Allow users without password (LDAP, OIDC/OAuth) to delete their own account #18329
Comments
|
For LDAP users, they may not be allowed to be deleted by themselves? |
|
Ok, this might make some sense. For example, I have created an account at the Gitea demo server, using Githubs OICD. Now i would for example like to delete it. But i can't. I mean sure. I could remove the authenthication through Github, but it would still leave an account on the Gitea Server. Though I have to admit, I don't know that much about LDAP. So I could be totaly wrong here. |
|
A possible solution could be: we save the external login time in session, then if a user wants to delete the account within 1 minute after login, we allow it. This solution make every user have a chance to delete their account with a fresh external login. |
|
I am still struggeling with understanding why a user that is externaly logged in shouldnt be able to delete his/hers account. |
|
They should, but it needs someone to work on a PR for this feature. |
wxiaoguang
added
the
type/proposal
wxiaoguang
changed the title
wxiaoguang
changed the title
Gitea Version
1.15.8
Git Version
--
Operating System
Linux
How are you running Gitea?
Docker (But doesnt matter)
Database
PostgreSQL
Can you reproduce the bug on the Gitea demo site?
Yes
Log Gist
No response
Description
A user that has an external account cant delete his account.
In order to delete it he has to put in his password. But external users do not have a password.
Screenshots
No response
The text was updated successfully, but these errors were encountered: