Add ui.explore settings to control view of explore pages

[zeripath]

Add [ui.explore] settings to allow restricting the
explore pages to logged in users only and to restrict
the showing of users to only those with publically available
repositories.

The two proposed settings are:

• REQUIRE_SIGNIN_VIEW: Only allows access to the explore pages if the
  user is signed in. Also restricts
  • /api/v1/user/search
  • /api/v1/users/{username}
  • /api/v1/users/{username}/repos
  • but does not restrict /api/v1/users/{username}/heatmap
• ONLY_SHOW_USERS_WITH_PUBLIC_REPOS: Only shows users with public
  repos on the explore page. /api/v1/user/search will only show users
  with public repos unless the user the is signed in.

Fix #2908

Close #14094

Signed-off-by: Andrew Thornton [email protected]

[zeripath]

This is likely to need further thought and we should think about the api calls for repositories too.

[lafriks]

Imho we don't need special app.ini settings for this. My proposal would be:

• Remove users explore page completely
• Limit API call to users list to require authorization

[codecov-io]

Codecov Report

Merging #13687 (adc8b60) into master (24330f7) will decrease coverage by 0.03%.
The diff coverage is 40.00%.

@@            Coverage Diff             @@
##           master   #13687      +/-   ##
==========================================
- Coverage   42.27%   42.24%   -0.04%     
==========================================
  Files         697      698       +1     
  Lines       76616    76695      +79     
==========================================
+ Hits        32389    32396       +7     
- Misses      38908    38971      +63     
- Partials     5319     5328       +9     

Impacted Files	Coverage Δ
models/migrations/migrations.go	2.44% <ø> (ø)
models/migrations/v160.go	0.00% <0.00%> (ø)
models/user.go	54.23% <0.00%> (-0.12%)	⬇️
modules/setting/setting.go	46.12% <ø> (ø)
models/repo.go	56.18% <57.89%> (+0.02%)	⬆️
routers/api/v1/api.go	79.33% <60.00%> (-0.18%)	⬇️
models/consistency.go	56.75% <100.00%> (+1.44%)	⬆️
routers/api/v1/user/user.go	51.02% <100.00%> (+1.02%)	⬆️
routers/home.go	47.70% <100.00%> (+0.20%)	⬆️
routers/routes/macaron.go	92.54% <100.00%> (+<0.01%)	⬆️
... and 12 more

---

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update 24330f7...adc8b60. Read the comment docs.

[zeripath]

I think there's still likely to be a point for findability for public repositories and users with public repos.

[zeripath]

I would guess however that we should default to only showing users with public repositories

[lafriks]

There is not much point in listing users with public repositories, it will be resource intensive imho and usually everyone are still using repository listing

[lunny]

Please resolve the conflicts

[zeripath]

Conflicts fixed

[zeripath]

conflicts fixed again