skip email validation on empty string (#13627)

- move validation into its own function
- use a session for UpdateUserSetting
This commit is contained in:
6543 2020-11-20 22:45:55 +01:00 committed by GitHub
parent 1bb5c09b5d
commit f915161a2f
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
2 changed files with 35 additions and 17 deletions

View file

@ -14,7 +14,6 @@ import (
"errors" "errors"
"fmt" "fmt"
_ "image/jpeg" // Needed for jpeg support _ "image/jpeg" // Needed for jpeg support
"net/mail"
"os" "os"
"path/filepath" "path/filepath"
"regexp" "regexp"
@ -809,9 +808,8 @@ func CreateUser(u *User) (err error) {
return ErrEmailAlreadyUsed{u.Email} return ErrEmailAlreadyUsed{u.Email}
} }
_, err = mail.ParseAddress(u.Email) if err = ValidateEmail(u.Email); err != nil {
if err != nil { return err
return ErrEmailInvalid{u.Email}
} }
isExist, err = isEmailUsed(sess, u.Email) isExist, err = isEmailUsed(sess, u.Email)
@ -956,11 +954,10 @@ func checkDupEmail(e Engine, u *User) error {
return nil return nil
} }
func updateUser(e Engine, u *User) error { func updateUser(e Engine, u *User) (err error) {
u.Email = strings.ToLower(u.Email) u.Email = strings.ToLower(u.Email)
_, err := mail.ParseAddress(u.Email) if err = ValidateEmail(u.Email); err != nil {
if err != nil { return err
return ErrEmailInvalid{u.Email}
} }
_, err = e.ID(u.ID).AllCols().Update(u) _, err = e.ID(u.ID).AllCols().Update(u)
return err return err
@ -982,13 +979,21 @@ func updateUserCols(e Engine, u *User, cols ...string) error {
} }
// UpdateUserSetting updates user's settings. // UpdateUserSetting updates user's settings.
func UpdateUserSetting(u *User) error { func UpdateUserSetting(u *User) (err error) {
sess := x.NewSession()
defer sess.Close()
if err = sess.Begin(); err != nil {
return err
}
if !u.IsOrganization() { if !u.IsOrganization() {
if err := checkDupEmail(x, u); err != nil { if err = checkDupEmail(sess, u); err != nil {
return err return err
} }
} }
return updateUser(x, u) if err = updateUser(sess, u); err != nil {
return err
}
return sess.Commit()
} }
// deleteBeans deletes all given beans, beans should contain delete conditions. // deleteBeans deletes all given beans, beans should contain delete conditions.

View file

@ -33,6 +33,21 @@ type EmailAddress struct {
IsPrimary bool `xorm:"-"` IsPrimary bool `xorm:"-"`
} }
// ValidateEmail check if email is a allowed address
func ValidateEmail(email string) error {
if len(email) == 0 {
return nil
}
if _, err := mail.ParseAddress(email); err != nil {
return ErrEmailInvalid{email}
}
// TODO: add an email allow/block list
return nil
}
// GetEmailAddresses returns all email addresses belongs to given user. // GetEmailAddresses returns all email addresses belongs to given user.
func GetEmailAddresses(uid int64) ([]*EmailAddress, error) { func GetEmailAddresses(uid int64) ([]*EmailAddress, error) {
emails := make([]*EmailAddress, 0, 5) emails := make([]*EmailAddress, 0, 5)
@ -144,9 +159,8 @@ func addEmailAddress(e Engine, email *EmailAddress) error {
return ErrEmailAlreadyUsed{email.Email} return ErrEmailAlreadyUsed{email.Email}
} }
_, err = mail.ParseAddress(email.Email) if err = ValidateEmail(email.Email); err != nil {
if err != nil { return err
return ErrEmailInvalid{email.Email}
} }
_, err = e.Insert(email) _, err = e.Insert(email)
@ -173,9 +187,8 @@ func AddEmailAddresses(emails []*EmailAddress) error {
} else if used { } else if used {
return ErrEmailAlreadyUsed{emails[i].Email} return ErrEmailAlreadyUsed{emails[i].Email}
} }
_, err = mail.ParseAddress(emails[i].Email) if err = ValidateEmail(emails[i].Email); err != nil {
if err != nil { return err
return ErrEmailInvalid{emails[i].Email}
} }
} }