Merge pull request '解决issue186遗留问题' (#199) from fix-186 into V20210731.patch

Reviewed-on: https://git.openi.org.cn/OpenI/aiforge/pulls/199

models/user_mail.go

@@ -80,6 +80,18 @@ func GetEmailAddressByID(uid, id int64) (*EmailAddress, error) {
 	return email, nil
 }
 
+// GetEmailAddressByIDAndEmail gets a user's email address by ID and email
+func GetEmailAddressByIDAndEmail(uid int64, emailAddr string) (*EmailAddress, error) {
+	// User ID is required for security reasons
+	email := &EmailAddress{UID: uid, Email: emailAddr}
+	if has, err := x.Get(email); err != nil {
+		return nil, err
+	} else if !has {
+		return nil, nil
+	}
+	return email, nil
+}
+
 func isEmailActive(e Engine, email string, userID, emailID int64) (bool, error) {
 	if len(email) == 0 {
 		return true, nil

routers/user/auth.go

@@ -1266,6 +1266,15 @@ func Activate(ctx *context.Context) {
 			log.Error("Error storing session: %v", err)
 		}
 
+		email, err := models.GetEmailAddressByIDAndEmail(user.ID, user.Email)
+		if err != nil || email == nil{
+			log.Error("GetEmailAddressByIDAndEmail failed", ctx.Data["MsgID"])
+		} else {
+			if err := email.Activate(); err != nil {
+				log.Error("Activate failed: %v", err, ctx.Data["MsgID"])
+			}
+		}
+
 		ctx.Flash.Success(ctx.Tr("auth.account_activated"))
 		ctx.Redirect(setting.AppSubURL + "/")
 		return

routers/user/setting/profile.go

@@ -96,6 +96,18 @@ func ProfilePost(ctx *context.Context, form auth.UpdateProfileForm) {
 	ctx.User.Location = form.Location
 	ctx.User.Language = form.Language
 	ctx.User.Description = form.Description
+	isUsed, err := models.IsEmailUsed(form.Email)
+	if err != nil {
+		ctx.ServerError("IsEmailUsed", err)
+		return
+	}
+
+	if isUsed {
+		ctx.Flash.Error(ctx.Tr("form.email_been_used"))
+		ctx.Redirect(setting.AppSubURL + "/user/settings")
+		return
+	}
+
 	if err := models.UpdateUserSetting(ctx.User); err != nil {
 		if _, ok := err.(models.ErrEmailAlreadyUsed); ok {
 			ctx.Flash.Error(ctx.Tr("form.email_been_used"))