From d29a0fc3beeef61bb30a11c70d2aecb2e28310f1 Mon Sep 17 00:00:00 2001 From: Lunny Xiao Date: Sun, 28 Nov 2021 19:04:44 +0800 Subject: [PATCH] Fix user primary email changed (#17840) --- models/user.go | 36 +++++++++++++++++++++++++++++---- models/user_test.go | 6 +++--- routers/api/v1/admin/user.go | 15 +++++++++++--- routers/api/v1/user/settings.go | 2 +- routers/web/admin/users.go | 11 ++++++++-- routers/web/org/setting.go | 2 +- 6 files changed, 58 insertions(+), 14 deletions(-) diff --git a/models/user.go b/models/user.go index 711bdc295..9a15de082 100644 --- a/models/user.go +++ b/models/user.go @@ -1072,18 +1072,46 @@ func validateUser(u *User) error { return ValidateEmail(u.Email) } -func updateUser(e Engine, u *User) error { +func updateUser(e Engine, u *User, changePrimaryEmail bool) error { if err := validateUser(u); err != nil { return err } + if changePrimaryEmail { + var emailAddress EmailAddress + has, err := e.Where("lower_email=?", strings.ToLower(u.Email)).Get(&emailAddress) + if err != nil { + return err + } + if !has { + // 1. Update old primary email + if _, err = e.Where("uid=? AND is_primary=?", u.ID, true).Cols("is_primary").Update(&EmailAddress{ + IsPrimary: false, + }); err != nil { + return err + } + + emailAddress.Email = u.Email + emailAddress.UID = u.ID + emailAddress.IsActivated = true + emailAddress.IsPrimary = true + if _, err := e.Insert(&emailAddress); err != nil { + return err + } + } else if _, err := e.ID(emailAddress).Cols("is_primary").Update(&EmailAddress{ + IsPrimary: true, + }); err != nil { + return err + } + } + _, err := e.ID(u.ID).AllCols().Update(u) return err } // UpdateUser updates user's information. -func UpdateUser(u *User) error { - return updateUser(x, u) +func UpdateUser(u *User, changePrimaryEmail bool) error { + return updateUser(x, u, changePrimaryEmail) } // UpdateUserCols update user according special columns @@ -1112,7 +1140,7 @@ func UpdateUserSetting(u *User) (err error) { return err } } - if err = updateUser(sess, u); err != nil { + if err = updateUser(sess, u, false); err != nil { return err } return sess.Commit() diff --git a/models/user_test.go b/models/user_test.go index 34c465c58..af1c1e5ee 100644 --- a/models/user_test.go +++ b/models/user_test.go @@ -475,17 +475,17 @@ func TestUpdateUser(t *testing.T) { user := AssertExistsAndLoadBean(t, &User{ID: 2}).(*User) user.KeepActivityPrivate = true - assert.NoError(t, UpdateUser(user)) + assert.NoError(t, UpdateUser(user, false)) user = AssertExistsAndLoadBean(t, &User{ID: 2}).(*User) assert.True(t, user.KeepActivityPrivate) setting.Service.AllowedUserVisibilityModesSlice = []bool{true, false, false} user.KeepActivityPrivate = false user.Visibility = structs.VisibleTypePrivate - assert.Error(t, UpdateUser(user)) + assert.Error(t, UpdateUser(user, false)) user = AssertExistsAndLoadBean(t, &User{ID: 2}).(*User) assert.True(t, user.KeepActivityPrivate) user.Email = "no mail@mail.org" - assert.Error(t, UpdateUser(user)) + assert.Error(t, UpdateUser(user, true)) } diff --git a/routers/api/v1/admin/user.go b/routers/api/v1/admin/user.go index 6bc9b849b..67667f44d 100644 --- a/routers/api/v1/admin/user.go +++ b/routers/api/v1/admin/user.go @@ -9,6 +9,7 @@ import ( "errors" "fmt" "net/http" + "strings" "code.gitea.io/gitea/models" "code.gitea.io/gitea/modules/context" @@ -199,12 +200,20 @@ func EditUser(ctx *context.APIContext) { if form.FullName != nil { u.FullName = *form.FullName } + var emailChanged bool if form.Email != nil { - u.Email = *form.Email - if len(u.Email) == 0 { + email := strings.TrimSpace(*form.Email) + if len(email) == 0 { ctx.Error(http.StatusUnprocessableEntity, "", fmt.Errorf("email is not allowed to be empty string")) return } + if err := models.ValidateEmail(email); err != nil { + ctx.InternalServerError(err) + return + } + + emailChanged = !strings.EqualFold(u.Email, email) + u.Email = email } if form.Website != nil { u.Website = *form.Website @@ -243,7 +252,7 @@ func EditUser(ctx *context.APIContext) { u.IsRestricted = *form.Restricted } - if err := models.UpdateUser(u); err != nil { + if err := models.UpdateUser(u, emailChanged); err != nil { if models.IsErrEmailAlreadyUsed(err) || models.IsErrEmailInvalid(err) { ctx.Error(http.StatusUnprocessableEntity, "", err) } else { diff --git a/routers/api/v1/user/settings.go b/routers/api/v1/user/settings.go index b4548e744..b0f2a908e 100644 --- a/routers/api/v1/user/settings.go +++ b/routers/api/v1/user/settings.go @@ -74,7 +74,7 @@ func UpdateUserSettings(ctx *context.APIContext) { ctx.User.KeepActivityPrivate = *form.HideActivity } - if err := models.UpdateUser(ctx.User); err != nil { + if err := models.UpdateUser(ctx.User, false); err != nil { ctx.InternalServerError(err) return } diff --git a/routers/web/admin/users.go b/routers/web/admin/users.go index acccc516b..31035c16d 100644 --- a/routers/web/admin/users.go +++ b/routers/web/admin/users.go @@ -273,6 +273,11 @@ func EditUserPost(ctx *context.Context) { ctx.RenderWithErr(errMsg, tplUserNew, &form) return } + if err := models.ValidateEmail(form.Email); err != nil { + ctx.Data["Err_Email"] = true + ctx.RenderWithErr(ctx.Tr("form.email_error"), tplUserNew, &form) + return + } if u.Salt, err = models.GetUserSalt(); err != nil { ctx.ServerError("UpdateUser", err) return @@ -307,7 +312,9 @@ func EditUserPost(ctx *context.Context) { u.LoginName = form.LoginName u.FullName = form.FullName - u.Email = form.Email + email := strings.TrimSpace(form.Email) + emailChanged := !strings.EqualFold(u.Email, email) + u.Email = email u.Website = form.Website u.Location = form.Location u.MaxRepoCreation = form.MaxRepoCreation @@ -327,7 +334,7 @@ func EditUserPost(ctx *context.Context) { u.ProhibitLogin = form.ProhibitLogin } - if err := models.UpdateUser(u); err != nil { + if err := models.UpdateUser(u, emailChanged); err != nil { if models.IsErrEmailAlreadyUsed(err) { ctx.Data["Err_Email"] = true ctx.RenderWithErr(ctx.Tr("form.email_been_used"), tplUserEdit, &form) diff --git a/routers/web/org/setting.go b/routers/web/org/setting.go index e84893918..3414bb8dd 100644 --- a/routers/web/org/setting.go +++ b/routers/web/org/setting.go @@ -96,7 +96,7 @@ func SettingsPost(ctx *context.Context) { visibilityChanged := form.Visibility != org.Visibility org.Visibility = form.Visibility - if err := models.UpdateUser(org); err != nil { + if err := models.UpdateUser(org, false); err != nil { ctx.ServerError("UpdateUser", err) return }