Extract from #20549 This PR added a new option on app.ini `[admin]USER_DISABLED_FEATURES` to allow the site administrator to disable users visiting deletion user interface or allow. This options are also potentially allowed to define more features in future PRs. --------- Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>tags/v1.22.0-rc0
;; | ;; | ||||
;; Default configuration for email notifications for users (user configurable). Options: enabled, onmention, disabled | ;; Default configuration for email notifications for users (user configurable). Options: enabled, onmention, disabled | ||||
;DEFAULT_EMAIL_NOTIFICATIONS = enabled | ;DEFAULT_EMAIL_NOTIFICATIONS = enabled | ||||
;; Disabled features for users, could be "deletion", more features can be disabled in future | |||||
;; - deletion: a user cannot delete their own account | |||||
;USER_DISABLED_FEATURES = | |||||
;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; | ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; | ||||
;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; | ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; |
- `DEFAULT_EMAIL_NOTIFICATIONS`: **enabled**: Default configuration for email notifications for users (user configurable). Options: enabled, onmention, disabled | - `DEFAULT_EMAIL_NOTIFICATIONS`: **enabled**: Default configuration for email notifications for users (user configurable). Options: enabled, onmention, disabled | ||||
- `DISABLE_REGULAR_ORG_CREATION`: **false**: Disallow regular (non-admin) users from creating organizations. | - `DISABLE_REGULAR_ORG_CREATION`: **false**: Disallow regular (non-admin) users from creating organizations. | ||||
- `USER_DISABLED_FEATURES`: **_empty_** Disabled features for users, could be `deletion` and more features can be added in future. | |||||
- `deletion`: User cannot delete their own account. | |||||
## Security (`security`) | ## Security (`security`) | ||||
- `DEFAULT_EMAIL_NOTIFICATIONS`: **enabled**:用户电子邮件通知的默认配置(用户可配置)。选项:enabled、onmention、disabled | - `DEFAULT_EMAIL_NOTIFICATIONS`: **enabled**:用户电子邮件通知的默认配置(用户可配置)。选项:enabled、onmention、disabled | ||||
- `DISABLE_REGULAR_ORG_CREATION`: **false**:禁止普通(非管理员)用户创建组织。 | - `DISABLE_REGULAR_ORG_CREATION`: **false**:禁止普通(非管理员)用户创建组织。 | ||||
- `USER_DISABLED_FEATURES`:**_empty_** 禁用的用户特性,当前允许为空或者 `deletion`, 未来可以增加更多设置。 | |||||
- `deletion`: 用户不能通过界面或者API删除他自己。 | |||||
## 安全性 (`security`) | ## 安全性 (`security`) | ||||
package setting | package setting | ||||
import "code.gitea.io/gitea/modules/container" | |||||
// Admin settings | // Admin settings | ||||
var Admin struct { | var Admin struct { | ||||
DisableRegularOrgCreation bool | DisableRegularOrgCreation bool | ||||
DefaultEmailNotification string | DefaultEmailNotification string | ||||
UserDisabledFeatures container.Set[string] | |||||
} | } | ||||
func loadAdminFrom(rootCfg ConfigProvider) { | func loadAdminFrom(rootCfg ConfigProvider) { | ||||
mustMapSetting(rootCfg, "admin", &Admin) | |||||
sec := rootCfg.Section("admin") | sec := rootCfg.Section("admin") | ||||
Admin.DisableRegularOrgCreation = sec.Key("DISABLE_REGULAR_ORG_CREATION").MustBool(false) | |||||
Admin.DefaultEmailNotification = sec.Key("DEFAULT_EMAIL_NOTIFICATIONS").MustString("enabled") | Admin.DefaultEmailNotification = sec.Key("DEFAULT_EMAIL_NOTIFICATIONS").MustString("enabled") | ||||
Admin.UserDisabledFeatures = container.SetOf(sec.Key("USER_DISABLED_FEATURES").Strings(",")...) | |||||
} | } | ||||
const ( | |||||
UserFeatureDeletion = "deletion" | |||||
) |
// DeleteAccount render user suicide page and response for delete user himself | // DeleteAccount render user suicide page and response for delete user himself | ||||
func DeleteAccount(ctx *context.Context) { | func DeleteAccount(ctx *context.Context) { | ||||
if setting.Admin.UserDisabledFeatures.Contains(setting.UserFeatureDeletion) { | |||||
ctx.Error(http.StatusNotFound) | |||||
return | |||||
} | |||||
ctx.Data["Title"] = ctx.Tr("settings") | ctx.Data["Title"] = ctx.Tr("settings") | ||||
ctx.Data["PageIsSettingsAccount"] = true | ctx.Data["PageIsSettingsAccount"] = true | ||||
ctx.Data["EmailNotificationsPreference"] = ctx.Doer.EmailNotificationsPreference | ctx.Data["EmailNotificationsPreference"] = ctx.Doer.EmailNotificationsPreference | ||||
ctx.Data["ActivationsPending"] = pendingActivation | ctx.Data["ActivationsPending"] = pendingActivation | ||||
ctx.Data["CanAddEmails"] = !pendingActivation || !setting.Service.RegisterEmailConfirm | ctx.Data["CanAddEmails"] = !pendingActivation || !setting.Service.RegisterEmailConfirm | ||||
ctx.Data["UserDisabledFeatures"] = &setting.Admin.UserDisabledFeatures | |||||
if setting.Service.UserDeleteWithCommentsMaxTime != 0 { | if setting.Service.UserDeleteWithCommentsMaxTime != 0 { | ||||
ctx.Data["UserDeleteWithCommentsMaxTime"] = setting.Service.UserDeleteWithCommentsMaxTime.String() | ctx.Data["UserDeleteWithCommentsMaxTime"] = setting.Service.UserDeleteWithCommentsMaxTime.String() |
{{end}} | {{end}} | ||||
</div> | </div> | ||||
{{if not ($.UserDisabledFeatures.Contains "deletion")}} | |||||
<h4 class="ui top attached error header"> | <h4 class="ui top attached error header"> | ||||
{{ctx.Locale.Tr "settings.delete_account"}} | {{ctx.Locale.Tr "settings.delete_account"}} | ||||
</h4> | </h4> | ||||
</button> | </button> | ||||
</div> | </div> | ||||
</form> | </form> | ||||
<div class="ui g-modal-confirm delete modal" id="delete-account"> | |||||
<div class="header"> | |||||
{{svg "octicon-trash"}} | |||||
{{ctx.Locale.Tr "settings.delete_account_title"}} | |||||
</div> | |||||
<div class="content"> | |||||
<p>{{ctx.Locale.Tr "settings.delete_account_desc"}}</p> | |||||
</div> | |||||
{{template "base/modal_actions_confirm" .}} | |||||
</div> | |||||
</div> | </div> | ||||
{{end}} | |||||
</div> | </div> | ||||
<div class="ui g-modal-confirm delete modal" id="delete-email"> | <div class="ui g-modal-confirm delete modal" id="delete-email"> | ||||
{{template "base/modal_actions_confirm" .}} | {{template "base/modal_actions_confirm" .}} | ||||
</div> | </div> | ||||
<div class="ui g-modal-confirm delete modal" id="delete-account"> | |||||
<div class="header"> | |||||
{{svg "octicon-trash"}} | |||||
{{ctx.Locale.Tr "settings.delete_account_title"}} | |||||
</div> | |||||
<div class="content"> | |||||
<p>{{ctx.Locale.Tr "settings.delete_account_desc"}}</p> | |||||
</div> | |||||
{{template "base/modal_actions_confirm" .}} | |||||
</div> | |||||
{{template "user/settings/layout_footer" .}} | {{template "user/settings/layout_footer" .}} |