From b209b3aa18db7bf3b2095ce924edb09ffb831542 Mon Sep 17 00:00:00 2001
From: Anton Tananaev <anton@traccar.org>
Date: Thu, 4 Apr 2024 17:28:59 -0700
Subject: Default to registration disabled

---
 schema/changelog-4.0-clean.xml                           |  4 ++--
 src/main/java/org/traccar/api/resource/UserResource.java | 10 ++++------
 2 files changed, 6 insertions(+), 8 deletions(-)

diff --git a/schema/changelog-4.0-clean.xml b/schema/changelog-4.0-clean.xml
index b4d8ac0ba..4236e6e95 100644
--- a/schema/changelog-4.0-clean.xml
+++ b/schema/changelog-4.0-clean.xml
@@ -335,7 +335,7 @@
       <column name="id" type="INT" autoIncrement="true">
         <constraints primaryKey="true" />
       </column>
-      <column name="registration" type="BOOLEAN" defaultValueBoolean="true">
+      <column name="registration" type="BOOLEAN" defaultValueBoolean="false">
         <constraints nullable="false" />
       </column>
       <column name="latitude" type="DOUBLE" defaultValueNumeric="0">
@@ -614,7 +614,7 @@
     <addForeignKeyConstraint baseTableName="tc_user_user" baseColumnNames="userid" constraintName="fk_user_user_userid" onDelete="CASCADE" referencedColumnNames="id" referencedTableName="tc_users" />
     
     <insert tableName="tc_servers">
-      <column name="registration" valueBoolean="true" />
+      <column name="registration" valueBoolean="false" />
       <column name="latitude" valueNumeric="0" />
       <column name="longitude" valueNumeric="0" />
       <column name="zoom" valueNumeric="0" />
diff --git a/src/main/java/org/traccar/api/resource/UserResource.java b/src/main/java/org/traccar/api/resource/UserResource.java
index 47ea9b07c..fbc31e46a 100644
--- a/src/main/java/org/traccar/api/resource/UserResource.java
+++ b/src/main/java/org/traccar/api/resource/UserResource.java
@@ -1,5 +1,5 @@
 /*
- * Copyright 2015 - 2022 Anton Tananaev (anton@traccar.org)
+ * Copyright 2015 - 2024 Anton Tananaev (anton@traccar.org)
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -95,7 +95,9 @@ public class UserResource extends BaseObjectResource<User> {
                     }
                 }
             } else {
-                if (!permissionsService.getServer().getRegistration()) {
+                if (UserUtil.isEmpty(storage)) {
+                    entity.setAdministrator(true);
+                } else if (!permissionsService.getServer().getRegistration()) {
                     throw new SecurityException("Registration disabled");
                 }
                 if (permissionsService.getServer().getBoolean(Keys.WEB_TOTP_FORCE.getKey())
@@ -106,10 +108,6 @@ public class UserResource extends BaseObjectResource<User> {
             }
         }
 
-        if (UserUtil.isEmpty(storage)) {
-            entity.setAdministrator(true);
-        }
-
         entity.setId(storage.addObject(entity, new Request(new Columns.Exclude("id"))));
         storage.updateObject(entity, new Request(
                 new Columns.Include("hashedPassword", "salt"),
-- 
cgit v1.2.3