diff options
author | zeripath <art27@cantab.net> | 2023-02-14 22:12:19 +0000 |
---|---|---|
committer | GitHub <noreply@github.com> | 2023-02-14 16:12:19 -0600 |
commit | aa1d95300ab1b34a3b4c9f5902ea821f2aa99f6e (patch) | |
tree | ac14d69e9e908ceba7826058115550315ee10c87 /models/user | |
parent | 618c9118c1652fdeea2a2ae0d1459bb1fd3d5169 (diff) | |
download | gitea-aa1d95300ab1b34a3b4c9f5902ea821f2aa99f6e.tar.gz gitea-aa1d95300ab1b34a3b4c9f5902ea821f2aa99f6e.zip |
Add command to bulk set must-change-password (#22823)
As part of administration sometimes it is appropriate to forcibly tell
users to update their passwords.
This PR creates a new command `gitea admin user must-change-password`
which will set the `MustChangePassword` flag on the provided users.
Signed-off-by: Andrew Thornton <art27@cantab.net>
Diffstat (limited to 'models/user')
-rw-r--r-- | models/user/must_change_password.go | 49 |
1 files changed, 49 insertions, 0 deletions
diff --git a/models/user/must_change_password.go b/models/user/must_change_password.go new file mode 100644 index 0000000000..7eab08de89 --- /dev/null +++ b/models/user/must_change_password.go @@ -0,0 +1,49 @@ +// Copyright 2023 The Gitea Authors. All rights reserved. +// SPDX-License-Identifier: MIT + +package user + +import ( + "context" + "strings" + + "code.gitea.io/gitea/models/db" + "code.gitea.io/gitea/modules/util" + + "xorm.io/builder" +) + +func SetMustChangePassword(ctx context.Context, all, mustChangePassword bool, include, exclude []string) (int64, error) { + sliceTrimSpaceDropEmpty := func(input []string) []string { + output := make([]string, 0, len(input)) + for _, in := range input { + in = strings.ToLower(strings.TrimSpace(in)) + if in == "" { + continue + } + output = append(output, in) + } + return output + } + + var cond builder.Cond + + // Only include the users where something changes to get an accurate count + cond = builder.Neq{"must_change_password": mustChangePassword} + + if !all { + include = sliceTrimSpaceDropEmpty(include) + if len(include) == 0 { + return 0, util.NewSilentWrapErrorf(util.ErrInvalidArgument, "no users to include provided") + } + + cond = cond.And(builder.In("lower_name", include)) + } + + exclude = sliceTrimSpaceDropEmpty(exclude) + if len(exclude) > 0 { + cond = cond.And(builder.NotIn("lower_name", exclude)) + } + + return db.GetEngine(ctx).Where(cond).MustCols("must_change_password").Update(&User{MustChangePassword: mustChangePassword}) +} |