From 33894591a6d391674e938d018801d88d0011f0b7 Mon Sep 17 00:00:00 2001 From: Unknwon Date: Tue, 17 Mar 2015 03:21:58 -0400 Subject: [PATCH] #851: Edit Account does not take into consideration password rules --- cmd/web.go | 2 +- gogs.go | 2 +- modules/auth/admin.go | 18 +++++++++--------- routers/admin/users.go | 7 +++---- templates/.VERSION | 2 +- 5 files changed, 15 insertions(+), 16 deletions(-) diff --git a/cmd/web.go b/cmd/web.go index 8213baab2c..d5e9cd36ab 100644 --- a/cmd/web.go +++ b/cmd/web.go @@ -79,7 +79,7 @@ func checkVersion() { // Check dependency version. checkers := []VerChecker{ {"github.com/Unknwon/macaron", macaron.Version, "0.5.1"}, - {"github.com/macaron-contrib/binding", binding.Version, "0.0.5"}, + {"github.com/macaron-contrib/binding", binding.Version, "0.0.6"}, {"github.com/macaron-contrib/cache", cache.Version, "0.0.7"}, {"github.com/macaron-contrib/csrf", csrf.Version, "0.0.3"}, {"github.com/macaron-contrib/i18n", i18n.Version, "0.0.5"}, diff --git a/gogs.go b/gogs.go index ab11b7e6f0..cb2ad043dc 100644 --- a/gogs.go +++ b/gogs.go @@ -17,7 +17,7 @@ import ( "github.com/gogits/gogs/modules/setting" ) -const APP_VER = "0.5.16.0316 Beta" +const APP_VER = "0.5.16.0317 Beta" func init() { runtime.GOMAXPROCS(runtime.NumCPU()) diff --git a/modules/auth/admin.go b/modules/auth/admin.go index 6fec6ce73e..e6cc82cd34 100644 --- a/modules/auth/admin.go +++ b/modules/auth/admin.go @@ -11,15 +11,15 @@ import ( ) type AdminEditUserForm struct { - Email string `form:"email" binding:"Required;Email;MaxSize(50)"` - Passwd string `form:"password"` - Website string `form:"website" binding:"MaxSize(50)"` - Location string `form:"location" binding:"MaxSize(50)"` - Avatar string `form:"avatar" binding:"Required;Email;MaxSize(50)"` - Active bool `form:"active"` - Admin bool `form:"admin"` - AllowGitHook bool `form:"allow_git_hook"` - LoginType int `form:"login_type"` + Email string `binding:"Required;Email;MaxSize(50)"` + Password string `binding:"OmitEmpty;MinSize(6);MaxSize(255)"` + Website string `binding:"MaxSize(50)"` + Location string `binding:"MaxSize(50)"` + Avatar string `binding:"Required;Email;MaxSize(50)"` + Active bool + Admin bool + AllowGitHook bool + LoginType int } func (f *AdminEditUserForm) Validate(ctx *macaron.Context, errs binding.Errors) binding.Errors { diff --git a/routers/admin/users.go b/routers/admin/users.go index 2bbf13b92d..4f57407a2a 100644 --- a/routers/admin/users.go +++ b/routers/admin/users.go @@ -168,6 +168,7 @@ func EditUserPost(ctx *middleware.Context, form auth.AdminEditUserForm) { ctx.Handle(500, "GetUserById", err) return } + ctx.Data["User"] = u if ctx.HasError() { ctx.HTML(200, USER_EDIT) @@ -175,8 +176,8 @@ func EditUserPost(ctx *middleware.Context, form auth.AdminEditUserForm) { } // FIXME: need password length check - if len(form.Passwd) > 0 { - u.Passwd = form.Passwd + if len(form.Password) > 0 { + u.Passwd = form.Password u.Salt = models.GetUserSalt() u.EncodePasswd() } @@ -193,8 +194,6 @@ func EditUserPost(ctx *middleware.Context, form auth.AdminEditUserForm) { u.IsAdmin = form.Admin u.AllowGitHook = form.AllowGitHook - ctx.Data["User"] = u - if err := models.UpdateUser(u); err != nil { if err == models.ErrEmailAlreadyUsed { ctx.Data["Err_Email"] = true diff --git a/templates/.VERSION b/templates/.VERSION index ce64b3a8bb..8e8514e6d6 100644 --- a/templates/.VERSION +++ b/templates/.VERSION @@ -1 +1 @@ -0.5.16.0316 Beta \ No newline at end of file +0.5.16.0317 Beta \ No newline at end of file