// Render user setting page (email, website modify) func Setting(ctx *middleware.Context, form auth.UpdateProfileForm) { ctx.Data["Title"] = "Setting" ctx.Data["PageIsUserSetting"] = true // For navbar arrow. ctx.Data["IsUserPageSetting"] = true // For setting nav highlight. user := ctx.User ctx.Data["Owner"] = user if ctx.Req.Method == "GET" { ctx.HTML(200, "user/setting") return } // below is for POST requests if hasErr, ok := ctx.Data["HasError"]; ok && hasErr.(bool) { ctx.HTML(200, "user/setting") return } user.Email = form.Email user.Website = form.Website user.Location = form.Location user.Avatar = base.EncodeMd5(form.Avatar) user.AvatarEmail = form.Avatar if err := models.UpdateUser(user); err != nil { ctx.Handle(200, "setting.Setting", err) return } ctx.Data["IsSuccess"] = true ctx.HTML(200, "user/setting") log.Trace("%s User setting updated: %s", ctx.Req.RequestURI, ctx.User.LowerName) }
func SignInPost(ctx *middleware.Context, form auth.SignInForm) { ctx.Data["Title"] = ctx.Tr("sign_in") if ctx.HasError() { ctx.HTML(200, SIGNIN) return } u, err := models.UserSignIn(form.UserName, form.Password) if err != nil { if models.IsErrUserNotExist(err) { ctx.RenderWithErr(ctx.Tr("form.username_password_incorrect"), SIGNIN, &form) } else { ctx.Handle(500, "UserSignIn", err) } return } if form.Remember { days := 86400 * setting.LogInRememberDays ctx.SetCookie(setting.CookieUserName, u.Name, days, setting.AppSubUrl) ctx.SetSuperSecureCookie(base.EncodeMd5(u.Rands+u.Passwd), setting.CookieRememberName, u.Name, days, setting.AppSubUrl) } ctx.Session.Set("uid", u.Id) ctx.Session.Set("uname", u.Name) if redirectTo, _ := url.QueryUnescape(ctx.GetCookie("redirect_to")); len(redirectTo) > 0 { ctx.SetCookie("redirect_to", "", -1, setting.AppSubUrl) ctx.Redirect(redirectTo) return } ctx.Redirect(setting.AppSubUrl + "/") }
func EditUserPost(ctx *middleware.Context, params martini.Params, form auth.AdminEditUserForm) { ctx.Data["Title"] = "Edit Account" ctx.Data["PageIsUsers"] = true uid, err := base.StrTo(params["userid"]).Int() if err != nil { ctx.Handle(404, "admin.user.EditUser", err) return } u, err := models.GetUserById(int64(uid)) if err != nil { ctx.Handle(500, "admin.user.EditUser", err) return } u.Email = form.Email u.Website = form.Website u.Location = form.Location u.Avatar = base.EncodeMd5(form.Avatar) u.AvatarEmail = form.Avatar u.IsActive = form.Active == "on" u.IsAdmin = form.Admin == "on" if err := models.UpdateUser(u); err != nil { ctx.Handle(500, "admin.user.EditUser", err) return } log.Trace("%s User profile updated by admin(%s): %s", ctx.Req.RequestURI, ctx.User.LowerName, ctx.User.LowerName) ctx.Data["User"] = u ctx.Flash.Success("Account profile has been successfully updated.") ctx.Redirect("/admin/users/" + params["userid"]) }
// AutoSignIn reads cookie and try to auto-login. func AutoSignIn(ctx *Context) (bool, error) { uname := ctx.GetCookie(setting.CookieUserName) if len(uname) == 0 { return false, nil } isSucceed := false defer func() { if !isSucceed { log.Trace("auto-login cookie cleared: %s", uname) ctx.SetCookie(setting.CookieUserName, "", -1, setting.AppSubUrl) ctx.SetCookie(setting.CookieRememberName, "", -1, setting.AppSubUrl) } }() u, err := models.GetUserByName(uname) if err != nil { if !models.IsErrUserNotExist(err) { return false, fmt.Errorf("GetUserByName: %v", err) } return false, nil } if val, _ := ctx.GetSuperSecureCookie( base.EncodeMd5(u.Rands+u.Passwd), setting.CookieRememberName); val != u.Name { return false, nil } isSucceed = true ctx.Session.Set("uid", u.Id) ctx.Session.Set("uname", u.Name) return true, nil }
func SignIn(ctx *middleware.Context) { ctx.Data["Title"] = ctx.Tr("sign_in") if _, ok := ctx.Session.Get("socialId").(int64); ok { ctx.Data["IsSocialLogin"] = true ctx.HTML(200, SIGNIN) return } if setting.OauthService != nil { ctx.Data["OauthEnabled"] = true ctx.Data["OauthService"] = setting.OauthService } // Check auto-login. uname := ctx.GetCookie(setting.CookieUserName) if len(uname) == 0 { ctx.HTML(200, SIGNIN) return } isSucceed := false defer func() { if !isSucceed { log.Trace("auto-login cookie cleared: %s", uname) ctx.SetCookie(setting.CookieUserName, "", -1, setting.AppSubUrl) ctx.SetCookie(setting.CookieRememberName, "", -1, setting.AppSubUrl) return } }() u, err := models.GetUserByName(uname) if err != nil { if err != models.ErrUserNotExist { ctx.Handle(500, "GetUserByName", err) } else { ctx.HTML(200, SIGNIN) } return } if val, _ := ctx.GetSuperSecureCookie( base.EncodeMd5(u.Rands+u.Passwd), setting.CookieRememberName); val != u.Name { ctx.HTML(200, SIGNIN) return } isSucceed = true ctx.Session.Set("uid", u.Id) ctx.Session.Set("uname", u.Name) if redirectTo, _ := url.QueryUnescape(ctx.GetCookie("redirect_to")); len(redirectTo) > 0 { ctx.SetCookie("redirect_to", "", -1, setting.AppSubUrl) ctx.Redirect(redirectTo) return } ctx.Redirect(setting.AppSubUrl + "/") }
func SignInPost(ctx *middleware.Context, form auth.LogInForm) { ctx.Data["Title"] = "Log In" sid, isOauth := ctx.Session.Get("socialId").(int64) if isOauth { ctx.Data["IsSocialLogin"] = true } else if base.OauthService != nil { ctx.Data["OauthEnabled"] = true ctx.Data["OauthService"] = base.OauthService } if ctx.HasError() { ctx.HTML(200, "user/signin") return } user, err := models.LoginUserPlain(form.UserName, form.Password) if err != nil { if err == models.ErrUserNotExist { log.Trace("%s Log in failed: %s/%s", ctx.Req.RequestURI, form.UserName, form.Password) ctx.RenderWithErr("Username or password is not correct", "user/signin", &form) return } ctx.Handle(500, "user.SignIn", err) return } if form.Remember == "on" { secret := base.EncodeMd5(user.Rands + user.Passwd) days := 86400 * base.LogInRememberDays ctx.SetCookie(base.CookieUserName, user.Name, days) ctx.SetSecureCookie(secret, base.CookieRememberName, user.Name, days) } // Bind with social account. if isOauth { if err = models.BindUserOauth2(user.Id, sid); err != nil { if err == models.ErrOauth2RecordNotExist { ctx.Handle(404, "user.SignInPost(GetOauth2ById)", err) } else { ctx.Handle(500, "user.SignInPost(GetOauth2ById)", err) } return } ctx.Session.Delete("socialId") log.Trace("%s OAuth binded: %s -> %d", ctx.Req.RequestURI, form.UserName, sid) } ctx.Session.Set("userId", user.Id) ctx.Session.Set("userName", user.Name) if redirectTo, _ := url.QueryUnescape(ctx.GetCookie("redirect_to")); len(redirectTo) > 0 { ctx.SetCookie("redirect_to", "", -1) ctx.Redirect(redirectTo) return } ctx.Redirect("/") }
func SignInPost(ctx *middleware.Context, form auth.SignInForm) { ctx.Data["Title"] = ctx.Tr("sign_in") sid, isOauth := ctx.Session.Get("socialId").(int64) if isOauth { ctx.Data["IsSocialLogin"] = true } else if setting.OauthService != nil { ctx.Data["OauthEnabled"] = true ctx.Data["OauthService"] = setting.OauthService } if ctx.HasError() { ctx.HTML(200, SIGNIN) return } u, err := models.UserSignIn(form.UserName, form.Password) if err != nil { if models.IsErrUserNotExist(err) { ctx.RenderWithErr(ctx.Tr("form.username_password_incorrect"), SIGNIN, &form) } else { ctx.Handle(500, "UserSignIn", err) } return } if form.Remember { days := 86400 * setting.LogInRememberDays ctx.SetCookie(setting.CookieUserName, u.Name, days, setting.AppSubUrl) ctx.SetSuperSecureCookie(base.EncodeMd5(u.Rands+u.Passwd), setting.CookieRememberName, u.Name, days, setting.AppSubUrl) } // Bind with social account. if isOauth { if err = models.BindUserOauth2(u.Id, sid); err != nil { if err == models.ErrOauth2RecordNotExist { ctx.Handle(404, "GetOauth2ById", err) } else { ctx.Handle(500, "GetOauth2ById", err) } return } ctx.Session.Delete("socialId") log.Trace("%s OAuth binded: %s -> %d", ctx.Req.RequestURI, form.UserName, sid) } ctx.Session.Set("uid", u.Id) ctx.Session.Set("uname", u.Name) ctx.Session.Set("lookup", u.Lookup) if redirectTo, _ := url.QueryUnescape(ctx.GetCookie("redirect_to")); len(redirectTo) > 0 { ctx.SetCookie("redirect_to", "", -1, setting.AppSubUrl) ctx.Redirect(redirectTo) return } ctx.Redirect(setting.AppSubUrl + "/") }
func EditUserPost(ctx *middleware.Context, form auth.AdminEditUserForm) { ctx.Data["Title"] = ctx.Tr("admin.users.edit_account") ctx.Data["PageIsAdmin"] = true ctx.Data["PageIsAdminUsers"] = true uid := com.StrTo(ctx.Params(":userid")).MustInt64() if uid == 0 { ctx.Handle(404, "EditUser", nil) return } u, err := models.GetUserByID(uid) if err != nil { ctx.Handle(500, "GetUserById", err) return } ctx.Data["User"] = u if ctx.HasError() { ctx.HTML(200, USER_EDIT) return } // FIXME: need password length check if len(form.Password) > 0 { u.Passwd = form.Password u.Salt = models.GetUserSalt() u.EncodePasswd() } u.FullName = form.FullName u.Email = form.Email u.Website = form.Website u.Location = form.Location if len(form.Avatar) == 0 { form.Avatar = form.Email } u.Avatar = base.EncodeMd5(form.Avatar) u.AvatarEmail = form.Avatar u.IsActive = form.Active u.IsAdmin = form.Admin u.AllowGitHook = form.AllowGitHook if err := models.UpdateUser(u); err != nil { if models.IsErrEmailAlreadyUsed(err) { ctx.Data["Err_Email"] = true ctx.RenderWithErr(ctx.Tr("form.email_been_used"), USER_EDIT, &form) } else { ctx.Handle(500, "UpdateUser", err) } return } log.Trace("Account profile updated by admin(%s): %s", ctx.User.Name, u.Name) ctx.Flash.Success(ctx.Tr("admin.users.update_profile_success")) ctx.Redirect(setting.AppSubUrl + "/admin/users/" + ctx.Params(":userid")) }
func SignIn(ctx *middleware.Context) { ctx.Data["Title"] = "Log In" if _, ok := ctx.Session.Get("socialId").(int64); ok { ctx.Data["IsSocialLogin"] = true ctx.HTML(200, "user/signin") return } if base.OauthService != nil { ctx.Data["OauthEnabled"] = true ctx.Data["OauthService"] = base.OauthService } // Check auto-login. userName := ctx.GetCookie(base.CookieUserName) if len(userName) == 0 { ctx.HTML(200, "user/signin") return } isSucceed := false defer func() { if !isSucceed { log.Trace("user.SignIn(auto-login cookie cleared): %s", userName) ctx.SetCookie(base.CookieUserName, "", -1) ctx.SetCookie(base.CookieRememberName, "", -1) return } }() user, err := models.GetUserByName(userName) if err != nil { ctx.HTML(500, "user/signin") return } secret := base.EncodeMd5(user.Rands + user.Passwd) value, _ := ctx.GetSecureCookie(secret, base.CookieRememberName) if value != user.Name { ctx.HTML(500, "user/signin") return } isSucceed = true ctx.Session.Set("userId", user.Id) ctx.Session.Set("userName", user.Name) if redirectTo, _ := url.QueryUnescape(ctx.GetCookie("redirect_to")); len(redirectTo) > 0 { ctx.SetCookie("redirect_to", "", -1) ctx.Redirect(redirectTo) return } ctx.Redirect("/") }
func SettingsPost(ctx *middleware.Context, form auth.UpdateOrgSettingForm) { ctx.Data["Title"] = ctx.Tr("org.settings") ctx.Data["PageIsSettingsOptions"] = true if ctx.HasError() { ctx.HTML(200, SETTINGS_OPTIONS) return } org := ctx.Org.Organization // Check if organization name has been changed. if org.Name != form.OrgUserName { isExist, err := models.IsUserExist(org.Id, form.OrgUserName) if err != nil { ctx.Handle(500, "IsUserExist", err) return } else if isExist { ctx.Data["Err_UserName"] = true ctx.RenderWithErr(ctx.Tr("form.username_been_taken"), SETTINGS_OPTIONS, &form) return } else if err = models.ChangeUserName(org, form.OrgUserName); err != nil { if err == models.ErrUserNameIllegal { ctx.Data["Err_UserName"] = true ctx.RenderWithErr(ctx.Tr("form.illegal_username"), SETTINGS_OPTIONS, &form) } else { ctx.Handle(500, "ChangeUserName", err) } return } log.Trace("Organization name changed: %s -> %s", org.Name, form.OrgUserName) org.Name = form.OrgUserName } org.FullName = form.OrgFullName org.Email = form.Email org.Description = form.Description org.Website = form.Website org.Location = form.Location org.Avatar = base.EncodeMd5(form.Avatar) org.AvatarEmail = form.Avatar if err := models.UpdateUser(org); err != nil { if models.IsErrEmailAlreadyUsed(err) { ctx.Data["Err_Email"] = true ctx.RenderWithErr(ctx.Tr("form.email_been_used"), SETTINGS_OPTIONS, &form) } else { ctx.Handle(500, "UpdateUser", err) } return } log.Trace("Organization setting updated: %s", org.Name) ctx.Flash.Success(ctx.Tr("org.settings.update_setting_success")) ctx.Redirect(setting.AppSubUrl + "/org/" + org.Name + "/settings") }
// CreateUser creates record of a new user. func CreateUser(u *User) (*User, error) { if !IsLegalName(u.Name) { return nil, ErrUserNameIllegal } isExist, err := IsUserExist(u.Name) if err != nil { return nil, err } else if isExist { return nil, ErrUserAlreadyExist } isExist, err = IsEmailUsed(u.Email) if err != nil { return nil, err } else if isExist { return nil, ErrEmailAlreadyUsed } u.LowerName = strings.ToLower(u.Name) u.Avatar = base.EncodeMd5(u.Email) u.AvatarEmail = u.Email u.Rands = GetUserSalt() u.Salt = GetUserSalt() u.EncodePasswd() sess := x.NewSession() defer sess.Close() if err = sess.Begin(); err != nil { return nil, err } if _, err = sess.Insert(u); err != nil { sess.Rollback() return nil, err } if err = os.MkdirAll(UserPath(u.Name), os.ModePerm); err != nil { sess.Rollback() return nil, err } if err = sess.Commit(); err != nil { return nil, err } // Auto-set admin for user whose ID is 1. if u.Id == 1 { u.IsAdmin = true u.IsActive = true _, err = x.Id(u.Id).UseBool().Update(u) } return u, err }
func SettingsPost(ctx *middleware.Context, form auth.UpdateProfileForm) { ctx.Data["Title"] = ctx.Tr("settings") ctx.Data["PageIsSettingsProfile"] = true if ctx.HasError() { ctx.HTML(200, SETTINGS_PROFILE) return } // Check if user name has been changed. if ctx.User.LowerName != strings.ToLower(form.Name) { if err := models.ChangeUserName(ctx.User, form.Name); err != nil { switch { case models.IsErrUserAlreadyExist(err): ctx.Flash.Error(ctx.Tr("form.name_been_taken")) ctx.Redirect(setting.AppSubUrl + "/user/settings") case models.IsErrEmailAlreadyUsed(err): ctx.Flash.Error(ctx.Tr("form.email_been_used")) ctx.Redirect(setting.AppSubUrl + "/user/settings") case models.IsErrNameReserved(err): ctx.Flash.Error(ctx.Tr("user.form.name_reserved")) ctx.Redirect(setting.AppSubUrl + "/user/settings") case models.IsErrNamePatternNotAllowed(err): ctx.Flash.Error(ctx.Tr("user.form.name_pattern_not_allowed")) ctx.Redirect(setting.AppSubUrl + "/user/settings") default: ctx.Handle(500, "ChangeUserName", err) } return } log.Trace("User name changed: %s -> %s", ctx.User.Name, form.Name) } // In case it's just a case change. ctx.User.Name = form.Name ctx.User.LowerName = strings.ToLower(form.Name) ctx.User.FullName = form.FullName ctx.User.Email = form.Email ctx.User.Website = form.Website ctx.User.Location = form.Location ctx.User.Avatar = base.EncodeMd5(form.Gravatar) ctx.User.AvatarEmail = form.Gravatar if err := models.UpdateUser(ctx.User); err != nil { ctx.Handle(500, "UpdateUser", err) return } log.Trace("User setting updated: %s", ctx.User.Name) ctx.Flash.Success(ctx.Tr("settings.update_profile_success")) ctx.Redirect(setting.AppSubUrl + "/user/settings") }
func SettingsPost(ctx *middleware.Context, form auth.UpdateProfileForm) { ctx.Data["Title"] = ctx.Tr("settings") ctx.Data["PageIsUserSettings"] = true ctx.Data["PageIsSettingsProfile"] = true if ctx.HasError() { ctx.HTML(200, SETTINGS_PROFILE) return } // Check if user name has been changed. if ctx.User.Name != form.UserName { isExist, err := models.IsUserExist(ctx.User.Id, form.UserName) if err != nil { ctx.Handle(500, "IsUserExist", err) return } else if isExist { ctx.RenderWithErr(ctx.Tr("form.username_been_taken"), SETTINGS_PROFILE, &form) return } else if err = models.ChangeUserName(ctx.User, form.UserName); err != nil { switch err { case models.ErrUserNameIllegal: ctx.Flash.Error(ctx.Tr("form.illegal_username")) ctx.Redirect(setting.AppSubUrl + "/user/settings") case models.ErrEmailAlreadyUsed: ctx.Flash.Error(ctx.Tr("form.email_been_used")) ctx.Redirect(setting.AppSubUrl + "/user/settings") default: ctx.Handle(500, "ChangeUserName", err) } return } log.Trace("User name changed: %s -> %s", ctx.User.Name, form.UserName) ctx.User.Name = form.UserName } ctx.User.FullName = form.FullName ctx.User.Email = form.Email ctx.User.Website = form.Website ctx.User.Location = form.Location ctx.User.Avatar = base.EncodeMd5(form.Avatar) ctx.User.AvatarEmail = form.Avatar if err := models.UpdateUser(ctx.User); err != nil { ctx.Handle(500, "UpdateUser", err) return } log.Trace("User setting updated: %s", ctx.User.Name) ctx.Flash.Success(ctx.Tr("settings.update_profile_success")) ctx.Redirect(setting.AppSubUrl + "/user/settings") }
func EditUserPost(ctx *middleware.Context, form auth.AdminEditUserForm) { ctx.Data["Title"] = ctx.Tr("admin.users.edit_account") ctx.Data["PageIsAdmin"] = true ctx.Data["PageIsAdminUsers"] = true uid := com.StrTo(ctx.Params(":userid")).MustInt64() if uid == 0 { ctx.Handle(404, "EditUser", nil) return } u, err := models.GetUserById(uid) if err != nil { ctx.Handle(500, "GetUserById", err) return } if ctx.HasError() { ctx.HTML(200, USER_EDIT) return } // NOTE: need password length check? if len(form.Passwd) > 0 { u.Passwd = form.Passwd u.Salt = models.GetUserSalt() u.EncodePasswd() } u.Email = form.Email u.Website = form.Website u.Location = form.Location if len(form.Avatar) == 0 { form.Avatar = form.Email } u.Avatar = base.EncodeMd5(form.Avatar) u.AvatarEmail = form.Avatar u.IsActive = form.Active u.IsAdmin = form.Admin if err := models.UpdateUser(u); err != nil { ctx.Handle(500, "UpdateUser", err) return } log.Trace("Account profile updated by admin(%s): %s", ctx.User.Name, u.Name) ctx.Data["User"] = u ctx.Flash.Success(ctx.Tr("admin.users.update_profile_success")) ctx.Redirect("/admin/users/" + ctx.Params(":userid")) }
func SettingPost(ctx *middleware.Context, form auth.UpdateProfileForm) { ctx.Data["Title"] = "Setting" ctx.Data["PageIsUserSetting"] = true ctx.Data["IsUserPageSetting"] = true user := ctx.User ctx.Data["Owner"] = user if ctx.HasError() { ctx.HTML(200, "user/setting") return } // Check if user name has been changed. if user.Name != form.UserName { isExist, err := models.IsUserExist(form.UserName) if err != nil { ctx.Handle(500, "user.Setting(update: check existence)", err) return } else if isExist { ctx.RenderWithErr("User name has been taken.", "user/setting", &form) return } else if err = models.ChangeUserName(user, form.UserName); err != nil { ctx.Handle(500, "user.Setting(change user name)", err) return } log.Trace("%s User name changed: %s -> %s", ctx.Req.RequestURI, user.Name, form.UserName) user.Name = form.UserName } user.FullName = form.FullName user.Email = form.Email user.Website = form.Website user.Location = form.Location user.Avatar = base.EncodeMd5(form.Avatar) user.AvatarEmail = form.Avatar if err := models.UpdateUser(user); err != nil { ctx.Handle(500, "setting.Setting", err) return } log.Trace("%s User setting updated: %s", ctx.Req.RequestURI, ctx.User.LowerName) ctx.Flash.Success("Your profile has been successfully updated.") ctx.Redirect("/user/settings") }
// Render user setting page (email, website modify) func Setting(ctx *middleware.Context, form auth.UpdateProfileForm) { ctx.Data["Title"] = "Setting" ctx.Data["PageIsUserSetting"] = true // For navbar arrow. ctx.Data["IsUserPageSetting"] = true // For setting nav highlight. user := ctx.User ctx.Data["Owner"] = user if ctx.Req.Method == "GET" || ctx.HasError() { ctx.HTML(200, "user/setting") return } // Check if user name has been changed. if user.Name != form.UserName { isExist, err := models.IsUserExist(form.UserName) if err != nil { ctx.Handle(404, "user.Setting(update: check existence)", err) return } else if isExist { ctx.RenderWithErr("User name has been taken.", "user/setting", &form) return } else if err = models.ChangeUserName(user, form.UserName); err != nil { ctx.Handle(404, "user.Setting(change user name)", err) return } log.Trace("%s User name changed: %s -> %s", ctx.Req.RequestURI, user.Name, form.UserName) user.Name = form.UserName } user.Email = form.Email user.Website = form.Website user.Location = form.Location user.Avatar = base.EncodeMd5(form.Avatar) user.AvatarEmail = form.Avatar if err := models.UpdateUser(user); err != nil { ctx.Handle(200, "setting.Setting", err) return } ctx.Data["IsSuccess"] = true ctx.HTML(200, "user/setting") log.Trace("%s User setting updated: %s", ctx.Req.RequestURI, ctx.User.LowerName) }
// RegisterUser creates record of a new user. func RegisterUser(user *User) (*User, error) { if !IsLegalName(user.Name) { return nil, ErrUserNameIllegal } isExist, err := IsUserExist(user.Name) if err != nil { return nil, err } else if isExist { return nil, ErrUserAlreadyExist } isExist, err = IsEmailUsed(user.Email) if err != nil { return nil, err } else if isExist { return nil, ErrEmailAlreadyUsed } user.LowerName = strings.ToLower(user.Name) user.Avatar = base.EncodeMd5(user.Email) user.AvatarEmail = user.Email user.Rands = GetUserSalt() user.Salt = GetUserSalt() user.EncodePasswd() if _, err = orm.Insert(user); err != nil { return nil, err } else if err = os.MkdirAll(UserPath(user.Name), os.ModePerm); err != nil { if _, err := orm.Id(user.Id).Delete(&User{}); err != nil { return nil, errors.New(fmt.Sprintf( "both create userpath %s and delete table record faild: %v", user.Name, err)) } return nil, err } if user.Id == 1 { user.IsAdmin = true user.IsActive = true _, err = orm.Id(user.Id).UseBool().Update(user) } return user, err }
func EditUser(ctx *middleware.Context, params martini.Params, form auth.AdminEditUserForm) { ctx.Data["Title"] = "Edit Account" ctx.Data["PageIsUsers"] = true uid, err := base.StrTo(params["userid"]).Int() if err != nil { ctx.Handle(200, "admin.user.EditUser", err) return } u, err := models.GetUserById(int64(uid)) if err != nil { ctx.Handle(200, "admin.user.EditUser", err) return } if ctx.Req.Method == "GET" { ctx.Data["User"] = u ctx.HTML(200, "admin/users/edit") return } u.Email = form.Email u.Website = form.Website u.Location = form.Location u.Avatar = base.EncodeMd5(form.Avatar) u.AvatarEmail = form.Avatar u.IsActive = form.Active == "on" u.IsAdmin = form.Admin == "on" if err := models.UpdateUser(u); err != nil { ctx.Handle(200, "admin.user.EditUser", err) return } ctx.Data["IsSuccess"] = true ctx.Data["User"] = u ctx.HTML(200, "admin/users/edit") log.Trace("%s User profile updated by admin(%s): %s", ctx.Req.RequestURI, ctx.User.LowerName, ctx.User.LowerName) }
// CreateOrganization creates record of a new organization. func CreateOrganization(org, owner *User) (*User, error) { if !IsLegalName(org.Name) { return nil, ErrUserNameIllegal } isExist, err := IsUserExist(org.Name) if err != nil { return nil, err } else if isExist { return nil, ErrUserAlreadyExist } isExist, err = IsEmailUsed(org.Email) if err != nil { return nil, err } else if isExist { return nil, ErrEmailAlreadyUsed } org.LowerName = strings.ToLower(org.Name) org.FullName = org.Name org.Avatar = base.EncodeMd5(org.Email) org.AvatarEmail = org.Email // No password for organization. org.NumTeams = 1 org.NumMembers = 1 sess := x.NewSession() defer sess.Close() if err = sess.Begin(); err != nil { return nil, err } if _, err = sess.Insert(org); err != nil { sess.Rollback() return nil, err } if err = os.MkdirAll(UserPath(org.Name), os.ModePerm); err != nil { sess.Rollback() return nil, err } // Create default owner team. t := &Team{ OrgId: org.Id, LowerName: strings.ToLower(OWNER_TEAM), Name: OWNER_TEAM, Authorize: ORG_ADMIN, NumMembers: 1, } if _, err = sess.Insert(t); err != nil { sess.Rollback() return nil, err } // Add initial creator to organization and owner team. ou := &OrgUser{ Uid: owner.Id, OrgId: org.Id, IsOwner: true, NumTeams: 1, } if _, err = sess.Insert(ou); err != nil { sess.Rollback() return nil, err } tu := &TeamUser{ Uid: owner.Id, OrgId: org.Id, TeamId: t.Id, } if _, err = sess.Insert(tu); err != nil { sess.Rollback() return nil, err } return org, sess.Commit() }
func SignIn(ctx *middleware.Context, form auth.LogInForm) { ctx.Data["Title"] = "Log In" if ctx.Req.Method == "GET" { // Check auto-login. userName := ctx.GetCookie(base.CookieUserName) if len(userName) == 0 { ctx.HTML(200, "user/signin") return } isSucceed := false defer func() { if !isSucceed { log.Trace("%s auto-login cookie cleared: %s", ctx.Req.RequestURI, userName) ctx.SetCookie(base.CookieUserName, "", -1) ctx.SetCookie(base.CookieRememberName, "", -1) } }() user, err := models.GetUserByName(userName) if err != nil { ctx.HTML(200, "user/signin") return } secret := base.EncodeMd5(user.Rands + user.Passwd) value, _ := ctx.GetSecureCookie(secret, base.CookieRememberName) if value != user.Name { ctx.HTML(200, "user/signin") return } isSucceed = true ctx.Session.Set("userId", user.Id) ctx.Session.Set("userName", user.Name) redirectTo, _ := url.QueryUnescape(ctx.GetCookie("redirect_to")) if len(redirectTo) > 0 { ctx.SetCookie("redirect_to", "", -1) ctx.Redirect(redirectTo) } else { ctx.Redirect("/") } return } if ctx.HasError() { ctx.HTML(200, "user/signin") return } user, err := models.LoginUserPlain(form.UserName, form.Password) if err != nil { if err == models.ErrUserNotExist { log.Trace("%s Log in failed: %s/%s", ctx.Req.RequestURI, form.UserName, form.Password) ctx.RenderWithErr("Username or password is not correct", "user/signin", &form) return } ctx.Handle(200, "user.SignIn", err) return } if form.Remember == "on" { secret := base.EncodeMd5(user.Rands + user.Passwd) days := 86400 * base.LogInRememberDays ctx.SetCookie(base.CookieUserName, user.Name, days) ctx.SetSecureCookie(secret, base.CookieRememberName, user.Name, days) } ctx.Session.Set("userId", user.Id) ctx.Session.Set("userName", user.Name) redirectTo, _ := url.QueryUnescape(ctx.GetCookie("redirect_to")) if len(redirectTo) > 0 { ctx.SetCookie("redirect_to", "", -1) ctx.Redirect(redirectTo) } else { ctx.Redirect("/") } }
// CreateOrganization creates record of a new organization. func CreateOrganization(org, owner *User) (err error) { if err = IsUsableName(org.Name); err != nil { return err } isExist, err := IsUserExist(0, org.Name) if err != nil { return err } else if isExist { return ErrUserAlreadyExist{org.Name} } isExist, err = IsOrgEmailUsed(org.Email) if err != nil { return err } else if isExist { return ErrEmailAlreadyUsed{org.Email} } org.LowerName = strings.ToLower(org.Name) org.FullName = org.Name org.Avatar = base.EncodeMd5(org.Email) org.AvatarEmail = org.Email // No password for organization. org.NumTeams = 1 org.NumMembers = 1 sess := x.NewSession() defer sessionRelease(sess) if err = sess.Begin(); err != nil { return err } if _, err = sess.Insert(org); err != nil { return fmt.Errorf("insert organization: %v", err) } // Create default owner team. t := &Team{ OrgID: org.Id, LowerName: strings.ToLower(OWNER_TEAM), Name: OWNER_TEAM, Authorize: ACCESS_MODE_OWNER, NumMembers: 1, } if _, err = sess.Insert(t); err != nil { return fmt.Errorf("insert owner team: %v", err) } // Add initial creator to organization and owner team. ou := &OrgUser{ Uid: owner.Id, OrgID: org.Id, IsOwner: true, NumTeams: 1, } if _, err = sess.Insert(ou); err != nil { return fmt.Errorf("insert org-user relation: %v", err) } tu := &TeamUser{ Uid: owner.Id, OrgID: org.Id, TeamID: t.ID, } if _, err = sess.Insert(tu); err != nil { return fmt.Errorf("insert team-user relation: %v", err) } if err = os.MkdirAll(UserPath(org.Name), os.ModePerm); err != nil { return fmt.Errorf("create directory: %v", err) } return sess.Commit() }