diff options
| author | Eugen Rochko <eugen@zeonfederated.com> | 2022-02-28 12:15:44 +0100 |
|---|---|---|
| committer | Eugen Rochko <eugen@zeonfederated.com> | 2022-03-30 13:52:02 +0200 |
| commit | a73f32f7dc4ff48f7dded07b9205beb1e84362c1 (patch) | |
| tree | 7b823712725b864ea1cf60466a1354088c8d3425 | |
| parent | 637c7d464b2876765370d1143b7ba6441efb730b (diff) | |
Fix being able to bypass e-mail restrictions
| -rw-r--r-- | app/models/user.rb | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/app/models/user.rb b/app/models/user.rb index a38362e5756..9fcc54c3e78 100644 --- a/app/models/user.rb +++ b/app/models/user.rb @@ -86,11 +86,11 @@ class User < ApplicationRecord validates :invite_request, presence: true, on: :create, if: :invite_text_required? validates :locale, inclusion: I18n.available_locales.map(&:to_s), if: :locale? - validates_with BlacklistedEmailValidator, on: :create + validates_with BlacklistedEmailValidator, if: -> { !confirmed? } validates_with EmailMxValidator, if: :validate_email_dns? validates :agreement, acceptance: { allow_nil: false, accept: [true, 'true', '1'] }, on: :create - # Those are honeypot/antispam fields + # Honeypot/anti-spam fields attr_accessor :registration_form_time, :website, :confirm_password validates_with RegistrationFormTimeValidator, on: :create |