Browse Source

feat: Able to disable non-admin to create new organization (#927)

Bo-Yi Wu 2 years ago
parent
commit
d67b278a0d
7 changed files with 42 additions and 3 deletions
  1. 8 2
      cmd/web.go
  2. 2 0
      conf/app.ini
  3. 1 1
      models/user.go
  4. 21 0
      models/user_test.go
  5. 7 0
      modules/setting/setting.go
  6. 1 0
      routers/admin/users.go
  7. 2 0
      templates/admin/user/edit.tmpl

+ 8 - 2
cmd/web.go

@@ -345,8 +345,14 @@ func runWeb(ctx *cli.Context) error {
345 345
 
346 346
 	// ***** START: Organization *****
347 347
 	m.Group("/org", func() {
348
-		m.Get("/create", org.Create)
349
-		m.Post("/create", bindIgnErr(auth.CreateOrgForm{}), org.CreatePost)
348
+		m.Group("", func() {
349
+			m.Get("/create", org.Create)
350
+			m.Post("/create", bindIgnErr(auth.CreateOrgForm{}), org.CreatePost)
351
+		}, func(ctx *context.Context) {
352
+			if !ctx.User.CanCreateOrganization() {
353
+				ctx.NotFound()
354
+			}
355
+		})
350 356
 
351 357
 		m.Group("/:org", func() {
352 358
 			m.Get("/dashboard", user.Dashboard)

+ 2 - 0
conf/app.ini

@@ -163,6 +163,8 @@ ISSUE_INDEXER_PATH = indexers/issues.bleve
163 163
 UPDATE_BUFFER_LEN = 20
164 164
 
165 165
 [admin]
166
+; Disable regular (non-admin) users to create organizations
167
+DISABLE_REGULAR_ORG_CREATION = false
166 168
 
167 169
 [security]
168 170
 ; Whether the installer is disabled

+ 1 - 1
models/user.go

@@ -223,7 +223,7 @@ func (u *User) CanCreateRepo() bool {
223 223
 
224 224
 // CanCreateOrganization returns true if user can create organisation.
225 225
 func (u *User) CanCreateOrganization() bool {
226
-	return u.IsAdmin || u.AllowCreateOrganization
226
+	return u.IsAdmin || (u.AllowCreateOrganization && !setting.Admin.DisableRegularOrgCreation)
227 227
 }
228 228
 
229 229
 // CanEditGitHook returns true if user can edit Git hooks.

+ 21 - 0
models/user_test.go

@@ -7,6 +7,8 @@ package models
7 7
 import (
8 8
 	"testing"
9 9
 
10
+	"code.gitea.io/gitea/modules/setting"
11
+
10 12
 	"github.com/stretchr/testify/assert"
11 13
 )
12 14
 
@@ -17,3 +19,22 @@ func TestGetUserEmailsByNames(t *testing.T) {
17 19
 	assert.Equal(t, []string{"user8@example.com"}, GetUserEmailsByNames([]string{"user8", "user9"}))
18 20
 	assert.Equal(t, []string{"user8@example.com", "user5@example.com"}, GetUserEmailsByNames([]string{"user8", "user5"}))
19 21
 }
22
+
23
+func TestCanCreateOrganization(t *testing.T) {
24
+	assert.NoError(t, PrepareTestDatabase())
25
+
26
+	admin := AssertExistsAndLoadBean(t, &User{ID: 1}).(*User)
27
+	assert.True(t, admin.CanCreateOrganization())
28
+
29
+	user := AssertExistsAndLoadBean(t, &User{ID: 2}).(*User)
30
+	assert.True(t, user.CanCreateOrganization())
31
+	// Disable user create organization permission.
32
+	user.AllowCreateOrganization = false
33
+	assert.False(t, user.CanCreateOrganization())
34
+
35
+	setting.Admin.DisableRegularOrgCreation = true
36
+	user.AllowCreateOrganization = true
37
+	assert.True(t, admin.CanCreateOrganization())
38
+	assert.False(t, user.CanCreateOrganization())
39
+
40
+}

+ 7 - 0
modules/setting/setting.go

@@ -257,6 +257,11 @@ var (
257 257
 		FileExtensions:      strings.Split(".md,.markdown,.mdown,.mkd", ","),
258 258
 	}
259 259
 
260
+	// Admin settings
261
+	Admin struct {
262
+		DisableRegularOrgCreation bool
263
+	}
264
+
260 265
 	// Picture settings
261 266
 	AvatarUploadPath      string
262 267
 	GravatarSource        string
@@ -855,6 +860,8 @@ please consider changing to GITEA_CUSTOM`)
855 860
 		log.Fatal(4, "Failed to map UI settings: %v", err)
856 861
 	} else if err = Cfg.Section("markdown").MapTo(&Markdown); err != nil {
857 862
 		log.Fatal(4, "Failed to map Markdown settings: %v", err)
863
+	} else if err = Cfg.Section("admin").MapTo(&Admin); err != nil {
864
+		log.Fatal(4, "Fail to map Admin settings: %v", err)
858 865
 	} else if err = Cfg.Section("cron").MapTo(&Cron); err != nil {
859 866
 		log.Fatal(4, "Failed to map Cron settings: %v", err)
860 867
 	} else if err = Cfg.Section("git").MapTo(&Git); err != nil {

+ 1 - 0
routers/admin/users.go

@@ -158,6 +158,7 @@ func EditUser(ctx *context.Context) {
158 158
 	ctx.Data["Title"] = ctx.Tr("admin.users.edit_account")
159 159
 	ctx.Data["PageIsAdmin"] = true
160 160
 	ctx.Data["PageIsAdminUsers"] = true
161
+	ctx.Data["DisableRegularOrgCreation"] = setting.Admin.DisableRegularOrgCreation
161 162
 
162 163
 	prepareUserInfo(ctx)
163 164
 	if ctx.Written() {

+ 2 - 0
templates/admin/user/edit.tmpl

@@ -97,12 +97,14 @@
97 97
 								<input name="allow_import_local" type="checkbox" {{if .User.CanImportLocal}}checked{{end}}>
98 98
 							</div>
99 99
 						</div>
100
+						{{if not .DisableRegularOrgCreation}}
100 101
 						<div class="inline field">
101 102
 							<div class="ui checkbox">
102 103
 								<label><strong>{{.i18n.Tr "admin.users.allow_create_organization"}}</strong></label>
103 104
 								<input name="allow_create_organization" type="checkbox" {{if .User.CanCreateOrganization}}checked{{end}}>
104 105
 							</div>
105 106
 						</div>
107
+						{{end}}
106 108
 
107 109
 						<div class="ui divider"></div>
108 110