Fix database inconsistent when admin change user email (#17549)

2 files changed, 38 insertions, 9 deletions

diff --git a/models/user/user.go b/models/user/user.go
index f8ccee0b38..62f2aa472d 100644
--- a/models/user/user.go
+++ b/models/user/user.go
@@ -796,18 +796,48 @@ func validateUser(u *User) error {
 	return ValidateEmail(u.Email)
 }
 
-func updateUser(e db.Engine, u *User) error {
+func updateUser(ctx context.Context, u *User, changePrimaryEmail bool) error {
 	if err := validateUser(u); err != nil {
 		return err
 	}
 
+	e := db.GetEngine(ctx)
+
+	if changePrimaryEmail {
+		var emailAddress EmailAddress
+		has, err := e.Where("lower_email=?", strings.ToLower(u.Email)).Get(&emailAddress)
+		if err != nil {
+			return err
+		}
+		if !has {
+			// 1. Update old primary email
+			if _, err = e.Where("uid=? AND is_primary=?", u.ID, true).Cols("is_primary").Update(&EmailAddress{
+				IsPrimary: false,
+			}); err != nil {
+				return err
+			}
+
+			emailAddress.Email = u.Email
+			emailAddress.UID = u.ID
+			emailAddress.IsActivated = true
+			emailAddress.IsPrimary = true
+			if _, err := e.Insert(&emailAddress); err != nil {
+				return err
+			}
+		} else if _, err := e.ID(emailAddress).Cols("is_primary").Update(&EmailAddress{
+			IsPrimary: true,
+		}); err != nil {
+			return err
+		}
+	}
+
 	_, err := e.ID(u.ID).AllCols().Update(u)
 	return err
 }
 
 // UpdateUser updates user's information.
-func UpdateUser(u *User) error {
-	return updateUser(db.GetEngine(db.DefaultContext), u)
+func UpdateUser(u *User, emailChanged bool) error {
+	return updateUser(db.DefaultContext, u, emailChanged)
 }
 
 // UpdateUserCols update user according special columns
@@ -836,14 +866,13 @@ func UpdateUserSetting(u *User) (err error) {
 		return err
 	}
 	defer committer.Close()
-	sess := db.GetEngine(ctx)
 
 	if !u.IsOrganization() {
-		if err = checkDupEmail(sess, u); err != nil {
+		if err = checkDupEmail(db.GetEngine(ctx), u); err != nil {
 			return err
 		}
 	}
-	if err = updateUser(sess, u); err != nil {
+	if err = updateUser(ctx, u, false); err != nil {
 		return err
 	}
 	return committer.Commit()
diff --git a/models/user/user_test.go b/models/user/user_test.go
index ac49852254..f4acb92378 100644
--- a/models/user/user_test.go
+++ b/models/user/user_test.go
@@ -273,19 +273,19 @@ func TestUpdateUser(t *testing.T) {
 	user := unittest.AssertExistsAndLoadBean(t, &User{ID: 2}).(*User)
 
 	user.KeepActivityPrivate = true
-	assert.NoError(t, UpdateUser(user))
+	assert.NoError(t, UpdateUser(user, false))
 	user = unittest.AssertExistsAndLoadBean(t, &User{ID: 2}).(*User)
 	assert.True(t, user.KeepActivityPrivate)
 
 	setting.Service.AllowedUserVisibilityModesSlice = []bool{true, false, false}
 	user.KeepActivityPrivate = false
 	user.Visibility = structs.VisibleTypePrivate
-	assert.Error(t, UpdateUser(user))
+	assert.Error(t, UpdateUser(user, false))
 	user = unittest.AssertExistsAndLoadBean(t, &User{ID: 2}).(*User)
 	assert.True(t, user.KeepActivityPrivate)
 
 	user.Email = "no mail@mail.org"
-	assert.Error(t, UpdateUser(user))
+	assert.Error(t, UpdateUser(user, true))
 }
 
 func TestNewUserRedirect(t *testing.T) {