Organization removal confirmation using name not password
Gitea is asking for user password to confirm organization removal so this operation cannot be done in systems with SSO authentication (where no user passwords are used). This mod changes the way gitea confirms organization removal - user must enter organization name (not user password) to confirm operation (similar to repository removal confirmation). Author-Change-Id: IB#1107219
This commit is contained in:
parent
0a23079485
commit
95ddcdd8bd
|
@ -383,6 +383,7 @@ password_uppercase_one = At least one uppercase character
|
|||
password_digit_one = At least one digit
|
||||
password_special_one = At least one special character (punctuation, brackets, quotes, etc.)
|
||||
enterred_invalid_repo_name = The repository name you entered is incorrect.
|
||||
enterred_invalid_org_name = The organization name you entered is incorrect.
|
||||
enterred_invalid_owner_name = The new owner name is not valid.
|
||||
enterred_invalid_password = The password you entered is incorrect.
|
||||
user_not_exist = The user does not exist.
|
||||
|
|
|
@ -364,6 +364,7 @@ password_uppercase_one=Co najmniej jedna duża litera
|
|||
password_digit_one=Co najmniej jedna cyfra
|
||||
password_special_one=Co najmniej jeden znak specjalny (interpunkcja, nawiasy, cudzysłowy, itp.)
|
||||
enterred_invalid_repo_name=Wprowadzona nazwa repozytorium jest niepoprawna.
|
||||
enterred_invalid_org_name=Wprowadzona nazwa organizacji jest niepoprawna.
|
||||
enterred_invalid_owner_name=Nowa nazwa właściciela nie jest prawidłowa.
|
||||
enterred_invalid_password=Wprowadzone hasło jest nieprawidłowe.
|
||||
user_not_exist=Użytkownik nie istnieje.
|
||||
|
|
|
@ -145,12 +145,9 @@ func SettingsDelete(ctx *context.Context) {
|
|||
|
||||
org := ctx.Org.Organization
|
||||
if ctx.Req.Method == "POST" {
|
||||
if _, err := models.UserSignIn(ctx.User.Name, ctx.Query("password")); err != nil {
|
||||
if models.IsErrUserNotExist(err) {
|
||||
ctx.RenderWithErr(ctx.Tr("form.enterred_invalid_password"), tplSettingsDelete, nil)
|
||||
} else {
|
||||
ctx.ServerError("UserSignIn", err)
|
||||
}
|
||||
if org.Name != ctx.Query("org_name") {
|
||||
ctx.Data["Err_OrgName"] = true
|
||||
ctx.RenderWithErr(ctx.Tr("form.enterred_invalid_org_name"), tplSettingsDelete, nil)
|
||||
return
|
||||
}
|
||||
|
||||
|
|
|
@ -15,10 +15,9 @@
|
|||
</div>
|
||||
<form class="ui form ignore-dirty" id="delete-form" action="{{.Link}}" method="post">
|
||||
{{.CsrfTokenHtml}}
|
||||
<input class="fake" type="password">
|
||||
<div class="inline required field {{if .Err_Password}}error{{end}}">
|
||||
<label for="password">{{.i18n.Tr "password"}}</label>
|
||||
<input id="password" name="password" type="password" autocomplete="off" autofocus required>
|
||||
<div class="inline required field {{if .Err_OrgName}}error{{end}}">
|
||||
<label for="org_name">{{.i18n.Tr "org.org_name_holder"}}</label>
|
||||
<input id="org_name" name="org_name" value="" autocomplete="off" autofocus required>
|
||||
</div>
|
||||
<div class="ui red button delete-button" data-type="form" data-form="#delete-form">
|
||||
{{.i18n.Tr "org.settings.confirm_delete_account"}}
|
||||
|
|
Loading…
Reference in New Issue