Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add setting to disable user features when user login type is not plain #29615

Merged

Conversation

jackHay22
Copy link
Contributor

@jackHay22 jackHay22 commented Mar 5, 2024

Changes

  • Adds setting EXTERNAL_USER_DISABLE_FEATURES to disable any supported user features when login type is not plain
    • In general, this is necessary for SSO implementations to avoid inconsistencies between the external account management and the linked account
  • Adds helper functions to encourage correct use

@GiteaBot GiteaBot added the lgtm/need 2 This PR needs two approvals by maintainers to be considered for merging. label Mar 5, 2024
@pull-request-size pull-request-size bot added the size/M Denotes a PR that changes 30-99 lines, ignoring generated files. label Mar 5, 2024
@github-actions github-actions bot added the modifies/api This PR adds API routes or modifies them label Mar 5, 2024
@lunny
Copy link
Member

lunny commented Mar 7, 2024

But I don't think password is meaningful for external users.

@jackHay22
Copy link
Contributor Author

But I don't think password is meaningful for external users.

Do you mean that changing a password should be disabled? I agree but I'm not sure if that's directly related to the changes here.

@lunny
Copy link
Member

lunny commented Mar 7, 2024

What if the user system needs to be refactored in future that a user will always be a plain one and can linked to external account?

@jackHay22
Copy link
Contributor Author

What if the user system needs to be refactored in future that a user will always be a plain one and can linked to external account?

So checking LoginType wouldn't be the best way to check if the account is linked to an external provider? Should we instead check for an ExternalLoginUser?

@lunny
Copy link
Member

lunny commented Mar 7, 2024

What if the user system needs to be refactored in future that a user will always be a plain one and can linked to external account?

So checking LoginType wouldn't be the best way to check if the account is linked to an external provider? Should we instead check for an ExternalLoginUser?

Currently I think check LoginType is OK because not every external accounts have been saved into ExternalLoginUser. But we need to have a comment here, once all external login users have been stored, then we can check the table.

custom/conf/app.example.ini Outdated Show resolved Hide resolved
@GiteaBot GiteaBot added lgtm/need 1 This PR needs approval from one additional maintainer to be merged. and removed lgtm/need 2 This PR needs two approvals by maintainers to be considered for merging. labels Mar 7, 2024
@lunny lunny added the type/enhancement An improvement of existing functionality label Mar 7, 2024
@lunny
Copy link
Member

lunny commented Mar 7, 2024

And please add documents and tests.

@jackHay22 jackHay22 marked this pull request as draft March 13, 2024 19:48
@jackHay22
Copy link
Contributor Author

I think it would be better to change EXTERNAL_USER_DISABLE_ALL_FEATURES to EXTERNAL_USER_DISABLE_FEATURES and allow selective inclusion.

@pull-request-size pull-request-size bot added size/L Denotes a PR that changes 100-499 lines, ignoring generated files. and removed size/M Denotes a PR that changes 30-99 lines, ignoring generated files. labels Mar 26, 2024
@jackHay22 jackHay22 marked this pull request as ready for review March 26, 2024 13:34
@github-actions github-actions bot added the modifies/go Pull requests that update Go code label Mar 26, 2024
@GiteaBot GiteaBot added lgtm/need 2 This PR needs two approvals by maintainers to be considered for merging. and removed lgtm/need 1 This PR needs approval from one additional maintainer to be merged. labels Mar 26, 2024
models/user/user.go Outdated Show resolved Hide resolved
@GiteaBot GiteaBot added lgtm/need 1 This PR needs approval from one additional maintainer to be merged. and removed lgtm/need 2 This PR needs two approvals by maintainers to be considered for merging. labels Mar 28, 2024
@GiteaBot GiteaBot added lgtm/done This PR has enough approvals to get merged. There are no important open reservations anymore. and removed lgtm/need 1 This PR needs approval from one additional maintainer to be merged. labels Mar 28, 2024
@silverwind silverwind merged commit 59d4aad into go-gitea:main Mar 29, 2024
26 checks passed
@GiteaBot GiteaBot added this to the 1.23.0 milestone Mar 29, 2024
zjjhot added a commit to zjjhot/gitea that referenced this pull request Mar 30, 2024
* giteaofficial/main:
  Include encoding in signature payload (go-gitea#30174)
  Add `stylelint-value-no-unknown-custom-properties` and convert stylelint config to js (go-gitea#30117)
  Remove jQuery class from the commit button (go-gitea#30178)
  Remove jQuery class from the diff view (go-gitea#30176)
  Remove jQuery class from the notification count (go-gitea#30172)
  Remove jQuery class from the code range selection (go-gitea#30173)
  Fix:the rounded corners of the folded file are not displayed correctly (go-gitea#29953)
  Add setting to disable user features when user login type is not plain (go-gitea#29615)

# Conflicts:
#	models/user/user.go
@wxiaoguang wxiaoguang modified the milestones: 1.23.0, 1.22.0 Apr 27, 2024
TKaxv-7S added a commit to TKaxv-7S/gitea that referenced this pull request May 29, 2024
This release stands as a monumental milestone in our development journey with a record-breaking incorporation of [1528](https://github.com/go-gitea/gitea/pulls?q=is%3Apr+milestone%3A1.22.0+is%3Amerged) pull requests. It marks the most extensive update in Gitea's history, showcasing a plethora of new features and infrastructure improvements.

Noteworthy advancements in this release include the introduction of `HTMX` and `Tailwind`, signaling a strategic shift as we gradually phase out `jquery` and `Fomantic UI`. These changes reflect our commitment to embracing modern technologies and enhancing the user experience.

Key highlights of this release encompass significant changes categorized under `BREAKING`, `FEATURES`, `ENHANCEMENTS`, and `PERFORMANCE`, each contributing to a more robust and efficient Gitea platform.

* BREAKING
  * Improve reverse proxy documents and clarify the AppURL guessing behavior (go-gitea#31003) (go-gitea#31020)
  * Remember log in for a month by default (go-gitea#30150)
  * Breaking summary for template refactoring (go-gitea#29395)
    * All custom templates need to follow these changes
  * Recommend/convert to use case-sensitive collation for MySQL/MSSQL (go-gitea#28662)
  * Make offline mode as default to not connect external avatar service by default (go-gitea#28548)
  * Include public repos in the doer's dashboard for issue search (go-gitea#28304)
  * Use restricted sanitizer for repository description (go-gitea#28141)
  * Support storage base path as prefix (go-gitea#27827)
  * Enhanced auth token / remember me (go-gitea#27606)
  * Rename the default themes to `gitea-light`, `gitea-dark`, `gitea-auto` (go-gitea#27419)
    * If you didn't see the new themes, please remove the `[ui].THEMES` config option from `app.ini`
  * Require MySQL 8.0, PostgreSQL 12, MSSQL 2012 (go-gitea#27337)
* FEATURES
  * Allow everyone to read or write a wiki by a repo unit setting (go-gitea#30495)
  * Use raw Wiki links for non-renderable Wiki files (go-gitea#30273)
  * Render embedded code preview by permalink in markdown (go-gitea#30234) (go-gitea#30249)
  * Support repo code search without setting up an indexer (go-gitea#29998)
  * Support pasting URLs over markdown text (go-gitea#29566)
  * Allow to change primary email before account activation (go-gitea#29412)
  * Customizable "Open with" applications for repository clone (go-gitea#29320)
  * Allow options to disable user deletion from the interface on app.ini (go-gitea#29275)
  * Extend issue template YAML engine (go-gitea#29274)
  * Add support for `linguist-detectable` and `linguist-documentation` (go-gitea#29267)
  * Implement code frequency graph (go-gitea#29191)
  * Show commit status for releases (go-gitea#29149)
  * Add user blocking (go-gitea#29028)
  * Actions Artifacts v4 backend (go-gitea#28965)
  * Add merge style `fast-forward-only` (go-gitea#28954)
  * Retarget depending pulls when the parent branch is deleted (go-gitea#28686)
  * Add global setting on how timestamps should be rendered (go-gitea#28657)
  * Implement actions badge SVGs (go-gitea#28102)
  * Add skip ci functionality (go-gitea#28075)
  * Show latest commit for file (go-gitea#28067)
  * Allow to sync tags from the admin dashboard (go-gitea#28045)
  * Add Profile Readme for Organisations (go-gitea#27955)
  * Implement contributors graph (go-gitea#27882)
  * Artifact deletion in actions ui (go-gitea#27172)
  * Add API routes to get runner registration token (go-gitea#27144)
  * Add support for forking single branch (go-gitea#25821)
  * Add support for sha256 repositories (go-gitea#23894)
  * Add admin API route for managing user's badges (go-gitea#23106)
* ENHANCEMENTS
  * Make gitea webhooks openproject compatible (go-gitea#28435) (go-gitea#31081)
  * Support using label names when changing issue labels (go-gitea#30943) (go-gitea#30958)
  * Fix various problems around project board view (go-gitea#30696) (go-gitea#30902)
  * Improve context popup rendering (go-gitea#30824) (go-gitea#30829)
  * Allow to save empty comment (go-gitea#30706)
  * Prevent allow/reject reviews on merged/closed PRs (go-gitea#30686)
  * Initial support for colorblindness-friendly themes (go-gitea#30625)
  * Some NuGet package enhancements (go-gitea#30280) (go-gitea#30324)
  * Markup color and font size fixes (go-gitea#30282) (go-gitea#30310)
  * Show 12 lines in markup code preview (go-gitea#30255) (go-gitea#30257)
  * Add `[other].SHOW_FOOTER_POWERED_BY` setting to hide `Powered by` (go-gitea#30253)
  * Pulse page improvements (go-gitea#30149)
  * Render code tags in commit messages (go-gitea#30146)
  * Prevent re-review and dismiss review actions on closed and merged PRs (go-gitea#30065)
  * Cancel previous runs of the same PR automatically (go-gitea#29961)
  * Drag-and-drop improvements for projects and issue pins (go-gitea#29875)
  * Add default board to new projects, remove uncategorized pseudo-board (go-gitea#29874)
  * Prevent layout shift in `<overflow-menu>` items (go-gitea#29831)
  * Add skip ci support for pull request title (go-gitea#29774)
  * Add more stats tables (go-gitea#29730)
  * Update API to return 'source_id' for users (go-gitea#29718)
  * Determine fuzziness of bleve indexer by keyword length (go-gitea#29706)
  * Expose fuzzy search for issues/pulls (go-gitea#29701)
  * Put an edit file button on pull request files to allow a quick operation (go-gitea#29697)
  * Fix action runner offline label padding (go-gitea#29691)
  * Update allowed attachment types (go-gitea#29688)
  * Completely style the webkit autofill (go-gitea#29683)
  * Highlight archived labels (go-gitea#29680)
  * Add a warning for disallowed email domains (go-gitea#29658)
  * Set user's 24h preference from their current OS locale (go-gitea#29651)
  * Add setting to disable user features when user login type is not plain (go-gitea#29615)
  * Improve natural sort (go-gitea#29611)
  * Make wiki default branch name changeable (go-gitea#29603)
  * Unify search boxes (go-gitea#29530)
  * Add support for API blob upload of release attachments (go-gitea#29507)
  * Detect broken git hooks (go-gitea#29494)
  * Sync branches to DB immediately when handling git hook calling (go-gitea#29493)
  * Allow options to disable user GPG key configuration from the interface on app.ini (go-gitea#29486)
  * Allow options to disable user SSH key configuration from the interface on app.ini (go-gitea#29447)
  * Use relative links for commits, mentions, and issues in markdown (go-gitea#29427)
  * Add `<overflow-menu>`, rename webcomponents (go-gitea#29400)
  * Include resource state events in Gitlab downloads (go-gitea#29382)
  * Properly migrate target branch change GitLab comment (go-gitea#29340)
  * Recolor dark theme to blue shade (go-gitea#29283)
  * Partially enable MSSQL case-sensitive collation support (go-gitea#29238)
  * Auto-update the system status in the admin dashboard (go-gitea#29163)
  * Integrate alpine `noarch` packages into other architectures index (go-gitea#29137)
  * Document how the TOC election process works (go-gitea#29135)
  * Tweak repo header (go-gitea#29134)
  * Make blockquote border size less aggressive (go-gitea#29124)
  * Downscale pasted PNG images based on metadata (go-gitea#29123)
  * Show `View at this point in history` for every commit (go-gitea#29122)
  * Add support for action artifact serve direct (go-gitea#29120)
  * Change webhook-type in create-view (go-gitea#29114)
  * Drop "@" from the email sender to avoid spam filters (go-gitea#29109)
  * Allow non-admin users to delete review requests (go-gitea#29057)
  * Improve user search display name (go-gitea#29002)
  * Include username in email headers (go-gitea#28981)
  * Show whether a PR is WIP inside popups (go-gitea#28975)
  * Also match weakly validated ETags (go-gitea#28957)
  * Support nuspec manifest download for Nuget packages (go-gitea#28921)
  * Fix hardcoded GitHub icon used as migrated release avatar (go-gitea#28910)
  * Propagate install_if and provider_priority to APKINDEX (go-gitea#28899)
  * Add artifacts v4 JWT to job message and accept it (go-gitea#28885)
  * Enable/disable owner and repo projects independently (go-gitea#28805)
  * Add non-JS fallback for reaction tooltips (go-gitea#28785)
  * Add the ability to see open and closed issues at the same time (go-gitea#28757)
  * Move sign-in labels to be above inputs (go-gitea#28753)
  * Display the latest sync time for pull mirrors on the repo page (go-gitea#28712)
  * Show in Web UI if the file is vendored and generated (go-gitea#28620)
  * Add orphaned topic consistency check (go-gitea#28507)
  * Add branch protection setting for ignoring stale approvals (go-gitea#28498)
  * Add option to set language in admin user view (go-gitea#28449)
  * Fix incorrect run order of action jobs (go-gitea#28367)
  * Add missing exclusive in advanced label options (go-gitea#28322)
  * Added instance-level variables (go-gitea#28115)
  * Add edit option for README.md (go-gitea#28071)
  * Fix link to `Code` tab on wiki commits (go-gitea#28041)
  * Allow to set explore page default sort (go-gitea#27951)
  * Improve PR diff view on mobile (go-gitea#27883)
  * Properly migrate automatic merge GitLab comments (go-gitea#27873)
  * Display issue task list on project cards (go-gitea#27865)
  * Add Index to pull_auto_merge.doer_id (go-gitea#27811)
  * Fix display member unit in the menu bar if there are no hidden members in public org (go-gitea#27795)
  * List all Debian package versions in `Packages` (go-gitea#27786)
  * Allow pull requests Manually Merged option to be used by non-admins (go-gitea#27780)
  * Only show diff file tree when more than one file changed (go-gitea#27775)
  * Show placeholder email in privacy popup (go-gitea#27770)
  * Revamp repo header (go-gitea#27760)
  * Add `must-change-password` command line parameter (go-gitea#27626)
  * Unify password changing and invalidate auth tokens (go-gitea#27625)
  * Add border to file tree 'sub-items' and add padding to 'item-file' (go-gitea#27593)
  * Add slow SQL query warning (go-gitea#27545)
  * Pre-register OAuth application for tea (go-gitea#27509)
  * Differentiate between `push` and `pull` `mirror sync in progress` (go-gitea#27390)
  * Link to file from its history (go-gitea#27354)
  * Add a shortcut to user's profile page to admin user details (go-gitea#27299)
  * Doctor: delete action entries without existing user (go-gitea#27292)
  * Show total TrackedTime on issue/pull/milestone lists (go-gitea#26672)
  * Don't show the new pull request button when the page is not compare pull (go-gitea#26431)
  * Add `Hide/Show all checks` button to commit status check (go-gitea#26284)
  * Improvements of releases list and tags list (go-gitea#25859)
* PERFORMANCE
  * Fix package list performance (go-gitea#30520) (go-gitea#30616)
  * Add commit status summary table to reduce query from commit status table (go-gitea#30223)
  * Refactor markup/csv: don't read all to memory (go-gitea#29760)
  * Lazy load object format with command line and don't do it in OpenRepository (go-gitea#29712)
  * Add cache for branch divergence on branch list page (go-gitea#29577)
  * Do some performance optimization for issues list and view issue/pull (go-gitea#29515)
  * Cache repository default branch commit status to reduce query on commit status table (go-gitea#29444)
  * Use `crypto/sha256` (go-gitea#29386)
  * Some performance optimization on the dashboard and issues page (go-gitea#29010)
  * Add combined index for issue_user.uid and issue_id (go-gitea#28080)

# -----BEGIN PGP SIGNATURE-----
#
# iQIzBAABCAAdFiEEumb2f9c/cFjXEtMIw7fJG2Mvc4oFAmZUPBEACgkQw7fJG2Mv
# c4polxAAjJgg1UISxasNGbX/V4G2P9eeXam9lQ5DYAGS6d+RYdTcYdGSbOZujIGG
# cVqoZjYCJm7b3KuL1Jjrf7sIAjPB3E9gO8aJ3r+6PGjRpMwCACPUlCo8QWRPDhcU
# /eWleWFs59ZMxHnHT3oLH0TGwbdY4tc35/iKElUIc6sX8WBal0SsYScfBJrRTtS/
# DxBaovmkiG0RUWHK3mK0zHrRW9nJecz/4XFWIHgBjKzvCHlzSYrOjUPvytERlWtO
# o7i+1Wsret1JLWoW53L3ZQIXCwBBLYjsan9oq7YgSD0Usl9En3o0+S06+TVNiWMp
# MNbOQt2SQsIJPPP83pql+rPbKqAp1dibWXLF70mJrBVpdw/b0VHK2K8fIa5Eiilk
# EOR9D8uoOgjvxWVjNI9Gg+lzbT0KoQI90Iexwcloq22MDFPJC3EqirDpwBdkZFJA
# 5/6iGvPILD1SVkAzjdMD6Ukc8zWwPVLENwcTCVxr8H2q6/Jbo+29WIlCM+/0a0t3
# 1kN77Yx1So9VFUOqPjHsoO72Wc/Zved1ZDqg9UgqP6L2dH2ns0mh92QM+Pplqi2T
# NsJQih4NeZsfDQ7rm0oMcvFqV21a62zZYDi/KqFePRAs5D9K4PU2EmR7jcvf4uax
# ZRyHsqDh00/OSYE/CefriyIMshWmTVCDbT/I3/SCXZX1scrKa3k=
# =UO/N
# -----END PGP SIGNATURE-----
# gpg: Signature made Mon, May 27, 2024  3:53:53 PM
# gpg:                using RSA key BA66F67FD73F7058D712D308C3B7C91B632F738A
# gpg: Can't check signature: No public key

# Conflicts:
#	.github/workflows/release-nightly.yml
@go-gitea go-gitea locked as resolved and limited conversation to collaborators Jun 27, 2024
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Labels
lgtm/done This PR has enough approvals to get merged. There are no important open reservations anymore. modifies/api This PR adds API routes or modifies them modifies/docs modifies/go Pull requests that update Go code size/L Denotes a PR that changes 100-499 lines, ignoring generated files. type/enhancement An improvement of existing functionality
Projects
None yet
Development

Successfully merging this pull request may close these issues.

6 participants