Users should not be able to prohibit their own login (go-gitea#10970)

* ui: limit managers prohibit themself to login Because I think it's crazy and not reasonale , that if a user can prohibit themself to login. so suggest limit this choice on ui Signed-off-by: a1012112796 <[email protected]> * skip self Prohibit Login in post event handle * fix comment Co-authored-by: zeripath <[email protected]> Co-authored-by: John Olheiser <[email protected]> Co-authored-by: Lunny Xiao <[email protected]>
ydelafollye · Jul 31, 2020 · a742aae · a742aae
1 parent b72116a
commit a742aae
Show file tree

Hide file tree

Showing 2 changed files with 8 additions and 2 deletions.
diff --git a/routers/admin/users.go b/routers/admin/users.go
@@ -243,7 +243,13 @@ func EditUserPost(ctx *context.Context, form auth.AdminEditUserForm) {
  u.AllowGitHook = form.AllowGitHook
  u.AllowImportLocal = form.AllowImportLocal
  u.AllowCreateOrganization = form.AllowCreateOrganization
- u.ProhibitLogin = form.ProhibitLogin
+
+ // skip self Prohibit Login
+ if ctx.User.ID == u.ID {
+ u.ProhibitLogin = false
+ } else {
+ u.ProhibitLogin = form.ProhibitLogin
+ }
 
  if err := models.UpdateUser(u); err != nil {
  if models.IsErrEmailAlreadyUsed(err) {

diff --git a/templates/admin/user/edit.tmpl b/templates/admin/user/edit.tmpl
@@ -74,7 +74,7 @@
  <div class="inline field">
  <div class="ui checkbox">
  <label><strong>{{.i18n.Tr "admin.users.prohibit_login"}}</strong></label>
- <input name="prohibit_login" type="checkbox" {{if .User.ProhibitLogin}}checked{{end}}>
+ <input name="prohibit_login" type="checkbox" {{if .User.ProhibitLogin}}checked{{end}} {{if (eq .User.ID .SignedUserID)}}disabled{{end}}>
  </div>
  </div>
  <div class="inline field">