Add user blocking (#29028)

Fixes #17453 This PR adds the abbility to block a user from a personal account or organization to restrict how the blocked user can interact with the blocker. The docs explain what's the consequence of blocking a user. Screenshots: ![grafik](4ed884f3-e06a-4862-afd3-3b8aa2488dc6) ![grafik](ae6d4981-f252-4f50-a429-04f0f9f1cdf1) ![grafik](ca153599-5b0f-4b4a-90fe-18bdfd6f0b6b) --------- Co-authored-by: Lauris BH <lauris@nix.lv>
2024-03-04 09:16:03 +01:00 · 2024-03-04 09:16:03 +01:00 · c337ff0ec7
commit c337ff0ec7
parent 8e12ba34ba
109 changed files with 2878 additions and 548 deletions
--- a/tests/integration/api_user_star_test.go
+++ b/tests/integration/api_user_star_test.go
@ -9,6 +9,8 @@ import (
 	"testing"

 	auth_model "code.gitea.io/gitea/models/auth"
+	"code.gitea.io/gitea/models/unittest"
+	user_model "code.gitea.io/gitea/models/user"
 	api "code.gitea.io/gitea/modules/structs"
 	"code.gitea.io/gitea/tests"

@ -31,6 +33,12 @@ func TestAPIStar(t *testing.T) {
 		req := NewRequest(t, "PUT", fmt.Sprintf("/api/v1/user/starred/%s", repo)).
 			AddTokenAuth(tokenWithUserScope)
 		MakeRequest(t, req, http.StatusNoContent)
+
+		// blocked user can't star a repo
+		user34 := unittest.AssertExistsAndLoadBean(t, &user_model.User{ID: 34})
+		req = NewRequest(t, "PUT", fmt.Sprintf("/api/v1/user/starred/%s", repo)).
+			AddTokenAuth(getUserToken(t, user34.Name, auth_model.AccessTokenScopeWriteRepository))
+		MakeRequest(t, req, http.StatusForbidden)
 	})

 	t.Run("GetStarredRepos", func(t *testing.T) {