1 yıl önce · f4a293ab27
--- a/logic/users.go
+++ b/logic/users.go
@@ -137,8 +137,6 @@ func InsertUserInvite(invite models.UserInvite) error {
 
				 	return database.Insert(invite.Email, string(data), database.USER_INVITES_TABLE_NAME)
			
 
				 }
			
 
				 
			
 
				-func ImportGroupsFromInvite() {}
			
 
				-
			
 
				 func GetUserInvite(email string) (in models.UserInvite, err error) {
			
 
				 	d, err := database.FetchRecord(database.USER_INVITES_TABLE_NAME, email)
			
 
				 	if err != nil {
			
--- a/pro/auth/azure-ad.go
+++ b/pro/auth/azure-ad.go
@@ -67,10 +67,7 @@ func handleAzureCallback(w http.ResponseWriter, r *http.Request) {
 
				 		handleOauthNotConfigured(w)
			
 
				 		return
			
 
				 	}
			
 
				-	if !isEmailAllowed(content.UserPrincipalName) {
			
 
				-		handleOauthUserNotAllowedToSignUp(w)
			
 
				-		return
			
 
				-	}
			
 
				+
			
 
				 	var inviteExists bool
			
 
				 	// check if invite exists for User
			
 
				 	in, err := logic.GetUserInvite(content.UserPrincipalName)
			
@@ -100,6 +97,10 @@ func handleAzureCallback(w http.ResponseWriter, r *http.Request) {
 
				 				logic.DeleteUserInvite(user.UserName)
			
 
				 				logic.DeletePendingUser(content.UserPrincipalName)
			
 
				 			} else {
			
 
				+				if !isEmailAllowed(content.UserPrincipalName) {
			
 
				+					handleOauthUserNotAllowedToSignUp(w)
			
 
				+					return
			
 
				+				}
			
 
				 				err = logic.InsertPendingUser(&models.User{
			
 
				 					UserName: content.UserPrincipalName,
			
 
				 				})
			
--- a/pro/auth/github.go
+++ b/pro/auth/github.go
@@ -67,10 +67,7 @@ func handleGithubCallback(w http.ResponseWriter, r *http.Request) {
 
				 		handleOauthNotConfigured(w)
			
 
				 		return
			
 
				 	}
			
 
				-	if !isEmailAllowed(content.Login) {
			
 
				-		handleOauthUserNotAllowedToSignUp(w)
			
 
				-		return
			
 
				-	}
			
 
				+
			
 
				 	var inviteExists bool
			
 
				 	// check if invite exists for User
			
 
				 	in, err := logic.GetUserInvite(content.Login)
			
@@ -99,6 +96,10 @@ func handleGithubCallback(w http.ResponseWriter, r *http.Request) {
 
				 				logic.DeleteUserInvite(user.UserName)
			
 
				 				logic.DeletePendingUser(content.Login)
			
 
				 			} else {
			
 
				+				if !isEmailAllowed(content.Login) {
			
 
				+					handleOauthUserNotAllowedToSignUp(w)
			
 
				+					return
			
 
				+				}
			
 
				 				err = logic.InsertPendingUser(&models.User{
			
 
				 					UserName: content.Login,
			
 
				 				})
			
--- a/pro/auth/google.go
+++ b/pro/auth/google.go
@@ -70,10 +70,7 @@ func handleGoogleCallback(w http.ResponseWriter, r *http.Request) {
 
				 		return
			
 
				 	}
			
 
				 	logger.Log(0, "CALLBACK ----> 1")
			
 
				-	if !isEmailAllowed(content.Email) {
			
 
				-		handleOauthUserNotAllowedToSignUp(w)
			
 
				-		return
			
 
				-	}
			
 
				+
			
 
				 	logger.Log(0, "CALLBACK ----> 2")
			
 
				 	var inviteExists bool
			
 
				 	// check if invite exists for User
			
@@ -107,6 +104,10 @@ func handleGoogleCallback(w http.ResponseWriter, r *http.Request) {
 
				 				logic.DeleteUserInvite(user.UserName)
			
 
				 				logic.DeletePendingUser(content.Email)
			
 
				 			} else {
			
 
				+				if !isEmailAllowed(content.Email) {
			
 
				+					handleOauthUserNotAllowedToSignUp(w)
			
 
				+					return
			
 
				+				}
			
 
				 				err = logic.InsertPendingUser(&models.User{
			
 
				 					UserName: content.Email,
			
 
				 				})
			
--- a/pro/auth/oidc.go
+++ b/pro/auth/oidc.go
@@ -80,10 +80,7 @@ func handleOIDCCallback(w http.ResponseWriter, r *http.Request) {
 
				 		handleOauthNotConfigured(w)
			
 
				 		return
			
 
				 	}
			
 
				-	if !isEmailAllowed(content.Email) {
			
 
				-		handleOauthUserNotAllowedToSignUp(w)
			
 
				-		return
			
 
				-	}
			
 
				+
			
 
				 	var inviteExists bool
			
 
				 	// check if invite exists for User
			
 
				 	in, err := logic.GetUserInvite(content.Login)
			
@@ -112,6 +109,10 @@ func handleOIDCCallback(w http.ResponseWriter, r *http.Request) {
 
				 				logic.DeleteUserInvite(user.UserName)
			
 
				 				logic.DeletePendingUser(content.Email)
			
 
				 			} else {
			
 
				+				if !isEmailAllowed(content.Email) {
			
 
				+					handleOauthUserNotAllowedToSignUp(w)
			
 
				+					return
			
 
				+				}
			
 
				 				err = logic.InsertPendingUser(&models.User{
			
 
				 					UserName: content.Email,
			
 
				 				})
			
--- a/pro/controllers/users.go
+++ b/pro/controllers/users.go
@@ -1237,8 +1237,9 @@ func approvePendingUser(w http.ResponseWriter, r *http.Request) {
 
				 				return
			
 
				 			}
			
 
				 			if err = logic.CreateUser(&models.User{
			
 
				-				UserName: user.UserName,
			
 
				-				Password: newPass,
			
 
				+				UserName:       user.UserName,
			
 
				+				Password:       newPass,
			
 
				+				PlatformRoleID: models.ServiceUser,
			
 
				 			}); err != nil {
			
 
				 				logic.ReturnErrorResponse(w, r, logic.FormatError(fmt.Errorf("failed to create user: %s", err), "internal"))
			
 
				 				return