[API] Add Restricted Field to User (#14630)

* Expose Restricted field for User

* Add Option to Change Restricted on User via adminEditUser API

* Add test who change restricted & test if it changed it ...

* make generate-swagger

Co-authored-by: zeripath <art27@cantab.net>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>

integrations/api_admin_test.go

@@ -192,4 +192,18 @@ func TestAPIEditUser(t *testing.T) {
 	errMap := make(map[string]interface{})
 	json.Unmarshal(resp.Body.Bytes(), &errMap)
 	assert.EqualValues(t, "email is not allowed to be empty string", errMap["message"].(string))
+
+	user2 := models.AssertExistsAndLoadBean(t, &models.User{LoginName: "user2"}).(*models.User)
+	assert.Equal(t, false, user2.IsRestricted)
+	bTrue := true
+	req = NewRequestWithJSON(t, "PATCH", urlStr, api.EditUserOption{
+		// required
+		LoginName: "user2",
+		SourceID:  0,
+		// to change
+		Restricted: &bTrue,
+	})
+	session.MakeRequest(t, req, http.StatusOK)
+	user2 = models.AssertExistsAndLoadBean(t, &models.User{LoginName: "user2"}).(*models.User)
+	assert.Equal(t, true, user2.IsRestricted)
 }

modules/convert/user.go

@@ -17,12 +17,13 @@ func ToUser(user *models.User, signed, authed bool) *api.User {
 		return nil
 	}
 	result := &api.User{
-		ID:        user.ID,
-		UserName:  user.Name,
-		FullName:  markup.Sanitize(user.FullName),
-		Email:     user.GetEmail(),
-		AvatarURL: user.AvatarLink(),
-		Created:   user.CreatedUnix.AsTime(),
+		ID:         user.ID,
+		UserName:   user.Name,
+		FullName:   markup.Sanitize(user.FullName),
+		Email:      user.GetEmail(),
+		AvatarURL:  user.AvatarLink(),
+		Created:    user.CreatedUnix.AsTime(),
+		Restricted: user.IsRestricted,
 	}
 	// hide primary email if API caller is anonymous or user keep email private
 	if signed && (!user.KeepEmailPrivate || authed) {

modules/structs/admin_user.go

@@ -41,4 +41,5 @@ type EditUserOption struct {
 	MaxRepoCreation         *int    `json:"max_repo_creation"`
 	ProhibitLogin           *bool   `json:"prohibit_login"`
 	AllowCreateOrganization *bool   `json:"allow_create_organization"`
+	Restricted              *bool   `json:"restricted"`
 }

modules/structs/user.go

@@ -30,6 +30,8 @@ type User struct {
 	LastLogin time.Time `json:"last_login,omitempty"`
 	// swagger:strfmt date-time
 	Created time.Time `json:"created,omitempty"`
+	// Is user restricted
+	Restricted bool `json:"restricted"`
 }
 
 // MarshalJSON implements the json.Marshaler interface for User, adding field(s) for backward compatibility

routers/api/v1/admin/user.go

@@ -224,6 +224,9 @@ func EditUser(ctx *context.APIContext) {
 	if form.ProhibitLogin != nil {
 		u.ProhibitLogin = *form.ProhibitLogin
 	}
+	if form.Restricted != nil {
+		u.IsRestricted = *form.Restricted
+	}
 
 	if err := models.UpdateUser(u); err != nil {
 		if models.IsErrEmailAlreadyUsed(err) || models.IsErrEmailInvalid(err) {

templates/swagger/v1_json.tmpl

@@ -13796,6 +13796,10 @@
           "type": "boolean",
           "x-go-name": "ProhibitLogin"
         },
+        "restricted": {
+          "type": "boolean",
+          "x-go-name": "Restricted"
+        },
         "source_id": {
           "type": "integer",
           "format": "int64",
@@ -16209,6 +16213,11 @@
           "description": "the user's username",
           "type": "string",
           "x-go-name": "UserName"
+        },
+        "restricted": {
+          "description": "Is user restricted",
+          "type": "boolean",
+          "x-go-name": "Restricted"
         }
       },
       "x-go-package": "code.gitea.io/gitea/modules/structs"