diff options
| author | techknowlogick <techknowlogick@gitea.io> | 2023-08-30 11:46:49 -0400 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2023-08-30 10:46:49 -0500 |
| commit | 45976a1bdeb511d33016fdf6f906c06d995064ce (patch) | |
| tree | 4c6976ea2d2e205c4a56e94783fa3d4f7c1ecfc8 /services/forms | |
| parent | 1bb9b1c4d906010c47936bf0ceba82efd1c0c014 (diff) | |
| download | gitea-45976a1bdeb511d33016fdf6f906c06d995064ce.tar.gz gitea-45976a1bdeb511d33016fdf6f906c06d995064ce.zip | |
Check blocklist for emails when adding them to account (#26812)
Diffstat (limited to 'services/forms')
| -rw-r--r-- | services/forms/user_form.go | 29 |
1 files changed, 3 insertions, 26 deletions
diff --git a/services/forms/user_form.go b/services/forms/user_form.go index 1f5abf94ee..c0eb03f554 100644 --- a/services/forms/user_form.go +++ b/services/forms/user_form.go @@ -13,10 +13,10 @@ import ( "code.gitea.io/gitea/modules/context" "code.gitea.io/gitea/modules/setting" "code.gitea.io/gitea/modules/structs" + "code.gitea.io/gitea/modules/validation" "code.gitea.io/gitea/modules/web/middleware" "gitea.com/go-chi/binding" - "github.com/gobwas/glob" ) // InstallForm form for installation page @@ -103,29 +103,6 @@ func (f *RegisterForm) Validate(req *http.Request, errs binding.Errors) binding. return middleware.Validate(errs, ctx.Data, f, ctx.Locale) } -// IsEmailDomainListed checks whether the domain of an email address -// matches a list of domains -func IsEmailDomainListed(globs []glob.Glob, email string) bool { - if len(globs) == 0 { - return false - } - - n := strings.LastIndex(email, "@") - if n <= 0 { - return false - } - - domain := strings.ToLower(email[n+1:]) - - for _, g := range globs { - if g.Match(domain) { - return true - } - } - - return false -} - // IsEmailDomainAllowed validates that the email address // provided by the user matches what has been configured . // The email is marked as allowed if it matches any of the @@ -133,10 +110,10 @@ func IsEmailDomainListed(globs []glob.Glob, email string) bool { // domains in the blocklist, if any such list is not empty. func (f *RegisterForm) IsEmailDomainAllowed() bool { if len(setting.Service.EmailDomainAllowList) == 0 { - return !IsEmailDomainListed(setting.Service.EmailDomainBlockList, f.Email) + return !validation.IsEmailDomainListed(setting.Service.EmailDomainBlockList, f.Email) } - return IsEmailDomainListed(setting.Service.EmailDomainAllowList, f.Email) + return validation.IsEmailDomainListed(setting.Service.EmailDomainAllowList, f.Email) } // MustChangePasswordForm form for updating your password after account creation |