mirror of
https://github.com/go-gitea/gitea
synced 2025-07-22 18:28:37 +00:00
Move user related model into models/user (#17781)
* Move user related model into models/user * Fix lint for windows * Fix windows lint * Fix windows lint * Move some tests in models * Merge
This commit is contained in:
Lunny Xiao
GitHub
@@ -5,19 +5,19 @@
|
||||
package db
|
||||
|
||||
import (
|
||||
"code.gitea.io/gitea/models"
|
||||
"code.gitea.io/gitea/models/db"
|
||||
user_model "code.gitea.io/gitea/models/user"
|
||||
"code.gitea.io/gitea/modules/setting"
|
||||
)
|
||||
|
||||
// Authenticate authenticates the provided user against the DB
|
||||
func Authenticate(user *models.User, login, password string) (*models.User, error) {
|
||||
func Authenticate(user *user_model.User, login, password string) (*user_model.User, error) {
|
||||
if user == nil {
|
||||
return nil, models.ErrUserNotExist{Name: login}
|
||||
return nil, user_model.ErrUserNotExist{Name: login}
|
||||
}
|
||||
|
||||
if !user.IsPasswordSet() || !user.ValidatePassword(password) {
|
||||
return nil, models.ErrUserNotExist{UID: user.ID, Name: user.Name}
|
||||
return nil, user_model.ErrUserNotExist{UID: user.ID, Name: user.Name}
|
||||
}
|
||||
|
||||
// Update password hash if server password hash algorithm have changed
|
||||
@@ -25,7 +25,7 @@ func Authenticate(user *models.User, login, password string) (*models.User, erro
|
||||
if err := user.SetPassword(password); err != nil {
|
||||
return nil, err
|
||||
}
|
||||
if err := models.UpdateUserCols(db.DefaultContext, user, "passwd", "passwd_hash_algo", "salt"); err != nil {
|
||||
if err := user_model.UpdateUserCols(db.DefaultContext, user, "passwd", "passwd_hash_algo", "salt"); err != nil {
|
||||
return nil, err
|
||||
}
|
||||
}
|
||||
@@ -33,7 +33,7 @@ func Authenticate(user *models.User, login, password string) (*models.User, erro
|
||||
// WARN: DON'T check user.IsActive, that will be checked on reqSign so that
|
||||
// user could be hint to resend confirm email.
|
||||
if user.ProhibitLogin {
|
||||
return nil, models.ErrUserProhibitLogin{
|
||||
return nil, user_model.ErrUserProhibitLogin{
|
||||
UID: user.ID,
|
||||
Name: user.Name,
|
||||
}
|
||||
|
||||
@@ -5,8 +5,8 @@
|
||||
package db
|
||||
|
||||
import (
|
||||
"code.gitea.io/gitea/models"
|
||||
"code.gitea.io/gitea/models/login"
|
||||
user_model "code.gitea.io/gitea/models/user"
|
||||
)
|
||||
|
||||
// Source is a password authentication service
|
||||
@@ -24,7 +24,7 @@ func (source *Source) ToDB() ([]byte, error) {
|
||||
|
||||
// Authenticate queries if login/password is valid against the PAM,
|
||||
// and create a local user if success when enabled.
|
||||
func (source *Source) Authenticate(user *models.User, login, password string) (*models.User, error) {
|
||||
func (source *Source) Authenticate(user *user_model.User, login, password string) (*user_model.User, error) {
|
||||
return Authenticate(user, login, password)
|
||||
}
|
||||
|
||||
|
||||
@@ -11,27 +11,28 @@ import (
|
||||
"code.gitea.io/gitea/models"
|
||||
"code.gitea.io/gitea/models/db"
|
||||
"code.gitea.io/gitea/models/login"
|
||||
user_model "code.gitea.io/gitea/models/user"
|
||||
"code.gitea.io/gitea/services/mailer"
|
||||
user_service "code.gitea.io/gitea/services/user"
|
||||
)
|
||||
|
||||
// Authenticate queries if login/password is valid against the LDAP directory pool,
|
||||
// and create a local user if success when enabled.
|
||||
func (source *Source) Authenticate(user *models.User, userName, password string) (*models.User, error) {
|
||||
func (source *Source) Authenticate(user *user_model.User, userName, password string) (*user_model.User, error) {
|
||||
sr := source.SearchEntry(userName, password, source.loginSource.Type == login.DLDAP)
|
||||
if sr == nil {
|
||||
// User not in LDAP, do nothing
|
||||
return nil, models.ErrUserNotExist{Name: userName}
|
||||
return nil, user_model.ErrUserNotExist{Name: userName}
|
||||
}
|
||||
|
||||
isAttributeSSHPublicKeySet := len(strings.TrimSpace(source.AttributeSSHPublicKey)) > 0
|
||||
|
||||
// Update User admin flag if exist
|
||||
if isExist, err := models.IsUserExist(0, sr.Username); err != nil {
|
||||
if isExist, err := user_model.IsUserExist(0, sr.Username); err != nil {
|
||||
return nil, err
|
||||
} else if isExist {
|
||||
if user == nil {
|
||||
user, err = models.GetUserByName(sr.Username)
|
||||
user, err = user_model.GetUserByName(sr.Username)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
@@ -49,7 +50,7 @@ func (source *Source) Authenticate(user *models.User, userName, password string)
|
||||
cols = append(cols, "is_restricted")
|
||||
}
|
||||
if len(cols) > 0 {
|
||||
err = models.UpdateUserCols(db.DefaultContext, user, cols...)
|
||||
err = user_model.UpdateUserCols(db.DefaultContext, user, cols...)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
@@ -74,7 +75,7 @@ func (source *Source) Authenticate(user *models.User, userName, password string)
|
||||
sr.Mail = fmt.Sprintf("%s@localhost", sr.Username)
|
||||
}
|
||||
|
||||
user = &models.User{
|
||||
user = &user_model.User{
|
||||
LowerName: strings.ToLower(sr.Username),
|
||||
Name: sr.Username,
|
||||
FullName: composeFullName(sr.Name, sr.Surname, sr.Username),
|
||||
@@ -87,7 +88,7 @@ func (source *Source) Authenticate(user *models.User, userName, password string)
|
||||
IsRestricted: sr.IsRestricted,
|
||||
}
|
||||
|
||||
err := models.CreateUser(user)
|
||||
err := user_model.CreateUser(user)
|
||||
if err != nil {
|
||||
return user, err
|
||||
}
|
||||
|
||||
@@ -12,6 +12,7 @@ import (
|
||||
|
||||
"code.gitea.io/gitea/models"
|
||||
"code.gitea.io/gitea/models/db"
|
||||
user_model "code.gitea.io/gitea/models/user"
|
||||
"code.gitea.io/gitea/modules/log"
|
||||
user_service "code.gitea.io/gitea/services/user"
|
||||
)
|
||||
@@ -25,7 +26,7 @@ func (source *Source) Sync(ctx context.Context, updateExisting bool) error {
|
||||
var sshKeysNeedUpdate bool
|
||||
|
||||
// Find all users with this login type - FIXME: Should this be an iterator?
|
||||
users, err := models.GetUsersBySource(source.loginSource)
|
||||
users, err := user_model.GetUsersBySource(source.loginSource)
|
||||
if err != nil {
|
||||
log.Error("SyncExternalUsers: %v", err)
|
||||
return err
|
||||
@@ -83,7 +84,7 @@ func (source *Source) Sync(ctx context.Context, updateExisting bool) error {
|
||||
su.Mail = fmt.Sprintf("%s@localhost", su.Username)
|
||||
}
|
||||
|
||||
var usr *models.User
|
||||
var usr *user_model.User
|
||||
for userPos < len(users) && users[userPos].LowerName < su.LowerName {
|
||||
userPos++
|
||||
}
|
||||
@@ -97,7 +98,7 @@ func (source *Source) Sync(ctx context.Context, updateExisting bool) error {
|
||||
if usr == nil {
|
||||
log.Trace("SyncExternalUsers[%s]: Creating user %s", source.loginSource.Name, su.Username)
|
||||
|
||||
usr = &models.User{
|
||||
usr = &user_model.User{
|
||||
LowerName: su.LowerName,
|
||||
Name: su.Username,
|
||||
FullName: fullName,
|
||||
@@ -110,7 +111,7 @@ func (source *Source) Sync(ctx context.Context, updateExisting bool) error {
|
||||
IsActive: true,
|
||||
}
|
||||
|
||||
err = models.CreateUser(usr)
|
||||
err = user_model.CreateUser(usr)
|
||||
|
||||
if err != nil {
|
||||
log.Error("SyncExternalUsers[%s]: Error creating user %s: %v", source.loginSource.Name, su.Username, err)
|
||||
@@ -153,7 +154,7 @@ func (source *Source) Sync(ctx context.Context, updateExisting bool) error {
|
||||
}
|
||||
usr.IsActive = true
|
||||
|
||||
err = models.UpdateUserCols(db.DefaultContext, usr, "full_name", "email", "is_admin", "is_restricted", "is_active")
|
||||
err = user_model.UpdateUserCols(db.DefaultContext, usr, "full_name", "email", "is_admin", "is_restricted", "is_active")
|
||||
if err != nil {
|
||||
log.Error("SyncExternalUsers[%s]: Error updating user %s: %v", source.loginSource.Name, usr.Name, err)
|
||||
}
|
||||
@@ -194,7 +195,7 @@ func (source *Source) Sync(ctx context.Context, updateExisting bool) error {
|
||||
log.Trace("SyncExternalUsers[%s]: Deactivating user %s", source.loginSource.Name, usr.Name)
|
||||
|
||||
usr.IsActive = false
|
||||
err = models.UpdateUserCols(db.DefaultContext, usr, "is_active")
|
||||
err = user_model.UpdateUserCols(db.DefaultContext, usr, "is_active")
|
||||
if err != nil {
|
||||
log.Error("SyncExternalUsers[%s]: Error deactivating user %s: %v", source.loginSource.Name, usr.Name, err)
|
||||
}
|
||||
|
||||
@@ -5,10 +5,10 @@
|
||||
package oauth2
|
||||
|
||||
import (
|
||||
"errors"
|
||||
"net/url"
|
||||
"sort"
|
||||
|
||||
"code.gitea.io/gitea/models"
|
||||
"code.gitea.io/gitea/models/login"
|
||||
"code.gitea.io/gitea/modules/log"
|
||||
"code.gitea.io/gitea/modules/setting"
|
||||
@@ -139,6 +139,11 @@ func ClearProviders() {
|
||||
goth.ClearProviders()
|
||||
}
|
||||
|
||||
var (
|
||||
// ErrLoginSourceNotActived login source is not actived error
|
||||
ErrLoginSourceNotActived = errors.New("Login source is not actived")
|
||||
)
|
||||
|
||||
// used to create different types of goth providers
|
||||
func createProvider(providerName string, source *Source) (goth.Provider, error) {
|
||||
callbackURL := setting.AppURL + "user/oauth2/" + url.PathEscape(providerName) + "/callback"
|
||||
@@ -148,7 +153,7 @@ func createProvider(providerName string, source *Source) (goth.Provider, error)
|
||||
|
||||
p, ok := gothProviders[source.Provider]
|
||||
if !ok {
|
||||
return nil, models.ErrLoginSourceNotActived
|
||||
return nil, ErrLoginSourceNotActived
|
||||
}
|
||||
|
||||
provider, err = p.CreateGothProvider(providerName, callbackURL, source)
|
||||
|
||||
@@ -5,12 +5,12 @@
|
||||
package oauth2
|
||||
|
||||
import (
|
||||
"code.gitea.io/gitea/models"
|
||||
user_model "code.gitea.io/gitea/models/user"
|
||||
"code.gitea.io/gitea/services/auth/source/db"
|
||||
)
|
||||
|
||||
// Authenticate falls back to the db authenticator
|
||||
func (source *Source) Authenticate(user *models.User, login, password string) (*models.User, error) {
|
||||
func (source *Source) Authenticate(user *user_model.User, login, password string) (*user_model.User, error) {
|
||||
return db.Authenticate(user, login, password)
|
||||
}
|
||||
|
||||
|
||||
@@ -8,7 +8,6 @@ import (
|
||||
"fmt"
|
||||
"strings"
|
||||
|
||||
"code.gitea.io/gitea/models"
|
||||
"code.gitea.io/gitea/models/login"
|
||||
user_model "code.gitea.io/gitea/models/user"
|
||||
"code.gitea.io/gitea/modules/auth/pam"
|
||||
@@ -20,11 +19,11 @@ import (
|
||||
|
||||
// Authenticate queries if login/password is valid against the PAM,
|
||||
// and create a local user if success when enabled.
|
||||
func (source *Source) Authenticate(user *models.User, userName, password string) (*models.User, error) {
|
||||
func (source *Source) Authenticate(user *user_model.User, userName, password string) (*user_model.User, error) {
|
||||
pamLogin, err := pam.Auth(source.ServiceName, userName, password)
|
||||
if err != nil {
|
||||
if strings.Contains(err.Error(), "Authentication failure") {
|
||||
return nil, models.ErrUserNotExist{Name: userName}
|
||||
return nil, user_model.ErrUserNotExist{Name: userName}
|
||||
}
|
||||
return nil, err
|
||||
}
|
||||
@@ -51,7 +50,7 @@ func (source *Source) Authenticate(user *models.User, userName, password string)
|
||||
}
|
||||
}
|
||||
|
||||
user = &models.User{
|
||||
user = &user_model.User{
|
||||
LowerName: strings.ToLower(username),
|
||||
Name: username,
|
||||
Email: email,
|
||||
@@ -62,7 +61,7 @@ func (source *Source) Authenticate(user *models.User, userName, password string)
|
||||
IsActive: true,
|
||||
}
|
||||
|
||||
if err := models.CreateUser(user); err != nil {
|
||||
if err := user_model.CreateUser(user); err != nil {
|
||||
return user, err
|
||||
}
|
||||
|
||||
|
||||
@@ -6,13 +6,12 @@ package smtp
|
||||
|
||||
import (
|
||||
"crypto/tls"
|
||||
"errors"
|
||||
"fmt"
|
||||
"net"
|
||||
"net/smtp"
|
||||
"os"
|
||||
"strconv"
|
||||
|
||||
"code.gitea.io/gitea/models"
|
||||
)
|
||||
|
||||
// _________ __________________________
|
||||
@@ -52,6 +51,11 @@ const (
|
||||
// Authenticators contains available SMTP authentication type names.
|
||||
var Authenticators = []string{PlainAuthentication, LoginAuthentication, CRAMMD5Authentication}
|
||||
|
||||
var (
|
||||
// ErrUnsupportedLoginType login source is unknown error
|
||||
ErrUnsupportedLoginType = errors.New("Login source is unknown")
|
||||
)
|
||||
|
||||
// Authenticate performs an SMTP authentication.
|
||||
func Authenticate(a smtp.Auth, source *Source) error {
|
||||
tlsConfig := &tls.Config{
|
||||
@@ -101,5 +105,5 @@ func Authenticate(a smtp.Auth, source *Source) error {
|
||||
return client.Auth(a)
|
||||
}
|
||||
|
||||
return models.ErrUnsupportedLoginType
|
||||
return ErrUnsupportedLoginType
|
||||
}
|
||||
|
||||
@@ -10,22 +10,22 @@ import (
|
||||
"net/textproto"
|
||||
"strings"
|
||||
|
||||
"code.gitea.io/gitea/models"
|
||||
"code.gitea.io/gitea/models/login"
|
||||
user_model "code.gitea.io/gitea/models/user"
|
||||
"code.gitea.io/gitea/modules/util"
|
||||
"code.gitea.io/gitea/services/mailer"
|
||||
)
|
||||
|
||||
// Authenticate queries if the provided login/password is authenticates against the SMTP server
|
||||
// Users will be autoregistered as required
|
||||
func (source *Source) Authenticate(user *models.User, userName, password string) (*models.User, error) {
|
||||
func (source *Source) Authenticate(user *user_model.User, userName, password string) (*user_model.User, error) {
|
||||
// Verify allowed domains.
|
||||
if len(source.AllowedDomains) > 0 {
|
||||
idx := strings.Index(userName, "@")
|
||||
if idx == -1 {
|
||||
return nil, models.ErrUserNotExist{Name: userName}
|
||||
return nil, user_model.ErrUserNotExist{Name: userName}
|
||||
} else if !util.IsStringInSlice(userName[idx+1:], strings.Split(source.AllowedDomains, ","), true) {
|
||||
return nil, models.ErrUserNotExist{Name: userName}
|
||||
return nil, user_model.ErrUserNotExist{Name: userName}
|
||||
}
|
||||
}
|
||||
|
||||
@@ -47,11 +47,11 @@ func (source *Source) Authenticate(user *models.User, userName, password string)
|
||||
tperr, ok := err.(*textproto.Error)
|
||||
if (ok && tperr.Code == 535) ||
|
||||
strings.Contains(err.Error(), "Username and Password not accepted") {
|
||||
return nil, models.ErrUserNotExist{Name: userName}
|
||||
return nil, user_model.ErrUserNotExist{Name: userName}
|
||||
}
|
||||
if (ok && tperr.Code == 534) ||
|
||||
strings.Contains(err.Error(), "Application-specific password required") {
|
||||
return nil, models.ErrUserNotExist{Name: userName}
|
||||
return nil, user_model.ErrUserNotExist{Name: userName}
|
||||
}
|
||||
return nil, err
|
||||
}
|
||||
@@ -66,7 +66,7 @@ func (source *Source) Authenticate(user *models.User, userName, password string)
|
||||
username = userName[:idx]
|
||||
}
|
||||
|
||||
user = &models.User{
|
||||
user = &user_model.User{
|
||||
LowerName: strings.ToLower(username),
|
||||
Name: strings.ToLower(username),
|
||||
Email: userName,
|
||||
@@ -77,7 +77,7 @@ func (source *Source) Authenticate(user *models.User, userName, password string)
|
||||
IsActive: true,
|
||||
}
|
||||
|
||||
if err := models.CreateUser(user); err != nil {
|
||||
if err := user_model.CreateUser(user); err != nil {
|
||||
return user, err
|
||||
}
|
||||
|
||||
|
||||
Reference in New Issue
Block a user