mirrors
/
gitea
mirror of https://github.com/go-gitea/gitea.git
Watch 1
Star 0
Fork 0
Code Issues 0 Releases 210 Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
9600 Commits
17 Branches
Tree: v1.12.1
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from 'v1.12.1'
${ noResults }
gitea/models/user_mail.go

user_mail.go 12KB
Raw Permalink Blame History

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479 
  1. // Copyright 2016 The Gogs Authors. All rights reserved.

  2. // Copyright 2020 The Gitea Authors. All rights reserved.

  3. // Use of this source code is governed by a MIT-style

  4. // license that can be found in the LICENSE file.

  5. 

  6. package models

  7. 

  8. import (

  9. 	"errors"

  10. 	"fmt"

  11. 	"strings"

  12. 

  13. 	"code.gitea.io/gitea/modules/log"

  14. 	"code.gitea.io/gitea/modules/setting"

  15. 	"code.gitea.io/gitea/modules/util"

  16. 

  17. 	"xorm.io/builder"

  18. )

  19. 

  20. var (

  21. 	// ErrEmailAddressNotExist email address not exist

  22. 	ErrEmailAddressNotExist = errors.New("Email address does not exist")

  23. )

  24. 

  25. // EmailAddress is the list of all email addresses of a user. Can contain the

  26. // primary email address, but is not obligatory.

  27. type EmailAddress struct {

  28. 	ID          int64  `xorm:"pk autoincr"`

  29. 	UID         int64  `xorm:"INDEX NOT NULL"`

  30. 	Email       string `xorm:"UNIQUE NOT NULL"`

  31. 	IsActivated bool

  32. 	IsPrimary   bool `xorm:"-"`

  33. }

  34. 

  35. // GetEmailAddresses returns all email addresses belongs to given user.

  36. func GetEmailAddresses(uid int64) ([]*EmailAddress, error) {

  37. 	emails := make([]*EmailAddress, 0, 5)

  38. 	if err := x.

  39. 		Where("uid=?", uid).

  40. 		Find(&emails); err != nil {

  41. 		return nil, err

  42. 	}

  43. 

  44. 	u, err := GetUserByID(uid)

  45. 	if err != nil {

  46. 		return nil, err

  47. 	}

  48. 

  49. 	isPrimaryFound := false

  50. 	for _, email := range emails {

  51. 		if email.Email == u.Email {

  52. 			isPrimaryFound = true

  53. 			email.IsPrimary = true

  54. 		} else {

  55. 			email.IsPrimary = false

  56. 		}

  57. 	}

  58. 

  59. 	// We always want the primary email address displayed, even if it's not in

  60. 	// the email address table (yet).

  61. 	if !isPrimaryFound {

  62. 		emails = append(emails, &EmailAddress{

  63. 			Email:       u.Email,

  64. 			IsActivated: u.IsActive,

  65. 			IsPrimary:   true,

  66. 		})

  67. 	}

  68. 	return emails, nil

  69. }

  70. 

  71. // GetEmailAddressByID gets a user's email address by ID

  72. func GetEmailAddressByID(uid, id int64) (*EmailAddress, error) {

  73. 	// User ID is required for security reasons

  74. 	email := &EmailAddress{UID: uid}

  75. 	if has, err := x.ID(id).Get(email); err != nil {

  76. 		return nil, err

  77. 	} else if !has {

  78. 		return nil, nil

  79. 	}

  80. 	return email, nil

  81. }

  82. 

  83. func isEmailActive(e Engine, email string, userID, emailID int64) (bool, error) {

  84. 	if len(email) == 0 {

  85. 		return true, nil

  86. 	}

  87. 

  88. 	// Can't filter by boolean field unless it's explicit

  89. 	cond := builder.NewCond()

  90. 	cond = cond.And(builder.Eq{"email": email}, builder.Neq{"id": emailID})

  91. 	if setting.Service.RegisterEmailConfirm {

  92. 		// Inactive (unvalidated) addresses don't count as active if email validation is required

  93. 		cond = cond.And(builder.Eq{"is_activated": true})

  94. 	}

  95. 

  96. 	em := EmailAddress{}

  97. 

  98. 	if has, err := e.Where(cond).Get(&em); has || err != nil {

  99. 		if has {

  100. 			log.Info("isEmailActive('%s',%d,%d) found duplicate in email ID %d", email, userID, emailID, em.ID)

  101. 		}

  102. 		return has, err

  103. 	}

  104. 

  105. 	// Can't filter by boolean field unless it's explicit

  106. 	cond = builder.NewCond()

  107. 	cond = cond.And(builder.Eq{"email": email}, builder.Neq{"id": userID})

  108. 	if setting.Service.RegisterEmailConfirm {

  109. 		cond = cond.And(builder.Eq{"is_active": true})

  110. 	}

  111. 

  112. 	us := User{}

  113. 

  114. 	if has, err := e.Where(cond).Get(&us); has || err != nil {

  115. 		if has {

  116. 			log.Info("isEmailActive('%s',%d,%d) found duplicate in user ID %d", email, userID, emailID, us.ID)

  117. 		}

  118. 		return has, err

  119. 	}

  120. 

  121. 	return false, nil

  122. }

  123. 

  124. func isEmailUsed(e Engine, email string) (bool, error) {

  125. 	if len(email) == 0 {

  126. 		return true, nil

  127. 	}

  128. 

  129. 	return e.Where("email=?", email).Get(&EmailAddress{})

  130. }

  131. 

  132. // IsEmailUsed returns true if the email has been used.

  133. func IsEmailUsed(email string) (bool, error) {

  134. 	return isEmailUsed(x, email)

  135. }

  136. 

  137. func addEmailAddress(e Engine, email *EmailAddress) error {

  138. 	email.Email = strings.ToLower(strings.TrimSpace(email.Email))

  139. 	used, err := isEmailUsed(e, email.Email)

  140. 	if err != nil {

  141. 		return err

  142. 	} else if used {

  143. 		return ErrEmailAlreadyUsed{email.Email}

  144. 	}

  145. 

  146. 	_, err = e.Insert(email)

  147. 	return err

  148. }

  149. 

  150. // AddEmailAddress adds an email address to given user.

  151. func AddEmailAddress(email *EmailAddress) error {

  152. 	return addEmailAddress(x, email)

  153. }

  154. 

  155. // AddEmailAddresses adds an email address to given user.

  156. func AddEmailAddresses(emails []*EmailAddress) error {

  157. 	if len(emails) == 0 {

  158. 		return nil

  159. 	}

  160. 

  161. 	// Check if any of them has been used

  162. 	for i := range emails {

  163. 		emails[i].Email = strings.ToLower(strings.TrimSpace(emails[i].Email))

  164. 		used, err := IsEmailUsed(emails[i].Email)

  165. 		if err != nil {

  166. 			return err

  167. 		} else if used {

  168. 			return ErrEmailAlreadyUsed{emails[i].Email}

  169. 		}

  170. 	}

  171. 

  172. 	if _, err := x.Insert(emails); err != nil {

  173. 		return fmt.Errorf("Insert: %v", err)

  174. 	}

  175. 

  176. 	return nil

  177. }

  178. 

  179. // Activate activates the email address to given user.

  180. func (email *EmailAddress) Activate() error {

  181. 	sess := x.NewSession()

  182. 	defer sess.Close()

  183. 	if err := sess.Begin(); err != nil {

  184. 		return err

  185. 	}

  186. 	if err := email.updateActivation(sess, true); err != nil {

  187. 		return err

  188. 	}

  189. 	return sess.Commit()

  190. }

  191. 

  192. func (email *EmailAddress) updateActivation(e Engine, activate bool) error {

  193. 	user, err := getUserByID(e, email.UID)

  194. 	if err != nil {

  195. 		return err

  196. 	}

  197. 	if user.Rands, err = GetUserSalt(); err != nil {

  198. 		return err

  199. 	}

  200. 	email.IsActivated = activate

  201. 	if _, err := e.ID(email.ID).Cols("is_activated").Update(email); err != nil {

  202. 		return err

  203. 	}

  204. 	return updateUserCols(e, user, "rands")

  205. }

  206. 

  207. // DeleteEmailAddress deletes an email address of given user.

  208. func DeleteEmailAddress(email *EmailAddress) (err error) {

  209. 	var deleted int64

  210. 	// ask to check UID

  211. 	var address = EmailAddress{

  212. 		UID: email.UID,

  213. 	}

  214. 	if email.ID > 0 {

  215. 		deleted, err = x.ID(email.ID).Delete(&address)

  216. 	} else {

  217. 		deleted, err = x.

  218. 			Where("email=?", email.Email).

  219. 			Delete(&address)

  220. 	}

  221. 

  222. 	if err != nil {

  223. 		return err

  224. 	} else if deleted != 1 {

  225. 		return ErrEmailAddressNotExist

  226. 	}

  227. 	return nil

  228. }

  229. 

  230. // DeleteEmailAddresses deletes multiple email addresses

  231. func DeleteEmailAddresses(emails []*EmailAddress) (err error) {

  232. 	for i := range emails {

  233. 		if err = DeleteEmailAddress(emails[i]); err != nil {

  234. 			return err

  235. 		}

  236. 	}

  237. 

  238. 	return nil

  239. }

  240. 

  241. // MakeEmailPrimary sets primary email address of given user.

  242. func MakeEmailPrimary(email *EmailAddress) error {

  243. 	has, err := x.Get(email)

  244. 	if err != nil {

  245. 		return err

  246. 	} else if !has {

  247. 		return ErrEmailNotExist

  248. 	}

  249. 

  250. 	if !email.IsActivated {

  251. 		return ErrEmailNotActivated

  252. 	}

  253. 

  254. 	user := &User{}

  255. 	has, err = x.ID(email.UID).Get(user)

  256. 	if err != nil {

  257. 		return err

  258. 	} else if !has {

  259. 		return ErrUserNotExist{email.UID, "", 0}

  260. 	}

  261. 

  262. 	// Make sure the former primary email doesn't disappear.

  263. 	formerPrimaryEmail := &EmailAddress{UID: user.ID, Email: user.Email}

  264. 	has, err = x.Get(formerPrimaryEmail)

  265. 	if err != nil {

  266. 		return err

  267. 	}

  268. 

  269. 	sess := x.NewSession()

  270. 	defer sess.Close()

  271. 	if err = sess.Begin(); err != nil {

  272. 		return err

  273. 	}

  274. 

  275. 	if !has {

  276. 		formerPrimaryEmail.UID = user.ID

  277. 		formerPrimaryEmail.IsActivated = user.IsActive

  278. 		if _, err = sess.Insert(formerPrimaryEmail); err != nil {

  279. 			return err

  280. 		}

  281. 	}

  282. 

  283. 	user.Email = email.Email

  284. 	if _, err = sess.ID(user.ID).Cols("email").Update(user); err != nil {

  285. 		return err

  286. 	}

  287. 

  288. 	return sess.Commit()

  289. }

  290. 

  291. // SearchEmailOrderBy is used to sort the results from SearchEmails()

  292. type SearchEmailOrderBy string

  293. 

  294. func (s SearchEmailOrderBy) String() string {

  295. 	return string(s)

  296. }

  297. 

  298. // Strings for sorting result

  299. const (

  300. 	SearchEmailOrderByEmail        SearchEmailOrderBy = "emails.email ASC, is_primary DESC, sortid ASC"

  301. 	SearchEmailOrderByEmailReverse SearchEmailOrderBy = "emails.email DESC, is_primary ASC, sortid DESC"

  302. 	SearchEmailOrderByName         SearchEmailOrderBy = "`user`.lower_name ASC, is_primary DESC, sortid ASC"

  303. 	SearchEmailOrderByNameReverse  SearchEmailOrderBy = "`user`.lower_name DESC, is_primary ASC, sortid DESC"

  304. )

  305. 

  306. // SearchEmailOptions are options to search e-mail addresses for the admin panel

  307. type SearchEmailOptions struct {

  308. 	ListOptions

  309. 	Keyword     string

  310. 	SortType    SearchEmailOrderBy

  311. 	IsPrimary   util.OptionalBool

  312. 	IsActivated util.OptionalBool

  313. }

  314. 

  315. // SearchEmailResult is an e-mail address found in the user or email_address table

  316. type SearchEmailResult struct {

  317. 	UID         int64

  318. 	Email       string

  319. 	IsActivated bool

  320. 	IsPrimary   bool

  321. 	// From User

  322. 	Name     string

  323. 	FullName string

  324. }

  325. 

  326. // SearchEmails takes options i.e. keyword and part of email name to search,

  327. // it returns results in given range and number of total results.

  328. func SearchEmails(opts *SearchEmailOptions) ([]*SearchEmailResult, int64, error) {

  329. 	// Unfortunately, UNION support for SQLite in xorm is currently broken, so we must

  330. 	// build the SQL ourselves.

  331. 	where := make([]string, 0, 5)

  332. 	args := make([]interface{}, 0, 5)

  333. 

  334. 	emailsSQL := "(SELECT id as sortid, uid, email, is_activated, 0 as is_primary " +

  335. 		"FROM email_address " +

  336. 		"UNION ALL " +

  337. 		"SELECT id as sortid, id AS uid, email, is_active AS is_activated, 1 as is_primary " +

  338. 		"FROM `user` " +

  339. 		"WHERE type = ?) AS emails"

  340. 	args = append(args, UserTypeIndividual)

  341. 

  342. 	if len(opts.Keyword) > 0 {

  343. 		// Note: % can be injected in the Keyword parameter, but it won't do any harm.

  344. 		where = append(where, "(lower(`user`.full_name) LIKE ? OR `user`.lower_name LIKE ? OR emails.email LIKE ?)")

  345. 		likeStr := "%" + strings.ToLower(opts.Keyword) + "%"

  346. 		args = append(args, likeStr)

  347. 		args = append(args, likeStr)

  348. 		args = append(args, likeStr)

  349. 	}

  350. 

  351. 	switch {

  352. 	case opts.IsPrimary.IsTrue():

  353. 		where = append(where, "emails.is_primary = ?")

  354. 		args = append(args, true)

  355. 	case opts.IsPrimary.IsFalse():

  356. 		where = append(where, "emails.is_primary = ?")

  357. 		args = append(args, false)

  358. 	}

  359. 

  360. 	switch {

  361. 	case opts.IsActivated.IsTrue():

  362. 		where = append(where, "emails.is_activated = ?")

  363. 		args = append(args, true)

  364. 	case opts.IsActivated.IsFalse():

  365. 		where = append(where, "emails.is_activated = ?")

  366. 		args = append(args, false)

  367. 	}

  368. 

  369. 	var whereStr string

  370. 	if len(where) > 0 {

  371. 		whereStr = "WHERE " + strings.Join(where, " AND ")

  372. 	}

  373. 

  374. 	joinSQL := "FROM " + emailsSQL + " INNER JOIN `user` ON `user`.id = emails.uid " + whereStr

  375. 

  376. 	count, err := x.SQL("SELECT count(*) "+joinSQL, args...).Count()

  377. 	if err != nil {

  378. 		return nil, 0, fmt.Errorf("Count: %v", err)

  379. 	}

  380. 

  381. 	orderby := opts.SortType.String()

  382. 	if orderby == "" {

  383. 		orderby = SearchEmailOrderByEmail.String()

  384. 	}

  385. 

  386. 	querySQL := "SELECT emails.uid, emails.email, emails.is_activated, emails.is_primary, " +

  387. 		"`user`.name, `user`.full_name " + joinSQL + " ORDER BY " + orderby

  388. 

  389. 	opts.setDefaultValues()

  390. 

  391. 	rows, err := x.SQL(querySQL, args...).Rows(new(SearchEmailResult))

  392. 	if err != nil {

  393. 		return nil, 0, fmt.Errorf("Emails: %v", err)

  394. 	}

  395. 

  396. 	// Page manually because xorm can't handle Limit() with raw SQL

  397. 	defer rows.Close()

  398. 

  399. 	emails := make([]*SearchEmailResult, 0, opts.PageSize)

  400. 	skip := (opts.Page - 1) * opts.PageSize

  401. 

  402. 	for rows.Next() {

  403. 		var email SearchEmailResult

  404. 		if err := rows.Scan(&email); err != nil {

  405. 			return nil, 0, err

  406. 		}

  407. 		if skip > 0 {

  408. 			skip--

  409. 			continue

  410. 		}

  411. 		emails = append(emails, &email)

  412. 		if len(emails) == opts.PageSize {

  413. 			break

  414. 		}

  415. 	}

  416. 

  417. 	return emails, count, err

  418. }

  419. 

  420. // ActivateUserEmail will change the activated state of an email address,

  421. // either primary (in the user table) or secondary (in the email_address table)

  422. func ActivateUserEmail(userID int64, email string, primary, activate bool) (err error) {

  423. 	sess := x.NewSession()

  424. 	defer sess.Close()

  425. 	if err = sess.Begin(); err != nil {

  426. 		return err

  427. 	}

  428. 	if primary {

  429. 		// Activate/deactivate a user's primary email address

  430. 		user := User{ID: userID, Email: email}

  431. 		if has, err := sess.Get(&user); err != nil {

  432. 			return err

  433. 		} else if !has {

  434. 			return fmt.Errorf("no such user: %d (%s)", userID, email)

  435. 		}

  436. 		if user.IsActive == activate {

  437. 			// Already in the desired state; no action

  438. 			return nil

  439. 		}

  440. 		if activate {

  441. 			if used, err := isEmailActive(sess, email, userID, 0); err != nil {

  442. 				return fmt.Errorf("isEmailActive(): %v", err)

  443. 			} else if used {

  444. 				return ErrEmailAlreadyUsed{Email: email}

  445. 			}

  446. 		}

  447. 		user.IsActive = activate

  448. 		if user.Rands, err = GetUserSalt(); err != nil {

  449. 			return fmt.Errorf("generate salt: %v", err)

  450. 		}

  451. 		if err = updateUserCols(sess, &user, "is_active", "rands"); err != nil {

  452. 			return fmt.Errorf("updateUserCols(): %v", err)

  453. 		}

  454. 	} else {

  455. 		// Activate/deactivate a user's secondary email address

  456. 		// First check if there's another user active with the same address

  457. 		addr := EmailAddress{UID: userID, Email: email}

  458. 		if has, err := sess.Get(&addr); err != nil {

  459. 			return err

  460. 		} else if !has {

  461. 			return fmt.Errorf("no such email: %d (%s)", userID, email)

  462. 		}

  463. 		if addr.IsActivated == activate {

  464. 			// Already in the desired state; no action

  465. 			return nil

  466. 		}

  467. 		if activate {

  468. 			if used, err := isEmailActive(sess, email, 0, addr.ID); err != nil {

  469. 				return fmt.Errorf("isEmailActive(): %v", err)

  470. 			} else if used {

  471. 				return ErrEmailAlreadyUsed{Email: email}

  472. 			}

  473. 		}

  474. 		if err = addr.updateActivation(sess, activate); err != nil {

  475. 			return fmt.Errorf("updateActivation(): %v", err)

  476. 		}

  477. 	}

  478. 	return sess.Commit()

  479. }