Fix user primary email changed (#17840)

This commit is contained in:
Lunny Xiao 2021-11-28 19:04:44 +08:00 committed by GitHub
parent 04517e17d6
commit d29a0fc3be
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
6 changed files with 58 additions and 14 deletions

View file

@ -1072,18 +1072,46 @@ func validateUser(u *User) error {
return ValidateEmail(u.Email) return ValidateEmail(u.Email)
} }
func updateUser(e Engine, u *User) error { func updateUser(e Engine, u *User, changePrimaryEmail bool) error {
if err := validateUser(u); err != nil { if err := validateUser(u); err != nil {
return err return err
} }
if changePrimaryEmail {
var emailAddress EmailAddress
has, err := e.Where("lower_email=?", strings.ToLower(u.Email)).Get(&emailAddress)
if err != nil {
return err
}
if !has {
// 1. Update old primary email
if _, err = e.Where("uid=? AND is_primary=?", u.ID, true).Cols("is_primary").Update(&EmailAddress{
IsPrimary: false,
}); err != nil {
return err
}
emailAddress.Email = u.Email
emailAddress.UID = u.ID
emailAddress.IsActivated = true
emailAddress.IsPrimary = true
if _, err := e.Insert(&emailAddress); err != nil {
return err
}
} else if _, err := e.ID(emailAddress).Cols("is_primary").Update(&EmailAddress{
IsPrimary: true,
}); err != nil {
return err
}
}
_, err := e.ID(u.ID).AllCols().Update(u) _, err := e.ID(u.ID).AllCols().Update(u)
return err return err
} }
// UpdateUser updates user's information. // UpdateUser updates user's information.
func UpdateUser(u *User) error { func UpdateUser(u *User, changePrimaryEmail bool) error {
return updateUser(x, u) return updateUser(x, u, changePrimaryEmail)
} }
// UpdateUserCols update user according special columns // UpdateUserCols update user according special columns
@ -1112,7 +1140,7 @@ func UpdateUserSetting(u *User) (err error) {
return err return err
} }
} }
if err = updateUser(sess, u); err != nil { if err = updateUser(sess, u, false); err != nil {
return err return err
} }
return sess.Commit() return sess.Commit()

View file

@ -475,17 +475,17 @@ func TestUpdateUser(t *testing.T) {
user := AssertExistsAndLoadBean(t, &User{ID: 2}).(*User) user := AssertExistsAndLoadBean(t, &User{ID: 2}).(*User)
user.KeepActivityPrivate = true user.KeepActivityPrivate = true
assert.NoError(t, UpdateUser(user)) assert.NoError(t, UpdateUser(user, false))
user = AssertExistsAndLoadBean(t, &User{ID: 2}).(*User) user = AssertExistsAndLoadBean(t, &User{ID: 2}).(*User)
assert.True(t, user.KeepActivityPrivate) assert.True(t, user.KeepActivityPrivate)
setting.Service.AllowedUserVisibilityModesSlice = []bool{true, false, false} setting.Service.AllowedUserVisibilityModesSlice = []bool{true, false, false}
user.KeepActivityPrivate = false user.KeepActivityPrivate = false
user.Visibility = structs.VisibleTypePrivate user.Visibility = structs.VisibleTypePrivate
assert.Error(t, UpdateUser(user)) assert.Error(t, UpdateUser(user, false))
user = AssertExistsAndLoadBean(t, &User{ID: 2}).(*User) user = AssertExistsAndLoadBean(t, &User{ID: 2}).(*User)
assert.True(t, user.KeepActivityPrivate) assert.True(t, user.KeepActivityPrivate)
user.Email = "no mail@mail.org" user.Email = "no mail@mail.org"
assert.Error(t, UpdateUser(user)) assert.Error(t, UpdateUser(user, true))
} }

View file

@ -9,6 +9,7 @@ import (
"errors" "errors"
"fmt" "fmt"
"net/http" "net/http"
"strings"
"code.gitea.io/gitea/models" "code.gitea.io/gitea/models"
"code.gitea.io/gitea/modules/context" "code.gitea.io/gitea/modules/context"
@ -199,12 +200,20 @@ func EditUser(ctx *context.APIContext) {
if form.FullName != nil { if form.FullName != nil {
u.FullName = *form.FullName u.FullName = *form.FullName
} }
var emailChanged bool
if form.Email != nil { if form.Email != nil {
u.Email = *form.Email email := strings.TrimSpace(*form.Email)
if len(u.Email) == 0 { if len(email) == 0 {
ctx.Error(http.StatusUnprocessableEntity, "", fmt.Errorf("email is not allowed to be empty string")) ctx.Error(http.StatusUnprocessableEntity, "", fmt.Errorf("email is not allowed to be empty string"))
return return
} }
if err := models.ValidateEmail(email); err != nil {
ctx.InternalServerError(err)
return
}
emailChanged = !strings.EqualFold(u.Email, email)
u.Email = email
} }
if form.Website != nil { if form.Website != nil {
u.Website = *form.Website u.Website = *form.Website
@ -243,7 +252,7 @@ func EditUser(ctx *context.APIContext) {
u.IsRestricted = *form.Restricted u.IsRestricted = *form.Restricted
} }
if err := models.UpdateUser(u); err != nil { if err := models.UpdateUser(u, emailChanged); err != nil {
if models.IsErrEmailAlreadyUsed(err) || models.IsErrEmailInvalid(err) { if models.IsErrEmailAlreadyUsed(err) || models.IsErrEmailInvalid(err) {
ctx.Error(http.StatusUnprocessableEntity, "", err) ctx.Error(http.StatusUnprocessableEntity, "", err)
} else { } else {

View file

@ -74,7 +74,7 @@ func UpdateUserSettings(ctx *context.APIContext) {
ctx.User.KeepActivityPrivate = *form.HideActivity ctx.User.KeepActivityPrivate = *form.HideActivity
} }
if err := models.UpdateUser(ctx.User); err != nil { if err := models.UpdateUser(ctx.User, false); err != nil {
ctx.InternalServerError(err) ctx.InternalServerError(err)
return return
} }

View file

@ -273,6 +273,11 @@ func EditUserPost(ctx *context.Context) {
ctx.RenderWithErr(errMsg, tplUserNew, &form) ctx.RenderWithErr(errMsg, tplUserNew, &form)
return return
} }
if err := models.ValidateEmail(form.Email); err != nil {
ctx.Data["Err_Email"] = true
ctx.RenderWithErr(ctx.Tr("form.email_error"), tplUserNew, &form)
return
}
if u.Salt, err = models.GetUserSalt(); err != nil { if u.Salt, err = models.GetUserSalt(); err != nil {
ctx.ServerError("UpdateUser", err) ctx.ServerError("UpdateUser", err)
return return
@ -307,7 +312,9 @@ func EditUserPost(ctx *context.Context) {
u.LoginName = form.LoginName u.LoginName = form.LoginName
u.FullName = form.FullName u.FullName = form.FullName
u.Email = form.Email email := strings.TrimSpace(form.Email)
emailChanged := !strings.EqualFold(u.Email, email)
u.Email = email
u.Website = form.Website u.Website = form.Website
u.Location = form.Location u.Location = form.Location
u.MaxRepoCreation = form.MaxRepoCreation u.MaxRepoCreation = form.MaxRepoCreation
@ -327,7 +334,7 @@ func EditUserPost(ctx *context.Context) {
u.ProhibitLogin = form.ProhibitLogin u.ProhibitLogin = form.ProhibitLogin
} }
if err := models.UpdateUser(u); err != nil { if err := models.UpdateUser(u, emailChanged); err != nil {
if models.IsErrEmailAlreadyUsed(err) { if models.IsErrEmailAlreadyUsed(err) {
ctx.Data["Err_Email"] = true ctx.Data["Err_Email"] = true
ctx.RenderWithErr(ctx.Tr("form.email_been_used"), tplUserEdit, &form) ctx.RenderWithErr(ctx.Tr("form.email_been_used"), tplUserEdit, &form)

View file

@ -96,7 +96,7 @@ func SettingsPost(ctx *context.Context) {
visibilityChanged := form.Visibility != org.Visibility visibilityChanged := form.Visibility != org.Visibility
org.Visibility = form.Visibility org.Visibility = form.Visibility
if err := models.UpdateUser(org); err != nil { if err := models.UpdateUser(org, false); err != nil {
ctx.ServerError("UpdateUser", err) ctx.ServerError("UpdateUser", err)
return return
} }