gitea/gitea
0
0
Fork 0
mirror of https://github.com/go-gitea/gitea.git synced 2025-06-22 14:08:01 +02:00
Code Issues Packages Projects Releases Wiki Activity

Admin should not delete himself (#19423)

Browse Source 
Admin should not be able to delete themselves.

Also partially fix #15449
This commit is contained in:
Lunny Xiao
2022-05-09 04:22:55 +08:00
committed by GitHub
parent 290cc884f2
commit 9efa47131f
3 changed files with 16 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
routers/api/v1/admin/user.go
View File

@ -310,6 +310,12 @@ func DeleteUser(ctx *context.APIContext) {
return
}
// admin should not delete themself
if ctx.ContextUser.ID == ctx.Doer.ID {
ctx.Error(http.StatusUnprocessableEntity, "", fmt.Errorf("you cannot delete yourself"))
return
}
if err := user_service.DeleteUser(ctx.ContextUser); err != nil {
if models.IsErrUserOwnRepos(err) ||
models.IsErrUserHasOrgs(err) ||

9
routers/web/admin/users.go
View File

@ -416,6 +416,15 @@ func DeleteUser(ctx *context.Context) {
return
}
// admin should not delete themself
if u.ID == ctx.Doer.ID {
ctx.Flash.Error(ctx.Tr("admin.users.cannot_delete_self"))
ctx.JSON(http.StatusOK, map[string]interface{}{
"redirect": setting.AppSubURL + "/admin/users/" + url.PathEscape(ctx.Params(":userid")),
})
return
}
if err = user_service.DeleteUser(u); err != nil {
switch {
case models.IsErrUserOwnRepos(err):