go-gitea · Bwko · Jul 8, 2017 · Jul 21, 2018 · Oct 29, 2018 · Dec 28, 2018
diff --git a/integrations/admin_user_test.go b/integrations/admin_user_test.go
@@ -0,0 +1,81 @@
+// Copyright 2019 The Gitea Authors. All rights reserved.
+// Use of this source code is governed by a MIT-style
+// license that can be found in the LICENSE file.
+
+package integrations
+
+import (
+	"net/http"
+	"strconv"
+	"testing"
+
+	"code.gitea.io/gitea/models"
+	"github.com/stretchr/testify/assert"
+)
+
+func TestAdminViewUsers(t *testing.T) {
+	prepareTestEnv(t)
+
+	session := loginUser(t, "user1")
+	req := NewRequest(t, "GET", "/admin/users")
+	session.MakeRequest(t, req, http.StatusOK)
+
+	session = loginUser(t, "user2")
+	req = NewRequest(t, "GET", "/admin/users")
+	session.MakeRequest(t, req, http.StatusForbidden)
+}
+
+func TestAdminViewUser(t *testing.T) {
+	prepareTestEnv(t)
+
+	session := loginUser(t, "user1")
+	req := NewRequest(t, "GET", "/admin/users/1")
+	session.MakeRequest(t, req, http.StatusOK)
+
+	session = loginUser(t, "user2")
+	req = NewRequest(t, "GET", "/admin/users/1")
+	session.MakeRequest(t, req, http.StatusForbidden)
+}
+
+func TestAdminEditUser(t *testing.T) {
+	prepareTestEnv(t)
+
+	testSuccessfullEdit(t, models.User{ID: 2, Name: "newusername", LoginName: "otherlogin", Email: "[email protected]"})
+}
+
+func testSuccessfullEdit(t *testing.T, formData models.User) {
+	makeRequest(t, formData, http.StatusFound)
+}
+
+func makeRequest(t *testing.T, formData models.User, headerCode int) {
+	session := loginUser(t, "user1")
+	csrf := GetCSRF(t, session, "/admin/users/"+strconv.Itoa(int(formData.ID)))
+	req := NewRequestWithValues(t, "POST", "/admin/users/"+strconv.Itoa(int(formData.ID)), map[string]string{
+		"_csrf":      csrf,
+		"user_name":  formData.Name,
+		"login_name": formData.LoginName,
+		"login_type": "0-0",
+		"email":      formData.Email,
+	})
+
+	session.MakeRequest(t, req, headerCode)
+	user := models.AssertExistsAndLoadBean(t, &models.User{ID: formData.ID}).(*models.User)
+	assert.Equal(t, formData.Name, user.Name)
+	assert.Equal(t, formData.LoginName, user.LoginName)
+	assert.Equal(t, formData.Email, user.Email)
+}
+
+func TestAdminDeleteUser(t *testing.T) {
+	prepareTestEnv(t)
+
+	session := loginUser(t, "user1")
+
+	csrf := GetCSRF(t, session, "/admin/users/8")
+	req := NewRequestWithValues(t, "POST", "/admin/users/8/delete", map[string]string{
+		"_csrf": csrf,
+	})
+	session.MakeRequest(t, req, http.StatusOK)
+
+	models.AssertNotExistsBean(t, &models.User{ID: 8})
+	models.CheckConsistencyFor(t, &models.User{})
+}
diff --git a/modules/auth/admin.go b/modules/auth/admin.go
@@ -29,6 +29,7 @@ func (f *AdminCreateUserForm) Validate(ctx *macaron.Context, errs binding.Errors
 // AdminEditUserForm form for admin to create user
 type AdminEditUserForm struct {
 	LoginType               string `binding:"Required"`
+	UserName                string `binding:"AlphaDashDot;MaxSize(35)"`
 	LoginName               string
 	FullName                string `binding:"MaxSize(100)"`
 	Email                   string `binding:"Required;Email;MaxSize(254)"`

diff --git a/public/js/index.js b/public/js/index.js
@@ -1493,6 +1493,7 @@ function initAdmin() {
         $('.admin.edit.user').length > 0) {
         $('#login_type').change(function () {
             if ($(this).val().substring(0, 1) == '0') {
+                $('#user_name').removeAttr('disabled');
                 $('#login_name').removeAttr('required');
                 $('.non-local').hide();
                 $('.local').show();
@@ -1503,6 +1504,7 @@ function initAdmin() {
                 }
 
             } else {
+                $('#user_name').attr('disabled', 'disabled');
                 $('#login_name').attr('required', 'required');
                 $('.non-local').show();
                 $('.local').hide();

diff --git a/routers/admin/users.go b/routers/admin/users.go
@@ -203,6 +203,14 @@ func EditUserPost(ctx *context.Context, form auth.AdminEditUserForm) {
 		u.HashPassword(form.Password)
 	}
 
+	if u.IsLocal() && len(form.UserName) > 0 && u.Name != form.UserName {
+		if err := models.ChangeUserName(u, form.UserName); err != nil {
+			ctx.Handle(500, "ChangeUserName", err)
+			return
+		}
+		u.Name = form.UserName
+	}
+
 	u.LoginName = form.LoginName
 	u.FullName = form.FullName
 	u.Email = form.Email

diff --git a/templates/admin/user/edit.tmpl b/templates/admin/user/edit.tmpl
@@ -9,9 +9,9 @@
 		<div class="ui attached segment">
 			<form class="ui form" action="{{.Link}}" method="post">
 				{{.CsrfTokenHtml}}
-				<div class="inline field {{if .Err_UserName}}error{{end}}">
+				<div class="field {{if .Err_UserName}}error{{end}}">
 					<label for="user_name">{{.i18n.Tr "username"}}</label>
-					<span>{{.User.Name}}</span>
+					<input id="user_name" name="user_name" value="{{.User.Name}}" autofocus {{if not .User.IsLocal }}disabled{{end}}>
 				</div>
 				<!-- Types and name -->
 				<div class="inline required field {{if .Err_LoginType}}error{{end}}">