2014-03-10 12:54:52 +04:00
|
|
|
// Copyright 2014 The Gogs Authors. All rights reserved.
|
|
|
|
|
// Use of this source code is governed by a MIT-style
|
|
|
|
|
// license that can be found in the LICENSE file.
|
|
|
|
|
|
|
|
|
|
package user
|
|
|
|
|
|
|
|
|
|
import (
|
2017-04-06 07:14:30 +03:00
|
|
|
"bytes"
|
|
|
|
|
"encoding/base64"
|
2015-09-07 00:12:02 +03:00
|
|
|
"fmt"
|
2017-04-06 07:14:30 +03:00
|
|
|
"html/template"
|
|
|
|
|
"image/png"
|
2014-11-21 18:58:08 +03:00
|
|
|
"io/ioutil"
|
2014-08-25 22:07:08 +04:00
|
|
|
"strings"
|
|
|
|
|
|
2014-07-26 08:24:27 +04:00
|
|
|
"github.com/Unknwon/com"
|
2017-04-06 07:14:30 +03:00
|
|
|
"github.com/pquerna/otp"
|
|
|
|
|
"github.com/pquerna/otp/totp"
|
2017-02-10 03:29:59 +03:00
|
|
|
log "gopkg.in/clog.v1"
|
2014-03-11 04:48:58 +04:00
|
|
|
|
2014-03-10 12:54:52 +04:00
|
|
|
"github.com/gogits/gogs/models"
|
2017-03-17 00:18:43 +03:00
|
|
|
"github.com/gogits/gogs/models/errors"
|
2017-04-05 02:29:59 +03:00
|
|
|
"github.com/gogits/gogs/pkg/context"
|
|
|
|
|
"github.com/gogits/gogs/pkg/form"
|
|
|
|
|
"github.com/gogits/gogs/pkg/mailer"
|
|
|
|
|
"github.com/gogits/gogs/pkg/setting"
|
2017-04-05 16:17:21 +03:00
|
|
|
"github.com/gogits/gogs/pkg/tool"
|
2014-03-10 12:54:52 +04:00
|
|
|
)
|
|
|
|
|
|
2014-06-23 07:11:12 +04:00
|
|
|
const (
|
2017-04-06 07:14:30 +03:00
|
|
|
SETTINGS_PROFILE = "user/settings/profile"
|
|
|
|
|
SETTINGS_AVATAR = "user/settings/avatar"
|
|
|
|
|
SETTINGS_PASSWORD = "user/settings/password"
|
|
|
|
|
SETTINGS_EMAILS = "user/settings/email"
|
|
|
|
|
SETTINGS_SSH_KEYS = "user/settings/sshkeys"
|
|
|
|
|
SETTINGS_SECURITY = "user/settings/security"
|
|
|
|
|
SETTINGS_TWO_FACTOR_ENABLE = "user/settings/two_factor_enable"
|
|
|
|
|
SETTINGS_TWO_FACTOR_RECOVERY_CODES = "user/settings/two_factor_recovery_codes"
|
|
|
|
|
SETTINGS_REPOSITORIES = "user/settings/repositories"
|
|
|
|
|
SETTINGS_ORGANIZATIONS = "user/settings/organizations"
|
|
|
|
|
SETTINGS_APPLICATIONS = "user/settings/applications"
|
|
|
|
|
SETTINGS_DELETE = "user/settings/delete"
|
|
|
|
|
NOTIFICATION = "user/notification"
|
2014-06-23 07:11:12 +04:00
|
|
|
)
|
|
|
|
|
|
2017-03-30 08:03:44 +03:00
|
|
|
func Settings(c *context.Context) {
|
2017-04-07 07:49:30 +03:00
|
|
|
c.Title("settings.profile")
|
|
|
|
|
c.PageIs("SettingsProfile")
|
2017-03-30 08:03:44 +03:00
|
|
|
c.Data["origin_name"] = c.User.Name
|
|
|
|
|
c.Data["name"] = c.User.Name
|
|
|
|
|
c.Data["full_name"] = c.User.FullName
|
|
|
|
|
c.Data["email"] = c.User.Email
|
|
|
|
|
c.Data["website"] = c.User.Website
|
|
|
|
|
c.Data["location"] = c.User.Location
|
|
|
|
|
c.Success(SETTINGS_PROFILE)
|
2014-04-11 00:36:50 +04:00
|
|
|
}
|
|
|
|
|
|
2017-04-07 07:49:30 +03:00
|
|
|
func SettingsPost(c *context.Context, f form.UpdateProfile) {
|
|
|
|
|
c.Title("settings.profile")
|
|
|
|
|
c.PageIs("SettingsProfile")
|
|
|
|
|
c.Data["origin_name"] = c.User.Name
|
2014-03-13 11:39:18 +04:00
|
|
|
|
2017-04-07 07:49:30 +03:00
|
|
|
if c.HasError() {
|
|
|
|
|
c.Success(SETTINGS_PROFILE)
|
|
|
|
|
return
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// Non-local users are not allowed to change their username
|
|
|
|
|
if c.User.IsLocal() {
|
|
|
|
|
// Check if username characters have been changed
|
|
|
|
|
if c.User.LowerName != strings.ToLower(f.Name) {
|
|
|
|
|
if err := models.ChangeUserName(c.User, f.Name); err != nil {
|
|
|
|
|
c.FormErr("Name")
|
|
|
|
|
var msg string
|
|
|
|
|
switch {
|
|
|
|
|
case models.IsErrUserAlreadyExist(err):
|
|
|
|
|
msg = c.Tr("form.username_been_taken")
|
|
|
|
|
case models.IsErrEmailAlreadyUsed(err):
|
|
|
|
|
msg = c.Tr("form.email_been_used")
|
|
|
|
|
case models.IsErrNameReserved(err):
|
|
|
|
|
msg = c.Tr("form.name_reserved")
|
|
|
|
|
case models.IsErrNamePatternNotAllowed(err):
|
|
|
|
|
msg = c.Tr("form.name_pattern_not_allowed")
|
|
|
|
|
default:
|
|
|
|
|
c.ServerError("ChangeUserName", err)
|
|
|
|
|
return
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
c.RenderWithErr(msg, SETTINGS_PROFILE, &f)
|
|
|
|
|
return
|
2014-07-26 08:24:27 +04:00
|
|
|
}
|
2015-12-12 02:52:28 +03:00
|
|
|
|
2017-04-07 07:49:30 +03:00
|
|
|
log.Trace("Username changed: %s -> %s", c.User.Name, f.Name)
|
|
|
|
|
}
|
2015-12-12 02:52:28 +03:00
|
|
|
|
2017-04-07 07:49:30 +03:00
|
|
|
// In case it's just a case change
|
|
|
|
|
c.User.Name = f.Name
|
|
|
|
|
c.User.LowerName = strings.ToLower(f.Name)
|
2015-12-12 02:52:28 +03:00
|
|
|
}
|
2014-03-13 11:39:18 +04:00
|
|
|
|
2017-04-07 07:49:30 +03:00
|
|
|
c.User.FullName = f.FullName
|
|
|
|
|
c.User.Email = f.Email
|
|
|
|
|
c.User.Website = f.Website
|
|
|
|
|
c.User.Location = f.Location
|
|
|
|
|
if err := models.UpdateUser(c.User); err != nil {
|
|
|
|
|
c.ServerError("UpdateUser", err)
|
2014-03-13 11:39:18 +04:00
|
|
|
return
|
|
|
|
|
}
|
2016-03-05 08:51:51 +03:00
|
|
|
|
2017-04-07 07:49:30 +03:00
|
|
|
c.Flash.Success(c.Tr("settings.update_profile_success"))
|
|
|
|
|
c.SubURLRedirect("/user/settings")
|
2014-03-10 12:54:52 +04:00
|
|
|
}
|
|
|
|
|
|
2014-11-21 18:58:08 +03:00
|
|
|
// FIXME: limit size.
|
2017-04-07 07:49:30 +03:00
|
|
|
func UpdateAvatarSetting(c *context.Context, f form.Avatar, ctxUser *models.User) error {
|
2017-02-23 19:39:09 +03:00
|
|
|
ctxUser.UseCustomAvatar = f.Source == form.AVATAR_LOCAL
|
|
|
|
|
if len(f.Gravatar) > 0 {
|
2017-04-07 00:13:53 +03:00
|
|
|
ctxUser.Avatar = tool.MD5(f.Gravatar)
|
2017-02-23 19:39:09 +03:00
|
|
|
ctxUser.AvatarEmail = f.Gravatar
|
2016-08-07 20:27:38 +03:00
|
|
|
}
|
2014-11-21 20:51:36 +03:00
|
|
|
|
2017-02-23 19:39:09 +03:00
|
|
|
if f.Avatar != nil {
|
2017-04-07 07:49:30 +03:00
|
|
|
r, err := f.Avatar.Open()
|
2014-11-21 18:58:08 +03:00
|
|
|
if err != nil {
|
2015-09-07 00:12:02 +03:00
|
|
|
return fmt.Errorf("Avatar.Open: %v", err)
|
2014-11-21 18:58:08 +03:00
|
|
|
}
|
2017-04-07 07:49:30 +03:00
|
|
|
defer r.Close()
|
2014-11-21 18:58:08 +03:00
|
|
|
|
2017-04-07 07:49:30 +03:00
|
|
|
data, err := ioutil.ReadAll(r)
|
2014-11-21 18:58:08 +03:00
|
|
|
if err != nil {
|
2016-03-05 08:51:51 +03:00
|
|
|
return fmt.Errorf("ioutil.ReadAll: %v", err)
|
2014-11-21 18:58:08 +03:00
|
|
|
}
|
2017-04-05 16:05:40 +03:00
|
|
|
if !tool.IsImageFile(data) {
|
2017-04-07 07:49:30 +03:00
|
|
|
return errors.New(c.Tr("settings.uploaded_avatar_not_a_image"))
|
2014-11-21 18:58:08 +03:00
|
|
|
}
|
2015-09-07 00:12:02 +03:00
|
|
|
if err = ctxUser.UploadAvatar(data); err != nil {
|
|
|
|
|
return fmt.Errorf("UploadAvatar: %v", err)
|
2014-11-21 18:58:08 +03:00
|
|
|
}
|
2014-11-22 18:22:53 +03:00
|
|
|
} else {
|
2016-03-05 08:51:51 +03:00
|
|
|
// No avatar is uploaded but setting has been changed to enable,
|
|
|
|
|
// generate a random one when needed.
|
2016-08-07 20:27:38 +03:00
|
|
|
if ctxUser.UseCustomAvatar && !com.IsFile(ctxUser.CustomAvatarPath()) {
|
2016-03-05 08:51:51 +03:00
|
|
|
if err := ctxUser.GenerateRandomAvatar(); err != nil {
|
2016-07-23 20:08:22 +03:00
|
|
|
log.Error(4, "GenerateRandomAvatar[%d]: %v", ctxUser.ID, err)
|
2016-03-05 08:51:51 +03:00
|
|
|
}
|
2014-11-22 18:22:53 +03:00
|
|
|
}
|
2014-11-21 18:58:08 +03:00
|
|
|
}
|
2014-11-22 18:22:53 +03:00
|
|
|
|
2015-09-07 00:12:02 +03:00
|
|
|
if err := models.UpdateUser(ctxUser); err != nil {
|
|
|
|
|
return fmt.Errorf("UpdateUser: %v", err)
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return nil
|
|
|
|
|
}
|
|
|
|
|
|
2017-04-07 07:49:30 +03:00
|
|
|
func SettingsAvatar(c *context.Context) {
|
|
|
|
|
c.Title("settings.avatar")
|
|
|
|
|
c.PageIs("SettingsAvatar")
|
|
|
|
|
c.Success(SETTINGS_AVATAR)
|
2016-08-07 20:27:38 +03:00
|
|
|
}
|
|
|
|
|
|
2017-04-07 07:49:30 +03:00
|
|
|
func SettingsAvatarPost(c *context.Context, f form.Avatar) {
|
|
|
|
|
if err := UpdateAvatarSetting(c, f, c.User); err != nil {
|
|
|
|
|
c.Flash.Error(err.Error())
|
2015-09-07 00:12:02 +03:00
|
|
|
} else {
|
2017-04-07 07:49:30 +03:00
|
|
|
c.Flash.Success(c.Tr("settings.update_avatar_success"))
|
2014-11-22 18:22:53 +03:00
|
|
|
}
|
|
|
|
|
|
2017-04-07 07:49:30 +03:00
|
|
|
c.SubURLRedirect("/user/settings/avatar")
|
2014-11-21 18:58:08 +03:00
|
|
|
}
|
|
|
|
|
|
2017-04-07 07:49:30 +03:00
|
|
|
func SettingsDeleteAvatar(c *context.Context) {
|
|
|
|
|
if err := c.User.DeleteAvatar(); err != nil {
|
|
|
|
|
c.Flash.Error(fmt.Sprintf("DeleteAvatar: %v", err))
|
2016-03-05 08:51:51 +03:00
|
|
|
}
|
2016-03-06 19:36:30 +03:00
|
|
|
|
2017-04-07 07:49:30 +03:00
|
|
|
c.SubURLRedirect("/user/settings/avatar")
|
2016-03-05 08:51:51 +03:00
|
|
|
}
|
|
|
|
|
|
2017-04-07 07:49:30 +03:00
|
|
|
func SettingsPassword(c *context.Context) {
|
|
|
|
|
c.Title("settings.password")
|
|
|
|
|
c.PageIs("SettingsPassword")
|
|
|
|
|
c.Success(SETTINGS_PASSWORD)
|
2015-09-10 18:40:34 +03:00
|
|
|
}
|
2014-12-17 18:42:54 +03:00
|
|
|
|
2017-04-07 07:49:30 +03:00
|
|
|
func SettingsPasswordPost(c *context.Context, f form.ChangePassword) {
|
|
|
|
|
c.Title("settings.password")
|
|
|
|
|
c.PageIs("SettingsPassword")
|
2015-09-10 18:40:34 +03:00
|
|
|
|
2017-04-07 07:49:30 +03:00
|
|
|
if c.HasError() {
|
|
|
|
|
c.Success(SETTINGS_PASSWORD)
|
2014-12-17 18:42:54 +03:00
|
|
|
return
|
|
|
|
|
}
|
|
|
|
|
|
2017-04-07 07:49:30 +03:00
|
|
|
if !c.User.ValidatePassword(f.OldPassword) {
|
|
|
|
|
c.Flash.Error(c.Tr("settings.password_incorrect"))
|
2017-02-23 19:39:09 +03:00
|
|
|
} else if f.Password != f.Retype {
|
2017-04-07 07:49:30 +03:00
|
|
|
c.Flash.Error(c.Tr("form.password_not_match"))
|
2015-09-10 18:40:34 +03:00
|
|
|
} else {
|
2017-04-07 07:49:30 +03:00
|
|
|
c.User.Passwd = f.Password
|
2016-12-21 11:41:37 +03:00
|
|
|
var err error
|
2017-04-07 07:49:30 +03:00
|
|
|
if c.User.Salt, err = models.GetUserSalt(); err != nil {
|
|
|
|
|
c.ServerError("GetUserSalt", err)
|
2016-12-21 11:41:37 +03:00
|
|
|
return
|
|
|
|
|
}
|
2017-04-07 07:49:30 +03:00
|
|
|
c.User.EncodePasswd()
|
|
|
|
|
if err := models.UpdateUser(c.User); err != nil {
|
|
|
|
|
c.ServerError("UpdateUser", err)
|
2015-09-10 18:40:34 +03:00
|
|
|
return
|
|
|
|
|
}
|
2017-04-07 07:49:30 +03:00
|
|
|
c.Flash.Success(c.Tr("settings.change_password_success"))
|
2015-09-10 18:40:34 +03:00
|
|
|
}
|
|
|
|
|
|
2017-04-07 07:49:30 +03:00
|
|
|
c.SubURLRedirect("/user/settings/password")
|
2014-12-17 18:42:54 +03:00
|
|
|
}
|
|
|
|
|
|
2017-04-07 07:49:30 +03:00
|
|
|
func SettingsEmails(c *context.Context) {
|
|
|
|
|
c.Title("settings.emails")
|
|
|
|
|
c.PageIs("SettingsEmails")
|
2014-12-17 18:42:54 +03:00
|
|
|
|
2017-04-07 07:49:30 +03:00
|
|
|
emails, err := models.GetEmailAddresses(c.User.ID)
|
2014-12-17 18:42:54 +03:00
|
|
|
if err != nil {
|
2017-04-07 07:49:30 +03:00
|
|
|
c.ServerError("GetEmailAddresses", err)
|
2014-12-17 18:42:54 +03:00
|
|
|
return
|
|
|
|
|
}
|
2017-04-07 07:49:30 +03:00
|
|
|
c.Data["Emails"] = emails
|
2014-12-17 18:42:54 +03:00
|
|
|
|
2017-04-07 07:49:30 +03:00
|
|
|
c.Success(SETTINGS_EMAILS)
|
2015-09-10 18:40:34 +03:00
|
|
|
}
|
2014-12-17 18:42:54 +03:00
|
|
|
|
2017-04-07 07:49:30 +03:00
|
|
|
func SettingsEmailPost(c *context.Context, f form.AddEmail) {
|
|
|
|
|
c.Title("settings.emails")
|
|
|
|
|
c.PageIs("SettingsEmails")
|
2014-12-17 18:42:54 +03:00
|
|
|
|
|
|
|
|
// Make emailaddress primary.
|
2017-04-07 07:49:30 +03:00
|
|
|
if c.Query("_method") == "PRIMARY" {
|
|
|
|
|
if err := models.MakeEmailPrimary(&models.EmailAddress{ID: c.QueryInt64("id")}); err != nil {
|
|
|
|
|
c.ServerError("MakeEmailPrimary", err)
|
2014-12-17 18:42:54 +03:00
|
|
|
return
|
|
|
|
|
}
|
|
|
|
|
|
2017-04-07 07:49:30 +03:00
|
|
|
c.SubURLRedirect("/user/settings/email")
|
2014-12-17 18:42:54 +03:00
|
|
|
return
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// Add Email address.
|
2017-04-07 07:49:30 +03:00
|
|
|
emails, err := models.GetEmailAddresses(c.User.ID)
|
2015-09-10 18:40:34 +03:00
|
|
|
if err != nil {
|
2017-04-07 07:49:30 +03:00
|
|
|
c.ServerError("GetEmailAddresses", err)
|
2015-09-10 18:40:34 +03:00
|
|
|
return
|
|
|
|
|
}
|
2017-04-07 07:49:30 +03:00
|
|
|
c.Data["Emails"] = emails
|
2015-09-10 18:40:34 +03:00
|
|
|
|
2017-04-07 07:49:30 +03:00
|
|
|
if c.HasError() {
|
|
|
|
|
c.Success(SETTINGS_EMAILS)
|
2015-02-22 06:13:47 +03:00
|
|
|
return
|
|
|
|
|
}
|
2014-12-17 18:42:54 +03:00
|
|
|
|
2016-07-15 19:36:39 +03:00
|
|
|
email := &models.EmailAddress{
|
2017-04-07 07:49:30 +03:00
|
|
|
UID: c.User.ID,
|
2017-02-23 19:39:09 +03:00
|
|
|
Email: f.Email,
|
2015-02-22 06:13:47 +03:00
|
|
|
IsActivated: !setting.Service.RegisterEmailConfirm,
|
|
|
|
|
}
|
2016-07-15 19:36:39 +03:00
|
|
|
if err := models.AddEmailAddress(email); err != nil {
|
2015-03-27 00:11:47 +03:00
|
|
|
if models.IsErrEmailAlreadyUsed(err) {
|
2017-04-07 07:49:30 +03:00
|
|
|
c.RenderWithErr(c.Tr("form.email_been_used"), SETTINGS_EMAILS, &f)
|
|
|
|
|
} else {
|
|
|
|
|
c.ServerError("AddEmailAddress", err)
|
2015-02-22 06:13:47 +03:00
|
|
|
}
|
|
|
|
|
return
|
2015-09-10 18:40:34 +03:00
|
|
|
}
|
2014-12-17 18:42:54 +03:00
|
|
|
|
2016-07-15 19:36:39 +03:00
|
|
|
// Send confirmation email
|
2015-09-10 18:40:34 +03:00
|
|
|
if setting.Service.RegisterEmailConfirm {
|
2017-04-07 07:49:30 +03:00
|
|
|
mailer.SendActivateEmailMail(c.Context, models.NewMailerUser(c.User), email.Email)
|
2014-12-17 18:42:54 +03:00
|
|
|
|
2017-04-07 07:49:30 +03:00
|
|
|
if err := c.Cache.Put("MailResendLimit_"+c.User.LowerName, c.User.LowerName, 180); err != nil {
|
|
|
|
|
log.Error(2, "Set cache 'MailResendLimit' failed: %v", err)
|
2015-09-10 18:40:34 +03:00
|
|
|
}
|
2017-04-07 07:49:30 +03:00
|
|
|
c.Flash.Info(c.Tr("settings.add_email_confirmation_sent", email.Email, setting.Service.ActiveCodeLives/60))
|
2015-09-10 18:40:34 +03:00
|
|
|
} else {
|
2017-04-07 07:49:30 +03:00
|
|
|
c.Flash.Success(c.Tr("settings.add_email_success"))
|
2014-12-17 18:42:54 +03:00
|
|
|
}
|
|
|
|
|
|
2017-04-07 07:49:30 +03:00
|
|
|
c.SubURLRedirect("/user/settings/email")
|
2014-04-11 02:09:57 +04:00
|
|
|
}
|
|
|
|
|
|
2017-04-07 07:49:30 +03:00
|
|
|
func DeleteEmail(c *context.Context) {
|
2016-12-23 03:19:56 +03:00
|
|
|
if err := models.DeleteEmailAddress(&models.EmailAddress{
|
2017-04-07 07:49:30 +03:00
|
|
|
ID: c.QueryInt64("id"),
|
|
|
|
|
UID: c.User.ID,
|
2016-12-23 03:19:56 +03:00
|
|
|
}); err != nil {
|
2017-04-07 07:49:30 +03:00
|
|
|
c.ServerError("DeleteEmailAddress", err)
|
2014-03-14 09:12:07 +04:00
|
|
|
return
|
|
|
|
|
}
|
2014-03-13 12:06:35 +04:00
|
|
|
|
2017-04-07 07:49:30 +03:00
|
|
|
c.Flash.Success(c.Tr("settings.email_deletion_success"))
|
|
|
|
|
c.JSONSuccess(map[string]interface{}{
|
2017-04-07 00:27:57 +03:00
|
|
|
"redirect": setting.AppSubURL + "/user/settings/email",
|
2015-09-10 18:40:34 +03:00
|
|
|
})
|
2014-03-13 12:06:35 +04:00
|
|
|
}
|
|
|
|
|
|
2017-04-07 07:49:30 +03:00
|
|
|
func SettingsSSHKeys(c *context.Context) {
|
|
|
|
|
c.Title("settings.ssh_keys")
|
|
|
|
|
c.PageIs("SettingsSSHKeys")
|
2014-07-20 20:02:59 +04:00
|
|
|
|
2017-04-07 07:49:30 +03:00
|
|
|
keys, err := models.ListPublicKeys(c.User.ID)
|
2014-07-20 20:02:59 +04:00
|
|
|
if err != nil {
|
2017-04-07 07:49:30 +03:00
|
|
|
c.ServerError("ListPublicKeys", err)
|
2014-07-26 08:24:27 +04:00
|
|
|
return
|
2014-07-20 20:02:59 +04:00
|
|
|
}
|
2017-04-07 07:49:30 +03:00
|
|
|
c.Data["Keys"] = keys
|
2014-07-20 20:02:59 +04:00
|
|
|
|
2017-04-07 07:49:30 +03:00
|
|
|
c.Success(SETTINGS_SSH_KEYS)
|
2014-07-20 20:02:59 +04:00
|
|
|
}
|
|
|
|
|
|
2017-04-07 07:49:30 +03:00
|
|
|
func SettingsSSHKeysPost(c *context.Context, f form.AddSSHKey) {
|
|
|
|
|
c.Title("settings.ssh_keys")
|
|
|
|
|
c.PageIs("SettingsSSHKeys")
|
2014-07-26 08:24:27 +04:00
|
|
|
|
2017-04-07 07:49:30 +03:00
|
|
|
keys, err := models.ListPublicKeys(c.User.ID)
|
2014-07-26 08:24:27 +04:00
|
|
|
if err != nil {
|
2017-04-07 07:49:30 +03:00
|
|
|
c.ServerError("ListPublicKeys", err)
|
2014-07-26 08:24:27 +04:00
|
|
|
return
|
|
|
|
|
}
|
2017-04-07 07:49:30 +03:00
|
|
|
c.Data["Keys"] = keys
|
2014-03-11 04:48:58 +04:00
|
|
|
|
2017-04-07 07:49:30 +03:00
|
|
|
if c.HasError() {
|
|
|
|
|
c.Success(SETTINGS_SSH_KEYS)
|
2015-08-20 12:11:29 +03:00
|
|
|
return
|
|
|
|
|
}
|
2014-03-11 04:48:58 +04:00
|
|
|
|
2017-02-23 19:39:09 +03:00
|
|
|
content, err := models.CheckPublicKeyString(f.Content)
|
2015-08-20 12:11:29 +03:00
|
|
|
if err != nil {
|
2015-11-19 05:21:47 +03:00
|
|
|
if models.IsErrKeyUnableVerify(err) {
|
2017-04-07 07:49:30 +03:00
|
|
|
c.Flash.Info(c.Tr("form.unable_verify_ssh_key"))
|
2014-03-10 17:12:49 +04:00
|
|
|
} else {
|
2017-04-07 07:49:30 +03:00
|
|
|
c.Flash.Error(c.Tr("form.invalid_ssh_key", err.Error()))
|
|
|
|
|
c.SubURLRedirect("/user/settings/ssh")
|
2015-08-20 12:11:29 +03:00
|
|
|
return
|
2014-03-10 17:12:49 +04:00
|
|
|
}
|
|
|
|
|
}
|
2014-03-11 04:48:58 +04:00
|
|
|
|
2017-04-07 07:49:30 +03:00
|
|
|
if _, err = models.AddPublicKey(c.User.ID, f.Title, content); err != nil {
|
|
|
|
|
c.Data["HasError"] = true
|
2015-08-20 12:11:29 +03:00
|
|
|
switch {
|
|
|
|
|
case models.IsErrKeyAlreadyExist(err):
|
2017-04-07 07:49:30 +03:00
|
|
|
c.FormErr("Content")
|
|
|
|
|
c.RenderWithErr(c.Tr("settings.ssh_key_been_used"), SETTINGS_SSH_KEYS, &f)
|
2015-08-20 12:11:29 +03:00
|
|
|
case models.IsErrKeyNameAlreadyUsed(err):
|
2017-04-07 07:49:30 +03:00
|
|
|
c.FormErr("Title")
|
|
|
|
|
c.RenderWithErr(c.Tr("settings.ssh_key_name_used"), SETTINGS_SSH_KEYS, &f)
|
2015-08-20 12:11:29 +03:00
|
|
|
default:
|
2017-04-07 07:49:30 +03:00
|
|
|
c.ServerError("AddPublicKey", err)
|
2014-03-11 04:48:58 +04:00
|
|
|
}
|
2015-08-20 12:11:29 +03:00
|
|
|
return
|
|
|
|
|
}
|
2014-03-11 04:48:58 +04:00
|
|
|
|
2017-04-07 07:49:30 +03:00
|
|
|
c.Flash.Success(c.Tr("settings.add_key_success", f.Title))
|
|
|
|
|
c.SubURLRedirect("/user/settings/ssh")
|
2015-08-20 12:11:29 +03:00
|
|
|
}
|
2014-05-06 00:21:43 +04:00
|
|
|
|
2017-04-07 07:49:30 +03:00
|
|
|
func DeleteSSHKey(c *context.Context) {
|
|
|
|
|
if err := models.DeletePublicKey(c.User, c.QueryInt64("id")); err != nil {
|
|
|
|
|
c.Flash.Error("DeletePublicKey: " + err.Error())
|
2015-08-20 12:11:29 +03:00
|
|
|
} else {
|
2017-04-07 07:49:30 +03:00
|
|
|
c.Flash.Success(c.Tr("settings.ssh_key_deletion_success"))
|
2014-03-10 12:54:52 +04:00
|
|
|
}
|
2014-03-11 04:48:58 +04:00
|
|
|
|
2017-04-07 07:49:30 +03:00
|
|
|
c.JSONSuccess(map[string]interface{}{
|
2017-04-07 00:27:57 +03:00
|
|
|
"redirect": setting.AppSubURL + "/user/settings/ssh",
|
2015-08-20 12:11:29 +03:00
|
|
|
})
|
2014-03-10 12:54:52 +04:00
|
|
|
}
|
2014-03-14 13:12:28 +04:00
|
|
|
|
2017-04-06 07:14:30 +03:00
|
|
|
func SettingsSecurity(c *context.Context) {
|
2017-04-07 07:49:30 +03:00
|
|
|
c.Title("settings.security")
|
|
|
|
|
c.PageIs("SettingsSecurity")
|
2017-04-06 07:14:30 +03:00
|
|
|
|
|
|
|
|
t, err := models.GetTwoFactorByUserID(c.UserID())
|
|
|
|
|
if err != nil && !errors.IsTwoFactorNotFound(err) {
|
|
|
|
|
c.ServerError("GetTwoFactorByUserID", err)
|
|
|
|
|
return
|
|
|
|
|
}
|
|
|
|
|
c.Data["TwoFactor"] = t
|
|
|
|
|
|
|
|
|
|
c.Success(SETTINGS_SECURITY)
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
func SettingsTwoFactorEnable(c *context.Context) {
|
|
|
|
|
if c.User.IsEnabledTwoFactor() {
|
|
|
|
|
c.NotFound()
|
|
|
|
|
return
|
|
|
|
|
}
|
|
|
|
|
|
2017-04-07 07:49:30 +03:00
|
|
|
c.Title("settings.two_factor_enable_title")
|
|
|
|
|
c.PageIs("SettingsSecurity")
|
2017-04-06 07:14:30 +03:00
|
|
|
|
|
|
|
|
var key *otp.Key
|
|
|
|
|
var err error
|
|
|
|
|
keyURL := c.Session.Get("twoFactorURL")
|
|
|
|
|
if keyURL != nil {
|
|
|
|
|
key, _ = otp.NewKeyFromURL(keyURL.(string))
|
|
|
|
|
}
|
|
|
|
|
if key == nil {
|
|
|
|
|
key, err = totp.Generate(totp.GenerateOpts{
|
|
|
|
|
Issuer: setting.AppName,
|
|
|
|
|
AccountName: c.User.Email,
|
|
|
|
|
})
|
|
|
|
|
if err != nil {
|
|
|
|
|
c.ServerError("Generate", err)
|
|
|
|
|
return
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
c.Data["TwoFactorSecret"] = key.Secret()
|
|
|
|
|
|
|
|
|
|
img, err := key.Image(240, 240)
|
|
|
|
|
if err != nil {
|
|
|
|
|
c.ServerError("Image", err)
|
|
|
|
|
return
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
var buf bytes.Buffer
|
|
|
|
|
if err = png.Encode(&buf, img); err != nil {
|
|
|
|
|
c.ServerError("Encode", err)
|
|
|
|
|
return
|
|
|
|
|
}
|
|
|
|
|
c.Data["QRCode"] = template.URL("data:image/png;base64," + base64.StdEncoding.EncodeToString(buf.Bytes()))
|
|
|
|
|
|
|
|
|
|
c.Session.Set("twoFactorSecret", c.Data["TwoFactorSecret"])
|
|
|
|
|
c.Session.Set("twoFactorURL", key.String())
|
|
|
|
|
c.Success(SETTINGS_TWO_FACTOR_ENABLE)
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
func SettingsTwoFactorEnablePost(c *context.Context) {
|
|
|
|
|
secret, ok := c.Session.Get("twoFactorSecret").(string)
|
|
|
|
|
if !ok {
|
|
|
|
|
c.NotFound()
|
|
|
|
|
return
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if !totp.Validate(c.Query("passcode"), secret) {
|
|
|
|
|
c.Flash.Error(c.Tr("settings.two_factor_invalid_passcode"))
|
2017-04-07 07:49:30 +03:00
|
|
|
c.SubURLRedirect("/user/settings/security/two_factor_enable")
|
2017-04-06 07:14:30 +03:00
|
|
|
return
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if err := models.NewTwoFactor(c.UserID(), secret); err != nil {
|
|
|
|
|
c.Flash.Error(c.Tr("settings.two_factor_enable_error", err))
|
2017-04-07 07:49:30 +03:00
|
|
|
c.SubURLRedirect("/user/settings/security/two_factor_enable")
|
2017-04-06 07:14:30 +03:00
|
|
|
return
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
c.Session.Delete("twoFactorSecret")
|
|
|
|
|
c.Session.Delete("twoFactorURL")
|
|
|
|
|
c.Flash.Success(c.Tr("settings.two_factor_enable_success"))
|
2017-04-07 07:49:30 +03:00
|
|
|
c.SubURLRedirect("/user/settings/security/two_factor_recovery_codes")
|
2017-04-06 07:14:30 +03:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
func SettingsTwoFactorRecoveryCodes(c *context.Context) {
|
|
|
|
|
if !c.User.IsEnabledTwoFactor() {
|
|
|
|
|
c.NotFound()
|
|
|
|
|
return
|
|
|
|
|
}
|
|
|
|
|
|
2017-04-07 07:49:30 +03:00
|
|
|
c.Title("settings.two_factor_recovery_codes_title")
|
|
|
|
|
c.PageIs("SettingsSecurity")
|
2017-04-06 07:14:30 +03:00
|
|
|
|
|
|
|
|
recoveryCodes, err := models.GetRecoveryCodesByUserID(c.UserID())
|
|
|
|
|
if err != nil {
|
|
|
|
|
c.ServerError("GetRecoveryCodesByUserID", err)
|
|
|
|
|
return
|
|
|
|
|
}
|
|
|
|
|
c.Data["RecoveryCodes"] = recoveryCodes
|
|
|
|
|
|
|
|
|
|
c.Success(SETTINGS_TWO_FACTOR_RECOVERY_CODES)
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
func SettingsTwoFactorRecoveryCodesPost(c *context.Context) {
|
|
|
|
|
if !c.User.IsEnabledTwoFactor() {
|
|
|
|
|
c.NotFound()
|
|
|
|
|
return
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if err := models.RegenerateRecoveryCodes(c.UserID()); err != nil {
|
|
|
|
|
c.Flash.Error(c.Tr("settings.two_factor_regenerate_recovery_codes_error", err))
|
|
|
|
|
} else {
|
|
|
|
|
c.Flash.Success(c.Tr("settings.two_factor_regenerate_recovery_codes_success"))
|
|
|
|
|
}
|
|
|
|
|
|
2017-04-07 07:49:30 +03:00
|
|
|
c.SubURLRedirect("/user/settings/security/two_factor_recovery_codes")
|
2017-04-06 07:14:30 +03:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
func SettingsTwoFactorDisable(c *context.Context) {
|
|
|
|
|
if !c.User.IsEnabledTwoFactor() {
|
|
|
|
|
c.NotFound()
|
|
|
|
|
return
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if err := models.DeleteTwoFactor(c.UserID()); err != nil {
|
|
|
|
|
c.ServerError("DeleteTwoFactor", err)
|
|
|
|
|
return
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
c.Flash.Success(c.Tr("settings.two_factor_disable_success"))
|
|
|
|
|
c.JSONSuccess(map[string]interface{}{
|
2017-04-07 00:27:57 +03:00
|
|
|
"redirect": setting.AppSubURL + "/user/settings/security",
|
2017-04-06 07:14:30 +03:00
|
|
|
})
|
|
|
|
|
}
|
|
|
|
|
|
2017-04-07 07:49:30 +03:00
|
|
|
func SettingsRepos(c *context.Context) {
|
|
|
|
|
c.Title("settings.repos")
|
|
|
|
|
c.PageIs("SettingsRepositories")
|
2014-11-12 14:48:50 +03:00
|
|
|
|
2017-04-07 07:49:30 +03:00
|
|
|
repos, err := models.GetUserAndCollaborativeRepositories(c.User.ID)
|
2014-11-12 14:48:50 +03:00
|
|
|
if err != nil {
|
2017-04-07 07:49:30 +03:00
|
|
|
c.ServerError("GetUserAndCollaborativeRepositories", err)
|
2014-11-12 14:48:50 +03:00
|
|
|
return
|
|
|
|
|
}
|
2017-04-07 07:49:30 +03:00
|
|
|
if err = models.RepositoryList(repos).LoadAttributes(); err != nil {
|
|
|
|
|
c.ServerError("LoadAttributes", err)
|
|
|
|
|
return
|
|
|
|
|
}
|
|
|
|
|
c.Data["Repos"] = repos
|
2014-11-12 14:48:50 +03:00
|
|
|
|
2017-04-07 07:49:30 +03:00
|
|
|
c.Success(SETTINGS_REPOSITORIES)
|
2014-11-12 14:48:50 +03:00
|
|
|
}
|
|
|
|
|
|
2017-04-07 07:49:30 +03:00
|
|
|
func SettingsLeaveRepo(c *context.Context) {
|
|
|
|
|
repo, err := models.GetRepositoryByID(c.QueryInt64("id"))
|
2017-04-05 16:27:42 +03:00
|
|
|
if err != nil {
|
2017-04-07 07:49:30 +03:00
|
|
|
c.NotFoundOrServerError("GetRepositoryByID", errors.IsRepoNotExist, err)
|
2017-04-05 16:27:42 +03:00
|
|
|
return
|
|
|
|
|
}
|
2017-04-07 07:49:30 +03:00
|
|
|
|
|
|
|
|
if err = repo.DeleteCollaboration(c.User.ID); err != nil {
|
|
|
|
|
c.ServerError("DeleteCollaboration", err)
|
2017-04-05 16:27:42 +03:00
|
|
|
return
|
|
|
|
|
}
|
|
|
|
|
|
2017-04-07 07:49:30 +03:00
|
|
|
c.Flash.Success(c.Tr("settings.repos.leave_success", repo.FullName()))
|
|
|
|
|
c.JSONSuccess(map[string]interface{}{
|
|
|
|
|
"redirect": setting.AppSubURL + "/user/settings/repositories",
|
|
|
|
|
})
|
2017-04-05 16:27:42 +03:00
|
|
|
}
|
|
|
|
|
|
2017-04-07 07:49:30 +03:00
|
|
|
func SettingsOrganizations(c *context.Context) {
|
|
|
|
|
c.Title("settings.orgs")
|
|
|
|
|
c.PageIs("SettingsOrganizations")
|
|
|
|
|
|
|
|
|
|
orgs, err := models.GetOrgsByUserID(c.User.ID, true)
|
2017-04-05 16:27:42 +03:00
|
|
|
if err != nil {
|
2017-04-07 07:49:30 +03:00
|
|
|
c.ServerError("GetOrgsByUserID", err)
|
|
|
|
|
return
|
|
|
|
|
}
|
|
|
|
|
c.Data["Orgs"] = orgs
|
|
|
|
|
|
|
|
|
|
c.Success(SETTINGS_ORGANIZATIONS)
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
func SettingsLeaveOrganization(c *context.Context) {
|
|
|
|
|
if err := models.RemoveOrgUser(c.QueryInt64("id"), c.User.ID); err != nil {
|
2017-04-05 16:27:42 +03:00
|
|
|
if models.IsErrLastOrgOwner(err) {
|
2017-04-07 07:49:30 +03:00
|
|
|
c.Flash.Error(c.Tr("form.last_org_owner"))
|
2017-04-05 16:27:42 +03:00
|
|
|
} else {
|
2017-04-07 07:49:30 +03:00
|
|
|
c.ServerError("RemoveOrgUser", err)
|
2017-04-05 16:27:42 +03:00
|
|
|
return
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2017-04-07 07:49:30 +03:00
|
|
|
c.JSONSuccess(map[string]interface{}{
|
2017-04-07 00:27:57 +03:00
|
|
|
"redirect": setting.AppSubURL + "/user/settings/organizations",
|
2017-04-05 16:27:42 +03:00
|
|
|
})
|
|
|
|
|
}
|
|
|
|
|
|
2017-04-07 07:49:30 +03:00
|
|
|
func SettingsApplications(c *context.Context) {
|
|
|
|
|
c.Title("settings.applications")
|
|
|
|
|
c.PageIs("SettingsApplications")
|
2017-04-05 16:27:42 +03:00
|
|
|
|
2017-04-07 07:49:30 +03:00
|
|
|
tokens, err := models.ListAccessTokens(c.User.ID)
|
|
|
|
|
if err != nil {
|
|
|
|
|
c.ServerError("ListAccessTokens", err)
|
2017-04-05 16:27:42 +03:00
|
|
|
return
|
|
|
|
|
}
|
2017-04-07 07:49:30 +03:00
|
|
|
c.Data["Tokens"] = tokens
|
2017-04-05 16:27:42 +03:00
|
|
|
|
2017-04-07 07:49:30 +03:00
|
|
|
c.Success(SETTINGS_APPLICATIONS)
|
2017-04-05 16:27:42 +03:00
|
|
|
}
|
|
|
|
|
|
2017-04-07 07:49:30 +03:00
|
|
|
func SettingsApplicationsPost(c *context.Context, f form.NewAccessToken) {
|
|
|
|
|
c.Title("settings.applications")
|
|
|
|
|
c.PageIs("SettingsApplications")
|
2014-11-12 14:48:50 +03:00
|
|
|
|
2017-04-07 07:49:30 +03:00
|
|
|
if c.HasError() {
|
|
|
|
|
tokens, err := models.ListAccessTokens(c.User.ID)
|
2015-08-20 12:11:29 +03:00
|
|
|
if err != nil {
|
2017-04-07 07:49:30 +03:00
|
|
|
c.ServerError("ListAccessTokens", err)
|
2015-08-20 12:11:29 +03:00
|
|
|
return
|
|
|
|
|
}
|
2017-04-07 07:49:30 +03:00
|
|
|
|
|
|
|
|
c.Data["Tokens"] = tokens
|
|
|
|
|
c.Success(SETTINGS_APPLICATIONS)
|
2015-08-18 22:36:16 +03:00
|
|
|
return
|
|
|
|
|
}
|
2014-11-12 14:48:50 +03:00
|
|
|
|
2015-08-18 22:36:16 +03:00
|
|
|
t := &models.AccessToken{
|
2017-04-07 07:49:30 +03:00
|
|
|
UID: c.User.ID,
|
2017-02-23 19:39:09 +03:00
|
|
|
Name: f.Name,
|
2014-11-12 14:48:50 +03:00
|
|
|
}
|
2015-08-18 22:36:16 +03:00
|
|
|
if err := models.NewAccessToken(t); err != nil {
|
2017-04-07 07:49:30 +03:00
|
|
|
c.ServerError("NewAccessToken", err)
|
2015-08-18 22:36:16 +03:00
|
|
|
return
|
|
|
|
|
}
|
|
|
|
|
|
2017-04-07 07:49:30 +03:00
|
|
|
c.Flash.Success(c.Tr("settings.generate_token_succees"))
|
|
|
|
|
c.Flash.Info(t.Sha1)
|
|
|
|
|
c.SubURLRedirect("/user/settings/applications")
|
2014-11-12 14:48:50 +03:00
|
|
|
}
|
|
|
|
|
|
2017-04-07 07:49:30 +03:00
|
|
|
func SettingsDeleteApplication(c *context.Context) {
|
|
|
|
|
if err := models.DeleteAccessTokenOfUserByID(c.User.ID, c.QueryInt64("id")); err != nil {
|
|
|
|
|
c.Flash.Error("DeleteAccessTokenByID: " + err.Error())
|
2015-08-18 22:36:16 +03:00
|
|
|
} else {
|
2017-04-07 07:49:30 +03:00
|
|
|
c.Flash.Success(c.Tr("settings.delete_token_success"))
|
2015-08-18 22:36:16 +03:00
|
|
|
}
|
|
|
|
|
|
2017-04-07 07:49:30 +03:00
|
|
|
c.JSONSuccess(map[string]interface{}{
|
2017-04-07 00:27:57 +03:00
|
|
|
"redirect": setting.AppSubURL + "/user/settings/applications",
|
2015-08-18 22:36:16 +03:00
|
|
|
})
|
|
|
|
|
}
|
|
|
|
|
|
2017-04-07 07:49:30 +03:00
|
|
|
func SettingsDelete(c *context.Context) {
|
|
|
|
|
c.Title("settings.delete")
|
|
|
|
|
c.PageIs("SettingsDelete")
|
2014-07-26 08:24:27 +04:00
|
|
|
|
2017-04-07 07:49:30 +03:00
|
|
|
if c.Req.Method == "POST" {
|
|
|
|
|
if _, err := models.UserSignIn(c.User.Name, c.Query("password")); err != nil {
|
2017-03-17 00:18:43 +03:00
|
|
|
if errors.IsUserNotExist(err) {
|
2017-04-07 07:49:30 +03:00
|
|
|
c.RenderWithErr(c.Tr("form.enterred_invalid_password"), SETTINGS_DELETE, nil)
|
2015-08-18 21:49:44 +03:00
|
|
|
} else {
|
2017-04-07 07:49:30 +03:00
|
|
|
c.ServerError("UserSignIn", err)
|
2015-08-18 21:49:44 +03:00
|
|
|
}
|
|
|
|
|
return
|
|
|
|
|
}
|
|
|
|
|
|
2017-04-07 07:49:30 +03:00
|
|
|
if err := models.DeleteUser(c.User); err != nil {
|
2015-03-18 04:51:39 +03:00
|
|
|
switch {
|
|
|
|
|
case models.IsErrUserOwnRepos(err):
|
2017-04-07 07:49:30 +03:00
|
|
|
c.Flash.Error(c.Tr("form.still_own_repo"))
|
|
|
|
|
c.Redirect(setting.AppSubURL + "/user/settings/delete")
|
2015-03-18 04:51:39 +03:00
|
|
|
case models.IsErrUserHasOrgs(err):
|
2017-04-07 07:49:30 +03:00
|
|
|
c.Flash.Error(c.Tr("form.still_has_org"))
|
|
|
|
|
c.Redirect(setting.AppSubURL + "/user/settings/delete")
|
2014-07-26 08:24:27 +04:00
|
|
|
default:
|
2017-04-07 07:49:30 +03:00
|
|
|
c.ServerError("DeleteUser", err)
|
2014-07-26 08:24:27 +04:00
|
|
|
}
|
|
|
|
|
} else {
|
2017-04-07 07:49:30 +03:00
|
|
|
log.Trace("Account deleted: %s", c.User.Name)
|
|
|
|
|
c.Redirect(setting.AppSubURL + "/")
|
2014-07-26 08:24:27 +04:00
|
|
|
}
|
2014-08-14 10:12:21 +04:00
|
|
|
return
|
2014-07-26 08:24:27 +04:00
|
|
|
}
|
|
|
|
|
|
2017-04-07 07:49:30 +03:00
|
|
|
c.Success(SETTINGS_DELETE)
|
2014-03-14 13:12:28 +04:00
|
|
|
}
|
