dawarich/app/controllers/users/registrations_controller.rb

# frozen_string_literal: true

class Users::RegistrationsController < Devise::RegistrationsController
  include UtmTrackable

  before_action :set_invitation, only: %i[new create]
  before_action :check_registration_allowed, only: %i[new create]
  before_action :store_utm_params, only: %i[new], unless: -> { DawarichSettings.self_hosted? }

  def new
    build_resource({})

    resource.email = @invitation.email if @invitation

    yield resource if block_given?

    respond_with resource
  end

  def create
    super do |resource|
      if resource.persisted?
        assign_utm_params(resource)
        accept_invitation_for_user(resource) if @invitation
      end
    end
  end

  def destroy
    begin
      resource.mark_as_deleted!

      # Sign out immediately
      Devise.sign_out_all_scopes ? sign_out : sign_out(resource_name)

      # Enqueue background job
      Users::DestroyJob.perform_later(resource.id)

      set_flash_message! :notice, :destroyed
      yield resource if block_given?
      respond_with_navigational(resource) { redirect_to after_sign_out_path_for(resource_name) }
    rescue ActiveRecord::RecordInvalid
      set_flash_message! :alert, :cannot_delete
      redirect_to edit_user_registration_path, status: :unprocessable_content
    end
  end

  protected

  def after_sign_up_path_for(resource)
    return family_path if @invitation&.family

    super(resource)
  end

  def after_inactive_sign_up_path_for(resource)
    return family_path if @invitation&.family

    super(resource)
  end

  private

  def check_registration_allowed
    return unless self_hosted_mode?
    return if valid_invitation_token?
    return if email_password_registration_allowed?

    redirect_to root_path,
                alert: 'Registration is not available. Please contact your administrator for access.'
  end

  def set_invitation
    return if invitation_token.blank?

    @invitation = Family::Invitation.find_by(token: invitation_token)
  end

  def self_hosted_mode?
    env_value = ENV['SELF_HOSTED']
    return ActiveModel::Type::Boolean.new.cast(env_value) unless env_value.nil?

    false
  end

  def valid_invitation_token?
    @invitation&.can_be_accepted?
  end

  def invitation_token
    @invitation_token ||= params[:invitation_token] ||
                          params.dig(:user, :invitation_token) ||
                          session[:invitation_token]
  end

  def accept_invitation_for_user(user)
    return unless @invitation&.can_be_accepted?

    service = Families::AcceptInvitation.new(
      invitation: @invitation,
      user: user
    )

    if service.call
      flash[:notice] = "Welcome to #{@invitation.family.name}! You're now part of the family."
    else
      flash[:alert] =
        "Account created successfully, but there was an issue accepting the invitation: #{service.error_message}"
    end
  rescue StandardError => e
    Rails.logger.error "Error accepting invitation during registration: #{e.message}"
    flash[:alert] =
      'Account created successfully, but there was an issue accepting the invitation. Please try accepting it again.'
  end

  def sign_up_params
    super
  end

  def email_password_registration_allowed?
    ALLOW_EMAIL_PASSWORD_REGISTRATION
  end
end
Change registration flow to support family invitations and self-hosted mode restrictions. 2025-09-28 14:53:50 -04:00			`# frozen_string_literal: true`

			`class Users::RegistrationsController < Devise::RegistrationsController`
Move UTM parameter tracking logic into a concern 2025-10-30 14:59:31 -04:00			`include UtmTrackable`

Fix some tests 2025-10-04 18:42:21 -04:00			`before_action :set_invitation, only: %i[new create]`
			`before_action :check_registration_allowed, only: %i[new create]`
Move UTM parameter tracking logic into a concern 2025-10-30 14:59:31 -04:00			`before_action :store_utm_params, only: %i[new], unless: -> { DawarichSettings.self_hosted? }`
Change registration flow to support family invitations and self-hosted mode restrictions. 2025-09-28 14:53:50 -04:00
			`def new`
			`build_resource({})`

Use family path instead of families/id 2025-10-04 16:39:47 -04:00			`resource.email = @invitation.email if @invitation`
Change registration flow to support family invitations and self-hosted mode restrictions. 2025-09-28 14:53:50 -04:00
			`yield resource if block_given?`
Use family path instead of families/id 2025-10-04 16:39:47 -04:00
Change registration flow to support family invitations and self-hosted mode restrictions. 2025-09-28 14:53:50 -04:00			`respond_with resource`
			`end`

			`def create`
			`super do \|resource\|`
Updte map view 2025-10-30 14:16:38 -04:00			`if resource.persisted?`
			`assign_utm_params(resource)`
			`accept_invitation_for_user(resource) if @invitation`
Change registration flow to support family invitations and self-hosted mode restrictions. 2025-09-28 14:53:50 -04:00			`end`
			`end`
			`end`

Move user deletions to background job 2026-01-08 14:29:28 -05:00			`def destroy`
			`begin`
			`resource.mark_as_deleted!`

			`# Sign out immediately`
			`Devise.sign_out_all_scopes ? sign_out : sign_out(resource_name)`

			`# Enqueue background job`
			`Users::DestroyJob.perform_later(resource.id)`

			`set_flash_message! :notice, :destroyed`
			`yield resource if block_given?`
			`respond_with_navigational(resource) { redirect_to after_sign_out_path_for(resource_name) }`
			`rescue ActiveRecord::RecordInvalid`
			`set_flash_message! :alert, :cannot_delete`
			`redirect_to edit_user_registration_path, status: :unprocessable_content`
			`end`
			`end`

Change registration flow to support family invitations and self-hosted mode restrictions. 2025-09-28 14:53:50 -04:00			`protected`

			`def after_sign_up_path_for(resource)`
Extract family functionality to a concern 2025-10-05 08:24:45 -04:00			`return family_path if @invitation&.family`

			`super(resource)`
Change registration flow to support family invitations and self-hosted mode restrictions. 2025-09-28 14:53:50 -04:00			`end`

			`def after_inactive_sign_up_path_for(resource)`
Extract family functionality to a concern 2025-10-05 08:24:45 -04:00			`return family_path if @invitation&.family`

			`super(resource)`
Change registration flow to support family invitations and self-hosted mode restrictions. 2025-09-28 14:53:50 -04:00			`end`

			`private`

			`def check_registration_allowed`
Fix tests 2025-10-04 19:09:46 -04:00			`return unless self_hosted_mode?`
Fix some tests 2025-10-04 18:42:21 -04:00			`return if valid_invitation_token?`
0.36.0 (#1952) * Implement OmniAuth GitHub authentication * Fix omniauth GitHub scope to include user email access * Remove margin-bottom * Implement Google OAuth2 authentication * Implement OIDC authentication for Dawarich using omniauth_openid_connect gem. * Add patreon account linking and patron checking service * Update docker-compose.yml to use boolean values instead of strings * Add support for KML files * Add tests * Update changelog * Remove patreon OAuth integration * Move omniauthable to a concern * Update an icon in integrations * Update changelog * Update app version * Fix family location sharing toggle * Move family location sharing to its own controller * Update changelog * Implement basic tagging functionality for places, allowing users to categorize and label places with custom tags. * Add places management API and tags feature * Add some changes related to places management feature * Fix some tests * Fix sometests * Add places layer * Update places layer to use Leaflet.Control.Layers.Tree for hierarchical layer control * Rework tag form * Add hashtag * Add privacy zones to tags * Add notes to places and manage place tags * Update changelog * Update e2e tests * Extract tag serializer to its own file * Fix some tests * Fix tags request specs * Fix some tests * Fix rest of the tests * Revert some changes * Add missing specs * Revert changes in place export/import code * Fix some specs * Fix PlaceFinder to only consider global places when finding existing places * Fix few more specs * Fix visits creator spec * Fix last tests * Update place creating modal * Add home location based on "Home" tagged place * Save enabled tag layers * Some fixes * Fix bug where enabling place tag layers would trigger saving enabled layers, overwriting with incomplete data * Update migration to use disable_ddl_transaction! and add up/down methods * Fix tag layers restoration and filtering logic * Update OIDC auto-registration and email/password registration settings * Fix potential xss 2025-11-24 13:45:09 -05:00			`return if email_password_registration_allowed?`
Change registration flow to support family invitations and self-hosted mode restrictions. 2025-09-28 14:53:50 -04:00
Fix some tests 2025-10-04 18:42:21 -04:00			`redirect_to root_path,`
			`alert: 'Registration is not available. Please contact your administrator for access.'`
Change registration flow to support family invitations and self-hosted mode restrictions. 2025-09-28 14:53:50 -04:00			`end`

Use family path instead of families/id 2025-10-04 16:39:47 -04:00			`def set_invitation`
Fix missing error messages on user registration and other forms 2025-11-07 05:08:57 -05:00			`return if invitation_token.blank?`
Change registration flow to support family invitations and self-hosted mode restrictions. 2025-09-28 14:53:50 -04:00
Refactor family invitations and memberships into separate models and controllers 2025-10-07 12:38:06 -04:00			`@invitation = Family::Invitation.find_by(token: invitation_token)`
Fix tests 2025-10-04 19:09:46 -04:00			`end`

			`def self_hosted_mode?`
			`env_value = ENV['SELF_HOSTED']`
			`return ActiveModel::Type::Boolean.new.cast(env_value) unless env_value.nil?`

			`false`
Change registration flow to support family invitations and self-hosted mode restrictions. 2025-09-28 14:53:50 -04:00			`end`

			`def valid_invitation_token?`
Fix some tests 2025-10-04 18:42:21 -04:00			`@invitation&.can_be_accepted?`
Change registration flow to support family invitations and self-hosted mode restrictions. 2025-09-28 14:53:50 -04:00			`end`

			`def invitation_token`
			`@invitation_token \|\|= params[:invitation_token] \|\|`
Move UTM parameter tracking logic into a concern 2025-10-30 14:59:31 -04:00			`params.dig(:user, :invitation_token) \|\|`
			`session[:invitation_token]`
Change registration flow to support family invitations and self-hosted mode restrictions. 2025-09-28 14:53:50 -04:00			`end`

			`def accept_invitation_for_user(user)`
			`return unless @invitation&.can_be_accepted?`

			`service = Families::AcceptInvitation.new(`
			`invitation: @invitation,`
			`user: user`
			`)`

			`if service.call`
			`flash[:notice] = "Welcome to #{@invitation.family.name}! You're now part of the family."`
			`else`
Move UTM parameter tracking logic into a concern 2025-10-30 14:59:31 -04:00			`flash[:alert] =`
			`"Account created successfully, but there was an issue accepting the invitation: #{service.error_message}"`
Change registration flow to support family invitations and self-hosted mode restrictions. 2025-09-28 14:53:50 -04:00			`end`
			`rescue StandardError => e`
			`Rails.logger.error "Error accepting invitation during registration: #{e.message}"`
Move UTM parameter tracking logic into a concern 2025-10-30 14:59:31 -04:00			`flash[:alert] =`
			`'Account created successfully, but there was an issue accepting the invitation. Please try accepting it again.'`
Change registration flow to support family invitations and self-hosted mode restrictions. 2025-09-28 14:53:50 -04:00			`end`

			`def sign_up_params`
			`super`
			`end`
0.36.0 (#1952) * Implement OmniAuth GitHub authentication * Fix omniauth GitHub scope to include user email access * Remove margin-bottom * Implement Google OAuth2 authentication * Implement OIDC authentication for Dawarich using omniauth_openid_connect gem. * Add patreon account linking and patron checking service * Update docker-compose.yml to use boolean values instead of strings * Add support for KML files * Add tests * Update changelog * Remove patreon OAuth integration * Move omniauthable to a concern * Update an icon in integrations * Update changelog * Update app version * Fix family location sharing toggle * Move family location sharing to its own controller * Update changelog * Implement basic tagging functionality for places, allowing users to categorize and label places with custom tags. * Add places management API and tags feature * Add some changes related to places management feature * Fix some tests * Fix sometests * Add places layer * Update places layer to use Leaflet.Control.Layers.Tree for hierarchical layer control * Rework tag form * Add hashtag * Add privacy zones to tags * Add notes to places and manage place tags * Update changelog * Update e2e tests * Extract tag serializer to its own file * Fix some tests * Fix tags request specs * Fix some tests * Fix rest of the tests * Revert some changes * Add missing specs * Revert changes in place export/import code * Fix some specs * Fix PlaceFinder to only consider global places when finding existing places * Fix few more specs * Fix visits creator spec * Fix last tests * Update place creating modal * Add home location based on "Home" tagged place * Save enabled tag layers * Some fixes * Fix bug where enabling place tag layers would trigger saving enabled layers, overwriting with incomplete data * Update migration to use disable_ddl_transaction! and add up/down methods * Fix tag layers restoration and filtering logic * Update OIDC auto-registration and email/password registration settings * Fix potential xss 2025-11-24 13:45:09 -05:00
			`def email_password_registration_allowed?`
Rework usage of OIDC auto-registration and email/password registration settings to use constants instead of direct ENV access. 2025-11-24 14:04:31 -05:00			`ALLOW_EMAIL_PASSWORD_REGISTRATION`
0.36.0 (#1952) * Implement OmniAuth GitHub authentication * Fix omniauth GitHub scope to include user email access * Remove margin-bottom * Implement Google OAuth2 authentication * Implement OIDC authentication for Dawarich using omniauth_openid_connect gem. * Add patreon account linking and patron checking service * Update docker-compose.yml to use boolean values instead of strings * Add support for KML files * Add tests * Update changelog * Remove patreon OAuth integration * Move omniauthable to a concern * Update an icon in integrations * Update changelog * Update app version * Fix family location sharing toggle * Move family location sharing to its own controller * Update changelog * Implement basic tagging functionality for places, allowing users to categorize and label places with custom tags. * Add places management API and tags feature * Add some changes related to places management feature * Fix some tests * Fix sometests * Add places layer * Update places layer to use Leaflet.Control.Layers.Tree for hierarchical layer control * Rework tag form * Add hashtag * Add privacy zones to tags * Add notes to places and manage place tags * Update changelog * Update e2e tests * Extract tag serializer to its own file * Fix some tests * Fix tags request specs * Fix some tests * Fix rest of the tests * Revert some changes * Add missing specs * Revert changes in place export/import code * Fix some specs * Fix PlaceFinder to only consider global places when finding existing places * Fix few more specs * Fix visits creator spec * Fix last tests * Update place creating modal * Add home location based on "Home" tagged place * Save enabled tag layers * Some fixes * Fix bug where enabling place tag layers would trigger saving enabled layers, overwriting with incomplete data * Update migration to use disable_ddl_transaction! and add up/down methods * Fix tag layers restoration and filtering logic * Update OIDC auto-registration and email/password registration settings * Fix potential xss 2025-11-24 13:45:09 -05:00			`end`
Use family path instead of families/id 2025-10-04 16:39:47 -04:00			`end`