From e3b3a7608820d361a4c4bee2c9bb13c0d9562039 Mon Sep 17 00:00:00 2001 From: Yang Luo Date: Sat, 8 May 2021 00:23:08 +0800 Subject: [PATCH] Add willLog() and control access to signup page. --- controllers/account.go | 8 ++++++++ object/user.go | 13 ------------- routers/authz_filter.go | 19 +++++++++++++++---- web/src/App.js | 28 ++++++++++++++-------------- web/src/auth/SignupPage.js | 36 ++++++++++++++++++++++++++++++++++-- web/src/locales/en.json | 2 +- web/src/locales/zh.json | 2 +- 7 files changed, 73 insertions(+), 35 deletions(-) diff --git a/controllers/account.go b/controllers/account.go index 2b5218f0..43a3e8f1 100644 --- a/controllers/account.go +++ b/controllers/account.go @@ -78,6 +78,14 @@ func (c *ApiController) Signup() { panic(err) } + application := object.GetApplication(fmt.Sprintf("admin/%s", form.Application)) + if !application.EnableSignUp { + resp = Response{Status: "error", Msg: "The application does not allow to sign up new account", Data: c.GetSessionUser()} + c.Data["json"] = resp + c.ServeJSON() + return + } + userId := fmt.Sprintf("%s/%s", form.Organization, form.Username) msg := object.CheckUserSignup(form.Organization, form.Username, form.Password, form.Name, form.Email, form.PhonePrefix, form.Phone, form.Affiliation) if msg != "" { diff --git a/object/user.go b/object/user.go index a29f61f3..58a682b4 100644 --- a/object/user.go +++ b/object/user.go @@ -86,15 +86,6 @@ func GetUser(id string) *User { return getUser(owner, name) } -func HasUser(id string) bool { - return GetUser(id) != nil -} - -func IsPasswordCorrect(userId string, password string) bool { - user := GetUser(userId) - return user.Password == password -} - func UpdateUser(id string, user *User) bool { owner, name := util.GetOwnerAndNameFromId(id) if getUser(owner, name) == nil { @@ -224,10 +215,6 @@ func GetUserField(user *User, field string) string { func GetMaskedUser(user *User) *User { user.Password = "***" - user.Github = "***" - user.Google = "***" - user.QQ = "***" - user.WeChat = "***" return user } diff --git a/routers/authz_filter.go b/routers/authz_filter.go index 6ff6e309..83bfd6dd 100644 --- a/routers/authz_filter.go +++ b/routers/authz_filter.go @@ -94,6 +94,13 @@ func denyRequest(ctx *context.Context) { } } +func willLog(subOwner string, subName string, method string, urlPath string, objOwner string, objName string) bool { + if subOwner == "anonymous" && subName == "anonymous" && method == "GET" && (urlPath == "/api/get-account" || urlPath == "/api/get-app-login") && objOwner == "" && objName == "" { + return false + } + return true +} + func AuthzFilter(ctx *context.Context) { subOwner, subName := getSubject(ctx) method := ctx.Request.Method @@ -106,10 +113,14 @@ func AuthzFilter(ctx *context.Context) { if isAllowed { result = "allow" } - logLine := fmt.Sprintf("subOwner = %s, subName = %s, method = %s, urlPath = %s, obj.Owner = %s, obj.Name = %s, result = %s", - subOwner, subName, method, urlPath, objOwner, objName, result) - fmt.Println(logLine) - util.LogInfo(ctx, logLine) + + if willLog(subOwner, subName, method, urlPath, objOwner, objName) { + logLine := fmt.Sprintf("subOwner = %s, subName = %s, method = %s, urlPath = %s, obj.Owner = %s, obj.Name = %s, result = %s", + subOwner, subName, method, urlPath, objOwner, objName, result) + fmt.Println(logLine) + util.LogInfo(ctx, logLine) + } + if !isAllowed { denyRequest(ctx) } diff --git a/web/src/App.js b/web/src/App.js index 2ffac81a..f8754992 100644 --- a/web/src/App.js +++ b/web/src/App.js @@ -219,20 +219,20 @@ class App extends Component { if (this.state.account === undefined) { return null; } else if (this.state.account === null) { - res.push( - - - {i18next.t("account:Sign Up")} - - - ); - res.push( - - - {i18next.t("account:Login")} - - - ); + // res.push( + // + // + // {i18next.t("account:Sign Up")} + // + // + // ); + // res.push( + // + // + // {i18next.t("account:Login")} + // + // + // ); } else { res.push(this.renderRightDropdown()); } diff --git a/web/src/auth/SignupPage.js b/web/src/auth/SignupPage.js index 02e7ac7b..cd62f517 100644 --- a/web/src/auth/SignupPage.js +++ b/web/src/auth/SignupPage.js @@ -14,7 +14,7 @@ import React from 'react'; import {Link} from "react-router-dom"; -import {Form, Input, Select, Checkbox, Button, Row, Col} from 'antd'; +import {Form, Input, Select, Checkbox, Button, Row, Col, Result} from 'antd'; import * as Setting from "../Setting"; import * as AuthBackend from "./AuthBackend"; import i18next from "i18next"; @@ -113,6 +113,26 @@ class SignupPage extends React.Component { } renderForm(application) { + if (!application.enableSignUp) { + return ( + { + Setting.goToLogin(this, application); + }}> + + + ]} + > + + ) + } + const prefixSelector = (