From 3f3e707d676c09b7eaf2ca785ca4d7199675fd14 Mon Sep 17 00:00:00 2001
From: Amolith <amolith@secluded.site>
Date: Wed, 2 Apr 2025 14:59:27 -0600
Subject: [PATCH] fix(registration): ensure onboarding JIDs can't create
 subaccounts

---
 lib/registration.rb | 11 +++++++++++
 1 file changed, 11 insertions(+)

diff --git a/lib/registration.rb b/lib/registration.rb
index 33c9bac6d08d380af32bfc987f506a4f304ad2ac..910db903fb32822ff35443893741c8802561bfa9 100644
--- a/lib/registration.rb
+++ b/lib/registration.rb
@@ -41,6 +41,13 @@ class Registration
 		end
 	end
 
+	def self.guard_onboarding_subaccounts(customer)
+		customer_domain = ProxiedJID.new(customer.jid).domain
+		return unless customer_domain == CONFIG[:onboarding_domain]
+
+		raise "Please create a new Jabber ID before creating a subaccount."
+	end
+
 	class Registered
 		def self.for(customer, tel)
 			jid = ProxiedJID.new(customer.jid).unproxied
@@ -139,6 +146,8 @@ class Registration
 		end
 
 		def save_customer_plan(iq, code)
+			Registration.guard_onboarding_subaccounts(@customer)
+
 			ParentCodeRepo.new(redis: REDIS, db: DB).find(code).then do |parent|
 				plan = Plan.for_registration(iq.form.field("plan_name").value.to_s)
 				@customer = @customer.with_plan(plan.name, parent_customer_id: parent)
@@ -573,6 +582,8 @@ class Registration
 			end
 
 			def set_parent(parent_customer_id)
+				Registration.guard_onboarding_subaccounts(@customer)
+
 				@customer = @customer.with_plan(
 					@customer.plan_name,
 					parent_customer_id: parent_customer_id