Skip to content
GitLab
Menu
Projects
Groups
Snippets
Loading...
Help
Help
Support
Community forum
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in
Toggle navigation
Menu
Open sidebar
SRCT
go
Commits
8202f670
Commit
8202f670
authored
Aug 30, 2014
by
Chris Reffett
Browse files
Restrict signups: non-staff users can only sign themselves up.
Registered users may not sign up again.
parent
91ce88d8
Changes
3
Hide whitespace changes
Inline
Side-by-side
go/go/templates/navbar.html
View file @
8202f670
...
...
@@ -3,6 +3,7 @@
{% if user.is_authenticated %}
| [
<a
href=
"{% url 'my_links' %}"
>
My Links
</a>
]
{% if user.is_staff %}
| [
<a
href=
"{% url 'signup' %}"
>
User Registration
</a>
]
| [
<a
href=
"{% url 'adminpanel' %}"
>
Administration
</a>
]
{% endif %}
| [
<a
href=
"{% url 'go_logout' %}"
>
Log Out
</a>
]
...
...
go/go/templates/signup.html
View file @
8202f670
...
...
@@ -10,6 +10,7 @@ Go - Signup
<h3>
~Signup~
</h3>
{% if not registered %}
<p>
In order to succesfully provide this service, users must be manually
approved. This prevents misuse of the URL shortener. Please indicate below
...
...
@@ -69,5 +70,8 @@ if you are interested.
<br/><br/>
</form>
{% else %}
<p>
You are already signed up for Go.
</p>
<br/>
{% endif %}
{% endblock %}
go/go/views.py
View file @
8202f670
...
...
@@ -32,6 +32,19 @@ def is_approved( user ):
return
False
def
is_registered
(
user
):
"""
This function checks if a user account has a corresponding RegisteredUser,
thus checking if the user is registered.
"""
try
:
registered
=
RegisteredUser
.
objects
.
get
(
username
=
user
.
username
)
return
True
except
RegisteredUser
.
DoesNotExist
:
return
False
##############################################################################
"""
Define error page handling here.
...
...
@@ -187,13 +200,30 @@ def signup(request):
yourself, or another person.
"""
signup_form
=
SignupForm
()
if
is_registered
(
request
.
user
)
and
not
request
.
user
.
is_staff
:
return
render
(
request
,
'signup.html'
,
{
'registered'
:
True
,
},
)
signup_form
=
SignupForm
(
initial
=
{
'username'
:
request
.
user
.
username
})
# Non-staff have the username field read-only and pre-filled
if
request
.
user
.
is_staff
:
signup_form
=
SignupForm
()
else
:
signup_form
=
SignupForm
(
initial
=
{
'username'
:
request
.
user
.
username
})
signup_form
.
fields
[
'username'
].
widget
.
attrs
[
'readonly'
]
=
'readonly'
if
request
.
method
==
'POST'
:
signup_form
=
SignupForm
(
request
.
POST
,
initial
=
{
'approved'
:
False
})
signup_form
=
SignupForm
(
request
.
POST
,
initial
=
{
'approved'
:
False
,
'username'
:
request
.
user
.
username
})
if
signup_form
.
is_valid
():
username
=
signup_form
.
cleaned_data
.
get
(
'username'
)
# Prevent hax: if not staff, force the username back to the request username.
if
not
request
.
user
.
is_staff
:
username
=
request
.
user
.
username
else
:
username
=
signup_form
.
cleaned_data
.
get
(
'username'
)
full_name
=
signup_form
.
cleaned_data
.
get
(
'full_name'
)
description
=
signup_form
.
cleaned_data
.
get
(
'description'
)
...
...
@@ -209,6 +239,7 @@ def signup(request):
return
render
(
request
,
'signup.html'
,
{
'form'
:
signup_form
,
'registered'
:
False
,
},
)
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
.
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment