From 908136c5575f1facf030b1a4084744f6cd31a9f9 Mon Sep 17 00:00:00 2001
From: Richard Nienaber <rjnienaber@gmail.com>
Date: Thu, 15 Jul 2021 20:19:48 +0100
Subject: add configuration option to restrict users by default (#16256)

* add configuration option to restrict users by default

* default IsRestricted permission only set on sign up

setting this in the model messes with other workflows (e.g. syncing LDAP users) where the IsRestricted permission needs to be explicitly set and not overridden by a config value

* fix formatting

* Apply suggestions from code review

* ensure newly created user is set to restricted

* ensure imports are in the correct order

Co-authored-by: 6543 <6543@obermui.de>
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
---
 routers/web/user/auth.go | 9 +++++----
 1 file changed, 5 insertions(+), 4 deletions(-)

(limited to 'routers/web/user')

diff --git a/routers/web/user/auth.go b/routers/web/user/auth.go
index 4095d2956e..7a205853bd 100644
--- a/routers/web/user/auth.go
+++ b/routers/web/user/auth.go
@@ -1204,10 +1204,11 @@ func SignUpPost(ctx *context.Context) {
 	}
 
 	u := &models.User{
-		Name:     form.UserName,
-		Email:    form.Email,
-		Passwd:   form.Password,
-		IsActive: !(setting.Service.RegisterEmailConfirm || setting.Service.RegisterManualConfirm),
+		Name:         form.UserName,
+		Email:        form.Email,
+		Passwd:       form.Password,
+		IsActive:     !(setting.Service.RegisterEmailConfirm || setting.Service.RegisterManualConfirm),
+		IsRestricted: setting.Service.DefaultUserIsRestricted,
 	}
 
 	if !createAndHandleCreatedUser(ctx, tplSignUp, form, u, nil, false) {
-- 
cgit v1.2.3