Home Explore Help
Sign In
forks
/
gitea
Watch 2
Star 0
Fork 0
Code Pull Requests 0 Commits 5898 Releases 0
Browse Source

feat: Able to disable non-admin to create new organization (#927)

Bo-Yi Wu 2 years ago
parent
23aba523b5
commit
d67b278a0d
7 changed files with 42 additions and 3 deletions
Split View Show Diff Stats
  1. 8 2
      cmd/web.go
  2. 2 0
      conf/app.ini
  3. 1 1
      models/user.go
  4. 21 0
      models/user_test.go
  5. 7 0
      modules/setting/setting.go
  6. 1 0
      routers/admin/users.go
  7. 2 0
      templates/admin/user/edit.tmpl

+ 8 - 2
cmd/web.go
View File 

@@ -345,8 +345,14 @@ func runWeb(ctx *cli.Context) error {
345 345
346 346 
 	// ***** START: Organization *****
347 347 
 	m.Group("/org", func() {
348 
-		m.Get("/create", org.Create)
349 
-		m.Post("/create", bindIgnErr(auth.CreateOrgForm{}), org.CreatePost)
348 
+		m.Group("", func() {
349 
+			m.Get("/create", org.Create)
350 
+			m.Post("/create", bindIgnErr(auth.CreateOrgForm{}), org.CreatePost)
351 
+		}, func(ctx *context.Context) {
352 
+			if !ctx.User.CanCreateOrganization() {
353 
+				ctx.NotFound()
354 
+			}
355 
+		})
350 356
351 357 
 		m.Group("/:org", func() {
352 358 
 			m.Get("/dashboard", user.Dashboard)

+ 2 - 0
conf/app.ini
View File 

@@ -163,6 +163,8 @@ ISSUE_INDEXER_PATH = indexers/issues.bleve
163 163 
 UPDATE_BUFFER_LEN = 20
164 164
165 165 
 [admin]
166 
+; Disable regular (non-admin) users to create organizations
167 
+DISABLE_REGULAR_ORG_CREATION = false
166 168
167 169 
 [security]
168 170 
 ; Whether the installer is disabled

+ 1 - 1
models/user.go
View File 

@@ -223,7 +223,7 @@ func (u *User) CanCreateRepo() bool {
223 223
224 224 
 // CanCreateOrganization returns true if user can create organisation.
225 225 
 func (u *User) CanCreateOrganization() bool {
226 
-	return u.IsAdmin || u.AllowCreateOrganization
226 
+	return u.IsAdmin || (u.AllowCreateOrganization && !setting.Admin.DisableRegularOrgCreation)
227 227 
 }
228 228
229 229 
 // CanEditGitHook returns true if user can edit Git hooks.

+ 21 - 0
models/user_test.go
View File 

@@ -7,6 +7,8 @@ package models
7 7 
 import (
8 8 
 	"testing"
9 9
10 
+	"code.gitea.io/gitea/modules/setting"
11 
+
10 12 
 	"github.com/stretchr/testify/assert"
11 13 
 )
12 14 
 
@@ -17,3 +19,22 @@ func TestGetUserEmailsByNames(t *testing.T) {
17 19 
 	assert.Equal(t, []string{"user8@example.com"}, GetUserEmailsByNames([]string{"user8", "user9"}))
18 20 
 	assert.Equal(t, []string{"user8@example.com", "user5@example.com"}, GetUserEmailsByNames([]string{"user8", "user5"}))
19 21 
 }
22 
+
23 
+func TestCanCreateOrganization(t *testing.T) {
24 
+	assert.NoError(t, PrepareTestDatabase())
25 
+
26 
+	admin := AssertExistsAndLoadBean(t, &User{ID: 1}).(*User)
27 
+	assert.True(t, admin.CanCreateOrganization())
28 
+
29 
+	user := AssertExistsAndLoadBean(t, &User{ID: 2}).(*User)
30 
+	assert.True(t, user.CanCreateOrganization())
31 
+	// Disable user create organization permission.
32 
+	user.AllowCreateOrganization = false
33 
+	assert.False(t, user.CanCreateOrganization())
34 
+
35 
+	setting.Admin.DisableRegularOrgCreation = true
36 
+	user.AllowCreateOrganization = true
37 
+	assert.True(t, admin.CanCreateOrganization())
38 
+	assert.False(t, user.CanCreateOrganization())
39 
+
40 
+}

+ 7 - 0
modules/setting/setting.go
View File 

@@ -257,6 +257,11 @@ var (
257 257 
 		FileExtensions:      strings.Split(".md,.markdown,.mdown,.mkd", ","),
258 258 
 	}
259 259
260 
+	// Admin settings
261 
+	Admin struct {
262 
+		DisableRegularOrgCreation bool
263 
+	}
264 
+
260 265 
 	// Picture settings
261 266 
 	AvatarUploadPath      string
262 267 
 	GravatarSource        string
 
@@ -855,6 +860,8 @@ please consider changing to GITEA_CUSTOM`)
855 860 
 		log.Fatal(4, "Failed to map UI settings: %v", err)
856 861 
 	} else if err = Cfg.Section("markdown").MapTo(&Markdown); err != nil {
857 862 
 		log.Fatal(4, "Failed to map Markdown settings: %v", err)
863 
+	} else if err = Cfg.Section("admin").MapTo(&Admin); err != nil {
864 
+		log.Fatal(4, "Fail to map Admin settings: %v", err)
858 865 
 	} else if err = Cfg.Section("cron").MapTo(&Cron); err != nil {
859 866 
 		log.Fatal(4, "Failed to map Cron settings: %v", err)
860 867 
 	} else if err = Cfg.Section("git").MapTo(&Git); err != nil {

+ 1 - 0
routers/admin/users.go
View File 

@@ -158,6 +158,7 @@ func EditUser(ctx *context.Context) {
158 158 
 	ctx.Data["Title"] = ctx.Tr("admin.users.edit_account")
159 159 
 	ctx.Data["PageIsAdmin"] = true
160 160 
 	ctx.Data["PageIsAdminUsers"] = true
161 
+	ctx.Data["DisableRegularOrgCreation"] = setting.Admin.DisableRegularOrgCreation
161 162
162 163 
 	prepareUserInfo(ctx)
163 164 
 	if ctx.Written() {

+ 2 - 0
templates/admin/user/edit.tmpl
View File 

@@ -97,12 +97,14 @@
97 97 
 								<input name="allow_import_local" type="checkbox" {{if .User.CanImportLocal}}checked{{end}}>
98 98 
 							</div>
99 99 
 						</div>
100 
+						{{if not .DisableRegularOrgCreation}}
100 101 
 						<div class="inline field">
101 102 
 							<div class="ui checkbox">
102 103 
 								<label><strong>{{.i18n.Tr "admin.users.allow_create_organization"}}</strong></label>
103 104 
 								<input name="allow_create_organization" type="checkbox" {{if .User.CanCreateOrganization}}checked{{end}}>
104 105 
 							</div>
105 106 
 						</div>
107 
+						{{end}}
106 108
107 109 
 						<div class="ui divider"></div>
108 110