feat(users): add env var to disable users by default (#225)

.env.example

@@ -21,7 +21,6 @@ MAILER_SMTP_SECURITY=none
 MAILER_SMTP_USERNAME=
 MISC_CLIENT_IP_SOURCE=XRealIp
 MISC_CONFIRMATION_CODE_LENGTH=6
-MISC_DEFAULT_USER_ROLE=user
 MISC_FONT_PATH=/usr/share/fonts/truetype/dejavu/DejaVuSans.ttf
 MISC_IMAGE_OPS_FILTER_TYPE=CatmullRom
 MISC_INVITATION_CODE_LENGTH=6
@@ -30,3 +29,5 @@ MISC_MAX_POST_CONTENT_LENGTH=16384
 MISC_STORAGE_PATH=./storage
 SESSIONS_KEY=abcdefghijklmnopqrestuvvwxyz0123456789ABCDEFGHIJKLMNOPQRESTUVVWX
 SESSIONS_REDIS_URL=redis://127.0.0.1:6379/1
+USER_DEFAULT_DISABLED=false
+USER_DEFAULT_ROLE=user

.github/workflows/tests.yaml

@@ -39,8 +39,8 @@ env:
     JOBS_REDIS_URL: redis://127.0.0.1:6379/10
     LEPTOS_TAILWIND_VERSION: v4.0.6
     LEPTOS_WASM_OPT_VERSION: version_122
-    MISC_DEFAULT_USER_ROLE: creator
     SESSIONS_REDIS_URL: redis://127.0.0.1:6379/11
+    USER_DEFAULT_ROLE: creator
 
 jobs:
     unit_tests:

README.md

@@ -58,14 +58,15 @@ A free and open source website builder and content management system platform wr
 | MISC_CLIENT_IP_SOURCE           | String  | XRealIp                                                          |
 | MISC_CONFIRMATION_CODE_LENGTH   | Integer | 6                                                                |
 | MISC_FONT_PATH                  | String  | /usr/share/fonts/truetype/dejavu/DejaVuSans.ttf                  |
-| MISC_DEFAULT_USER_ROLE          | String  | user                                                             |
 | MISC_IMAGE_OPS_FILTER_TYPE      | String  | CatmullRom                                                       |
 | MISC_INVITATION_CODE_LENGTH     | Integer | 6                                                                |
 | MISC_MAX_COMMENT_CONTENT_LENGTH | Integer | 8192                                                             |
 | MISC_MAX_POST_CONTENT_LENGTH    | Integer | 16384                                                            |
 | MISC_STORAGE_PATH               | String  | ./storage                                                        |
 | SESSIONS_KEY                    | String  | abcdefghijklmnopqrestuvvwxyz0123456789ABCDEFGHIJKLMNOPQRESTUVVWX |
 | SESSIONS_REDIS_URL              | String  | redis://127.0.0.1:6379/1                                         |
+| USER_DEFAULT_DISABLED           | Boolean | false                                                            |
+| USER_DEFAULT_ROLE               | String  | user                                                             |
 
 ### Installation and setup
 

locales/fluent/en/mailer.ftl

@@ -1,3 +1,4 @@
+by-default-all-user-accounts-are-disabled-but-we-will-let-you-know-when-your-account-is-enabled = By default, all user accounts are disabled, but we will let you know when your account is enabled
 confirm-your-email = Confirm your email
 if-not-please-contact-us-at-the-following-email-address = If not, please contact us at the following email address
 if-you-have-any-questions-please-contact-us-at-the-following-email-address = If you have any questions, please contact us at the following email address

locales/fluent/es/mailer.ftl

@@ -1,3 +1,4 @@
+by-default-all-user-accounts-are-disabled-but-we-will-let-you-know-when-your-account-is-enabled = Por defecto, todas las cuentas de usuario están deshabilitadas, pero te informaremos cuando tu cuenta esté habilitada
 confirm-your-email = Confirmar tu correo electrónico
 if-not-please-contact-us-at-the-following-email-address = Si no, por favor contáctenos a la siguiente dirección de correo electrónico
 if-you-have-any-questions-please-contact-us-at-the-following-email-address = Si tienes alguna pregunta, por favor contáctenos a la siguiente dirección de correo electrónico

mango3-core/src/config/misc_config.rs

@@ -3,14 +3,11 @@ use std::path::{Path, PathBuf};
 use image::imageops::FilterType;
 use serde::{Deserialize, Serialize};
 
-use crate::enums::UserRole;
-
 use super::extract_from_env;
 
 #[derive(Deserialize, Serialize)]
 pub struct MiscConfig {
     pub client_ip_source: String,
-    default_user_role: String,
     pub(crate) confirmation_code_length: u8,
     pub(crate) font_path: String,
     image_ops_filter_type: String,
@@ -25,7 +22,6 @@ impl Default for MiscConfig {
         Self {
             client_ip_source: "XRealIp".to_owned(),
             confirmation_code_length: 6,
-            default_user_role: "user".to_owned(),
             font_path: "/usr/share/fonts/truetype/dejavu/DejaVuSans.ttf".to_owned(),
             image_ops_filter_type: "CatmullRom".to_owned(),
             invitation_code_length: 6,
@@ -44,10 +40,6 @@ impl MiscConfig {
         extract_from_env("MISC_")
     }
 
-    pub(crate) fn default_user_role(&self) -> UserRole {
-        (&self.default_user_role).into()
-    }
-
     pub(crate) fn image_ops_filter_type(&self) -> FilterType {
         match self.image_ops_filter_type.as_str() {
             "CatmullRom" => FilterType::CatmullRom,

mango3-core/src/config/mod.rs

@@ -10,11 +10,13 @@ mod basic_config;
 mod cache_config;
 mod mailer_config;
 mod misc_config;
+mod user_config;
 
 pub use basic_config::BasicConfig;
 pub(crate) use cache_config::CacheConfig;
 pub use mailer_config::MailerConfig;
 pub use misc_config::MiscConfig;
+pub(crate) use user_config::UserConfig;
 
 pub static BASIC_CONFIG: LazyLock<BasicConfig> = LazyLock::new(BasicConfig::load);
 pub(crate) static CACHE_CONFIG: LazyLock<CacheConfig> = LazyLock::new(CacheConfig::load);
@@ -23,6 +25,7 @@ pub(crate) static JOBS_CONFIG: LazyLock<JobsConfig> = LazyLock::new(JobsConfig::
 pub static MAILER_CONFIG: LazyLock<MailerConfig> = LazyLock::new(MailerConfig::load);
 pub static MISC_CONFIG: LazyLock<MiscConfig> = LazyLock::new(MiscConfig::load);
 pub static SESSIONS_CONFIG: LazyLock<SessionsConfig> = LazyLock::new(SessionsConfig::load);
+pub static USER_CONFIG: LazyLock<UserConfig> = LazyLock::new(UserConfig::load);
 
 pub fn load_config() {
     let _ = dotenv();

mango3-core/src/config/user_config.rs

@@ -0,0 +1,30 @@
+use serde::{Deserialize, Serialize};
+
+use crate::enums::UserRole;
+
+use super::extract_from_env;
+
+#[derive(Deserialize, Serialize)]
+pub struct UserConfig {
+    pub default_disabled: bool,
+    default_role: String,
+}
+
+impl Default for UserConfig {
+    fn default() -> Self {
+        Self {
+            default_disabled: false,
+            default_role: "user".to_owned(),
+        }
+    }
+}
+
+impl UserConfig {
+    pub(crate) fn load() -> Self {
+        extract_from_env("USER_")
+    }
+
+    pub(crate) fn default_role(&self) -> UserRole {
+        (&self.default_role).into()
+    }
+}

mango3-core/src/models/user/user_insert.rs

@@ -1,7 +1,7 @@
 use sqlx::types::Uuid;
 use sqlx::{query, query_as};
 
-use crate::config::MISC_CONFIG;
+use crate::config::USER_CONFIG;
 use crate::constants::{BLACKLISTED_SLUGS, REGEX_EMAIL, REGEX_USERNAME};
 use crate::enums::{Input, InputError, MailerJobCommand, UserRole};
 use crate::models::{encrypt_password, find_country, parse_date};
@@ -89,8 +89,13 @@ impl User {
                 birthdate,
                 language_code,
                 country_alpha2,
-                role
-            ) VALUES ($1::text, $2::text, $3, $4, $5, $6, $7, $8, $9) RETURNING
+                role,
+                disabled_at
+            ) VALUES (
+                $1::text, $2::text, $3, $4, $5, $6, $7, $8, $9,
+                (CASE WHEN $10 IS TRUE THEN current_timestamp ELSE NULL END)
+            )
+            RETURNING
                 id,
                 username,
                 email,
@@ -109,15 +114,16 @@ impl User {
                 disabled_at,
                 created_at,
                 updated_at"#,
-            username,                                      // $1
-            email,                                         // $2
-            encrypted_password,                            // $3
-            display_name,                                  // $4
-            full_name,                                     // $5
-            birthdate,                                     // $6
-            language_code,                                 // $7
-            country.unwrap().alpha2,                       // $8
-            &MISC_CONFIG.default_user_role() as &UserRole, // $9
+            username,                                 // $1
+            email,                                    // $2
+            encrypted_password,                       // $3
+            display_name,                             // $4
+            full_name,                                // $5
+            birthdate,                                // $6
+            language_code,                            // $7
+            country.unwrap().alpha2,                  // $8
+            &USER_CONFIG.default_role() as &UserRole, // $9
+            USER_CONFIG.default_disabled,             // $10
         )
         .fetch_one(&core_context.db_pool)
         .await;

mango3-monitor/src/constants.rs

@@ -19,6 +19,8 @@ pub const KEY_TEXT_WE_REGRET_TO_INFORM_YOU_THAT_WE_HAVE_DISABLED_YOUR_USER_ACCOU
 pub const KEY_TEXT_WELCOME_TO_TITLE: &str = "welcome-to-title";
 pub const KEY_TEXT_YOUR_USER_ACCOUNT_HAS_BEEN_ENABLED: &str = "your-user-account-has-been-enabled";
 pub const KEY_TEXT_YOUR_USER_ACCOUNT_HAS_BEEN_DISABLED: &str = "your-user-account-has-been-disabled";
+pub const KEY_TEXT_BY_DEFAULT_ALL_USER_ACCOUNTS_ARE_DISABLED_BUT_WE_WILL_LET_YOU_KNOW_WHEN_YOUR_ACCOUNT_IS_ENABLED:
+    &str = "by-default-all-user-accounts-are-disabled-but-we-will-let-you-know-when-your-account-is-enabled";
 
 pub const KEY_TEXT_ARG_ACTION: &str = "action";
 pub const KEY_TEXT_ARG_TITLE: &str = "title";

mango3-monitor/src/workers/mailer_worker.rs

@@ -2,15 +2,16 @@ use std::collections::HashMap;
 
 use apalis::prelude::Error;
 
-use mango3_core::config::BASIC_CONFIG;
+use mango3_core::config::{BASIC_CONFIG, USER_CONFIG};
 use mango3_core::enums::MailerJobCommand;
 use mango3_core::jobs::MailerJob;
 use mango3_core::locales::I18n;
 use mango3_core::models::User;
 
 use crate::constants::{
-    KEY_TEXT_ARG_ACTION, KEY_TEXT_ARG_TITLE, KEY_TEXT_CONFIRMATION_CODE, KEY_TEXT_HELLO,
-    KEY_TEXT_IF_NOT_PLEASE_CONTACT_US_AT_THE_FOLLOWING_EMAIL_ADDRESS,
+    KEY_TEXT_ARG_ACTION, KEY_TEXT_ARG_TITLE,
+    KEY_TEXT_BY_DEFAULT_ALL_USER_ACCOUNTS_ARE_DISABLED_BUT_WE_WILL_LET_YOU_KNOW_WHEN_YOUR_ACCOUNT_IS_ENABLED,
+    KEY_TEXT_CONFIRMATION_CODE, KEY_TEXT_HELLO, KEY_TEXT_IF_NOT_PLEASE_CONTACT_US_AT_THE_FOLLOWING_EMAIL_ADDRESS,
     KEY_TEXT_IF_YOU_HAVE_ANY_QUESTIONS_PLEASE_CONTACT_US_AT_THE_FOLLOWING_EMAIL_ADDRESS,
     KEY_TEXT_IF_YOU_RECOGNIZE_THIS_ACTION_YOU_CAN_IGNORE_THIS_MESSAGE, KEY_TEXT_NEW_USER_SESSION_STARTED,
     KEY_TEXT_SOMEONE_HAS_STARTED_A_USER_SESSION_WITH_YOUR_ACCOUNT, KEY_TEXT_USE_THIS_CODE_TO_ACTION,
@@ -62,6 +63,7 @@ pub async fn send_disabled_email(i18n: &I18n, user: &User) {
         i18n.text(KEY_TEXT_IF_YOU_HAVE_ANY_QUESTIONS_PLEASE_CONTACT_US_AT_THE_FOLLOWING_EMAIL_ADDRESS),
         BASIC_CONFIG.support_email_address
     );
+
     let _ = send_email(&user.email, &title, &message).await;
 }
 
@@ -75,14 +77,30 @@ pub async fn send_enabled_email(i18n: &I18n, user: &User) {
         i18n.text(KEY_TEXT_IF_YOU_HAVE_ANY_QUESTIONS_PLEASE_CONTACT_US_AT_THE_FOLLOWING_EMAIL_ADDRESS),
         BASIC_CONFIG.support_email_address
     );
+
     let _ = send_email(&user.email, &title, &message).await;
 }
 
 async fn send_welcome_email(i18n: &I18n, user: &User) {
     let mut text_args = HashMap::new();
     text_args.insert(KEY_TEXT_ARG_TITLE.into(), BASIC_CONFIG.title.clone().into());
     let title = i18n.text_with_args(KEY_TEXT_WELCOME_TO_TITLE, &text_args);
-    let message = format!("{} @{},\n\n{}", i18n.text(KEY_TEXT_HELLO), user.username, title);
+    let mut message = format!("{} @{},\n\n{}.\n\n", i18n.text(KEY_TEXT_HELLO), user.username, title);
+
+    if USER_CONFIG.default_disabled {
+        message += &format!(
+            "{}.\n\n",
+            i18n.text(
+                KEY_TEXT_BY_DEFAULT_ALL_USER_ACCOUNTS_ARE_DISABLED_BUT_WE_WILL_LET_YOU_KNOW_WHEN_YOUR_ACCOUNT_IS_ENABLED
+            )
+        );
+    }
+
+    message += &format!(
+        "{}: {}",
+        i18n.text(KEY_TEXT_IF_YOU_HAVE_ANY_QUESTIONS_PLEASE_CONTACT_US_AT_THE_FOLLOWING_EMAIL_ADDRESS),
+        BASIC_CONFIG.support_email_address
+    );
 
     let _ = send_email(&user.email, &title, &message).await;
 }