1
0
Fork 0

only assign auto-admin when sign up by web

This commit is contained in:
Unknwon 2015-08-19 04:58:45 +08:00
parent 928d9fc1d4
commit 47ac579f09
4 changed files with 14 additions and 12 deletions

View file

@ -206,7 +206,7 @@ func runWeb(ctx *cli.Context) {
m.Get("/issues", user.Issues)
}, reqSignIn)
// API.
// ***** START: API *****
// FIXME: custom form error response.
m.Group("/api", func() {
m.Group("/v1", func() {
@ -248,6 +248,7 @@ func runWeb(ctx *cli.Context) {
})
})
}, ignSignIn)
// ***** END: API *****
// ***** START: User *****
m.Group("/user", func() {

View file

@ -373,17 +373,9 @@ func CreateUser(u *User) (err error) {
} else if err = os.MkdirAll(UserPath(u.Name), os.ModePerm); err != nil {
sess.Rollback()
return err
} else if err = sess.Commit(); err != nil {
return err
}
// Auto-set admin for the first user.
if CountUsers() == 1 {
u.IsAdmin = true
u.IsActive = true
_, err = x.Id(u.Id).AllCols().Update(u)
}
return err
return sess.Commit()
}
func countUsers(e Engine) int64 {

View file

@ -80,7 +80,7 @@ func Toggle(options *ToggleOptions) macaron.Handler {
return
}
if !options.SignOutRequire && !options.DisableCsrf && ctx.Req.Method == "POST" {
if !options.SignOutRequire && !options.DisableCsrf && ctx.Req.Method == "POST" && !auth.IsAPIPath(ctx.Req.URL.Path) {
csrf.Validate(ctx.Context, ctx.csrf)
if ctx.Written() {
return

View file

@ -220,7 +220,6 @@ func SignUpPost(ctx *middleware.Context, cpt *captcha.Captcha, form auth.Registe
Passwd: form.Password,
IsActive: !setting.Service.RegisterEmailConfirm || isOauth,
}
if err := models.CreateUser(u); err != nil {
switch {
case models.IsErrUserAlreadyExist(err):
@ -242,6 +241,16 @@ func SignUpPost(ctx *middleware.Context, cpt *captcha.Captcha, form auth.Registe
}
log.Trace("Account created: %s", u.Name)
// Auto-set admin for the only user.
if models.CountUsers() == 1 {
u.IsAdmin = true
u.IsActive = true
if err := models.UpdateUser(u); err != nil {
ctx.Handle(500, "UpdateUser", err)
return
}
}
// Bind social account.
if isOauth {
if err := models.BindUserOauth2(u.Id, sid); err != nil {