feat: check uniqueness for email and phone when updating user (#1461)

* fix: check unique field when update user

* Update data.json

Co-authored-by: hsluoyz <hsluoyz@qq.com>

controllers/user.go

@@ -148,8 +148,8 @@ func (c *ApiController) UpdateUser() {
 		return
 	}
 
-	if user.DisplayName == "" {
+	if msg := object.CheckUpdateUser(object.GetUser(id), &user, c.GetAcceptLanguage()); msg != "" {
-		c.ResponseError(c.T("user:Display name cannot be empty"))
+		c.ResponseError(msg)
 		return
 	}
 

controllers/verification.go

@@ -175,9 +175,14 @@ func (c *ApiController) ResetEmailOrPhone() {
 	}
 
 	checkDest := dest
-	org := object.GetOrganizationByUser(user)
+	organization := object.GetOrganizationByUser(user)
 	if destType == "phone" {
-		phoneItem := object.GetAccountItemByName("Phone", org)
+		if object.HasUserByField(user.Owner, "phone", user.Phone) {
+			c.ResponseError(c.T("check:Phone already exists"))
+			return
+		}
+
+		phoneItem := object.GetAccountItemByName("Phone", organization)
 		if phoneItem == nil {
 			c.ResponseError(c.T("verification:Unable to get the phone modify rule."))
 			return
@@ -189,12 +194,17 @@ func (c *ApiController) ResetEmailOrPhone() {
 		}
 
 		phonePrefix := "86"
-		if org != nil && org.PhonePrefix != "" {
+		if organization != nil && organization.PhonePrefix != "" {
-			phonePrefix = org.PhonePrefix
+			phonePrefix = organization.PhonePrefix
 		}
 		checkDest = fmt.Sprintf("+%s%s", phonePrefix, dest)
 	} else if destType == "email" {
-		emailItem := object.GetAccountItemByName("Email", org)
+		if object.HasUserByField(user.Owner, "email", user.Email) {
+			c.ResponseError(c.T("check:Email already exists"))
+			return
+		}
+
+		emailItem := object.GetAccountItemByName("Email", organization)
 		if emailItem == nil {
 			c.ResponseError(c.T("verification:Unable to get the email modify rule."))
 			return

object/check.go

@@ -60,8 +60,8 @@ func CheckUserSignup(application *Application, organization *Organization, usern
 		if reWhiteSpace.MatchString(username) {
 			return i18n.Translate(lang, "check:Username cannot contain white spaces")
 		}
-		msg := CheckUsername(username, lang)
+
-		if msg != "" {
+		if msg := CheckUsername(username, lang); msg != "" {
 			return msg
 		}
 
@@ -342,6 +342,34 @@ func CheckUsername(username string, lang string) string {
 	return ""
 }
 
+func CheckUpdateUser(oldUser *User, user *User, lang string) string {
+	if user.DisplayName == "" {
+		return i18n.Translate(lang, "user:Display name cannot be empty")
+	}
+
+	if msg := CheckUsername(user.Name, lang); msg != "" {
+		return msg
+	}
+
+	if oldUser.Name != user.Name {
+		if HasUserByField(user.Owner, "name", user.Name) {
+			return i18n.Translate(lang, "check:Username already exists")
+		}
+	}
+	if oldUser.Email != user.Email {
+		if HasUserByField(user.Name, "email", user.Email) {
+			return i18n.Translate(lang, "check:Email already exists")
+		}
+	}
+	if oldUser.Phone != user.Phone {
+		if HasUserByField(user.Owner, "phone", user.Phone) {
+			return i18n.Translate(lang, "check:Phone already exists")
+		}
+	}
+
+	return ""
+}
+
 func CheckToEnableCaptcha(application *Application) bool {
 	if len(application.Providers) == 0 {
 		return false

web/src/ResetModal.js

@@ -37,7 +37,11 @@ export const ResetModal = (props) => {
 
   const handleOk = () => {
     if (dest === "") {
-      Setting.showMessage("error", i18next.t("user:Empty " + destType));
+      if (destType === "phone") {
+        Setting.showMessage("error", i18next.t("user:Phone cannot be empty"));
+      } else {
+        Setting.showMessage("error", i18next.t("user:Email cannot be empty"));
+      }
       return;
     }
     if (code === "") {

web/src/UserEditPage.js

@@ -284,18 +284,16 @@ class UserEditPage extends React.Component {
             {Setting.getLabel(i18next.t("general:Email"), i18next.t("general:Email - Tooltip"))} :
           </Col>
           <Col style={{paddingRight: "20px"}} span={11} >
-            <Input value={this.state.user.email}
+            <Select value={this.state.user.email}
+              options={[Setting.getItem(this.state.user.email, this.state.user.email)]}
               disabled={disabled}
               onChange={e => {
                 this.updateUserField("email", e.target.value);
               }} />
           </Col>
           <Col span={11} >
-            {
+            {/* backend auto get the current user, so admin can not edit. Just self can reset*/}
-              !this.isSelf() ? null : (
+            {this.isSelf() ? <ResetModal application={this.state.application} disabled={disabled} buttonText={i18next.t("user:Reset Email...")} destType={"email"} /> : null}
-                <ResetModal application={this.state.application} disabled={disabled} buttonText={i18next.t("user:Reset Email...")} destType={"email"} />
-              )
-            }
           </Col>
         </Row>
       );
@@ -306,14 +304,15 @@ class UserEditPage extends React.Component {
             {Setting.getLabel(i18next.t("general:Phone"), i18next.t("general:Phone - Tooltip"))} :
           </Col>
           <Col style={{paddingRight: "20px"}} span={11} >
-            <Input value={this.state.user.phone} addonBefore={`+${this.state.application?.organizationObj.phonePrefix}`}
+            <Select value={`+${this.state.application?.organizationObj.phonePrefix} ${this.state.user.phone}`}
+              options={[Setting.getItem(`+${this.state.application?.organizationObj.phonePrefix} ${this.state.user.phone}`, this.state.user.phone)]}
               disabled={disabled}
               onChange={e => {
                 this.updateUserField("phone", e.target.value);
               }} />
           </Col>
           <Col span={11} >
-            {this.state.user.id === this.props.account?.id ? (<ResetModal application={this.state.application} disabled={disabled} buttonText={i18next.t("user:Reset Phone...")} destType={"phone"} />) : null}
+            {this.isSelf() ? (<ResetModal application={this.state.application} disabled={disabled} buttonText={i18next.t("user:Reset Phone...")} destType={"phone"} />) : null}
           </Col>
         </Row>
       );

web/src/UserListPage.js

@@ -354,6 +354,7 @@ class UserListPage extends BaseListPage {
               <Popconfirm
                 title={`Sure to delete user: ${record.name} ?`}
                 onConfirm={() => this.deleteUser(index)}
+                disabled={disabled}
               >
                 <Button disabled={disabled} style={{marginBottom: "10px"}} type="primary" danger>{i18next.t("general:Delete")}</Button>
               </Popconfirm>

web/src/locales/de/data.json

@@ -714,6 +714,7 @@
     "Country/Region": "Land/Region",
     "Country/Region - Tooltip": "Country/Region",
     "Edit User": "Benutzer bearbeiten",
+    "Email cannot be empty": "Email cannot be empty",
     "Empty input!": "Empty input!",
     "Homepage": "Homepage",
     "Homepage - Tooltip": "Startseite - Tooltip",
@@ -742,6 +743,7 @@
     "Old Password": "Altes Passwort",
     "Password": "Passwort",
     "Password Set": "Passwort setzen",
+    "Phone cannot be empty": "Phone cannot be empty",
     "Please select avatar from resources": "Please select avatar from resources",
     "Properties": "Eigenschaften",
     "Properties - Tooltip": "Properties - Tooltip",

web/src/locales/en/data.json

@@ -714,6 +714,7 @@
     "Country/Region": "Country/Region",
     "Country/Region - Tooltip": "Country/Region - Tooltip",
     "Edit User": "Edit User",
+    "Email cannot be empty": "Email cannot be empty",
     "Empty input!": "Empty input!",
     "Homepage": "Homepage",
     "Homepage - Tooltip": "Homepage - Tooltip",
@@ -742,6 +743,7 @@
     "Old Password": "Old Password",
     "Password": "Password",
     "Password Set": "Password Set",
+    "Phone cannot be empty": "Phone cannot be empty",
     "Please select avatar from resources": "Please select avatar from resources",
     "Properties": "Properties",
     "Properties - Tooltip": "Properties - Tooltip",

web/src/locales/es/data.json

@@ -714,6 +714,7 @@
     "Country/Region": "Pais/Región",
     "Country/Region - Tooltip": "Pais/Región - Tooltip",
     "Edit User": "Editar usuario",
+    "Email cannot be empty": "Email cannot be empty",
     "Empty input!": "Campo requerido!",
     "Homepage": "Página de Inicio",
     "Homepage - Tooltip": "Página de Inicio - Tooltip",
@@ -742,6 +743,7 @@
     "Old Password": "Contraseña anterior",
     "Password": "Contraseña",
     "Password Set": "Password Set",
+    "Phone cannot be empty": "Phone cannot be empty",
     "Please select avatar from resources": "Please select avatar from resources",
     "Properties": "Propiedades",
     "Properties - Tooltip": "Properties - Tooltip",

web/src/locales/fr/data.json

@@ -714,6 +714,7 @@
     "Country/Region": "Pays/Région",
     "Country/Region - Tooltip": "Country/Region",
     "Edit User": "Editer l'utilisateur",
+    "Email cannot be empty": "Email cannot be empty",
     "Empty input!": "Empty input!",
     "Homepage": "Page d'accueil",
     "Homepage - Tooltip": "Page d'accueil - infobulle",
@@ -742,6 +743,7 @@
     "Old Password": "Ancien mot de passe",
     "Password": "Mot de passe",
     "Password Set": "Mot de passe défini",
+    "Phone cannot be empty": "Phone cannot be empty",
     "Please select avatar from resources": "Please select avatar from resources",
     "Properties": "Propriétés",
     "Properties - Tooltip": "Properties - Tooltip",

web/src/locales/ja/data.json

@@ -714,6 +714,7 @@
     "Country/Region": "国/地域",
     "Country/Region - Tooltip": "Country/Region",
     "Edit User": "ユーザーを編集",
+    "Email cannot be empty": "Email cannot be empty",
     "Empty input!": "Empty input!",
     "Homepage": "ホームページ",
     "Homepage - Tooltip": "ホームページ - ツールチップ",
@@ -742,6 +743,7 @@
     "Old Password": "古いパスワード",
     "Password": "パスワード",
     "Password Set": "パスワード設定",
+    "Phone cannot be empty": "Phone cannot be empty",
     "Please select avatar from resources": "Please select avatar from resources",
     "Properties": "プロパティー",
     "Properties - Tooltip": "Properties - Tooltip",

web/src/locales/ko/data.json

@@ -714,6 +714,7 @@
     "Country/Region": "Country/Region",
     "Country/Region - Tooltip": "Country/Region",
     "Edit User": "Edit User",
+    "Email cannot be empty": "Email cannot be empty",
     "Empty input!": "Empty input!",
     "Homepage": "Homepage",
     "Homepage - Tooltip": "Homepage - Tooltip",
@@ -742,6 +743,7 @@
     "Old Password": "Old Password",
     "Password": "Password",
     "Password Set": "Password Set",
+    "Phone cannot be empty": "Phone cannot be empty",
     "Please select avatar from resources": "Please select avatar from resources",
     "Properties": "Properties",
     "Properties - Tooltip": "Properties - Tooltip",

web/src/locales/ru/data.json

@@ -714,6 +714,7 @@
     "Country/Region": "Страна/регион",
     "Country/Region - Tooltip": "Country/Region",
     "Edit User": "Изменить пользователя",
+    "Email cannot be empty": "Email cannot be empty",
     "Empty input!": "Empty input!",
     "Homepage": "Главная страница",
     "Homepage - Tooltip": "Главная страница - Подсказки",
@@ -742,6 +743,7 @@
     "Old Password": "Старый пароль",
     "Password": "Пароль",
     "Password Set": "Пароль установлен",
+    "Phone cannot be empty": "Phone cannot be empty",
     "Please select avatar from resources": "Please select avatar from resources",
     "Properties": "Свойства",
     "Properties - Tooltip": "Properties - Tooltip",

web/src/locales/zh/data.json

@@ -714,6 +714,7 @@
     "Country/Region": "国家/地区",
     "Country/Region - Tooltip": "国家/地区",
     "Edit User": "编辑用户",
+    "Email cannot be empty": "邮箱不能为空",
     "Empty input!": "输入为空！",
     "Homepage": "个人主页",
     "Homepage - Tooltip": "个人主页链接",
@@ -742,6 +743,7 @@
     "Old Password": "旧密码",
     "Password": "密码",
     "Password Set": "密码已设置",
+    "Phone cannot be empty": "手机号不能为空",
     "Please select avatar from resources": "从资源中选择...",
     "Properties": "属性",
     "Properties - Tooltip": "属性",