From 471567b3baf20ea6adae6ba55f32fc5bf99ca409 Mon Sep 17 00:00:00 2001
From: Solomon Victorino <git@solomonvictorino.com>
Date: Wed, 28 Aug 2024 16:56:35 -0600
Subject: fix: use ValidateEmail as binding across web forms

---
 services/auth/source/pam/source_authenticate.go | 5 +++--
 services/doctor/breaking.go                     | 5 +++--
 services/forms/admin.go                         | 4 ++--
 services/forms/user_form.go                     | 8 ++++----
 services/forms/user_form_auth_openid.go         | 2 +-
 services/user/email.go                          | 7 ++++---
 6 files changed, 17 insertions(+), 14 deletions(-)

(limited to 'services')

diff --git a/services/auth/source/pam/source_authenticate.go b/services/auth/source/pam/source_authenticate.go
index addd1bd2c9..0df0b2bca1 100644
--- a/services/auth/source/pam/source_authenticate.go
+++ b/services/auth/source/pam/source_authenticate.go
@@ -13,6 +13,7 @@ import (
 	"code.gitea.io/gitea/modules/auth/pam"
 	"code.gitea.io/gitea/modules/optional"
 	"code.gitea.io/gitea/modules/setting"
+	"code.gitea.io/gitea/modules/validation"
 
 	"github.com/google/uuid"
 )
@@ -39,13 +40,13 @@ func (source *Source) Authenticate(ctx context.Context, user *user_model.User, u
 	if idx > -1 {
 		username = pamLogin[:idx]
 	}
-	if user_model.ValidateEmail(email) != nil {
+	if validation.ValidateEmail(email) != nil {
 		if source.EmailDomain != "" {
 			email = fmt.Sprintf("%s@%s", username, source.EmailDomain)
 		} else {
 			email = fmt.Sprintf("%s@%s", username, setting.Service.NoReplyAddress)
 		}
-		if user_model.ValidateEmail(email) != nil {
+		if validation.ValidateEmail(email) != nil {
 			email = uuid.New().String() + "@localhost"
 		}
 	}
diff --git a/services/doctor/breaking.go b/services/doctor/breaking.go
index 77e3d4e8ef..683ec97389 100644
--- a/services/doctor/breaking.go
+++ b/services/doctor/breaking.go
@@ -10,6 +10,7 @@ import (
 	"code.gitea.io/gitea/models/db"
 	"code.gitea.io/gitea/models/user"
 	"code.gitea.io/gitea/modules/log"
+	"code.gitea.io/gitea/modules/validation"
 
 	"xorm.io/builder"
 )
@@ -31,7 +32,7 @@ func iterateUserAccounts(ctx context.Context, each func(*user.User) error) error
 func checkUserEmail(ctx context.Context, logger log.Logger, _ bool) error {
 	// We could use quirky SQL to get all users that start without a [a-zA-Z0-9], but that would mean
 	// DB provider-specific SQL and only works _now_. So instead we iterate through all user accounts
-	// and use the user.ValidateEmail function to be future-proof.
+	// and use the validation.ValidateEmail function to be future-proof.
 	var invalidUserCount int64
 	if err := iterateUserAccounts(ctx, func(u *user.User) error {
 		// Only check for users, skip
@@ -39,7 +40,7 @@ func checkUserEmail(ctx context.Context, logger log.Logger, _ bool) error {
 			return nil
 		}
 
-		if err := user.ValidateEmail(u.Email); err != nil {
+		if err := validation.ValidateEmail(u.Email); err != nil {
 			invalidUserCount++
 			logger.Warn("User[id=%d name=%q] have not a valid e-mail: %v", u.ID, u.Name, err)
 		}
diff --git a/services/forms/admin.go b/services/forms/admin.go
index 7d46904440..d71fc076fc 100644
--- a/services/forms/admin.go
+++ b/services/forms/admin.go
@@ -18,7 +18,7 @@ type AdminCreateUserForm struct {
 	LoginType          string `binding:"Required"`
 	LoginName          string
 	UserName           string `binding:"Required;Username;MaxSize(40)"`
-	Email              string `binding:"Required;Email;MaxSize(254)"`
+	Email              string `binding:"Required;EmailForAdmin;MaxSize(254)"`
 	Password           string `binding:"MaxSize(255)"`
 	SendNotify         bool
 	MustChangePassword bool
@@ -37,7 +37,7 @@ type AdminEditUserForm struct {
 	UserName                string `binding:"Username;MaxSize(40)"`
 	LoginName               string
 	FullName                string `binding:"MaxSize(100)"`
-	Email                   string `binding:"Required;Email;MaxSize(254)"`
+	Email                   string `binding:"Required;EmailForAdmin;MaxSize(254)"`
 	Password                string `binding:"MaxSize(255)"`
 	Website                 string `binding:"ValidUrl;MaxSize(255)"`
 	Location                string `binding:"MaxSize(50)"`
diff --git a/services/forms/user_form.go b/services/forms/user_form.go
index cc93b27e2a..67c8f00715 100644
--- a/services/forms/user_form.go
+++ b/services/forms/user_form.go
@@ -10,9 +10,9 @@ import (
 	"strings"
 
 	auth_model "code.gitea.io/gitea/models/auth"
-	user_model "code.gitea.io/gitea/models/user"
 	"code.gitea.io/gitea/modules/setting"
 	"code.gitea.io/gitea/modules/structs"
+	"code.gitea.io/gitea/modules/validation"
 	"code.gitea.io/gitea/modules/web/middleware"
 	"code.gitea.io/gitea/services/context"
 
@@ -110,7 +110,7 @@ func (f *RegisterForm) Validate(req *http.Request, errs binding.Errors) binding.
 // domains in the whitelist or if it doesn't match any of
 // domains in the blocklist, if any such list is not empty.
 func (f *RegisterForm) IsEmailDomainAllowed() bool {
-	return user_model.IsEmailDomainAllowed(f.Email)
+	return validation.IsEmailDomainAllowed(f.Email)
 }
 
 // MustChangePasswordForm form for updating your password after account creation
@@ -258,7 +258,7 @@ const (
 type AvatarForm struct {
 	Source      string
 	Avatar      *multipart.FileHeader
-	Gravatar    string `binding:"OmitEmpty;Email;MaxSize(254)"`
+	Gravatar    string `binding:"OmitEmpty;EmailWithAllowedDomain;MaxSize(254)"`
 	Federavatar bool
 }
 
@@ -270,7 +270,7 @@ func (f *AvatarForm) Validate(req *http.Request, errs binding.Errors) binding.Er
 
 // AddEmailForm form for adding new email
 type AddEmailForm struct {
-	Email string `binding:"Required;Email;MaxSize(254)"`
+	Email string `binding:"Required;EmailWithAllowedDomain;MaxSize(254)"`
 }
 
 // Validate validates the fields
diff --git a/services/forms/user_form_auth_openid.go b/services/forms/user_form_auth_openid.go
index ca1c77e320..595bfecad9 100644
--- a/services/forms/user_form_auth_openid.go
+++ b/services/forms/user_form_auth_openid.go
@@ -27,7 +27,7 @@ func (f *SignInOpenIDForm) Validate(req *http.Request, errs binding.Errors) bind
 // SignUpOpenIDForm form for signin up with OpenID
 type SignUpOpenIDForm struct {
 	UserName string `binding:"Required;Username;MaxSize(40)"`
-	Email    string `binding:"Required;Email;MaxSize(254)"`
+	Email    string `binding:"Required;EmailWithAllowedDomain;MaxSize(254)"`
 }
 
 // Validate validates the fields
diff --git a/services/user/email.go b/services/user/email.go
index e8725267f4..31404aadaa 100644
--- a/services/user/email.go
+++ b/services/user/email.go
@@ -12,6 +12,7 @@ import (
 	user_model "code.gitea.io/gitea/models/user"
 	"code.gitea.io/gitea/modules/setting"
 	"code.gitea.io/gitea/modules/util"
+	"code.gitea.io/gitea/modules/validation"
 	"code.gitea.io/gitea/services/mailer"
 )
 
@@ -21,7 +22,7 @@ func AdminAddOrSetPrimaryEmailAddress(ctx context.Context, u *user_model.User, e
 		return nil
 	}
 
-	if err := user_model.ValidateEmailForAdmin(emailStr); err != nil {
+	if err := validation.ValidateEmailForAdmin(emailStr); err != nil {
 		return err
 	}
 
@@ -74,7 +75,7 @@ func ReplacePrimaryEmailAddress(ctx context.Context, u *user_model.User, emailSt
 		return nil
 	}
 
-	if err := user_model.ValidateEmail(emailStr); err != nil {
+	if err := validation.ValidateEmail(emailStr); err != nil {
 		return err
 	}
 
@@ -119,7 +120,7 @@ func ReplacePrimaryEmailAddress(ctx context.Context, u *user_model.User, emailSt
 
 func AddEmailAddresses(ctx context.Context, u *user_model.User, emails []string) error {
 	for _, emailStr := range emails {
-		if err := user_model.ValidateEmail(emailStr); err != nil {
+		if err := validation.ValidateEmail(emailStr); err != nil {
 			return err
 		}
 
-- 
cgit v1.2.3