $userRepo; $this->userRepo = $userRepo;

7
app/Http/Middleware/Authenticate.php
View File

@ -30,8 +30,11 @@ class Authenticate
*/ */
public function handle($request, Closure $next) public function handle($request, Closure $next)
{ {
if ($this->auth->check() && setting('registration-confirmation') && !$this->auth->user()->email_confirmed) { if ($this->auth->check()) {
return redirect(baseUrl('/register/confirm/awaiting')); $requireConfirmation = (setting('registration-confirmation') || setting('registration-restrict'));
if ($requireConfirmation && !$this->auth->user()->email_confirmed) {
return redirect('/register/confirm/awaiting');
}
} }
if ($this->auth->guest() && !setting('app-public')) { if ($this->auth->guest() && !setting('app-public')) {

39
tests/Auth/AuthTest.php
View File

@ -124,6 +124,45 @@ class AuthTest extends BrowserKitTest
->press('Create Account') ->press('Create Account')
->seePageIs('/register/confirm') ->seePageIs('/register/confirm')
->seeInDatabase('users', ['name' => $user->name, 'email' => $user->email, 'email_confirmed' => false]); ->seeInDatabase('users', ['name' => $user->name, 'email' => $user->email, 'email_confirmed' => false]);
$this->visit('/')->seePageIs('/login')
->type($user->email, '#email')
->type($user->password, '#password')
->press('Log In')
->seePageIs('/register/confirm/awaiting')
->seeText('Email Address Not Confirmed');
}
public function test_restricted_registration_with_confirmation_disabled()
{
$this->setSettings(['registration-enabled' => 'true', 'registration-confirmation' => 'false', 'registration-restrict' => 'example.com']);
$user = factory(\BookStack\User::class)->make();
// Go through registration process
$this->visit('/register')
->type($user->name, '#name')
->type($user->email, '#email')
->type($user->password, '#password')
->press('Create Account')
->seePageIs('/register')
->dontSeeInDatabase('users', ['email' => $user->email])
->see('That email domain does not have access to this application');
$user->email = 'barry@example.com';
$this->visit('/register')
->type($user->name, '#name')
->type($user->email, '#email')
->type($user->password, '#password')
->press('Create Account')
->seePageIs('/register/confirm')
->seeInDatabase('users', ['name' => $user->name, 'email' => $user->email, 'email_confirmed' => false]);
$this->visit('/')->seePageIs('/login')
->type($user->email, '#email')
->type($user->password, '#password')
->press('Log In')
->seePageIs('/register/confirm/awaiting')
->seeText('Email Address Not Confirmed');
} }
public function test_user_creation() public function test_user_creation()