Move repository visibility to danger zone in the settings area (#31126)

Moved repository visibility to the danger zone in the settings area. To
change the visibility, it is necessary to go to the danger zone, click
on the private/public button, and accept the change in the modal.

Resolves:  #23826

---
## Screenshots

<details>
<summary>Before</summary>
Private repo:

![Private
repo](https://github.com/go-gitea/gitea/assets/65479069/4313492a-4854-48bc-9f47-974e3539d791)

Public repo:

![Public
repo](https://github.com/go-gitea/gitea/assets/65479069/1c45f6e4-ee93-4799-9331-e9d4a7e0f16a)

</details>
<details>
<summary>After</summary>
Make private:

![Screenshot from 2024-05-28
21-35-38](https://github.com/go-gitea/gitea/assets/65479069/4887e28a-0514-4990-aa69-bf3ddc7e6c7d)

Make private modal

![Screenshot from 2024-06-13
23-55-55](https://github.com/go-gitea/gitea/assets/65479069/9f5a7604-069b-41a2-973b-ee2d58e85953)

![Screenshot from 2024-06-13
23-53-09](https://github.com/go-gitea/gitea/assets/65479069/06c22726-eab2-4bce-8df7-62849dcce974)

Make public:

![Screenshot from 2024-05-28
21-34-27](https://github.com/go-gitea/gitea/assets/65479069/6d388f99-0356-48a0-9d85-320cdba55179)

Make public modal

![Screenshot from 2024-06-13
23-53-37](https://github.com/go-gitea/gitea/assets/65479069/8944972e-f2d4-4aea-ba96-b892febb5ced)

</details>

---------

Co-authored-by: Kemal Zebari <[email protected]>

options/locale/locale_en-US.ini

@@ -2466,6 +2466,18 @@ settings.thread_id = Thread ID
 settings.matrix.homeserver_url = Homeserver URL
 settings.matrix.room_id = Room ID
 settings.matrix.message_type = Message Type
+settings.visibility.private.button = Make Private
+settings.visibility.private.text = Changing the visibility to private will not only make the repo visible to only allowed members but may remove the relation between it and forks, watchers, and stars.
+settings.visibility.private.bullet_title = <strong>Changing the visibility to private will:</strong>
+settings.visibility.private.bullet_one = Make the repo visible to only allowed members.
+settings.visibility.private.bullet_two = May remove the relation between it and <strong>forks</strong>, <strong>watchers</strong>, and <strong>stars</strong>.
+settings.visibility.public.button = Make Public
+settings.visibility.public.text = Changing the visibility to public will make the repo visible to anyone.
+settings.visibility.public.bullet_title= <strong>Changing the visibility to public will:</strong>
+settings.visibility.public.bullet_one = Make the repo visible to anyone.
+settings.visibility.success = Repository visibility changed.
+settings.visibility.error = An error occurred while trying to change the repo visibility.
+settings.visibility.fork_error = Can't change the visibility of a forked repo.
 settings.archive.button = Archive Repo
 settings.archive.header = Archive This Repo
 settings.archive.text = Archiving the repo will make it entirely read-only. It will be hidden from the dashboard. Nobody (not even you!) will be able to make new commits, or open any issues or pull requests.

routers/web/repo/setting/setting.go

@@ -170,15 +170,7 @@ func SettingsPost(ctx *context.Context) {
 			form.Private = repo.BaseRepo.IsPrivate || repo.BaseRepo.Owner.Visibility == structs.VisibleTypePrivate
 		}
 
-		visibilityChanged := repo.IsPrivate != form.Private
-		// when ForcePrivate enabled, you could change public repo to private, but only admin users can change private to public
-		if visibilityChanged && setting.Repository.ForcePrivate && !form.Private && !ctx.Doer.IsAdmin {
-			ctx.RenderWithErr(ctx.Tr("form.repository_force_private"), tplSettingsOptions, form)
-			return
-		}
-
-		repo.IsPrivate = form.Private
-		if err := repo_service.UpdateRepository(ctx, repo, visibilityChanged); err != nil {
+		if err := repo_service.UpdateRepository(ctx, repo, false); err != nil {
 			ctx.ServerError("UpdateRepository", err)
 			return
 		}
@@ -940,6 +932,39 @@ func SettingsPost(ctx *context.Context) {
 		log.Trace("Repository was un-archived: %s/%s", ctx.Repo.Owner.Name, repo.Name)
 		ctx.Redirect(ctx.Repo.RepoLink + "/settings")
 
+	case "visibility":
+		if repo.IsFork {
+			ctx.Flash.Error(ctx.Tr("repo.settings.visibility.fork_error"))
+			ctx.Redirect(ctx.Repo.RepoLink + "/settings")
+			return
+		}
+
+		var err error
+
+		// when ForcePrivate enabled, you could change public repo to private, but only admin users can change private to public
+		if setting.Repository.ForcePrivate && repo.IsPrivate && !ctx.Doer.IsAdmin {
+			ctx.RenderWithErr(ctx.Tr("form.repository_force_private"), tplSettingsOptions, form)
+			return
+		}
+
+		if repo.IsPrivate {
+			err = repo_service.MakeRepoPublic(ctx, repo)
+		} else {
+			err = repo_service.MakeRepoPrivate(ctx, repo)
+		}
+
+		if err != nil {
+			log.Error("Tried to change the visibility of the repo: %s", err)
+			ctx.Flash.Error(ctx.Tr("repo.settings.visibility.error"))
+			ctx.Redirect(ctx.Repo.RepoLink + "/settings")
+			return
+		}
+
+		ctx.Flash.Success(ctx.Tr("repo.settings.visibility.success"))
+
+		log.Trace("Repository visibility changed: %s/%s", ctx.Repo.Owner.Name, repo.Name)
+		ctx.Redirect(ctx.Repo.RepoLink + "/settings")
+
 	default:
 		ctx.NotFound("", nil)
 	}

services/repository/repository.go

@@ -122,6 +122,31 @@ func UpdateRepository(ctx context.Context, repo *repo_model.Repository, visibili
 	return committer.Commit()
 }
 
+func UpdateRepositoryVisibility(ctx context.Context, repo *repo_model.Repository, isPrivate bool) (err error) {
+	ctx, committer, err := db.TxContext(ctx)
+	if err != nil {
+		return err
+	}
+
+	defer committer.Close()
+
+	repo.IsPrivate = isPrivate
+
+	if err = repo_module.UpdateRepository(ctx, repo, true); err != nil {
+		return fmt.Errorf("UpdateRepositoryVisibility: %w", err)
+	}
+
+	return committer.Commit()
+}
+
+func MakeRepoPublic(ctx context.Context, repo *repo_model.Repository) (err error) {
+	return UpdateRepositoryVisibility(ctx, repo, false)
+}
+
+func MakeRepoPrivate(ctx context.Context, repo *repo_model.Repository) (err error) {
+	return UpdateRepositoryVisibility(ctx, repo, true)
+}
+
 // LinkedRepository returns the linked repo if any
 func LinkedRepository(ctx context.Context, a *repo_model.Attachment) (*repo_model.Repository, unit.Type, error) {
 	if a.IssueID != 0 {

templates/repo/settings/options.tmpl

@@ -23,20 +23,6 @@
 						<label>{{ctx.Locale.Tr "repo.template_helper"}}</label>
 					</div>
 				</div>
-				{{if not .Repository.IsFork}}
-					<div class="inline field">
-						<label>{{ctx.Locale.Tr "repo.visibility"}}</label>
-						<div class="ui checkbox" {{if and (not .Repository.IsPrivate) (gt .Repository.NumStars 0)}}data-tooltip-content="{{ctx.Locale.Tr "repo.stars_remove_warning"}}"{{end}}>
-							{{if .IsAdmin}}
-								<input name="private" type="checkbox" {{if .Repository.IsPrivate}}checked{{end}}>
-							{{else}}
-								<input name="private" type="checkbox" {{if .Repository.IsPrivate}}checked{{end}}{{if and $.ForcePrivate .Repository.IsPrivate}} disabled{{end}}>
-								{{if and .Repository.IsPrivate $.ForcePrivate}}<input type="hidden" name="private" value="{{.Repository.IsPrivate}}">{{end}}
-							{{end}}
-							<label>{{ctx.Locale.Tr "repo.visibility_helper"}} {{if .Repository.NumForks}}<span class="text red">{{ctx.Locale.Tr "repo.visibility_fork_helper"}}</span>{{end}}</label>
-						</div>
-					</div>
-				{{end}}
 				<div class="field {{if .Err_Description}}error{{end}}">
 					<label for="description">{{ctx.Locale.Tr "repo.repo_desc"}}</label>
 					<textarea id="description" name="description" rows="2" maxlength="2048">{{.Repository.Description}}</textarea>
@@ -786,6 +772,27 @@
 		</h4>
 		<div class="ui attached error danger segment">
 			<div class="flex-list">
+				{{if not .Repository.IsFork}}
+					<div class="flex-item tw-items-center">
+						<div class="flex-item-main">
+							<div class="flex-item-title">{{ctx.Locale.Tr "repo.visibility"}}</div>
+							{{if .Repository.IsPrivate}}
+								<div class="flex-item-body">{{ctx.Locale.Tr "repo.settings.visibility.public.text"}}</div>
+							{{else}}
+								<div class="flex-item-body">{{ctx.Locale.Tr "repo.settings.visibility.private.text"}}</div>
+							{{end}}
+						</div>
+						<div class="flex-item-trailing">
+							<button class="ui basic red show-modal button" data-modal="#visibility-repo-modal">
+								{{if .Repository.IsPrivate}}
+									{{ctx.Locale.Tr "repo.settings.visibility.public.button"}}
+								{{else}}
+									{{ctx.Locale.Tr "repo.settings.visibility.private.button"}}
+								{{end}}
+							</button>
+						</div>
+					</div>
+				{{end}}
 				{{if .Repository.IsMirror}}
 					<div class="flex-item">
 						<div class="flex-item-main">
@@ -1012,6 +1019,34 @@
 		</div>
 	</div>
 
+	{{if not .Repository.IsFork}}
+		<div class="ui g-modal-confirm modal" id="visibility-repo-modal">
+			<div class="header">
+				{{ctx.Locale.Tr "repo.visibility"}}
+			</div>
+			<div class="content">
+					{{if .Repository.IsPrivate}}
+						<p>{{ctx.Locale.Tr "repo.settings.visibility.public.bullet_title"}}</p>
+						<ul>
+							<li>{{ctx.Locale.Tr "repo.settings.visibility.public.bullet_one"}}</li>
+						</ul>
+					{{else}}
+						<p>{{ctx.Locale.Tr "repo.settings.visibility.private.bullet_title"}}</p>
+						<ul>
+							<li>{{ctx.Locale.Tr "repo.settings.visibility.private.bullet_one"}}</li>
+							<li>{{ctx.Locale.Tr "repo.settings.visibility.private.bullet_two"}}{{if .Repository.NumForks}}<span class="text red">{{ctx.Locale.Tr "repo.visibility_fork_helper"}}</span>{{end}}</li>
+						</ul>
+					{{end}}
+			</div>
+			<form action="{{.Link}}" method="post">
+				{{.CsrfTokenHtml}}
+				<input type="hidden" name="action" value="visibility">
+				<input type="hidden" name="repo_id" value="{{.Repository.ID}}">
+				{{template "base/modal_actions_confirm" .}}
+			</form>
+		</div>
+	{{end}}
+
 	{{if .Repository.UnitEnabled $.Context ctx.Consts.RepoUnitTypeWiki}}
 	<div class="ui small modal" id="delete-wiki-modal">
 		<div class="header">