logo

pleroma

My custom branche(s) on git.pleroma.social/pleroma/pleroma git clone https://hacktivis.me/git/pleroma.git
commit: 22554ac5ca056c2db627fc2daa5ffc8710be5c89
parent 13b6aefd59776b5979175cfce8d6d8dd0183a324
Author: rinpatch <rinpatch@sdf.org>
Date:   Fri, 15 Nov 2019 14:11:48 +0000

Merge branch 'bugfix/1395-email-activation' into 'develop'

Bugfix/1395 email activation

Closes #1395

See merge request pleroma/pleroma!1965

Diffstat:


Mlib/pleroma/plugs/oauth_plug.ex2+-


Mlib/pleroma/plugs/user_enabled_plug.ex10+++++++---


Mlib/pleroma/user.ex3+++


Mlib/pleroma/web/router.ex1+


Mtest/plugs/user_enabled_plug_test.exs17+++++++++++++++++


Mtest/user_test.exs7+++++++


6 files changed, 36 insertions(+), 4 deletions(-)

diff --git a/lib/pleroma/plugs/oauth_plug.ex b/lib/pleroma/plugs/oauth_plug.ex
@@ -71,7 +71,7 @@ defmodule Pleroma.Plugs.OAuthPlug do
       )
 
     # credo:disable-for-next-line Credo.Check.Readability.MaxLineLength
-    with %Token{user: %{deactivated: false} = user} = token_record <- Repo.one(query) do
+    with %Token{user: user} = token_record <- Repo.one(query) do
       {:ok, user, token_record}
     end
   end
diff --git a/lib/pleroma/plugs/user_enabled_plug.ex b/lib/pleroma/plugs/user_enabled_plug.ex
@@ -10,9 +10,13 @@ defmodule Pleroma.Plugs.UserEnabledPlug do
     options
   end
 
-  def call(%{assigns: %{user: %User{deactivated: true}}} = conn, _) do
-    conn
-    |> assign(:user, nil)
+  def call(%{assigns: %{user: %User{} = user}} = conn, _) do
+    if User.auth_active?(user) do
+      conn
+    else
+      conn
+      |> assign(:user, nil)
+    end
   end
 
   def call(conn, _) do
diff --git a/lib/pleroma/user.ex b/lib/pleroma/user.ex
@@ -124,6 +124,9 @@ defmodule Pleroma.User do
     timestamps()
   end
 
+  @doc "Returns if the user should be allowed to authenticate"
+  def auth_active?(%User{deactivated: true}), do: false
+
   def auth_active?(%User{confirmation_pending: true}),
     do: !Pleroma.Config.get([:instance, :account_activation_required])
 
diff --git a/lib/pleroma/web/router.ex b/lib/pleroma/web/router.ex
@@ -13,6 +13,7 @@ defmodule Pleroma.Web.Router do
   pipeline :oauth do
     plug(:fetch_session)
     plug(Pleroma.Plugs.OAuthPlug)
+    plug(Pleroma.Plugs.UserEnabledPlug)
   end
 
   pipeline :api do
diff --git a/test/plugs/user_enabled_plug_test.exs b/test/plugs/user_enabled_plug_test.exs
@@ -16,6 +16,23 @@ defmodule Pleroma.Plugs.UserEnabledPlugTest do
     assert ret_conn == conn
   end
 
+  test "with a user that's not confirmed and a config requiring confirmation, it removes that user",
+       %{conn: conn} do
+    old = Pleroma.Config.get([:instance, :account_activation_required])
+    Pleroma.Config.put([:instance, :account_activation_required], true)
+
+    user = insert(:user, confirmation_pending: true)
+
+    conn =
+      conn
+      |> assign(:user, user)
+      |> UserEnabledPlug.call(%{})
+
+    assert conn.assigns.user == nil
+
+    Pleroma.Config.put([:instance, :account_activation_required], old)
+  end
+
   test "with a user that is deactivated, it removes that user", %{conn: conn} do
     user = insert(:user, deactivated: true)
 
diff --git a/test/user_test.exs b/test/user_test.exs
@@ -1195,6 +1195,13 @@ defmodule Pleroma.UserTest do
     refute User.auth_active?(local_user)
     assert User.auth_active?(confirmed_user)
     assert User.auth_active?(remote_user)
+
+    # also shows unactive for deactivated users
+
+    deactivated_but_confirmed =
+      insert(:user, local: true, confirmation_pending: false, deactivated: true)
+
+    refute User.auth_active?(deactivated_but_confirmed)
   end
 
   describe "superuser?/1" do