Skip to content

Commit

Permalink
Admin should not delete himself
Browse files Browse the repository at this point in the history
  • Loading branch information
lunny committed May 8, 2022
1 parent d483407 commit e12047e
Show file tree
Hide file tree
Showing 3 changed files with 16 additions and 0 deletions.
1 change: 1 addition & 0 deletions options/locale/locale_en-US.ini
Original file line number Diff line number Diff line change
Expand Up @@ -2529,6 +2529,7 @@ users.allow_import_local = May Import Local Repositories
users.allow_create_organization = May Create Organizations
users.update_profile = Update User Account
users.delete_account = Delete User Account
users.cannot_delete_self = "You cannot delete yourself"
users.still_own_repo = This user still owns one or more repositories. Delete or transfer these repositories first.
users.still_has_org = This user is a member of an organization. Remove the user from any organizations first.
users.still_own_packages = This user still owns one or more packages. Delete these packages first.
Expand Down
6 changes: 6 additions & 0 deletions routers/api/v1/admin/user.go
Original file line number Diff line number Diff line change
Expand Up @@ -310,6 +310,12 @@ func DeleteUser(ctx *context.APIContext) {
return
}

// admin should not delete himself
if ctx.ContextUser.ID == ctx.Doer.ID {
ctx.Error(http.StatusUnprocessableEntity, "", fmt.Errorf("You cannot delete yourself"))
return
}

if err := user_service.DeleteUser(ctx.ContextUser); err != nil {
if models.IsErrUserOwnRepos(err) ||
models.IsErrUserHasOrgs(err) ||
Expand Down
9 changes: 9 additions & 0 deletions routers/web/admin/users.go
Original file line number Diff line number Diff line change
Expand Up @@ -416,6 +416,15 @@ func DeleteUser(ctx *context.Context) {
return
}

// admin should not delete himself
if u.ID == ctx.Doer.ID {
ctx.Flash.Error(ctx.Tr("admin.users.cannot_delete_self"))
ctx.JSON(http.StatusOK, map[string]interface{}{
"redirect": setting.AppSubURL + "/admin/users/" + url.PathEscape(ctx.Params(":userid")),
})
return
}

if err = user_service.DeleteUser(u); err != nil {
switch {
case models.IsErrUserOwnRepos(err):
Expand Down

0 comments on commit e12047e

Please sign in to comment.