Permit LDAP users to register without capturing their password hash

We don't need it, and local auth fallback has been removed.

diff --git a/lib/pleroma/user.ex b/lib/pleroma/user.ex
index 09e606b370392fdae75970f692d7adf9aca6c5db..df9f34baa072d1fbe9cadaafd156b9083abd99fe 100644 (file)
--- a/lib/pleroma/user.ex
+++ b/lib/pleroma/user.ex
@@ -638,6 +638,25 @@ defmodule Pleroma.User do
   @spec force_password_reset(User.t()) :: {:ok, User.t()} | {:error, Ecto.Changeset.t()}
   def force_password_reset(user), do: update_password_reset_pending(user, true)
 
+  # Used to auto-register LDAP accounts which don't have a password hash
+  def register_changeset(struct, params = %{password: password})
+      when is_nil(password) do
+    params = Map.put_new(params, :accepts_chat_messages, true)
+
+    struct
+    |> cast(params, [
+      :name,
+      :nickname,
+      :accepts_chat_messages
+    ])
+    |> unique_constraint(:nickname)
+    |> validate_exclusion(:nickname, Config.get([User, :restricted_nicknames]))
+    |> validate_format(:nickname, local_nickname_regex())
+    |> put_ap_id()
+    |> unique_constraint(:ap_id)
+    |> put_following_and_follower_address()
+  end
+
   def register_changeset(struct, params \\ %{}, opts \\ []) do
     bio_limit = Config.get([:instance, :user_bio_length], 5000)
     name_limit = Config.get([:instance, :user_name_length], 100)

diff --git a/lib/pleroma/web/auth/ldap_authenticator.ex b/lib/pleroma/web/auth/ldap_authenticator.ex
index ec47f6f91194554795910d6b28cc5511937b114f..f667da68b90fa726a04c84c8e0ec41cdcf878455 100644 (file)
--- a/lib/pleroma/web/auth/ldap_authenticator.ex
+++ b/lib/pleroma/web/auth/ldap_authenticator.ex
@@ -88,7 +88,7 @@ defmodule Pleroma.Web.Auth.LDAPAuthenticator do
             user
 
           _ ->
-            register_user(connection, base, uid, name, password)
+            register_user(connection, base, uid, name)
         end
 
       error ->
@@ -96,7 +96,7 @@ defmodule Pleroma.Web.Auth.LDAPAuthenticator do
     end
   end
 
-  defp register_user(connection, base, uid, name, password) do
+  defp register_user(connection, base, uid, name) do
     case :eldap.search(connection, [
            {:base, to_charlist(base)},
            {:filter, :eldap.equalityMatch(to_charlist(uid), to_charlist(name))},
@@ -107,8 +107,7 @@ defmodule Pleroma.Web.Auth.LDAPAuthenticator do
         params = %{
           name: name,
           nickname: name,
-          password: password,
-          password_confirmation: password
+          password: nil
         }
 
         changeset = User.register_changeset(%User{}, params)