From 0d152ce23066ad6164f5b63e4f2fe78ac5f2de66 Mon Sep 17 00:00:00 2001
From: fatchan <tom@69420.me>
Date: Wed, 4 Mar 2020 09:29:14 +0100
Subject: [PATCH] make user accoutn creation available for globals and above
 for provisioning accounts when its disabled

---
 controllers/forms.js          | 2 +-
 controllers/forms/create.js   | 7 +++----
 controllers/forms/register.js | 4 ++--
 3 files changed, 6 insertions(+), 7 deletions(-)

diff --git a/controllers/forms.js b/controllers/forms.js
index 75d9b54c..055b13d5 100644
--- a/controllers/forms.js
+++ b/controllers/forms.js
@@ -109,7 +109,7 @@ router.post('/global/settings', sessionRefresh, csrf, calcPerms, isLoggedIn, has
 router.post('/create', sessionRefresh, isLoggedIn, verifyCaptcha, calcPerms, hasPerms(4), createBoardController);
 //accounts
 router.post('/login', loginController);
-router.post('/register', verifyCaptcha, registerController);
+router.post('/register', verifyCaptcha, calcPerms, registerController);
 router.post('/changepassword', verifyCaptcha, changePasswordController);
 
 //removes captcha cookie, for refreshing for noscript users
diff --git a/controllers/forms/create.js b/controllers/forms/create.js
index ce6e8dbd..03dfc62d 100644
--- a/controllers/forms/create.js
+++ b/controllers/forms/create.js
@@ -1,16 +1,15 @@
 'use strict';
 
 const createBoard = require(__dirname+'/../../models/forms/create.js')
-	, { enableUserBoards, globalLimits } = require(__dirname+'/../../configs/main.js')
+	, { enableUserBoardCreation, globalLimits } = require(__dirname+'/../../configs/main.js')
 	, alphaNumericRegex = require(__dirname+'/../../helpers/checks/alphanumregex.js')
 
 module.exports = async (req, res, next) => {
 
-	if (enableUserBoards === false && res.locals.permLevel !== 0) {
-		//only board admin can create boards when user board creation disabled
+	if (enableUserBoardCreation === false && res.locals.permLevel > 1) {
 		return res.status(400).render('message', {
 			'title': 'Bad request',
-			'error': 'Board creation is only available to site administration',
+			'error': 'User board creation is currently disabled',
 			'redirect': '/create.html'
 		});
 	}
diff --git a/controllers/forms/register.js b/controllers/forms/register.js
index 7169e510..6c4619a4 100644
--- a/controllers/forms/register.js
+++ b/controllers/forms/register.js
@@ -1,12 +1,12 @@
 'use strict';
 
 const alphaNumericRegex = require(__dirname+'/../../helpers/checks/alphanumregex.js')
-	, { enableAccountCreation } = require(__dirname+'/../../configs/main.js')
+	, { enableUserAccountCreation } = require(__dirname+'/../../configs/main.js')
 	, registerAccount = require(__dirname+'/../../models/forms/register.js');
 
 module.exports = async (req, res, next) => {
 
-	if (enableAccountCreation === false) {
+	if (enableUserAccountCreation === false && res.locals.permLevel > 1) {
 		return res.status(400).render('message', {
 			'title': 'Bad request',
 			'error': 'Acount creation is disabled',