-
-
Notifications
You must be signed in to change notification settings - Fork 5.6k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Respect DefaultUserIsRestricted system default when creating new user #19310
Respect DefaultUserIsRestricted system default when creating new user #19310
Conversation
Allow for overwrites with CreateUserOverwriteOptions
There are a lot of places where |
Codecov Report
@@ Coverage Diff @@
## main #19310 +/- ##
==========================================
- Coverage 47.51% 47.39% -0.12%
==========================================
Files 944 949 +5
Lines 131549 132139 +590
==========================================
+ Hits 62500 62623 +123
- Misses 61541 61974 +433
- Partials 7508 7542 +34
Continue to review full report at Codecov.
|
Could anyone advise on where setting.Service.RegisterEmailConfirm and/or setting.Service.RegisterManualConfirm can be bypassed and where they cannot? |
I think gitea command line could ignore these options. Otherwise they should be obey. |
…ice.RegisterManualConfirm where needed
I don't really think external authentication sources should obey to these rules also, probably they could have option to them to added then to activate user or not but currently I don't think that's a good idea to have to activate them |
My initial reason for this PR was that DefaultUserIsRestricted is currently not taken into account in multiple places where new user accounts are created. When discussing this on discord @zeripath mentioned "you might wanna check isManualConfirm too - appears I may have missed some", so I broadened the scope to also look into RegisterEmailConfirm and RegisterManualConfirm as well. But it looks like there's no consensus as to where these settings should apply? |
Should I maybe leave the RegisterEmailConfirm and RegisterManualConfirm settings AS-IS, and only address DefaultUserIsRestricted in this PR? |
I'm OK for that. |
…ing.Service.RegisterManualConfirm where needed" This reverts commit ee95d3e.
IsAdmin: c.Bool("admin"), | ||
MustChangePassword: changePassword, | ||
Theme: setting.UI.DefaultTheme, |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Why default theme is removed?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Already applied by default in CreateUser:
Line 646 in 5574ad1
u.Theme = setting.UI.DefaultTheme |
…go-gitea#19310) * Apply DefaultUserIsRestricted in CreateUser * Enforce system defaults in CreateUser Allow for overwrites with CreateUserOverwriteOptions * Fix compilation errors * Add "restricted" option to create user command * Add "restricted" option to create user admin api * Respect default setting.Service.RegisterEmailConfirm and setting.Service.RegisterManualConfirm where needed * Revert "Respect default setting.Service.RegisterEmailConfirm and setting.Service.RegisterManualConfirm where needed" This reverts commit ee95d3e.
* giteaofficial/main: Avoid MoreThanOne Error (go-gitea#19557) [skip ci] Updated licenses and gitignores Simplify loops to copy (go-gitea#19569) Use middleware to open gitRepo (go-gitea#19559) Added X-Mailer header to outgoing emails (go-gitea#19562) fix go-gitea#19545 (go-gitea#19563) [skip ci] Updated translations via Crowdin Respect DefaultUserIsRestricted system default when creating new user (go-gitea#19310) Mute link in diff header (go-gitea#19556) Add API to query collaborators permission for a repository (go-gitea#18761) Permalink files In PR diff (go-gitea#19534) Fix Pull Request comment filename word breaks (go-gitea#19535) Don't error when branch's commit doesn't exist (go-gitea#19547)
…go-gitea#19310) * Apply DefaultUserIsRestricted in CreateUser * Enforce system defaults in CreateUser Allow for overwrites with CreateUserOverwriteOptions * Fix compilation errors * Add "restricted" option to create user command * Add "restricted" option to create user admin api * Respect default setting.Service.RegisterEmailConfirm and setting.Service.RegisterManualConfirm where needed * Revert "Respect default setting.Service.RegisterEmailConfirm and setting.Service.RegisterManualConfirm where needed" This reverts commit ee95d3e.
The DefaultUserIsRestricted system configuration options is not always enforced when creating a new user.
This PR configures the system defaults in user_model.CreateUser, and also enhances the CreateUserOverwriteOptions to allow overwriting the system defaults when needed.
Note that the RegisterEmailConfirm and RegisterManualConfirm are also not enforced in most places.
Normalization of these settings has been taken out of the scope of this PR.