forks/miniflux
1
0
Fork 0
Code Releases Activity

Refactor user validation

Browse source 
Validate each user field for creation/modification via API and web UI
This commit is contained in:
Frédéric Guillot 2021-01-03 21:20:21 -08:00 committed by fguillot
parent 291bf96d15
commit e45cc2d2aa
40 changed files with 567 additions and 400 deletions

107
api/payload.go
View file

@ -167,113 +167,6 @@ func decodeFeedModificationRequest(r io.ReadCloser) (*feedModificationRequest, e
return &feed, nil
}
type userCreationRequest struct {
Username string `json:"username"`
Password string `json:"password"`
IsAdmin bool `json:"is_admin"`
GoogleID string `json:"google_id"`
OpenIDConnectID string `json:"openid_connect_id"`
}
func decodeUserCreationRequest(r io.ReadCloser) (*userCreationRequest, error) {
defer r.Close()
var request userCreationRequest
decoder := json.NewDecoder(r)
if err := decoder.Decode(&request); err != nil {
return nil, fmt.Errorf("Unable to decode user creation JSON object: %v", err)
}
return &request, nil
}
type userModificationRequest struct {
Username *string `json:"username"`
Password *string `json:"password"`
IsAdmin *bool `json:"is_admin"`
Theme *string `json:"theme"`
Language *string `json:"language"`
Timezone *string `json:"timezone"`
EntryDirection *string `json:"entry_sorting_direction"`
Stylesheet *string `json:"stylesheet"`
GoogleID *string `json:"google_id"`
OpenIDConnectID *string `json:"openid_connect_id"`
EntriesPerPage *int `json:"entries_per_page"`
KeyboardShortcuts *bool `json:"keyboard_shortcuts"`
ShowReadingTime *bool `json:"show_reading_time"`
EntrySwipe *bool `json:"entry_swipe"`
}
func (u *userModificationRequest) Update(user *model.User) {
if u.Username != nil {
user.Username = *u.Username
}
if u.Password != nil {
user.Password = *u.Password
}
if u.IsAdmin != nil {
user.IsAdmin = *u.IsAdmin
}
if u.Theme != nil {
user.Theme = *u.Theme
}
if u.Language != nil {
user.Language = *u.Language
}
if u.Timezone != nil {
user.Timezone = *u.Timezone
}
if u.EntryDirection != nil {
user.EntryDirection = *u.EntryDirection
}
if u.Stylesheet != nil {
user.Stylesheet = *u.Stylesheet
}
if u.GoogleID != nil {
user.GoogleID = *u.GoogleID
}
if u.OpenIDConnectID != nil {
user.OpenIDConnectID = *u.OpenIDConnectID
}
if u.EntriesPerPage != nil {
user.EntriesPerPage = *u.EntriesPerPage
}
if u.KeyboardShortcuts != nil {
user.KeyboardShortcuts = *u.KeyboardShortcuts
}
if u.ShowReadingTime != nil {
user.ShowReadingTime = *u.ShowReadingTime
}
if u.EntrySwipe != nil {
user.EntrySwipe = *u.EntrySwipe
}
}
func decodeUserModificationRequest(r io.ReadCloser) (*userModificationRequest, error) {
defer r.Close()
var request userModificationRequest
decoder := json.NewDecoder(r)
if err := decoder.Decode(&request); err != nil {
return nil, fmt.Errorf("Unable to decode user modification JSON object: %v", err)
}
return &request, nil
}
func decodeEntryStatusRequest(r io.ReadCloser) ([]int64, string, error) {
type payload struct {
EntryIDs []int64 `json:"entry_ids"`

21
api/payload_test.go
View file

@ -218,24 +218,3 @@ func TestUpdateFeedToFetchViaProxy(t *testing.T) {
t.Errorf(`The field FetchViaProxy should be %v`, value)
}
}
func TestUpdateUserTheme(t *testing.T) {
theme := "Example 2"
changes := &userModificationRequest{Theme: &theme}
user := &model.User{Theme: "Example"}
changes.Update(user)
if user.Theme != theme {
t.Errorf(`Unexpected value, got %q instead of %q`, user.Theme, theme)
}
}
func TestUserThemeWhenNotSet(t *testing.T) {
changes := &userModificationRequest{}
user := &model.User{Theme: "Example"}
changes.Update(user)
if user.Theme != "Example" {
t.Error(`The user Theme should not be modified`)
}
}

40
api/user.go
View file

@ -5,12 +5,14 @@
package api // import "miniflux.app/api"
import (
json_parser "encoding/json"
"errors"
"net/http"
"miniflux.app/http/request"
"miniflux.app/http/response/json"
"miniflux.app/model"
"miniflux.app/validator"
)
func (h *handler) currentUser(w http.ResponseWriter, r *http.Request) {
@ -29,50 +31,38 @@ func (h *handler) createUser(w http.ResponseWriter, r *http.Request) {
return
}
userCreationRequest, err := decodeUserCreationRequest(r.Body)
if err != nil {
var userCreationRequest model.UserCreationRequest
if err := json_parser.NewDecoder(r.Body).Decode(&userCreationRequest); err != nil {
json.BadRequest(w, r, err)
return
}
user := model.NewUser()
user.Username = userCreationRequest.Username
user.Password = userCreationRequest.Password
user.IsAdmin = userCreationRequest.IsAdmin
user.GoogleID = userCreationRequest.GoogleID
user.OpenIDConnectID = userCreationRequest.OpenIDConnectID
if err := user.ValidateUserCreation(); err != nil {
json.BadRequest(w, r, err)
if validationErr := validator.ValidateUserCreationWithPassword(h.store, &userCreationRequest); validationErr != nil {
json.BadRequest(w, r, validationErr.Error())
return
}
if h.store.UserExists(user.Username) {
json.BadRequest(w, r, errors.New("This user already exists"))
return
}
err = h.store.CreateUser(user)
user, err := h.store.CreateUser(&userCreationRequest)
if err != nil {
json.ServerError(w, r, err)
return
}
user.Password = ""
json.Created(w, r, user)
}
func (h *handler) updateUser(w http.ResponseWriter, r *http.Request) {
userID := request.RouteInt64Param(r, "userID")
userChanges, err := decodeUserModificationRequest(r.Body)
if err != nil {
var userModificationRequest model.UserModificationRequest
if err := json_parser.NewDecoder(r.Body).Decode(&userModificationRequest); err != nil {
json.BadRequest(w, r, err)
return
}
originalUser, err := h.store.UserByID(userID)
if err != nil {
json.BadRequest(w, r, errors.New("Unable to fetch this user from the database"))
json.ServerError(w, r, err)
return
}
@ -87,18 +77,18 @@ func (h *handler) updateUser(w http.ResponseWriter, r *http.Request) {
return
}
if userChanges.IsAdmin != nil && *userChanges.IsAdmin {
if userModificationRequest.IsAdmin != nil && *userModificationRequest.IsAdmin {
json.BadRequest(w, r, errors.New("Only administrators can change permissions of standard users"))
return
}
}
userChanges.Update(originalUser)
if err := originalUser.ValidateUserModification(); err != nil {
json.BadRequest(w, r, err)
if validationErr := validator.ValidateUserModification(h.store, originalUser.ID, &userModificationRequest); validationErr != nil {
json.BadRequest(w, r, validationErr.Error())
return
}
userModificationRequest.Patch(originalUser)
if err = h.store.UpdateUser(originalUser); err != nil {
json.ServerError(w, r, err)
return

28
cli/create_admin.go
View file

@ -12,29 +12,31 @@ import (
"miniflux.app/logger"
"miniflux.app/model"
"miniflux.app/storage"
"miniflux.app/validator"
)
func createAdmin(store *storage.Storage) {
user := model.NewUser()
user.Username = config.Opts.AdminUsername()
user.Password = config.Opts.AdminPassword()
user.IsAdmin = true
if user.Username == "" || user.Password == "" {
user.Username, user.Password = askCredentials()
userCreationRequest := &model.UserCreationRequest{
Username: config.Opts.AdminUsername(),
Password: config.Opts.AdminPassword(),
IsAdmin: true,
}
if err := user.ValidateUserCreation(); err != nil {
fmt.Fprintf(os.Stderr, "%v\n", err)
os.Exit(1)
if userCreationRequest.Username == "" || userCreationRequest.Password == "" {
userCreationRequest.Username, userCreationRequest.Password = askCredentials()
}
if store.UserExists(user.Username) {
logger.Info(`User %q already exists, skipping creation`, user.Username)
if store.UserExists(userCreationRequest.Username) {
logger.Info(`User %q already exists, skipping creation`, userCreationRequest.Username)
return
}
if err := store.CreateUser(user); err != nil {
if validationErr := validator.ValidateUserCreationWithPassword(store, userCreationRequest); validationErr != nil {
fmt.Fprintf(os.Stderr, "%s\n", validationErr)
os.Exit(1)
}
if _, err := store.CreateUser(userCreationRequest); err != nil {
fmt.Fprintf(os.Stderr, "%v\n", err)
os.Exit(1)
}

10
cli/reset_password.go
View file

@ -8,7 +8,9 @@ import (
"fmt"
"os"
"miniflux.app/model"
"miniflux.app/storage"
"miniflux.app/validator"
)
func resetPassword(store *storage.Storage) {
@ -24,9 +26,11 @@ func resetPassword(store *storage.Storage) {
os.Exit(1)
}
user.Password = password
if err := user.ValidatePassword(); err != nil {
fmt.Fprintf(os.Stderr, "%v\n", err)
userModificationRequest := &model.UserModificationRequest{
Password: &password,
}
if validationErr := validator.ValidateUserModification(store, user.ID, userModificationRequest); validationErr != nil {
fmt.Fprintf(os.Stderr, "%s\n", validationErr)
os.Exit(1)
}

67
locale/translations.go
View file

@ -244,6 +244,10 @@ var translations = map[string]string{
"error.user_mandatory_fields": "Der Benutzername ist obligatorisch.",
"error.api_key_already_exists": "Dieser API-Schlüssel ist bereits vorhanden.",
"error.unable_to_create_api_key": "Dieser API-Schlüssel kann nicht erstellt werden.",
"error.invalid_theme": "Ungültiges Thema.",
"error.invalid_language": "Ungültige Sprache.",
"error.invalid_timezone": "Ungültige Zeitzone.",
"error.invalid_entry_direction": "Ungültige Sortierreihenfolge.",
"form.feed.label.title": "Titel",
"form.feed.label.site_url": "Webseite-URL",
"form.feed.label.feed_url": "Abonnement-URL",
@ -582,6 +586,10 @@ var translations = map[string]string{
"error.unable_to_update_user": "Unable to update this user.",
"error.unable_to_update_feed": "Unable to update this feed.",
"error.subscription_not_found": "Unable to find any subscription.",
"error.invalid_theme": "Invalid theme.",
"error.invalid_language": "Invalid language.",
"error.invalid_timezone": "Invalid timezone.",
"error.invalid_entry_direction": "Invalid entry direction.",
"error.empty_file": "This file is empty.",
"error.bad_credentials": "Invalid username or password.",
"error.fields_mandatory": "All fields are mandatory.",
@ -924,6 +932,10 @@ var translations = map[string]string{
"error.user_mandatory_fields": "El nombre de usuario es obligatorio.",
"error.api_key_already_exists": "Esta clave API ya existe.",
"error.unable_to_create_api_key": "No se puede crear esta clave API.",
"error.invalid_theme": "Tema no válido.",
"error.invalid_language": "Idioma no válido.",
"error.invalid_timezone": "Zona horaria no válida.",
"error.invalid_entry_direction": "Dirección de entrada no válida.",
"form.feed.label.title": "Título",
"form.feed.label.site_url": "URL del sitio",
"form.feed.label.feed_url": "URL de la fuente",
@ -936,7 +948,6 @@ var translations = map[string]string{
"form.feed.label.rewrite_rules": "Reglas de reescribir",
"form.feed.label.blocklist_rules": "Reglas de Filtrado(Bloquear)",
"form.feed.label.keeplist_rules": "Reglas de Filtrado(Permitir)",
"form.feed.label.blocklist_rules": "Reglas de Blacklist",
"form.feed.label.ignore_http_cache": "Ignorar caché HTTP",
"form.feed.label.fetch_via_proxy": "Buscar a través de proxy",
"form.feed.label.disabled": "No actualice este feed",
@ -1255,6 +1266,10 @@ var translations = map[string]string{
"error.user_mandatory_fields": "Le nom d'utilisateur est obligatoire.",
"error.api_key_already_exists": "Cette clé d'API existe déjà.",
"error.unable_to_create_api_key": "Impossible de créer cette clé d'API.",
"error.invalid_theme": "Thème non valide.",
"error.invalid_language": "Langue non valide.",
"error.invalid_timezone": "Fuseau horaire non valide.",
"error.invalid_entry_direction": "Ordre de trie non valide.",
"form.feed.label.title": "Titre",
"form.feed.label.site_url": "URL du site web",
"form.feed.label.feed_url": "URL du flux",
@ -1605,6 +1620,10 @@ var translations = map[string]string{
"error.user_mandatory_fields": "Il nome utente è obbligatorio.",
"error.api_key_already_exists": "Questa chiave API esiste già.",
"error.unable_to_create_api_key": "Impossibile creare questa chiave API.",
"error.invalid_theme": "Tema non valido.",
"error.invalid_language": "Lingua non valida.",
"error.invalid_timezone": "Fuso orario non valido.",
"error.invalid_entry_direction": "Ordinamento non valido.",
"form.feed.label.title": "Titolo",
"form.feed.label.site_url": "URL del sito",
"form.feed.label.feed_url": "URL del feed",
@ -1935,6 +1954,10 @@ var translations = map[string]string{
"error.user_mandatory_fields": "ユーザー名が必要です。",
"error.api_key_already_exists": "このAPIキーは既に存在します。",
"error.unable_to_create_api_key": "このAPIキーを作成できません。",
"error.invalid_theme": "テーマが無効です。",
"error.invalid_language": "言語が無効です。",
"error.invalid_timezone": "タイムゾーンが無効です。",
"error.invalid_entry_direction": "ソート順が無効です。",
"form.feed.label.title": "タイトル",
"form.feed.label.site_url": "サイト URL",
"form.feed.label.feed_url": "フィード URL",
@ -2265,6 +2288,10 @@ var translations = map[string]string{
"error.user_mandatory_fields": "Gebruikersnaam is verplicht",
"error.api_key_already_exists": "This API Key already exists.",
"error.unable_to_create_api_key": "Kan deze API-sleutel niet maken.",
"error.invalid_theme": "Ongeldig thema.",
"error.invalid_language": "Ongeldige taal.",
"error.invalid_timezone": "Ongeldige tijdzone.",
"error.invalid_entry_direction": "Ongeldige sorteervolgorde.",
"form.feed.label.title": "Naam",
"form.feed.label.site_url": "Website URL",
"form.feed.label.feed_url": "Feed URL",
@ -2615,6 +2642,10 @@ var translations = map[string]string{
"error.user_mandatory_fields": "Nazwa użytkownika jest obowiązkowa.",
"error.api_key_already_exists": "Deze API-sleutel bestaat al.",
"error.unable_to_create_api_key": "Nie można utworzyć tego klucza API.",
"error.invalid_theme": "Nieprawidłowy motyw.",
"error.invalid_language": "Nieprawidłowy język.",
"error.invalid_timezone": "Nieprawidłowa strefa czasowa.",
"error.invalid_entry_direction": "Nieprawidłowa kolejność sortowania.",
"form.feed.label.title": "Tytuł",
"form.feed.label.site_url": "URL strony",
"form.feed.label.feed_url": "URL kanału",
@ -2969,6 +3000,10 @@ var translations = map[string]string{
"error.user_mandatory_fields": "O nome de usuário é obrigatório.",
"error.api_key_already_exists": "Essa chave de API já existe.",
"error.unable_to_create_api_key": "Não foi possível criar uma chave de API.",
"error.invalid_theme": "Tema inválido.",
"error.invalid_language": "Idioma inválido.",
"error.invalid_timezone": "Fuso horário inválido.",
"error.invalid_entry_direction": "Direção de entrada inválida.",
"form.feed.label.title": "Título",
"form.feed.label.site_url": "URL do site",
"form.feed.label.feed_url": "URL da fonte",
@ -3301,6 +3336,10 @@ var translations = map[string]string{
"error.user_mandatory_fields": "Имя пользователя обязательно.",
"error.api_key_already_exists": "Этот ключ API уже существует.",
"error.unable_to_create_api_key": "Невозможно создать этот ключ API.",
"error.invalid_theme": "Неверная тема.",
"error.invalid_language": "Неверный язык.",
"error.invalid_timezone": "Неверный часовой пояс.",
"error.invalid_entry_direction": "Неверное направление входа.",
"form.feed.label.title": "Название",
"form.feed.label.site_url": "URL сайта",
"form.feed.label.feed_url": "URL подписки",
@ -3635,6 +3674,10 @@ var translations = map[string]string{
"error.user_mandatory_fields": "必须填写用户名",
"error.api_key_already_exists": "此API密钥已存在。",
"error.unable_to_create_api_key": "无法创建此API密钥。",
"error.invalid_theme": "无效的主题。",
"error.invalid_language": "语言无效。",
"error.invalid_timezone": "无效的时区。",
"error.invalid_entry_direction": "无效的输入方向。",
"form.feed.label.title": "标题",
"form.feed.label.site_url": "站点 URL",
"form.feed.label.feed_url": "源 URL",
@ -3740,15 +3783,15 @@ var translations = map[string]string{
}
var translationsChecksums = map[string]string{
"de_DE": "66d6feafa5f92c35b10f8c07aa693afe1ea7dca73708cdebfc4cf3edb0478512",
"en_US": "fa1771f155b439b46f282069a1628dc95d4170a5d7db14c1b90fa753936e7856",
"es_ES": "5b65c97c14e4b1f833ce6047be4b8b29bcb777d7a7a21420d1fb619584746649",
"fr_FR": "b58d74f73de2e775cc3f883f2fb19451e306ff32772f2fa8cb3c630d9df395d3",
"it_IT": "a488f947b4e0cd8149c4cf7aaa71a8c59976a06559046fbc5b36aa167caaa84c",
"ja_JP": "9a3d1484c46be56286f9abf06b596576a3ae44f571d72a40d2eba5bfb02dd921",
"nl_NL": "3b91987a9f6640e827c73ca11bb0f9bc58ff79359e792038746e273cd7ae546d",
"pl_PL": "ff1dab97559d16331c374c63a91000b0c27f796bd96595e34ca324eb68a7c06e",
"pt_BR": "524c0f0dcd81988acd286900481e1a2e0ca9cf789d752e22da8bd5fe31b6acf3",
"ru_RU": "805c698b8a053860f737a145acc3616c67c8d80bf1de89bf6bb27fee40e885f2",
"zh_CN": "0c6be862c7bd997337696161a1c1d3d2ec5c7adab9c33f29c09d906fcc015a79",
"de_DE": "c8d6021599cfda4f853bd5ec1e1b065f03633ada9211ee22879ea778ba464572",
"en_US": "781a7a6b54f439d76fe56fca7cb07412a04e71edebf53563f5cca27a0cd2533a",
"es_ES": "4d602461f5ed9c4aaf59e8828d2b09d0cc45d06ba77d89ba0ef9662b580aebc0",
"fr_FR": "3a0a008d0857fa5eb8a018ce5e348d7ccabe08a67849c72c6e7611e6b5b49aa7",
"it_IT": "7222e3610ad3741aa7aff957f70524b63ffe3f6729198899231765335861a108",
"ja_JP": "f0ab6dd77c78717d25d88baad39c487c913720be4b3473a3f0aa3aa538318deb",
"nl_NL": "1e0872b89fb78a6de2ae989d054963226146c3eeff4b2883cf2bf8df96c13846",
"pl_PL": "2513808a13925549c9ba27c52a20916d18a5222dd8ba6a14520798766889b076",
"pt_BR": "b5fc4d9e0dedc554579154f2fff772b108baf317c9a952d688db0df260674b3b",
"ru_RU": "d9bedead0757deae57da909c7d5297853c2186acb8ebf7cf91d0eef7c1a17d19",
"zh_CN": "2526d0139ca0a2004f2db0864cbc9c3da55c3c7f45e1a244fea3c39d5d39e0f9",
}

4
locale/translations/de_DE.json
View file

@ -239,6 +239,10 @@
"error.user_mandatory_fields": "Der Benutzername ist obligatorisch.",
"error.api_key_already_exists": "Dieser API-Schlüssel ist bereits vorhanden.",
"error.unable_to_create_api_key": "Dieser API-Schlüssel kann nicht erstellt werden.",
"error.invalid_theme": "Ungültiges Thema.",
"error.invalid_language": "Ungültige Sprache.",
"error.invalid_timezone": "Ungültige Zeitzone.",
"error.invalid_entry_direction": "Ungültige Sortierreihenfolge.",
"form.feed.label.title": "Titel",
"form.feed.label.site_url": "Webseite-URL",
"form.feed.label.feed_url": "Abonnement-URL",

4
locale/translations/en_US.json
View file

@ -227,6 +227,10 @@
"error.unable_to_update_user": "Unable to update this user.",
"error.unable_to_update_feed": "Unable to update this feed.",
"error.subscription_not_found": "Unable to find any subscription.",
"error.invalid_theme": "Invalid theme.",
"error.invalid_language": "Invalid language.",
"error.invalid_timezone": "Invalid timezone.",
"error.invalid_entry_direction": "Invalid entry direction.",
"error.empty_file": "This file is empty.",
"error.bad_credentials": "Invalid username or password.",
"error.fields_mandatory": "All fields are mandatory.",

5
locale/translations/es_ES.json
View file

@ -239,6 +239,10 @@
"error.user_mandatory_fields": "El nombre de usuario es obligatorio.",
"error.api_key_already_exists": "Esta clave API ya existe.",
"error.unable_to_create_api_key": "No se puede crear esta clave API.",
"error.invalid_theme": "Tema no válido.",
"error.invalid_language": "Idioma no válido.",
"error.invalid_timezone": "Zona horaria no válida.",
"error.invalid_entry_direction": "Dirección de entrada no válida.",
"form.feed.label.title": "Título",
"form.feed.label.site_url": "URL del sitio",
"form.feed.label.feed_url": "URL de la fuente",
@ -251,7 +255,6 @@
"form.feed.label.rewrite_rules": "Reglas de reescribir",
"form.feed.label.blocklist_rules": "Reglas de Filtrado(Bloquear)",
"form.feed.label.keeplist_rules": "Reglas de Filtrado(Permitir)",
"form.feed.label.blocklist_rules": "Reglas de Blacklist",
"form.feed.label.ignore_http_cache": "Ignorar caché HTTP",
"form.feed.label.fetch_via_proxy": "Buscar a través de proxy",
"form.feed.label.disabled": "No actualice este feed",

4
locale/translations/fr_FR.json
View file

@ -239,6 +239,10 @@
"error.user_mandatory_fields": "Le nom d'utilisateur est obligatoire.",
"error.api_key_already_exists": "Cette clé d'API existe déjà.",
"error.unable_to_create_api_key": "Impossible de créer cette clé d'API.",
"error.invalid_theme": "Thème non valide.",
"error.invalid_language": "Langue non valide.",
"error.invalid_timezone": "Fuseau horaire non valide.",
"error.invalid_entry_direction": "Ordre de trie non valide.",
"form.feed.label.title": "Titre",
"form.feed.label.site_url": "URL du site web",
"form.feed.label.feed_url": "URL du flux",

4
locale/translations/it_IT.json
View file

@ -239,6 +239,10 @@
"error.user_mandatory_fields": "Il nome utente è obbligatorio.",
"error.api_key_already_exists": "Questa chiave API esiste già.",
"error.unable_to_create_api_key": "Impossibile creare questa chiave API.",
"error.invalid_theme": "Tema non valido.",
"error.invalid_language": "Lingua non valida.",
"error.invalid_timezone": "Fuso orario non valido.",
"error.invalid_entry_direction": "Ordinamento non valido.",
"form.feed.label.title": "Titolo",
"form.feed.label.site_url": "URL del sito",
"form.feed.label.feed_url": "URL del feed",

4
locale/translations/ja_JP.json
View file

@ -239,6 +239,10 @@
"error.user_mandatory_fields": "ユーザー名が必要です。",
"error.api_key_already_exists": "このAPIキーは既に存在します。",
"error.unable_to_create_api_key": "このAPIキーを作成できません。",
"error.invalid_theme": "テーマが無効です。",
"error.invalid_language": "言語が無効です。",
"error.invalid_timezone": "タイムゾーンが無効です。",
"error.invalid_entry_direction": "ソート順が無効です。",
"form.feed.label.title": "タイトル",
"form.feed.label.site_url": "サイト URL",
"form.feed.label.feed_url": "フィード URL",

4
locale/translations/nl_NL.json
View file

@ -239,6 +239,10 @@
"error.user_mandatory_fields": "Gebruikersnaam is verplicht",
"error.api_key_already_exists": "This API Key already exists.",
"error.unable_to_create_api_key": "Kan deze API-sleutel niet maken.",
"error.invalid_theme": "Ongeldig thema.",
"error.invalid_language": "Ongeldige taal.",
"error.invalid_timezone": "Ongeldige tijdzone.",
"error.invalid_entry_direction": "Ongeldige sorteervolgorde.",
"form.feed.label.title": "Naam",
"form.feed.label.site_url": "Website URL",
"form.feed.label.feed_url": "Feed URL",

4
locale/translations/pl_PL.json
View file

@ -241,6 +241,10 @@
"error.user_mandatory_fields": "Nazwa użytkownika jest obowiązkowa.",
"error.api_key_already_exists": "Deze API-sleutel bestaat al.",
"error.unable_to_create_api_key": "Nie można utworzyć tego klucza API.",
"error.invalid_theme": "Nieprawidłowy motyw.",
"error.invalid_language": "Nieprawidłowy język.",
"error.invalid_timezone": "Nieprawidłowa strefa czasowa.",
"error.invalid_entry_direction": "Nieprawidłowa kolejność sortowania.",
"form.feed.label.title": "Tytuł",
"form.feed.label.site_url": "URL strony",
"form.feed.label.feed_url": "URL kanału",

4
locale/translations/pt_BR.json
View file

@ -239,6 +239,10 @@
"error.user_mandatory_fields": "O nome de usuário é obrigatório.",
"error.api_key_already_exists": "Essa chave de API já existe.",
"error.unable_to_create_api_key": "Não foi possível criar uma chave de API.",
"error.invalid_theme": "Tema inválido.",
"error.invalid_language": "Idioma inválido.",
"error.invalid_timezone": "Fuso horário inválido.",
"error.invalid_entry_direction": "Direção de entrada inválida.",
"form.feed.label.title": "Título",
"form.feed.label.site_url": "URL do site",
"form.feed.label.feed_url": "URL da fonte",

4
locale/translations/ru_RU.json
View file

@ -241,6 +241,10 @@
"error.user_mandatory_fields": "Имя пользователя обязательно.",
"error.api_key_already_exists": "Этот ключ API уже существует.",
"error.unable_to_create_api_key": "Невозможно создать этот ключ API.",
"error.invalid_theme": "Неверная тема.",
"error.invalid_language": "Неверный язык.",
"error.invalid_timezone": "Неверный часовой пояс.",
"error.invalid_entry_direction": "Неверное направление входа.",
"form.feed.label.title": "Название",
"form.feed.label.site_url": "URL сайта",
"form.feed.label.feed_url": "URL подписки",

4
locale/translations/zh_CN.json
View file

@ -237,6 +237,10 @@
"error.user_mandatory_fields": "必须填写用户名",
"error.api_key_already_exists": "此API密钥已存在。",
"error.unable_to_create_api_key": "无法创建此API密钥。",
"error.invalid_theme": "无效的主题。",
"error.invalid_language": "语言无效。",
"error.invalid_timezone": "无效的时区。",
"error.invalid_entry_direction": "无效的输入方向。",
"form.feed.label.title": "标题",
"form.feed.label.site_url": "站点 URL",
"form.feed.label.feed_url": "源 URL",

4
locale/translations_test.go
View file

@ -29,11 +29,11 @@ func TestAllKeysHaveValue(t *testing.T) {
switch value := v.(type) {
case string:
if value == "" {
t.Fatalf(`The key %q for the language %q have an empty string as value`, k, language)
t.Errorf(`The key %q for the language %q have an empty string as value`, k, language)
}
case []string:
if len(value) == 0 {
t.Fatalf(`The key %q for the language %q have an empty list as value`, k, language)
t.Errorf(`The key %q for the language %q have an empty list as value`, k, language)
}
}
}

21
model/model.go Normal file
View file

@ -0,0 +1,21 @@
// Copyright 2021 Frédéric Guillot. All rights reserved.
// Use of this source code is governed by the Apache 2.0
// license that can be found in the LICENSE file.
package model // import "miniflux.app/model"
// OptionalString populates an optional string field.
func OptionalString(value string) *string {
if value != "" {
return &value
}
return nil
}
// OptionalInt populates an optional int field.
func OptionalInt(value int) *int {
if value > 0 {
return &value
}
return nil
}

13
model/theme.go
View file

@ -4,8 +4,6 @@
package model // import "miniflux.app/model"
import "miniflux.app/errors"
// Themes returns the list of available themes.
func Themes() map[string]string {
return map[string]string{
@ -29,14 +27,3 @@ func ThemeColor(theme string) string {
return "#fff"
}
}
// ValidateTheme validates theme value.
func ValidateTheme(theme string) error {
for key := range Themes() {
if key == theme {
return nil
}
}
return errors.NewLocalizedError("Invalid theme")
}

19
model/theme_test.go
View file

@ -1,19 +0,0 @@
// Copyright 2017 Frédéric Guillot. All rights reserved.
// Use of this source code is governed by the Apache 2.0
// license that can be found in the LICENSE file.
package model // import "miniflux.app/model"
import "testing"
func TestValidateTheme(t *testing.T) {
for _, status := range []string{"light_serif", "dark_sans_serif", "system_serif"} {
if err := ValidateTheme(status); err != nil {
t.Error(`A valid theme should not generate any error`)
}
}
if err := ValidateTheme("invalid"); err == nil {
t.Error(`An invalid theme should generate a error`)
}
}

108
model/user.go
View file

@ -5,7 +5,6 @@
package model // import "miniflux.app/model"
import (
"errors"
"time"
"miniflux.app/timezone"
@ -15,7 +14,7 @@ import (
type User struct {
ID int64 `json:"id"`
Username string `json:"username"`
Password string `json:"password,omitempty"`
Password string `json:"-"`
IsAdmin bool `json:"is_admin"`
Theme string `json:"theme"`
Language string `json:"language"`
@ -28,56 +27,93 @@ type User struct {
KeyboardShortcuts bool `json:"keyboard_shortcuts"`
ShowReadingTime bool `json:"show_reading_time"`
EntrySwipe bool `json:"entry_swipe"`
LastLoginAt *time.Time `json:"last_login_at,omitempty"`
LastLoginAt *time.Time `json:"last_login_at"`
}
// NewUser returns a new User.
func NewUser() *User {
return &User{}
// UserCreationRequest represents the request to create a user.
type UserCreationRequest struct {
Username string `json:"username"`
Password string `json:"password"`
IsAdmin bool `json:"is_admin"`
GoogleID string `json:"google_id"`
OpenIDConnectID string `json:"openid_connect_id"`
}
// ValidateUserCreation validates new user.
func (u User) ValidateUserCreation() error {
if err := u.ValidateUserLogin(); err != nil {
return err
}
return u.ValidatePassword()
// UserModificationRequest represents the request to update a user.
type UserModificationRequest struct {
Username *string `json:"username"`
Password *string `json:"password"`
Theme *string `json:"theme"`
Language *string `json:"language"`
Timezone *string `json:"timezone"`
EntryDirection *string `json:"entry_sorting_direction"`
Stylesheet *string `json:"stylesheet"`
GoogleID *string `json:"google_id"`
OpenIDConnectID *string `json:"openid_connect_id"`
EntriesPerPage *int `json:"entries_per_page"`
IsAdmin *bool `json:"is_admin"`
KeyboardShortcuts *bool `json:"keyboard_shortcuts"`
ShowReadingTime *bool `json:"show_reading_time"`
EntrySwipe *bool `json:"entry_swipe"`
}
// ValidateUserModification validates user modification payload.
func (u User) ValidateUserModification() error {
if u.Theme != "" {
return ValidateTheme(u.Theme)
// Patch updates the User object with the modification request.
func (u *UserModificationRequest) Patch(user *User) {
if u.Username != nil {
user.Username = *u.Username
}
if u.Password != "" {
return u.ValidatePassword()
if u.Password != nil {
user.Password = *u.Password
}
return nil
}
// ValidateUserLogin validates user credential requirements.
func (u User) ValidateUserLogin() error {
if u.Username == "" {
return errors.New("The username is mandatory")
if u.IsAdmin != nil {
user.IsAdmin = *u.IsAdmin
}
if u.Password == "" {
return errors.New("The password is mandatory")
if u.Theme != nil {
user.Theme = *u.Theme
}
return nil
}
// ValidatePassword validates user password requirements.
func (u User) ValidatePassword() error {
if u.Password != "" && len(u.Password) < 6 {
return errors.New("The password must have at least 6 characters")
if u.Language != nil {
user.Language = *u.Language
}
return nil
if u.Timezone != nil {
user.Timezone = *u.Timezone
}
if u.EntryDirection != nil {
user.EntryDirection = *u.EntryDirection
}
if u.Stylesheet != nil {
user.Stylesheet = *u.Stylesheet
}
if u.GoogleID != nil {
user.GoogleID = *u.GoogleID
}
if u.OpenIDConnectID != nil {
user.OpenIDConnectID = *u.OpenIDConnectID
}
if u.EntriesPerPage != nil {
user.EntriesPerPage = *u.EntriesPerPage
}
if u.KeyboardShortcuts != nil {
user.KeyboardShortcuts = *u.KeyboardShortcuts
}
if u.ShowReadingTime != nil {
user.ShowReadingTime = *u.ShowReadingTime
}
if u.EntrySwipe != nil {
user.EntrySwipe = *u.EntrySwipe
}
}
// UseTimezone converts last login date to the given timezone.

61
model/user_test.go
View file

@ -1,61 +0,0 @@
// Copyright 2017 Frédéric Guillot. All rights reserved.
// Use of this source code is governed by the Apache 2.0
// license that can be found in the LICENSE file.
package model // import "miniflux.app/model"
import "testing"
func TestValidateUserCreation(t *testing.T) {
user := &User{}
if err := user.ValidateUserCreation(); err == nil {
t.Error(`An empty user should generate an error`)
}
user = &User{Username: "test", Password: ""}
if err := user.ValidateUserCreation(); err == nil {
t.Error(`User without password should generate an error`)
}
user = &User{Username: "test", Password: "a"}
if err := user.ValidateUserCreation(); err == nil {
t.Error(`Passwords shorter than 6 characters should generate an error`)
}
user = &User{Username: "", Password: "secret"}
if err := user.ValidateUserCreation(); err == nil {
t.Error(`An empty username should generate an error`)
}
user = &User{Username: "test", Password: "secret"}
if err := user.ValidateUserCreation(); err != nil {
t.Error(`A valid user should not generate any error`)
}
}
func TestValidateUserModification(t *testing.T) {
user := &User{}
if err := user.ValidateUserModification(); err != nil {
t.Error(`There is no changes, so we should not have an error`)
}
user = &User{Theme: "system_serif"}
if err := user.ValidateUserModification(); err != nil {
t.Error(`A valid theme should not generate any errors`)
}
user = &User{Theme: "invalid theme"}
if err := user.ValidateUserModification(); err == nil {
t.Error(`An invalid theme should generate an error`)
}
user = &User{Password: "test123"}
if err := user.ValidateUserModification(); err != nil {
t.Error(`A valid password should not generate any errors`)
}
user = &User{Password: "a"}
if err := user.ValidateUserModification(); err == nil {
t.Error(`An invalid password should generate an error`)
}
}

4
oauth2/google.go
View file

@ -57,6 +57,10 @@ func (g *googleProvider) GetProfile(ctx context.Context, code string) (*Profile,
return profile, nil
}
func (g *googleProvider) PopulateUserCreationWithProfileID(user *model.UserCreationRequest, profile *Profile) {
user.GoogleID = profile.ID
}
func (g *googleProvider) PopulateUserWithProfileID(user *model.User, profile *Profile) {
user.GoogleID = profile.ID
}

4
oauth2/oidc.go
View file

@ -44,6 +44,10 @@ func (o *oidcProvider) GetProfile(ctx context.Context, code string) (*Profile, e
return profile, nil
}
func (o *oidcProvider) PopulateUserCreationWithProfileID(user *model.UserCreationRequest, profile *Profile) {
user.OpenIDConnectID = profile.ID
}
func (o *oidcProvider) PopulateUserWithProfileID(user *model.User, profile *Profile) {
user.OpenIDConnectID = profile.ID
}

1
oauth2/provider.go
View file

@ -15,6 +15,7 @@ type Provider interface {
GetUserExtraKey() string
GetRedirectURL(state string) string
GetProfile(ctx context.Context, code string) (*Profile, error)
PopulateUserCreationWithProfileID(user *model.UserCreationRequest, profile *Profile)
PopulateUserWithProfileID(user *model.User, profile *Profile)
UnsetUserProfileID(user *model.User)
}

12
storage/entry_query_builder.go
View file

@ -166,13 +166,17 @@ func (e *EntryQueryBuilder) WithDirection(direction string) *EntryQueryBuilder {
// WithLimit set the limit.
func (e *EntryQueryBuilder) WithLimit(limit int) *EntryQueryBuilder {
e.limit = limit
if limit > 0 {
e.limit = limit
}
return e
}
// WithOffset set the offset.
func (e *EntryQueryBuilder) WithOffset(offset int) *EntryQueryBuilder {
e.offset = offset
if offset > 0 {
e.offset = offset
}
return e
}
@ -370,11 +374,11 @@ func (e *EntryQueryBuilder) buildSorting() string {
parts = append(parts, fmt.Sprintf(`%s`, e.direction))
}
if e.limit != 0 {
if e.limit > 0 {
parts = append(parts, fmt.Sprintf(`LIMIT %d`, e.limit))
}
if e.offset != 0 {
if e.offset > 0 {
parts = append(parts, fmt.Sprintf(`OFFSET %d`, e.offset))
}

41
storage/user.go
View file

@ -54,12 +54,13 @@ func (s *Storage) AnotherUserExists(userID int64, username string) bool {
}
// CreateUser creates a new user.
func (s *Storage) CreateUser(user *model.User) (err error) {
hashedPassword := ""
if user.Password != "" {
hashedPassword, err = hashPassword(user.Password)
func (s *Storage) CreateUser(userCreationRequest *model.UserCreationRequest) (*model.User, error) {
var hashedPassword string
if userCreationRequest.Password != "" {
var err error
hashedPassword, err = hashPassword(userCreationRequest.Password)
if err != nil {
return err
return nil, err
}
}
@ -87,10 +88,18 @@ func (s *Storage) CreateUser(user *model.User) (err error) {
tx, err := s.db.Begin()
if err != nil {
return fmt.Errorf(`store: unable to start transaction: %v`, err)
return nil, fmt.Errorf(`store: unable to start transaction: %v`, err)
}
err = tx.QueryRow(query, user.Username, hashedPassword, user.IsAdmin, user.GoogleID, user.OpenIDConnectID).Scan(
var user model.User
err = tx.QueryRow(
query,
userCreationRequest.Username,
hashedPassword,
userCreationRequest.IsAdmin,
userCreationRequest.GoogleID,
userCreationRequest.OpenIDConnectID,
).Scan(
&user.ID,
&user.Username,
&user.IsAdmin,
@ -108,26 +117,26 @@ func (s *Storage) CreateUser(user *model.User) (err error) {
)
if err != nil {
tx.Rollback()
return fmt.Errorf(`store: unable to create user: %v`, err)
return nil, fmt.Errorf(`store: unable to create user: %v`, err)
}
_, err = tx.Exec(`INSERT INTO categories (user_id, title) VALUES ($1, $2)`, user.ID, "All")
if err != nil {
tx.Rollback()
return fmt.Errorf(`store: unable to create user default category: %v`, err)
return nil, fmt.Errorf(`store: unable to create user default category: %v`, err)
}
_, err = tx.Exec(`INSERT INTO integrations (user_id) VALUES ($1)`, user.ID)
if err != nil {
tx.Rollback()
return fmt.Errorf(`store: unable to create integration row: %v`, err)
return nil, fmt.Errorf(`store: unable to create integration row: %v`, err)
}
if err := tx.Commit(); err != nil {
return fmt.Errorf(`store: unable to commit transaction: %v`, err)
return nil, fmt.Errorf(`store: unable to commit transaction: %v`, err)
}
return nil
return &user, nil
}
// UpdateUser updates a user.
@ -353,7 +362,7 @@ func (s *Storage) UserByAPIKey(token string) (*model.User, error) {
}
func (s *Storage) fetchUser(query string, args ...interface{}) (*model.User, error) {
user := model.NewUser()
var user model.User
err := s.db.QueryRow(query, args...).Scan(
&user.ID,
&user.Username,
@ -378,7 +387,7 @@ func (s *Storage) fetchUser(query string, args ...interface{}) (*model.User, err
return nil, fmt.Errorf(`store: unable to fetch user: %v`, err)
}
return user, nil
return &user, nil
}
// RemoveUser deletes a user.
@ -446,7 +455,7 @@ func (s *Storage) Users() (model.Users, error) {
var users model.Users
for rows.Next() {
user := model.NewUser()
var user model.User
err := rows.Scan(
&user.ID,
&user.Username,
@ -469,7 +478,7 @@ func (s *Storage) Users() (model.Users, error) {
return nil, fmt.Errorf(`store: unable to fetch users row: %v`, err)
}
users = append(users, user)
users = append(users, &user)
}
return users, nil

94
tests/user_test.go
View file

@ -312,13 +312,103 @@ func TestUpdateUserThemeWithInvalidValue(t *testing.T) {
t.Fatal(err)
}
theme := "something that doesn't exists"
theme := "invalid"
_, err = client.UpdateUser(user.ID, &miniflux.UserModificationRequest{Theme: &theme})
if err == nil {
t.Fatal(`Updating a user Theme with an invalid value should raise an error`)
}
}
func TestUpdateUserLanguageWithInvalidValue(t *testing.T) {
username := getRandomUsername()
client := miniflux.New(testBaseURL, testAdminUsername, testAdminPassword)
user, err := client.CreateUser(username, testStandardPassword, false)
if err != nil {
t.Fatal(err)
}
language := "invalid"
_, err = client.UpdateUser(user.ID, &miniflux.UserModificationRequest{Language: &language})
if err == nil {
t.Fatal(`Updating a user language with an invalid value should raise an error`)
}
}
func TestUpdateUserTimezoneWithInvalidValue(t *testing.T) {
username := getRandomUsername()
client := miniflux.New(testBaseURL, testAdminUsername, testAdminPassword)
user, err := client.CreateUser(username, testStandardPassword, false)
if err != nil {
t.Fatal(err)
}
timezone := "invalid"
_, err = client.UpdateUser(user.ID, &miniflux.UserModificationRequest{Timezone: &timezone})
if err == nil {
t.Fatal(`Updating a user timezone with an invalid value should raise an error`)
}
}
func TestUpdateUserEntriesPerPageWithInvalidValue(t *testing.T) {
username := getRandomUsername()
client := miniflux.New(testBaseURL, testAdminUsername, testAdminPassword)
user, err := client.CreateUser(username, testStandardPassword, false)
if err != nil {
t.Fatal(err)
}
entriesPerPage := -5
_, err = client.UpdateUser(user.ID, &miniflux.UserModificationRequest{EntriesPerPage: &entriesPerPage})
if err == nil {
t.Fatal(`Updating a user EntriesPerPage with an invalid value should raise an error`)
}
}
func TestUpdateUserEntryDirectionWithInvalidValue(t *testing.T) {
username := getRandomUsername()
client := miniflux.New(testBaseURL, testAdminUsername, testAdminPassword)
user, err := client.CreateUser(username, testStandardPassword, false)
if err != nil {
t.Fatal(err)
}
entryDirection := "invalid"
_, err = client.UpdateUser(user.ID, &miniflux.UserModificationRequest{EntryDirection: &entryDirection})
if err == nil {
t.Fatal(`Updating a user EntryDirection with an invalid value should raise an error`)
}
}
func TestUpdateUserPasswordWithInvalidValue(t *testing.T) {
username := getRandomUsername()
client := miniflux.New(testBaseURL, testAdminUsername, testAdminPassword)
user, err := client.CreateUser(username, testStandardPassword, false)
if err != nil {
t.Fatal(err)
}
password := "short"
_, err = client.UpdateUser(user.ID, &miniflux.UserModificationRequest{Password: &password})
if err == nil {
t.Fatal(`Updating a user password with an invalid value should raise an error`)
}
}
func TestUpdateUserWithEmptyUsernameValue(t *testing.T) {
username := getRandomUsername()
client := miniflux.New(testBaseURL, testAdminUsername, testAdminPassword)
user, err := client.CreateUser(username, testStandardPassword, false)
if err != nil {
t.Fatal(err)
}
newUsername := ""
_, err = client.UpdateUser(user.ID, &miniflux.UserModificationRequest{Username: &newUsername})
if err == nil {
t.Fatal(`Updating a user with an empty username should raise an error`)
}
}
func TestCannotCreateDuplicateUser(t *testing.T) {
username := getRandomUsername()
client := miniflux.New(testBaseURL, testAdminUsername, testAdminPassword)
@ -329,7 +419,7 @@ func TestCannotCreateDuplicateUser(t *testing.T) {
_, err = client.CreateUser(username, testStandardPassword, false)
if err == nil {
t.Fatal(`Duplicate users should not be allowed`)
t.Fatal(`Duplicated users should not be allowed`)
}
}

8
ui/form/settings.go
View file

@ -54,10 +54,6 @@ func (s *SettingsForm) Validate() error {
return errors.NewLocalizedError("error.settings_mandatory_fields")
}
if s.EntriesPerPage < 1 {
return errors.NewLocalizedError("error.entries_per_page_invalid")
}
if s.Confirmation == "" {
// Firefox insists on auto-completing the password field.
// If the confirmation field is blank, the user probably
@ -67,10 +63,6 @@ func (s *SettingsForm) Validate() error {
if s.Password != s.Confirmation {
return errors.NewLocalizedError("error.different_passwords")
}
if len(s.Password) < 6 {
return errors.NewLocalizedError("error.password_min_length")
}
}
return nil

18
ui/form/settings_test.go
View file

@ -61,21 +61,3 @@ func TestConfirmationIncorrect(t *testing.T) {
t.Error("Validate should return an error")
}
}
func TestEntriesPerPageNotValid(t *testing.T) {
settings := &SettingsForm{
Username: "user",
Password: "hunter2",
Confirmation: "hunter2",
Theme: "default",
Language: "en_US",
Timezone: "UTC",
EntryDirection: "asc",
EntriesPerPage: 0,
}
err := settings.Validate()
if err == nil {
t.Error("Validate should return an error")
}
}

13
ui/form/user.go
View file

@ -29,10 +29,6 @@ func (u UserForm) ValidateCreation() error {
return errors.NewLocalizedError("error.different_passwords")
}
if len(u.Password) < 6 {
return errors.NewLocalizedError("error.password_min_length")
}
return nil
}
@ -55,15 +51,6 @@ func (u UserForm) ValidateModification() error {
return nil
}
// ToUser returns a User from the form values.
func (u UserForm) ToUser() *model.User {
return &model.User{
Username: u.Username,
Password: u.Password,
IsAdmin: u.IsAdmin,
}
}
// Merge updates the fields of the given user.
func (u UserForm) Merge(user *model.User) *model.User {
user.Username = u.Username

16
ui/middleware.go
View file

@ -177,10 +177,8 @@ func (m *middleware) handleAuthProxy(next http.Handler) http.Handler {
return
}
sess := session.New(m.store, request.SessionID(r))
clientIP := request.ClientIP(r)
logger.Info("[AuthProxy] Successful auth for %s", username)
logger.Info("[AuthProxy] [ClientIP=%s] Received authenticated requested for %q", clientIP, username)
user, err := m.store.UserByUsername(username)
if err != nil {
@ -189,16 +187,14 @@ func (m *middleware) handleAuthProxy(next http.Handler) http.Handler {
}
if user == nil {
logger.Error("[AuthProxy] [ClientIP=%s] %q doesn't exist", clientIP, username)
if !config.Opts.IsAuthProxyUserCreationAllowed() {
html.Forbidden(w, r)
return
}
user = model.NewUser()
user.Username = username
user.IsAdmin = false
if err := m.store.CreateUser(user); err != nil {
if user, err = m.store.CreateUser(&model.UserCreationRequest{Username: username}); err != nil {
html.ServerError(w, r, err)
return
}
@ -210,9 +206,11 @@ func (m *middleware) handleAuthProxy(next http.Handler) http.Handler {
return
}
logger.Info("[AuthProxy] username=%s just logged in", user.Username)
logger.Info("[AuthProxy] [ClientIP=%s] username=%s just logged in", clientIP, user.Username)
m.store.SetLastLogin(user.ID)
sess := session.New(m.store, request.SessionID(r))
sess.SetLanguage(user.Language)
sess.SetTheme(user.Theme)

9
ui/oauth2_callback.go
View file

@ -103,12 +103,11 @@ func (h *handler) oauth2Callback(w http.ResponseWriter, r *http.Request) {
return
}
user = model.NewUser()
user.Username = profile.Username
user.IsAdmin = false
authProvider.PopulateUserWithProfileID(user, profile)
userCreationRequest := &model.UserCreationRequest{Username: profile.Username}
authProvider.PopulateUserCreationWithProfileID(userCreationRequest, profile)
if err := h.store.CreateUser(user); err != nil {
user, err = h.store.CreateUser(userCreationRequest)
if err != nil {
html.ServerError(w, r, err)
return
}

15
ui/settings_update.go
View file

@ -16,6 +16,7 @@ import (
"miniflux.app/ui/form"
"miniflux.app/ui/session"
"miniflux.app/ui/view"
"miniflux.app/validator"
)
func (h *handler) updateSettings(w http.ResponseWriter, r *http.Request) {
@ -51,8 +52,18 @@ func (h *handler) updateSettings(w http.ResponseWriter, r *http.Request) {
return
}
if h.store.AnotherUserExists(loggedUser.ID, settingsForm.Username) {
view.Set("errorMessage", "error.user_already_exists")
userModificationRequest := &model.UserModificationRequest{
Username: model.OptionalString(settingsForm.Username),
Password: model.OptionalString(settingsForm.Password),
Theme: model.OptionalString(settingsForm.Theme),
Language: model.OptionalString(settingsForm.Language),
Timezone: model.OptionalString(settingsForm.Timezone),
EntryDirection: model.OptionalString(settingsForm.EntryDirection),
EntriesPerPage: model.OptionalInt(settingsForm.EntriesPerPage),
}
if validationErr := validator.ValidateUserModification(h.store, loggedUser.ID, userModificationRequest); validationErr != nil {
view.Set("errorMessage", validationErr.TranslationKey)
html.OK(w, r, view.Render("settings"))
return
}

6
ui/static_manifest.go
View file

@ -54,9 +54,9 @@ func (h *handler) showWebManifest(w http.ResponseWriter, r *http.Request) {
ThemeColor: themeColor,
BackgroundColor: themeColor,
Icons: []webManifestIcon{
webManifestIcon{Source: route.Path(h.router, "appIcon", "filename", "icon-120.png"), Sizes: "120x120", Type: "image/png"},
webManifestIcon{Source: route.Path(h.router, "appIcon", "filename", "icon-192.png"), Sizes: "192x192", Type: "image/png"},
webManifestIcon{Source: route.Path(h.router, "appIcon", "filename", "icon-512.png"), Sizes: "512x512", Type: "image/png"},
{Source: route.Path(h.router, "appIcon", "filename", "icon-120.png"), Sizes: "120x120", Type: "image/png"},
{Source: route.Path(h.router, "appIcon", "filename", "icon-192.png"), Sizes: "192x192", Type: "image/png"},
{Source: route.Path(h.router, "appIcon", "filename", "icon-512.png"), Sizes: "512x512", Type: "image/png"},
},
ShareTarget: webManifestShareTarget{
Action: route.Path(h.router, "bookmarklet"),

17
ui/user_save.go
View file

@ -11,9 +11,11 @@ import (
"miniflux.app/http/response/html"
"miniflux.app/http/route"
"miniflux.app/logger"
"miniflux.app/model"
"miniflux.app/ui/form"
"miniflux.app/ui/session"
"miniflux.app/ui/view"
"miniflux.app/validator"
)
func (h *handler) saveUser(w http.ResponseWriter, r *http.Request) {
@ -50,8 +52,19 @@ func (h *handler) saveUser(w http.ResponseWriter, r *http.Request) {
return
}
newUser := userForm.ToUser()
if err := h.store.CreateUser(newUser); err != nil {
userCreationRequest := &model.UserCreationRequest{
Username: userForm.Username,
Password: userForm.Password,
IsAdmin: userForm.IsAdmin,
}
if validationErr := validator.ValidateUserCreationWithPassword(h.store, userCreationRequest); validationErr != nil {
view.Set("errorMessage", validationErr.TranslationKey)
html.OK(w, r, view.Render("create_user"))
return
}
if _, err := h.store.CreateUser(userCreationRequest); err != nil {
logger.Error("[UI:SaveUser] %v", err)
view.Set("errorMessage", "error.unable_to_create_user")
html.OK(w, r, view.Render("create_user"))

10
ui/user_update.go
View file

@ -17,13 +17,13 @@ import (
)
func (h *handler) updateUser(w http.ResponseWriter, r *http.Request) {
user, err := h.store.UserByID(request.UserID(r))
loggedUser, err := h.store.UserByID(request.UserID(r))
if err != nil {
html.ServerError(w, r, err)
return
}
if !user.IsAdmin {
if !loggedUser.IsAdmin {
html.Forbidden(w, r)
return
}
@ -45,9 +45,9 @@ func (h *handler) updateUser(w http.ResponseWriter, r *http.Request) {
sess := session.New(h.store, request.SessionID(r))
view := view.New(h.tpl, r, sess)
view.Set("menu", "settings")
view.Set("user", user)
view.Set("countUnread", h.store.CountUnreadEntries(user.ID))
view.Set("countErrorFeeds", h.store.CountUserFeedsWithErrors(user.ID))
view.Set("user", loggedUser)
view.Set("countUnread", h.store.CountUnreadEntries(loggedUser.ID))
view.Set("countErrorFeeds", h.store.CountUserFeedsWithErrors(loggedUser.ID))
view.Set("selected_user", selectedUser)
view.Set("form", userForm)

126
validator/user.go Normal file
View file

@ -0,0 +1,126 @@
// Copyright 2021 Frédéric Guillot. All rights reserved.
// Use of this source code is governed by the Apache 2.0
// license that can be found in the LICENSE file.
package validator // import "miniflux.app/validator"
import (
"miniflux.app/locale"
"miniflux.app/model"
"miniflux.app/storage"
)
// ValidateUserCreationWithPassword validates user creation with a password.
func ValidateUserCreationWithPassword(store *storage.Storage, request *model.UserCreationRequest) *ValidationError {
if request.Username == "" {
return NewValidationError("error.user_mandatory_fields")
}
if store.UserExists(request.Username) {
return NewValidationError("error.user_already_exists")
}
if err := validatePassword(request.Password); err != nil {
return err
}
return nil
}
// ValidateUserModification validates user modifications.
func ValidateUserModification(store *storage.Storage, userID int64, changes *model.UserModificationRequest) *ValidationError {
if changes.Username != nil {
if *changes.Username == "" {
return NewValidationError("error.user_mandatory_fields")
} else if store.AnotherUserExists(userID, *changes.Username) {
return NewValidationError("error.user_already_exists")
}
}
if changes.Password != nil {
if err := validatePassword(*changes.Password); err != nil {
return err
}
}
if changes.Theme != nil {
if err := validateTheme(*changes.Theme); err != nil {
return err
}
}
if changes.Language != nil {
if err := validateLanguage(*changes.Language); err != nil {
return err
}
}
if changes.Timezone != nil {
if err := validateTimezone(store, *changes.Timezone); err != nil {
return err
}
}
if changes.EntryDirection != nil {
if err := validateEntryDirection(*changes.EntryDirection); err != nil {
return err
}
}
if changes.EntriesPerPage != nil {
if err := validateEntriesPerPage(*changes.EntriesPerPage); err != nil {
return err
}
}
return nil
}
func validatePassword(password string) *ValidationError {
if len(password) < 6 {
return NewValidationError("error.password_min_length")
}
return nil
}
func validateTheme(theme string) *ValidationError {
themes := model.Themes()
if _, found := themes[theme]; !found {
return NewValidationError("error.invalid_theme")
}
return nil
}
func validateLanguage(language string) *ValidationError {
languages := locale.AvailableLanguages()
if _, found := languages[language]; !found {
return NewValidationError("error.invalid_language")
}
return nil
}
func validateTimezone(store *storage.Storage, timezone string) *ValidationError {
timezones, err := store.Timezones()
if err != nil {
return NewValidationError(err.Error())
}
if _, found := timezones[timezone]; !found {
return NewValidationError("error.invalid_timezone")
}
return nil
}
func validateEntryDirection(direction string) *ValidationError {
if direction != "asc" && direction != "desc" {
return NewValidationError("error.invalid_entry_direction")
}
return nil
}
func validateEntriesPerPage(entriesPerPage int) *ValidationError {
if entriesPerPage < 1 {
return NewValidationError("error.entries_per_page_invalid")
}
return nil
}

29
validator/validator.go Normal file
View file

@ -0,0 +1,29 @@
// Copyright 2021 Frédéric Guillot. All rights reserved.
// Use of this source code is governed by the Apache 2.0
// license that can be found in the LICENSE file.
package validator // import "miniflux.app/validator"
import (
"errors"
"miniflux.app/locale"
)
// ValidationError represents a validation error.
type ValidationError struct {
TranslationKey string
}
// NewValidationError initializes a validation error.
func NewValidationError(translationKey string) *ValidationError {
return &ValidationError{TranslationKey: translationKey}
}
func (v *ValidationError) String() string {
return locale.NewPrinter("en_US").Printf(v.TranslationKey)
}
func (v *ValidationError) Error() error {
return errors.New(v.String())
}