changeset 871:54f6c5b86a87

server, browser: new "allow_registration" option to enable/disable new account registration through Liberia interface
author Goffi <goffi@goffi.org>
date Mon, 29 Feb 2016 12:40:14 +0100
parents a05f3b24f2ec
children fa29524774d6
files src/browser/libervia_main.py src/browser/sat_browser/register.py src/server/server.py src/twisted/plugins/libervia_server.py
diffstat 4 files changed, 52 insertions(+), 38 deletions(-) [+]
line wrap: on
line diff
--- a/src/browser/libervia_main.py	Mon Feb 29 12:37:58 2016 +0100
+++ b/src/browser/libervia_main.py	Mon Feb 29 12:40:14 2016 +0100
@@ -325,7 +325,7 @@
         if not metadata['plugged']:
             warning = metadata.get("warning")
             self.panel.setStyleAttribute("opacity", "0.25")  # set background transparency
-            self._register_box = register.RegisterBox(self.logged)
+            self._register_box = register.RegisterBox(self.logged, metadata)
             self._register_box.centerBox()
             self._register_box.show()
             if warning:
--- a/src/browser/sat_browser/register.py	Mon Feb 29 12:37:58 2016 +0100
+++ b/src/browser/sat_browser/register.py	Mon Feb 29 12:40:14 2016 +0100
@@ -48,9 +48,10 @@
 
 class RegisterPanel(FormPanel):
 
-    def __init__(self, callback):
+    def __init__(self, callback, session_data):
         """
-        @param callback: method to call if login successful
+        @param callback(callable): method to call if login successful
+        @param session_data(dict): session metadata
         """
         FormPanel.__init__(self)
         self.setSize('600px', '350px')
@@ -93,50 +94,51 @@
         login_but.setStyleName('button')
         login_but.addStyleName('red')
         login_vpanel.add(login_but)
+        self.right_side.add(login_stack, 'Return to the login screen')
 
         #The hidden submit_type field
         self.submit_type = Hidden('submit_type')
         login_vpanel.add(self.submit_type)
 
         ##Register stack##
-        register_stack = SimplePanel()
-        register_stack.setStyleName('registerPanel_content')
-        register_vpanel = VerticalPanel()
-        register_stack.setWidget(register_vpanel)
+        if session_data["allow_registration"]:
+            register_stack = SimplePanel()
+            register_stack.setStyleName('registerPanel_content')
+            register_vpanel = VerticalPanel()
+            register_stack.setWidget(register_vpanel)
 
-        self.register_warning_msg = HTML('')
-        self.register_warning_msg.setStyleName('formWarning')
-        register_vpanel.add(self.register_warning_msg)
+            self.register_warning_msg = HTML('')
+            self.register_warning_msg.setStyleName('formWarning')
+            register_vpanel.add(self.register_warning_msg)
 
-        register_login_label = Label('Login:')
-        self.register_login_box = TextBox()
-        self.register_login_box.setName("register_login")
-        self.register_login_box.addKeyboardListener(self)
-        email_label = Label('E-mail:')
-        self.email_box = TextBox()
-        self.email_box.setName("email")
-        self.email_box.addKeyboardListener(self)
-        register_pass_label = Label('Password:')
-        self.register_pass_box = PasswordTextBox()
-        self.register_pass_box.setName("register_password")
-        self.register_pass_box.addKeyboardListener(self)
-        register_vpanel.add(register_login_label)
-        register_vpanel.add(self.register_login_box)
-        register_vpanel.add(email_label)
-        register_vpanel.add(self.email_box)
-        register_vpanel.add(register_pass_label)
-        register_vpanel.add(self.register_pass_box)
+            register_login_label = Label('Login:')
+            self.register_login_box = TextBox()
+            self.register_login_box.setName("register_login")
+            self.register_login_box.addKeyboardListener(self)
+            email_label = Label('E-mail:')
+            self.email_box = TextBox()
+            self.email_box.setName("email")
+            self.email_box.addKeyboardListener(self)
+            register_pass_label = Label('Password:')
+            self.register_pass_box = PasswordTextBox()
+            self.register_pass_box.setName("register_password")
+            self.register_pass_box.addKeyboardListener(self)
+            register_vpanel.add(register_login_label)
+            register_vpanel.add(self.register_login_box)
+            register_vpanel.add(email_label)
+            register_vpanel.add(self.email_box)
+            register_vpanel.add(register_pass_label)
+            register_vpanel.add(self.register_pass_box)
 
-        register_but = Button("Register a new account", getattr(self, "onRegister"))
-        register_but.setStyleName('button')
-        register_but.addStyleName('red')
-        register_vpanel.add(register_but)
+            register_but = Button("Register a new account", getattr(self, "onRegister"))
+            register_but.setStyleName('button')
+            register_but.addStyleName('red')
+            register_vpanel.add(register_but)
 
-        self.right_side.add(login_stack, 'Return to the login screen')
-        self.right_side.add(register_stack, 'No account yet? Create a new one!')
-        self.right_side.addStackChangeListener(self)
+            self.right_side.add(register_stack, 'No account yet? Create a new one!')
+            self.right_side.addStackChangeListener(self)
+            register_stack.setWidth(None)
         login_stack.setWidth(None)
-        register_stack.setWidth(None)
 
         self.add(main_panel)
         self.addFormHandler(self)
@@ -268,9 +270,9 @@
 
 class RegisterBox(PopupPanel):
 
-    def __init__(self, callback, *args, **kwargs):
+    def __init__(self, callback, session_data, *args, **kwargs):
         PopupPanel.__init__(self, *args, **kwargs)
-        self._form = RegisterPanel(callback)
+        self._form = RegisterPanel(callback, session_data)
         self.setWidget(self._form)
 
     def onWindowResized(self, width, height):
--- a/src/server/server.py	Mon Feb 29 12:37:58 2016 +0100
+++ b/src/server/server.py	Mon Feb 29 12:40:14 2016 +0100
@@ -943,6 +943,9 @@
             return C.BAD_REQUEST
 
         if submit_type == 'register':
+            if not self.sat_host.options["allow_registration"]:
+                log.warning(u"Registration received while it is not allowed, hack attempt?")
+                return exceptions.PermissionError(u"Registration is not allowed on this server")
             return self._registerNewAccount(request)
         elif submit_type == 'login':
             d = self.asyncBridgeCall("getNewAccountDomain")
@@ -996,6 +999,11 @@
             profile = self.sat_host.bridge.getProfileName(login)
         except Exception:  # XXX: ProfileUnknownError wouldn't work, it's encapsulated
             if login_jid is not None and login_jid.user:  # try to create a new sat profile using the XMPP credentials
+                if not self.sat_host.options["allow_registration"]:
+                    log.warning(u"Trying to register JID account while registration is not allowed")
+                    request.write(C.PROFILE_AUTH_ERROR)
+                    request.finish()
+                    return
                 profile = login # FIXME: what if there is a resource?
                 connect_method = "asyncConnectWithXMPPCredentials"
                 register_with_ext_jid = True
@@ -1140,6 +1148,8 @@
             "plugged" (bool): True if a profile is already plugged
             "warning" (unicode): a security warning message if plugged is False and if it make sense
                 this key may not be present
+            "allow_registration" (bool): True if registration is allowed
+                this key is only present if profile is unplugged
         @return: a couple (registered, message) with:
         - registered:
         - message:
@@ -1152,6 +1162,7 @@
         else:
             metadata["plugged"] = False
             metadata["warning"] = self._getSecurityWarning()
+            metadata["allow_registration"] = self.sat_host.options["allow_registration"]
         return metadata
 
     def jsonrpc_registerParams(self):
--- a/src/twisted/plugins/libervia_server.py	Mon Feb 29 12:37:58 2016 +0100
+++ b/src/twisted/plugins/libervia_server.py	Mon Feb 29 12:40:14 2016 +0100
@@ -108,6 +108,7 @@
                        ['security_warning', 'w', True, _(u'Warn user that he is about to connect on HTTP.').encode('utf-8'), coerceBool],
                        ['passphrase', 'k', '', (_(u"Passphrase for the SàT profile named '%s'") % C.SERVICE_PROFILE).encode('utf-8'), str],
                        ['data_dir', 'd', DATA_DIR_DEFAULT, _(u'Data directory for Libervia').encode('utf-8'), coerceDataDir],
+                       ['allow_registration', '', True, _(u'Allow user to register new account').encode('utf-8'), coerceBool],
                       ]  # options which are in sat.conf and on command line, see https://twistedmatrix.com/documents/current/api/twisted.python.usage.Options.html
 # Options which are in sat.conf only
 OPT_PARAMETERS_CFG = [