hamlab/mobilizon-frontend
2
0
Fork 0
Code Issues Pull Requests 1 Actions Packages Projects Releases Wiki Activity

fix: A disabled user can't create a new profile

Browse Source 
Fixes #1842
This commit is contained in:
Massedil
2025-10-08 12:33:13 +02:00
parent fe817a8d41
commit c7ab651449
2 changed files with 40 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

17
lib/graphql/resolvers/person.ex
View File

@@ -133,7 +133,7 @@ defmodule Mobilizon.GraphQL.Resolvers.Person do
def create_person(
_parent,
%{preferred_username: _preferred_username} = args,
%{context: %{current_user: user} = context} = _resolution
%{context: %{current_user: %{disabled: false} = user} = context} = _resolution
) do
args = Map.put(args, :user_id, user.id)
user_agent = Map.get(context, :user_agent, "")
@@ -160,6 +160,21 @@ defmodule Mobilizon.GraphQL.Resolvers.Person do
end
end
@doc """
A logged user that is banned stays logged-in.
We need to block the person creation to prevent the user to create new content
TODO: Best should be to destroy the session but it seems hard to do with token behaviour.
Link: https://framagit.org/kaihuri/mobilizon/-/issues/1842
Link: https://framagit.org/kaihuri/mobilizon/-/issues/1842#note_2255364
"""
def create_person(
_parent,
%{preferred_username: _preferred_username} = _args,
%{context: %{current_user: %{disabled: true} = _user} = _context} = _resolution
) do
{:error, :user_disabled}
end
def create_person(_parent, _args, _resolution) do
{:error, :unauthenticated}
end