mirror of https://github.com/go-gitea/gitea.git
Merge 189fd9ea1e
into cd70ab31cd
This commit is contained in:
commit
f427e1644f
|
@ -896,6 +896,11 @@ LEVEL = Info
|
|||
;USER_DELETE_WITH_COMMENTS_MAX_TIME = 0
|
||||
;; Valid site url schemes for user profiles
|
||||
;VALID_SITE_URL_SCHEMES=http,https
|
||||
;; The maximum number of users allowed to exist before creation is disabled.
|
||||
;; This is not a security prevention measure.
|
||||
;; Note, Admins will also be unable to create new users via the dashboard when the limit has been reached
|
||||
;; `-1` means no limit
|
||||
;MAX_USER_CREATE_LIMIT=-1
|
||||
|
||||
|
||||
;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
|
||||
|
|
|
@ -690,6 +690,7 @@ And the following unique queues:
|
|||
The user's email will be replaced with a concatenation of the user name in lower case, "@" and NO_REPLY_ADDRESS.
|
||||
- `USER_DELETE_WITH_COMMENTS_MAX_TIME`: **0** Minimum amount of time a user must exist before comments are kept when the user is deleted.
|
||||
- `VALID_SITE_URL_SCHEMES`: **http, https**: Valid site url schemes for user profiles
|
||||
- `MAX_USER_CREATE_LIMIT`: **-1**: The maximum number of users allowed to exist before creation is disabled. Note: This also prevents admins from creating new users. `-1` means no limit.
|
||||
|
||||
### Service - Explore (`service.explore`)
|
||||
|
||||
|
|
|
@ -600,6 +600,11 @@ func createUser(ctx context.Context, u *User, createdByAdmin bool, overwriteDefa
|
|||
return err
|
||||
}
|
||||
|
||||
// Check the number of users already in the system, and if there are too many forbid any new ones.
|
||||
if HitCreationLimit(ctx) {
|
||||
return fmt.Errorf("The system has exceeded the user creation limit")
|
||||
}
|
||||
|
||||
// set system defaults
|
||||
u.KeepEmailPrivate = setting.Service.DefaultKeepEmailPrivate
|
||||
u.Visibility = setting.Service.DefaultUserVisibilityMode
|
||||
|
@ -729,6 +734,15 @@ func createUser(ctx context.Context, u *User, createdByAdmin bool, overwriteDefa
|
|||
return committer.Commit()
|
||||
}
|
||||
|
||||
func HitCreationLimit(ctx context.Context) bool {
|
||||
// don't bother calling DB if limit not set
|
||||
if setting.Service.MaxUserCreationLimit < 0 ||
|
||||
int64(setting.Service.MaxUserCreationLimit) < CountUsers(ctx, &CountUserFilter{}) {
|
||||
return false
|
||||
}
|
||||
return true
|
||||
}
|
||||
|
||||
// IsLastAdminUser check whether user is the last admin
|
||||
func IsLastAdminUser(ctx context.Context, user *User) bool {
|
||||
if user.IsAdmin && CountUsers(ctx, &CountUserFilter{IsAdmin: optional.Some(true)}) <= 1 {
|
||||
|
|
|
@ -81,6 +81,7 @@ var Service = struct {
|
|||
DefaultOrgMemberVisible bool
|
||||
UserDeleteWithCommentsMaxTime time.Duration
|
||||
ValidSiteURLSchemes []string
|
||||
MaxUserCreationLimit int
|
||||
|
||||
// OpenID settings
|
||||
EnableOpenIDSignIn bool
|
||||
|
@ -234,6 +235,8 @@ func loadServiceFrom(rootCfg ConfigProvider) {
|
|||
}
|
||||
Service.ValidSiteURLSchemes = schemes
|
||||
|
||||
Service.MaxUserCreationLimit = sec.Key("MAX_USER_CREATE_LIMIT").MustInt(-1)
|
||||
|
||||
mustMapSetting(rootCfg, "service.explore", &Service.Explore)
|
||||
|
||||
loadOpenIDSetting(rootCfg)
|
||||
|
|
|
@ -724,6 +724,13 @@ func ActivatePost(ctx *context.Context) {
|
|||
return
|
||||
}
|
||||
|
||||
// Check the number of users already in the system, and if there are too many forbid any new ones.
|
||||
if user_model.HitCreationLimit(ctx) {
|
||||
ctx.Flash.Error("The system has exceeded the user creation limit", true)
|
||||
renderActivationChangeEmail(ctx)
|
||||
return
|
||||
}
|
||||
|
||||
if code == "" {
|
||||
newEmail := strings.TrimSpace(ctx.FormString("change_email"))
|
||||
if ctx.Doer != nil && newEmail != "" && !strings.EqualFold(ctx.Doer.Email, newEmail) {
|
||||
|
|
Loading…
Reference in New Issue