mirror of
				https://gitcode.com/gitea/gitea.git
				synced 2025-10-26 05:04:27 +08:00 
			
		
		
		
	Admin should not delete himself (#19423)
Admin should not be able to delete themselves. Also partially fix #15449
This commit is contained in:
		| @ -2529,6 +2529,7 @@ users.allow_import_local = May Import Local Repositories | |||||||
| users.allow_create_organization = May Create Organizations | users.allow_create_organization = May Create Organizations | ||||||
| users.update_profile = Update User Account | users.update_profile = Update User Account | ||||||
| users.delete_account = Delete User Account | users.delete_account = Delete User Account | ||||||
|  | users.cannot_delete_self = "You cannot delete yourself" | ||||||
| users.still_own_repo = This user still owns one or more repositories. Delete or transfer these repositories first. | users.still_own_repo = This user still owns one or more repositories. Delete or transfer these repositories first. | ||||||
| users.still_has_org = This user is a member of an organization. Remove the user from any organizations first. | users.still_has_org = This user is a member of an organization. Remove the user from any organizations first. | ||||||
| users.still_own_packages = This user still owns one or more packages. Delete these packages first. | users.still_own_packages = This user still owns one or more packages. Delete these packages first. | ||||||
|  | |||||||
| @ -310,6 +310,12 @@ func DeleteUser(ctx *context.APIContext) { | |||||||
| 		return | 		return | ||||||
| 	} | 	} | ||||||
|  |  | ||||||
|  | 	// admin should not delete themself | ||||||
|  | 	if ctx.ContextUser.ID == ctx.Doer.ID { | ||||||
|  | 		ctx.Error(http.StatusUnprocessableEntity, "", fmt.Errorf("you cannot delete yourself")) | ||||||
|  | 		return | ||||||
|  | 	} | ||||||
|  |  | ||||||
| 	if err := user_service.DeleteUser(ctx.ContextUser); err != nil { | 	if err := user_service.DeleteUser(ctx.ContextUser); err != nil { | ||||||
| 		if models.IsErrUserOwnRepos(err) || | 		if models.IsErrUserOwnRepos(err) || | ||||||
| 			models.IsErrUserHasOrgs(err) || | 			models.IsErrUserHasOrgs(err) || | ||||||
|  | |||||||
| @ -416,6 +416,15 @@ func DeleteUser(ctx *context.Context) { | |||||||
| 		return | 		return | ||||||
| 	} | 	} | ||||||
|  |  | ||||||
|  | 	// admin should not delete themself | ||||||
|  | 	if u.ID == ctx.Doer.ID { | ||||||
|  | 		ctx.Flash.Error(ctx.Tr("admin.users.cannot_delete_self")) | ||||||
|  | 		ctx.JSON(http.StatusOK, map[string]interface{}{ | ||||||
|  | 			"redirect": setting.AppSubURL + "/admin/users/" + url.PathEscape(ctx.Params(":userid")), | ||||||
|  | 		}) | ||||||
|  | 		return | ||||||
|  | 	} | ||||||
|  |  | ||||||
| 	if err = user_service.DeleteUser(u); err != nil { | 	if err = user_service.DeleteUser(u); err != nil { | ||||||
| 		switch { | 		switch { | ||||||
| 		case models.IsErrUserOwnRepos(err): | 		case models.IsErrUserOwnRepos(err): | ||||||
|  | |||||||
		Reference in New Issue
	
	Block a user
	 Lunny Xiao
					Lunny Xiao