diff options
author | zeripath | 2019-05-28 10:38:13 +0100 |
---|---|---|
committer | GitHub | 2019-05-28 10:38:13 +0100 |
commit | 8d5c3d3d0b64f664a0a058389e3cfb4389560743 (patch) | |
tree | 656fc0eb4982fd9f65d1bd410e37ea052c0b4c4c | |
parent | 706d85b87d282c883533e60543cf1ae8e2ad0398 (diff) |
Install page - Handle invalid administrator username better (#7060) (#7063)
* Install page - detect invalid admin username before installing
* Also fix #6954
-rw-r--r-- | options/locale/locale_en-US.ini | 4 | ||||
-rw-r--r-- | routers/install.go | 48 |
2 files changed, 40 insertions, 12 deletions
diff --git a/options/locale/locale_en-US.ini b/options/locale/locale_en-US.ini index 4f6f5d474..f943c7f05 100644 --- a/options/locale/locale_en-US.ini +++ b/options/locale/locale_en-US.ini @@ -93,6 +93,10 @@ sqlite_helper = File path for the SQLite3 database.<br>Enter an absolute path if err_empty_db_path = The SQLite3 database path cannot be empty. no_admin_and_disable_registration = You cannot disable user self-registration without creating an administrator account. err_empty_admin_password = The administrator password cannot be empty. +err_empty_admin_email = The administrator email cannot be empty. +err_admin_name_is_reserved = Administrator Username is invalid, username is reserved +err_admin_name_pattern_not_allowed = Administrator Username is invalid, username is pattern is not allowed +err_admin_name_is_invalid = Administrator Username is invalid general_title = General Settings app_name = Site Title diff --git a/routers/install.go b/routers/install.go index 134479266..6154b567e 100644 --- a/routers/install.go +++ b/routers/install.go @@ -213,18 +213,42 @@ func InstallPost(ctx *context.Context, form auth.InstallForm) { return } - // Check admin password. - if len(form.AdminName) > 0 && len(form.AdminPasswd) == 0 { - ctx.Data["Err_Admin"] = true - ctx.Data["Err_AdminPasswd"] = true - ctx.RenderWithErr(ctx.Tr("install.err_empty_admin_password"), tplInstall, form) - return - } - if form.AdminPasswd != form.AdminConfirmPasswd { - ctx.Data["Err_Admin"] = true - ctx.Data["Err_AdminPasswd"] = true - ctx.RenderWithErr(ctx.Tr("form.password_not_match"), tplInstall, form) - return + // Check admin user creation + if len(form.AdminName) > 0 { + // Ensure AdminName is valid + if err := models.IsUsableUsername(form.AdminName); err != nil { + ctx.Data["Err_Admin"] = true + ctx.Data["Err_AdminName"] = true + if models.IsErrNameReserved(err) { + ctx.RenderWithErr(ctx.Tr("install.err_admin_name_is_reserved"), tplInstall, form) + return + } else if models.IsErrNamePatternNotAllowed(err) { + ctx.RenderWithErr(ctx.Tr("install.err_admin_name_pattern_not_allowed"), tplInstall, form) + return + } + ctx.RenderWithErr(ctx.Tr("install.err_admin_name_is_invalid"), tplInstall, form) + return + } + // Check Admin email + if len(form.AdminEmail) == 0 { + ctx.Data["Err_Admin"] = true + ctx.Data["Err_AdminEmail"] = true + ctx.RenderWithErr(ctx.Tr("install.err_empty_admin_email"), tplInstall, form) + return + } + // Check admin password. + if len(form.AdminPasswd) == 0 { + ctx.Data["Err_Admin"] = true + ctx.Data["Err_AdminPasswd"] = true + ctx.RenderWithErr(ctx.Tr("install.err_empty_admin_password"), tplInstall, form) + return + } + if form.AdminPasswd != form.AdminConfirmPasswd { + ctx.Data["Err_Admin"] = true + ctx.Data["Err_AdminPasswd"] = true + ctx.RenderWithErr(ctx.Tr("form.password_not_match"), tplInstall, form) + return + } } if form.AppURL[len(form.AppURL)-1] != '/' { |