From 3ef6252e06a1f3981f8b7d1717bfc581418b1dc5 Mon Sep 17 00:00:00 2001 From: Lunny Xiao Date: Fri, 23 Feb 2024 15:24:04 +0800 Subject: [PATCH] Allow options to disable user deletion from the interface on app.ini (#29275) Extract from #20549 This PR added a new option on app.ini `[admin]USER_DISABLED_FEATURES` to allow the site administrator to disable users visiting deletion user interface or allow. This options are also potentially allowed to define more features in future PRs. --------- Co-authored-by: wxiaoguang --- custom/conf/app.example.ini | 3 +++ .../config-cheat-sheet.en-us.md | 2 ++ .../config-cheat-sheet.zh-cn.md | 2 ++ modules/setting/admin.go | 10 +++++++- routers/web/user/setting/account.go | 6 +++++ templates/user/settings/account.tmpl | 23 ++++++++++--------- 6 files changed, 34 insertions(+), 12 deletions(-) diff --git a/custom/conf/app.example.ini b/custom/conf/app.example.ini index a360970593ae..5451537d02cc 100644 --- a/custom/conf/app.example.ini +++ b/custom/conf/app.example.ini @@ -1474,6 +1474,9 @@ LEVEL = Info ;; ;; Default configuration for email notifications for users (user configurable). Options: enabled, onmention, disabled ;DEFAULT_EMAIL_NOTIFICATIONS = enabled +;; Disabled features for users, could be "deletion", more features can be disabled in future +;; - deletion: a user cannot delete their own account +;USER_DISABLED_FEATURES = ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; diff --git a/docs/content/administration/config-cheat-sheet.en-us.md b/docs/content/administration/config-cheat-sheet.en-us.md index 838e26b0f6b1..643932de6c1b 100644 --- a/docs/content/administration/config-cheat-sheet.en-us.md +++ b/docs/content/administration/config-cheat-sheet.en-us.md @@ -518,6 +518,8 @@ And the following unique queues: - `DEFAULT_EMAIL_NOTIFICATIONS`: **enabled**: Default configuration for email notifications for users (user configurable). Options: enabled, onmention, disabled - `DISABLE_REGULAR_ORG_CREATION`: **false**: Disallow regular (non-admin) users from creating organizations. +- `USER_DISABLED_FEATURES`: **_empty_** Disabled features for users, could be `deletion` and more features can be added in future. + - `deletion`: User cannot delete their own account. ## Security (`security`) diff --git a/docs/content/administration/config-cheat-sheet.zh-cn.md b/docs/content/administration/config-cheat-sheet.zh-cn.md index 01906930cb9e..5fe0a62215f5 100644 --- a/docs/content/administration/config-cheat-sheet.zh-cn.md +++ b/docs/content/administration/config-cheat-sheet.zh-cn.md @@ -497,6 +497,8 @@ Gitea 创建以下非唯一队列: - `DEFAULT_EMAIL_NOTIFICATIONS`: **enabled**:用户电子邮件通知的默认配置(用户可配置)。选项:enabled、onmention、disabled - `DISABLE_REGULAR_ORG_CREATION`: **false**:禁止普通(非管理员)用户创建组织。 +- `USER_DISABLED_FEATURES`:**_empty_** 禁用的用户特性,当前允许为空或者 `deletion`, 未来可以增加更多设置。 + - `deletion`: 用户不能通过界面或者API删除他自己。 ## 安全性 (`security`) diff --git a/modules/setting/admin.go b/modules/setting/admin.go index 2d2dd26de94a..48a2ea974455 100644 --- a/modules/setting/admin.go +++ b/modules/setting/admin.go @@ -3,14 +3,22 @@ package setting +import "code.gitea.io/gitea/modules/container" + // Admin settings var Admin struct { DisableRegularOrgCreation bool DefaultEmailNotification string + UserDisabledFeatures container.Set[string] } func loadAdminFrom(rootCfg ConfigProvider) { - mustMapSetting(rootCfg, "admin", &Admin) sec := rootCfg.Section("admin") + Admin.DisableRegularOrgCreation = sec.Key("DISABLE_REGULAR_ORG_CREATION").MustBool(false) Admin.DefaultEmailNotification = sec.Key("DEFAULT_EMAIL_NOTIFICATIONS").MustString("enabled") + Admin.UserDisabledFeatures = container.SetOf(sec.Key("USER_DISABLED_FEATURES").Strings(",")...) } + +const ( + UserFeatureDeletion = "deletion" +) diff --git a/routers/web/user/setting/account.go b/routers/web/user/setting/account.go index c7f194a3b52c..659c3e29c1e2 100644 --- a/routers/web/user/setting/account.go +++ b/routers/web/user/setting/account.go @@ -233,6 +233,11 @@ func DeleteEmail(ctx *context.Context) { // DeleteAccount render user suicide page and response for delete user himself func DeleteAccount(ctx *context.Context) { + if setting.Admin.UserDisabledFeatures.Contains(setting.UserFeatureDeletion) { + ctx.Error(http.StatusNotFound) + return + } + ctx.Data["Title"] = ctx.Tr("settings") ctx.Data["PageIsSettingsAccount"] = true @@ -299,6 +304,7 @@ func loadAccountData(ctx *context.Context) { ctx.Data["EmailNotificationsPreference"] = ctx.Doer.EmailNotificationsPreference ctx.Data["ActivationsPending"] = pendingActivation ctx.Data["CanAddEmails"] = !pendingActivation || !setting.Service.RegisterEmailConfirm + ctx.Data["UserDisabledFeatures"] = &setting.Admin.UserDisabledFeatures if setting.Service.UserDeleteWithCommentsMaxTime != 0 { ctx.Data["UserDeleteWithCommentsMaxTime"] = setting.Service.UserDeleteWithCommentsMaxTime.String() diff --git a/templates/user/settings/account.tmpl b/templates/user/settings/account.tmpl index bfcf423d67f5..515e79d739f3 100644 --- a/templates/user/settings/account.tmpl +++ b/templates/user/settings/account.tmpl @@ -128,6 +128,7 @@ {{end}} + {{if not ($.UserDisabledFeatures.Contains "deletion")}}

{{ctx.Locale.Tr "settings.delete_account"}}

@@ -151,7 +152,18 @@ + + {{end}} - - {{template "user/settings/layout_footer" .}}