1
0
mirror of https://github.com/pocketbase/pocketbase.git synced 2025-01-10 00:43:36 +02:00
pocketbase/forms/user_upsert.go

124 lines
3.3 KiB
Go

package forms
import (
"strings"
validation "github.com/go-ozzo/ozzo-validation/v4"
"github.com/go-ozzo/ozzo-validation/v4/is"
"github.com/pocketbase/pocketbase/core"
"github.com/pocketbase/pocketbase/forms/validators"
"github.com/pocketbase/pocketbase/models"
"github.com/pocketbase/pocketbase/tools/list"
"github.com/pocketbase/pocketbase/tools/types"
)
// UserUpsert defines a user upsert (create/update) form.
type UserUpsert struct {
app core.App
user *models.User
isCreate bool
Email string `form:"email" json:"email"`
Password string `form:"password" json:"password"`
PasswordConfirm string `form:"passwordConfirm" json:"passwordConfirm"`
}
// NewUserUpsert creates new upsert form for the provided user model
// (pass an empty user model instance (`&models.User{}`) for create).
func NewUserUpsert(app core.App, user *models.User) *UserUpsert {
form := &UserUpsert{
app: app,
user: user,
isCreate: !user.HasId(),
}
// load defaults
form.Email = user.Email
return form
}
// Validate makes the form validatable by implementing [validation.Validatable] interface.
func (form *UserUpsert) Validate() error {
config := form.app.Settings()
return validation.ValidateStruct(form,
validation.Field(
&form.Email,
validation.Required,
validation.Length(1, 255),
is.Email,
validation.By(form.checkEmailDomain),
validation.By(form.checkUniqueEmail),
),
validation.Field(
&form.Password,
validation.When(form.isCreate, validation.Required),
validation.Length(config.EmailAuth.MinPasswordLength, 100),
),
validation.Field(
&form.PasswordConfirm,
validation.When(form.isCreate || form.Password != "", validation.Required),
validation.By(validators.Compare(form.Password)),
),
)
}
func (form *UserUpsert) checkUniqueEmail(value any) error {
v, _ := value.(string)
if v == "" || form.app.Dao().IsUserEmailUnique(v, form.user.Id) {
return nil
}
return validation.NewError("validation_user_email_exists", "User email already exists.")
}
func (form *UserUpsert) checkEmailDomain(value any) error {
val, _ := value.(string)
if val == "" {
return nil // nothing to check
}
domain := val[strings.LastIndex(val, "@")+1:]
only := form.app.Settings().EmailAuth.OnlyDomains
except := form.app.Settings().EmailAuth.ExceptDomains
// only domains check
if len(only) > 0 && !list.ExistInSlice(domain, only) {
return validation.NewError("validation_email_domain_not_allowed", "Email domain is not allowed.")
}
// except domains check
if len(except) > 0 && list.ExistInSlice(domain, except) {
return validation.NewError("validation_email_domain_not_allowed", "Email domain is not allowed.")
}
return nil
}
// Submit validates the form and upserts the form user model.
//
// You can optionally provide a list of InterceptorFunc to further
// modify the form behavior before persisting it.
func (form *UserUpsert) Submit(interceptors ...InterceptorFunc) error {
if err := form.Validate(); err != nil {
return err
}
if form.Password != "" {
form.user.SetPassword(form.Password)
}
if !form.isCreate && form.Email != form.user.Email {
form.user.Verified = false
form.user.LastVerificationSentAt = types.DateTime{} // reset
}
form.user.Email = form.Email
return runInterceptors(func() error {
return form.app.Dao().SaveUser(form.user)
}, interceptors...)
}