allow disabling public invitation requests through a setting

app/controllers/invitations_controller.rb

@@ -3,7 +3,12 @@ class InvitationsController < ApplicationController
     :except => [ :build, :create_by_request, :confirm_email ]
 
   def build
-    @invitation_request = InvitationRequest.new
+    if Rails.application.allow_invitation_requests?
+      @invitation_request = InvitationRequest.new
+    else
+      flash[:error] = "Public invitation requests are not allowed."
+      return redirect_to "/login"
+    end
   end
 
   def index
@@ -19,7 +24,7 @@ class InvitationsController < ApplicationController
     ir.is_verified = true
     ir.save!
 
-    flash[:success] = "Your invitiation request has been validated and " <<
+    flash[:success] = "Your invitation request has been validated and " <<
       "will now be shown to other logged-in users."
     return redirect_to "/invitations/request"
   end
@@ -48,17 +53,21 @@ class InvitationsController < ApplicationController
   end
 
   def create_by_request
-    @invitation_request = InvitationRequest.new(
+    if Rails.application.allow_invitation_requests?
-      params.require(:invitation_request).permit(:name, :email, :memo))
+      @invitation_request = InvitationRequest.new(
+        params.require(:invitation_request).permit(:name, :email, :memo))
 
-    @invitation_request.ip_address = request.remote_ip
+      @invitation_request.ip_address = request.remote_ip
 
-    if @invitation_request.save
+      if @invitation_request.save
-      flash[:success] = "You have been e-mailed a confirmation to " <<
+        flash[:success] = "You have been e-mailed a confirmation to " <<
-        params[:invitation_request][:email].to_s << "."
+          params[:invitation_request][:email].to_s << "."
-      return redirect_to "/invitations/request"
+        return redirect_to "/invitations/request"
+      else
+        render :action => :build
+      end
     else
-      render :action => :build
+      return redirect_to "/login"
     end
   end
 

app/views/login/index.html.erb

@@ -26,8 +26,12 @@
     <p>
     Not a user yet?  Signup is by invitation only to combat spam and increase
     accountability.  If you know <a href="/u/">a current user</a> of the site,
-    ask them for an invitation or <a href="/invitations/request">request one
+    ask them for an
-    publicly</a>.
+    <% if Rails.application.allow_invitation_requests? %>
+      invitation or <a href="/invitations/request">request one publicly</a>.
+    <% else %>
+      invitation.
+    <% end %>
     </p>
 
     <% if @referer.present? %>

config/application.rb

@@ -42,6 +42,10 @@ end
 # define site name and domain to be used globally, can be overridden in
 # config/initializers/production.rb
 class << Rails.application
+  def allow_invitation_requests?
+    true
+  end
+
   def domain
     "lobste.rs"
   end