aicam opened a new issue, #5587:
URL: https://github.com/apache/texera/issues/5587
### What happened?
In an invite-only deployment, a freshly-registered user is `INACTIVE` until
an admin approves them. While `INACTIVE`, the user cannot reach the
`@RolesAllowed("REGULAR", "ADMIN")` config endpoints.
The frontend reads the `inviteOnly` flag from `GET /config/user-system`
right after registration to decide whether to show the registration-request
form (which collects the user's affiliation/reason and triggers the admin
notification email).
#5305 moved `/config/user-system` from `@PermitAll` to
`@RolesAllowed("REGULAR", "ADMIN")`. As a result, an `INACTIVE` user's request
for `inviteOnly` returns `403`, the flag is left `undefined` on the frontend,
and:
- the registration-request form never appears, and
- no admin notification email is sent.
So in invite-only deployments, new sign-ups are silently dropped.
**Expected:** A newly-registered (`INACTIVE`) user can read the `inviteOnly`
flag, the registration-request form appears, and the admin is notified.
### How to reproduce?
1. Deploy with `user-system.conf` set to invite-only (`inviteOnly = true`).
2. Register a new account (the user is `INACTIVE`, pending admin approval).
3. Observe that the registration-request form does not appear and no admin
notification email is sent.
4. Network tab shows `GET /config/user-system` returning `403` for the
`INACTIVE` user.
### Branch
main
### What browsers are you seeing the problem on?
Chrome
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
