From 91af298fe17c15a0bd895f55fbf19cbafb2e3b58 Mon Sep 17 00:00:00 2001 From: thezzisu Date: Tue, 3 Sep 2024 10:30:27 +0800 Subject: [PATCH 1/8] Add ExternalUserLockFullName option --- modules/setting/admin.go | 2 ++ routers/web/user/setting/profile.go | 7 +++++++ templates/user/settings/profile.tmpl | 5 ++++- 3 files changed, 13 insertions(+), 1 deletion(-) diff --git a/modules/setting/admin.go b/modules/setting/admin.go index ca4e9b1d5835b..aa26d46713b0f 100644 --- a/modules/setting/admin.go +++ b/modules/setting/admin.go @@ -13,6 +13,7 @@ var Admin struct { DefaultEmailNotification string UserDisabledFeatures container.Set[string] ExternalUserDisableFeatures container.Set[string] + ExternalUserLockFullName bool } func loadAdminFrom(rootCfg ConfigProvider) { @@ -21,6 +22,7 @@ func loadAdminFrom(rootCfg ConfigProvider) { Admin.DefaultEmailNotification = sec.Key("DEFAULT_EMAIL_NOTIFICATIONS").MustString("enabled") Admin.UserDisabledFeatures = container.SetOf(sec.Key("USER_DISABLED_FEATURES").Strings(",")...) Admin.ExternalUserDisableFeatures = container.SetOf(sec.Key("EXTERNAL_USER_DISABLE_FEATURES").Strings(",")...).Union(Admin.UserDisabledFeatures) + Admin.ExternalUserLockFullName = sec.Key("EXTERNAL_USER_LOCK_FULLNAME").MustBool(false) } const ( diff --git a/routers/web/user/setting/profile.go b/routers/web/user/setting/profile.go index 554f6cd6ce3f9..9ed7843a43071 100644 --- a/routers/web/user/setting/profile.go +++ b/routers/web/user/setting/profile.go @@ -50,6 +50,8 @@ func Profile(ctx *context.Context) { ctx.Data["UserDisabledFeatures"] = user_model.DisabledFeaturesWithLoginType(ctx.Doer) + ctx.Data["ExternalUserLockFullName"] = setting.Admin.ExternalUserLockFullName + ctx.HTML(http.StatusOK, tplSettingsProfile) } @@ -99,6 +101,11 @@ func ProfilePost(ctx *context.Context) { Visibility: optional.Some(form.Visibility), KeepActivityPrivate: optional.Some(form.KeepActivityPrivate), } + + if !ctx.Doer.IsLocal() && setting.Admin.ExternalUserLockFullName { + opts.FullName = optional.None[string]() + } + if err := user_service.UpdateUser(ctx, ctx.Doer, opts); err != nil { ctx.ServerError("UpdateUser", err) return diff --git a/templates/user/settings/profile.tmpl b/templates/user/settings/profile.tmpl index aaaf8f30db6d6..b1de5331aa4ab 100644 --- a/templates/user/settings/profile.tmpl +++ b/templates/user/settings/profile.tmpl @@ -19,7 +19,10 @@
- + + {{if and (not .SignedUser.IsLocal) .ExternalUserLockFullName}} +

{{ctx.Locale.Tr "settings.password_full_name_disabled"}}

+ {{end}}
From eeb85ea1777d1053dcbef95cc0fbd4ff39bbea0d Mon Sep 17 00:00:00 2001 From: thezzisu Date: Tue, 3 Sep 2024 10:34:16 +0800 Subject: [PATCH 2/8] Change setting key --- modules/setting/admin.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/modules/setting/admin.go b/modules/setting/admin.go index aa26d46713b0f..84ba723acd206 100644 --- a/modules/setting/admin.go +++ b/modules/setting/admin.go @@ -22,7 +22,7 @@ func loadAdminFrom(rootCfg ConfigProvider) { Admin.DefaultEmailNotification = sec.Key("DEFAULT_EMAIL_NOTIFICATIONS").MustString("enabled") Admin.UserDisabledFeatures = container.SetOf(sec.Key("USER_DISABLED_FEATURES").Strings(",")...) Admin.ExternalUserDisableFeatures = container.SetOf(sec.Key("EXTERNAL_USER_DISABLE_FEATURES").Strings(",")...).Union(Admin.UserDisabledFeatures) - Admin.ExternalUserLockFullName = sec.Key("EXTERNAL_USER_LOCK_FULLNAME").MustBool(false) + Admin.ExternalUserLockFullName = sec.Key("EXTERNAL_USER_LOCK_FULL_NAME").MustBool(false) } const ( From 71282780a35f02989986dcfe74034acc0255973f Mon Sep 17 00:00:00 2001 From: thezzisu Date: Wed, 4 Sep 2024 08:51:13 +0800 Subject: [PATCH 3/8] Update locales --- options/locale/locale_en-US.ini | 1 + 1 file changed, 1 insertion(+) diff --git a/options/locale/locale_en-US.ini b/options/locale/locale_en-US.ini index a79a487392c9d..824e33c41c843 100644 --- a/options/locale/locale_en-US.ini +++ b/options/locale/locale_en-US.ini @@ -705,6 +705,7 @@ biography_placeholder = Tell us a little bit about yourself! (You can use Markdo location_placeholder = Share your approximate location with others profile_desc = Control how your profile is show to other users. Your primary email address will be used for notifications, password recovery and web-based Git operations. password_username_disabled = Non-local users are not allowed to change their username. Please contact your site administrator for more details. +password_full_name_disabled = Non-local users are not allowed to change their full name. Please contact your site administrator for more details. full_name = Full Name website = Website location = Location From 34730622c95f38d314bf1800ad0013aa9d863328 Mon Sep 17 00:00:00 2001 From: thezzisu Date: Thu, 12 Sep 2024 15:10:02 +0800 Subject: [PATCH 4/8] feat: update implementation --- modules/setting/admin.go | 4 ++-- options/locale/locale_en-US.ini | 2 ++ routers/web/user/setting/profile.go | 17 ++++++++++++----- templates/user/settings/profile.tmpl | 8 ++++---- 4 files changed, 20 insertions(+), 11 deletions(-) diff --git a/modules/setting/admin.go b/modules/setting/admin.go index 84ba723acd206..fde291ade94ae 100644 --- a/modules/setting/admin.go +++ b/modules/setting/admin.go @@ -13,7 +13,6 @@ var Admin struct { DefaultEmailNotification string UserDisabledFeatures container.Set[string] ExternalUserDisableFeatures container.Set[string] - ExternalUserLockFullName bool } func loadAdminFrom(rootCfg ConfigProvider) { @@ -22,7 +21,6 @@ func loadAdminFrom(rootCfg ConfigProvider) { Admin.DefaultEmailNotification = sec.Key("DEFAULT_EMAIL_NOTIFICATIONS").MustString("enabled") Admin.UserDisabledFeatures = container.SetOf(sec.Key("USER_DISABLED_FEATURES").Strings(",")...) Admin.ExternalUserDisableFeatures = container.SetOf(sec.Key("EXTERNAL_USER_DISABLE_FEATURES").Strings(",")...).Union(Admin.UserDisabledFeatures) - Admin.ExternalUserLockFullName = sec.Key("EXTERNAL_USER_LOCK_FULL_NAME").MustBool(false) } const ( @@ -31,4 +29,6 @@ const ( UserFeatureManageGPGKeys = "manage_gpg_keys" UserFeatureManageMFA = "manage_mfa" UserFeatureManageCredentials = "manage_credentials" + UserFeatureChangeUsername = "change_username" + UserFeatureChangeFullName = "change_full_name" ) diff --git a/options/locale/locale_en-US.ini b/options/locale/locale_en-US.ini index 824e33c41c843..b6b8d25be7fcb 100644 --- a/options/locale/locale_en-US.ini +++ b/options/locale/locale_en-US.ini @@ -579,6 +579,8 @@ lang_select_error = Select a language from the list. username_been_taken = The username is already taken. username_change_not_local_user = Non-local users are not allowed to change their username. +change_username_disabled = Changing username is disabled. +change_full_name_disabled = Changing full name is disabled. username_has_not_been_changed = Username has not been changed repo_name_been_taken = The repository name is already used. repository_force_private = Force Private is enabled: private repositories cannot be made public. diff --git a/routers/web/user/setting/profile.go b/routers/web/user/setting/profile.go index 9ed7843a43071..3b051c9b5f4b7 100644 --- a/routers/web/user/setting/profile.go +++ b/routers/web/user/setting/profile.go @@ -50,8 +50,6 @@ func Profile(ctx *context.Context) { ctx.Data["UserDisabledFeatures"] = user_model.DisabledFeaturesWithLoginType(ctx.Doer) - ctx.Data["ExternalUserLockFullName"] = setting.Admin.ExternalUserLockFullName - ctx.HTML(http.StatusOK, tplSettingsProfile) } @@ -71,6 +69,11 @@ func ProfilePost(ctx *context.Context) { form := web.GetForm(ctx).(*forms.UpdateProfileForm) if form.Name != "" { + if user_model.IsFeatureDisabledWithLoginType(ctx.Doer, setting.UserFeatureChangeUsername) { + ctx.Flash.Error(ctx.Tr("user.form.change_username_disabled")) + ctx.Redirect(setting.AppSubURL + "/user/settings") + return + } if err := user_service.RenameUser(ctx, ctx.Doer, form.Name); err != nil { switch { case user_model.IsErrUserIsNotLocal(err): @@ -93,7 +96,6 @@ func ProfilePost(ctx *context.Context) { } opts := &user_service.UpdateOptions{ - FullName: optional.Some(form.FullName), KeepEmailPrivate: optional.Some(form.KeepEmailPrivate), Description: optional.Some(form.Description), Website: optional.Some(form.Website), @@ -102,8 +104,13 @@ func ProfilePost(ctx *context.Context) { KeepActivityPrivate: optional.Some(form.KeepActivityPrivate), } - if !ctx.Doer.IsLocal() && setting.Admin.ExternalUserLockFullName { - opts.FullName = optional.None[string]() + if form.FullName != "" { + if user_model.IsFeatureDisabledWithLoginType(ctx.Doer, setting.UserFeatureChangeFullName) { + ctx.Flash.Error(ctx.Tr("user.form.change_full_name_disabled")) + ctx.Redirect(setting.AppSubURL + "/user/settings") + return + } + opts.FullName = optional.Some(form.FullName) } if err := user_service.UpdateUser(ctx, ctx.Doer, opts); err != nil { diff --git a/templates/user/settings/profile.tmpl b/templates/user/settings/profile.tmpl index b1de5331aa4ab..fc82a2fe91c1a 100644 --- a/templates/user/settings/profile.tmpl +++ b/templates/user/settings/profile.tmpl @@ -12,15 +12,15 @@ {{ctx.Locale.Tr "settings.change_username_prompt"}} {{ctx.Locale.Tr "settings.change_username_redirect_prompt"}} - - {{if or (not .SignedUser.IsLocal) .IsReverseProxy}} + + {{if or (or (not .SignedUser.IsLocal) ($.UserDisabledFeatures.Contains "change_username")) .IsReverseProxy}}

{{ctx.Locale.Tr "settings.password_username_disabled"}}

{{end}}
- - {{if and (not .SignedUser.IsLocal) .ExternalUserLockFullName}} + + {{if ($.UserDisabledFeatures.Contains "change_full_name")}}

{{ctx.Locale.Tr "settings.password_full_name_disabled"}}

{{end}}
From 345848f643256cf89840a36b8bfe8e985738313f Mon Sep 17 00:00:00 2001 From: thezzisu Date: Thu, 12 Sep 2024 15:41:21 +0800 Subject: [PATCH 5/8] chore: fix tr --- options/locale/locale_en-US.ini | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/options/locale/locale_en-US.ini b/options/locale/locale_en-US.ini index b6b8d25be7fcb..0159ddd1443b4 100644 --- a/options/locale/locale_en-US.ini +++ b/options/locale/locale_en-US.ini @@ -706,8 +706,8 @@ public_profile = Public Profile biography_placeholder = Tell us a little bit about yourself! (You can use Markdown) location_placeholder = Share your approximate location with others profile_desc = Control how your profile is show to other users. Your primary email address will be used for notifications, password recovery and web-based Git operations. -password_username_disabled = Non-local users are not allowed to change their username. Please contact your site administrator for more details. -password_full_name_disabled = Non-local users are not allowed to change their full name. Please contact your site administrator for more details. +password_username_disabled = You are not allowed to change their username. Please contact your site administrator for more details. +password_full_name_disabled = You are not allowed to change their full name. Please contact your site administrator for more details. full_name = Full Name website = Website location = Location From abfeee01f40c92c7c9013aeced9e86b54bec60b0 Mon Sep 17 00:00:00 2001 From: thezzisu Date: Tue, 1 Oct 2024 00:03:20 +0800 Subject: [PATCH 6/8] chore: update app.example.ini --- custom/conf/app.example.ini | 2 ++ 1 file changed, 2 insertions(+) diff --git a/custom/conf/app.example.ini b/custom/conf/app.example.ini index ad5d3e1abae90..7040ceecf42c0 100644 --- a/custom/conf/app.example.ini +++ b/custom/conf/app.example.ini @@ -1505,6 +1505,8 @@ LEVEL = Info ;; - manage_gpg_keys: a user cannot configure gpg keys ;; - manage_mfa: a user cannot configure mfa devices ;; - manage_credentials: a user cannot configure emails, passwords, or openid +;; - change_username: a user cannot change their username +;; - change_full_name: a user cannot change their full name ;;EXTERNAL_USER_DISABLE_FEATURES = ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; From bc8c3031a3808c9bcf0c55135cf02eb35671d4a6 Mon Sep 17 00:00:00 2001 From: thezzisu Date: Tue, 1 Oct 2024 18:22:30 +0800 Subject: [PATCH 7/8] chore: simplify template --- templates/user/settings/profile.tmpl | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/templates/user/settings/profile.tmpl b/templates/user/settings/profile.tmpl index fc82a2fe91c1a..8438d0562f855 100644 --- a/templates/user/settings/profile.tmpl +++ b/templates/user/settings/profile.tmpl @@ -13,7 +13,7 @@ {{ctx.Locale.Tr "settings.change_username_redirect_prompt"}} - {{if or (or (not .SignedUser.IsLocal) ($.UserDisabledFeatures.Contains "change_username")) .IsReverseProxy}} + {{if or (not .SignedUser.IsLocal) ($.UserDisabledFeatures.Contains "change_username") .IsReverseProxy}}

{{ctx.Locale.Tr "settings.password_username_disabled"}}

{{end}} From 7ebf3d13cf4bce46ca3bc0aa0bc3dc85e8f2b3c7 Mon Sep 17 00:00:00 2001 From: thezzisu Date: Thu, 3 Oct 2024 17:09:00 +0800 Subject: [PATCH 8/8] chore: fix repeated 'or' --- templates/user/settings/profile.tmpl | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/templates/user/settings/profile.tmpl b/templates/user/settings/profile.tmpl index 8438d0562f855..9c7e2de218324 100644 --- a/templates/user/settings/profile.tmpl +++ b/templates/user/settings/profile.tmpl @@ -12,7 +12,7 @@ {{ctx.Locale.Tr "settings.change_username_prompt"}} {{ctx.Locale.Tr "settings.change_username_redirect_prompt"}} - + {{if or (not .SignedUser.IsLocal) ($.UserDisabledFeatures.Contains "change_username") .IsReverseProxy}}

{{ctx.Locale.Tr "settings.password_username_disabled"}}

{{end}}