feat(plugin): If user has only one external login and never set password, he can't unbind it

2023-03-10 10:42:45 +08:00 · 2023-03-10 10:42:45 +08:00 · b44824cf78
parent 9c68284623
commit b44824cf78
4 changed files with 78 additions and 57 deletions
--- a/i18n/en_US.yaml
+++ b/i18n/en_US.yaml
@ -130,6 +130,8 @@ backend:
      no_permission:
        other: No permission to Revision.
    user:
+      external_login_unbinding_forbidden:
+        other: Please set a login password for your account before you remove this login.
      email_or_password_wrong:
        other:
          other: Email and password do not match.
--- a/internal/base/reason/reason.go
+++ b/internal/base/reason/reason.go
@ -14,57 +14,58 @@ const (
 )

 const (
-	EmailOrPasswordWrong             = "error.object.email_or_password_incorrect"
-	CommentNotFound                  = "error.comment.not_found"
-	CommentCannotEditAfterDeadline   = "error.comment.cannot_edit_after_deadline"
-	QuestionNotFound                 = "error.question.not_found"
-	QuestionCannotDeleted            = "error.question.cannot_deleted"
-	QuestionCannotClose              = "error.question.cannot_close"
-	QuestionCannotUpdate             = "error.question.cannot_update"
-	QuestionAlreadyDeleted           = "error.question.already_deleted"
-	AnswerNotFound                   = "error.answer.not_found"
-	AnswerCannotDeleted              = "error.answer.cannot_deleted"
-	AnswerCannotUpdate               = "error.answer.cannot_update"
-	CommentEditWithoutPermission     = "error.comment.edit_without_permission"
-	DisallowVote                     = "error.object.disallow_vote"
-	DisallowFollow                   = "error.object.disallow_follow"
-	DisallowVoteYourSelf             = "error.object.disallow_vote_your_self"
-	CaptchaVerificationFailed        = "error.object.captcha_verification_failed"
-	OldPasswordVerificationFailed    = "error.object.old_password_verification_failed"
-	NewPasswordSameAsPreviousSetting = "error.object.new_password_same_as_previous_setting"
-	UserNotFound                     = "error.user.not_found"
-	UsernameInvalid                  = "error.user.username_invalid"
-	UsernameDuplicate                = "error.user.username_duplicate"
-	UserSetAvatar                    = "error.user.set_avatar"
-	EmailDuplicate                   = "error.email.duplicate"
-	EmailVerifyURLExpired            = "error.email.verify_url_expired"
-	EmailNeedToBeVerified            = "error.email.need_to_be_verified"
-	UserSuspended                    = "error.user.suspended"
-	ObjectNotFound                   = "error.object.not_found"
-	TagNotFound                      = "error.tag.not_found"
-	TagNotContainSynonym             = "error.tag.not_contain_synonym_tags"
-	TagCannotUpdate                  = "error.tag.cannot_update"
-	TagIsUsedCannotDelete            = "error.tag.is_used_cannot_delete"
-	RankFailToMeetTheCondition       = "error.rank.fail_to_meet_the_condition"
-	ThemeNotFound                    = "error.theme.not_found"
-	LangNotFound                     = "error.lang.not_found"
-	ReportHandleFailed               = "error.report.handle_failed"
-	ReportNotFound                   = "error.report.not_found"
-	ReadConfigFailed                 = "error.config.read_config_failed"
-	DatabaseConnectionFailed         = "error.database.connection_failed"
-	InstallCreateTableFailed         = "error.database.create_table_failed"
-	InstallConfigFailed              = "error.install.create_config_failed"
-	SiteInfoNotFound                 = "error.site_info.not_found"
-	UploadFileSourceUnsupported      = "error.upload.source_unsupported"
-	UploadFileUnsupportedFileFormat  = "error.upload.unsupported_file_format"
-	RecommendTagNotExist             = "error.tag.recommend_tag_not_found"
-	RecommendTagEnter                = "error.tag.recommend_tag_enter"
-	RevisionReviewUnderway           = "error.revision.review_underway"
-	RevisionNoPermission             = "error.revision.no_permission"
-	UserCannotUpdateYourRole         = "error.user.cannot_update_your_role"
-	TagCannotSetSynonymAsItself      = "error.tag.cannot_set_synonym_as_itself"
-	NotAllowedRegistration           = "error.user.not_allowed_registration"
-	SMTPConfigFromNameCannotBeEmail  = "error.smtp.config_from_name_cannot_be_email"
-	AdminCannotUpdateTheirPassword   = "error.admin.cannot_update_their_password"
-	AdminCannotModifySelfStatus      = "error.admin.cannot_modify_self_status"
+	EmailOrPasswordWrong                = "error.object.email_or_password_incorrect"
+	CommentNotFound                     = "error.comment.not_found"
+	CommentCannotEditAfterDeadline      = "error.comment.cannot_edit_after_deadline"
+	QuestionNotFound                    = "error.question.not_found"
+	QuestionCannotDeleted               = "error.question.cannot_deleted"
+	QuestionCannotClose                 = "error.question.cannot_close"
+	QuestionCannotUpdate                = "error.question.cannot_update"
+	QuestionAlreadyDeleted              = "error.question.already_deleted"
+	AnswerNotFound                      = "error.answer.not_found"
+	AnswerCannotDeleted                 = "error.answer.cannot_deleted"
+	AnswerCannotUpdate                  = "error.answer.cannot_update"
+	CommentEditWithoutPermission        = "error.comment.edit_without_permission"
+	DisallowVote                        = "error.object.disallow_vote"
+	DisallowFollow                      = "error.object.disallow_follow"
+	DisallowVoteYourSelf                = "error.object.disallow_vote_your_self"
+	CaptchaVerificationFailed           = "error.object.captcha_verification_failed"
+	OldPasswordVerificationFailed       = "error.object.old_password_verification_failed"
+	NewPasswordSameAsPreviousSetting    = "error.object.new_password_same_as_previous_setting"
+	UserNotFound                        = "error.user.not_found"
+	UsernameInvalid                     = "error.user.username_invalid"
+	UsernameDuplicate                   = "error.user.username_duplicate"
+	UserSetAvatar                       = "error.user.set_avatar"
+	EmailDuplicate                      = "error.email.duplicate"
+	EmailVerifyURLExpired               = "error.email.verify_url_expired"
+	EmailNeedToBeVerified               = "error.email.need_to_be_verified"
+	UserSuspended                       = "error.user.suspended"
+	ObjectNotFound                      = "error.object.not_found"
+	TagNotFound                         = "error.tag.not_found"
+	TagNotContainSynonym                = "error.tag.not_contain_synonym_tags"
+	TagCannotUpdate                     = "error.tag.cannot_update"
+	TagIsUsedCannotDelete               = "error.tag.is_used_cannot_delete"
+	RankFailToMeetTheCondition          = "error.rank.fail_to_meet_the_condition"
+	ThemeNotFound                       = "error.theme.not_found"
+	LangNotFound                        = "error.lang.not_found"
+	ReportHandleFailed                  = "error.report.handle_failed"
+	ReportNotFound                      = "error.report.not_found"
+	ReadConfigFailed                    = "error.config.read_config_failed"
+	DatabaseConnectionFailed            = "error.database.connection_failed"
+	InstallCreateTableFailed            = "error.database.create_table_failed"
+	InstallConfigFailed                 = "error.install.create_config_failed"
+	SiteInfoNotFound                    = "error.site_info.not_found"
+	UploadFileSourceUnsupported         = "error.upload.source_unsupported"
+	UploadFileUnsupportedFileFormat     = "error.upload.unsupported_file_format"
+	RecommendTagNotExist                = "error.tag.recommend_tag_not_found"
+	RecommendTagEnter                   = "error.tag.recommend_tag_enter"
+	RevisionReviewUnderway              = "error.revision.review_underway"
+	RevisionNoPermission                = "error.revision.no_permission"
+	UserCannotUpdateYourRole            = "error.user.cannot_update_your_role"
+	TagCannotSetSynonymAsItself         = "error.tag.cannot_set_synonym_as_itself"
+	NotAllowedRegistration              = "error.user.not_allowed_registration"
+	SMTPConfigFromNameCannotBeEmail     = "error.smtp.config_from_name_cannot_be_email"
+	AdminCannotUpdateTheirPassword      = "error.admin.cannot_update_their_password"
+	AdminCannotModifySelfStatus         = "error.admin.cannot_modify_self_status"
+	UserExternalLoginUnbindingForbidden = "error.user.external_login_unbinding_forbidden"
 )
--- a/internal/controller/connector_controller.go
+++ b/internal/controller/connector_controller.go
@ -210,6 +210,6 @@ func (cc *ConnectorController) ExternalLoginUnbinding(ctx *gin.Context) {

 	req.UserID = middleware.GetLoginUserIDFromContext(ctx)

-	err := cc.userExternalService.ExternalLoginUnbinding(ctx, req)
-	handler.HandleResponse(ctx, err, nil)
+	resp, err := cc.userExternalService.ExternalLoginUnbinding(ctx, req)
+	handler.HandleResponse(ctx, err, resp)
 }
--- a/internal/service/user_external_login/user_external_login_service.go
+++ b/internal/service/user_external_login/user_external_login_service.go
@ -292,6 +292,24 @@ func (us *UserExternalLoginService) GetExternalLoginUserInfoList(

 // ExternalLoginUnbinding external login unbinding
 func (us *UserExternalLoginService) ExternalLoginUnbinding(
-	ctx context.Context, req *schema.ExternalLoginUnbindingReq) (err error) {
-	return us.userExternalLoginRepo.DeleteUserExternalLogin(ctx, req.UserID, req.ExternalID)
+	ctx context.Context, req *schema.ExternalLoginUnbindingReq) (resp any, err error) {
+	// If user has only one external login and never set password, he can't unbind it.
+	userInfo, exist, err := us.userRepo.GetByUserID(ctx, req.UserID)
+	if err != nil {
+		return nil, err
+	}
+	if !exist {
+		return nil, errors.BadRequest(reason.UserNotFound)
+	}
+	if len(userInfo.Pass) == 0 {
+		loginList, err := us.userExternalLoginRepo.GetUserExternalLoginList(ctx, req.UserID)
+		if err != nil {
+			return nil, err
+		}
+		if len(loginList) <= 1 {
+			return schema.ErrTypeToast, errors.BadRequest(reason.UserExternalLoginUnbindingForbidden)
+		}
+	}
+
+	return nil, us.userExternalLoginRepo.DeleteUserExternalLogin(ctx, req.UserID, req.ExternalID)
 }