fix: set default restricted for OAuth2 user (#7683)
- The OAuthCallback code that is responsible for creating a new user, if one does not exist yet, did not use `[service].ALLOW_ONLY_EXTERNAL_REGISTRATION` as default value for the restricted field of a user. - Resolves forgejo/forgejo#7681 - Add integration test. Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/7683 Reviewed-by: Earl Warren <earl-warren@noreply.codeberg.org> Co-authored-by: Gusted <postmaster@gusted.xyz> Co-committed-by: Gusted <postmaster@gusted.xyz>
This commit is contained in:
Gusted
Earl Warren
parent
00761a15d1
commit
2ce7affc9a
2 changed files with 26 additions and 1 deletions
|
|
@ -1079,7 +1079,7 @@ func SignInOAuthCallback(ctx *context.Context) {
|
|||
|
||||
isAdmin, isRestricted := getUserAdminAndRestrictedFromGroupClaims(source, &gothUser)
|
||||
u.IsAdmin = isAdmin.ValueOrDefault(false)
|
||||
u.IsRestricted = isRestricted.ValueOrDefault(false)
|
||||
u.IsRestricted = isRestricted.ValueOrDefault(setting.Service.DefaultUserIsRestricted)
|
||||
|
||||
if !createAndHandleCreatedUser(ctx, base.TplName(""), nil, u, overwriteDefault, &gothUser, setting.OAuth2Client.AccountLinking != setting.OAuth2AccountLinkingDisabled) {
|
||||
// error already handled
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue