vbatts/quay
Archived
1
0
Fork 0
Code Issues Pull requests Releases Wiki Activity

Disable federated login for new users if user creation is disabled

Browse source 
Fixes https://www.pivotaltracker.com/story/show/144821585
This commit is contained in:
Joseph Schorr 2017-05-05 13:20:20 -04:00
parent 118ed4a37e
commit b3d7577473
3 changed files with 42 additions and 3 deletions
Download patch file Download diff file Expand all files Collapse all files

7
data/users/federated.py
View file

@ -10,6 +10,8 @@ logger = logging.getLogger(__name__)
UserInformation = namedtuple('UserInformation', ['username', 'email', 'id'])
DISABLED_MESSAGE = 'User creation is disabled. Please contact your adminstrator to gain access.'
class FederatedUsers(object):
""" Base class for all federated users systems. """
@ -96,7 +98,10 @@ class FederatedUsers(object):
def _get_and_link_federated_user_info(self, username, email):
db_user = model.user.verify_federated_login(self._federated_service, username)
if not db_user:
# We must create the user in our db
# We must create the user in our db. Check to see if this is allowed.
if not features.USER_CREATION:
return (None, DISABLED_MESSAGE)
valid_username = None
for valid_username in generate_valid_usernames(username):
if model.user.is_username_unique(valid_username):