|
|
|
@ -296,6 +296,9 @@ func (u *User) GenerateRandomAvatar() error { |
|
|
|
|
if err != nil { |
|
|
|
|
return fmt.Errorf("RandomImage: %v", err) |
|
|
|
|
} |
|
|
|
|
// NOTICE for random avatar, it still uses id as avatar name, but custom avatar use md5
|
|
|
|
|
// since random image is not a user's photo, there is no security for enumable
|
|
|
|
|
u.Avatar = fmt.Sprintf("%d", u.ID) |
|
|
|
|
if err = os.MkdirAll(filepath.Dir(u.CustomAvatarPath()), os.ModePerm); err != nil { |
|
|
|
|
return fmt.Errorf("MkdirAll: %v", err) |
|
|
|
|
} |
|
|
|
@ -451,13 +454,15 @@ func (u *User) UploadAvatar(data []byte) error { |
|
|
|
|
// DeleteAvatar deletes the user's custom avatar.
|
|
|
|
|
func (u *User) DeleteAvatar() error { |
|
|
|
|
log.Trace("DeleteAvatar[%d]: %s", u.ID, u.CustomAvatarPath()) |
|
|
|
|
|
|
|
|
|
if len(u.Avatar) > 0 { |
|
|
|
|
if err := os.Remove(u.CustomAvatarPath()); err != nil { |
|
|
|
|
return fmt.Errorf("Failed to remove %s: %v", u.CustomAvatarPath(), err) |
|
|
|
|
} |
|
|
|
|
} |
|
|
|
|
|
|
|
|
|
u.UseCustomAvatar = false |
|
|
|
|
if err := UpdateUser(u); err != nil { |
|
|
|
|
u.Avatar = "" |
|
|
|
|
if _, err := x.Id(u.ID).Cols("avatar, use_custom_avatar").Update(u); err != nil { |
|
|
|
|
return fmt.Errorf("UpdateUser: %v", err) |
|
|
|
|
} |
|
|
|
|
return nil |
|
|
|
@ -994,12 +999,14 @@ func deleteUser(e *xorm.Session, u *User) error { |
|
|
|
|
return fmt.Errorf("Failed to RemoveAll %s: %v", path, err) |
|
|
|
|
} |
|
|
|
|
|
|
|
|
|
if len(u.Avatar) > 0 { |
|
|
|
|
avatarPath := u.CustomAvatarPath() |
|
|
|
|
if com.IsExist(avatarPath) { |
|
|
|
|
if err := os.Remove(avatarPath); err != nil { |
|
|
|
|
return fmt.Errorf("Failed to remove %s: %v", avatarPath, err) |
|
|
|
|
} |
|
|
|
|
} |
|
|
|
|
} |
|
|
|
|
|
|
|
|
|
return nil |
|
|
|
|
} |
|
|
|
|