admin/kubesphere
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Merge pull request #686 from wansir/fix-email-regex

Browse Source 
fix: email validation
This commit is contained in:
KubeSphere CI Bot
2019-09-02 16:37:45 +08:00
committed by GitHub
parent 76800b435c 5ca67f6e0c
commit 972d835096
1 changed files with 29 additions and 32 deletions
Download Patch File Download Diff File Expand all files Collapse all files

61
pkg/apiserver/iam/im.go
View File

@@ -19,10 +19,10 @@ package iam
import (
"fmt"
"github.com/golang/glog"
"k8s.io/klog"
"kubesphere.io/kubesphere/pkg/params"
"net/http"
"regexp"
"net/mail"
"strings"
"github.com/emicklei/go-restful"
@@ -34,38 +34,35 @@ import (
"kubesphere.io/kubesphere/pkg/models/iam"
)
const (
emailRegex = "^[a-z0-9]+([._\\-]*[a-z0-9])*@([a-z0-9]+[-a-z0-9]*[a-z0-9]+.){1,63}[a-z0-9]+$"
)
func CreateUser(req *restful.Request, resp *restful.Response) {
var user models.User
err := req.ReadEntity(&user)
if err != nil {
glog.Info(err)
klog.Info(err)
resp.WriteHeaderAndEntity(http.StatusBadRequest, errors.Wrap(err))
return
}
if user.Username == "" {
err = fmt.Errorf("invalid username: %s", user.Username)
glog.Info(err, user.Username)
klog.Info(err, user.Username)
resp.WriteHeaderAndEntity(http.StatusBadRequest, errors.Wrap(err))
return
}
if !regexp.MustCompile(emailRegex).MatchString(user.Email) {
// Parses a single RFC 5322 address, e.g. "Barry Gibbs <bg@example.com>"
if _, err = mail.ParseAddress(user.Email); err != nil {
err = fmt.Errorf("invalid email: %s", user.Email)
glog.Info(err, user.Email)
klog.Info(err, user.Email)
resp.WriteHeaderAndEntity(http.StatusBadRequest, errors.Wrap(err))
return
}
if len(user.Password) < 6 {
err = fmt.Errorf("invalid password")
glog.Info(err, user.Password)
klog.Info(err)
resp.WriteHeaderAndEntity(http.StatusBadRequest, errors.Wrap(err))
return
}
@@ -74,11 +71,11 @@ func CreateUser(req *restful.Request, resp *restful.Response) {
if err != nil {
if ldap.IsErrorWithCode(err, ldap.LDAPResultEntryAlreadyExists) {
glog.Info(err)
klog.Info(err)
resp.WriteHeaderAndEntity(http.StatusConflict, errors.Wrap(err))
return
}
glog.Error(err)
klog.Info(err)
resp.WriteHeaderAndEntity(http.StatusInternalServerError, errors.Wrap(err))
return
}
@@ -93,7 +90,7 @@ func DeleteUser(req *restful.Request, resp *restful.Response) {
if operator == username {
err := fmt.Errorf("cannot delete yourself")
glog.Info(err)
klog.Info(err)
resp.WriteHeaderAndEntity(http.StatusForbidden, errors.Wrap(err))
return
}
@@ -101,7 +98,7 @@ func DeleteUser(req *restful.Request, resp *restful.Response) {
err := iam.DeleteUser(username)
if err != nil {
glog.Error(err)
klog.Info(err)
resp.WriteHeaderAndEntity(http.StatusInternalServerError, errors.Wrap(err))
return
}
@@ -118,28 +115,28 @@ func UpdateUser(req *restful.Request, resp *restful.Response) {
err := req.ReadEntity(&user)
if err != nil {
glog.Info(err)
klog.Info(err)
resp.WriteHeaderAndEntity(http.StatusBadRequest, errors.Wrap(err))
return
}
if usernameInPath != user.Username {
err = fmt.Errorf("the name of user (%s) does not match the name on the URL (%s)", user.Username, usernameInPath)
glog.Info(err)
klog.Info(err)
resp.WriteHeaderAndEntity(http.StatusBadRequest, errors.Wrap(err))
return
}
if !regexp.MustCompile(emailRegex).MatchString(user.Email) {
if _, err = mail.ParseAddress(user.Email); err != nil {
err = fmt.Errorf("invalid email: %s", user.Email)
glog.Info(err)
klog.Info(err)
resp.WriteHeaderAndEntity(http.StatusBadRequest, errors.Wrap(err))
return
}
if user.Password != "" && len(user.Password) < 6 {
err = fmt.Errorf("invalid password")
glog.Info(err)
klog.Info(err)
resp.WriteHeaderAndEntity(http.StatusBadRequest, errors.Wrap(err))
return
}
@@ -148,7 +145,7 @@ func UpdateUser(req *restful.Request, resp *restful.Response) {
if usernameInHeader == user.Username && user.Password != "" {
isUserManager, err := isUserManager(usernameInHeader)
if err != nil {
glog.Error(err)
klog.Error(err)
resp.WriteHeaderAndEntity(http.StatusInternalServerError, errors.Wrap(err))
return
}
@@ -157,7 +154,7 @@ func UpdateUser(req *restful.Request, resp *restful.Response) {
}
if err != nil {
err = fmt.Errorf("incorrect current password")
glog.Info(err)
klog.Info(err)
resp.WriteHeaderAndEntity(http.StatusBadRequest, errors.Wrap(err))
return
}
@@ -167,12 +164,12 @@ func UpdateUser(req *restful.Request, resp *restful.Response) {
if err != nil {
if ldap.IsErrorWithCode(err, ldap.LDAPResultEntryAlreadyExists) {
glog.Info(err)
klog.Info(err)
resp.WriteHeaderAndEntity(http.StatusConflict, errors.Wrap(err))
return
}
glog.Error(err)
klog.Error(err)
resp.WriteHeaderAndEntity(http.StatusInternalServerError, errors.Wrap(err))
return
}
@@ -196,7 +193,7 @@ func UserLoginLogs(req *restful.Request, resp *restful.Response) {
logs, err := iam.LoginLog(username)
if err != nil {
glog.Error(err)
klog.Error(err)
resp.WriteHeaderAndEntity(http.StatusInternalServerError, errors.Wrap(err))
return
}
@@ -224,10 +221,10 @@ func DescribeUser(req *restful.Request, resp *restful.Response) {
if err != nil {
if ldap.IsErrorWithCode(err, ldap.LDAPResultNoSuchObject) {
glog.Info(err)
klog.Info(err)
resp.WriteHeaderAndEntity(http.StatusNotFound, errors.Wrap(err))
} else {
glog.Error(err)
klog.Error(err)
resp.WriteHeaderAndEntity(http.StatusInternalServerError, errors.Wrap(err))
}
return
@@ -236,7 +233,7 @@ func DescribeUser(req *restful.Request, resp *restful.Response) {
clusterRole, err := iam.GetUserClusterRole(username)
if err != nil {
glog.Error(err)
klog.Error(err)
resp.WriteHeaderAndEntity(http.StatusInternalServerError, errors.Wrap(err))
return
}
@@ -246,7 +243,7 @@ func DescribeUser(req *restful.Request, resp *restful.Response) {
clusterRules, err := iam.GetUserClusterSimpleRules(username)
if err != nil {
glog.Error(err)
klog.Error(err)
resp.WriteHeaderAndEntity(http.StatusInternalServerError, errors.Wrap(err))
return
}
@@ -269,7 +266,7 @@ func Precheck(req *restful.Request, resp *restful.Response) {
exist, err := iam.UserCreateCheck(check)
if err != nil {
glog.Error(err)
klog.Error(err)
resp.WriteHeaderAndEntity(http.StatusInternalServerError, errors.Wrap(err))
return
}
@@ -290,7 +287,7 @@ func ListUsers(req *restful.Request, resp *restful.Response) {
reverse := params.ParseReverse(req)
if err != nil {
glog.Info(err)
klog.Info(err)
resp.WriteHeaderAndEntity(http.StatusBadRequest, errors.Wrap(err))
return
}
@@ -298,7 +295,7 @@ func ListUsers(req *restful.Request, resp *restful.Response) {
users, err := iam.ListUsers(conditions, orderBy, reverse, limit, offset)
if err != nil {
glog.Error(err)
klog.Error(err)
resp.WriteHeaderAndEntity(http.StatusInternalServerError, errors.Wrap(err))
return
}