From efa4c46f6e7422a1ab460de915017de412fc8400 Mon Sep 17 00:00:00 2001 From: mngshm Date: Tue, 22 Apr 2025 16:43:59 +0530 Subject: [PATCH 1/4] fixes #5684: don't send OTT if disable registration == true --- server/pkg/controller/user/userauth.go | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/server/pkg/controller/user/userauth.go b/server/pkg/controller/user/userauth.go index 8d66023e98..7dee57d440 100644 --- a/server/pkg/controller/user/userauth.go +++ b/server/pkg/controller/user/userauth.go @@ -96,7 +96,9 @@ func (c *UserController) SendEmailOTT(context *gin.Context, email string, purpos if isComplete && purpose == ente.SignUpOTTPurpose { return stacktrace.Propagate(ente.ErrUserAlreadyRegistered, "user has already completed sign up process") } - + if !isComplete && purpose == ente.SignUpOTTPurpose && viper.GetBool("internal.disable-registration") { + return stacktrace.Propagate(ente.ErrPermissionDenied, "registration is disabled") + } if !isComplete && purpose == ente.LoginOTTPurpose { return stacktrace.Propagate(ente.ErrUserNotRegistered, "user has not completed sign up process") } From e6deea15338830d65b849c17353a28e22bdb0af4 Mon Sep 17 00:00:00 2001 From: mngshm Date: Tue, 22 Apr 2025 19:10:42 +0530 Subject: [PATCH 2/4] separate ott generation purpose checks --- server/pkg/controller/user/userauth.go | 16 +++++++++++----- 1 file changed, 11 insertions(+), 5 deletions(-) diff --git a/server/pkg/controller/user/userauth.go b/server/pkg/controller/user/userauth.go index 7dee57d440..41e44e23df 100644 --- a/server/pkg/controller/user/userauth.go +++ b/server/pkg/controller/user/userauth.go @@ -88,21 +88,27 @@ func (c *UserController) SendEmailOTT(context *gin.Context, email string, purpos return err } } - if purpose == ente.SignUpOTTPurpose || purpose == ente.LoginOTTPurpose { - isComplete, err := c.isSignUpComplete(email) - if err != nil { - return stacktrace.Propagate(err, "") - } + + isComplete, err := c.isSignUpComplete(email) + if err != nil { + return stacktrace.Propagate(err, "") + } + // Purpose of OTT is Sign up + if purpose == ente.SignUpOTTPurpose { if isComplete && purpose == ente.SignUpOTTPurpose { return stacktrace.Propagate(ente.ErrUserAlreadyRegistered, "user has already completed sign up process") } if !isComplete && purpose == ente.SignUpOTTPurpose && viper.GetBool("internal.disable-registration") { return stacktrace.Propagate(ente.ErrPermissionDenied, "registration is disabled") } + } + // Purpose of OTT is Login + if purpose == ente.LoginOTTPurpose { if !isComplete && purpose == ente.LoginOTTPurpose { return stacktrace.Propagate(ente.ErrUserNotRegistered, "user has not completed sign up process") } } + ott, err := random.GenerateSixDigitOtp() if err != nil { return stacktrace.Propagate(err, "") From 2577b9c93afe75038558a8b31b204f2d86d42df0 Mon Sep 17 00:00:00 2001 From: mngshm Date: Tue, 22 Apr 2025 21:55:50 +0530 Subject: [PATCH 3/4] remove redundant code --- server/pkg/controller/user/userauth.go | 21 ++++++++------------- 1 file changed, 8 insertions(+), 13 deletions(-) diff --git a/server/pkg/controller/user/userauth.go b/server/pkg/controller/user/userauth.go index 41e44e23df..66ea74535d 100644 --- a/server/pkg/controller/user/userauth.go +++ b/server/pkg/controller/user/userauth.go @@ -93,20 +93,15 @@ func (c *UserController) SendEmailOTT(context *gin.Context, email string, purpos if err != nil { return stacktrace.Propagate(err, "") } - // Purpose of OTT is Sign up - if purpose == ente.SignUpOTTPurpose { - if isComplete && purpose == ente.SignUpOTTPurpose { - return stacktrace.Propagate(ente.ErrUserAlreadyRegistered, "user has already completed sign up process") - } - if !isComplete && purpose == ente.SignUpOTTPurpose && viper.GetBool("internal.disable-registration") { - return stacktrace.Propagate(ente.ErrPermissionDenied, "registration is disabled") - } + if isComplete && purpose == ente.SignUpOTTPurpose { + return stacktrace.Propagate(ente.ErrUserAlreadyRegistered, "user has already completed sign up process") } - // Purpose of OTT is Login - if purpose == ente.LoginOTTPurpose { - if !isComplete && purpose == ente.LoginOTTPurpose { - return stacktrace.Propagate(ente.ErrUserNotRegistered, "user has not completed sign up process") - } + if !isComplete && purpose == ente.SignUpOTTPurpose && viper.GetBool("internal.disable-registration") { + return stacktrace.Propagate(ente.ErrPermissionDenied, "registration is disabled") + } + + if !isComplete && purpose == ente.LoginOTTPurpose { + return stacktrace.Propagate(ente.ErrUserNotRegistered, "user has not completed sign up process") } ott, err := random.GenerateSixDigitOtp() From f183c56c2026d0411eb59dc3ce0b7fdc5536be77 Mon Sep 17 00:00:00 2001 From: mngshm Date: Thu, 24 Apr 2025 01:45:11 +0530 Subject: [PATCH 4/4] minor reorganizations of checks --- server/pkg/controller/user/userauth.go | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/server/pkg/controller/user/userauth.go b/server/pkg/controller/user/userauth.go index 66ea74535d..eece21674b 100644 --- a/server/pkg/controller/user/userauth.go +++ b/server/pkg/controller/user/userauth.go @@ -89,18 +89,18 @@ func (c *UserController) SendEmailOTT(context *gin.Context, email string, purpos } } - isComplete, err := c.isSignUpComplete(email) + isSignUpComplete, err := c.isSignUpComplete(email) if err != nil { return stacktrace.Propagate(err, "") } - if isComplete && purpose == ente.SignUpOTTPurpose { + if purpose == ente.SignUpOTTPurpose && isSignUpComplete { return stacktrace.Propagate(ente.ErrUserAlreadyRegistered, "user has already completed sign up process") } - if !isComplete && purpose == ente.SignUpOTTPurpose && viper.GetBool("internal.disable-registration") { + if purpose == ente.SignUpOTTPurpose && viper.GetBool("internal.disable-registration") && !isSignUpComplete { return stacktrace.Propagate(ente.ErrPermissionDenied, "registration is disabled") } - if !isComplete && purpose == ente.LoginOTTPurpose { + if purpose == ente.LoginOTTPurpose && !isSignUpComplete { return stacktrace.Propagate(ente.ErrUserNotRegistered, "user has not completed sign up process") }