forgejo/modules/validation/email.go

// Copyright 2016 The Gogs Authors. All rights reserved.
// Copyright 2020 The Gitea Authors. All rights reserved.
// Copyright 2024 The Forgejo Authors. All rights reserved
// SPDX-License-Identifier: MIT

package validation

import (
	"fmt"
	"net/mail"
	"strings"

	"forgejo.org/modules/setting"
	"forgejo.org/modules/util"

	"github.com/gobwas/glob"
)

// ErrEmailNotActivated e-mail address has not been activated error
var ErrEmailNotActivated = util.NewInvalidArgumentErrorf("e-mail address has not been activated")

// ErrEmailInvalid represents an error where the email address does not comply with RFC 5322
// or has a leading '-' character
type ErrEmailInvalid struct {
	Email string
}

// IsErrEmailInvalid checks if an error is an ErrEmailInvalid
func IsErrEmailInvalid(err error) bool {
	_, ok := err.(ErrEmailInvalid)
	return ok
}

func (err ErrEmailInvalid) Error() string {
	return fmt.Sprintf("e-mail invalid [email: %s]", err.Email)
}

func (err ErrEmailInvalid) Unwrap() error {
	return util.ErrInvalidArgument
}

// check if email is a valid address with allowed domain
func ValidateEmail(email string) error {
	if err := validateEmailBasic(email); err != nil {
		return err
	}
	return validateEmailDomain(email)
}

// check if email is a valid address when admins manually add or edit users
func ValidateEmailForAdmin(email string) error {
	return validateEmailBasic(email)
	// In this case we do not need to check the email domain
}

// validateEmailBasic checks whether the email complies with the rules
func validateEmailBasic(email string) error {
	if len(email) == 0 {
		return ErrEmailInvalid{email}
	}

	parsedAddress, err := mail.ParseAddress(email)
	if err != nil {
		return ErrEmailInvalid{email}
	}

	if parsedAddress.Name != "" {
		return ErrEmailInvalid{email}
	}

	return nil
}

func validateEmailDomain(email string) error {
	if !IsEmailDomainAllowed(email) {
		return ErrEmailInvalid{email}
	}

	return nil
}

func IsEmailDomainAllowed(email string) bool {
	return isEmailDomainAllowedInternal(
		email,
		setting.Service.EmailDomainAllowList,
		setting.Service.EmailDomainBlockList)
}

func isEmailDomainAllowedInternal(
	email string,
	emailDomainAllowList []glob.Glob,
	emailDomainBlockList []glob.Glob,
) bool {
	var result bool

	if len(emailDomainAllowList) == 0 {
		result = !isEmailDomainListed(emailDomainBlockList, email)
	} else {
		result = isEmailDomainListed(emailDomainAllowList, email)
	}
	return result
}

// isEmailDomainListed checks whether the domain of an email address
// matches a list of domains
func isEmailDomainListed(globs []glob.Glob, email string) bool {
	if len(globs) == 0 {
		return false
	}

	n := strings.LastIndex(email, "@")
	if n <= 0 {
		return false
	}

	domain := strings.ToLower(email[n+1:])

	for _, g := range globs {
		if g.Match(domain) {
			return true
		}
	}

	return false
}
fix: use ValidateEmail as binding across web forms 2024-08-28 16:56:35 -06:00			`// Copyright 2016 The Gogs Authors. All rights reserved.`
			`// Copyright 2020 The Gitea Authors. All rights reserved.`
federation with allow lists (#5393) ## Description This addresses Issue #5379. The email validation was extended. Additionally to checking whether the email domain is in the block list or in the allow list now we also check if the email domain is the servers own FQDN. Tests have been written for the correct function of the allow list and if the local FQDN is admitted as email domain. Edit: Clarifications, Typos ## Checklist The [contributor guide](https://forgejo.org/docs/next/contributor/) contains information that will be helpful to first time contributors. There also are a few [conditions for merging Pull Requests in Forgejo repositories](https://codeberg.org/forgejo/governance/src/branch/main/PullRequestsAgreement.md). You are also welcome to join the [Forgejo development chatroom](https://matrix.to/#/#forgejo-development:matrix.org). ### Tests - I added test coverage for Go changes... - [x] in their respective `*_test.go` for unit tests. ### Documentation - [x] I did not document these changes and I do not expect someone else to do it. ### Release notes - [x] I want the title to show in the release notes with a link to this pull request. Co-authored-by: Michael Jerger <michael.jerger@meissa-gmbh.de> Co-authored-by: patdyn <erik.seiert@meissa-gmbh.de> Co-authored-by: Mirco <mirco.zachmann@meissa.de> Co-authored-by: jerger <jerger@noreply.codeberg.org> Co-authored-by: zam <mirco.zachmann@meissa.de> Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/5393 Reviewed-by: jerger <jerger@noreply.codeberg.org> Reviewed-by: Gusted <gusted@noreply.codeberg.org> Co-authored-by: patdyn <patdyn@noreply.codeberg.org> Co-committed-by: patdyn <patdyn@noreply.codeberg.org> 2025-02-23 08:02:10 +00:00			`// Copyright 2024 The Forgejo Authors. All rights reserved`
fix: use ValidateEmail as binding across web forms 2024-08-28 16:56:35 -06:00			`// SPDX-License-Identifier: MIT`

			`package validation`

			`import (`
			`"fmt"`
			`"net/mail"`
			`"strings"`

chore: branding import path (#7337) - Massive replacement of changing `code.gitea.io/gitea` to `forgejo.org`. - Resolves forgejo/discussions#258 Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/7337 Reviewed-by: Earl Warren <earl-warren@noreply.codeberg.org> Reviewed-by: Michael Kriese <michael.kriese@gmx.de> Reviewed-by: Beowulf <beowulf@beocode.eu> Reviewed-by: Panagiotis "Ivory" Vasilopoulos <git@n0toose.net> Co-authored-by: Gusted <postmaster@gusted.xyz> Co-committed-by: Gusted <postmaster@gusted.xyz> 2025-03-27 19:40:14 +00:00			`"forgejo.org/modules/setting"`
			`"forgejo.org/modules/util"`
fix: use ValidateEmail as binding across web forms 2024-08-28 16:56:35 -06:00
			`"github.com/gobwas/glob"`
			`)`

			`// ErrEmailNotActivated e-mail address has not been activated error`
			`var ErrEmailNotActivated = util.NewInvalidArgumentErrorf("e-mail address has not been activated")`

			`// ErrEmailInvalid represents an error where the email address does not comply with RFC 5322`
			`// or has a leading '-' character`
			`type ErrEmailInvalid struct {`
			`Email string`
			`}`

			`// IsErrEmailInvalid checks if an error is an ErrEmailInvalid`
			`func IsErrEmailInvalid(err error) bool {`
			`_, ok := err.(ErrEmailInvalid)`
			`return ok`
			`}`

			`func (err ErrEmailInvalid) Error() string {`
			`return fmt.Sprintf("e-mail invalid [email: %s]", err.Email)`
			`}`

			`func (err ErrEmailInvalid) Unwrap() error {`
			`return util.ErrInvalidArgument`
			`}`

			`// check if email is a valid address with allowed domain`
			`func ValidateEmail(email string) error {`
			`if err := validateEmailBasic(email); err != nil {`
			`return err`
			`}`
			`return validateEmailDomain(email)`
			`}`

			`// check if email is a valid address when admins manually add or edit users`
			`func ValidateEmailForAdmin(email string) error {`
			`return validateEmailBasic(email)`
			`// In this case we do not need to check the email domain`
			`}`

			`// validateEmailBasic checks whether the email complies with the rules`
			`func validateEmailBasic(email string) error {`
			`if len(email) == 0 {`
			`return ErrEmailInvalid{email}`
			`}`

feat: relax email requirements (#7829) The current email restrictions were put in place because of a security issue with sendmail (https://github.com/go-gitea/gitea/pull/17688). Remove this restriction and instead ensure that this security issue cannot happen with sendmail. Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/7829 Reviewed-by: Ellen Εμιλία Άννα Zscheile <fogti@noreply.codeberg.org> Reviewed-by: Gusted <gusted@noreply.codeberg.org> Co-authored-by: famfo <famfo@famfo.xyz> Co-committed-by: famfo <famfo@famfo.xyz> 2025-05-22 12:20:25 +02:00			`parsedAddress, err := mail.ParseAddress(email)`
			`if err != nil {`
fix: use ValidateEmail as binding across web forms 2024-08-28 16:56:35 -06:00			`return ErrEmailInvalid{email}`
			`}`

feat: relax email requirements (#7829) The current email restrictions were put in place because of a security issue with sendmail (https://github.com/go-gitea/gitea/pull/17688). Remove this restriction and instead ensure that this security issue cannot happen with sendmail. Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/7829 Reviewed-by: Ellen Εμιλία Άννα Zscheile <fogti@noreply.codeberg.org> Reviewed-by: Gusted <gusted@noreply.codeberg.org> Co-authored-by: famfo <famfo@famfo.xyz> Co-committed-by: famfo <famfo@famfo.xyz> 2025-05-22 12:20:25 +02:00			`if parsedAddress.Name != "" {`
fix: use ValidateEmail as binding across web forms 2024-08-28 16:56:35 -06:00			`return ErrEmailInvalid{email}`
			`}`

			`return nil`
			`}`

			`func validateEmailDomain(email string) error {`
			`if !IsEmailDomainAllowed(email) {`
			`return ErrEmailInvalid{email}`
			`}`

			`return nil`
			`}`

			`func IsEmailDomainAllowed(email string) bool {`
federation with allow lists (#5393) ## Description This addresses Issue #5379. The email validation was extended. Additionally to checking whether the email domain is in the block list or in the allow list now we also check if the email domain is the servers own FQDN. Tests have been written for the correct function of the allow list and if the local FQDN is admitted as email domain. Edit: Clarifications, Typos ## Checklist The [contributor guide](https://forgejo.org/docs/next/contributor/) contains information that will be helpful to first time contributors. There also are a few [conditions for merging Pull Requests in Forgejo repositories](https://codeberg.org/forgejo/governance/src/branch/main/PullRequestsAgreement.md). You are also welcome to join the [Forgejo development chatroom](https://matrix.to/#/#forgejo-development:matrix.org). ### Tests - I added test coverage for Go changes... - [x] in their respective `*_test.go` for unit tests. ### Documentation - [x] I did not document these changes and I do not expect someone else to do it. ### Release notes - [x] I want the title to show in the release notes with a link to this pull request. Co-authored-by: Michael Jerger <michael.jerger@meissa-gmbh.de> Co-authored-by: patdyn <erik.seiert@meissa-gmbh.de> Co-authored-by: Mirco <mirco.zachmann@meissa.de> Co-authored-by: jerger <jerger@noreply.codeberg.org> Co-authored-by: zam <mirco.zachmann@meissa.de> Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/5393 Reviewed-by: jerger <jerger@noreply.codeberg.org> Reviewed-by: Gusted <gusted@noreply.codeberg.org> Co-authored-by: patdyn <patdyn@noreply.codeberg.org> Co-committed-by: patdyn <patdyn@noreply.codeberg.org> 2025-02-23 08:02:10 +00:00			`return isEmailDomainAllowedInternal(`
			`email,`
			`setting.Service.EmailDomainAllowList,`
			`setting.Service.EmailDomainBlockList)`
			`}`
fix: use ValidateEmail as binding across web forms 2024-08-28 16:56:35 -06:00
federation with allow lists (#5393) ## Description This addresses Issue #5379. The email validation was extended. Additionally to checking whether the email domain is in the block list or in the allow list now we also check if the email domain is the servers own FQDN. Tests have been written for the correct function of the allow list and if the local FQDN is admitted as email domain. Edit: Clarifications, Typos ## Checklist The [contributor guide](https://forgejo.org/docs/next/contributor/) contains information that will be helpful to first time contributors. There also are a few [conditions for merging Pull Requests in Forgejo repositories](https://codeberg.org/forgejo/governance/src/branch/main/PullRequestsAgreement.md). You are also welcome to join the [Forgejo development chatroom](https://matrix.to/#/#forgejo-development:matrix.org). ### Tests - I added test coverage for Go changes... - [x] in their respective `*_test.go` for unit tests. ### Documentation - [x] I did not document these changes and I do not expect someone else to do it. ### Release notes - [x] I want the title to show in the release notes with a link to this pull request. Co-authored-by: Michael Jerger <michael.jerger@meissa-gmbh.de> Co-authored-by: patdyn <erik.seiert@meissa-gmbh.de> Co-authored-by: Mirco <mirco.zachmann@meissa.de> Co-authored-by: jerger <jerger@noreply.codeberg.org> Co-authored-by: zam <mirco.zachmann@meissa.de> Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/5393 Reviewed-by: jerger <jerger@noreply.codeberg.org> Reviewed-by: Gusted <gusted@noreply.codeberg.org> Co-authored-by: patdyn <patdyn@noreply.codeberg.org> Co-committed-by: patdyn <patdyn@noreply.codeberg.org> 2025-02-23 08:02:10 +00:00			`func isEmailDomainAllowedInternal(`
			`email string,`
			`emailDomainAllowList []glob.Glob,`
			`emailDomainBlockList []glob.Glob,`
			`) bool {`
			`var result bool`

			`if len(emailDomainAllowList) == 0 {`
			`result = !isEmailDomainListed(emailDomainBlockList, email)`
			`} else {`
			`result = isEmailDomainListed(emailDomainAllowList, email)`
			`}`
			`return result`
fix: use ValidateEmail as binding across web forms 2024-08-28 16:56:35 -06:00			`}`

			`// isEmailDomainListed checks whether the domain of an email address`
			`// matches a list of domains`
			`func isEmailDomainListed(globs []glob.Glob, email string) bool {`
			`if len(globs) == 0 {`
			`return false`
			`}`

			`n := strings.LastIndex(email, "@")`
			`if n <= 0 {`
			`return false`
			`}`

			`domain := strings.ToLower(email[n+1:])`

			`for _, g := range globs {`
			`if g.Match(domain) {`
			`return true`
			`}`
			`}`

			`return false`
			`}`