2015-12-05 23:13:13 +01:00
// Copyright 2015 The Gogs Authors. All rights reserved.
2019-01-23 23:30:19 +01:00
// Copyright 2019 The Gitea Authors. All rights reserved.
2022-11-27 19:20:29 +01:00
// SPDX-License-Identifier: MIT
2015-12-05 23:13:13 +01:00
package admin
import (
2019-10-14 17:24:26 +02:00
"errors"
2020-02-03 17:46:33 +01:00
"fmt"
2019-12-20 18:07:12 +01:00
"net/http"
2019-10-14 17:24:26 +02:00
2016-11-10 17:24:48 +01:00
"code.gitea.io/gitea/models"
2021-12-10 09:14:24 +01:00
asymkey_model "code.gitea.io/gitea/models/asymkey"
2022-01-02 14:12:35 +01:00
"code.gitea.io/gitea/models/auth"
2021-11-24 10:49:20 +01:00
"code.gitea.io/gitea/models/db"
2021-11-11 08:03:30 +01:00
user_model "code.gitea.io/gitea/models/user"
2023-02-19 08:35:20 +01:00
"code.gitea.io/gitea/modules/auth/password"
2016-11-10 17:24:48 +01:00
"code.gitea.io/gitea/modules/log"
2024-02-04 14:29:09 +01:00
"code.gitea.io/gitea/modules/optional"
2021-12-17 03:03:39 +01:00
"code.gitea.io/gitea/modules/setting"
2019-05-11 12:21:34 +02:00
api "code.gitea.io/gitea/modules/structs"
2023-02-16 17:32:01 +01:00
"code.gitea.io/gitea/modules/timeutil"
2021-01-26 16:36:53 +01:00
"code.gitea.io/gitea/modules/web"
2016-11-10 17:24:48 +01:00
"code.gitea.io/gitea/routers/api/v1/user"
2020-01-24 20:00:29 +01:00
"code.gitea.io/gitea/routers/api/v1/utils"
2021-12-10 09:14:24 +01:00
asymkey_service "code.gitea.io/gitea/services/asymkey"
2024-02-27 08:12:22 +01:00
"code.gitea.io/gitea/services/context"
2022-12-29 03:57:15 +01:00
"code.gitea.io/gitea/services/convert"
2019-09-24 07:02:49 +02:00
"code.gitea.io/gitea/services/mailer"
2021-11-18 18:42:27 +01:00
user_service "code.gitea.io/gitea/services/user"
2015-12-05 23:13:13 +01:00
)
2022-01-02 14:12:35 +01:00
func parseAuthSource ( ctx * context . APIContext , u * user_model . User , sourceID int64 , loginName string ) {
2015-12-05 23:13:13 +01:00
if sourceID == 0 {
return
}
2023-10-11 06:24:07 +02:00
source , err := auth . GetSourceByID ( ctx , sourceID )
2015-12-05 23:13:13 +01:00
if err != nil {
2022-01-02 14:12:35 +01:00
if auth . IsErrSourceNotExist ( err ) {
2019-12-20 18:07:12 +01:00
ctx . Error ( http . StatusUnprocessableEntity , "" , err )
2015-12-05 23:13:13 +01:00
} else {
2022-01-02 14:12:35 +01:00
ctx . Error ( http . StatusInternalServerError , "auth.GetSourceByID" , err )
2015-12-05 23:13:13 +01:00
}
return
}
u . LoginType = source . Type
u . LoginSource = source . ID
u . LoginName = loginName
}
2017-11-13 08:02:25 +01:00
// CreateUser create a user
2021-01-26 16:36:53 +01:00
func CreateUser ( ctx * context . APIContext ) {
2017-11-13 08:02:25 +01:00
// swagger:operation POST /admin/users admin adminCreateUser
// ---
// summary: Create a user
// consumes:
// - application/json
// produces:
// - application/json
// parameters:
// - name: body
// in: body
// schema:
// "$ref": "#/definitions/CreateUserOption"
// responses:
// "201":
// "$ref": "#/responses/User"
2019-12-20 18:07:12 +01:00
// "400":
// "$ref": "#/responses/error"
2020-01-09 12:56:32 +01:00
// "403":
// "$ref": "#/responses/forbidden"
2017-11-13 08:02:25 +01:00
// "422":
// "$ref": "#/responses/validationError"
2022-03-26 10:04:22 +01:00
2021-01-26 16:36:53 +01:00
form := web . GetForm ( ctx ) . ( * api . CreateUserOption )
2021-06-26 21:53:14 +02:00
2021-11-24 10:49:20 +01:00
u := & user_model . User {
2019-02-27 20:37:57 +01:00
Name : form . Username ,
FullName : form . FullName ,
Email : form . Email ,
Passwd : form . Password ,
MustChangePassword : true ,
2022-01-02 14:12:35 +01:00
LoginType : auth . Plain ,
2019-02-27 20:37:57 +01:00
}
if form . MustChangePassword != nil {
u . MustChangePassword = * form . MustChangePassword
2015-12-05 23:13:13 +01:00
}
2022-01-02 14:12:35 +01:00
parseAuthSource ( ctx , u , form . SourceID , form . LoginName )
2015-12-05 23:13:13 +01:00
if ctx . Written ( ) {
return
}
2023-12-19 03:32:45 +01:00
if u . LoginType == auth . Plain {
if len ( form . Password ) < setting . MinPasswordLength {
err := errors . New ( "PasswordIsRequired" )
ctx . Error ( http . StatusBadRequest , "PasswordIsRequired" , err )
return
}
if ! password . IsComplexEnough ( form . Password ) {
err := errors . New ( "PasswordComplexity" )
ctx . Error ( http . StatusBadRequest , "PasswordComplexity" , err )
return
}
2024-02-04 14:29:09 +01:00
if err := password . IsPwned ( ctx , form . Password ) ; err != nil {
if password . IsErrIsPwnedRequest ( err ) {
2023-12-19 03:32:45 +01:00
log . Error ( err . Error ( ) )
}
ctx . Error ( http . StatusBadRequest , "PasswordPwned" , errors . New ( "PasswordPwned" ) )
return
2020-09-09 00:06:39 +02:00
}
}
2021-06-26 21:53:14 +02:00
2022-04-29 21:38:11 +02:00
overwriteDefault := & user_model . CreateUserOverwriteOptions {
2024-02-23 03:18:33 +01:00
IsActive : optional . Some ( true ) ,
IsRestricted : optional . FromPtr ( form . Restricted ) ,
2022-04-29 21:38:11 +02:00
}
2021-06-26 21:53:14 +02:00
if form . Visibility != "" {
2022-04-29 21:38:11 +02:00
visibility := api . VisibilityModes [ form . Visibility ]
overwriteDefault . Visibility = & visibility
2021-06-26 21:53:14 +02:00
}
2023-02-16 17:32:01 +01:00
// Update the user creation timestamp. This can only be done after the user
// record has been inserted into the database; the insert intself will always
// set the creation timestamp to "now".
if form . Created != nil {
u . CreatedUnix = timeutil . TimeStamp ( form . Created . Unix ( ) )
u . UpdatedUnix = u . CreatedUnix
}
2024-03-05 06:55:47 +01:00
if err := user_model . AdminCreateUser ( ctx , u , overwriteDefault ) ; err != nil {
2021-11-24 10:49:20 +01:00
if user_model . IsErrUserAlreadyExist ( err ) ||
2021-11-11 08:03:30 +01:00
user_model . IsErrEmailAlreadyUsed ( err ) ||
2021-11-24 10:49:20 +01:00
db . IsErrNameReserved ( err ) ||
db . IsErrNameCharsNotAllowed ( err ) ||
2022-03-14 18:39:54 +01:00
user_model . IsErrEmailCharIsNotSupported ( err ) ||
2021-11-11 08:03:30 +01:00
user_model . IsErrEmailInvalid ( err ) ||
2021-11-24 10:49:20 +01:00
db . IsErrNamePatternNotAllowed ( err ) {
2019-12-20 18:07:12 +01:00
ctx . Error ( http . StatusUnprocessableEntity , "" , err )
2015-12-05 23:13:13 +01:00
} else {
2019-12-20 18:07:12 +01:00
ctx . Error ( http . StatusInternalServerError , "CreateUser" , err )
2015-12-05 23:13:13 +01:00
}
return
}
2024-03-11 07:07:36 +01:00
if ! user_model . IsEmailDomainAllowed ( u . Email ) {
ctx . Resp . Header ( ) . Add ( "X-Gitea-Warning" , fmt . Sprintf ( "the domain of user email %s conflicts with EMAIL_DOMAIN_ALLOWLIST or EMAIL_DOMAIN_BLOCKLIST" , u . Email ) )
}
2022-03-22 08:03:22 +01:00
log . Trace ( "Account created by admin (%s): %s" , ctx . Doer . Name , u . Name )
2015-12-05 23:13:13 +01:00
2016-07-15 18:36:39 +02:00
// Send email notification.
2019-09-24 07:02:49 +02:00
if form . SendNotify {
2021-04-02 12:25:13 +02:00
mailer . SendRegisterNotifyMail ( u )
2015-12-05 23:13:13 +01:00
}
Add context cache as a request level cache (#22294)
To avoid duplicated load of the same data in an HTTP request, we can set
a context cache to do that. i.e. Some pages may load a user from a
database with the same id in different areas on the same page. But the
code is hidden in two different deep logic. How should we share the
user? As a result of this PR, now if both entry functions accept
`context.Context` as the first parameter and we just need to refactor
`GetUserByID` to reuse the user from the context cache. Then it will not
be loaded twice on an HTTP request.
But of course, sometimes we would like to reload an object from the
database, that's why `RemoveContextData` is also exposed.
The core context cache is here. It defines a new context
```go
type cacheContext struct {
ctx context.Context
data map[any]map[any]any
lock sync.RWMutex
}
var cacheContextKey = struct{}{}
func WithCacheContext(ctx context.Context) context.Context {
return context.WithValue(ctx, cacheContextKey, &cacheContext{
ctx: ctx,
data: make(map[any]map[any]any),
})
}
```
Then you can use the below 4 methods to read/write/del the data within
the same context.
```go
func GetContextData(ctx context.Context, tp, key any) any
func SetContextData(ctx context.Context, tp, key, value any)
func RemoveContextData(ctx context.Context, tp, key any)
func GetWithContextCache[T any](ctx context.Context, cacheGroupKey string, cacheTargetID any, f func() (T, error)) (T, error)
```
Then let's take a look at how `system.GetString` implement it.
```go
func GetSetting(ctx context.Context, key string) (string, error) {
return cache.GetWithContextCache(ctx, contextCacheKey, key, func() (string, error) {
return cache.GetString(genSettingCacheKey(key), func() (string, error) {
res, err := GetSettingNoCache(ctx, key)
if err != nil {
return "", err
}
return res.SettingValue, nil
})
})
}
```
First, it will check if context data include the setting object with the
key. If not, it will query from the global cache which may be memory or
a Redis cache. If not, it will get the object from the database. In the
end, if the object gets from the global cache or database, it will be
set into the context cache.
An object stored in the context cache will only be destroyed after the
context disappeared.
2023-02-15 14:37:34 +01:00
ctx . JSON ( http . StatusCreated , convert . ToUser ( ctx , u , ctx . Doer ) )
2015-12-05 23:13:13 +01:00
}
2016-11-24 08:04:31 +01:00
// EditUser api for modifying a user's information
2021-01-26 16:36:53 +01:00
func EditUser ( ctx * context . APIContext ) {
2017-11-13 08:02:25 +01:00
// swagger:operation PATCH /admin/users/{username} admin adminEditUser
// ---
// summary: Edit an existing user
// consumes:
// - application/json
// produces:
// - application/json
// parameters:
// - name: username
// in: path
// description: username of user to edit
// type: string
// required: true
// - name: body
// in: body
// schema:
// "$ref": "#/definitions/EditUserOption"
// responses:
// "200":
// "$ref": "#/responses/User"
2024-01-15 07:51:43 +01:00
// "400":
// "$ref": "#/responses/error"
2017-11-13 08:02:25 +01:00
// "403":
// "$ref": "#/responses/forbidden"
// "422":
// "$ref": "#/responses/validationError"
2022-03-26 10:04:22 +01:00
2021-01-26 16:36:53 +01:00
form := web . GetForm ( ctx ) . ( * api . EditUserOption )
2015-12-05 23:13:13 +01:00
2024-04-17 01:25:20 +02:00
// If either LoginSource or LoginName is given, the other must be present too.
if form . SourceID != nil || form . LoginName != nil {
if form . SourceID == nil || form . LoginName == nil {
ctx . Error ( http . StatusUnprocessableEntity , "LoginSourceAndLoginName" , fmt . Errorf ( "source_id and login_name must be specified together" ) )
return
}
}
2024-02-04 14:29:09 +01:00
authOpts := & user_service . UpdateAuthOptions {
2024-04-17 01:25:20 +02:00
LoginSource : optional . FromPtr ( form . SourceID ) ,
LoginName : optional . FromPtr ( form . LoginName ) ,
2024-02-04 14:29:09 +01:00
Password : optional . FromNonDefault ( form . Password ) ,
MustChangePassword : optional . FromPtr ( form . MustChangePassword ) ,
ProhibitLogin : optional . FromPtr ( form . ProhibitLogin ) ,
2015-12-05 23:13:13 +01:00
}
2024-02-04 14:29:09 +01:00
if err := user_service . UpdateAuth ( ctx , ctx . ContextUser , authOpts ) ; err != nil {
switch {
case errors . Is ( err , password . ErrMinLength ) :
2021-12-17 03:03:39 +01:00
ctx . Error ( http . StatusBadRequest , "PasswordTooShort" , fmt . Errorf ( "password must be at least %d characters" , setting . MinPasswordLength ) )
2024-02-04 14:29:09 +01:00
case errors . Is ( err , password . ErrComplexity ) :
2019-12-20 18:07:12 +01:00
ctx . Error ( http . StatusBadRequest , "PasswordComplexity" , err )
2024-02-04 14:29:09 +01:00
case errors . Is ( err , password . ErrIsPwned ) , password . IsErrIsPwnedRequest ( err ) :
ctx . Error ( http . StatusBadRequest , "PasswordIsPwned" , err )
default :
ctx . Error ( http . StatusInternalServerError , "UpdateAuth" , err )
2021-01-10 19:05:18 +01:00
}
2024-02-04 14:29:09 +01:00
return
2015-12-05 23:13:13 +01:00
}
2020-11-20 02:56:42 +01:00
if form . Email != nil {
2024-03-05 17:51:56 +01:00
if err := user_service . AdminAddOrSetPrimaryEmailAddress ( ctx , ctx . ContextUser , * form . Email ) ; err != nil {
2024-02-04 14:29:09 +01:00
switch {
case user_model . IsErrEmailCharIsNotSupported ( err ) , user_model . IsErrEmailInvalid ( err ) :
ctx . Error ( http . StatusBadRequest , "EmailInvalid" , err )
case user_model . IsErrEmailAlreadyUsed ( err ) :
ctx . Error ( http . StatusBadRequest , "EmailUsed" , err )
default :
ctx . Error ( http . StatusInternalServerError , "AddOrSetPrimaryEmailAddress" , err )
}
2024-01-15 07:51:43 +01:00
return
}
2024-03-11 07:07:36 +01:00
if ! user_model . IsEmailDomainAllowed ( * form . Email ) {
ctx . Resp . Header ( ) . Add ( "X-Gitea-Warning" , fmt . Sprintf ( "the domain of user email %s conflicts with EMAIL_DOMAIN_ALLOWLIST or EMAIL_DOMAIN_BLOCKLIST" , * form . Email ) )
}
2021-02-18 09:25:35 +01:00
}
2015-12-05 23:13:13 +01:00
2024-02-04 14:29:09 +01:00
opts := & user_service . UpdateOptions {
FullName : optional . FromPtr ( form . FullName ) ,
Website : optional . FromPtr ( form . Website ) ,
Location : optional . FromPtr ( form . Location ) ,
Description : optional . FromPtr ( form . Description ) ,
2023-09-26 04:39:12 +02:00
Pronouns : optional . FromPtr ( form . Pronouns ) ,
2024-02-04 14:29:09 +01:00
IsActive : optional . FromPtr ( form . Active ) ,
IsAdmin : optional . FromPtr ( form . Admin ) ,
Visibility : optional . FromNonDefault ( api . VisibilityModes [ form . Visibility ] ) ,
AllowGitHook : optional . FromPtr ( form . AllowGitHook ) ,
AllowImportLocal : optional . FromPtr ( form . AllowImportLocal ) ,
MaxRepoCreation : optional . FromPtr ( form . MaxRepoCreation ) ,
AllowCreateOrganization : optional . FromPtr ( form . AllowCreateOrganization ) ,
IsRestricted : optional . FromPtr ( form . Restricted ) ,
}
if err := user_service . UpdateUser ( ctx , ctx . ContextUser , opts ) ; err != nil {
if models . IsErrDeleteLastAdminUser ( err ) {
ctx . Error ( http . StatusBadRequest , "LastAdmin" , err )
2015-12-05 23:13:13 +01:00
} else {
2019-12-20 18:07:12 +01:00
ctx . Error ( http . StatusInternalServerError , "UpdateUser" , err )
2015-12-05 23:13:13 +01:00
}
return
}
2024-02-04 14:29:09 +01:00
2022-03-26 10:04:22 +01:00
log . Trace ( "Account profile updated by admin (%s): %s" , ctx . Doer . Name , ctx . ContextUser . Name )
2015-12-05 23:13:13 +01:00
Add context cache as a request level cache (#22294)
To avoid duplicated load of the same data in an HTTP request, we can set
a context cache to do that. i.e. Some pages may load a user from a
database with the same id in different areas on the same page. But the
code is hidden in two different deep logic. How should we share the
user? As a result of this PR, now if both entry functions accept
`context.Context` as the first parameter and we just need to refactor
`GetUserByID` to reuse the user from the context cache. Then it will not
be loaded twice on an HTTP request.
But of course, sometimes we would like to reload an object from the
database, that's why `RemoveContextData` is also exposed.
The core context cache is here. It defines a new context
```go
type cacheContext struct {
ctx context.Context
data map[any]map[any]any
lock sync.RWMutex
}
var cacheContextKey = struct{}{}
func WithCacheContext(ctx context.Context) context.Context {
return context.WithValue(ctx, cacheContextKey, &cacheContext{
ctx: ctx,
data: make(map[any]map[any]any),
})
}
```
Then you can use the below 4 methods to read/write/del the data within
the same context.
```go
func GetContextData(ctx context.Context, tp, key any) any
func SetContextData(ctx context.Context, tp, key, value any)
func RemoveContextData(ctx context.Context, tp, key any)
func GetWithContextCache[T any](ctx context.Context, cacheGroupKey string, cacheTargetID any, f func() (T, error)) (T, error)
```
Then let's take a look at how `system.GetString` implement it.
```go
func GetSetting(ctx context.Context, key string) (string, error) {
return cache.GetWithContextCache(ctx, contextCacheKey, key, func() (string, error) {
return cache.GetString(genSettingCacheKey(key), func() (string, error) {
res, err := GetSettingNoCache(ctx, key)
if err != nil {
return "", err
}
return res.SettingValue, nil
})
})
}
```
First, it will check if context data include the setting object with the
key. If not, it will query from the global cache which may be memory or
a Redis cache. If not, it will get the object from the database. In the
end, if the object gets from the global cache or database, it will be
set into the context cache.
An object stored in the context cache will only be destroyed after the
context disappeared.
2023-02-15 14:37:34 +01:00
ctx . JSON ( http . StatusOK , convert . ToUser ( ctx , ctx . ContextUser , ctx . Doer ) )
2015-12-05 23:13:13 +01:00
}
2016-11-24 08:04:31 +01:00
// DeleteUser api for deleting a user
2016-03-13 23:49:16 +01:00
func DeleteUser ( ctx * context . APIContext ) {
2017-11-13 08:02:25 +01:00
// swagger:operation DELETE /admin/users/{username} admin adminDeleteUser
// ---
// summary: Delete a user
// produces:
// - application/json
// parameters:
// - name: username
// in: path
// description: username of user to delete
// type: string
// required: true
2023-03-13 20:41:38 +01:00
// - name: purge
// in: query
// description: purge the user from the system completely
// type: boolean
2017-11-13 08:02:25 +01:00
// responses:
// "204":
// "$ref": "#/responses/empty"
// "403":
// "$ref": "#/responses/forbidden"
2023-07-24 10:48:44 +02:00
// "404":
// "$ref": "#/responses/notFound"
2017-11-13 08:02:25 +01:00
// "422":
// "$ref": "#/responses/validationError"
2019-12-20 18:07:12 +01:00
2022-03-26 10:04:22 +01:00
if ctx . ContextUser . IsOrganization ( ) {
ctx . Error ( http . StatusUnprocessableEntity , "" , fmt . Errorf ( "%s is an organization not a user" , ctx . ContextUser . Name ) )
2020-02-03 17:46:33 +01:00
return
}
2022-05-08 22:22:55 +02:00
// admin should not delete themself
if ctx . ContextUser . ID == ctx . Doer . ID {
ctx . Error ( http . StatusUnprocessableEntity , "" , fmt . Errorf ( "you cannot delete yourself" ) )
return
}
2022-07-14 09:22:09 +02:00
if err := user_service . DeleteUser ( ctx , ctx . ContextUser , ctx . FormBool ( "purge" ) ) ; err != nil {
2015-12-05 23:13:13 +01:00
if models . IsErrUserOwnRepos ( err ) ||
2022-03-30 10:42:47 +02:00
models . IsErrUserHasOrgs ( err ) ||
2024-01-15 07:51:43 +01:00
models . IsErrUserOwnPackages ( err ) ||
models . IsErrDeleteLastAdminUser ( err ) {
2019-12-20 18:07:12 +01:00
ctx . Error ( http . StatusUnprocessableEntity , "" , err )
2015-12-05 23:13:13 +01:00
} else {
2019-12-20 18:07:12 +01:00
ctx . Error ( http . StatusInternalServerError , "DeleteUser" , err )
2015-12-05 23:13:13 +01:00
}
return
}
2022-03-26 10:04:22 +01:00
log . Trace ( "Account deleted by admin(%s): %s" , ctx . Doer . Name , ctx . ContextUser . Name )
2015-12-05 23:13:13 +01:00
2019-12-20 18:07:12 +01:00
ctx . Status ( http . StatusNoContent )
2015-12-05 23:13:13 +01:00
}
2016-11-24 08:04:31 +01:00
// CreatePublicKey api for creating a public key to a user
2021-01-26 16:36:53 +01:00
func CreatePublicKey ( ctx * context . APIContext ) {
2017-11-13 08:02:25 +01:00
// swagger:operation POST /admin/users/{username}/keys admin adminCreatePublicKey
// ---
// summary: Add a public key on behalf of a user
// consumes:
// - application/json
// produces:
// - application/json
// parameters:
// - name: username
// in: path
// description: username of the user
// type: string
// required: true
2018-10-21 05:40:42 +02:00
// - name: key
// in: body
// schema:
// "$ref": "#/definitions/CreateKeyOption"
2017-11-13 08:02:25 +01:00
// responses:
// "201":
// "$ref": "#/responses/PublicKey"
// "403":
// "$ref": "#/responses/forbidden"
// "422":
// "$ref": "#/responses/validationError"
2022-03-26 10:04:22 +01:00
2021-01-26 16:36:53 +01:00
form := web . GetForm ( ctx ) . ( * api . CreateKeyOption )
2022-03-26 10:04:22 +01:00
user . CreateUserPublicKey ( ctx , * form , ctx . ContextUser . ID )
2015-12-05 23:13:13 +01:00
}
2017-12-06 11:27:10 +01:00
// DeleteUserPublicKey api for deleting a user's public key
func DeleteUserPublicKey ( ctx * context . APIContext ) {
// swagger:operation DELETE /admin/users/{username}/keys/{id} admin adminDeleteUserPublicKey
// ---
// summary: Delete a user's public key
// produces:
// - application/json
// parameters:
// - name: username
// in: path
// description: username of user
// type: string
// required: true
// - name: id
// in: path
// description: id of the key to delete
// type: integer
2018-10-21 05:40:42 +02:00
// format: int64
2017-12-06 11:27:10 +01:00
// required: true
// responses:
// "204":
// "$ref": "#/responses/empty"
// "403":
// "$ref": "#/responses/forbidden"
// "404":
// "$ref": "#/responses/notFound"
2019-12-20 18:07:12 +01:00
2023-09-25 15:17:37 +02:00
if err := asymkey_service . DeletePublicKey ( ctx , ctx . ContextUser , ctx . ParamsInt64 ( ":id" ) ) ; err != nil {
2021-12-10 09:14:24 +01:00
if asymkey_model . IsErrKeyNotExist ( err ) {
2019-03-19 03:29:43 +01:00
ctx . NotFound ( )
2021-12-10 09:14:24 +01:00
} else if asymkey_model . IsErrKeyAccessDenied ( err ) {
2019-12-20 18:07:12 +01:00
ctx . Error ( http . StatusForbidden , "" , "You do not have access to this key" )
2017-12-06 11:27:10 +01:00
} else {
2019-12-20 18:07:12 +01:00
ctx . Error ( http . StatusInternalServerError , "DeleteUserPublicKey" , err )
2017-12-06 11:27:10 +01:00
}
return
}
2022-03-26 10:04:22 +01:00
log . Trace ( "Key deleted by admin(%s): %s" , ctx . Doer . Name , ctx . ContextUser . Name )
2017-12-06 11:27:10 +01:00
2019-12-20 18:07:12 +01:00
ctx . Status ( http . StatusNoContent )
2017-12-06 11:27:10 +01:00
}
2019-01-23 23:30:19 +01:00
2023-03-15 12:53:01 +01:00
// SearchUsers API for getting information of the users according the filter conditions
func SearchUsers ( ctx * context . APIContext ) {
// swagger:operation GET /admin/users admin adminSearchUsers
2019-01-23 23:30:19 +01:00
// ---
2023-03-15 12:53:01 +01:00
// summary: Search users according filter conditions
2019-01-23 23:30:19 +01:00
// produces:
// - application/json
2020-01-24 20:00:29 +01:00
// parameters:
2023-03-15 12:53:01 +01:00
// - name: source_id
// in: query
// description: ID of the user's login source to search for
// type: integer
// format: int64
// - name: login_name
// in: query
// description: user's login name to search for
// type: string
2020-01-24 20:00:29 +01:00
// - name: page
// in: query
// description: page number of results to return (1-based)
// type: integer
// - name: limit
// in: query
2020-06-09 06:57:38 +02:00
// description: page size of results
2020-01-24 20:00:29 +01:00
// type: integer
2019-01-23 23:30:19 +01:00
// responses:
// "200":
// "$ref": "#/responses/UserList"
// "403":
// "$ref": "#/responses/forbidden"
2019-12-20 18:07:12 +01:00
2020-06-21 10:22:06 +02:00
listOptions := utils . GetListOptions ( ctx )
2023-09-14 19:09:32 +02:00
users , maxResults , err := user_model . SearchUsers ( ctx , & user_model . SearchUserOptions {
2022-03-22 08:03:22 +01:00
Actor : ctx . Doer ,
2021-11-24 10:49:20 +01:00
Type : user_model . UserTypeIndividual ,
2023-03-15 12:53:01 +01:00
LoginName : ctx . FormTrim ( "login_name" ) ,
SourceID : ctx . FormInt64 ( "source_id" ) ,
2021-11-24 10:49:20 +01:00
OrderBy : db . SearchOrderByAlphabetically ,
2020-06-21 10:22:06 +02:00
ListOptions : listOptions ,
2019-01-23 23:30:19 +01:00
} )
if err != nil {
2023-03-15 12:53:01 +01:00
ctx . Error ( http . StatusInternalServerError , "SearchUsers" , err )
2019-01-23 23:30:19 +01:00
return
}
2019-04-15 18:36:59 +02:00
results := make ( [ ] * api . User , len ( users ) )
for i := range users {
Add context cache as a request level cache (#22294)
To avoid duplicated load of the same data in an HTTP request, we can set
a context cache to do that. i.e. Some pages may load a user from a
database with the same id in different areas on the same page. But the
code is hidden in two different deep logic. How should we share the
user? As a result of this PR, now if both entry functions accept
`context.Context` as the first parameter and we just need to refactor
`GetUserByID` to reuse the user from the context cache. Then it will not
be loaded twice on an HTTP request.
But of course, sometimes we would like to reload an object from the
database, that's why `RemoveContextData` is also exposed.
The core context cache is here. It defines a new context
```go
type cacheContext struct {
ctx context.Context
data map[any]map[any]any
lock sync.RWMutex
}
var cacheContextKey = struct{}{}
func WithCacheContext(ctx context.Context) context.Context {
return context.WithValue(ctx, cacheContextKey, &cacheContext{
ctx: ctx,
data: make(map[any]map[any]any),
})
}
```
Then you can use the below 4 methods to read/write/del the data within
the same context.
```go
func GetContextData(ctx context.Context, tp, key any) any
func SetContextData(ctx context.Context, tp, key, value any)
func RemoveContextData(ctx context.Context, tp, key any)
func GetWithContextCache[T any](ctx context.Context, cacheGroupKey string, cacheTargetID any, f func() (T, error)) (T, error)
```
Then let's take a look at how `system.GetString` implement it.
```go
func GetSetting(ctx context.Context, key string) (string, error) {
return cache.GetWithContextCache(ctx, contextCacheKey, key, func() (string, error) {
return cache.GetString(genSettingCacheKey(key), func() (string, error) {
res, err := GetSettingNoCache(ctx, key)
if err != nil {
return "", err
}
return res.SettingValue, nil
})
})
}
```
First, it will check if context data include the setting object with the
key. If not, it will query from the global cache which may be memory or
a Redis cache. If not, it will get the object from the database. In the
end, if the object gets from the global cache or database, it will be
set into the context cache.
An object stored in the context cache will only be destroyed after the
context disappeared.
2023-02-15 14:37:34 +01:00
results [ i ] = convert . ToUser ( ctx , users [ i ] , ctx . Doer )
2019-04-15 18:36:59 +02:00
}
2020-06-21 10:22:06 +02:00
ctx . SetLinkHeader ( int ( maxResults ) , listOptions . PageSize )
2021-08-12 14:43:08 +02:00
ctx . SetTotalCountHeader ( maxResults )
2019-12-20 18:07:12 +01:00
ctx . JSON ( http . StatusOK , & results )
2019-01-23 23:30:19 +01:00
}
2023-03-14 08:45:21 +01:00
// RenameUser api for renaming a user
func RenameUser ( ctx * context . APIContext ) {
// swagger:operation POST /admin/users/{username}/rename admin adminRenameUser
// ---
// summary: Rename a user
// produces:
// - application/json
// parameters:
// - name: username
// in: path
// description: existing username of user
// type: string
// required: true
// - name: body
// in: body
// required: true
// schema:
// "$ref": "#/definitions/RenameUserOption"
// responses:
// "204":
// "$ref": "#/responses/empty"
// "403":
// "$ref": "#/responses/forbidden"
// "422":
// "$ref": "#/responses/validationError"
if ctx . ContextUser . IsOrganization ( ) {
ctx . Error ( http . StatusUnprocessableEntity , "" , fmt . Errorf ( "%s is an organization not a user" , ctx . ContextUser . Name ) )
return
}
2023-05-21 17:13:47 +02:00
oldName := ctx . ContextUser . Name
2023-03-14 08:45:21 +01:00
newName := web . GetForm ( ctx ) . ( * api . RenameUserOption ) . NewName
// Check if user name has been changed
if err := user_service . RenameUser ( ctx , ctx . ContextUser , newName ) ; err != nil {
switch {
case user_model . IsErrUserAlreadyExist ( err ) :
ctx . Error ( http . StatusUnprocessableEntity , "" , ctx . Tr ( "form.username_been_taken" ) )
case db . IsErrNameReserved ( err ) :
ctx . Error ( http . StatusUnprocessableEntity , "" , ctx . Tr ( "user.form.name_reserved" , newName ) )
case db . IsErrNamePatternNotAllowed ( err ) :
ctx . Error ( http . StatusUnprocessableEntity , "" , ctx . Tr ( "user.form.name_pattern_not_allowed" , newName ) )
case db . IsErrNameCharsNotAllowed ( err ) :
ctx . Error ( http . StatusUnprocessableEntity , "" , ctx . Tr ( "user.form.name_chars_not_allowed" , newName ) )
default :
ctx . ServerError ( "ChangeUserName" , err )
}
return
}
2023-05-21 17:13:47 +02:00
log . Trace ( "User name changed: %s -> %s" , oldName , newName )
2024-02-04 14:29:09 +01:00
ctx . Status ( http . StatusNoContent )
2023-03-14 08:45:21 +01:00
}