setting.go 17 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531532533534535536537538539540541542543544545546547548549550551552553554555556557558559560561562563564565566567568569570571572573574575576577578579580581582583584585586587588589590591592593594595596597598599600601602603604605606607608609610611612613614615616617618619620621622623624625626627628629630631632633634635636637638639640641642643644645646647648649650651652653654655656657658659660661662663664665666667668669
  1. // Copyright 2014 The Gogs Authors. All rights reserved.
  2. // Use of this source code is governed by a MIT-style
  3. // license that can be found in the LICENSE file.
  4. package user
  5. import (
  6. "bytes"
  7. "encoding/base64"
  8. "fmt"
  9. "html/template"
  10. "image/png"
  11. "io/ioutil"
  12. "strings"
  13. "github.com/pquerna/otp"
  14. "github.com/pquerna/otp/totp"
  15. "github.com/unknwon/com"
  16. log "gopkg.in/clog.v1"
  17. "gogs.io/gogs/internal/context"
  18. "gogs.io/gogs/internal/db"
  19. "gogs.io/gogs/internal/db/errors"
  20. "gogs.io/gogs/internal/form"
  21. "gogs.io/gogs/internal/mailer"
  22. "gogs.io/gogs/internal/setting"
  23. "gogs.io/gogs/internal/tool"
  24. )
  25. const (
  26. SETTINGS_PROFILE = "user/settings/profile"
  27. SETTINGS_AVATAR = "user/settings/avatar"
  28. SETTINGS_PASSWORD = "user/settings/password"
  29. SETTINGS_EMAILS = "user/settings/email"
  30. SETTINGS_SSH_KEYS = "user/settings/sshkeys"
  31. SETTINGS_SECURITY = "user/settings/security"
  32. SETTINGS_TWO_FACTOR_ENABLE = "user/settings/two_factor_enable"
  33. SETTINGS_TWO_FACTOR_RECOVERY_CODES = "user/settings/two_factor_recovery_codes"
  34. SETTINGS_REPOSITORIES = "user/settings/repositories"
  35. SETTINGS_ORGANIZATIONS = "user/settings/organizations"
  36. SETTINGS_APPLICATIONS = "user/settings/applications"
  37. SETTINGS_DELETE = "user/settings/delete"
  38. NOTIFICATION = "user/notification"
  39. )
  40. func Settings(c *context.Context) {
  41. c.Title("settings.profile")
  42. c.PageIs("SettingsProfile")
  43. c.Data["origin_name"] = c.User.Name
  44. c.Data["name"] = c.User.Name
  45. c.Data["full_name"] = c.User.FullName
  46. c.Data["email"] = c.User.Email
  47. c.Data["website"] = c.User.Website
  48. c.Data["location"] = c.User.Location
  49. c.Success(SETTINGS_PROFILE)
  50. }
  51. func SettingsPost(c *context.Context, f form.UpdateProfile) {
  52. c.Title("settings.profile")
  53. c.PageIs("SettingsProfile")
  54. c.Data["origin_name"] = c.User.Name
  55. if c.HasError() {
  56. c.Success(SETTINGS_PROFILE)
  57. return
  58. }
  59. // Non-local users are not allowed to change their username
  60. if c.User.IsLocal() {
  61. // Check if username characters have been changed
  62. if c.User.LowerName != strings.ToLower(f.Name) {
  63. if err := db.ChangeUserName(c.User, f.Name); err != nil {
  64. c.FormErr("Name")
  65. var msg string
  66. switch {
  67. case db.IsErrUserAlreadyExist(err):
  68. msg = c.Tr("form.username_been_taken")
  69. case db.IsErrEmailAlreadyUsed(err):
  70. msg = c.Tr("form.email_been_used")
  71. case db.IsErrNameReserved(err):
  72. msg = c.Tr("form.name_reserved")
  73. case db.IsErrNamePatternNotAllowed(err):
  74. msg = c.Tr("form.name_pattern_not_allowed")
  75. default:
  76. c.ServerError("ChangeUserName", err)
  77. return
  78. }
  79. c.RenderWithErr(msg, SETTINGS_PROFILE, &f)
  80. return
  81. }
  82. log.Trace("Username changed: %s -> %s", c.User.Name, f.Name)
  83. }
  84. // In case it's just a case change
  85. c.User.Name = f.Name
  86. c.User.LowerName = strings.ToLower(f.Name)
  87. }
  88. c.User.FullName = f.FullName
  89. c.User.Email = f.Email
  90. c.User.Website = f.Website
  91. c.User.Location = f.Location
  92. if err := db.UpdateUser(c.User); err != nil {
  93. c.ServerError("UpdateUser", err)
  94. return
  95. }
  96. c.Flash.Success(c.Tr("settings.update_profile_success"))
  97. c.SubURLRedirect("/user/settings")
  98. }
  99. // FIXME: limit upload size
  100. func UpdateAvatarSetting(c *context.Context, f form.Avatar, ctxUser *db.User) error {
  101. ctxUser.UseCustomAvatar = f.Source == form.AVATAR_LOCAL
  102. if len(f.Gravatar) > 0 {
  103. ctxUser.Avatar = tool.MD5(f.Gravatar)
  104. ctxUser.AvatarEmail = f.Gravatar
  105. }
  106. if f.Avatar != nil && f.Avatar.Filename != "" {
  107. r, err := f.Avatar.Open()
  108. if err != nil {
  109. return fmt.Errorf("open avatar reader: %v", err)
  110. }
  111. defer r.Close()
  112. data, err := ioutil.ReadAll(r)
  113. if err != nil {
  114. return fmt.Errorf("read avatar content: %v", err)
  115. }
  116. if !tool.IsImageFile(data) {
  117. return errors.New(c.Tr("settings.uploaded_avatar_not_a_image"))
  118. }
  119. if err = ctxUser.UploadAvatar(data); err != nil {
  120. return fmt.Errorf("upload avatar: %v", err)
  121. }
  122. } else {
  123. // No avatar is uploaded but setting has been changed to enable,
  124. // generate a random one when needed.
  125. if ctxUser.UseCustomAvatar && !com.IsFile(ctxUser.CustomAvatarPath()) {
  126. if err := ctxUser.GenerateRandomAvatar(); err != nil {
  127. log.Error(2, "generate random avatar [%d]: %v", ctxUser.ID, err)
  128. }
  129. }
  130. }
  131. if err := db.UpdateUser(ctxUser); err != nil {
  132. return fmt.Errorf("update user: %v", err)
  133. }
  134. return nil
  135. }
  136. func SettingsAvatar(c *context.Context) {
  137. c.Title("settings.avatar")
  138. c.PageIs("SettingsAvatar")
  139. c.Success(SETTINGS_AVATAR)
  140. }
  141. func SettingsAvatarPost(c *context.Context, f form.Avatar) {
  142. if err := UpdateAvatarSetting(c, f, c.User); err != nil {
  143. c.Flash.Error(err.Error())
  144. } else {
  145. c.Flash.Success(c.Tr("settings.update_avatar_success"))
  146. }
  147. c.SubURLRedirect("/user/settings/avatar")
  148. }
  149. func SettingsDeleteAvatar(c *context.Context) {
  150. if err := c.User.DeleteAvatar(); err != nil {
  151. c.Flash.Error(fmt.Sprintf("Failed to delete avatar: %v", err))
  152. }
  153. c.SubURLRedirect("/user/settings/avatar")
  154. }
  155. func SettingsPassword(c *context.Context) {
  156. c.Title("settings.password")
  157. c.PageIs("SettingsPassword")
  158. c.Success(SETTINGS_PASSWORD)
  159. }
  160. func SettingsPasswordPost(c *context.Context, f form.ChangePassword) {
  161. c.Title("settings.password")
  162. c.PageIs("SettingsPassword")
  163. if c.HasError() {
  164. c.Success(SETTINGS_PASSWORD)
  165. return
  166. }
  167. if !c.User.ValidatePassword(f.OldPassword) {
  168. c.Flash.Error(c.Tr("settings.password_incorrect"))
  169. } else if f.Password != f.Retype {
  170. c.Flash.Error(c.Tr("form.password_not_match"))
  171. } else {
  172. c.User.Passwd = f.Password
  173. var err error
  174. if c.User.Salt, err = db.GetUserSalt(); err != nil {
  175. c.ServerError("GetUserSalt", err)
  176. return
  177. }
  178. c.User.EncodePasswd()
  179. if err := db.UpdateUser(c.User); err != nil {
  180. c.ServerError("UpdateUser", err)
  181. return
  182. }
  183. c.Flash.Success(c.Tr("settings.change_password_success"))
  184. }
  185. c.SubURLRedirect("/user/settings/password")
  186. }
  187. func SettingsEmails(c *context.Context) {
  188. c.Title("settings.emails")
  189. c.PageIs("SettingsEmails")
  190. emails, err := db.GetEmailAddresses(c.User.ID)
  191. if err != nil {
  192. c.ServerError("GetEmailAddresses", err)
  193. return
  194. }
  195. c.Data["Emails"] = emails
  196. c.Success(SETTINGS_EMAILS)
  197. }
  198. func SettingsEmailPost(c *context.Context, f form.AddEmail) {
  199. c.Title("settings.emails")
  200. c.PageIs("SettingsEmails")
  201. // Make emailaddress primary.
  202. if c.Query("_method") == "PRIMARY" {
  203. if err := db.MakeEmailPrimary(&db.EmailAddress{ID: c.QueryInt64("id")}); err != nil {
  204. c.ServerError("MakeEmailPrimary", err)
  205. return
  206. }
  207. c.SubURLRedirect("/user/settings/email")
  208. return
  209. }
  210. // Add Email address.
  211. emails, err := db.GetEmailAddresses(c.User.ID)
  212. if err != nil {
  213. c.ServerError("GetEmailAddresses", err)
  214. return
  215. }
  216. c.Data["Emails"] = emails
  217. if c.HasError() {
  218. c.Success(SETTINGS_EMAILS)
  219. return
  220. }
  221. email := &db.EmailAddress{
  222. UID: c.User.ID,
  223. Email: f.Email,
  224. IsActivated: !setting.Service.RegisterEmailConfirm,
  225. }
  226. if err := db.AddEmailAddress(email); err != nil {
  227. if db.IsErrEmailAlreadyUsed(err) {
  228. c.RenderWithErr(c.Tr("form.email_been_used"), SETTINGS_EMAILS, &f)
  229. } else {
  230. c.ServerError("AddEmailAddress", err)
  231. }
  232. return
  233. }
  234. // Send confirmation email
  235. if setting.Service.RegisterEmailConfirm {
  236. mailer.SendActivateEmailMail(c.Context, db.NewMailerUser(c.User), email.Email)
  237. if err := c.Cache.Put("MailResendLimit_"+c.User.LowerName, c.User.LowerName, 180); err != nil {
  238. log.Error(2, "Set cache 'MailResendLimit' failed: %v", err)
  239. }
  240. c.Flash.Info(c.Tr("settings.add_email_confirmation_sent", email.Email, setting.Service.ActiveCodeLives/60))
  241. } else {
  242. c.Flash.Success(c.Tr("settings.add_email_success"))
  243. }
  244. c.SubURLRedirect("/user/settings/email")
  245. }
  246. func DeleteEmail(c *context.Context) {
  247. if err := db.DeleteEmailAddress(&db.EmailAddress{
  248. ID: c.QueryInt64("id"),
  249. UID: c.User.ID,
  250. }); err != nil {
  251. c.ServerError("DeleteEmailAddress", err)
  252. return
  253. }
  254. c.Flash.Success(c.Tr("settings.email_deletion_success"))
  255. c.JSONSuccess(map[string]interface{}{
  256. "redirect": setting.AppSubURL + "/user/settings/email",
  257. })
  258. }
  259. func SettingsSSHKeys(c *context.Context) {
  260. c.Title("settings.ssh_keys")
  261. c.PageIs("SettingsSSHKeys")
  262. keys, err := db.ListPublicKeys(c.User.ID)
  263. if err != nil {
  264. c.ServerError("ListPublicKeys", err)
  265. return
  266. }
  267. c.Data["Keys"] = keys
  268. c.Success(SETTINGS_SSH_KEYS)
  269. }
  270. func SettingsSSHKeysPost(c *context.Context, f form.AddSSHKey) {
  271. c.Title("settings.ssh_keys")
  272. c.PageIs("SettingsSSHKeys")
  273. keys, err := db.ListPublicKeys(c.User.ID)
  274. if err != nil {
  275. c.ServerError("ListPublicKeys", err)
  276. return
  277. }
  278. c.Data["Keys"] = keys
  279. if c.HasError() {
  280. c.Success(SETTINGS_SSH_KEYS)
  281. return
  282. }
  283. content, err := db.CheckPublicKeyString(f.Content)
  284. if err != nil {
  285. if db.IsErrKeyUnableVerify(err) {
  286. c.Flash.Info(c.Tr("form.unable_verify_ssh_key"))
  287. } else {
  288. c.Flash.Error(c.Tr("form.invalid_ssh_key", err.Error()))
  289. c.SubURLRedirect("/user/settings/ssh")
  290. return
  291. }
  292. }
  293. if _, err = db.AddPublicKey(c.User.ID, f.Title, content); err != nil {
  294. c.Data["HasError"] = true
  295. switch {
  296. case db.IsErrKeyAlreadyExist(err):
  297. c.FormErr("Content")
  298. c.RenderWithErr(c.Tr("settings.ssh_key_been_used"), SETTINGS_SSH_KEYS, &f)
  299. case db.IsErrKeyNameAlreadyUsed(err):
  300. c.FormErr("Title")
  301. c.RenderWithErr(c.Tr("settings.ssh_key_name_used"), SETTINGS_SSH_KEYS, &f)
  302. default:
  303. c.ServerError("AddPublicKey", err)
  304. }
  305. return
  306. }
  307. c.Flash.Success(c.Tr("settings.add_key_success", f.Title))
  308. c.SubURLRedirect("/user/settings/ssh")
  309. }
  310. func DeleteSSHKey(c *context.Context) {
  311. if err := db.DeletePublicKey(c.User, c.QueryInt64("id")); err != nil {
  312. c.Flash.Error("DeletePublicKey: " + err.Error())
  313. } else {
  314. c.Flash.Success(c.Tr("settings.ssh_key_deletion_success"))
  315. }
  316. c.JSONSuccess(map[string]interface{}{
  317. "redirect": setting.AppSubURL + "/user/settings/ssh",
  318. })
  319. }
  320. func SettingsSecurity(c *context.Context) {
  321. c.Title("settings.security")
  322. c.PageIs("SettingsSecurity")
  323. t, err := db.GetTwoFactorByUserID(c.UserID())
  324. if err != nil && !errors.IsTwoFactorNotFound(err) {
  325. c.ServerError("GetTwoFactorByUserID", err)
  326. return
  327. }
  328. c.Data["TwoFactor"] = t
  329. c.Success(SETTINGS_SECURITY)
  330. }
  331. func SettingsTwoFactorEnable(c *context.Context) {
  332. if c.User.IsEnabledTwoFactor() {
  333. c.NotFound()
  334. return
  335. }
  336. c.Title("settings.two_factor_enable_title")
  337. c.PageIs("SettingsSecurity")
  338. var key *otp.Key
  339. var err error
  340. keyURL := c.Session.Get("twoFactorURL")
  341. if keyURL != nil {
  342. key, _ = otp.NewKeyFromURL(keyURL.(string))
  343. }
  344. if key == nil {
  345. key, err = totp.Generate(totp.GenerateOpts{
  346. Issuer: setting.AppName,
  347. AccountName: c.User.Email,
  348. })
  349. if err != nil {
  350. c.ServerError("Generate", err)
  351. return
  352. }
  353. }
  354. c.Data["TwoFactorSecret"] = key.Secret()
  355. img, err := key.Image(240, 240)
  356. if err != nil {
  357. c.ServerError("Image", err)
  358. return
  359. }
  360. var buf bytes.Buffer
  361. if err = png.Encode(&buf, img); err != nil {
  362. c.ServerError("Encode", err)
  363. return
  364. }
  365. c.Data["QRCode"] = template.URL("data:image/png;base64," + base64.StdEncoding.EncodeToString(buf.Bytes()))
  366. c.Session.Set("twoFactorSecret", c.Data["TwoFactorSecret"])
  367. c.Session.Set("twoFactorURL", key.String())
  368. c.Success(SETTINGS_TWO_FACTOR_ENABLE)
  369. }
  370. func SettingsTwoFactorEnablePost(c *context.Context) {
  371. secret, ok := c.Session.Get("twoFactorSecret").(string)
  372. if !ok {
  373. c.NotFound()
  374. return
  375. }
  376. if !totp.Validate(c.Query("passcode"), secret) {
  377. c.Flash.Error(c.Tr("settings.two_factor_invalid_passcode"))
  378. c.SubURLRedirect("/user/settings/security/two_factor_enable")
  379. return
  380. }
  381. if err := db.NewTwoFactor(c.UserID(), secret); err != nil {
  382. c.Flash.Error(c.Tr("settings.two_factor_enable_error", err))
  383. c.SubURLRedirect("/user/settings/security/two_factor_enable")
  384. return
  385. }
  386. c.Session.Delete("twoFactorSecret")
  387. c.Session.Delete("twoFactorURL")
  388. c.Flash.Success(c.Tr("settings.two_factor_enable_success"))
  389. c.SubURLRedirect("/user/settings/security/two_factor_recovery_codes")
  390. }
  391. func SettingsTwoFactorRecoveryCodes(c *context.Context) {
  392. if !c.User.IsEnabledTwoFactor() {
  393. c.NotFound()
  394. return
  395. }
  396. c.Title("settings.two_factor_recovery_codes_title")
  397. c.PageIs("SettingsSecurity")
  398. recoveryCodes, err := db.GetRecoveryCodesByUserID(c.UserID())
  399. if err != nil {
  400. c.ServerError("GetRecoveryCodesByUserID", err)
  401. return
  402. }
  403. c.Data["RecoveryCodes"] = recoveryCodes
  404. c.Success(SETTINGS_TWO_FACTOR_RECOVERY_CODES)
  405. }
  406. func SettingsTwoFactorRecoveryCodesPost(c *context.Context) {
  407. if !c.User.IsEnabledTwoFactor() {
  408. c.NotFound()
  409. return
  410. }
  411. if err := db.RegenerateRecoveryCodes(c.UserID()); err != nil {
  412. c.Flash.Error(c.Tr("settings.two_factor_regenerate_recovery_codes_error", err))
  413. } else {
  414. c.Flash.Success(c.Tr("settings.two_factor_regenerate_recovery_codes_success"))
  415. }
  416. c.SubURLRedirect("/user/settings/security/two_factor_recovery_codes")
  417. }
  418. func SettingsTwoFactorDisable(c *context.Context) {
  419. if !c.User.IsEnabledTwoFactor() {
  420. c.NotFound()
  421. return
  422. }
  423. if err := db.DeleteTwoFactor(c.UserID()); err != nil {
  424. c.ServerError("DeleteTwoFactor", err)
  425. return
  426. }
  427. c.Flash.Success(c.Tr("settings.two_factor_disable_success"))
  428. c.JSONSuccess(map[string]interface{}{
  429. "redirect": setting.AppSubURL + "/user/settings/security",
  430. })
  431. }
  432. func SettingsRepos(c *context.Context) {
  433. c.Title("settings.repos")
  434. c.PageIs("SettingsRepositories")
  435. repos, err := db.GetUserAndCollaborativeRepositories(c.User.ID)
  436. if err != nil {
  437. c.ServerError("GetUserAndCollaborativeRepositories", err)
  438. return
  439. }
  440. if err = db.RepositoryList(repos).LoadAttributes(); err != nil {
  441. c.ServerError("LoadAttributes", err)
  442. return
  443. }
  444. c.Data["Repos"] = repos
  445. c.Success(SETTINGS_REPOSITORIES)
  446. }
  447. func SettingsLeaveRepo(c *context.Context) {
  448. repo, err := db.GetRepositoryByID(c.QueryInt64("id"))
  449. if err != nil {
  450. c.NotFoundOrServerError("GetRepositoryByID", errors.IsRepoNotExist, err)
  451. return
  452. }
  453. if err = repo.DeleteCollaboration(c.User.ID); err != nil {
  454. c.ServerError("DeleteCollaboration", err)
  455. return
  456. }
  457. c.Flash.Success(c.Tr("settings.repos.leave_success", repo.FullName()))
  458. c.JSONSuccess(map[string]interface{}{
  459. "redirect": setting.AppSubURL + "/user/settings/repositories",
  460. })
  461. }
  462. func SettingsOrganizations(c *context.Context) {
  463. c.Title("settings.orgs")
  464. c.PageIs("SettingsOrganizations")
  465. orgs, err := db.GetOrgsByUserID(c.User.ID, true)
  466. if err != nil {
  467. c.ServerError("GetOrgsByUserID", err)
  468. return
  469. }
  470. c.Data["Orgs"] = orgs
  471. c.Success(SETTINGS_ORGANIZATIONS)
  472. }
  473. func SettingsLeaveOrganization(c *context.Context) {
  474. if err := db.RemoveOrgUser(c.QueryInt64("id"), c.User.ID); err != nil {
  475. if db.IsErrLastOrgOwner(err) {
  476. c.Flash.Error(c.Tr("form.last_org_owner"))
  477. } else {
  478. c.ServerError("RemoveOrgUser", err)
  479. return
  480. }
  481. }
  482. c.JSONSuccess(map[string]interface{}{
  483. "redirect": setting.AppSubURL + "/user/settings/organizations",
  484. })
  485. }
  486. func SettingsApplications(c *context.Context) {
  487. c.Title("settings.applications")
  488. c.PageIs("SettingsApplications")
  489. tokens, err := db.ListAccessTokens(c.User.ID)
  490. if err != nil {
  491. c.ServerError("ListAccessTokens", err)
  492. return
  493. }
  494. c.Data["Tokens"] = tokens
  495. c.Success(SETTINGS_APPLICATIONS)
  496. }
  497. func SettingsApplicationsPost(c *context.Context, f form.NewAccessToken) {
  498. c.Title("settings.applications")
  499. c.PageIs("SettingsApplications")
  500. if c.HasError() {
  501. tokens, err := db.ListAccessTokens(c.User.ID)
  502. if err != nil {
  503. c.ServerError("ListAccessTokens", err)
  504. return
  505. }
  506. c.Data["Tokens"] = tokens
  507. c.Success(SETTINGS_APPLICATIONS)
  508. return
  509. }
  510. t := &db.AccessToken{
  511. UID: c.User.ID,
  512. Name: f.Name,
  513. }
  514. if err := db.NewAccessToken(t); err != nil {
  515. if errors.IsAccessTokenNameAlreadyExist(err) {
  516. c.Flash.Error(c.Tr("settings.token_name_exists"))
  517. c.SubURLRedirect("/user/settings/applications")
  518. } else {
  519. c.ServerError("NewAccessToken", err)
  520. }
  521. return
  522. }
  523. c.Flash.Success(c.Tr("settings.generate_token_succees"))
  524. c.Flash.Info(t.Sha1)
  525. c.SubURLRedirect("/user/settings/applications")
  526. }
  527. func SettingsDeleteApplication(c *context.Context) {
  528. if err := db.DeleteAccessTokenOfUserByID(c.User.ID, c.QueryInt64("id")); err != nil {
  529. c.Flash.Error("DeleteAccessTokenByID: " + err.Error())
  530. } else {
  531. c.Flash.Success(c.Tr("settings.delete_token_success"))
  532. }
  533. c.JSONSuccess(map[string]interface{}{
  534. "redirect": setting.AppSubURL + "/user/settings/applications",
  535. })
  536. }
  537. func SettingsDelete(c *context.Context) {
  538. c.Title("settings.delete")
  539. c.PageIs("SettingsDelete")
  540. if c.Req.Method == "POST" {
  541. if _, err := db.UserLogin(c.User.Name, c.Query("password"), c.User.LoginSource); err != nil {
  542. if errors.IsUserNotExist(err) {
  543. c.RenderWithErr(c.Tr("form.enterred_invalid_password"), SETTINGS_DELETE, nil)
  544. } else {
  545. c.ServerError("UserLogin", err)
  546. }
  547. return
  548. }
  549. if err := db.DeleteUser(c.User); err != nil {
  550. switch {
  551. case db.IsErrUserOwnRepos(err):
  552. c.Flash.Error(c.Tr("form.still_own_repo"))
  553. c.Redirect(setting.AppSubURL + "/user/settings/delete")
  554. case db.IsErrUserHasOrgs(err):
  555. c.Flash.Error(c.Tr("form.still_has_org"))
  556. c.Redirect(setting.AppSubURL + "/user/settings/delete")
  557. default:
  558. c.ServerError("DeleteUser", err)
  559. }
  560. } else {
  561. log.Trace("Account deleted: %s", c.User.Name)
  562. c.Redirect(setting.AppSubURL + "/")
  563. }
  564. return
  565. }
  566. c.Success(SETTINGS_DELETE)
  567. }