Reject registrations if not allowed by settings.

2024-06-16 20:20:44 +00:00 · 2020-06-01 22:02:38 +01:00 · 2020-06-01 22:02:38 +01:00 · e0a009a0f1
parent fffffc1f32
commit e0a009a0f1
1 changed files with 4 additions and 0 deletions
--- a/fedireads/view_actions.py
+++ b/fedireads/view_actions.py
@ -8,6 +8,7 @@ from django.core.files.base import ContentFile
 from django.http import HttpResponseBadRequest, HttpResponseNotFound
 from django.shortcuts import redirect
 from django.template.response import TemplateResponse
+from django.core.exceptions import PermissionDenied

 from fedireads import books_manager
 from fedireads import forms, models, outgoing
@ -49,6 +50,9 @@ def register(request):
    if request.method == 'GET':
        return redirect('/login')

+    if not models.SiteSettings.get().allow_registration:
+        raise PermissionDenied
+
    form = forms.RegisterForm(request.POST)
    if not form.is_valid():
        return redirect('/register/')