chore(api): support ignore password if login source type is LDAP for creating user API (#28491) (#28525)

Backport #28491 by @appleboy

- Modify the `Password` field in `CreateUserOption` struct to remove the
`Required` tag
- Update the `v1_json.tmpl` template to include the `email` field and
remove the `password` field

Signed-off-by: Bo-Yi Wu <appleboy.tw@gmail.com>
Co-authored-by: Bo-Yi Wu <appleboy.tw@gmail.com>
(cherry picked from commit 411310d698)
This commit is contained in:
Giteabot 2023-12-19 11:14:06 +08:00 committed by Earl Warren
parent 2878d07926
commit 5d1d66ac3a
No known key found for this signature in database
GPG key ID: 0579CB2928A78A00
3 changed files with 24 additions and 16 deletions

View file

@ -15,9 +15,8 @@ type CreateUserOption struct {
FullName string `json:"full_name" binding:"MaxSize(100)"` FullName string `json:"full_name" binding:"MaxSize(100)"`
// required: true // required: true
// swagger:strfmt email // swagger:strfmt email
Email string `json:"email" binding:"Required;Email;MaxSize(254)"` Email string `json:"email" binding:"Required;Email;MaxSize(254)"`
// required: true Password string `json:"password" binding:"MaxSize(255)"`
Password string `json:"password" binding:"Required;MaxSize(255)"`
MustChangePassword *bool `json:"must_change_password"` MustChangePassword *bool `json:"must_change_password"`
SendNotify bool `json:"send_notify"` SendNotify bool `json:"send_notify"`
Restricted *bool `json:"restricted"` Restricted *bool `json:"restricted"`

View file

@ -93,18 +93,28 @@ func CreateUser(ctx *context.APIContext) {
if ctx.Written() { if ctx.Written() {
return return
} }
if !password.IsComplexEnough(form.Password) {
err := errors.New("PasswordComplexity") if u.LoginType == auth.Plain {
ctx.Error(http.StatusBadRequest, "PasswordComplexity", err) if len(form.Password) < setting.MinPasswordLength {
return err := errors.New("PasswordIsRequired")
} ctx.Error(http.StatusBadRequest, "PasswordIsRequired", err)
pwned, err := password.IsPwned(ctx, form.Password) return
if pwned { }
if err != nil {
log.Error(err.Error()) if !password.IsComplexEnough(form.Password) {
err := errors.New("PasswordComplexity")
ctx.Error(http.StatusBadRequest, "PasswordComplexity", err)
return
}
pwned, err := password.IsPwned(ctx, form.Password)
if pwned {
if err != nil {
log.Error(err.Error())
}
ctx.Error(http.StatusBadRequest, "PasswordPwned", errors.New("PasswordPwned"))
return
} }
ctx.Error(http.StatusBadRequest, "PasswordPwned", errors.New("PasswordPwned"))
return
} }
overwriteDefault := &user_model.CreateUserOverwriteOptions{ overwriteDefault := &user_model.CreateUserOverwriteOptions{

View file

@ -18596,8 +18596,7 @@
"type": "object", "type": "object",
"required": [ "required": [
"username", "username",
"email", "email"
"password"
], ],
"properties": { "properties": {
"created_at": { "created_at": {