Don't check the ACL unless we're creating a new user

[rails.git] / app / controllers / user_controller.rb

diff --git a/app/controllers/user_controller.rb b/app/controllers/user_controller.rb
index 77370c311317b03e73e96c5e6c1f8f6bbbd7203f..1d86c0524de727d0d9a7b27c727a87de78458a88 100644 (file)
--- a/app/controllers/user_controller.rb
+++ b/app/controllers/user_controller.rb
@@ -38,7 +38,7 @@ class UserController < ApplicationController
       else
         render :action => 'terms'
       end
-    elsif Acl.match(request.remote_ip, params[:user][:email].split("@").last).where(:k => "no_account_creation").exists?
+    elsif params[:user] and Acl.match(request.remote_ip, params[:user][:email].split("@").last).where(:k => "no_account_creation").exists?
       render :action => 'blocked'
     else
       session[:referer] = params[:referer]