mirror of https://github.com/tootsuite/mastodon
Extract `User::Approval` concern
parent
6556b26ab0
commit
2ca7e8b7d8
|
@ -6,6 +6,8 @@ module User::Approval
|
|||
included do
|
||||
scope :approved, -> { where(approved: true) }
|
||||
scope :pending, -> { where(approved: false) }
|
||||
|
||||
before_create :set_approved
|
||||
end
|
||||
|
||||
def pending?
|
||||
|
@ -21,4 +23,40 @@ module User::Approval
|
|||
reload unless confirmed?
|
||||
prepare_new_user! if confirmed?
|
||||
end
|
||||
|
||||
private
|
||||
|
||||
def set_approved
|
||||
self.approved = begin
|
||||
if sign_up_from_ip_requires_approval? || sign_up_email_requires_approval?
|
||||
false
|
||||
else
|
||||
open_registrations? || valid_invitation? || external?
|
||||
end
|
||||
end
|
||||
end
|
||||
|
||||
def grant_approval_on_confirmation?
|
||||
# Re-check approval on confirmation if the server has switched to open registrations
|
||||
open_registrations? && !sign_up_from_ip_requires_approval? && !sign_up_email_requires_approval?
|
||||
end
|
||||
|
||||
def sign_up_from_ip_requires_approval?
|
||||
sign_up_ip.present? && IpBlock.severity_sign_up_requires_approval.containing(sign_up_ip.to_s).exists?
|
||||
end
|
||||
|
||||
def sign_up_email_requires_approval?
|
||||
return false if email.blank?
|
||||
|
||||
_, domain = email.split('@', 2)
|
||||
return false if domain.blank?
|
||||
|
||||
records = []
|
||||
|
||||
# Doing this conditionally is not very satisfying, but this is consistent
|
||||
# with the MX records validations we do and keeps the specs tractable.
|
||||
records = DomainResource.new(domain).mx unless self.class.skip_mx_check?
|
||||
|
||||
EmailDomainBlock.requires_approval?(records + [domain], attempt_ip: sign_up_ip)
|
||||
end
|
||||
end
|
||||
|
|
|
@ -127,7 +127,6 @@ class User < ApplicationRecord
|
|||
scope :matches_ip, ->(value) { left_joins(:ips).merge(IpBlock.contained_by(value)).group('users.id') }
|
||||
|
||||
before_validation :sanitize_role
|
||||
before_create :set_approved
|
||||
after_commit :send_pending_devise_notifications
|
||||
after_create_commit :trigger_webhooks
|
||||
|
||||
|
@ -393,21 +392,6 @@ class User < ApplicationRecord
|
|||
devise_mailer.send(notification, self, *, **).deliver_later
|
||||
end
|
||||
|
||||
def set_approved
|
||||
self.approved = begin
|
||||
if sign_up_from_ip_requires_approval? || sign_up_email_requires_approval?
|
||||
false
|
||||
else
|
||||
open_registrations? || valid_invitation? || external?
|
||||
end
|
||||
end
|
||||
end
|
||||
|
||||
def grant_approval_on_confirmation?
|
||||
# Re-check approval on confirmation if the server has switched to open registrations
|
||||
open_registrations? && !sign_up_from_ip_requires_approval? && !sign_up_email_requires_approval?
|
||||
end
|
||||
|
||||
def wrap_email_confirmation
|
||||
new_user = !confirmed?
|
||||
self.approved = true if grant_approval_on_confirmation?
|
||||
|
@ -427,25 +411,6 @@ class User < ApplicationRecord
|
|||
end
|
||||
end
|
||||
|
||||
def sign_up_from_ip_requires_approval?
|
||||
sign_up_ip.present? && IpBlock.severity_sign_up_requires_approval.containing(sign_up_ip.to_s).exists?
|
||||
end
|
||||
|
||||
def sign_up_email_requires_approval?
|
||||
return false if email.blank?
|
||||
|
||||
_, domain = email.split('@', 2)
|
||||
return false if domain.blank?
|
||||
|
||||
records = []
|
||||
|
||||
# Doing this conditionally is not very satisfying, but this is consistent
|
||||
# with the MX records validations we do and keeps the specs tractable.
|
||||
records = DomainResource.new(domain).mx unless self.class.skip_mx_check?
|
||||
|
||||
EmailDomainBlock.requires_approval?(records + [domain], attempt_ip: sign_up_ip)
|
||||
end
|
||||
|
||||
def open_registrations?
|
||||
Setting.registrations_mode == 'open'
|
||||
end
|
||||
|
|
Loading…
Reference in New Issue