mirrors
/
gitea
의 미러 https://github.com/go-gitea/gitea.git
보기 1
좋아요 0
포크 0
코드 이슈 0 릴리즈 210 위키 Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
8006 커밋
17 브랜치
트리: 5a438ee3c0
브랜치 태그
${ item.name }
Create branch ${ searchTerm }
from '5a438ee3c0'
${ noResults }
gitea/routers/api/v1/admin/user.go

user.go 8.1KB
Raw Blame 히스토리

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332 
  1. // Copyright 2015 The Gogs Authors. All rights reserved.

  2. // Copyright 2019 The Gitea Authors. All rights reserved.

  3. // Use of this source code is governed by a MIT-style

  4. // license that can be found in the LICENSE file.

  5. 

  6. package admin

  7. 

  8. import (

  9. 	"code.gitea.io/gitea/models"

  10. 	"code.gitea.io/gitea/modules/context"

  11. 	"code.gitea.io/gitea/modules/log"

  12. 	api "code.gitea.io/gitea/modules/structs"

  13. 	"code.gitea.io/gitea/routers/api/v1/convert"

  14. 	"code.gitea.io/gitea/routers/api/v1/user"

  15. 	"code.gitea.io/gitea/services/mailer"

  16. )

  17. 

  18. func parseLoginSource(ctx *context.APIContext, u *models.User, sourceID int64, loginName string) {

  19. 	if sourceID == 0 {

  20. 		return

  21. 	}

  22. 

  23. 	source, err := models.GetLoginSourceByID(sourceID)

  24. 	if err != nil {

  25. 		if models.IsErrLoginSourceNotExist(err) {

  26. 			ctx.Error(422, "", err)

  27. 		} else {

  28. 			ctx.Error(500, "GetLoginSourceByID", err)

  29. 		}

  30. 		return

  31. 	}

  32. 

  33. 	u.LoginType = source.Type

  34. 	u.LoginSource = source.ID

  35. 	u.LoginName = loginName

  36. }

  37. 

  38. // CreateUser create a user

  39. func CreateUser(ctx *context.APIContext, form api.CreateUserOption) {

  40. 	// swagger:operation POST /admin/users admin adminCreateUser

  41. 	// ---

  42. 	// summary: Create a user

  43. 	// consumes:

  44. 	// - application/json

  45. 	// produces:

  46. 	// - application/json

  47. 	// parameters:

  48. 	// - name: body

  49. 	//   in: body

  50. 	//   schema:

  51. 	//     "$ref": "#/definitions/CreateUserOption"

  52. 	// responses:

  53. 	//   "201":

  54. 	//     "$ref": "#/responses/User"

  55. 	//   "403":

  56. 	//     "$ref": "#/responses/forbidden"

  57. 	//   "422":

  58. 	//     "$ref": "#/responses/validationError"

  59. 	u := &models.User{

  60. 		Name:               form.Username,

  61. 		FullName:           form.FullName,

  62. 		Email:              form.Email,

  63. 		Passwd:             form.Password,

  64. 		MustChangePassword: true,

  65. 		IsActive:           true,

  66. 		LoginType:          models.LoginPlain,

  67. 	}

  68. 	if form.MustChangePassword != nil {

  69. 		u.MustChangePassword = *form.MustChangePassword

  70. 	}

  71. 

  72. 	parseLoginSource(ctx, u, form.SourceID, form.LoginName)

  73. 	if ctx.Written() {

  74. 		return

  75. 	}

  76. 

  77. 	if err := models.CreateUser(u); err != nil {

  78. 		if models.IsErrUserAlreadyExist(err) ||

  79. 			models.IsErrEmailAlreadyUsed(err) ||

  80. 			models.IsErrNameReserved(err) ||

  81. 			models.IsErrNamePatternNotAllowed(err) {

  82. 			ctx.Error(422, "", err)

  83. 		} else {

  84. 			ctx.Error(500, "CreateUser", err)

  85. 		}

  86. 		return

  87. 	}

  88. 	log.Trace("Account created by admin (%s): %s", ctx.User.Name, u.Name)

  89. 

  90. 	// Send email notification.

  91. 	if form.SendNotify {

  92. 		mailer.SendRegisterNotifyMail(ctx.Locale, u)

  93. 	}

  94. 	ctx.JSON(201, convert.ToUser(u, ctx.IsSigned, ctx.User.IsAdmin))

  95. }

  96. 

  97. // EditUser api for modifying a user's information

  98. func EditUser(ctx *context.APIContext, form api.EditUserOption) {

  99. 	// swagger:operation PATCH /admin/users/{username} admin adminEditUser

  100. 	// ---

  101. 	// summary: Edit an existing user

  102. 	// consumes:

  103. 	// - application/json

  104. 	// produces:

  105. 	// - application/json

  106. 	// parameters:

  107. 	// - name: username

  108. 	//   in: path

  109. 	//   description: username of user to edit

  110. 	//   type: string

  111. 	//   required: true

  112. 	// - name: body

  113. 	//   in: body

  114. 	//   schema:

  115. 	//     "$ref": "#/definitions/EditUserOption"

  116. 	// responses:

  117. 	//   "200":

  118. 	//     "$ref": "#/responses/User"

  119. 	//   "403":

  120. 	//     "$ref": "#/responses/forbidden"

  121. 	//   "422":

  122. 	//     "$ref": "#/responses/validationError"

  123. 	u := user.GetUserByParams(ctx)

  124. 	if ctx.Written() {

  125. 		return

  126. 	}

  127. 

  128. 	parseLoginSource(ctx, u, form.SourceID, form.LoginName)

  129. 	if ctx.Written() {

  130. 		return

  131. 	}

  132. 

  133. 	if len(form.Password) > 0 {

  134. 		var err error

  135. 		if u.Salt, err = models.GetUserSalt(); err != nil {

  136. 			ctx.Error(500, "UpdateUser", err)

  137. 			return

  138. 		}

  139. 		u.HashPassword(form.Password)

  140. 	}

  141. 

  142. 	if form.MustChangePassword != nil {

  143. 		u.MustChangePassword = *form.MustChangePassword

  144. 	}

  145. 

  146. 	u.LoginName = form.LoginName

  147. 	u.FullName = form.FullName

  148. 	u.Email = form.Email

  149. 	u.Website = form.Website

  150. 	u.Location = form.Location

  151. 	if form.Active != nil {

  152. 		u.IsActive = *form.Active

  153. 	}

  154. 	if form.Admin != nil {

  155. 		u.IsAdmin = *form.Admin

  156. 	}

  157. 	if form.AllowGitHook != nil {

  158. 		u.AllowGitHook = *form.AllowGitHook

  159. 	}

  160. 	if form.AllowImportLocal != nil {

  161. 		u.AllowImportLocal = *form.AllowImportLocal

  162. 	}

  163. 	if form.MaxRepoCreation != nil {

  164. 		u.MaxRepoCreation = *form.MaxRepoCreation

  165. 	}

  166. 	if form.AllowCreateOrganization != nil {

  167. 		u.AllowCreateOrganization = *form.AllowCreateOrganization

  168. 	}

  169. 	if form.ProhibitLogin != nil {

  170. 		u.ProhibitLogin = *form.ProhibitLogin

  171. 	}

  172. 

  173. 	if err := models.UpdateUser(u); err != nil {

  174. 		if models.IsErrEmailAlreadyUsed(err) {

  175. 			ctx.Error(422, "", err)

  176. 		} else {

  177. 			ctx.Error(500, "UpdateUser", err)

  178. 		}

  179. 		return

  180. 	}

  181. 	log.Trace("Account profile updated by admin (%s): %s", ctx.User.Name, u.Name)

  182. 

  183. 	ctx.JSON(200, convert.ToUser(u, ctx.IsSigned, ctx.User.IsAdmin))

  184. }

  185. 

  186. // DeleteUser api for deleting a user

  187. func DeleteUser(ctx *context.APIContext) {

  188. 	// swagger:operation DELETE /admin/users/{username} admin adminDeleteUser

  189. 	// ---

  190. 	// summary: Delete a user

  191. 	// produces:

  192. 	// - application/json

  193. 	// parameters:

  194. 	// - name: username

  195. 	//   in: path

  196. 	//   description: username of user to delete

  197. 	//   type: string

  198. 	//   required: true

  199. 	// responses:

  200. 	//   "204":

  201. 	//     "$ref": "#/responses/empty"

  202. 	//   "403":

  203. 	//     "$ref": "#/responses/forbidden"

  204. 	//   "422":

  205. 	//     "$ref": "#/responses/validationError"

  206. 	u := user.GetUserByParams(ctx)

  207. 	if ctx.Written() {

  208. 		return

  209. 	}

  210. 

  211. 	if err := models.DeleteUser(u); err != nil {

  212. 		if models.IsErrUserOwnRepos(err) ||

  213. 			models.IsErrUserHasOrgs(err) {

  214. 			ctx.Error(422, "", err)

  215. 		} else {

  216. 			ctx.Error(500, "DeleteUser", err)

  217. 		}

  218. 		return

  219. 	}

  220. 	log.Trace("Account deleted by admin(%s): %s", ctx.User.Name, u.Name)

  221. 

  222. 	ctx.Status(204)

  223. }

  224. 

  225. // CreatePublicKey api for creating a public key to a user

  226. func CreatePublicKey(ctx *context.APIContext, form api.CreateKeyOption) {

  227. 	// swagger:operation POST /admin/users/{username}/keys admin adminCreatePublicKey

  228. 	// ---

  229. 	// summary: Add a public key on behalf of a user

  230. 	// consumes:

  231. 	// - application/json

  232. 	// produces:

  233. 	// - application/json

  234. 	// parameters:

  235. 	// - name: username

  236. 	//   in: path

  237. 	//   description: username of the user

  238. 	//   type: string

  239. 	//   required: true

  240. 	// - name: key

  241. 	//   in: body

  242. 	//   schema:

  243. 	//     "$ref": "#/definitions/CreateKeyOption"

  244. 	// responses:

  245. 	//   "201":

  246. 	//     "$ref": "#/responses/PublicKey"

  247. 	//   "403":

  248. 	//     "$ref": "#/responses/forbidden"

  249. 	//   "422":

  250. 	//     "$ref": "#/responses/validationError"

  251. 	u := user.GetUserByParams(ctx)

  252. 	if ctx.Written() {

  253. 		return

  254. 	}

  255. 	user.CreateUserPublicKey(ctx, form, u.ID)

  256. }

  257. 

  258. // DeleteUserPublicKey api for deleting a user's public key

  259. func DeleteUserPublicKey(ctx *context.APIContext) {

  260. 	// swagger:operation DELETE /admin/users/{username}/keys/{id} admin adminDeleteUserPublicKey

  261. 	// ---

  262. 	// summary: Delete a user's public key

  263. 	// produces:

  264. 	// - application/json

  265. 	// parameters:

  266. 	// - name: username

  267. 	//   in: path

  268. 	//   description: username of user

  269. 	//   type: string

  270. 	//   required: true

  271. 	// - name: id

  272. 	//   in: path

  273. 	//   description: id of the key to delete

  274. 	//   type: integer

  275. 	//   format: int64

  276. 	//   required: true

  277. 	// responses:

  278. 	//   "204":

  279. 	//     "$ref": "#/responses/empty"

  280. 	//   "403":

  281. 	//     "$ref": "#/responses/forbidden"

  282. 	//   "404":

  283. 	//     "$ref": "#/responses/notFound"

  284. 	u := user.GetUserByParams(ctx)

  285. 	if ctx.Written() {

  286. 		return

  287. 	}

  288. 

  289. 	if err := models.DeletePublicKey(u, ctx.ParamsInt64(":id")); err != nil {

  290. 		if models.IsErrKeyNotExist(err) {

  291. 			ctx.NotFound()

  292. 		} else if models.IsErrKeyAccessDenied(err) {

  293. 			ctx.Error(403, "", "You do not have access to this key")

  294. 		} else {

  295. 			ctx.Error(500, "DeleteUserPublicKey", err)

  296. 		}

  297. 		return

  298. 	}

  299. 	log.Trace("Key deleted by admin(%s): %s", ctx.User.Name, u.Name)

  300. 

  301. 	ctx.Status(204)

  302. }

  303. 

  304. //GetAllUsers API for getting information of all the users

  305. func GetAllUsers(ctx *context.APIContext) {

  306. 	// swagger:operation GET /admin/users admin adminGetAllUsers

  307. 	// ---

  308. 	// summary: List all users

  309. 	// produces:

  310. 	// - application/json

  311. 	// responses:

  312. 	//   "200":

  313. 	//     "$ref": "#/responses/UserList"

  314. 	//   "403":

  315. 	//     "$ref": "#/responses/forbidden"

  316. 	users, _, err := models.SearchUsers(&models.SearchUserOptions{

  317. 		Type:     models.UserTypeIndividual,

  318. 		OrderBy:  models.SearchOrderByAlphabetically,

  319. 		PageSize: -1,

  320. 	})

  321. 	if err != nil {

  322. 		ctx.Error(500, "GetAllUsers", err)

  323. 		return

  324. 	}

  325. 

  326. 	results := make([]*api.User, len(users))

  327. 	for i := range users {

  328. 		results[i] = convert.ToUser(users[i], ctx.IsSigned, ctx.User.IsAdmin)

  329. 	}

  330. 

  331. 	ctx.JSON(200, &results)

  332. }