Closed
Bug 86029
Opened 23 years ago
Closed 22 years ago
create permission restrictions for createaccount.cgi (prevent people from creating accounts)
Categories
(Bugzilla :: Administration, task, P3)
Tracking
()
RESOLVED
FIXED
Bugzilla 2.18
People
(Reporter: timeless, Assigned: bugreport)
References
()
Details
Attachments
(1 file)
5.11 KB,
patch
|
burnus
:
review+
|
Details | Diff | Splinter Review |
How can I administer such that only the adminstrator can create user login accounts ? Vanilla bugzilla allows anyone to create a login account. The following possibilities should probably exist: a. allow account creation based on email request b. allow account creation by guests who are not logged in c. allow account creation by people who are logged in and have some privelege while enabling b doesn't make much sense, it might not unreasonable to discourage people from creating multiple accounts. c is probably what most people want. a is probably worthy of it's own bug. The specific privelege for C is probably the most interesting question, should it be something you can control by adding people to a group, or like a checkbox in edit users, or ...
Comment 1•23 years ago
|
||
At the moment there's just an "administrator" group. I'm not convinced we need a separate group for account creation. A more useful middle-ground might be to restrict the email addresses that can be registered through the normal account creation process.
Comment 3•23 years ago
|
||
You can already restrict the email addresses that can create accounts. For instance, if you only wanted people @netscape.com to be able to create accounts, all you'd need to do is change the "emailregexp" param to: ^[^@, ]*@netscape\.com$
Comment 4•23 years ago
|
||
I said "restrict who can create accounts through the normal interface" not "restrict who can have accounts". AFAIK this currently can't be done.
Comment 6•23 years ago
|
||
This is fairly important for a certain class of customer, so I'll move this to 2.16.
Priority: -- → P3
Target Milestone: --- → Bugzilla 2.16
Comment 7•23 years ago
|
||
-> Bugzilla product, Administration component, reassigning.
Assignee: tara → justdave
Component: Bugzilla → Administration
Product: Webtools → Bugzilla
Version: Bugzilla 2.13 → 2.13
Comment 8•23 years ago
|
||
If you just do not want that new accounts are created by sending an email,
you have to modify a single line in CGI.PL. So every account has to be created
by users with the "create user"-permission:
sub confirm_login {
my ($nexturl) = (@_);
# Uncommenting the next line can help debugging...
# print "Content-type: text/plain\n\n";
ConnectToDatabase();
# I'm going to reorganize some of this stuff a bit. Since we're adding
# a second possible validation method (LDAP), we need to move some of this
# to a later section. -Joe Robins, 8/3/00
my $enteredlogin = "";
my $realcryptpwd = "";
if (defined $::FORM{"Bugzilla_login"} &&
defined $::FORM{"Bugzilla_password"}) {
$enteredlogin = $::FORM{"Bugzilla_login"};
my $enteredpwd = $::FORM{"Bugzilla_password"};
CheckEmailSyntax($enteredlogin);
$realcryptpwd = PasswordForLogin($::FORM{"Bugzilla_login"});
if (defined $::FORM{"PleaseMailAPassword"}) {
my $realpwd;
if ($realcryptpwd eq "") {
>>>
# $realpwd = InsertNewUser($enteredlogin, "");
$realpwd = "\n\no account created!\n\n please contact the webmaster";
<<<
} else {
SendSQL("select password from profiles where login_name = " .
SqlQuote($enteredlogin));
$realpwd = FetchOneColumn();
}
print "Content-type: text/html\n\n";
PutHeader("Password has been emailed");
MailPassword($enteredlogin, $realpwd);
PutFooter();
exit;
}
Comment 9•23 years ago
|
||
We are currently trying to wrap up Bugzilla 2.16. We are now close enough to release time that anything that wasn't already ranked at P1 isn't going to make the cut. Thus this is being retargetted at 2.18. If you strongly disagree with this retargetting, please comment, however, be aware that we only have about 2 weeks left to review and test anything at this point, and we intend to devote this time to the remaining bugs that were designated as release blockers.
Target Milestone: Bugzilla 2.16 → Bugzilla 2.18
Updated•22 years ago
|
Summary: create permission restrictions for createaccount.cgi → create permission restrictions for createaccount.cgi (prevent people from creating accounts)
Comment 10•22 years ago
|
||
*** Bug 140678 has been marked as a duplicate of this bug. ***
Comment 11•22 years ago
|
||
This should work as follows: - have a parameter that contains the createemailregexp. - some special value or another parameter will block creation entirely, removing account creation links and locking off the CGI. - if you try to create an account the matches emailregexp but not createemailregexp it should give a message saying only administrators can create an account with this address.
Assignee | ||
Comment 12•22 years ago
|
||
Assignee | ||
Updated•22 years ago
|
Attachment #107661 -
Flags: review?(justdave)
Comment 14•22 years ago
|
||
Comment on attachment 107661 [details] [diff] [review] The patch r=burnus user-error.html.tmpl >+ Nit: Remove those four spaces.
Attachment #107661 -
Flags: review?(justdave) → review+
Assignee | ||
Updated•22 years ago
|
Status: NEW → ASSIGNED
Flags: approval?
Updated•22 years ago
|
Flags: approval? → approval+
Assignee | ||
Comment 15•22 years ago
|
||
checked in
Status: ASSIGNED → RESOLVED
Closed: 22 years ago
Resolution: --- → FIXED
Updated•12 years ago
|
QA Contact: matty_is_a_geek → default-qa
You need to log in
before you can comment on or make changes to this bug.
Description
•