Add user status filter to admin user management page

models/fixtures/user.yml

@@ -524,6 +524,7 @@
   avatar_email: user30@example.com
   num_repos: 2
   is_active: true
+  prohibit_login: true
 
 -
   id: 31

models/user.go

@@ -33,7 +33,9 @@ import (
 	"golang.org/x/crypto/bcrypt"
 	"golang.org/x/crypto/pbkdf2"
 	"golang.org/x/crypto/scrypt"
+
 	"xorm.io/builder"
+	"xorm.io/xorm"
 )
 
 // UserType defines the user type
@@ -1594,11 +1596,16 @@ type SearchUserOptions struct {
 	OrderBy       SearchOrderBy
 	Visible       []structs.VisibleType
 	Actor         *User // The user doing the search
-	IsActive      util.OptionalBool
-	SearchByEmail bool // Search by email as well as username/full name
+	SearchByEmail bool  // Search by email as well as username/full name
+
+	IsActive           util.OptionalBool
+	IsAdmin            util.OptionalBool
+	IsRestricted       util.OptionalBool
+	IsTwoFactorEnabled util.OptionalBool
+	IsProhibitLogin    util.OptionalBool
 }
 
-func (opts *SearchUserOptions) toConds() builder.Cond {
+func (opts *SearchUserOptions) toSearchQueryBase() (sess *xorm.Session) {
 	var cond builder.Cond = builder.Eq{"type": opts.Type}
 	if len(opts.Keyword) > 0 {
 		lowerKeyword := strings.ToLower(opts.Keyword)
@@ -1652,14 +1659,50 @@ func (opts *SearchUserOptions) toConds() builder.Cond {
 		cond = cond.And(builder.Eq{"is_active": opts.IsActive.IsTrue()})
 	}
 
-	return cond
+	if !opts.IsAdmin.IsNone() {
+		cond = cond.And(builder.Eq{"is_admin": opts.IsAdmin.IsTrue()})
+	}
+
+	if !opts.IsRestricted.IsNone() {
+		cond = cond.And(builder.Eq{"is_restricted": opts.IsRestricted.IsTrue()})
+	}
+
+	if !opts.IsProhibitLogin.IsNone() {
+		cond = cond.And(builder.Eq{"prohibit_login": opts.IsProhibitLogin.IsTrue()})
+	}
+
+	type Join struct {
+		Operator  string
+		Table     interface{}
+		Condition string
+		Args      []interface{}
+	}
+
+	var joins []*Join
+
+	if !opts.IsTwoFactorEnabled.IsNone() {
+		// 2fa filter uses LEFT JOIN to check whether a user has a 2fa record
+		// TODO: bad performance here, maybe there will be a column "is_2fa_enabled" in the future
+		if opts.IsTwoFactorEnabled.IsTrue() {
+			cond = cond.And(builder.Expr("two_factor.uid IS NOT NULL"))
+		} else {
+			cond = cond.And(builder.Expr("two_factor.uid IS NULL"))
+		}
+		joins = append(joins, &Join{Operator: "LEFT OUTER", Table: "two_factor", Condition: "two_factor.uid = `user`.id"})
+	}
+
+	sess = x.Where(cond)
+	for _, join := range joins {
+		sess = sess.Join(join.Operator, join.Table, join.Condition, join.Args...)
+	}
+
+	return sess
 }
 
 // SearchUsers takes options i.e. keyword and part of user name to search,
 // it returns results in given range and number of total results.
 func SearchUsers(opts *SearchUserOptions) (users []*User, _ int64, _ error) {
-	cond := opts.toConds()
-	count, err := x.Where(cond).Count(new(User))
+	count, err := opts.toSearchQueryBase().Count(new(User))
 	if err != nil {
 		return nil, 0, fmt.Errorf("Count: %v", err)
 	}
@@ -1668,7 +1711,7 @@ func SearchUsers(opts *SearchUserOptions) (users []*User, _ int64, _ error) {
 		opts.OrderBy = SearchOrderByAlphabetically
 	}
 
-	sess := x.Where(cond).OrderBy(opts.OrderBy.String())
+	sess := opts.toSearchQueryBase().OrderBy(opts.OrderBy.String())
 	if opts.Page != 0 {
 		sess = opts.setSessionPagination(sess)
 	}

models/user_test.go

@@ -151,6 +151,18 @@ func TestSearchUsers(t *testing.T) {
 	// order by name asc default
 	testUserSuccess(&SearchUserOptions{Keyword: "user1", ListOptions: ListOptions{Page: 1}, IsActive: util.OptionalBoolTrue},
 		[]int64{1, 10, 11, 12, 13, 14, 15, 16, 18})
+
+	testUserSuccess(&SearchUserOptions{ListOptions: ListOptions{Page: 1}, IsAdmin: util.OptionalBoolTrue},
+		[]int64{1})
+
+	testUserSuccess(&SearchUserOptions{ListOptions: ListOptions{Page: 1}, IsRestricted: util.OptionalBoolTrue},
+		[]int64{29, 30})
+
+	testUserSuccess(&SearchUserOptions{ListOptions: ListOptions{Page: 1}, IsProhibitLogin: util.OptionalBoolTrue},
+		[]int64{30})
+
+	testUserSuccess(&SearchUserOptions{ListOptions: ListOptions{Page: 1}, IsTwoFactorEnabled: util.OptionalBoolTrue},
+		[]int64{24})
 }
 
 func TestDeleteUser(t *testing.T) {

modules/util/util.go

@@ -9,6 +9,7 @@ import (
 	"crypto/rand"
 	"errors"
 	"math/big"
+	"strconv"
 	"strings"
 )
 
@@ -17,7 +18,7 @@ type OptionalBool byte
 
 const (
 	// OptionalBoolNone a "null" boolean value
-	OptionalBoolNone = iota
+	OptionalBoolNone OptionalBool = iota
 	// OptionalBoolTrue a "true" boolean value
 	OptionalBoolTrue
 	// OptionalBoolFalse a "false" boolean value
@@ -47,6 +48,15 @@ func OptionalBoolOf(b bool) OptionalBool {
 	return OptionalBoolFalse
 }
 
+// OptionalBoolParse get the corresponding OptionalBool of a string using strconv.ParseBool
+func OptionalBoolParse(s string) OptionalBool {
+	b, e := strconv.ParseBool(s)
+	if e != nil {
+		return OptionalBoolNone
+	}
+	return OptionalBoolOf(b)
+}
+
 // Max max of two ints
 func Max(a, b int) int {
 	if a < b {

modules/util/util_test.go

@@ -156,3 +156,16 @@ func Test_RandomString(t *testing.T) {
 
 	assert.NotEqual(t, str3, str4)
 }
+
+func Test_OptionalBool(t *testing.T) {
+	assert.Equal(t, OptionalBoolNone, OptionalBoolParse(""))
+	assert.Equal(t, OptionalBoolNone, OptionalBoolParse("x"))
+
+	assert.Equal(t, OptionalBoolFalse, OptionalBoolParse("0"))
+	assert.Equal(t, OptionalBoolFalse, OptionalBoolParse("f"))
+	assert.Equal(t, OptionalBoolFalse, OptionalBoolParse("False"))
+
+	assert.Equal(t, OptionalBoolTrue, OptionalBoolParse("1"))
+	assert.Equal(t, OptionalBoolTrue, OptionalBoolParse("t"))
+	assert.Equal(t, OptionalBoolTrue, OptionalBoolParse("True"))
+}

options/locale/locale_en-US.ini

@@ -2352,6 +2352,18 @@ users.still_own_repo = This user still owns one or more repositories. Delete or
 users.still_has_org = This user is a member of an organization. Remove the user from any organizations first.
 users.deletion_success = The user account has been deleted.
 users.reset_2fa = Reset 2FA
+users.list_status_filter.menu_text = Filter
+users.list_status_filter.reset = Reset
+users.list_status_filter.is_active = Active
+users.list_status_filter.not_active = Inactive
+users.list_status_filter.is_admin = Admin
+users.list_status_filter.not_admin = Not Admin
+users.list_status_filter.is_restricted = Restricted
+users.list_status_filter.not_restricted = Not Restricted
+users.list_status_filter.is_prohibit_login = Prohibit Login
+users.list_status_filter.not_prohibit_login = Allow Login
+users.list_status_filter.is_2fa_enabled = 2FA Enabled
+users.list_status_filter.not_2fa_enabled = 2FA Disabled
 
 emails.email_manage_panel = User Email Management
 emails.primary = Primary

routers/web/admin/users.go

@@ -17,6 +17,7 @@ import (
 	"code.gitea.io/gitea/modules/log"
 	"code.gitea.io/gitea/modules/password"
 	"code.gitea.io/gitea/modules/setting"
+	"code.gitea.io/gitea/modules/util"
 	"code.gitea.io/gitea/modules/web"
 	"code.gitea.io/gitea/routers/web/explore"
 	router_user_setting "code.gitea.io/gitea/routers/web/user/setting"
@@ -36,14 +37,30 @@ func Users(ctx *context.Context) {
 	ctx.Data["PageIsAdmin"] = true
 	ctx.Data["PageIsAdminUsers"] = true
 
-	explore.RenderUserSearch(ctx, &models.SearchUserOptions{
+	searchOpts := &models.SearchUserOptions{
 		Actor: ctx.User,
 		Type:  models.UserTypeIndividual,
 		ListOptions: models.ListOptions{
 			PageSize: setting.UI.Admin.UserPagingNum,
 		},
 		SearchByEmail: true,
-	}, tplUsers)
+	}
+
+	statusFilterKeys := []string{"is_active", "is_admin", "is_restricted", "is_2fa_enabled", "is_prohibit_login"}
+	statusFilterMap := map[string]string{}
+	for _, filterKey := range statusFilterKeys {
+		statusFilterMap[filterKey] = ctx.FormString("status_filter[" + filterKey + "]")
+	}
+
+	searchOpts.IsActive = util.OptionalBoolParse(statusFilterMap["is_active"])
+	searchOpts.IsAdmin = util.OptionalBoolParse(statusFilterMap["is_admin"])
+	searchOpts.IsRestricted = util.OptionalBoolParse(statusFilterMap["is_restricted"])
+	searchOpts.IsTwoFactorEnabled = util.OptionalBoolParse(statusFilterMap["is_2fa_enabled"])
+	searchOpts.IsProhibitLogin = util.OptionalBoolParse(statusFilterMap["is_prohibit_login"])
+
+	ctx.Data["StatusFilterMap"] = statusFilterMap
+
+	explore.RenderUserSearch(ctx, searchOpts, tplUsers)
 }
 
 // NewUser render adding a new user page

templates/admin/base/search.tmpl

@@ -15,7 +15,7 @@
 		</div>
 	</div>
 </div>
-<form class="ui form ignore-dirty"  style="max-width: 90%">
+<form class="ui form ignore-dirty"  style="max-width: 90%;">
 	<div class="ui fluid action input">
 		<input name="q" value="{{.Keyword}}" placeholder="{{.i18n.Tr "explore.search"}}..." autofocus>
 		<button class="ui blue button">{{.i18n.Tr "explore.search"}}</button>

templates/admin/user/list.tmpl

@@ -10,7 +10,66 @@
 			</div>
 		</h4>
 		<div class="ui attached segment">
-			{{template "admin/base/search" .}}
+			<form class="ui form ignore-dirty" id="user-list-search-form">
+
+				<!-- Right Menu -->
+				<div class="ui right floated secondary filter menu">
+					<!-- Status Filter Menu Item -->
+					<div class="ui dropdown type jump item">
+						<span class="text">{{.i18n.Tr "admin.users.list_status_filter.menu_text"}} {{svg "octicon-triangle-down" 14 "dropdown icon"}}</span>
+						<div class="menu">
+							<a class="item j-reset-status-filter">{{.i18n.Tr "admin.users.list_status_filter.reset"}}</a>
+							<div class="ui divider"></div>
+							<label class="item"><input type="radio" name="status_filter[is_admin]" value="1"> {{.i18n.Tr "admin.users.list_status_filter.is_admin"}}</label>
+							<label class="item"><input type="radio" name="status_filter[is_admin]" value="0"> {{.i18n.Tr "admin.users.list_status_filter.not_admin"}}</label>
+							<div class="ui divider"></div>
+							<label class="item"><input type="radio" name="status_filter[is_active]" value="1"> {{.i18n.Tr "admin.users.list_status_filter.is_active"}}</label>
+							<label class="item"><input type="radio" name="status_filter[is_active]" value="0"> {{.i18n.Tr "admin.users.list_status_filter.not_active"}}</label>
+							<div class="ui divider"></div>
+							<label class="item"><input type="radio" name="status_filter[is_restricted]" value="0"> {{.i18n.Tr "admin.users.list_status_filter.not_restricted"}}</label>
+							<label class="item"><input type="radio" name="status_filter[is_restricted]" value="1"> {{.i18n.Tr "admin.users.list_status_filter.is_restricted"}}</label>
+							<div class="ui divider"></div>
+							<label class="item"><input type="radio" name="status_filter[is_prohibit_login]" value="0"> {{.i18n.Tr "admin.users.list_status_filter.not_prohibit_login"}}</label>
+							<label class="item"><input type="radio" name="status_filter[is_prohibit_login]" value="1"> {{.i18n.Tr "admin.users.list_status_filter.is_prohibit_login"}}</label>
+							<div class="ui divider"></div>
+							<label class="item"><input type="radio" name="status_filter[is_2fa_enabled]" value="1"> {{.i18n.Tr "admin.users.list_status_filter.is_2fa_enabled"}}</label>
+							<label class="item"><input type="radio" name="status_filter[is_2fa_enabled]" value="0"> {{.i18n.Tr "admin.users.list_status_filter.not_2fa_enabled"}}</label>
+						</div>
+					</div>
+
+					<!-- Sort Menu Item -->
+					<div class="ui dropdown type jump item">
+						<span class="text">
+							{{.i18n.Tr "repo.issues.filter_sort"}} {{svg "octicon-triangle-down" 14 "dropdown icon"}}
+						</span>
+						<div class="menu">
+							<button class="item" name="sort" value="oldest">{{.i18n.Tr "repo.issues.filter_sort.oldest"}}</button>
+							<button class="item" name="sort" value="newest">{{.i18n.Tr "repo.issues.filter_sort.latest"}}</button>
+							<button class="item" name="sort" value="alphabetically">{{.i18n.Tr "repo.issues.label.filter_sort.alphabetically"}}</button>
+							<button class="item" name="sort" value="reversealphabetically">{{.i18n.Tr "repo.issues.label.filter_sort.reverse_alphabetically"}}</button>
+							<button class="item" name="sort" value="recentupdate">{{.i18n.Tr "repo.issues.filter_sort.recentupdate"}}</button>
+							<button class="item" name="sort" value="leastupdate">{{.i18n.Tr "repo.issues.filter_sort.leastupdate"}}</button>
+						</div>
+					</div>
+				</div>
+
+				<!-- Search Text -->
+				<div class="ui fluid action input" style="max-width: 70%;">
+					<input name="q" value="{{.Keyword}}" placeholder="{{.i18n.Tr "explore.search"}}..." autofocus>
+					<button class="ui blue button">{{.i18n.Tr "explore.search"}}</button>
+				</div>
+
+				{{/* here we have valid go template syntax, but eslint doesn't like it and reports "error  Parsing error: Unexpected token {" */}}
+				<script>
+					<!-- /* eslint-disable */ -->
+					(function() {
+						window.config.PageData.adminUserListSearchForm = {
+							statusFilterMap: {{.StatusFilterMap}},
+							sortType: {{.SortType}} || 'oldest'
+						}
+					})();
+				</script>
+			</form>
 		</div>
 		<div class="ui attached table segment">
 			<table class="ui very basic striped table">

templates/base/footer.tmpl

@@ -1,8 +1,9 @@
-{{/*
+{{if false}}
+	{{/* to make html structure "likely" complete to prevent IDE warnings */}}
 <html>
 <body>
 	<div>
-*/}}
+{{end}}
 
 	{{template "custom/body_inner_post" .}}
 

templates/base/head.tmpl

@@ -44,6 +44,7 @@
 			},
 			EnableTimetracking: {{if EnableTimetracking}}true{{else}}false{{end}},
 			PageIsProjects: {{if .PageIsProjects }}true{{else}}false{{end}},
+			PageData: {},  // to store page related data, eg: pass variables to javascript module
 			{{if .RequireTribute}}
 			tributeValues: Array.from(new Map([
 				{{ range .Participants }}
@@ -75,7 +76,6 @@
 			.ui.secondary.menu .dropdown.item > .menu { margin-top: 0; }
 		</style>
 	</noscript>
-	<style class="list-search-style"></style>
 {{if .PageIsUserProfile}}
 	<meta property="og:title" content="{{.Owner.Name}}" />
 	<meta property="og:type" content="profile" />
@@ -134,8 +134,10 @@
 				{{template "base/head_navbar" .}}
 			</div><!-- end bar -->
 		{{end}}
-{{/*
+
+{{if false}}
+	{{/* to make html structure "likely" complete to prevent IDE warnings */}}
 	</div>
 </body>
 </html>
-*/}}
+{{end}}

web_src/js/features/admin-users.js

@@ -0,0 +1,32 @@
+export function initAdminUserListSearchForm() {
+  const searchForm = window.config.PageData.adminUserListSearchForm;
+  if (!searchForm) return;
+
+  const $form = $('#user-list-search-form');
+  if (!$form.length) return;
+
+  $form.find(`button[name=sort][value=${searchForm.sortType}]`).addClass('active');
+
+  if (searchForm.statusFilterMap) {
+    for (const [k, v] of Object.entries(searchForm.statusFilterMap)) {
+      if (!v) continue;
+      $form.find(`input[name="status_filter[${k}]"][value=${v}]`).prop('checked', true);
+    }
+  }
+
+  $form.find(`input[type=radio]`).click(() => {
+    $form.submit();
+    return false;
+  });
+
+  $form.find('.j-reset-status-filter').click(() => {
+    $form.find(`input[type=radio]`).each((_, e) => {
+      const $e = $(e);
+      if ($e.attr('name').startsWith('status_filter[')) {
+        $e.prop('checked', false);
+      }
+    });
+    $form.submit();
+    return false;
+  });
+}

web_src/js/index.js

@@ -17,6 +17,7 @@ import initMigration from './features/migration.js';
 import initProject from './features/projects.js';
 import initServiceWorker from './features/serviceworker.js';
 import initTableSort from './features/tablesort.js';
+import {initAdminUserListSearchForm} from './features/admin-users.js';
 import {createCodeEditor, createMonaco} from './features/codeeditor.js';
 import {initMarkupAnchors} from './markup/anchors.js';
 import {initNotificationsTable, initNotificationCount} from './features/notification.js';
@@ -2860,6 +2861,7 @@ $(document).ready(async () => {
   initFileViewToggle();
   initReleaseEditor();
   initRelease();
+  initAdminUserListSearchForm();
 
   const routes = {
     'div.user.settings': initUserSettings,