Respect DefaultUserIsRestricted system default when creating new user (#19310)

* Apply DefaultUserIsRestricted in CreateUser * Enforce system defaults in CreateUser Allow for overwrites with CreateUserOverwriteOptions * Fix compilation errors * Add "restricted" option to create user command * Add "restricted" option to create user admin api * Respect default setting.Service.RegisterEmailConfirm and setting.Service.RegisterManualConfirm where needed * Revert "Respect default setting.Service.RegisterEmailConfirm and setting.Service.RegisterManualConfirm where needed" This reverts commit ee95d3e8dc.
2022-04-29 21:38:11 +02:00 · 2022-04-29 21:38:11 +02:00 · 5aebc4f000
commit 5aebc4f000
parent 219c87e7d8
17 changed files with 169 additions and 84 deletions
--- a/services/auth/source/pam/source_authenticate.go
+++ b/services/auth/source/pam/source_authenticate.go
@ -12,6 +12,7 @@ import (
 	user_model "code.gitea.io/gitea/models/user"
 	"code.gitea.io/gitea/modules/auth/pam"
 	"code.gitea.io/gitea/modules/setting"
+	"code.gitea.io/gitea/modules/util"
 	"code.gitea.io/gitea/services/mailer"

 	"github.com/google/uuid"
@ -58,10 +59,12 @@ func (source *Source) Authenticate(user *user_model.User, userName, password str
 		LoginType:   auth.PAM,
 		LoginSource: source.authSource.ID,
 		LoginName:   userName, // This is what the user typed in
-		IsActive:    true,
+	}
+	overwriteDefault := &user_model.CreateUserOverwriteOptions{
+		IsActive: util.OptionalBoolTrue,
 	}

-	if err := user_model.CreateUser(user); err != nil {
+	if err := user_model.CreateUser(user, overwriteDefault); err != nil {
 		return user, err
 	}