mirrors
/
gitea
mirror of https://github.com/go-gitea/gitea.git
Watch 1
Star 0
Fork 0
Code Issues 0 Releases 211 Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
5901 Commits
17 Branches
Tree: 469ab99e9a
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from '469ab99e9a'
${ noResults }
gitea/routers/api/v1/admin/user.go

user.go 6.7KB
Raw Blame History

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283 
  1. // Copyright 2015 The Gogs Authors. All rights reserved.

  2. // Use of this source code is governed by a MIT-style

  3. // license that can be found in the LICENSE file.

  4. 

  5. package admin

  6. 

  7. import (

  8. 	"code.gitea.io/gitea/models"

  9. 	"code.gitea.io/gitea/modules/context"

  10. 	"code.gitea.io/gitea/modules/log"

  11. 	"code.gitea.io/gitea/modules/setting"

  12. 	"code.gitea.io/gitea/routers/api/v1/user"

  13. 	api "code.gitea.io/sdk/gitea"

  14. )

  15. 

  16. func parseLoginSource(ctx *context.APIContext, u *models.User, sourceID int64, loginName string) {

  17. 	if sourceID == 0 {

  18. 		return

  19. 	}

  20. 

  21. 	source, err := models.GetLoginSourceByID(sourceID)

  22. 	if err != nil {

  23. 		if models.IsErrLoginSourceNotExist(err) {

  24. 			ctx.Error(422, "", err)

  25. 		} else {

  26. 			ctx.Error(500, "GetLoginSourceByID", err)

  27. 		}

  28. 		return

  29. 	}

  30. 

  31. 	u.LoginType = source.Type

  32. 	u.LoginSource = source.ID

  33. 	u.LoginName = loginName

  34. }

  35. 

  36. // CreateUser create a user

  37. func CreateUser(ctx *context.APIContext, form api.CreateUserOption) {

  38. 	// swagger:operation POST /admin/users admin adminCreateUser

  39. 	// ---

  40. 	// summary: Create a user

  41. 	// consumes:

  42. 	// - application/json

  43. 	// produces:

  44. 	// - application/json

  45. 	// parameters:

  46. 	// - name: body

  47. 	//   in: body

  48. 	//   schema:

  49. 	//     "$ref": "#/definitions/CreateUserOption"

  50. 	// responses:

  51. 	//   "201":

  52. 	//     "$ref": "#/responses/User"

  53. 	//   "403":

  54. 	//     "$ref": "#/responses/forbidden"

  55. 	//   "422":

  56. 	//     "$ref": "#/responses/validationError"

  57. 	u := &models.User{

  58. 		Name:      form.Username,

  59. 		FullName:  form.FullName,

  60. 		Email:     form.Email,

  61. 		Passwd:    form.Password,

  62. 		IsActive:  true,

  63. 		LoginType: models.LoginPlain,

  64. 	}

  65. 

  66. 	parseLoginSource(ctx, u, form.SourceID, form.LoginName)

  67. 	if ctx.Written() {

  68. 		return

  69. 	}

  70. 

  71. 	if err := models.CreateUser(u); err != nil {

  72. 		if models.IsErrUserAlreadyExist(err) ||

  73. 			models.IsErrEmailAlreadyUsed(err) ||

  74. 			models.IsErrNameReserved(err) ||

  75. 			models.IsErrNamePatternNotAllowed(err) {

  76. 			ctx.Error(422, "", err)

  77. 		} else {

  78. 			ctx.Error(500, "CreateUser", err)

  79. 		}

  80. 		return

  81. 	}

  82. 	log.Trace("Account created by admin (%s): %s", ctx.User.Name, u.Name)

  83. 

  84. 	// Send email notification.

  85. 	if form.SendNotify && setting.MailService != nil {

  86. 		models.SendRegisterNotifyMail(ctx.Context.Context, u)

  87. 	}

  88. 

  89. 	ctx.JSON(201, u.APIFormat())

  90. }

  91. 

  92. // EditUser api for modifying a user's information

  93. func EditUser(ctx *context.APIContext, form api.EditUserOption) {

  94. 	// swagger:operation PATCH /admin/users/{username} admin adminEditUser

  95. 	// ---

  96. 	// summary: Edit an existing user

  97. 	// consumes:

  98. 	// - application/json

  99. 	// produces:

  100. 	// - application/json

  101. 	// parameters:

  102. 	// - name: username

  103. 	//   in: path

  104. 	//   description: username of user to edit

  105. 	//   type: string

  106. 	//   required: true

  107. 	// - name: body

  108. 	//   in: body

  109. 	//   schema:

  110. 	//     "$ref": "#/definitions/EditUserOption"

  111. 	// responses:

  112. 	//   "200":

  113. 	//     "$ref": "#/responses/User"

  114. 	//   "403":

  115. 	//     "$ref": "#/responses/forbidden"

  116. 	//   "422":

  117. 	//     "$ref": "#/responses/validationError"

  118. 	u := user.GetUserByParams(ctx)

  119. 	if ctx.Written() {

  120. 		return

  121. 	}

  122. 

  123. 	parseLoginSource(ctx, u, form.SourceID, form.LoginName)

  124. 	if ctx.Written() {

  125. 		return

  126. 	}

  127. 

  128. 	if len(form.Password) > 0 {

  129. 		u.Passwd = form.Password

  130. 		var err error

  131. 		if u.Salt, err = models.GetUserSalt(); err != nil {

  132. 			ctx.Error(500, "UpdateUser", err)

  133. 			return

  134. 		}

  135. 		u.EncodePasswd()

  136. 	}

  137. 

  138. 	u.LoginName = form.LoginName

  139. 	u.FullName = form.FullName

  140. 	u.Email = form.Email

  141. 	u.Website = form.Website

  142. 	u.Location = form.Location

  143. 	if form.Active != nil {

  144. 		u.IsActive = *form.Active

  145. 	}

  146. 	if form.Admin != nil {

  147. 		u.IsAdmin = *form.Admin

  148. 	}

  149. 	if form.AllowGitHook != nil {

  150. 		u.AllowGitHook = *form.AllowGitHook

  151. 	}

  152. 	if form.AllowImportLocal != nil {

  153. 		u.AllowImportLocal = *form.AllowImportLocal

  154. 	}

  155. 	if form.MaxRepoCreation != nil {

  156. 		u.MaxRepoCreation = *form.MaxRepoCreation

  157. 	}

  158. 

  159. 	if err := models.UpdateUser(u); err != nil {

  160. 		if models.IsErrEmailAlreadyUsed(err) {

  161. 			ctx.Error(422, "", err)

  162. 		} else {

  163. 			ctx.Error(500, "UpdateUser", err)

  164. 		}

  165. 		return

  166. 	}

  167. 	log.Trace("Account profile updated by admin (%s): %s", ctx.User.Name, u.Name)

  168. 

  169. 	ctx.JSON(200, u.APIFormat())

  170. }

  171. 

  172. // DeleteUser api for deleting a user

  173. func DeleteUser(ctx *context.APIContext) {

  174. 	// swagger:operation DELETE /admin/users/{username} admin adminDeleteUser

  175. 	// ---

  176. 	// summary: Delete a user

  177. 	// produces:

  178. 	// - application/json

  179. 	// parameters:

  180. 	// - name: username

  181. 	//   in: path

  182. 	//   description: username of user to delete

  183. 	//   type: string

  184. 	//   required: true

  185. 	// responses:

  186. 	//   "204":

  187. 	//     "$ref": "#/responses/empty"

  188. 	//   "403":

  189. 	//     "$ref": "#/responses/forbidden"

  190. 	//   "422":

  191. 	//     "$ref": "#/responses/validationError"

  192. 	u := user.GetUserByParams(ctx)

  193. 	if ctx.Written() {

  194. 		return

  195. 	}

  196. 

  197. 	if err := models.DeleteUser(u); err != nil {

  198. 		if models.IsErrUserOwnRepos(err) ||

  199. 			models.IsErrUserHasOrgs(err) {

  200. 			ctx.Error(422, "", err)

  201. 		} else {

  202. 			ctx.Error(500, "DeleteUser", err)

  203. 		}

  204. 		return

  205. 	}

  206. 	log.Trace("Account deleted by admin(%s): %s", ctx.User.Name, u.Name)

  207. 

  208. 	ctx.Status(204)

  209. }

  210. 

  211. // CreatePublicKey api for creating a public key to a user

  212. func CreatePublicKey(ctx *context.APIContext, form api.CreateKeyOption) {

  213. 	// swagger:operation POST /admin/users/{username}/keys admin adminCreatePublicKey

  214. 	// ---

  215. 	// summary: Add a public key on behalf of a user

  216. 	// consumes:

  217. 	// - application/json

  218. 	// produces:

  219. 	// - application/json

  220. 	// parameters:

  221. 	// - name: username

  222. 	//   in: path

  223. 	//   description: username of the user

  224. 	//   type: string

  225. 	//   required: true

  226. 	// responses:

  227. 	//   "201":

  228. 	//     "$ref": "#/responses/PublicKey"

  229. 	//   "403":

  230. 	//     "$ref": "#/responses/forbidden"

  231. 	//   "422":

  232. 	//     "$ref": "#/responses/validationError"

  233. 	u := user.GetUserByParams(ctx)

  234. 	if ctx.Written() {

  235. 		return

  236. 	}

  237. 	user.CreateUserPublicKey(ctx, form, u.ID)

  238. }

  239. 

  240. // DeleteUserPublicKey api for deleting a user's public key

  241. func DeleteUserPublicKey(ctx *context.APIContext) {

  242. 	// swagger:operation DELETE /admin/users/{username}/keys/{id} admin adminDeleteUserPublicKey

  243. 	// ---

  244. 	// summary: Delete a user's public key

  245. 	// produces:

  246. 	// - application/json

  247. 	// parameters:

  248. 	// - name: username

  249. 	//   in: path

  250. 	//   description: username of user

  251. 	//   type: string

  252. 	//   required: true

  253. 	// - name: id

  254. 	//   in: path

  255. 	//   description: id of the key to delete

  256. 	//   type: integer

  257. 	//   required: true

  258. 	// responses:

  259. 	//   "204":

  260. 	//     "$ref": "#/responses/empty"

  261. 	//   "403":

  262. 	//     "$ref": "#/responses/forbidden"

  263. 	//   "404":

  264. 	//     "$ref": "#/responses/notFound"

  265. 	u := user.GetUserByParams(ctx)

  266. 	if ctx.Written() {

  267. 		return

  268. 	}

  269. 

  270. 	if err := models.DeletePublicKey(u, ctx.ParamsInt64(":id")); err != nil {

  271. 		if models.IsErrKeyNotExist(err) {

  272. 			ctx.Status(404)

  273. 		} else if models.IsErrKeyAccessDenied(err) {

  274. 			ctx.Error(403, "", "You do not have access to this key")

  275. 		} else {

  276. 			ctx.Error(500, "DeleteUserPublicKey", err)

  277. 		}

  278. 		return

  279. 	}

  280. 	log.Trace("Key deleted by admin(%s): %s", ctx.User.Name, u.Name)

  281. 

  282. 	ctx.Status(204)

  283. }