critic icon indicating copy to clipboard operation
critic copied to clipboard

Published 20 hours ago verified publisher icon jensl

Unable to visit createuser when ALLOW_USER_REGISTRATION=True

Open SyuTingSong opened this issue 6 years ago • 6 comments

I get a access denided message when visiting /createuser even I install with ALLOW_USER_REGISTRATION = True

SyuTingSong avatar May 22 '18 04:05 SyuTingSong

What values do AUTHENTICATION_MODE and ALLOW_ANONYMOUS_USER have in your installation?

jensl avatar May 22 '18 08:05 jensl

AUTHENTICATION_MODE=critic ALLOW_ANONYMOUS_USER=False

2018-05-22 16:45 GMT+08:00 Jens Widell [email protected]:

What values do AUTHENTICATION_MODE and ALLOW_ANONYMOUS_USER have in your installation?

— You are receiving this because you authored the thread. Reply to this email directly, view it on GitHub https://github.com/jensl/critic/issues/134#issuecomment-390911667, or mute the thread https://github.com/notifications/unsubscribe-auth/AAphlMHjtNLAV33Febp95WN0ZQTN1JHbks5t09ApgaJpZM4UH9p8 .

SyuTingSong avatar May 22 '18 08:05 SyuTingSong

Okay. At https://critic-review.org/, where user registration is enabled and working, anonymous users are also allowed. I suppose user registration without anonymous access is broken. It has probably not been tested much. If you plan to allow user registration without any specific restrictions, maybe you could just allow anonymous access as well? Anonymous access is always read-only, so users would still need to register before creating reviews, writing comments or leaving any other traces in the system.

jensl avatar May 22 '18 09:05 jensl

Well, I am trying to disable user registration and allocate accounts by Administrator.

Thanks a lot.

2018-05-22 17:13 GMT+08:00 Jens Widell [email protected]:

Okay. At https://critic-review.org/, where user registration is enabled and working, anonymous users are also allowed. I suppose user registration without anonymous access is broken. It has probably not been tested much. If you plan to allow user registration without any specific restrictions, maybe you could just allow anonymous access as well? Anonymous access is always read-only, so users would still need to register before creating reviews, writing comments or leaving any other traces in the system.

— You are receiving this because you authored the thread. Reply to this email directly, view it on GitHub https://github.com/jensl/critic/issues/134#issuecomment-390920133, or mute the thread https://github.com/notifications/unsubscribe-auth/AAphlAViORhEGs8gt_rR_KwxDGN6BG76ks5t09angaJpZM4UH9p8 .

SyuTingSong avatar May 22 '18 09:05 SyuTingSong

I see. So this is just an issue you discovered while testing, but it doesn't really affect your desired configuration?

Thanks a lot for reporting it! I'll look into fixing it.

jensl avatar May 22 '18 09:05 jensl

I was configuring to allow registration so my teammate can setup their own accounts without asking me for help. I don't want any anonymous visiting to our code review system even it's read only. The verification email is limited to the domain of my organization.

2018-05-22 17:17 GMT+08:00 Jens Widell [email protected]:

I see. So this is just an issue you discovered while testing, but it doesn't really affect your desired configuration?

Thanks a lot for reporting it! I'll look into fixing it.

— You are receiving this because you authored the thread. Reply to this email directly, view it on GitHub https://github.com/jensl/critic/issues/134#issuecomment-390921637, or mute the thread https://github.com/notifications/unsubscribe-auth/AAphlNGVrv7UI4_IaKxihjqMZ_cqAhYNks5t09fDgaJpZM4UH9p8 .

SyuTingSong avatar May 22 '18 09:05 SyuTingSong