Install page - Handle invalid administrator username better (#7060)

* Install page - detect invalid admin username before installing

* Also fix #6954
tokarchuk/v1.17
zeripath 6 years ago committed by GitHub
parent 69d81b6569
commit bd9ed96da5
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
  1. 4
      options/locale/locale_en-US.ini
  2. 48
      routers/install.go

@ -94,6 +94,10 @@ sqlite_helper = File path for the SQLite3 database.<br>Enter an absolute path if
err_empty_db_path = The SQLite3 database path cannot be empty. err_empty_db_path = The SQLite3 database path cannot be empty.
no_admin_and_disable_registration = You cannot disable user self-registration without creating an administrator account. no_admin_and_disable_registration = You cannot disable user self-registration without creating an administrator account.
err_empty_admin_password = The administrator password cannot be empty. err_empty_admin_password = The administrator password cannot be empty.
err_empty_admin_email = The administrator email cannot be empty.
err_admin_name_is_reserved = Administrator Username is invalid, username is reserved
err_admin_name_pattern_not_allowed = Administrator Username is invalid, username is pattern is not allowed
err_admin_name_is_invalid = Administrator Username is invalid
general_title = General Settings general_title = General Settings
app_name = Site Title app_name = Site Title

@ -215,18 +215,42 @@ func InstallPost(ctx *context.Context, form auth.InstallForm) {
return return
} }
// Check admin password. // Check admin user creation
if len(form.AdminName) > 0 && len(form.AdminPasswd) == 0 { if len(form.AdminName) > 0 {
ctx.Data["Err_Admin"] = true // Ensure AdminName is valid
ctx.Data["Err_AdminPasswd"] = true if err := models.IsUsableUsername(form.AdminName); err != nil {
ctx.RenderWithErr(ctx.Tr("install.err_empty_admin_password"), tplInstall, form) ctx.Data["Err_Admin"] = true
return ctx.Data["Err_AdminName"] = true
} if models.IsErrNameReserved(err) {
if form.AdminPasswd != form.AdminConfirmPasswd { ctx.RenderWithErr(ctx.Tr("install.err_admin_name_is_reserved"), tplInstall, form)
ctx.Data["Err_Admin"] = true return
ctx.Data["Err_AdminPasswd"] = true } else if models.IsErrNamePatternNotAllowed(err) {
ctx.RenderWithErr(ctx.Tr("form.password_not_match"), tplInstall, form) ctx.RenderWithErr(ctx.Tr("install.err_admin_name_pattern_not_allowed"), tplInstall, form)
return return
}
ctx.RenderWithErr(ctx.Tr("install.err_admin_name_is_invalid"), tplInstall, form)
return
}
// Check Admin email
if len(form.AdminEmail) == 0 {
ctx.Data["Err_Admin"] = true
ctx.Data["Err_AdminEmail"] = true
ctx.RenderWithErr(ctx.Tr("install.err_empty_admin_email"), tplInstall, form)
return
}
// Check admin password.
if len(form.AdminPasswd) == 0 {
ctx.Data["Err_Admin"] = true
ctx.Data["Err_AdminPasswd"] = true
ctx.RenderWithErr(ctx.Tr("install.err_empty_admin_password"), tplInstall, form)
return
}
if form.AdminPasswd != form.AdminConfirmPasswd {
ctx.Data["Err_Admin"] = true
ctx.Data["Err_AdminPasswd"] = true
ctx.RenderWithErr(ctx.Tr("form.password_not_match"), tplInstall, form)
return
}
} }
if form.AppURL[len(form.AppURL)-1] != '/' { if form.AppURL[len(form.AppURL)-1] != '/' {

Loading…
Cancel
Save