fix(user): handle status errors across the codebase, remove redundant checks
This commit is contained in:
parent
91c0f386c6
commit
ea4ba18def
|
|
@ -118,7 +118,7 @@ func getUserFromArg(s *xorm.Session, arg string) *user.User {
|
|||
}
|
||||
|
||||
u, err := user.GetUserWithEmail(s, &filter)
|
||||
if err != nil {
|
||||
if err != nil && !user.IsErrAccountDisabled(err) && !user.IsErrAccountLocked(err) {
|
||||
log.Fatalf("Could not get user: %s", err)
|
||||
}
|
||||
return u
|
||||
|
|
@ -143,7 +143,7 @@ var userListCmd = &cobra.Command{
|
|||
|
||||
if userFlagEmail != "" {
|
||||
u, err := user.GetUserWithEmail(s, &user.User{Email: userFlagEmail})
|
||||
if err != nil {
|
||||
if err != nil && !user.IsErrAccountDisabled(err) && !user.IsErrAccountLocked(err) {
|
||||
if user.IsErrUserDoesNotExist(err) {
|
||||
log.Fatalf("No user found with email %s", userFlagEmail)
|
||||
}
|
||||
|
|
|
|||
|
|
@ -142,7 +142,7 @@ func (lu *ProjectUser) Delete(s *xorm.Session, _ web.Auth) (err error) {
|
|||
|
||||
// Check if the user exists
|
||||
u, err := user.GetUserByUsername(s, lu.Username)
|
||||
if err != nil {
|
||||
if err != nil && !user.IsErrAccountDisabled(err) && !user.IsErrAccountLocked(err) {
|
||||
return
|
||||
}
|
||||
lu.UserID = u.ID
|
||||
|
|
@ -249,7 +249,7 @@ func (lu *ProjectUser) Update(s *xorm.Session, _ web.Auth) (err error) {
|
|||
|
||||
// Check if the user exists
|
||||
u, err := user.GetUserByUsername(s, lu.Username)
|
||||
if err != nil {
|
||||
if err != nil && !user.IsErrAccountDisabled(err) && !user.IsErrAccountLocked(err) {
|
||||
return err
|
||||
}
|
||||
lu.UserID = u.ID
|
||||
|
|
|
|||
|
|
@ -110,7 +110,7 @@ func (tm *TeamMember) Delete(s *xorm.Session, a web.Auth) (err error) {
|
|||
|
||||
// Find the numeric user id
|
||||
user, err := user2.GetUserByUsername(s, tm.Username)
|
||||
if err != nil {
|
||||
if err != nil && !user2.IsErrAccountDisabled(err) && !user2.IsErrAccountLocked(err) {
|
||||
return
|
||||
}
|
||||
tm.UserID = user.ID
|
||||
|
|
@ -149,7 +149,7 @@ func (tm *TeamMember) MembershipExists(s *xorm.Session) (exists bool, err error)
|
|||
func (tm *TeamMember) Update(s *xorm.Session, _ web.Auth) (err error) {
|
||||
// Find the numeric user id
|
||||
user, err := user2.GetUserByUsername(s, tm.Username)
|
||||
if err != nil {
|
||||
if err != nil && !user2.IsErrAccountDisabled(err) && !user2.IsErrAccountLocked(err) {
|
||||
return
|
||||
}
|
||||
tm.UserID = user.ID
|
||||
|
|
|
|||
|
|
@ -30,7 +30,7 @@ func (tm *TeamMember) CanCreate(s *xorm.Session, a web.Auth) (bool, error) {
|
|||
// CanDelete checks if the user can delete a new team member
|
||||
func (tm *TeamMember) CanDelete(s *xorm.Session, a web.Auth) (bool, error) {
|
||||
u, err := user.GetUserByUsername(s, tm.Username)
|
||||
if err != nil {
|
||||
if err != nil && !user.IsErrAccountDisabled(err) && !user.IsErrAccountLocked(err) {
|
||||
return false, err
|
||||
}
|
||||
if u.ID == a.GetID() {
|
||||
|
|
|
|||
|
|
@ -264,7 +264,7 @@ func getOrCreateLdapUser(s *xorm.Session, entry *ldap.Entry) (u *user.User, err
|
|||
Issuer: user.IssuerLDAP,
|
||||
Subject: username,
|
||||
})
|
||||
if err != nil && !user.IsErrUserDoesNotExist(err) {
|
||||
if err != nil && !user.IsErrUserDoesNotExist(err) && !user.IsErrAccountDisabled(err) && !user.IsErrAccountLocked(err) {
|
||||
return nil, err
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -278,10 +278,10 @@ func getOrCreateUser(s *xorm.Session, cl *claims, provider *Provider, idToken *o
|
|||
Issuer: idToken.Issuer,
|
||||
Subject: idToken.Subject,
|
||||
})
|
||||
if err != nil && !user.IsErrUserDoesNotExist(err) {
|
||||
if err != nil && !user.IsErrUserDoesNotExist(err) && !user.IsErrAccountDisabled(err) && !user.IsErrAccountLocked(err) {
|
||||
return nil, err
|
||||
}
|
||||
alreadyCreatedFromIssuer = err == nil // found if no error, not found if we reach it here despite an error
|
||||
alreadyCreatedFromIssuer = err == nil || user.IsErrAccountDisabled(err) || user.IsErrAccountLocked(err)
|
||||
|
||||
if !alreadyCreatedFromIssuer && (provider.EmailFallback || provider.UsernameFallback) {
|
||||
|
||||
|
|
@ -304,10 +304,10 @@ func getOrCreateUser(s *xorm.Session, cl *claims, provider *Provider, idToken *o
|
|||
|
||||
// Check if the user exists for the given fallback matching options
|
||||
u, err = user.GetUserWithEmail(s, searchUser)
|
||||
if err != nil && !user.IsErrUserDoesNotExist(err) {
|
||||
if err != nil && !user.IsErrUserDoesNotExist(err) && !user.IsErrAccountDisabled(err) && !user.IsErrAccountLocked(err) {
|
||||
return nil, err
|
||||
}
|
||||
fallbackMatchFound = err == nil // found if no error, not found if we reach it here despite an error
|
||||
fallbackMatchFound = err == nil || user.IsErrAccountDisabled(err) || user.IsErrAccountLocked(err)
|
||||
}
|
||||
|
||||
if !alreadyCreatedFromIssuer && !fallbackMatchFound {
|
||||
|
|
|
|||
|
|
@ -55,12 +55,12 @@ func GetAvatar(c *echo.Context) error {
|
|||
|
||||
// Get the user
|
||||
u, err := user.GetUserWithEmail(s, &user.User{Username: username})
|
||||
if err != nil && !user.IsErrUserDoesNotExist(err) {
|
||||
if err != nil && !user.IsErrUserDoesNotExist(err) && !user.IsErrAccountDisabled(err) && !user.IsErrAccountLocked(err) {
|
||||
log.Errorf("Error getting user for avatar: %v", err)
|
||||
return err
|
||||
}
|
||||
|
||||
found := err == nil || !user.IsErrUserDoesNotExist(err)
|
||||
found := err == nil || user.IsErrAccountDisabled(err) || user.IsErrAccountLocked(err)
|
||||
|
||||
avatarProvider := avatar.GetProvider(u)
|
||||
|
||||
|
|
|
|||
|
|
@ -239,23 +239,22 @@ func RefreshToken(c *echo.Context) (err error) {
|
|||
}
|
||||
|
||||
u, err := user2.GetUserWithEmail(s, &user2.User{ID: session.UserID})
|
||||
if user2.IsErrAccountDisabled(err) || user2.IsErrAccountLocked(err) {
|
||||
if _, delErr := s.Where("id = ?", session.ID).Delete(&models.Session{}); delErr != nil {
|
||||
_ = s.Rollback()
|
||||
return delErr
|
||||
}
|
||||
if commitErr := s.Commit(); commitErr != nil {
|
||||
return commitErr
|
||||
}
|
||||
auth.ClearRefreshTokenCookie(c)
|
||||
return err
|
||||
}
|
||||
if err != nil {
|
||||
_ = s.Rollback()
|
||||
return err
|
||||
}
|
||||
|
||||
if u.Status == user2.StatusDisabled || u.Status == user2.StatusAccountLocked {
|
||||
if _, err := s.Where("id = ?", session.ID).Delete(&models.Session{}); err != nil {
|
||||
_ = s.Rollback()
|
||||
return err
|
||||
}
|
||||
if err := s.Commit(); err != nil {
|
||||
return err
|
||||
}
|
||||
auth.ClearRefreshTokenCookie(c)
|
||||
return &user2.ErrAccountDisabled{UserID: u.ID}
|
||||
}
|
||||
|
||||
if err := s.Commit(); err != nil {
|
||||
_ = s.Rollback()
|
||||
return err
|
||||
|
|
|
|||
Loading…
Reference in New Issue