Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add a warning for disallowed email domains #29658

Merged
merged 4 commits into from
Mar 11, 2024
Merged

Add a warning for disallowed email domains #29658

merged 4 commits into from
Mar 11, 2024

Conversation

Zettat123
Copy link
Contributor

@Zettat123 Zettat123 commented Mar 8, 2024
edited
Loading

Resolve #29660

Follow #29522 and #29609

Add a warning for disallowed email domains when admins manually add/edit users.

Thanks @yp05327 for the comment

image

@GiteaBot GiteaBot added the lgtm/need 2 This PR needs two approvals by maintainers to be considered for merging. label Mar 8, 2024
@pull-request-size pull-request-size bot added the size/M Denotes a PR that changes 30-99 lines, ignoring generated files. label Mar 8, 2024
@Zettat123 Zettat123 added the type/enhancement An improvement of existing functionality label Mar 8, 2024
@lunny
Copy link
Member

lunny commented Mar 8, 2024

related to #29660?

@yp05327
Copy link
Contributor

yp05327 commented Mar 8, 2024
edited
Loading

My suggestion:
The user email domain %s is not listed in EMAIL_DOMAIN_ALLOWLIST. Please ensure your operation is expected.

ps: does other options effect it? e.g. something like email domain not allowed.
ps: is it possible to add warning in the API? 🤔

@Zettat123
Copy link
Contributor Author

ps: does other options effect it?

Yes. EMAIL_DOMAIN_BLOCKLIST also affects.

Maybe The user email domain %s conflicts with EMAIL_DOMAIN_ALLOWLIST or EMAIL_DOMAIN_BLOCKLIST. Please ensure your operation is expected. ?

@Zettat123
Copy link
Contributor Author

ps: is it possible to add warning in the API?

Not sure how to add the warning to the API. Maybe something like this?

gitea/routers/api/v1/repo/repo.go

Lines 1190 to 1192 in 9dc8a63

if cnt := len(ret.TemplateErrors); cnt != 0 {
ctx.Resp.Header().Add("X-Gitea-Warning", "error occurs when parsing issue template: count="+strconv.Itoa(cnt))
}

delvh
delvh reviewed Mar 8, 2024
View reviewed changes
routers/web/admin/users.go Outdated Show resolved Hide resolved
routers/web/admin/users.go Outdated Show resolved Hide resolved
@github-actions github-actions bot added the modifies/api This PR adds API routes or modifies them label Mar 8, 2024
@GiteaBot GiteaBot added lgtm/need 1 This PR needs approval from one additional maintainer to be merged. and removed lgtm/need 2 This PR needs two approvals by maintainers to be considered for merging. labels Mar 10, 2024
@denyskon denyskon added this to the 1.22.0 milestone Mar 10, 2024
@yp05327
Copy link
Contributor

yp05327 commented Mar 11, 2024

ps: is it possible to add warning in the API?

Not sure how to add the warning to the API. Maybe something like this?

gitea/routers/api/v1/repo/repo.go

Lines 1190 to 1192 in 9dc8a63

if cnt := len(ret.TemplateErrors); cnt != 0 {
ctx.Resp.Header().Add("X-Gitea-Warning", "error occurs when parsing issue template: count="+strconv.Itoa(cnt))
}

Searched a lot, and normally there are three solutions:

  • some Apps are using http status code 299 as a warning http status code.
  • there's a Warning header, but it is deprecated:
    https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Warning
  • add warnings in JSON body. It is impossible for Gitea, as we are using http status code as the result, but not adding status in JSON body.

It seems that there's no normal rules.

@Zettat123
Copy link
Contributor Author

some Apps are using http status code 299 as a warning http status code.

Looks like 299 is not an official code. Since Gitea is already using X-Gitea-Warning to indicate warning messages, I think we can also use it for now

@yp05327
Copy link
Contributor

yp05327 commented Mar 11, 2024

Since Gitea is already using X-Gitea-Warning to indicate warning messages

Thanks for your notification. I didn't notice that.

@GiteaBot GiteaBot added lgtm/done This PR has enough approvals to get merged. There are no important open reservations anymore. and removed lgtm/need 1 This PR needs approval from one additional maintainer to be merged. labels Mar 11, 2024
@lunny lunny added the reviewed/wait-merge This pull request is part of the merge queue. It will be merged soon. label Mar 11, 2024
@lunny lunny enabled auto-merge (squash) March 11, 2024 05:39
@lunny lunny merged commit 4129e0e into go-gitea:main Mar 11, 2024
26 checks passed
@GiteaBot GiteaBot removed the reviewed/wait-merge This pull request is part of the merge queue. It will be merged soon. label Mar 11, 2024
zjjhot added a commit to zjjhot/gitea that referenced this pull request Mar 12, 2024
@zjjhot
Merge remote-tracking branch 'giteaofficial/main'
81d1696 
* giteaofficial/main:
  Some performance optimization on dashboard and issues page (go-gitea#29010)
  Remove jQuery AJAX from the issue branch reference selection (go-gitea#29722)
  Lazy load object format with command line and don't do it in OpenRepository (go-gitea#29712)
  remove repetitive words (go-gitea#29695)
  Sync branches first (go-gitea#29714)
  Add a warning for disallowed email domains (go-gitea#29658)
  Fix inconsistent rendering of block mathematical expressions (go-gitea#29677)
@github-actions github-actions bot locked as resolved and limited conversation to collaborators Mar 19, 2024
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers

@delvh delvh delvh left review comments

@yp05327 yp05327 yp05327 approved these changes

@denyskon denyskon denyskon approved these changes

Assignees
No one assigned
Labels
lgtm/done This PR has enough approvals to get merged. There are no important open reservations anymore. modifies/api This PR adds API routes or modifies them modifies/translation size/M Denotes a PR that changes 30-99 lines, ignoring generated files. type/enhancement An improvement of existing functionality
Projects
None yet
Milestone
1.22.0
Development

Successfully merging this pull request may close these issues.

Add a warning when admin add a user with email address not listed in EMAIL_DOMAIN_ALLOWLIST
6 participants
@Zettat123 @lunny @yp05327 @denyskon @delvh @GiteaBot