Merge pull request #8662 from stonezdj/email_sec2

Set default email to null if not provided
This commit is contained in:
Daniel Jiang 2019-08-20 09:01:50 +08:00 committed by GitHub
commit f10fb67d6d
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
10 changed files with 41 additions and 20 deletions

View File

@ -56,9 +56,9 @@ $$;
CREATE TRIGGER harbor_user_update_time_at_modtime BEFORE UPDATE ON harbor_user FOR EACH ROW EXECUTE PROCEDURE update_update_time_at_column();
insert into harbor_user (username, email, password, realname, comment, deleted, sysadmin_flag, creation_time, update_time) values
('admin', 'admin@example.com', '', 'system admin', 'admin user',false, true, NOW(), NOW()),
('anonymous', 'anonymous@example.com', '', 'anonymous user', 'anonymous user', true, false, NOW(), NOW());
insert into harbor_user (username, password, realname, comment, deleted, sysadmin_flag, creation_time, update_time) values
('admin', '', 'system admin', 'admin user',false, true, NOW(), NOW()),
('anonymous', '', 'anonymous user', 'anonymous user', true, false, NOW(), NOW());
create table project (
project_id SERIAL PRIMARY KEY NOT NULL,

View File

@ -234,6 +234,14 @@ func OnBoardUser(u *models.User) error {
}
if created {
u.UserID = int(id)
// current orm framework doesn't support to fetch a pointer or sql.NullString with QueryRow
// https://github.com/astaxie/beego/issues/3767
if len(u.Email) == 0 {
_, err = o.Raw("update harbor_user set email = null where user_id = ? ", id).Exec()
if err != nil {
return err
}
}
} else {
existing, err := GetUser(*u)
if err != nil {

View File

@ -90,3 +90,23 @@ func TestOnBoardUser(t *testing.T) {
assert.True(u.UserID == id)
CleanUser(int64(id))
}
func TestOnBoardUser_EmptyEmail(t *testing.T) {
assert := assert.New(t)
u := &models.User{
Username: "empty_email",
Password: "password1",
Realname: "empty_email",
}
err := OnBoardUser(u)
assert.Nil(err)
id := u.UserID
assert.True(id > 0)
err = OnBoardUser(u)
assert.Nil(err)
assert.True(u.UserID == id)
assert.Equal("", u.Email)
user, err := GetUser(models.User{Username: "empty_email"})
assert.Equal("", user.Email)
CleanUser(int64(id))
}

View File

@ -211,8 +211,6 @@ func (a *Auth) fillInModel(u *models.User) error {
u.Comment = userEntryComment
if strings.Contains(u.Username, "@") {
u.Email = u.Username
} else {
u.Email = fmt.Sprintf("%s@placeholder.com", u.Username)
}
return nil
}

View File

@ -154,7 +154,7 @@ func TestAuth_PostAuthenticate(t *testing.T) {
},
expect: models.User{
Username: "jt",
Email: "jt@placeholder.com",
Email: "",
Realname: "jt",
Password: pwd,
Comment: userEntryComment,

View File

@ -124,8 +124,6 @@ func (l *Auth) OnBoardUser(u *models.User) error {
if u.Email == "" {
if strings.Contains(u.Username, "@") {
u.Email = u.Username
} else {
u.Email = u.Username + "@placeholder.com"
}
}
u.Password = "12345678AbC" // Password is not kept in local db

View File

@ -224,7 +224,7 @@ func TestOnBoardUser_02(t *testing.T) {
t.Errorf("Failed to onboard user")
}
assert.Equal(t, "sample02@placeholder.com", user.Email)
assert.Equal(t, "", user.Email)
dao.CleanUser(int64(user.UserID))
}

View File

@ -77,9 +77,8 @@ func fillEmailRealName(user *models.User) {
if len(user.Realname) == 0 {
user.Realname = user.Username
}
if len(user.Email) == 0 {
// TODO: handle the case when user.Username itself is an email address.
user.Email = user.Username + "@uaa.placeholder"
if len(user.Email) == 0 && strings.Contains(user.Username, "@") {
user.Email = user.Username
}
}

View File

@ -110,7 +110,7 @@ func TestOnBoardUser(t *testing.T) {
user, _ := dao.GetUser(models.User{Username: "test"})
assert.Equal("test", user.Realname)
assert.Equal("test", user.Username)
assert.Equal("test@uaa.placeholder", user.Email)
assert.Equal("", user.Email)
err3 := dao.ClearTable(models.UserTable)
assert.Nil(err3)
}
@ -128,7 +128,7 @@ func TestPostAuthenticate(t *testing.T) {
}
assert.Nil(err)
user, _ := dao.GetUser(models.User{Username: "test"})
assert.Equal("test@uaa.placeholder", user.Email)
assert.Equal("", user.Email)
um2.Email = "newEmail@new.com"
um2.Realname = "newName"
err2 := auth.PostAuthenticate(um2)
@ -145,7 +145,7 @@ func TestPostAuthenticate(t *testing.T) {
assert.Nil(err3)
user3, _ := dao.GetUser(models.User{Username: "test"})
assert.Equal(user3.UserID, um3.UserID)
assert.Equal("test@uaa.placeholder", user3.Email)
assert.Equal("", user3.Email)
assert.Equal("test", user3.Realname)
err4 := dao.ClearTable(models.UserTable)
assert.Nil(err4)

View File

@ -17,6 +17,9 @@ package controllers
import (
"encoding/json"
"fmt"
"net/http"
"strings"
"github.com/goharbor/harbor/src/common"
"github.com/goharbor/harbor/src/common/dao"
"github.com/goharbor/harbor/src/common/models"
@ -26,8 +29,6 @@ import (
"github.com/goharbor/harbor/src/core/api"
"github.com/goharbor/harbor/src/core/config"
"github.com/pkg/errors"
"net/http"
"strings"
)
const tokenKey = "oidc_token"
@ -189,9 +190,6 @@ func (oc *OIDCController) Onboard() {
}
email := d.Email
if email == "" {
email = utils.GenerateRandomString() + "@placeholder.com"
}
user := models.User{
Username: username,
Realname: d.Username,