mirror of
https://github.com/go-gitea/gitea.git
synced 2025-01-10 15:12:19 +01:00
c337ff0ec7
Fixes #17453 This PR adds the abbility to block a user from a personal account or organization to restrict how the blocked user can interact with the blocker. The docs explain what's the consequence of blocking a user. Screenshots: ![grafik](https://github.com/go-gitea/gitea/assets/1666336/4ed884f3-e06a-4862-afd3-3b8aa2488dc6) ![grafik](https://github.com/go-gitea/gitea/assets/1666336/ae6d4981-f252-4f50-a429-04f0f9f1cdf1) ![grafik](https://github.com/go-gitea/gitea/assets/1666336/ca153599-5b0f-4b4a-90fe-18bdfd6f0b6b) --------- Co-authored-by: Lauris BH <lauris@nix.lv>
149 lines
3.9 KiB
Go
149 lines
3.9 KiB
Go
// Copyright 2014 The Gogs Authors. All rights reserved.
|
|
// Copyright 2020 The Gitea Authors.
|
|
// SPDX-License-Identifier: MIT
|
|
|
|
package org
|
|
|
|
import (
|
|
"net/http"
|
|
|
|
"code.gitea.io/gitea/models"
|
|
"code.gitea.io/gitea/models/organization"
|
|
user_model "code.gitea.io/gitea/models/user"
|
|
"code.gitea.io/gitea/modules/base"
|
|
"code.gitea.io/gitea/modules/log"
|
|
"code.gitea.io/gitea/modules/setting"
|
|
shared_user "code.gitea.io/gitea/routers/web/shared/user"
|
|
"code.gitea.io/gitea/services/context"
|
|
)
|
|
|
|
const (
|
|
// tplMembers template for organization members page
|
|
tplMembers base.TplName = "org/member/members"
|
|
)
|
|
|
|
// Members render organization users page
|
|
func Members(ctx *context.Context) {
|
|
org := ctx.Org.Organization
|
|
ctx.Data["Title"] = org.FullName
|
|
ctx.Data["PageIsOrgMembers"] = true
|
|
|
|
page := ctx.FormInt("page")
|
|
if page <= 1 {
|
|
page = 1
|
|
}
|
|
|
|
opts := &organization.FindOrgMembersOpts{
|
|
OrgID: org.ID,
|
|
PublicOnly: true,
|
|
}
|
|
|
|
if ctx.Doer != nil {
|
|
isMember, err := ctx.Org.Organization.IsOrgMember(ctx, ctx.Doer.ID)
|
|
if err != nil {
|
|
ctx.Error(http.StatusInternalServerError, "IsOrgMember")
|
|
return
|
|
}
|
|
opts.PublicOnly = !isMember && !ctx.Doer.IsAdmin
|
|
}
|
|
ctx.Data["PublicOnly"] = opts.PublicOnly
|
|
|
|
total, err := organization.CountOrgMembers(ctx, opts)
|
|
if err != nil {
|
|
ctx.Error(http.StatusInternalServerError, "CountOrgMembers")
|
|
return
|
|
}
|
|
|
|
err = shared_user.LoadHeaderCount(ctx)
|
|
if err != nil {
|
|
ctx.ServerError("LoadHeaderCount", err)
|
|
return
|
|
}
|
|
|
|
pager := context.NewPagination(int(total), setting.UI.MembersPagingNum, page, 5)
|
|
opts.ListOptions.Page = page
|
|
opts.ListOptions.PageSize = setting.UI.MembersPagingNum
|
|
members, membersIsPublic, err := organization.FindOrgMembers(ctx, opts)
|
|
if err != nil {
|
|
ctx.ServerError("GetMembers", err)
|
|
return
|
|
}
|
|
ctx.Data["Page"] = pager
|
|
ctx.Data["Members"] = members
|
|
ctx.Data["MembersIsPublicMember"] = membersIsPublic
|
|
ctx.Data["MembersIsUserOrgOwner"] = organization.IsUserOrgOwner(ctx, members, org.ID)
|
|
ctx.Data["MembersTwoFaStatus"] = members.GetTwoFaStatus(ctx)
|
|
|
|
ctx.HTML(http.StatusOK, tplMembers)
|
|
}
|
|
|
|
// MembersAction response for operation to a member of organization
|
|
func MembersAction(ctx *context.Context) {
|
|
member, err := user_model.GetUserByID(ctx, ctx.FormInt64("uid"))
|
|
if err != nil {
|
|
log.Error("GetUserByID: %v", err)
|
|
}
|
|
if member == nil {
|
|
ctx.Redirect(ctx.Org.OrgLink + "/members")
|
|
return
|
|
}
|
|
|
|
org := ctx.Org.Organization
|
|
|
|
switch ctx.Params(":action") {
|
|
case "private":
|
|
if ctx.Doer.ID != member.ID && !ctx.Org.IsOwner {
|
|
ctx.Error(http.StatusNotFound)
|
|
return
|
|
}
|
|
err = organization.ChangeOrgUserStatus(ctx, org.ID, member.ID, false)
|
|
case "public":
|
|
if ctx.Doer.ID != member.ID && !ctx.Org.IsOwner {
|
|
ctx.Error(http.StatusNotFound)
|
|
return
|
|
}
|
|
err = organization.ChangeOrgUserStatus(ctx, org.ID, member.ID, true)
|
|
case "remove":
|
|
if !ctx.Org.IsOwner {
|
|
ctx.Error(http.StatusNotFound)
|
|
return
|
|
}
|
|
err = models.RemoveOrgUser(ctx, org, member)
|
|
if organization.IsErrLastOrgOwner(err) {
|
|
ctx.Flash.Error(ctx.Tr("form.last_org_owner"))
|
|
ctx.JSONRedirect(ctx.Org.OrgLink + "/members")
|
|
return
|
|
}
|
|
case "leave":
|
|
err = models.RemoveOrgUser(ctx, org, ctx.Doer)
|
|
if err == nil {
|
|
ctx.Flash.Success(ctx.Tr("form.organization_leave_success", org.DisplayName()))
|
|
ctx.JSON(http.StatusOK, map[string]any{
|
|
"redirect": "", // keep the user stay on current page, in case they want to do other operations.
|
|
})
|
|
} else if organization.IsErrLastOrgOwner(err) {
|
|
ctx.Flash.Error(ctx.Tr("form.last_org_owner"))
|
|
ctx.JSONRedirect(ctx.Org.OrgLink + "/members")
|
|
} else {
|
|
log.Error("RemoveOrgUser(%d,%d): %v", org.ID, ctx.Doer.ID, err)
|
|
}
|
|
return
|
|
}
|
|
|
|
if err != nil {
|
|
log.Error("Action(%s): %v", ctx.Params(":action"), err)
|
|
ctx.JSON(http.StatusOK, map[string]any{
|
|
"ok": false,
|
|
"err": err.Error(),
|
|
})
|
|
return
|
|
}
|
|
|
|
redirect := ctx.Org.OrgLink + "/members"
|
|
if ctx.Params(":action") == "leave" {
|
|
redirect = setting.AppSubURL + "/"
|
|
}
|
|
|
|
ctx.JSONRedirect(redirect)
|
|
}
|