Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Only use supported sort order for "explore/users" page #29430

Merged
merged 6 commits into from
Feb 27, 2024
Merged

Only use supported sort order for "explore/users" page #29430

Show file tree
Hide file tree
Changes from 5 commits
Commits
Show all changes
6 commits
Select commit Hold shift + click to select a range
7c2cb4b
fix
wxiaoguang Feb 26, 2024
f6b68be
rearrange NotFound call
wxiaoguang Feb 26, 2024
7b996ca
fix org, rewrite tests
wxiaoguang Feb 26, 2024
e0276a8
Merge branch 'main' into fix-explore-user
GiteaBot Feb 27, 2024
ef01b74
Merge branch 'main' into fix-explore-user
GiteaBot Feb 27, 2024
3277a6e
Merge branch 'main' into fix-explore-user
wxiaoguang Feb 27, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
3 changes: 3 additions & 0 deletions models/user/search.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -9,6 +9,7 @@ import (
"strings"

"code.gitea.io/gitea/models/db"
"code.gitea.io/gitea/modules/container"
"code.gitea.io/gitea/modules/structs"
"code.gitea.io/gitea/modules/util"

Expand All @@ -30,6 +31,8 @@ type SearchUserOptions struct {
Actor *User // The user doing the search
SearchByEmail bool // Search by email as well as username/full name

SupportedSortOrders container.Set[string] // if not nil, only allow to use the sort orders in this set

IsActive util.OptionalBool
IsAdmin util.OptionalBool
IsRestricted util.OptionalBool
Expand Down
15 changes: 13 additions & 2 deletions routers/web/explore/org.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -6,6 +6,7 @@ package explore
import (
"code.gitea.io/gitea/models/db"
user_model "code.gitea.io/gitea/models/user"
"code.gitea.io/gitea/modules/container"
"code.gitea.io/gitea/modules/context"
"code.gitea.io/gitea/modules/setting"
"code.gitea.io/gitea/modules/structs"
Expand All @@ -24,14 +25,24 @@ func Organizations(ctx *context.Context) {
visibleTypes = append(visibleTypes, structs.VisibleTypeLimited, structs.VisibleTypePrivate)
}

if ctx.FormString("sort") == "" {
ctx.SetFormString("sort", setting.UI.ExploreDefaultSort)
supportedSortOrders := container.SetOf(
"newest",
"oldest",
"alphabetically",
"reversealphabetically",
)
sortOrder := ctx.FormString("sort")
if sortOrder == "" {
sortOrder = "newest"
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

setting.UI.ExploreDefaultSort is not respected anymore!!!

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

#32357

ctx.SetFormString("sort", sortOrder)
}

RenderUserSearch(ctx, &user_model.SearchUserOptions{
Actor: ctx.Doer,
Type: user_model.UserTypeOrganization,
ListOptions: db.ListOptions{PageSize: setting.UI.ExplorePagingNum},
Visible: visibleTypes,

SupportedSortOrders: supportedSortOrders,
}, tplExploreUsers)
}
21 changes: 19 additions & 2 deletions routers/web/explore/user.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -10,6 +10,7 @@ import (
"code.gitea.io/gitea/models/db"
user_model "code.gitea.io/gitea/models/user"
"code.gitea.io/gitea/modules/base"
"code.gitea.io/gitea/modules/container"
"code.gitea.io/gitea/modules/context"
"code.gitea.io/gitea/modules/log"
"code.gitea.io/gitea/modules/setting"
Expand Down Expand Up @@ -79,10 +80,16 @@ func RenderUserSearch(ctx *context.Context, opts *user_model.SearchUserOptions,
fallthrough
default:
// in case the sortType is not valid, we set it to recentupdate
sortOrder = "recentupdate"
ctx.Data["SortType"] = "recentupdate"
orderBy = "`user`.updated_unix DESC"
}

if opts.SupportedSortOrders != nil && !opts.SupportedSortOrders.Contains(sortOrder) {
ctx.NotFound("unsupported sort order", nil)
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

https://developer.mozilla.org/en-US/docs/Web/HTTP/Status/400
Should be better?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I agree to use it, but at the moment Gitea doesn't have the ability to render such a page .....

It needs other framework-level refacotring first.

return
}

opts.Keyword = ctx.FormTrim("q")
opts.OrderBy = orderBy
if len(opts.Keyword) == 0 || isKeywordValid(opts.Keyword) {
Expand Down Expand Up @@ -132,8 +139,16 @@ func Users(ctx *context.Context) {
ctx.Data["PageIsExploreUsers"] = true
ctx.Data["IsRepoIndexerEnabled"] = setting.Indexer.RepoIndexerEnabled

if ctx.FormString("sort") == "" {
ctx.SetFormString("sort", setting.UI.ExploreDefaultSort)
supportedSortOrders := container.SetOf(
"newest",
"oldest",
"alphabetically",
"reversealphabetically",
)
delvh marked this conversation as resolved.
Show resolved Hide resolved
sortOrder := ctx.FormString("sort")
if sortOrder == "" {
sortOrder = "newest"
ctx.SetFormString("sort", sortOrder)
}

RenderUserSearch(ctx, &user_model.SearchUserOptions{
Expand All @@ -142,5 +157,7 @@ func Users(ctx *context.Context) {
ListOptions: db.ListOptions{PageSize: setting.UI.ExplorePagingNum},
IsActive: util.OptionalBoolTrue,
Visible: []structs.VisibleType{structs.VisibleTypePublic, structs.VisibleTypeLimited, structs.VisibleTypePrivate},

SupportedSortOrders: supportedSortOrders,
}, tplExploreUsers)
}
2 changes: 0 additions & 2 deletions templates/explore/search.tmpl
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -16,8 +16,6 @@
<a class="{{if eq .SortType "oldest"}}active {{end}}item" href="{{$.Link}}?sort=oldest&q={{$.Keyword}}">{{ctx.Locale.Tr "repo.issues.filter_sort.oldest"}}</a>
<a class="{{if eq .SortType "alphabetically"}}active {{end}}item" href="{{$.Link}}?sort=alphabetically&q={{$.Keyword}}">{{ctx.Locale.Tr "repo.issues.label.filter_sort.alphabetically"}}</a>
<a class="{{if eq .SortType "reversealphabetically"}}active {{end}}item" href="{{$.Link}}?sort=reversealphabetically&q={{$.Keyword}}">{{ctx.Locale.Tr "repo.issues.label.filter_sort.reverse_alphabetically"}}</a>
<a class="{{if eq .SortType "recentupdate"}}active {{end}}item" href="{{$.Link}}?sort=recentupdate&q={{$.Keyword}}">{{ctx.Locale.Tr "repo.issues.filter_sort.recentupdate"}}</a>
<a class="{{if eq .SortType "leastupdate"}}active {{end}}item" href="{{$.Link}}?sort=leastupdate&q={{$.Keyword}}">{{ctx.Locale.Tr "repo.issues.filter_sort.leastupdate"}}</a>
</div>
</div>
</div>
Expand Down
44 changes: 44 additions & 0 deletions tests/integration/explore_user_test.go
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,44 @@
// Copyright 2024 The Gitea Authors. All rights reserved.
// SPDX-License-Identifier: MIT

package integration

import (
"net/http"
"testing"

"code.gitea.io/gitea/tests"

"github.com/stretchr/testify/assert"
)

func TestExploreUser(t *testing.T) {
defer tests.PrepareTestEnv(t)()

cases := []struct{ sortOrder, expected string }{
{"", "/explore/users?sort=newest&q="},
{"newest", "/explore/users?sort=newest&q="},
{"oldest", "/explore/users?sort=oldest&q="},
{"alphabetically", "/explore/users?sort=alphabetically&q="},
{"reversealphabetically", "/explore/users?sort=reversealphabetically&q="},
}
for _, c := range cases {
req := NewRequest(t, "GET", "/explore/users?sort="+c.sortOrder)
resp := MakeRequest(t, req, http.StatusOK)
h := NewHTMLParser(t, resp.Body)
href, _ := h.Find(`.ui.dropdown .menu a.active.item[href^="/explore/users"]`).Attr("href")
assert.Equal(t, c.expected, href)
}

// these sort orders shouldn't be supported, to avoid leaking user activity
cases404 := []string{
"/explore/users?sort=lastlogin",
"/explore/users?sort=reverselastlogin",
"/explore/users?sort=leastupdate",
"/explore/users?sort=reverseleastupdate",
}
for _, c := range cases404 {
req := NewRequest(t, "GET", c).SetHeader("Accept", "text/html")
MakeRequest(t, req, http.StatusNotFound)
}
}
Loading