Prevent NPE on avatar direct rendering if federated avatars disabled (#15434)

#13649 assumed that direct avatar urls would always be libravatar urls - this leads
to NPEs if federated avatar service is disabled.

Fix #15421

Signed-off-by: Andrew Thornton <art27@cantab.net>

Co-authored-by: techknowlogick <techknowlogick@gitea.io>
This commit is contained in:
zeripath 2021-04-13 01:57:12 +01:00 committed by GitHub
parent 51313fbb63
commit 27f9bda769
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23

View file

@ -7,12 +7,14 @@ package user
import (
"errors"
"net/url"
"path"
"strconv"
"strings"
"code.gitea.io/gitea/models"
"code.gitea.io/gitea/modules/context"
"code.gitea.io/gitea/modules/log"
"code.gitea.io/gitea/modules/setting"
)
// Avatar redirect browser to user avatar of requested size
@ -70,8 +72,21 @@ func AvatarByEmailHash(ctx *context.Context) {
}
var avatarURL *url.URL
avatarURL, err = models.LibravatarURL(email)
if err != nil {
if setting.EnableFederatedAvatar && setting.LibravatarService != nil {
avatarURL, err = models.LibravatarURL(email)
if err != nil {
avatarURL, err = url.Parse(models.DefaultAvatarLink())
if err != nil {
ctx.ServerError("invalid default avatar url", err)
return
}
}
} else if !setting.DisableGravatar {
copyOfGravatarSourceURL := *setting.GravatarSourceURL
avatarURL = &copyOfGravatarSourceURL
avatarURL.Path = path.Join(avatarURL.Path, hash)
} else {
avatarURL, err = url.Parse(models.DefaultAvatarLink())
if err != nil {
ctx.ServerError("invalid default avatar url", err)