inventree/InvenTree
2
0
Fork 0
mirror of https://github.com/inventree/InvenTree.git synced 2026-01-28 17:13:44 +00:00
Code Activity

fix (backend): finer grained registration control for Single Sign On (#11190)

Browse Source 
* finer grained registration control for Single Sign On
Fixes #11162

* fix for python 3.11
This commit is contained in:
Matthias Mair
2026-01-22 13:36:34 +01:00
committed by GitHub
parent ec2bf23627
commit 060e917fc9
1 changed files with 12 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files

19
src/backend/InvenTree/InvenTree/auth_overrides.py
View File

@@ -1,5 +1,7 @@
"""Overrides for allauth and adjacent packages to enforce InvenTree specific auth settings and restirctions.""" """Overrides for allauth and adjacent packages to enforce InvenTree specific auth settings and restirctions."""
from typing import Literal
from django import forms from django import forms
from django.conf import settings from django.conf import settings
from django.contrib.auth.models import Group from django.contrib.auth.models import Group
@@ -14,7 +16,6 @@ from allauth.account.forms import LoginForm, SignupForm, set_form_field_order
from allauth.headless.adapter import DefaultHeadlessAdapter from allauth.headless.adapter import DefaultHeadlessAdapter
from allauth.socialaccount.adapter import DefaultSocialAccountAdapter from allauth.socialaccount.adapter import DefaultSocialAccountAdapter
import InvenTree.sso
from common.settings import get_global_setting from common.settings import get_global_setting
from InvenTree.exceptions import log_error from InvenTree.exceptions import log_error
@@ -85,12 +86,12 @@ class CustomSignupForm(SignupForm):
return cleaned_data return cleaned_data
def registration_enabled(): RegistrationKeys = Literal['LOGIN_ENABLE_REG', 'LOGIN_ENABLE_SSO_REG']
def registration_enabled(setting_name: RegistrationKeys = 'LOGIN_ENABLE_REG'):
"""Determine whether user registration is enabled.""" """Determine whether user registration is enabled."""
if ( if get_global_setting(setting_name):
get_global_setting('LOGIN_ENABLE_REG')
or InvenTree.sso.sso_registration_enabled()
):
if is_email_configured(): if is_email_configured():
return True return True
else: else:
@@ -103,12 +104,14 @@ def registration_enabled():
class RegistrationMixin: class RegistrationMixin:
"""Mixin to check if registration should be enabled.""" """Mixin to check if registration should be enabled."""
REGISTRATION_SETTING: RegistrationKeys = 'LOGIN_ENABLE_REG'
def is_open_for_signup(self, request, *args, **kwargs): def is_open_for_signup(self, request, *args, **kwargs):
"""Check if signup is enabled in settings. """Check if signup is enabled in settings.
Configure the class variable `REGISTRATION_SETTING` to set which setting should be used, default: `LOGIN_ENABLE_REG`. Configure the class variable `REGISTRATION_SETTING` to set which setting should be used, default: `LOGIN_ENABLE_REG`.
""" """
if registration_enabled(): if registration_enabled(self.REGISTRATION_SETTING):
return super().is_open_for_signup(request, *args, **kwargs) return super().is_open_for_signup(request, *args, **kwargs)
return False return False
@@ -187,6 +190,8 @@ class CustomAccountAdapter(RegistrationMixin, DefaultAccountAdapter):
class CustomSocialAccountAdapter(RegistrationMixin, DefaultSocialAccountAdapter): class CustomSocialAccountAdapter(RegistrationMixin, DefaultSocialAccountAdapter):
"""Override of adapter to use dynamic settings.""" """Override of adapter to use dynamic settings."""
REGISTRATION_SETTING = 'LOGIN_ENABLE_SSO_REG'
def is_auto_signup_allowed(self, request, sociallogin): def is_auto_signup_allowed(self, request, sociallogin):
"""Check if auto signup is enabled in settings.""" """Check if auto signup is enabled in settings."""
if get_global_setting('LOGIN_SIGNUP_SSO_AUTO', True): if get_global_setting('LOGIN_SIGNUP_SSO_AUTO', True):