loading up the forgejo repo on tangled to test page performance
0
fork

Configure Feed

Select the types of activity you want to include in your feed.

Check blocklist for emails when adding them to account (#26812)

authored by

techknowlogick and committed by
GitHub
45976a1b 1bb9b1c4

+40 -27
+12 -1
models/user/email_address.go
··· 16 16 "code.gitea.io/gitea/modules/log" 17 17 "code.gitea.io/gitea/modules/setting" 18 18 "code.gitea.io/gitea/modules/util" 19 + "code.gitea.io/gitea/modules/validation" 19 20 20 21 "xorm.io/builder" 21 22 ) ··· 161 162 return ErrEmailInvalid{email} 162 163 } 163 164 164 - // TODO: add an email allow/block list 165 + // if there is no allow list, then check email against block list 166 + if len(setting.Service.EmailDomainAllowList) == 0 && 167 + validation.IsEmailDomainListed(setting.Service.EmailDomainBlockList, email) { 168 + return ErrEmailInvalid{email} 169 + } 170 + 171 + // if there is an allow list, then check email against allow list 172 + if len(setting.Service.EmailDomainAllowList) > 0 && 173 + !validation.IsEmailDomainListed(setting.Service.EmailDomainAllowList, email) { 174 + return ErrEmailInvalid{email} 175 + } 165 176 166 177 return nil 167 178 }
+25
modules/validation/helpers.go
··· 10 10 "strings" 11 11 12 12 "code.gitea.io/gitea/modules/setting" 13 + 14 + "github.com/gobwas/glob" 13 15 ) 14 16 15 17 var externalTrackerRegex = regexp.MustCompile(`({?)(?:user|repo|index)+?(}?)`) ··· 45 47 return true 46 48 } 47 49 } 50 + return false 51 + } 52 + 53 + // IsEmailDomainListed checks whether the domain of an email address 54 + // matches a list of domains 55 + func IsEmailDomainListed(globs []glob.Glob, email string) bool { 56 + if len(globs) == 0 { 57 + return false 58 + } 59 + 60 + n := strings.LastIndex(email, "@") 61 + if n <= 0 { 62 + return false 63 + } 64 + 65 + domain := strings.ToLower(email[n+1:]) 66 + 67 + for _, g := range globs { 68 + if g.Match(domain) { 69 + return true 70 + } 71 + } 72 + 48 73 return false 49 74 } 50 75
+3 -26
services/forms/user_form.go
··· 13 13 "code.gitea.io/gitea/modules/context" 14 14 "code.gitea.io/gitea/modules/setting" 15 15 "code.gitea.io/gitea/modules/structs" 16 + "code.gitea.io/gitea/modules/validation" 16 17 "code.gitea.io/gitea/modules/web/middleware" 17 18 18 19 "gitea.com/go-chi/binding" 19 - "github.com/gobwas/glob" 20 20 ) 21 21 22 22 // InstallForm form for installation page ··· 103 103 return middleware.Validate(errs, ctx.Data, f, ctx.Locale) 104 104 } 105 105 106 - // IsEmailDomainListed checks whether the domain of an email address 107 - // matches a list of domains 108 - func IsEmailDomainListed(globs []glob.Glob, email string) bool { 109 - if len(globs) == 0 { 110 - return false 111 - } 112 - 113 - n := strings.LastIndex(email, "@") 114 - if n <= 0 { 115 - return false 116 - } 117 - 118 - domain := strings.ToLower(email[n+1:]) 119 - 120 - for _, g := range globs { 121 - if g.Match(domain) { 122 - return true 123 - } 124 - } 125 - 126 - return false 127 - } 128 - 129 106 // IsEmailDomainAllowed validates that the email address 130 107 // provided by the user matches what has been configured . 131 108 // The email is marked as allowed if it matches any of the ··· 133 110 // domains in the blocklist, if any such list is not empty. 134 111 func (f *RegisterForm) IsEmailDomainAllowed() bool { 135 112 if len(setting.Service.EmailDomainAllowList) == 0 { 136 - return !IsEmailDomainListed(setting.Service.EmailDomainBlockList, f.Email) 113 + return !validation.IsEmailDomainListed(setting.Service.EmailDomainBlockList, f.Email) 137 114 } 138 115 139 - return IsEmailDomainListed(setting.Service.EmailDomainAllowList, f.Email) 116 + return validation.IsEmailDomainListed(setting.Service.EmailDomainAllowList, f.Email) 140 117 } 141 118 142 119 // MustChangePasswordForm form for updating your password after account creation