[NEW] Alert admins when user requires approval & alert users when the account is approved/activated/deactivated

client/methods/unsetUserReason.js

@@ -0,0 +1,6 @@
+Meteor.methods({
+	unsetUserReason(userId) {
+		Meteor.users.update(userId, { $unset: { 'reason' : 1 } });
+		return true;
+	}
+});

packages/rocketchat-i18n/i18n/en.i18n.json

@@ -44,6 +44,8 @@
   "Accounts_Enrollment_Email_Default": "<h2>Welcome to <h1>[Site_Name]</h1></h2><p>Go to [Site_URL] and try the best open source chat solution available today!</p>",
   "Accounts_Enrollment_Email_Description": "You may use the following placeholders: <br /><ul><li>[name], [fname], [lname] for the user's full name, first name or last name, respectively.</li><li>[email] for the user's email.</li><li>[Site_Name] and [Site_URL] for the Application Name and URL respectively.</li></ul>",
   "Accounts_Enrollment_Email_Subject_Default": "Welcome to [Site_Name]",
+  "Accounts_Admin_Email_Approval_Needed_Default": "<p>The user <b>[name] ([email])</b> has been registered.</p><p>Reason: <b>[reason]</b></p><p>Please check Administration -> Users to activate or delete it.</p>",
+  "Accounts_Admin_Email_Approval_Needed_Subject_Default": "A new user registered and needs approval",
   "Accounts_ForgetUserSessionOnWindowClose": "Forget user session on window close",
   "Accounts_Iframe_api_method": "Api Method",
   "Accounts_Iframe_api_url": "API URL",
@@ -762,6 +764,7 @@
   "Invalid_name": "The name must not be empty",
   "Invalid_notification_setting_s": "Invalid notification setting: %s",
   "Invalid_pass": "The password must not be empty",
+  "Invalid_reason": "The reason to join must not be empty",
   "Invalid_room_name": "<strong>%s</strong> is not a valid room name,<br/> use only letters, numbers, hyphens and underscores",
   "Invalid_secret_URL_message": "The URL provided is invalid.",
   "Invalid_setting_s": "Invalid setting: %s",
@@ -1225,6 +1228,7 @@
   "Read_only_changed_successfully": "Read only changed successfully",
   "Read_only_channel": "Read Only Channel",
   "Read_only_group": "Read Only Group",
+  "Reason_To_Join": "Reason to Join",
   "Record": "Record",
   "Redirect_URI": "Redirect URI",
   "Refresh_oauth_services": "Refresh OAuth Services",
@@ -1724,4 +1728,4 @@
   "your_message_optional": "your message (optional)",
   "Your_password_is_wrong": "Your password is wrong!",
   "Your_push_was_sent_to_s_devices": "Your push was sent to %s devices"
-}
+}

packages/rocketchat-lib/lib/placeholders.js

@@ -14,6 +14,7 @@ RocketChat.placeholders.replace = function(str, data) {
 		str = str.replace(/\[lname\]/g, _.strRightBack(data.name, ' ') || '');
 		str = str.replace(/\[email\]/g, data.email || '');
 		str = str.replace(/\[password\]/g, data.password || '');
+		str = str.replace(/\[reason\]/g, data.reason || '');
 
 		if (data.unsubscribe) {
 			str = str.replace(/\[unsubscribe\]/g, data.unsubscribe);

packages/rocketchat-lib/server/functions/getFullUserData.js

@@ -6,7 +6,8 @@ RocketChat.getFullUserData = function({userId, filter, limit}) {
 		status: 1,
 		utcOffset: 1,
 		type: 1,
-		active: 1
+		active: 1,
+		reason: 1
 	};
 
 	if (RocketChat.authz.hasPermission(userId, 'view-full-other-user-info')) {

packages/rocketchat-lib/server/models/Users.js

@@ -9,6 +9,7 @@ class ModelUsers extends RocketChat.models._Base {
 		this.tryEnsureIndex({ 'active': 1 }, { sparse: 1 });
 		this.tryEnsureIndex({ 'statusConnection': 1 }, { sparse: 1 });
 		this.tryEnsureIndex({ 'type': 1 });
+		this.tryEnsureIndex({ 'reason': 1 });
 
 		this.cache.ensureIndex('username', 'unique');
 	}
@@ -493,6 +494,26 @@ class ModelUsers extends RocketChat.models._Base {
 		return this.update({ _id }, update);
 	}
 
+	setReason(_id, reason) {
+		const update = {
+			$set: {
+				reason
+			}
+		};
+
+		return this.update(_id, update);
+	}
+
+	unsetReason(_id) {
+		const update = {
+			$unset: {
+				'reason' : true
+			}
+		};
+
+		return this.update(_id, update);
+	}
+
 // INSERT
 	create(data) {
 		const user = {

packages/rocketchat-lib/server/startup/settings.js

@@ -95,6 +95,7 @@ RocketChat.settings.addGroup('Accounts', function() {
 			}
 		});
 		this.add('Accounts_ManuallyApproveNewUsers', false, {
+			'public': true,
 			type: 'boolean'
 		});
 		this.add('Accounts_AllowedDomainsList', '', {

packages/rocketchat-ui-flextab/client/tabs/userInfo.html

@@ -26,7 +26,7 @@ <h3 title="{{name}}"><i class="status-{{status}}"></i> {{name}}</h3>
 						{{#if hasPhone}}
 							{{#each phone}} <p class="secondary-font-color"><i class="icon-phone"></i> {{phoneNumber}}</p> {{/each}}
 						{{/if}}
-						{{#if lastLogin}} <p class="secondary-font-color"><i class="icon-calendar"></i> {{_ "Created_at"}}: {{createdAt}}</p> {{/if}}
+						{{#if createdAt}} <p class="secondary-font-color"><i class="icon-calendar"></i> {{_ "Created_at"}}: {{createdAt}}</p> {{/if}}
 						{{#if lastLogin}} <p class="secondary-font-color"><i class="icon-calendar"></i> {{_ "Last_login"}}: {{lastLogin}}</p> {{/if}}
 						{{#if services.facebook.id}} <p class="secondary-font-color"><i class="icon-facebook"></i><a href="{{services.facebook.link}}" target="_blank">{{services.facebook.name}}</a></p> {{/if}}
 						{{#if services.github.id}} <p class="secondary-font-color"><i class="icon-github-circled"></i><a href="https://www.github.com/{{services.github.username}}" target="_blank">{{services.github.username}}</a></p> {{/if}}
@@ -37,6 +37,11 @@ <h3 title="{{name}}"><i class="status-{{status}}"></i> {{name}}</h3>
 						{{#if services.twitter.id}} <p class="secondary-font-color"><i class="icon-twitter"></i><a href="https://twitter.com/{{services.twitter.screenName}}" target="_blank">{{services.twitter.screenName}}</a></p> {{/if}}
 						{{#if services.wordpress.id}} <p class="secondary-font-color"><i class="icon-wordpress"></i>{{services.wordpress.user_login}}</p> {{/if}}
 					{{/if}}
+					{{#if shouldDisplayReason}}
+						<p class="secondary-font-color">
+							{{_ "Reason_To_Join"}}: {{user.reason}}
+						</p>
+					{{/if}}
 				</div>
 			</div>
 			{{/with}}

packages/rocketchat-ui-flextab/client/tabs/userInfo.js

@@ -180,6 +180,11 @@ Template.userInfo.helpers({
 	isBlocker() {
 		const subscription = ChatSubscription.findOne({rid:Session.get('openedRoom'), 'u._id': Meteor.userId()}, { fields: { blocker: 1 } });
 		return subscription.blocker;
+	},
+
+	shouldDisplayReason() {
+		const user = Template.instance().user.get();
+		return RocketChat.settings.get('Accounts_ManuallyApproveNewUsers') && user.active === false && user.reason;
 	}
 });
 
@@ -390,6 +395,9 @@ Template.userInfo.events({
 		if (user) {
 			return Meteor.call('setUserActiveStatus', user._id, true, function(error, result) {
 				if (result) {
+
+					Meteor.call('unsetUserReason', user._id);
+
 					toastr.success(t('User_has_been_activated'));
 				}
 				if (error) {

packages/rocketchat-ui-login/client/login/form.html

@@ -73,6 +73,15 @@ <h2 data-i18n="Registration_Succeeded">{{{_ "Registration_Succeeded"}}}</h2>
 									</div>
 								</div>
 							{{/if}}
+							{{#if manuallyApproveNewUsers}}
+								<div class="input-line">
+									<label for="reason">{{_ "Reason_To_Join"}}</label>
+									<div>
+										<input type="text" name='reason' id="reason" />
+										<div class="input-error"></div>
+									</div>
+								</div>
+							{{/if}}
 						{{/if}}
 						{{#if state 'forgot-password' 'email-verification'}}
 							<div class="input-line">

packages/rocketchat-ui-login/client/login/form.js

@@ -58,6 +58,9 @@ Template.loginForm.helpers({
 	},
 	hasOnePassword() {
 		return typeof OnePassword !== 'undefined' && OnePassword.findLoginForUrl && typeof device !== 'undefined' && device.platform && device.platform.toLocaleLowerCase() === 'ios';
+	},
+	manuallyApproveNewUsers() {
+		return RocketChat.settings.get('Accounts_ManuallyApproveNewUsers');
 	}
 });
 
@@ -250,6 +253,9 @@ Template.loginForm.onCreated(function() {
 			if (RocketChat.settings.get('Accounts_RequirePasswordConfirmation') && formObj['confirm-pass'] !== formObj['pass']) {
 				validationObj['confirm-pass'] = t('Invalid_confirm_pass');
 			}
+			if (RocketChat.settings.get('Accounts_ManuallyApproveNewUsers') && !formObj['reason']) {
+				validationObj['reason'] = t('Invalid_reason');
+			}
 			validateCustomFields(formObj, validationObj);
 		}
 		$('#login-card h2').removeClass('error');

server/lib/accounts.js

@@ -9,6 +9,8 @@ Accounts.emailTemplates.siteName = RocketChat.settings.get('Site_Name');
 
 Accounts.emailTemplates.from = `${ RocketChat.settings.get('Site_Name') } <${ RocketChat.settings.get('From_Email') }>`;
 
+Accounts.emailTemplates.notifyAdmin = {};
+
 const verifyEmailHtml = Accounts.emailTemplates.verifyEmail.text;
 
 Accounts.emailTemplates.verifyEmail.html = function(user, url) {
@@ -56,6 +58,31 @@ Accounts.emailTemplates.enrollAccount.html = function(user = {}/*, url*/) {
 	return header + html + footer;
 };
 
+Accounts.emailTemplates.notifyAdmin.subject = function() {
+	const subject = TAPi18n.__('Accounts_Admin_Email_Approval_Needed_Subject_Default');
+	const siteName = RocketChat.settings.get('Site_Name');
+
+	return `[${ siteName }] ${ subject }`;
+};
+
+Accounts.emailTemplates.notifyAdmin.html = function(options = {}) {
+
+	let html;
+
+	html = TAPi18n.__('Accounts_Admin_Email_Approval_Needed_Default');
+
+	const header = RocketChat.placeholders.replace(RocketChat.settings.get('Email_Header') || '');
+	const footer = RocketChat.placeholders.replace(RocketChat.settings.get('Email_Footer') || '');
+
+	html = RocketChat.placeholders.replace(html, {
+		name: options.name,
+		email: options.email,
+		reason: options.reason
+	});
+
+	return header + html + footer;
+};
+
 Accounts.onCreateUser(function(options, user = {}) {
 	RocketChat.callbacks.run('beforeCreateUser', options, user);
 
@@ -91,6 +118,27 @@ Accounts.onCreateUser(function(options, user = {}) {
 		}
 	}
 
+	if (!user.active) {
+		user.emails.some((email) => {
+			const destinations = [];
+
+			RocketChat.models.Roles.findUsersInRole('admin').forEach(function(adminUser) {
+				destinations.push(`${ adminUser.name }<${ adminUser.emails[0].address }>`);
+			});
+
+			email = {
+				to: destinations,
+				from: RocketChat.settings.get('From_Email'),
+				subject: Accounts.emailTemplates.notifyAdmin.subject(),
+				html: Accounts.emailTemplates.notifyAdmin.html(options)
+			};
+
+			Meteor.defer(() => {
+				Email.send(email);
+			});
+		});
+	}
+
 	return user;
 });
 

server/methods/registerUser.js

@@ -2,6 +2,7 @@ Meteor.methods({
 	registerUser(formData) {
 		const AllowAnonymousRead = RocketChat.settings.get('Accounts_AllowAnonymousRead');
 		const AllowAnonymousWrite = RocketChat.settings.get('Accounts_AllowAnonymousWrite');
+		const manuallyApproveNewUsers = RocketChat.settings.get('Accounts_ManuallyApproveNewUsers');
 		if (AllowAnonymousRead === true && AllowAnonymousWrite === true && formData.email == null) {
 			const userId = Accounts.insertUserDoc({}, {
 				globalRoles: [
@@ -19,6 +20,12 @@ Meteor.methods({
 				name: String,
 				secretURL: Match.Optional(String)
 			}));
+
+			if (manuallyApproveNewUsers) {
+				check(formData, Match.ObjectIncluding({
+					reason: String
+				}));
+			}
 		}
 
 		if (RocketChat.settings.get('Accounts_RegistrationForm') === 'Disabled') {
@@ -31,9 +38,14 @@ Meteor.methods({
 
 		const userData = {
 			email: s.trim(formData.email.toLowerCase()),
-			password: formData.pass
+			password: formData.pass,
+			name: formData.name
 		};
 
+		if (manuallyApproveNewUsers) {
+			userData.reason = formData.reason;
+		}
+
 		// Check if user has already been imported and never logged in. If so, set password and let it through
 		const importedUser = RocketChat.models.Users.findOneByEmailAddress(s.trim(formData.email.toLowerCase()));
 		let userId;
@@ -46,6 +58,10 @@ Meteor.methods({
 
 		RocketChat.models.Users.setName(userId, s.trim(formData.name));
 
+		if (manuallyApproveNewUsers) {
+			RocketChat.models.Users.setReason(userId, s.trim(formData.reason));
+		}
+
 		RocketChat.saveCustomFields(userId, formData);
 
 		try {

server/methods/unsetUserReason.js

@@ -0,0 +1,27 @@
+Meteor.methods({
+	unsetUserReason(userId) {
+		check(userId, String);
+
+		if (!Meteor.userId()) {
+			throw new Meteor.Error('error-invalid-user', 'Invalid user', {
+				method: 'unsetUserReason'
+			});
+		}
+
+		if (RocketChat.authz.hasPermission(Meteor.userId(), 'edit-other-user-active-status') !== true) {
+			throw new Meteor.Error('error-not-allowed', 'Not allowed', {
+				method: 'unsetUserReason'
+			});
+		}
+
+		const user = RocketChat.models.Users.findOneById(userId);
+
+		if (user) {
+			RocketChat.models.Users.unsetReason(userId);
+
+			return true;
+		}
+
+		return false;
+	}
+});

tests/data/user.js

@@ -1,6 +1,7 @@
 export const username = `user.test.${ Date.now() }`;
 export const email = `${ username }@rocket.chat`;
 export const password = 'rocket.chat';
+export const reason = 'rocket.chat.reason';
 
 export const adminUsername = 'rocketchat.internal.admin.test';
 export const adminEmail = `${ adminUsername }@rocket.chat`;

tests/end-to-end/ui/03-user-creation.js

@@ -5,7 +5,7 @@ import loginPage from '../../pageobjects/login.page';
 import mainContent from '../../pageobjects/main-content.page';
 
 //test data imports
-import {username, email, password} from '../../data/user.js';
+import {username, email, password, reason} from '../../data/user.js';
 
 
 
@@ -22,7 +22,7 @@ describe('[User Creation]', function() {
 	it('it should create user', () => {
 		loginPage.gotToRegister();
 
-		loginPage.registerNewUser({username, email, password});
+		loginPage.registerNewUser({username, email, password, reason});
 
 		loginPage.inputUsername.waitForExist(5000);
 

tests/pageobjects/login.page.js

@@ -11,13 +11,15 @@ class LoginPage extends Page {
 	get emailField() { return browser.element('[name=email]'); }
 	get passwordField() { return browser.element('[name=pass]'); }
 	get confirmPasswordField() { return browser.element('[name=confirm-pass]'); }
+	get reasonField() { return browser.element('[reason]'); }
 	get inputUsername() { return browser.element('form#login-card input#username'); }
 
 	get emailOrUsernameInvalidText() { return browser.element('[name=emailOrUsername]~.input-error'); }
 	get nameInvalidText() { return browser.element('[name=name]~.input-error'); }
 	get emailInvalidText() { return browser.element('[name=email]~.input-error'); }
 	get passwordInvalidText() { return browser.element('[name=pass]~.input-error'); }
 	get confirmPasswordInvalidText() { return browser.element('[name=confirm-pass]~.input-error'); }
+	get reasonInvalidText() { return browser.element('[name=reason]~.input-error'); }
 	get registrationSucceededCard() { return browser.element('#login-card h2'); }
 
 	open() {
@@ -38,7 +40,7 @@ class LoginPage extends Page {
 		this.emailField.waitForVisible(15000);
 	}
 
-	registerNewUser({username, email, password}) {
+	registerNewUser({username, email, password, reason}) {
 		this.nameField.waitForVisible(5000);
 		this.nameField.setValue(username);
 		this.emailField.setValue(email);