Add willLog() and control access to signup page.

2025-05-23 02:35:49 +08:00 · 2021-05-08 00:23:08 +08:00 · 2021-05-08 00:23:08 +08:00 · e3b3a76088
commit e3b3a76088
parent 75f23478d1
7 changed files with 73 additions and 35 deletions
--- a/controllers/account.go
+++ b/controllers/account.go
@ -78,6 +78,14 @@ func (c *ApiController) Signup() {
 		panic(err)
 	}

+	application := object.GetApplication(fmt.Sprintf("admin/%s", form.Application))
+	if !application.EnableSignUp {
+		resp = Response{Status: "error", Msg: "The application does not allow to sign up new account", Data: c.GetSessionUser()}
+		c.Data["json"] = resp
+		c.ServeJSON()
+		return
+	}
+
 	userId := fmt.Sprintf("%s/%s", form.Organization, form.Username)
 	msg := object.CheckUserSignup(form.Organization, form.Username, form.Password, form.Name, form.Email, form.PhonePrefix, form.Phone, form.Affiliation)
 	if msg != "" {
--- a/object/user.go
+++ b/object/user.go
@ -86,15 +86,6 @@ func GetUser(id string) *User {
 	return getUser(owner, name)
 }

-func HasUser(id string) bool {
-	return GetUser(id) != nil
-}
-
-func IsPasswordCorrect(userId string, password string) bool {
-	user := GetUser(userId)
-	return user.Password == password
-}
-
 func UpdateUser(id string, user *User) bool {
 	owner, name := util.GetOwnerAndNameFromId(id)
 	if getUser(owner, name) == nil {
@ -224,10 +215,6 @@ func GetUserField(user *User, field string) string {

 func GetMaskedUser(user *User) *User {
 	user.Password = "***"
-	user.Github = "***"
-	user.Google = "***"
-	user.QQ = "***"
-	user.WeChat = "***"
 	return user
 }

--- a/routers/authz_filter.go
+++ b/routers/authz_filter.go
@ -94,6 +94,13 @@ func denyRequest(ctx *context.Context) {
 	}
 }

+func willLog(subOwner string, subName string, method string, urlPath string, objOwner string, objName string) bool {
+	if subOwner == "anonymous" && subName == "anonymous" && method == "GET" && (urlPath == "/api/get-account" || urlPath == "/api/get-app-login") && objOwner == "" && objName == "" {
+		return false
+	}
+	return true
+}
+
 func AuthzFilter(ctx *context.Context) {
 	subOwner, subName := getSubject(ctx)
 	method := ctx.Request.Method
@ -106,10 +113,14 @@ func AuthzFilter(ctx *context.Context) {
 	if isAllowed {
 		result = "allow"
 	}
-	logLine := fmt.Sprintf("subOwner = %s, subName = %s, method = %s, urlPath = %s, obj.Owner = %s, obj.Name = %s, result = %s",
-		subOwner, subName, method, urlPath, objOwner, objName, result)
-	fmt.Println(logLine)
-	util.LogInfo(ctx, logLine)
+
+	if willLog(subOwner, subName, method, urlPath, objOwner, objName) {
+		logLine := fmt.Sprintf("subOwner = %s, subName = %s, method = %s, urlPath = %s, obj.Owner = %s, obj.Name = %s, result = %s",
+			subOwner, subName, method, urlPath, objOwner, objName, result)
+		fmt.Println(logLine)
+		util.LogInfo(ctx, logLine)
+	}
+
 	if !isAllowed {
 		denyRequest(ctx)
 	}
--- a/web/src/App.js
+++ b/web/src/App.js
@ -219,20 +219,20 @@ class App extends Component {
    if (this.state.account === undefined) {
      return null;
    } else if (this.state.account === null) {
-      res.push(
-        <Menu.Item key="100" style={{float: 'right', marginRight: '20px'}}>
-          <Link to="/signup">
-            {i18next.t("account:Sign Up")}
-          </Link>
-        </Menu.Item>
-      );
-      res.push(
-        <Menu.Item key="101" style={{float: 'right'}}>
-          <Link to="/login">
-            {i18next.t("account:Login")}
-          </Link>
-        </Menu.Item>
-      );
+      // res.push(
+      //   <Menu.Item key="100" style={{float: 'right', marginRight: '20px'}}>
+      //     <Link to="/signup">
+      //       {i18next.t("account:Sign Up")}
+      //     </Link>
+      //   </Menu.Item>
+      // );
+      // res.push(
+      //   <Menu.Item key="101" style={{float: 'right'}}>
+      //     <Link to="/login">
+      //       {i18next.t("account:Login")}
+      //     </Link>
+      //   </Menu.Item>
+      // );
    } else {
      res.push(this.renderRightDropdown());
    }
--- a/web/src/auth/SignupPage.js
+++ b/web/src/auth/SignupPage.js
@ -14,7 +14,7 @@

 import React from 'react';
 import {Link} from "react-router-dom";
-import {Form, Input, Select, Checkbox, Button, Row, Col} from 'antd';
+import {Form, Input, Select, Checkbox, Button, Row, Col, Result} from 'antd';
 import * as Setting from "../Setting";
 import * as AuthBackend from "./AuthBackend";
 import i18next from "i18next";
@ -113,6 +113,26 @@ class SignupPage extends React.Component {
  }

  renderForm(application) {
+    if (!application.enableSignUp) {
+      return (
+        <Result
+          status="error"
+          title="Sign Up Error"
+          subTitle={"The application does not allow to sign up new account"}
+          extra={[
+            <Link onClick={() => {
+              Setting.goToLogin(this, application);
+            }}>
+              <Button type="primary" key="signin">
+                Sign In
+              </Button>
+            </Link>
+          ]}
+        >
+        </Result>
+      )
+    }
+
    const prefixSelector = (
      <Form.Item name="phonePrefix" noStyle>
        <Select
@ -134,12 +154,24 @@ class SignupPage extends React.Component {
        onFinish={(values) => this.onFinish(values)}
        onFinishFailed={(errorInfo) => this.onFinishFailed(errorInfo.values, errorInfo.errorFields, errorInfo.outOfDate)}
        initialValues={{
+          application: application.name,
          organization: application.organization,
          phonePrefix: '86',
        }}
        style={{width: !Setting.isMobile() ? "400px" : "250px"}}
        size="large"
      >
+        <Form.Item
+          style={{height: 0, visibility: "hidden"}}
+          name="application"
+          rules={[
+            {
+              required: true,
+              message: 'Please input your application!',
+            },
+          ]}
+        >
+        </Form.Item>
        <Form.Item
          style={{height: 0, visibility: "hidden"}}
          name="organization"
@ -221,7 +253,7 @@ class SignupPage extends React.Component {
        </Form.Item>
        <Form.Item
          name="confirm"
-          label={i18next.t("signup:Confirm password")}
+          label={i18next.t("signup:Confirm")}
          dependencies={['password']}
          hasFeedback
          rules={[
--- a/web/src/locales/en.json
+++ b/web/src/locales/en.json
@ -38,7 +38,7 @@
    "Please input your affiliation!": "Please input your affiliation!",
    "The input is not valid Email!": "The input is not valid Email!",
    "Please input your Email!": "Please input your Email!",
-    "Confirm password": "Confirm password",
+    "Confirm": "Confirm",
    "Please confirm your password!": "Please confirm your password!",
    "Your confirmed password is inconsistent with the password!": "Your confirmed password is inconsistent with the password!",
    "Please input your phone number!": "Please input your phone number!",
--- a/web/src/locales/zh.json
+++ b/web/src/locales/zh.json
@ -38,7 +38,7 @@
    "Please input your affiliation!": "请输入您所在的工作单位！",
    "The input is not valid Email!": "您输入的电子邮箱格式错误！",
    "Please input your Email!": "请输入您的电子邮箱！",
-    "Confirm password": "确认密码",
+    "Confirm": "确认密码",
    "Please confirm your password!": "请再次确认您的密码！",
    "Your confirmed password is inconsistent with the password!": "您两次输入的密码不一致！",
    "Please input your phone number!": "请输入您的手机号码！",