Users should not be able to prohibit their own login (#10970)

* ui: limit managers prohibit themself to login

Because I think it's crazy and not reasonale , that if a user can
prohibit themself to login. so suggest limit this choice on ui

Signed-off-by: a1012112796 <1012112796@qq.com>

* skip self Prohibit Login in post event handle

* fix comment

Co-authored-by: zeripath <art27@cantab.net>
Co-authored-by: John Olheiser <john.olheiser@gmail.com>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
tokarchuk/v1.17
赵智超 5 years ago committed by GitHub
parent 1bec60e02a
commit 88c14326b1
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
  1. 8
      routers/admin/users.go
  2. 2
      templates/admin/user/edit.tmpl

@ -243,7 +243,13 @@ func EditUserPost(ctx *context.Context, form auth.AdminEditUserForm) {
u.AllowGitHook = form.AllowGitHook u.AllowGitHook = form.AllowGitHook
u.AllowImportLocal = form.AllowImportLocal u.AllowImportLocal = form.AllowImportLocal
u.AllowCreateOrganization = form.AllowCreateOrganization u.AllowCreateOrganization = form.AllowCreateOrganization
u.ProhibitLogin = form.ProhibitLogin
// skip self Prohibit Login
if ctx.User.ID == u.ID {
u.ProhibitLogin = false
} else {
u.ProhibitLogin = form.ProhibitLogin
}
if err := models.UpdateUser(u); err != nil { if err := models.UpdateUser(u); err != nil {
if models.IsErrEmailAlreadyUsed(err) { if models.IsErrEmailAlreadyUsed(err) {

@ -74,7 +74,7 @@
<div class="inline field"> <div class="inline field">
<div class="ui checkbox"> <div class="ui checkbox">
<label><strong>{{.i18n.Tr "admin.users.prohibit_login"}}</strong></label> <label><strong>{{.i18n.Tr "admin.users.prohibit_login"}}</strong></label>
<input name="prohibit_login" type="checkbox" {{if .User.ProhibitLogin}}checked{{end}}> <input name="prohibit_login" type="checkbox" {{if .User.ProhibitLogin}}checked{{end}} {{if (eq .User.ID .SignedUserID)}}disabled{{end}}>
</div> </div>
</div> </div>
<div class="inline field"> <div class="inline field">

Loading…
Cancel
Save