From e32d037d5a89922f2459478366425c52c58fa5ff Mon Sep 17 00:00:00 2001
From: Julian Rother <julian@cccv.de>
Date: Wed, 2 Feb 2022 00:48:45 +0100
Subject: [PATCH] Remove ENABLE_INVITE/PASSWORDRESET/ROLESELFSERVICE options
The options were introduced to cleanly handle LDAP user connections. Since
LDAP support is now gone and hence user connections are gone too, these
options are no longer necessary. While the options may be useful in other
cases, we cannot continuously test them and so we are removing them for now.
---
tests/utils.py | 2 --
uffd/__init__.py | 13 +++----------
uffd/default_config.cfg | 4 ----
uffd/rolemod/templates/rolemod/show.html | 2 --
uffd/selfservice/templates/selfservice/self.html | 6 ------
uffd/selfservice/views.py | 3 ---
uffd/session/templates/session/login.html | 2 --
7 files changed, 3 insertions(+), 29 deletions(-)
diff --git a/tests/utils.py b/tests/utils.py
index 82194221..0fd6fbb8 100644
--- a/tests/utils.py
+++ b/tests/utils.py
@@ -65,8 +65,6 @@ class UffdTestCase(unittest.TestCase):
'SECRET_KEY': 'DEBUGKEY',
'MAIL_SKIP_SEND': True,
'SELF_SIGNUP': True,
- 'ENABLE_INVITE': True,
- 'ENABLE_PASSWORDRESET': True
}
self.app = create_app(config)
diff --git a/uffd/__init__.py b/uffd/__init__.py
index e370e999..55fa8360 100644
--- a/uffd/__init__.py
+++ b/uffd/__init__.py
@@ -59,7 +59,6 @@ def init_config(app: Flask, test_config):
app.config.setdefault("SECRET_KEY", secrets.token_hex(128))
def create_app(test_config=None): # pylint: disable=too-many-locals,too-many-statements
- # create and configure the app
app = Flask(__name__, instance_relative_config=False)
app.json_encoder = SQLAlchemyJSON
@@ -81,15 +80,9 @@ def create_app(test_config=None): # pylint: disable=too-many-locals,too-many-sta
db.init_app(app)
Migrate(app, db, render_as_batch=True, directory=os.path.join(app.root_path, 'migrations'))
- for i in user.bp + selfservice.bp + role.bp + mail.bp + session.bp + csrf.bp + mfa.bp + oauth2.bp + services.bp + rolemod.bp + api.bp:
- app.register_blueprint(i)
-
- if app.config['ENABLE_INVITE'] or app.config['SELF_SIGNUP']:
- for i in signup.bp:
- app.register_blueprint(i)
- if app.config['ENABLE_INVITE']:
- for i in invite.bp:
- app.register_blueprint(i)
+ for module in [user, selfservice, role, mail, session, csrf, mfa, oauth2, services, rolemod, api, signup, invite]:
+ for bp in module.bp:
+ app.register_blueprint(bp)
@app.shell_context_processor
def push_request_context(): #pylint: disable=unused-variable
diff --git a/uffd/default_config.cfg b/uffd/default_config.cfg
index 0628f106..8eadca78 100644
--- a/uffd/default_config.cfg
+++ b/uffd/default_config.cfg
@@ -33,10 +33,6 @@ MAIL_PASSWORD='*****'
MAIL_USE_STARTTLS=True
MAIL_FROM_ADDRESS='foo@bar.com'
-# The following settings are not available when using a user connection
-ENABLE_INVITE=True
-ENABLE_PASSWORDRESET=True
-ENABLE_ROLESELFSERVICE=True
# Do not enable this on a public service! There is no spam protection implemented at the moment.
SELF_SIGNUP=False
diff --git a/uffd/rolemod/templates/rolemod/show.html b/uffd/rolemod/templates/rolemod/show.html
index c1749468..7dba0f86 100644
--- a/uffd/rolemod/templates/rolemod/show.html
+++ b/uffd/rolemod/templates/rolemod/show.html
@@ -4,9 +4,7 @@
<form method="POST" action="{{ url_for("rolemod.update", role_id=role.id) }}">
<div class="float-sm-right pb-2">
- {% if config['ENABLE_INVITE'] %}
<a href="{{ url_for("invite.new", **{"role-%d"%role.id: 1}) }}" class="btn btn-primary mr-2"><i class="fa fa-link" aria-hidden="true"></i> {{_('Invite Members')}}</a>
- {% endif %}
<button type="submit" class="btn btn-primary"><i class="fa fa-save" aria-hidden="true"></i> {{_('Save')}}</button>
<a href="{{ url_for("rolemod.index") }}" class="btn btn-secondary">{{_('Cancel')}}</a>
</div>
diff --git a/uffd/selfservice/templates/selfservice/self.html b/uffd/selfservice/templates/selfservice/self.html
index 79f4b0da..d505d2bb 100644
--- a/uffd/selfservice/templates/selfservice/self.html
+++ b/uffd/selfservice/templates/selfservice/self.html
@@ -90,11 +90,7 @@
{% endif %}
</div>
<div class="col-12 col-md-7">
- {% if config['ENABLE_INVITE'] %}
<p>{{_("Administrators and role moderators can invite you to new roles.")}}</p>
- {% else %}
- <p>{{_("Administrators can add new roles to your account.")}}</p>
- {% endif %}
<table class="table">
<thead>
<tr>
@@ -113,11 +109,9 @@
</td>
<td>{{ role.description }}</td>
<td>
- {% if config['ENABLE_ROLESELFSERVICE'] %}
<form action="{{ url_for("selfservice.leave_role", roleid=role.id) }}" method="POST" onsubmit='return confirm({{_("Are you sure?")|tojson|e}});'>
<button type="submit" class="btn btn-sm btn-danger float-right">{{_("Leave")}}</button>
</form>
- {% endif %}
</td>
</tr>
{% endfor %}
diff --git a/uffd/selfservice/views.py b/uffd/selfservice/views.py
index 2be17e32..8760499a 100644
--- a/uffd/selfservice/views.py
+++ b/uffd/selfservice/views.py
@@ -130,9 +130,6 @@ def token_mail(token_id, token):
@csrf_protect(blueprint=bp)
@login_required(selfservice_acl_check)
def leave_role(roleid):
- if not current_app.config['ENABLE_ROLESELFSERVICE']:
- flash(_('Leaving roles is disabled'))
- return redirect(url_for('selfservice.index'))
role = Role.query.get_or_404(roleid)
role.members.remove(request.user)
request.user.update_groups()
diff --git a/uffd/session/templates/session/login.html b/uffd/session/templates/session/login.html
index 3818d943..fc3ba82e 100644
--- a/uffd/session/templates/session/login.html
+++ b/uffd/session/templates/session/login.html
@@ -26,9 +26,7 @@
{% if config['SELF_SIGNUP'] %}
<a href="{{ url_for("signup.signup_start") }}" class="float-left">{{_("Register")}}</a>
{% endif %}
- {% if config['ENABLE_PASSWORDRESET'] %}
<a href="{{ url_for("selfservice.forgot_password") }}" class="float-right">{{_("Forgot Password?")}}</a>
- {% endif %}
</div>
</form>
{% endblock %}
--
GitLab