feat: allow admin to restrict the minimum linuxdo trust level to register

common/constants.go

@@ -83,6 +83,7 @@ var GitHubClientId = ""
 var GitHubClientSecret = ""
 var LinuxDOClientId = ""
 var LinuxDOClientSecret = ""
+var LinuxDOMinimumTrustLevel = 0
 
 var WeChatServerAddress = ""
 var WeChatServerToken = ""

controller/linuxdo.go

@@ -220,21 +220,29 @@ func LinuxdoOAuth(c *gin.Context) {
 		}
 	} else {
 		if common.RegisterEnabled {
-			user.Username = "linuxdo_" + strconv.Itoa(model.GetMaxUserId()+1)
-			user.DisplayName = linuxdoUser.Name
-			user.Role = common.RoleCommonUser
-			user.Status = common.UserStatusEnabled
-
-			affCode := session.Get("aff")
-			inviterId := 0
-			if affCode != nil {
-				inviterId, _ = model.GetUserIdByAffCode(affCode.(string))
-			}
-
-			if err := user.Insert(inviterId); err != nil {
+			if linuxdoUser.TrustLevel >= common.LinuxDOMinimumTrustLevel {
+				user.Username = "linuxdo_" + strconv.Itoa(model.GetMaxUserId()+1)
+				user.DisplayName = linuxdoUser.Name
+				user.Role = common.RoleCommonUser
+				user.Status = common.UserStatusEnabled
+
+				affCode := session.Get("aff")
+				inviterId := 0
+				if affCode != nil {
+					inviterId, _ = model.GetUserIdByAffCode(affCode.(string))
+				}
+
+				if err := user.Insert(inviterId); err != nil {
+					c.JSON(http.StatusOK, gin.H{
+						"success": false,
+						"message": err.Error(),
+					})
+					return
+				}
+			} else {
 				c.JSON(http.StatusOK, gin.H{
 					"success": false,
-					"message": err.Error(),
+					"message": "Linux DO 信任等级未达到管理员设置的最低信任等级",
 				})
 				return
 			}

controller/misc.go

@@ -41,46 +41,47 @@ func GetStatus(c *gin.Context) {
 	cs := console_setting.GetConsoleSetting()
 
 	data := gin.H{
-		"version":                  common.Version,
-		"start_time":               common.StartTime,
-		"email_verification":       common.EmailVerificationEnabled,
-		"github_oauth":             common.GitHubOAuthEnabled,
-		"github_client_id":         common.GitHubClientId,
-		"linuxdo_oauth":            common.LinuxDOOAuthEnabled,
-		"linuxdo_client_id":        common.LinuxDOClientId,
-		"telegram_oauth":           common.TelegramOAuthEnabled,
-		"telegram_bot_name":        common.TelegramBotName,
-		"system_name":              common.SystemName,
-		"logo":                     common.Logo,
-		"footer_html":              common.Footer,
-		"wechat_qrcode":            common.WeChatAccountQRCodeImageURL,
-		"wechat_login":             common.WeChatAuthEnabled,
-		"server_address":           setting.ServerAddress,
-		"price":                    setting.Price,
-		"stripe_unit_price":        setting.StripeUnitPrice,
-		"min_topup":                setting.MinTopUp,
-		"stripe_min_topup":         setting.StripeMinTopUp,
-		"turnstile_check":          common.TurnstileCheckEnabled,
-		"turnstile_site_key":       common.TurnstileSiteKey,
-		"top_up_link":              common.TopUpLink,
-		"docs_link":                operation_setting.GetGeneralSetting().DocsLink,
-		"quota_per_unit":           common.QuotaPerUnit,
-		"display_in_currency":      common.DisplayInCurrencyEnabled,
-		"enable_batch_update":      common.BatchUpdateEnabled,
-		"enable_drawing":           common.DrawingEnabled,
-		"enable_task":              common.TaskEnabled,
-		"enable_data_export":       common.DataExportEnabled,
-		"data_export_default_time": common.DataExportDefaultTime,
-		"default_collapse_sidebar": common.DefaultCollapseSidebar,
-		"enable_online_topup":      setting.PayAddress != "" && setting.EpayId != "" && setting.EpayKey != "",
-		"enable_stripe_topup":      setting.StripeApiSecret != "" && setting.StripeWebhookSecret != "" && setting.StripePriceId != "",
-		"mj_notify_enabled":        setting.MjNotifyEnabled,
-		"chats":                    setting.Chats,
-		"demo_site_enabled":        operation_setting.DemoSiteEnabled,
-		"self_use_mode_enabled":    operation_setting.SelfUseModeEnabled,
-		"default_use_auto_group":   setting.DefaultUseAutoGroup,
-		"pay_methods":              setting.PayMethods,
-		"usd_exchange_rate":        setting.USDExchangeRate,
+		"version":                     common.Version,
+		"start_time":                  common.StartTime,
+		"email_verification":          common.EmailVerificationEnabled,
+		"github_oauth":                common.GitHubOAuthEnabled,
+		"github_client_id":            common.GitHubClientId,
+		"linuxdo_oauth":               common.LinuxDOOAuthEnabled,
+		"linuxdo_client_id":           common.LinuxDOClientId,
+		"linuxdo_minimum_trust_level": common.LinuxDOMinimumTrustLevel,
+		"telegram_oauth":              common.TelegramOAuthEnabled,
+		"telegram_bot_name":           common.TelegramBotName,
+		"system_name":                 common.SystemName,
+		"logo":                        common.Logo,
+		"footer_html":                 common.Footer,
+		"wechat_qrcode":               common.WeChatAccountQRCodeImageURL,
+		"wechat_login":                common.WeChatAuthEnabled,
+		"server_address":              setting.ServerAddress,
+		"price":                       setting.Price,
+		"stripe_unit_price":           setting.StripeUnitPrice,
+		"min_topup":                   setting.MinTopUp,
+		"stripe_min_topup":            setting.StripeMinTopUp,
+		"turnstile_check":             common.TurnstileCheckEnabled,
+		"turnstile_site_key":          common.TurnstileSiteKey,
+		"top_up_link":                 common.TopUpLink,
+		"docs_link":                   operation_setting.GetGeneralSetting().DocsLink,
+		"quota_per_unit":              common.QuotaPerUnit,
+		"display_in_currency":         common.DisplayInCurrencyEnabled,
+		"enable_batch_update":         common.BatchUpdateEnabled,
+		"enable_drawing":              common.DrawingEnabled,
+		"enable_task":                 common.TaskEnabled,
+		"enable_data_export":          common.DataExportEnabled,
+		"data_export_default_time":    common.DataExportDefaultTime,
+		"default_collapse_sidebar":    common.DefaultCollapseSidebar,
+		"enable_online_topup":         setting.PayAddress != "" && setting.EpayId != "" && setting.EpayKey != "",
+		"enable_stripe_topup":         setting.StripeApiSecret != "" && setting.StripeWebhookSecret != "" && setting.StripePriceId != "",
+		"mj_notify_enabled":           setting.MjNotifyEnabled,
+		"chats":                       setting.Chats,
+		"demo_site_enabled":           operation_setting.DemoSiteEnabled,
+		"self_use_mode_enabled":       operation_setting.SelfUseModeEnabled,
+		"default_use_auto_group":      setting.DefaultUseAutoGroup,
+		"pay_methods":                 setting.PayMethods,
+		"usd_exchange_rate":           setting.USDExchangeRate,
 
 		// 面板启用开关
 		"api_info_enabled":      cs.ApiInfoEnabled,

model/option.go

@@ -336,6 +336,8 @@ func updateOptionMap(key string, value string) (err error) {
 		common.LinuxDOClientId = value
 	case "LinuxDOClientSecret":
 		common.LinuxDOClientSecret = value
+	case "LinuxDOMinimumTrustLevel":
+		common.LinuxDOMinimumTrustLevel, _ = strconv.Atoi(value)
 	case "Footer":
 		common.Footer = value
 	case "SystemName":

web/src/components/settings/SystemSetting.js

@@ -85,6 +85,7 @@ const SystemSetting = () => {
     LinuxDOOAuthEnabled: '',
     LinuxDOClientId: '',
     LinuxDOClientSecret: '',
+    LinuxDOMinimumTrustLevel: '',
     ServerAddress: '',
   });
 
@@ -472,6 +473,12 @@ const SystemSetting = () => {
         value: inputs.LinuxDOClientSecret,
       });
     }
+    if (originInputs['LinuxDOMinimumTrustLevel'] !== inputs.LinuxDOMinimumTrustLevel) {
+      options.push({
+        key: 'LinuxDOMinimumTrustLevel',
+        value: inputs.LinuxDOMinimumTrustLevel,
+      });
+    }
 
     if (options.length > 0) {
       await updateOptions(options);
@@ -916,14 +923,14 @@ const SystemSetting = () => {
                   <Row
                     gutter={{ xs: 8, sm: 16, md: 24, lg: 24, xl: 24, xxl: 24 }}
                   >
-                    <Col xs={24} sm={24} md={12} lg={12} xl={12}>
+                    <Col xs={24} sm={24} md={10} lg={10} xl={10}>
                       <Form.Input
                         field='LinuxDOClientId'
                         label={t('Linux DO Client ID')}
                         placeholder={t('输入你注册的 LinuxDO OAuth APP 的 ID')}
                       />
                     </Col>
-                    <Col xs={24} sm={24} md={12} lg={12} xl={12}>
+                    <Col xs={24} sm={24} md={10} lg={10} xl={10}>
                       <Form.Input
                         field='LinuxDOClientSecret'
                         label={t('Linux DO Client Secret')}
@@ -931,6 +938,13 @@ const SystemSetting = () => {
                         placeholder={t('敏感信息不会发送到前端显示')}
                       />
                     </Col>
+                    <Col xs={24} sm={24} md={4} lg={4} xl={4}>
+                      <Form.Input
+                        field='LinuxDOMinimumTrustLevel'
+                        label='LinuxDO Minimum Trust Level'
+                        placeholder='允许注册的最低信任等级'
+                      />
+                    </Col>
                   </Row>
                   <Button onClick={submitLinuxDOOAuth}>
                     {t('保存 Linux DO OAuth 设置')}