Revert "fix: openid address format (#1157)"

This reverts commit a447d64bf2.

.github/workflows/build.yml

@@ -125,15 +125,6 @@ jobs:
               
           fi
 
-      - name: Set up QEMU
-        uses: docker/setup-qemu-action@v2
-
-      - name: Set up buildx
-        id: buildx
-        uses: docker/setup-buildx-action@v2
-        with:
-          version: latest
-
       - name: Log in to Docker Hub
         uses: docker/login-action@v1
         if: github.repository == 'casdoor/casdoor' && github.event_name == 'push' &&steps.should_push.outputs.push=='true'
@@ -141,20 +132,19 @@ jobs:
           username: ${{ secrets.DOCKERHUB_USERNAME }}
           password: ${{ secrets.DOCKERHUB_PASSWORD }}
 
+
       - name: Push to Docker Hub
-        uses: docker/build-push-action@v3
+        uses: docker/build-push-action@v2
         if: github.repository == 'casdoor/casdoor' && github.event_name == 'push' && steps.should_push.outputs.push=='true'
         with:
           target: STANDARD
-          platforms: linux/amd64,linux/arm64
           push: true
           tags: casbin/casdoor:${{steps.get-current-tag.outputs.tag }},casbin/casdoor:latest
 
       - name: Push All In One Version to Docker Hub
-        uses: docker/build-push-action@v3
+        uses: docker/build-push-action@v2
         if: github.repository == 'casdoor/casdoor' && github.event_name == 'push' && steps.should_push.outputs.push=='true'
         with:
           target: ALLINONE
-          platforms: linux/amd64,linux/arm64
           push: true
           tags: casbin/casdoor-all-in-one:${{steps.get-current-tag.outputs.tag }},casbin/casdoor-all-in-one:latest

.gitignore

@@ -27,6 +27,3 @@ logs/
 files/
 lastupdate.tmp
 commentsRouter*.go
-
-# ignore build result
-casdoor

Dockerfile

@@ -2,7 +2,7 @@ FROM node:16.13.0 AS FRONT
 WORKDIR /web
 COPY ./web .
 RUN yarn config set registry https://registry.npmmirror.com
-RUN yarn install --frozen-lockfile --network-timeout 1000000 && yarn run build
+RUN yarn install && yarn run build
 
 
 FROM golang:1.17.5 AS BACK
@@ -13,29 +13,16 @@ RUN ./build.sh
 
 FROM alpine:latest AS STANDARD
 LABEL MAINTAINER="https://casdoor.org/"
-ARG USER=casdoor
-ARG TARGETOS
-ARG TARGETARCH
-ENV BUILDX_ARCH="${TARGETOS:-linux}_${TARGETARCH:-amd64}"
 
 RUN sed -i 's/https/http/' /etc/apk/repositories
-RUN apk add --update sudo
 RUN apk add curl
 RUN apk add ca-certificates && update-ca-certificates
 
-RUN adduser -D $USER -u 1000 \
-    && echo "$USER ALL=(ALL) NOPASSWD: ALL" > /etc/sudoers.d/$USER \
-    && chmod 0440 /etc/sudoers.d/$USER \
-    && mkdir logs \
-    && chown -R $USER:$USER logs
-
-USER 1000
 WORKDIR /
-COPY --from=BACK --chown=$USER:$USER /go/src/casdoor/server_${BUILDX_ARCH} ./server
-COPY --from=BACK --chown=$USER:$USER /go/src/casdoor/swagger ./swagger
-COPY --from=BACK --chown=$USER:$USER /go/src/casdoor/conf/app.conf ./conf/app.conf
-COPY --from=FRONT --chown=$USER:$USER /web/build ./web/build
-
+COPY --from=BACK /go/src/casdoor/server ./server
+COPY --from=BACK /go/src/casdoor/swagger ./swagger
+COPY --from=BACK /go/src/casdoor/conf/app.conf ./conf/app.conf
+COPY --from=FRONT /web/build ./web/build
 ENTRYPOINT ["/server"]
 
 
@@ -49,15 +36,12 @@ RUN apt update \
 
 FROM db AS ALLINONE
 LABEL MAINTAINER="https://casdoor.org/"
-ARG TARGETOS
-ARG TARGETARCH
-ENV BUILDX_ARCH="${TARGETOS:-linux}_${TARGETARCH:-amd64}"
 
 RUN apt update
 RUN apt install -y ca-certificates && update-ca-certificates
 
 WORKDIR /
-COPY --from=BACK /go/src/casdoor/server_${BUILDX_ARCH} ./server
+COPY --from=BACK /go/src/casdoor/server ./server
 COPY --from=BACK /go/src/casdoor/swagger ./swagger
 COPY --from=BACK /go/src/casdoor/docker-entrypoint.sh /docker-entrypoint.sh
 COPY --from=BACK /go/src/casdoor/conf/app.conf ./conf/app.conf

README.md

@@ -51,7 +51,7 @@
 ## Documentation
 
 - International: https://casdoor.org
-- Asian mirror: https://casdoor.cn
+- Asian mirror: https://docs.casdoor.cn
 
 ## Install
 
@@ -69,7 +69,7 @@ https://casdoor.org/docs/how-to-connect/overview
 
 ## Integrations
 
-https://casdoor.org/docs/category/integrations
+https://casdoor.org/docs/integration/apisix
 
 ## How to contact?
 

SECURITY.md

@@ -1,9 +0,0 @@
-# Security Policy
-
-## Reporting a Vulnerability
-
-We are grateful for security researchers and users reporting a vulnerability to us first. To ensure that your request is handled in a timely manner and we can keep users safe, please follow the below guidelines.
-
-- **Please do not report security vulnerabilities directly on GitHub.**
-
-- To report a vulnerability, please email [admin@casdoor.org](admin@casdoor.org).

authz/authz.go

@@ -15,14 +15,12 @@
 package authz
 
 import (
-	"fmt"
 	"strings"
 
 	"github.com/casbin/casbin/v2"
 	"github.com/casbin/casbin/v2/model"
-	xormadapter "github.com/casbin/xorm-adapter/v3"
+	xormadapter "github.com/casbin/xorm-adapter/v2"
 	"github.com/casdoor/casdoor/conf"
-	"github.com/casdoor/casdoor/object"
 	stringadapter "github.com/qiangmzsx/string-adapter/v2"
 )
 
@@ -32,9 +30,7 @@ func InitAuthz() {
 	var err error
 
 	tableNamePrefix := conf.GetConfigString("tableNamePrefix")
-	driverName := conf.GetConfigString("driverName")
-	dataSourceName := conf.GetConfigRealDataSourceName(driverName)
-	a, err := xormadapter.NewAdapterWithTableName(driverName, dataSourceName, "casbin_rule", tableNamePrefix, true)
+	a, err := xormadapter.NewAdapterWithTableName(conf.GetConfigString("driverName"), conf.GetConfigDataSourceName()+conf.GetConfigString("dbName"), "casbin_rule", tableNamePrefix, true)
 	if err != nil {
 		panic(err)
 	}
@@ -87,8 +83,6 @@ p, *, *, POST, /api/logout, *, *
 p, *, *, GET, /api/logout, *, *
 p, *, *, GET, /api/get-account, *, *
 p, *, *, GET, /api/userinfo, *, *
-p, *, *, POST, /api/webhook, *, *
-p, *, *, GET, /api/get-webhook-event, *, *
 p, *, *, *, /api/login/oauth, *, *
 p, *, *, GET, /api/get-application, *, *
 p, *, *, GET, /api/get-organization-applications, *, *
@@ -144,12 +138,6 @@ func IsAllowed(subOwner string, subName string, method string, urlPath string, o
 		}
 	}
 
-	userId := fmt.Sprintf("%s/%s", subOwner, subName)
-	user := object.GetUser(userId)
-	if user != nil && user.IsAdmin && (subOwner == objOwner || (objOwner == "admin" && subOwner == objName)) {
-		return true
-	}
-
 	res, err := Enforcer.Enforce(subOwner, subName, method, urlPath, objOwner, objName)
 	if err != nil {
 		panic(err)

build.sh

@@ -8,5 +8,4 @@ else
     echo "Google is blocked, Go proxy is enabled: GOPROXY=https://goproxy.cn,direct"
     export GOPROXY="https://goproxy.cn,direct"
 fi
-CGO_ENABLED=0 GOOS=linux GOARCH=amd64 go build -ldflags="-w -s" -o server_linux_amd64 .
-CGO_ENABLED=0 GOOS=linux GOARCH=arm64 go build -ldflags="-w -s" -o server_linux_arm64 .
+CGO_ENABLED=0 GOOS=linux GOARCH=amd64 go build -ldflags="-w -s" -o server .

captcha/provider.go

@@ -14,8 +14,6 @@
 
 package captcha
 
-import "fmt"
-
 type CaptchaProvider interface {
 	VerifyCaptcha(token, clientSecret string) (bool, error)
 }
@@ -31,17 +29,6 @@ func GetCaptchaProvider(captchaType string) CaptchaProvider {
 		return NewAliyunCaptchaProvider()
 	} else if captchaType == "GEETEST" {
 		return NewGEETESTCaptchaProvider()
-	} else if captchaType == "Cloudflare Turnstile" {
-		return NewCloudflareTurnstileProvider()
 	}
 	return nil
 }
-
-func VerifyCaptchaByCaptchaType(captchaType, token, clientSecret string) (bool, error) {
-	provider := GetCaptchaProvider(captchaType)
-	if provider == nil {
-		return false, fmt.Errorf("invalid captcha provider: %s", captchaType)
-	}
-
-	return provider.VerifyCaptcha(token, clientSecret)
-}

captcha/turnstile.go

@@ -1,66 +0,0 @@
-// Copyright 2022 The Casdoor Authors. All Rights Reserved.
-//
-// Licensed under the Apache License, Version 2.0 (the "License");
-// you may not use this file except in compliance with the License.
-// You may obtain a copy of the License at
-//
-//      http://www.apache.org/licenses/LICENSE-2.0
-//
-// Unless required by applicable law or agreed to in writing, software
-// distributed under the License is distributed on an "AS IS" BASIS,
-// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-// See the License for the specific language governing permissions and
-// limitations under the License.
-
-package captcha
-
-import (
-	"encoding/json"
-	"errors"
-	"io"
-	"net/http"
-	"net/url"
-	"strings"
-)
-
-const CloudflareTurnstileVerifyUrl = "https://challenges.cloudflare.com/turnstile/v0/siteverify"
-
-type CloudflareTurnstileProvider struct{}
-
-func NewCloudflareTurnstileProvider() *CloudflareTurnstileProvider {
-	captcha := &CloudflareTurnstileProvider{}
-	return captcha
-}
-
-func (captcha *CloudflareTurnstileProvider) VerifyCaptcha(token, clientSecret string) (bool, error) {
-	reqData := url.Values{
-		"secret":   {clientSecret},
-		"response": {token},
-	}
-	resp, err := http.PostForm(CloudflareTurnstileVerifyUrl, reqData)
-	if err != nil {
-		return false, err
-	}
-
-	defer resp.Body.Close()
-	body, err := io.ReadAll(resp.Body)
-	if err != nil {
-		return false, err
-	}
-
-	type captchaResponse struct {
-		Success    bool     `json:"success"`
-		ErrorCodes []string `json:"error-codes"`
-	}
-	captchaResp := &captchaResponse{}
-	err = json.Unmarshal(body, captchaResp)
-	if err != nil {
-		return false, err
-	}
-
-	if len(captchaResp.ErrorCodes) > 0 {
-		return false, errors.New(strings.Join(captchaResp.ErrorCodes, ","))
-	}
-
-	return captchaResp.Success, nil
-}

conf/app.conf

@@ -20,5 +20,3 @@ staticBaseUrl = "https://cdn.casbin.org"
 isDemoMode = false
 batchSize = 100
 ldapServerPort = 389
-languages = en,zh,es,fr,de,ja,ko,ru
-quota = {"organization": -1, "user": -1, "application": -1, "provider": -1}

conf/conf.go

@@ -15,25 +15,15 @@
 package conf
 
 import (
-	"encoding/json"
 	"fmt"
 	"os"
 	"runtime"
 	"strconv"
 	"strings"
 
-	"github.com/beego/beego"
+	"github.com/astaxie/beego"
 )
 
-type Quota struct {
-	Organization int `json:"organization"`
-	User         int `json:"user"`
-	Application  int `json:"application"`
-	Provider     int `json:"provider"`
-}
-
-var quota = &Quota{-1, -1, -1, -1}
-
 func init() {
 	// this array contains the beego configuration items that may be modified via env
 	presetConfigItems := []string{"httpport", "appname"}
@@ -45,17 +35,6 @@ func init() {
 			}
 		}
 	}
-	initQuota()
-}
-
-func initQuota() {
-	res := beego.AppConfig.String("quota")
-	if res != "" {
-		err := json.Unmarshal([]byte(res), quota)
-		if err != nil {
-			panic(err)
-		}
-	}
 }
 
 func GetConfigString(key string) string {
@@ -116,17 +95,3 @@ func GetConfigBatchSize() int {
 	}
 	return res
 }
-
-func GetConfigQuota() *Quota {
-	return quota
-}
-
-func GetConfigRealDataSourceName(driverName string) string {
-	var dataSourceName string
-	if driverName != "mysql" {
-		dataSourceName = GetConfigDataSourceName()
-	} else {
-		dataSourceName = GetConfigDataSourceName() + GetConfigString("dbName")
-	}
-	return dataSourceName
-}

conf/conf_test.go

@@ -18,7 +18,7 @@ import (
 	"os"
 	"testing"
 
-	"github.com/beego/beego"
+	"github.com/astaxie/beego"
 	"github.com/stretchr/testify/assert"
 )
 
@@ -93,19 +93,3 @@ func TestGetConfBool(t *testing.T) {
 		})
 	}
 }
-
-func TestGetConfigQuota(t *testing.T) {
-	scenarios := []struct {
-		description string
-		expected    *Quota
-	}{
-		{"default", &Quota{-1, -1, -1, -1}},
-	}
-
-	err := beego.LoadAppConfig("ini", "app.conf")
-	assert.Nil(t, err)
-	for _, scenery := range scenarios {
-		quota := GetConfigQuota()
-		assert.Equal(t, scenery.expected, quota)
-	}
-}

controllers/account.go

@@ -64,10 +64,6 @@ type RequestForm struct {
 	RelayState   string `json:"relayState"`
 	SamlRequest  string `json:"samlRequest"`
 	SamlResponse string `json:"samlResponse"`
-
-	CaptchaType  string `json:"captchaType"`
-	CaptchaToken string `json:"captchaToken"`
-	ClientSecret string `json:"clientSecret"`
 }
 
 type Response struct {
@@ -102,7 +98,7 @@ type Captcha struct {
 // @router /signup [post]
 func (c *ApiController) Signup() {
 	if c.GetSessionUsername() != "" {
-		c.ResponseError(c.T("SignUpErr.SignOutFirst"), c.GetSessionUsername())
+		c.ResponseError("Please sign out first before signing up", c.GetSessionUsername())
 		return
 	}
 
@@ -115,21 +111,21 @@ func (c *ApiController) Signup() {
 
 	application := object.GetApplication(fmt.Sprintf("admin/%s", form.Application))
 	if !application.EnableSignUp {
-		c.ResponseError(c.T("SignUpErr.DoNotAllowSignUp"))
+		c.ResponseError("The application does not allow to sign up new account")
 		return
 	}
 
 	organization := object.GetOrganization(fmt.Sprintf("%s/%s", "admin", form.Organization))
-	msg := object.CheckUserSignup(application, organization, form.Username, form.Password, form.Name, form.FirstName, form.LastName, form.Email, form.Phone, form.Affiliation, c.GetAcceptLanguage())
+	msg := object.CheckUserSignup(application, organization, form.Username, form.Password, form.Name, form.FirstName, form.LastName, form.Email, form.Phone, form.Affiliation)
 	if msg != "" {
 		c.ResponseError(msg)
 		return
 	}
 
 	if application.IsSignupItemVisible("Email") && application.GetSignupItemRule("Email") != "No verification" && form.Email != "" {
-		checkResult := object.CheckVerificationCode(form.Email, form.EmailCode, c.GetAcceptLanguage())
+		checkResult := object.CheckVerificationCode(form.Email, form.EmailCode)
 		if len(checkResult) != 0 {
-			c.ResponseError(c.T("EmailErr.EmailCheckResult"), checkResult)
+			c.ResponseError(fmt.Sprintf("Email: %s", checkResult))
 			return
 		}
 	}
@@ -137,9 +133,9 @@ func (c *ApiController) Signup() {
 	var checkPhone string
 	if application.IsSignupItemVisible("Phone") && form.Phone != "" {
 		checkPhone = fmt.Sprintf("+%s%s", form.PhonePrefix, form.Phone)
-		checkResult := object.CheckVerificationCode(checkPhone, form.PhoneCode, c.GetAcceptLanguage())
+		checkResult := object.CheckVerificationCode(checkPhone, form.PhoneCode)
 		if len(checkResult) != 0 {
-			c.ResponseError(c.T("PhoneErr.PhoneCheckResult"), checkResult)
+			c.ResponseError(fmt.Sprintf("Phone: %s", checkResult))
 			return
 		}
 	}
@@ -163,7 +159,7 @@ func (c *ApiController) Signup() {
 
 	initScore, err := getInitScore()
 	if err != nil {
-		c.ResponseError(fmt.Errorf(c.T("InitErr.InitScoreFailed"), err).Error())
+		c.ResponseError(fmt.Errorf("get init score failed, error: %w", err).Error())
 		return
 	}
 
@@ -209,7 +205,7 @@ func (c *ApiController) Signup() {
 
 	affected := object.AddUser(user)
 	if !affected {
-		c.ResponseError(c.T("UserErr.InvalidInformation"), util.StructToJson(user))
+		c.ResponseError(fmt.Sprintf("Failed to create user, user information is invalid: %s", util.StructToJson(user)))
 		return
 	}
 
@@ -245,7 +241,8 @@ func (c *ApiController) Logout() {
 	util.LogInfo(c.Ctx, "API: [%s] logged out", user)
 
 	application := c.GetSessionApplication()
-	c.ClearUserSession()
+	c.SetSessionUsername("")
+	c.SetSessionData(nil)
 
 	if application == nil || application.Name == "app-built-in" || application.HomepageUrl == "" {
 		c.ResponseOk(user)
@@ -312,7 +309,7 @@ func (c *ApiController) GetCaptcha() {
 	applicationId := c.Input().Get("applicationId")
 	isCurrentProvider := c.Input().Get("isCurrentProvider")
 
-	captchaProvider, err := object.GetCaptchaProviderByApplication(applicationId, isCurrentProvider, c.GetAcceptLanguage())
+	captchaProvider, err := object.GetCaptchaProviderByApplication(applicationId, isCurrentProvider)
 	if err != nil {
 		c.ResponseError(err.Error())
 		return

controllers/application.go

@@ -18,7 +18,7 @@ import (
 	"encoding/json"
 	"fmt"
 
-	"github.com/beego/beego/utils/pagination"
+	"github.com/astaxie/beego/utils/pagination"
 	"github.com/casdoor/casdoor/object"
 	"github.com/casdoor/casdoor/util"
 )
@@ -46,7 +46,7 @@ func (c *ApiController) GetApplications() {
 		if organization == "" {
 			applications = object.GetApplications(owner)
 		} else {
-			applications = object.GetOrganizationApplications(owner, organization)
+			applications = object.GetApplicationsByOrganizationName(owner, organization)
 		}
 
 		c.Data["json"] = object.GetMaskedApplications(applications, userId)
@@ -86,7 +86,7 @@ func (c *ApiController) GetUserApplication() {
 	id := c.Input().Get("id")
 	user := object.GetUser(id)
 	if user == nil {
-		c.ResponseError(fmt.Sprintf(c.T("UserErr.DoNotExist"), id))
+		c.ResponseError(fmt.Sprintf("The user: %s doesn't exist", id))
 		return
 	}
 
@@ -103,31 +103,17 @@ func (c *ApiController) GetUserApplication() {
 // @router /get-organization-applications [get]
 func (c *ApiController) GetOrganizationApplications() {
 	userId := c.GetSessionUsername()
-	organization := c.Input().Get("organization")
 	owner := c.Input().Get("owner")
-	limit := c.Input().Get("pageSize")
-	page := c.Input().Get("p")
-	field := c.Input().Get("field")
-	value := c.Input().Get("value")
-	sortField := c.Input().Get("sortField")
-	sortOrder := c.Input().Get("sortOrder")
+	organization := c.Input().Get("organization")
 
 	if organization == "" {
-		c.ResponseError(c.T("ParameterErr.OrgMissingErr"))
+		c.ResponseError("Parameter organization is missing")
 		return
 	}
 
-	if limit == "" || page == "" {
-		var applications []*object.Application
-		applications = object.GetOrganizationApplications(owner, organization)
+	applications := object.GetApplicationsByOrganizationName(owner, organization)
 	c.Data["json"] = object.GetMaskedApplications(applications, userId)
 	c.ServeJSON()
-	} else {
-		limit := util.ParseInt(limit)
-		paginator := pagination.SetPaginator(c.Ctx, limit, int64(object.GetOrganizationApplicationCount(owner, organization, field, value)))
-		applications := object.GetMaskedApplications(object.GetPaginationOrganizationApplications(owner, organization, paginator.Offset(), limit, field, value, sortField, sortOrder), userId)
-		c.ResponseOk(applications, paginator.Nums())
-	}
 }
 
 // UpdateApplication
@@ -167,12 +153,6 @@ func (c *ApiController) AddApplication() {
 		return
 	}
 
-	count := object.GetApplicationCount("", "", "")
-	if err := checkQuotaForApplication(count); err != nil {
-		c.ResponseError(err.Error())
-		return
-	}
-
 	c.Data["json"] = wrapActionResponse(object.AddApplication(&application))
 	c.ServeJSON()
 }

controllers/auth.go

@@ -17,16 +17,12 @@ package controllers
 import (
 	"encoding/base64"
 	"encoding/json"
-	"encoding/xml"
 	"fmt"
-	"io/ioutil"
 	"net/url"
 	"strconv"
 	"strings"
-	"sync"
 	"time"
 
-	"github.com/casdoor/casdoor/captcha"
 	"github.com/casdoor/casdoor/conf"
 	"github.com/casdoor/casdoor/idp"
 	"github.com/casdoor/casdoor/object"
@@ -35,11 +31,6 @@ import (
 	"github.com/google/uuid"
 )
 
-var (
-	wechatScanType string
-	lock           sync.RWMutex
-)
-
 func codeToResponse(code *object.Code) *Response {
 	if code.Code == "" {
 		return &Response{Status: "error", Msg: code.Message, Data: code.Code}
@@ -65,7 +56,7 @@ func (c *ApiController) HandleLoggedIn(application *object.Application, user *ob
 		return
 	}
 	if !allowed {
-		c.ResponseError(c.T("AuthErr.Unauthorized"))
+		c.ResponseError("Unauthorized operation")
 		return
 	}
 
@@ -84,10 +75,10 @@ func (c *ApiController) HandleLoggedIn(application *object.Application, user *ob
 		codeChallenge := c.Input().Get("code_challenge")
 
 		if challengeMethod != "S256" && challengeMethod != "null" && challengeMethod != "" {
-			c.ResponseError(c.T("AuthErr.ChallengeMethodErr"))
+			c.ResponseError("Challenge method should be S256")
 			return
 		}
-		code := object.GetOAuthCode(userId, clientId, responseType, redirectUri, scope, state, nonce, codeChallenge, c.Ctx.Request.Host, c.GetAcceptLanguage())
+		code := object.GetOAuthCode(userId, clientId, responseType, redirectUri, scope, state, nonce, codeChallenge, c.Ctx.Request.Host)
 		resp = codeToResponse(code)
 
 		if application.EnableSigninSession || application.HasPromptPage() {
@@ -160,7 +151,7 @@ func (c *ApiController) GetApplicationLogin() {
 	scope := c.Input().Get("scope")
 	state := c.Input().Get("state")
 
-	msg, application := object.CheckOAuthLogin(clientId, responseType, redirectUri, scope, state, c.GetAcceptLanguage())
+	msg, application := object.CheckOAuthLogin(clientId, responseType, redirectUri, scope, state)
 	application = object.GetMaskedApplication(application, "")
 	if msg != "" {
 		c.ResponseError(msg, application)
@@ -205,7 +196,7 @@ func (c *ApiController) Login() {
 	if form.Username != "" {
 		if form.Type == ResponseTypeLogin {
 			if c.GetSessionUsername() != "" {
-				c.ResponseError(c.T("LoginErr.SignOutFirst"), c.GetSessionUsername())
+				c.ResponseError("Please sign out first before signing in", c.GetSessionUsername())
 				return
 			}
 		}
@@ -227,11 +218,11 @@ func (c *ApiController) Login() {
 				if user != nil && util.GetMaskedEmail(user.Email) == form.Username {
 					form.Username = user.Email
 				}
-				checkResult = object.CheckVerificationCode(form.Username, form.Code, c.GetAcceptLanguage())
+				checkResult = object.CheckVerificationCode(form.Username, form.Code)
 			} else {
 				verificationCodeType = "phone"
 				if len(form.PhonePrefix) == 0 {
-					responseText := fmt.Sprintf(c.T("PhoneErr.NoPrefix"), verificationCodeType)
+					responseText := fmt.Sprintf("%s%s", verificationCodeType, "No phone prefix")
 					c.ResponseError(responseText)
 					return
 				}
@@ -239,7 +230,7 @@ func (c *ApiController) Login() {
 					form.Username = user.Phone
 				}
 				checkPhone := fmt.Sprintf("+%s%s", form.PhonePrefix, form.Username)
-				checkResult = object.CheckVerificationCode(checkPhone, form.Code, c.GetAcceptLanguage())
+				checkResult = object.CheckVerificationCode(checkPhone, form.Code)
 			}
 			if len(checkResult) != 0 {
 				responseText := fmt.Sprintf("%s%s", verificationCodeType, checkResult)
@@ -256,31 +247,12 @@ func (c *ApiController) Login() {
 
 			user = object.GetUserByFields(form.Organization, form.Username)
 			if user == nil {
-				c.ResponseError(fmt.Sprintf(c.T("LoginErr.UserDoNotExist"), form.Organization, form.Username))
+				c.ResponseError(fmt.Sprintf("The user: %s/%s doesn't exist", form.Organization, form.Username))
 				return
 			}
 		} else {
-			application := object.GetApplication(fmt.Sprintf("admin/%s", form.Application))
-			if application == nil {
-				c.ResponseError(fmt.Sprintf("The application: %s does not exist", form.Application))
-				return
-			}
-
-			if object.CheckToEnableCaptcha(application) {
-				isHuman, err := captcha.VerifyCaptchaByCaptchaType(form.CaptchaType, form.CaptchaToken, form.ClientSecret)
-				if err != nil {
-					c.ResponseError(err.Error())
-					return
-				}
-
-				if !isHuman {
-					c.ResponseError("Turing test failed.")
-					return
-				}
-			}
-
 			password := form.Password
-			user, msg = object.CheckUserPassword(form.Organization, form.Username, password, c.GetAcceptLanguage())
+			user, msg = object.CheckUserPassword(form.Organization, form.Username, password)
 		}
 
 		if msg != "" {
@@ -288,7 +260,7 @@ func (c *ApiController) Login() {
 		} else {
 			application := object.GetApplication(fmt.Sprintf("admin/%s", form.Application))
 			if application == nil {
-				c.ResponseError(fmt.Sprintf(c.T("LoginErr.AppDoNotExist"), form.Application))
+				c.ResponseError(fmt.Sprintf("The application: %s does not exist", form.Application))
 				return
 			}
 
@@ -302,15 +274,15 @@ func (c *ApiController) Login() {
 	} else if form.Provider != "" {
 		application := object.GetApplication(fmt.Sprintf("admin/%s", form.Application))
 		if application == nil {
-			c.ResponseError(fmt.Sprintf(c.T("LoginErr.AppDoNotExist"), form.Application))
+			c.ResponseError(fmt.Sprintf("The application: %s does not exist", form.Application))
 			return
 		}
 
 		organization := object.GetOrganization(fmt.Sprintf("%s/%s", "admin", application.Organization))
-		provider := object.GetProvider(util.GetId("admin", form.Provider))
+		provider := object.GetProvider(fmt.Sprintf("admin/%s", form.Provider))
 		providerItem := application.GetProviderItem(provider.Name)
 		if !providerItem.IsProviderVisible() {
-			c.ResponseError(fmt.Sprintf(c.T("ProviderErr.ProviderNotEnabled"), provider.Name))
+			c.ResponseError(fmt.Sprintf("The provider: %s is not enabled for the application", provider.Name))
 			return
 		}
 
@@ -334,14 +306,14 @@ func (c *ApiController) Login() {
 
 			idProvider := idp.GetIdProvider(provider.Type, provider.SubType, clientId, clientSecret, provider.AppId, form.RedirectUri, provider.Domain, provider.CustomAuthUrl, provider.CustomTokenUrl, provider.CustomUserInfoUrl)
 			if idProvider == nil {
-				c.ResponseError(fmt.Sprintf(c.T("ProviderErr.ProviderNotSupported"), provider.Type))
+				c.ResponseError(fmt.Sprintf("The provider type: %s is not supported", provider.Type))
 				return
 			}
 
 			setHttpClient(idProvider, provider.Type)
 
 			if form.State != conf.GetConfigString("authState") && form.State != application.Name {
-				c.ResponseError(fmt.Sprintf(c.T("AuthErr.AuthStateWrong"), conf.GetConfigString("authState"), form.State))
+				c.ResponseError(fmt.Sprintf("state expected: \"%s\", but got: \"%s\"", conf.GetConfigString("authState"), form.State))
 				return
 			}
 
@@ -353,13 +325,13 @@ func (c *ApiController) Login() {
 			}
 
 			if !token.Valid() {
-				c.ResponseError(c.T("TokenErr.InvalidToken"))
+				c.ResponseError("Invalid token")
 				return
 			}
 
 			userInfo, err = idProvider.GetUserInfo(token)
 			if err != nil {
-				c.ResponseError(fmt.Sprintf(c.T("LoginErr.LoginFail"), err.Error()))
+				c.ResponseError(fmt.Sprintf("Failed to login in: %s", err.Error()))
 				return
 			}
 		}
@@ -376,7 +348,7 @@ func (c *ApiController) Login() {
 				// Sign in via OAuth (want to sign up but already have account)
 
 				if user.IsForbidden {
-					c.ResponseError(c.T("LoginErr.UserIsForbidden"))
+					c.ResponseError("the user is forbidden to sign in, please contact the administrator")
 				}
 
 				resp = c.HandleLoggedIn(application, user, &form)
@@ -388,12 +360,12 @@ func (c *ApiController) Login() {
 			} else if provider.Category == "OAuth" {
 				// Sign up via OAuth
 				if !application.EnableSignUp {
-					c.ResponseError(fmt.Sprintf(c.T("LoginErr.AppNotEnableSignUp"), provider.Type, userInfo.Username, userInfo.DisplayName))
+					c.ResponseError(fmt.Sprintf("The account for provider: %s and username: %s (%s) does not exist and is not allowed to sign up as new account, please contact your IT support", provider.Type, userInfo.Username, userInfo.DisplayName))
 					return
 				}
 
 				if !providerItem.CanSignUp {
-					c.ResponseError(fmt.Sprintf(c.T("LoginErr.ProviderCanNotSignUp"), provider.Type, userInfo.Username, userInfo.DisplayName, provider.Type))
+					c.ResponseError(fmt.Sprintf("The account for provider: %s and username: %s (%s) does not exist and is not allowed to sign up as new account via %s, please use another way to sign up", provider.Type, userInfo.Username, userInfo.DisplayName, provider.Type))
 					return
 				}
 
@@ -414,7 +386,7 @@ func (c *ApiController) Login() {
 				properties["no"] = strconv.Itoa(len(object.GetUsers(application.Organization)) + 2)
 				initScore, err := getInitScore()
 				if err != nil {
-					c.ResponseError(fmt.Errorf(c.T("InitErr.InitScoreFailed"), err).Error())
+					c.ResponseError(fmt.Errorf("get init score failed, error: %w", err).Error())
 					return
 				}
 
@@ -441,7 +413,7 @@ func (c *ApiController) Login() {
 
 				affected := object.AddUser(user)
 				if !affected {
-					c.ResponseError(fmt.Sprintf(c.T("LoginErr.InvalidUserInformation"), util.StructToJson(user)))
+					c.ResponseError(fmt.Sprintf("Failed to create user, user information is invalid: %s", util.StructToJson(user)))
 					return
 				}
 
@@ -466,13 +438,13 @@ func (c *ApiController) Login() {
 		} else { // form.Method != "signup"
 			userId := c.GetSessionUsername()
 			if userId == "" {
-				c.ResponseError(c.T("LoginErr.AccountDoNotExist"), userInfo)
+				c.ResponseError("The account does not exist", userInfo)
 				return
 			}
 
 			oldUser := object.GetUserByField(application.Organization, provider.Type, userInfo.Id)
 			if oldUser != nil {
-				c.ResponseError(fmt.Sprintf(c.T("LoginErr.OldUser"), provider.Type, userInfo.Username, userInfo.DisplayName, oldUser.Name, oldUser.DisplayName))
+				c.ResponseError(fmt.Sprintf("The account for provider: %s and username: %s (%s) is already linked to another account: %s (%s)", provider.Type, userInfo.Username, userInfo.DisplayName, oldUser.Name, oldUser.DisplayName))
 				return
 			}
 
@@ -493,7 +465,7 @@ func (c *ApiController) Login() {
 			// user already signed in to Casdoor, so let the user click the avatar button to do the quick sign-in
 			application := object.GetApplication(fmt.Sprintf("admin/%s", form.Application))
 			if application == nil {
-				c.ResponseError(fmt.Sprintf(c.T("LoginErr.AppDoNotExist"), form.Application))
+				c.ResponseError(fmt.Sprintf("The application: %s does not exist", form.Application))
 				return
 			}
 
@@ -505,7 +477,7 @@ func (c *ApiController) Login() {
 			record.User = user.Name
 			util.SafeGoroutine(func() { object.AddRecord(record) })
 		} else {
-			c.ResponseError(fmt.Sprintf(c.T("LoginErr.UnknownAuthentication"), util.StructToJson(form)))
+			c.ResponseError(fmt.Sprintf("unknown authentication type (not password or provider), form = %s", util.StructToJson(form)))
 			return
 		}
 	}
@@ -517,7 +489,7 @@ func (c *ApiController) Login() {
 func (c *ApiController) GetSamlLogin() {
 	providerId := c.Input().Get("id")
 	relayState := c.Input().Get("relayState")
-	authURL, method, err := object.GenerateSamlLoginUrl(providerId, relayState, c.GetAcceptLanguage())
+	authURL, method, err := object.GenerateSamlLoginUrl(providerId, relayState)
 	if err != nil {
 		c.ResponseError(err.Error())
 	}
@@ -538,46 +510,3 @@ func (c *ApiController) HandleSamlLogin() {
 		slice[4], relayState, samlResponse)
 	c.Redirect(targetUrl, 303)
 }
-
-// HandleOfficialAccountEvent ...
-// @Tag HandleOfficialAccountEvent API
-// @Title HandleOfficialAccountEvent
-// @router /api/webhook [POST]
-func (c *ApiController) HandleOfficialAccountEvent() {
-	respBytes, err := ioutil.ReadAll(c.Ctx.Request.Body)
-	if err != nil {
-		c.ResponseError(err.Error())
-	}
-	var data struct {
-		MsgType  string `xml:"MsgType"`
-		Event    string `xml:"Event"`
-		EventKey string `xml:"EventKey"`
-	}
-	err = xml.Unmarshal(respBytes, &data)
-	if err != nil {
-		c.ResponseError(err.Error())
-	}
-	lock.Lock()
-	defer lock.Unlock()
-	if data.EventKey != "" {
-		wechatScanType = data.Event
-		c.Ctx.WriteString("")
-	}
-}
-
-// GetWebhookEventType ...
-// @Tag GetWebhookEventType API
-// @Title GetWebhookEventType
-// @router /api/get-webhook-event [GET]
-func (c *ApiController) GetWebhookEventType() {
-	lock.Lock()
-	defer lock.Unlock()
-	resp := &Response{
-		Status: "ok",
-		Msg:    "",
-		Data:   wechatScanType,
-	}
-	c.Data["json"] = resp
-	wechatScanType = ""
-	c.ServeJSON()
-}

controllers/base.go

@@ -18,8 +18,8 @@ import (
 	"strings"
 	"time"
 
-	"github.com/beego/beego"
-	"github.com/beego/beego/logs"
+	"github.com/astaxie/beego"
+	"github.com/astaxie/beego/logs"
 	"github.com/casdoor/casdoor/object"
 	"github.com/casdoor/casdoor/util"
 )
@@ -63,7 +63,8 @@ func (c *ApiController) GetSessionUsername() string {
 	if sessionData != nil &&
 		sessionData.ExpireTime != 0 &&
 		sessionData.ExpireTime < time.Now().Unix() {
-		c.ClearUserSession()
+		c.SetSessionUsername("")
+		c.SetSessionData(nil)
 		return ""
 	}
 
@@ -84,17 +85,13 @@ func (c *ApiController) GetSessionApplication() *object.Application {
 	return application
 }
 
-func (c *ApiController) ClearUserSession() {
-	c.SetSessionUsername("")
-	c.SetSessionData(nil)
-}
-
 func (c *ApiController) GetSessionOidc() (string, string) {
 	sessionData := c.GetSessionData()
 	if sessionData != nil &&
 		sessionData.ExpireTime != 0 &&
 		sessionData.ExpireTime < time.Now().Unix() {
-		c.ClearUserSession()
+		c.SetSessionUsername("")
+		c.SetSessionData(nil)
 		return "", ""
 	}
 	scopeValue := c.GetSession("scope")

controllers/cas.go

@@ -210,7 +210,7 @@ func (c *RootController) SamlValidate() {
 	}
 
 	if !strings.HasPrefix(target, service) {
-		c.ResponseError(fmt.Sprintf(c.T("CasErr.ServiceDoNotMatch"), target, service))
+		c.ResponseError(fmt.Sprintf("service %s and %s do not match", target, service))
 		return
 	}
 

controllers/casbin_adapter.go

@@ -17,8 +17,7 @@ package controllers
 import (
 	"encoding/json"
 
-	"github.com/beego/beego/utils/pagination"
-	xormadapter "github.com/casbin/xorm-adapter/v3"
+	"github.com/astaxie/beego/utils/pagination"
 	"github.com/casdoor/casdoor/object"
 	"github.com/casdoor/casdoor/util"
 )
@@ -90,69 +89,6 @@ func (c *ApiController) SyncPolicies() {
 	id := c.Input().Get("id")
 	adapter := object.GetCasbinAdapter(id)
 
-	policies, err := object.SyncPolicies(adapter)
-	if err != nil {
-		c.ResponseError(err.Error())
-		return
-	}
-
-	c.Data["json"] = policies
-	c.ServeJSON()
-}
-
-func (c *ApiController) UpdatePolicy() {
-	id := c.Input().Get("id")
-	adapter := object.GetCasbinAdapter(id)
-	var policies []xormadapter.CasbinRule
-	err := json.Unmarshal(c.Ctx.Input.RequestBody, &policies)
-	if err != nil {
-		c.ResponseError(err.Error())
-		return
-	}
-
-	affected, err := object.UpdatePolicy(util.CasbinToSlice(policies[0]), util.CasbinToSlice(policies[1]), adapter)
-	if err != nil {
-		c.ResponseError(err.Error())
-		return
-	}
-	c.Data["json"] = wrapActionResponse(affected)
-	c.ServeJSON()
-}
-
-func (c *ApiController) AddPolicy() {
-	id := c.Input().Get("id")
-	adapter := object.GetCasbinAdapter(id)
-	var policy xormadapter.CasbinRule
-	err := json.Unmarshal(c.Ctx.Input.RequestBody, &policy)
-	if err != nil {
-		c.ResponseError(err.Error())
-		return
-	}
-
-	affected, err := object.AddPolicy(util.CasbinToSlice(policy), adapter)
-	if err != nil {
-		c.ResponseError(err.Error())
-		return
-	}
-	c.Data["json"] = wrapActionResponse(affected)
-	c.ServeJSON()
-}
-
-func (c *ApiController) RemovePolicy() {
-	id := c.Input().Get("id")
-	adapter := object.GetCasbinAdapter(id)
-	var policy xormadapter.CasbinRule
-	err := json.Unmarshal(c.Ctx.Input.RequestBody, &policy)
-	if err != nil {
-		c.ResponseError(err.Error())
-		return
-	}
-
-	affected, err := object.RemovePolicy(util.CasbinToSlice(policy), adapter)
-	if err != nil {
-		c.ResponseError(err.Error())
-		return
-	}
-	c.Data["json"] = wrapActionResponse(affected)
+	c.Data["json"] = object.SyncPolicies(adapter)
 	c.ServeJSON()
 }

controllers/cert.go

@@ -17,7 +17,7 @@ package controllers
 import (
 	"encoding/json"
 
-	"github.com/beego/beego/utils/pagination"
+	"github.com/astaxie/beego/utils/pagination"
 	"github.com/casdoor/casdoor/object"
 	"github.com/casdoor/casdoor/util"
 )

controllers/enforcer.go

@@ -21,6 +21,12 @@ import (
 )
 
 func (c *ApiController) Enforce() {
+	userId := c.GetSessionUsername()
+	if userId == "" {
+		c.ResponseError("Please sign in first")
+		return
+	}
+
 	var permissionRule object.PermissionRule
 	err := json.Unmarshal(c.Ctx.Input.RequestBody, &permissionRule)
 	if err != nil {
@@ -28,11 +34,17 @@ func (c *ApiController) Enforce() {
 		return
 	}
 
-	c.Data["json"] = object.Enforce(&permissionRule)
+	c.Data["json"] = object.Enforce(userId, &permissionRule)
 	c.ServeJSON()
 }
 
 func (c *ApiController) BatchEnforce() {
+	userId := c.GetSessionUsername()
+	if userId == "" {
+		c.ResponseError("Please sign in first")
+		return
+	}
+
 	var permissionRules []object.PermissionRule
 	err := json.Unmarshal(c.Ctx.Input.RequestBody, &permissionRules)
 	if err != nil {
@@ -40,14 +52,14 @@ func (c *ApiController) BatchEnforce() {
 		return
 	}
 
-	c.Data["json"] = object.BatchEnforce(permissionRules)
+	c.Data["json"] = object.BatchEnforce(userId, permissionRules)
 	c.ServeJSON()
 }
 
 func (c *ApiController) GetAllObjects() {
 	userId := c.GetSessionUsername()
 	if userId == "" {
-		c.ResponseError(c.T("EnforcerErr.SignInFirst"))
+		c.ResponseError("Please sign in first")
 		return
 	}
 
@@ -58,7 +70,7 @@ func (c *ApiController) GetAllObjects() {
 func (c *ApiController) GetAllActions() {
 	userId := c.GetSessionUsername()
 	if userId == "" {
-		c.ResponseError(c.T("EnforcerErr.SignInFirst"))
+		c.ResponseError("Please sign in first")
 		return
 	}
 
@@ -69,7 +81,7 @@ func (c *ApiController) GetAllActions() {
 func (c *ApiController) GetAllRoles() {
 	userId := c.GetSessionUsername()
 	if userId == "" {
-		c.ResponseError(c.T("EnforcerErr.SignInFirst"))
+		c.ResponseError("Please sign in first")
 		return
 	}
 

controllers/ldap.go

@@ -52,7 +52,7 @@ func (c *ApiController) GetLdapUser() {
 	ldapServer := LdapServer{}
 	err := json.Unmarshal(c.Ctx.Input.RequestBody, &ldapServer)
 	if err != nil || util.IsStrsEmpty(ldapServer.Host, ldapServer.Admin, ldapServer.Passwd, ldapServer.BaseDn) {
-		c.ResponseError(c.T("ParameterErr.Missing"))
+		c.ResponseError("Missing parameter")
 		return
 	}
 
@@ -120,7 +120,7 @@ func (c *ApiController) GetLdap() {
 	id := c.Input().Get("id")
 
 	if util.IsStrsEmpty(id) {
-		c.ResponseError(c.T("ParameterErr.Missing"))
+		c.ResponseError("Missing parameter")
 		return
 	}
 
@@ -136,17 +136,17 @@ func (c *ApiController) AddLdap() {
 	var ldap object.Ldap
 	err := json.Unmarshal(c.Ctx.Input.RequestBody, &ldap)
 	if err != nil {
-		c.ResponseError(c.T("ParameterErr.Missing"))
+		c.ResponseError("Missing parameter")
 		return
 	}
 
 	if util.IsStrsEmpty(ldap.Owner, ldap.ServerName, ldap.Host, ldap.Admin, ldap.Passwd, ldap.BaseDn) {
-		c.ResponseError(c.T("ParameterErr.Missing"))
+		c.ResponseError("Missing parameter")
 		return
 	}
 
 	if object.CheckLdapExist(&ldap) {
-		c.ResponseError(c.T("LdapErr.ServerExisted"))
+		c.ResponseError("Ldap server exist")
 		return
 	}
 
@@ -171,7 +171,7 @@ func (c *ApiController) UpdateLdap() {
 	var ldap object.Ldap
 	err := json.Unmarshal(c.Ctx.Input.RequestBody, &ldap)
 	if err != nil || util.IsStrsEmpty(ldap.Owner, ldap.ServerName, ldap.Host, ldap.Admin, ldap.Passwd, ldap.BaseDn) {
-		c.ResponseError(c.T("ParameterErr.Missing"))
+		c.ResponseError("Missing parameter")
 		return
 	}
 

controllers/ldapserver.go

@@ -17,6 +17,9 @@ package controllers
 import (
 	"fmt"
 	"log"
+	"os"
+	"os/signal"
+	"syscall"
 
 	"github.com/casdoor/casdoor/conf"
 	"github.com/casdoor/casdoor/object"
@@ -32,7 +35,17 @@ func StartLdapServer() {
 	routes.Search(handleSearch).Label(" SEARCH****")
 
 	server.Handle(routes)
-	server.ListenAndServe("0.0.0.0:" + conf.GetConfigString("ldapServerPort"))
+
+	go server.ListenAndServe("0.0.0.0:" + conf.GetConfigString("ldapServerPort"))
+
+	// When CTRL+C, SIGINT and SIGTERM signal occurs
+	// Then stop server gracefully
+	ch := make(chan os.Signal)
+	signal.Notify(ch, syscall.SIGINT, syscall.SIGTERM)
+	<-ch
+	close(ch)
+
+	server.Stop()
 }
 
 func handleBind(w ldapserver.ResponseWriter, m *ldapserver.Message) {
@@ -49,7 +62,7 @@ func handleBind(w ldapserver.ResponseWriter, m *ldapserver.Message) {
 			return
 		}
 		bindpassword := string(r.AuthenticationSimple())
-		binduser, err := object.CheckUserPassword(bindorg, bindusername, bindpassword, "en")
+		binduser, err := object.CheckUserPassword(bindorg, bindusername, bindpassword)
 		if err != "" {
 			log.Printf("Bind failed User=%s, Pass=%#v, ErrMsg=%s", string(r.Name()), r.Authentication(), err)
 			res.SetResultCode(ldapserver.LDAPResultInvalidCredentials)

controllers/link.go

@@ -47,7 +47,7 @@ func (c *ApiController) Unlink() {
 
 	if user.Id != unlinkedUser.Id && !user.IsGlobalAdmin {
 		// if the user is not the same as the one we are unlinking, we need to make sure the user is the global admin.
-		c.ResponseError(c.T("AuthErr.CanNotUnlinkUsers"))
+		c.ResponseError("You are not the global admin, you can't unlink other users")
 		return
 	}
 
@@ -55,23 +55,23 @@ func (c *ApiController) Unlink() {
 		// if the user is unlinking themselves, should check the provider can be unlinked, if not, we should return an error.
 		application := object.GetApplicationByUser(user)
 		if application == nil {
-			c.ResponseError(c.T("AuthErr.CanNotLinkMySelf"))
+			c.ResponseError("You can't unlink yourself, you are not a member of any application")
 			return
 		}
 
 		if len(application.Providers) == 0 {
-			c.ResponseError(c.T("ApplicationErr.HasNoProviders"))
+			c.ResponseError("This application has no providers")
 			return
 		}
 
 		provider := application.GetProviderItemByType(providerType)
 		if provider == nil {
-			c.ResponseError(c.T("ApplicationErr.HasNoProvidersOfType") + providerType)
+			c.ResponseError("This application has no providers of type " + providerType)
 			return
 		}
 
 		if !provider.CanUnlink {
-			c.ResponseError(c.T("ProviderErr.CanNotBeUnlinked"))
+			c.ResponseError("This provider can't be unlinked")
 			return
 		}
 
@@ -84,7 +84,7 @@ func (c *ApiController) Unlink() {
 	value := object.GetUserField(&unlinkedUser, providerType)
 
 	if value == "" {
-		c.ResponseError(c.T("ProviderErr.LinkFirstErr"), value)
+		c.ResponseError("Please link first", value)
 		return
 	}
 

controllers/model.go

@@ -17,7 +17,7 @@ package controllers
 import (
 	"encoding/json"
 
-	"github.com/beego/beego/utils/pagination"
+	"github.com/astaxie/beego/utils/pagination"
 	"github.com/casdoor/casdoor/object"
 	"github.com/casdoor/casdoor/util"
 )

controllers/organization.go

@@ -17,7 +17,7 @@ package controllers
 import (
 	"encoding/json"
 
-	"github.com/beego/beego/utils/pagination"
+	"github.com/astaxie/beego/utils/pagination"
 	"github.com/casdoor/casdoor/object"
 	"github.com/casdoor/casdoor/util"
 )
@@ -99,12 +99,6 @@ func (c *ApiController) AddOrganization() {
 		return
 	}
 
-	count := object.GetOrganizationCount("", "", "")
-	if err := checkQuotaForOrganization(count); err != nil {
-		c.ResponseError(err.Error())
-		return
-	}
-
 	c.Data["json"] = wrapActionResponse(object.AddOrganization(&organization))
 	c.ServeJSON()
 }
@@ -139,12 +133,11 @@ func (c *ApiController) GetDefaultApplication() {
 	userId := c.GetSessionUsername()
 	id := c.Input().Get("id")
 
-	application, err := object.GetDefaultApplication(id)
-	if err != nil {
-		c.ResponseError(err.Error())
+	application := object.GetMaskedApplication(object.GetDefaultApplication(id), userId)
+	if application == nil {
+		c.ResponseError("Please set a default application for this organization")
 		return
 	}
 
-	maskedApplication := object.GetMaskedApplication(application, userId)
-	c.ResponseOk(maskedApplication)
+	c.ResponseOk(application)
 }

controllers/payment.go

@@ -18,7 +18,7 @@ import (
 	"encoding/json"
 	"fmt"
 
-	"github.com/beego/beego/utils/pagination"
+	"github.com/astaxie/beego/utils/pagination"
 	"github.com/casdoor/casdoor/object"
 	"github.com/casdoor/casdoor/util"
 )

controllers/permission.go

@@ -17,7 +17,7 @@ package controllers
 import (
 	"encoding/json"
 
-	"github.com/beego/beego/utils/pagination"
+	"github.com/astaxie/beego/utils/pagination"
 	"github.com/casdoor/casdoor/object"
 	"github.com/casdoor/casdoor/util"
 )
@@ -65,20 +65,6 @@ func (c *ApiController) GetPermissionsBySubmitter() {
 	return
 }
 
-// GetPermissionsByRole
-// @Title GetPermissionsByRole
-// @Tag Permission API
-// @Description get permissions by role
-// @Param   id    query    string  true        "The id of the role"
-// @Success 200 {array} object.Permission The Response object
-// @router /get-permissions-by-role [get]
-func (c *ApiController) GetPermissionsByRole() {
-	id := c.Input().Get("id")
-	permissions := object.GetPermissionsByRole(id)
-	c.ResponseOk(permissions, len(permissions))
-	return
-}
-
 // GetPermission
 // @Title GetPermission
 // @Tag Permission API

controllers/product.go

@@ -18,7 +18,7 @@ import (
 	"encoding/json"
 	"fmt"
 
-	"github.com/beego/beego/utils/pagination"
+	"github.com/astaxie/beego/utils/pagination"
 	"github.com/casdoor/casdoor/object"
 	"github.com/casdoor/casdoor/util"
 )
@@ -141,13 +141,13 @@ func (c *ApiController) BuyProduct() {
 
 	userId := c.GetSessionUsername()
 	if userId == "" {
-		c.ResponseError(c.T("LoginErr.LoginFirst"))
+		c.ResponseError("Please login first")
 		return
 	}
 
 	user := object.GetUser(userId)
 	if user == nil {
-		c.ResponseError(fmt.Sprintf(c.T("UserErr.DoNotExist"), userId))
+		c.ResponseError(fmt.Sprintf("The user: %s doesn't exist", userId))
 		return
 	}
 

controllers/provider.go

@@ -17,7 +17,7 @@ package controllers
 import (
 	"encoding/json"
 
-	"github.com/beego/beego/utils/pagination"
+	"github.com/astaxie/beego/utils/pagination"
 	"github.com/casdoor/casdoor/object"
 	"github.com/casdoor/casdoor/util"
 )
@@ -48,30 +48,6 @@ func (c *ApiController) GetProviders() {
 	}
 }
 
-// GetGlobalProviders
-// @Title GetGlobalProviders
-// @Tag Provider API
-// @Description get Global providers
-// @Success 200 {array} object.Provider The Response object
-// @router /get-global-providers [get]
-func (c *ApiController) GetGlobalProviders() {
-	limit := c.Input().Get("pageSize")
-	page := c.Input().Get("p")
-	field := c.Input().Get("field")
-	value := c.Input().Get("value")
-	sortField := c.Input().Get("sortField")
-	sortOrder := c.Input().Get("sortOrder")
-	if limit == "" || page == "" {
-		c.Data["json"] = object.GetMaskedProviders(object.GetGlobalProviders())
-		c.ServeJSON()
-	} else {
-		limit := util.ParseInt(limit)
-		paginator := pagination.SetPaginator(c.Ctx, limit, int64(object.GetGlobalProviderCount(field, value)))
-		providers := object.GetMaskedProviders(object.GetPaginationGlobalProviders(paginator.Offset(), limit, field, value, sortField, sortOrder))
-		c.ResponseOk(providers, paginator.Nums())
-	}
-}
-
 // GetProvider
 // @Title GetProvider
 // @Tag Provider API
@@ -81,6 +57,7 @@ func (c *ApiController) GetGlobalProviders() {
 // @router /get-provider [get]
 func (c *ApiController) GetProvider() {
 	id := c.Input().Get("id")
+
 	c.Data["json"] = object.GetMaskedProvider(object.GetProvider(id))
 	c.ServeJSON()
 }
@@ -122,12 +99,6 @@ func (c *ApiController) AddProvider() {
 		return
 	}
 
-	count := object.GetProviderCount("", "", "")
-	if err := checkQuotaForProvider(count); err != nil {
-		c.ResponseError(err.Error())
-		return
-	}
-
 	c.Data["json"] = wrapActionResponse(object.AddProvider(&provider))
 	c.ServeJSON()
 }

controllers/record.go

@@ -17,7 +17,7 @@ package controllers
 import (
 	"encoding/json"
 
-	"github.com/beego/beego/utils/pagination"
+	"github.com/astaxie/beego/utils/pagination"
 	"github.com/casdoor/casdoor/object"
 	"github.com/casdoor/casdoor/util"
 )

controllers/resource.go

@@ -22,7 +22,7 @@ import (
 	"mime"
 	"path/filepath"
 
-	"github.com/beego/beego/utils/pagination"
+	"github.com/astaxie/beego/utils/pagination"
 	"github.com/casdoor/casdoor/object"
 	"github.com/casdoor/casdoor/util"
 )
@@ -40,15 +40,6 @@ func (c *ApiController) GetResources() {
 	value := c.Input().Get("value")
 	sortField := c.Input().Get("sortField")
 	sortOrder := c.Input().Get("sortOrder")
-
-	userObj, ok := c.RequireSignedInUser()
-	if !ok {
-		return
-	}
-	if userObj.IsAdmin {
-		user = ""
-	}
-
 	if limit == "" || page == "" {
 		c.Data["json"] = object.GetResources(owner, user)
 		c.ServeJSON()
@@ -122,7 +113,7 @@ func (c *ApiController) DeleteResource() {
 		return
 	}
 
-	err = object.DeleteFile(provider, resource.Name, c.GetAcceptLanguage())
+	err = object.DeleteFile(provider, resource.Name)
 	if err != nil {
 		c.ResponseError(err.Error())
 		return
@@ -154,7 +145,7 @@ func (c *ApiController) UploadResource() {
 	defer file.Close()
 
 	if username == "" || fullFilePath == "" {
-		c.ResponseError(fmt.Sprintf(c.T("ResourceErr.UsernameOrFilePathEmpty"), username, fullFilePath))
+		c.ResponseError(fmt.Sprintf("username or fullFilePath is empty: username = %s, fullFilePath = %s", username, fullFilePath))
 		return
 	}
 
@@ -165,7 +156,7 @@ func (c *ApiController) UploadResource() {
 		return
 	}
 
-	provider, _, ok := c.GetProviderFromContext("Storage")
+	provider, user, ok := c.GetProviderFromContext("Storage")
 	if !ok {
 		return
 	}
@@ -180,20 +171,6 @@ func (c *ApiController) UploadResource() {
 		fileType, _ = util.GetOwnerAndNameFromId(mimeType)
 	}
 
-	if tag != "avatar" && tag != "termsOfUse" {
-		ext := filepath.Ext(filepath.Base(fullFilePath))
-		index := len(fullFilePath) - len(ext)
-		for i := 1; ; i++ {
-			_, objectKey := object.GetUploadFileUrl(provider, fullFilePath, true)
-			if object.GetResourceCount(owner, username, "name", objectKey) == 0 {
-				break
-			}
-
-			// duplicated fullFilePath found, change it
-			fullFilePath = fullFilePath[:index] + fmt.Sprintf("-%d", i) + ext
-		}
-	}
-
 	fileUrl, objectKey, err := object.UploadFileSafe(provider, fullFilePath, fileBuffer)
 	if err != nil {
 		c.ResponseError(err.Error())
@@ -225,11 +202,13 @@ func (c *ApiController) UploadResource() {
 
 	switch tag {
 	case "avatar":
-		user := object.GetUserNoCheck(util.GetId(owner, username))
 		if user == nil {
-			c.ResponseError(c.T("ResourceErr.UserIsNil"))
+			user = object.GetUserNoCheck(username)
+			if user == nil {
+				c.ResponseError("user is nil for tag: \"avatar\"")
 				return
 			}
+		}
 
 		user.Avatar = fileUrl
 		object.UpdateUser(user.GetId(), user, []string{"avatar"}, false)

controllers/role.go

@@ -17,7 +17,7 @@ package controllers
 import (
 	"encoding/json"
 
-	"github.com/beego/beego/utils/pagination"
+	"github.com/astaxie/beego/utils/pagination"
 	"github.com/casdoor/casdoor/object"
 	"github.com/casdoor/casdoor/util"
 )

controllers/saml.go

@@ -25,7 +25,7 @@ func (c *ApiController) GetSamlMeta() {
 	paramApp := c.Input().Get("application")
 	application := object.GetApplication(paramApp)
 	if application == nil {
-		c.ResponseError(fmt.Sprintf(c.T("ApplicationErr.AppNotFound"), paramApp))
+		c.ResponseError(fmt.Sprintf("err: application %s not found", paramApp))
 		return
 	}
 	metadata, _ := object.GetSamlMeta(application, host)

controllers/service.go

@@ -60,7 +60,7 @@ func (c *ApiController) SendEmail() {
 	var provider *object.Provider
 	if emailForm.Provider != "" {
 		// called by frontend's TestEmailWidget, provider name is set by frontend
-		provider = object.GetProvider(util.GetId("admin", emailForm.Provider))
+		provider = object.GetProvider(fmt.Sprintf("admin/%s", emailForm.Provider))
 	} else {
 		// called by Casdoor SDK via Client ID & Client Secret, so the used Email provider will be the application' Email provider or the default Email provider
 		var ok bool
@@ -81,7 +81,7 @@ func (c *ApiController) SendEmail() {
 	}
 
 	if util.IsStrsEmpty(emailForm.Title, emailForm.Content, emailForm.Sender) {
-		c.ResponseError(fmt.Sprintf(c.T("EmailErr.EmptyParam"), emailForm))
+		c.ResponseError(fmt.Sprintf("Empty parameters for emailForm: %v", emailForm))
 		return
 	}
 
@@ -93,7 +93,7 @@ func (c *ApiController) SendEmail() {
 	}
 
 	if len(invalidReceivers) != 0 {
-		c.ResponseError(fmt.Sprintf(c.T("EmailErr.InvalidReceivers"), invalidReceivers))
+		c.ResponseError(fmt.Sprintf("Invalid Email receivers: %s", invalidReceivers))
 		return
 	}
 
@@ -141,7 +141,7 @@ func (c *ApiController) SendSms() {
 	}
 
 	if len(invalidReceivers) != 0 {
-		c.ResponseError(fmt.Sprintf(c.T("PhoneErr.InvalidReceivers"), invalidReceivers))
+		c.ResponseError(fmt.Sprintf("Invalid phone receivers: %s", invalidReceivers))
 		return
 	}
 

controllers/syncer.go

@@ -17,7 +17,7 @@ package controllers
 import (
 	"encoding/json"
 
-	"github.com/beego/beego/utils/pagination"
+	"github.com/astaxie/beego/utils/pagination"
 	"github.com/casdoor/casdoor/object"
 	"github.com/casdoor/casdoor/util"
 )

controllers/system_info.go

@@ -40,7 +40,7 @@ func (c *ApiController) GetSystemInfo() {
 
 	user := object.GetUser(id)
 	if user == nil || !user.IsGlobalAdmin {
-		c.ResponseError(c.T("ResourceErr.NotAuthorized"))
+		c.ResponseError("You are not authorized to access this resource")
 		return
 	}
 

controllers/token.go

@@ -18,7 +18,7 @@ import (
 	"encoding/json"
 	"net/http"
 
-	"github.com/beego/beego/utils/pagination"
+	"github.com/astaxie/beego/utils/pagination"
 	"github.com/casdoor/casdoor/object"
 	"github.com/casdoor/casdoor/util"
 )
@@ -150,12 +150,12 @@ func (c *ApiController) GetOAuthCode() {
 	codeChallenge := c.Input().Get("code_challenge")
 
 	if challengeMethod != "S256" && challengeMethod != "null" && challengeMethod != "" {
-		c.ResponseError(c.T("AuthErr.ChallengeMethodErr"))
+		c.ResponseError("Challenge method should be S256")
 		return
 	}
 	host := c.Ctx.Request.Host
 
-	c.Data["json"] = object.GetOAuthCode(userId, clientId, responseType, redirectUri, scope, state, nonce, codeChallenge, host, c.GetAcceptLanguage())
+	c.Data["json"] = object.GetOAuthCode(userId, clientId, responseType, redirectUri, scope, state, nonce, codeChallenge, host)
 	c.ServeJSON()
 }
 
@@ -204,7 +204,7 @@ func (c *ApiController) GetOAuthToken() {
 	}
 	host := c.Ctx.Request.Host
 
-	c.Data["json"] = object.GetOAuthToken(grantType, clientId, clientSecret, code, verifier, scope, username, password, host, tag, avatar, c.GetAcceptLanguage())
+	c.Data["json"] = object.GetOAuthToken(grantType, clientId, clientSecret, code, verifier, scope, username, password, host, tag, avatar)
 	c.SetTokenErrorHttpStatus()
 	c.ServeJSON()
 }
@@ -290,7 +290,7 @@ func (c *ApiController) IntrospectToken() {
 		clientId = c.Input().Get("client_id")
 		clientSecret = c.Input().Get("client_secret")
 		if clientId == "" || clientSecret == "" {
-			c.ResponseError(c.T("TokenErr.EmptyClientID"))
+			c.ResponseError("empty clientId or clientSecret")
 			c.Data["json"] = &object.TokenError{
 				Error: object.InvalidRequest,
 			}
@@ -301,7 +301,7 @@ func (c *ApiController) IntrospectToken() {
 	}
 	application := object.GetApplicationByClientId(clientId)
 	if application == nil || application.ClientSecret != clientSecret {
-		c.ResponseError(c.T("TokenErr.InvalidAppOrWrongClientSecret"))
+		c.ResponseError("invalid application or wrong clientSecret")
 		c.Data["json"] = &object.TokenError{
 			Error: object.InvalidClient,
 		}

controllers/user.go

@@ -19,7 +19,7 @@ import (
 	"fmt"
 	"strings"
 
-	"github.com/beego/beego/utils/pagination"
+	"github.com/astaxie/beego/utils/pagination"
 	"github.com/casdoor/casdoor/object"
 	"github.com/casdoor/casdoor/util"
 )
@@ -100,7 +100,7 @@ func (c *ApiController) GetUser() {
 	organization := object.GetOrganization(fmt.Sprintf("%s/%s", "admin", owner))
 	if !organization.IsProfilePublic {
 		requestUserId := c.GetSessionUsername()
-		hasPermission, err := object.CheckUserPermission(requestUserId, id, owner, false, c.GetAcceptLanguage())
+		hasPermission, err := object.CheckUserPermission(requestUserId, id, owner, false)
 		if !hasPermission {
 			c.ResponseError(err.Error())
 			return
@@ -149,7 +149,7 @@ func (c *ApiController) UpdateUser() {
 	}
 
 	if user.DisplayName == "" {
-		c.ResponseError(c.T("UserErr.DisplayNameCanNotBeEmpty"))
+		c.ResponseError("Display name cannot be empty")
 		return
 	}
 
@@ -183,18 +183,6 @@ func (c *ApiController) AddUser() {
 		return
 	}
 
-	count := object.GetUserCount("", "", "")
-	if err := checkQuotaForUser(count); err != nil {
-		c.ResponseError(err.Error())
-		return
-	}
-
-	msg := object.CheckUsername(user.Name, c.GetAcceptLanguage())
-	if msg != "" {
-		c.ResponseError(msg)
-		return
-	}
-
 	c.Data["json"] = wrapActionResponse(object.AddUser(&user))
 	c.ServeJSON()
 }
@@ -236,7 +224,7 @@ func (c *ApiController) GetEmailAndPhone() {
 
 	user := object.GetUserByFields(form.Organization, form.Username)
 	if user == nil {
-		c.ResponseError(fmt.Sprintf(c.T("UserErr.DoNotExistInOrg"), form.Organization, form.Username))
+		c.ResponseError(fmt.Sprintf("The user: %s/%s doesn't exist", form.Organization, form.Username))
 		return
 	}
 
@@ -277,7 +265,7 @@ func (c *ApiController) SetPassword() {
 	requestUserId := c.GetSessionUsername()
 	userId := fmt.Sprintf("%s/%s", userOwner, userName)
 
-	hasPermission, err := object.CheckUserPermission(requestUserId, userId, userOwner, true, c.GetAcceptLanguage())
+	hasPermission, err := object.CheckUserPermission(requestUserId, userId, userOwner, true)
 	if !hasPermission {
 		c.ResponseError(err.Error())
 		return
@@ -286,7 +274,7 @@ func (c *ApiController) SetPassword() {
 	targetUser := object.GetUser(userId)
 
 	if oldPassword != "" {
-		msg := object.CheckPassword(targetUser, oldPassword, c.GetAcceptLanguage())
+		msg := object.CheckPassword(targetUser, oldPassword)
 		if msg != "" {
 			c.ResponseError(msg)
 			return
@@ -294,12 +282,12 @@ func (c *ApiController) SetPassword() {
 	}
 
 	if strings.Contains(newPassword, " ") {
-		c.ResponseError(c.T("SetPasswordErr.CanNotContainBlank"))
+		c.ResponseError("New password cannot contain blank space.")
 		return
 	}
 
 	if len(newPassword) <= 5 {
-		c.ResponseError(c.T("SetPasswordErr.LessThanSixCharacters"))
+		c.ResponseError("New password must have at least 6 characters")
 		return
 	}
 
@@ -321,7 +309,7 @@ func (c *ApiController) CheckUserPassword() {
 		return
 	}
 
-	_, msg := object.CheckUserPassword(user.Owner, user.Name, user.Password, c.GetAcceptLanguage())
+	_, msg := object.CheckUserPassword(user.Owner, user.Name, user.Password)
 	if msg == "" {
 		c.ResponseOk()
 	} else {

controllers/user_upload.go

@@ -61,6 +61,6 @@ func (c *ApiController) UploadUsers() {
 	if affected {
 		c.ResponseOk()
 	} else {
-		c.ResponseError(c.T("UserErr.FailToImportUsers"))
+		c.ResponseError("Failed to import users")
 	}
 }

controllers/util.go

@@ -17,10 +17,8 @@ package controllers
 import (
 	"fmt"
 	"strconv"
-	"strings"
 
 	"github.com/casdoor/casdoor/conf"
-	"github.com/casdoor/casdoor/i18n"
 	"github.com/casdoor/casdoor/object"
 	"github.com/casdoor/casdoor/util"
 )
@@ -50,19 +48,6 @@ func (c *ApiController) ResponseError(error string, data ...interface{}) {
 	c.ResponseJsonData(resp, data...)
 }
 
-func (c *ApiController) T(error string) string {
-	return i18n.Translate(c.GetAcceptLanguage(), error)
-}
-
-// GetAcceptLanguage ...
-func (c *ApiController) GetAcceptLanguage() string {
-	lang := c.Ctx.Request.Header.Get("Accept-Language")
-	if lang == "" || !strings.Contains(conf.GetConfigString("languages"), lang[0:2]) {
-		lang = "en"
-	}
-	return lang[0:2]
-}
-
 // SetTokenErrorHttpStatus ...
 func (c *ApiController) SetTokenErrorHttpStatus() {
 	_, ok := c.Data["json"].(*object.TokenError)
@@ -84,7 +69,7 @@ func (c *ApiController) SetTokenErrorHttpStatus() {
 func (c *ApiController) RequireSignedIn() (string, bool) {
 	userId := c.GetSessionUsername()
 	if userId == "" {
-		c.ResponseError(c.T("LoginErr.LoginFirst"), "Please login first")
+		c.ResponseError("Please sign in first")
 		return "", false
 	}
 	return userId, true
@@ -99,8 +84,7 @@ func (c *ApiController) RequireSignedInUser() (*object.User, bool) {
 
 	user := object.GetUser(userId)
 	if user == nil {
-		c.ClearUserSession()
-		c.ResponseError(fmt.Sprintf(c.T("UserErr.DoNotExist"), userId))
+		c.ResponseError(fmt.Sprintf("The user: %s doesn't exist", userId))
 		return nil, false
 	}
 	return user, true
@@ -126,9 +110,9 @@ func getInitScore() (int, error) {
 func (c *ApiController) GetProviderFromContext(category string) (*object.Provider, *object.User, bool) {
 	providerName := c.Input().Get("provider")
 	if providerName != "" {
-		provider := object.GetProvider(util.GetId("admin", providerName))
+		provider := object.GetProvider(util.GetId(providerName))
 		if provider == nil {
-			c.ResponseError(c.T("ProviderErr.ProviderNotFound"), providerName)
+			c.ResponseError(fmt.Sprintf("The provider: %s is not found", providerName))
 			return nil, nil, false
 		}
 		return provider, nil, true
@@ -141,59 +125,15 @@ func (c *ApiController) GetProviderFromContext(category string) (*object.Provide
 
 	application, user := object.GetApplicationByUserId(userId)
 	if application == nil {
-		c.ResponseError(fmt.Sprintf(c.T("ApplicationErr.AppNotFoundForUserID"), userId))
+		c.ResponseError(fmt.Sprintf("No application is found for userId: \"%s\"", userId))
 		return nil, nil, false
 	}
 
 	provider := application.GetProviderByCategory(category)
 	if provider == nil {
-		c.ResponseError(fmt.Sprintf(c.T("ProviderErr.ProviderNotFoundForCategory"), category, application.Name))
+		c.ResponseError(fmt.Sprintf("No provider for category: \"%s\" is found for application: %s", category, application.Name))
 		return nil, nil, false
 	}
 
 	return provider, user, true
 }
-
-func checkQuotaForApplication(count int) error {
-	quota := conf.GetConfigQuota().Application
-	if quota == -1 {
-		return nil
-	}
-	if count >= quota {
-		return fmt.Errorf("application quota is exceeded")
-	}
-	return nil
-}
-
-func checkQuotaForOrganization(count int) error {
-	quota := conf.GetConfigQuota().Organization
-	if quota == -1 {
-		return nil
-	}
-	if count >= quota {
-		return fmt.Errorf("organization quota is exceeded")
-	}
-	return nil
-}
-
-func checkQuotaForProvider(count int) error {
-	quota := conf.GetConfigQuota().Provider
-	if quota == -1 {
-		return nil
-	}
-	if count >= quota {
-		return fmt.Errorf("provider quota is exceeded")
-	}
-	return nil
-}
-
-func checkQuotaForUser(count int) error {
-	quota := conf.GetConfigQuota().User
-	if quota == -1 {
-		return nil
-	}
-	if count >= quota {
-		return fmt.Errorf("user quota is exceeded")
-	}
-	return nil
-}

controllers/verification.go

@@ -50,23 +50,23 @@ func (c *ApiController) SendVerificationCode() {
 	remoteAddr := util.GetIPFromRequest(c.Ctx.Request)
 
 	if destType == "" {
-		c.ResponseError(c.T("ParameterErr.Missing") + ": type.")
+		c.ResponseError("Missing parameter: type.")
 		return
 	}
 	if dest == "" {
-		c.ResponseError(c.T("ParameterErr.Missing") + ": dest.")
+		c.ResponseError("Missing parameter: dest.")
 		return
 	}
 	if applicationId == "" {
-		c.ResponseError(c.T("ParameterErr.Missing") + ": applicationId.")
+		c.ResponseError("Missing parameter: applicationId.")
 		return
 	}
 	if !strings.Contains(applicationId, "/") {
-		c.ResponseError(c.T("ParameterErr.Wrong") + ": applicationId.")
+		c.ResponseError("Wrong parameter: applicationId.")
 		return
 	}
 	if checkType == "" {
-		c.ResponseError(c.T("ParameterErr.Missing") + ": checkType.")
+		c.ResponseError("Missing parameter: checkType.")
 		return
 	}
 
@@ -74,7 +74,7 @@ func (c *ApiController) SendVerificationCode() {
 
 	if captchaProvider != nil {
 		if checkKey == "" {
-			c.ResponseError(c.T("ParameterErr.Missing") + ": checkKey.")
+			c.ResponseError("Missing parameter: checkKey.")
 			return
 		}
 		isHuman, err := captchaProvider.VerifyCaptcha(checkKey, checkId)
@@ -84,7 +84,7 @@ func (c *ApiController) SendVerificationCode() {
 		}
 
 		if !isHuman {
-			c.ResponseError(c.T("AuthErr.NotHuman"))
+			c.ResponseError("Turing test failed.")
 			return
 		}
 	}
@@ -92,13 +92,9 @@ func (c *ApiController) SendVerificationCode() {
 	user := c.getCurrentUser()
 	application := object.GetApplication(applicationId)
 	organization := object.GetOrganization(fmt.Sprintf("%s/%s", application.Owner, application.Organization))
-	if organization == nil {
-		c.ResponseError(c.T("OrgErr.DoNotExist"))
-		return
-	}
 
 	if checkUser == "true" && user == nil && object.GetUserByFields(organization.Name, dest) == nil {
-		c.ResponseError(c.T("LoginErr.LoginFirst"))
+		c.ResponseError("Please login first")
 		return
 	}
 
@@ -114,13 +110,7 @@ func (c *ApiController) SendVerificationCode() {
 			dest = user.Email
 		}
 		if !util.IsEmailValid(dest) {
-			c.ResponseError(c.T("EmailErr.EmailInvalid"))
-			return
-		}
-
-		userByEmail := object.GetUserByEmail(organization.Name, dest)
-		if userByEmail == nil {
-			c.ResponseError(c.T("UserErr.DoNotExistSignUp"))
+			c.ResponseError("Invalid Email address")
 			return
 		}
 
@@ -131,13 +121,11 @@ func (c *ApiController) SendVerificationCode() {
 			dest = user.Phone
 		}
 		if !util.IsPhoneCnValid(dest) {
-			c.ResponseError(c.T("PhoneErr.NumberInvalid"))
+			c.ResponseError("Invalid phone number")
 			return
 		}
-
-		userByPhone := object.GetUserByPhone(organization.Name, dest)
-		if userByPhone == nil {
-			c.ResponseError(c.T("UserErr.DoNotExistSignUp"))
+		if organization == nil {
+			c.ResponseError("The organization doesn't exist.")
 			return
 		}
 
@@ -169,7 +157,7 @@ func (c *ApiController) ResetEmailOrPhone() {
 	dest := c.Ctx.Request.Form.Get("dest")
 	code := c.Ctx.Request.Form.Get("code")
 	if len(dest) == 0 || len(code) == 0 || len(destType) == 0 {
-		c.ResponseError(c.T("ParameterErr.Missing"))
+		c.ResponseError("Missing parameter.")
 		return
 	}
 
@@ -178,11 +166,11 @@ func (c *ApiController) ResetEmailOrPhone() {
 	if destType == "phone" {
 		phoneItem := object.GetAccountItemByName("Phone", org)
 		if phoneItem == nil {
-			c.ResponseError(c.T("PhoneErr.UnableGetModifyRule"))
+			c.ResponseError("Unable to get the phone modify rule.")
 			return
 		}
 
-		if pass, errMsg := object.CheckAccountItemModifyRule(phoneItem, user, c.GetAcceptLanguage()); !pass {
+		if pass, errMsg := object.CheckAccountItemModifyRule(phoneItem, user); !pass {
 			c.ResponseError(errMsg)
 			return
 		}
@@ -195,16 +183,16 @@ func (c *ApiController) ResetEmailOrPhone() {
 	} else if destType == "email" {
 		emailItem := object.GetAccountItemByName("Email", org)
 		if emailItem == nil {
-			c.ResponseError(c.T("EmailErr.UnableGetModifyRule"))
+			c.ResponseError("Unable to get the email modify rule.")
 			return
 		}
 
-		if pass, errMsg := object.CheckAccountItemModifyRule(emailItem, user, c.GetAcceptLanguage()); !pass {
+		if pass, errMsg := object.CheckAccountItemModifyRule(emailItem, user); !pass {
 			c.ResponseError(errMsg)
 			return
 		}
 	}
-	if ret := object.CheckVerificationCode(checkDest, code, c.GetAcceptLanguage()); len(ret) != 0 {
+	if ret := object.CheckVerificationCode(checkDest, code); len(ret) != 0 {
 		c.ResponseError(ret)
 		return
 	}
@@ -217,7 +205,7 @@ func (c *ApiController) ResetEmailOrPhone() {
 		user.Phone = dest
 		object.SetUserField(user, "phone", user.Phone)
 	default:
-		c.ResponseError(c.T("ParameterErr.UnknownType"))
+		c.ResponseError("Unknown type.")
 		return
 	}
 
@@ -236,17 +224,17 @@ func (c *ApiController) VerifyCaptcha() {
 	captchaToken := c.Ctx.Request.Form.Get("captchaToken")
 	clientSecret := c.Ctx.Request.Form.Get("clientSecret")
 	if captchaToken == "" {
-		c.ResponseError(c.T("ParameterErr.Missing") + ": captchaToken.")
+		c.ResponseError("Missing parameter: captchaToken.")
 		return
 	}
 	if clientSecret == "" {
-		c.ResponseError(c.T("ParameterErr.Missing") + ": clientSecret.")
+		c.ResponseError("Missing parameter: clientSecret.")
 		return
 	}
 
 	provider := captcha.GetCaptchaProvider(captchaType)
 	if provider == nil {
-		c.ResponseError(c.T("ProviderErr.InvalidProvider"))
+		c.ResponseError("Invalid captcha provider.")
 		return
 	}
 

controllers/webauthn.go

@@ -16,7 +16,6 @@ package controllers
 
 import (
 	"bytes"
-	"fmt"
 	"io"
 
 	"github.com/casdoor/casdoor/object"
@@ -35,7 +34,7 @@ func (c *ApiController) WebAuthnSignupBegin() {
 	webauthnObj := object.GetWebAuthnObject(c.Ctx.Request.Host)
 	user := c.getCurrentUser()
 	if user == nil {
-		c.ResponseError(c.T("LoginErr.LoginFirst"))
+		c.ResponseError("Please login first.")
 		return
 	}
 
@@ -66,13 +65,13 @@ func (c *ApiController) WebAuthnSignupFinish() {
 	webauthnObj := object.GetWebAuthnObject(c.Ctx.Request.Host)
 	user := c.getCurrentUser()
 	if user == nil {
-		c.ResponseError(c.T("LoginErr.LoginFirst"))
+		c.ResponseError("Please login first.")
 		return
 	}
 	sessionObj := c.GetSession("registration")
 	sessionData, ok := sessionObj.(webauthn.SessionData)
 	if !ok {
-		c.ResponseError(c.T("AuthErr.CallWebAuthnSigninBegin"))
+		c.ResponseError("Please call WebAuthnSignupBegin first")
 		return
 	}
 	c.Ctx.Request.Body = io.NopCloser(bytes.NewBuffer(c.Ctx.Input.RequestBody))
@@ -101,14 +100,9 @@ func (c *ApiController) WebAuthnSigninBegin() {
 	userName := c.Input().Get("name")
 	user := object.GetUserByFields(userOwner, userName)
 	if user == nil {
-		c.ResponseError(fmt.Sprintf(c.T("UserErr.DoNotExistInOrg"), userOwner, userName))
+		c.ResponseError("Please Giveout Owner and Username.")
 		return
 	}
-	if len(user.WebauthnCredentials) == 0 {
-		c.ResponseError(c.T("UserErr.NoWebAuthnCredential"))
-		return
-	}
-
 	options, sessionData, err := webauthnObj.BeginLogin(user)
 	if err != nil {
 		c.ResponseError(err.Error())
@@ -127,12 +121,11 @@ func (c *ApiController) WebAuthnSigninBegin() {
 // @Success 200 {object} Response "The Response object"
 // @router /webauthn/signin/finish [post]
 func (c *ApiController) WebAuthnSigninFinish() {
-	responseType := c.Input().Get("responseType")
 	webauthnObj := object.GetWebAuthnObject(c.Ctx.Request.Host)
 	sessionObj := c.GetSession("authentication")
 	sessionData, ok := sessionObj.(webauthn.SessionData)
 	if !ok {
-		c.ResponseError(c.T("AuthErr.CallWebAuthnSigninBegin"))
+		c.ResponseError("Please call WebAuthnSigninBegin first")
 		return
 	}
 	c.Ctx.Request.Body = io.NopCloser(bytes.NewBuffer(c.Ctx.Input.RequestBody))
@@ -145,11 +138,5 @@ func (c *ApiController) WebAuthnSigninFinish() {
 	}
 	c.SetSessionUsername(userId)
 	util.LogInfo(c.Ctx, "API: [%s] signed in", userId)
-
-	application := object.GetApplicationByUser(user)
-	var form RequestForm
-	form.Type = responseType
-	resp := c.HandleLoggedIn(application, user, &form)
-	c.Data["json"] = resp
-	c.ServeJSON()
+	c.ResponseOk(userId)
 }

controllers/webhook.go

@@ -17,7 +17,7 @@ package controllers
 import (
 	"encoding/json"
 
-	"github.com/beego/beego/utils/pagination"
+	"github.com/astaxie/beego/utils/pagination"
 	"github.com/casdoor/casdoor/object"
 	"github.com/casdoor/casdoor/util"
 )

deployment/deploy_test.go

@@ -21,10 +21,9 @@ import (
 	"testing"
 
 	"github.com/casdoor/casdoor/object"
-	"github.com/casdoor/casdoor/util"
 )
 
 func TestDeployStaticFiles(t *testing.T) {
-	provider := object.GetProvider(util.GetId("admin", "provider_storage_aliyun_oss"))
+	provider := object.GetProvider("admin/provider_storage_aliyun_oss")
 	deployStaticFiles(provider)
 }

go.mod

@@ -4,26 +4,24 @@ go 1.16
 
 require (
 	github.com/RobotsAndPencils/go-saml v0.0.0-20170520135329-fb13cb52a46b
-	github.com/Unknwon/goconfig v1.0.0
 	github.com/alexedwards/argon2id v0.0.0-20211130144151-3585854a6387
+	github.com/astaxie/beego v1.12.3
 	github.com/aws/aws-sdk-go v1.44.4
-	github.com/beego/beego v1.12.11
 	github.com/beevik/etree v1.1.0
 	github.com/casbin/casbin/v2 v2.30.1
-	github.com/casbin/xorm-adapter/v3 v3.0.1
-	github.com/casdoor/go-sms-sender v0.5.1
+	github.com/casbin/xorm-adapter/v2 v2.5.1
+	github.com/casdoor/go-sms-sender v0.3.0
 	github.com/casdoor/goth v1.69.0-FIX2
 	github.com/casdoor/oss v1.2.0
 	github.com/dchest/captcha v0.0.0-20200903113550-03f5f0333e1f
 	github.com/denisenkom/go-mssqldb v0.0.0-20200428022330-06a60b6afbbc
 	github.com/duo-labs/webauthn v0.0.0-20211221191814-a22482edaa3b
-	github.com/forestmgy/ldapserver v1.1.0
+	github.com/forestmgy/ldapserver v1.0.9
 	github.com/go-gomail/gomail v0.0.0-20160411212932-81ebce5c23df
 	github.com/go-ldap/ldap/v3 v3.3.0
 	github.com/go-pay/gopay v1.5.72
 	github.com/go-sql-driver/mysql v1.5.0
 	github.com/golang-jwt/jwt/v4 v4.2.0
-	github.com/golang/snappy v0.0.4 // indirect
 	github.com/google/go-cmp v0.5.8 // indirect
 	github.com/google/uuid v1.2.0
 	github.com/kardianos/osext v0.0.0-20190222173326-2bc1f35cddc0 // indirect
@@ -37,7 +35,6 @@ require (
 	github.com/russellhaering/goxmldsig v1.1.1
 	github.com/satori/go.uuid v1.2.0
 	github.com/shirou/gopsutil v3.21.11+incompatible
-	github.com/skip2/go-qrcode v0.0.0-20200617195104-da1b6568686e
 	github.com/smartystreets/goconvey v1.6.4 // indirect
 	github.com/stretchr/testify v1.8.0
 	github.com/tealeg/xlsx v1.0.5
@@ -50,10 +47,9 @@ require (
 	golang.org/x/sys v0.0.0-20220520151302-bc2c85ada10a // indirect
 	gopkg.in/alexcesaro/quotedprintable.v3 v3.0.0-20150716171945-2caba252f4dc // indirect
 	gopkg.in/gomail.v2 v2.0.0-20160411212932-81ebce5c23df // indirect
-	gopkg.in/ini.v1 v1.67.0
+	gopkg.in/ini.v1 v1.62.0 // indirect
 	gopkg.in/square/go-jose.v2 v2.6.0
 	gopkg.in/yaml.v2 v2.3.0 // indirect
-	xorm.io/builder v0.3.12 // indirect
 	xorm.io/core v0.7.2
-	xorm.io/xorm v1.0.5
+	xorm.io/xorm v1.0.4
 )

go.sum

@@ -61,8 +61,6 @@ github.com/Knetic/govaluate v3.0.1-0.20171022003610-9aa49832a739+incompatible/go
 github.com/PuerkitoBio/goquery v1.5.1/go.mod h1:GsLWisAFVj4WgDibEWF4pvYnkVQBpKBKeU+7zCJoLcc=
 github.com/RobotsAndPencils/go-saml v0.0.0-20170520135329-fb13cb52a46b h1:EgJ6N2S0h1WfFIjU5/VVHWbMSVYXAluop97Qxpr/lfQ=
 github.com/RobotsAndPencils/go-saml v0.0.0-20170520135329-fb13cb52a46b/go.mod h1:3SAoF0F5EbcOuBD5WT9nYkbIJieBS84cUQXADbXeBsU=
-github.com/Unknwon/goconfig v1.0.0 h1:9IAu/BYbSLQi8puFjUQApZTxIHqSwrj5d8vpP8vTq4A=
-github.com/Unknwon/goconfig v1.0.0/go.mod h1:wngxua9XCNjvHjDiTiV26DaKDT+0c63QR6H5hjVUUxw=
 github.com/alecthomas/template v0.0.0-20160405071501-a0175ee3bccc/go.mod h1:LOuyumcjzFXgccqObfd/Ljyb9UuFJ6TxHnclSeseNhc=
 github.com/alecthomas/template v0.0.0-20190718012654-fb15b899a751/go.mod h1:LOuyumcjzFXgccqObfd/Ljyb9UuFJ6TxHnclSeseNhc=
 github.com/alecthomas/units v0.0.0-20151022065526-2efee857e7cf/go.mod h1:ybxpYRFXyAe+OPACYpWeL0wqObRcbAqCMya13uyzqw0=
@@ -76,13 +74,13 @@ github.com/aliyun/alibaba-cloud-sdk-go v1.61.1075/go.mod h1:pUKYbK5JQ+1Dfxk80P0q
 github.com/aliyun/aliyun-oss-go-sdk v2.2.2+incompatible h1:9gWa46nstkJ9miBReJcN8Gq34cBFbzSpQZVVT9N09TM=
 github.com/aliyun/aliyun-oss-go-sdk v2.2.2+incompatible/go.mod h1:T/Aws4fEfogEE9v+HPhhw+CntffsBHJ8nXQCwKr0/g8=
 github.com/andybalholm/cascadia v1.1.0/go.mod h1:GsXiBklL0woXo1j/WYWtSYYC4ouU9PqHO0sqidkEA4Y=
+github.com/astaxie/beego v1.12.3 h1:SAQkdD2ePye+v8Gn1r4X6IKZM1wd28EyUOVQ3PDSOOQ=
+github.com/astaxie/beego v1.12.3/go.mod h1:p3qIm0Ryx7zeBHLljmd7omloyca1s4yu1a8kM1FkpIA=
 github.com/avast/retry-go v3.0.0+incompatible/go.mod h1:XtSnn+n/sHqQIpZ10K1qAevBhOOCWBLXXy3hyiqqBrY=
 github.com/aws/aws-sdk-go v1.44.4 h1:ePN0CVJMdiz2vYUcJH96eyxRrtKGSDMgyhP6rah2OgE=
 github.com/aws/aws-sdk-go v1.44.4/go.mod h1:y4AeaBuwd2Lk+GepC1E9v0qOiTws0MIWAX4oIKwKHZo=
 github.com/baiyubin/aliyun-sts-go-sdk v0.0.0-20180326062324-cfa1a18b161f h1:ZNv7On9kyUzm7fvRZumSyy/IUiSC7AzL0I1jKKtwooA=
 github.com/baiyubin/aliyun-sts-go-sdk v0.0.0-20180326062324-cfa1a18b161f/go.mod h1:AuiFmCCPBSrqvVMvuqFuk0qogytodnVFVSN5CeJB8Gc=
-github.com/beego/beego v1.12.11 h1:MWKcnpavb7iAIS0m6uuEq6pHKkYvGNw/5umIUKqL7jM=
-github.com/beego/beego v1.12.11/go.mod h1:QURFL1HldOcCZAxnc1cZ7wrplsYR5dKPHFjmk6WkLAs=
 github.com/beego/goyaml2 v0.0.0-20130207012346-5545475820dd/go.mod h1:1b+Y/CofkYwXMUU0OhQqGvsY2Bvgr4j6jfT699wyZKQ=
 github.com/beego/x2j v0.0.0-20131220205130-a0352aadc542/go.mod h1:kSeGC/p1AbBiEp5kat81+DSQrZenVBZXklMLaELspWU=
 github.com/beevik/etree v1.1.0 h1:T0xke/WvNtMoCqgzPhkX2r4rjY3GDZFi+FjpRZY2Jbs=
@@ -98,10 +96,10 @@ github.com/casbin/casbin/v2 v2.1.0/go.mod h1:YcPU1XXisHhLzuxH9coDNf2FbKpjGlbCg3n
 github.com/casbin/casbin/v2 v2.28.3/go.mod h1:vByNa/Fchek0KZUgG5wEsl7iFsiviAYKRtgrQfcJqHg=
 github.com/casbin/casbin/v2 v2.30.1 h1:P5HWadDL7olwUXNdcuKUBk+x75Y2eitFxYTcLNKeKF0=
 github.com/casbin/casbin/v2 v2.30.1/go.mod h1:vByNa/Fchek0KZUgG5wEsl7iFsiviAYKRtgrQfcJqHg=
-github.com/casbin/xorm-adapter/v3 v3.0.1 h1:0l0zkYxo6cNuIdrBZgFxlje1TRvmheYa/zIp+sGPK58=
-github.com/casbin/xorm-adapter/v3 v3.0.1/go.mod h1:1BL7rHEDXrxO+vQdSo/ZaWKRivXl7YTos67GdMYcd20=
-github.com/casdoor/go-sms-sender v0.5.1 h1:1/Wp1OLkVAVY4lEGQhekSNetSAWhnPcxYPV7xpCZgC0=
-github.com/casdoor/go-sms-sender v0.5.1/go.mod h1:kBykbqwgRDXbXdMAIxmZKinVM1WjdqEbej5LAbUbcfI=
+github.com/casbin/xorm-adapter/v2 v2.5.1 h1:BkpIxRHKa0s3bSMx173PpuU7oTs+Zw7XmD0BIta0HGM=
+github.com/casbin/xorm-adapter/v2 v2.5.1/go.mod h1:AeH4dBKHC9/zYxzdPVHhPDzF8LYLqjDdb767CWJoV54=
+github.com/casdoor/go-sms-sender v0.3.0 h1:c4bWVcKZhO2L3Xu1oy7aeVkCK6HRJkW/b5K1xU9mV60=
+github.com/casdoor/go-sms-sender v0.3.0/go.mod h1:fsZsNnALvFIo+HFcE1U/oCQv4ZT42FdglXKMsEm3WSk=
 github.com/casdoor/goth v1.69.0-FIX2 h1:RgfIMkL9kekylgxHHK2ZY8ASAwOGns2HVlaBwLu7Bcs=
 github.com/casdoor/goth v1.69.0-FIX2/go.mod h1:Om55nRo8CkeDkPSNBbzXW4G5uI28ZUkSk5S69dPek3s=
 github.com/casdoor/oss v1.2.0 h1:ozLAE+nnNdFQBWbzH8U9spzaO8h8NrB57lBcdyMUUQ8=
@@ -117,9 +115,9 @@ github.com/cloudflare/cfssl v0.0.0-20190726000631-633726f6bcb7 h1:Puu1hUwfps3+1C
 github.com/cloudflare/cfssl v0.0.0-20190726000631-633726f6bcb7/go.mod h1:yMWuSON2oQp+43nFtAV/uvKQIFpSPerB57DCt9t8sSA=
 github.com/cloudflare/golz4 v0.0.0-20150217214814-ef862a3cdc58/go.mod h1:EOBUe0h4xcZ5GoxqC5SDxFQ8gwyZPKQoEzownBlhI80=
 github.com/cncf/udpa/go v0.0.0-20191209042840-269d4d468f6f/go.mod h1:M8M6+tZqaGXZJjfX53e64911xZQV5JYwmTeXPW+k8Sc=
-github.com/couchbase/go-couchbase v0.0.0-20201216133707-c04035124b17/go.mod h1:+/bddYDxXsf9qt0xpDUtRR47A2GjaXmGGAqQ/k3GJ8A=
-github.com/couchbase/gomemcached v0.1.2-0.20201224031647-c432ccf49f32/go.mod h1:mxliKQxOv84gQ0bJWbI+w9Wxdpt9HjDvgW9MjCym5Vo=
-github.com/couchbase/goutils v0.0.0-20210118111533-e33d3ffb5401/go.mod h1:BQwMFlJzDjFDG3DJUdU0KORxn88UlsOULuxLExMh3Hs=
+github.com/couchbase/go-couchbase v0.0.0-20200519150804-63f3cdb75e0d/go.mod h1:TWI8EKQMs5u5jLKW/tsb9VwauIrMIxQG1r5fMsswK5U=
+github.com/couchbase/gomemcached v0.0.0-20200526233749-ec430f949808/go.mod h1:srVSlQLB8iXBVXHgnqemxUXqN6FCvClgCMPCsjBDR7c=
+github.com/couchbase/goutils v0.0.0-20180530154633-e865a1461c8a/go.mod h1:BQwMFlJzDjFDG3DJUdU0KORxn88UlsOULuxLExMh3Hs=
 github.com/creack/pty v1.1.9/go.mod h1:oKZEueFk5CKHvIhNR5MUki03XCEU+Q6VDXinZuGJ33E=
 github.com/cupcake/rdb v0.0.0-20161107195141-43ba34106c76/go.mod h1:vYwsqCOLxGiisLwp9rITslkFNpZD5rz43tf41QFkTWY=
 github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
@@ -139,8 +137,8 @@ github.com/envoyproxy/go-control-plane v0.9.0/go.mod h1:YTl/9mNaCwkRvm6d1a2C3ymF
 github.com/envoyproxy/go-control-plane v0.9.1-0.20191026205805-5f8ba28d4473/go.mod h1:YTl/9mNaCwkRvm6d1a2C3ymFceY/DCBVvsKhRF0iEA4=
 github.com/envoyproxy/go-control-plane v0.9.4/go.mod h1:6rpuAdCZL397s3pYoYcLgu1mIlRU8Am5FuJP05cCM98=
 github.com/envoyproxy/protoc-gen-validate v0.1.0/go.mod h1:iSmxcyjqTsJpI2R4NaDN7+kN2VEUnK/pcBlmesArF7c=
-github.com/forestmgy/ldapserver v1.1.0 h1:gvil4nuLhqPEL8SugCkFhRyA0/lIvRdwZSqlrw63ll4=
-github.com/forestmgy/ldapserver v1.1.0/go.mod h1:1RZ8lox1QSY7rmbjdmy+sYQXY4Lp7SpGzpdE3+j3IyM=
+github.com/forestmgy/ldapserver v1.0.9 h1:eMJKsN7Q/c9u074FVXfpPuTp3vOyH+O7Zpe6KfCCMUc=
+github.com/forestmgy/ldapserver v1.0.9/go.mod h1:1RZ8lox1QSY7rmbjdmy+sYQXY4Lp7SpGzpdE3+j3IyM=
 github.com/form3tech-oss/jwt-go v3.2.2+incompatible h1:TcekIExNqud5crz4xD2pavyTgWiPvpYe4Xau31I0PRk=
 github.com/form3tech-oss/jwt-go v3.2.2+incompatible/go.mod h1:pbq4aXjuKjdthFRnoDwaVPLA+WlJuPGy+QneDUgJi2k=
 github.com/fsnotify/fsnotify v1.4.7/go.mod h1:jwhsz4b93w/PPRr/qN1Yymfu8t87LnFCMoQvtojpjFo=
@@ -177,8 +175,6 @@ github.com/go-sql-driver/mysql v1.5.0/go.mod h1:DCzpHaOWr8IXmIStZouvnhqoel9Qv2LB
 github.com/go-stack/stack v1.8.0/go.mod h1:v0f6uXyyMGvRgIKkXu+yp6POWl0qKG85gN/melR3HDY=
 github.com/gogo/protobuf v1.1.1/go.mod h1:r8qH/GZQm5c6nD/R0oafs1akxWv10x8SbQlK7atdtwQ=
 github.com/goji/httpauth v0.0.0-20160601135302-2da839ab0f4d/go.mod h1:nnjvkQ9ptGaCkuDUx6wNykzzlUixGxvkme+H/lnzb+A=
-github.com/golang-jwt/jwt v3.2.2+incompatible h1:IfV12K8xAKAnZqdXVzCZ+TOjboZ2keLg81eXfW3O+oY=
-github.com/golang-jwt/jwt v3.2.2+incompatible/go.mod h1:8pz2t5EyA70fFQQSrl6XZXzqecmYZeUEB8OUGHkxJ+I=
 github.com/golang-jwt/jwt/v4 v4.1.0/go.mod h1:/xlHOz8bRuivTWchD4jCa+NbatV+wEUSzwAxVc6locg=
 github.com/golang-jwt/jwt/v4 v4.2.0 h1:besgBTC8w8HjP6NzQdxwKH9Z5oQMZ24ThTrHp3cZ8eU=
 github.com/golang-jwt/jwt/v4 v4.2.0/go.mod h1:/xlHOz8bRuivTWchD4jCa+NbatV+wEUSzwAxVc6locg=
@@ -194,9 +190,8 @@ github.com/golang/mock v1.3.1/go.mod h1:sBzyDLLjw3U8JLTeZvSv8jJB+tU5PVekmnlKIyFU
 github.com/golang/mock v1.4.0/go.mod h1:UOMv5ysSaYNkG+OFQykRIcU/QvvxJf3p21QfJ2Bt3cw=
 github.com/golang/mock v1.4.1/go.mod h1:UOMv5ysSaYNkG+OFQykRIcU/QvvxJf3p21QfJ2Bt3cw=
 github.com/golang/mock v1.4.3/go.mod h1:UOMv5ysSaYNkG+OFQykRIcU/QvvxJf3p21QfJ2Bt3cw=
+github.com/golang/mock v1.4.4 h1:l75CXGRSwbaYNpl/Z2X1XIIAMSCquvXgpVZDhwEIJsc=
 github.com/golang/mock v1.4.4/go.mod h1:l3mdAwkq5BuhzHwde/uurv3sEJeZMXNpwsxVWU71h+4=
-github.com/golang/mock v1.6.0 h1:ErTB+efbowRARo13NNdxyJji2egdxLGQhRaY+DUumQc=
-github.com/golang/mock v1.6.0/go.mod h1:p6yTPP+5HYm5mzsMV8JkE6ZKdX+/wYM6Hr+LicevLPs=
 github.com/golang/protobuf v1.2.0/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U=
 github.com/golang/protobuf v1.3.1/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U=
 github.com/golang/protobuf v1.3.2/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U=
@@ -213,9 +208,8 @@ github.com/golang/protobuf v1.4.2/go.mod h1:oDoupMAO8OvCJWAcko0GGGIgR6R6ocIYbsSw
 github.com/golang/protobuf v1.4.3 h1:JjCZWpVbqXDqFVmTfYWEVTMIYrL/NPdPSCHPJ0T/raM=
 github.com/golang/protobuf v1.4.3/go.mod h1:oDoupMAO8OvCJWAcko0GGGIgR6R6ocIYbsSw735rRwI=
 github.com/golang/snappy v0.0.0-20170215233205-553a64147049/go.mod h1:/XxbfmMg8lxefKM7IXC3fBNl/7bRcc72aCRzEWrmP2Q=
+github.com/golang/snappy v0.0.0-20180518054509-2e65f85255db h1:woRePGFeVFfLKN/pOkfl+p/TAqKOfFu+7KPlMVpok/w=
 github.com/golang/snappy v0.0.0-20180518054509-2e65f85255db/go.mod h1:/XxbfmMg8lxefKM7IXC3fBNl/7bRcc72aCRzEWrmP2Q=
-github.com/golang/snappy v0.0.4 h1:yAGX7huGHXlcLOEtBnF4w7FQwA26wojNCwOYAEhLjQM=
-github.com/golang/snappy v0.0.4/go.mod h1:/XxbfmMg8lxefKM7IXC3fBNl/7bRcc72aCRzEWrmP2Q=
 github.com/gomodule/redigo v2.0.0+incompatible h1:K/R+8tc58AaqLkqG2Ol3Qk+DR/TlNuhuh457pBFPtt0=
 github.com/gomodule/redigo v2.0.0+incompatible/go.mod h1:B4C85qUVwatsJoIUNIfCRsp7qO0iAmpGFZ4EELWSbC4=
 github.com/google/btree v0.0.0-20180813153112-4030bb1f1f0c/go.mod h1:lNA+9X1NB3Zf8V7Ke586lFgjr2dZNuvo3lPJSGZ5JPQ=
@@ -344,6 +338,7 @@ github.com/onsi/gomega v1.4.3/go.mod h1:ex+gbHU/CVuBBDIJjb2X0qEXbFg53c61hWP/1Cpa
 github.com/onsi/gomega v1.7.1 h1:K0jcRCwNQM3vFGh1ppMtDh/+7ApJrjldlX8fA0jDTLQ=
 github.com/onsi/gomega v1.7.1/go.mod h1:XdKZgCCFLUoM/7CFJVPcG8C1xQ1AJ0vpAezJrB7JYyY=
 github.com/pelletier/go-toml v1.0.1/go.mod h1:5z9KED0ma1S8pY6P1sdut58dfprrGBbd/94hg7ilaic=
+github.com/pelletier/go-toml v1.2.0/go.mod h1:5z9KED0ma1S8pY6P1sdut58dfprrGBbd/94hg7ilaic=
 github.com/peterh/liner v1.0.1-0.20171122030339-3681c2a91233/go.mod h1:xIteQHvHuaLYG9IFj6mSxM0fCKrs34IrEQUhOYuGPHc=
 github.com/pkg/diff v0.0.0-20210226163009-20ebb0f2a09e/go.mod h1:pJLUxLENpZxwdsKMEsNbx1VGcRFpLqf3715MtcvvzbA=
 github.com/pkg/errors v0.8.0/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0=
@@ -395,8 +390,6 @@ github.com/siddontang/goredis v0.0.0-20150324035039-760763f78400/go.mod h1:DDcKz
 github.com/siddontang/rdb v0.0.0-20150307021120-fc89ed2e418d/go.mod h1:AMEsy7v5z92TR1JKMkLLoaOQk++LVnOKL3ScbJ8GNGA=
 github.com/sirupsen/logrus v1.2.0/go.mod h1:LxeOpSwHxABJmUn/MG1IvRgCAasNZTLOkJPxbbu5VWo=
 github.com/sirupsen/logrus v1.4.2/go.mod h1:tLMulIdttU9McNUspp0xgXVQah82FyeX6MwdIuYE2rE=
-github.com/skip2/go-qrcode v0.0.0-20200617195104-da1b6568686e h1:MRM5ITcdelLK2j1vwZ3Je0FKVCfqOLp5zO6trqMLYs0=
-github.com/skip2/go-qrcode v0.0.0-20200617195104-da1b6568686e/go.mod h1:XV66xRDqSt+GTGFMVlhk3ULuV0y9ZmzeVGR4mloJI3M=
 github.com/smartystreets/assertions v0.0.0-20180927180507-b2de0cb4f26d h1:zE9ykElWQ6/NYmHa3jpm/yHnI4xSofP+UP6SpjHcSeM=
 github.com/smartystreets/assertions v0.0.0-20180927180507-b2de0cb4f26d/go.mod h1:OnSkiWE9lh6wB0YB77sQom3nweQdgAjqCqsofrRNTgc=
 github.com/smartystreets/goconvey v0.0.0-20190330032615-68dc04aab96a/go.mod h1:syvi0/a8iFYH4r/RixwvyeAJjdLS9QV7WQ/tjFTllLA=
@@ -411,11 +404,11 @@ github.com/stretchr/testify v1.3.0/go.mod h1:M5WIy9Dh21IEIfnGCwXGc5bZfKNJtfHm1UV
 github.com/stretchr/testify v1.4.0/go.mod h1:j7eGeouHqKxXV5pUuKE4zz7dFj8WfuZ+81PSLYec5m4=
 github.com/stretchr/testify v1.5.1/go.mod h1:5W2xD1RspED5o8YsWQXVCued0rvSQ+mT+I5cxcmMvtA=
 github.com/stretchr/testify v1.6.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg=
-github.com/stretchr/testify v1.7.0/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg=
 github.com/stretchr/testify v1.7.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg=
 github.com/stretchr/testify v1.8.0 h1:pSgiaMZlXftHpm5L7V1+rVB+AZJydKsMxsQBIJw4PKk=
 github.com/stretchr/testify v1.8.0/go.mod h1:yNjHg4UonilssWZ8iaSj1OCr/vHnekPRkoO+kdMU+MU=
 github.com/syndtr/goleveldb v0.0.0-20160425020131-cfa635847112/go.mod h1:Z4AUp2Km+PwemOoO/VB5AOx9XSsIItzFjoJlOSiYmn0=
+github.com/syndtr/goleveldb v0.0.0-20181127023241-353a9fca669c/go.mod h1:Z4AUp2Km+PwemOoO/VB5AOx9XSsIItzFjoJlOSiYmn0=
 github.com/syndtr/goleveldb v1.0.0 h1:fBdIW9lB4Iz0n9khmH8w27SJ3QEJ7+IgjPEwGSZiFdE=
 github.com/syndtr/goleveldb v1.0.0/go.mod h1:ZVVdQEZoIme9iO1Ch2Jdy24qqXrMMOU6lpPAyBWyWuQ=
 github.com/tealeg/xlsx v1.0.5 h1:+f8oFmvY8Gw1iUXzPk+kz+4GpbDZPK1FhPiQRd+ypgE=
@@ -428,19 +421,16 @@ github.com/tklauser/go-sysconf v0.3.10 h1:IJ1AZGZRWbY8T5Vfk04D9WOA5WSejdflXxP03O
 github.com/tklauser/go-sysconf v0.3.10/go.mod h1:C8XykCvCb+Gn0oNCWPIlcb0RuglQTYaQ2hGm7jmxEFk=
 github.com/tklauser/numcpus v0.4.0 h1:E53Dm1HjH1/R2/aoCtXtPgzmElmn51aOkhCFSuZq//o=
 github.com/tklauser/numcpus v0.4.0/go.mod h1:1+UI3pD8NW14VMwdgJNJ1ESk2UnwhAnz5hMwiKKqXCQ=
-github.com/twilio/twilio-go v0.26.0 h1:wFW4oTe3/LKt6bvByP7eio8JsjtaLHjMQKOUEzQry7U=
-github.com/twilio/twilio-go v0.26.0/go.mod h1:lz62Hopu4vicpQ056H5TJ0JE4AP0rS3sQ35/ejmgOwE=
 github.com/ugorji/go v0.0.0-20171122102828-84cb69a8af83/go.mod h1:hnLbHMwcvSihnDhEfx2/BzKp2xb0Y+ErdfYcrs9tkJQ=
 github.com/volcengine/volc-sdk-golang v1.0.19 h1:jJp+aJgK0e//rZ9I0K2Y7ufJwvuZRo/AQsYDynXMNgA=
 github.com/volcengine/volc-sdk-golang v1.0.19/go.mod h1:+GGi447k4p1I5PNdbpG2GLaF0Ui9vIInTojMM0IfSS4=
-github.com/wendal/errors v0.0.0-20181209125328-7f31f4b264ec/go.mod h1:Q12BUT7DqIlHRmgv3RskH+UCM/4eqVMgI0EMmlSpAXc=
+github.com/wendal/errors v0.0.0-20130201093226-f66c77a7882b/go.mod h1:Q12BUT7DqIlHRmgv3RskH+UCM/4eqVMgI0EMmlSpAXc=
 github.com/x448/float16 v0.8.4 h1:qLwI1I70+NjRFUR3zs1JPUCgaCXSh3SW62uAKT1mSBM=
 github.com/x448/float16 v0.8.4/go.mod h1:14CWIYCyZA/cWjXOioeEpHeN/83MdbZDRQHoFcYsOfg=
 github.com/yuin/goldmark v1.1.25/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74=
 github.com/yuin/goldmark v1.1.27/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74=
 github.com/yuin/goldmark v1.1.32/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74=
 github.com/yuin/goldmark v1.2.1/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74=
-github.com/yuin/goldmark v1.3.5/go.mod h1:mwnBkeHKe2W/ZEtQ+71ViKU8L12m81fl3OWwC1Zlc8k=
 github.com/yuin/gopher-lua v0.0.0-20171031051903-609c9cd26973/go.mod h1:aEV29XrmTYFr3CiRxZeGHpkvbwq+prZduBqMaascyCU=
 github.com/yusufpapurcu/wmi v1.2.2 h1:KBNDSne4vP5mbSWnJbO+51IMOXJB67QiYCSBrubbPRg=
 github.com/yusufpapurcu/wmi v1.2.2/go.mod h1:SBZ9tNy3G9/m5Oi98Zks0QjeHVDvuK0qfxQmPyzfmi0=
@@ -461,7 +451,6 @@ golang.org/x/crypto v0.0.0-20200604202706-70a84ac30bf9/go.mod h1:LzIPMQfyMNhhGPh
 golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto=
 golang.org/x/crypto v0.0.0-20201002170205-7f63de1d35b0/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto=
 golang.org/x/crypto v0.0.0-20201016220609-9e8e0b390897/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto=
-golang.org/x/crypto v0.0.0-20201221181555-eec23a3978ad/go.mod h1:jdWPYTVW3xRLrWPugEBEK3UY2ZEsg3UU495nc5E+M+I=
 golang.org/x/crypto v0.0.0-20210711020723-a769d52b0f97/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc=
 golang.org/x/crypto v0.0.0-20210921155107-089bfa567519/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc=
 golang.org/x/crypto v0.0.0-20211117183948-ae814b36b871/go.mod h1:IxCIyHEi3zRg3s0A5j5BB6A9Jmi73HwBIUl50j+osU4=
@@ -497,7 +486,6 @@ golang.org/x/mod v0.1.1-0.20191105210325-c90efee705ee/go.mod h1:QqPTAvyqsEbceGzB
 golang.org/x/mod v0.1.1-0.20191107180719-034126e5016b/go.mod h1:QqPTAvyqsEbceGzBzNggFXnrqF1CaUcvgkdR5Ot7KZg=
 golang.org/x/mod v0.2.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA=
 golang.org/x/mod v0.3.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA=
-golang.org/x/mod v0.4.2/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA=
 golang.org/x/net v0.0.0-20180218175443-cbe0f9307d01/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
 golang.org/x/net v0.0.0-20180724234803-3673e40ba225/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
 golang.org/x/net v0.0.0-20180826012351-8a410e7b638d/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
@@ -532,7 +520,6 @@ golang.org/x/net v0.0.0-20200822124328-c89045814202/go.mod h1:/O7V0waA8r7cgGh81R
 golang.org/x/net v0.0.0-20200927032502-5d4f70055728/go.mod h1:/O7V0waA8r7cgGh81Ro3o1hOxt32SMVPicZroKQ2sZA=
 golang.org/x/net v0.0.0-20200930145003-4acb6c075d10/go.mod h1:/O7V0waA8r7cgGh81Ro3o1hOxt32SMVPicZroKQ2sZA=
 golang.org/x/net v0.0.0-20210226172049-e18ecbb05110/go.mod h1:m0MpNAwzfU5UDzcl9v0D8zg8gWTRqZa9RBIspLL5mdg=
-golang.org/x/net v0.0.0-20210405180319-a5a99cb37ef4/go.mod h1:p54w0d4576C0XHj96bSt6lcn1PtDYWL6XObtHCRCNQM=
 golang.org/x/net v0.0.0-20210610132358-84b48f89b13b/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y=
 golang.org/x/net v0.0.0-20211112202133-69e39bad7dc2/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y=
 golang.org/x/net v0.0.0-20220127200216-cd36cc0744dd h1:O7DYs+zxREGLKzKoMQrtrEacpb0ZVXA5rIwylE2Xchk=
@@ -554,7 +541,6 @@ golang.org/x/sync v0.0.0-20190911185100-cd5d95a43a6e/go.mod h1:RxMgew5VJxzue5/jJ
 golang.org/x/sync v0.0.0-20200317015054-43a5402ce75a/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
 golang.org/x/sync v0.0.0-20200625203802-6e8e738ad208/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
 golang.org/x/sync v0.0.0-20201207232520-09787c993a3a/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
-golang.org/x/sync v0.0.0-20210220032951-036812b2e83c/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
 golang.org/x/sys v0.0.0-20180830151530-49385e6e1522/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
 golang.org/x/sys v0.0.0-20180905080454-ebe1bf3edb33/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
 golang.org/x/sys v0.0.0-20180909124046-d0be0721c37e/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
@@ -570,7 +556,6 @@ golang.org/x/sys v0.0.0-20190624142023-c5567b49c5d0/go.mod h1:h1NjWce9XRLGQEsW7w
 golang.org/x/sys v0.0.0-20190726091711-fc99dfbffb4e/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
 golang.org/x/sys v0.0.0-20190916202348-b4ddaad3f8a3/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
 golang.org/x/sys v0.0.0-20191001151750-bb3f8db39f24/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
-golang.org/x/sys v0.0.0-20191026070338-33540a1f6037/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
 golang.org/x/sys v0.0.0-20191112214154-59a1497f0cea/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
 golang.org/x/sys v0.0.0-20191120155948-bd437916bb0e/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
 golang.org/x/sys v0.0.0-20191204072324-ce4227a45e2e/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
@@ -592,9 +577,7 @@ golang.org/x/sys v0.0.0-20200615200032-f1bc736245b1/go.mod h1:h1NjWce9XRLGQEsW7w
 golang.org/x/sys v0.0.0-20200803210538-64077c9b5642/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
 golang.org/x/sys v0.0.0-20200905004654-be1d3432aa8f/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
 golang.org/x/sys v0.0.0-20201119102817-f84b799fce68/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
-golang.org/x/sys v0.0.0-20210330210617-4fbd30eecc44/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
 golang.org/x/sys v0.0.0-20210423082822-04245dca01da/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
-golang.org/x/sys v0.0.0-20210510120138-977fb7262007/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/sys v0.0.0-20210615035016-665e8c7367d1/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/sys v0.0.0-20210630005230-0f9fa26af87c/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/sys v0.0.0-20211020174200-9d6173849985/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
@@ -602,7 +585,6 @@ golang.org/x/sys v0.0.0-20211216021012-1d35b9e2eb4e/go.mod h1:oPkhp1MJrh7nUepCBc
 golang.org/x/sys v0.0.0-20220128215802-99c3d69c2c27/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/sys v0.0.0-20220520151302-bc2c85ada10a h1:dGzPydgVsqGcTRVwiLJ1jVbufYwmzD3LfVPLKsKg+0k=
 golang.org/x/sys v0.0.0-20220520151302-bc2c85ada10a/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
-golang.org/x/term v0.0.0-20201117132131-f5c789dd3221/go.mod h1:Nr5EML6q2oocZ2LXRh80K7BxOlk5/8JxuGnuhpl+muw=
 golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo=
 golang.org/x/term v0.0.0-20210927222741-03fcf44c2211/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8=
 golang.org/x/text v0.0.0-20170915032832-14c0d48ead0c/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
@@ -661,7 +643,6 @@ golang.org/x/tools v0.0.0-20200804011535-6c149bb5ef0d/go.mod h1:njjCfa9FT2d7l9Bc
 golang.org/x/tools v0.0.0-20200825202427-b303f430e36d/go.mod h1:njjCfa9FT2d7l9Bc6FUM5FLjQPp3cFF28FI3qnDFljA=
 golang.org/x/tools v0.0.0-20200904185747-39188db58858/go.mod h1:Cj7w3i3Rnn0Xh82ur9kSqwfTHTeVxaDqrfMjpcNT6bE=
 golang.org/x/tools v0.0.0-20200929161345-d7fc70abf50f/go.mod h1:z6u4i615ZeAfBE4XtMziQW1fSVJXACjjbWkB/mvPzlU=
-golang.org/x/tools v0.1.1/go.mod h1:o0xws9oXOQQZyjljx8fwUC0k7L1pTE6eaCbjGeHmOkk=
 golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
 golang.org/x/xerrors v0.0.0-20191011141410-1b5146add898/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
 golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
@@ -762,8 +743,8 @@ gopkg.in/fsnotify.v1 v1.4.7/go.mod h1:Tz8NjZHkW78fSQdbUxIjBTcgA1z1m8ZHf0WmKUhAMy
 gopkg.in/gomail.v2 v2.0.0-20160411212932-81ebce5c23df h1:n7WqCuqOuCbNr617RXOY0AWRXxgwEyPp2z+p0+hgMuE=
 gopkg.in/gomail.v2 v2.0.0-20160411212932-81ebce5c23df/go.mod h1:LRQQ+SO6ZHR7tOkpBDuZnXENFzX8qRjMDMyPD6BRkCw=
 gopkg.in/ini.v1 v1.42.0/go.mod h1:pNLf8WUiyNEtQjuu5G5vTm06TEv9tsIgeAvK8hOrP4k=
-gopkg.in/ini.v1 v1.67.0 h1:Dgnx+6+nfE+IfzjUEISNeydPJh9AXNNsWbGP9KzCsOA=
-gopkg.in/ini.v1 v1.67.0/go.mod h1:pNLf8WUiyNEtQjuu5G5vTm06TEv9tsIgeAvK8hOrP4k=
+gopkg.in/ini.v1 v1.62.0 h1:duBzk771uxoUuOlyRLkHsygud9+5lrlGjdFBb4mSKDU=
+gopkg.in/ini.v1 v1.62.0/go.mod h1:pNLf8WUiyNEtQjuu5G5vTm06TEv9tsIgeAvK8hOrP4k=
 gopkg.in/mgo.v2 v2.0.0-20190816093944-a6b53ec6cb22/go.mod h1:yeKp02qBN3iKW1OzL3MGk2IdtZzaj7SFntXj72NppTA=
 gopkg.in/square/go-jose.v2 v2.6.0 h1:NGk74WTnPKBNUhNzQX7PYcTLUjoq7mzKk2OKbvwk2iI=
 gopkg.in/square/go-jose.v2 v2.6.0/go.mod h1:M9dMgbHiYLoDGQrXy7OpJDJWiKiU//h+vD76mk0e1AI=
@@ -790,11 +771,10 @@ honnef.co/go/tools v0.0.1-2020.1.4/go.mod h1:X/FiERA/W4tHapMX5mGpAtMSVEeEUOyHaw9
 rsc.io/binaryregexp v0.2.0/go.mod h1:qTv7/COck+e2FymRvadv62gMdZztPaShugOCi3I+8D8=
 rsc.io/quote/v3 v3.1.0/go.mod h1:yEA65RcK8LyAZtP9Kv3t0HmxON59tX3rD+tICJqUlj0=
 rsc.io/sampler v1.3.0/go.mod h1:T1hPZKmBbMNahiBKFy5HrXp6adAjACjK9JXDnKaTXpA=
+xorm.io/builder v0.3.7 h1:2pETdKRK+2QG4mLX4oODHEhn5Z8j1m8sXa7jfu+/SZI=
 xorm.io/builder v0.3.7/go.mod h1:aUW0S9eb9VCaPohFCH3j7czOx1PMW3i1HrSzbLYGBSE=
-xorm.io/builder v0.3.12 h1:ASZYX7fQmy+o8UJdhlLHSW57JDOkM8DNhcAF5d0LiJM=
-xorm.io/builder v0.3.12/go.mod h1:aUW0S9eb9VCaPohFCH3j7czOx1PMW3i1HrSzbLYGBSE=
 xorm.io/core v0.7.2 h1:mEO22A2Z7a3fPaZMk6gKL/jMD80iiyNwRrX5HOv3XLw=
 xorm.io/core v0.7.2/go.mod h1:jJfd0UAEzZ4t87nbQYtVjmqpIODugN6PD2D9E+dJvdM=
 xorm.io/xorm v1.0.3/go.mod h1:uF9EtbhODq5kNWxMbnBEj8hRRZnlcNSz2t2N7HW/+A4=
-xorm.io/xorm v1.0.5 h1:LRr5PfOUb4ODPR63YwbowkNDwcolT2LnkwP/TUaMaB0=
-xorm.io/xorm v1.0.5/go.mod h1:uF9EtbhODq5kNWxMbnBEj8hRRZnlcNSz2t2N7HW/+A4=
+xorm.io/xorm v1.0.4 h1:UBXA4I3NhiyjXfPqxXUkS2t5hMta9SSPATeMMaZg9oA=
+xorm.io/xorm v1.0.4/go.mod h1:uF9EtbhODq5kNWxMbnBEj8hRRZnlcNSz2t2N7HW/+A4=

i18n/generate.go

@@ -83,7 +83,7 @@ func parseToData() *I18nData {
 
 	data := I18nData{}
 	for _, word := range allWords {
-		tokens := strings.SplitN(word, ":", 2)
+		tokens := strings.Split(word, ":")
 		namespace := tokens[0]
 		key := tokens[1]
 

i18n/generate_backend.go

@@ -1,122 +0,0 @@
-// Copyright 2022 The Casdoor Authors. All Rights Reserved.
-//
-// Licensed under the Apache License, Version 2.0 (the "License");
-// you may not use this file except in compliance with the License.
-// You may obtain a copy of the License at
-//
-//      http://www.apache.org/licenses/LICENSE-2.0
-//
-// Unless required by applicable law or agreed to in writing, software
-// distributed under the License is distributed on an "AS IS" BASIS,
-// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-// See the License for the specific language governing permissions and
-// limitations under the License.
-
-package i18n
-
-import (
-	"log"
-	"os"
-	"path/filepath"
-	"regexp"
-	"strings"
-
-	"github.com/Unknwon/goconfig"
-	"github.com/casdoor/casdoor/util"
-)
-
-var (
-	reI18nBackendObject    *regexp.Regexp
-	re18nBackendController *regexp.Regexp
-)
-
-func init() {
-	reI18nBackendObject, _ = regexp.Compile("i18n.Translate\\((.*?)\"\\)")
-	re18nBackendController, _ = regexp.Compile("c.T\\((.*?)\"\\)")
-}
-
-func GetAllI18nStrings(fileContent string, path string) []string {
-	res := []string{}
-	if strings.Contains(path, "object") {
-		matches := reI18nBackendObject.FindAllStringSubmatch(fileContent, -1)
-		if matches == nil {
-			return res
-		}
-		for _, match := range matches {
-			match := strings.Split(match[1], ",")
-			res = append(res, match[1][2:])
-		}
-	} else {
-		matches := re18nBackendController.FindAllStringSubmatch(fileContent, -1)
-		if matches == nil {
-			return res
-		}
-		for _, match := range matches {
-			res = append(res, match[1][1:])
-		}
-	}
-
-	return res
-}
-
-func getAllGoFilePaths() []string {
-	path := "../"
-
-	res := []string{}
-	err := filepath.Walk(path,
-		func(path string, info os.FileInfo, err error) error {
-			if err != nil {
-				return err
-			}
-
-			if !strings.HasSuffix(info.Name(), ".go") {
-				return nil
-			}
-
-			res = append(res, path)
-			// fmt.Println(path, info.Name())
-			return nil
-		})
-	if err != nil {
-		panic(err)
-	}
-
-	return res
-}
-
-func getErrName(paths []string) map[string]bool {
-	ErrName := make(map[string]bool)
-	for i := 0; i < len(paths); i++ {
-		content := util.ReadStringFromPath(paths[i])
-		words := GetAllI18nStrings(content, paths[i])
-		for i := 0; i < len(words); i++ {
-			ErrName[words[i]] = true
-		}
-	}
-	return ErrName
-}
-
-func writeToAllLanguageFiles(errName map[string]bool) {
-	languages := "en,zh,es,fr,de,ja,ko,ru"
-	languageArr := strings.Split(languages, ",")
-	var c [10]*goconfig.ConfigFile
-	for i := 0; i < len(languageArr); i++ {
-		var err error
-		c[i], err = goconfig.LoadConfigFile("../i18n/languages/" + "locale_" + languageArr[i] + ".ini")
-		if err != nil {
-			log.Println(err.Error())
-		}
-		for j := range errName {
-			parts := strings.Split(j, ".")
-			_, err := c[i].GetValue(parts[0], parts[1])
-			if err != nil {
-				c[i].SetValue(parts[0], parts[1], parts[1])
-			}
-		}
-		c[i].SetPrettyFormat(true)
-		err = goconfig.SaveConfigFile(c[i], "../i18n/languages/"+"locale_"+languageArr[i]+".ini")
-		if err != nil {
-			log.Println(err)
-		}
-	}
-}

i18n/generate_test.go

@@ -14,10 +14,7 @@
 
 package i18n
 
-import (
-	"fmt"
-	"testing"
-)
+import "testing"
 
 func applyToOtherLanguage(dataEn *I18nData, lang string) {
 	dataOther := readI18nFile(lang)
@@ -27,7 +24,7 @@ func applyToOtherLanguage(dataEn *I18nData, lang string) {
 	writeI18nFile(lang, dataEn)
 }
 
-func TestGenerateI18nStringsForFrontend(t *testing.T) {
+func TestGenerateI18nStrings(t *testing.T) {
 	dataEn := parseToData()
 	writeI18nFile("en", dataEn)
 
@@ -38,17 +35,3 @@ func TestGenerateI18nStringsForFrontend(t *testing.T) {
 	applyToOtherLanguage(dataEn, "ru")
 	applyToOtherLanguage(dataEn, "zh")
 }
-
-func TestGenerateI18nStringsForBackend(t *testing.T) {
-	paths := getAllGoFilePaths()
-
-	errName := getErrName(paths)
-
-	writeToAllLanguageFiles(errName)
-
-	fmt.Println("Total Err Words:", len(errName))
-
-	for i := range errName {
-		fmt.Println(i)
-	}
-}

i18n/languages/locale_de.ini

@@ -1,138 +0,0 @@
-[ApplicationErr]
-AppNotFound = Application %s not found
-AppNotFoundForUserID = No application is found for userId: %s
-GrantTypeNotSupport = Grant_type: %s is not supported in this application
-HasNoProviders = This application has no providers
-HasNoProvidersOfType = This application has no providers of type
-InvalidID = Invalid application id
-
-[AuthErr]
-AuthStateWrong = State expected: %s, but got: %s
-ChallengeMethodErr = Challenge method should be S256
-CanNotUnlinkUsers = You are not the global admin, you can't unlink other users
-CanNotLinkMySelf = You can't unlink yourself, you are not a member of any application
-CallWebAuthnSigninBegin = Please call WebAuthnSigninBegin first
-NotHuman = Turing test failed.
-Unauthorized = Unauthorized operation
-WrongPasswordManyTimes = WrongPasswordManyTimes
-
-[CasErr]
-ServiceDoNotMatch = Service %s and %s do not match
-
-[EmailErr]
-ExistedErr = Email already exists
-EmptyErr = Email cannot be empty
-EmailInvalid = Email is invalid
-EmailCheckResult = Email: %s
-EmptyParam = Empty parameters for emailForm: %v
-InvalidReceivers = Invalid Email receivers: %s
-UnableGetModifyRule = Unable to get the email modify rule.
-
-[EnforcerErr]
-SignInFirst = Please sign in first
-
-[InitErr]
-InitScoreFailed = Get init score failed, error: %%w
-
-[LdapErr]
-MultipleAccounts = Multiple accounts with same uid, please check your ldap server
-PasswordWrong = Ldap user name or password incorrect
-ServerExisted = Ldap server exist
-
-[LoginErr]
-AppDoNotExist = The application: %s does not exist
-AppNotEnableSignUp = The account for provider: %s and username: %s (%s) does not exist and is not allowed to sign up as new account, please contact your IT support
-AccountDoNotExist = The account does not exist
-InvalidUserInformation = Failed to create user, user information is invalid: %s
-LoginFirst = Please login first
-LoginFail = Failed to login in: %s
-NoPermission = You don't have the permission to do this
-OldUser = The account for provider: %s and username: %s (%s) is already linked to another account: %s (%s)
-ProviderCanNotSignUp = The account for provider: %s and username: %s (%s) does not exist and is not allowed to sign up as new account via %%s, please use another way to sign up
-SessionOutdated = Session outdated, please login again
-SignOutFirst = Please sign out first before signing in
-UserDoNotExist = The user: %s/%s doesn't exist
-UserIsForbidden = The user is forbidden to sign in, please contact the administrator
-UnknownAuthentication = Unknown authentication type (not password or provider), form = %s
-UnsupportedPasswordType = unsupported password type: %s
-
-[OrgErr]
-DoNotExist = Organization does not exist
-Immutable = The %s is immutable.
-OnlyAdmin = Only admin can modify the %s.
-UnknownModifyRule = Unknown modify rule %s.
-
-[ParameterErr]
-OrgMissingErr = Parameter organization is missing
-Missing = Missing parameter
-UnknownType = Unknown type
-Wrong = Wrong parameter
-
-[PhoneErr]
-CodeNotSent = Code has not been sent yet!
-CodeTimeOut = You should verify your code in %d min!
-ExistedErr = Phone already exists
-EmptyErr = Phone cannot be empty
-InvalidReceivers = Invalid phone receivers: %s
-NumberInvalid = Phone number is invalid
-NoPrefix = %s No phone prefix
-PhoneCheckResult = Phone: %s
-UnableGetModifyRule = Unable to get the phone modify rule.
-
-[ProviderErr]
-CanNotBeUnlinked = This provider can't be unlinked
-CategoryNotSAML = provider %s's category is not SAML
-DoNotExist = the provider: %s does not exist
-InvalidProvider = Invalid captcha provider.
-LinkFirstErr = Please link first
-ProviderNotEnabled = The provider: %s is not enabled for the application
-ProviderNotSupported = The provider type: %s is not supported
-ProviderNotFound = The provider: %s is not found
-ProviderNotFoundForCategory = No provider for category: %s is found for application: %s
-
-[ResourceErr]
-NotAuthorized = You are not authorized to access this resource
-UserIsNil = User is nil for tag: /"avatar/"
-UsernameOrFilePathEmpty = Username or fullFilePath is empty: username = %s, fullFilePath = %s
-
-[SetPasswordErr]
-CanNotContainBlank = New password cannot contain blank space.
-LessThanSixCharacters = New password must have at least 6 characters
-
-[SignUpErr]
-DoNotAllowSignUp = The application does not allow to sign up new account
-SignOutFirst = Please sign out first before signing up
-
-[StorageErr]
-ObjectKeyNotAllowed = The objectKey: %s is not allowed
-
-[TokenErr]
-EmptyClientID = Empty clientId or clientSecret
-InvalidToken = Invalid token
-InvalidAppOrWrongClientSecret = Invalid application or wrong clientSecret
-InvalidClientId = Invalid client_id
-RedirectURIDoNotExist = Redirect URI: %s doesn't exist in the allowed Redirect URI list
-
-[UserErr]
-AffiliationBlankErr = Affiliation cannot be blank
-DisplayNameBlankErr = DisplayName cannot be blank
-DisplayNameInvalid = DisplayName is not valid real name
-DisplayNameCanNotBeEmpty = Display name cannot be empty
-DoNotExist = The user: %s doesn't exist
-DoNotExistInOrg = The user: %s/%s doesn't exist
-DoNotExistSignUp = the user does not exist, please sign up first
-FirstNameBlankErr = FirstName cannot be blank
-FailToImportUsers = Failed to import users
-LastNameBlankErr = LastName cannot be blank
-NameLessThanTwoCharacters = Username must have at least 2 characters
-NameStartWithADigitErr = Username cannot start with a digit
-NameIsEmailErr = Username cannot be an email address
-NameCantainWhitSpaceErr = Username cannot contain white spaces
-NameExistedErr = Username already exists
-NameEmptyErr = Empty username.
-NameTooLang = Username is too long (maximum is 39 characters).
-NameFormatErr = The username may only contain alphanumeric characters, underlines or hyphens, cannot have consecutive hyphens or underlines, and cannot begin or end with a hyphen or underline.
-PasswordLessThanSixCharacters = Password must have at least 6 characters
-InvalidInformation = Invalid information
-NoWebAuthnCredential = Found no credentials for this user
-

i18n/languages/locale_en.ini

@@ -1,138 +0,0 @@
-[ApplicationErr]
-AppNotFound = Application %s not found
-AppNotFoundForUserID = No application is found for userId: %s
-GrantTypeNotSupport = Grant_type: %s is not supported in this application
-HasNoProviders = This application has no providers
-HasNoProvidersOfType = This application has no providers of type
-InvalidID = Invalid application id
-
-[AuthErr]
-AuthStateWrong = State expected: %s, but got: %s
-ChallengeMethodErr = Challenge method should be S256
-CanNotUnlinkUsers = You are not the global admin, you can't unlink other users
-CanNotLinkMySelf = You can't unlink yourself, you are not a member of any application
-CallWebAuthnSigninBegin = Please call WebAuthnSigninBegin first
-NotHuman = Turing test failed.
-WrongPasswordManyTimes = You have entered the wrong password too many times, please wait for %d minutes %d seconds and try again
-Unauthorized = Unauthorized operation
-
-[CasErr]
-ServiceDoNotMatch = Service %s and %s do not match
-
-[EmailErr]
-ExistedErr = Email already exists
-EmptyErr = Email cannot be empty
-EmailInvalid = Email is invalid
-EmailCheckResult = Email: %s
-EmptyParam = Empty parameters for emailForm: %v
-InvalidReceivers = Invalid Email receivers: %s
-UnableGetModifyRule = Unable to get the email modify rule.
-
-[EnforcerErr]
-SignInFirst = Please sign in first
-
-[InitErr]
-InitScoreFailed = Get init score failed, error: %%w
-
-[LdapErr]
-MultipleAccounts = Multiple accounts with same uid, please check your ldap server
-PasswordWrong = Ldap user name or password incorrect
-ServerExisted = Ldap server exist
-
-[LoginErr]
-AppDoNotExist = The application: %s does not exist
-AppNotEnableSignUp = The account for provider: %s and username: %s (%s) does not exist and is not allowed to sign up as new account, please contact your IT support
-AccountDoNotExist = The account does not exist
-InvalidUserInformation = Failed to create user, user information is invalid: %s
-LoginFirst = Please login first
-LoginFail = Failed to login in: %s
-NoPermission = You don't have the permission to do this
-OldUser = The account for provider: %s and username: %s (%s) is already linked to another account: %s (%s)
-ProviderCanNotSignUp = The account for provider: %s and username: %s (%s) does not exist and is not allowed to sign up as new account via %%s, please use another way to sign up
-SessionOutdated = Session outdated, please login again
-SignOutFirst = Please sign out first before signing in
-UserDoNotExist = The user: %s/%s doesn't exist
-UserIsForbidden = The user is forbidden to sign in, please contact the administrator
-UnknownAuthentication = Unknown authentication type (not password or provider), form = %s
-UnsupportedPasswordType = unsupported password type: %s
-
-[OrgErr]
-DoNotExist = Organization does not exist
-Immutable = The %s is immutable.
-OnlyAdmin = Only admin can modify the %s.
-UnknownModifyRule = Unknown modify rule %s.
-
-[ParameterErr]
-OrgMissingErr = Parameter organization is missing
-Missing = Missing parameter
-UnknownType = Unknown type
-Wrong = Wrong parameter
-
-[PhoneErr]
-CodeNotSent = Code has not been sent yet!
-CodeTimeOut = You should verify your code in %d min!
-ExistedErr = Phone already exists
-EmptyErr = Phone cannot be empty
-InvalidReceivers = Invalid phone receivers: %s
-NumberInvalid = Phone number is invalid
-NoPrefix = %s No phone prefix
-PhoneCheckResult = Phone: %s
-UnableGetModifyRule = Unable to get the phone modify rule.
-
-[ProviderErr]
-CanNotBeUnlinked = This provider can't be unlinked
-CategoryNotSAML = provider %s's category is not SAML
-DoNotExist = the provider: %s does not exist
-InvalidProvider = Invalid captcha provider.
-LinkFirstErr = Please link first
-ProviderNotEnabled = The provider: %s is not enabled for the application
-ProviderNotSupported = The provider type: %s is not supported
-ProviderNotFound = The provider: %s is not found
-ProviderNotFoundForCategory = No provider for category: %s is found for application: %s
-
-[ResourceErr]
-NotAuthorized = You are not authorized to access this resource
-UserIsNil = User is nil for tag: /"avatar/"
-UsernameOrFilePathEmpty = Username or fullFilePath is empty: username = %s, fullFilePath = %s
-
-[SetPasswordErr]
-CanNotContainBlank = New password cannot contain blank space.
-LessThanSixCharacters = New password must have at least 6 characters
-
-[SignUpErr]
-DoNotAllowSignUp = The application does not allow to sign up new account
-SignOutFirst = Please sign out first before signing up
-
-[StorageErr]
-ObjectKeyNotAllowed = The objectKey: %s is not allowed
-
-[TokenErr]
-EmptyClientID = Empty clientId or clientSecret
-InvalidToken = Invalid token
-InvalidAppOrWrongClientSecret = Invalid application or wrong clientSecret
-InvalidClientId = Invalid client_id
-RedirectURIDoNotExist = Redirect URI: %s doesn't exist in the allowed Redirect URI list
-
-[UserErr]
-AffiliationBlankErr = Affiliation cannot be blank
-DisplayNameBlankErr = DisplayName cannot be blank
-DisplayNameInvalid = DisplayName is not valid real name
-DisplayNameCanNotBeEmpty = Display name cannot be empty
-DoNotExist = The user: %s doesn't exist
-DoNotExistInOrg = The user: %s/%s doesn't exist
-DoNotExistSignUp = the user does not exist, please sign up first
-FirstNameBlankErr = FirstName cannot be blank
-FailToImportUsers = Failed to import users
-LastNameBlankErr = LastName cannot be blank
-NameLessThanTwoCharacters = Username must have at least 2 characters
-NameStartWithADigitErr = Username cannot start with a digit
-NameIsEmailErr = Username cannot be an email address
-NameCantainWhitSpaceErr = Username cannot contain white spaces
-NameExistedErr = Username already exists
-NameEmptyErr = Empty username.
-NameTooLang = Username is too long (maximum is 39 characters).
-NameFormatErr = The username may only contain alphanumeric characters, underlines or hyphens, cannot have consecutive hyphens or underlines, and cannot begin or end with a hyphen or underline.
-PasswordLessThanSixCharacters = Password must have at least 6 characters
-InvalidInformation = Invalid information
-NoWebAuthnCredential = Found no credentials for this user
-

i18n/languages/locale_es.ini

@@ -1,138 +0,0 @@
-[ApplicationErr]
-AppNotFound = Application %s not found
-AppNotFoundForUserID = No application is found for userId: %s
-GrantTypeNotSupport = Grant_type: %s is not supported in this application
-HasNoProviders = This application has no providers
-HasNoProvidersOfType = This application has no providers of type
-InvalidID = Invalid application id
-
-[AuthErr]
-AuthStateWrong = State expected: %s, but got: %s
-ChallengeMethodErr = Challenge method should be S256
-CanNotUnlinkUsers = You are not the global admin, you can't unlink other users
-CanNotLinkMySelf = You can't unlink yourself, you are not a member of any application
-CallWebAuthnSigninBegin = Please call WebAuthnSigninBegin first
-NotHuman = Turing test failed.
-Unauthorized = Unauthorized operation
-WrongPasswordManyTimes = WrongPasswordManyTimes
-
-[CasErr]
-ServiceDoNotMatch = Service %s and %s do not match
-
-[EmailErr]
-ExistedErr = Email already exists
-EmptyErr = Email cannot be empty
-EmailInvalid = Email is invalid
-EmailCheckResult = Email: %s
-EmptyParam = Empty parameters for emailForm: %v
-InvalidReceivers = Invalid Email receivers: %s
-UnableGetModifyRule = Unable to get the email modify rule.
-
-[EnforcerErr]
-SignInFirst = Please sign in first
-
-[InitErr]
-InitScoreFailed = Get init score failed, error: %%w
-
-[LdapErr]
-MultipleAccounts = Multiple accounts with same uid, please check your ldap server
-PasswordWrong = Ldap user name or password incorrect
-ServerExisted = Ldap server exist
-
-[LoginErr]
-AppDoNotExist = The application: %s does not exist
-AppNotEnableSignUp = The account for provider: %s and username: %s (%s) does not exist and is not allowed to sign up as new account, please contact your IT support
-AccountDoNotExist = The account does not exist
-InvalidUserInformation = Failed to create user, user information is invalid: %s
-LoginFirst = Please login first
-LoginFail = Failed to login in: %s
-NoPermission = You don't have the permission to do this
-OldUser = The account for provider: %s and username: %s (%s) is already linked to another account: %s (%s)
-ProviderCanNotSignUp = The account for provider: %s and username: %s (%s) does not exist and is not allowed to sign up as new account via %%s, please use another way to sign up
-SessionOutdated = Session outdated, please login again
-SignOutFirst = Please sign out first before signing in
-UserDoNotExist = The user: %s/%s doesn't exist
-UserIsForbidden = The user is forbidden to sign in, please contact the administrator
-UnknownAuthentication = Unknown authentication type (not password or provider), form = %s
-UnsupportedPasswordType = unsupported password type: %s
-
-[OrgErr]
-DoNotExist = Organization does not exist
-Immutable = The %s is immutable.
-OnlyAdmin = Only admin can modify the %s.
-UnknownModifyRule = Unknown modify rule %s.
-
-[ParameterErr]
-OrgMissingErr = Parameter organization is missing
-Missing = Missing parameter
-UnknownType = Unknown type
-Wrong = Wrong parameter
-
-[PhoneErr]
-CodeNotSent = Code has not been sent yet!
-CodeTimeOut = You should verify your code in %d min!
-ExistedErr = Phone already exists
-EmptyErr = Phone cannot be empty
-InvalidReceivers = Invalid phone receivers: %s
-NumberInvalid = Phone number is invalid
-NoPrefix = %s No phone prefix
-PhoneCheckResult = Phone: %s
-UnableGetModifyRule = Unable to get the phone modify rule.
-
-[ProviderErr]
-CanNotBeUnlinked = This provider can't be unlinked
-CategoryNotSAML = provider %s's category is not SAML
-DoNotExist = the provider: %s does not exist
-InvalidProvider = Invalid captcha provider.
-LinkFirstErr = Please link first
-ProviderNotEnabled = The provider: %s is not enabled for the application
-ProviderNotSupported = The provider type: %s is not supported
-ProviderNotFound = The provider: %s is not found
-ProviderNotFoundForCategory = No provider for category: %s is found for application: %s
-
-[ResourceErr]
-NotAuthorized = You are not authorized to access this resource
-UserIsNil = User is nil for tag: /"avatar/"
-UsernameOrFilePathEmpty = Username or fullFilePath is empty: username = %s, fullFilePath = %s
-
-[SetPasswordErr]
-CanNotContainBlank = New password cannot contain blank space.
-LessThanSixCharacters = New password must have at least 6 characters
-
-[SignUpErr]
-DoNotAllowSignUp = The application does not allow to sign up new account
-SignOutFirst = Please sign out first before signing up
-
-[StorageErr]
-ObjectKeyNotAllowed = The objectKey: %s is not allowed
-
-[TokenErr]
-EmptyClientID = Empty clientId or clientSecret
-InvalidToken = Invalid token
-InvalidAppOrWrongClientSecret = Invalid application or wrong clientSecret
-InvalidClientId = Invalid client_id
-RedirectURIDoNotExist = Redirect URI: %s doesn't exist in the allowed Redirect URI list
-
-[UserErr]
-AffiliationBlankErr = Affiliation cannot be blank
-DisplayNameBlankErr = DisplayName cannot be blank
-DisplayNameInvalid = DisplayName is not valid real name
-DisplayNameCanNotBeEmpty = Display name cannot be empty
-DoNotExist = The user: %s doesn't exist
-DoNotExistInOrg = The user: %s/%s doesn't exist
-DoNotExistSignUp = the user does not exist, please sign up first
-FirstNameBlankErr = FirstName cannot be blank
-FailToImportUsers = Failed to import users
-LastNameBlankErr = LastName cannot be blank
-NameLessThanTwoCharacters = Username must have at least 2 characters
-NameStartWithADigitErr = Username cannot start with a digit
-NameIsEmailErr = Username cannot be an email address
-NameCantainWhitSpaceErr = Username cannot contain white spaces
-NameExistedErr = Username already exists
-NameEmptyErr = Empty username.
-NameTooLang = Username is too long (maximum is 39 characters).
-NameFormatErr = The username may only contain alphanumeric characters, underlines or hyphens, cannot have consecutive hyphens or underlines, and cannot begin or end with a hyphen or underline.
-PasswordLessThanSixCharacters = Password must have at least 6 characters
-InvalidInformation = Invalid information
-NoWebAuthnCredential = Found no credentials for this user
-

i18n/languages/locale_fr.ini

@@ -1,138 +0,0 @@
-[ApplicationErr]
-AppNotFound = Application %s not found
-AppNotFoundForUserID = No application is found for userId: %s
-GrantTypeNotSupport = Grant_type: %s is not supported in this application
-HasNoProviders = This application has no providers
-HasNoProvidersOfType = This application has no providers of type
-InvalidID = Invalid application id
-
-[AuthErr]
-AuthStateWrong = State expected: %s, but got: %s
-ChallengeMethodErr = Challenge method should be S256
-CanNotUnlinkUsers = You are not the global admin, you can't unlink other users
-CanNotLinkMySelf = You can't unlink yourself, you are not a member of any application
-CallWebAuthnSigninBegin = Please call WebAuthnSigninBegin first
-NotHuman = Turing test failed.
-Unauthorized = Unauthorized operation
-WrongPasswordManyTimes = WrongPasswordManyTimes
-
-[CasErr]
-ServiceDoNotMatch = Service %s and %s do not match
-
-[EmailErr]
-ExistedErr = Email already exists
-EmptyErr = Email cannot be empty
-EmailInvalid = Email is invalid
-EmailCheckResult = Email: %s
-EmptyParam = Empty parameters for emailForm: %v
-InvalidReceivers = Invalid Email receivers: %s
-UnableGetModifyRule = Unable to get the email modify rule.
-
-[EnforcerErr]
-SignInFirst = Please sign in first
-
-[InitErr]
-InitScoreFailed = Get init score failed, error: %%w
-
-[LdapErr]
-MultipleAccounts = Multiple accounts with same uid, please check your ldap server
-PasswordWrong = Ldap user name or password incorrect
-ServerExisted = Ldap server exist
-
-[LoginErr]
-AppDoNotExist = The application: %s does not exist
-AppNotEnableSignUp = The account for provider: %s and username: %s (%s) does not exist and is not allowed to sign up as new account, please contact your IT support
-AccountDoNotExist = The account does not exist
-InvalidUserInformation = Failed to create user, user information is invalid: %s
-LoginFirst = Please login first
-LoginFail = Failed to login in: %s
-NoPermission = You don't have the permission to do this
-OldUser = The account for provider: %s and username: %s (%s) is already linked to another account: %s (%s)
-ProviderCanNotSignUp = The account for provider: %s and username: %s (%s) does not exist and is not allowed to sign up as new account via %%s, please use another way to sign up
-SessionOutdated = Session outdated, please login again
-SignOutFirst = Please sign out first before signing in
-UserDoNotExist = The user: %s/%s doesn't exist
-UserIsForbidden = The user is forbidden to sign in, please contact the administrator
-UnknownAuthentication = Unknown authentication type (not password or provider), form = %s
-UnsupportedPasswordType = unsupported password type: %s
-
-[OrgErr]
-DoNotExist = Organization does not exist
-Immutable = The %s is immutable.
-OnlyAdmin = Only admin can modify the %s.
-UnknownModifyRule = Unknown modify rule %s.
-
-[ParameterErr]
-OrgMissingErr = Parameter organization is missing
-Missing = Missing parameter
-UnknownType = Unknown type
-Wrong = Wrong parameter
-
-[PhoneErr]
-CodeNotSent = Code has not been sent yet!
-CodeTimeOut = You should verify your code in %d min!
-ExistedErr = Phone already exists
-EmptyErr = Phone cannot be empty
-InvalidReceivers = Invalid phone receivers: %s
-NumberInvalid = Phone number is invalid
-NoPrefix = %s No phone prefix
-PhoneCheckResult = Phone: %s
-UnableGetModifyRule = Unable to get the phone modify rule.
-
-[ProviderErr]
-CanNotBeUnlinked = This provider can't be unlinked
-CategoryNotSAML = provider %s's category is not SAML
-DoNotExist = the provider: %s does not exist
-InvalidProvider = Invalid captcha provider.
-LinkFirstErr = Please link first
-ProviderNotEnabled = The provider: %s is not enabled for the application
-ProviderNotSupported = The provider type: %s is not supported
-ProviderNotFound = The provider: %s is not found
-ProviderNotFoundForCategory = No provider for category: %s is found for application: %s
-
-[ResourceErr]
-NotAuthorized = You are not authorized to access this resource
-UserIsNil = User is nil for tag: /"avatar/"
-UsernameOrFilePathEmpty = Username or fullFilePath is empty: username = %s, fullFilePath = %s
-
-[SetPasswordErr]
-CanNotContainBlank = New password cannot contain blank space.
-LessThanSixCharacters = New password must have at least 6 characters
-
-[SignUpErr]
-DoNotAllowSignUp = The application does not allow to sign up new account
-SignOutFirst = Please sign out first before signing up
-
-[StorageErr]
-ObjectKeyNotAllowed = The objectKey: %s is not allowed
-
-[TokenErr]
-EmptyClientID = Empty clientId or clientSecret
-InvalidToken = Invalid token
-InvalidAppOrWrongClientSecret = Invalid application or wrong clientSecret
-InvalidClientId = Invalid client_id
-RedirectURIDoNotExist = Redirect URI: %s doesn't exist in the allowed Redirect URI list
-
-[UserErr]
-AffiliationBlankErr = Affiliation cannot be blank
-DisplayNameBlankErr = DisplayName cannot be blank
-DisplayNameInvalid = DisplayName is not valid real name
-DisplayNameCanNotBeEmpty = Display name cannot be empty
-DoNotExist = The user: %s doesn't exist
-DoNotExistInOrg = The user: %s/%s doesn't exist
-DoNotExistSignUp = the user does not exist, please sign up first
-FirstNameBlankErr = FirstName cannot be blank
-FailToImportUsers = Failed to import users
-LastNameBlankErr = LastName cannot be blank
-NameLessThanTwoCharacters = Username must have at least 2 characters
-NameStartWithADigitErr = Username cannot start with a digit
-NameIsEmailErr = Username cannot be an email address
-NameCantainWhitSpaceErr = Username cannot contain white spaces
-NameExistedErr = Username already exists
-NameEmptyErr = Empty username.
-NameTooLang = Username is too long (maximum is 39 characters).
-NameFormatErr = The username may only contain alphanumeric characters, underlines or hyphens, cannot have consecutive hyphens or underlines, and cannot begin or end with a hyphen or underline.
-PasswordLessThanSixCharacters = Password must have at least 6 characters
-InvalidInformation = Invalid information
-NoWebAuthnCredential = Found no credentials for this user
-

i18n/languages/locale_ja.ini

@@ -1,138 +0,0 @@
-[ApplicationErr]
-AppNotFound = Application %s not found
-AppNotFoundForUserID = No application is found for userId: %s
-GrantTypeNotSupport = Grant_type: %s is not supported in this application
-HasNoProviders = This application has no providers
-HasNoProvidersOfType = This application has no providers of type
-InvalidID = Invalid application id
-
-[AuthErr]
-AuthStateWrong = State expected: %s, but got: %s
-ChallengeMethodErr = Challenge method should be S256
-CanNotUnlinkUsers = You are not the global admin, you can't unlink other users
-CanNotLinkMySelf = You can't unlink yourself, you are not a member of any application
-CallWebAuthnSigninBegin = Please call WebAuthnSigninBegin first
-NotHuman = Turing test failed.
-Unauthorized = Unauthorized operation
-WrongPasswordManyTimes = WrongPasswordManyTimes
-
-[CasErr]
-ServiceDoNotMatch = Service %s and %s do not match
-
-[EmailErr]
-ExistedErr = Email already exists
-EmptyErr = Email cannot be empty
-EmailInvalid = Email is invalid
-EmailCheckResult = Email: %s
-EmptyParam = Empty parameters for emailForm: %v
-InvalidReceivers = Invalid Email receivers: %s
-UnableGetModifyRule = Unable to get the email modify rule.
-
-[EnforcerErr]
-SignInFirst = Please sign in first
-
-[InitErr]
-InitScoreFailed = Get init score failed, error: %%w
-
-[LdapErr]
-MultipleAccounts = Multiple accounts with same uid, please check your ldap server
-PasswordWrong = Ldap user name or password incorrect
-ServerExisted = Ldap server exist
-
-[LoginErr]
-AppDoNotExist = The application: %s does not exist
-AppNotEnableSignUp = The account for provider: %s and username: %s (%s) does not exist and is not allowed to sign up as new account, please contact your IT support
-AccountDoNotExist = The account does not exist
-InvalidUserInformation = Failed to create user, user information is invalid: %s
-LoginFirst = Please login first
-LoginFail = Failed to login in: %s
-NoPermission = You don't have the permission to do this
-OldUser = The account for provider: %s and username: %s (%s) is already linked to another account: %s (%s)
-ProviderCanNotSignUp = The account for provider: %s and username: %s (%s) does not exist and is not allowed to sign up as new account via %%s, please use another way to sign up
-SessionOutdated = Session outdated, please login again
-SignOutFirst = Please sign out first before signing in
-UserDoNotExist = The user: %s/%s doesn't exist
-UserIsForbidden = The user is forbidden to sign in, please contact the administrator
-UnknownAuthentication = Unknown authentication type (not password or provider), form = %s
-UnsupportedPasswordType = unsupported password type: %s
-
-[OrgErr]
-DoNotExist = Organization does not exist
-Immutable = The %s is immutable.
-OnlyAdmin = Only admin can modify the %s.
-UnknownModifyRule = Unknown modify rule %s.
-
-[ParameterErr]
-OrgMissingErr = Parameter organization is missing
-Missing = Missing parameter
-UnknownType = Unknown type
-Wrong = Wrong parameter
-
-[PhoneErr]
-CodeNotSent = Code has not been sent yet!
-CodeTimeOut = You should verify your code in %d min!
-ExistedErr = Phone already exists
-EmptyErr = Phone cannot be empty
-InvalidReceivers = Invalid phone receivers: %s
-NumberInvalid = Phone number is invalid
-NoPrefix = %s No phone prefix
-PhoneCheckResult = Phone: %s
-UnableGetModifyRule = Unable to get the phone modify rule.
-
-[ProviderErr]
-CanNotBeUnlinked = This provider can't be unlinked
-CategoryNotSAML = provider %s's category is not SAML
-DoNotExist = the provider: %s does not exist
-InvalidProvider = Invalid captcha provider.
-LinkFirstErr = Please link first
-ProviderNotEnabled = The provider: %s is not enabled for the application
-ProviderNotSupported = The provider type: %s is not supported
-ProviderNotFound = The provider: %s is not found
-ProviderNotFoundForCategory = No provider for category: %s is found for application: %s
-
-[ResourceErr]
-NotAuthorized = You are not authorized to access this resource
-UserIsNil = User is nil for tag: /"avatar/"
-UsernameOrFilePathEmpty = Username or fullFilePath is empty: username = %s, fullFilePath = %s
-
-[SetPasswordErr]
-CanNotContainBlank = New password cannot contain blank space.
-LessThanSixCharacters = New password must have at least 6 characters
-
-[SignUpErr]
-DoNotAllowSignUp = The application does not allow to sign up new account
-SignOutFirst = Please sign out first before signing up
-
-[StorageErr]
-ObjectKeyNotAllowed = The objectKey: %s is not allowed
-
-[TokenErr]
-EmptyClientID = Empty clientId or clientSecret
-InvalidToken = Invalid token
-InvalidAppOrWrongClientSecret = Invalid application or wrong clientSecret
-InvalidClientId = Invalid client_id
-RedirectURIDoNotExist = Redirect URI: %s doesn't exist in the allowed Redirect URI list
-
-[UserErr]
-AffiliationBlankErr = Affiliation cannot be blank
-DisplayNameBlankErr = DisplayName cannot be blank
-DisplayNameInvalid = DisplayName is not valid real name
-DisplayNameCanNotBeEmpty = Display name cannot be empty
-DoNotExist = The user: %s doesn't exist
-DoNotExistInOrg = The user: %s/%s doesn't exist
-DoNotExistSignUp = the user does not exist, please sign up first
-FirstNameBlankErr = FirstName cannot be blank
-FailToImportUsers = Failed to import users
-LastNameBlankErr = LastName cannot be blank
-NameLessThanTwoCharacters = Username must have at least 2 characters
-NameStartWithADigitErr = Username cannot start with a digit
-NameIsEmailErr = Username cannot be an email address
-NameCantainWhitSpaceErr = Username cannot contain white spaces
-NameExistedErr = Username already exists
-NameEmptyErr = Empty username.
-NameTooLang = Username is too long (maximum is 39 characters).
-NameFormatErr = The username may only contain alphanumeric characters, underlines or hyphens, cannot have consecutive hyphens or underlines, and cannot begin or end with a hyphen or underline.
-PasswordLessThanSixCharacters = Password must have at least 6 characters
-InvalidInformation = Invalid information
-NoWebAuthnCredential = Found no credentials for this user
-

i18n/languages/locale_ko.ini

@@ -1,138 +0,0 @@
-[ApplicationErr]
-AppNotFound = Application %s not found
-AppNotFoundForUserID = No application is found for userId: %s
-GrantTypeNotSupport = Grant_type: %s is not supported in this application
-HasNoProviders = This application has no providers
-HasNoProvidersOfType = This application has no providers of type
-InvalidID = Invalid application id
-
-[AuthErr]
-AuthStateWrong = State expected: %s, but got: %s
-ChallengeMethodErr = Challenge method should be S256
-CanNotUnlinkUsers = You are not the global admin, you can't unlink other users
-CanNotLinkMySelf = You can't unlink yourself, you are not a member of any application
-CallWebAuthnSigninBegin = Please call WebAuthnSigninBegin first
-NotHuman = Turing test failed.
-Unauthorized = Unauthorized operation
-WrongPasswordManyTimes = WrongPasswordManyTimes
-
-[CasErr]
-ServiceDoNotMatch = Service %s and %s do not match
-
-[EmailErr]
-ExistedErr = Email already exists
-EmptyErr = Email cannot be empty
-EmailInvalid = Email is invalid
-EmailCheckResult = Email: %s
-EmptyParam = Empty parameters for emailForm: %v
-InvalidReceivers = Invalid Email receivers: %s
-UnableGetModifyRule = Unable to get the email modify rule.
-
-[EnforcerErr]
-SignInFirst = Please sign in first
-
-[InitErr]
-InitScoreFailed = Get init score failed, error: %%w
-
-[LdapErr]
-MultipleAccounts = Multiple accounts with same uid, please check your ldap server
-PasswordWrong = Ldap user name or password incorrect
-ServerExisted = Ldap server exist
-
-[LoginErr]
-AppDoNotExist = The application: %s does not exist
-AppNotEnableSignUp = The account for provider: %s and username: %s (%s) does not exist and is not allowed to sign up as new account, please contact your IT support
-AccountDoNotExist = The account does not exist
-InvalidUserInformation = Failed to create user, user information is invalid: %s
-LoginFirst = Please login first
-LoginFail = Failed to login in: %s
-NoPermission = You don't have the permission to do this
-OldUser = The account for provider: %s and username: %s (%s) is already linked to another account: %s (%s)
-ProviderCanNotSignUp = The account for provider: %s and username: %s (%s) does not exist and is not allowed to sign up as new account via %%s, please use another way to sign up
-SessionOutdated = Session outdated, please login again
-SignOutFirst = Please sign out first before signing in
-UserDoNotExist = The user: %s/%s doesn't exist
-UserIsForbidden = The user is forbidden to sign in, please contact the administrator
-UnknownAuthentication = Unknown authentication type (not password or provider), form = %s
-UnsupportedPasswordType = unsupported password type: %s
-
-[OrgErr]
-DoNotExist = Organization does not exist
-Immutable = The %s is immutable.
-OnlyAdmin = Only admin can modify the %s.
-UnknownModifyRule = Unknown modify rule %s.
-
-[ParameterErr]
-OrgMissingErr = Parameter organization is missing
-Missing = Missing parameter
-UnknownType = Unknown type
-Wrong = Wrong parameter
-
-[PhoneErr]
-CodeNotSent = Code has not been sent yet!
-CodeTimeOut = You should verify your code in %d min!
-ExistedErr = Phone already exists
-EmptyErr = Phone cannot be empty
-InvalidReceivers = Invalid phone receivers: %s
-NumberInvalid = Phone number is invalid
-NoPrefix = %s No phone prefix
-PhoneCheckResult = Phone: %s
-UnableGetModifyRule = Unable to get the phone modify rule.
-
-[ProviderErr]
-CanNotBeUnlinked = This provider can't be unlinked
-CategoryNotSAML = provider %s's category is not SAML
-DoNotExist = the provider: %s does not exist
-InvalidProvider = Invalid captcha provider.
-LinkFirstErr = Please link first
-ProviderNotEnabled = The provider: %s is not enabled for the application
-ProviderNotSupported = The provider type: %s is not supported
-ProviderNotFound = The provider: %s is not found
-ProviderNotFoundForCategory = No provider for category: %s is found for application: %s
-
-[ResourceErr]
-NotAuthorized = You are not authorized to access this resource
-UserIsNil = User is nil for tag: /"avatar/"
-UsernameOrFilePathEmpty = Username or fullFilePath is empty: username = %s, fullFilePath = %s
-
-[SetPasswordErr]
-CanNotContainBlank = New password cannot contain blank space.
-LessThanSixCharacters = New password must have at least 6 characters
-
-[SignUpErr]
-DoNotAllowSignUp = The application does not allow to sign up new account
-SignOutFirst = Please sign out first before signing up
-
-[StorageErr]
-ObjectKeyNotAllowed = The objectKey: %s is not allowed
-
-[TokenErr]
-EmptyClientID = Empty clientId or clientSecret
-InvalidToken = Invalid token
-InvalidAppOrWrongClientSecret = Invalid application or wrong clientSecret
-InvalidClientId = Invalid client_id
-RedirectURIDoNotExist = Redirect URI: %s doesn't exist in the allowed Redirect URI list
-
-[UserErr]
-AffiliationBlankErr = Affiliation cannot be blank
-DisplayNameBlankErr = DisplayName cannot be blank
-DisplayNameInvalid = DisplayName is not valid real name
-DisplayNameCanNotBeEmpty = Display name cannot be empty
-DoNotExist = The user: %s doesn't exist
-DoNotExistInOrg = The user: %s/%s doesn't exist
-DoNotExistSignUp = the user does not exist, please sign up first
-FirstNameBlankErr = FirstName cannot be blank
-FailToImportUsers = Failed to import users
-LastNameBlankErr = LastName cannot be blank
-NameLessThanTwoCharacters = Username must have at least 2 characters
-NameStartWithADigitErr = Username cannot start with a digit
-NameIsEmailErr = Username cannot be an email address
-NameCantainWhitSpaceErr = Username cannot contain white spaces
-NameExistedErr = Username already exists
-NameEmptyErr = Empty username.
-NameTooLang = Username is too long (maximum is 39 characters).
-NameFormatErr = The username may only contain alphanumeric characters, underlines or hyphens, cannot have consecutive hyphens or underlines, and cannot begin or end with a hyphen or underline.
-PasswordLessThanSixCharacters = Password must have at least 6 characters
-InvalidInformation = Invalid information
-NoWebAuthnCredential = Found no credentials for this user
-

i18n/languages/locale_ru.ini

@@ -1,138 +0,0 @@
-[ApplicationErr]
-AppNotFound = Application %s not found
-AppNotFoundForUserID = No application is found for userId: %s
-GrantTypeNotSupport = Grant_type: %s is not supported in this application
-HasNoProviders = This application has no providers
-HasNoProvidersOfType = This application has no providers of type
-InvalidID = Invalid application id
-
-[AuthErr]
-AuthStateWrong = State expected: %s, but got: %s
-ChallengeMethodErr = Challenge method should be S256
-CanNotUnlinkUsers = You are not the global admin, you can't unlink other users
-CanNotLinkMySelf = You can't unlink yourself, you are not a member of any application
-CallWebAuthnSigninBegin = Please call WebAuthnSigninBegin first
-NotHuman = Turing test failed.
-Unauthorized = Unauthorized operation
-WrongPasswordManyTimes = WrongPasswordManyTimes
-
-[CasErr]
-ServiceDoNotMatch = Service %s and %s do not match
-
-[EmailErr]
-ExistedErr = Email already exists
-EmptyErr = Email cannot be empty
-EmailInvalid = Email is invalid
-EmailCheckResult = Email: %s
-EmptyParam = Empty parameters for emailForm: %v
-InvalidReceivers = Invalid Email receivers: %s
-UnableGetModifyRule = Unable to get the email modify rule.
-
-[EnforcerErr]
-SignInFirst = Please sign in first
-
-[InitErr]
-InitScoreFailed = Get init score failed, error: %%w
-
-[LdapErr]
-MultipleAccounts = Multiple accounts with same uid, please check your ldap server
-PasswordWrong = Ldap user name or password incorrect
-ServerExisted = Ldap server exist
-
-[LoginErr]
-AppDoNotExist = The application: %s does not exist
-AppNotEnableSignUp = The account for provider: %s and username: %s (%s) does not exist and is not allowed to sign up as new account, please contact your IT support
-AccountDoNotExist = The account does not exist
-InvalidUserInformation = Failed to create user, user information is invalid: %s
-LoginFirst = Please login first
-LoginFail = Failed to login in: %s
-NoPermission = You don't have the permission to do this
-OldUser = The account for provider: %s and username: %s (%s) is already linked to another account: %s (%s)
-ProviderCanNotSignUp = The account for provider: %s and username: %s (%s) does not exist and is not allowed to sign up as new account via %%s, please use another way to sign up
-SessionOutdated = Session outdated, please login again
-SignOutFirst = Please sign out first before signing in
-UserDoNotExist = The user: %s/%s doesn't exist
-UserIsForbidden = The user is forbidden to sign in, please contact the administrator
-UnknownAuthentication = Unknown authentication type (not password or provider), form = %s
-UnsupportedPasswordType = unsupported password type: %s
-
-[OrgErr]
-DoNotExist = Organization does not exist
-Immutable = The %s is immutable.
-OnlyAdmin = Only admin can modify the %s.
-UnknownModifyRule = Unknown modify rule %s.
-
-[ParameterErr]
-OrgMissingErr = Parameter organization is missing
-Missing = Missing parameter
-UnknownType = Unknown type
-Wrong = Wrong parameter
-
-[PhoneErr]
-CodeNotSent = Code has not been sent yet!
-CodeTimeOut = You should verify your code in %d min!
-ExistedErr = Phone already exists
-EmptyErr = Phone cannot be empty
-InvalidReceivers = Invalid phone receivers: %s
-NumberInvalid = Phone number is invalid
-NoPrefix = %s No phone prefix
-PhoneCheckResult = Phone: %s
-UnableGetModifyRule = Unable to get the phone modify rule.
-
-[ProviderErr]
-CanNotBeUnlinked = This provider can't be unlinked
-CategoryNotSAML = provider %s's category is not SAML
-DoNotExist = the provider: %s does not exist
-InvalidProvider = Invalid captcha provider.
-LinkFirstErr = Please link first
-ProviderNotEnabled = The provider: %s is not enabled for the application
-ProviderNotSupported = The provider type: %s is not supported
-ProviderNotFound = The provider: %s is not found
-ProviderNotFoundForCategory = No provider for category: %s is found for application: %s
-
-[ResourceErr]
-NotAuthorized = You are not authorized to access this resource
-UserIsNil = User is nil for tag: /"avatar/"
-UsernameOrFilePathEmpty = Username or fullFilePath is empty: username = %s, fullFilePath = %s
-
-[SetPasswordErr]
-CanNotContainBlank = New password cannot contain blank space.
-LessThanSixCharacters = New password must have at least 6 characters
-
-[SignUpErr]
-DoNotAllowSignUp = The application does not allow to sign up new account
-SignOutFirst = Please sign out first before signing up
-
-[StorageErr]
-ObjectKeyNotAllowed = The objectKey: %s is not allowed
-
-[TokenErr]
-EmptyClientID = Empty clientId or clientSecret
-InvalidToken = Invalid token
-InvalidAppOrWrongClientSecret = Invalid application or wrong clientSecret
-InvalidClientId = Invalid client_id
-RedirectURIDoNotExist = Redirect URI: %s doesn't exist in the allowed Redirect URI list
-
-[UserErr]
-AffiliationBlankErr = Affiliation cannot be blank
-DisplayNameBlankErr = DisplayName cannot be blank
-DisplayNameInvalid = DisplayName is not valid real name
-DisplayNameCanNotBeEmpty = Display name cannot be empty
-DoNotExist = The user: %s doesn't exist
-DoNotExistInOrg = The user: %s/%s doesn't exist
-DoNotExistSignUp = the user does not exist, please sign up first
-FirstNameBlankErr = FirstName cannot be blank
-FailToImportUsers = Failed to import users
-LastNameBlankErr = LastName cannot be blank
-NameLessThanTwoCharacters = Username must have at least 2 characters
-NameStartWithADigitErr = Username cannot start with a digit
-NameIsEmailErr = Username cannot be an email address
-NameCantainWhitSpaceErr = Username cannot contain white spaces
-NameExistedErr = Username already exists
-NameEmptyErr = Empty username.
-NameTooLang = Username is too long (maximum is 39 characters).
-NameFormatErr = The username may only contain alphanumeric characters, underlines or hyphens, cannot have consecutive hyphens or underlines, and cannot begin or end with a hyphen or underline.
-PasswordLessThanSixCharacters = Password must have at least 6 characters
-InvalidInformation = Invalid information
-NoWebAuthnCredential = Found no credentials for this user
-

i18n/languages/locale_zh.ini

@@ -1,138 +0,0 @@
-[ApplicationErr]
-AppNotFound = 应用 %s 未找到
-AppNotFoundForUserID = 找不到该用户的应用程序 %s
-GrantTypeNotSupport = 此应用中不支持此授权类型
-HasNoProviders = 该应用无提供商
-HasNoProvidersOfType = 应用没有该类型的提供商
-InvalidID = 无效的Application ID
-
-[AuthErr]
-AuthStateWrong = 期望状态位: %s, 实际状态为: %s
-ChallengeMethodErr = Challenge 方法应该为 S256
-CanNotUnlinkUsers = 您不是全局管理员，无法取消链接其他用户
-CanNotLinkMySelf = 您无法取消链接，您不是任何应用程序的成员
-CallWebAuthnSigninBegin = 请先调用WebAuthnSigninBegin
-NotHuman = 真人验证失败
-Unauthorized = 未授权的操作
-WrongPasswordManyTimes = 输入密码错误次数已达上限，请在 %d 分 %d 秒后重试
-
-[CasErr]
-ServiceDoNotMatch = 服务 %s 与 %s 不匹配
-
-[EmailErr]
-ExistedErr = 该邮箱已存在
-EmptyErr = 邮箱不可为空
-EmailInvalid = 无效邮箱
-EmailCheckResult = Email: %s
-EmptyParam = 邮件参数为空: %v
-InvalidReceivers = 无效的邮箱接收者: %s
-UnableGetModifyRule = 无法得到Email修改规则
-
-[EnforcerErr]
-SignInFirst = 请先登录
-
-[InitErr]
-InitScoreFailed = 初始化分数失败: %w
-
-[LdapErr]
-MultipleAccounts = 多个帐户具有相同的uid，请检查您的 ldap 服务器
-PasswordWrong = Ldap密码错误
-ServerExisted = Ldap服务器已存在
-
-[LoginErr]
-AppDoNotExist = 应用不存在: %s
-AppNotEnableSignUp = 提供商账户: %s 与用户名: %s (%s) 不存在且 不允许注册新账户, 请联系IT支持
-AccountDoNotExist = 账户不存在
-InvalidUserInformation = 创建用户失败，用户信息无效: %%s
-LoginFirst = 请先登录
-LoginFail = 无法登录: %s
-NoPermission = 您没有权限执行此操作
-OldUser = 提供商账户: %s 与用户名: %s (%s) 已经与其他账户绑定: %s (%s)
-ProviderCanNotSignUp = 提供商账户: %s 与用户名: %s (%s) 不存在且 不允许通过 %s 注册新账户, 请使用其他方式注册
-SignOutFirst = 请在登录前登出
-SessionOutdated = Session已过期，请重新登陆
-UserDoNotExist = 用户不存在: %s/%s
-UserIsForbidden = 该用户被禁止登陆，请联系管理员
-UnknownAuthentication = 未知的认证类型 (非密码或提供商认证), form = %s
-UnsupportedPasswordType = 不支持此密码类型
-
-[OrgErr]
-DoNotExist = 组织不存在
-Immutable = %s是不可变的
-OnlyAdmin = 只有管理员用户有此权限
-UnknownModifyRule = 未知的修改规则
-
-[ParameterErr]
-Missing = 参数丢失
-OrgMissingErr = Organization参数丢失
-UnknownType = 未知类型
-Wrong = 参数错误
-
-[PhoneErr]
-CodeNotSent = 验证码还未发送
-CodeTimeOut = 验证码过期
-ExistedErr = 该电话已存在
-EmptyErr = 电话不可为空
-InvalidReceivers = 无效的电话接收者: %s
-NumberInvalid = 无效电话
-PhoneCheckResult = 电话: %s
-UnableGetModifyRule = 无法得到电话修改规则
-NoPrefix = %s 无此电话前缀
-
-[ProviderErr]
-CanNotBeUnlinked = 该提供商不可被链接
-InvalidProvider = 无效的验证码提供商
-LinkFirstErr = 请先绑定
-ProviderNotEnabled = 提供商: %s 未被启用
-ProviderNotSupported = 不支持该类型的提供商: %s
-ProviderNotFound = 该提供商未找到: %s
-ProviderNotFoundForCategory = 该类型的提供商: %s 在应用中未找到: %s
-DoNotExist = 提供商: %s 不存在
-CategoryNotSAML = 提供商 %s类型不是SAML
-
-[ResourceErr]
-NotAuthorized = 您无权获取此资源
-UserIsNil = 用户头像标签为空
-UsernameOrFilePathEmpty = username或FilePath为空: username = %s, fullFilePath = %s
-
-[SetPasswordErr]
-CanNotContainBlank = 新密码不可以包含空客
-LessThanSixCharacters = 新密码至少为6位
-
-[SignUpErr]
-DoNotAllowSignUp = 该应用不允许注册新账户
-SignOutFirst = 请在登陆前登出
-
-[TokenErr]
-EmptyClientID = clientId或clientSecret为空
-InvalidAppOrWrongClientSecret = 无效应用或错误的clientSecret
-InvalidToken = 无效token
-InvalidClientId = 无效的ClientId
-RedirectURIDoNotExist = 重定向 URI：%s 在可列表中未找到
-
-[UserErr]
-AffiliationBlankErr = 联系方式不可为空
-DisplayNameBlankErr = 展示名称不可为空
-DisplayNameInvalid = 展示名称无效
-DisplayNameCanNotBeEmpty = 展示名称不可为空
-DoNotExist = 用户不存在: %s
-DoNotExistInOrg = 用户不存在: %s/%s
-FirstNameBlankErr = 名不可以为空
-FailToImportUsers = 导入用户失败
-LastNameBlankErr = 姓不可以为空
-NameLessThanTwoCharacters = 用户名至少要有2个字符
-NameStartWithADigitErr = 用户名禁止使用数字作为第一个字符
-NameIsEmailErr = 用户名不可以是邮箱地址
-NameCantainWhitSpaceErr = 用户名不可以包含空格
-NameExistedErr = 用户名已存在
-NameEmptyErr = 用户名不可为空
-NameTooLang = 用户名过长（最大长度为39个字符）
-NameFormatErr = 用户名只能包含字母数字字符、下划线或连字符，不能有连续的连字符或下划线，也不能以连字符或下划线开头或结尾
-PasswordLessThanSixCharacters = 密码至少为6字符
-DoNotExistSignUp = 用户不存在，请先注册
-InvalidInformation = 无效信息
-NoWebAuthnCredential = 该用户没有WebAuthn凭据
-
-[StorageErr]
-ObjectKeyNotAllowed = object key :%s 不被允许
-

i18n/util.go

@@ -15,19 +15,12 @@
 package i18n
 
 import (
-	"embed"
 	"fmt"
 	"strings"
 
 	"github.com/casdoor/casdoor/util"
-	"gopkg.in/ini.v1"
 )
 
-//go:embed languages/*.ini
-var f embed.FS
-
-var langMapConfig = make(map[string]*ini.File)
-
 func getI18nFilePath(language string) string {
 	return fmt.Sprintf("../web/src/locales/%s/data.json", language)
 }
@@ -69,18 +62,3 @@ func applyData(data1 *I18nData, data2 *I18nData) {
 		}
 	}
 }
-
-func Translate(lang string, error string) string {
-	parts := strings.Split(error, ".")
-	if !strings.Contains(error, ".") || len(parts) != 2 {
-		return "Translate Error: " + error
-	}
-
-	if langMapConfig[lang] != nil {
-		return langMapConfig[lang].Section(parts[0]).Key(parts[1]).String()
-	} else {
-		file, _ := f.ReadFile("languages/locale_" + lang + ".ini")
-		langMapConfig[lang], _ = ini.Load(file)
-		return langMapConfig[lang].Section(parts[0]).Key(parts[1]).String()
-	}
-}

idp/dingtalk.go

@@ -15,12 +15,9 @@
 package idp
 
 import (
-	"bytes"
 	"encoding/json"
 	"fmt"
 	"io"
-	"io/ioutil"
-	"log"
 	"net/http"
 	"strings"
 	"time"
@@ -170,10 +167,7 @@ func (idp *DingTalkIdProvider) GetUserInfo(token *oauth2.Token) (*UserInfo, erro
 		Email:       dtUserInfo.Email,
 		AvatarUrl:   dtUserInfo.AvatarUrl,
 	}
-	isUserInOrg, err := idp.isUserInOrg(userInfo.UnionId)
-	if !isUserInOrg {
-		return nil, err
-	}
+
 	return &userInfo, nil
 }
 
@@ -200,62 +194,3 @@ func (idp *DingTalkIdProvider) postWithBody(body interface{}, url string) ([]byt
 
 	return data, nil
 }
-
-func (idp *DingTalkIdProvider) getInnerAppAccessToken() string {
-	appKey := idp.Config.ClientID
-	appSecret := idp.Config.ClientSecret
-	body := make(map[string]string)
-	body["appKey"] = appKey
-	body["appSecret"] = appSecret
-	bodyData, err := json.Marshal(body)
-	if err != nil {
-		log.Println(err.Error())
-	}
-	reader := bytes.NewReader(bodyData)
-	request, err := http.NewRequest("POST", "https://api.dingtalk.com/v1.0/oauth2/accessToken", reader)
-	request.Header.Set("Content-Type", "application/json;charset=UTF-8")
-	resp, err := idp.Client.Do(request)
-	respBytes, err := ioutil.ReadAll(resp.Body)
-	if err != nil {
-		log.Println(err.Error())
-	}
-	var data struct {
-		ExpireIn    int    `json:"expireIn"`
-		AccessToken string `json:"accessToken"`
-	}
-	err = json.Unmarshal(respBytes, &data)
-	if err != nil {
-		log.Println(err.Error())
-	}
-	return data.AccessToken
-}
-
-func (idp *DingTalkIdProvider) isUserInOrg(unionId string) (bool, error) {
-	body := make(map[string]string)
-	body["unionid"] = unionId
-	bodyData, err := json.Marshal(body)
-	if err != nil {
-		log.Println(err.Error())
-	}
-	reader := bytes.NewReader(bodyData)
-	accessToken := idp.getInnerAppAccessToken()
-	request, _ := http.NewRequest("POST", "https://oapi.dingtalk.com/topapi/user/getbyunionid?access_token="+accessToken, reader)
-	request.Header.Set("Content-Type", "application/json;charset=UTF-8")
-	resp, err := idp.Client.Do(request)
-	respBytes, err := ioutil.ReadAll(resp.Body)
-	if err != nil {
-		log.Println(err.Error())
-	}
-	var data struct {
-		ErrCode    int    `json:"errcode"`
-		ErrMessage string `json:"errmsg"`
-	}
-	err = json.Unmarshal(respBytes, &data)
-	if err != nil {
-		log.Println(err.Error())
-	}
-	if data.ErrCode == 60121 {
-		return false, fmt.Errorf("the user is not found in the organization where clientId and clientSecret belong")
-	}
-	return true, nil
-}

idp/goth.go

@@ -282,7 +282,7 @@ func getUser(gothUser goth.User, provider string) *UserInfo {
 		}
 	}
 	if provider == "steam" {
-		user.Username = user.Id
+		user.Username = user.DisplayName
 		user.Email = ""
 	}
 	return &user

idp/wechat.go

@@ -16,17 +16,14 @@ package idp
 
 import (
 	"bytes"
-	"encoding/base64"
 	"encoding/json"
 	"fmt"
 	"io"
-	"io/ioutil"
 	"net/http"
 	"net/url"
 	"strings"
 	"time"
 
-	"github.com/skip2/go-qrcode"
 	"golang.org/x/oauth2"
 )
 
@@ -194,54 +191,3 @@ func (idp *WeChatIdProvider) GetUserInfo(token *oauth2.Token) (*UserInfo, error)
 	}
 	return &userInfo, nil
 }
-
-func GetWechatOfficialAccountAccessToken(clientId string, clientSecret string) (string, error) {
-	accessTokenUrl := fmt.Sprintf("https://api.weixin.qq.com/cgi-bin/token?grant_type=client_credential&appid=%s&secret=%s", clientId, clientSecret)
-	request, err := http.NewRequest("GET", accessTokenUrl, nil)
-	client := new(http.Client)
-	resp, err := client.Do(request)
-	respBytes, err := ioutil.ReadAll(resp.Body)
-	if err != nil {
-		return "", err
-	}
-	var data struct {
-		ExpireIn    int    `json:"expires_in"`
-		AccessToken string `json:"access_token"`
-	}
-	err = json.Unmarshal(respBytes, &data)
-	if err != nil {
-		return "", err
-	}
-	return data.AccessToken, nil
-}
-
-func GetWechatOfficialAccountQRCode(clientId string, clientSecret string) (string, error) {
-	accessToken, err := GetWechatOfficialAccountAccessToken(clientId, clientSecret)
-	client := new(http.Client)
-	params := "{\"action_name\": \"QR_LIMIT_STR_SCENE\", \"action_info\": {\"scene\": {\"scene_str\": \"test\"}}}"
-	bodyData := bytes.NewReader([]byte(params))
-	qrCodeUrl := fmt.Sprintf("https://api.weixin.qq.com/cgi-bin/qrcode/create?access_token=%s", accessToken)
-	requeset, err := http.NewRequest("POST", qrCodeUrl, bodyData)
-	resp, err := client.Do(requeset)
-	if err != nil {
-		return "", err
-	}
-	respBytes, err := ioutil.ReadAll(resp.Body)
-	if err != nil {
-		return "", err
-	}
-	var data struct {
-		Ticket        string `json:"ticket"`
-		ExpireSeconds int    `json:"expire_seconds"`
-		URL           string `json:"url"`
-	}
-	err = json.Unmarshal(respBytes, &data)
-	if err != nil {
-		return "", err
-	}
-
-	var png []byte
-	png, err = qrcode.Encode(data.URL, qrcode.Medium, 256)
-	base64Image := base64.StdEncoding.EncodeToString(png)
-	return base64Image, nil
-}

main.go

@@ -18,9 +18,9 @@ import (
 	"flag"
 	"fmt"
 
-	"github.com/beego/beego"
-	"github.com/beego/beego/logs"
-	_ "github.com/beego/beego/session/redis"
+	"github.com/astaxie/beego"
+	"github.com/astaxie/beego/logs"
+	_ "github.com/astaxie/beego/session/redis"
 	"github.com/casdoor/casdoor/authz"
 	"github.com/casdoor/casdoor/conf"
 	"github.com/casdoor/casdoor/controllers"

object/adapter.go

@@ -18,14 +18,12 @@ import (
 	"fmt"
 	"runtime"
 
-	"github.com/beego/beego"
-	xormadapter "github.com/casbin/xorm-adapter/v3"
+	"github.com/astaxie/beego"
 	"github.com/casdoor/casdoor/conf"
 	"github.com/casdoor/casdoor/util"
 	_ "github.com/denisenkom/go-mssqldb" // db = mssql
 	_ "github.com/go-sql-driver/mysql"   // db = mysql
 	_ "github.com/lib/pq"                // db = postgres
-	"xorm.io/xorm/migrate"
 	//_ "github.com/mattn/go-sqlite3"    // db = sqlite3
 	"xorm.io/core"
 	"xorm.io/xorm"
@@ -42,7 +40,6 @@ func InitConfig() {
 	beego.BConfig.WebConfig.Session.SessionOn = true
 
 	InitAdapter(true)
-	initMigrations()
 }
 
 func InitAdapter(createDatabase bool) {
@@ -217,11 +214,6 @@ func (a *Adapter) createTable() {
 	if err != nil {
 		panic(err)
 	}
-
-	err = a.Engine.Sync2(new(xormadapter.CasbinRule))
-	if err != nil {
-		panic(err)
-	}
 }
 
 func GetSession(owner string, offset, limit int, field, value, sortField, sortOrder string) *xorm.Session {
@@ -247,22 +239,3 @@ func GetSession(owner string, offset, limit int, field, value, sortField, sortOr
 	}
 	return session
 }
-
-func initMigrations() {
-	migrations := []*migrate.Migration{
-		{
-			ID: "20221015CasbinRule--fill ptype field with p",
-			Migrate: func(tx *xorm.Engine) error {
-				_, err := tx.Cols("ptype").Update(&xormadapter.CasbinRule{
-					Ptype: "p",
-				})
-				return err
-			},
-			Rollback: func(tx *xorm.Engine) error {
-				return tx.DropTables(&xormadapter.CasbinRule{})
-			},
-		},
-	}
-	m := migrate.New(adapter.Engine, migrate.DefaultOptions, migrations)
-	m.Migrate()
-}

object/application.go

@@ -20,7 +20,6 @@ import (
 	"regexp"
 	"strings"
 
-	"github.com/casdoor/casdoor/idp"
 	"github.com/casdoor/casdoor/util"
 	"xorm.io/core"
 )
@@ -47,7 +46,6 @@ type Application struct {
 	EnablePassword      bool            `json:"enablePassword"`
 	EnableSignUp        bool            `json:"enableSignUp"`
 	EnableSigninSession bool            `json:"enableSigninSession"`
-	EnableAutoSignin    bool            `json:"enableAutoSignin"`
 	EnableCodeSignin    bool            `json:"enableCodeSignin"`
 	EnableSamlCompress  bool            `json:"enableSamlCompress"`
 	EnableWebAuthn      bool            `json:"enableWebAuthn"`
@@ -71,7 +69,6 @@ type Application struct {
 	SigninHtml           string   `xorm:"mediumtext" json:"signinHtml"`
 	FormCss              string   `xorm:"text" json:"formCss"`
 	FormOffset           int      `json:"formOffset"`
-	FormSideHtml         string   `xorm:"mediumtext" json:"formSideHtml"`
 	FormBackgroundUrl    string   `xorm:"varchar(200)" json:"formBackgroundUrl"`
 }
 
@@ -85,16 +82,6 @@ func GetApplicationCount(owner, field, value string) int {
 	return int(count)
 }
 
-func GetOrganizationApplicationCount(owner, Organization, field, value string) int {
-	session := GetSession(owner, -1, -1, field, value, "", "")
-	count, err := session.Count(&Application{Organization: Organization})
-	if err != nil {
-		panic(err)
-	}
-
-	return int(count)
-}
-
 func GetApplications(owner string) []*Application {
 	applications := []*Application{}
 	err := adapter.Engine.Desc("created_time").Find(&applications, &Application{Owner: owner})
@@ -105,18 +92,8 @@ func GetApplications(owner string) []*Application {
 	return applications
 }
 
-func GetOrganizationApplications(owner string, organization string) []*Application {
-	applications := []*Application{}
-	err := adapter.Engine.Desc("created_time").Find(&applications, &Application{Owner: owner, Organization: organization})
-	if err != nil {
-		panic(err)
-	}
-
-	return applications
-}
-
 func GetPaginationApplications(owner string, offset, limit int, field, value, sortField, sortOrder string) []*Application {
-	var applications []*Application
+	applications := []*Application{}
 	session := GetSession(owner, offset, limit, field, value, sortField, sortOrder)
 	err := session.Find(&applications)
 	if err != nil {
@@ -126,10 +103,9 @@ func GetPaginationApplications(owner string, offset, limit int, field, value, so
 	return applications
 }
 
-func GetPaginationOrganizationApplications(owner, organization string, offset, limit int, field, value, sortField, sortOrder string) []*Application {
+func GetApplicationsByOrganizationName(owner string, organization string) []*Application {
 	applications := []*Application{}
-	session := GetSession(owner, offset, limit, field, value, sortField, sortOrder)
-	err := session.Find(&applications, &Application{Owner: owner, Organization: organization})
+	err := adapter.Engine.Desc("created_time").Find(&applications, &Application{Owner: owner, Organization: organization})
 	if err != nil {
 		panic(err)
 	}
@@ -141,11 +117,9 @@ func getProviderMap(owner string) map[string]*Provider {
 	providers := GetProviders(owner)
 	m := map[string]*Provider{}
 	for _, provider := range providers {
-		// Get QRCode only once
-		if provider.Type == "WeChat" && provider.DisableSsl == true && provider.Content == "" {
-			provider.Content, _ = idp.GetWechatOfficialAccountQRCode(provider.ClientId2, provider.ClientSecret2)
-			UpdateProvider(provider.Owner+"/"+provider.Name, provider)
-		}
+		//if provider.Category != "OAuth" {
+		//	continue
+		//}
 
 		m[provider.Name] = GetMaskedProvider(provider)
 	}
@@ -153,7 +127,7 @@ func getProviderMap(owner string) map[string]*Provider {
 }
 
 func extendApplicationWithProviders(application *Application) {
-	m := getProviderMap(application.Organization)
+	m := getProviderMap(application.Owner)
 	for _, providerItem := range application.Providers {
 		if provider, ok := m[providerItem.Name]; ok {
 			providerItem.Provider = provider
@@ -294,13 +268,6 @@ func UpdateApplication(id string, application *Application) bool {
 		application.Name = name
 	}
 
-	if name != application.Name {
-		err := applicationChangeTrigger(name, application.Name)
-		if err != nil {
-			return false
-		}
-	}
-
 	for _, providerItem := range application.Providers {
 		providerItem.Provider = nil
 	}
@@ -402,7 +369,7 @@ func IsAllowOrigin(origin string) bool {
 }
 
 func getApplicationMap(organization string) map[string]*Application {
-	applications := GetOrganizationApplications("admin", organization)
+	applications := GetApplicationsByOrganizationName("admin", organization)
 
 	applicationMap := make(map[string]*Application)
 	for _, application := range applications {
@@ -431,55 +398,3 @@ func ExtendManagedAccountsWithUser(user *User) *User {
 
 	return user
 }
-
-func applicationChangeTrigger(oldName string, newName string) error {
-	session := adapter.Engine.NewSession()
-	defer session.Close()
-
-	err := session.Begin()
-	if err != nil {
-		return err
-	}
-
-	organization := new(Organization)
-	organization.DefaultApplication = newName
-	_, err = session.Where("default_application=?", oldName).Update(organization)
-	if err != nil {
-		return err
-	}
-
-	user := new(User)
-	user.SignupApplication = newName
-	_, err = session.Where("signup_application=?", oldName).Update(user)
-	if err != nil {
-		return err
-	}
-
-	resource := new(Resource)
-	resource.Application = newName
-	_, err = session.Where("application=?", oldName).Update(resource)
-	if err != nil {
-		return err
-	}
-
-	var permissions []*Permission
-	err = adapter.Engine.Find(&permissions)
-	if err != nil {
-		return err
-	}
-	for i := 0; i < len(permissions); i++ {
-		permissionResoureces := permissions[i].Resources
-		for j := 0; j < len(permissionResoureces); j++ {
-			if permissionResoureces[j] == oldName {
-				permissionResoureces[j] = newName
-			}
-		}
-		permissions[i].Resources = permissionResoureces
-		_, err = session.Where("name=?", permissions[i].Name).Update(permissions[i])
-		if err != nil {
-			return err
-		}
-	}
-
-	return session.Commit()
-}

object/application_item.go

@@ -15,7 +15,7 @@
 package object
 
 func (application *Application) GetProviderByCategory(category string) *Provider {
-	providers := GetProviders(application.Organization)
+	providers := GetProviders(application.Owner)
 	m := map[string]*Provider{}
 	for _, provider := range providers {
 		if provider.Category != category {

object/avatar.go

@@ -50,7 +50,7 @@ func downloadFile(url string) (*bytes.Buffer, error) {
 	return fileBuffer, nil
 }
 
-func getPermanentAvatarUrl(organization string, username string, url string, upload bool) string {
+func getPermanentAvatarUrl(organization string, username string, url string) string {
 	if url == "" {
 		return ""
 	}
@@ -60,16 +60,8 @@ func getPermanentAvatarUrl(organization string, username string, url string, upl
 	}
 
 	fullFilePath := fmt.Sprintf("/avatar/%s/%s.png", organization, username)
-	uploadedFileUrl, _ := GetUploadFileUrl(defaultStorageProvider, fullFilePath, false)
+	uploadedFileUrl, _ := getUploadFileUrl(defaultStorageProvider, fullFilePath, false)
 
-	if upload {
-		DownloadAndUpload(url, fullFilePath)
-	}
-
-	return uploadedFileUrl
-}
-
-func DownloadAndUpload(url string, fullFilePath string) {
 	fileBuffer, err := downloadFile(url)
 	if err != nil {
 		panic(err)
@@ -79,4 +71,6 @@ func DownloadAndUpload(url string, fullFilePath string) {
 	if err != nil {
 		panic(err)
 	}
+
+	return uploadedFileUrl
 }

object/avatar_test.go

@@ -32,7 +32,7 @@ func TestSyncPermanentAvatars(t *testing.T) {
 			continue
 		}
 
-		user.PermanentAvatar = getPermanentAvatarUrl(user.Owner, user.Name, user.Avatar, true)
+		user.PermanentAvatar = getPermanentAvatarUrl(user.Owner, user.Name, user.Avatar)
 		updateUserColumn("permanent_avatar", user)
 		fmt.Printf("[%d/%d]: Update user: [%s]'s permanent avatar: %s\n", i, len(users), user.GetId(), user.PermanentAvatar)
 	}

object/casbin_adapter.go

@@ -20,8 +20,9 @@ import (
 
 	"github.com/casbin/casbin/v2"
 	"github.com/casbin/casbin/v2/model"
-	xormadapter "github.com/casbin/xorm-adapter/v3"
+	xormadapter "github.com/casbin/xorm-adapter/v2"
 	"github.com/casdoor/casdoor/util"
+
 	"xorm.io/core"
 )
 
@@ -148,7 +149,34 @@ func (casbinAdapter *CasbinAdapter) getTable() string {
 	}
 }
 
-func initEnforcer(modelObj *Model, casbinAdapter *CasbinAdapter) (*casbin.Enforcer, error) {
+func safeReturn(policy []string, i int) string {
+	if len(policy) > i {
+		return policy[i]
+	} else {
+		return ""
+	}
+}
+
+func matrixToCasbinRules(pType string, policies [][]string) []*xormadapter.CasbinRule {
+	res := []*xormadapter.CasbinRule{}
+
+	for _, policy := range policies {
+		line := xormadapter.CasbinRule{
+			PType: pType,
+			V0:    safeReturn(policy, 0),
+			V1:    safeReturn(policy, 1),
+			V2:    safeReturn(policy, 2),
+			V3:    safeReturn(policy, 3),
+			V4:    safeReturn(policy, 4),
+			V5:    safeReturn(policy, 5),
+		}
+		res = append(res, &line)
+	}
+
+	return res
+}
+
+func SyncPolicies(casbinAdapter *CasbinAdapter) []*xormadapter.CasbinRule {
 	// init Adapter
 	if casbinAdapter.Adapter == nil {
 		var dataSourceName string
@@ -164,60 +192,20 @@ func initEnforcer(modelObj *Model, casbinAdapter *CasbinAdapter) (*casbin.Enforc
 			dataSourceName = strings.ReplaceAll(dataSourceName, "dbi.", "db.")
 		}
 
-		var err error
-		casbinAdapter.Adapter, err = xormadapter.NewAdapterByEngineWithTableName(NewAdapter(casbinAdapter.DatabaseType, dataSourceName, casbinAdapter.Database).Engine, casbinAdapter.getTable(), "")
-		if err != nil {
-			return nil, err
-		}
+		casbinAdapter.Adapter, _ = xormadapter.NewAdapterByEngineWithTableName(NewAdapter(casbinAdapter.DatabaseType, dataSourceName, casbinAdapter.Database).Engine, casbinAdapter.getTable(), "")
 	}
 
 	// init Model
+	modelObj := getModel(casbinAdapter.Owner, casbinAdapter.Model)
 	m, err := model.NewModelFromString(modelObj.ModelText)
 	if err != nil {
-		return nil, err
+		panic(err)
 	}
 
 	// init Enforcer
 	enforcer, err := casbin.NewEnforcer(m, casbinAdapter.Adapter)
 	if err != nil {
-		return nil, err
-	}
-
-	return enforcer, nil
-}
-
-func safeReturn(policy []string, i int) string {
-	if len(policy) > i {
-		return policy[i]
-	} else {
-		return ""
-	}
-}
-
-func matrixToCasbinRules(Ptype string, policies [][]string) []*xormadapter.CasbinRule {
-	res := []*xormadapter.CasbinRule{}
-
-	for _, policy := range policies {
-		line := xormadapter.CasbinRule{
-			Ptype: Ptype,
-			V0:    safeReturn(policy, 0),
-			V1:    safeReturn(policy, 1),
-			V2:    safeReturn(policy, 2),
-			V3:    safeReturn(policy, 3),
-			V4:    safeReturn(policy, 4),
-			V5:    safeReturn(policy, 5),
-		}
-		res = append(res, &line)
-	}
-
-	return res
-}
-
-func SyncPolicies(casbinAdapter *CasbinAdapter) ([]*xormadapter.CasbinRule, error) {
-	modelObj := getModel(casbinAdapter.Owner, casbinAdapter.Model)
-	enforcer, err := initEnforcer(modelObj, casbinAdapter)
-	if err != nil {
-		return nil, err
+		panic(err)
 	}
 
 	policies := matrixToCasbinRules("p", enforcer.GetPolicy())
@@ -225,48 +213,5 @@ func SyncPolicies(casbinAdapter *CasbinAdapter) ([]*xormadapter.CasbinRule, erro
 		policies = append(policies, matrixToCasbinRules("g", enforcer.GetGroupingPolicy())...)
 	}
 
-	return policies, nil
-}
-
-func UpdatePolicy(oldPolicy, newPolicy []string, casbinAdapter *CasbinAdapter) (bool, error) {
-	modelObj := getModel(casbinAdapter.Owner, casbinAdapter.Model)
-	enforcer, err := initEnforcer(modelObj, casbinAdapter)
-	if err != nil {
-		return false, err
-	}
-
-	affected, err := enforcer.UpdatePolicy(oldPolicy, newPolicy)
-	if err != nil {
-		return affected, err
-	}
-	return affected, nil
-}
-
-func AddPolicy(policy []string, casbinAdapter *CasbinAdapter) (bool, error) {
-	modelObj := getModel(casbinAdapter.Owner, casbinAdapter.Model)
-	enforcer, err := initEnforcer(modelObj, casbinAdapter)
-	if err != nil {
-		return false, err
-	}
-
-	affected, err := enforcer.AddPolicy(policy)
-	if err != nil {
-		return affected, err
-	}
-	return affected, nil
-}
-
-func RemovePolicy(policy []string, casbinAdapter *CasbinAdapter) (bool, error) {
-	modelObj := getModel(casbinAdapter.Owner, casbinAdapter.Model)
-	enforcer, err := initEnforcer(modelObj, casbinAdapter)
-	if err != nil {
-		return false, err
-	}
-
-	affected, err := enforcer.RemovePolicy(policy)
-	if err != nil {
-		return affected, err
-	}
-
-	return affected, nil
+	return policies
 }

object/cert.go

@@ -114,12 +114,6 @@ func UpdateCert(id string, cert *Cert) bool {
 		return false
 	}
 
-	if name != cert.Name {
-		err := certChangeTrigger(name, cert.Name)
-		if err != nil {
-			return false
-		}
-	}
 	affected, err := adapter.Engine.ID(core.PK{owner, name}).AllCols().Update(cert)
 	if err != nil {
 		panic(err)
@@ -167,22 +161,3 @@ func getCertByApplication(application *Application) *Cert {
 func GetDefaultCert() *Cert {
 	return getCert("admin", "cert-built-in")
 }
-
-func certChangeTrigger(oldName string, newName string) error {
-	session := adapter.Engine.NewSession()
-	defer session.Close()
-
-	err := session.Begin()
-	if err != nil {
-		return err
-	}
-
-	application := new(Application)
-	application.Cert = newName
-	_, err = session.Where("cert=?", oldName).Update(application)
-	if err != nil {
-		return err
-	}
-
-	return session.Commit()
-}

object/check.go

@@ -22,7 +22,6 @@ import (
 	"unicode"
 
 	"github.com/casdoor/casdoor/cred"
-	"github.com/casdoor/casdoor/i18n"
 	"github.com/casdoor/casdoor/util"
 	goldap "github.com/go-ldap/ldap/v3"
 )
@@ -42,89 +41,84 @@ func init() {
 	reFieldWhiteList, _ = regexp.Compile(`^[A-Za-z0-9]+$`)
 }
 
-func CheckUserSignup(application *Application, organization *Organization, username string, password string, displayName string, firstName string, lastName string, email string, phone string, affiliation string, lang string) string {
+func CheckUserSignup(application *Application, organization *Organization, username string, password string, displayName string, firstName string, lastName string, email string, phone string, affiliation string) string {
 	if organization == nil {
-		return i18n.Translate(lang, "OrgErr.DoNotExist")
+		return "organization does not exist"
 	}
 
 	if application.IsSignupItemVisible("Username") {
 		if len(username) <= 1 {
-			return i18n.Translate(lang, "UserErr.NameLessThanTwoCharacters")
+			return "username must have at least 2 characters"
 		}
 		if unicode.IsDigit(rune(username[0])) {
-			return i18n.Translate(lang, "UserErr.NameStartWithADigitErr")
+			return "username cannot start with a digit"
 		}
 		if util.IsEmailValid(username) {
-			return i18n.Translate(lang, "UserErr.NameIsEmailErr")
+			return "username cannot be an email address"
 		}
 		if reWhiteSpace.MatchString(username) {
-			return i18n.Translate(lang, "UserErr.NameCantainWhitSpaceErr")
+			return "username cannot contain white spaces"
 		}
-		msg := CheckUsername(username, lang)
-		if msg != "" {
-			return msg
-		}
-
 		if HasUserByField(organization.Name, "name", username) {
-			return i18n.Translate(lang, "UserErr.NameExistedErr")
+			return "username already exists"
 		}
 		if HasUserByField(organization.Name, "email", email) {
-			return i18n.Translate(lang, "EmailErr.ExistedErr")
+			return "email already exists"
 		}
 		if HasUserByField(organization.Name, "phone", phone) {
-			return i18n.Translate(lang, "PhoneErr.ExistedErr")
+			return "phone already exists"
 		}
 	}
 
 	if len(password) <= 5 {
-		return i18n.Translate(lang, "UserErr.PasswordLessThanSixCharacters")
+		return "password must have at least 6 characters"
 	}
 
 	if application.IsSignupItemVisible("Email") {
 		if email == "" {
 			if application.IsSignupItemRequired("Email") {
-				return i18n.Translate(lang, "EmailErr.EmptyErr")
+				return "email cannot be empty"
 			} else {
 				return ""
 			}
 		}
 
 		if HasUserByField(organization.Name, "email", email) {
-			return i18n.Translate(lang, "EmailErr.ExistedErr")
+			return "email already exists"
 		} else if !util.IsEmailValid(email) {
-			return i18n.Translate(lang, "EmailErr.EmailInvalid")
+			return "email is invalid"
 		}
 	}
 
 	if application.IsSignupItemVisible("Phone") {
 		if phone == "" {
 			if application.IsSignupItemRequired("Phone") {
-				return i18n.Translate(lang, "PhoneErr.EmptyErr")
+				return "phone cannot be empty"
 			} else {
 				return ""
 			}
 		}
 
 		if HasUserByField(organization.Name, "phone", phone) {
-			return i18n.Translate(lang, "PhoneErr.ExistedErr")
+			return "phone already exists"
 		} else if organization.PhonePrefix == "86" && !util.IsPhoneCnValid(phone) {
-			return i18n.Translate(lang, "PhoneErr.NumberInvalid")
+			return "phone number is invalid"
 		}
 	}
 
 	if application.IsSignupItemVisible("Display name") {
 		if application.GetSignupItemRule("Display name") == "First, last" && (firstName != "" || lastName != "") {
 			if firstName == "" {
-				return i18n.Translate(lang, "UserErr.FirstNameBlankErr")
+				return "firstName cannot be blank"
 			} else if lastName == "" {
-				return i18n.Translate(lang, "UserErr.LastNameBlankErr")
+				return "lastName cannot be blank"
 			}
 		} else {
 			if displayName == "" {
-				return i18n.Translate(lang, "UserErr.DisplayNameBlankErr")
+				return "displayName cannot be blank"
 			} else if application.GetSignupItemRule("Display name") == "Real name" {
 				if !isValidRealName(displayName) {
-					return i18n.Translate(lang, "UserErr.DisplayNameInvalid")
+					return "displayName is not valid real name"
 				}
 			}
 		}
@@ -132,14 +126,14 @@ func CheckUserSignup(application *Application, organization *Organization, usern
 
 	if application.IsSignupItemVisible("Affiliation") {
 		if affiliation == "" {
-			return i18n.Translate(lang, "UserErr.AffiliationBlankErr")
+			return "affiliation cannot be blank"
 		}
 	}
 
 	return ""
 }
 
-func checkSigninErrorTimes(user *User, lang string) string {
+func checkSigninErrorTimes(user *User) string {
 	if user.SigninWrongTimes >= SigninWrongTimesLimit {
 		lastSignWrongTime, _ := time.Parse(time.RFC3339, user.LastSigninWrongTime)
 		passedTime := time.Now().UTC().Sub(lastSignWrongTime)
@@ -147,7 +141,7 @@ func checkSigninErrorTimes(user *User, lang string) string {
 
 		// deny the login if the error times is greater than the limit and the last login time is less than the duration
 		if seconds > 0 {
-			return fmt.Sprintf(i18n.Translate(lang, "AuthErr.WrongPasswordManyTimes"), seconds/60, seconds%60)
+			return fmt.Sprintf("You have entered the wrong password too many times, please wait for %d minutes %d seconds and try again", seconds/60, seconds%60)
 		}
 
 		// reset the error times
@@ -159,15 +153,15 @@ func checkSigninErrorTimes(user *User, lang string) string {
 	return ""
 }
 
-func CheckPassword(user *User, password string, lang string) string {
+func CheckPassword(user *User, password string) string {
 	// check the login error times
-	if msg := checkSigninErrorTimes(user, lang); msg != "" {
+	if msg := checkSigninErrorTimes(user); msg != "" {
 		return msg
 	}
 
 	organization := GetOrganizationByUser(user)
 	if organization == nil {
-		return i18n.Translate(lang, "OrgErr.DoNotExist")
+		return "organization does not exist"
 	}
 
 	credManager := cred.GetCredManager(organization.PasswordType)
@@ -186,11 +180,11 @@ func CheckPassword(user *User, password string, lang string) string {
 
 		return recordSigninErrorInfo(user)
 	} else {
-		return fmt.Sprintf(i18n.Translate(lang, "LoginErr.UnsupportedPasswordType"), organization.PasswordType)
+		return fmt.Sprintf("unsupported password type: %s", organization.PasswordType)
 	}
 }
 
-func checkLdapUserPassword(user *User, password string, lang string) (*User, string) {
+func checkLdapUserPassword(user *User, password string) (*User, string) {
 	ldaps := GetLdaps(user.Owner)
 	ldapLoginSuccess := false
 	for _, ldapServer := range ldaps {
@@ -210,7 +204,7 @@ func checkLdapUserPassword(user *User, password string, lang string) (*User, str
 		if len(searchResult.Entries) == 0 {
 			continue
 		} else if len(searchResult.Entries) > 1 {
-			return nil, i18n.Translate(lang, "LdapErr.MultipleAccounts")
+			return nil, "Error: multiple accounts with same uid, please check your ldap server"
 		}
 
 		dn := searchResult.Entries[0].DN
@@ -221,26 +215,26 @@ func checkLdapUserPassword(user *User, password string, lang string) (*User, str
 	}
 
 	if !ldapLoginSuccess {
-		return nil, i18n.Translate(lang, "LdapErr.PasswordWrong")
+		return nil, "ldap user name or password incorrect"
 	}
 	return user, ""
 }
 
-func CheckUserPassword(organization string, username string, password string, lang string) (*User, string) {
+func CheckUserPassword(organization string, username string, password string) (*User, string) {
 	user := GetUserByFields(organization, username)
 	if user == nil || user.IsDeleted == true {
-		return nil, i18n.Translate(lang, "UserErr.DoNotExistSignUp")
+		return nil, "the user does not exist, please sign up first"
 	}
 
 	if user.IsForbidden {
-		return nil, i18n.Translate(lang, "LoginErr.UserIsForbidden")
+		return nil, "the user is forbidden to sign in, please contact the administrator"
 	}
 
 	if user.Ldap != "" {
 		// ONLY for ldap users
-		return checkLdapUserPassword(user, password, lang)
+		return checkLdapUserPassword(user, password)
 	} else {
-		msg := CheckPassword(user, password, lang)
+		msg := CheckPassword(user, password)
 		if msg != "" {
 			return nil, msg
 		}
@@ -252,15 +246,15 @@ func filterField(field string) bool {
 	return reFieldWhiteList.MatchString(field)
 }
 
-func CheckUserPermission(requestUserId, userId, userOwner string, strict bool, lang string) (bool, error) {
+func CheckUserPermission(requestUserId, userId, userOwner string, strict bool) (bool, error) {
 	if requestUserId == "" {
-		return false, fmt.Errorf(i18n.Translate(lang, "LoginErr.LoginFirst"))
+		return false, fmt.Errorf("please login first")
 	}
 
 	if userId != "" {
 		targetUser := GetUser(userId)
 		if targetUser == nil {
-			return false, fmt.Errorf(i18n.Translate(lang, "UserErr.DoNotExist"), userId)
+			return false, fmt.Errorf("the user: %s doesn't exist", userId)
 		}
 
 		userOwner = targetUser.Owner
@@ -272,7 +266,7 @@ func CheckUserPermission(requestUserId, userId, userOwner string, strict bool, l
 	} else {
 		requestUser := GetUser(requestUserId)
 		if requestUser == nil {
-			return false, fmt.Errorf(i18n.Translate(lang, "LoginErr.SessionOutdated"))
+			return false, fmt.Errorf("session outdated, please login again")
 		}
 		if requestUser.IsGlobalAdmin {
 			hasPermission = true
@@ -287,7 +281,7 @@ func CheckUserPermission(requestUserId, userId, userOwner string, strict bool, l
 		}
 	}
 
-	return hasPermission, fmt.Errorf(i18n.Translate(lang, "LoginErr.NoPermission"))
+	return hasPermission, fmt.Errorf("you don't have the permission to do this")
 }
 
 func CheckAccessPermission(userId string, application *Application) (bool, error) {
@@ -319,41 +313,3 @@ func CheckAccessPermission(userId string, application *Application) (bool, error
 	}
 	return allowed, err
 }
-
-func CheckUsername(username string, lang string) string {
-	if username == "" {
-		return i18n.Translate(lang, "UserErr.NameEmptyErr")
-	} else if len(username) > 39 {
-		return i18n.Translate(lang, "UserErr.NameTooLang")
-	}
-
-	exclude, _ := regexp.Compile("^[\u0021-\u007E]+$")
-	if !exclude.MatchString(username) {
-		return ""
-	}
-
-	// https://stackoverflow.com/questions/58726546/github-username-convention-using-regex
-	re, _ := regexp.Compile("^[a-zA-Z0-9]+((?:-[a-zA-Z0-9]+)|(?:_[a-zA-Z0-9]+))*$")
-	if !re.MatchString(username) {
-		return i18n.Translate(lang, "UserErr.NameFormatErr")
-	}
-
-	return ""
-}
-
-func CheckToEnableCaptcha(application *Application) bool {
-	if len(application.Providers) == 0 {
-		return false
-	}
-
-	for _, providerItem := range application.Providers {
-		if providerItem.Provider == nil {
-			continue
-		}
-		if providerItem.Provider.Category == "Captcha" && providerItem.Provider.Type == "Default" {
-			return providerItem.Rule == "Always"
-		}
-	}
-
-	return false
-}

object/init.go

@@ -58,7 +58,6 @@ func initBuiltInOrganization() bool {
 		PhonePrefix:   "86",
 		DefaultAvatar: fmt.Sprintf("%s/img/casbin.svg", conf.GetConfigString("staticBaseUrl")),
 		Tags:          []string{},
-		Languages:     []string{"en", "zh", "es", "fr", "de", "ja", "ko", "ru"},
 		AccountItems: []*AccountItem{
 			{Name: "Organization", Visible: true, ViewRule: "Public", ModifyRule: "Admin"},
 			{Name: "ID", Visible: true, ViewRule: "Public", ModifyRule: "Immutable"},
@@ -144,7 +143,7 @@ func initBuiltInApplication() {
 		EnablePassword: true,
 		EnableSignUp:   true,
 		Providers: []*ProviderItem{
-			{Name: "provider_captcha_default", CanSignUp: false, CanSignIn: false, CanUnlink: false, Prompted: false, AlertType: "None", Rule: "None", Provider: nil},
+			{Name: "provider_captcha_default", CanSignUp: false, CanSignIn: false, CanUnlink: false, Prompted: false, AlertType: "None", Provider: nil},
 		},
 		SignupItems: []*SignupItem{
 			{Name: "ID", Visible: false, Required: true, Prompted: false, Rule: "Random"},
@@ -158,7 +157,7 @@ func initBuiltInApplication() {
 		},
 		RedirectUris:  []string{},
 		ExpireInHours: 168,
-		FormOffset:    2,
+		FormOffset:    8,
 	}
 	AddApplication(application)
 }
@@ -222,7 +221,7 @@ func initBuiltInLdap() {
 }
 
 func initBuiltInProvider() {
-	provider := GetProvider(util.GetId("admin", "provider_captcha_default"))
+	provider := GetProvider("admin/provider_captcha_default")
 	if provider != nil {
 		return
 	}

object/init_data.go

@@ -56,40 +56,12 @@ func readInitDataFromFile(filePath string) *InitData {
 
 	s := util.ReadStringFromPath(filePath)
 
-	data := &InitData{
-		Organizations: []*Organization{},
-		Applications:  []*Application{},
-		Users:         []*User{},
-		Certs:         []*Cert{},
-		Providers:     []*Provider{},
-		Ldaps:         []*Ldap{},
-	}
+	data := &InitData{}
 	err := util.JsonToStruct(s, data)
 	if err != nil {
 		panic(err)
 	}
 
-	// transform nil slice to empty slice
-	for _, organization := range data.Organizations {
-		if organization.Tags == nil {
-			organization.Tags = []string{}
-		}
-	}
-	for _, application := range data.Applications {
-		if application.Providers == nil {
-			application.Providers = []*ProviderItem{}
-		}
-		if application.SignupItems == nil {
-			application.SignupItems = []*SignupItem{}
-		}
-		if application.GrantTypes == nil {
-			application.GrantTypes = []string{}
-		}
-		if application.RedirectUris == nil {
-			application.RedirectUris = []string{}
-		}
-	}
-
 	return data
 }
 
@@ -168,7 +140,7 @@ func initDefinedLdap(ldap *Ldap) {
 }
 
 func initDefinedProvider(provider *Provider) {
-	existed := GetProvider(util.GetId("admin", provider.Name))
+	existed := GetProvider(provider.GetId())
 	if existed != nil {
 		return
 	}

object/ldap.go

@@ -19,7 +19,7 @@ import (
 	"fmt"
 	"strings"
 
-	"github.com/beego/beego"
+	"github.com/astaxie/beego"
 	"github.com/casdoor/casdoor/util"
 	goldap "github.com/go-ldap/ldap/v3"
 	"github.com/thanhpk/randstr"
@@ -409,7 +409,6 @@ func SyncLdapUsers(owner string, users []LdapRespUser, ldapId string) (*[]LdapRe
 				}
 			}
 		}
-
 		if !found && !AddUser(&User{
 			Owner:       owner,
 			Name:        buildLdapUserName(user.Uid, user.UidNumber),

object/ldap_autosync.go

@@ -5,7 +5,7 @@ import (
 	"sync"
 	"time"
 
-	"github.com/beego/beego/logs"
+	"github.com/astaxie/beego/logs"
 	"github.com/casdoor/casdoor/util"
 )
 

object/ldapserver.go

@@ -62,7 +62,7 @@ func GetFilteredUsers(m *ldapserver.Message, name, org string) ([]*User, int) {
 			return nil, ldapserver.LDAPResultInsufficientAccessRights
 		}
 	} else {
-		hasPermission, err := CheckUserPermission(fmt.Sprintf("%s/%s", m.Client.OrgName, m.Client.UserName), fmt.Sprintf("%s/%s", org, name), org, true, "en")
+		hasPermission, err := CheckUserPermission(fmt.Sprintf("%s/%s", m.Client.OrgName, m.Client.UserName), fmt.Sprintf("%s/%s", org, name), org, true)
 		if !hasPermission {
 			log.Printf("ErrMsg = %v", err.Error())
 			return nil, ldapserver.LDAPResultInsufficientAccessRights

object/model.go

@@ -92,12 +92,6 @@ func UpdateModel(id string, modelObj *Model) bool {
 		return false
 	}
 
-	if name != modelObj.Name {
-		err := modelChangeTrigger(name, modelObj.Name)
-		if err != nil {
-			return false
-		}
-	}
 	// check model grammar
 	_, err := model.NewModelFromString(modelObj.ModelText)
 	if err != nil {
@@ -133,22 +127,3 @@ func DeleteModel(model *Model) bool {
 func (model *Model) GetId() string {
 	return fmt.Sprintf("%s/%s", model.Owner, model.Name)
 }
-
-func modelChangeTrigger(oldName string, newName string) error {
-	session := adapter.Engine.NewSession()
-	defer session.Close()
-
-	err := session.Begin()
-	if err != nil {
-		return err
-	}
-
-	permission := new(Permission)
-	permission.Model = newName
-	_, err = session.Where("model=?", oldName).Update(permission)
-	if err != nil {
-		return err
-	}
-
-	return session.Commit()
-}

object/organization.go

@@ -16,10 +16,8 @@ package object
 
 import (
 	"fmt"
-	"strings"
 
 	"github.com/casdoor/casdoor/cred"
-	"github.com/casdoor/casdoor/i18n"
 	"github.com/casdoor/casdoor/util"
 	"xorm.io/core"
 )
@@ -45,7 +43,6 @@ type Organization struct {
 	DefaultAvatar      string   `xorm:"varchar(100)" json:"defaultAvatar"`
 	DefaultApplication string   `xorm:"varchar(100)" json:"defaultApplication"`
 	Tags               []string `xorm:"mediumtext" json:"tags"`
-	Languages          []string `xorm:"varchar(255)" json:"languages"`
 	MasterPassword     string   `xorm:"varchar(100)" json:"masterPassword"`
 	EnableSoftDeletion bool     `json:"enableSoftDeletion"`
 	IsProfilePublic    bool     `json:"isProfilePublic"`
@@ -136,10 +133,15 @@ func UpdateOrganization(id string, organization *Organization) bool {
 	}
 
 	if name != organization.Name {
-		err := organizationChangeTrigger(name, organization.Name)
-		if err != nil {
-			return false
-		}
+		go func() {
+			application := new(Application)
+			application.Organization = organization.Name
+			_, _ = adapter.Engine.Where("organization=?", name).Update(application)
+
+			user := new(User)
+			user.Owner = organization.Name
+			_, _ = adapter.Engine.Where("owner=?", name).Update(user)
+		}()
 	}
 
 	if organization.MasterPassword != "" && organization.MasterPassword != "***" {
@@ -200,35 +202,30 @@ func GetAccountItemByName(name string, organization *Organization) *AccountItem
 	return nil
 }
 
-func CheckAccountItemModifyRule(accountItem *AccountItem, user *User, lang string) (bool, string) {
+func CheckAccountItemModifyRule(accountItem *AccountItem, user *User) (bool, string) {
 	switch accountItem.ModifyRule {
 	case "Admin":
 		if !(user.IsAdmin || user.IsGlobalAdmin) {
-			return false, fmt.Sprintf(i18n.Translate(lang, "OrgErr.OnlyAdmin"), accountItem.Name)
+			return false, fmt.Sprintf("Only admin can modify the %s.", accountItem.Name)
 		}
 	case "Immutable":
-		return false, fmt.Sprintf(i18n.Translate(lang, "OrgErr.Immutable"), accountItem.Name)
+		return false, fmt.Sprintf("The %s is immutable.", accountItem.Name)
 	case "Self":
 		break
 	default:
-		return false, fmt.Sprintf(i18n.Translate(lang, "OrgErr.UnknownModifyRule"), accountItem.ModifyRule)
+		return false, fmt.Sprintf("Unknown modify rule %s.", accountItem.ModifyRule)
 	}
 	return true, ""
 }
 
-func GetDefaultApplication(id string) (*Application, error) {
+func GetDefaultApplication(id string) *Application {
 	organization := GetOrganization(id)
 	if organization == nil {
-		return nil, fmt.Errorf("The organization: %s does not exist", id)
+		return nil
 	}
 
 	if organization.DefaultApplication != "" {
-		defaultApplication := getApplication("admin", organization.DefaultApplication)
-		if defaultApplication == nil {
-			return nil, fmt.Errorf("The default application: %s does not exist", organization.DefaultApplication)
-		} else {
-			return defaultApplication, nil
-		}
+		return getApplication("admin", organization.DefaultApplication)
 	}
 
 	applications := []*Application{}
@@ -238,7 +235,7 @@ func GetDefaultApplication(id string) (*Application, error) {
 	}
 
 	if len(applications) == 0 {
-		return nil, fmt.Errorf("The application does not exist")
+		return nil
 	}
 
 	defaultApplication := applications[0]
@@ -252,150 +249,5 @@ func GetDefaultApplication(id string) (*Application, error) {
 	extendApplicationWithProviders(defaultApplication)
 	extendApplicationWithOrg(defaultApplication)
 
-	return defaultApplication, nil
-}
-
-func organizationChangeTrigger(oldName string, newName string) error {
-	session := adapter.Engine.NewSession()
-	defer session.Close()
-
-	err := session.Begin()
-	if err != nil {
-		return err
-	}
-
-	application := new(Application)
-	application.Organization = newName
-	_, err = session.Where("organization=?", oldName).Update(application)
-	if err != nil {
-		return err
-	}
-
-	user := new(User)
-	user.Owner = newName
-	_, err = session.Where("owner=?", oldName).Update(user)
-	if err != nil {
-		return err
-	}
-
-	role := new(Role)
-	_, err = adapter.Engine.Where("owner=?", oldName).Get(role)
-	if err != nil {
-		return err
-	}
-	for i, u := range role.Users {
-		// u = organization/username
-		split := strings.Split(u, "/")
-		if split[0] == oldName {
-			split[0] = newName
-			role.Users[i] = split[0] + "/" + split[1]
-		}
-	}
-	for i, u := range role.Roles {
-		// u = organization/username
-		split := strings.Split(u, "/")
-		if split[0] == oldName {
-			split[0] = newName
-			role.Roles[i] = split[0] + "/" + split[1]
-		}
-	}
-	role.Owner = newName
-	_, err = session.Where("owner=?", oldName).Update(role)
-	if err != nil {
-		return err
-	}
-
-	permission := new(Permission)
-	_, err = adapter.Engine.Where("owner=?", oldName).Get(permission)
-	if err != nil {
-		return err
-	}
-	for i, u := range permission.Users {
-		// u = organization/username
-		split := strings.Split(u, "/")
-		if split[0] == oldName {
-			split[0] = newName
-			permission.Users[i] = split[0] + "/" + split[1]
-		}
-	}
-	for i, u := range permission.Roles {
-		// u = organization/username
-		split := strings.Split(u, "/")
-		if split[0] == oldName {
-			split[0] = newName
-			permission.Roles[i] = split[0] + "/" + split[1]
-		}
-	}
-	permission.Owner = newName
-	_, err = session.Where("owner=?", oldName).Update(permission)
-	if err != nil {
-		return err
-	}
-
-	casbinAdapter := new(CasbinAdapter)
-	casbinAdapter.Owner = newName
-	casbinAdapter.Organization = newName
-	_, err = session.Where("owner=?", oldName).Update(casbinAdapter)
-	if err != nil {
-		return err
-	}
-
-	ldap := new(Ldap)
-	ldap.Owner = newName
-	_, err = session.Where("owner=?", oldName).Update(ldap)
-	if err != nil {
-		return err
-	}
-
-	model := new(Model)
-	model.Owner = newName
-	_, err = session.Where("owner=?", oldName).Update(model)
-	if err != nil {
-		return err
-	}
-
-	payment := new(Payment)
-	payment.Organization = newName
-	_, err = session.Where("organization=?", oldName).Update(payment)
-	if err != nil {
-		return err
-	}
-
-	record := new(Record)
-	record.Owner = newName
-	record.Organization = newName
-	_, err = session.Where("organization=?", oldName).Update(record)
-	if err != nil {
-		return err
-	}
-
-	resource := new(Resource)
-	resource.Owner = newName
-	_, err = session.Where("owner=?", oldName).Update(resource)
-	if err != nil {
-		return err
-	}
-
-	syncer := new(Syncer)
-	syncer.Organization = newName
-	_, err = session.Where("organization=?", oldName).Update(syncer)
-	if err != nil {
-		return err
-	}
-
-	token := new(Token)
-	token.Organization = newName
-	_, err = session.Where("organization=?", oldName).Update(token)
-	if err != nil {
-		return err
-	}
-
-	webhook := new(Webhook)
-	webhook.Organization = newName
-	_, err = session.Where("organization=?", oldName).Update(webhook)
-	if err != nil {
-		return err
-	}
-
-	return session.Commit()
+	return defaultApplication
 }

object/permission.go

@@ -111,27 +111,7 @@ func GetPermission(id string) *Permission {
 	return getPermission(owner, name)
 }
 
-// checkPermissionValid verifies if the permission is valid
-func checkPermissionValid(permission *Permission) {
-	enforcer := getEnforcer(permission)
-	enforcer.EnableAutoSave(false)
-	policies, groupingPolicies := getPolicies(permission)
-
-	if len(groupingPolicies) > 0 {
-		_, err := enforcer.AddGroupingPolicies(groupingPolicies)
-		if err != nil {
-			panic(err)
-		}
-	}
-
-	_, err := enforcer.AddPolicies(policies)
-	if err != nil {
-		panic(err)
-	}
-}
-
 func UpdatePermission(id string, permission *Permission) bool {
-	checkPermissionValid(permission)
 	owner, name := util.GetOwnerAndNameFromId(id)
 	oldPermission := getPermission(owner, name)
 	if oldPermission == nil {

object/permission_enforcer.go

@@ -19,7 +19,7 @@ import (
 
 	"github.com/casbin/casbin/v2"
 	"github.com/casbin/casbin/v2/model"
-	xormadapter "github.com/casbin/xorm-adapter/v3"
+	xormadapter "github.com/casbin/xorm-adapter/v2"
 	"github.com/casdoor/casdoor/conf"
 )
 
@@ -29,9 +29,7 @@ func getEnforcer(permission *Permission) *casbin.Enforcer {
 		tableName = permission.Adapter
 	}
 	tableNamePrefix := conf.GetConfigString("tableNamePrefix")
-	driverName := conf.GetConfigString("driverName")
-	dataSourceName := conf.GetConfigRealDataSourceName(driverName)
-	adapter, err := xormadapter.NewAdapterWithTableName(driverName, dataSourceName, tableName, tableNamePrefix, true)
+	adapter, err := xormadapter.NewAdapterWithTableName(conf.GetConfigString("driverName"), conf.GetConfigDataSourceName()+conf.GetConfigString("dbName"), tableName, tableNamePrefix, true)
 	if err != nil {
 		panic(err)
 	}
@@ -65,27 +63,22 @@ m = g(r.sub, p.sub) && r.obj == p.obj && r.act == p.act`
 		panic(err)
 	}
 
-	// load Policy with a specific Permission
-	enforcer.LoadFilteredPolicy(xormadapter.Filter{
-		V5: []string{permission.Owner + "/" + permission.Name},
-	})
 	return enforcer
 }
 
 func getPolicies(permission *Permission) ([][]string, [][]string) {
 	var policies [][]string
 	var groupingPolicies [][]string
-	permissionId := permission.Owner + "/" + permission.Name
 	domainExist := len(permission.Domains) > 0
 	for _, user := range permission.Users {
 		for _, resource := range permission.Resources {
 			for _, action := range permission.Actions {
 				if domainExist {
 					for _, domain := range permission.Domains {
-						policies = append(policies, []string{user, domain, resource, strings.ToLower(action), "", permissionId})
+						policies = append(policies, []string{user, domain, resource, strings.ToLower(action)})
 					}
 				} else {
-					policies = append(policies, []string{user, resource, strings.ToLower(action), "", "", permissionId})
+					policies = append(policies, []string{user, resource, strings.ToLower(action)})
 				}
 			}
 		}
@@ -95,29 +88,29 @@ func getPolicies(permission *Permission) ([][]string, [][]string) {
 		for _, subUser := range roleObj.Users {
 			if domainExist {
 				for _, domain := range permission.Domains {
-					groupingPolicies = append(groupingPolicies, []string{subUser, domain, role, "", "", permissionId})
+					groupingPolicies = append(groupingPolicies, []string{subUser, domain, role})
 				}
 			} else {
-				groupingPolicies = append(groupingPolicies, []string{subUser, role, "", "", "", permissionId})
+				groupingPolicies = append(groupingPolicies, []string{subUser, role})
 			}
 		}
 		for _, subRole := range roleObj.Roles {
 			if domainExist {
 				for _, domain := range permission.Domains {
-					groupingPolicies = append(groupingPolicies, []string{subRole, domain, role, "", "", permissionId})
+					groupingPolicies = append(groupingPolicies, []string{subRole, domain, role})
 				}
 			} else {
-				groupingPolicies = append(groupingPolicies, []string{subRole, role, "", "", "", permissionId})
+				groupingPolicies = append(groupingPolicies, []string{subRole, role})
 			}
 		}
 		for _, resource := range permission.Resources {
 			for _, action := range permission.Actions {
 				if domainExist {
 					for _, domain := range permission.Domains {
-						policies = append(policies, []string{role, domain, resource, strings.ToLower(action), "", permissionId})
+						policies = append(policies, []string{role, domain, resource, strings.ToLower(action)})
 					}
 				} else {
-					policies = append(policies, []string{role, resource, strings.ToLower(action), "", "", permissionId})
+					policies = append(policies, []string{role, resource, strings.ToLower(action)})
 				}
 			}
 		}
@@ -159,29 +152,20 @@ func removePolicies(permission *Permission) {
 	}
 }
 
-func Enforce(permissionRule *PermissionRule) bool {
+func Enforce(userId string, permissionRule *PermissionRule) bool {
 	permission := GetPermission(permissionRule.Id)
 	enforcer := getEnforcer(permission)
-
-	request := []interface{}{permissionRule.V0, permissionRule.V1, permissionRule.V2}
-	if permissionRule.V3 != "" {
-		request = append(request, permissionRule.V3)
-	}
-	allow, err := enforcer.Enforce(request...)
+	allow, err := enforcer.Enforce(userId, permissionRule.V1, permissionRule.V2)
 	if err != nil {
 		panic(err)
 	}
 	return allow
 }
 
-func BatchEnforce(permissionRules []PermissionRule) []bool {
+func BatchEnforce(userId string, permissionRules []PermissionRule) []bool {
 	var requests [][]interface{}
 	for _, permissionRule := range permissionRules {
-		if permissionRule.V3 != "" {
-			requests = append(requests, []interface{}{permissionRule.V0, permissionRule.V1, permissionRule.V2, permissionRule.V3})
-		} else {
-			requests = append(requests, []interface{}{permissionRule.V0, permissionRule.V1, permissionRule.V2})
-		}
+		requests = append(requests, []interface{}{userId, permissionRule.V1, permissionRule.V2})
 	}
 	permission := GetPermission(permissionRules[0].Id)
 	enforcer := getEnforcer(permission)

object/provider.go

@@ -17,7 +17,6 @@ package object
 import (
 	"fmt"
 
-	"github.com/casdoor/casdoor/i18n"
 	"github.com/casdoor/casdoor/pp"
 	"github.com/casdoor/casdoor/util"
 	"xorm.io/core"
@@ -25,7 +24,7 @@ import (
 
 type Provider struct {
 	Owner       string `xorm:"varchar(100) notnull pk" json:"owner"`
-	Name        string `xorm:"varchar(100) notnull pk unique" json:"name"`
+	Name        string `xorm:"varchar(100) notnull pk" json:"name"`
 	CreatedTime string `xorm:"varchar(100)" json:"createdTime"`
 
 	DisplayName       string `xorm:"varchar(100)" json:"displayName"`
@@ -46,9 +45,9 @@ type Provider struct {
 
 	Host       string `xorm:"varchar(100)" json:"host"`
 	Port       int    `json:"port"`
-	DisableSsl bool   `json:"disableSsl"` // If the provider type is WeChat, DisableSsl means EnableQRCode
+	DisableSsl bool   `json:"disableSsl"`
 	Title      string `xorm:"varchar(100)" json:"title"`
-	Content    string `xorm:"varchar(1000)" json:"content"` // If provider type is WeChat, Content means QRCode string by Base64 encoding
+	Content    string `xorm:"varchar(1000)" json:"content"`
 	Receiver   string `xorm:"varchar(100)" json:"receiver"`
 
 	RegionId     string `xorm:"varchar(100)" json:"regionId"`
@@ -60,7 +59,6 @@ type Provider struct {
 	IntranetEndpoint string `xorm:"varchar(100)" json:"intranetEndpoint"`
 	Domain           string `xorm:"varchar(100)" json:"domain"`
 	Bucket           string `xorm:"varchar(100)" json:"bucket"`
-	PathPrefix       string `xorm:"varchar(100)" json:"pathPrefix"`
 
 	Metadata               string `xorm:"mediumtext" json:"metadata"`
 	IdP                    string `xorm:"mediumtext" json:"idP"`
@@ -93,17 +91,7 @@ func GetMaskedProviders(providers []*Provider) []*Provider {
 }
 
 func GetProviderCount(owner, field, value string) int {
-	session := GetSession("", -1, -1, field, value, "", "")
-	count, err := session.Where("owner = ? or owner = ? ", "admin", owner).Count(&Provider{})
-	if err != nil {
-		panic(err)
-	}
-
-	return int(count)
-}
-
-func GetGlobalProviderCount(field, value string) int {
-	session := GetSession("", -1, -1, field, value, "", "")
+	session := GetSession(owner, -1, -1, field, value, "", "")
 	count, err := session.Count(&Provider{})
 	if err != nil {
 		panic(err)
@@ -114,17 +102,7 @@ func GetGlobalProviderCount(field, value string) int {
 
 func GetProviders(owner string) []*Provider {
 	providers := []*Provider{}
-	err := adapter.Engine.Where("owner = ? or owner = ? ", "admin", owner).Desc("created_time").Find(&providers, &Provider{})
-	if err != nil {
-		panic(err)
-	}
-
-	return providers
-}
-
-func GetGlobalProviders() []*Provider {
-	providers := []*Provider{}
-	err := adapter.Engine.Desc("created_time").Find(&providers)
+	err := adapter.Engine.Desc("created_time").Find(&providers, &Provider{Owner: owner})
 	if err != nil {
 		panic(err)
 	}
@@ -134,18 +112,7 @@ func GetGlobalProviders() []*Provider {
 
 func GetPaginationProviders(owner string, offset, limit int, field, value, sortField, sortOrder string) []*Provider {
 	providers := []*Provider{}
-	session := GetSession("", offset, limit, field, value, sortField, sortOrder)
-	err := session.Where("owner = ? or owner = ? ", "admin", owner).Find(&providers)
-	if err != nil {
-		panic(err)
-	}
-
-	return providers
-}
-
-func GetPaginationGlobalProviders(offset, limit int, field, value, sortField, sortOrder string) []*Provider {
-	providers := []*Provider{}
-	session := GetSession("", offset, limit, field, value, sortField, sortOrder)
+	session := GetSession(owner, offset, limit, field, value, sortField, sortOrder)
 	err := session.Find(&providers)
 	if err != nil {
 		panic(err)
@@ -159,7 +126,7 @@ func getProvider(owner string, name string) *Provider {
 		return nil
 	}
 
-	provider := Provider{Name: name}
+	provider := Provider{Owner: owner, Name: name}
 	existed, err := adapter.Engine.Get(&provider)
 	if err != nil {
 		panic(err)
@@ -207,13 +174,6 @@ func UpdateProvider(id string, provider *Provider) bool {
 		return false
 	}
 
-	if name != provider.Name {
-		err := providerChangeTrigger(name, provider.Name)
-		if err != nil {
-			return false
-		}
-	}
-
 	session := adapter.Engine.ID(core.PK{owner, name}).AllCols()
 	if provider.ClientSecret == "***" {
 		session = session.Omit("client_secret")
@@ -268,7 +228,7 @@ func (p *Provider) GetId() string {
 	return fmt.Sprintf("%s/%s", p.Owner, p.Name)
 }
 
-func GetCaptchaProviderByOwnerName(applicationId, lang string) (*Provider, error) {
+func GetCaptchaProviderByOwnerName(applicationId string) (*Provider, error) {
 	owner, name := util.GetOwnerAndNameFromId(applicationId)
 	provider := Provider{Owner: owner, Name: name, Category: "Captcha"}
 	existed, err := adapter.Engine.Get(&provider)
@@ -277,65 +237,27 @@ func GetCaptchaProviderByOwnerName(applicationId, lang string) (*Provider, error
 	}
 
 	if !existed {
-		return nil, fmt.Errorf(i18n.Translate(lang, "ProviderErr.DoNotExist"), applicationId)
+		return nil, fmt.Errorf("the provider: %s does not exist", applicationId)
 	}
 
 	return &provider, nil
 }
 
-func GetCaptchaProviderByApplication(applicationId, isCurrentProvider, lang string) (*Provider, error) {
+func GetCaptchaProviderByApplication(applicationId, isCurrentProvider string) (*Provider, error) {
 	if isCurrentProvider == "true" {
-		return GetCaptchaProviderByOwnerName(applicationId, lang)
+		return GetCaptchaProviderByOwnerName(applicationId)
 	}
 	application := GetApplication(applicationId)
 	if application == nil || len(application.Providers) == 0 {
-		return nil, fmt.Errorf(i18n.Translate(lang, "ApplicationErr.InvalidID"))
+		return nil, fmt.Errorf("invalid application id")
 	}
 	for _, provider := range application.Providers {
 		if provider.Provider == nil {
 			continue
 		}
 		if provider.Provider.Category == "Captcha" {
-			return GetCaptchaProviderByOwnerName(fmt.Sprintf("%s/%s", provider.Provider.Owner, provider.Provider.Name), lang)
+			return GetCaptchaProviderByOwnerName(fmt.Sprintf("%s/%s", provider.Provider.Owner, provider.Provider.Name))
 		}
 	}
 	return nil, nil
 }
-
-func providerChangeTrigger(oldName string, newName string) error {
-	session := adapter.Engine.NewSession()
-	defer session.Close()
-
-	err := session.Begin()
-	if err != nil {
-		return err
-	}
-
-	var applications []*Application
-	err = adapter.Engine.Find(&applications)
-	if err != nil {
-		return err
-	}
-	for i := 0; i < len(applications); i++ {
-		providers := applications[i].Providers
-		for j := 0; j < len(providers); j++ {
-			if providers[j].Name == oldName {
-				providers[j].Name = newName
-			}
-		}
-		applications[i].Providers = providers
-		_, err = session.Where("name=?", applications[i].Name).Update(applications[i])
-		if err != nil {
-			return err
-		}
-	}
-
-	resource := new(Resource)
-	resource.Provider = newName
-	_, err = session.Where("provider=?", oldName).Update(resource)
-	if err != nil {
-		return err
-	}
-
-	return session.Commit()
-}

object/provider_item.go

@@ -15,15 +15,12 @@
 package object
 
 type ProviderItem struct {
-	Owner string `json:"owner"`
 	Name      string    `json:"name"`
-
 	CanSignUp bool      `json:"canSignUp"`
 	CanSignIn bool      `json:"canSignIn"`
 	CanUnlink bool      `json:"canUnlink"`
 	Prompted  bool      `json:"prompted"`
 	AlertType string    `json:"alertType"`
-	Rule      string    `json:"rule"`
 	Provider  *Provider `json:"provider"`
 }
 

object/record.go

@@ -18,7 +18,7 @@ import (
 	"fmt"
 	"strings"
 
-	"github.com/beego/beego/context"
+	"github.com/astaxie/beego/context"
 	"github.com/casdoor/casdoor/conf"
 	"github.com/casdoor/casdoor/util"
 )

object/resource.go

@@ -23,7 +23,7 @@ import (
 
 type Resource struct {
 	Owner       string `xorm:"varchar(100) notnull pk" json:"owner"`
-	Name        string `xorm:"varchar(100) notnull pk" json:"name"`
+	Name        string `xorm:"varchar(250) notnull pk" json:"name"`
 	CreatedTime string `xorm:"varchar(100)" json:"createdTime"`
 
 	User        string `xorm:"varchar(100)" json:"user"`
@@ -31,12 +31,12 @@ type Resource struct {
 	Application string `xorm:"varchar(100)" json:"application"`
 	Tag         string `xorm:"varchar(100)" json:"tag"`
 	Parent      string `xorm:"varchar(100)" json:"parent"`
-	FileName    string `xorm:"varchar(255)" json:"fileName"`
+	FileName    string `xorm:"varchar(1000)" json:"fileName"`
 	FileType    string `xorm:"varchar(100)" json:"fileType"`
 	FileFormat  string `xorm:"varchar(100)" json:"fileFormat"`
 	FileSize    int    `json:"fileSize"`
-	Url         string `xorm:"varchar(255)" json:"url"`
-	Description string `xorm:"varchar(255)" json:"description"`
+	Url         string `xorm:"varchar(1000)" json:"url"`
+	Description string `xorm:"varchar(1000)" json:"description"`
 }
 
 func GetResourceCount(owner, user, field, value string) int {

object/role.go

@@ -16,7 +16,6 @@ package object
 
 import (
 	"fmt"
-	"strings"
 
 	"github.com/casdoor/casdoor/util"
 	"xorm.io/core"
@@ -95,13 +94,6 @@ func UpdateRole(id string, role *Role) bool {
 		return false
 	}
 
-	if name != role.Name {
-		err := roleChangeTrigger(name, role.Name)
-		if err != nil {
-			return false
-		}
-	}
-
 	affected, err := adapter.Engine.ID(core.PK{owner, name}).AllCols().Update(role)
 	if err != nil {
 		panic(err)
@@ -141,54 +133,3 @@ func GetRolesByUser(userId string) []*Role {
 
 	return roles
 }
-
-func roleChangeTrigger(oldName string, newName string) error {
-	session := adapter.Engine.NewSession()
-	defer session.Close()
-
-	err := session.Begin()
-	if err != nil {
-		return err
-	}
-
-	var roles []*Role
-	err = adapter.Engine.Find(&roles)
-	if err != nil {
-		return err
-	}
-	for _, role := range roles {
-		for j, u := range role.Roles {
-			split := strings.Split(u, "/")
-			if split[1] == oldName {
-				split[1] = newName
-				role.Roles[j] = split[0] + "/" + split[1]
-			}
-		}
-		_, err = session.Where("name=?", role.Name).Update(role)
-		if err != nil {
-			return err
-		}
-	}
-
-	var permissions []*Permission
-	err = adapter.Engine.Find(&permissions)
-	if err != nil {
-		return err
-	}
-	for _, permission := range permissions {
-		for j, u := range permission.Roles {
-			// u = organization/username
-			split := strings.Split(u, "/")
-			if split[1] == oldName {
-				split[1] = newName
-				permission.Roles[j] = split[0] + "/" + split[1]
-			}
-		}
-		_, err = session.Where("name=?", permission.Name).Update(permission)
-		if err != nil {
-			return err
-		}
-	}
-
-	return session.Commit()
-}

object/saml_sp.go

@@ -24,7 +24,6 @@ import (
 	"strings"
 
 	"github.com/casdoor/casdoor/conf"
-	"github.com/casdoor/casdoor/i18n"
 	saml2 "github.com/russellhaering/gosaml2"
 	dsig "github.com/russellhaering/goxmldsig"
 )
@@ -42,10 +41,10 @@ func ParseSamlResponse(samlResponse string, providerType string) (string, error)
 	return assertionInfo.NameID, nil
 }
 
-func GenerateSamlLoginUrl(id, relayState, lang string) (string, string, error) {
+func GenerateSamlLoginUrl(id, relayState string) (string, string, error) {
 	provider := GetProvider(id)
 	if provider.Category != "SAML" {
-		return "", "", fmt.Errorf(i18n.Translate(lang, "ProviderErr.CategoryNotSAML"), provider.Name)
+		return "", "", fmt.Errorf("provider %s's category is not SAML", provider.Name)
 	}
 	sp, err := buildSp(provider, "")
 	if err != nil {

object/storage.go

@@ -21,7 +21,6 @@ import (
 	"strings"
 
 	"github.com/casdoor/casdoor/conf"
-	"github.com/casdoor/casdoor/i18n"
 	"github.com/casdoor/casdoor/storage"
 	"github.com/casdoor/casdoor/util"
 )
@@ -54,8 +53,8 @@ func escapePath(path string) string {
 	return res
 }
 
-func GetUploadFileUrl(provider *Provider, fullFilePath string, hasTimestamp bool) (string, string) {
-	escapedPath := util.UrlJoin(provider.PathPrefix, escapePath(fullFilePath))
+func getUploadFileUrl(provider *Provider, fullFilePath string, hasTimestamp bool) (string, string) {
+	escapedPath := escapePath(fullFilePath)
 	objectKey := util.UrlJoin(util.GetUrlPath(provider.Domain), escapedPath)
 
 	host := ""
@@ -70,7 +69,7 @@ func GetUploadFileUrl(provider *Provider, fullFilePath string, hasTimestamp bool
 		host = util.UrlJoin(provider.Domain, "/files")
 	}
 	if provider.Type == "Azure Blob" {
-		host = util.UrlJoin(host, provider.Bucket)
+		host = fmt.Sprintf("%s/%s", host, provider.Bucket)
 	}
 
 	fileUrl := util.UrlJoin(host, escapePath(objectKey))
@@ -93,7 +92,7 @@ func uploadFile(provider *Provider, fullFilePath string, fileBuffer *bytes.Buffe
 		UpdateProvider(provider.GetId(), provider)
 	}
 
-	fileUrl, objectKey := GetUploadFileUrl(provider, fullFilePath, true)
+	fileUrl, objectKey := getUploadFileUrl(provider, fullFilePath, true)
 
 	_, err := storageProvider.Put(objectKey, fileBuffer)
 	if err != nil {
@@ -127,16 +126,11 @@ func UploadFileSafe(provider *Provider, fullFilePath string, fileBuffer *bytes.B
 	return fileUrl, objectKey, nil
 }
 
-func DeleteFile(provider *Provider, objectKey string, lang string) error {
-	// check fullFilePath is there security issue
-	if strings.Contains(objectKey, "..") {
-		return fmt.Errorf(i18n.Translate(lang, "StorageErr.ObjectKeyNotAllowed"), objectKey)
-	}
-
+func DeleteFile(provider *Provider, objectKey string) error {
 	endpoint := getProviderEndpoint(provider)
 	storageProvider := storage.GetStorageProvider(provider.Type, provider.ClientId, provider.ClientSecret, provider.RegionId, provider.Bucket, endpoint)
 	if storageProvider == nil {
-		return fmt.Errorf(i18n.Translate(lang, "ProviderErr.ProviderNotSupported"), provider.Type)
+		return fmt.Errorf("the provider type: %s is not supported", provider.Type)
 	}
 
 	if provider.Domain == "" {

object/syncer_user.go

@@ -37,16 +37,7 @@ func (syncer *Syncer) getOriginalUsers() ([]*OriginalUser, error) {
 		return nil, err
 	}
 
-	// Memory leak problem handling
-	// https://github.com/casdoor/casdoor/issues/1256
-	users := syncer.getOriginalUsersFromMap(results)
-	for _, m := range results {
-		for k := range m {
-			delete(m, k)
-		}
-	}
-
-	return users, nil
+	return syncer.getOriginalUsersFromMap(results), nil
 }
 
 func (syncer *Syncer) getOriginalUserMap() ([]*OriginalUser, map[string]*OriginalUser, error) {
@@ -129,7 +120,7 @@ func (syncer *Syncer) updateUserForOriginalFields(user *User) (bool, error) {
 	}
 
 	if user.Avatar != oldUser.Avatar && user.Avatar != "" {
-		user.PermanentAvatar = getPermanentAvatarUrl(user.Owner, user.Name, user.Avatar, true)
+		user.PermanentAvatar = getPermanentAvatarUrl(user.Owner, user.Name, user.Avatar)
 	}
 
 	columns := syncer.getCasdoorColumns()

object/token.go

@@ -21,7 +21,6 @@ import (
 	"strings"
 	"time"
 
-	"github.com/casdoor/casdoor/i18n"
 	"github.com/casdoor/casdoor/idp"
 	"github.com/casdoor/casdoor/util"
 	"xorm.io/core"
@@ -239,14 +238,14 @@ func GetTokenByTokenAndApplication(token string, application string) *Token {
 	return &tokenResult
 }
 
-func CheckOAuthLogin(clientId string, responseType string, redirectUri string, scope string, state string, lang string) (string, *Application) {
+func CheckOAuthLogin(clientId string, responseType string, redirectUri string, scope string, state string) (string, *Application) {
 	if responseType != "code" && responseType != "token" && responseType != "id_token" {
-		return fmt.Sprintf(i18n.Translate(lang, "ApplicationErr.GrantTypeNotSupport"), responseType), nil
+		return fmt.Sprintf("error: grant_type: %s is not supported in this application", responseType), nil
 	}
 
 	application := GetApplicationByClientId(clientId)
 	if application == nil {
-		return i18n.Translate(lang, "TokenErr.InvalidClientId"), nil
+		return "Invalid client_id", nil
 	}
 
 	validUri := false
@@ -257,7 +256,7 @@ func CheckOAuthLogin(clientId string, responseType string, redirectUri string, s
 		}
 	}
 	if !validUri {
-		return fmt.Sprintf(i18n.Translate(lang, "TokenErr.RedirectURIDoNotExist"), redirectUri), application
+		return fmt.Sprintf("Redirect URI: \"%s\" doesn't exist in the allowed Redirect URI list", redirectUri), application
 	}
 
 	// Mask application for /api/get-app-login
@@ -265,7 +264,7 @@ func CheckOAuthLogin(clientId string, responseType string, redirectUri string, s
 	return "", application
 }
 
-func GetOAuthCode(userId string, clientId string, responseType string, redirectUri string, scope string, state string, nonce string, challenge string, host string, lang string) *Code {
+func GetOAuthCode(userId string, clientId string, responseType string, redirectUri string, scope string, state string, nonce string, challenge string, host string) *Code {
 	user := GetUser(userId)
 	if user == nil {
 		return &Code{
@@ -280,7 +279,7 @@ func GetOAuthCode(userId string, clientId string, responseType string, redirectU
 		}
 	}
 
-	msg, application := CheckOAuthLogin(clientId, responseType, redirectUri, scope, state, lang)
+	msg, application := CheckOAuthLogin(clientId, responseType, redirectUri, scope, state)
 	if msg != "" {
 		return &Code{
 			Message: msg,
@@ -323,7 +322,7 @@ func GetOAuthCode(userId string, clientId string, responseType string, redirectU
 	}
 }
 
-func GetOAuthToken(grantType string, clientId string, clientSecret string, code string, verifier string, scope string, username string, password string, host string, tag string, avatar string, lang string) interface{} {
+func GetOAuthToken(grantType string, clientId string, clientSecret string, code string, verifier string, scope string, username string, password string, host string, tag string, avatar string) interface{} {
 	application := GetApplicationByClientId(clientId)
 	if application == nil {
 		return &TokenError{
@@ -354,7 +353,7 @@ func GetOAuthToken(grantType string, clientId string, clientSecret string, code
 
 	if tag == "wechat_miniprogram" {
 		// Wechat Mini Program
-		token, tokenError = GetWechatMiniProgramToken(application, code, host, username, avatar, lang)
+		token, tokenError = GetWechatMiniProgramToken(application, code, host, username, avatar)
 	}
 
 	if tokenError != nil {
@@ -560,7 +559,7 @@ func GetPasswordToken(application *Application, username string, password string
 			ErrorDescription: "the user does not exist",
 		}
 	}
-	msg := CheckPassword(user, password, "en")
+	msg := CheckPassword(user, password)
 	if msg != "" {
 		return nil, &TokenError{
 			Error:            InvalidGrant,
@@ -670,7 +669,7 @@ func GetTokenByUser(application *Application, user *User, scope string, host str
 
 // GetWechatMiniProgramToken
 // Wechat Mini Program flow
-func GetWechatMiniProgramToken(application *Application, code string, host string, username string, avatar string, lang string) (*Token, *TokenError) {
+func GetWechatMiniProgramToken(application *Application, code string, host string, username string, avatar string) (*Token, *TokenError) {
 	mpProvider := GetWechatMiniProgramProvider(application)
 	if mpProvider == nil {
 		return nil, &TokenError{
@@ -678,7 +677,7 @@ func GetWechatMiniProgramToken(application *Application, code string, host strin
 			ErrorDescription: "the application does not support wechat mini program",
 		}
 	}
-	provider := GetProvider(util.GetId("admin", mpProvider.Name))
+	provider := GetProvider(util.GetId(mpProvider.Name))
 	mpIdp := idp.NewWeChatMiniProgramIdProvider(provider.ClientId, provider.ClientSecret)
 	session, err := mpIdp.GetSessionByCode(code)
 	if err != nil {
@@ -704,7 +703,7 @@ func GetWechatMiniProgramToken(application *Application, code string, host strin
 		}
 		// Add new user
 		var name string
-		if CheckUsername(username, lang) == "" {
+		if username != "" {
 			name = username
 		} else {
 			name = fmt.Sprintf("wechat-%s", openId)

object/token_jwt.go

@@ -24,7 +24,6 @@ import (
 
 type Claims struct {
 	*User
-	TokenType string `json:"tokenType,omitempty"`
 	Nonce string `json:"nonce,omitempty"`
 	Tag   string `json:"tag,omitempty"`
 	Scope string `json:"scope,omitempty"`
@@ -38,7 +37,6 @@ type UserShort struct {
 
 type ClaimsShort struct {
 	*UserShort
-	TokenType string `json:"tokenType,omitempty"`
 	Nonce string `json:"nonce,omitempty"`
 	Scope string `json:"scope,omitempty"`
 	jwt.RegisteredClaims
@@ -55,7 +53,6 @@ func getShortUser(user *User) *UserShort {
 func getShortClaims(claims Claims) ClaimsShort {
 	res := ClaimsShort{
 		UserShort:        getShortUser(claims.User),
-		TokenType:        claims.TokenType,
 		Nonce:            claims.Nonce,
 		Scope:            claims.Scope,
 		RegisteredClaims: claims.RegisteredClaims,
@@ -76,7 +73,6 @@ func generateJwtToken(application *Application, user *User, nonce string, scope
 
 	claims := Claims{
 		User:  user,
-		TokenType: "access-token",
 		Nonce: nonce,
 		// FIXME: A workaround for custom claim by reusing `tag` in user info
 		Tag:   user.Tag,
@@ -101,12 +97,10 @@ func generateJwtToken(application *Application, user *User, nonce string, scope
 
 		token = jwt.NewWithClaims(jwt.SigningMethodRS256, claimsShort)
 		claimsShort.ExpiresAt = jwt.NewNumericDate(refreshExpireTime)
-		claimsShort.TokenType = "refresh-token"
 		refreshToken = jwt.NewWithClaims(jwt.SigningMethodRS256, claimsShort)
 	} else {
 		token = jwt.NewWithClaims(jwt.SigningMethodRS256, claims)
 		claims.ExpiresAt = jwt.NewNumericDate(refreshExpireTime)
-		claims.TokenType = "refresh-token"
 		refreshToken = jwt.NewWithClaims(jwt.SigningMethodRS256, claims)
 	}
 

object/token_jwt_key.go

@@ -37,7 +37,7 @@ func generateRsaKeys(bitSize int, expireInYears int, commonName string, organiza
 	// Encode private key to PKCS#1 ASN.1 PEM.
 	privateKeyPem := pem.EncodeToMemory(
 		&pem.Block{
-			Type:  "RSA PRIVATE KEY",
+			Type:  "PRIVATE KEY",
 			Bytes: x509.MarshalPKCS1PrivateKey(key),
 		},
 	)

object/user.go

@@ -380,20 +380,13 @@ func UpdateUser(id string, user *User, columns []string, isGlobalAdmin bool) boo
 		return false
 	}
 
-	if name != user.Name {
-		err := userChangeTrigger(name, user.Name)
-		if err != nil {
-			return false
-		}
-	}
-
 	if user.Password == "***" {
 		user.Password = oldUser.Password
 	}
 	user.UpdateUserHash()
 
 	if user.Avatar != oldUser.Avatar && user.Avatar != "" && user.PermanentAvatar != "*" {
-		user.PermanentAvatar = getPermanentAvatarUrl(user.Owner, user.Name, user.Avatar, false)
+		user.PermanentAvatar = getPermanentAvatarUrl(user.Owner, user.Name, user.Avatar)
 	}
 
 	if len(columns) == 0 {
@@ -423,17 +416,10 @@ func UpdateUserForAllFields(id string, user *User) bool {
 		return false
 	}
 
-	if name != user.Name {
-		err := userChangeTrigger(name, user.Name)
-		if err != nil {
-			return false
-		}
-	}
-
 	user.UpdateUserHash()
 
 	if user.Avatar != oldUser.Avatar && user.Avatar != "" {
-		user.PermanentAvatar = getPermanentAvatarUrl(user.Owner, user.Name, user.Avatar, false)
+		user.PermanentAvatar = getPermanentAvatarUrl(user.Owner, user.Name, user.Avatar)
 	}
 
 	affected, err := adapter.Engine.ID(core.PK{owner, name}).AllCols().Update(user)
@@ -463,7 +449,7 @@ func AddUser(user *User) bool {
 	user.UpdateUserHash()
 	user.PreHash = user.Hash
 
-	user.PermanentAvatar = getPermanentAvatarUrl(user.Owner, user.Name, user.Avatar, false)
+	user.PermanentAvatar = getPermanentAvatarUrl(user.Owner, user.Name, user.Avatar)
 
 	user.Ranking = GetUserCount(user.Owner, "", "") + 1
 
@@ -488,7 +474,7 @@ func AddUsers(users []*User) bool {
 		user.UpdateUserHash()
 		user.PreHash = user.Hash
 
-		user.PermanentAvatar = getPermanentAvatarUrl(user.Owner, user.Name, user.Avatar, true)
+		user.PermanentAvatar = getPermanentAvatarUrl(user.Owner, user.Name, user.Avatar)
 	}
 
 	affected, err := adapter.Engine.Insert(users)
@@ -581,62 +567,3 @@ func ExtendUserWithRolesAndPermissions(user *User) {
 	user.Roles = GetRolesByUser(user.GetId())
 	user.Permissions = GetPermissionsByUser(user.GetId())
 }
-
-func userChangeTrigger(oldName string, newName string) error {
-	session := adapter.Engine.NewSession()
-	defer session.Close()
-
-	err := session.Begin()
-	if err != nil {
-		return err
-	}
-
-	var roles []*Role
-	err = adapter.Engine.Find(&roles)
-	if err != nil {
-		return err
-	}
-	for _, role := range roles {
-		for j, u := range role.Users {
-			// u = organization/username
-			split := strings.Split(u, "/")
-			if split[1] == oldName {
-				split[1] = newName
-				role.Users[j] = split[0] + "/" + split[1]
-			}
-		}
-		_, err = session.Where("name=?", role.Name).Update(role)
-		if err != nil {
-			return err
-		}
-	}
-
-	var permissions []*Permission
-	err = adapter.Engine.Find(&permissions)
-	if err != nil {
-		return err
-	}
-	for _, permission := range permissions {
-		for j, u := range permission.Users {
-			// u = organization/username
-			split := strings.Split(u, "/")
-			if split[1] == oldName {
-				split[1] = newName
-				permission.Users[j] = split[0] + "/" + split[1]
-			}
-		}
-		_, err = session.Where("name=?", permission.Name).Update(permission)
-		if err != nil {
-			return err
-		}
-	}
-
-	resource := new(Resource)
-	resource.User = newName
-	_, err = session.Where("user=?", oldName).Update(resource)
-	if err != nil {
-		return err
-	}
-
-	return session.Commit()
-}

object/verification.go

@@ -21,7 +21,6 @@ import (
 	"time"
 
 	"github.com/casdoor/casdoor/conf"
-	"github.com/casdoor/casdoor/i18n"
 	"github.com/casdoor/casdoor/util"
 	"xorm.io/core"
 )
@@ -41,7 +40,38 @@ type VerificationRecord struct {
 	IsUsed     bool
 }
 
-func IsAllowSend(user *User, remoteAddr, recordType string) error {
+func SendVerificationCodeToEmail(organization *Organization, user *User, provider *Provider, remoteAddr string, dest string) error {
+	if provider == nil {
+		return fmt.Errorf("please set an Email provider first")
+	}
+
+	sender := organization.DisplayName
+	title := provider.Title
+	code := getRandomCode(6)
+	// "You have requested a verification code at Casdoor. Here is your code: %s, please enter in 5 minutes."
+	content := fmt.Sprintf(provider.Content, code)
+
+	if err := SendEmail(provider, title, content, dest, sender); err != nil {
+		return err
+	}
+
+	return AddToVerificationRecord(user, provider, remoteAddr, provider.Category, dest, code)
+}
+
+func SendVerificationCodeToPhone(organization *Organization, user *User, provider *Provider, remoteAddr string, dest string) error {
+	if provider == nil {
+		return errors.New("please set a SMS provider first")
+	}
+
+	code := getRandomCode(6)
+	if err := SendSms(provider, code, dest); err != nil {
+		return err
+	}
+
+	return AddToVerificationRecord(user, provider, remoteAddr, provider.Category, dest, code)
+}
+
+func AddToVerificationRecord(user *User, provider *Provider, remoteAddr, recordType, dest, code string) error {
 	var record VerificationRecord
 	record.RemoteAddr = remoteAddr
 	record.Type = recordType
@@ -58,63 +88,6 @@ func IsAllowSend(user *User, remoteAddr, recordType string) error {
 		return errors.New("you can only send one code in 60s")
 	}
 
-	return nil
-}
-
-func SendVerificationCodeToEmail(organization *Organization, user *User, provider *Provider, remoteAddr string, dest string) error {
-	if provider == nil {
-		return fmt.Errorf("please set an Email provider first")
-	}
-
-	sender := organization.DisplayName
-	title := provider.Title
-	code := getRandomCode(6)
-	// "You have requested a verification code at Casdoor. Here is your code: %s, please enter in 5 minutes."
-	content := fmt.Sprintf(provider.Content, code)
-
-	if err := IsAllowSend(user, remoteAddr, provider.Category); err != nil {
-		return err
-	}
-
-	if err := SendEmail(provider, title, content, dest, sender); err != nil {
-		return err
-	}
-
-	if err := AddToVerificationRecord(user, provider, remoteAddr, provider.Category, dest, code); err != nil {
-		return err
-	}
-
-	return nil
-}
-
-func SendVerificationCodeToPhone(organization *Organization, user *User, provider *Provider, remoteAddr string, dest string) error {
-	if provider == nil {
-		return errors.New("please set a SMS provider first")
-	}
-
-	if err := IsAllowSend(user, remoteAddr, provider.Category); err != nil {
-		return err
-	}
-
-	code := getRandomCode(6)
-	if err := SendSms(provider, code, dest); err != nil {
-		return err
-	}
-
-	if err := AddToVerificationRecord(user, provider, remoteAddr, provider.Category, dest, code); err != nil {
-		return err
-	}
-
-	return nil
-}
-
-func AddToVerificationRecord(user *User, provider *Provider, remoteAddr, recordType, dest, code string) error {
-	var record VerificationRecord
-	record.RemoteAddr = remoteAddr
-	record.Type = recordType
-	if user != nil {
-		record.User = user.GetId()
-	}
 	record.Owner = provider.Owner
 	record.Name = util.GenerateId()
 	record.CreatedTime = util.GetCurrentTime()
@@ -125,10 +98,10 @@ func AddToVerificationRecord(user *User, provider *Provider, remoteAddr, recordT
 
 	record.Receiver = dest
 	record.Code = code
-	record.Time = time.Now().Unix()
+	record.Time = now
 	record.IsUsed = false
 
-	_, err := adapter.Engine.Insert(record)
+	_, err = adapter.Engine.Insert(record)
 	if err != nil {
 		return err
 	}
@@ -149,11 +122,11 @@ func getVerificationRecord(dest string) *VerificationRecord {
 	return &record
 }
 
-func CheckVerificationCode(dest, code, lang string) string {
+func CheckVerificationCode(dest, code string) string {
 	record := getVerificationRecord(dest)
 
 	if record == nil {
-		return i18n.Translate(lang, "PhoneErr.CodeNotSent")
+		return "Code has not been sent yet!"
 	}
 
 	timeout, err := conf.GetConfigInt64("verificationCodeTimeout")
@@ -163,7 +136,7 @@ func CheckVerificationCode(dest, code, lang string) string {
 
 	now := time.Now().Unix()
 	if now-record.Time > timeout*60 {
-		return fmt.Sprintf(i18n.Translate(lang, "PhoneErr.CodeTimeOut"), timeout)
+		return fmt.Sprintf("You should verify your code in %d min!", timeout)
 	}
 
 	if record.Code != code {
@@ -186,7 +159,7 @@ func DisableVerificationCode(dest string) {
 	}
 }
 
-// From Casnode/object/validateCode.go line 116
+// from Casnode/object/validateCode.go line 116
 var stdNums = []byte("0123456789")
 
 func getRandomCode(length int) string {

object/webhook.go

@@ -37,7 +37,7 @@ type Webhook struct {
 	Method         string    `xorm:"varchar(100)" json:"method"`
 	ContentType    string    `xorm:"varchar(100)" json:"contentType"`
 	Headers        []*Header `xorm:"mediumtext" json:"headers"`
-	Events         []string  `xorm:"varchar(1000)" json:"events"`
+	Events         []string  `xorm:"varchar(100)" json:"events"`
 	IsUserExtended bool      `json:"isUserExtended"`
 	IsEnabled      bool      `json:"isEnabled"`
 }

routers/authz_filter.go

@@ -20,7 +20,7 @@ import (
 	"net/http"
 	"strings"
 
-	"github.com/beego/beego/context"
+	"github.com/astaxie/beego/context"
 	"github.com/casdoor/casdoor/authz"
 	"github.com/casdoor/casdoor/util"
 )
@@ -63,16 +63,11 @@ func getObject(ctx *context.Context) (string, string) {
 	if method == http.MethodGet {
 		// query == "?id=built-in/admin"
 		id := ctx.Input.Query("id")
-		if id != "" {
-			return util.GetOwnerAndNameFromId(id)
-		}
-
-		owner := ctx.Input.Query("owner")
-		if owner != "" {
-			return owner, ""
-		}
-
+		if id == "" {
 			return "", ""
+		}
+
+		return util.GetOwnerAndNameFromId(id)
 	} else {
 		body := ctx.Input.RequestBody
 

routers/auto_signin_filter.go

@@ -17,7 +17,7 @@ package routers
 import (
 	"fmt"
 
-	"github.com/beego/beego/context"
+	"github.com/astaxie/beego/context"
 	"github.com/casdoor/casdoor/object"
 	"github.com/casdoor/casdoor/util"
 )
@@ -62,7 +62,7 @@ func AutoSigninFilter(ctx *context.Context) {
 	password := ctx.Input.Query("password")
 	if userId != "" && password != "" && ctx.Input.Query("grant_type") == "" {
 		owner, name := util.GetOwnerAndNameFromId(userId)
-		_, msg := object.CheckUserPassword(owner, name, password, "en")
+		_, msg := object.CheckUserPassword(owner, name, password)
 		if msg != "" {
 			responseError(ctx, msg)
 			return

routers/base.go

@@ -18,7 +18,7 @@ import (
 	"fmt"
 	"strings"
 
-	"github.com/beego/beego/context"
+	"github.com/astaxie/beego/context"
 	"github.com/casdoor/casdoor/object"
 	"github.com/casdoor/casdoor/util"
 )

routers/cors_filter.go

@@ -17,7 +17,7 @@ package routers
 import (
 	"net/http"
 
-	"github.com/beego/beego/context"
+	"github.com/astaxie/beego/context"
 	"github.com/casdoor/casdoor/conf"
 	"github.com/casdoor/casdoor/object"
 )

routers/record.go

@@ -17,7 +17,7 @@ package routers
 import (
 	"fmt"
 
-	"github.com/beego/beego/context"
+	"github.com/astaxie/beego/context"
 	"github.com/casdoor/casdoor/object"
 	"github.com/casdoor/casdoor/util"
 )