From 66923e02d20e9d5b68ab20fbcdebd779eb4dbaf9 Mon Sep 17 00:00:00 2001 From: Zisu Zhang Date: Sun, 6 Oct 2024 04:41:38 +0800 Subject: [PATCH] Enhance USER_DISABLED_FEATURES to allow disabling change username or full name (#31959) Fix #31958 Enhanced `USER_DISABLED_FEATURES`(also `EXTERNAL_USER_DISABLE_FEATURES`) option in `[admin]` section. Added following values: - `change_username`: Disable change username - `change_full_name`: Disable change full name --- Progress: - [x] Update code - [x] Update translations --- custom/conf/app.example.ini | 2 ++ modules/setting/admin.go | 2 ++ options/locale/locale_en-US.ini | 5 ++++- routers/web/user/setting/profile.go | 16 +++++++++++++++- templates/user/settings/profile.tmpl | 9 ++++++--- 5 files changed, 29 insertions(+), 5 deletions(-) diff --git a/custom/conf/app.example.ini b/custom/conf/app.example.ini index 69d541ff8d4..7c7a43944f0 100644 --- a/custom/conf/app.example.ini +++ b/custom/conf/app.example.ini @@ -1507,6 +1507,8 @@ LEVEL = Info ;; - manage_gpg_keys: a user cannot configure gpg keys ;; - manage_mfa: a user cannot configure mfa devices ;; - manage_credentials: a user cannot configure emails, passwords, or openid +;; - change_username: a user cannot change their username +;; - change_full_name: a user cannot change their full name ;;EXTERNAL_USER_DISABLE_FEATURES = ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; diff --git a/modules/setting/admin.go b/modules/setting/admin.go index ca4e9b1d583..fde291ade94 100644 --- a/modules/setting/admin.go +++ b/modules/setting/admin.go @@ -29,4 +29,6 @@ const ( UserFeatureManageGPGKeys = "manage_gpg_keys" UserFeatureManageMFA = "manage_mfa" UserFeatureManageCredentials = "manage_credentials" + UserFeatureChangeUsername = "change_username" + UserFeatureChangeFullName = "change_full_name" ) diff --git a/options/locale/locale_en-US.ini b/options/locale/locale_en-US.ini index e3b17f9a04f..a02d939b79e 100644 --- a/options/locale/locale_en-US.ini +++ b/options/locale/locale_en-US.ini @@ -580,6 +580,8 @@ lang_select_error = Select a language from the list. username_been_taken = The username is already taken. username_change_not_local_user = Non-local users are not allowed to change their username. +change_username_disabled = Changing username is disabled. +change_full_name_disabled = Changing full name is disabled. username_has_not_been_changed = Username has not been changed repo_name_been_taken = The repository name is already used. repository_force_private = Force Private is enabled: private repositories cannot be made public. @@ -705,7 +707,8 @@ public_profile = Public Profile biography_placeholder = Tell us a little bit about yourself! (You can use Markdown) location_placeholder = Share your approximate location with others profile_desc = Control how your profile is show to other users. Your primary email address will be used for notifications, password recovery and web-based Git operations. -password_username_disabled = Non-local users are not allowed to change their username. Please contact your site administrator for more details. +password_username_disabled = You are not allowed to change their username. Please contact your site administrator for more details. +password_full_name_disabled = You are not allowed to change their full name. Please contact your site administrator for more details. full_name = Full Name website = Website location = Location diff --git a/routers/web/user/setting/profile.go b/routers/web/user/setting/profile.go index 554f6cd6ce3..3b051c9b5f4 100644 --- a/routers/web/user/setting/profile.go +++ b/routers/web/user/setting/profile.go @@ -69,6 +69,11 @@ func ProfilePost(ctx *context.Context) { form := web.GetForm(ctx).(*forms.UpdateProfileForm) if form.Name != "" { + if user_model.IsFeatureDisabledWithLoginType(ctx.Doer, setting.UserFeatureChangeUsername) { + ctx.Flash.Error(ctx.Tr("user.form.change_username_disabled")) + ctx.Redirect(setting.AppSubURL + "/user/settings") + return + } if err := user_service.RenameUser(ctx, ctx.Doer, form.Name); err != nil { switch { case user_model.IsErrUserIsNotLocal(err): @@ -91,7 +96,6 @@ func ProfilePost(ctx *context.Context) { } opts := &user_service.UpdateOptions{ - FullName: optional.Some(form.FullName), KeepEmailPrivate: optional.Some(form.KeepEmailPrivate), Description: optional.Some(form.Description), Website: optional.Some(form.Website), @@ -99,6 +103,16 @@ func ProfilePost(ctx *context.Context) { Visibility: optional.Some(form.Visibility), KeepActivityPrivate: optional.Some(form.KeepActivityPrivate), } + + if form.FullName != "" { + if user_model.IsFeatureDisabledWithLoginType(ctx.Doer, setting.UserFeatureChangeFullName) { + ctx.Flash.Error(ctx.Tr("user.form.change_full_name_disabled")) + ctx.Redirect(setting.AppSubURL + "/user/settings") + return + } + opts.FullName = optional.Some(form.FullName) + } + if err := user_service.UpdateUser(ctx, ctx.Doer, opts); err != nil { ctx.ServerError("UpdateUser", err) return diff --git a/templates/user/settings/profile.tmpl b/templates/user/settings/profile.tmpl index aaaf8f30db6..9c7e2de2183 100644 --- a/templates/user/settings/profile.tmpl +++ b/templates/user/settings/profile.tmpl @@ -12,14 +12,17 @@ {{ctx.Locale.Tr "settings.change_username_prompt"}} {{ctx.Locale.Tr "settings.change_username_redirect_prompt"}} - - {{if or (not .SignedUser.IsLocal) .IsReverseProxy}} + + {{if or (not .SignedUser.IsLocal) ($.UserDisabledFeatures.Contains "change_username") .IsReverseProxy}}

{{ctx.Locale.Tr "settings.password_username_disabled"}}

{{end}}
- + + {{if ($.UserDisabledFeatures.Contains "change_full_name")}} +

{{ctx.Locale.Tr "settings.password_full_name_disabled"}}

+ {{end}}