User: Don't let deactivated users authenticate.
This commit is contained in:
parent
7438c177d9
commit
8521553ad9
|
@ -124,6 +124,9 @@ defmodule Pleroma.User do
|
||||||
timestamps()
|
timestamps()
|
||||||
end
|
end
|
||||||
|
|
||||||
|
@doc "Returns if the user should be allowed to authenticate"
|
||||||
|
def auth_active?(%User{deactivated: true}), do: false
|
||||||
|
|
||||||
def auth_active?(%User{confirmation_pending: true}),
|
def auth_active?(%User{confirmation_pending: true}),
|
||||||
do: !Pleroma.Config.get([:instance, :account_activation_required])
|
do: !Pleroma.Config.get([:instance, :account_activation_required])
|
||||||
|
|
||||||
|
|
|
@ -1195,6 +1195,13 @@ test "auth_active?/1 works correctly" do
|
||||||
refute User.auth_active?(local_user)
|
refute User.auth_active?(local_user)
|
||||||
assert User.auth_active?(confirmed_user)
|
assert User.auth_active?(confirmed_user)
|
||||||
assert User.auth_active?(remote_user)
|
assert User.auth_active?(remote_user)
|
||||||
|
|
||||||
|
# also shows unactive for deactivated users
|
||||||
|
|
||||||
|
deactivated_but_confirmed =
|
||||||
|
insert(:user, local: true, confirmation_pending: false, deactivated: true)
|
||||||
|
|
||||||
|
refute User.auth_active?(deactivated_but_confirmed)
|
||||||
end
|
end
|
||||||
|
|
||||||
describe "superuser?/1" do
|
describe "superuser?/1" do
|
||||||
|
|
Loading…
Reference in New Issue