mirror of
https://codeberg.org/forgejo/forgejo
synced 2024-11-24 10:46:10 +01:00
merge with HEAD
This commit is contained in:
parent
bc088cc989
commit
109d09de1a
|
@ -7,6 +7,7 @@ package validation
|
||||||
import (
|
import (
|
||||||
"fmt"
|
"fmt"
|
||||||
"net/mail"
|
"net/mail"
|
||||||
|
"net/url"
|
||||||
"regexp"
|
"regexp"
|
||||||
"strings"
|
"strings"
|
||||||
|
|
||||||
|
@ -100,11 +101,40 @@ func validateEmailDomain(email string) error {
|
||||||
}
|
}
|
||||||
|
|
||||||
func IsEmailDomainAllowed(email string) bool {
|
func IsEmailDomainAllowed(email string) bool {
|
||||||
if len(setting.Service.EmailDomainAllowList) == 0 {
|
return isEmailDomainAllowedInternal(
|
||||||
return !isEmailDomainListed(setting.Service.EmailDomainBlockList, email)
|
email,
|
||||||
}
|
setting.Service.EmailDomainAllowList,
|
||||||
|
setting.Service.EmailDomainBlockList,
|
||||||
|
setting.Federation.Enabled,
|
||||||
|
setting.AppURL)
|
||||||
|
}
|
||||||
|
|
||||||
return isEmailDomainListed(setting.Service.EmailDomainAllowList, email)
|
func isEmailDomainAllowedInternal(
|
||||||
|
email string,
|
||||||
|
emailDomainAllowList []glob.Glob,
|
||||||
|
emailDomainBlockList []glob.Glob,
|
||||||
|
isFederation bool,
|
||||||
|
fqdn string,
|
||||||
|
) bool {
|
||||||
|
var result bool
|
||||||
|
|
||||||
|
if len(emailDomainAllowList) == 0 {
|
||||||
|
result = !isEmailDomainListed(emailDomainBlockList, email)
|
||||||
|
} else if isFederation {
|
||||||
|
localFqdn, err := url.ParseRequestURI(fqdn)
|
||||||
|
if err != nil {
|
||||||
|
return false
|
||||||
|
}
|
||||||
|
globber, err := glob.Compile(localFqdn.Hostname(), ',')
|
||||||
|
if err != nil {
|
||||||
|
return false
|
||||||
|
}
|
||||||
|
emailDomainAllowList = append(emailDomainAllowList, globber)
|
||||||
|
result = isEmailDomainListed(emailDomainAllowList, email)
|
||||||
|
} else {
|
||||||
|
result = isEmailDomainListed(emailDomainAllowList, email)
|
||||||
|
}
|
||||||
|
return result
|
||||||
}
|
}
|
||||||
|
|
||||||
// isEmailDomainListed checks whether the domain of an email address
|
// isEmailDomainListed checks whether the domain of an email address
|
||||||
|
|
|
@ -6,6 +6,7 @@ package validation
|
||||||
import (
|
import (
|
||||||
"testing"
|
"testing"
|
||||||
|
|
||||||
|
"github.com/gobwas/glob"
|
||||||
"github.com/stretchr/testify/assert"
|
"github.com/stretchr/testify/assert"
|
||||||
)
|
)
|
||||||
|
|
||||||
|
@ -65,3 +66,46 @@ func TestEmailAddressValidate(t *testing.T) {
|
||||||
})
|
})
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
func TestEmailDomainAllowList(t *testing.T) {
|
||||||
|
res := IsEmailDomainAllowed("someuser@localhost.localdomain")
|
||||||
|
assert.True(t, res)
|
||||||
|
}
|
||||||
|
|
||||||
|
func TestEmailDomainAllowListInternal(t *testing.T) {
|
||||||
|
domain, _ := glob.Compile("domain.de", ',')
|
||||||
|
emailDomainAllowList := []glob.Glob{domain}
|
||||||
|
emailDomainBlockList := []glob.Glob{}
|
||||||
|
|
||||||
|
res := isEmailDomainAllowedInternal(
|
||||||
|
"user@repo.domain.de",
|
||||||
|
emailDomainAllowList,
|
||||||
|
emailDomainBlockList,
|
||||||
|
false,
|
||||||
|
"https://repo.domain.de")
|
||||||
|
assert.False(t, res)
|
||||||
|
|
||||||
|
res = isEmailDomainAllowedInternal(
|
||||||
|
"user@repo.domain.de",
|
||||||
|
emailDomainAllowList,
|
||||||
|
emailDomainBlockList,
|
||||||
|
true,
|
||||||
|
"xttps://repo")
|
||||||
|
assert.False(t, res)
|
||||||
|
|
||||||
|
res = isEmailDomainAllowedInternal(
|
||||||
|
"user@repo.Domain.de",
|
||||||
|
emailDomainAllowList,
|
||||||
|
emailDomainBlockList,
|
||||||
|
true,
|
||||||
|
"https://repo.domain.de")
|
||||||
|
assert.True(t, res)
|
||||||
|
|
||||||
|
res = isEmailDomainAllowedInternal(
|
||||||
|
"user@repo.domain.de",
|
||||||
|
emailDomainAllowList,
|
||||||
|
emailDomainBlockList,
|
||||||
|
true,
|
||||||
|
"https://repo.domain.de")
|
||||||
|
assert.True(t, res)
|
||||||
|
}
|
||||||
|
|
Loading…
Reference in a new issue