You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

134 lines
5.7 KiB

Restricted users (#6274) * Restricted users (#4334): initial implementation * Add User.IsRestricted & UI to edit it * Pass user object instead of user id to places where IsRestricted flag matters * Restricted users: maintain access rows for all referenced repos (incl public) * Take logged in user & IsRestricted flag into account in org/repo listings, searches and accesses * Add basic repo access tests for restricted users Signed-off-by: Manush Dodunekov <manush@stendahls.se> * Mention restricted users in the faq Signed-off-by: Manush Dodunekov <manush@stendahls.se> * Revert unnecessary change `.isUserPartOfOrg` -> `.IsUserPartOfOrg` Signed-off-by: Manush Dodunekov <manush@stendahls.se> * Remove unnecessary `org.IsOrganization()` call Signed-off-by: Manush Dodunekov <manush@stendahls.se> * Revert to an `int64` keyed `accessMap` * Add type `userAccess` * Add convenience func updateUserAccess() * Turn accessMap into a `map[int64]userAccess` Signed-off-by: Manush Dodunekov <manush@stendahls.se> * or even better: `map[int64]*userAccess` * updateUserAccess(): use tighter syntax as suggested by lafriks * even tighter * Avoid extra loop * Don't disclose limited orgs to unauthenticated users * Don't assume block only applies to orgs * Use an array of `VisibleType` for filtering * fix yet another thinko * Ok - no need for u * Revert "Ok - no need for u" This reverts commit 5c3e886aabd5acd997a3b35687d322439732c200. Co-authored-by: Antoine GIRARD <sapk@users.noreply.github.com> Co-authored-by: Lauris BH <lauris@nix.lv>
4 years ago
  1. {{template "base/head" .}}
  2. <div class="admin edit user">
  3. {{template "admin/navbar" .}}
  4. <div class="ui container">
  5. {{template "base/alert" .}}
  6. <h4 class="ui top attached header">
  7. {{.i18n.Tr "admin.users.edit_account"}}
  8. </h4>
  9. <div class="ui attached segment">
  10. <form class="ui form" action="{{.Link}}" method="post">
  11. {{.CsrfTokenHtml}}
  12. <div class="inline field {{if .Err_UserName}}error{{end}}">
  13. <label for="user_name">{{.i18n.Tr "username"}}</label>
  14. <span>{{.User.Name}}</span>
  15. </div>
  16. <!-- Types and name -->
  17. <div class="inline required field {{if .Err_LoginType}}error{{end}}">
  18. <label>{{.i18n.Tr "admin.users.auth_source"}}</label>
  19. <div class="ui selection type dropdown">
  20. <input type="hidden" id="login_type" name="login_type" value="{{.LoginSource.Type}}-{{.LoginSource.ID}}" required>
  21. <div class="text">{{.i18n.Tr "admin.users.local"}}</div>
  22. <i class="dropdown icon"></i>
  23. <div class="menu">
  24. <div class="item" data-value="0-0">{{.i18n.Tr "admin.users.local"}}</div>
  25. {{range .Sources}}
  26. <div class="item" data-value="{{.Type}}-{{.ID}}">{{.Name}}</div>
  27. {{end}}
  28. </div>
  29. </div>
  30. </div>
  31. <div class="required non-local field {{if .Err_LoginName}}error{{end}} {{if eq .User.LoginSource 0}}hide{{end}}">
  32. <label for="login_name">{{.i18n.Tr "admin.users.auth_login_name"}}</label>
  33. <input id="login_name" name="login_name" value="{{.User.LoginName}}" autofocus>
  34. </div>
  35. <div class="field {{if .Err_FullName}}error{{end}}">
  36. <label for="full_name">{{.i18n.Tr "settings.full_name"}}</label>
  37. <input id="full_name" name="full_name" value="{{.User.FullName}}">
  38. </div>
  39. <div class="required field {{if .Err_Email}}error{{end}}">
  40. <label for="email">{{.i18n.Tr "email"}}</label>
  41. <input id="email" name="email" type="email" value="{{.User.Email}}" autofocus required>
  42. </div>
  43. <input class="fake" type="password">
  44. <div class="local field {{if .Err_Password}}error{{end}} {{if not (or (.User.IsLocal) (.User.IsOAuth2))}}hide{{end}}">
  45. <label for="password">{{.i18n.Tr "password"}}</label>
  46. <input id="password" name="password" type="password">
  47. <p class="help">{{.i18n.Tr "admin.users.password_helper"}}</p>
  48. </div>
  49. <div class="field {{if .Err_Website}}error{{end}}">
  50. <label for="website">{{.i18n.Tr "settings.website"}}</label>
  51. <input id="website" name="website" type="url" value="{{.User.Website}}" placeholder="e.g. http://mydomain.com or https://mydomain.com">
  52. </div>
  53. <div class="field {{if .Err_Location}}error{{end}}">
  54. <label for="location">{{.i18n.Tr "settings.location"}}</label>
  55. <input id="location" name="location" value="{{.User.Location}}">
  56. </div>
  57. <div class="ui divider"></div>
  58. <div class="inline field {{if .Err_MaxRepoCreation}}error{{end}}">
  59. <label for="max_repo_creation">{{.i18n.Tr "admin.users.max_repo_creation"}}</label>
  60. <input id="max_repo_creation" name="max_repo_creation" type="number" value="{{.User.MaxRepoCreation}}">
  61. <p class="help">{{.i18n.Tr "admin.users.max_repo_creation_desc"}}</p>
  62. </div>
  63. <div class="ui divider"></div>
  64. <div class="inline field">
  65. <div class="ui checkbox">
  66. <label><strong>{{.i18n.Tr "admin.users.is_activated"}}</strong></label>
  67. <input name="active" type="checkbox" {{if .User.IsActive}}checked{{end}}>
  68. </div>
  69. </div>
  70. <div class="inline field">
  71. <div class="ui checkbox">
  72. <label><strong>{{.i18n.Tr "admin.users.prohibit_login"}}</strong></label>
  73. <input name="prohibit_login" type="checkbox" {{if .User.ProhibitLogin}}checked{{end}} {{if (eq .User.ID .SignedUserID)}}disabled{{end}}>
  74. </div>
  75. </div>
  76. <div class="inline field">
  77. <div class="ui checkbox">
  78. <label><strong>{{.i18n.Tr "admin.users.is_admin"}}</strong></label>
  79. <input name="admin" type="checkbox" {{if .User.IsAdmin}}checked{{end}}>
  80. </div>
  81. </div>
  82. <div class="inline field">
  83. <div class="ui checkbox">
  84. <label><strong>{{.i18n.Tr "admin.users.is_restricted"}}</strong></label>
  85. <input name="restricted" type="checkbox" {{if .User.IsRestricted}}checked{{end}}>
  86. </div>
  87. </div>
  88. <div class="inline field">
  89. <div class="ui checkbox">
  90. <label><strong>{{.i18n.Tr "admin.users.allow_git_hook"}}</strong></label>
  91. <input name="allow_git_hook" type="checkbox" {{if .User.CanEditGitHook}}checked{{end}} {{if DisableGitHooks}}disabled{{end}}>
  92. </div>
  93. </div>
  94. <div class="inline field">
  95. <div class="ui checkbox">
  96. <label><strong>{{.i18n.Tr "admin.users.allow_import_local"}}</strong></label>
  97. <input name="allow_import_local" type="checkbox" {{if .User.CanImportLocal}}checked{{end}} {{if DisableImportLocal}}disabled{{end}}>
  98. </div>
  99. </div>
  100. {{if not .DisableRegularOrgCreation}}
  101. <div class="inline field">
  102. <div class="ui checkbox">
  103. <label><strong>{{.i18n.Tr "admin.users.allow_create_organization"}}</strong></label>
  104. <input name="allow_create_organization" type="checkbox" {{if .User.CanCreateOrganization}}checked{{end}}>
  105. </div>
  106. </div>
  107. {{end}}
  108. <div class="ui divider"></div>
  109. <div class="field">
  110. <button class="ui green button">{{.i18n.Tr "admin.users.update_profile"}}</button>
  111. <div class="ui red button delete-button" data-url="{{$.Link}}/delete" data-id="{{.User.ID}}">{{.i18n.Tr "admin.users.delete_account"}}</div>
  112. </div>
  113. </form>
  114. </div>
  115. </div>
  116. </div>
  117. <div class="ui small basic delete modal">
  118. <div class="ui icon header">
  119. <i class="trash icon"></i>
  120. {{.i18n.Tr "settings.delete_account_title"}}
  121. </div>
  122. <div class="content">
  123. <p>{{.i18n.Tr "settings.delete_account_desc"}}</p>
  124. </div>
  125. {{template "base/delete_modal_actions" .}}
  126. </div>
  127. {{template "base/footer" .}}