From 238a3ed5b22c47b426a277d3bff5198d02629325 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Bar=C4=B1=C5=9F=20Soner=20U=C5=9Fakl=C4=B1?= Date: Mon, 6 Jan 2025 10:22:31 -0500 Subject: [PATCH] fix: closes #13024, on register dont auto login with user doesn't have local:login privilege on login page show login form if at least one user group has local:login privilege, for example local:login might be removed from registered-users but verified-users can have login privilege so login form should be still visible --- src/controllers/authentication.js | 5 ++++- src/controllers/index.js | 4 +++- 2 files changed, 7 insertions(+), 2 deletions(-) diff --git a/src/controllers/authentication.js b/src/controllers/authentication.js index 6591459cf2c5..299bfa571b1b 100644 --- a/src/controllers/authentication.js +++ b/src/controllers/authentication.js @@ -49,7 +49,10 @@ async function registerAndLoginUser(req, res, userData) { const uid = await user.create(userData); if (res.locals.processLogin) { - await authenticationController.doLogin(req, uid); + const hasLoginPrivilege = await privileges.global.can('local:login', uid); + if (hasLoginPrivilege) { + await authenticationController.doLogin(req, uid); + } } // Distinguish registrations through invites from direct ones diff --git a/src/controllers/index.js b/src/controllers/index.js index 0e5dde32b61e..50c7fe444410 100644 --- a/src/controllers/index.js +++ b/src/controllers/index.js @@ -7,6 +7,7 @@ const meta = require('../meta'); const user = require('../user'); const plugins = require('../plugins'); const privileges = require('../privileges'); +const privilegesHelpers = require('../privileges/helpers'); const helpers = require('./helpers'); const Controllers = module.exports; @@ -124,7 +125,8 @@ Controllers.login = async function (req, res) { data.title = '[[pages:login]]'; data.allowPasswordReset = !meta.config['password:disableEdit']; - const hasLoginPrivilege = await privileges.global.canGroup('local:login', 'registered-users'); + const loginPrivileges = await privilegesHelpers.getGroupPrivileges(0, ['groups:local:login']); + const hasLoginPrivilege = !!loginPrivileges.find(privilege => privilege.privileges['groups:local:login']); data.allowLocalLogin = hasLoginPrivilege || parseInt(req.query.local, 10) === 1; if (!data.allowLocalLogin && !data.allowRegistration && data.alternate_logins && data.authentication.length === 1) {