Users should not be able to prohibit their own login (#10970)
* ui: limit managers prohibit themself to login Because I think it's crazy and not reasonale , that if a user can prohibit themself to login. so suggest limit this choice on ui Signed-off-by: a1012112796 <1012112796@qq.com> * skip self Prohibit Login in post event handle * fix comment Co-authored-by: zeripath <art27@cantab.net> Co-authored-by: John Olheiser <john.olheiser@gmail.com> Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
This commit is contained in:
parent
1bec60e02a
commit
88c14326b1
|
@ -243,7 +243,13 @@ func EditUserPost(ctx *context.Context, form auth.AdminEditUserForm) {
|
|||
u.AllowGitHook = form.AllowGitHook
|
||||
u.AllowImportLocal = form.AllowImportLocal
|
||||
u.AllowCreateOrganization = form.AllowCreateOrganization
|
||||
|
||||
// skip self Prohibit Login
|
||||
if ctx.User.ID == u.ID {
|
||||
u.ProhibitLogin = false
|
||||
} else {
|
||||
u.ProhibitLogin = form.ProhibitLogin
|
||||
}
|
||||
|
||||
if err := models.UpdateUser(u); err != nil {
|
||||
if models.IsErrEmailAlreadyUsed(err) {
|
||||
|
|
|
@ -74,7 +74,7 @@
|
|||
<div class="inline field">
|
||||
<div class="ui checkbox">
|
||||
<label><strong>{{.i18n.Tr "admin.users.prohibit_login"}}</strong></label>
|
||||
<input name="prohibit_login" type="checkbox" {{if .User.ProhibitLogin}}checked{{end}}>
|
||||
<input name="prohibit_login" type="checkbox" {{if .User.ProhibitLogin}}checked{{end}} {{if (eq .User.ID .SignedUserID)}}disabled{{end}}>
|
||||
</div>
|
||||
</div>
|
||||
<div class="inline field">
|
||||
|
|
Loading…
Reference in New Issue