Move user related model into models/user (#17781)

* Move user related model into models/user * Fix lint for windows * Fix windows lint * Fix windows lint * Move some tests in models * Merge
author: Lunny Xiao <xiaolunwen@gmail.com> 2021-11-24 17:49:20 +0800
committer: GitHub <noreply@github.com> 2021-11-24 17:49:20 +0800
commit: a666829a37be6f9fd98f9e7dd1767c420f7f3b32 (patch)
tree: 9ab1434b759a8a2cb275a83149903a823851e309 /services/auth
parent: 4e7ca946da2a2642a62f114825129bf5d7ed9196 (diff)
download: gitea-a666829a37be6f9fd98f9e7dd1767c420f7f3b32.tar.gz
gitea-a666829a37be6f9fd98f9e7dd1767c420f7f3b32.zip
19 files changed, 108 insertions, 96 deletions
diff --git a/services/auth/auth.go b/services/auth/auth.go
index 3e48e15047..e53691221f 100644
--- a/services/auth/auth.go
+++ b/services/auth/auth.go
@@ -12,8 +12,8 @@ import (
 	"regexp"
 	"strings"
 
-	"code.gitea.io/gitea/models"
 	"code.gitea.io/gitea/models/db"
+	user_model "code.gitea.io/gitea/models/user"
 	"code.gitea.io/gitea/modules/log"
 	"code.gitea.io/gitea/modules/setting"
 	"code.gitea.io/gitea/modules/web/middleware"
@@ -105,7 +105,7 @@ func isGitRawReleaseOrLFSPath(req *http.Request) bool {
 }
 
 // handleSignIn clears existing session variables and stores new ones for the specified user object
-func handleSignIn(resp http.ResponseWriter, req *http.Request, sess SessionStore, user *models.User) {
+func handleSignIn(resp http.ResponseWriter, req *http.Request, sess SessionStore, user *user_model.User) {
 	_ = sess.Delete("openid_verified_uri")
 	_ = sess.Delete("openid_signin_remember")
 	_ = sess.Delete("openid_determined_email")
@@ -128,7 +128,7 @@ func handleSignIn(resp http.ResponseWriter, req *http.Request, sess SessionStore
 	if len(user.Language) == 0 {
 		lc := middleware.Locale(resp, req)
 		user.Language = lc.Language()
-		if err := models.UpdateUserCols(db.DefaultContext, user, "language"); err != nil {
+		if err := user_model.UpdateUserCols(db.DefaultContext, user, "language"); err != nil {
 			log.Error(fmt.Sprintf("Error updating user language [user: %d, locale: %s]", user.ID, user.Language))
 			return
 		}
diff --git a/services/auth/basic.go b/services/auth/basic.go
index 9cfbd0f644..e2448eeca0 100644
--- a/services/auth/basic.go
+++ b/services/auth/basic.go
@@ -10,6 +10,7 @@ import (
 	"strings"
 
 	"code.gitea.io/gitea/models"
+	user_model "code.gitea.io/gitea/models/user"
 	"code.gitea.io/gitea/modules/base"
 	"code.gitea.io/gitea/modules/log"
 	"code.gitea.io/gitea/modules/setting"
@@ -41,7 +42,7 @@ func (b *Basic) Name() string {
 // "Authorization" header of the request and returns the corresponding user object for that
 // name/token on successful validation.
 // Returns nil if header is empty or validation fails.
-func (b *Basic) Verify(req *http.Request, w http.ResponseWriter, store DataStore, sess SessionStore) *models.User {
+func (b *Basic) Verify(req *http.Request, w http.ResponseWriter, store DataStore, sess SessionStore) *user_model.User {
 	// Basic authentication should only fire on API, Download or on Git or LFSPaths
 	if !middleware.IsAPIPath(req) && !isAttachmentDownload(req) && !isGitRawReleaseOrLFSPath(req) {
 		return nil
@@ -75,7 +76,7 @@ func (b *Basic) Verify(req *http.Request, w http.ResponseWriter, store DataStore
 	if uid != 0 {
 		log.Trace("Basic Authorization: Valid OAuthAccessToken for user[%d]", uid)
 
-		u, err := models.GetUserByID(uid)
+		u, err := user_model.GetUserByID(uid)
 		if err != nil {
 			log.Error("GetUserByID:  %v", err)
 			return nil
@@ -88,7 +89,7 @@ func (b *Basic) Verify(req *http.Request, w http.ResponseWriter, store DataStore
 	token, err := models.GetAccessTokenBySHA(authToken)
 	if err == nil {
 		log.Trace("Basic Authorization: Valid AccessToken for user[%d]", uid)
-		u, err := models.GetUserByID(token.UID)
+		u, err := user_model.GetUserByID(token.UID)
 		if err != nil {
 			log.Error("GetUserByID:  %v", err)
 			return nil
@@ -112,7 +113,7 @@ func (b *Basic) Verify(req *http.Request, w http.ResponseWriter, store DataStore
 	log.Trace("Basic Authorization: Attempting SignIn for %s", uname)
 	u, source, err := UserSignIn(uname, passwd)
 	if err != nil {
-		if !models.IsErrUserNotExist(err) {
+		if !user_model.IsErrUserNotExist(err) {
 			log.Error("UserSignIn: %v", err)
 		}
 		return nil
diff --git a/services/auth/group.go b/services/auth/group.go
index c396ae046b..bf047338bb 100644
--- a/services/auth/group.go
+++ b/services/auth/group.go
@@ -7,8 +7,8 @@ package auth
 import (
 	"net/http"
 
-	"code.gitea.io/gitea/models"
 	"code.gitea.io/gitea/models/db"
+	user_model "code.gitea.io/gitea/models/user"
 )
 
 // Ensure the struct implements the interface.
@@ -60,7 +60,7 @@ func (b *Group) Free() error {
 }
 
 // Verify extracts and validates
-func (b *Group) Verify(req *http.Request, w http.ResponseWriter, store DataStore, sess SessionStore) *models.User {
+func (b *Group) Verify(req *http.Request, w http.ResponseWriter, store DataStore, sess SessionStore) *user_model.User {
 	if !db.HasEngine {
 		return nil
 	}
diff --git a/services/auth/interface.go b/services/auth/interface.go
index a198fbe5b8..a05ece2078 100644
--- a/services/auth/interface.go
+++ b/services/auth/interface.go
@@ -8,7 +8,7 @@ import (
 	"context"
 	"net/http"
 
-	"code.gitea.io/gitea/models"
+	user_model "code.gitea.io/gitea/models/user"
 	"code.gitea.io/gitea/modules/session"
 	"code.gitea.io/gitea/modules/web/middleware"
 )
@@ -26,7 +26,7 @@ type Method interface {
 	// or a new user object (with id = 0) populated with the information that was found
 	// in the authentication data (username or email).
 	// Returns nil if verification fails.
-	Verify(http *http.Request, w http.ResponseWriter, store DataStore, sess SessionStore) *models.User
+	Verify(http *http.Request, w http.ResponseWriter, store DataStore, sess SessionStore) *user_model.User
 }
 
 // Initializable represents a structure that requires initialization
@@ -51,7 +51,7 @@ type Freeable interface {
 
 // PasswordAuthenticator represents a source of authentication
 type PasswordAuthenticator interface {
-	Authenticate(user *models.User, login, password string) (*models.User, error)
+	Authenticate(user *user_model.User, login, password string) (*user_model.User, error)
 }
 
 // LocalTwoFASkipper represents a source of authentication that can skip local 2fa
diff --git a/services/auth/login_source.go b/services/auth/login_source.go
index 723dd2b1a5..edce14cd8b 100644
--- a/services/auth/login_source.go
+++ b/services/auth/login_source.go
@@ -8,11 +8,12 @@ import (
 	"code.gitea.io/gitea/models"
 	"code.gitea.io/gitea/models/db"
 	"code.gitea.io/gitea/models/login"
+	user_model "code.gitea.io/gitea/models/user"
 )
 
 // DeleteLoginSource deletes a LoginSource record in DB.
 func DeleteLoginSource(source *login.Source) error {
-	count, err := db.GetEngine(db.DefaultContext).Count(&models.User{LoginSource: source.ID})
+	count, err := db.GetEngine(db.DefaultContext).Count(&user_model.User{LoginSource: source.ID})
 	if err != nil {
 		return err
 	} else if count > 0 {
diff --git a/services/auth/oauth2.go b/services/auth/oauth2.go
index 9b342f3458..74dc5eaaf6 100644
--- a/services/auth/oauth2.go
+++ b/services/auth/oauth2.go
@@ -13,6 +13,7 @@ import (
 	"code.gitea.io/gitea/models"
 	"code.gitea.io/gitea/models/db"
 	"code.gitea.io/gitea/models/login"
+	user_model "code.gitea.io/gitea/models/user"
 	"code.gitea.io/gitea/modules/log"
 	"code.gitea.io/gitea/modules/timeutil"
 	"code.gitea.io/gitea/modules/web/middleware"
@@ -110,7 +111,7 @@ func (o *OAuth2) userIDFromToken(req *http.Request, store DataStore) int64 {
 // or the "Authorization" header and returns the corresponding user object for that ID.
 // If verification is successful returns an existing user object.
 // Returns nil if verification fails.
-func (o *OAuth2) Verify(req *http.Request, w http.ResponseWriter, store DataStore, sess SessionStore) *models.User {
+func (o *OAuth2) Verify(req *http.Request, w http.ResponseWriter, store DataStore, sess SessionStore) *user_model.User {
 	if !db.HasEngine {
 		return nil
 	}
@@ -125,9 +126,9 @@ func (o *OAuth2) Verify(req *http.Request, w http.ResponseWriter, store DataStor
 	}
 	log.Trace("OAuth2 Authorization: Found token for user[%d]", id)
 
-	user, err := models.GetUserByID(id)
+	user, err := user_model.GetUserByID(id)
 	if err != nil {
-		if !models.IsErrUserNotExist(err) {
+		if !user_model.IsErrUserNotExist(err) {
 			log.Error("GetUserByName: %v", err)
 		}
 		return nil
diff --git a/services/auth/reverseproxy.go b/services/auth/reverseproxy.go
index 7cd24c302d..3e44d8b863 100644
--- a/services/auth/reverseproxy.go
+++ b/services/auth/reverseproxy.go
@@ -9,7 +9,7 @@ import (
 	"net/http"
 	"strings"
 
-	"code.gitea.io/gitea/models"
+	user_model "code.gitea.io/gitea/models/user"
 	"code.gitea.io/gitea/modules/log"
 	"code.gitea.io/gitea/modules/setting"
 	"code.gitea.io/gitea/modules/web/middleware"
@@ -56,16 +56,16 @@ func (r *ReverseProxy) Name() string {
 // If a username is available in the "setting.ReverseProxyAuthUser" header an existing
 // user object is returned (populated with username or email found in header).
 // Returns nil if header is empty.
-func (r *ReverseProxy) Verify(req *http.Request, w http.ResponseWriter, store DataStore, sess SessionStore) *models.User {
+func (r *ReverseProxy) Verify(req *http.Request, w http.ResponseWriter, store DataStore, sess SessionStore) *user_model.User {
 	username := r.getUserName(req)
 	if len(username) == 0 {
 		return nil
 	}
 	log.Trace("ReverseProxy Authorization: Found username: %s", username)
 
-	user, err := models.GetUserByName(username)
+	user, err := user_model.GetUserByName(username)
 	if err != nil {
-		if !models.IsErrUserNotExist(err) || !r.isAutoRegisterAllowed() {
+		if !user_model.IsErrUserNotExist(err) || !r.isAutoRegisterAllowed() {
 			log.Error("GetUserByName: %v", err)
 			return nil
 		}
@@ -91,7 +91,7 @@ func (r *ReverseProxy) isAutoRegisterAllowed() bool {
 
 // newUser creates a new user object for the purpose of automatic registration
 // and populates its name and email with the information present in request headers.
-func (r *ReverseProxy) newUser(req *http.Request) *models.User {
+func (r *ReverseProxy) newUser(req *http.Request) *user_model.User {
 	username := r.getUserName(req)
 	if len(username) == 0 {
 		return nil
@@ -105,12 +105,12 @@ func (r *ReverseProxy) newUser(req *http.Request) *models.User {
 		}
 	}
 
-	user := &models.User{
+	user := &user_model.User{
 		Name:     username,
 		Email:    email,
 		IsActive: true,
 	}
-	if err := models.CreateUser(user); err != nil {
+	if err := user_model.CreateUser(user); err != nil {
 		// FIXME: should I create a system notice?
 		log.Error("CreateUser: %v", err)
 		return nil
diff --git a/services/auth/session.go b/services/auth/session.go
index 9a6e2d95d0..256598d100 100644
--- a/services/auth/session.go
+++ b/services/auth/session.go
@@ -7,7 +7,7 @@ package auth
 import (
 	"net/http"
 
-	"code.gitea.io/gitea/models"
+	user_model "code.gitea.io/gitea/models/user"
 	"code.gitea.io/gitea/modules/log"
 )
 
@@ -30,7 +30,7 @@ func (s *Session) Name() string {
 // Verify checks if there is a user uid stored in the session and returns the user
 // object for that uid.
 // Returns nil if there is no user uid stored in the session.
-func (s *Session) Verify(req *http.Request, w http.ResponseWriter, store DataStore, sess SessionStore) *models.User {
+func (s *Session) Verify(req *http.Request, w http.ResponseWriter, store DataStore, sess SessionStore) *user_model.User {
 	user := SessionUser(sess)
 	if user != nil {
 		return user
@@ -39,7 +39,7 @@ func (s *Session) Verify(req *http.Request, w http.ResponseWriter, store DataSto
 }
 
 // SessionUser returns the user object corresponding to the "uid" session variable.
-func SessionUser(sess SessionStore) *models.User {
+func SessionUser(sess SessionStore) *user_model.User {
 	// Get user ID
 	uid := sess.Get("uid")
 	if uid == nil {
@@ -53,9 +53,9 @@ func SessionUser(sess SessionStore) *models.User {
 	}
 
 	// Get user object
-	user, err := models.GetUserByID(id)
+	user, err := user_model.GetUserByID(id)
 	if err != nil {
-		if !models.IsErrUserNotExist(err) {
+		if !user_model.IsErrUserNotExist(err) {
 			log.Error("GetUserById: %v", err)
 		}
 		return nil
diff --git a/services/auth/signin.go b/services/auth/signin.go
index 504214f9f1..5f75000d98 100644
--- a/services/auth/signin.go
+++ b/services/auth/signin.go
@@ -7,25 +7,24 @@ package auth
 import (
 	"strings"
 
-	"code.gitea.io/gitea/models"
 	"code.gitea.io/gitea/models/db"
 	"code.gitea.io/gitea/models/login"
 	user_model "code.gitea.io/gitea/models/user"
 	"code.gitea.io/gitea/modules/log"
 
-	_ "code.gitea.io/gitea/services/auth/source/db" // register the sources (and below)
-	_ "code.gitea.io/gitea/services/auth/source/ldap"
-	_ "code.gitea.io/gitea/services/auth/source/oauth2"
-	_ "code.gitea.io/gitea/services/auth/source/pam"
-	_ "code.gitea.io/gitea/services/auth/source/smtp"
-	_ "code.gitea.io/gitea/services/auth/source/sspi"
+	_ "code.gitea.io/gitea/services/auth/source/db"   // register the sources (and below)
+	_ "code.gitea.io/gitea/services/auth/source/ldap" // register the ldap source
+	"code.gitea.io/gitea/services/auth/source/oauth2"
+	_ "code.gitea.io/gitea/services/auth/source/pam" // register the pam source
+	"code.gitea.io/gitea/services/auth/source/smtp"
+	_ "code.gitea.io/gitea/services/auth/source/sspi" // register the sspi source
 )
 
 // UserSignIn validates user name and password.
-func UserSignIn(username, password string) (*models.User, *login.Source, error) {
-	var user *models.User
+func UserSignIn(username, password string) (*user_model.User, *login.Source, error) {
+	var user *user_model.User
 	if strings.Contains(username, "@") {
-		user = &models.User{Email: strings.ToLower(strings.TrimSpace(username))}
+		user = &user_model.User{Email: strings.ToLower(strings.TrimSpace(username))}
 		// check same email
 		cnt, err := db.Count(user)
 		if err != nil {
@@ -39,13 +38,13 @@ func UserSignIn(username, password string) (*models.User, *login.Source, error)
 	} else {
 		trimmedUsername := strings.TrimSpace(username)
 		if len(trimmedUsername) == 0 {
-			return nil, nil, models.ErrUserNotExist{Name: username}
+			return nil, nil, user_model.ErrUserNotExist{Name: username}
 		}
 
-		user = &models.User{LowerName: strings.ToLower(trimmedUsername)}
+		user = &user_model.User{LowerName: strings.ToLower(trimmedUsername)}
 	}
 
-	hasUser, err := models.GetUser(user)
+	hasUser, err := user_model.GetUser(user)
 	if err != nil {
 		return nil, nil, err
 	}
@@ -57,12 +56,12 @@ func UserSignIn(username, password string) (*models.User, *login.Source, error)
 		}
 
 		if !source.IsActive {
-			return nil, nil, models.ErrLoginSourceNotActived
+			return nil, nil, oauth2.ErrLoginSourceNotActived
 		}
 
 		authenticator, ok := source.Cfg.(PasswordAuthenticator)
 		if !ok {
-			return nil, nil, models.ErrUnsupportedLoginType
+			return nil, nil, smtp.ErrUnsupportedLoginType
 		}
 
 		user, err := authenticator.Authenticate(user, username, password)
@@ -73,7 +72,7 @@ func UserSignIn(username, password string) (*models.User, *login.Source, error)
 		// WARN: DON'T check user.IsActive, that will be checked on reqSign so that
 		// user could be hint to resend confirm email.
 		if user.ProhibitLogin {
-			return nil, nil, models.ErrUserProhibitLogin{UID: user.ID, Name: user.Name}
+			return nil, nil, user_model.ErrUserProhibitLogin{UID: user.ID, Name: user.Name}
 		}
 
 		return user, source, nil
@@ -101,15 +100,15 @@ func UserSignIn(username, password string) (*models.User, *login.Source, error)
 			if !authUser.ProhibitLogin {
 				return authUser, source, nil
 			}
-			err = models.ErrUserProhibitLogin{UID: authUser.ID, Name: authUser.Name}
+			err = user_model.ErrUserProhibitLogin{UID: authUser.ID, Name: authUser.Name}
 		}
 
-		if models.IsErrUserNotExist(err) {
+		if user_model.IsErrUserNotExist(err) {
 			log.Debug("Failed to login '%s' via '%s': %v", username, source.Name, err)
 		} else {
 			log.Warn("Failed to login '%s' via '%s': %v", username, source.Name, err)
 		}
 	}
 
-	return nil, nil, models.ErrUserNotExist{Name: username}
+	return nil, nil, user_model.ErrUserNotExist{Name: username}
 }
diff --git a/services/auth/source/db/authenticate.go b/services/auth/source/db/authenticate.go
index af7b719a63..e0e439c2fe 100644
--- a/services/auth/source/db/authenticate.go
+++ b/services/auth/source/db/authenticate.go
@@ -5,19 +5,19 @@
 package db
 
 import (
-	"code.gitea.io/gitea/models"
 	"code.gitea.io/gitea/models/db"
+	user_model "code.gitea.io/gitea/models/user"
 	"code.gitea.io/gitea/modules/setting"
 )
 
 // Authenticate authenticates the provided user against the DB
-func Authenticate(user *models.User, login, password string) (*models.User, error) {
+func Authenticate(user *user_model.User, login, password string) (*user_model.User, error) {
 	if user == nil {
-		return nil, models.ErrUserNotExist{Name: login}
+		return nil, user_model.ErrUserNotExist{Name: login}
 	}
 
 	if !user.IsPasswordSet() || !user.ValidatePassword(password) {
-		return nil, models.ErrUserNotExist{UID: user.ID, Name: user.Name}
+		return nil, user_model.ErrUserNotExist{UID: user.ID, Name: user.Name}
 	}
 
 	// Update password hash if server password hash algorithm have changed
@@ -25,7 +25,7 @@ func Authenticate(user *models.User, login, password string) (*models.User, erro
 		if err := user.SetPassword(password); err != nil {
 			return nil, err
 		}
-		if err := models.UpdateUserCols(db.DefaultContext, user, "passwd", "passwd_hash_algo", "salt"); err != nil {
+		if err := user_model.UpdateUserCols(db.DefaultContext, user, "passwd", "passwd_hash_algo", "salt"); err != nil {
 			return nil, err
 		}
 	}
@@ -33,7 +33,7 @@ func Authenticate(user *models.User, login, password string) (*models.User, erro
 	// WARN: DON'T check user.IsActive, that will be checked on reqSign so that
 	// user could be hint to resend confirm email.
 	if user.ProhibitLogin {
-		return nil, models.ErrUserProhibitLogin{
+		return nil, user_model.ErrUserProhibitLogin{
 			UID:  user.ID,
 			Name: user.Name,
 		}
diff --git a/services/auth/source/db/source.go b/services/auth/source/db/source.go
index 2fedff3a7e..5ae2107a3b 100644
--- a/services/auth/source/db/source.go
+++ b/services/auth/source/db/source.go
@@ -5,8 +5,8 @@
 package db
 
 import (
-	"code.gitea.io/gitea/models"
 	"code.gitea.io/gitea/models/login"
+	user_model "code.gitea.io/gitea/models/user"
 )
 
 // Source is a password authentication service
@@ -24,7 +24,7 @@ func (source *Source) ToDB() ([]byte, error) {
 
 // Authenticate queries if login/password is valid against the PAM,
 // and create a local user if success when enabled.
-func (source *Source) Authenticate(user *models.User, login, password string) (*models.User, error) {
+func (source *Source) Authenticate(user *user_model.User, login, password string) (*user_model.User, error) {
 	return Authenticate(user, login, password)
 }
 
diff --git a/services/auth/source/ldap/source_authenticate.go b/services/auth/source/ldap/source_authenticate.go
index 99a99801a4..9bb07d244f 100644
--- a/services/auth/source/ldap/source_authenticate.go
+++ b/services/auth/source/ldap/source_authenticate.go
@@ -11,27 +11,28 @@ import (
 	"code.gitea.io/gitea/models"
 	"code.gitea.io/gitea/models/db"
 	"code.gitea.io/gitea/models/login"
+	user_model "code.gitea.io/gitea/models/user"
 	"code.gitea.io/gitea/services/mailer"
 	user_service "code.gitea.io/gitea/services/user"
 )
 
 // Authenticate queries if login/password is valid against the LDAP directory pool,
 // and create a local user if success when enabled.
-func (source *Source) Authenticate(user *models.User, userName, password string) (*models.User, error) {
+func (source *Source) Authenticate(user *user_model.User, userName, password string) (*user_model.User, error) {
 	sr := source.SearchEntry(userName, password, source.loginSource.Type == login.DLDAP)
 	if sr == nil {
 		// User not in LDAP, do nothing
-		return nil, models.ErrUserNotExist{Name: userName}
+		return nil, user_model.ErrUserNotExist{Name: userName}
 	}
 
 	isAttributeSSHPublicKeySet := len(strings.TrimSpace(source.AttributeSSHPublicKey)) > 0
 
 	// Update User admin flag if exist
-	if isExist, err := models.IsUserExist(0, sr.Username); err != nil {
+	if isExist, err := user_model.IsUserExist(0, sr.Username); err != nil {
 		return nil, err
 	} else if isExist {
 		if user == nil {
-			user, err = models.GetUserByName(sr.Username)
+			user, err = user_model.GetUserByName(sr.Username)
 			if err != nil {
 				return nil, err
 			}
@@ -49,7 +50,7 @@ func (source *Source) Authenticate(user *models.User, userName, password string)
 				cols = append(cols, "is_restricted")
 			}
 			if len(cols) > 0 {
-				err = models.UpdateUserCols(db.DefaultContext, user, cols...)
+				err = user_model.UpdateUserCols(db.DefaultContext, user, cols...)
 				if err != nil {
 					return nil, err
 				}
@@ -74,7 +75,7 @@ func (source *Source) Authenticate(user *models.User, userName, password string)
 		sr.Mail = fmt.Sprintf("%s@localhost", sr.Username)
 	}
 
-	user = &models.User{
+	user = &user_model.User{
 		LowerName:    strings.ToLower(sr.Username),
 		Name:         sr.Username,
 		FullName:     composeFullName(sr.Name, sr.Surname, sr.Username),
@@ -87,7 +88,7 @@ func (source *Source) Authenticate(user *models.User, userName, password string)
 		IsRestricted: sr.IsRestricted,
 	}
 
-	err := models.CreateUser(user)
+	err := user_model.CreateUser(user)
 	if err != nil {
 		return user, err
 	}
diff --git a/services/auth/source/ldap/source_sync.go b/services/auth/source/ldap/source_sync.go
index 89f84ae20c..9c504476c0 100644
--- a/services/auth/source/ldap/source_sync.go
+++ b/services/auth/source/ldap/source_sync.go
@@ -12,6 +12,7 @@ import (
 
 	"code.gitea.io/gitea/models"
 	"code.gitea.io/gitea/models/db"
+	user_model "code.gitea.io/gitea/models/user"
 	"code.gitea.io/gitea/modules/log"
 	user_service "code.gitea.io/gitea/services/user"
 )
@@ -25,7 +26,7 @@ func (source *Source) Sync(ctx context.Context, updateExisting bool) error {
 	var sshKeysNeedUpdate bool
 
 	// Find all users with this login type - FIXME: Should this be an iterator?
-	users, err := models.GetUsersBySource(source.loginSource)
+	users, err := user_model.GetUsersBySource(source.loginSource)
 	if err != nil {
 		log.Error("SyncExternalUsers: %v", err)
 		return err
@@ -83,7 +84,7 @@ func (source *Source) Sync(ctx context.Context, updateExisting bool) error {
 			su.Mail = fmt.Sprintf("%s@localhost", su.Username)
 		}
 
-		var usr *models.User
+		var usr *user_model.User
 		for userPos < len(users) && users[userPos].LowerName < su.LowerName {
 			userPos++
 		}
@@ -97,7 +98,7 @@ func (source *Source) Sync(ctx context.Context, updateExisting bool) error {
 		if usr == nil {
 			log.Trace("SyncExternalUsers[%s]: Creating user %s", source.loginSource.Name, su.Username)
 
-			usr = &models.User{
+			usr = &user_model.User{
 				LowerName:    su.LowerName,
 				Name:         su.Username,
 				FullName:     fullName,
@@ -110,7 +111,7 @@ func (source *Source) Sync(ctx context.Context, updateExisting bool) error {
 				IsActive:     true,
 			}
 
-			err = models.CreateUser(usr)
+			err = user_model.CreateUser(usr)
 
 			if err != nil {
 				log.Error("SyncExternalUsers[%s]: Error creating user %s: %v", source.loginSource.Name, su.Username, err)
@@ -153,7 +154,7 @@ func (source *Source) Sync(ctx context.Context, updateExisting bool) error {
 				}
 				usr.IsActive = true
 
-				err = models.UpdateUserCols(db.DefaultContext, usr, "full_name", "email", "is_admin", "is_restricted", "is_active")
+				err = user_model.UpdateUserCols(db.DefaultContext, usr, "full_name", "email", "is_admin", "is_restricted", "is_active")
 				if err != nil {
 					log.Error("SyncExternalUsers[%s]: Error updating user %s: %v", source.loginSource.Name, usr.Name, err)
 				}
@@ -194,7 +195,7 @@ func (source *Source) Sync(ctx context.Context, updateExisting bool) error {
 				log.Trace("SyncExternalUsers[%s]: Deactivating user %s", source.loginSource.Name, usr.Name)
 
 				usr.IsActive = false
-				err = models.UpdateUserCols(db.DefaultContext, usr, "is_active")
+				err = user_model.UpdateUserCols(db.DefaultContext, usr, "is_active")
 				if err != nil {
 					log.Error("SyncExternalUsers[%s]: Error deactivating user %s: %v", source.loginSource.Name, usr.Name, err)
 				}
diff --git a/services/auth/source/oauth2/providers.go b/services/auth/source/oauth2/providers.go
index 0fd57a8dbd..18879e917b 100644
--- a/services/auth/source/oauth2/providers.go
+++ b/services/auth/source/oauth2/providers.go
@@ -5,10 +5,10 @@
 package oauth2
 
 import (
+	"errors"
 	"net/url"
 	"sort"
 
-	"code.gitea.io/gitea/models"
 	"code.gitea.io/gitea/models/login"
 	"code.gitea.io/gitea/modules/log"
 	"code.gitea.io/gitea/modules/setting"
@@ -139,6 +139,11 @@ func ClearProviders() {
 	goth.ClearProviders()
 }
 
+var (
+	// ErrLoginSourceNotActived login source is not actived error
+	ErrLoginSourceNotActived = errors.New("Login source is not actived")
+)
+
 // used to create different types of goth providers
 func createProvider(providerName string, source *Source) (goth.Provider, error) {
 	callbackURL := setting.AppURL + "user/oauth2/" + url.PathEscape(providerName) + "/callback"
@@ -148,7 +153,7 @@ func createProvider(providerName string, source *Source) (goth.Provider, error)
 
 	p, ok := gothProviders[source.Provider]
 	if !ok {
-		return nil, models.ErrLoginSourceNotActived
+		return nil, ErrLoginSourceNotActived
 	}
 
 	provider, err = p.CreateGothProvider(providerName, callbackURL, source)
diff --git a/services/auth/source/oauth2/source_authenticate.go b/services/auth/source/oauth2/source_authenticate.go
index be2ff05356..fdc18411a7 100644
--- a/services/auth/source/oauth2/source_authenticate.go
+++ b/services/auth/source/oauth2/source_authenticate.go
@@ -5,12 +5,12 @@
 package oauth2
 
 import (
-	"code.gitea.io/gitea/models"
+	user_model "code.gitea.io/gitea/models/user"
 	"code.gitea.io/gitea/services/auth/source/db"
 )
 
 // Authenticate falls back to the db authenticator
-func (source *Source) Authenticate(user *models.User, login, password string) (*models.User, error) {
+func (source *Source) Authenticate(user *user_model.User, login, password string) (*user_model.User, error) {
 	return db.Authenticate(user, login, password)
 }
 
diff --git a/services/auth/source/pam/source_authenticate.go b/services/auth/source/pam/source_authenticate.go
index 6998241ad7..8553653ea0 100644
--- a/services/auth/source/pam/source_authenticate.go
+++ b/services/auth/source/pam/source_authenticate.go
@@ -8,7 +8,6 @@ import (
 	"fmt"
 	"strings"
 
-	"code.gitea.io/gitea/models"
 	"code.gitea.io/gitea/models/login"
 	user_model "code.gitea.io/gitea/models/user"
 	"code.gitea.io/gitea/modules/auth/pam"
@@ -20,11 +19,11 @@ import (
 
 // Authenticate queries if login/password is valid against the PAM,
 // and create a local user if success when enabled.
-func (source *Source) Authenticate(user *models.User, userName, password string) (*models.User, error) {
+func (source *Source) Authenticate(user *user_model.User, userName, password string) (*user_model.User, error) {
 	pamLogin, err := pam.Auth(source.ServiceName, userName, password)
 	if err != nil {
 		if strings.Contains(err.Error(), "Authentication failure") {
-			return nil, models.ErrUserNotExist{Name: userName}
+			return nil, user_model.ErrUserNotExist{Name: userName}
 		}
 		return nil, err
 	}
@@ -51,7 +50,7 @@ func (source *Source) Authenticate(user *models.User, userName, password string)
 		}
 	}
 
-	user = &models.User{
+	user = &user_model.User{
 		LowerName:   strings.ToLower(username),
 		Name:        username,
 		Email:       email,
@@ -62,7 +61,7 @@ func (source *Source) Authenticate(user *models.User, userName, password string)
 		IsActive:    true,
 	}
 
-	if err := models.CreateUser(user); err != nil {
+	if err := user_model.CreateUser(user); err != nil {
 		return user, err
 	}
 
diff --git a/services/auth/source/smtp/auth.go b/services/auth/source/smtp/auth.go
index d797982da1..c5bd09b0a7 100644
--- a/services/auth/source/smtp/auth.go
+++ b/services/auth/source/smtp/auth.go
@@ -6,13 +6,12 @@ package smtp
 
 import (
 	"crypto/tls"
+	"errors"
 	"fmt"
 	"net"
 	"net/smtp"
 	"os"
 	"strconv"
-
-	"code.gitea.io/gitea/models"
 )
 
 //   _________   __________________________
@@ -52,6 +51,11 @@ const (
 // Authenticators contains available SMTP authentication type names.
 var Authenticators = []string{PlainAuthentication, LoginAuthentication, CRAMMD5Authentication}
 
+var (
+	// ErrUnsupportedLoginType login source is unknown error
+	ErrUnsupportedLoginType = errors.New("Login source is unknown")
+)
+
 // Authenticate performs an SMTP authentication.
 func Authenticate(a smtp.Auth, source *Source) error {
 	tlsConfig := &tls.Config{
@@ -101,5 +105,5 @@ func Authenticate(a smtp.Auth, source *Source) error {
 		return client.Auth(a)
 	}
 
-	return models.ErrUnsupportedLoginType
+	return ErrUnsupportedLoginType
 }
diff --git a/services/auth/source/smtp/source_authenticate.go b/services/auth/source/smtp/source_authenticate.go
index f51c884c3a..c32d638b54 100644
--- a/services/auth/source/smtp/source_authenticate.go
+++ b/services/auth/source/smtp/source_authenticate.go
@@ -10,22 +10,22 @@ import (
 	"net/textproto"
 	"strings"
 
-	"code.gitea.io/gitea/models"
 	"code.gitea.io/gitea/models/login"
+	user_model "code.gitea.io/gitea/models/user"
 	"code.gitea.io/gitea/modules/util"
 	"code.gitea.io/gitea/services/mailer"
 )
 
 // Authenticate queries if the provided login/password is authenticates against the SMTP server
 // Users will be autoregistered as required
-func (source *Source) Authenticate(user *models.User, userName, password string) (*models.User, error) {
+func (source *Source) Authenticate(user *user_model.User, userName, password string) (*user_model.User, error) {
 	// Verify allowed domains.
 	if len(source.AllowedDomains) > 0 {
 		idx := strings.Index(userName, "@")
 		if idx == -1 {
-			return nil, models.ErrUserNotExist{Name: userName}
+			return nil, user_model.ErrUserNotExist{Name: userName}
 		} else if !util.IsStringInSlice(userName[idx+1:], strings.Split(source.AllowedDomains, ","), true) {
-			return nil, models.ErrUserNotExist{Name: userName}
+			return nil, user_model.ErrUserNotExist{Name: userName}
 		}
 	}
 
@@ -47,11 +47,11 @@ func (source *Source) Authenticate(user *models.User, userName, password string)
 		tperr, ok := err.(*textproto.Error)
 		if (ok && tperr.Code == 535) ||
 			strings.Contains(err.Error(), "Username and Password not accepted") {
-			return nil, models.ErrUserNotExist{Name: userName}
+			return nil, user_model.ErrUserNotExist{Name: userName}
 		}
 		if (ok && tperr.Code == 534) ||
 			strings.Contains(err.Error(), "Application-specific password required") {
-			return nil, models.ErrUserNotExist{Name: userName}
+			return nil, user_model.ErrUserNotExist{Name: userName}
 		}
 		return nil, err
 	}
@@ -66,7 +66,7 @@ func (source *Source) Authenticate(user *models.User, userName, password string)
 		username = userName[:idx]
 	}
 
-	user = &models.User{
+	user = &user_model.User{
 		LowerName:   strings.ToLower(username),
 		Name:        strings.ToLower(username),
 		Email:       userName,
@@ -77,7 +77,7 @@ func (source *Source) Authenticate(user *models.User, userName, password string)
 		IsActive:    true,
 	}
 
-	if err := models.CreateUser(user); err != nil {
+	if err := user_model.CreateUser(user); err != nil {
 		return user, err
 	}
 
diff --git a/services/auth/sspi_windows.go b/services/auth/sspi_windows.go
index 821a3df459..19f2349122 100644
--- a/services/auth/sspi_windows.go
+++ b/services/auth/sspi_windows.go
@@ -9,9 +9,9 @@ import (
 	"net/http"
 	"strings"
 
-	"code.gitea.io/gitea/models"
 	"code.gitea.io/gitea/models/avatars"
 	"code.gitea.io/gitea/models/login"
+	user_model "code.gitea.io/gitea/models/user"
 	"code.gitea.io/gitea/modules/base"
 	"code.gitea.io/gitea/modules/log"
 	"code.gitea.io/gitea/modules/setting"
@@ -83,7 +83,7 @@ func (s *SSPI) Free() error {
 // If authentication is successful, returns the corresponding user object.
 // If negotiation should continue or authentication fails, immediately returns a 401 HTTP
 // response code, as required by the SPNEGO protocol.
-func (s *SSPI) Verify(req *http.Request, w http.ResponseWriter, store DataStore, sess SessionStore) *models.User {
+func (s *SSPI) Verify(req *http.Request, w http.ResponseWriter, store DataStore, sess SessionStore) *user_model.User {
 	if !s.shouldAuthenticate(req) {
 		return nil
 	}
@@ -126,9 +126,9 @@ func (s *SSPI) Verify(req *http.Request, w http.ResponseWriter, store DataStore,
 	}
 	log.Info("Authenticated as %s\n", username)
 
-	user, err := models.GetUserByName(username)
+	user, err := user_model.GetUserByName(username)
 	if err != nil {
-		if !models.IsErrUserNotExist(err) {
+		if !user_model.IsErrUserNotExist(err) {
 			log.Error("GetUserByName: %v", err)
 			return nil
 		}
@@ -184,9 +184,9 @@ func (s *SSPI) shouldAuthenticate(req *http.Request) (shouldAuth bool) {
 
 // newUser creates a new user object for the purpose of automatic registration
 // and populates its name and email with the information present in request headers.
-func (s *SSPI) newUser(username string, cfg *sspi.Source) (*models.User, error) {
+func (s *SSPI) newUser(username string, cfg *sspi.Source) (*user_model.User, error) {
 	email := gouuid.New().String() + "@localhost.localdomain"
-	user := &models.User{
+	user := &user_model.User{
 		Name:                         username,
 		Email:                        email,
 		KeepEmailPrivate:             true,
@@ -195,9 +195,9 @@ func (s *SSPI) newUser(username string, cfg *sspi.Source) (*models.User, error)
 		Language:                     cfg.DefaultLanguage,
 		UseCustomAvatar:              true,
 		Avatar:                       avatars.DefaultAvatarLink(),
-		EmailNotificationsPreference: models.EmailNotificationsDisabled,
+		EmailNotificationsPreference: user_model.EmailNotificationsDisabled,
 	}
-	if err := models.CreateUser(user); err != nil {
+	if err := user_model.CreateUser(user); err != nil {
 		return nil, err
 	}
author	Lunny Xiao <xiaolunwen@gmail.com>	2021-11-24 17:49:20 +0800
committer	GitHub <noreply@github.com>	2021-11-24 17:49:20 +0800
commit	a666829a37be6f9fd98f9e7dd1767c420f7f3b32 (patch)
tree	9ab1434b759a8a2cb275a83149903a823851e309 /services/auth
parent	4e7ca946da2a2642a62f114825129bf5d7ed9196 (diff)
download	gitea-a666829a37be6f9fd98f9e7dd1767c420f7f3b32.tar.gz gitea-a666829a37be6f9fd98f9e7dd1767c420f7f3b32.zip