From 893d30fb92dff90eea417b4967021f4c9d3b64e3 Mon Sep 17 00:00:00 2001 From: Blake Erickson Date: Thu, 15 Aug 2019 17:19:12 -0600 Subject: [PATCH] REVERT: External auth when redeeming invites Reverting this commit: 87a0a6664e4bcde2ec3ac012308d9c7fb8e0d370 because I'm extracting all of this logic into a plugin instead. --- .../discourse/controllers/invites-show.js.es6 | 32 +---- .../discourse/controllers/login.js.es6 | 28 ++-- .../invite-email-auth-validation.js.es6 | 43 ------- .../discourse/templates/invites/show.hbs | 121 ++++++------------ .../users/omniauth_callbacks_controller.rb | 8 +- config/locales/client.en.yml | 1 - config/site_settings.yml | 4 - lib/guardian.rb | 2 +- 8 files changed, 53 insertions(+), 186 deletions(-) delete mode 100644 app/assets/javascripts/discourse/mixins/invite-email-auth-validation.js.es6 diff --git a/app/assets/javascripts/discourse/controllers/invites-show.js.es6 b/app/assets/javascripts/discourse/controllers/invites-show.js.es6 index a35f91922ac..97eca20bc5a 100644 --- a/app/assets/javascripts/discourse/controllers/invites-show.js.es6 +++ b/app/assets/javascripts/discourse/controllers/invites-show.js.es6 @@ -5,7 +5,6 @@ import { ajax } from "discourse/lib/ajax"; import PasswordValidation from "discourse/mixins/password-validation"; import UsernameValidation from "discourse/mixins/username-validation"; import NameValidation from "discourse/mixins/name-validation"; -import InviteEmailAuthValidation from "discourse/mixins/invite-email-auth-validation"; import UserFieldsValidation from "discourse/mixins/user-fields-validation"; import { findAll as findLoginMethods } from "discourse/models/login-method"; @@ -13,11 +12,8 @@ export default Ember.Controller.extend( PasswordValidation, UsernameValidation, NameValidation, - InviteEmailAuthValidation, UserFieldsValidation, { - login: Ember.inject.controller(), - invitedBy: Ember.computed.alias("model.invited_by"), email: Ember.computed.alias("model.email"), accountUsername: Ember.computed.alias("model.username"), @@ -26,7 +22,6 @@ export default Ember.Controller.extend( errorMessage: null, userFields: null, inviteImageUrl: getUrl("/images/envelope.svg"), - hasAuthOptions: Ember.computed.notEmpty("authOptions"), @computed welcomeTitle() { @@ -40,45 +35,28 @@ export default Ember.Controller.extend( return I18n.t("invites.your_email", { email: email }); }, - authProviderDisplayName(providerName) { - const matchingProvider = findLoginMethods().find(provider => { - return provider.name === providerName; - }); - return matchingProvider - ? matchingProvider.get("prettyName") - : providerName; - }, - @computed externalAuthsEnabled() { return findLoginMethods().length > 0; }, - @computed - inviteOnlyOauthEnabled() { - return this.siteSettings.enable_invite_only_oauth; - }, - @computed( "usernameValidation.failed", "passwordValidation.failed", "nameValidation.failed", - "userFieldsValidation.failed", - "inviteEmailAuthValidation.failed" + "userFieldsValidation.failed" ) submitDisabled( usernameFailed, passwordFailed, nameFailed, - userFieldsFailed, - inviteEmailAuthFailed + userFieldsFailed ) { return ( usernameFailed || passwordFailed || nameFailed || - userFieldsFailed || - inviteEmailAuthFailed + userFieldsFailed ); }, @@ -90,10 +68,6 @@ export default Ember.Controller.extend( }, actions: { - externalLogin(provider) { - this.login.send("externalLogin", provider); - }, - submit() { const userFields = this.userFields; let userCustomFields = {}; diff --git a/app/assets/javascripts/discourse/controllers/login.js.es6 b/app/assets/javascripts/discourse/controllers/login.js.es6 index 76f33c9c757..19da455a26e 100644 --- a/app/assets/javascripts/discourse/controllers/login.js.es6 +++ b/app/assets/javascripts/discourse/controllers/login.js.es6 @@ -20,7 +20,6 @@ const AuthErrors = [ export default Ember.Controller.extend(ModalFunctionality, { createAccount: Ember.inject.controller(), - invitesShow: Ember.inject.controller(), forgotPassword: Ember.inject.controller(), application: Ember.inject.controller(), @@ -354,23 +353,14 @@ export default Ember.Controller.extend(ModalFunctionality, { return; } - if (this.siteSettings.enable_invite_only_oauth) { - const invitesShowController = this.invitesShow; - invitesShowController.setProperties({ - accountEmail: options.email, - accountUsername: options.username, - accountName: options.name, - authOptions: Ember.Object.create(options) - }); - } else { - const createAccountController = this.createAccount; - createAccountController.setProperties({ - accountEmail: options.email, - accountUsername: options.username, - accountName: options.name, - authOptions: Ember.Object.create(options) - }); - showModal("createAccount"); - } + const createAccountController = this.createAccount; + createAccountController.setProperties({ + accountEmail: options.email, + accountUsername: options.username, + accountName: options.name, + authOptions: Ember.Object.create(options) + }); + + showModal("createAccount"); } }); diff --git a/app/assets/javascripts/discourse/mixins/invite-email-auth-validation.js.es6 b/app/assets/javascripts/discourse/mixins/invite-email-auth-validation.js.es6 deleted file mode 100644 index d6cf80b5754..00000000000 --- a/app/assets/javascripts/discourse/mixins/invite-email-auth-validation.js.es6 +++ /dev/null @@ -1,43 +0,0 @@ -import InputValidation from "discourse/models/input-validation"; -import { default as computed } from "ember-addons/ember-computed-decorators"; - -export default Ember.Mixin.create({ - @computed() - nameInstructions() { - ""; - }, - - // Validate the name. - @computed( - "accountEmail", - "authOptions.email", - "authOptions.email_valid", - "authOptions.auth_provider" - ) - inviteEmailAuthValidation() { - if ( - !this.siteSettings.enable_invite_only_oauth || - (this.siteSettings.enable_invite_only_oauth && - this.get("authOptions.email") === this.email && - this.get("authOptions.email_valid")) - ) { - return InputValidation.create({ - ok: true, - reason: I18n.t("user.email.authenticated", { - provider: this.authProviderDisplayName( - this.get("authOptions.auth_provider") - ) - }) - }); - } - - return InputValidation.create({ - failed: true, - reason: I18n.t("user.email.invite_email_auth_invalid", { - provider: this.authProviderDisplayName( - this.get("authOptions.auth_provider") - ) - }) - }); - } -}); diff --git a/app/assets/javascripts/discourse/templates/invites/show.hbs b/app/assets/javascripts/discourse/templates/invites/show.hbs index 467d91887a1..6b3b461a0cf 100644 --- a/app/assets/javascripts/discourse/templates/invites/show.hbs +++ b/app/assets/javascripts/discourse/templates/invites/show.hbs @@ -14,98 +14,55 @@ {{else}}

{{i18n 'invites.invited_by'}}

{{user-info user=invitedBy}}

-

- {{{yourEmailMessage}}} - {{#if inviteOnlyOauthEnabled }} - {{login-buttons externalLogin=(action "externalLogin")}} - {{/if}} + +

{{{yourEmailMessage}}} {{#if externalAuthsEnabled}} - {{#unless inviteOnlyOauthEnabled}} - {{i18n 'invites.social_login_available'}} - {{/unless}} + {{i18n 'invites.social_login_available'}} {{/if}}

- {{#if hasAuthOptions}} - {{#if inviteOnlyOauthEnabled }} - {{input-tip validation=inviteEmailAuthValidation id="account-email-validation"}} +
+
+ + {{input value=accountUsername id="new-account-username" name="username" maxlength=maxUsernameLength autocomplete="discourse"}} +  {{input-tip validation=usernameValidation id="username-validation"}} +
{{i18n 'user.username.instructions'}}
+
+ + {{#if fullnameRequired}} +
+ + {{input value=accountName id="new-account-name" name="name"}} +
{{nameInstructions}}
+
{{/if}} - -
- - {{input value=accountUsername id="new-account-username" name="username" maxlength=maxUsernameLength autocomplete="discourse"}} -  {{input-tip validation=usernameValidation id="username-validation"}} -
{{i18n 'user.username.instructions'}}
+ +
+ + {{password-field value=accountPassword type="password" id="new-account-password" capsLockOn=capsLockOn}} +  {{input-tip validation=passwordValidation}} +
+ {{passwordInstructions}} {{i18n 'invites.optional_description'}} +
+ {{d-icon "exclamation-triangle"}} {{i18n 'login.caps_lock_warning'}}
+
- {{#if fullnameRequired}} -
- - {{input value=accountName id="new-account-name" name="name"}} -
{{nameInstructions}}
-
- {{/if}} - - {{#if userFields}} -
- {{#each userFields as |f|}} - {{user-field field=f.field value=f.value}} - {{/each}} -
- {{/if}} - - - - {{#if errorMessage}} -

-
{{errorMessage}}
- {{/if}} - - {{/if}} - {{#unless inviteOnlyOauthEnabled}} -
-
- - {{input value=accountUsername id="new-account-username" name="username" maxlength=maxUsernameLength autocomplete="discourse"}} -  {{input-tip validation=usernameValidation id="username-validation"}} -
{{i18n 'user.username.instructions'}}
+ {{#if userFields}} +
+ {{#each userFields as |f|}} + {{user-field field=f.field value=f.value}} + {{/each}}
+ {{/if}} - {{#if fullnameRequired}} -
- - {{input value=accountName id="new-account-name" name="name"}} -
{{nameInstructions}}
-
- {{/if}} + -
- - {{password-field value=accountPassword type="password" id="new-account-password" capsLockOn=capsLockOn}} -  {{input-tip validation=passwordValidation}} -
- {{passwordInstructions}} {{i18n 'invites.optional_description'}} -
- {{d-icon "exclamation-triangle"}} {{i18n 'login.caps_lock_warning'}}
-
-
- - {{#if userFields}} -
- {{#each userFields as |f|}} - {{user-field field=f.field value=f.value}} - {{/each}} -
- {{/if}} - - - - {{#if errorMessage}} -

-
{{errorMessage}}
- {{/if}} - - {{/unless}} + {{#if errorMessage}} +

+
{{errorMessage}}
+ {{/if}} + {{/if}}
diff --git a/app/controllers/users/omniauth_callbacks_controller.rb b/app/controllers/users/omniauth_callbacks_controller.rb index fb3578bacc1..cac09b34214 100644 --- a/app/controllers/users/omniauth_callbacks_controller.rb +++ b/app/controllers/users/omniauth_callbacks_controller.rb @@ -108,7 +108,7 @@ class Users::OmniauthCallbacksController < ApplicationController def complete_response_data if @auth_result.user user_found(@auth_result.user) - elsif invite_required? + elsif SiteSetting.invite_only? @auth_result.requires_invite = true else session[:authentication] = @auth_result.session_data @@ -156,10 +156,4 @@ class Users::OmniauthCallbacksController < ApplicationController end end - # If invite_only and enable_invite_only_oauth allow the user to authenticate if coming from the invite page - def invite_required? - (SiteSetting.invite_only? && !SiteSetting.enable_invite_only_oauth) || - (SiteSetting.invite_only? && (!@origin.include?('invites') && SiteSetting.enable_invite_only_oauth)) - end - end diff --git a/config/locales/client.en.yml b/config/locales/client.en.yml index 940879d8977..9c97b8daad1 100644 --- a/config/locales/client.en.yml +++ b/config/locales/client.en.yml @@ -1014,7 +1014,6 @@ en: ok: "We will email you to confirm" invalid: "Please enter a valid email address" authenticated: "Your email has been authenticated by {{provider}}" - invite_email_auth_invalid: "Your invitation email does not match the email from {{provider}}" frequency_immediately: "We'll email you immediately if you haven't read the thing we're emailing you about." frequency: one: "We'll only email you if we haven't seen you in the last minute." diff --git a/config/site_settings.yml b/config/site_settings.yml index 1f1c1ee366e..2ca78030f90 100644 --- a/config/site_settings.yml +++ b/config/site_settings.yml @@ -327,10 +327,6 @@ login: enable_local_logins: client: true default: true - enable_invite_only_oauth: - client: true - default: false - hidden: true enable_local_logins_via_email: client: true default: true diff --git a/lib/guardian.rb b/lib/guardian.rb index 28e7d369364..79ac55010af 100644 --- a/lib/guardian.rb +++ b/lib/guardian.rb @@ -334,7 +334,7 @@ class Guardian authenticated? && (SiteSetting.max_invites_per_day.to_i > 0 || is_staff?) && !SiteSetting.enable_sso && - (SiteSetting.enable_invite_only_oauth || SiteSetting.enable_local_logins) && + SiteSetting.enable_local_logins && ( (!SiteSetting.must_approve_users? && @user.has_trust_level?(TrustLevel[2])) || is_staff?