1
1
mirror of https://github.com/go-gitea/gitea synced 2024-12-26 18:44:27 +00:00
gitea/routers/api/v1/user/email.go
6543 33431fcbd3
Validate email before inserting/updating (#13475) (#13666)
* Add email validity check (#13475)

* Improve error feedback for duplicate deploy keys

Instead of a generic HTTP 500 error page, a flash message is rendered
with the deploy key page template so inform the user that a key with the
intended title already exists.

* API returns 422 error when key with name exists

* Add email validity checking

Add email validity checking for the following routes:
[Web interface]
1. User registration
2. User creation by admin
3. Adding an email through user settings
[API]
1. POST /admin/users
2. PATCH /admin/users/:username
3. POST /user/emails

* Add further tests

* Add signup email tests

* Add email validity check for linking existing account

* Address PR comments

* Remove unneeded DB session

* Move email check to updateUser

Co-authored-by: zeripath <art27@cantab.net>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: techknowlogick <techknowlogick@gitea.io>

* skip email validation on empty string (#13627)

- move validation into its own function
- use a session for UpdateUserSetting

* rm TODO for backport

Co-authored-by: Chris Shyi <chrisshyi13@gmail.com>
Co-authored-by: zeripath <art27@cantab.net>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
2020-11-22 12:31:35 -05:00

133 lines
3.5 KiB
Go

// Copyright 2015 The Gogs Authors. All rights reserved.
// Use of this source code is governed by a MIT-style
// license that can be found in the LICENSE file.
package user
import (
"fmt"
"net/http"
"code.gitea.io/gitea/models"
"code.gitea.io/gitea/modules/context"
"code.gitea.io/gitea/modules/convert"
"code.gitea.io/gitea/modules/setting"
api "code.gitea.io/gitea/modules/structs"
)
// ListEmails list all of the authenticated user's email addresses
// see https://github.com/gogits/go-gogs-client/wiki/Users-Emails#list-email-addresses-for-a-user
func ListEmails(ctx *context.APIContext) {
// swagger:operation GET /user/emails user userListEmails
// ---
// summary: List the authenticated user's email addresses
// produces:
// - application/json
// responses:
// "200":
// "$ref": "#/responses/EmailList"
emails, err := models.GetEmailAddresses(ctx.User.ID)
if err != nil {
ctx.Error(http.StatusInternalServerError, "GetEmailAddresses", err)
return
}
apiEmails := make([]*api.Email, len(emails))
for i := range emails {
apiEmails[i] = convert.ToEmail(emails[i])
}
ctx.JSON(http.StatusOK, &apiEmails)
}
// AddEmail add an email address
func AddEmail(ctx *context.APIContext, form api.CreateEmailOption) {
// swagger:operation POST /user/emails user userAddEmail
// ---
// summary: Add email addresses
// produces:
// - application/json
// parameters:
// - name: options
// in: body
// schema:
// "$ref": "#/definitions/CreateEmailOption"
// parameters:
// - name: body
// in: body
// schema:
// "$ref": "#/definitions/CreateEmailOption"
// responses:
// '201':
// "$ref": "#/responses/EmailList"
// "422":
// "$ref": "#/responses/validationError"
if len(form.Emails) == 0 {
ctx.Error(http.StatusUnprocessableEntity, "", "Email list empty")
return
}
emails := make([]*models.EmailAddress, len(form.Emails))
for i := range form.Emails {
emails[i] = &models.EmailAddress{
UID: ctx.User.ID,
Email: form.Emails[i],
IsActivated: !setting.Service.RegisterEmailConfirm,
}
}
if err := models.AddEmailAddresses(emails); err != nil {
if models.IsErrEmailAlreadyUsed(err) {
ctx.Error(http.StatusUnprocessableEntity, "", "Email address has been used: "+err.(models.ErrEmailAlreadyUsed).Email)
} else if models.IsErrEmailInvalid(err) {
errMsg := fmt.Sprintf("Email address %s invalid", err.(models.ErrEmailInvalid).Email)
ctx.Error(http.StatusUnprocessableEntity, "", errMsg)
} else {
ctx.Error(http.StatusInternalServerError, "AddEmailAddresses", err)
}
return
}
apiEmails := make([]*api.Email, len(emails))
for i := range emails {
apiEmails[i] = convert.ToEmail(emails[i])
}
ctx.JSON(http.StatusCreated, &apiEmails)
}
// DeleteEmail delete email
func DeleteEmail(ctx *context.APIContext, form api.DeleteEmailOption) {
// swagger:operation DELETE /user/emails user userDeleteEmail
// ---
// summary: Delete email addresses
// produces:
// - application/json
// parameters:
// - name: body
// in: body
// schema:
// "$ref": "#/definitions/DeleteEmailOption"
// responses:
// "204":
// "$ref": "#/responses/empty"
if len(form.Emails) == 0 {
ctx.Status(http.StatusNoContent)
return
}
emails := make([]*models.EmailAddress, len(form.Emails))
for i := range form.Emails {
emails[i] = &models.EmailAddress{
Email: form.Emails[i],
UID: ctx.User.ID,
}
}
if err := models.DeleteEmailAddresses(emails); err != nil {
ctx.Error(http.StatusInternalServerError, "DeleteEmailAddresses", err)
return
}
ctx.Status(http.StatusNoContent)
}