mirrors
/
gitea
mirror of https://github.com/go-gitea/gitea.git
Watch 1
Star 0
Fork 0
Code Issues 0 Releases 212 Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
985 Commits
17 Branches
Tree: bbdfe25769
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from 'bbdfe25769'
${ noResults }
gitea/models/user.go

user.go 12KB
Raw Normal View History

fix
10 years ago
Fix #149
10 years ago
fix
10 years ago
basic authentications
10 years ago
fix
10 years ago
Add disable gravatar option
10 years ago
fix
10 years ago
change gravatar image to match URL scheme
10 years ago
fix
10 years ago
initial support for LDAP authentication/MSAD
10 years ago
fix
10 years ago
Fix #150
10 years ago
fix
10 years ago
Clean oauth code
10 years ago
fix
10 years ago
Fix #150
10 years ago
fix
10 years ago
UPDATE README
10 years ago
Support private repo
10 years ago
UPDATE README
10 years ago
fix
10 years ago
Add /api/v1/users/search
10 years ago
fix
10 years ago
Add login by email
10 years ago
fix
10 years ago
Add login by email
10 years ago
fix
10 years ago
Add login by email
10 years ago
fix
10 years ago
Add login by email
10 years ago
fix
10 years ago
 123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509 
  1. // Copyright 2014 The Gogs Authors. All rights reserved.

  2. // Use of this source code is governed by a MIT-style

  3. // license that can be found in the LICENSE file.

  4. 

  5. package models

  6. 

  7. import (

  8. 	"crypto/sha256"

  9. 	"encoding/hex"

  10. 	"errors"

  11. 	"fmt"

  12. 	"os"

  13. 	"path/filepath"

  14. 	"strings"

  15. 	"time"

  16. 

  17. 	"github.com/gogits/git"

  18. 

  19. 	"github.com/gogits/gogs/modules/base"

  20. 	"github.com/gogits/gogs/modules/log"

  21. )

  22. 

  23. // User types.

  24. const (

  25. 	UT_INDIVIDUAL = iota + 1

  26. 	UT_ORGANIZATION

  27. )

  28. 

  29. var (

  30. 	ErrUserOwnRepos     = errors.New("User still have ownership of repositories")

  31. 	ErrUserAlreadyExist = errors.New("User already exist")

  32. 	ErrUserNotExist     = errors.New("User does not exist")

  33. 	ErrEmailAlreadyUsed = errors.New("E-mail already used")

  34. 	ErrUserNameIllegal  = errors.New("User name contains illegal characters")

  35. 	ErrKeyNotExist      = errors.New("Public key does not exist")

  36. )

  37. 

  38. // User represents the object of individual and member of organization.

  39. type User struct {

  40. 	Id            int64

  41. 	LowerName     string `xorm:"unique not null"`

  42. 	Name          string `xorm:"unique not null"`

  43. 	FullName      string

  44. 	Email         string `xorm:"unique not null"`

  45. 	Passwd        string `xorm:"not null"`

  46. 	LoginType     int

  47. 	LoginSource   int64 `xorm:"not null default 0"`

  48. 	Type          int

  49. 	NumFollowers  int

  50. 	NumFollowings int

  51. 	NumStars      int

  52. 	NumRepos      int

  53. 	Avatar        string `xorm:"varchar(2048) not null"`

  54. 	AvatarEmail   string `xorm:"not null"`

  55. 	Location      string

  56. 	Website       string

  57. 	IsActive      bool

  58. 	IsAdmin       bool

  59. 	Rands         string    `xorm:"VARCHAR(10)"`

  60. 	Salt          string    `xorm:"VARCHAR(10)"`

  61. 	Created       time.Time `xorm:"created"`

  62. 	Updated       time.Time `xorm:"updated"`

  63. }

  64. 

  65. // HomeLink returns the user home page link.

  66. func (user *User) HomeLink() string {

  67. 	return "/user/" + user.Name

  68. }

  69. 

  70. // AvatarLink returns the user gravatar link.

  71. func (user *User) AvatarLink() string {

  72. 	if base.DisableGravatar {

  73. 		return "/img/avatar_default.jpg"

  74. 	} else if base.Service.EnableCacheAvatar {

  75. 		return "/avatar/" + user.Avatar

  76. 	}

  77. 	return "//1.gravatar.com/avatar/" + user.Avatar

  78. }

  79. 

  80. // NewGitSig generates and returns the signature of given user.

  81. func (user *User) NewGitSig() *git.Signature {

  82. 	return &git.Signature{

  83. 		Name:  user.Name,

  84. 		Email: user.Email,

  85. 		When:  time.Now(),

  86. 	}

  87. }

  88. 

  89. // EncodePasswd encodes password to safe format.

  90. func (user *User) EncodePasswd() {

  91. 	newPasswd := base.PBKDF2([]byte(user.Passwd), []byte(user.Salt), 10000, 50, sha256.New)

  92. 	user.Passwd = fmt.Sprintf("%x", newPasswd)

  93. }

  94. 

  95. // Member represents user is member of organization.

  96. type Member struct {

  97. 	Id     int64

  98. 	OrgId  int64 `xorm:"unique(member) index"`

  99. 	UserId int64 `xorm:"unique(member)"`

  100. }

  101. 

  102. // IsUserExist checks if given user name exist,

  103. // the user name should be noncased unique.

  104. func IsUserExist(name string) (bool, error) {

  105. 	if len(name) == 0 {

  106. 		return false, nil

  107. 	}

  108. 	return orm.Get(&User{LowerName: strings.ToLower(name)})

  109. }

  110. 

  111. // IsEmailUsed returns true if the e-mail has been used.

  112. func IsEmailUsed(email string) (bool, error) {

  113. 	if len(email) == 0 {

  114. 		return false, nil

  115. 	}

  116. 	return orm.Get(&User{Email: email})

  117. }

  118. 

  119. // return a user salt token

  120. func GetUserSalt() string {

  121. 	return base.GetRandomString(10)

  122. }

  123. 

  124. // RegisterUser creates record of a new user.

  125. func RegisterUser(user *User) (*User, error) {

  126. 

  127. 	if !IsLegalName(user.Name) {

  128. 		return nil, ErrUserNameIllegal

  129. 	}

  130. 

  131. 	isExist, err := IsUserExist(user.Name)

  132. 	if err != nil {

  133. 		return nil, err

  134. 	} else if isExist {

  135. 		return nil, ErrUserAlreadyExist

  136. 	}

  137. 

  138. 	isExist, err = IsEmailUsed(user.Email)

  139. 	if err != nil {

  140. 		return nil, err

  141. 	} else if isExist {

  142. 		return nil, ErrEmailAlreadyUsed

  143. 	}

  144. 

  145. 	user.LowerName = strings.ToLower(user.Name)

  146. 	user.Avatar = base.EncodeMd5(user.Email)

  147. 	user.AvatarEmail = user.Email

  148. 	user.Rands = GetUserSalt()

  149. 	user.Salt = GetUserSalt()

  150. 	user.EncodePasswd()

  151. 	if _, err = orm.Insert(user); err != nil {

  152. 		return nil, err

  153. 	} else if err = os.MkdirAll(UserPath(user.Name), os.ModePerm); err != nil {

  154. 		if _, err := orm.Id(user.Id).Delete(&User{}); err != nil {

  155. 			return nil, errors.New(fmt.Sprintf(

  156. 				"both create userpath %s and delete table record faild: %v", user.Name, err))

  157. 		}

  158. 		return nil, err

  159. 	}

  160. 

  161. 	if user.Id == 1 {

  162. 		user.IsAdmin = true

  163. 		user.IsActive = true

  164. 		_, err = orm.Id(user.Id).UseBool().Update(user)

  165. 	}

  166. 	return user, err

  167. }

  168. 

  169. // GetUsers returns given number of user objects with offset.

  170. func GetUsers(num, offset int) ([]User, error) {

  171. 	users := make([]User, 0, num)

  172. 	err := orm.Limit(num, offset).Asc("id").Find(&users)

  173. 	return users, err

  174. }

  175. 

  176. // get user by erify code

  177. func getVerifyUser(code string) (user *User) {

  178. 	if len(code) <= base.TimeLimitCodeLength {

  179. 		return nil

  180. 	}

  181. 

  182. 	// use tail hex username query user

  183. 	hexStr := code[base.TimeLimitCodeLength:]

  184. 	if b, err := hex.DecodeString(hexStr); err == nil {

  185. 		if user, err = GetUserByName(string(b)); user != nil {

  186. 			return user

  187. 		}

  188. 		log.Error("user.getVerifyUser: %v", err)

  189. 	}

  190. 

  191. 	return nil

  192. }

  193. 

  194. // verify active code when active account

  195. func VerifyUserActiveCode(code string) (user *User) {

  196. 	minutes := base.Service.ActiveCodeLives

  197. 

  198. 	if user = getVerifyUser(code); user != nil {

  199. 		// time limit code

  200. 		prefix := code[:base.TimeLimitCodeLength]

  201. 		data := base.ToStr(user.Id) + user.Email + user.LowerName + user.Passwd + user.Rands

  202. 

  203. 		if base.VerifyTimeLimitCode(data, minutes, prefix) {

  204. 			return user

  205. 		}

  206. 	}

  207. 	return nil

  208. }

  209. 

  210. // ChangeUserName changes all corresponding setting from old user name to new one.

  211. func ChangeUserName(user *User, newUserName string) (err error) {

  212. 	newUserName = strings.ToLower(newUserName)

  213. 

  214. 	// Update accesses of user.

  215. 	accesses := make([]Access, 0, 10)

  216. 	if err = orm.Find(&accesses, &Access{UserName: user.LowerName}); err != nil {

  217. 		return err

  218. 	}

  219. 

  220. 	sess := orm.NewSession()

  221. 	defer sess.Close()

  222. 	if err = sess.Begin(); err != nil {

  223. 		return err

  224. 	}

  225. 

  226. 	for i := range accesses {

  227. 		accesses[i].UserName = newUserName

  228. 		if strings.HasPrefix(accesses[i].RepoName, user.LowerName+"/") {

  229. 			accesses[i].RepoName = strings.Replace(accesses[i].RepoName, user.LowerName, newUserName, 1)

  230. 		}

  231. 		if err = UpdateAccessWithSession(sess, &accesses[i]); err != nil {

  232. 			return err

  233. 		}

  234. 	}

  235. 

  236. 	repos, err := GetRepositories(user, true)

  237. 	if err != nil {

  238. 		return err

  239. 	}

  240. 	for i := range repos {

  241. 		accesses = make([]Access, 0, 10)

  242. 		// Update accesses of user repository.

  243. 		if err = orm.Find(&accesses, &Access{RepoName: user.LowerName + "/" + repos[i].LowerName}); err != nil {

  244. 			return err

  245. 		}

  246. 

  247. 		for j := range accesses {

  248. 			accesses[j].UserName = newUserName

  249. 			accesses[j].RepoName = newUserName + "/" + repos[i].LowerName

  250. 			if err = UpdateAccessWithSession(sess, &accesses[j]); err != nil {

  251. 				return err

  252. 			}

  253. 		}

  254. 	}

  255. 

  256. 	// Change user directory name.

  257. 	if err = os.Rename(UserPath(user.LowerName), UserPath(newUserName)); err != nil {

  258. 		sess.Rollback()

  259. 		return err

  260. 	}

  261. 

  262. 	return sess.Commit()

  263. }

  264. 

  265. // UpdateUser updates user's information.

  266. func UpdateUser(user *User) (err error) {

  267. 	user.LowerName = strings.ToLower(user.Name)

  268. 

  269. 	if len(user.Location) > 255 {

  270. 		user.Location = user.Location[:255]

  271. 	}

  272. 	if len(user.Website) > 255 {

  273. 		user.Website = user.Website[:255]

  274. 	}

  275. 

  276. 	_, err = orm.Id(user.Id).AllCols().Update(user)

  277. 	return err

  278. }

  279. 

  280. // DeleteUser completely deletes everything of the user.

  281. func DeleteUser(user *User) error {

  282. 	// Check ownership of repository.

  283. 	count, err := GetRepositoryCount(user)

  284. 	if err != nil {

  285. 		return errors.New("modesl.GetRepositories: " + err.Error())

  286. 	} else if count > 0 {

  287. 		return ErrUserOwnRepos

  288. 	}

  289. 

  290. 	// TODO: check issues, other repos' commits

  291. 

  292. 	// Delete all followers.

  293. 	if _, err = orm.Delete(&Follow{FollowId: user.Id}); err != nil {

  294. 		return err

  295. 	}

  296. 

  297. 	// Delete oauth2.

  298. 	if _, err = orm.Delete(&Oauth2{Uid: user.Id}); err != nil {

  299. 		return err

  300. 	}

  301. 

  302. 	// Delete all feeds.

  303. 	if _, err = orm.Delete(&Action{UserId: user.Id}); err != nil {

  304. 		return err

  305. 	}

  306. 

  307. 	// Delete all watches.

  308. 	if _, err = orm.Delete(&Watch{UserId: user.Id}); err != nil {

  309. 		return err

  310. 	}

  311. 

  312. 	// Delete all accesses.

  313. 	if _, err = orm.Delete(&Access{UserName: user.LowerName}); err != nil {

  314. 		return err

  315. 	}

  316. 

  317. 	// Delete all SSH keys.

  318. 	keys := make([]PublicKey, 0, 10)

  319. 	if err = orm.Find(&keys, &PublicKey{OwnerId: user.Id}); err != nil {

  320. 		return err

  321. 	}

  322. 	for _, key := range keys {

  323. 		if err = DeletePublicKey(&key); err != nil {

  324. 			return err

  325. 		}

  326. 	}

  327. 

  328. 	// Delete user directory.

  329. 	if err = os.RemoveAll(UserPath(user.Name)); err != nil {

  330. 		return err

  331. 	}

  332. 

  333. 	_, err = orm.Delete(user)

  334. 	return err

  335. }

  336. 

  337. // UserPath returns the path absolute path of user repositories.

  338. func UserPath(userName string) string {

  339. 	return filepath.Join(base.RepoRootPath, strings.ToLower(userName))

  340. }

  341. 

  342. func GetUserByKeyId(keyId int64) (*User, error) {

  343. 	user := new(User)

  344. 	rawSql := "SELECT a.* FROM `user` AS a, public_key AS b WHERE a.id = b.owner_id AND b.id=?"

  345. 	has, err := orm.Sql(rawSql, keyId).Get(user)

  346. 	if err != nil {

  347. 		return nil, err

  348. 	} else if !has {

  349. 		err = errors.New("not exist key owner")

  350. 		return nil, err

  351. 	}

  352. 	return user, nil

  353. }

  354. 

  355. // GetUserById returns the user object by given id if exists.

  356. func GetUserById(id int64) (*User, error) {

  357. 	user := new(User)

  358. 	has, err := orm.Id(id).Get(user)

  359. 	if err != nil {

  360. 		return nil, err

  361. 	}

  362. 	if !has {

  363. 		return nil, ErrUserNotExist

  364. 	}

  365. 	return user, nil

  366. }

  367. 

  368. // GetUserByName returns the user object by given name if exists.

  369. func GetUserByName(name string) (*User, error) {

  370. 	if len(name) == 0 {

  371. 		return nil, ErrUserNotExist

  372. 	}

  373. 	user := &User{LowerName: strings.ToLower(name)}

  374. 	has, err := orm.Get(user)

  375. 	if err != nil {

  376. 		return nil, err

  377. 	} else if !has {

  378. 		return nil, ErrUserNotExist

  379. 	}

  380. 	return user, nil

  381. }

  382. 

  383. // GetUserEmailsByNames returns a slice of e-mails corresponds to names.

  384. func GetUserEmailsByNames(names []string) []string {

  385. 	mails := make([]string, 0, len(names))

  386. 	for _, name := range names {

  387. 		u, err := GetUserByName(name)

  388. 		if err != nil {

  389. 			continue

  390. 		}

  391. 		mails = append(mails, u.Email)

  392. 	}

  393. 	return mails

  394. }

  395. 

  396. // GetUserByEmail returns the user object by given e-mail if exists.

  397. func GetUserByEmail(email string) (*User, error) {

  398. 	if len(email) == 0 {

  399. 		return nil, ErrUserNotExist

  400. 	}

  401. 	user := &User{Email: strings.ToLower(email)}

  402. 	has, err := orm.Get(user)

  403. 	if err != nil {

  404. 		return nil, err

  405. 	} else if !has {

  406. 		return nil, ErrUserNotExist

  407. 	}

  408. 	return user, nil

  409. }

  410. 

  411. // SearchUserByName returns given number of users whose name contains keyword.

  412. func SearchUserByName(key string, limit int) (us []*User, err error) {

  413. 	// Prevent SQL inject.

  414. 	key = strings.TrimSpace(key)

  415. 	if len(key) == 0 {

  416. 		return us, nil

  417. 	}

  418. 

  419. 	key = strings.Split(key, " ")[0]

  420. 	if len(key) == 0 {

  421. 		return us, nil

  422. 	}

  423. 	key = strings.ToLower(key)

  424. 

  425. 	us = make([]*User, 0, limit)

  426. 	err = orm.Limit(limit).Where("lower_name like '%" + key + "%'").Find(&us)

  427. 	return us, err

  428. }

  429. 

  430. // LoginUserPlain validates user by raw user name and password.

  431. func LoginUserPlain(uname, passwd string) (*User, error) {

  432. 	var u *User

  433. 	if strings.Contains(uname, "@") {

  434. 		u = &User{Email: uname}

  435. 	} else {

  436. 		u = &User{LowerName: strings.ToLower(uname)}

  437. 	}

  438. 

  439. 	has, err := orm.Get(u)

  440. 	if err != nil {

  441. 		return nil, err

  442. 	} else if !has {

  443. 		return nil, ErrUserNotExist

  444. 	}

  445. 

  446. 	newUser := &User{Passwd: passwd, Salt: u.Salt}

  447. 	newUser.EncodePasswd()

  448. 	if u.Passwd != newUser.Passwd {

  449. 		return nil, ErrUserNotExist

  450. 	}

  451. 	return u, nil

  452. }

  453. 

  454. // Follow is connection request for receiving user notifycation.

  455. type Follow struct {

  456. 	Id       int64

  457. 	UserId   int64 `xorm:"unique(follow)"`

  458. 	FollowId int64 `xorm:"unique(follow)"`

  459. }

  460. 

  461. // FollowUser marks someone be another's follower.

  462. func FollowUser(userId int64, followId int64) (err error) {

  463. 	session := orm.NewSession()

  464. 	defer session.Close()

  465. 	session.Begin()

  466. 

  467. 	if _, err = session.Insert(&Follow{UserId: userId, FollowId: followId}); err != nil {

  468. 		session.Rollback()

  469. 		return err

  470. 	}

  471. 

  472. 	rawSql := "UPDATE `user` SET num_followers = num_followers + 1 WHERE id = ?"

  473. 	if _, err = session.Exec(rawSql, followId); err != nil {

  474. 		session.Rollback()

  475. 		return err

  476. 	}

  477. 

  478. 	rawSql = "UPDATE `user` SET num_followings = num_followings + 1 WHERE id = ?"

  479. 	if _, err = session.Exec(rawSql, userId); err != nil {

  480. 		session.Rollback()

  481. 		return err

  482. 	}

  483. 	return session.Commit()

  484. }

  485. 

  486. // UnFollowUser unmarks someone be another's follower.

  487. func UnFollowUser(userId int64, unFollowId int64) (err error) {

  488. 	session := orm.NewSession()

  489. 	defer session.Close()

  490. 	session.Begin()

  491. 

  492. 	if _, err = session.Delete(&Follow{UserId: userId, FollowId: unFollowId}); err != nil {

  493. 		session.Rollback()

  494. 		return err

  495. 	}

  496. 

  497. 	rawSql := "UPDATE `user` SET num_followers = num_followers - 1 WHERE id = ?"

  498. 	if _, err = session.Exec(rawSql, unFollowId); err != nil {

  499. 		session.Rollback()

  500. 		return err

  501. 	}

  502. 

  503. 	rawSql = "UPDATE `user` SET num_followings = num_followings - 1 WHERE id = ?"

  504. 	if _, err = session.Exec(rawSql, userId); err != nil {

  505. 		session.Rollback()

  506. 		return err

  507. 	}

  508. 	return session.Commit()

  509. }