casdoor/controllers/link.go

// Copyright 2021 The Casdoor Authors. All Rights Reserved.
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
//      http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.

package controllers

import (
	"encoding/json"

	"github.com/casdoor/casdoor/object"
)

type LinkForm struct {
	ProviderType string      `json:"providerType"`
	User         object.User `json:"user"`
}

// Unlink ...
// @Tag Login API
// @Title Unlink
// @router /unlink [post]
// @Success 200 {object} object.Userinfo The Response object
func (c *ApiController) Unlink() {
	user, ok := c.RequireSignedInUser()
	if !ok {
		return
	}

	var form LinkForm
	err := json.Unmarshal(c.Ctx.Input.RequestBody, &form)
	if err != nil {
		c.ResponseError(err.Error())
		return
	}
	providerType := form.ProviderType

	// the user will be unlinked from the provider
	unlinkedUser := form.User

	if user.Id != unlinkedUser.Id && !user.IsGlobalAdmin() {
		// if the user is not the same as the one we are unlinking, we need to make sure the user is the global admin.
		c.ResponseError(c.T("link:You are not the global admin, you can't unlink other users"))
		return
	}

	if user.Id == unlinkedUser.Id && !user.IsGlobalAdmin() {
		// if the user is unlinking themselves, should check the provider can be unlinked, if not, we should return an error.
		application, err := object.GetApplicationByUser(user)
		if err != nil {
			c.ResponseError(err.Error())
			return
		}

		if application == nil {
			c.ResponseError(c.T("link:You can't unlink yourself, you are not a member of any application"))
			return
		}

		if len(application.Providers) == 0 {
			c.ResponseError(c.T("link:This application has no providers"))
			return
		}

		provider := application.GetProviderItemByType(providerType)
		if provider == nil {
			c.ResponseError(c.T("link:This application has no providers of type") + providerType)
			return
		}

		if !provider.CanUnlink {
			c.ResponseError(c.T("link:This provider can't be unlinked"))
			return
		}

	}

	// only two situations can happen here
	// 1. the user is the global admin
	// 2. the user is unlinking themselves and provider can be unlinked

	value := object.GetUserField(&unlinkedUser, providerType)

	if value == "" {
		c.ResponseError(c.T("link:Please link first"), value)
		return
	}

	_, err = object.ClearUserOAuthProperties(&unlinkedUser, providerType)
	if err != nil {
		c.ResponseError(err.Error())
		return
	}

	_, err = object.LinkUserAccount(&unlinkedUser, providerType, "")
	if err != nil {
		c.ResponseError(err.Error())
		return
	}

	c.ResponseOk()
}
Update license headers. 2022-02-13 23:39:27 +08:00			`// Copyright 2021 The Casdoor Authors. All Rights Reserved.`
Add Unlink API. 2021-04-18 23:14:46 +08:00			`//`
			`// Licensed under the Apache License, Version 2.0 (the "License");`
			`// you may not use this file except in compliance with the License.`
			`// You may obtain a copy of the License at`
			`//`
			`// http://www.apache.org/licenses/LICENSE-2.0`
			`//`
			`// Unless required by applicable law or agreed to in writing, software`
			`// distributed under the License is distributed on an "AS IS" BASIS,`
			`// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.`
			`// See the License for the specific language governing permissions and`
			`// limitations under the License.`

			`package controllers`

			`import (`
			`"encoding/json"`

Update import path. 2022-01-20 14:11:46 +08:00			`"github.com/casdoor/casdoor/object"`
Add Unlink API. 2021-04-18 23:14:46 +08:00			`)`

			`type LinkForm struct {`
fix: Admins should not be allowed to add third-party login for their members (#932) * feat: admin can unlink the other user * feat: global admin can unlink other user * fix 2022-07-30 23:11:02 +08:00			ProviderType string `json:"providerType"`
			User object.User `json:"user"`
Add Unlink API. 2021-04-18 23:14:46 +08:00			`}`

fix: improve code specification (#231) 2021-08-07 22:02:56 +08:00			`// Unlink ...`
feat: update swagger api json with tags (#347) Signed-off-by: Товарищ программист <2962928213@qq.com> 2021-12-03 20:42:36 +08:00			`// @Tag Login API`
fix: fix Swagger docs by improving comments 2023-12-23 11:57:18 +08:00			`// @Title Unlink`
			`// @router /unlink [post]`
			`// @Success 200 {object} object.Userinfo The Response object`
Add Unlink API. 2021-04-18 23:14:46 +08:00			`func (c *ApiController) Unlink() {`
Add RequireSignedInUser() 2022-09-18 15:43:49 +08:00			`user, ok := c.RequireSignedInUser()`
Refactor out c.RequireSignedIn() 2021-05-17 23:25:28 +08:00			`if !ok {`
Add Unlink API. 2021-04-18 23:14:46 +08:00			`return`
			`}`

			`var form LinkForm`
			`err := json.Unmarshal(c.Ctx.Input.RequestBody, &form)`
			`if err != nil {`
feat: replace panic with details json error payload. (#1039) Signed-off-by: 疯魔慕薇 <kfanjian@gmail.com> Signed-off-by: 疯魔慕薇 <kfanjian@gmail.com> 2022-08-20 21:09:32 +08:00			`c.ResponseError(err.Error())`
			`return`
Add Unlink API. 2021-04-18 23:14:46 +08:00			`}`
			`providerType := form.ProviderType`

fix: Admins should not be allowed to add third-party login for their members (#932) * feat: admin can unlink the other user * feat: global admin can unlink other user * fix 2022-07-30 23:11:02 +08:00			`// the user will be unlinked from the provider`
			`unlinkedUser := form.User`

fix: remove isGlobalAdmin field in user (#2235) * refactor: remove isGlobalAdmin field in user * fix: upload xlsx * fix: remove field in account table 2023-08-19 12:23:15 +08:00			`if user.Id != unlinkedUser.Id && !user.IsGlobalAdmin() {`
fix: Admins should not be allowed to add third-party login for their members (#932) * feat: admin can unlink the other user * feat: global admin can unlink other user * fix 2022-07-30 23:11:02 +08:00			`// if the user is not the same as the one we are unlinking, we need to make sure the user is the global admin.`
feat: refactor backend i18n (#1373) * fix: handle the dataSourceName when DB changes * reduce duplication of code * feat: refactor translation error message * feat: use json intsead of ini file * remove useless translation * fix translate problems * remove useless addition * fix pr problems * fix pr problems * fix split problem * use gofumpt to fmt code * use crowdin to execute backend translation * fix pr problems * refactor: change translation file structure same as frontend * delete useless output * update go.mod 2022-12-07 13:13:23 +08:00			`c.ResponseError(c.T("link:You are not the global admin, you can't unlink other users"))`
fix: Admins should not be allowed to add third-party login for their members (#932) * feat: admin can unlink the other user * feat: global admin can unlink other user * fix 2022-07-30 23:11:02 +08:00			`return`
			`}`

fix: remove isGlobalAdmin field in user (#2235) * refactor: remove isGlobalAdmin field in user * fix: upload xlsx * fix: remove field in account table 2023-08-19 12:23:15 +08:00			`if user.Id == unlinkedUser.Id && !user.IsGlobalAdmin() {`
fix: Admins should not be allowed to add third-party login for their members (#932) * feat: admin can unlink the other user * feat: global admin can unlink other user * fix 2022-07-30 23:11:02 +08:00			`// if the user is unlinking themselves, should check the provider can be unlinked, if not, we should return an error.`
feat: return most backend API errors to frontend (#1836) * feat: return most backend API errros to frontend Signed-off-by: yehong <239859435@qq.com> * refactor: reduce int type change Signed-off-by: yehong <239859435@qq.com> * feat: return err backend in token.go Signed-off-by: yehong <239859435@qq.com> --------- Signed-off-by: yehong <239859435@qq.com> 2023-05-30 15:49:39 +08:00			`application, err := object.GetApplicationByUser(user)`
			`if err != nil {`
			`c.ResponseError(err.Error())`
			`return`
			`}`

fix: Admins should not be allowed to add third-party login for their members (#932) * feat: admin can unlink the other user * feat: global admin can unlink other user * fix 2022-07-30 23:11:02 +08:00			`if application == nil {`
feat: refactor backend i18n (#1373) * fix: handle the dataSourceName when DB changes * reduce duplication of code * feat: refactor translation error message * feat: use json intsead of ini file * remove useless translation * fix translate problems * remove useless addition * fix pr problems * fix pr problems * fix split problem * use gofumpt to fmt code * use crowdin to execute backend translation * fix pr problems * refactor: change translation file structure same as frontend * delete useless output * update go.mod 2022-12-07 13:13:23 +08:00			`c.ResponseError(c.T("link:You can't unlink yourself, you are not a member of any application"))`
fix: Admins should not be allowed to add third-party login for their members (#932) * feat: admin can unlink the other user * feat: global admin can unlink other user * fix 2022-07-30 23:11:02 +08:00			`return`
			`}`

			`if len(application.Providers) == 0 {`
feat: refactor backend i18n (#1373) * fix: handle the dataSourceName when DB changes * reduce duplication of code * feat: refactor translation error message * feat: use json intsead of ini file * remove useless translation * fix translate problems * remove useless addition * fix pr problems * fix pr problems * fix split problem * use gofumpt to fmt code * use crowdin to execute backend translation * fix pr problems * refactor: change translation file structure same as frontend * delete useless output * update go.mod 2022-12-07 13:13:23 +08:00			`c.ResponseError(c.T("link:This application has no providers"))`
fix: Admins should not be allowed to add third-party login for their members (#932) * feat: admin can unlink the other user * feat: global admin can unlink other user * fix 2022-07-30 23:11:02 +08:00			`return`
			`}`

			`provider := application.GetProviderItemByType(providerType)`
			`if provider == nil {`
feat: refactor backend i18n (#1373) * fix: handle the dataSourceName when DB changes * reduce duplication of code * feat: refactor translation error message * feat: use json intsead of ini file * remove useless translation * fix translate problems * remove useless addition * fix pr problems * fix pr problems * fix split problem * use gofumpt to fmt code * use crowdin to execute backend translation * fix pr problems * refactor: change translation file structure same as frontend * delete useless output * update go.mod 2022-12-07 13:13:23 +08:00			`c.ResponseError(c.T("link:This application has no providers of type") + providerType)`
fix: Admins should not be allowed to add third-party login for their members (#932) * feat: admin can unlink the other user * feat: global admin can unlink other user * fix 2022-07-30 23:11:02 +08:00			`return`
			`}`

			`if !provider.CanUnlink {`
feat: refactor backend i18n (#1373) * fix: handle the dataSourceName when DB changes * reduce duplication of code * feat: refactor translation error message * feat: use json intsead of ini file * remove useless translation * fix translate problems * remove useless addition * fix pr problems * fix pr problems * fix split problem * use gofumpt to fmt code * use crowdin to execute backend translation * fix pr problems * refactor: change translation file structure same as frontend * delete useless output * update go.mod 2022-12-07 13:13:23 +08:00			`c.ResponseError(c.T("link:This provider can't be unlinked"))`
fix: Admins should not be allowed to add third-party login for their members (#932) * feat: admin can unlink the other user * feat: global admin can unlink other user * fix 2022-07-30 23:11:02 +08:00			`return`
			`}`

			`}`

			`// only two situations can happen here`
			`// 1. the user is the global admin`
			`// 2. the user is unlinking themselves and provider can be unlinked`

			`value := object.GetUserField(&unlinkedUser, providerType)`
Add Unlink API. 2021-04-18 23:14:46 +08:00
			`if value == "" {`
feat: refactor backend i18n (#1373) * fix: handle the dataSourceName when DB changes * reduce duplication of code * feat: refactor translation error message * feat: use json intsead of ini file * remove useless translation * fix translate problems * remove useless addition * fix pr problems * fix pr problems * fix split problem * use gofumpt to fmt code * use crowdin to execute backend translation * fix pr problems * refactor: change translation file structure same as frontend * delete useless output * update go.mod 2022-12-07 13:13:23 +08:00			`c.ResponseError(c.T("link:Please link first"), value)`
Add Unlink API. 2021-04-18 23:14:46 +08:00			`return`
			`}`

feat: return most backend API errors to frontend (#1836) * feat: return most backend API errros to frontend Signed-off-by: yehong <239859435@qq.com> * refactor: reduce int type change Signed-off-by: yehong <239859435@qq.com> * feat: return err backend in token.go Signed-off-by: yehong <239859435@qq.com> --------- Signed-off-by: yehong <239859435@qq.com> 2023-05-30 15:49:39 +08:00			`_, err = object.ClearUserOAuthProperties(&unlinkedUser, providerType)`
			`if err != nil {`
			`c.ResponseError(err.Error())`
			`return`
			`}`

			`_, err = object.LinkUserAccount(&unlinkedUser, providerType, "")`
			`if err != nil {`
			`c.ResponseError(err.Error())`
			`return`
			`}`
Show properties in user page. 2021-05-30 18:35:05 +08:00
Use c.ResponseOk() for all places. 2021-08-08 16:00:19 +08:00			`c.ResponseOk()`
Add Unlink API. 2021-04-18 23:14:46 +08:00			`}`