mirror of
https://codeberg.org/forgejo/forgejo.git
synced 2024-12-29 07:03:55 +03:00
fix wrong email when use gitea as OAuth2 provider (#7640)
when you use gitea as OAuth2 provider, the /api/v1/user should return user primary email as identifier, which is unique in OAuth2 clients. this patch use convert.ToUser replace all u.APIFormat in api requests, return primary email when caller is yourself or admin.
This commit is contained in:
parent
700cd346fa
commit
cbf231a675
12 changed files with 32 additions and 27 deletions
|
@ -204,9 +204,9 @@ func (u *User) UpdateTheme(themeName string) error {
|
||||||
return UpdateUserCols(u, "theme")
|
return UpdateUserCols(u, "theme")
|
||||||
}
|
}
|
||||||
|
|
||||||
// getEmail returns an noreply email, if the user has set to keep his
|
// GetEmail returns an noreply email, if the user has set to keep his
|
||||||
// email address private, otherwise the primary email address.
|
// email address private, otherwise the primary email address.
|
||||||
func (u *User) getEmail() string {
|
func (u *User) GetEmail() string {
|
||||||
if u.KeepEmailPrivate {
|
if u.KeepEmailPrivate {
|
||||||
return fmt.Sprintf("%s@%s", u.LowerName, setting.Service.NoReplyAddress)
|
return fmt.Sprintf("%s@%s", u.LowerName, setting.Service.NoReplyAddress)
|
||||||
}
|
}
|
||||||
|
@ -219,7 +219,7 @@ func (u *User) APIFormat() *api.User {
|
||||||
ID: u.ID,
|
ID: u.ID,
|
||||||
UserName: u.Name,
|
UserName: u.Name,
|
||||||
FullName: u.FullName,
|
FullName: u.FullName,
|
||||||
Email: u.getEmail(),
|
Email: u.GetEmail(),
|
||||||
AvatarURL: u.AvatarLink(),
|
AvatarURL: u.AvatarLink(),
|
||||||
Language: u.Language,
|
Language: u.Language,
|
||||||
IsAdmin: u.IsAdmin,
|
IsAdmin: u.IsAdmin,
|
||||||
|
@ -434,7 +434,7 @@ func (u *User) GetFollowing(page int) ([]*User, error) {
|
||||||
func (u *User) NewGitSig() *git.Signature {
|
func (u *User) NewGitSig() *git.Signature {
|
||||||
return &git.Signature{
|
return &git.Signature{
|
||||||
Name: u.GitName(),
|
Name: u.GitName(),
|
||||||
Email: u.getEmail(),
|
Email: u.GetEmail(),
|
||||||
When: time.Now(),
|
When: time.Now(),
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
|
@ -91,8 +91,7 @@ func CreateUser(ctx *context.APIContext, form api.CreateUserOption) {
|
||||||
if form.SendNotify && setting.MailService != nil {
|
if form.SendNotify && setting.MailService != nil {
|
||||||
models.SendRegisterNotifyMail(ctx.Context.Context, u)
|
models.SendRegisterNotifyMail(ctx.Context.Context, u)
|
||||||
}
|
}
|
||||||
|
ctx.JSON(201, convert.ToUser(u, ctx.IsSigned, ctx.User.IsAdmin))
|
||||||
ctx.JSON(201, u.APIFormat())
|
|
||||||
}
|
}
|
||||||
|
|
||||||
// EditUser api for modifying a user's information
|
// EditUser api for modifying a user's information
|
||||||
|
@ -181,7 +180,7 @@ func EditUser(ctx *context.APIContext, form api.EditUserOption) {
|
||||||
}
|
}
|
||||||
log.Trace("Account profile updated by admin (%s): %s", ctx.User.Name, u.Name)
|
log.Trace("Account profile updated by admin (%s): %s", ctx.User.Name, u.Name)
|
||||||
|
|
||||||
ctx.JSON(200, u.APIFormat())
|
ctx.JSON(200, convert.ToUser(u, ctx.IsSigned, ctx.User.IsAdmin))
|
||||||
}
|
}
|
||||||
|
|
||||||
// DeleteUser api for deleting a user
|
// DeleteUser api for deleting a user
|
||||||
|
@ -326,7 +325,7 @@ func GetAllUsers(ctx *context.APIContext) {
|
||||||
|
|
||||||
results := make([]*api.User, len(users))
|
results := make([]*api.User, len(users))
|
||||||
for i := range users {
|
for i := range users {
|
||||||
results[i] = convert.ToUser(users[i], ctx.IsSigned, ctx.User != nil && ctx.User.IsAdmin)
|
results[i] = convert.ToUser(users[i], ctx.IsSigned, ctx.User.IsAdmin)
|
||||||
}
|
}
|
||||||
|
|
||||||
ctx.JSON(200, &results)
|
ctx.JSON(200, &results)
|
||||||
|
|
|
@ -229,7 +229,7 @@ func ToTeam(team *models.Team) *api.Team {
|
||||||
}
|
}
|
||||||
|
|
||||||
// ToUser convert models.User to api.User
|
// ToUser convert models.User to api.User
|
||||||
func ToUser(user *models.User, signed, admin bool) *api.User {
|
func ToUser(user *models.User, signed, authed bool) *api.User {
|
||||||
result := &api.User{
|
result := &api.User{
|
||||||
ID: user.ID,
|
ID: user.ID,
|
||||||
UserName: user.Name,
|
UserName: user.Name,
|
||||||
|
@ -239,7 +239,12 @@ func ToUser(user *models.User, signed, admin bool) *api.User {
|
||||||
LastLogin: user.LastLoginUnix.AsTime(),
|
LastLogin: user.LastLoginUnix.AsTime(),
|
||||||
Created: user.CreatedUnix.AsTime(),
|
Created: user.CreatedUnix.AsTime(),
|
||||||
}
|
}
|
||||||
if signed && (!user.KeepEmailPrivate || admin) {
|
// hide primary email if API caller isn't user itself or an admin
|
||||||
|
if !signed {
|
||||||
|
result.Email = ""
|
||||||
|
} else if user.KeepEmailPrivate && !authed {
|
||||||
|
result.Email = user.GetEmail()
|
||||||
|
} else {
|
||||||
result.Email = user.Email
|
result.Email = user.Email
|
||||||
}
|
}
|
||||||
return result
|
return result
|
||||||
|
|
|
@ -12,6 +12,7 @@ import (
|
||||||
"code.gitea.io/gitea/models"
|
"code.gitea.io/gitea/models"
|
||||||
"code.gitea.io/gitea/modules/context"
|
"code.gitea.io/gitea/modules/context"
|
||||||
"code.gitea.io/gitea/modules/setting"
|
"code.gitea.io/gitea/modules/setting"
|
||||||
|
"code.gitea.io/gitea/routers/api/v1/convert"
|
||||||
"code.gitea.io/gitea/routers/api/v1/user"
|
"code.gitea.io/gitea/routers/api/v1/user"
|
||||||
)
|
)
|
||||||
|
|
||||||
|
@ -46,7 +47,7 @@ func listMembers(ctx *context.APIContext, publicOnly bool) {
|
||||||
|
|
||||||
apiMembers := make([]*api.User, len(members))
|
apiMembers := make([]*api.User, len(members))
|
||||||
for i, member := range members {
|
for i, member := range members {
|
||||||
apiMembers[i] = member.APIFormat()
|
apiMembers[i] = convert.ToUser(member, ctx.IsSigned, ctx.User != nil && ctx.User.IsAdmin)
|
||||||
}
|
}
|
||||||
ctx.JSON(200, apiMembers)
|
ctx.JSON(200, apiMembers)
|
||||||
}
|
}
|
||||||
|
|
|
@ -257,7 +257,7 @@ func GetTeamMembers(ctx *context.APIContext) {
|
||||||
}
|
}
|
||||||
members := make([]*api.User, len(team.Members))
|
members := make([]*api.User, len(team.Members))
|
||||||
for i, member := range team.Members {
|
for i, member := range team.Members {
|
||||||
members[i] = member.APIFormat()
|
members[i] = convert.ToUser(member, ctx.IsSigned, ctx.User.IsAdmin)
|
||||||
}
|
}
|
||||||
ctx.JSON(200, members)
|
ctx.JSON(200, members)
|
||||||
}
|
}
|
||||||
|
@ -288,7 +288,7 @@ func GetTeamMember(ctx *context.APIContext) {
|
||||||
if ctx.Written() {
|
if ctx.Written() {
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
ctx.JSON(200, u.APIFormat())
|
ctx.JSON(200, convert.ToUser(u, ctx.IsSigned, ctx.User.IsAdmin))
|
||||||
}
|
}
|
||||||
|
|
||||||
// AddTeamMember api for add a member to a team
|
// AddTeamMember api for add a member to a team
|
||||||
|
|
|
@ -12,6 +12,7 @@ import (
|
||||||
"code.gitea.io/gitea/modules/context"
|
"code.gitea.io/gitea/modules/context"
|
||||||
|
|
||||||
api "code.gitea.io/gitea/modules/structs"
|
api "code.gitea.io/gitea/modules/structs"
|
||||||
|
"code.gitea.io/gitea/routers/api/v1/convert"
|
||||||
)
|
)
|
||||||
|
|
||||||
// ListCollaborators list a repository's collaborators
|
// ListCollaborators list a repository's collaborators
|
||||||
|
@ -42,7 +43,7 @@ func ListCollaborators(ctx *context.APIContext) {
|
||||||
}
|
}
|
||||||
users := make([]*api.User, len(collaborators))
|
users := make([]*api.User, len(collaborators))
|
||||||
for i, collaborator := range collaborators {
|
for i, collaborator := range collaborators {
|
||||||
users[i] = collaborator.APIFormat()
|
users[i] = convert.ToUser(collaborator.User, ctx.IsSigned, ctx.User != nil && ctx.User.IsAdmin)
|
||||||
}
|
}
|
||||||
ctx.JSON(200, users)
|
ctx.JSON(200, users)
|
||||||
}
|
}
|
||||||
|
|
|
@ -130,8 +130,8 @@ func TestHook(ctx *context.APIContext) {
|
||||||
convert.ToCommit(ctx.Repo.Repository, ctx.Repo.Commit),
|
convert.ToCommit(ctx.Repo.Repository, ctx.Repo.Commit),
|
||||||
},
|
},
|
||||||
Repo: ctx.Repo.Repository.APIFormat(models.AccessModeNone),
|
Repo: ctx.Repo.Repository.APIFormat(models.AccessModeNone),
|
||||||
Pusher: ctx.User.APIFormat(),
|
Pusher: convert.ToUser(ctx.User, ctx.IsSigned, false),
|
||||||
Sender: ctx.User.APIFormat(),
|
Sender: convert.ToUser(ctx.User, ctx.IsSigned, false),
|
||||||
}); err != nil {
|
}); err != nil {
|
||||||
ctx.Error(500, "PrepareWebhook: ", err)
|
ctx.Error(500, "PrepareWebhook: ", err)
|
||||||
return
|
return
|
||||||
|
|
|
@ -8,6 +8,7 @@ import (
|
||||||
"code.gitea.io/gitea/modules/context"
|
"code.gitea.io/gitea/modules/context"
|
||||||
|
|
||||||
api "code.gitea.io/gitea/modules/structs"
|
api "code.gitea.io/gitea/modules/structs"
|
||||||
|
"code.gitea.io/gitea/routers/api/v1/convert"
|
||||||
)
|
)
|
||||||
|
|
||||||
// ListStargazers list a repository's stargazers
|
// ListStargazers list a repository's stargazers
|
||||||
|
@ -38,7 +39,7 @@ func ListStargazers(ctx *context.APIContext) {
|
||||||
}
|
}
|
||||||
users := make([]*api.User, len(stargazers))
|
users := make([]*api.User, len(stargazers))
|
||||||
for i, stargazer := range stargazers {
|
for i, stargazer := range stargazers {
|
||||||
users[i] = stargazer.APIFormat()
|
users[i] = convert.ToUser(stargazer, ctx.IsSigned, ctx.User != nil && ctx.User.IsAdmin)
|
||||||
}
|
}
|
||||||
ctx.JSON(200, users)
|
ctx.JSON(200, users)
|
||||||
}
|
}
|
||||||
|
|
|
@ -8,6 +8,7 @@ import (
|
||||||
"code.gitea.io/gitea/modules/context"
|
"code.gitea.io/gitea/modules/context"
|
||||||
|
|
||||||
api "code.gitea.io/gitea/modules/structs"
|
api "code.gitea.io/gitea/modules/structs"
|
||||||
|
"code.gitea.io/gitea/routers/api/v1/convert"
|
||||||
)
|
)
|
||||||
|
|
||||||
// ListSubscribers list a repo's subscribers (i.e. watchers)
|
// ListSubscribers list a repo's subscribers (i.e. watchers)
|
||||||
|
@ -38,7 +39,7 @@ func ListSubscribers(ctx *context.APIContext) {
|
||||||
}
|
}
|
||||||
users := make([]*api.User, len(subscribers))
|
users := make([]*api.User, len(subscribers))
|
||||||
for i, subscriber := range subscribers {
|
for i, subscriber := range subscribers {
|
||||||
users[i] = subscriber.APIFormat()
|
users[i] = convert.ToUser(subscriber, ctx.IsSigned, ctx.User != nil && ctx.User.IsAdmin)
|
||||||
}
|
}
|
||||||
ctx.JSON(200, users)
|
ctx.JSON(200, users)
|
||||||
}
|
}
|
||||||
|
|
|
@ -9,12 +9,13 @@ import (
|
||||||
|
|
||||||
"code.gitea.io/gitea/models"
|
"code.gitea.io/gitea/models"
|
||||||
"code.gitea.io/gitea/modules/context"
|
"code.gitea.io/gitea/modules/context"
|
||||||
|
"code.gitea.io/gitea/routers/api/v1/convert"
|
||||||
)
|
)
|
||||||
|
|
||||||
func responseAPIUsers(ctx *context.APIContext, users []*models.User) {
|
func responseAPIUsers(ctx *context.APIContext, users []*models.User) {
|
||||||
apiUsers := make([]*api.User, len(users))
|
apiUsers := make([]*api.User, len(users))
|
||||||
for i := range users {
|
for i := range users {
|
||||||
apiUsers[i] = users[i].APIFormat()
|
apiUsers[i] = convert.ToUser(users[i], ctx.IsSigned, ctx.User != nil && ctx.User.IsAdmin)
|
||||||
}
|
}
|
||||||
ctx.JSON(200, &apiUsers)
|
ctx.JSON(200, &apiUsers)
|
||||||
}
|
}
|
||||||
|
|
|
@ -22,13 +22,13 @@ func appendPrivateInformation(apiKey *api.PublicKey, key *models.PublicKey, defa
|
||||||
apiKey.KeyType = "user"
|
apiKey.KeyType = "user"
|
||||||
|
|
||||||
if defaultUser.ID == key.OwnerID {
|
if defaultUser.ID == key.OwnerID {
|
||||||
apiKey.Owner = defaultUser.APIFormat()
|
apiKey.Owner = convert.ToUser(defaultUser, true, true)
|
||||||
} else {
|
} else {
|
||||||
user, err := models.GetUserByID(key.OwnerID)
|
user, err := models.GetUserByID(key.OwnerID)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return apiKey, err
|
return apiKey, err
|
||||||
}
|
}
|
||||||
apiKey.Owner = user.APIFormat()
|
apiKey.Owner = convert.ToUser(user, true, true)
|
||||||
}
|
}
|
||||||
} else {
|
} else {
|
||||||
apiKey.KeyType = "unknown"
|
apiKey.KeyType = "unknown"
|
||||||
|
|
|
@ -104,11 +104,7 @@ func GetInfo(ctx *context.APIContext) {
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
|
|
||||||
// Hide user e-mail when API caller isn't signed in.
|
ctx.JSON(200, convert.ToUser(u, ctx.IsSigned, ctx.User.ID == u.ID || ctx.User.IsAdmin))
|
||||||
if !ctx.IsSigned {
|
|
||||||
u.Email = ""
|
|
||||||
}
|
|
||||||
ctx.JSON(200, u.APIFormat())
|
|
||||||
}
|
}
|
||||||
|
|
||||||
// GetAuthenticatedUser get current user's information
|
// GetAuthenticatedUser get current user's information
|
||||||
|
@ -121,7 +117,7 @@ func GetAuthenticatedUser(ctx *context.APIContext) {
|
||||||
// responses:
|
// responses:
|
||||||
// "200":
|
// "200":
|
||||||
// "$ref": "#/responses/User"
|
// "$ref": "#/responses/User"
|
||||||
ctx.JSON(200, ctx.User.APIFormat())
|
ctx.JSON(200, convert.ToUser(ctx.User, ctx.IsSigned, ctx.User != nil))
|
||||||
}
|
}
|
||||||
|
|
||||||
// GetUserHeatmapData is the handler to get a users heatmap
|
// GetUserHeatmapData is the handler to get a users heatmap
|
||||||
|
|
Loading…
Reference in a new issue