diff options
| author | Lunny Xiao <xiaolunwen@gmail.com> | 2022-03-15 01:39:54 +0800 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2022-03-14 18:39:54 +0100 |
| commit | 18033f49ba8f00695dd9f885360664a383610df1 (patch) | |
| tree | df3c1f1738353a7fffc4ac7b9e6c48e3af231b9c /routers/api/v1/admin | |
| parent | 49db87a035a28cd8eaa4abdd5832f952ca6449d9 (diff) | |
| download | gitea-18033f49ba8f00695dd9f885360664a383610df1.tar.gz gitea-18033f49ba8f00695dd9f885360664a383610df1.zip | |
Restrict email address validation (#17688)
This didn't follow the RFC but it's a subset of that. I think we should narrow the allowed chars at first and discuss more possibility in future PRs.
Diffstat (limited to 'routers/api/v1/admin')
| -rw-r--r-- | routers/api/v1/admin/user.go | 5 |
1 files changed, 4 insertions, 1 deletions
diff --git a/routers/api/v1/admin/user.go b/routers/api/v1/admin/user.go index 0ecebad5d7..1d3854df9b 100644 --- a/routers/api/v1/admin/user.go +++ b/routers/api/v1/admin/user.go @@ -119,6 +119,7 @@ func CreateUser(ctx *context.APIContext) { user_model.IsErrEmailAlreadyUsed(err) || db.IsErrNameReserved(err) || db.IsErrNameCharsNotAllowed(err) || + user_model.IsErrEmailCharIsNotSupported(err) || user_model.IsErrEmailInvalid(err) || db.IsErrNamePatternNotAllowed(err) { ctx.Error(http.StatusUnprocessableEntity, "", err) @@ -265,7 +266,9 @@ func EditUser(ctx *context.APIContext) { } if err := user_model.UpdateUser(u, emailChanged); err != nil { - if user_model.IsErrEmailAlreadyUsed(err) || user_model.IsErrEmailInvalid(err) { + if user_model.IsErrEmailAlreadyUsed(err) || + user_model.IsErrEmailCharIsNotSupported(err) || + user_model.IsErrEmailInvalid(err) { ctx.Error(http.StatusUnprocessableEntity, "", err) } else { ctx.Error(http.StatusInternalServerError, "UpdateUser", err) |