MCPcopy
hub / github.com/gotify/server / CreateUser

Method CreateUser

api/user.go:168–219  ·  view source on GitHub ↗

CreateUser create a user. swagger:operation POST /user user createUser Create a user. With enabled registration: non admin users can be created without authentication. With disabled registrations: users can only be created by admin users. --- consumes: [application/json] produces: [application

(ctx *gin.Context)

Source from the content-addressed store, hash-verified

166// schema:
167// $ref: "#/definitions/Error"
168func (a *UserAPI) CreateUser(ctx *gin.Context) {
169 user := model.CreateUserExternal{}
170 if err := ctx.Bind(&user); err == nil {
171 internal := &model.User{
172 Name: user.Name,
173 Admin: user.Admin,
174 Pass: password.CreatePassword(user.Pass, a.PasswordStrength),
175 }
176 existingUser, err := a.DB.GetUserByName(internal.Name)
177 if success := successOrAbort(ctx, 500, err); !success {
178 return
179 }
180
181 var requestedBy *model.User
182 uid := auth.TryGetUserID(ctx)
183 if uid != nil {
184 requestedBy, err = a.DB.GetUserByID(*uid)
185 if err != nil {
186 ctx.AbortWithError(http.StatusInternalServerError, fmt.Errorf("could not get user: %s", err))
187 return
188 }
189 }
190
191 if requestedBy == nil || !requestedBy.Admin {
192 status := http.StatusUnauthorized
193 if requestedBy != nil {
194 status = http.StatusForbidden
195 }
196 if !a.Registration {
197 ctx.AbortWithError(status, errors.New("you are not allowed to access this api"))
198 return
199 }
200 if internal.Admin {
201 ctx.AbortWithError(status, errors.New("you are not allowed to create an admin user"))
202 return
203 }
204 }
205
206 if existingUser == nil {
207 if success := successOrAbort(ctx, 500, a.DB.CreateUser(internal)); !success {
208 return
209 }
210 if err := a.UserChangeNotifier.fireUserAdded(internal.ID); err != nil {
211 ctx.AbortWithError(500, err)
212 return
213 }
214 ctx.JSON(200, toExternalUser(internal))
215 } else {
216 ctx.AbortWithError(400, errors.New("username already exists"))
217 }
218 }
219}
220
221// GetUserByID returns the user by id
222// swagger:operation GET /user/{id} user getUser

Callers

nothing calls this directly

Calls 9

CreatePasswordFunction · 0.92
TryGetUserIDFunction · 0.92
successOrAbortFunction · 0.85
toExternalUserFunction · 0.85
ErrorfMethod · 0.80
fireUserAddedMethod · 0.80
GetUserByNameMethod · 0.65
GetUserByIDMethod · 0.65
CreateUserMethod · 0.65

Tested by

no test coverage detected