From 994830b32e94b51df2711a10b11db788b6c96889 Mon Sep 17 00:00:00 2001 From: techknowlogick Date: Sun, 9 Apr 2023 15:55:41 -0400 Subject: [PATCH 1/8] Add new user type of reserved. This allows for usernames, and emails to be reserved and not reused. --- models/user/user.go | 3 +++ 1 file changed, 3 insertions(+) diff --git a/models/user/user.go b/models/user/user.go index 82c2d3b6cdc10..30276a97069b9 100644 --- a/models/user/user.go +++ b/models/user/user.go @@ -41,6 +41,9 @@ const ( // UserTypeOrganization defines an organization UserTypeOrganization + + // UserTypeReserved defines a reserved user, which is used for internal purposes + UserTypeReserved ) const ( From fc750f1db52f4a4970f20e2d176ca44d0f5e6f2e Mon Sep 17 00:00:00 2001 From: techknowlogick Date: Mon, 10 Apr 2023 20:01:39 -0400 Subject: [PATCH 2/8] Update models/user/user.go Co-authored-by: delvh --- models/user/user.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/models/user/user.go b/models/user/user.go index 30276a97069b9..e48aeaf8ac088 100644 --- a/models/user/user.go +++ b/models/user/user.go @@ -42,7 +42,7 @@ const ( // UserTypeOrganization defines an organization UserTypeOrganization - // UserTypeReserved defines a reserved user, which is used for internal purposes + // UserTypeReserved reserves a (non-existing) user, i.e. to prevent a spam user from re-registering after being deleted, or to reserve the name until the user is actually created later on UserTypeReserved ) From fef20868529850c581b0da281707197186e22243 Mon Sep 17 00:00:00 2001 From: techknowlogick Date: Tue, 11 Apr 2023 17:04:35 -0400 Subject: [PATCH 3/8] add enum type for reserved orgs --- models/user/user.go | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/models/user/user.go b/models/user/user.go index e48aeaf8ac088..5f8f514753ee7 100644 --- a/models/user/user.go +++ b/models/user/user.go @@ -42,8 +42,11 @@ const ( // UserTypeOrganization defines an organization UserTypeOrganization - // UserTypeReserved reserves a (non-existing) user, i.e. to prevent a spam user from re-registering after being deleted, or to reserve the name until the user is actually created later on - UserTypeReserved + // UserTypeReserved reserves a (non-existing) user, i.e. to prevent a spam user from re-registering after being deleted, or to reserve the name until the user is actually created later on + UserTypeUserReserved + + // UserTypeReserved reserves a (non-existing) organization, used with user reserved type as it allows for conversion back to a regular organization + UserTypeOrganizationReserved ) const ( From 00385236dd49891e4f52c5a837be303b169181b4 Mon Sep 17 00:00:00 2001 From: techknowlogick Date: Tue, 11 Apr 2023 17:19:28 -0400 Subject: [PATCH 4/8] revert change --- models/user/user.go | 3 --- 1 file changed, 3 deletions(-) diff --git a/models/user/user.go b/models/user/user.go index 5f8f514753ee7..2b028b218085f 100644 --- a/models/user/user.go +++ b/models/user/user.go @@ -44,9 +44,6 @@ const ( // UserTypeReserved reserves a (non-existing) user, i.e. to prevent a spam user from re-registering after being deleted, or to reserve the name until the user is actually created later on UserTypeUserReserved - - // UserTypeReserved reserves a (non-existing) organization, used with user reserved type as it allows for conversion back to a regular organization - UserTypeOrganizationReserved ) const ( From a4b1bf1c317f4b29baf26908819ef76a4f74e9ff Mon Sep 17 00:00:00 2001 From: techknowlogick Date: Wed, 12 Apr 2023 17:20:13 -0400 Subject: [PATCH 5/8] don't allow login as non-users --- models/user/user.go | 4 +++- services/auth/source/db/authenticate.go | 8 ++++++++ 2 files changed, 11 insertions(+), 1 deletion(-) diff --git a/models/user/user.go b/models/user/user.go index 2b028b218085f..9e8902764bb8c 100644 --- a/models/user/user.go +++ b/models/user/user.go @@ -315,6 +315,7 @@ func GetUserFollowers(ctx context.Context, u, viewer *User, listOptions db.ListO Select("`user`.*"). Join("LEFT", "follow", "`user`.id=follow.user_id"). Where("follow.follow_id=?", u.ID). + And("`user`.type=?", UserTypeIndividual). And(isUserVisibleToViewerCond(viewer)) if listOptions.Page != 0 { @@ -336,6 +337,7 @@ func GetUserFollowing(ctx context.Context, u, viewer *User, listOptions db.ListO Select("`user`.*"). Join("LEFT", "follow", "`user`.id=follow.follow_id"). Where("follow.user_id=?", u.ID). + And("`user`.type=?", UserTypeIndividual). And(isUserVisibleToViewerCond(viewer)) if listOptions.Page != 0 { @@ -961,7 +963,7 @@ func GetUserByName(ctx context.Context, name string) (*User, error) { if len(name) == 0 { return nil, ErrUserNotExist{0, name, 0} } - u := &User{LowerName: strings.ToLower(name)} + u := &User{LowerName: strings.ToLower(name), Type: UserTypeIndividual} has, err := db.GetEngine(ctx).Get(u) if err != nil { return nil, err diff --git a/services/auth/source/db/authenticate.go b/services/auth/source/db/authenticate.go index ec89984499862..73d9f491a4009 100644 --- a/services/auth/source/db/authenticate.go +++ b/services/auth/source/db/authenticate.go @@ -40,5 +40,13 @@ func Authenticate(user *user_model.User, login, password string) (*user_model.Us } } + // attempting to login as a non-user account + if user.Type != 0 { + return nil, user_model.ErrUserProhibitLogin{ + UID: user.ID, + Name: user.Name, + } + } + return user, nil } From fcd148a0368aff00740e5a2091efb471ff3fd3b0 Mon Sep 17 00:00:00 2001 From: techknowlogick Date: Wed, 12 Apr 2023 13:20:38 -0400 Subject: [PATCH 6/8] use enum --- services/auth/source/db/authenticate.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/services/auth/source/db/authenticate.go b/services/auth/source/db/authenticate.go index 73d9f491a4009..76445e0d6d53d 100644 --- a/services/auth/source/db/authenticate.go +++ b/services/auth/source/db/authenticate.go @@ -41,7 +41,7 @@ func Authenticate(user *user_model.User, login, password string) (*user_model.Us } // attempting to login as a non-user account - if user.Type != 0 { + if user.Type != user_model.UserTypeIndividual { return nil, user_model.ErrUserProhibitLogin{ UID: user.ID, Name: user.Name, From c0059d49ba1b5944f21dbf9e84d1bc0463c7b5c5 Mon Sep 17 00:00:00 2001 From: techknowlogick Date: Fri, 14 Apr 2023 10:39:45 -0400 Subject: [PATCH 7/8] add in some additional user types for future use --- models/user/user.go | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/models/user/user.go b/models/user/user.go index 09ad4d61380dc..1a2424f49bf34 100644 --- a/models/user/user.go +++ b/models/user/user.go @@ -44,6 +44,15 @@ const ( // UserTypeReserved reserves a (non-existing) user, i.e. to prevent a spam user from re-registering after being deleted, or to reserve the name until the user is actually created later on UserTypeUserReserved + + // UserTypeOrganizationReserved reserves a (non-existing) organization, to be used in combination with UserTypeUserReserved + UserTypeOrganizationReserved + + // UserTypeBot defines a bot user + UserTypeBot + + // UserTypeRemoteUser defines a remote user for fedarated users + UserTypeRemoteUser ) const ( From 3d0691288921fba3b7edfe7b4e8e04644cca3a58 Mon Sep 17 00:00:00 2001 From: John Olheiser Date: Mon, 17 Apr 2023 10:37:55 -0500 Subject: [PATCH 8/8] chore: typo --- models/user/user.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/models/user/user.go b/models/user/user.go index 1a2424f49bf34..5f152780bff04 100644 --- a/models/user/user.go +++ b/models/user/user.go @@ -51,7 +51,7 @@ const ( // UserTypeBot defines a bot user UserTypeBot - // UserTypeRemoteUser defines a remote user for fedarated users + // UserTypeRemoteUser defines a remote user for federated users UserTypeRemoteUser )