Allow admins to rename non-local users (#35970)

Presently, attempting to rename a non-local (e.g. Oauth2 or LDAP) user results in an error, even if the requester is an administrator. As far as I can tell, this is a security feature, not architectural in nature, as automatic account linking could be used to take control of another user's account. This is not a concern for an administrator, who we should trust to know what they are doing. This patch allows admins, and only admins, to rename non-local users. Fixes https://github.com/go-gitea/gitea/issues/18308 (sort of) --------- Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2025-12-07 05:18:29 +00:00 · 2025-11-23 13:59:55 -07:00
parent 87d5a8507d
commit 688430e3ce
8 changed files with 32 additions and 25 deletions
--- a/routers/web/admin/users.go
+++ b/routers/web/admin/users.go
@@ -345,7 +345,7 @@ func EditUserPost(ctx *context.Context) {
 	}

 	if form.UserName != "" {
-		if err := user_service.RenameUser(ctx, u, form.UserName); err != nil {
+		if err := user_service.RenameUser(ctx, u, form.UserName, ctx.Doer); err != nil {
 			switch {
 			case user_model.IsErrUserIsNotLocal(err):
 				ctx.Data["Err_UserName"] = true