diff options
author | Lunny Xiao <xiaolunwen@gmail.com> | 2017-03-06 16:15:40 +0800 |
---|---|---|
committer | GitHub <noreply@github.com> | 2017-03-06 16:15:40 +0800 |
commit | 2215840363815a30dfe87244f59e90f8283fbb07 (patch) | |
tree | e01df3af61ca164818cb5a6a38c6139bc7c27845 /models | |
parent | 03760292412ffb3f65f2bfc359cb3bda100c5c98 (diff) | |
download | gitea-2215840363815a30dfe87244f59e90f8283fbb07.tar.gz gitea-2215840363815a30dfe87244f59e90f8283fbb07.zip |
fix avatar bug #1114 (#1122)
This PR fix the avatar bug described in #1114. This will fix random avatar is blank problem and potential delete avatars dir problem.
Diffstat (limited to 'models')
-rw-r--r-- | models/user.go | 23 |
1 files changed, 15 insertions, 8 deletions
diff --git a/models/user.go b/models/user.go index 67130d0131..fc78c5800f 100644 --- a/models/user.go +++ b/models/user.go @@ -296,6 +296,9 @@ func (u *User) GenerateRandomAvatar() error { if err != nil { return fmt.Errorf("RandomImage: %v", err) } + // NOTICE for random avatar, it still uses id as avatar name, but custom avatar use md5 + // since random image is not a user's photo, there is no security for enumable + u.Avatar = fmt.Sprintf("%d", u.ID) if err = os.MkdirAll(filepath.Dir(u.CustomAvatarPath()), os.ModePerm); err != nil { return fmt.Errorf("MkdirAll: %v", err) } @@ -451,13 +454,15 @@ func (u *User) UploadAvatar(data []byte) error { // DeleteAvatar deletes the user's custom avatar. func (u *User) DeleteAvatar() error { log.Trace("DeleteAvatar[%d]: %s", u.ID, u.CustomAvatarPath()) - - if err := os.Remove(u.CustomAvatarPath()); err != nil { - return fmt.Errorf("Failed to remove %s: %v", u.CustomAvatarPath(), err) + if len(u.Avatar) > 0 { + if err := os.Remove(u.CustomAvatarPath()); err != nil { + return fmt.Errorf("Failed to remove %s: %v", u.CustomAvatarPath(), err) + } } u.UseCustomAvatar = false - if err := UpdateUser(u); err != nil { + u.Avatar = "" + if _, err := x.Id(u.ID).Cols("avatar, use_custom_avatar").Update(u); err != nil { return fmt.Errorf("UpdateUser: %v", err) } return nil @@ -994,10 +999,12 @@ func deleteUser(e *xorm.Session, u *User) error { return fmt.Errorf("Failed to RemoveAll %s: %v", path, err) } - avatarPath := u.CustomAvatarPath() - if com.IsExist(avatarPath) { - if err := os.Remove(avatarPath); err != nil { - return fmt.Errorf("Failed to remove %s: %v", avatarPath, err) + if len(u.Avatar) > 0 { + avatarPath := u.CustomAvatarPath() + if com.IsExist(avatarPath) { + if err := os.Remove(avatarPath); err != nil { + return fmt.Errorf("Failed to remove %s: %v", avatarPath, err) + } } } |