81 lines
3.0 KiB
Go
81 lines
3.0 KiB
Go
// Vikunja is a to-do list application to facilitate your life.
|
|
// Copyright 2018-present Vikunja and contributors. All rights reserved.
|
|
//
|
|
// This program is free software: you can redistribute it and/or modify
|
|
// it under the terms of the GNU Affero General Public License as published by
|
|
// the Free Software Foundation, either version 3 of the License, or
|
|
// (at your option) any later version.
|
|
//
|
|
// This program is distributed in the hope that it will be useful,
|
|
// but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
// GNU Affero General Public License for more details.
|
|
//
|
|
// You should have received a copy of the GNU Affero General Public License
|
|
// along with this program. If not, see <https://www.gnu.org/licenses/>.
|
|
|
|
package models
|
|
|
|
import (
|
|
"code.vikunja.io/api/pkg/config"
|
|
"code.vikunja.io/api/pkg/db"
|
|
"code.vikunja.io/api/pkg/user"
|
|
|
|
"xorm.io/xorm"
|
|
)
|
|
|
|
// CreateUserBody wraps user.APIUserPassword with admin-only fields.
|
|
type CreateUserBody struct {
|
|
// The full name of the new user. Optional.
|
|
Name string `json:"name" doc:"The full name of the new user. Optional."`
|
|
// The language of the new user. Must be a valid IETF BCP 47 language code and exist in Vikunja.
|
|
Language string `json:"language" valid:"language" doc:"IETF BCP 47 language code; must exist in Vikunja."`
|
|
user.APIUserPassword
|
|
// Mark the new user as an instance admin.
|
|
IsAdmin bool `json:"is_admin" doc:"Mark the new user as an instance admin."`
|
|
// Activate the new user immediately without email confirmation.
|
|
SkipEmailConfirm bool `json:"skip_email_confirm" doc:"Activate the new user immediately, skipping email confirmation."`
|
|
}
|
|
|
|
// CreateUserAsAdmin provisions a new local account on behalf of an instance admin,
|
|
// honouring the admin-only is_admin and skip_email_confirm fields and bypassing the
|
|
// public-registration toggle. It commits s and returns the persisted user reloaded
|
|
// so the status reflects what was actually stored.
|
|
func CreateUserAsAdmin(s *xorm.Session, body *CreateUserBody) (*user.User, error) {
|
|
newUser, err := RegisterUser(s, &user.User{
|
|
Username: body.Username,
|
|
Password: body.Password,
|
|
Email: body.Email,
|
|
Name: body.Name,
|
|
Language: body.Language,
|
|
})
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
|
|
if body.IsAdmin {
|
|
if _, err := s.ID(newUser.ID).Cols("is_admin").Update(&user.User{IsAdmin: true}); err != nil {
|
|
return nil, err
|
|
}
|
|
newUser.IsAdmin = true
|
|
}
|
|
|
|
// Force Active when the admin asked to skip, or when no mailer exists to send the confirmation.
|
|
if body.SkipEmailConfirm || !config.MailerEnabled.GetBool() {
|
|
if err := user.SetUserStatus(s, newUser, user.StatusActive); err != nil {
|
|
return nil, err
|
|
}
|
|
newUser.Status = user.StatusActive
|
|
}
|
|
|
|
if err := s.Commit(); err != nil {
|
|
return nil, err
|
|
}
|
|
|
|
// Reload on a fresh session so the returned status reflects what was actually
|
|
// persisted (e.g. StatusEmailConfirmationRequired on mail-enabled instances).
|
|
rs := db.NewSession()
|
|
defer rs.Close()
|
|
return user.GetUserByID(rs, newUser.ID)
|
|
}
|