Admin page for managing user e-mail activation (#10557)

* Implement mail activation admin panel * Add export comments * Fix another export comment * again... * And again! * Apply suggestions by @lunny * Add UI for user activated emails * Make new activation UI work * Fix lint * Prevent admin from self-deactivate; add modal Co-authored-by: zeripath <art27@cantab.net>
author: guillep2k <18600385+guillep2k@users.noreply.github.com> 2020-03-02 15:25:36 -0300
committer: GitHub <noreply@github.com> 2020-03-02 15:25:36 -0300
commit: 5e1438ba92fe5b4398ebf468e4ede21c7ef60409 (patch)
tree: 40096ee69a4ac5df46428a3cf1ae7ee3bee8078e /routers/user
parent: b5ecc82d6e22b5701bfadc1ebc430b9c7fef0cc8 (diff)
download: gitea-5e1438ba92fe5b4398ebf468e4ede21c7ef60409.tar.gz
gitea-5e1438ba92fe5b4398ebf468e4ede21c7ef60409.zip
2 files changed, 70 insertions, 2 deletions
diff --git a/routers/user/auth.go b/routers/user/auth.go
index 3a3e3a1a54..6d762a058c 100644
--- a/routers/user/auth.go
+++ b/routers/user/auth.go
@@ -1217,8 +1217,18 @@ func ActivateEmail(ctx *context.Context) {
 
 		log.Trace("Email activated: %s", email.Email)
 		ctx.Flash.Success(ctx.Tr("settings.add_email_success"))
+
+		if u, err := models.GetUserByID(email.UID); err != nil {
+			log.Warn("GetUserByID: %d", email.UID)
+		} else {
+			// Allow user to validate more emails
+			_ = ctx.Cache.Delete("MailResendLimit_" + u.LowerName)
+		}
 	}
 
+	// FIXME: e-mail verification does not require the user to be logged in,
+	// so this could be redirecting to the login page.
+	// Should users be logged in automatically here? (consider 2FA requirements, etc.)
 	ctx.Redirect(setting.AppSubURL + "/user/settings/account")
 }
 
diff --git a/routers/user/setting/account.go b/routers/user/setting/account.go
index a9064b0e15..3c0c64ca27 100644
--- a/routers/user/setting/account.go
+++ b/routers/user/setting/account.go
@@ -88,6 +88,51 @@ func EmailPost(ctx *context.Context, form auth.AddEmailForm) {
 		ctx.Redirect(setting.AppSubURL + "/user/settings/account")
 		return
 	}
+	// Send activation Email
+	if ctx.Query("_method") == "SENDACTIVATION" {
+		var address string
+		if ctx.Cache.IsExist("MailResendLimit_" + ctx.User.LowerName) {
+			log.Error("Send activation: activation still pending")
+			ctx.Redirect(setting.AppSubURL + "/user/settings/account")
+			return
+		}
+		if ctx.Query("id") == "PRIMARY" {
+			if ctx.User.IsActive {
+				log.Error("Send activation: email not set for activation")
+				ctx.Redirect(setting.AppSubURL + "/user/settings/account")
+				return
+			}
+			mailer.SendActivateAccountMail(ctx.Locale, ctx.User)
+			address = ctx.User.Email
+		} else {
+			id := ctx.QueryInt64("id")
+			email, err := models.GetEmailAddressByID(ctx.User.ID, id)
+			if err != nil {
+				log.Error("GetEmailAddressByID(%d,%d) error: %v", ctx.User.ID, id, err)
+				ctx.Redirect(setting.AppSubURL + "/user/settings/account")
+				return
+			}
+			if email == nil {
+				log.Error("Send activation: EmailAddress not found; user:%d, id: %d", ctx.User.ID, id)
+				ctx.Redirect(setting.AppSubURL + "/user/settings/account")
+				return
+			}
+			if email.IsActivated {
+				log.Error("Send activation: email not set for activation")
+				ctx.Redirect(setting.AppSubURL + "/user/settings/account")
+				return
+			}
+			mailer.SendActivateEmailMail(ctx.Locale, ctx.User, email)
+			address = email.Email
+		}
+
+		if err := ctx.Cache.Put("MailResendLimit_"+ctx.User.LowerName, ctx.User.LowerName, 180); err != nil {
+			log.Error("Set cache(MailResendLimit) fail: %v", err)
+		}
+		ctx.Flash.Info(ctx.Tr("settings.add_email_confirmation_sent", address, timeutil.MinutesToFriendly(setting.Service.ActiveCodeLives, ctx.Locale.Language())))
+		ctx.Redirect(setting.AppSubURL + "/user/settings/account")
+		return
+	}
 	// Set Email Notification Preference
 	if ctx.Query("_method") == "NOTIFICATION" {
 		preference := ctx.Query("preference")
@@ -134,7 +179,6 @@ func EmailPost(ctx *context.Context, form auth.AddEmailForm) {
 	// Send confirmation email
 	if setting.Service.RegisterEmailConfirm {
 		mailer.SendActivateEmailMail(ctx.Locale, ctx.User, email)
-
 		if err := ctx.Cache.Put("MailResendLimit_"+ctx.User.LowerName, ctx.User.LowerName, 180); err != nil {
 			log.Error("Set cache(MailResendLimit) fail: %v", err)
 		}
@@ -223,11 +267,25 @@ func UpdateUIThemePost(ctx *context.Context, form auth.UpdateThemeForm) {
 }
 
 func loadAccountData(ctx *context.Context) {
-	emails, err := models.GetEmailAddresses(ctx.User.ID)
+	emlist, err := models.GetEmailAddresses(ctx.User.ID)
 	if err != nil {
 		ctx.ServerError("GetEmailAddresses", err)
 		return
 	}
+	type UserEmail struct {
+		models.EmailAddress
+		CanBePrimary bool
+	}
+	pendingActivation := ctx.Cache.IsExist("MailResendLimit_" + ctx.User.LowerName)
+	emails := make([]*UserEmail, len(emlist))
+	for i, em := range emlist {
+		var email UserEmail
+		email.EmailAddress = *em
+		email.CanBePrimary = em.IsActivated
+		emails[i] = &email
+	}
 	ctx.Data["Emails"] = emails
 	ctx.Data["EmailNotificationsPreference"] = ctx.User.EmailNotifications()
+	ctx.Data["ActivationsPending"] = pendingActivation
+	ctx.Data["CanAddEmails"] = !pendingActivation || !setting.Service.RegisterEmailConfirm
 }
author	guillep2k <18600385+guillep2k@users.noreply.github.com>	2020-03-02 15:25:36 -0300
committer	GitHub <noreply@github.com>	2020-03-02 15:25:36 -0300
commit	5e1438ba92fe5b4398ebf468e4ede21c7ef60409 (patch)
tree	40096ee69a4ac5df46428a3cf1ae7ee3bee8078e /routers/user
parent	b5ecc82d6e22b5701bfadc1ebc430b9c7fef0cc8 (diff)
download	gitea-5e1438ba92fe5b4398ebf468e4ede21c7ef60409.tar.gz gitea-5e1438ba92fe5b4398ebf468e4ede21c7ef60409.zip