diff options
Diffstat (limited to 'models')
| -rw-r--r-- | models/fixtures/user.yml | 1 | ||||
| -rw-r--r-- | models/user.go | 53 | ||||
| -rw-r--r-- | models/user_test.go | 12 |
3 files changed, 57 insertions, 9 deletions
diff --git a/models/fixtures/user.yml b/models/fixtures/user.yml index 850ee4041d..c49fe1b656 100644 --- a/models/fixtures/user.yml +++ b/models/fixtures/user.yml @@ -524,6 +524,7 @@ avatar_email: user30@example.com num_repos: 2 is_active: true + prohibit_login: true - id: 31 diff --git a/models/user.go b/models/user.go index 934b834e96..3ce23ef2ed 100644 --- a/models/user.go +++ b/models/user.go @@ -35,7 +35,9 @@ import ( "golang.org/x/crypto/bcrypt" "golang.org/x/crypto/pbkdf2" "golang.org/x/crypto/scrypt" + "xorm.io/builder" + "xorm.io/xorm" ) // UserType defines the user type @@ -1600,11 +1602,16 @@ type SearchUserOptions struct { OrderBy SearchOrderBy Visible []structs.VisibleType Actor *User // The user doing the search - IsActive util.OptionalBool - SearchByEmail bool // Search by email as well as username/full name + SearchByEmail bool // Search by email as well as username/full name + + IsActive util.OptionalBool + IsAdmin util.OptionalBool + IsRestricted util.OptionalBool + IsTwoFactorEnabled util.OptionalBool + IsProhibitLogin util.OptionalBool } -func (opts *SearchUserOptions) toConds() builder.Cond { +func (opts *SearchUserOptions) toSearchQueryBase() (sess *xorm.Session) { var cond builder.Cond = builder.Eq{"type": opts.Type} if len(opts.Keyword) > 0 { lowerKeyword := strings.ToLower(opts.Keyword) @@ -1658,14 +1665,39 @@ func (opts *SearchUserOptions) toConds() builder.Cond { cond = cond.And(builder.Eq{"is_active": opts.IsActive.IsTrue()}) } - return cond + if !opts.IsAdmin.IsNone() { + cond = cond.And(builder.Eq{"is_admin": opts.IsAdmin.IsTrue()}) + } + + if !opts.IsRestricted.IsNone() { + cond = cond.And(builder.Eq{"is_restricted": opts.IsRestricted.IsTrue()}) + } + + if !opts.IsProhibitLogin.IsNone() { + cond = cond.And(builder.Eq{"prohibit_login": opts.IsProhibitLogin.IsTrue()}) + } + + sess = db.NewSession(db.DefaultContext) + if !opts.IsTwoFactorEnabled.IsNone() { + // 2fa filter uses LEFT JOIN to check whether a user has a 2fa record + // TODO: bad performance here, maybe there will be a column "is_2fa_enabled" in the future + if opts.IsTwoFactorEnabled.IsTrue() { + cond = cond.And(builder.Expr("two_factor.uid IS NOT NULL")) + } else { + cond = cond.And(builder.Expr("two_factor.uid IS NULL")) + } + sess = sess.Join("LEFT OUTER", "two_factor", "two_factor.uid = `user`.id") + } + sess = sess.Where(cond) + return sess } // SearchUsers takes options i.e. keyword and part of user name to search, // it returns results in given range and number of total results. func SearchUsers(opts *SearchUserOptions) (users []*User, _ int64, _ error) { - cond := opts.toConds() - count, err := db.GetEngine(db.DefaultContext).Where(cond).Count(new(User)) + sessCount := opts.toSearchQueryBase() + defer sessCount.Close() + count, err := sessCount.Count(new(User)) if err != nil { return nil, 0, fmt.Errorf("Count: %v", err) } @@ -1674,13 +1706,16 @@ func SearchUsers(opts *SearchUserOptions) (users []*User, _ int64, _ error) { opts.OrderBy = SearchOrderByAlphabetically } - sess := db.GetEngine(db.DefaultContext).Where(cond).OrderBy(opts.OrderBy.String()) + sessQuery := opts.toSearchQueryBase().OrderBy(opts.OrderBy.String()) + defer sessQuery.Close() if opts.Page != 0 { - sess = db.SetSessionPagination(sess, opts) + sessQuery = db.SetSessionPagination(sessQuery, opts) } + // the sql may contain JOIN, so we must only select User related columns + sessQuery = sessQuery.Select("`user`.*") users = make([]*User, 0, opts.PageSize) - return users, count, sess.Find(&users) + return users, count, sessQuery.Find(&users) } // GetStarredRepos returns the repos starred by a particular user diff --git a/models/user_test.go b/models/user_test.go index bf796a8c62..2dcca20346 100644 --- a/models/user_test.go +++ b/models/user_test.go @@ -161,6 +161,18 @@ func TestSearchUsers(t *testing.T) { // order by name asc default testUserSuccess(&SearchUserOptions{Keyword: "user1", ListOptions: db.ListOptions{Page: 1}, IsActive: util.OptionalBoolTrue}, []int64{1, 10, 11, 12, 13, 14, 15, 16, 18}) + + testUserSuccess(&SearchUserOptions{ListOptions: db.ListOptions{Page: 1}, IsAdmin: util.OptionalBoolTrue}, + []int64{1}) + + testUserSuccess(&SearchUserOptions{ListOptions: db.ListOptions{Page: 1}, IsRestricted: util.OptionalBoolTrue}, + []int64{29, 30}) + + testUserSuccess(&SearchUserOptions{ListOptions: db.ListOptions{Page: 1}, IsProhibitLogin: util.OptionalBoolTrue}, + []int64{30}) + + testUserSuccess(&SearchUserOptions{ListOptions: db.ListOptions{Page: 1}, IsTwoFactorEnabled: util.OptionalBoolTrue}, + []int64{24}) } func TestDeleteUser(t *testing.T) { |