DISABLE_LOCAL_USER_MANAGEMENT mode added

This patch blocks access to local user management options that
are not required and possibly problematic in scenario when users
are managed in external database (like LDAP) and should not be
managed separately in gitea. Options specific to gitea (like
restricted users) are still managed in this app.

Author-Change-Id: IB#1105051

Author: pboguslawski

models/user.go

@@ -1126,7 +1126,43 @@ func checkDupEmail(e Engine, u *User) error {
 	return nil
 }
 
+// updateUserAllowed is used to block updating selected user fields when local user managemement is disabled.
+func updateUserAllowed(u *User) error {
+	// Don't allow changes of selected user fields if local user management is disabled.
+	if setting.Service.DisableLocalUserManagement {
+		if currUser, err := GetUserByID(u.ID); err == nil {
+			if currUser.Name != u.Name {
+				return fmt.Errorf("cannot change user %s username; local user management disabled", u.Name)
+			}
+			if (currUser.LoginSource != u.LoginSource) || (currUser.LoginName != u.LoginName) {
+				return fmt.Errorf("cannot change user %s login; local user management disabled", u.Name)
+			}
+			if currUser.FullName != u.FullName {
+				return fmt.Errorf("cannot change user %s full name; local user management disabled", u.Name)
+			}
+			if currUser.Email != u.Email {
+				return fmt.Errorf("cannot change user %s e-mail; local user management disabled", u.Name)
+			}
+			if (currUser.Passwd != u.Passwd) || (currUser.PasswdHashAlgo != u.PasswdHashAlgo) {
+				return fmt.Errorf("cannot change user %s password; local user management disabled", u.Name)
+			}
+			if currUser.IsActive != u.IsActive {
+				return fmt.Errorf("cannot change user %s activity; local user management disabled", u.Name)
+			}
+			if currUser.IsAdmin != u.IsAdmin {
+				return fmt.Errorf("cannot change user %s admin permission; local user management disabled", u.Name)
+			}
+		} else {
+			return err
+		}
+	}
+	return nil
+}
+
 func updateUser(e Engine, u *User) error {
+	if err := updateUserAllowed(u); err != nil {
+		return err
+	}
 	_, err := e.ID(u.ID).AllCols().Update(u)
 	return err
 }
@@ -1142,30 +1178,15 @@ func UpdateUserCols(u *User, cols ...string) error {
 }
 
 func updateUserCols(e Engine, u *User, cols ...string) error {
+	if err := updateUserAllowed(u); err != nil {
+		return err
+	}
 	_, err := e.ID(u.ID).Cols(cols...).Update(u)
 	return err
 }
 
 // UpdateUserSetting updates user's settings.
 func UpdateUserSetting(u *User) error {
-
-	// Don't allow username, fullname nor email changes if local user management is disabled.
-	if setting.Service.DisableLocalUserManagement {
-		if currUser, err := GetUserByID(u.ID); err == nil {
-			if currUser.Name != u.Name {
-				return fmt.Errorf("cannot change %s username; local user management disabled", u.Name)
-			}
-			if currUser.FullName != u.FullName {
-				return fmt.Errorf("cannot change %s full name; local user management disabled", u.Name)
-			}
-			if currUser.Email != u.Email {
-				return fmt.Errorf("cannot change %s e-mail; local user management disabled", u.Name)
-			}
-		} else {
-			return err
-		}
-	}
-
 	if !u.IsOrganization() {
 		if err := checkDupEmail(x, u); err != nil {
 			return err

routers/admin/admin.go

@@ -127,6 +127,7 @@ func Dashboard(ctx *context.Context) {
 	ctx.Data["Title"] = ctx.Tr("admin.dashboard")
 	ctx.Data["PageIsAdmin"] = true
 	ctx.Data["PageIsAdminDashboard"] = true
+	ctx.Data["DisableLocalUserManagement"] = setting.Service.DisableLocalUserManagement
 	ctx.Data["Stats"] = models.GetStatistic()
 	// FIXME: update periodically
 	updateSystemStatus()
@@ -139,6 +140,7 @@ func DashboardPost(ctx *context.Context, form auth.AdminDashboardForm) {
 	ctx.Data["Title"] = ctx.Tr("admin.dashboard")
 	ctx.Data["PageIsAdmin"] = true
 	ctx.Data["PageIsAdminDashboard"] = true
+	ctx.Data["DisableLocalUserManagement"] = setting.Service.DisableLocalUserManagement
 	ctx.Data["Stats"] = models.GetStatistic()
 	updateSystemStatus()
 	ctx.Data["SysStatus"] = sysStatus
@@ -235,6 +237,7 @@ func Config(ctx *context.Context) {
 	ctx.Data["Title"] = ctx.Tr("admin.config")
 	ctx.Data["PageIsAdmin"] = true
 	ctx.Data["PageIsAdminConfig"] = true
+	ctx.Data["DisableLocalUserManagement"] = setting.Service.DisableLocalUserManagement
 
 	ctx.Data["CustomConf"] = setting.CustomConf
 	ctx.Data["AppUrl"] = setting.AppURL
@@ -325,6 +328,7 @@ func Monitor(ctx *context.Context) {
 	ctx.Data["Title"] = ctx.Tr("admin.monitor")
 	ctx.Data["PageIsAdmin"] = true
 	ctx.Data["PageIsAdminMonitor"] = true
+	ctx.Data["DisableLocalUserManagement"] = setting.Service.DisableLocalUserManagement
 	ctx.Data["Processes"] = process.GetManager().Processes()
 	ctx.Data["Entries"] = cron.ListTasks()
 	ctx.Data["Queues"] = queue.GetManager().ManagedQueues()

routers/admin/auths.go

@@ -40,6 +40,12 @@ func Authentications(ctx *context.Context) {
 	ctx.Data["PageIsAdmin"] = true
 	ctx.Data["PageIsAdminAuthentications"] = true
 
+	// No access to this page if local user management is disabled.
+	if setting.Service.DisableLocalUserManagement {
+		ctx.ServerError("Authentications", fmt.Errorf("access to /admin/auths page denied; local user management disabled"))
+		return
+	}
+
 	var err error
 	ctx.Data["Sources"], err = models.LoginSources()
 	if err != nil {
@@ -96,6 +102,12 @@ func NewAuthSource(ctx *context.Context) {
 	ctx.Data["SSPISeparatorReplacement"] = "_"
 	ctx.Data["SSPIDefaultLanguage"] = ""
 
+	// No access to this page if local user management is disabled.
+	if setting.Service.DisableLocalUserManagement {
+		ctx.ServerError("NewAuthSource", fmt.Errorf("access to /admin/auths/new page denied; local user management disabled"))
+		return
+	}
+
 	// only the first as default
 	for key := range models.OAuth2Providers {
 		ctx.Data["oauth2_provider"] = key
@@ -218,6 +230,12 @@ func NewAuthSourcePost(ctx *context.Context, form auth.AuthenticationForm) {
 	ctx.Data["SSPISeparatorReplacement"] = "_"
 	ctx.Data["SSPIDefaultLanguage"] = ""
 
+	// Don't allow to create auth source if local user management is disabled.
+	if setting.Service.DisableLocalUserManagement {
+		ctx.ServerError("NewAuthSourcePost", fmt.Errorf("cannot create auth source; local user management disabled"))
+		return
+	}
+
 	hasTLS := false
 	var config convert.Conversion
 	switch models.LoginType(form.Type) {
@@ -290,6 +308,12 @@ func EditAuthSource(ctx *context.Context) {
 	ctx.Data["OAuth2Providers"] = models.OAuth2Providers
 	ctx.Data["OAuth2DefaultCustomURLMappings"] = models.OAuth2DefaultCustomURLMappings
 
+	// No access to this page if local user management is disabled.
+	if setting.Service.DisableLocalUserManagement {
+		ctx.ServerError("EditAuthSource", fmt.Errorf("access to /admin/auths page denied; local user management disabled"))
+		return
+	}
+
 	source, err := models.GetLoginSourceByID(ctx.ParamsInt64(":authid"))
 	if err != nil {
 		ctx.ServerError("GetLoginSourceByID", err)
@@ -314,6 +338,12 @@ func EditAuthSourcePost(ctx *context.Context, form auth.AuthenticationForm) {
 	ctx.Data["OAuth2Providers"] = models.OAuth2Providers
 	ctx.Data["OAuth2DefaultCustomURLMappings"] = models.OAuth2DefaultCustomURLMappings
 
+	// Don't allow to update auth source if local user management is disabled.
+	if setting.Service.DisableLocalUserManagement {
+		ctx.ServerError("EditAuthSourcePost", fmt.Errorf("cannot update auth source; local user management disabled"))
+		return
+	}
+
 	source, err := models.GetLoginSourceByID(ctx.ParamsInt64(":authid"))
 	if err != nil {
 		ctx.ServerError("GetLoginSourceByID", err)

routers/admin/emails.go

@@ -6,6 +6,7 @@ package admin
 
 import (
 	"bytes"
+	"fmt"
 	"net/url"
 
 	"code.gitea.io/gitea/models"
@@ -28,6 +29,12 @@ func Emails(ctx *context.Context) {
 	ctx.Data["PageIsAdmin"] = true
 	ctx.Data["PageIsAdminEmails"] = true
 
+	// No access to this page if local user management is disabled.
+	if setting.Service.DisableLocalUserManagement {
+		ctx.ServerError("Emails", fmt.Errorf("access to /admin/emails page denied; local user management disabled"))
+		return
+	}
+
 	opts := &models.SearchEmailOptions{
 		ListOptions: models.ListOptions{
 			PageSize: setting.UI.Admin.UserPagingNum,
@@ -112,6 +119,12 @@ func isKeywordValid(keyword string) bool {
 // ActivateEmail serves a POST request for activating/deactivating a user's email
 func ActivateEmail(ctx *context.Context) {
 
+	// Don't allow to activate/deactivate emails if local user management is disabled.
+	if setting.Service.DisableLocalUserManagement {
+		ctx.ServerError("ActivateEmail", fmt.Errorf("cannot activate email; local user management disabled"))
+		return
+	}
+
 	truefalse := map[string]bool{"1": true, "0": false}
 
 	uid := com.StrTo(ctx.Query("uid")).MustInt64()

routers/admin/hooks.go

@@ -20,6 +20,7 @@ const (
 func DefaultOrSystemWebhooks(ctx *context.Context) {
 	var ws []*models.Webhook
 	var err error
+	ctx.Data["DisableLocalUserManagement"] = setting.Service.DisableLocalUserManagement
 
 	// Are we looking at default webhooks?
 	if ctx.Params(":configType") == "hooks" {

routers/admin/notice.go

@@ -24,6 +24,7 @@ func Notices(ctx *context.Context) {
 	ctx.Data["Title"] = ctx.Tr("admin.notices")
 	ctx.Data["PageIsAdmin"] = true
 	ctx.Data["PageIsAdminNotices"] = true
+	ctx.Data["DisableLocalUserManagement"] = setting.Service.DisableLocalUserManagement
 
 	total := models.CountNotices()
 	page := ctx.QueryInt("page")

routers/admin/orgs.go

@@ -23,6 +23,7 @@ func Organizations(ctx *context.Context) {
 	ctx.Data["Title"] = ctx.Tr("admin.organizations")
 	ctx.Data["PageIsAdmin"] = true
 	ctx.Data["PageIsAdminOrganizations"] = true
+	ctx.Data["DisableLocalUserManagement"] = setting.Service.DisableLocalUserManagement
 
 	routers.RenderUserSearch(ctx, &models.SearchUserOptions{
 		Type: models.UserTypeOrganization,

routers/admin/repos.go

@@ -28,6 +28,7 @@ func Repos(ctx *context.Context) {
 	ctx.Data["Title"] = ctx.Tr("admin.repositories")
 	ctx.Data["PageIsAdmin"] = true
 	ctx.Data["PageIsAdminRepositories"] = true
+	ctx.Data["DisableLocalUserManagement"] = setting.Service.DisableLocalUserManagement
 
 	routers.RenderRepoSearch(ctx, &routers.RepoSearchOptions{
 		Private:  true,

routers/admin/users.go

@@ -6,6 +6,7 @@
 package admin
 
 import (
+	"fmt"
 	"strings"
 
 	"code.gitea.io/gitea/models"
@@ -32,6 +33,7 @@ func Users(ctx *context.Context) {
 	ctx.Data["Title"] = ctx.Tr("admin.users")
 	ctx.Data["PageIsAdmin"] = true
 	ctx.Data["PageIsAdminUsers"] = true
+	ctx.Data["DisableLocalUserManagement"] = setting.Service.DisableLocalUserManagement
 
 	routers.RenderUserSearch(ctx, &models.SearchUserOptions{
 		Type: models.UserTypeIndividual,
@@ -50,6 +52,12 @@ func NewUser(ctx *context.Context) {
 
 	ctx.Data["login_type"] = "0-0"
 
+	// No access to this page if local user management is disabled.
+	if setting.Service.DisableLocalUserManagement {
+		ctx.ServerError("NewUser", fmt.Errorf("access to /admin/users/new page denied; local user management disabled"))
+		return
+	}
+
 	sources, err := models.LoginSources()
 	if err != nil {
 		ctx.ServerError("LoginSources", err)
@@ -67,6 +75,12 @@ func NewUserPost(ctx *context.Context, form auth.AdminCreateUserForm) {
 	ctx.Data["PageIsAdmin"] = true
 	ctx.Data["PageIsAdminUsers"] = true
 
+	// Don't allow to create users if local user management is disabled.
+	if setting.Service.DisableLocalUserManagement {
+		ctx.ServerError("NewUserPost", fmt.Errorf("cannot create new user; local user management disabled"))
+		return
+	}
+
 	sources, err := models.LoginSources()
 	if err != nil {
 		ctx.ServerError("LoginSources", err)
@@ -188,6 +202,7 @@ func EditUser(ctx *context.Context) {
 	ctx.Data["PageIsAdmin"] = true
 	ctx.Data["PageIsAdminUsers"] = true
 	ctx.Data["DisableRegularOrgCreation"] = setting.Admin.DisableRegularOrgCreation
+	ctx.Data["DisableLocalUserManagement"] = setting.Service.DisableLocalUserManagement
 
 	prepareUserInfo(ctx)
 	if ctx.Written() {
@@ -202,6 +217,7 @@ func EditUserPost(ctx *context.Context, form auth.AdminEditUserForm) {
 	ctx.Data["Title"] = ctx.Tr("admin.users.edit_account")
 	ctx.Data["PageIsAdmin"] = true
 	ctx.Data["PageIsAdminUsers"] = true
+	ctx.Data["DisableLocalUserManagement"] = setting.Service.DisableLocalUserManagement
 
 	u := prepareUserInfo(ctx)
 	if ctx.Written() {
@@ -226,6 +242,11 @@ func EditUserPost(ctx *context.Context, form auth.AdminEditUserForm) {
 
 	if len(form.Password) > 0 {
 		var err error
+		// Don't allow password changes if local user management is disabled.
+		//if setting.Service.DisableLocalUserManagement {
+		//ctx.ServerError("UpdateUser", fmt.Errorf("cannot change %s password; local user management disabled", u.Name))
+		//return
+		//}
 		if len(form.Password) < setting.MinPasswordLength {
 			ctx.Data["Err_Password"] = true
 			ctx.RenderWithErr(ctx.Tr("auth.password_too_short", setting.MinPasswordLength), tplUserEdit, &form)