diff --git a/models/user/email_address.go b/models/user/email_address.go

index e310858f92ee9bd4a116c0a509e7604603f8dab7..e916249e30bbe6f37b0571e0f1737a01535a0303 100644 (file)
--- a/models/user/email_address.go
+++ b/models/user/email_address.go
@@ -16,6 +16,7 @@ import (
         "code.gitea.io/gitea/modules/log"
         "code.gitea.io/gitea/modules/setting"
         "code.gitea.io/gitea/modules/util"
+       "code.gitea.io/gitea/modules/validation"
  
         "xorm.io/builder"
  )
@@ -161,7 +162,17 @@ func ValidateEmail(email string) error {
                 return ErrEmailInvalid{email}
         }
  
-       // TODO: add an email allow/block list
+       // if there is no allow list, then check email against block list
+       if len(setting.Service.EmailDomainAllowList) == 0 &&
+               validation.IsEmailDomainListed(setting.Service.EmailDomainBlockList, email) {
+               return ErrEmailInvalid{email}
+       }
+
+       // if there is an allow list, then check email against allow list
+       if len(setting.Service.EmailDomainAllowList) > 0 &&
+               !validation.IsEmailDomainListed(setting.Service.EmailDomainAllowList, email) {
+               return ErrEmailInvalid{email}
+       }
  
         return nil
  }
diff --git a/modules/validation/helpers.go b/modules/validation/helpers.go

index 3381846b863f5ff8f12e5a9c8979d90567fcbc2d..f6e00f3887a439509eb4764f69f8d836724b5ae6 100644 (file)
--- a/modules/validation/helpers.go
+++ b/modules/validation/helpers.go
@@ -10,6 +10,8 @@ import (
         "strings"
  
         "code.gitea.io/gitea/modules/setting"
+
+       "github.com/gobwas/glob"
  )
  
  var externalTrackerRegex = regexp.MustCompile(`({?)(?:user|repo|index)+?(}?)`)
@@ -48,6 +50,29 @@ func IsValidSiteURL(uri string) bool {
         return false
  }
  
+// IsEmailDomainListed checks whether the domain of an email address
+// matches a list of domains
+func IsEmailDomainListed(globs []glob.Glob, email string) bool {
+       if len(globs) == 0 {
+               return false
+       }
+
+       n := strings.LastIndex(email, "@")
+       if n <= 0 {
+               return false
+       }
+
+       domain := strings.ToLower(email[n+1:])
+
+       for _, g := range globs {
+               if g.Match(domain) {
+                       return true
+               }
+       }
+
+       return false
+}
+
  // IsAPIURL checks if URL is current Gitea instance API URL
  func IsAPIURL(uri string) bool {
         return strings.HasPrefix(strings.ToLower(uri), strings.ToLower(setting.AppURL+"api"))
diff --git a/services/forms/user_form.go b/services/forms/user_form.go

index 1f5abf94ee129b2545bf1d3b697b5622251ba1b8..c0eb03f5547615564351941afe372afc038db53c 100644 (file)
--- a/services/forms/user_form.go
+++ b/services/forms/user_form.go
@@ -13,10 +13,10 @@ import (
         "code.gitea.io/gitea/modules/context"
         "code.gitea.io/gitea/modules/setting"
         "code.gitea.io/gitea/modules/structs"
+       "code.gitea.io/gitea/modules/validation"
         "code.gitea.io/gitea/modules/web/middleware"
  
         "gitea.com/go-chi/binding"
-       "github.com/gobwas/glob"
  )
  
  // InstallForm form for installation page
@@ -103,29 +103,6 @@ func (f *RegisterForm) Validate(req *http.Request, errs binding.Errors) binding.
         return middleware.Validate(errs, ctx.Data, f, ctx.Locale)
  }
  
-// IsEmailDomainListed checks whether the domain of an email address
-// matches a list of domains
-func IsEmailDomainListed(globs []glob.Glob, email string) bool {
-       if len(globs) == 0 {
-               return false
-       }
-
-       n := strings.LastIndex(email, "@")
-       if n <= 0 {
-               return false
-       }
-
-       domain := strings.ToLower(email[n+1:])
-
-       for _, g := range globs {
-               if g.Match(domain) {
-                       return true
-               }
-       }
-
-       return false
-}
-
  // IsEmailDomainAllowed validates that the email address
  // provided by the user matches what has been configured .
  // The email is marked as allowed if it matches any of the
@@ -133,10 +110,10 @@ func IsEmailDomainListed(globs []glob.Glob, email string) bool {
  // domains in the blocklist, if any such list is not empty.
  func (f *RegisterForm) IsEmailDomainAllowed() bool {
         if len(setting.Service.EmailDomainAllowList) == 0 {
-               return !IsEmailDomainListed(setting.Service.EmailDomainBlockList, f.Email)
+               return !validation.IsEmailDomainListed(setting.Service.EmailDomainBlockList, f.Email)
         }
  
-       return IsEmailDomainListed(setting.Service.EmailDomainAllowList, f.Email)
+       return validation.IsEmailDomainListed(setting.Service.EmailDomainAllowList, f.Email)
  }
  
  // MustChangePasswordForm form for updating your password after account creation
author	techknowlogick <techknowlogick@gitea.io>
	Wed, 30 Aug 2023 15:46:49 +0000 (11:46 -0400)
committer	GitHub <noreply@github.com>
	Wed, 30 Aug 2023 15:46:49 +0000 (10:46 -0500)
models/user/email_address.go		patch \| blob \| history
modules/validation/helpers.go		patch \| blob \| history
services/forms/user_form.go		patch \| blob \| history