Changed disable register mechanism to apply policy setting after admin user created rather than using DB user count checks.

2025-12-18 06:24:24 +01:00 · 2018-12-20 20:39:48 +01:00
parent cfaa5766ed
commit 0dcaf80c7f
3 changed files with 8 additions and 4 deletions
--- a/BTCPayServer/Controllers/AccountController.cs
+++ b/BTCPayServer/Controllers/AccountController.cs
@@ -242,7 +242,7 @@ namespace BTCPayServer.Controllers
        public async Task<IActionResult> Register(string returnUrl = null, bool logon = true)
        {
            var policies = await _SettingsRepository.GetSettingAsync<PoliciesSettings>() ?? new PoliciesSettings();
-            if (policies.LockSubscription && _userManager.Users.Count() > 0 && !User.IsInRole(Roles.ServerAdmin))
+            if (policies.LockSubscription && !User.IsInRole(Roles.ServerAdmin))
                return RedirectToAction(nameof(HomeController.Index), "Home");
            ViewData["ReturnUrl"] = returnUrl;
            ViewData["Logon"] = logon.ToString(CultureInfo.InvariantCulture).ToLowerInvariant();
@@ -257,7 +257,7 @@ namespace BTCPayServer.Controllers
            ViewData["ReturnUrl"] = returnUrl;
            ViewData["Logon"] = logon.ToString(CultureInfo.InvariantCulture).ToLowerInvariant();
            var policies = await _SettingsRepository.GetSettingAsync<PoliciesSettings>() ?? new PoliciesSettings();
-            if (policies.LockSubscription && _userManager.Users.Count() > 0 && !User.IsInRole(Roles.ServerAdmin))
+            if (policies.LockSubscription && !User.IsInRole(Roles.ServerAdmin))
                return RedirectToAction(nameof(HomeController.Index), "Home");
            if (ModelState.IsValid)
            {
@@ -271,6 +271,10 @@ namespace BTCPayServer.Controllers
                    {
                        await _RoleManager.CreateAsync(new IdentityRole(Roles.ServerAdmin));
                        await _userManager.AddToRoleAsync(user, Roles.ServerAdmin);
+
+                        // Once the admin user has been created lock subsequent user registrations until explicitly enabled.
+                        policies.LockSubscription = true;
+                        await _SettingsRepository.UpdateSetting(policies);
                    }

                    var code = await _userManager.GenerateEmailConfirmationTokenAsync(user);
--- a/BTCPayServer/Services/PoliciesSettings.cs
+++ b/BTCPayServer/Services/PoliciesSettings.cs
@@ -17,6 +17,6 @@ namespace BTCPayServer.Services

        [JsonProperty(DefaultValueHandling = DefaultValueHandling.Populate)]
        [Display(Name = "Disable registration")]
-        public bool LockSubscription { get; set; } = true;
+        public bool LockSubscription { get; set; }
    }
 }
--- a/BTCPayServer/Views/Shared/_Layout.cshtml
+++ b/BTCPayServer/Views/Shared/_Layout.cshtml
@@ -74,7 +74,7 @@
                        </li>}
                    else
                    {
-                        @if (themeManager.ShowRegister || UserManager.Users.Count() == 0)
+                        @if (themeManager.ShowRegister)
                        {
                            <li class="nav-item"><a asp-area="" asp-controller="Account" asp-action="Register" class="nav-link js-scroll-trigger">Register</a></li>
                        }