mirror of
				https://codeberg.org/forgejo/forgejo.git
				synced 2025-10-25 03:22:36 +00:00 
			
		
		
		
	Gitea allows to whitelist email domains so that only email addresses from certain domains are allowed to register an account, but does not currently allows to do the opposite: blacklisting email domains so that addresses from certain domains are *forbidden* to register an account. The idea has been briefly mentioned in the discussion about issue #6350, but never implemented. This PR does that. The rationale is that, in my experience of running a Gitea instance, *a single email domain* is responsible for *most* of the spam accounts, and for *all* of the spam accounts that manage to get past the email confirmation step. So on top of the other spam mitigation measures already available (email confirmation, CAPTCHA, etc.), having the option to block a particularly annoying domain would be helpful. close #13628
		
			
				
	
	
		
			86 lines
		
	
	
	
		
			1.7 KiB
		
	
	
	
		
			Go
		
	
	
	
	
	
			
		
		
	
	
			86 lines
		
	
	
	
		
			1.7 KiB
		
	
	
	
		
			Go
		
	
	
	
	
	
| // Copyright 2018 The Gogs Authors. All rights reserved.
 | |
| // Use of this source code is governed by a MIT-style
 | |
| // license that can be found in the LICENSE file.
 | |
| 
 | |
| package forms
 | |
| 
 | |
| import (
 | |
| 	"testing"
 | |
| 
 | |
| 	"code.gitea.io/gitea/modules/setting"
 | |
| 
 | |
| 	"github.com/stretchr/testify/assert"
 | |
| )
 | |
| 
 | |
| func TestRegisterForm_IsDomainAllowed_Empty(t *testing.T) {
 | |
| 	_ = setting.Service
 | |
| 
 | |
| 	setting.Service.EmailDomainWhitelist = []string{}
 | |
| 
 | |
| 	form := RegisterForm{}
 | |
| 
 | |
| 	assert.True(t, form.IsEmailDomainAllowed())
 | |
| }
 | |
| 
 | |
| func TestRegisterForm_IsDomainAllowed_InvalidEmail(t *testing.T) {
 | |
| 	_ = setting.Service
 | |
| 
 | |
| 	setting.Service.EmailDomainWhitelist = []string{"gitea.io"}
 | |
| 
 | |
| 	tt := []struct {
 | |
| 		email string
 | |
| 	}{
 | |
| 		{"securitygieqqq"},
 | |
| 		{"hdudhdd"},
 | |
| 	}
 | |
| 
 | |
| 	for _, v := range tt {
 | |
| 		form := RegisterForm{Email: v.email}
 | |
| 
 | |
| 		assert.False(t, form.IsEmailDomainAllowed())
 | |
| 	}
 | |
| }
 | |
| 
 | |
| func TestRegisterForm_IsDomainAllowed_WhitelistedEmail(t *testing.T) {
 | |
| 	_ = setting.Service
 | |
| 
 | |
| 	setting.Service.EmailDomainWhitelist = []string{"gitea.io"}
 | |
| 
 | |
| 	tt := []struct {
 | |
| 		email string
 | |
| 		valid bool
 | |
| 	}{
 | |
| 		{"security@gitea.io", true},
 | |
| 		{"security@gITea.io", true},
 | |
| 		{"hdudhdd", false},
 | |
| 		{"seee@example.com", false},
 | |
| 	}
 | |
| 
 | |
| 	for _, v := range tt {
 | |
| 		form := RegisterForm{Email: v.email}
 | |
| 
 | |
| 		assert.Equal(t, v.valid, form.IsEmailDomainAllowed())
 | |
| 	}
 | |
| }
 | |
| 
 | |
| func TestRegisterForm_IsDomainAllowed_BlocklistedEmail(t *testing.T) {
 | |
| 	_ = setting.Service
 | |
| 
 | |
| 	setting.Service.EmailDomainWhitelist = []string{}
 | |
| 	setting.Service.EmailDomainBlocklist = []string{"gitea.io"}
 | |
| 
 | |
| 	tt := []struct {
 | |
| 		email string
 | |
| 		valid bool
 | |
| 	}{
 | |
| 		{"security@gitea.io", false},
 | |
| 		{"security@gitea.example", true},
 | |
| 		{"hdudhdd", true},
 | |
| 	}
 | |
| 
 | |
| 	for _, v := range tt {
 | |
| 		form := RegisterForm{Email: v.email}
 | |
| 
 | |
| 		assert.Equal(t, v.valid, form.IsEmailDomainAllowed())
 | |
| 	}
 | |
| }
 |