Commit Graph

17 Commits (release/v1.13)

Author SHA1 Message Date
6543 33431fcbd3
Validate email before inserting/updating () ()
* Add email validity check ()

* Improve error feedback for duplicate deploy keys

Instead of a generic HTTP 500 error page, a flash message is rendered
with the deploy key page template so inform the user that a key with the
intended title already exists.

* API returns 422 error when key with name exists

* Add email validity checking

Add email validity checking for the following routes:
[Web interface]
1. User registration
2. User creation by admin
3. Adding an email through user settings
[API]
1. POST /admin/users
2. PATCH /admin/users/:username
3. POST /user/emails

* Add further tests

* Add signup email tests

* Add email validity check for linking existing account

* Address PR comments

* Remove unneeded DB session

* Move email check to updateUser

Co-authored-by: zeripath <art27@cantab.net>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: techknowlogick <techknowlogick@gitea.io>

* skip email validation on empty string ()

- move validation into its own function
- use a session for UpdateUserSetting

* rm TODO for backport

Co-authored-by: Chris Shyi <chrisshyi13@gmail.com>
Co-authored-by: zeripath <art27@cantab.net>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
Lunny Xiao 1645d4a5d8
Use ID or Where to instead directly use Get when load object from database ()
* Use ID or Where to instead directly use Get when load object from database

* Apply suggestions from code review

Co-authored-by: 6543 <6543@obermui.de>

Co-authored-by: 6543 <6543@obermui.de>
Co-authored-by: zeripath <art27@cantab.net>
guillep2k 5e1438ba92
Admin page for managing user e-mail activation ()
* Implement mail activation admin panel

* Add export comments

* Fix another export comment

* again...

* And again!

* Apply suggestions by @lunny

* Add UI for user activated emails

* Make new activation UI work

* Fix lint

* Prevent admin from self-deactivate; add modal

Co-authored-by: zeripath <art27@cantab.net>
guillep2k cfcd8e4146
Ensure only own addresses are updated ()
kolaente f9ec2f89f2 Add golangci ()
Ethan Koenig aa962deec0 Replace deprecated Id method with ID ()
Lunny Xiao dd55534b82 Reduce usage of allcols on update ()
* reduce usage of allcols on update

* fix bug and tests
Lauris BH 6db387a21e Refactor session close as xorm already does everything needed internally ()
Ethan Koenig 1207bda94b Fix typos in models/ ()
Denis Denisov 380e32e129 Fix random string generator ()
* Remove unused custom-alphabet feature of random string generator

Fix random string generator

Random string generator should return error if it fails to read random data via crypto/rand

* Fixes variable (un)initialization mixed assign
Update test GetRandomString
Lunny Xiao b4c794058a fixed vulnerabilities ()
Bwko a4ece1f223 Fixes typos
Bwko 066f515a47 Lint models/user_email.go
Lunny Xiao 555d8b16cb fixed bug caused Find should be Get ()
Thibault Meyer a4454f5d0f
Rewrite XORM queries
Unknwon 1f2e173a74 Refactor User.Id to User.ID
Unknwon 52322ef624 models/user_mail: refactor EmailAddress