#851: Edit Account does not take into consideration password rules

10 years ago · 33894591a6
5 changed files with 15 additions and 16 deletions
--- a/cmd/web.go
+++ b/cmd/web.go
@ -79,7 +79,7 @@ func checkVersion() {
 	// Check dependency version.
 	checkers := []VerChecker{
 		{"github.com/Unknwon/macaron", macaron.Version, "0.5.1"},
-		{"github.com/macaron-contrib/binding", binding.Version, "0.0.5"},
+		{"github.com/macaron-contrib/binding", binding.Version, "0.0.6"},
 		{"github.com/macaron-contrib/cache", cache.Version, "0.0.7"},
 		{"github.com/macaron-contrib/csrf", csrf.Version, "0.0.3"},
 		{"github.com/macaron-contrib/i18n", i18n.Version, "0.0.5"},
--- a/gogs.go
+++ b/gogs.go
@ -17,7 +17,7 @@ import (
 	"github.com/gogits/gogs/modules/setting"
 )

-const APP_VER = "0.5.16.0316 Beta"
+const APP_VER = "0.5.16.0317 Beta"

 func init() {
 	runtime.GOMAXPROCS(runtime.NumCPU())
--- a/modules/auth/admin.go
+++ b/modules/auth/admin.go
@ -11,15 +11,15 @@ import (
 )

 type AdminEditUserForm struct {
-	Email        string `form:"email" binding:"Required;Email;MaxSize(50)"`
-	Passwd       string `form:"password"`
-	Website      string `form:"website" binding:"MaxSize(50)"`
-	Location     string `form:"location" binding:"MaxSize(50)"`
-	Avatar       string `form:"avatar" binding:"Required;Email;MaxSize(50)"`
-	Active       bool   `form:"active"`
-	Admin        bool   `form:"admin"`
-	AllowGitHook bool   `form:"allow_git_hook"`
-	LoginType    int    `form:"login_type"`
+	Email        string `binding:"Required;Email;MaxSize(50)"`
+	Password     string `binding:"OmitEmpty;MinSize(6);MaxSize(255)"`
+	Website      string `binding:"MaxSize(50)"`
+	Location     string `binding:"MaxSize(50)"`
+	Avatar       string `binding:"Required;Email;MaxSize(50)"`
+	Active       bool
+	Admin        bool
+	AllowGitHook bool
+	LoginType    int
 }

 func (f *AdminEditUserForm) Validate(ctx *macaron.Context, errs binding.Errors) binding.Errors {
--- a/routers/admin/users.go
+++ b/routers/admin/users.go
@ -168,6 +168,7 @@ func EditUserPost(ctx *middleware.Context, form auth.AdminEditUserForm) {
 		ctx.Handle(500, "GetUserById", err)
 		return
 	}
+	ctx.Data["User"] = u

 	if ctx.HasError() {
 		ctx.HTML(200, USER_EDIT)
@ -175,8 +176,8 @@ func EditUserPost(ctx *middleware.Context, form auth.AdminEditUserForm) {
 	}

 	// FIXME: need password length check
-	if len(form.Passwd) > 0 {
-		u.Passwd = form.Passwd
+	if len(form.Password) > 0 {
+		u.Passwd = form.Password
 		u.Salt = models.GetUserSalt()
 		u.EncodePasswd()
 	}
@ -193,8 +194,6 @@ func EditUserPost(ctx *middleware.Context, form auth.AdminEditUserForm) {
 	u.IsAdmin = form.Admin
 	u.AllowGitHook = form.AllowGitHook

-	ctx.Data["User"] = u
-
 	if err := models.UpdateUser(u); err != nil {
 		if err == models.ErrEmailAlreadyUsed {
 			ctx.Data["Err_Email"] = true
--- a/templates/.VERSION
+++ b/templates/.VERSION
@ -1 +1 @@
-0.5.16.0316 Beta
+0.5.16.0317 Beta