Global configuration to prevent users from deleting their own account #723

New Issue

Closed

opened 2025-11-02 03:34:09 -06:00 by GiteaMirror · 9 comments

GiteaMirror commented 2025-11-02 03:34:09 -06:00

Owner

Copy Link

Originally created by @ghost on GitHub (May 19, 2017).

• Gitea version (or commit ref):25d6e2a
• Git version:2.11.2
• Operating system:ubuntu/docker
• Database (use [x]):
  • PostgreSQL
  • MySQL
  • MSSQL
  • SQLite
• Can you reproduce the bug at https://try.gitea.io:
  • Yes (provide example URL)
  • No
  • Not relevant
• Log gist:

Description

There should be a default admin level configuration to prevent users from deleting their own account.

This has currently led to an issue on our installation, wherein, we use only the SMTP login source.
A user logs in once, admin sets their repo limit to 0.
The user deletes their account and signs back in, this is making the repo setting go back to -1 (unlimited)

This is just one problem.
We do not want any of the users of our ORG to have the ability to delete their own accounts for multiple other reasons as well.

Originally created by @ghost on GitHub (May 19, 2017). - Gitea version (or commit ref):25d6e2a - Git version:2.11.2 - Operating system:ubuntu/docker - Database (use `[x]`): - [x] PostgreSQL - [ ] MySQL - [ ] MSSQL - [ ] SQLite - Can you reproduce the bug at https://try.gitea.io: - [x] Yes (provide example URL) - [ ] No - [ ] Not relevant - Log gist: ## Description There should be a default admin level configuration to prevent users from deleting their own account. This has currently led to an issue on our installation, wherein, we use only the SMTP login source. A user logs in once, admin sets their repo limit to 0. The user deletes their account and signs back in, this is making the repo setting go back to -1 (unlimited) This is just one problem. We do not want any of the users of our ORG to have the ability to delete their own accounts for multiple other reasons as well.

GiteaMirror added the type/featuretype/proposal labels 2025-11-02 03:34:09 -06:00

GiteaMirror closed this issue 2025-11-02 03:34:09 -06:00

GiteaMirror commented 2025-11-02 03:34:10 -06:00

Author

Owner

Copy Link

@DblK commented on GitHub (May 19, 2017):

I will try to work on it.
But first, I have some questions:

1. Should it be linked to the authentification Source (Ex with LDAP EDIT)

2. Or more simply add to the user modification page (in admin mode) with default value to prevent deletion

3. Somewhere else?

@DblK commented on GitHub (May 19, 2017): I will try to work on it. But first, I have some questions: 1) Should it be linked to the authentification Source (Ex with LDAP EDIT)  2) Or more simply add to the user modification page (in admin mode) with default value to prevent deletion  3) Somewhere else?

GiteaMirror commented 2025-11-02 03:34:10 -06:00

Author

Owner

Copy Link

@ghost commented on GitHub (May 19, 2017):

My vote is for Approach 1

I would also like to suggest Approach 3, have a global variable in app.ini, so that it would apply to every source and prevent account deletion altogether.

Also, IMO, the administrator should have absolute authority over this and hence we should avoid placing any UI configurable element.

@ghost commented on GitHub (May 19, 2017): My vote is for Approach 1 I would also like to suggest Approach 3, have a global variable in app.ini, so that it would apply to every source and prevent account deletion altogether. Also, IMO, the administrator should have absolute authority over this and hence we should avoid placing any UI configurable element.

GiteaMirror commented 2025-11-02 03:34:10 -06:00

Author

Owner

Copy Link

@DblK commented on GitHub (May 19, 2017):

I will wait for comments from other members to see which implementation should be done.
The approach 3 sounds good too.

@DblK commented on GitHub (May 19, 2017): I will wait for comments from other members to see which implementation should be done. The approach 3 sounds good too.

GiteaMirror commented 2025-11-02 03:34:10 -06:00

Author

Owner

Copy Link

@lunny commented on GitHub (May 19, 2017):

Maybe a global option to disable_user_suicide

@lunny commented on GitHub (May 19, 2017): Maybe a global option to disable_user_suicide

GiteaMirror commented 2025-11-02 03:34:10 -06:00

Author

Owner

Copy Link

@DblK commented on GitHub (May 19, 2017):

When you said global option, you mean inside conf.ini?

@DblK commented on GitHub (May 19, 2017): When you said global option, you mean inside conf.ini?

GiteaMirror commented 2025-11-02 03:34:11 -06:00

Author

Owner

Copy Link

@ghost commented on GitHub (May 19, 2017):

I'm currently using the app.ini file to define gobal configuration variables.

@ghost commented on GitHub (May 19, 2017): I'm currently using the app.ini file to define gobal configuration variables.

GiteaMirror commented 2025-11-02 03:34:11 -06:00

Author

Owner

Copy Link

@lunny commented on GitHub (May 20, 2017):

@DblK yes

@lunny commented on GitHub (May 20, 2017): @DblK yes

GiteaMirror commented 2025-11-02 03:34:11 -06:00

Author

Owner

Copy Link

@lunny commented on GitHub (Jun 20, 2023):

should be resolved by #20549

@lunny commented on GitHub (Jun 20, 2023): should be resolved by #20549

GiteaMirror commented 2025-11-02 03:34:11 -06:00

Author

Owner

Copy Link

@lunny commented on GitHub (Feb 27, 2024):

Fixed by #29275

@lunny commented on GitHub (Feb 27, 2024): Fixed by #29275

GiteaMirror referenced this issue 2025-11-02 11:48:59 -06:00

[PR #723] [MERGED] Use handlers for API authorization #15541

Sign in to join this conversation.

No Branch/Tag Specified

Branches Tags

main

release/v1.25

release/v1.24

release/v1.23

release/v1.22

release/v1.21

release/v1.20

release/v1.19

release/v1.18

release/v1.17

release/v1.16

release/v1.15

release/v1.14

release/v1.13

release/v1.12

release/v1.11

release/v1.10

release/v1.9

release/v1.8

v1.25.3

v1.25.2

v1.25.1

v1.25.0

v1.24.7

v1.25.0-rc0

v1.26.0-dev

v1.24.6

v1.24.5

v1.24.4

v1.24.3

v1.24.2

v1.24.1

v1.24.0

v1.23.8

v1.24.0-rc0

v1.25.0-dev

v1.23.7

v1.23.6

v1.23.5

v1.23.4

v1.23.3

v1.23.2

v1.23.1

v1.23.0

v1.23.0-rc0

v1.24.0-dev

v1.22.6

v1.22.5

v1.22.4

v1.22.3

v1.22.2

v1.22.1

v1.22.0

v1.23.0-dev

v1.22.0-rc1

v1.21.11

v1.22.0-rc0

v1.21.10

v1.21.9

v1.21.8

v1.21.7

v1.21.6

v1.21.5

v1.21.4

v1.21.3

v1.21.2

v1.20.6

v1.21.1

v1.21.0

v1.21.0-rc2

v1.21.0-rc1

v1.20.5

v1.22.0-dev

v1.21.0-rc0

v1.20.4

v1.20.3

v1.20.2

v1.20.1

v1.20.0

v1.19.4

v1.21.0-dev

v1.20.0-rc2

v1.20.0-rc1

v1.20.0-rc0

v1.19.3

v1.19.2

v1.19.1

v1.19.0

v1.19.0-rc1

v1.20.0-dev

v1.19.0-rc0

v1.18.5

v1.18.4

v1.18.3

v1.18.2

v1.18.1

v1.18.0

v1.17.4

v1.18.0-rc1

v1.19.0-dev

v1.18.0-rc0

v1.17.3

v1.17.2

v1.17.1

v1.17.0

v1.17.0-rc2

v1.16.9

v1.17.0-rc1

v1.18.0-dev

v1.16.8

v1.16.7

v1.16.6

v1.16.5

v1.16.4

v1.16.3

v1.16.2

v1.16.1

v1.16.0

v1.15.11

v1.17.0-dev

v1.16.0-rc1

v1.15.10

v1.15.9

v1.15.8

v1.15.7

v1.15.6

v1.15.5

v1.15.4

v1.15.3

v1.15.2

v1.15.1

v1.14.7

v1.15.0

v1.15.0-rc3

v1.14.6

v1.15.0-rc2

v1.14.5

v1.16.0-dev

v1.15.0-rc1

v1.14.4

v1.14.3

v1.14.2

v1.14.1

v1.14.0

v1.13.7

v1.14.0-rc2

v1.13.6

v1.13.5

v1.14.0-rc1

v1.15.0-dev

v1.13.4

v1.13.3

v1.13.2

v1.13.1

v1.13.0

v1.12.6

v1.13.0-rc2

v1.14.0-dev

v1.13.0-rc1

v1.12.5

v1.12.4

v1.12.3

v1.12.2

v1.12.1

v1.11.8

v1.12.0

v1.11.7

v1.12.0-rc2

v1.11.6

v1.12.0-rc1

v1.13.0-dev

v1.11.5

v1.11.4

v1.11.3

v1.10.6

v1.12.0-dev

v1.11.2

v1.10.5

v1.11.1

v1.10.4

v1.11.0

v1.11.0-rc2

v1.10.3

v1.11.0-rc1

v1.10.2

v1.10.1

v1.10.0

v1.9.6

v1.9.5

v1.10.0-rc2

v1.11.0-dev

v1.10.0-rc1

v1.9.4

v1.9.3

v1.9.2

v1.9.1

v1.9.0

v1.9.0-rc2

v1.10.0-dev

v1.9.0-rc1

v1.8.3

v1.8.2

v1.8.1

v1.8.0

v1.8.0-rc3

v1.7.6

v1.8.0-rc2

v1.7.5

v1.8.0-rc1

v1.9.0-dev

v1.7.4

v1.7.3

v1.7.2

v1.7.1

v1.7.0

v1.7.0-rc3

v1.6.4

v1.7.0-rc2

v1.6.3

v1.7.0-rc1

v1.7.0-dev

v1.6.2

v1.6.1

v1.6.0

v1.6.0-rc2

v1.5.3

v1.6.0-rc1

v1.6.0-dev

v1.5.2

v1.5.1

v1.5.0

v1.5.0-rc2

v1.5.0-rc1

v1.5.0-dev

v1.4.3

v1.4.2

v1.4.1

v1.4.0

v1.4.0-rc3

v1.4.0-rc2

v1.3.3

v1.4.0-rc1

v1.3.2

v1.3.1

v1.3.0

v1.3.0-rc2

v1.3.0-rc1

v1.2.3

v1.2.2

v1.2.1

v1.2.0

v1.2.0-rc3

v1.2.0-rc2

v1.1.4

v1.2.0-rc1

v1.1.3

v1.1.2

v1.1.1

v1.1.0

v1.0.2

v1.0.1

v1.0.0

v0.9.99

Labels

Clear labels

$20

$250

$50

$500

backport/done

💎 Bounty

docs-update-needed

good first issue

hacktoberfest

issue/bounty

issue/confirmed

issue/critical

issue/duplicate

issue/needs-feedback

issue/not-a-bug

issue/regression

issue/stale

issue/workaround

lgtm/need 2

modifies/api

modifies/translation

outdated/backport/v1.18

outdated/theme/markdown

outdated/theme/timetracker

performance/bigrepo

performance/cpu

performance/memory

performance/speed

pr/breaking

proposal/accepted

proposal/rejected

pr/wip

pull-request

Mirrored from GitHub Pull Request

reviewed/wontfix

💰 Rewarded

skip-changelog

status/blocked

topic/accessibility

topic/api

topic/authentication

topic/build

topic/code-linting

topic/commit-signing

topic/content-rendering

topic/deployment

topic/distribution

topic/federation

topic/gitea-actions

topic/issues

topic/lfs

topic/mobile

topic/moderation

topic/packages

topic/pr

topic/projects

topic/repo

topic/repo-migration

topic/security

topic/theme

topic/ui

topic/ui-interaction

topic/ux

topic/webhooks

topic/wiki

type/bug

type/deprecation

type/docs

type/enhancement

type/feature

type/miscellaneous

type/proposal

type/question

type/refactoring

type/summary

type/testing

type/upstream

No Label type/feature type/proposal

Milestone

No items

No Milestone

Projects

Clear projects

No project

Assignees

Clear assignees

GiteaMirror ninjasurge

No Assignees

1 Participants

Notifications

Subscribe

Due Date

No due date set.

Dependencies

No dependencies set.

Reference: github-starred/gitea#723