Allow admins to rename non-local users#35970
Merged
Merged
Conversation
GiteaBot
added
the
lgtm/need 2
wxiaoguang
approved these changes
Nov 17, 2025
Contributor
wxiaoguang
left a comment
wxiaoguang
left a comment
There was a problem hiding this comment.
It's better to add a test to cover the new behavior
GiteaBot
added
lgtm/need 1
delvh
approved these changes
Nov 17, 2025
Member
delvh
left a comment
delvh
left a comment
There was a problem hiding this comment.
LGTM, given the following:
I think the second reason why this was disabled is also that it leads to desync between online data and the local data.
I am not sure if or when data is synced, and what will happen in this case.
Additionally, this means there is no way to reset it back to the online state.
GiteaBot
added
lgtm/done
Contributor
Author
Can do, will take a look at that tomorrow. |
meln5674
force-pushed
the
feat/admin-rename-nonlocal-user
branch
2 times, most recently
from
e38a773 to
77cef7e
Compare
meln5674
force-pushed
the
feat/admin-rename-nonlocal-user
branch
from
77cef7e to
ffdd25e
Compare
Contributor
Author
|
Added tests, rebased, and squashed |
wxiaoguang
force-pushed
the
feat/admin-rename-nonlocal-user
branch
from
123f12e to
d4fff82
Compare
lunny
added
the
reviewed/wait-merge
GiteaBot
removed
the
reviewed/wait-merge
pimpale
pushed a commit
to hud-evals/gitea
that referenced
this pull request
Dec 14, 2025
Presently, attempting to rename a non-local (e.g. Oauth2 or LDAP) user results in an error, even if the requester is an administrator. As far as I can tell, this is a security feature, not architectural in nature, as automatic account linking could be used to take control of another user's account. This is not a concern for an administrator, who we should trust to know what they are doing. This patch allows admins, and only admins, to rename non-local users. Fixes go-gitea#18308 (sort of) --------- Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
5 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Presently, attempting to rename a non-local (e.g. Oauth2 or LDAP) user results in an error, even if the requester is an administrator. As far as I can tell, this is a security feature, not architectural in nature, as automatic account linking could be used to take control of another user's account. This is not a concern for an administrator, who we should trust to know what they are doing.
This patch allows admins, and only admins, to rename non-local users.
Fixes #18308 (sort of)