From 9ac1e333d6b811dd323280a78a6ee688deab81ad Mon Sep 17 00:00:00 2001
From: roschaefer <git@roschaefer.de>
Date: Tue, 8 Oct 2019 00:51:40 +0200
Subject: [PATCH] feat: implement public registration checks

---
 backend/.env.template                           |  1 +
 backend/src/config/index.js                     | 14 ++++++++++++--
 backend/src/middleware/permissionsMiddleware.js |  4 +++-
 webapp/.env.template                            |  1 +
 webapp/locales/de.json                          |  1 +
 webapp/locales/en.json                          |  1 +
 webapp/nuxt.config.js                           |  6 +++++-
 webapp/pages/registration/signup.vue            | 13 ++++++++++++-
 8 files changed, 36 insertions(+), 5 deletions(-)

diff --git a/backend/.env.template b/backend/.env.template
index 6697f09c4..5ecc5a5c4 100644
--- a/backend/.env.template
+++ b/backend/.env.template
@@ -17,3 +17,4 @@ PRIVATE_KEY_PASSPHRASE="a7dsf78sadg87ad87sfagsadg78"
 
 SENTRY_DSN_BACKEND=
 COMMIT=
+PUBLIC_REGISTRATION=false
diff --git a/backend/src/config/index.js b/backend/src/config/index.js
index 3709b5cc3..00361ba63 100644
--- a/backend/src/config/index.js
+++ b/backend/src/config/index.js
@@ -21,7 +21,12 @@ const {
   GRAPHQL_URI = 'http://localhost:4000',
 } = process.env
 
-export const requiredConfigs = { MAPBOX_TOKEN, JWT_SECRET, PRIVATE_KEY_PASSPHRASE }
+export const requiredConfigs = {
+  MAPBOX_TOKEN,
+  JWT_SECRET,
+  PRIVATE_KEY_PASSPHRASE,
+}
+
 export const smtpConfigs = {
   SMTP_HOST,
   SMTP_PORT,
@@ -30,7 +35,12 @@ export const smtpConfigs = {
   SMTP_PASSWORD,
 }
 export const neo4jConfigs = { NEO4J_URI, NEO4J_USERNAME, NEO4J_PASSWORD }
-export const serverConfigs = { GRAPHQL_PORT, CLIENT_URI, GRAPHQL_URI }
+export const serverConfigs = {
+  GRAPHQL_PORT,
+  CLIENT_URI,
+  GRAPHQL_URI,
+  PUBLIC_REGISTRATION: process.env.PUBLIC_REGISTRATION === 'true',
+}
 
 export const developmentConfigs = {
   DEBUG: process.env.NODE_ENV !== 'production' && process.env.DEBUG,
diff --git a/backend/src/middleware/permissionsMiddleware.js b/backend/src/middleware/permissionsMiddleware.js
index 8343443c9..df87f743e 100644
--- a/backend/src/middleware/permissionsMiddleware.js
+++ b/backend/src/middleware/permissionsMiddleware.js
@@ -111,6 +111,8 @@ const noEmailFilter = rule({
   return !('email' in args)
 })
 
+const publicRegistration = rule()(() => !!CONFIG.PUBLIC_REGISTRATION)
+
 // Permissions
 const permissions = shield(
   {
@@ -137,7 +139,7 @@ const permissions = shield(
       '*': deny,
       login: allow,
       SignupByInvitation: allow,
-      Signup: isAdmin,
+      Signup: or(publicRegistration, isAdmin),
       SignupVerification: allow,
       CreateInvitationCode: and(isAuthenticated, or(not(invitationLimitReached), isAdmin)),
       UpdateUser: onlyYourself,
diff --git a/webapp/.env.template b/webapp/.env.template
index bebdeaaaf..fdabcf003 100644
--- a/webapp/.env.template
+++ b/webapp/.env.template
@@ -1,3 +1,4 @@
 MAPBOX_TOKEN="pk.eyJ1IjoiaHVtYW4tY29ubmVjdGlvbiIsImEiOiJjajl0cnBubGoweTVlM3VwZ2lzNTNud3ZtIn0.KZ8KK9l70omjXbEkkbHGsQ"
 SENTRY_DSN_WEBAPP=
 COMMIT=
+PUBLIC_REGISTRATION=false
diff --git a/webapp/locales/de.json b/webapp/locales/de.json
index ae783e618..452855f77 100644
--- a/webapp/locales/de.json
+++ b/webapp/locales/de.json
@@ -26,6 +26,7 @@
     },
     "registration": {
       "signup": {
+        "unavailable": "Leider ist die öffentliche Registrierung von Benutzerkonten auf diesem Server derzeit nicht möglich.",
         "title": "Mach mit bei Human Connection!",
         "form": {
           "description": "Um loszulegen, gib deine E-Mail Adresse ein:",
diff --git a/webapp/locales/en.json b/webapp/locales/en.json
index 5e68ec50b..b89d9740d 100644
--- a/webapp/locales/en.json
+++ b/webapp/locales/en.json
@@ -27,6 +27,7 @@
     },
     "registration": {
       "signup": {
+        "unavailable": "Unfortunately, public registration of user accounts is not available right now on this server.",
         "title": "Join Human Connection!",
         "form": {
           "description": "To get started, enter your email address:",
diff --git a/webapp/nuxt.config.js b/webapp/nuxt.config.js
index 808c5982a..312e19325 100644
--- a/webapp/nuxt.config.js
+++ b/webapp/nuxt.config.js
@@ -1,6 +1,10 @@
 import path from 'path'
+import dotenv from 'dotenv'
+
+dotenv.config() // we want to synchronize @nuxt-dotenv and nuxt-env
+
 const pkg = require('./package')
-export const envWhitelist = ['NODE_ENV', 'MAPBOX_TOKEN']
+export const envWhitelist = ['NODE_ENV', 'MAPBOX_TOKEN', 'PUBLIC_REGISTRATION']
 const dev = process.env.NODE_ENV !== 'production'
 
 const styleguidePath = '../styleguide'
diff --git a/webapp/pages/registration/signup.vue b/webapp/pages/registration/signup.vue
index 6ba7164ca..c78dcc9af 100644
--- a/webapp/pages/registration/signup.vue
+++ b/webapp/pages/registration/signup.vue
@@ -1,19 +1,30 @@
 <template>
-  <signup :invitation="false" @submit="handleSubmitted">
+  <signup v-if="publicRegistration" :invitation="false" @submit="handleSubmitted">
     <ds-space centered margin-top="large">
       <nuxt-link to="/login">{{ $t('site.back-to-login') }}</nuxt-link>
     </ds-space>
   </signup>
+  <ds-space v-else centered>
+    <hc-empty icon="events" :message="$t('components.registration.signup.unavailable')" />
+    <nuxt-link to="/login">{{ $t('site.back-to-login') }}</nuxt-link>
+  </ds-space>
 </template>
 
 <script>
 import Signup from '~/components/Registration/Signup'
+import HcEmpty from '~/components/Empty.vue'
 
 export default {
   layout: 'no-header',
   components: {
+    HcEmpty,
     Signup,
   },
+  asyncData({ app }) {
+    return {
+      publicRegistration: app.$env.PUBLIC_REGISTRATION,
+    }
+  },
   methods: {
     handleSubmitted({ email }) {
       this.$router.push({ path: 'enter-nonce', query: { email } })