aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--models/user/email_address.go13
-rw-r--r--modules/validation/helpers.go25
-rw-r--r--services/forms/user_form.go29
3 files changed, 40 insertions, 27 deletions
diff --git a/models/user/email_address.go b/models/user/email_address.go
index e310858f92..e916249e30 100644
--- a/models/user/email_address.go
+++ b/models/user/email_address.go
@@ -16,6 +16,7 @@ import (
"code.gitea.io/gitea/modules/log"
"code.gitea.io/gitea/modules/setting"
"code.gitea.io/gitea/modules/util"
+ "code.gitea.io/gitea/modules/validation"
"xorm.io/builder"
)
@@ -161,7 +162,17 @@ func ValidateEmail(email string) error {
return ErrEmailInvalid{email}
}
- // TODO: add an email allow/block list
+ // if there is no allow list, then check email against block list
+ if len(setting.Service.EmailDomainAllowList) == 0 &&
+ validation.IsEmailDomainListed(setting.Service.EmailDomainBlockList, email) {
+ return ErrEmailInvalid{email}
+ }
+
+ // if there is an allow list, then check email against allow list
+ if len(setting.Service.EmailDomainAllowList) > 0 &&
+ !validation.IsEmailDomainListed(setting.Service.EmailDomainAllowList, email) {
+ return ErrEmailInvalid{email}
+ }
return nil
}
diff --git a/modules/validation/helpers.go b/modules/validation/helpers.go
index 3381846b86..f6e00f3887 100644
--- a/modules/validation/helpers.go
+++ b/modules/validation/helpers.go
@@ -10,6 +10,8 @@ import (
"strings"
"code.gitea.io/gitea/modules/setting"
+
+ "github.com/gobwas/glob"
)
var externalTrackerRegex = regexp.MustCompile(`({?)(?:user|repo|index)+?(}?)`)
@@ -48,6 +50,29 @@ func IsValidSiteURL(uri string) bool {
return false
}
+// IsEmailDomainListed checks whether the domain of an email address
+// matches a list of domains
+func IsEmailDomainListed(globs []glob.Glob, email string) bool {
+ if len(globs) == 0 {
+ return false
+ }
+
+ n := strings.LastIndex(email, "@")
+ if n <= 0 {
+ return false
+ }
+
+ domain := strings.ToLower(email[n+1:])
+
+ for _, g := range globs {
+ if g.Match(domain) {
+ return true
+ }
+ }
+
+ return false
+}
+
// IsAPIURL checks if URL is current Gitea instance API URL
func IsAPIURL(uri string) bool {
return strings.HasPrefix(strings.ToLower(uri), strings.ToLower(setting.AppURL+"api"))
diff --git a/services/forms/user_form.go b/services/forms/user_form.go
index 1f5abf94ee..c0eb03f554 100644
--- a/services/forms/user_form.go
+++ b/services/forms/user_form.go
@@ -13,10 +13,10 @@ import (
"code.gitea.io/gitea/modules/context"
"code.gitea.io/gitea/modules/setting"
"code.gitea.io/gitea/modules/structs"
+ "code.gitea.io/gitea/modules/validation"
"code.gitea.io/gitea/modules/web/middleware"
"gitea.com/go-chi/binding"
- "github.com/gobwas/glob"
)
// InstallForm form for installation page
@@ -103,29 +103,6 @@ func (f *RegisterForm) Validate(req *http.Request, errs binding.Errors) binding.
return middleware.Validate(errs, ctx.Data, f, ctx.Locale)
}
-// IsEmailDomainListed checks whether the domain of an email address
-// matches a list of domains
-func IsEmailDomainListed(globs []glob.Glob, email string) bool {
- if len(globs) == 0 {
- return false
- }
-
- n := strings.LastIndex(email, "@")
- if n <= 0 {
- return false
- }
-
- domain := strings.ToLower(email[n+1:])
-
- for _, g := range globs {
- if g.Match(domain) {
- return true
- }
- }
-
- return false
-}
-
// IsEmailDomainAllowed validates that the email address
// provided by the user matches what has been configured .
// The email is marked as allowed if it matches any of the
@@ -133,10 +110,10 @@ func IsEmailDomainListed(globs []glob.Glob, email string) bool {
// domains in the blocklist, if any such list is not empty.
func (f *RegisterForm) IsEmailDomainAllowed() bool {
if len(setting.Service.EmailDomainAllowList) == 0 {
- return !IsEmailDomainListed(setting.Service.EmailDomainBlockList, f.Email)
+ return !validation.IsEmailDomainListed(setting.Service.EmailDomainBlockList, f.Email)
}
- return IsEmailDomainListed(setting.Service.EmailDomainAllowList, f.Email)
+ return validation.IsEmailDomainListed(setting.Service.EmailDomainAllowList, f.Email)
}
// MustChangePasswordForm form for updating your password after account creation