admin/kubesphere
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix: email validation

Browse Source 
Signed-off-by: hongming <talonwan@yunify.com>
This commit is contained in:
hongming
2019-08-30 16:59:50 +08:00
parent 9b7d495834
commit 5ca67f6e0c
1 changed files with 29 additions and 32 deletions
Download Patch File Download Diff File Expand all files Collapse all files

61
pkg/apiserver/iam/im.go
View File

@@ -19,10 +19,10 @@ package iam
import ( import (
"fmt" "fmt"
"github.com/golang/glog" "k8s.io/klog"
"kubesphere.io/kubesphere/pkg/params" "kubesphere.io/kubesphere/pkg/params"
"net/http" "net/http"
"regexp" "net/mail"
"strings" "strings"
"github.com/emicklei/go-restful" "github.com/emicklei/go-restful"
@@ -34,38 +34,35 @@ import (
"kubesphere.io/kubesphere/pkg/models/iam" "kubesphere.io/kubesphere/pkg/models/iam"
) )
const (
emailRegex = "^[a-z0-9]+([._\\-]*[a-z0-9])*@([a-z0-9]+[-a-z0-9]*[a-z0-9]+.){1,63}[a-z0-9]+$"
)
func CreateUser(req *restful.Request, resp *restful.Response) { func CreateUser(req *restful.Request, resp *restful.Response) {
var user models.User var user models.User
err := req.ReadEntity(&user) err := req.ReadEntity(&user)
if err != nil { if err != nil {
glog.Info(err) klog.Info(err)
resp.WriteHeaderAndEntity(http.StatusBadRequest, errors.Wrap(err)) resp.WriteHeaderAndEntity(http.StatusBadRequest, errors.Wrap(err))
return return
} }
if user.Username == "" { if user.Username == "" {
err = fmt.Errorf("invalid username: %s", user.Username) err = fmt.Errorf("invalid username: %s", user.Username)
glog.Info(err, user.Username) klog.Info(err, user.Username)
resp.WriteHeaderAndEntity(http.StatusBadRequest, errors.Wrap(err)) resp.WriteHeaderAndEntity(http.StatusBadRequest, errors.Wrap(err))
return return
} }
if !regexp.MustCompile(emailRegex).MatchString(user.Email) { // Parses a single RFC 5322 address, e.g. "Barry Gibbs <bg@example.com>"
if _, err = mail.ParseAddress(user.Email); err != nil {
err = fmt.Errorf("invalid email: %s", user.Email) err = fmt.Errorf("invalid email: %s", user.Email)
glog.Info(err, user.Email) klog.Info(err, user.Email)
resp.WriteHeaderAndEntity(http.StatusBadRequest, errors.Wrap(err)) resp.WriteHeaderAndEntity(http.StatusBadRequest, errors.Wrap(err))
return return
} }
if len(user.Password) < 6 { if len(user.Password) < 6 {
err = fmt.Errorf("invalid password") err = fmt.Errorf("invalid password")
glog.Info(err, user.Password) klog.Info(err)
resp.WriteHeaderAndEntity(http.StatusBadRequest, errors.Wrap(err)) resp.WriteHeaderAndEntity(http.StatusBadRequest, errors.Wrap(err))
return return
} }
@@ -74,11 +71,11 @@ func CreateUser(req *restful.Request, resp *restful.Response) {
if err != nil { if err != nil {
if ldap.IsErrorWithCode(err, ldap.LDAPResultEntryAlreadyExists) { if ldap.IsErrorWithCode(err, ldap.LDAPResultEntryAlreadyExists) {
glog.Info(err) klog.Info(err)
resp.WriteHeaderAndEntity(http.StatusConflict, errors.Wrap(err)) resp.WriteHeaderAndEntity(http.StatusConflict, errors.Wrap(err))
return return
} }
glog.Error(err) klog.Info(err)
resp.WriteHeaderAndEntity(http.StatusInternalServerError, errors.Wrap(err)) resp.WriteHeaderAndEntity(http.StatusInternalServerError, errors.Wrap(err))
return return
} }
@@ -93,7 +90,7 @@ func DeleteUser(req *restful.Request, resp *restful.Response) {
if operator == username { if operator == username {
err := fmt.Errorf("cannot delete yourself") err := fmt.Errorf("cannot delete yourself")
glog.Info(err) klog.Info(err)
resp.WriteHeaderAndEntity(http.StatusForbidden, errors.Wrap(err)) resp.WriteHeaderAndEntity(http.StatusForbidden, errors.Wrap(err))
return return
} }
@@ -101,7 +98,7 @@ func DeleteUser(req *restful.Request, resp *restful.Response) {
err := iam.DeleteUser(username) err := iam.DeleteUser(username)
if err != nil { if err != nil {
glog.Error(err) klog.Info(err)
resp.WriteHeaderAndEntity(http.StatusInternalServerError, errors.Wrap(err)) resp.WriteHeaderAndEntity(http.StatusInternalServerError, errors.Wrap(err))
return return
} }
@@ -118,28 +115,28 @@ func UpdateUser(req *restful.Request, resp *restful.Response) {
err := req.ReadEntity(&user) err := req.ReadEntity(&user)
if err != nil { if err != nil {
glog.Info(err) klog.Info(err)
resp.WriteHeaderAndEntity(http.StatusBadRequest, errors.Wrap(err)) resp.WriteHeaderAndEntity(http.StatusBadRequest, errors.Wrap(err))
return return
} }
if usernameInPath != user.Username { if usernameInPath != user.Username {
err = fmt.Errorf("the name of user (%s) does not match the name on the URL (%s)", user.Username, usernameInPath) err = fmt.Errorf("the name of user (%s) does not match the name on the URL (%s)", user.Username, usernameInPath)
glog.Info(err) klog.Info(err)
resp.WriteHeaderAndEntity(http.StatusBadRequest, errors.Wrap(err)) resp.WriteHeaderAndEntity(http.StatusBadRequest, errors.Wrap(err))
return return
} }
if !regexp.MustCompile(emailRegex).MatchString(user.Email) { if _, err = mail.ParseAddress(user.Email); err != nil {
err = fmt.Errorf("invalid email: %s", user.Email) err = fmt.Errorf("invalid email: %s", user.Email)
glog.Info(err) klog.Info(err)
resp.WriteHeaderAndEntity(http.StatusBadRequest, errors.Wrap(err)) resp.WriteHeaderAndEntity(http.StatusBadRequest, errors.Wrap(err))
return return
} }
if user.Password != "" && len(user.Password) < 6 { if user.Password != "" && len(user.Password) < 6 {
err = fmt.Errorf("invalid password") err = fmt.Errorf("invalid password")
glog.Info(err) klog.Info(err)
resp.WriteHeaderAndEntity(http.StatusBadRequest, errors.Wrap(err)) resp.WriteHeaderAndEntity(http.StatusBadRequest, errors.Wrap(err))
return return
} }
@@ -148,7 +145,7 @@ func UpdateUser(req *restful.Request, resp *restful.Response) {
if usernameInHeader == user.Username && user.Password != "" { if usernameInHeader == user.Username && user.Password != "" {
isUserManager, err := isUserManager(usernameInHeader) isUserManager, err := isUserManager(usernameInHeader)
if err != nil { if err != nil {
glog.Error(err) klog.Error(err)
resp.WriteHeaderAndEntity(http.StatusInternalServerError, errors.Wrap(err)) resp.WriteHeaderAndEntity(http.StatusInternalServerError, errors.Wrap(err))
return return
} }
@@ -157,7 +154,7 @@ func UpdateUser(req *restful.Request, resp *restful.Response) {
} }
if err != nil { if err != nil {
err = fmt.Errorf("incorrect current password") err = fmt.Errorf("incorrect current password")
glog.Info(err) klog.Info(err)
resp.WriteHeaderAndEntity(http.StatusBadRequest, errors.Wrap(err)) resp.WriteHeaderAndEntity(http.StatusBadRequest, errors.Wrap(err))
return return
} }
@@ -167,12 +164,12 @@ func UpdateUser(req *restful.Request, resp *restful.Response) {
if err != nil { if err != nil {
if ldap.IsErrorWithCode(err, ldap.LDAPResultEntryAlreadyExists) { if ldap.IsErrorWithCode(err, ldap.LDAPResultEntryAlreadyExists) {
glog.Info(err) klog.Info(err)
resp.WriteHeaderAndEntity(http.StatusConflict, errors.Wrap(err)) resp.WriteHeaderAndEntity(http.StatusConflict, errors.Wrap(err))
return return
} }
glog.Error(err) klog.Error(err)
resp.WriteHeaderAndEntity(http.StatusInternalServerError, errors.Wrap(err)) resp.WriteHeaderAndEntity(http.StatusInternalServerError, errors.Wrap(err))
return return
} }
@@ -196,7 +193,7 @@ func UserLoginLogs(req *restful.Request, resp *restful.Response) {
logs, err := iam.LoginLog(username) logs, err := iam.LoginLog(username)
if err != nil { if err != nil {
glog.Error(err) klog.Error(err)
resp.WriteHeaderAndEntity(http.StatusInternalServerError, errors.Wrap(err)) resp.WriteHeaderAndEntity(http.StatusInternalServerError, errors.Wrap(err))
return return
} }
@@ -224,10 +221,10 @@ func DescribeUser(req *restful.Request, resp *restful.Response) {
if err != nil { if err != nil {
if ldap.IsErrorWithCode(err, ldap.LDAPResultNoSuchObject) { if ldap.IsErrorWithCode(err, ldap.LDAPResultNoSuchObject) {
glog.Info(err) klog.Info(err)
resp.WriteHeaderAndEntity(http.StatusNotFound, errors.Wrap(err)) resp.WriteHeaderAndEntity(http.StatusNotFound, errors.Wrap(err))
} else { } else {
glog.Error(err) klog.Error(err)
resp.WriteHeaderAndEntity(http.StatusInternalServerError, errors.Wrap(err)) resp.WriteHeaderAndEntity(http.StatusInternalServerError, errors.Wrap(err))
} }
return return
@@ -236,7 +233,7 @@ func DescribeUser(req *restful.Request, resp *restful.Response) {
clusterRole, err := iam.GetUserClusterRole(username) clusterRole, err := iam.GetUserClusterRole(username)
if err != nil { if err != nil {
glog.Error(err) klog.Error(err)
resp.WriteHeaderAndEntity(http.StatusInternalServerError, errors.Wrap(err)) resp.WriteHeaderAndEntity(http.StatusInternalServerError, errors.Wrap(err))
return return
} }
@@ -246,7 +243,7 @@ func DescribeUser(req *restful.Request, resp *restful.Response) {
clusterRules, err := iam.GetUserClusterSimpleRules(username) clusterRules, err := iam.GetUserClusterSimpleRules(username)
if err != nil { if err != nil {
glog.Error(err) klog.Error(err)
resp.WriteHeaderAndEntity(http.StatusInternalServerError, errors.Wrap(err)) resp.WriteHeaderAndEntity(http.StatusInternalServerError, errors.Wrap(err))
return return
} }
@@ -269,7 +266,7 @@ func Precheck(req *restful.Request, resp *restful.Response) {
exist, err := iam.UserCreateCheck(check) exist, err := iam.UserCreateCheck(check)
if err != nil { if err != nil {
glog.Error(err) klog.Error(err)
resp.WriteHeaderAndEntity(http.StatusInternalServerError, errors.Wrap(err)) resp.WriteHeaderAndEntity(http.StatusInternalServerError, errors.Wrap(err))
return return
} }
@@ -290,7 +287,7 @@ func ListUsers(req *restful.Request, resp *restful.Response) {
reverse := params.ParseReverse(req) reverse := params.ParseReverse(req)
if err != nil { if err != nil {
glog.Info(err) klog.Info(err)
resp.WriteHeaderAndEntity(http.StatusBadRequest, errors.Wrap(err)) resp.WriteHeaderAndEntity(http.StatusBadRequest, errors.Wrap(err))
return return
} }
@@ -298,7 +295,7 @@ func ListUsers(req *restful.Request, resp *restful.Response) {
users, err := iam.ListUsers(conditions, orderBy, reverse, limit, offset) users, err := iam.ListUsers(conditions, orderBy, reverse, limit, offset)
if err != nil { if err != nil {
glog.Error(err) klog.Error(err)
resp.WriteHeaderAndEntity(http.StatusInternalServerError, errors.Wrap(err)) resp.WriteHeaderAndEntity(http.StatusInternalServerError, errors.Wrap(err))
return return
} }