From 487d12a5d14cd415731bf35a20e04e53019daab2 Mon Sep 17 00:00:00 2001
From: Sergey Dryabzhinsky <sergey@rusoft.ru>
Date: Sat, 5 Jun 2021 01:00:21 +0300
Subject: [PATCH 01/67] First take for hiding users from explore page

---
 models/migrations/v181.go            | 21 +++++++++++++++++++++
 models/user.go                       |  2 ++
 options/locale/locale_en-US.ini      |  4 ++++
 routers/user/setting/profile.go      |  1 +
 services/forms/user_form.go          |  1 +
 templates/admin/user/edit.tmpl       |  7 +++++++
 templates/explore/users.tmpl         |  2 ++
 templates/user/settings/profile.tmpl |  7 +++++++
 8 files changed, 45 insertions(+)
 create mode 100644 models/migrations/v181.go

diff --git a/models/migrations/v181.go b/models/migrations/v181.go
new file mode 100644
index 0000000000000..6df1ef84221d5
--- /dev/null
+++ b/models/migrations/v181.go
@@ -0,0 +1,21 @@
+// Copyright 2021 The Gitea Authors. All rights reserved.
+// Use of this source code is governed by a MIT-style
+// license that can be found in the LICENSE file.
+
+package migrations
+
+import (
+	"fmt"
+
+	"xorm.io/xorm"
+)
+
+func addHideFromExplorePageUserColumn(x *xorm.Engine) error {
+	type User struct {
+		HideFromExplorePage bool `xorm:"NOT NULL DEFAULT false"`
+	}
+	if err := x.Sync2(new(User)); err != nil {
+		return fmt.Errorf("Sync2: %v", err)
+	}
+	return nil
+}
diff --git a/models/user.go b/models/user.go
index c7b44bdb73216..a99fe6735006a 100644
--- a/models/user.go
+++ b/models/user.go
@@ -166,6 +166,8 @@ type User struct {
 	DiffViewStyle       string `xorm:"NOT NULL DEFAULT ''"`
 	Theme               string `xorm:"NOT NULL DEFAULT ''"`
 	KeepActivityPrivate bool   `xorm:"NOT NULL DEFAULT false"`
+	// Users may don't want to appear on /explore/users page.
+	HideFromExplorePage bool `xorm:"NOT NULL DEFAULT false"`
 }
 
 // SearchOrganizationsOptions options to filter organizations
diff --git a/options/locale/locale_en-US.ini b/options/locale/locale_en-US.ini
index 4df9965bcb07a..471ee7e66d8a0 100644
--- a/options/locale/locale_en-US.ini
+++ b/options/locale/locale_en-US.ini
@@ -473,6 +473,8 @@ ui = Theme
 privacy = Privacy
 keep_activity_private = Hide the activity from the profile page
 keep_activity_private_popup = Makes the activity visible only for you and the admins
+hide_from_explore_page = Hide user from explorabale service users page
+hide_from_explore_page_popup = Makes user visible only if mentioned in repo, commit, etc.
 
 lookup_avatar_by_mail = Look Up Avatar by Email Address
 federated_avatar_lookup = Federated Avatar Lookup
@@ -2236,6 +2238,8 @@ users.still_own_repo = This user still owns one or more repositories. Delete or
 users.still_has_org = This user is a member of an organization. Remove the user from any organizations first.
 users.deletion_success = The user account has been deleted.
 users.reset_2fa = Reset 2FA
+users.hide_from_explore_page = User do not appear on service explore page
+users.hide_from_explore_page_tooltip = Users may do not want to be anounced publicly. So they can be hided from that page. But they profile will be accesible by mentioning in commit, issue, etc.
 
 emails.email_manage_panel = User Email Management
 emails.primary = Primary
diff --git a/routers/user/setting/profile.go b/routers/user/setting/profile.go
index 8cde81f2954b9..f2d0542367e69 100644
--- a/routers/user/setting/profile.go
+++ b/routers/user/setting/profile.go
@@ -113,6 +113,7 @@ func ProfilePost(ctx *context.Context) {
 	}
 	ctx.User.Description = form.Description
 	ctx.User.KeepActivityPrivate = form.KeepActivityPrivate
+	ctx.User.HideFromExplorePage = form.HideFromExplorePage
 	if err := models.UpdateUserSetting(ctx.User); err != nil {
 		if _, ok := err.(models.ErrEmailAlreadyUsed); ok {
 			ctx.Flash.Error(ctx.Tr("form.email_been_used"))
diff --git a/services/forms/user_form.go b/services/forms/user_form.go
index 2c065dc5116a8..6378666dc01db 100644
--- a/services/forms/user_form.go
+++ b/services/forms/user_form.go
@@ -231,6 +231,7 @@ type UpdateProfileForm struct {
 	Language            string
 	Description         string `binding:"MaxSize(255)"`
 	KeepActivityPrivate bool
+	HideFromExplorePage bool
 }
 
 // Validate validates the fields
diff --git a/templates/admin/user/edit.tmpl b/templates/admin/user/edit.tmpl
index af01489c0af26..92eb2c9b3b8b5 100644
--- a/templates/admin/user/edit.tmpl
+++ b/templates/admin/user/edit.tmpl
@@ -120,6 +120,13 @@
 				</div>
 				{{end}}
 
+				<div class="inline field">
+					<div class="ui checkbox poping up" data-content="{{.i18n.Tr "admin.users.hide_from_explore_page_tooltip"}}" data-variation="very wide">
+						<label><strong>{{.i18n.Tr "admin.users.hide_from_explore_page"}}</strong></label>
+						<input name="hide_from_explore_page" type="checkbox" {{if .User.HideFromExplorePage}}checked{{end}}>
+					</div>
+				</div>
+
 				<div class="ui divider"></div>
 
 				<div class="field">
diff --git a/templates/explore/users.tmpl b/templates/explore/users.tmpl
index dff4e8c8be717..28cbd6d653b5a 100644
--- a/templates/explore/users.tmpl
+++ b/templates/explore/users.tmpl
@@ -6,6 +6,7 @@
 
 		<div class="ui user list">
 			{{range .Users}}
+				{{if not .HideFromExplorePage}}
 				<div class="item">
 					{{avatar .}}
 					<div class="content">
@@ -22,6 +23,7 @@
 						</div>
 					</div>
 				</div>
+				{{end}}
 			{{else}}
 				<div>{{$.i18n.Tr "explore.user_no_results"}}</div>
 			{{end}}
diff --git a/templates/user/settings/profile.tmpl b/templates/user/settings/profile.tmpl
index 9f07226632fcd..11c0c35291ccc 100644
--- a/templates/user/settings/profile.tmpl
+++ b/templates/user/settings/profile.tmpl
@@ -68,6 +68,13 @@
 						<input name="keep_activity_private" type="checkbox" {{if .SignedUser.KeepActivityPrivate}}checked{{end}}>
 					</div>
 				</div>
+				<div class="field">
+					<!-- continue of privacy settings -->
+					<div class="ui checkbox" id="hide_from_explore_page">
+						<label class="poping up" data-content="{{.i18n.Tr "settings.hide_from_explore_page_popup"}}"><strong>{{.i18n.Tr "settings.hide_from_explore_page"}}</strong></label>
+						<input name="hide_from_explore_page" type="checkbox" {{if .SignedUser.HideFromExplorePage}}checked{{end}}>
+					</div>
+				</div>
 				<div class="field">
 					<button class="ui green button">{{$.i18n.Tr "settings.update_profile"}}</button>
 				</div>

From 4d194d6ab7d37cfa7d755e379fae3564ea509337 Mon Sep 17 00:00:00 2001
From: Sergey Dryabzhinsky <sergey@rusoft.ru>
Date: Sat, 5 Jun 2021 01:12:33 +0300
Subject: [PATCH 02/67] Update admin user forms

---
 modules/structs/admin_user.go | 2 ++
 routers/api/v1/admin/user.go  | 7 +++++++
 services/forms/admin.go       | 4 +++-
 3 files changed, 12 insertions(+), 1 deletion(-)

diff --git a/modules/structs/admin_user.go b/modules/structs/admin_user.go
index 5da4e9608bea7..7896e02ae2ee7 100644
--- a/modules/structs/admin_user.go
+++ b/modules/structs/admin_user.go
@@ -19,6 +19,7 @@ type CreateUserOption struct {
 	Password           string `json:"password" binding:"Required;MaxSize(255)"`
 	MustChangePassword *bool  `json:"must_change_password"`
 	SendNotify         bool   `json:"send_notify"`
+	HideFromExplorePage *bool `json:"hide_from_explore_page"`
 }
 
 // EditUserOption edit user options
@@ -43,4 +44,5 @@ type EditUserOption struct {
 	ProhibitLogin           *bool   `json:"prohibit_login"`
 	AllowCreateOrganization *bool   `json:"allow_create_organization"`
 	Restricted              *bool   `json:"restricted"`
+	HideFromExplorePage     *bool   `json:"hide_from_explore_page"`
 }
diff --git a/routers/api/v1/admin/user.go b/routers/api/v1/admin/user.go
index 4bbe7f77ba2ea..719cb70e461c0 100644
--- a/routers/api/v1/admin/user.go
+++ b/routers/api/v1/admin/user.go
@@ -74,10 +74,14 @@ func CreateUser(ctx *context.APIContext) {
 		MustChangePassword: true,
 		IsActive:           true,
 		LoginType:          models.LoginPlain,
+		HideFromExplorePage: false,
 	}
 	if form.MustChangePassword != nil {
 		u.MustChangePassword = *form.MustChangePassword
 	}
+	if form.HideFromExplorePage != nil {
+		u.HideFromExplorePage = *form.HideFromExplorePage
+	}
 
 	parseLoginSource(ctx, u, form.SourceID, form.LoginName)
 	if ctx.Written() {
@@ -230,6 +234,9 @@ func EditUser(ctx *context.APIContext) {
 	if form.Restricted != nil {
 		u.IsRestricted = *form.Restricted
 	}
+	if form.HideFromExplorePage != nil {
+		u.HideFromExplorePage = *form.HideFromExplorePage
+	}
 
 	if err := models.UpdateUser(u); err != nil {
 		if models.IsErrEmailAlreadyUsed(err) || models.IsErrEmailInvalid(err) {
diff --git a/services/forms/admin.go b/services/forms/admin.go
index 2e6bbaf172019..3a250a32a5290 100644
--- a/services/forms/admin.go
+++ b/services/forms/admin.go
@@ -21,7 +21,8 @@ type AdminCreateUserForm struct {
 	Email              string `binding:"Required;Email;MaxSize(254)"`
 	Password           string `binding:"MaxSize(255)"`
 	SendNotify         bool
-	MustChangePassword bool
+	MustChangePassword  bool
+	HideFromExplorePage bool
 }
 
 // Validate validates form fields
@@ -49,6 +50,7 @@ type AdminEditUserForm struct {
 	AllowCreateOrganization bool
 	ProhibitLogin           bool
 	Reset2FA                bool `form:"reset_2fa"`
+	HideFromExplorePage     bool
 }
 
 // Validate validates form fields

From 62f2bd9d65017e481533e7c2391c7f0193fef92b Mon Sep 17 00:00:00 2001
From: Sergey Dryabzhinsky <sergey@rusoft.ru>
Date: Sat, 5 Jun 2021 01:16:04 +0300
Subject: [PATCH 03/67] Update template for new user by admin

---
 templates/admin/user/new.tmpl | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/templates/admin/user/new.tmpl b/templates/admin/user/new.tmpl
index 885045dd02708..bcd4f9f52c082 100644
--- a/templates/admin/user/new.tmpl
+++ b/templates/admin/user/new.tmpl
@@ -59,6 +59,13 @@
 					</div>
 				{{end}}
 
+				<div class="inline field">
+					<div class="ui checkbox poping up" data-content="{{.i18n.Tr "admin.users.hide_from_explore_page_tooltip"}}" data-variation="very wide">
+						<label><strong>{{.i18n.Tr "admin.users.hide_from_explore_page"}}</strong></label>
+						<input name="hide_from_explore_page" type="checkbox" {{if .User.HideFromExplorePage}}checked{{end}}>
+					</div>
+				</div>
+
 				<div class="field">
 					<button class="ui green button">{{.i18n.Tr "admin.users.new_account"}}</button>
 				</div>

From 1258a6e6d2d8e2c591da6003f1cefab6d1739e68 Mon Sep 17 00:00:00 2001
From: Sergey Dryabzhinsky <sergey@rusoft.ru>
Date: Sat, 5 Jun 2021 01:21:40 +0300
Subject: [PATCH 04/67] Add migration to list to process

---
 models/migrations/migrations.go | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/models/migrations/migrations.go b/models/migrations/migrations.go
index d440722c96f8c..e20d2cccffaf6 100644
--- a/models/migrations/migrations.go
+++ b/models/migrations/migrations.go
@@ -311,6 +311,8 @@ var migrations = []Migration{
 	NewMigration("Convert avatar url to text", convertAvatarURLToText),
 	// v180 -> v181
 	NewMigration("Delete credentials from past migrations", deleteMigrationCredentials),
+	// v181 -> v182
+	NewMigration("Add column to User to allow them hide self from explore/users page", addHideFromExplorePageUserColumn),
 }
 
 // GetCurrentDBVersion returns the current db version

From 51520a362803ebb5c2280dfd7254e1c023cda40e Mon Sep 17 00:00:00 2001
From: Sergey Dryabzhinsky <sergey@rusoft.ru>
Date: Sat, 5 Jun 2021 01:37:08 +0300
Subject: [PATCH 05/67] Format files

---
 modules/structs/admin_user.go |  8 ++++----
 routers/api/v1/admin/user.go  | 14 +++++++-------
 services/forms/admin.go       | 12 ++++++------
 3 files changed, 17 insertions(+), 17 deletions(-)

diff --git a/modules/structs/admin_user.go b/modules/structs/admin_user.go
index 7896e02ae2ee7..8fd80bc3d2034 100644
--- a/modules/structs/admin_user.go
+++ b/modules/structs/admin_user.go
@@ -16,10 +16,10 @@ type CreateUserOption struct {
 	// swagger:strfmt email
 	Email string `json:"email" binding:"Required;Email;MaxSize(254)"`
 	// required: true
-	Password           string `json:"password" binding:"Required;MaxSize(255)"`
-	MustChangePassword *bool  `json:"must_change_password"`
-	SendNotify         bool   `json:"send_notify"`
-	HideFromExplorePage *bool `json:"hide_from_explore_page"`
+	Password            string `json:"password" binding:"Required;MaxSize(255)"`
+	MustChangePassword  *bool  `json:"must_change_password"`
+	SendNotify          bool   `json:"send_notify"`
+	HideFromExplorePage *bool  `json:"hide_from_explore_page"`
 }
 
 // EditUserOption edit user options
diff --git a/routers/api/v1/admin/user.go b/routers/api/v1/admin/user.go
index 719cb70e461c0..87d483e5ec7db 100644
--- a/routers/api/v1/admin/user.go
+++ b/routers/api/v1/admin/user.go
@@ -67,13 +67,13 @@ func CreateUser(ctx *context.APIContext) {
 	//     "$ref": "#/responses/validationError"
 	form := web.GetForm(ctx).(*api.CreateUserOption)
 	u := &models.User{
-		Name:               form.Username,
-		FullName:           form.FullName,
-		Email:              form.Email,
-		Passwd:             form.Password,
-		MustChangePassword: true,
-		IsActive:           true,
-		LoginType:          models.LoginPlain,
+		Name:                form.Username,
+		FullName:            form.FullName,
+		Email:               form.Email,
+		Passwd:              form.Password,
+		MustChangePassword:  true,
+		IsActive:            true,
+		LoginType:           models.LoginPlain,
 		HideFromExplorePage: false,
 	}
 	if form.MustChangePassword != nil {
diff --git a/services/forms/admin.go b/services/forms/admin.go
index 3a250a32a5290..58979237f1682 100644
--- a/services/forms/admin.go
+++ b/services/forms/admin.go
@@ -15,12 +15,12 @@ import (
 
 // AdminCreateUserForm form for admin to create user
 type AdminCreateUserForm struct {
-	LoginType          string `binding:"Required"`
-	LoginName          string
-	UserName           string `binding:"Required;AlphaDashDot;MaxSize(40)"`
-	Email              string `binding:"Required;Email;MaxSize(254)"`
-	Password           string `binding:"MaxSize(255)"`
-	SendNotify         bool
+	LoginType           string `binding:"Required"`
+	LoginName           string
+	UserName            string `binding:"Required;AlphaDashDot;MaxSize(40)"`
+	Email               string `binding:"Required;Email;MaxSize(254)"`
+	Password            string `binding:"MaxSize(255)"`
+	SendNotify          bool
 	MustChangePassword  bool
 	HideFromExplorePage bool
 }

From 8064e02326a313a5ca62625da704d92d6687f00f Mon Sep 17 00:00:00 2001
From: Sergey Dryabzhinsky <sergey@rusoft.ru>
Date: Sat, 5 Jun 2021 02:15:14 +0300
Subject: [PATCH 06/67] Update swagger template

---
 templates/swagger/v1_json.tmpl | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/templates/swagger/v1_json.tmpl b/templates/swagger/v1_json.tmpl
index e3ac4a4c8a68c..66a9bd8a74594 100644
--- a/templates/swagger/v1_json.tmpl
+++ b/templates/swagger/v1_json.tmpl
@@ -13014,6 +13014,10 @@
           "type": "string",
           "x-go-name": "FullName"
         },
+        "hide_from_explore_page": {
+          "type": "boolean",
+          "x-go-name": "HideFromExplorePage"
+        },
         "login_name": {
           "type": "string",
           "x-go-name": "LoginName"
@@ -13813,6 +13817,10 @@
           "type": "string",
           "x-go-name": "FullName"
         },
+        "hide_from_explore_page": {
+          "type": "boolean",
+          "x-go-name": "HideFromExplorePage"
+        },
         "location": {
           "type": "string",
           "x-go-name": "Location"

From 9d5447fbb8ce54845221058e3791500a859020f9 Mon Sep 17 00:00:00 2001
From: Sergey Dryabzhinsky <sergey@rusoft.ru>
Date: Sat, 5 Jun 2021 07:27:07 +0300
Subject: [PATCH 07/67] Filter users via query, not in template

---
 models/user.go               | 21 +++++++++++++--------
 routers/home.go              | 11 ++++++-----
 templates/explore/users.tmpl |  2 --
 3 files changed, 19 insertions(+), 15 deletions(-)

diff --git a/models/user.go b/models/user.go
index a99fe6735006a..3054ecd9f5686 100644
--- a/models/user.go
+++ b/models/user.go
@@ -1558,14 +1558,15 @@ func GetUser(user *User) (bool, error) {
 // SearchUserOptions contains the options for searching
 type SearchUserOptions struct {
 	ListOptions
-	Keyword       string
-	Type          UserType
-	UID           int64
-	OrderBy       SearchOrderBy
-	Visible       []structs.VisibleType
-	Actor         *User // The user doing the search
-	IsActive      util.OptionalBool
-	SearchByEmail bool // Search by email as well as username/full name
+	Keyword             string
+	Type                UserType
+	UID                 int64
+	OrderBy             SearchOrderBy
+	Visible             []structs.VisibleType
+	Actor               *User // The user doing the search
+	IsActive            util.OptionalBool
+	HideFromExplorePage util.OptionalBool
+	SearchByEmail       bool // Search by email as well as username/full name
 }
 
 func (opts *SearchUserOptions) toConds() builder.Cond {
@@ -1619,6 +1620,10 @@ func (opts *SearchUserOptions) toConds() builder.Cond {
 		cond = cond.And(builder.Eq{"is_active": opts.IsActive.IsTrue()})
 	}
 
+	if !opts.HideFromExplorePage.IsNone() {
+		cond = cond.And(builder.Eq{"hide_from_explore_page": opts.HideFromExplorePage.IsTrue()})
+	}
+
 	return cond
 }
 
diff --git a/routers/home.go b/routers/home.go
index 7eaebc081fd4e..c402eebfac557 100644
--- a/routers/home.go
+++ b/routers/home.go
@@ -259,11 +259,12 @@ func ExploreUsers(ctx *context.Context) {
 	ctx.Data["IsRepoIndexerEnabled"] = setting.Indexer.RepoIndexerEnabled
 
 	RenderUserSearch(ctx, &models.SearchUserOptions{
-		Actor:       ctx.User,
-		Type:        models.UserTypeIndividual,
-		ListOptions: models.ListOptions{PageSize: setting.UI.ExplorePagingNum},
-		IsActive:    util.OptionalBoolTrue,
-		Visible:     []structs.VisibleType{structs.VisibleTypePublic, structs.VisibleTypeLimited, structs.VisibleTypePrivate},
+		Actor:               ctx.User,
+		Type:                models.UserTypeIndividual,
+		ListOptions:         models.ListOptions{PageSize: setting.UI.ExplorePagingNum},
+		IsActive:            util.OptionalBoolTrue,
+		HideFromExplorePage: util.OptionalBoolFalse,
+		Visible:             []structs.VisibleType{structs.VisibleTypePublic, structs.VisibleTypeLimited, structs.VisibleTypePrivate},
 	}, tplExploreUsers)
 }
 
diff --git a/templates/explore/users.tmpl b/templates/explore/users.tmpl
index 28cbd6d653b5a..dff4e8c8be717 100644
--- a/templates/explore/users.tmpl
+++ b/templates/explore/users.tmpl
@@ -6,7 +6,6 @@
 
 		<div class="ui user list">
 			{{range .Users}}
-				{{if not .HideFromExplorePage}}
 				<div class="item">
 					{{avatar .}}
 					<div class="content">
@@ -23,7 +22,6 @@
 						</div>
 					</div>
 				</div>
-				{{end}}
 			{{else}}
 				<div>{{$.i18n.Tr "explore.user_no_results"}}</div>
 			{{end}}

From f0b582cfed84fe06cfc7fc7c5520a75d49652202 Mon Sep 17 00:00:00 2001
From: Sergey Dryabzhinsky <sergey@rusoft.ru>
Date: Sat, 5 Jun 2021 07:32:02 +0300
Subject: [PATCH 08/67] Fix user edit by admin - store new field

---
 routers/admin/users.go | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/routers/admin/users.go b/routers/admin/users.go
index a71a11dd8a225..e16d4dc1330ca 100644
--- a/routers/admin/users.go
+++ b/routers/admin/users.go
@@ -126,6 +126,9 @@ func NewUserPost(ctx *context.Context) {
 		}
 		u.MustChangePassword = form.MustChangePassword
 	}
+
+	u.HideFromExplorePage = form.HideFromExplorePage
+
 	if err := models.CreateUser(u); err != nil {
 		switch {
 		case models.IsErrUserAlreadyExist(err):
@@ -311,6 +314,7 @@ func EditUserPost(ctx *context.Context) {
 	u.AllowGitHook = form.AllowGitHook
 	u.AllowImportLocal = form.AllowImportLocal
 	u.AllowCreateOrganization = form.AllowCreateOrganization
+	u.HideFromExplorePage = form.HideFromExplorePage
 
 	// skip self Prohibit Login
 	if ctx.User.ID == u.ID {

From 266bee8be43ab8831f239331aacd8c106a17829e Mon Sep 17 00:00:00 2001
From: Sergey Dryabzhinsky <sergey@rusoft.ru>
Date: Sat, 5 Jun 2021 07:36:48 +0300
Subject: [PATCH 09/67] Update locale strings for user profile page

---
 options/locale/locale_en-US.ini | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/options/locale/locale_en-US.ini b/options/locale/locale_en-US.ini
index 471ee7e66d8a0..992c96951a1fb 100644
--- a/options/locale/locale_en-US.ini
+++ b/options/locale/locale_en-US.ini
@@ -473,8 +473,8 @@ ui = Theme
 privacy = Privacy
 keep_activity_private = Hide the activity from the profile page
 keep_activity_private_popup = Makes the activity visible only for you and the admins
-hide_from_explore_page = Hide user from explorabale service users page
-hide_from_explore_page_popup = Makes user visible only if mentioned in repo, commit, etc.
+hide_from_explore_page = Hide me from public "explore users" page
+hide_from_explore_page_popup = Make me visible only by mention in repo, commit, etc. And hide from public "explore users" page.
 
 lookup_avatar_by_mail = Look Up Avatar by Email Address
 federated_avatar_lookup = Federated Avatar Lookup
@@ -2238,7 +2238,7 @@ users.still_own_repo = This user still owns one or more repositories. Delete or
 users.still_has_org = This user is a member of an organization. Remove the user from any organizations first.
 users.deletion_success = The user account has been deleted.
 users.reset_2fa = Reset 2FA
-users.hide_from_explore_page = User do not appear on service explore page
+users.hide_from_explore_page = User do not want to appear on service explore page
 users.hide_from_explore_page_tooltip = Users may do not want to be anounced publicly. So they can be hided from that page. But they profile will be accesible by mentioning in commit, issue, etc.
 
 emails.email_manage_panel = User Email Management

From b419594c30968b924c6ed202ec79e15202b16696 Mon Sep 17 00:00:00 2001
From: Sergey Dryabzhinsky <sergey@rusoft.ru>
Date: Sun, 6 Jun 2021 23:14:50 +0300
Subject: [PATCH 10/67] Hide user from public api user/userSearch by swagger,
 only there

---
 routers/api/v1/user/user.go | 10 ++++++----
 1 file changed, 6 insertions(+), 4 deletions(-)

diff --git a/routers/api/v1/user/user.go b/routers/api/v1/user/user.go
index 6e811bf0f8a4d..95fadc60c6b19 100644
--- a/routers/api/v1/user/user.go
+++ b/routers/api/v1/user/user.go
@@ -14,6 +14,7 @@ import (
 	"code.gitea.io/gitea/modules/context"
 	"code.gitea.io/gitea/modules/convert"
 	api "code.gitea.io/gitea/modules/structs"
+	"code.gitea.io/gitea/modules/util"
 	"code.gitea.io/gitea/routers/api/v1/utils"
 )
 
@@ -58,10 +59,11 @@ func Search(ctx *context.APIContext) {
 	listOptions := utils.GetListOptions(ctx)
 
 	opts := &models.SearchUserOptions{
-		Keyword:     strings.Trim(ctx.Query("q"), " "),
-		UID:         ctx.QueryInt64("uid"),
-		Type:        models.UserTypeIndividual,
-		ListOptions: listOptions,
+		Keyword:             strings.Trim(ctx.Query("q"), " "),
+		UID:                 ctx.QueryInt64("uid"),
+		Type:                models.UserTypeIndividual,
+		ListOptions:         listOptions,
+		HideFromExplorePage: util.OptionalBoolFalse, // As api is public - respect user privacy
 	}
 
 	users, maxResults, err := models.SearchUsers(opts)

From 0194b9dcbf53afd5a712b5e68f770252b45f0170 Mon Sep 17 00:00:00 2001
From: Sergey Dryabzhinsky <sergey@rusoft.ru>
Date: Mon, 7 Jun 2021 00:06:08 +0300
Subject: [PATCH 11/67] Simplify userSearch limits if hide_from_explore_page
 set

- check for Admin actor
- first test for new column value
---
 models/fixtures/user.yml     |  1 +
 models/user.go               | 27 ++++++++++++++-------------
 modules/convert/user.go      |  1 +
 modules/convert/user_test.go |  7 +++++++
 modules/structs/user.go      |  2 ++
 routers/api/v1/user/user.go  |  9 ++++-----
 6 files changed, 29 insertions(+), 18 deletions(-)

diff --git a/models/fixtures/user.yml b/models/fixtures/user.yml
index d903a7942f81b..0fcdf747c811a 100644
--- a/models/fixtures/user.yml
+++ b/models/fixtures/user.yml
@@ -50,6 +50,7 @@
   type: 1 # organization
   salt: ZogKvWdyEx
   is_admin: false
+  hide_from_explode_page: true
   avatar: avatar3
   avatar_email: user3@example.com
   num_repos: 3
diff --git a/models/user.go b/models/user.go
index 3054ecd9f5686..3be2294e54190 100644
--- a/models/user.go
+++ b/models/user.go
@@ -1558,15 +1558,14 @@ func GetUser(user *User) (bool, error) {
 // SearchUserOptions contains the options for searching
 type SearchUserOptions struct {
 	ListOptions
-	Keyword             string
-	Type                UserType
-	UID                 int64
-	OrderBy             SearchOrderBy
-	Visible             []structs.VisibleType
-	Actor               *User // The user doing the search
-	IsActive            util.OptionalBool
-	HideFromExplorePage util.OptionalBool
-	SearchByEmail       bool // Search by email as well as username/full name
+	Keyword       string
+	Type          UserType
+	UID           int64
+	OrderBy       SearchOrderBy
+	Visible       []structs.VisibleType
+	Actor         *User // The user doing the search
+	IsActive      util.OptionalBool
+	SearchByEmail bool // Search by email as well as username/full name
 }
 
 func (opts *SearchUserOptions) toConds() builder.Cond {
@@ -1610,6 +1609,12 @@ func (opts *SearchUserOptions) toConds() builder.Cond {
 			accessCond = builder.In("id", builder.Select("org_id").From("org_user").LeftJoin("`user`", exprCond).Where(builder.And(builder.Eq{"uid": opts.Actor.ID})))
 		}
 		cond = cond.And(accessCond)
+
+		if !opts.Actor.IsAdmin {
+			cond = cond.And(builder.Eq{"hide_from_explore_page": false}.Or(builder.Eq{"id": opts.Actor.ID}))
+		}
+	} else {
+		cond = cond.And(builder.Eq{"hide_from_explore_page": false})
 	}
 
 	if opts.UID > 0 {
@@ -1620,10 +1625,6 @@ func (opts *SearchUserOptions) toConds() builder.Cond {
 		cond = cond.And(builder.Eq{"is_active": opts.IsActive.IsTrue()})
 	}
 
-	if !opts.HideFromExplorePage.IsNone() {
-		cond = cond.And(builder.Eq{"hide_from_explore_page": opts.HideFromExplorePage.IsTrue()})
-	}
-
 	return cond
 }
 
diff --git a/modules/convert/user.go b/modules/convert/user.go
index 088ede5add507..dede9f32925f8 100644
--- a/modules/convert/user.go
+++ b/modules/convert/user.go
@@ -56,6 +56,7 @@ func toUser(user *models.User, signed, authed bool) *api.User {
 	// only site admin will get these information and possibly user himself
 	if authed {
 		result.IsAdmin = user.IsAdmin
+		result.HideFromExplorePage = user.HideFromExplorePage
 		result.LastLogin = user.LastLoginUnix.AsTime()
 		result.Language = user.Language
 		result.IsActive = user.IsActive
diff --git a/modules/convert/user_test.go b/modules/convert/user_test.go
index 7837910ffecb3..9db23bb22e133 100644
--- a/modules/convert/user_test.go
+++ b/modules/convert/user_test.go
@@ -27,4 +27,11 @@ func TestUser_ToUser(t *testing.T) {
 
 	apiUser = toUser(user1, false, false)
 	assert.False(t, apiUser.IsAdmin)
+
+	user3 := models.AssertExistsAndLoadBean(t, &models.User{ID: 3, IsAdmin: false}).(*models.User)
+
+	apiUser = toUser(user3, true, true)
+	assert.False(t, apiUser.IsAdmin)
+	assert.True(t, apiUser.HideFromExplorePage)
+
 }
diff --git a/modules/structs/user.go b/modules/structs/user.go
index 2dbc5305382ab..6bbb8dc3d6ac8 100644
--- a/modules/structs/user.go
+++ b/modules/structs/user.go
@@ -43,6 +43,8 @@ type User struct {
 	Website string `json:"website"`
 	// the user's description
 	Description string `json:"description"`
+	// user hides from public
+	HideFromExplorePage bool `json:"hide_from_explore_page"`
 }
 
 // MarshalJSON implements the json.Marshaler interface for User, adding field(s) for backward compatibility
diff --git a/routers/api/v1/user/user.go b/routers/api/v1/user/user.go
index 95fadc60c6b19..73aa3d71aba4b 100644
--- a/routers/api/v1/user/user.go
+++ b/routers/api/v1/user/user.go
@@ -59,11 +59,10 @@ func Search(ctx *context.APIContext) {
 	listOptions := utils.GetListOptions(ctx)
 
 	opts := &models.SearchUserOptions{
-		Keyword:             strings.Trim(ctx.Query("q"), " "),
-		UID:                 ctx.QueryInt64("uid"),
-		Type:                models.UserTypeIndividual,
-		ListOptions:         listOptions,
-		HideFromExplorePage: util.OptionalBoolFalse, // As api is public - respect user privacy
+		Keyword:     strings.Trim(ctx.Query("q"), " "),
+		UID:         ctx.QueryInt64("uid"),
+		Type:        models.UserTypeIndividual,
+		ListOptions: listOptions,
 	}
 
 	users, maxResults, err := models.SearchUsers(opts)

From 1fe1a41e4cb1b70fc5019f2e370a596bc21066d8 Mon Sep 17 00:00:00 2001
From: Sergey Dryabzhinsky <sergey@rusoft.ru>
Date: Mon, 7 Jun 2021 00:07:43 +0300
Subject: [PATCH 12/67] Check user2 too

---
 modules/convert/user_test.go | 1 +
 1 file changed, 1 insertion(+)

diff --git a/modules/convert/user_test.go b/modules/convert/user_test.go
index 9db23bb22e133..55207b96cb674 100644
--- a/modules/convert/user_test.go
+++ b/modules/convert/user_test.go
@@ -27,6 +27,7 @@ func TestUser_ToUser(t *testing.T) {
 
 	apiUser = toUser(user1, false, false)
 	assert.False(t, apiUser.IsAdmin)
+	assert.False(t, apiUser.HideFromExplorePage)
 
 	user3 := models.AssertExistsAndLoadBean(t, &models.User{ID: 3, IsAdmin: false}).(*models.User)
 

From 9e68bb7c23a2e1dc668742015da4bc3a7cb117ba Mon Sep 17 00:00:00 2001
From: Sergey Dryabzhinsky <sergey@rusoft.ru>
Date: Mon, 7 Jun 2021 00:08:32 +0300
Subject: [PATCH 13/67] And add new colum for select

---
 modules/convert/user_test.go | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/modules/convert/user_test.go b/modules/convert/user_test.go
index 55207b96cb674..a5637fb8feee4 100644
--- a/modules/convert/user_test.go
+++ b/modules/convert/user_test.go
@@ -29,7 +29,7 @@ func TestUser_ToUser(t *testing.T) {
 	assert.False(t, apiUser.IsAdmin)
 	assert.False(t, apiUser.HideFromExplorePage)
 
-	user3 := models.AssertExistsAndLoadBean(t, &models.User{ID: 3, IsAdmin: false}).(*models.User)
+	user3 := models.AssertExistsAndLoadBean(t, &models.User{ID: 3, IsAdmin: false, HideFromExplorePage: true}).(*models.User)
 
 	apiUser = toUser(user3, true, true)
 	assert.False(t, apiUser.IsAdmin)

From f6fbef737e38313632d47fa3558357bcb0622c23 Mon Sep 17 00:00:00 2001
From: Sergey Dryabzhinsky <sergey@rusoft.ru>
Date: Mon, 7 Jun 2021 00:12:43 +0300
Subject: [PATCH 14/67] Add 2 tests for api_user_search

---
 integrations/api_user_search_test.go | 30 ++++++++++++++++++++++++++++
 routers/api/v1/user/user.go          |  1 -
 2 files changed, 30 insertions(+), 1 deletion(-)

diff --git a/integrations/api_user_search_test.go b/integrations/api_user_search_test.go
index c5295fbba5dad..0ec97a486c48c 100644
--- a/integrations/api_user_search_test.go
+++ b/integrations/api_user_search_test.go
@@ -59,3 +59,33 @@ func TestAPIUserSearchNotLoggedIn(t *testing.T) {
 		}
 	}
 }
+
+func TestAPIUserSearchAdminLoggedInUserHidden(t *testing.T) {
+	defer prepareTestEnv(t)()
+	adminUsername := "user1"
+	session := loginUser(t, adminUsername)
+	token := getTokenForLoggedInUser(t, session)
+	query := "user3"
+	req := NewRequestf(t, "GET", "/api/v1/users/search?token=%s&q=%s", token, query)
+	resp := session.MakeRequest(t, req, http.StatusOK)
+
+	var results SearchResults
+	DecodeJSON(t, resp, &results)
+	assert.NotEmpty(t, results.Data)
+	for _, user := range results.Data {
+		assert.Contains(t, user.UserName, query)
+		assert.NotEmpty(t, user.Email)
+		assert.True(t, user.HideFromExplorePage)
+	}
+}
+
+func TestAPIUserSearchNotLoggedInUserHidden(t *testing.T) {
+	defer prepareTestEnv(t)()
+	query := "user3"
+	req := NewRequestf(t, "GET", "/api/v1/users/search?token=%s&q=%s", token, query)
+	resp := session.MakeRequest(t, req, http.StatusOK)
+
+	var results SearchResults
+	DecodeJSON(t, resp, &results)
+	assert.Empty(t, results.Data)
+}
diff --git a/routers/api/v1/user/user.go b/routers/api/v1/user/user.go
index 73aa3d71aba4b..6e811bf0f8a4d 100644
--- a/routers/api/v1/user/user.go
+++ b/routers/api/v1/user/user.go
@@ -14,7 +14,6 @@ import (
 	"code.gitea.io/gitea/modules/context"
 	"code.gitea.io/gitea/modules/convert"
 	api "code.gitea.io/gitea/modules/structs"
-	"code.gitea.io/gitea/modules/util"
 	"code.gitea.io/gitea/routers/api/v1/utils"
 )
 

From 71bf39746fe3065a18745d428f2ef228d0e5a1e0 Mon Sep 17 00:00:00 2001
From: Sergey Dryabzhinsky <sergey@rusoft.ru>
Date: Mon, 7 Jun 2021 00:15:40 +0300
Subject: [PATCH 15/67] Remove useles field

---
 routers/home.go | 11 +++++------
 1 file changed, 5 insertions(+), 6 deletions(-)

diff --git a/routers/home.go b/routers/home.go
index c402eebfac557..7eaebc081fd4e 100644
--- a/routers/home.go
+++ b/routers/home.go
@@ -259,12 +259,11 @@ func ExploreUsers(ctx *context.Context) {
 	ctx.Data["IsRepoIndexerEnabled"] = setting.Indexer.RepoIndexerEnabled
 
 	RenderUserSearch(ctx, &models.SearchUserOptions{
-		Actor:               ctx.User,
-		Type:                models.UserTypeIndividual,
-		ListOptions:         models.ListOptions{PageSize: setting.UI.ExplorePagingNum},
-		IsActive:            util.OptionalBoolTrue,
-		HideFromExplorePage: util.OptionalBoolFalse,
-		Visible:             []structs.VisibleType{structs.VisibleTypePublic, structs.VisibleTypeLimited, structs.VisibleTypePrivate},
+		Actor:       ctx.User,
+		Type:        models.UserTypeIndividual,
+		ListOptions: models.ListOptions{PageSize: setting.UI.ExplorePagingNum},
+		IsActive:    util.OptionalBoolTrue,
+		Visible:     []structs.VisibleType{structs.VisibleTypePublic, structs.VisibleTypeLimited, structs.VisibleTypePrivate},
 	}, tplExploreUsers)
 }
 

From 99257245269d7c94e4e750acfbf09fa3f34fd5c1 Mon Sep 17 00:00:00 2001
From: Sergey Dryabzhinsky <sergey@rusoft.ru>
Date: Mon, 7 Jun 2021 00:19:18 +0300
Subject: [PATCH 16/67] Fix test unused/undeclared vars

---
 integrations/api_user_search_test.go | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/integrations/api_user_search_test.go b/integrations/api_user_search_test.go
index 0ec97a486c48c..e7e076486858c 100644
--- a/integrations/api_user_search_test.go
+++ b/integrations/api_user_search_test.go
@@ -83,7 +83,7 @@ func TestAPIUserSearchNotLoggedInUserHidden(t *testing.T) {
 	defer prepareTestEnv(t)()
 	query := "user3"
 	req := NewRequestf(t, "GET", "/api/v1/users/search?token=%s&q=%s", token, query)
-	resp := session.MakeRequest(t, req, http.StatusOK)
+	resp := MakeRequest(t, req, http.StatusOK)
 
 	var results SearchResults
 	DecodeJSON(t, resp, &results)

From 6580f93e5d727d0d97e914f5992c741bbc52327b Mon Sep 17 00:00:00 2001
From: Sergey Dryabzhinsky <sergey@rusoft.ru>
Date: Mon, 7 Jun 2021 00:20:55 +0300
Subject: [PATCH 17/67] Fix request string formating

---
 integrations/api_user_search_test.go | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/integrations/api_user_search_test.go b/integrations/api_user_search_test.go
index e7e076486858c..3784f16f32b1c 100644
--- a/integrations/api_user_search_test.go
+++ b/integrations/api_user_search_test.go
@@ -82,7 +82,7 @@ func TestAPIUserSearchAdminLoggedInUserHidden(t *testing.T) {
 func TestAPIUserSearchNotLoggedInUserHidden(t *testing.T) {
 	defer prepareTestEnv(t)()
 	query := "user3"
-	req := NewRequestf(t, "GET", "/api/v1/users/search?token=%s&q=%s", token, query)
+	req := NewRequestf(t, "GET", "/api/v1/users/search?q=%s", query)
 	resp := MakeRequest(t, req, http.StatusOK)
 
 	var results SearchResults

From 132a7277ee9de2e764665b6cce255f8d82bf6002 Mon Sep 17 00:00:00 2001
From: Sergey Dryabzhinsky <sergey@rusoft.ru>
Date: Mon, 7 Jun 2021 00:29:55 +0300
Subject: [PATCH 18/67] Update swapper template

---
 templates/swagger/v1_json.tmpl | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/templates/swagger/v1_json.tmpl b/templates/swagger/v1_json.tmpl
index 66a9bd8a74594..c4c2bea757563 100644
--- a/templates/swagger/v1_json.tmpl
+++ b/templates/swagger/v1_json.tmpl
@@ -16288,6 +16288,11 @@
           "type": "string",
           "x-go-name": "FullName"
         },
+        "hide_from_explore_page": {
+          "description": "user hides from public",
+          "type": "boolean",
+          "x-go-name": "HideFromExplorePage"
+        },        
         "id": {
           "description": "the user's id",
           "type": "integer",

From 3d74a8482cb8504b0dec0744a5d664f5dd6d05d0 Mon Sep 17 00:00:00 2001
From: Sergey Dryabzhinsky <sergey@rusoft.ru>
Date: Mon, 7 Jun 2021 00:57:46 +0300
Subject: [PATCH 19/67] Remove whitespace

---
 templates/swagger/v1_json.tmpl | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/templates/swagger/v1_json.tmpl b/templates/swagger/v1_json.tmpl
index c4c2bea757563..ebc2889eab8df 100644
--- a/templates/swagger/v1_json.tmpl
+++ b/templates/swagger/v1_json.tmpl
@@ -16292,7 +16292,7 @@
           "description": "user hides from public",
           "type": "boolean",
           "x-go-name": "HideFromExplorePage"
-        },        
+        },
         "id": {
           "description": "the user's id",
           "type": "integer",

From 5cb908c9d965c3e4c7499d88301a9a31b8f57a5e Mon Sep 17 00:00:00 2001
From: Sergey Dryabzhinsky <sergey@rusoft.ru>
Date: Mon, 7 Jun 2021 02:38:46 +0300
Subject: [PATCH 20/67] Typo in fixture

---
 models/fixtures/user.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/models/fixtures/user.yml b/models/fixtures/user.yml
index 0fcdf747c811a..fd0fc648d4a62 100644
--- a/models/fixtures/user.yml
+++ b/models/fixtures/user.yml
@@ -50,7 +50,7 @@
   type: 1 # organization
   salt: ZogKvWdyEx
   is_admin: false
-  hide_from_explode_page: true
+  hide_from_explore_page: true
   avatar: avatar3
   avatar_email: user3@example.com
   num_repos: 3

From 39df5f335ec02409fe9f12bd5dd594b4f148b6c3 Mon Sep 17 00:00:00 2001
From: Sergey Dryabzhinsky <sergey@rusoft.ru>
Date: Mon, 7 Jun 2021 02:41:43 +0300
Subject: [PATCH 21/67] Don't break old tests, use new user31

---
 integrations/api_user_search_test.go |  4 ++--
 models/fixtures/user.yml             | 19 ++++++++++++++++++-
 2 files changed, 20 insertions(+), 3 deletions(-)

diff --git a/integrations/api_user_search_test.go b/integrations/api_user_search_test.go
index 3784f16f32b1c..4ae6d113a2401 100644
--- a/integrations/api_user_search_test.go
+++ b/integrations/api_user_search_test.go
@@ -65,7 +65,7 @@ func TestAPIUserSearchAdminLoggedInUserHidden(t *testing.T) {
 	adminUsername := "user1"
 	session := loginUser(t, adminUsername)
 	token := getTokenForLoggedInUser(t, session)
-	query := "user3"
+	query := "user31"
 	req := NewRequestf(t, "GET", "/api/v1/users/search?token=%s&q=%s", token, query)
 	resp := session.MakeRequest(t, req, http.StatusOK)
 
@@ -81,7 +81,7 @@ func TestAPIUserSearchAdminLoggedInUserHidden(t *testing.T) {
 
 func TestAPIUserSearchNotLoggedInUserHidden(t *testing.T) {
 	defer prepareTestEnv(t)()
-	query := "user3"
+	query := "user31"
 	req := NewRequestf(t, "GET", "/api/v1/users/search?q=%s", query)
 	resp := MakeRequest(t, req, http.StatusOK)
 
diff --git a/models/fixtures/user.yml b/models/fixtures/user.yml
index fd0fc648d4a62..f6b91fdb28267 100644
--- a/models/fixtures/user.yml
+++ b/models/fixtures/user.yml
@@ -50,7 +50,6 @@
   type: 1 # organization
   salt: ZogKvWdyEx
   is_admin: false
-  hide_from_explore_page: true
   avatar: avatar3
   avatar_email: user3@example.com
   num_repos: 3
@@ -526,3 +525,21 @@
   avatar_email: user30@example.com
   num_repos: 2
   is_active: true
+
+  -
+  id: 31
+  lower_name: user31
+  name: user31
+  full_name: " <<<< >> >> > >> > >>> >> "
+  email: user31@example.com
+  email_notifications_preference: onmention
+  passwd_hash_algo: argon2
+  passwd: a3d5fcd92bae586c2e3dbe72daea7a0d27833a8d0227aa1704f4bbd775c1f3b03535b76dd93b0d4d8d22a519dca47df1547b # password
+  type: 0 # individual
+  salt: ZogKvWdyEx
+  is_admin: false
+  hide_from_explore_page: true
+  avatar: avatar31
+  avatar_email: user31@example.com
+  is_active: true
+  num_repos: 0

From c38ed8506a8b027d9d2c833f6fb714bf22793a31 Mon Sep 17 00:00:00 2001
From: Sergey Dryabzhinsky <sergey@rusoft.ru>
Date: Mon, 7 Jun 2021 03:09:56 +0300
Subject: [PATCH 22/67] Fix unit-tests - use user31, fix fixture typo

---
 models/fixtures/user.yml     | 5 ++---
 modules/convert/user_test.go | 4 ++--
 2 files changed, 4 insertions(+), 5 deletions(-)

diff --git a/models/fixtures/user.yml b/models/fixtures/user.yml
index f6b91fdb28267..b7a324fcde98d 100644
--- a/models/fixtures/user.yml
+++ b/models/fixtures/user.yml
@@ -508,7 +508,6 @@
   num_repos: 0
   is_active: true
 
-
 -
   id: 30
   lower_name: user30
@@ -526,7 +525,7 @@
   num_repos: 2
   is_active: true
 
-  -
+-
   id: 31
   lower_name: user31
   name: user31
@@ -541,5 +540,5 @@
   hide_from_explore_page: true
   avatar: avatar31
   avatar_email: user31@example.com
-  is_active: true
   num_repos: 0
+  is_active: true
diff --git a/modules/convert/user_test.go b/modules/convert/user_test.go
index a5637fb8feee4..0fcde5f922ffe 100644
--- a/modules/convert/user_test.go
+++ b/modules/convert/user_test.go
@@ -29,9 +29,9 @@ func TestUser_ToUser(t *testing.T) {
 	assert.False(t, apiUser.IsAdmin)
 	assert.False(t, apiUser.HideFromExplorePage)
 
-	user3 := models.AssertExistsAndLoadBean(t, &models.User{ID: 3, IsAdmin: false, HideFromExplorePage: true}).(*models.User)
+	user31 := models.AssertExistsAndLoadBean(t, &models.User{ID: 31, IsAdmin: false, HideFromExplorePage: true}).(*models.User)
 
-	apiUser = toUser(user3, true, true)
+	apiUser = toUser(user31, true, true)
 	assert.False(t, apiUser.IsAdmin)
 	assert.True(t, apiUser.HideFromExplorePage)
 

From 5c03ff1e59f005604d0ad9f20f21c6e4c92f7fd1 Mon Sep 17 00:00:00 2001
From: Sergey Dryabzhinsky <sergey@rusoft.ru>
Date: Mon, 7 Jun 2021 05:38:01 +0300
Subject: [PATCH 23/67] Pass Actor to api user search

---
 routers/api/v1/admin/user.go | 1 +
 1 file changed, 1 insertion(+)

diff --git a/routers/api/v1/admin/user.go b/routers/api/v1/admin/user.go
index 87d483e5ec7db..da29f3477a6c1 100644
--- a/routers/api/v1/admin/user.go
+++ b/routers/api/v1/admin/user.go
@@ -402,6 +402,7 @@ func GetAllUsers(ctx *context.APIContext) {
 	listOptions := utils.GetListOptions(ctx)
 
 	users, maxResults, err := models.SearchUsers(&models.SearchUserOptions{
+		Actor:       ctx.User,
 		Type:        models.UserTypeIndividual,
 		OrderBy:     models.SearchOrderByAlphabetically,
 		ListOptions: listOptions,

From 0655b1f5cfe5d0f95d63f997363d19f84848ef26 Mon Sep 17 00:00:00 2001
From: Sergey Dryabzhinsky <sergey@rusoft.ru>
Date: Mon, 7 Jun 2021 06:40:29 +0300
Subject: [PATCH 24/67] Token auth is basic auth? Trace request from who

---
 integrations/api_user_search_test.go | 1 +
 routers/api/v1/admin/user.go         | 2 ++
 2 files changed, 3 insertions(+)

diff --git a/integrations/api_user_search_test.go b/integrations/api_user_search_test.go
index 4ae6d113a2401..3ebd5938721fe 100644
--- a/integrations/api_user_search_test.go
+++ b/integrations/api_user_search_test.go
@@ -67,6 +67,7 @@ func TestAPIUserSearchAdminLoggedInUserHidden(t *testing.T) {
 	token := getTokenForLoggedInUser(t, session)
 	query := "user31"
 	req := NewRequestf(t, "GET", "/api/v1/users/search?token=%s&q=%s", token, query)
+	req.SetBasicAuth(token, "x-oauth-basic")
 	resp := session.MakeRequest(t, req, http.StatusOK)
 
 	var results SearchResults
diff --git a/routers/api/v1/admin/user.go b/routers/api/v1/admin/user.go
index da29f3477a6c1..a83c15fe6b55c 100644
--- a/routers/api/v1/admin/user.go
+++ b/routers/api/v1/admin/user.go
@@ -399,6 +399,8 @@ func GetAllUsers(ctx *context.APIContext) {
 	//   "403":
 	//     "$ref": "#/responses/forbidden"
 
+	log.Trace("GetAllUsers requested by admin(%s): is admin?= %ui", ctx.User.Name, ctx.User.IsAdmin)
+
 	listOptions := utils.GetListOptions(ctx)
 
 	users, maxResults, err := models.SearchUsers(&models.SearchUserOptions{

From a1bae9ce56ffd7c59bd39c44f7ed1d57b6736055 Mon Sep 17 00:00:00 2001
From: Sergey Dryabzhinsky <sergey@rusoft.ru>
Date: Mon, 7 Jun 2021 08:14:00 +0300
Subject: [PATCH 25/67] Fixes for user search:

- ctx.User was not passed by
- add 2 more tests for user creation
---
 routers/admin/users.go       |  3 +-
 routers/admin/users_test.go  | 77 ++++++++++++++++++++++++++++++++++++
 routers/api/v1/admin/user.go |  2 -
 routers/api/v1/user/user.go  |  1 +
 4 files changed, 80 insertions(+), 3 deletions(-)

diff --git a/routers/admin/users.go b/routers/admin/users.go
index e16d4dc1330ca..092e3dcb35ce5 100644
--- a/routers/admin/users.go
+++ b/routers/admin/users.go
@@ -37,7 +37,8 @@ func Users(ctx *context.Context) {
 	ctx.Data["PageIsAdminUsers"] = true
 
 	routers.RenderUserSearch(ctx, &models.SearchUserOptions{
-		Type: models.UserTypeIndividual,
+		Actor: ctx.User,
+		Type:  models.UserTypeIndividual,
 		ListOptions: models.ListOptions{
 			PageSize: setting.UI.Admin.UserPagingNum,
 		},
diff --git a/routers/admin/users_test.go b/routers/admin/users_test.go
index b19dcb886bde1..1d198f8789420 100644
--- a/routers/admin/users_test.go
+++ b/routers/admin/users_test.go
@@ -121,3 +121,80 @@ func TestNewUserPost_InvalidEmail(t *testing.T) {
 
 	assert.NotEmpty(t, ctx.Flash.ErrorMsg)
 }
+
+func TestNewUserPost_HideFromExplorePageDefaultFalse(t *testing.T) {
+
+	models.PrepareTestEnv(t)
+	ctx := test.MockContext(t, "admin/users/new")
+
+	u := models.AssertExistsAndLoadBean(t, &models.User{
+		IsAdmin: true,
+		ID:      2,
+	}).(*models.User)
+
+	ctx.User = u
+
+	username := "gitea"
+	email := "gitea@gitea.io"
+
+	form := forms.AdminCreateUserForm{
+		LoginType:          "local",
+		LoginName:          "local",
+		UserName:           username,
+		Email:              email,
+		Password:           "abc123ABC!=$",
+		SendNotify:         false,
+		MustChangePassword: false,
+	}
+
+	web.SetForm(ctx, &form)
+	NewUserPost(ctx)
+
+	assert.NotEmpty(t, ctx.Flash.SuccessMsg)
+
+	u, err := models.GetUserByName(username)
+
+	assert.NoError(t, err)
+	assert.Equal(t, username, u.Name)
+	assert.Equal(t, email, u.Email)
+	assert.False(t, u.HideFromExplorePage)
+}
+
+func TestNewUserPost_HideFromExplorePageTrue(t *testing.T) {
+
+	models.PrepareTestEnv(t)
+	ctx := test.MockContext(t, "admin/users/new")
+
+	u := models.AssertExistsAndLoadBean(t, &models.User{
+		IsAdmin: true,
+		ID:      2,
+	}).(*models.User)
+
+	ctx.User = u
+
+	username := "gitea"
+	email := "gitea@gitea.io"
+
+	form := forms.AdminCreateUserForm{
+		LoginType:           "local",
+		LoginName:           "local",
+		UserName:            username,
+		Email:               email,
+		Password:            "abc123ABC!=$",
+		SendNotify:          false,
+		MustChangePassword:  false,
+		HideFromExplorePage: true,
+	}
+
+	web.SetForm(ctx, &form)
+	NewUserPost(ctx)
+
+	assert.NotEmpty(t, ctx.Flash.SuccessMsg)
+
+	u, err := models.GetUserByName(username)
+
+	assert.NoError(t, err)
+	assert.Equal(t, username, u.Name)
+	assert.Equal(t, email, u.Email)
+	assert.True(t, u.HideFromExplorePage)
+}
diff --git a/routers/api/v1/admin/user.go b/routers/api/v1/admin/user.go
index a83c15fe6b55c..da29f3477a6c1 100644
--- a/routers/api/v1/admin/user.go
+++ b/routers/api/v1/admin/user.go
@@ -399,8 +399,6 @@ func GetAllUsers(ctx *context.APIContext) {
 	//   "403":
 	//     "$ref": "#/responses/forbidden"
 
-	log.Trace("GetAllUsers requested by admin(%s): is admin?= %ui", ctx.User.Name, ctx.User.IsAdmin)
-
 	listOptions := utils.GetListOptions(ctx)
 
 	users, maxResults, err := models.SearchUsers(&models.SearchUserOptions{
diff --git a/routers/api/v1/user/user.go b/routers/api/v1/user/user.go
index 6e811bf0f8a4d..df6acbd1050e3 100644
--- a/routers/api/v1/user/user.go
+++ b/routers/api/v1/user/user.go
@@ -58,6 +58,7 @@ func Search(ctx *context.APIContext) {
 	listOptions := utils.GetListOptions(ctx)
 
 	opts := &models.SearchUserOptions{
+		Actor:       ctx.User,
 		Keyword:     strings.Trim(ctx.Query("q"), " "),
 		UID:         ctx.QueryInt64("uid"),
 		Type:        models.UserTypeIndividual,

From e1d99350ece566ebe7623ee677880fb7b5c08c0b Mon Sep 17 00:00:00 2001
From: Sergey Dryabzhinsky <sergey@rusoft.ru>
Date: Tue, 8 Jun 2021 14:57:27 +0300
Subject: [PATCH 26/67] Rename migration

---
 models/migrations/v182.go | 20 ++++++++++++++++++++
 1 file changed, 20 insertions(+)
 create mode 100644 models/migrations/v182.go

diff --git a/models/migrations/v182.go b/models/migrations/v182.go
new file mode 100644
index 0000000000000..44ef44f18267c
--- /dev/null
+++ b/models/migrations/v182.go
@@ -0,0 +1,20 @@
+// Use of this source code is governed by a MIT-style
+// license that can be found in the LICENSE file.
+
+package migrations
+
+import (
+	"fmt"
+
+	"xorm.io/xorm"
+)
+
+func addHideFromExplorePageUserColumn(x *xorm.Engine) error {
+	type User struct {
+		HideFromExplorePage bool `xorm:"NOT NULL DEFAULT false"`
+	}
+	if err := x.Sync2(new(User)); err != nil {
+		return fmt.Errorf("Sync2: %v", err)
+	}
+	return nil
+}

From f9ba4f789e216b8e7c01a4643b95ad0f4eea8903 Mon Sep 17 00:00:00 2001
From: Sergey Dryabzhinsky <sergey@rusoft.ru>
Date: Wed, 9 Jun 2021 05:46:32 +0300
Subject: [PATCH 27/67] Mention API searches in new locale strings

---
 options/locale/locale_en-US.ini | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/options/locale/locale_en-US.ini b/options/locale/locale_en-US.ini
index 992c96951a1fb..c3fb9052130a5 100644
--- a/options/locale/locale_en-US.ini
+++ b/options/locale/locale_en-US.ini
@@ -473,8 +473,8 @@ ui = Theme
 privacy = Privacy
 keep_activity_private = Hide the activity from the profile page
 keep_activity_private_popup = Makes the activity visible only for you and the admins
-hide_from_explore_page = Hide me from public "explore users" page
-hide_from_explore_page_popup = Make me visible only by mention in repo, commit, etc. And hide from public "explore users" page.
+hide_from_explore_page = Hide me from public "explore users" and API.
+hide_from_explore_page_popup = Make me visible only by mention in repo, commit, etc. And hide from public "explore users" page and public API searches.
 
 lookup_avatar_by_mail = Look Up Avatar by Email Address
 federated_avatar_lookup = Federated Avatar Lookup
@@ -2238,8 +2238,8 @@ users.still_own_repo = This user still owns one or more repositories. Delete or
 users.still_has_org = This user is a member of an organization. Remove the user from any organizations first.
 users.deletion_success = The user account has been deleted.
 users.reset_2fa = Reset 2FA
-users.hide_from_explore_page = User do not want to appear on service explore page
-users.hide_from_explore_page_tooltip = Users may do not want to be anounced publicly. So they can be hided from that page. But they profile will be accesible by mentioning in commit, issue, etc.
+users.hide_from_explore_page = User do not want to appear on service explore page and API.
+users.hide_from_explore_page_tooltip = Users may do not want to be anounced publicly. So they can be hided from that page and API searches. But they profile will be accesible by mentioning in commit, issue, etc.
 
 emails.email_manage_panel = User Email Management
 emails.primary = Primary

From 6bfa28e5d2555aa30d83a5cee02dacba41e8e632 Mon Sep 17 00:00:00 2001
From: Sergey Dryabzhinsky <sergey@rusoft.ru>
Date: Wed, 9 Jun 2021 05:56:55 +0300
Subject: [PATCH 28/67] Add note about visibility by admins

---
 options/locale/locale_en-US.ini | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/options/locale/locale_en-US.ini b/options/locale/locale_en-US.ini
index c3fb9052130a5..9a31a4841675c 100644
--- a/options/locale/locale_en-US.ini
+++ b/options/locale/locale_en-US.ini
@@ -473,8 +473,8 @@ ui = Theme
 privacy = Privacy
 keep_activity_private = Hide the activity from the profile page
 keep_activity_private_popup = Makes the activity visible only for you and the admins
-hide_from_explore_page = Hide me from public "explore users" and API.
-hide_from_explore_page_popup = Make me visible only by mention in repo, commit, etc. And hide from public "explore users" page and public API searches.
+hide_from_explore_page = Hide me from public "explore users" page and API.
+hide_from_explore_page_popup = Make me visible only by mention in repo, commit, etc. And to service admins. Hide from public "explore users" page and public API searches.
 
 lookup_avatar_by_mail = Look Up Avatar by Email Address
 federated_avatar_lookup = Federated Avatar Lookup
@@ -2239,7 +2239,7 @@ users.still_has_org = This user is a member of an organization. Remove the user
 users.deletion_success = The user account has been deleted.
 users.reset_2fa = Reset 2FA
 users.hide_from_explore_page = User do not want to appear on service explore page and API.
-users.hide_from_explore_page_tooltip = Users may do not want to be anounced publicly. So they can be hided from that page and API searches. But they profile will be accesible by mentioning in commit, issue, etc.
+users.hide_from_explore_page_tooltip = Users may do not want to be anounced publicly. So they can be hided from that page and API searches. But they profiles will be accesible by mentioning in commit, issue, etc. And they stay visible for service admins.
 
 emails.email_manage_panel = User Email Management
 emails.primary = Primary

From 7066c1f688d631b785cb5424620f1da928d65749 Mon Sep 17 00:00:00 2001
From: Sergey Dryabzhinsky <sergey@rusoft.ru>
Date: Thu, 10 Jun 2021 04:52:59 +0300
Subject: [PATCH 29/67] Rewrote user hiding based on Visibility field:

- drop migration 182 - dont need
- add app option DEFAULT_USER_VISIBILITY
- update localization
- rewrite many files to use Visibility field
---
 custom/conf/app.example.ini                   | 12 ++++--
 .../doc/advanced/config-cheat-sheet.en-us.md  |  5 ++-
 integrations/api_user_search_test.go          |  2 +-
 models/fixtures/user.yml                      |  2 +-
 models/migrations/migrations.go               |  2 -
 models/migrations/v182.go                     | 20 ----------
 models/user.go                                | 37 ++++++++++---------
 modules/convert/user.go                       |  3 +-
 modules/convert/user_test.go                  |  8 ++--
 modules/setting/service.go                    |  4 ++
 modules/structs/admin_user.go                 | 10 ++---
 modules/structs/user.go                       |  2 +-
 options/locale/locale_en-US.ini               | 14 +++++--
 routers/api/v1/admin/user.go                  | 34 ++++++++++-------
 routers/web/admin/users.go                    | 18 +++++----
 routers/web/admin/users_test.go               | 24 ++++++------
 routers/web/user/setting/profile.go           |  2 +-
 services/forms/admin.go                       | 19 +++++-----
 services/forms/user_form.go                   |  3 +-
 templates/admin/user/edit.tmpl                | 19 ++++++++--
 templates/admin/user/new.tmpl                 | 19 ++++++++--
 templates/swagger/v1_json.tmpl                | 20 +++++-----
 templates/user/settings/profile.tmpl          | 25 +++++++++----
 23 files changed, 173 insertions(+), 131 deletions(-)
 delete mode 100644 models/migrations/v182.go

diff --git a/custom/conf/app.example.ini b/custom/conf/app.example.ini
index 2f3fc1f1d8504..5cb4b3aaaf713 100644
--- a/custom/conf/app.example.ini
+++ b/custom/conf/app.example.ini
@@ -631,6 +631,12 @@ PATH =
 ;; Limited is for signed user only
 ;; Private is only for member of the organization
 ;; Public is for everyone
+;DEFAULT_USER_VISIBILITY = public
+;;
+;; Either "public", "limited" or "private", default is "public"
+;; Limited is for signed user only
+;; Private is only for member of the organization
+;; Public is for everyone
 ;DEFAULT_ORG_VISIBILITY = public
 ;;
 ;; Default value for DefaultOrgMemberVisible
@@ -1145,8 +1151,8 @@ PATH =
 ;;
 ;; When ISSUE_INDEXER_QUEUE_TYPE is levelqueue, this will be the path where the queue will be saved.
 ;; This can be overridden by `ISSUE_INDEXER_QUEUE_CONN_STR`.
-;; default is queues/common
-;ISSUE_INDEXER_QUEUE_DIR = queues/common
+;; default is queues/common
+;ISSUE_INDEXER_QUEUE_DIR = queues/common
 ;;
 ;; When `ISSUE_INDEXER_QUEUE_TYPE` is `redis`, this will store the redis connection string.
 ;; When `ISSUE_INDEXER_QUEUE_TYPE` is `levelqueue`, this is a directory or additional options of
@@ -1201,7 +1207,7 @@ PATH =
 ;; default to persistable-channel
 ;TYPE = persistable-channel
 ;;
-;; data-dir for storing persistable queues and level queues, individual queues will default to `queues/common` meaning the queue is shared.
+;; data-dir for storing persistable queues and level queues, individual queues will default to `queues/common` meaning the queue is shared.
 ;DATADIR = queues/
 ;;
 ;; Default queue length before a channel queue will block
diff --git a/docs/content/doc/advanced/config-cheat-sheet.en-us.md b/docs/content/doc/advanced/config-cheat-sheet.en-us.md
index 28ab922c439eb..01b161650b621 100644
--- a/docs/content/doc/advanced/config-cheat-sheet.en-us.md
+++ b/docs/content/doc/advanced/config-cheat-sheet.en-us.md
@@ -350,7 +350,7 @@ relation to port exhaustion.
 - `ISSUE_INDEXER_PATH`: **indexers/issues.bleve**: Index file used for issue search; available when ISSUE_INDEXER_TYPE is bleve and elasticsearch.
 - The next 4 configuration values are deprecated and should be set in `queue.issue_indexer` however are kept for backwards compatibility:
 - `ISSUE_INDEXER_QUEUE_TYPE`: **levelqueue**: Issue indexer queue, currently supports:`channel`, `levelqueue`, `redis`.
-- `ISSUE_INDEXER_QUEUE_DIR`: **queues/common**: When `ISSUE_INDEXER_QUEUE_TYPE` is `levelqueue`, this will be the path where the queue will be saved. (Previously this was `indexers/issues.queue`.)
+- `ISSUE_INDEXER_QUEUE_DIR`: **queues/common**: When `ISSUE_INDEXER_QUEUE_TYPE` is `levelqueue`, this will be the path where the queue will be saved. (Previously this was `indexers/issues.queue`.)
 - `ISSUE_INDEXER_QUEUE_CONN_STR`: **addrs=127.0.0.1:6379 db=0**: When `ISSUE_INDEXER_QUEUE_TYPE` is `redis`, this will store the redis connection string. When `ISSUE_INDEXER_QUEUE_TYPE` is `levelqueue`, this is a directory or additional options of the form `leveldb://path/to/db?option=value&....`, and overrides `ISSUE_INDEXER_QUEUE_DIR`.
 - `ISSUE_INDEXER_QUEUE_BATCH_NUMBER`: **20**: Batch queue number.
 
@@ -370,7 +370,7 @@ relation to port exhaustion.
 ## Queue (`queue` and `queue.*`)
 
 - `TYPE`: **persistable-channel**: General queue type, currently support: `persistable-channel` (uses a LevelDB internally), `channel`, `level`, `redis`, `dummy`
-- `DATADIR`: **queues/**: Base DataDir for storing persistent and level queues. `DATADIR` for individual queues can be set in `queue.name` sections but will default to `DATADIR/`**`common`**. (Previously each queue would default to `DATADIR/`**`name`**.)
+- `DATADIR`: **queues/**: Base DataDir for storing persistent and level queues. `DATADIR` for individual queues can be set in `queue.name` sections but will default to `DATADIR/`**`common`**. (Previously each queue would default to `DATADIR/`**`name`**.)
 - `LENGTH`: **20**: Maximal queue size before channel queues block
 - `BATCH_LENGTH`: **20**: Batch data before passing to the handler
 - `CONN_STR`: **redis://127.0.0.1:6379/0**: Connection string for the redis queue type. Options can be set using query params. Similarly LevelDB options can also be set using: **leveldb://relative/path?option=value** or **leveldb:///absolute/path?option=value**, and will override `DATADIR`
@@ -504,6 +504,7 @@ relation to port exhaustion.
 - `SHOW_MILESTONES_DASHBOARD_PAGE`: **true** Enable this to show the milestones dashboard page - a view of all the user's milestones
 - `AUTO_WATCH_NEW_REPOS`: **true**: Enable this to let all organisation users watch new repos when they are created
 - `AUTO_WATCH_ON_CHANGES`: **false**: Enable this to make users watch a repository after their first commit to it
+- `DEFAULT_USER_VISIBILITY`: **public**: Set default visibility mode for users, either "public", "limited" or "private".
 - `DEFAULT_ORG_VISIBILITY`: **public**: Set default visibility mode for organisations, either "public", "limited" or "private".
 - `DEFAULT_ORG_MEMBER_VISIBLE`: **false** True will make the membership of the users visible when added to the organisation.
 - `ALLOW_ONLY_INTERNAL_REGISTRATION`: **false** Set to true to force registration only via gitea.
diff --git a/integrations/api_user_search_test.go b/integrations/api_user_search_test.go
index 3ebd5938721fe..dc40ecea74fd2 100644
--- a/integrations/api_user_search_test.go
+++ b/integrations/api_user_search_test.go
@@ -76,7 +76,7 @@ func TestAPIUserSearchAdminLoggedInUserHidden(t *testing.T) {
 	for _, user := range results.Data {
 		assert.Contains(t, user.UserName, query)
 		assert.NotEmpty(t, user.Email)
-		assert.True(t, user.HideFromExplorePage)
+		assert.True(t, user.Visibility == structs.VisibleTypePrivate.String())
 	}
 }
 
diff --git a/models/fixtures/user.yml b/models/fixtures/user.yml
index b7a324fcde98d..ae42d1f98e1a5 100644
--- a/models/fixtures/user.yml
+++ b/models/fixtures/user.yml
@@ -537,7 +537,7 @@
   type: 0 # individual
   salt: ZogKvWdyEx
   is_admin: false
-  hide_from_explore_page: true
+  visibility: 2
   avatar: avatar31
   avatar_email: user31@example.com
   num_repos: 0
diff --git a/models/migrations/migrations.go b/models/migrations/migrations.go
index fc33a6f48413c..df1bac4a13f3b 100644
--- a/models/migrations/migrations.go
+++ b/models/migrations/migrations.go
@@ -313,8 +313,6 @@ var migrations = []Migration{
 	NewMigration("Delete credentials from past migrations", deleteMigrationCredentials),
 	// v181 -> v182
 	NewMigration("Always save primary email on email address table", addPrimaryEmail2EmailAddress),
-	// v182 -> v183
-	NewMigration("Add column to User to allow them hide self from explore/users page", addHideFromExplorePageUserColumn),
 }
 
 // GetCurrentDBVersion returns the current db version
diff --git a/models/migrations/v182.go b/models/migrations/v182.go
deleted file mode 100644
index 44ef44f18267c..0000000000000
--- a/models/migrations/v182.go
+++ /dev/null
@@ -1,20 +0,0 @@
-// Use of this source code is governed by a MIT-style
-// license that can be found in the LICENSE file.
-
-package migrations
-
-import (
-	"fmt"
-
-	"xorm.io/xorm"
-)
-
-func addHideFromExplorePageUserColumn(x *xorm.Engine) error {
-	type User struct {
-		HideFromExplorePage bool `xorm:"NOT NULL DEFAULT false"`
-	}
-	if err := x.Sync2(new(User)); err != nil {
-		return fmt.Errorf("Sync2: %v", err)
-	}
-	return nil
-}
diff --git a/models/user.go b/models/user.go
index b1adc825fdfc0..a20eb4b84cd24 100644
--- a/models/user.go
+++ b/models/user.go
@@ -163,8 +163,6 @@ type User struct {
 	DiffViewStyle       string `xorm:"NOT NULL DEFAULT ''"`
 	Theme               string `xorm:"NOT NULL DEFAULT ''"`
 	KeepActivityPrivate bool   `xorm:"NOT NULL DEFAULT false"`
-	// Users may don't want to appear on /explore/users page.
-	HideFromExplorePage bool `xorm:"NOT NULL DEFAULT false"`
 }
 
 // SearchOrganizationsOptions options to filter organizations
@@ -887,6 +885,7 @@ func CreateUser(u *User) (err error) {
 	}
 
 	u.KeepEmailPrivate = setting.Service.DefaultKeepEmailPrivate
+	u.Visibility = setting.Service.DefaultUserVisibilityMode
 
 	u.LowerName = strings.ToLower(u.Name)
 	u.AvatarEmail = u.Email
@@ -1582,10 +1581,9 @@ func (opts *SearchUserOptions) toConds() builder.Cond {
 		cond = cond.And(keywordCond)
 	}
 
+	// If visibility filtered
 	if len(opts.Visible) > 0 {
 		cond = cond.And(builder.In("visibility", opts.Visible))
-	} else {
-		cond = cond.And(builder.In("visibility", structs.VisibleTypePublic))
 	}
 
 	if opts.Actor != nil {
@@ -1598,22 +1596,27 @@ func (opts *SearchUserOptions) toConds() builder.Cond {
 			exprCond = builder.Expr("org_user.org_id = \"user\".id")
 		}
 
-		var accessCond builder.Cond
-		if !opts.Actor.IsRestricted {
-			accessCond = builder.Or(
-				builder.In("id", builder.Select("org_id").From("org_user").LeftJoin("`user`", exprCond).Where(builder.And(builder.Eq{"uid": opts.Actor.ID}, builder.Eq{"visibility": structs.VisibleTypePrivate}))),
-				builder.In("visibility", structs.VisibleTypePublic, structs.VisibleTypeLimited))
-		} else {
-			// restricted users only see orgs they are a member of
-			accessCond = builder.In("id", builder.Select("org_id").From("org_user").LeftJoin("`user`", exprCond).Where(builder.And(builder.Eq{"uid": opts.Actor.ID})))
-		}
-		cond = cond.And(accessCond)
-
+		// If Admin - they see all users!
 		if !opts.Actor.IsAdmin {
-			cond = cond.And(builder.Eq{"hide_from_explore_page": false}.Or(builder.Eq{"id": opts.Actor.ID}))
+			// Force visiblity for privacy
+			var accessCond builder.Cond
+			if !opts.Actor.IsRestricted {
+				accessCond = builder.Or(
+					builder.In("id", builder.Select("org_id").From("org_user").LeftJoin("`user`", exprCond).Where(builder.And(builder.Eq{"uid": opts.Actor.ID}, builder.Eq{"visibility": structs.VisibleTypePrivate}))),
+					builder.In("visibility", structs.VisibleTypePublic, structs.VisibleTypeLimited))
+			} else {
+				// restricted users only see orgs they are a member of
+				accessCond = builder.In("id", builder.Select("org_id").From("org_user").LeftJoin("`user`", exprCond).Where(builder.And(builder.Eq{"uid": opts.Actor.ID})))
+			}
+			// Don't forget about self
+			accessCond = accessCond.Or(builder.Eq{"id": opts.Actor.ID})
+			cond = cond.And(accessCond)
 		}
+
 	} else {
-		cond = cond.And(builder.Eq{"hide_from_explore_page": false})
+		// Force visiblity for privacy
+		// Not logged in - only public users
+		cond = cond.And(builder.In("visibility", structs.VisibleTypePublic))
 	}
 
 	if opts.UID > 0 {
diff --git a/modules/convert/user.go b/modules/convert/user.go
index dede9f32925f8..1b2efa5d94389 100644
--- a/modules/convert/user.go
+++ b/modules/convert/user.go
@@ -53,10 +53,11 @@ func toUser(user *models.User, signed, authed bool) *api.User {
 	if signed && (!user.KeepEmailPrivate || authed) {
 		result.Email = user.Email
 	}
+
 	// only site admin will get these information and possibly user himself
 	if authed {
 		result.IsAdmin = user.IsAdmin
-		result.HideFromExplorePage = user.HideFromExplorePage
+		result.Visibility = user.Visibility.String()
 		result.LastLogin = user.LastLoginUnix.AsTime()
 		result.Language = user.Language
 		result.IsActive = user.IsActive
diff --git a/modules/convert/user_test.go b/modules/convert/user_test.go
index 0fcde5f922ffe..0f56140d4bad0 100644
--- a/modules/convert/user_test.go
+++ b/modules/convert/user_test.go
@@ -8,6 +8,7 @@ import (
 	"testing"
 
 	"code.gitea.io/gitea/models"
+	api "code.gitea.io/gitea/modules/structs"
 
 	"github.com/stretchr/testify/assert"
 )
@@ -27,12 +28,11 @@ func TestUser_ToUser(t *testing.T) {
 
 	apiUser = toUser(user1, false, false)
 	assert.False(t, apiUser.IsAdmin)
-	assert.False(t, apiUser.HideFromExplorePage)
+	assert.False(t, apiUser.Visibility == api.VisibleTypePublic.String())
 
-	user31 := models.AssertExistsAndLoadBean(t, &models.User{ID: 31, IsAdmin: false, HideFromExplorePage: true}).(*models.User)
+	user31 := models.AssertExistsAndLoadBean(t, &models.User{ID: 31, IsAdmin: false, Visibility: api.VisibleTypePrivate}).(*models.User)
 
 	apiUser = toUser(user31, true, true)
 	assert.False(t, apiUser.IsAdmin)
-	assert.True(t, apiUser.HideFromExplorePage)
-
+	assert.True(t, apiUser.Visibility == api.VisibleTypePrivate.String())
 }
diff --git a/modules/setting/service.go b/modules/setting/service.go
index 41e834e8e61ef..66e1701d427e8 100644
--- a/modules/setting/service.go
+++ b/modules/setting/service.go
@@ -14,6 +14,8 @@ import (
 
 // Service settings
 var Service struct {
+	DefaultUserVisibility                   string
+	DefaultUserVisibilityMode               structs.VisibleType
 	DefaultOrgVisibility                    string
 	DefaultOrgVisibilityMode                structs.VisibleType
 	ActiveCodeLives                         int
@@ -116,6 +118,8 @@ func newService() {
 	Service.EnableUserHeatmap = sec.Key("ENABLE_USER_HEATMAP").MustBool(true)
 	Service.AutoWatchNewRepos = sec.Key("AUTO_WATCH_NEW_REPOS").MustBool(true)
 	Service.AutoWatchOnChanges = sec.Key("AUTO_WATCH_ON_CHANGES").MustBool(false)
+	Service.DefaultUserVisibility = sec.Key("DEFAULT_USER_VISIBILITY").In("public", structs.ExtractKeysFromMapString(structs.VisibilityModes))
+	Service.DefaultUserVisibilityMode = structs.VisibilityModes[Service.DefaultUserVisibility]
 	Service.DefaultOrgVisibility = sec.Key("DEFAULT_ORG_VISIBILITY").In("public", structs.ExtractKeysFromMapString(structs.VisibilityModes))
 	Service.DefaultOrgVisibilityMode = structs.VisibilityModes[Service.DefaultOrgVisibility]
 	Service.DefaultOrgMemberVisible = sec.Key("DEFAULT_ORG_MEMBER_VISIBLE").MustBool()
diff --git a/modules/structs/admin_user.go b/modules/structs/admin_user.go
index 8fd80bc3d2034..facf16a39552a 100644
--- a/modules/structs/admin_user.go
+++ b/modules/structs/admin_user.go
@@ -16,10 +16,10 @@ type CreateUserOption struct {
 	// swagger:strfmt email
 	Email string `json:"email" binding:"Required;Email;MaxSize(254)"`
 	// required: true
-	Password            string `json:"password" binding:"Required;MaxSize(255)"`
-	MustChangePassword  *bool  `json:"must_change_password"`
-	SendNotify          bool   `json:"send_notify"`
-	HideFromExplorePage *bool  `json:"hide_from_explore_page"`
+	Password           string `json:"password" binding:"Required;MaxSize(255)"`
+	MustChangePassword *bool  `json:"must_change_password"`
+	SendNotify         bool   `json:"send_notify"`
+	Visibility         string `json:"visibility" binding:"In(,public,limited,private)"`
 }
 
 // EditUserOption edit user options
@@ -44,5 +44,5 @@ type EditUserOption struct {
 	ProhibitLogin           *bool   `json:"prohibit_login"`
 	AllowCreateOrganization *bool   `json:"allow_create_organization"`
 	Restricted              *bool   `json:"restricted"`
-	HideFromExplorePage     *bool   `json:"hide_from_explore_page"`
+	Visibility              string  `json:"visibility" binding:"In(,public,limited,private)"`
 }
diff --git a/modules/structs/user.go b/modules/structs/user.go
index 6bbb8dc3d6ac8..08caf5827eeae 100644
--- a/modules/structs/user.go
+++ b/modules/structs/user.go
@@ -44,7 +44,7 @@ type User struct {
 	// the user's description
 	Description string `json:"description"`
 	// user hides from public
-	HideFromExplorePage bool `json:"hide_from_explore_page"`
+	Visibility string `json:"visibility" binding:"In(,public,limited,private)"`
 }
 
 // MarshalJSON implements the json.Marshaler interface for User, adding field(s) for backward compatibility
diff --git a/options/locale/locale_en-US.ini b/options/locale/locale_en-US.ini
index 9a31a4841675c..e0669c3b1d8ce 100644
--- a/options/locale/locale_en-US.ini
+++ b/options/locale/locale_en-US.ini
@@ -434,6 +434,11 @@ form.name_reserved = The username '%s' is reserved.
 form.name_pattern_not_allowed = The pattern '%s' is not allowed in a username.
 form.name_chars_not_allowed = User name '%s' contains invalid characters.
 
+settings.visibility = Visibility
+settings.visibility.public = Public
+settings.visibility.limited = Limited (Visible to logged in users only)
+settings.visibility.private = Private (Visible only to organization members)
+
 [settings]
 profile = Profile
 account = Account
@@ -473,8 +478,6 @@ ui = Theme
 privacy = Privacy
 keep_activity_private = Hide the activity from the profile page
 keep_activity_private_popup = Makes the activity visible only for you and the admins
-hide_from_explore_page = Hide me from public "explore users" page and API.
-hide_from_explore_page_popup = Make me visible only by mention in repo, commit, etc. And to service admins. Hide from public "explore users" page and public API searches.
 
 lookup_avatar_by_mail = Look Up Avatar by Email Address
 federated_avatar_lookup = Federated Avatar Lookup
@@ -2238,8 +2241,11 @@ users.still_own_repo = This user still owns one or more repositories. Delete or
 users.still_has_org = This user is a member of an organization. Remove the user from any organizations first.
 users.deletion_success = The user account has been deleted.
 users.reset_2fa = Reset 2FA
-users.hide_from_explore_page = User do not want to appear on service explore page and API.
-users.hide_from_explore_page_tooltip = Users may do not want to be anounced publicly. So they can be hided from that page and API searches. But they profiles will be accesible by mentioning in commit, issue, etc. And they stay visible for service admins.
+users.settings.visibility = Visibility
+users.settings.visibility.public = Public
+users.settings.visibility.limited = Limited (Visible to logged in users only)
+users.settings.visibility.private = Private (Visible only to organization members)
+
 
 emails.email_manage_panel = User Email Management
 emails.primary = Primary
diff --git a/routers/api/v1/admin/user.go b/routers/api/v1/admin/user.go
index da29f3477a6c1..f09276427e6c2 100644
--- a/routers/api/v1/admin/user.go
+++ b/routers/api/v1/admin/user.go
@@ -66,22 +66,25 @@ func CreateUser(ctx *context.APIContext) {
 	//   "422":
 	//     "$ref": "#/responses/validationError"
 	form := web.GetForm(ctx).(*api.CreateUserOption)
+
+	visibility := api.VisibleTypePublic
+	if form.Visibility != "" {
+		visibility = api.VisibilityModes[form.Visibility]
+	}
+
 	u := &models.User{
-		Name:                form.Username,
-		FullName:            form.FullName,
-		Email:               form.Email,
-		Passwd:              form.Password,
-		MustChangePassword:  true,
-		IsActive:            true,
-		LoginType:           models.LoginPlain,
-		HideFromExplorePage: false,
+		Name:               form.Username,
+		FullName:           form.FullName,
+		Email:              form.Email,
+		Passwd:             form.Password,
+		MustChangePassword: true,
+		IsActive:           true,
+		LoginType:          models.LoginPlain,
+		Visibility:         visibility,
 	}
 	if form.MustChangePassword != nil {
 		u.MustChangePassword = *form.MustChangePassword
 	}
-	if form.HideFromExplorePage != nil {
-		u.HideFromExplorePage = *form.HideFromExplorePage
-	}
 
 	parseLoginSource(ctx, u, form.SourceID, form.LoginName)
 	if ctx.Written() {
@@ -160,6 +163,12 @@ func EditUser(ctx *context.APIContext) {
 		return
 	}
 
+	visibility := api.VisibleTypePublic
+	if form.Visibility != "" {
+		visibility = api.VisibilityModes[form.Visibility]
+	}
+	u.Visibility = visibility
+
 	if len(form.Password) != 0 {
 		if !password.IsComplexEnough(form.Password) {
 			err := errors.New("PasswordComplexity")
@@ -234,9 +243,6 @@ func EditUser(ctx *context.APIContext) {
 	if form.Restricted != nil {
 		u.IsRestricted = *form.Restricted
 	}
-	if form.HideFromExplorePage != nil {
-		u.HideFromExplorePage = *form.HideFromExplorePage
-	}
 
 	if err := models.UpdateUser(u); err != nil {
 		if models.IsErrEmailAlreadyUsed(err) || models.IsErrEmailInvalid(err) {
diff --git a/routers/web/admin/users.go b/routers/web/admin/users.go
index 6476ac8ecc7e5..56cd53eef0f94 100644
--- a/routers/web/admin/users.go
+++ b/routers/web/admin/users.go
@@ -51,6 +51,7 @@ func NewUser(ctx *context.Context) {
 	ctx.Data["Title"] = ctx.Tr("admin.users.new_account")
 	ctx.Data["PageIsAdmin"] = true
 	ctx.Data["PageIsAdminUsers"] = true
+	ctx.Data["DefaultUserVisibilityMode"] = setting.Service.DefaultUserVisibilityMode
 
 	ctx.Data["login_type"] = "0-0"
 
@@ -71,6 +72,7 @@ func NewUserPost(ctx *context.Context) {
 	ctx.Data["Title"] = ctx.Tr("admin.users.new_account")
 	ctx.Data["PageIsAdmin"] = true
 	ctx.Data["PageIsAdminUsers"] = true
+	ctx.Data["DefaultUserVisibilityMode"] = setting.Service.DefaultUserVisibilityMode
 
 	sources, err := models.LoginSources()
 	if err != nil {
@@ -87,11 +89,12 @@ func NewUserPost(ctx *context.Context) {
 	}
 
 	u := &models.User{
-		Name:      form.UserName,
-		Email:     form.Email,
-		Passwd:    form.Password,
-		IsActive:  true,
-		LoginType: models.LoginPlain,
+		Name:       form.UserName,
+		Email:      form.Email,
+		Passwd:     form.Password,
+		IsActive:   true,
+		LoginType:  models.LoginPlain,
+		Visibility: form.Visibility,
 	}
 
 	if len(form.LoginType) > 0 {
@@ -128,8 +131,6 @@ func NewUserPost(ctx *context.Context) {
 		u.MustChangePassword = form.MustChangePassword
 	}
 
-	u.HideFromExplorePage = form.HideFromExplorePage
-
 	if err := models.CreateUser(u); err != nil {
 		switch {
 		case models.IsErrUserAlreadyExist(err):
@@ -315,7 +316,8 @@ func EditUserPost(ctx *context.Context) {
 	u.AllowGitHook = form.AllowGitHook
 	u.AllowImportLocal = form.AllowImportLocal
 	u.AllowCreateOrganization = form.AllowCreateOrganization
-	u.HideFromExplorePage = form.HideFromExplorePage
+
+	u.Visibility = form.Visibility
 
 	// skip self Prohibit Login
 	if ctx.User.ID == u.ID {
diff --git a/routers/web/admin/users_test.go b/routers/web/admin/users_test.go
index 1d198f8789420..d3db9b6a08c51 100644
--- a/routers/web/admin/users_test.go
+++ b/routers/web/admin/users_test.go
@@ -122,7 +122,7 @@ func TestNewUserPost_InvalidEmail(t *testing.T) {
 	assert.NotEmpty(t, ctx.Flash.ErrorMsg)
 }
 
-func TestNewUserPost_HideFromExplorePageDefaultFalse(t *testing.T) {
+func TestNewUserPost_VisiblityDefaultPublic(t *testing.T) {
 
 	models.PrepareTestEnv(t)
 	ctx := test.MockContext(t, "admin/users/new")
@@ -157,10 +157,10 @@ func TestNewUserPost_HideFromExplorePageDefaultFalse(t *testing.T) {
 	assert.NoError(t, err)
 	assert.Equal(t, username, u.Name)
 	assert.Equal(t, email, u.Email)
-	assert.False(t, u.HideFromExplorePage)
+	assert.False(t, u.Visibility == api.VisibleTypePublic)
 }
 
-func TestNewUserPost_HideFromExplorePageTrue(t *testing.T) {
+func TestNewUserPost_VisibilityPrivate(t *testing.T) {
 
 	models.PrepareTestEnv(t)
 	ctx := test.MockContext(t, "admin/users/new")
@@ -176,14 +176,14 @@ func TestNewUserPost_HideFromExplorePageTrue(t *testing.T) {
 	email := "gitea@gitea.io"
 
 	form := forms.AdminCreateUserForm{
-		LoginType:           "local",
-		LoginName:           "local",
-		UserName:            username,
-		Email:               email,
-		Password:            "abc123ABC!=$",
-		SendNotify:          false,
-		MustChangePassword:  false,
-		HideFromExplorePage: true,
+		LoginType:          "local",
+		LoginName:          "local",
+		UserName:           username,
+		Email:              email,
+		Password:           "abc123ABC!=$",
+		SendNotify:         false,
+		MustChangePassword: false,
+		Visibility:         api.VisibleTypePrivate,
 	}
 
 	web.SetForm(ctx, &form)
@@ -196,5 +196,5 @@ func TestNewUserPost_HideFromExplorePageTrue(t *testing.T) {
 	assert.NoError(t, err)
 	assert.Equal(t, username, u.Name)
 	assert.Equal(t, email, u.Email)
-	assert.True(t, u.HideFromExplorePage)
+	assert.True(t, u.Visibility == api.VisibleTypePrivate)
 }
diff --git a/routers/web/user/setting/profile.go b/routers/web/user/setting/profile.go
index 5dc54b5ece5f5..463c4ec2038c8 100644
--- a/routers/web/user/setting/profile.go
+++ b/routers/web/user/setting/profile.go
@@ -114,7 +114,7 @@ func ProfilePost(ctx *context.Context) {
 	}
 	ctx.User.Description = form.Description
 	ctx.User.KeepActivityPrivate = form.KeepActivityPrivate
-	ctx.User.HideFromExplorePage = form.HideFromExplorePage
+	ctx.User.Visibility = form.Visibility
 	if err := models.UpdateUserSetting(ctx.User); err != nil {
 		if _, ok := err.(models.ErrEmailAlreadyUsed); ok {
 			ctx.Flash.Error(ctx.Tr("form.email_been_used"))
diff --git a/services/forms/admin.go b/services/forms/admin.go
index 58979237f1682..5abef0550e39a 100644
--- a/services/forms/admin.go
+++ b/services/forms/admin.go
@@ -8,6 +8,7 @@ import (
 	"net/http"
 
 	"code.gitea.io/gitea/modules/context"
+	"code.gitea.io/gitea/modules/structs"
 	"code.gitea.io/gitea/modules/web/middleware"
 
 	"gitea.com/go-chi/binding"
@@ -15,14 +16,14 @@ import (
 
 // AdminCreateUserForm form for admin to create user
 type AdminCreateUserForm struct {
-	LoginType           string `binding:"Required"`
-	LoginName           string
-	UserName            string `binding:"Required;AlphaDashDot;MaxSize(40)"`
-	Email               string `binding:"Required;Email;MaxSize(254)"`
-	Password            string `binding:"MaxSize(255)"`
-	SendNotify          bool
-	MustChangePassword  bool
-	HideFromExplorePage bool
+	LoginType          string `binding:"Required"`
+	LoginName          string
+	UserName           string `binding:"Required;AlphaDashDot;MaxSize(40)"`
+	Email              string `binding:"Required;Email;MaxSize(254)"`
+	Password           string `binding:"MaxSize(255)"`
+	SendNotify         bool
+	MustChangePassword bool
+	Visibility         structs.VisibleType
 }
 
 // Validate validates form fields
@@ -50,7 +51,7 @@ type AdminEditUserForm struct {
 	AllowCreateOrganization bool
 	ProhibitLogin           bool
 	Reset2FA                bool `form:"reset_2fa"`
-	HideFromExplorePage     bool
+	Visibility              structs.VisibleType
 }
 
 // Validate validates form fields
diff --git a/services/forms/user_form.go b/services/forms/user_form.go
index 6378666dc01db..d7db3f70f4a4b 100644
--- a/services/forms/user_form.go
+++ b/services/forms/user_form.go
@@ -12,6 +12,7 @@ import (
 
 	"code.gitea.io/gitea/modules/context"
 	"code.gitea.io/gitea/modules/setting"
+	"code.gitea.io/gitea/modules/structs"
 	"code.gitea.io/gitea/modules/web/middleware"
 
 	"gitea.com/go-chi/binding"
@@ -230,8 +231,8 @@ type UpdateProfileForm struct {
 	Location            string `binding:"MaxSize(50)"`
 	Language            string
 	Description         string `binding:"MaxSize(255)"`
+	Visibility          structs.VisibleType
 	KeepActivityPrivate bool
-	HideFromExplorePage bool
 }
 
 // Validate validates the fields
diff --git a/templates/admin/user/edit.tmpl b/templates/admin/user/edit.tmpl
index 92eb2c9b3b8b5..3b86eff9146a4 100644
--- a/templates/admin/user/edit.tmpl
+++ b/templates/admin/user/edit.tmpl
@@ -120,10 +120,21 @@
 				</div>
 				{{end}}
 
-				<div class="inline field">
-					<div class="ui checkbox poping up" data-content="{{.i18n.Tr "admin.users.hide_from_explore_page_tooltip"}}" data-variation="very wide">
-						<label><strong>{{.i18n.Tr "admin.users.hide_from_explore_page"}}</strong></label>
-						<input name="hide_from_explore_page" type="checkbox" {{if .User.HideFromExplorePage}}checked{{end}}>
+				<div class="inline field {{if .Err_Visibility}}error{{end}}">
+					<span class="inline required field"><label for="visibility">{{.i18n.Tr "admin.users.settings.visibility"}}</label></span>
+					<div class="inline-grouped-list">
+						<div class="ui radio checkbox">
+							<input class="hidden enable-system-radio" tabindex="0" name="visibility" type="radio" value="0" {{if .User.Visibility.IsPublic}}checked{{end}}/>
+							<label>{{.i18n.Tr "admin.users.settings.visibility.public"}}</label>
+						</div>
+						<div class="ui radio checkbox">
+							<input class="hidden enable-system-radio" tabindex="0" name="visibility" type="radio" value="1" {{if .User.Visibility.IsLimited}}checked{{end}}/>
+							<label>{{.i18n.Tr "admin.users.settings.visibility.limited"}}</label>
+						</div>
+						<div class="ui radio checkbox">
+							<input class="hidden enable-system-radio" tabindex="0" name="visibility" type="radio" value="2" {{if .User.Visibility.IsPrivate}}checked{{end}}/>
+							<label>{{.i18n.Tr "admin.users.settings.visibility.private"}}</label>
+						</div>
 					</div>
 				</div>
 
diff --git a/templates/admin/user/new.tmpl b/templates/admin/user/new.tmpl
index bcd4f9f52c082..01271fab16bed 100644
--- a/templates/admin/user/new.tmpl
+++ b/templates/admin/user/new.tmpl
@@ -59,10 +59,21 @@
 					</div>
 				{{end}}
 
-				<div class="inline field">
-					<div class="ui checkbox poping up" data-content="{{.i18n.Tr "admin.users.hide_from_explore_page_tooltip"}}" data-variation="very wide">
-						<label><strong>{{.i18n.Tr "admin.users.hide_from_explore_page"}}</strong></label>
-						<input name="hide_from_explore_page" type="checkbox" {{if .User.HideFromExplorePage}}checked{{end}}>
+				<div class="inline field {{if .Err_Visibility}}error{{end}}">
+					<span class="inline required field"><label for="visibility">{{.i18n.Tr "admin.users.settings.visibility"}}</label></span>
+					<div class="inline-grouped-list">
+						<div class="ui radio checkbox">
+							<input class="hidden enable-system-radio" tabindex="0" name="visibility" type="radio" value="0" {{if .DefaultUserVisibilityMode.IsPublic}}checked{{end}}/>
+							<label>{{.i18n.Tr "admin.users.settings.visibility.public"}}</label>
+						</div>
+						<div class="ui radio checkbox">
+							<input class="hidden enable-system-radio" tabindex="0" name="visibility" type="radio" value="1" {{if .DefaultUserVisibilityMode.IsLimited}}checked{{end}}/>
+							<label>{{.i18n.Tr "admin.users.settings.visibility.limited"}}</label>
+						</div>
+						<div class="ui radio checkbox">
+							<input class="hidden enable-system-radio" tabindex="0" name="visibility" type="radio" value="2" {{if .DefaultUserVisibilityMode.IsPrivate}}checked{{end}}/>
+							<label>{{.i18n.Tr "admin.users.settings.visibility.private"}}</label>
+						</div>
 					</div>
 				</div>
 
diff --git a/templates/swagger/v1_json.tmpl b/templates/swagger/v1_json.tmpl
index ebc2889eab8df..08df1a6519431 100644
--- a/templates/swagger/v1_json.tmpl
+++ b/templates/swagger/v1_json.tmpl
@@ -13014,9 +13014,9 @@
           "type": "string",
           "x-go-name": "FullName"
         },
-        "hide_from_explore_page": {
-          "type": "boolean",
-          "x-go-name": "HideFromExplorePage"
+        "visibility": {
+          "type": "string",
+          "x-go-name": "Visibility"
         },
         "login_name": {
           "type": "string",
@@ -13817,9 +13817,9 @@
           "type": "string",
           "x-go-name": "FullName"
         },
-        "hide_from_explore_page": {
-          "type": "boolean",
-          "x-go-name": "HideFromExplorePage"
+        "visibility": {
+          "type": "string",
+          "x-go-name": "Visibility"
         },
         "location": {
           "type": "string",
@@ -16288,10 +16288,10 @@
           "type": "string",
           "x-go-name": "FullName"
         },
-        "hide_from_explore_page": {
-          "description": "user hides from public",
-          "type": "boolean",
-          "x-go-name": "HideFromExplorePage"
+        "visibility": {
+          "description": "prefer user visibility option",
+          "type": "string",
+          "x-go-name": "Visibility"
         },
         "id": {
           "description": "the user's id",
diff --git a/templates/user/settings/profile.tmpl b/templates/user/settings/profile.tmpl
index 11c0c35291ccc..01b8ddced4c41 100644
--- a/templates/user/settings/profile.tmpl
+++ b/templates/user/settings/profile.tmpl
@@ -61,6 +61,24 @@
 						</div>
 					</div>
 
+				<div class="inline field {{if .Err_Visibility}}error{{end}}">
+					<span class="inline required field"><label for="visibility">{{.i18n.Tr "user.settings.visibility"}}</label></span>
+					<div class="inline-grouped-list">
+						<div class="ui radio checkbox">
+							<input class="hidden enable-system-radio" tabindex="0" name="visibility" type="radio" value="0" {{if .SignedUser.Visibility.IsPublic}}checked{{end}}/>
+							<label>{{.i18n.Tr "user.settings.visibility.public"}}</label>
+						</div>
+						<div class="ui radio checkbox">
+							<input class="hidden enable-system-radio" tabindex="0" name="visibility" type="radio" value="1" {{if .SignedUser.Visibility.IsLimited}}checked{{end}}/>
+							<label>{{.i18n.Tr "user.settings.visibility.limited"}}</label>
+						</div>
+						<div class="ui radio checkbox">
+							<input class="hidden enable-system-radio" tabindex="0" name="visibility" type="radio" value="2" {{if .SignedUser.Visibility.IsPrivate}}checked{{end}}/>
+							<label>{{.i18n.Tr "user.settings.visibility.private"}}</label>
+						</div>
+					</div>
+				</div>
+
 				<div class="field">
 					<label for="keep-activity-private">{{.i18n.Tr "settings.privacy"}}</label>
 					<div class="ui checkbox" id="keep-activity-private">
@@ -68,13 +86,6 @@
 						<input name="keep_activity_private" type="checkbox" {{if .SignedUser.KeepActivityPrivate}}checked{{end}}>
 					</div>
 				</div>
-				<div class="field">
-					<!-- continue of privacy settings -->
-					<div class="ui checkbox" id="hide_from_explore_page">
-						<label class="poping up" data-content="{{.i18n.Tr "settings.hide_from_explore_page_popup"}}"><strong>{{.i18n.Tr "settings.hide_from_explore_page"}}</strong></label>
-						<input name="hide_from_explore_page" type="checkbox" {{if .SignedUser.HideFromExplorePage}}checked{{end}}>
-					</div>
-				</div>
 				<div class="field">
 					<button class="ui green button">{{$.i18n.Tr "settings.update_profile"}}</button>
 				</div>

From fdf1f8e2c8e98d33dea456e5ffc993253b763cdc Mon Sep 17 00:00:00 2001
From: Sergey Dryabzhinsky <sergey@rusoft.ru>
Date: Thu, 10 Jun 2021 05:31:06 +0300
Subject: [PATCH 30/67] Fix lint errors

---
 integrations/api_user_search_test.go | 2 +-
 routers/web/admin/users_test.go      | 1 +
 2 files changed, 2 insertions(+), 1 deletion(-)

diff --git a/integrations/api_user_search_test.go b/integrations/api_user_search_test.go
index dc40ecea74fd2..49a073b800759 100644
--- a/integrations/api_user_search_test.go
+++ b/integrations/api_user_search_test.go
@@ -76,7 +76,7 @@ func TestAPIUserSearchAdminLoggedInUserHidden(t *testing.T) {
 	for _, user := range results.Data {
 		assert.Contains(t, user.UserName, query)
 		assert.NotEmpty(t, user.Email)
-		assert.True(t, user.Visibility == structs.VisibleTypePrivate.String())
+		assert.True(t, user.Visibility == api.VisibleTypePrivate.String())
 	}
 }
 
diff --git a/routers/web/admin/users_test.go b/routers/web/admin/users_test.go
index d3db9b6a08c51..d6cb835400dc6 100644
--- a/routers/web/admin/users_test.go
+++ b/routers/web/admin/users_test.go
@@ -8,6 +8,7 @@ import (
 	"testing"
 
 	"code.gitea.io/gitea/models"
+	api "code.gitea.io/gitea/modules/structs"
 	"code.gitea.io/gitea/modules/test"
 	"code.gitea.io/gitea/modules/web"
 	"code.gitea.io/gitea/services/forms"

From c80d1c8464a1394d97930f4654ef1182a70807cf Mon Sep 17 00:00:00 2001
From: Sergey Dryabzhinsky <sergey@rusoft.ru>
Date: Thu, 10 Jun 2021 06:29:02 +0300
Subject: [PATCH 31/67] One more step to use `Visibility` field:

- change radio-inputs to select
- update swagger template
---
 modules/structs/user.go              |  2 +-
 options/locale/locale_en-US.ini      | 18 ++++++---
 routers/web/user/setting/profile.go  |  5 ++-
 services/forms/user_form.go          |  3 +-
 templates/admin/user/edit.tmpl       | 37 ++++++++++---------
 templates/admin/user/new.tmpl        | 37 ++++++++++---------
 templates/swagger/v1_json.tmpl       | 26 ++++++-------
 templates/user/settings/profile.tmpl | 55 ++++++++++++++++------------
 8 files changed, 101 insertions(+), 82 deletions(-)

diff --git a/modules/structs/user.go b/modules/structs/user.go
index 08caf5827eeae..ffed947d068f6 100644
--- a/modules/structs/user.go
+++ b/modules/structs/user.go
@@ -43,7 +43,7 @@ type User struct {
 	Website string `json:"website"`
 	// the user's description
 	Description string `json:"description"`
-	// user hides from public
+	// User visibility level option
 	Visibility string `json:"visibility" binding:"In(,public,limited,private)"`
 }
 
diff --git a/options/locale/locale_en-US.ini b/options/locale/locale_en-US.ini
index e0669c3b1d8ce..09b76c2b9157c 100644
--- a/options/locale/locale_en-US.ini
+++ b/options/locale/locale_en-US.ini
@@ -434,10 +434,13 @@ form.name_reserved = The username '%s' is reserved.
 form.name_pattern_not_allowed = The pattern '%s' is not allowed in a username.
 form.name_chars_not_allowed = User name '%s' contains invalid characters.
 
-settings.visibility = Visibility
+settings.visibility = User visibility
 settings.visibility.public = Public
-settings.visibility.limited = Limited (Visible to logged in users only)
-settings.visibility.private = Private (Visible only to organization members)
+settings.visibility.public_tooltip = Visible to all users
+settings.visibility.limited = Limited
+settings.visibility.limited_tooltip = Visible to logged in users only
+settings.visibility.private = Private
+settings.visibility.private_tooltip = Visible only to organization members
 
 [settings]
 profile = Profile
@@ -2241,10 +2244,13 @@ users.still_own_repo = This user still owns one or more repositories. Delete or
 users.still_has_org = This user is a member of an organization. Remove the user from any organizations first.
 users.deletion_success = The user account has been deleted.
 users.reset_2fa = Reset 2FA
-users.settings.visibility = Visibility
+users.settings.visibility = User visibility
 users.settings.visibility.public = Public
-users.settings.visibility.limited = Limited (Visible to logged in users only)
-users.settings.visibility.private = Private (Visible only to organization members)
+users.settings.visibility.public_tooltip = Visible to all users
+users.settings.visibility.limited = Limited
+users.settings.visibility.limited_tooltip = Visible to logged in users only
+users.settings.visibility.private = Private
+users.settings.visibility.private_tooltip = Visible only to organization members
 
 
 emails.email_manage_panel = User Email Management
diff --git a/routers/web/user/setting/profile.go b/routers/web/user/setting/profile.go
index 463c4ec2038c8..7947c93e2fba5 100644
--- a/routers/web/user/setting/profile.go
+++ b/routers/web/user/setting/profile.go
@@ -19,6 +19,7 @@ import (
 	"code.gitea.io/gitea/modules/context"
 	"code.gitea.io/gitea/modules/log"
 	"code.gitea.io/gitea/modules/setting"
+	api "code.gitea.io/gitea/modules/structs"
 	"code.gitea.io/gitea/modules/typesniffer"
 	"code.gitea.io/gitea/modules/util"
 	"code.gitea.io/gitea/modules/web"
@@ -114,7 +115,9 @@ func ProfilePost(ctx *context.Context) {
 	}
 	ctx.User.Description = form.Description
 	ctx.User.KeepActivityPrivate = form.KeepActivityPrivate
-	ctx.User.Visibility = form.Visibility
+	if form.Visibility != "" {
+		ctx.User.Visibility = api.VisibilityModes[form.Visibility]
+	}
 	if err := models.UpdateUserSetting(ctx.User); err != nil {
 		if _, ok := err.(models.ErrEmailAlreadyUsed); ok {
 			ctx.Flash.Error(ctx.Tr("form.email_been_used"))
diff --git a/services/forms/user_form.go b/services/forms/user_form.go
index d7db3f70f4a4b..727c637d545ef 100644
--- a/services/forms/user_form.go
+++ b/services/forms/user_form.go
@@ -12,7 +12,6 @@ import (
 
 	"code.gitea.io/gitea/modules/context"
 	"code.gitea.io/gitea/modules/setting"
-	"code.gitea.io/gitea/modules/structs"
 	"code.gitea.io/gitea/modules/web/middleware"
 
 	"gitea.com/go-chi/binding"
@@ -231,7 +230,7 @@ type UpdateProfileForm struct {
 	Location            string `binding:"MaxSize(50)"`
 	Language            string
 	Description         string `binding:"MaxSize(255)"`
-	Visibility          structs.VisibleType
+	Visibility          string
 	KeepActivityPrivate bool
 }
 
diff --git a/templates/admin/user/edit.tmpl b/templates/admin/user/edit.tmpl
index 3b86eff9146a4..403750a7d978e 100644
--- a/templates/admin/user/edit.tmpl
+++ b/templates/admin/user/edit.tmpl
@@ -28,6 +28,25 @@
 						</div>
 					</div>
 				</div>
+
+				<div class="inline field {{if .Err_Visibility}}error{{end}}">
+					<span class="inline required field"><label for="visibility">{{.i18n.Tr "admin.users.settings.visibility"}}</label></span>
+					<div class="ui selection type dropdown">
+						<input type="hidden" id="visibility" name="visibility" value="{{.visibility}}">
+						<div class="text">
+						{{if .User.Visibility.IsPublic}}{{.i18n.Tr "admin.users.settings.visibility.public"}}{{end}}
+						{{if .User.Visibility.IsLimited}}{{.i18n.Tr "admin.users.settings.visibility.limited"}}{{end}}
+						{{if .User.Visibility.IsPrivate}}{{.i18n.Tr "admin.users.settings.visibility.private"}}{{end}}
+						</div>
+						{{svg "octicon-triangle-down" 14 "dropdown icon"}}
+						<div class="menu">
+							<div class="item poping up" data-content="{{.i18n.Tr "admin.users.settings.visibility.public_tooltip"}}" data-value="0">{{.i18n.Tr "admin.users.settings.visibility.public"}}</div>
+							<div class="item poping up" data-content="{{.i18n.Tr "admin.users.settings.visibility.limited_tooltip"}}" data-value="1">{{.i18n.Tr "admin.users.settings.visibility.limited"}}</div>
+							<div class="item poping up" data-content="{{.i18n.Tr "admin.users.settings.visibility.private_tooltip"}}" data-value="2">{{.i18n.Tr "admin.users.settings.visibility.private"}}</div>
+						</div>
+					</div>
+				</div>
+
 				<div class="required non-local field {{if .Err_LoginName}}error{{end}} {{if eq .User.LoginSource 0}}hide{{end}}">
 					<label for="login_name">{{.i18n.Tr "admin.users.auth_login_name"}}</label>
 					<input id="login_name" name="login_name" value="{{.User.LoginName}}" autofocus>
@@ -120,24 +139,6 @@
 				</div>
 				{{end}}
 
-				<div class="inline field {{if .Err_Visibility}}error{{end}}">
-					<span class="inline required field"><label for="visibility">{{.i18n.Tr "admin.users.settings.visibility"}}</label></span>
-					<div class="inline-grouped-list">
-						<div class="ui radio checkbox">
-							<input class="hidden enable-system-radio" tabindex="0" name="visibility" type="radio" value="0" {{if .User.Visibility.IsPublic}}checked{{end}}/>
-							<label>{{.i18n.Tr "admin.users.settings.visibility.public"}}</label>
-						</div>
-						<div class="ui radio checkbox">
-							<input class="hidden enable-system-radio" tabindex="0" name="visibility" type="radio" value="1" {{if .User.Visibility.IsLimited}}checked{{end}}/>
-							<label>{{.i18n.Tr "admin.users.settings.visibility.limited"}}</label>
-						</div>
-						<div class="ui radio checkbox">
-							<input class="hidden enable-system-radio" tabindex="0" name="visibility" type="radio" value="2" {{if .User.Visibility.IsPrivate}}checked{{end}}/>
-							<label>{{.i18n.Tr "admin.users.settings.visibility.private"}}</label>
-						</div>
-					</div>
-				</div>
-
 				<div class="ui divider"></div>
 
 				<div class="field">
diff --git a/templates/admin/user/new.tmpl b/templates/admin/user/new.tmpl
index 01271fab16bed..2e844a7982b06 100644
--- a/templates/admin/user/new.tmpl
+++ b/templates/admin/user/new.tmpl
@@ -24,6 +24,25 @@
 						</div>
 					</div>
 				</div>
+
+				<div class="inline field {{if .Err_Visibility}}error{{end}}">
+					<span class="inline required field"><label for="visibility">{{.i18n.Tr "admin.users.settings.visibility"}}</label></span>
+					<div class="ui selection type dropdown">
+						<input type="hidden" id="visibility" name="visibility" value="{{.visibility}}">
+						<div class="text">
+						{{if .DefaultUserVisibilityMode.IsPublic}}{{.i18n.Tr "admin.users.settings.visibility.public"}}{{end}}
+						{{if .DefaultUserVisibilityMode.IsLimited}}{{.i18n.Tr "admin.users.settings.visibility.limited"}}{{end}}
+						{{if .DefaultUserVisibilityMode.IsPrivate}}{{.i18n.Tr "admin.users.settings.visibility.private"}}{{end}}
+						</div>
+						{{svg "octicon-triangle-down" 14 "dropdown icon"}}
+						<div class="menu">
+							<div class="item poping up" data-content="{{.i18n.Tr "admin.users.settings.visibility.public_tooltip"}}" data-value="0">{{.i18n.Tr "admin.users.settings.visibility.public"}}</div>
+							<div class="item poping up" data-content="{{.i18n.Tr "admin.users.settings.visibility.limited_tooltip"}}" data-value="1">{{.i18n.Tr "admin.users.settings.visibility.limited"}}</div>
+							<div class="item poping up" data-content="{{.i18n.Tr "admin.users.settings.visibility.private_tooltip"}}" data-value="2">{{.i18n.Tr "admin.users.settings.visibility.private"}}</div>
+						</div>
+					</div>
+				</div>
+
 				<div class="required non-local field {{if .Err_LoginName}}error{{end}} {{if eq .login_type "0-0"}}hide{{end}}">
 					<label for="login_name">{{.i18n.Tr "admin.users.auth_login_name"}}</label>
 					<input id="login_name" name="login_name" value="{{.login_name}}">
@@ -59,24 +78,6 @@
 					</div>
 				{{end}}
 
-				<div class="inline field {{if .Err_Visibility}}error{{end}}">
-					<span class="inline required field"><label for="visibility">{{.i18n.Tr "admin.users.settings.visibility"}}</label></span>
-					<div class="inline-grouped-list">
-						<div class="ui radio checkbox">
-							<input class="hidden enable-system-radio" tabindex="0" name="visibility" type="radio" value="0" {{if .DefaultUserVisibilityMode.IsPublic}}checked{{end}}/>
-							<label>{{.i18n.Tr "admin.users.settings.visibility.public"}}</label>
-						</div>
-						<div class="ui radio checkbox">
-							<input class="hidden enable-system-radio" tabindex="0" name="visibility" type="radio" value="1" {{if .DefaultUserVisibilityMode.IsLimited}}checked{{end}}/>
-							<label>{{.i18n.Tr "admin.users.settings.visibility.limited"}}</label>
-						</div>
-						<div class="ui radio checkbox">
-							<input class="hidden enable-system-radio" tabindex="0" name="visibility" type="radio" value="2" {{if .DefaultUserVisibilityMode.IsPrivate}}checked{{end}}/>
-							<label>{{.i18n.Tr "admin.users.settings.visibility.private"}}</label>
-						</div>
-					</div>
-				</div>
-
 				<div class="field">
 					<button class="ui green button">{{.i18n.Tr "admin.users.new_account"}}</button>
 				</div>
diff --git a/templates/swagger/v1_json.tmpl b/templates/swagger/v1_json.tmpl
index 08df1a6519431..35e5961cb9992 100644
--- a/templates/swagger/v1_json.tmpl
+++ b/templates/swagger/v1_json.tmpl
@@ -13014,10 +13014,6 @@
           "type": "string",
           "x-go-name": "FullName"
         },
-        "visibility": {
-          "type": "string",
-          "x-go-name": "Visibility"
-        },
         "login_name": {
           "type": "string",
           "x-go-name": "LoginName"
@@ -13042,6 +13038,10 @@
         "username": {
           "type": "string",
           "x-go-name": "Username"
+        },
+        "visibility": {
+          "type": "string",
+          "x-go-name": "Visibility"
         }
       },
       "x-go-package": "code.gitea.io/gitea/modules/structs"
@@ -13817,10 +13817,6 @@
           "type": "string",
           "x-go-name": "FullName"
         },
-        "visibility": {
-          "type": "string",
-          "x-go-name": "Visibility"
-        },
         "location": {
           "type": "string",
           "x-go-name": "Location"
@@ -13855,6 +13851,10 @@
           "format": "int64",
           "x-go-name": "SourceID"
         },
+        "visibility": {
+          "type": "string",
+          "x-go-name": "Visibility"
+        },
         "website": {
           "type": "string",
           "x-go-name": "Website"
@@ -16288,11 +16288,6 @@
           "type": "string",
           "x-go-name": "FullName"
         },
-        "visibility": {
-          "description": "prefer user visibility option",
-          "type": "string",
-          "x-go-name": "Visibility"
-        },
         "id": {
           "description": "the user's id",
           "type": "integer",
@@ -16334,6 +16329,11 @@
           "type": "boolean",
           "x-go-name": "Restricted"
         },
+        "visibility": {
+          "description": "User visibility level option",
+          "type": "string",
+          "x-go-name": "Visibility"
+        },
         "website": {
           "description": "the user's website",
           "type": "string",
diff --git a/templates/user/settings/profile.tmpl b/templates/user/settings/profile.tmpl
index 01b8ddced4c41..319a5d3304ea5 100644
--- a/templates/user/settings/profile.tmpl
+++ b/templates/user/settings/profile.tmpl
@@ -47,45 +47,54 @@
 					<input id="location" name="location"  value="{{.SignedUser.Location}}">
 				</div>
 
-					<div class="field">
-						<label for="language">{{.i18n.Tr "settings.language"}}</label>
-						<div class="ui language selection dropdown" id="language">
-							<input name="language" type="hidden" value="{{.SignedUser.Language}}">
-							{{svg "octicon-triangle-down" 14 "dropdown icon"}}
-							<div class="text">{{range .AllLangs}}{{if eq $.SignedUser.Language .Lang}}{{.Name}}{{end}}{{end}}</div>
-							<div class="menu">
-							{{range .AllLangs}}
-								<div class="item{{if eq $.SignedUser.Language .Lang}} active selected{{end}}" data-value="{{.Lang}}">{{.Name}}</div>
-							{{end}}
-							</div>
+				<div class="field">
+					<label for="language">{{.i18n.Tr "settings.language"}}</label>
+					<div class="ui language selection dropdown" id="language">
+						<input name="language" type="hidden" value="{{.SignedUser.Language}}">
+						{{svg "octicon-triangle-down" 14 "dropdown icon"}}
+						<div class="text">{{range .AllLangs}}{{if eq $.SignedUser.Language .Lang}}{{.Name}}{{end}}{{end}}</div>
+						<div class="menu">
+						{{range .AllLangs}}
+							<div class="item{{if eq $.SignedUser.Language .Lang}} active selected{{end}}" data-value="{{.Lang}}">{{.Name}}</div>
+						{{end}}
 						</div>
 					</div>
+				</div>
+
+				<div class="ui divider"></div>
+				<!-- private block -->
+
+				<div class="field">
+					<label for="security-private"><strong>{{.i18n.Tr "settings.privacy"}}</strong></label>
+				</div>
 
 				<div class="inline field {{if .Err_Visibility}}error{{end}}">
 					<span class="inline required field"><label for="visibility">{{.i18n.Tr "user.settings.visibility"}}</label></span>
-					<div class="inline-grouped-list">
-						<div class="ui radio checkbox">
-							<input class="hidden enable-system-radio" tabindex="0" name="visibility" type="radio" value="0" {{if .SignedUser.Visibility.IsPublic}}checked{{end}}/>
-							<label>{{.i18n.Tr "user.settings.visibility.public"}}</label>
-						</div>
-						<div class="ui radio checkbox">
-							<input class="hidden enable-system-radio" tabindex="0" name="visibility" type="radio" value="1" {{if .SignedUser.Visibility.IsLimited}}checked{{end}}/>
-							<label>{{.i18n.Tr "user.settings.visibility.limited"}}</label>
+					<div class="ui selection type dropdown">
+						<input type="hidden" id="visibility" name="visibility" value="{{.SignedUser.Visibility}}">
+						<div class="text">
+						{{if .SignedUser.Visibility.IsPublic}}{{.i18n.Tr "user.settings.visibility.public"}}{{end}}
+						{{if .SignedUser.Visibility.IsLimited}}{{.i18n.Tr "user.settings.visibility.limited"}}{{end}}
+						{{if .signedUser.Visibility.IsPrivate}}{{.i18n.Tr "user.settings.visibility.private"}}{{end}}
 						</div>
-						<div class="ui radio checkbox">
-							<input class="hidden enable-system-radio" tabindex="0" name="visibility" type="radio" value="2" {{if .SignedUser.Visibility.IsPrivate}}checked{{end}}/>
-							<label>{{.i18n.Tr "user.settings.visibility.private"}}</label>
+						{{svg "octicon-triangle-down" 14 "dropdown icon"}}
+						<div class="menu">
+							<div class="item poping up" data-content="{{.i18n.Tr "user.settings.visibility.public_tooltip"}}" data-value="public">{{.i18n.Tr "user.settings.visibility.public"}}</div>
+							<div class="item poping up" data-content="{{.i18n.Tr "user.settings.visibility.limited_tooltip"}}" data-value="limited">{{.i18n.Tr "user.settings.visibility.limited"}}</div>
+							<div class="item poping up" data-content="{{.i18n.Tr "user.settings.visibility.private_tooltip"}}" data-value="private">{{.i18n.Tr "user.settings.visibility.private"}}</div>
 						</div>
 					</div>
 				</div>
 
 				<div class="field">
-					<label for="keep-activity-private">{{.i18n.Tr "settings.privacy"}}</label>
 					<div class="ui checkbox" id="keep-activity-private">
 						<label class="poping up" data-content="{{.i18n.Tr "settings.keep_activity_private_popup"}}"><strong>{{.i18n.Tr "settings.keep_activity_private"}}</strong></label>
 						<input name="keep_activity_private" type="checkbox" {{if .SignedUser.KeepActivityPrivate}}checked{{end}}>
 					</div>
 				</div>
+
+				<div class="ui divider"></div>
+
 				<div class="field">
 					<button class="ui green button">{{$.i18n.Tr "settings.update_profile"}}</button>
 				</div>

From c4c1e683a56e4e69d229bb522e32bfbfa68bdfbe Mon Sep 17 00:00:00 2001
From: Sergey Dryabzhinsky <sergey@rusoft.ru>
Date: Thu, 10 Jun 2021 19:26:12 +0300
Subject: [PATCH 32/67] Fix test

---
 routers/web/admin/users_test.go | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/routers/web/admin/users_test.go b/routers/web/admin/users_test.go
index d6cb835400dc6..3da643b13f7c3 100644
--- a/routers/web/admin/users_test.go
+++ b/routers/web/admin/users_test.go
@@ -158,7 +158,7 @@ func TestNewUserPost_VisiblityDefaultPublic(t *testing.T) {
 	assert.NoError(t, err)
 	assert.Equal(t, username, u.Name)
 	assert.Equal(t, email, u.Email)
-	assert.False(t, u.Visibility == api.VisibleTypePublic)
+	assert.True(t, u.Visibility.IsPublic())
 }
 
 func TestNewUserPost_VisibilityPrivate(t *testing.T) {
@@ -197,5 +197,5 @@ func TestNewUserPost_VisibilityPrivate(t *testing.T) {
 	assert.NoError(t, err)
 	assert.Equal(t, username, u.Name)
 	assert.Equal(t, email, u.Email)
-	assert.True(t, u.Visibility == api.VisibleTypePrivate)
+	assert.True(t, u.Visibility.IsPrivate())
 }

From 9e90a73b6ebb4af09754650cb0ce4e309a34762b Mon Sep 17 00:00:00 2001
From: Sergey Dryabzhinsky <sergey@rusoft.ru>
Date: Thu, 10 Jun 2021 20:25:54 +0300
Subject: [PATCH 33/67] Use edit test - new always set default visibility

---
 routers/web/admin/users_test.go | 23 ++++++++---------------
 1 file changed, 8 insertions(+), 15 deletions(-)

diff --git a/routers/web/admin/users_test.go b/routers/web/admin/users_test.go
index 3da643b13f7c3..b1e4b0fb31f2d 100644
--- a/routers/web/admin/users_test.go
+++ b/routers/web/admin/users_test.go
@@ -158,13 +158,14 @@ func TestNewUserPost_VisiblityDefaultPublic(t *testing.T) {
 	assert.NoError(t, err)
 	assert.Equal(t, username, u.Name)
 	assert.Equal(t, email, u.Email)
+	// As default user visibility
 	assert.True(t, u.Visibility.IsPublic())
 }
 
-func TestNewUserPost_VisibilityPrivate(t *testing.T) {
+func TestEditUserPost_VisibilityPrivate(t *testing.T) {
 
 	models.PrepareTestEnv(t)
-	ctx := test.MockContext(t, "admin/users/new")
+	ctx := test.MockContext(t, "admin/users/edit")
 
 	u := models.AssertExistsAndLoadBean(t, &models.User{
 		IsAdmin: true,
@@ -173,22 +174,15 @@ func TestNewUserPost_VisibilityPrivate(t *testing.T) {
 
 	ctx.User = u
 
-	username := "gitea"
-	email := "gitea@gitea.io"
+	username := "user31"
 
-	form := forms.AdminCreateUserForm{
-		LoginType:          "local",
-		LoginName:          "local",
-		UserName:           username,
-		Email:              email,
-		Password:           "abc123ABC!=$",
-		SendNotify:         false,
-		MustChangePassword: false,
-		Visibility:         api.VisibleTypePrivate,
+	form := forms.AdminEditUserForm{
+		UserName:   username,
+		Visibility: api.VisibleTypePrivate,
 	}
 
 	web.SetForm(ctx, &form)
-	NewUserPost(ctx)
+	EditUserPost(ctx)
 
 	assert.NotEmpty(t, ctx.Flash.SuccessMsg)
 
@@ -196,6 +190,5 @@ func TestNewUserPost_VisibilityPrivate(t *testing.T) {
 
 	assert.NoError(t, err)
 	assert.Equal(t, username, u.Name)
-	assert.Equal(t, email, u.Email)
 	assert.True(t, u.Visibility.IsPrivate())
 }

From 66a0b4106c9231b114445e38f55d815cc6cf2c01 Mon Sep 17 00:00:00 2001
From: Sergey Dryabzhinsky <sergey@rusoft.ru>
Date: Thu, 10 Jun 2021 20:57:41 +0300
Subject: [PATCH 34/67] One more time edit test

---
 routers/web/admin/users_test.go | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/routers/web/admin/users_test.go b/routers/web/admin/users_test.go
index b1e4b0fb31f2d..f9f9cacf652c0 100644
--- a/routers/web/admin/users_test.go
+++ b/routers/web/admin/users_test.go
@@ -175,9 +175,13 @@ func TestEditUserPost_VisibilityPrivate(t *testing.T) {
 	ctx.User = u
 
 	username := "user31"
+	email := "user31@example.com"
 
 	form := forms.AdminEditUserForm{
+		LoginType:  "local",
+		LoginName:  "user31",
 		UserName:   username,
+		Email:      email,
 		Visibility: api.VisibleTypePrivate,
 	}
 

From 231d8ba893a29ab509c5faf6241ae6a94f97d282 Mon Sep 17 00:00:00 2001
From: Sergey Dryabzhinsky <sergey@rusoft.ru>
Date: Thu, 10 Jun 2021 21:41:26 +0300
Subject: [PATCH 35/67] Next try - new user, update visibility

---
 models/fixtures/user.yml        | 18 ++++++++++++++++++
 routers/web/admin/users_test.go |  8 +++-----
 2 files changed, 21 insertions(+), 5 deletions(-)

diff --git a/models/fixtures/user.yml b/models/fixtures/user.yml
index ae42d1f98e1a5..2590451517ca5 100644
--- a/models/fixtures/user.yml
+++ b/models/fixtures/user.yml
@@ -542,3 +542,21 @@
   avatar_email: user31@example.com
   num_repos: 0
   is_active: true
+
+-
+  id: 32
+  lower_name: user32
+  name: user32
+  full_name: " <<<< >> >> > >> > >>> >> "
+  email: user32@example.com
+  email_notifications_preference: onmention
+  passwd_hash_algo: argon2
+  passwd: a3d5fcd92bae586c2e3dbe72daea7a0d27833a8d0227aa1704f4bbd775c1f3b03535b76dd93b0d4d8d22a519dca47df1547b # password
+  type: 0 # individual
+  salt: ZogKvWdyEx
+  is_admin: false
+  visibility: 1
+  avatar: avatar32
+  avatar_email: user32@example.com
+  num_repos: 0
+  is_active: true
diff --git a/routers/web/admin/users_test.go b/routers/web/admin/users_test.go
index f9f9cacf652c0..7fb5cb5d6c746 100644
--- a/routers/web/admin/users_test.go
+++ b/routers/web/admin/users_test.go
@@ -169,18 +169,16 @@ func TestEditUserPost_VisibilityPrivate(t *testing.T) {
 
 	u := models.AssertExistsAndLoadBean(t, &models.User{
 		IsAdmin: true,
-		ID:      2,
+		ID:      32,
 	}).(*models.User)
 
 	ctx.User = u
 
-	username := "user31"
-	email := "user31@example.com"
+	username := "user32"
+	email := "user32@example.com"
 
 	form := forms.AdminEditUserForm{
 		LoginType:  "local",
-		LoginName:  "user31",
-		UserName:   username,
 		Email:      email,
 		Visibility: api.VisibleTypePrivate,
 	}

From 06bea36d589bc89aafae307bca00a31b0e2fc95d Mon Sep 17 00:00:00 2001
From: Sergey Dryabzhinsky <sergey@rusoft.ru>
Date: Thu, 10 Jun 2021 22:07:18 +0300
Subject: [PATCH 36/67] One more try

---
 routers/web/admin/users_test.go | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/routers/web/admin/users_test.go b/routers/web/admin/users_test.go
index 7fb5cb5d6c746..10aa847477075 100644
--- a/routers/web/admin/users_test.go
+++ b/routers/web/admin/users_test.go
@@ -165,7 +165,7 @@ func TestNewUserPost_VisiblityDefaultPublic(t *testing.T) {
 func TestEditUserPost_VisibilityPrivate(t *testing.T) {
 
 	models.PrepareTestEnv(t)
-	ctx := test.MockContext(t, "admin/users/edit")
+	ctx := test.MockContext(t, "admin/users/32")
 
 	u := models.AssertExistsAndLoadBean(t, &models.User{
 		IsAdmin: true,

From aee5bd60a868c2321fbbc17a4cd3f7fe4cd6e9a6 Mon Sep 17 00:00:00 2001
From: Sergey Dryabzhinsky <sergey@rusoft.ru>
Date: Fri, 11 Jun 2021 00:18:27 +0300
Subject: [PATCH 37/67] We can change visibility type on create - so allow it,
 default value setup at template

---
 models/fixtures/user.yml        | 18 ------------------
 models/user.go                  |  1 -
 routers/web/admin/users_test.go | 27 +++++++++++++++++----------
 3 files changed, 17 insertions(+), 29 deletions(-)

diff --git a/models/fixtures/user.yml b/models/fixtures/user.yml
index 2590451517ca5..ae42d1f98e1a5 100644
--- a/models/fixtures/user.yml
+++ b/models/fixtures/user.yml
@@ -542,21 +542,3 @@
   avatar_email: user31@example.com
   num_repos: 0
   is_active: true
-
--
-  id: 32
-  lower_name: user32
-  name: user32
-  full_name: " <<<< >> >> > >> > >>> >> "
-  email: user32@example.com
-  email_notifications_preference: onmention
-  passwd_hash_algo: argon2
-  passwd: a3d5fcd92bae586c2e3dbe72daea7a0d27833a8d0227aa1704f4bbd775c1f3b03535b76dd93b0d4d8d22a519dca47df1547b # password
-  type: 0 # individual
-  salt: ZogKvWdyEx
-  is_admin: false
-  visibility: 1
-  avatar: avatar32
-  avatar_email: user32@example.com
-  num_repos: 0
-  is_active: true
diff --git a/models/user.go b/models/user.go
index a20eb4b84cd24..64cbf2db9f805 100644
--- a/models/user.go
+++ b/models/user.go
@@ -885,7 +885,6 @@ func CreateUser(u *User) (err error) {
 	}
 
 	u.KeepEmailPrivate = setting.Service.DefaultKeepEmailPrivate
-	u.Visibility = setting.Service.DefaultUserVisibilityMode
 
 	u.LowerName = strings.ToLower(u.Name)
 	u.AvatarEmail = u.Email
diff --git a/routers/web/admin/users_test.go b/routers/web/admin/users_test.go
index 10aa847477075..cb68f0110e3c0 100644
--- a/routers/web/admin/users_test.go
+++ b/routers/web/admin/users_test.go
@@ -162,29 +162,34 @@ func TestNewUserPost_VisiblityDefaultPublic(t *testing.T) {
 	assert.True(t, u.Visibility.IsPublic())
 }
 
-func TestEditUserPost_VisibilityPrivate(t *testing.T) {
+func TestNewUserPost_VisibilityPrivate(t *testing.T) {
 
 	models.PrepareTestEnv(t)
-	ctx := test.MockContext(t, "admin/users/32")
+	ctx := test.MockContext(t, "admin/users/new")
 
 	u := models.AssertExistsAndLoadBean(t, &models.User{
 		IsAdmin: true,
-		ID:      32,
+		ID:      2,
 	}).(*models.User)
 
 	ctx.User = u
 
-	username := "user32"
-	email := "user32@example.com"
+	username := "gitea"
+	email := "gitea@gitea.io"
 
-	form := forms.AdminEditUserForm{
-		LoginType:  "local",
-		Email:      email,
-		Visibility: api.VisibleTypePrivate,
+	form := forms.AdminCreateUserForm{
+		LoginType:          "local",
+		LoginName:          "local",
+		UserName:           username,
+		Email:              email,
+		Password:           "abc123ABC!=$",
+		SendNotify:         false,
+		MustChangePassword: false,
+		Visibility:         api.VisibleTypePrivate,
 	}
 
 	web.SetForm(ctx, &form)
-	EditUserPost(ctx)
+	NewUserPost(ctx)
 
 	assert.NotEmpty(t, ctx.Flash.SuccessMsg)
 
@@ -192,5 +197,7 @@ func TestEditUserPost_VisibilityPrivate(t *testing.T) {
 
 	assert.NoError(t, err)
 	assert.Equal(t, username, u.Name)
+	assert.Equal(t, email, u.Email)
+	// As default user visibility
 	assert.True(t, u.Visibility.IsPrivate())
 }

From cfe9ce063ae0def6b915430ab6e101db0548ba96 Mon Sep 17 00:00:00 2001
From: Sergey Dryabzhinsky <sergey@rusoft.ru>
Date: Fri, 11 Jun 2021 01:23:09 +0300
Subject: [PATCH 38/67] Update fixture

---
 models/fixtures/user.yml | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/models/fixtures/user.yml b/models/fixtures/user.yml
index ae42d1f98e1a5..850ee4041d81a 100644
--- a/models/fixtures/user.yml
+++ b/models/fixtures/user.yml
@@ -529,9 +529,8 @@
   id: 31
   lower_name: user31
   name: user31
-  full_name: " <<<< >> >> > >> > >>> >> "
+  full_name: "user31"
   email: user31@example.com
-  email_notifications_preference: onmention
   passwd_hash_algo: argon2
   passwd: a3d5fcd92bae586c2e3dbe72daea7a0d27833a8d0227aa1704f4bbd775c1f3b03535b76dd93b0d4d8d22a519dca47df1547b # password
   type: 0 # individual

From 4fd5c865ea4467d8563053413d50304f2fcbfe30 Mon Sep 17 00:00:00 2001
From: Sergey Dryabzhinsky <sergey@rusoft.ru>
Date: Fri, 11 Jun 2021 01:46:45 +0300
Subject: [PATCH 39/67] Fix api User output?

---
 modules/structs/user.go | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/modules/structs/user.go b/modules/structs/user.go
index ffed947d068f6..cf53bd7200109 100644
--- a/modules/structs/user.go
+++ b/modules/structs/user.go
@@ -44,7 +44,7 @@ type User struct {
 	// the user's description
 	Description string `json:"description"`
 	// User visibility level option
-	Visibility string `json:"visibility" binding:"In(,public,limited,private)"`
+	Visibility string `json:"visibility"`
 }
 
 // MarshalJSON implements the json.Marshaler interface for User, adding field(s) for backward compatibility

From 16e24bd80294024451348489c86058e1d2fa8353 Mon Sep 17 00:00:00 2001
From: Sergey Dryabzhinsky <sergey@rusoft.ru>
Date: Fri, 11 Jun 2021 02:50:19 +0300
Subject: [PATCH 40/67] Try to fix Visibility type conversion

---
 modules/convert/user.go     | 7 ++++++-
 modules/structs/org_type.go | 5 ++++-
 2 files changed, 10 insertions(+), 2 deletions(-)

diff --git a/modules/convert/user.go b/modules/convert/user.go
index 1b2efa5d94389..d54d11ae2dc5e 100644
--- a/modules/convert/user.go
+++ b/modules/convert/user.go
@@ -7,6 +7,7 @@ package convert
 import (
 	"code.gitea.io/gitea/models"
 	"code.gitea.io/gitea/modules/markup"
+	"code.gitea.io/gitea/modules/setting"
 	api "code.gitea.io/gitea/modules/structs"
 )
 
@@ -57,7 +58,11 @@ func toUser(user *models.User, signed, authed bool) *api.User {
 	// only site admin will get these information and possibly user himself
 	if authed {
 		result.IsAdmin = user.IsAdmin
-		result.Visibility = user.Visibility.String()
+		v := user.Visibility.String()
+		if v == "" {
+			v = setting.Service.DefaultUserVisibility
+		}
+		result.Visibility = v
 		result.LastLogin = user.LastLoginUnix.AsTime()
 		result.Language = user.Language
 		result.IsActive = user.IsActive
diff --git a/modules/structs/org_type.go b/modules/structs/org_type.go
index 4fb9b6fc0fdc8..7515453a3980a 100644
--- a/modules/structs/org_type.go
+++ b/modules/structs/org_type.go
@@ -27,7 +27,7 @@ var VisibilityModes = map[string]VisibleType{
 
 // IsPublic returns true if VisibleType is public
 func (vt VisibleType) IsPublic() bool {
-	return vt == VisibleTypePublic
+	return vt == VisibleTypePublic || vt == 0
 }
 
 // IsLimited returns true if VisibleType is limited
@@ -47,6 +47,9 @@ func (vt VisibleType) String() string {
 			return k
 		}
 	}
+	if vt == 0 {
+		return "public"
+	}
 	return ""
 }
 

From ddc8e4cb726211f0c7a83c5d02c15e3dddfda55c Mon Sep 17 00:00:00 2001
From: Sergey Dryabzhinsky <sergey@rusoft.ru>
Date: Fri, 11 Jun 2021 03:13:01 +0300
Subject: [PATCH 41/67] Try to use int for visibility

---
 modules/convert/user.go | 6 +-----
 modules/structs/user.go | 2 +-
 2 files changed, 2 insertions(+), 6 deletions(-)

diff --git a/modules/convert/user.go b/modules/convert/user.go
index d54d11ae2dc5e..94529ced601f0 100644
--- a/modules/convert/user.go
+++ b/modules/convert/user.go
@@ -58,11 +58,7 @@ func toUser(user *models.User, signed, authed bool) *api.User {
 	// only site admin will get these information and possibly user himself
 	if authed {
 		result.IsAdmin = user.IsAdmin
-		v := user.Visibility.String()
-		if v == "" {
-			v = setting.Service.DefaultUserVisibility
-		}
-		result.Visibility = v
+		result.Visibility = user.Visibility
 		result.LastLogin = user.LastLoginUnix.AsTime()
 		result.Language = user.Language
 		result.IsActive = user.IsActive
diff --git a/modules/structs/user.go b/modules/structs/user.go
index cf53bd7200109..caa08a50bd74a 100644
--- a/modules/structs/user.go
+++ b/modules/structs/user.go
@@ -44,7 +44,7 @@ type User struct {
 	// the user's description
 	Description string `json:"description"`
 	// User visibility level option
-	Visibility string `json:"visibility"`
+	Visibility int `json:"visibility"`
 }
 
 // MarshalJSON implements the json.Marshaler interface for User, adding field(s) for backward compatibility

From 18747407f0a39f7af80080121c0db1673fca748e Mon Sep 17 00:00:00 2001
From: Sergey Dryabzhinsky <sergey@rusoft.ru>
Date: Fri, 11 Jun 2021 04:43:51 +0300
Subject: [PATCH 42/67] Rewrite a little, api output for User.visibility not
 integer

---
 integrations/api_user_search_test.go |  2 +-
 modules/convert/user.go              | 11 +++++++++--
 modules/convert/user_test.go         |  4 ++--
 modules/structs/org_type.go          |  3 ---
 templates/swagger/v1_json.tmpl       | 17 +++++++++++++++--
 5 files changed, 27 insertions(+), 10 deletions(-)

diff --git a/integrations/api_user_search_test.go b/integrations/api_user_search_test.go
index 49a073b800759..dfe034b898700 100644
--- a/integrations/api_user_search_test.go
+++ b/integrations/api_user_search_test.go
@@ -76,7 +76,7 @@ func TestAPIUserSearchAdminLoggedInUserHidden(t *testing.T) {
 	for _, user := range results.Data {
 		assert.Contains(t, user.UserName, query)
 		assert.NotEmpty(t, user.Email)
-		assert.True(t, user.Visibility == api.VisibleTypePrivate.String())
+		assert.True(t, user.Visibility == 2)
 	}
 }
 
diff --git a/modules/convert/user.go b/modules/convert/user.go
index 94529ced601f0..4d992a0c97791 100644
--- a/modules/convert/user.go
+++ b/modules/convert/user.go
@@ -7,7 +7,6 @@ package convert
 import (
 	"code.gitea.io/gitea/models"
 	"code.gitea.io/gitea/modules/markup"
-	"code.gitea.io/gitea/modules/setting"
 	api "code.gitea.io/gitea/modules/structs"
 )
 
@@ -50,6 +49,15 @@ func toUser(user *models.User, signed, authed bool) *api.User {
 		Website:     user.Website,
 		Description: user.Description,
 	}
+
+	result.Visibility = 0
+	if user.Visibility.IsLimited() {
+		result.Visibility = 1
+	}
+	if user.Visibility.IsPrivate() {
+		result.Visibility = 2
+	}
+
 	// hide primary email if API caller is anonymous or user keep email private
 	if signed && (!user.KeepEmailPrivate || authed) {
 		result.Email = user.Email
@@ -58,7 +66,6 @@ func toUser(user *models.User, signed, authed bool) *api.User {
 	// only site admin will get these information and possibly user himself
 	if authed {
 		result.IsAdmin = user.IsAdmin
-		result.Visibility = user.Visibility
 		result.LastLogin = user.LastLoginUnix.AsTime()
 		result.Language = user.Language
 		result.IsActive = user.IsActive
diff --git a/modules/convert/user_test.go b/modules/convert/user_test.go
index 0f56140d4bad0..144f99d02b6f0 100644
--- a/modules/convert/user_test.go
+++ b/modules/convert/user_test.go
@@ -28,11 +28,11 @@ func TestUser_ToUser(t *testing.T) {
 
 	apiUser = toUser(user1, false, false)
 	assert.False(t, apiUser.IsAdmin)
-	assert.False(t, apiUser.Visibility == api.VisibleTypePublic.String())
+	assert.False(t, apiUser.Visibility == 0)
 
 	user31 := models.AssertExistsAndLoadBean(t, &models.User{ID: 31, IsAdmin: false, Visibility: api.VisibleTypePrivate}).(*models.User)
 
 	apiUser = toUser(user31, true, true)
 	assert.False(t, apiUser.IsAdmin)
-	assert.True(t, apiUser.Visibility == api.VisibleTypePrivate.String())
+	assert.True(t, apiUser.Visibility == 2)
 }
diff --git a/modules/structs/org_type.go b/modules/structs/org_type.go
index 7515453a3980a..2ed375f42034f 100644
--- a/modules/structs/org_type.go
+++ b/modules/structs/org_type.go
@@ -47,9 +47,6 @@ func (vt VisibleType) String() string {
 			return k
 		}
 	}
-	if vt == 0 {
-		return "public"
-	}
 	return ""
 }
 
diff --git a/templates/swagger/v1_json.tmpl b/templates/swagger/v1_json.tmpl
index 35e5961cb9992..87460372cb021 100644
--- a/templates/swagger/v1_json.tmpl
+++ b/templates/swagger/v1_json.tmpl
@@ -13040,7 +13040,13 @@
           "x-go-name": "Username"
         },
         "visibility": {
+          "description": "possible values are `public` (default), `limited` or `private`",
           "type": "string",
+          "enum": [
+            "public",
+            "limited",
+            "private"
+          ],
           "x-go-name": "Visibility"
         }
       },
@@ -13852,7 +13858,13 @@
           "x-go-name": "SourceID"
         },
         "visibility": {
+          "description": "possible values are `public` (default), `limited` or `private`",
           "type": "string",
+          "enum": [
+            "public",
+            "limited",
+            "private"
+          ],
           "x-go-name": "Visibility"
         },
         "website": {
@@ -16330,8 +16342,9 @@
           "x-go-name": "Restricted"
         },
         "visibility": {
-          "description": "User visibility level option",
-          "type": "string",
+          "description": "User visibility level option: public(0) - default, limited(1), private(2)",
+          "type": "integer",
+          "format": "int",
           "x-go-name": "Visibility"
         },
         "website": {

From ba5933944deb90bb52cab76685e137d182c1b901 Mon Sep 17 00:00:00 2001
From: Sergey Dryabzhinsky <sergey@rusoft.ru>
Date: Fri, 11 Jun 2021 13:48:55 +0300
Subject: [PATCH 43/67] Fix swagger

---
 modules/structs/user.go        |  2 +-
 templates/swagger/v1_json.tmpl | 14 +-------------
 2 files changed, 2 insertions(+), 14 deletions(-)

diff --git a/modules/structs/user.go b/modules/structs/user.go
index caa08a50bd74a..61123f7e433e2 100644
--- a/modules/structs/user.go
+++ b/modules/structs/user.go
@@ -43,7 +43,7 @@ type User struct {
 	Website string `json:"website"`
 	// the user's description
 	Description string `json:"description"`
-	// User visibility level option
+	// User visibility level option: public(0) - default, limited(1), private(2)
 	Visibility int `json:"visibility"`
 }
 
diff --git a/templates/swagger/v1_json.tmpl b/templates/swagger/v1_json.tmpl
index 87460372cb021..40fc4ab3b0540 100644
--- a/templates/swagger/v1_json.tmpl
+++ b/templates/swagger/v1_json.tmpl
@@ -13040,13 +13040,7 @@
           "x-go-name": "Username"
         },
         "visibility": {
-          "description": "possible values are `public` (default), `limited` or `private`",
           "type": "string",
-          "enum": [
-            "public",
-            "limited",
-            "private"
-          ],
           "x-go-name": "Visibility"
         }
       },
@@ -13858,13 +13852,7 @@
           "x-go-name": "SourceID"
         },
         "visibility": {
-          "description": "possible values are `public` (default), `limited` or `private`",
           "type": "string",
-          "enum": [
-            "public",
-            "limited",
-            "private"
-          ],
           "x-go-name": "Visibility"
         },
         "website": {
@@ -16344,7 +16332,7 @@
         "visibility": {
           "description": "User visibility level option: public(0) - default, limited(1), private(2)",
           "type": "integer",
-          "format": "int",
+          "format": "int64",
           "x-go-name": "Visibility"
         },
         "website": {

From cd70c812aac3977e5c7703f8d698e9570ba98861 Mon Sep 17 00:00:00 2001
From: Sergey Dryabzhinsky <sergey@rusoft.ru>
Date: Fri, 11 Jun 2021 14:50:41 +0300
Subject: [PATCH 44/67] Fix user test

---
 modules/convert/user_test.go | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/modules/convert/user_test.go b/modules/convert/user_test.go
index 144f99d02b6f0..070eee36fa272 100644
--- a/modules/convert/user_test.go
+++ b/modules/convert/user_test.go
@@ -28,7 +28,7 @@ func TestUser_ToUser(t *testing.T) {
 
 	apiUser = toUser(user1, false, false)
 	assert.False(t, apiUser.IsAdmin)
-	assert.False(t, apiUser.Visibility == 0)
+	assert.True(t, apiUser.Visibility == 0)
 
 	user31 := models.AssertExistsAndLoadBean(t, &models.User{ID: 31, IsAdmin: false, Visibility: api.VisibleTypePrivate}).(*models.User)
 

From 96018c3be079619f3c5173ee4cee1aaccf8d6069 Mon Sep 17 00:00:00 2001
From: 6543 <6543@obermui.de>
Date: Tue, 15 Jun 2021 22:19:16 +0200
Subject: [PATCH 45/67] Update integrations/api_user_search_test.go

---
 integrations/api_user_search_test.go | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/integrations/api_user_search_test.go b/integrations/api_user_search_test.go
index dfe034b898700..ab346c4aea403 100644
--- a/integrations/api_user_search_test.go
+++ b/integrations/api_user_search_test.go
@@ -76,7 +76,7 @@ func TestAPIUserSearchAdminLoggedInUserHidden(t *testing.T) {
 	for _, user := range results.Data {
 		assert.Contains(t, user.UserName, query)
 		assert.NotEmpty(t, user.Email)
-		assert.True(t, user.Visibility == 2)
+		assert.EqualValues(t, user.Visibility, api.VisibleTypePrivate)
 	}
 }
 

From 9e051e325039313576469c8afee5a44f1b0c0ac9 Mon Sep 17 00:00:00 2001
From: Sergey Dryabzhinsky <sergey@rusoft.ru>
Date: Wed, 16 Jun 2021 07:24:19 +0300
Subject: [PATCH 46/67] Return back to string, remove zero check

---
 modules/structs/org_type.go | 2 +-
 modules/structs/user.go     | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/modules/structs/org_type.go b/modules/structs/org_type.go
index 2ed375f42034f..4fb9b6fc0fdc8 100644
--- a/modules/structs/org_type.go
+++ b/modules/structs/org_type.go
@@ -27,7 +27,7 @@ var VisibilityModes = map[string]VisibleType{
 
 // IsPublic returns true if VisibleType is public
 func (vt VisibleType) IsPublic() bool {
-	return vt == VisibleTypePublic || vt == 0
+	return vt == VisibleTypePublic
 }
 
 // IsLimited returns true if VisibleType is limited
diff --git a/modules/structs/user.go b/modules/structs/user.go
index 61123f7e433e2..62533509c7ee4 100644
--- a/modules/structs/user.go
+++ b/modules/structs/user.go
@@ -44,7 +44,7 @@ type User struct {
 	// the user's description
 	Description string `json:"description"`
 	// User visibility level option: public(0) - default, limited(1), private(2)
-	Visibility int `json:"visibility"`
+	Visibility string `json:"visibility"`
 }
 
 // MarshalJSON implements the json.Marshaler interface for User, adding field(s) for backward compatibility

From e9e80ab340d6b8c7e507a9f2250c237b1446f739 Mon Sep 17 00:00:00 2001
From: Sergey Dryabzhinsky <sergey@rusoft.ru>
Date: Wed, 16 Jun 2021 07:35:52 +0300
Subject: [PATCH 47/67] Convert visibility for API User

---
 modules/convert/user.go | 8 +-------
 1 file changed, 1 insertion(+), 7 deletions(-)

diff --git a/modules/convert/user.go b/modules/convert/user.go
index 4d992a0c97791..bb96d6a9894fc 100644
--- a/modules/convert/user.go
+++ b/modules/convert/user.go
@@ -50,13 +50,7 @@ func toUser(user *models.User, signed, authed bool) *api.User {
 		Description: user.Description,
 	}
 
-	result.Visibility = 0
-	if user.Visibility.IsLimited() {
-		result.Visibility = 1
-	}
-	if user.Visibility.IsPrivate() {
-		result.Visibility = 2
-	}
+	result.Visibility = user.Visibility.String()
 
 	// hide primary email if API caller is anonymous or user keep email private
 	if signed && (!user.KeepEmailPrivate || authed) {

From d5d20f294da448d35ef493a6d519dff3829d8d75 Mon Sep 17 00:00:00 2001
From: Sergey Dryabzhinsky <sergey@rusoft.ru>
Date: Wed, 16 Jun 2021 07:38:26 +0300
Subject: [PATCH 48/67] Test strings now

---
 modules/convert/user_test.go | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/modules/convert/user_test.go b/modules/convert/user_test.go
index 070eee36fa272..f80e2319e9439 100644
--- a/modules/convert/user_test.go
+++ b/modules/convert/user_test.go
@@ -28,11 +28,11 @@ func TestUser_ToUser(t *testing.T) {
 
 	apiUser = toUser(user1, false, false)
 	assert.False(t, apiUser.IsAdmin)
-	assert.True(t, apiUser.Visibility == 0)
+	assert.EqualValues(t, apiUser.Visibility, api.VisibleTypePublic.String())
 
 	user31 := models.AssertExistsAndLoadBean(t, &models.User{ID: 31, IsAdmin: false, Visibility: api.VisibleTypePrivate}).(*models.User)
 
 	apiUser = toUser(user31, true, true)
 	assert.False(t, apiUser.IsAdmin)
-	assert.True(t, apiUser.Visibility == 2)
+	assert.EqualValues(t, apiUser.Visibility, api.VisibleTypePrivate.String())
 }

From d41fb82c948b5027ef8a6bac0df4130a493278da Mon Sep 17 00:00:00 2001
From: Sergey Dryabzhinsky <sergey@rusoft.ru>
Date: Wed, 16 Jun 2021 09:01:37 +0300
Subject: [PATCH 49/67] Fixes for swagger

---
 modules/structs/user.go        | 2 +-
 templates/swagger/v1_json.tmpl | 5 ++---
 2 files changed, 3 insertions(+), 4 deletions(-)

diff --git a/modules/structs/user.go b/modules/structs/user.go
index 62533509c7ee4..78a42d5c37eca 100644
--- a/modules/structs/user.go
+++ b/modules/structs/user.go
@@ -43,7 +43,7 @@ type User struct {
 	Website string `json:"website"`
 	// the user's description
 	Description string `json:"description"`
-	// User visibility level option: public(0) - default, limited(1), private(2)
+	// User visibility level option: public (default), limited, private
 	Visibility string `json:"visibility"`
 }
 
diff --git a/templates/swagger/v1_json.tmpl b/templates/swagger/v1_json.tmpl
index 40fc4ab3b0540..0e9cd3ec12db4 100644
--- a/templates/swagger/v1_json.tmpl
+++ b/templates/swagger/v1_json.tmpl
@@ -16330,9 +16330,8 @@
           "x-go-name": "Restricted"
         },
         "visibility": {
-          "description": "User visibility level option: public(0) - default, limited(1), private(2)",
-          "type": "integer",
-          "format": "int64",
+          "description": "User visibility level option: public (default), limited, private",
+          "type": "string",
           "x-go-name": "Visibility"
         },
         "website": {

From 379444f17ab946b78dadd9c3612e146221961008 Mon Sep 17 00:00:00 2001
From: 6543 <6543@obermui.de>
Date: Wed, 16 Jun 2021 21:51:04 +0200
Subject: [PATCH 50/67] fix

---
 integrations/api_user_search_test.go |  2 +-
 modules/convert/user_test.go         |  4 ++--
 modules/structs/admin_user.go        |  2 +-
 options/locale/locale_en-US.ini      | 24 ++++++++----------------
 routers/api/v1/admin/user.go         |  9 +++------
 routers/web/user/setting/profile.go  |  5 +----
 services/forms/user_form.go          |  3 ++-
 templates/admin/user/edit.tmpl       | 14 +++++++-------
 templates/admin/user/new.tmpl        | 14 +++++++-------
 templates/user/settings/profile.tmpl | 16 ++++++++--------
 10 files changed, 40 insertions(+), 53 deletions(-)

diff --git a/integrations/api_user_search_test.go b/integrations/api_user_search_test.go
index ab346c4aea403..f7349827e5800 100644
--- a/integrations/api_user_search_test.go
+++ b/integrations/api_user_search_test.go
@@ -76,7 +76,7 @@ func TestAPIUserSearchAdminLoggedInUserHidden(t *testing.T) {
 	for _, user := range results.Data {
 		assert.Contains(t, user.UserName, query)
 		assert.NotEmpty(t, user.Email)
-		assert.EqualValues(t, user.Visibility, api.VisibleTypePrivate)
+		assert.EqualValues(t, "private", user.Visibility)
 	}
 }
 
diff --git a/modules/convert/user_test.go b/modules/convert/user_test.go
index f80e2319e9439..679c4f98948ae 100644
--- a/modules/convert/user_test.go
+++ b/modules/convert/user_test.go
@@ -28,11 +28,11 @@ func TestUser_ToUser(t *testing.T) {
 
 	apiUser = toUser(user1, false, false)
 	assert.False(t, apiUser.IsAdmin)
-	assert.EqualValues(t, apiUser.Visibility, api.VisibleTypePublic.String())
+	assert.EqualValues(t, api.VisibleTypePublic.String(), apiUser.Visibility)
 
 	user31 := models.AssertExistsAndLoadBean(t, &models.User{ID: 31, IsAdmin: false, Visibility: api.VisibleTypePrivate}).(*models.User)
 
 	apiUser = toUser(user31, true, true)
 	assert.False(t, apiUser.IsAdmin)
-	assert.EqualValues(t, apiUser.Visibility, api.VisibleTypePrivate.String())
+	assert.EqualValues(t, api.VisibleTypePrivate.String(), apiUser.Visibility)
 }
diff --git a/modules/structs/admin_user.go b/modules/structs/admin_user.go
index facf16a39552a..e8418a65b2557 100644
--- a/modules/structs/admin_user.go
+++ b/modules/structs/admin_user.go
@@ -44,5 +44,5 @@ type EditUserOption struct {
 	ProhibitLogin           *bool   `json:"prohibit_login"`
 	AllowCreateOrganization *bool   `json:"allow_create_organization"`
 	Restricted              *bool   `json:"restricted"`
-	Visibility              string  `json:"visibility" binding:"In(,public,limited,private)"`
+	Visibility              *string `json:"visibility" binding:"In(,public,limited,private)"`
 }
diff --git a/options/locale/locale_en-US.ini b/options/locale/locale_en-US.ini
index e0ae2b529be34..5a54bf81f1780 100644
--- a/options/locale/locale_en-US.ini
+++ b/options/locale/locale_en-US.ini
@@ -437,14 +437,6 @@ form.name_reserved = The username '%s' is reserved.
 form.name_pattern_not_allowed = The pattern '%s' is not allowed in a username.
 form.name_chars_not_allowed = User name '%s' contains invalid characters.
 
-settings.visibility = User visibility
-settings.visibility.public = Public
-settings.visibility.public_tooltip = Visible to all users
-settings.visibility.limited = Limited
-settings.visibility.limited_tooltip = Visible to logged in users only
-settings.visibility.private = Private
-settings.visibility.private_tooltip = Visible only to organization members
-
 [settings]
 profile = Profile
 account = Account
@@ -685,6 +677,14 @@ email_notifications.onmention = Only Email on Mention
 email_notifications.disable = Disable Email Notifications
 email_notifications.submit = Set Email Preference
 
+visibility = User visibility
+visibility.public = Public
+visibility.public_tooltip = Visible to all users
+visibility.limited = Limited
+visibility.limited_tooltip = Visible to logged in users only
+visibility.private = Private
+visibility.private_tooltip = Visible only to organization members
+
 [repo]
 new_repo_helper = A repository contains all project files, including revision history.  Already have it elsewhere? <a href="%s">Migrate repository.</a>
 owner = Owner
@@ -2257,14 +2257,6 @@ users.still_own_repo = This user still owns one or more repositories. Delete or
 users.still_has_org = This user is a member of an organization. Remove the user from any organizations first.
 users.deletion_success = The user account has been deleted.
 users.reset_2fa = Reset 2FA
-users.settings.visibility = User visibility
-users.settings.visibility.public = Public
-users.settings.visibility.public_tooltip = Visible to all users
-users.settings.visibility.limited = Limited
-users.settings.visibility.limited_tooltip = Visible to logged in users only
-users.settings.visibility.private = Private
-users.settings.visibility.private_tooltip = Visible only to organization members
-
 
 emails.email_manage_panel = User Email Management
 emails.primary = Primary
diff --git a/routers/api/v1/admin/user.go b/routers/api/v1/admin/user.go
index f09276427e6c2..e8d794616ec44 100644
--- a/routers/api/v1/admin/user.go
+++ b/routers/api/v1/admin/user.go
@@ -163,12 +163,6 @@ func EditUser(ctx *context.APIContext) {
 		return
 	}
 
-	visibility := api.VisibleTypePublic
-	if form.Visibility != "" {
-		visibility = api.VisibilityModes[form.Visibility]
-	}
-	u.Visibility = visibility
-
 	if len(form.Password) != 0 {
 		if !password.IsComplexEnough(form.Password) {
 			err := errors.New("PasswordComplexity")
@@ -222,6 +216,9 @@ func EditUser(ctx *context.APIContext) {
 	if form.Active != nil {
 		u.IsActive = *form.Active
 	}
+	if form.Visibility != nil {
+		u.Visibility = api.VisibilityModes[*form.Visibility]
+	}
 	if form.Admin != nil {
 		u.IsAdmin = *form.Admin
 	}
diff --git a/routers/web/user/setting/profile.go b/routers/web/user/setting/profile.go
index 7947c93e2fba5..463c4ec2038c8 100644
--- a/routers/web/user/setting/profile.go
+++ b/routers/web/user/setting/profile.go
@@ -19,7 +19,6 @@ import (
 	"code.gitea.io/gitea/modules/context"
 	"code.gitea.io/gitea/modules/log"
 	"code.gitea.io/gitea/modules/setting"
-	api "code.gitea.io/gitea/modules/structs"
 	"code.gitea.io/gitea/modules/typesniffer"
 	"code.gitea.io/gitea/modules/util"
 	"code.gitea.io/gitea/modules/web"
@@ -115,9 +114,7 @@ func ProfilePost(ctx *context.Context) {
 	}
 	ctx.User.Description = form.Description
 	ctx.User.KeepActivityPrivate = form.KeepActivityPrivate
-	if form.Visibility != "" {
-		ctx.User.Visibility = api.VisibilityModes[form.Visibility]
-	}
+	ctx.User.Visibility = form.Visibility
 	if err := models.UpdateUserSetting(ctx.User); err != nil {
 		if _, ok := err.(models.ErrEmailAlreadyUsed); ok {
 			ctx.Flash.Error(ctx.Tr("form.email_been_used"))
diff --git a/services/forms/user_form.go b/services/forms/user_form.go
index 727c637d545ef..d7db3f70f4a4b 100644
--- a/services/forms/user_form.go
+++ b/services/forms/user_form.go
@@ -12,6 +12,7 @@ import (
 
 	"code.gitea.io/gitea/modules/context"
 	"code.gitea.io/gitea/modules/setting"
+	"code.gitea.io/gitea/modules/structs"
 	"code.gitea.io/gitea/modules/web/middleware"
 
 	"gitea.com/go-chi/binding"
@@ -230,7 +231,7 @@ type UpdateProfileForm struct {
 	Location            string `binding:"MaxSize(50)"`
 	Language            string
 	Description         string `binding:"MaxSize(255)"`
-	Visibility          string
+	Visibility          structs.VisibleType
 	KeepActivityPrivate bool
 }
 
diff --git a/templates/admin/user/edit.tmpl b/templates/admin/user/edit.tmpl
index 403750a7d978e..117d5943faa8d 100644
--- a/templates/admin/user/edit.tmpl
+++ b/templates/admin/user/edit.tmpl
@@ -30,19 +30,19 @@
 				</div>
 
 				<div class="inline field {{if .Err_Visibility}}error{{end}}">
-					<span class="inline required field"><label for="visibility">{{.i18n.Tr "admin.users.settings.visibility"}}</label></span>
+					<span class="inline required field"><label for="visibility">{{.i18n.Tr "settings.visibility"}}</label></span>
 					<div class="ui selection type dropdown">
 						<input type="hidden" id="visibility" name="visibility" value="{{.visibility}}">
 						<div class="text">
-						{{if .User.Visibility.IsPublic}}{{.i18n.Tr "admin.users.settings.visibility.public"}}{{end}}
-						{{if .User.Visibility.IsLimited}}{{.i18n.Tr "admin.users.settings.visibility.limited"}}{{end}}
-						{{if .User.Visibility.IsPrivate}}{{.i18n.Tr "admin.users.settings.visibility.private"}}{{end}}
+						{{if .User.Visibility.IsPublic}}{{.i18n.Tr "settings.visibility.public"}}{{end}}
+						{{if .User.Visibility.IsLimited}}{{.i18n.Tr "settings.visibility.limited"}}{{end}}
+						{{if .User.Visibility.IsPrivate}}{{.i18n.Tr "settings.visibility.private"}}{{end}}
 						</div>
 						{{svg "octicon-triangle-down" 14 "dropdown icon"}}
 						<div class="menu">
-							<div class="item poping up" data-content="{{.i18n.Tr "admin.users.settings.visibility.public_tooltip"}}" data-value="0">{{.i18n.Tr "admin.users.settings.visibility.public"}}</div>
-							<div class="item poping up" data-content="{{.i18n.Tr "admin.users.settings.visibility.limited_tooltip"}}" data-value="1">{{.i18n.Tr "admin.users.settings.visibility.limited"}}</div>
-							<div class="item poping up" data-content="{{.i18n.Tr "admin.users.settings.visibility.private_tooltip"}}" data-value="2">{{.i18n.Tr "admin.users.settings.visibility.private"}}</div>
+							<div class="item poping up" data-content="{{.i18n.Tr "settings.visibility.public_tooltip"}}" data-value="0">{{.i18n.Tr "settings.visibility.public"}}</div>
+							<div class="item poping up" data-content="{{.i18n.Tr "settings.visibility.limited_tooltip"}}" data-value="1">{{.i18n.Tr "settings.visibility.limited"}}</div>
+							<div class="item poping up" data-content="{{.i18n.Tr "settings.visibility.private_tooltip"}}" data-value="2">{{.i18n.Tr "settings.visibility.private"}}</div>
 						</div>
 					</div>
 				</div>
diff --git a/templates/admin/user/new.tmpl b/templates/admin/user/new.tmpl
index 2e844a7982b06..2e391725353a7 100644
--- a/templates/admin/user/new.tmpl
+++ b/templates/admin/user/new.tmpl
@@ -26,19 +26,19 @@
 				</div>
 
 				<div class="inline field {{if .Err_Visibility}}error{{end}}">
-					<span class="inline required field"><label for="visibility">{{.i18n.Tr "admin.users.settings.visibility"}}</label></span>
+					<span class="inline required field"><label for="visibility">{{.i18n.Tr "settings.visibility"}}</label></span>
 					<div class="ui selection type dropdown">
 						<input type="hidden" id="visibility" name="visibility" value="{{.visibility}}">
 						<div class="text">
-						{{if .DefaultUserVisibilityMode.IsPublic}}{{.i18n.Tr "admin.users.settings.visibility.public"}}{{end}}
-						{{if .DefaultUserVisibilityMode.IsLimited}}{{.i18n.Tr "admin.users.settings.visibility.limited"}}{{end}}
-						{{if .DefaultUserVisibilityMode.IsPrivate}}{{.i18n.Tr "admin.users.settings.visibility.private"}}{{end}}
+						{{if .DefaultUserVisibilityMode.IsPublic}}{{.i18n.Tr "settings.visibility.public"}}{{end}}
+						{{if .DefaultUserVisibilityMode.IsLimited}}{{.i18n.Tr "settings.visibility.limited"}}{{end}}
+						{{if .DefaultUserVisibilityMode.IsPrivate}}{{.i18n.Tr "settings.visibility.private"}}{{end}}
 						</div>
 						{{svg "octicon-triangle-down" 14 "dropdown icon"}}
 						<div class="menu">
-							<div class="item poping up" data-content="{{.i18n.Tr "admin.users.settings.visibility.public_tooltip"}}" data-value="0">{{.i18n.Tr "admin.users.settings.visibility.public"}}</div>
-							<div class="item poping up" data-content="{{.i18n.Tr "admin.users.settings.visibility.limited_tooltip"}}" data-value="1">{{.i18n.Tr "admin.users.settings.visibility.limited"}}</div>
-							<div class="item poping up" data-content="{{.i18n.Tr "admin.users.settings.visibility.private_tooltip"}}" data-value="2">{{.i18n.Tr "admin.users.settings.visibility.private"}}</div>
+							<div class="item poping up" data-content="{{.i18n.Tr "settings.visibility.public_tooltip"}}" data-value="0">{{.i18n.Tr "settings.visibility.public"}}</div>
+							<div class="item poping up" data-content="{{.i18n.Tr "settings.visibility.limited_tooltip"}}" data-value="1">{{.i18n.Tr "settings.visibility.limited"}}</div>
+							<div class="item poping up" data-content="{{.i18n.Tr "settings.visibility.private_tooltip"}}" data-value="2">{{.i18n.Tr "settings.visibility.private"}}</div>
 						</div>
 					</div>
 				</div>
diff --git a/templates/user/settings/profile.tmpl b/templates/user/settings/profile.tmpl
index 319a5d3304ea5..b6bf6f35d570c 100644
--- a/templates/user/settings/profile.tmpl
+++ b/templates/user/settings/profile.tmpl
@@ -69,19 +69,19 @@
 				</div>
 
 				<div class="inline field {{if .Err_Visibility}}error{{end}}">
-					<span class="inline required field"><label for="visibility">{{.i18n.Tr "user.settings.visibility"}}</label></span>
+					<span class="inline required field"><label for="visibility">{{.i18n.Tr "settings.visibility"}}</label></span>
 					<div class="ui selection type dropdown">
-						<input type="hidden" id="visibility" name="visibility" value="{{.SignedUser.Visibility}}">
+						<input type="hidden" id="visibility" name="visibility" value="{{.visibility}}">
 						<div class="text">
-						{{if .SignedUser.Visibility.IsPublic}}{{.i18n.Tr "user.settings.visibility.public"}}{{end}}
-						{{if .SignedUser.Visibility.IsLimited}}{{.i18n.Tr "user.settings.visibility.limited"}}{{end}}
-						{{if .signedUser.Visibility.IsPrivate}}{{.i18n.Tr "user.settings.visibility.private"}}{{end}}
+						{{if .User.Visibility.IsPublic}}{{.i18n.Tr "settings.visibility.public"}}{{end}}
+						{{if .User.Visibility.IsLimited}}{{.i18n.Tr "settings.visibility.limited"}}{{end}}
+						{{if .User.Visibility.IsPrivate}}{{.i18n.Tr "settings.visibility.private"}}{{end}}
 						</div>
 						{{svg "octicon-triangle-down" 14 "dropdown icon"}}
 						<div class="menu">
-							<div class="item poping up" data-content="{{.i18n.Tr "user.settings.visibility.public_tooltip"}}" data-value="public">{{.i18n.Tr "user.settings.visibility.public"}}</div>
-							<div class="item poping up" data-content="{{.i18n.Tr "user.settings.visibility.limited_tooltip"}}" data-value="limited">{{.i18n.Tr "user.settings.visibility.limited"}}</div>
-							<div class="item poping up" data-content="{{.i18n.Tr "user.settings.visibility.private_tooltip"}}" data-value="private">{{.i18n.Tr "user.settings.visibility.private"}}</div>
+							<div class="item poping up" data-content="{{.i18n.Tr "settings.visibility.public_tooltip"}}" data-value="0">{{.i18n.Tr "settings.visibility.public"}}</div>
+							<div class="item poping up" data-content="{{.i18n.Tr "settings.visibility.limited_tooltip"}}" data-value="1">{{.i18n.Tr "settings.visibility.limited"}}</div>
+							<div class="item poping up" data-content="{{.i18n.Tr "settings.visibility.private_tooltip"}}" data-value="2">{{.i18n.Tr "settings.visibility.private"}}</div>
 						</div>
 					</div>
 				</div>

From dfe8e37cece5349aa5e5095954f7fef2b3f05802 Mon Sep 17 00:00:00 2001
From: 6543 <6543@obermui.de>
Date: Wed, 16 Jun 2021 22:00:40 +0200
Subject: [PATCH 51/67] binding do not support pointer at the moment

---
 modules/structs/admin_user.go | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/modules/structs/admin_user.go b/modules/structs/admin_user.go
index e8418a65b2557..5a801fd8f3590 100644
--- a/modules/structs/admin_user.go
+++ b/modules/structs/admin_user.go
@@ -44,5 +44,5 @@ type EditUserOption struct {
 	ProhibitLogin           *bool   `json:"prohibit_login"`
 	AllowCreateOrganization *bool   `json:"allow_create_organization"`
 	Restricted              *bool   `json:"restricted"`
-	Visibility              *string `json:"visibility" binding:"In(,public,limited,private)"`
+	Visibility              *string `json:"visibility"` // binding:"In(,public,limited,private)"
 }

From 53ecfb55975c64c8c994c93e683a2f7eaee59af8 Mon Sep 17 00:00:00 2001
From: 6543 <6543@obermui.de>
Date: Wed, 16 Jun 2021 22:06:46 +0200
Subject: [PATCH 52/67] fix TestAPIRepoTransfer

---
 integrations/api_repo_test.go | 8 ++++----
 modules/structs/admin_user.go | 2 +-
 routers/api/v1/admin/user.go  | 4 ++--
 3 files changed, 7 insertions(+), 7 deletions(-)

diff --git a/integrations/api_repo_test.go b/integrations/api_repo_test.go
index cfd3b58d649d6..d9c3f74afca4f 100644
--- a/integrations/api_repo_test.go
+++ b/integrations/api_repo_test.go
@@ -466,7 +466,7 @@ func TestAPIRepoTransfer(t *testing.T) {
 	session := loginUser(t, user.Name)
 	token := getTokenForLoggedInUser(t, session)
 	repoName := "moveME"
-	repo := new(models.Repository)
+	apiRepo := new(api.Repository)
 	req := NewRequestWithJSON(t, "POST", fmt.Sprintf("/api/v1/user/repos?token=%s", token), &api.CreateRepoOption{
 		Name:        repoName,
 		Description: "repo move around",
@@ -475,12 +475,12 @@ func TestAPIRepoTransfer(t *testing.T) {
 		AutoInit:    true,
 	})
 	resp := session.MakeRequest(t, req, http.StatusCreated)
-	DecodeJSON(t, resp, repo)
+	DecodeJSON(t, resp, apiRepo)
 
 	//start testing
 	for _, testCase := range testCases {
 		user = models.AssertExistsAndLoadBean(t, &models.User{ID: testCase.ctxUserID}).(*models.User)
-		repo = models.AssertExistsAndLoadBean(t, &models.Repository{ID: repo.ID}).(*models.Repository)
+		repo := models.AssertExistsAndLoadBean(t, &models.Repository{ID: apiRepo.ID}).(*models.Repository)
 		session = loginUser(t, user.Name)
 		token = getTokenForLoggedInUser(t, session)
 		req = NewRequestWithJSON(t, "POST", fmt.Sprintf("/api/v1/repos/%s/%s/transfer?token=%s", repo.OwnerName, repo.Name, token), &api.TransferRepoOption{
@@ -491,6 +491,6 @@ func TestAPIRepoTransfer(t *testing.T) {
 	}
 
 	//cleanup
-	repo = models.AssertExistsAndLoadBean(t, &models.Repository{ID: repo.ID}).(*models.Repository)
+	repo := models.AssertExistsAndLoadBean(t, &models.Repository{ID: apiRepo.ID}).(*models.Repository)
 	_ = models.DeleteRepository(user, repo.OwnerID, repo.ID)
 }
diff --git a/modules/structs/admin_user.go b/modules/structs/admin_user.go
index 5a801fd8f3590..facf16a39552a 100644
--- a/modules/structs/admin_user.go
+++ b/modules/structs/admin_user.go
@@ -44,5 +44,5 @@ type EditUserOption struct {
 	ProhibitLogin           *bool   `json:"prohibit_login"`
 	AllowCreateOrganization *bool   `json:"allow_create_organization"`
 	Restricted              *bool   `json:"restricted"`
-	Visibility              *string `json:"visibility"` // binding:"In(,public,limited,private)"
+	Visibility              string  `json:"visibility" binding:"In(,public,limited,private)"`
 }
diff --git a/routers/api/v1/admin/user.go b/routers/api/v1/admin/user.go
index e8d794616ec44..968a23dea4bd4 100644
--- a/routers/api/v1/admin/user.go
+++ b/routers/api/v1/admin/user.go
@@ -216,8 +216,8 @@ func EditUser(ctx *context.APIContext) {
 	if form.Active != nil {
 		u.IsActive = *form.Active
 	}
-	if form.Visibility != nil {
-		u.Visibility = api.VisibilityModes[*form.Visibility]
+	if len(form.Visibility) != 0 {
+		u.Visibility = api.VisibilityModes[form.Visibility]
 	}
 	if form.Admin != nil {
 		u.IsAdmin = *form.Admin

From 4208b6083a332fa4d1232a8e66a91dffe2c88d5f Mon Sep 17 00:00:00 2001
From: 6543 <6543@obermui.de>
Date: Wed, 16 Jun 2021 22:49:05 +0200
Subject: [PATCH 53/67] respect setting.Service.DefaultUserVisibilityMode

---
 models/user.go               | 17 ++++++++++++++---
 routers/api/v1/admin/user.go | 16 +++++++++-------
 2 files changed, 23 insertions(+), 10 deletions(-)

diff --git a/models/user.go b/models/user.go
index 64cbf2db9f805..1f613349efa22 100644
--- a/models/user.go
+++ b/models/user.go
@@ -849,8 +849,13 @@ func IsUsableUsername(name string) error {
 	return isUsableName(reservedUsernames, reservedUserPatterns, name)
 }
 
+// CreateUserOverwriteOptions are an optional options who overwrite system defaults on user creation
+type CreateUserOverwriteOptions struct {
+	Visibility structs.VisibleType
+}
+
 // CreateUser creates record of a new user.
-func CreateUser(u *User) (err error) {
+func CreateUser(u *User, overwriteDefault ...*CreateUserOverwriteOptions) (err error) {
 	if err = IsUsableUsername(u.Name); err != nil {
 		return err
 	}
@@ -884,8 +889,6 @@ func CreateUser(u *User) (err error) {
 		return ErrEmailAlreadyUsed{u.Email}
 	}
 
-	u.KeepEmailPrivate = setting.Service.DefaultKeepEmailPrivate
-
 	u.LowerName = strings.ToLower(u.Name)
 	u.AvatarEmail = u.Email
 	if u.Rands, err = GetUserSalt(); err != nil {
@@ -894,10 +897,18 @@ func CreateUser(u *User) (err error) {
 	if err = u.SetPassword(u.Passwd); err != nil {
 		return err
 	}
+
+	// set system defaults
+	u.KeepEmailPrivate = setting.Service.DefaultKeepEmailPrivate
+	u.Visibility = setting.Service.DefaultUserVisibilityMode
 	u.AllowCreateOrganization = setting.Service.DefaultAllowCreateOrganization && !setting.Admin.DisableRegularOrgCreation
 	u.EmailNotificationsPreference = setting.Admin.DefaultEmailNotification
 	u.MaxRepoCreation = -1
 	u.Theme = setting.UI.DefaultTheme
+	// overwrite defaults if set
+	if len(overwriteDefault) != 0 && overwriteDefault[0] != nil {
+		u.Visibility = overwriteDefault[0].Visibility
+	}
 
 	if _, err = sess.Insert(u); err != nil {
 		return err
diff --git a/routers/api/v1/admin/user.go b/routers/api/v1/admin/user.go
index 968a23dea4bd4..6bc9b849b1fc9 100644
--- a/routers/api/v1/admin/user.go
+++ b/routers/api/v1/admin/user.go
@@ -67,11 +67,6 @@ func CreateUser(ctx *context.APIContext) {
 	//     "$ref": "#/responses/validationError"
 	form := web.GetForm(ctx).(*api.CreateUserOption)
 
-	visibility := api.VisibleTypePublic
-	if form.Visibility != "" {
-		visibility = api.VisibilityModes[form.Visibility]
-	}
-
 	u := &models.User{
 		Name:               form.Username,
 		FullName:           form.FullName,
@@ -80,7 +75,6 @@ func CreateUser(ctx *context.APIContext) {
 		MustChangePassword: true,
 		IsActive:           true,
 		LoginType:          models.LoginPlain,
-		Visibility:         visibility,
 	}
 	if form.MustChangePassword != nil {
 		u.MustChangePassword = *form.MustChangePassword
@@ -104,7 +98,15 @@ func CreateUser(ctx *context.APIContext) {
 		ctx.Error(http.StatusBadRequest, "PasswordPwned", errors.New("PasswordPwned"))
 		return
 	}
-	if err := models.CreateUser(u); err != nil {
+
+	var overwriteDefault *models.CreateUserOverwriteOptions
+	if form.Visibility != "" {
+		overwriteDefault = &models.CreateUserOverwriteOptions{
+			Visibility: api.VisibilityModes[form.Visibility],
+		}
+	}
+
+	if err := models.CreateUser(u, overwriteDefault); err != nil {
 		if models.IsErrUserAlreadyExist(err) ||
 			models.IsErrEmailAlreadyUsed(err) ||
 			models.IsErrNameReserved(err) ||

From b677e38f71c0e3fd9c6ec936ea10da49d26fd37f Mon Sep 17 00:00:00 2001
From: 6543 <6543@obermui.de>
Date: Wed, 16 Jun 2021 23:11:57 +0200
Subject: [PATCH 54/67] fix unit test :D

---
 routers/web/admin/users.go | 13 ++++++-------
 1 file changed, 6 insertions(+), 7 deletions(-)

diff --git a/routers/web/admin/users.go b/routers/web/admin/users.go
index 56cd53eef0f94..dc2a97e5261d1 100644
--- a/routers/web/admin/users.go
+++ b/routers/web/admin/users.go
@@ -89,12 +89,11 @@ func NewUserPost(ctx *context.Context) {
 	}
 
 	u := &models.User{
-		Name:       form.UserName,
-		Email:      form.Email,
-		Passwd:     form.Password,
-		IsActive:   true,
-		LoginType:  models.LoginPlain,
-		Visibility: form.Visibility,
+		Name:      form.UserName,
+		Email:     form.Email,
+		Passwd:    form.Password,
+		IsActive:  true,
+		LoginType: models.LoginPlain,
 	}
 
 	if len(form.LoginType) > 0 {
@@ -131,7 +130,7 @@ func NewUserPost(ctx *context.Context) {
 		u.MustChangePassword = form.MustChangePassword
 	}
 
-	if err := models.CreateUser(u); err != nil {
+	if err := models.CreateUser(u, &models.CreateUserOverwriteOptions{Visibility: form.Visibility}); err != nil {
 		switch {
 		case models.IsErrUserAlreadyExist(err):
 			ctx.Data["Err_UserName"] = true

From 994e7b91452d60d0939788925b1645169d10e285 Mon Sep 17 00:00:00 2001
From: Sergey Dryabzhinsky <sergey@rusoft.ru>
Date: Thu, 17 Jun 2021 22:30:51 +0300
Subject: [PATCH 55/67] Update new ini-option description

---
 custom/conf/app.example.ini | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/custom/conf/app.example.ini b/custom/conf/app.example.ini
index 1f69097367554..8010b73321c5d 100644
--- a/custom/conf/app.example.ini
+++ b/custom/conf/app.example.ini
@@ -642,9 +642,9 @@ PATH =
 ;DEFAULT_ALLOW_CREATE_ORGANIZATION = true
 ;;
 ;; Either "public", "limited" or "private", default is "public"
-;; Limited is for signed user only
-;; Private is only for member of the organization
-;; Public is for everyone
+;; Limited is for users visible only to signed users
+;; Private is for users visible only to members of their organizations
+;; Public is for users visible for everyone
 ;DEFAULT_USER_VISIBILITY = public
 ;;
 ;; Either "public", "limited" or "private", default is "public"

From 87455ffa8ab4b3542eaff4c558786f599a9b7b36 Mon Sep 17 00:00:00 2001
From: Sergey Dryabzhinsky <sergey@rusoft.ru>
Date: Thu, 17 Jun 2021 22:37:57 +0300
Subject: [PATCH 56/67] Update other ini-option description

---
 custom/conf/app.example.ini | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/custom/conf/app.example.ini b/custom/conf/app.example.ini
index c633d0ca858a1..9a250b77001a0 100644
--- a/custom/conf/app.example.ini
+++ b/custom/conf/app.example.ini
@@ -648,9 +648,9 @@ PATH =
 ;DEFAULT_USER_VISIBILITY = public
 ;;
 ;; Either "public", "limited" or "private", default is "public"
-;; Limited is for signed user only
-;; Private is only for member of the organization
-;; Public is for everyone
+;; Limited is for organizations visible only to signed users
+;; Private is for organizations visible only to members of the organization
+;; Public is for organizations visible to everyone
 ;DEFAULT_ORG_VISIBILITY = public
 ;;
 ;; Default value for DefaultOrgMemberVisible

From 06e1e736b511bcbab8f0482630d75329fd519b65 Mon Sep 17 00:00:00 2001
From: Sergey Dryabzhinsky <sergey@rusoft.ru>
Date: Fri, 18 Jun 2021 01:30:50 +0300
Subject: [PATCH 57/67] Fix swagger template

---
 templates/swagger/v1_json.tmpl | 10 +++++-----
 1 file changed, 5 insertions(+), 5 deletions(-)

diff --git a/templates/swagger/v1_json.tmpl b/templates/swagger/v1_json.tmpl
index b4c2d5f8cb242..73e039c855cc1 100644
--- a/templates/swagger/v1_json.tmpl
+++ b/templates/swagger/v1_json.tmpl
@@ -16558,16 +16558,16 @@
           "type": "boolean",
           "x-go-name": "Restricted"
         },
-        "visibility": {
-          "description": "User visibility level option: public (default), limited, private",
-          "type": "string",
-          "x-go-name": "Visibility"
-        },
         "starred_repos_count": {
           "type": "integer",
           "format": "int64",
           "x-go-name": "StarredRepos"
         },
+        "visibility": {
+          "description": "User visibility level option: public (default), limited, private",
+          "type": "string",
+          "x-go-name": "Visibility"
+        },
         "website": {
           "description": "the user's website",
           "type": "string",

From 7c95a0659e35ee9dfef879b1130f8c26813788f8 Mon Sep 17 00:00:00 2001
From: Sergey Dryabzhinsky <sergey@rusoft.ru>
Date: Fri, 25 Jun 2021 15:05:06 +0300
Subject: [PATCH 58/67] Small fixes as suggested

---
 modules/structs/user.go              | 2 +-
 templates/swagger/v1_json.tmpl       | 2 +-
 templates/user/settings/profile.tmpl | 2 +-
 3 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/modules/structs/user.go b/modules/structs/user.go
index f8ed99cdea92b..cd6b7f2510e9c 100644
--- a/modules/structs/user.go
+++ b/modules/structs/user.go
@@ -43,7 +43,7 @@ type User struct {
 	Website string `json:"website"`
 	// the user's description
 	Description string `json:"description"`
-	// User visibility level option: public (default), limited, private
+	// User visibility level option: public, limited, private
 	Visibility string `json:"visibility"`
 
 	// user counts
diff --git a/templates/swagger/v1_json.tmpl b/templates/swagger/v1_json.tmpl
index 73e039c855cc1..f3fa92758f26d 100644
--- a/templates/swagger/v1_json.tmpl
+++ b/templates/swagger/v1_json.tmpl
@@ -16564,7 +16564,7 @@
           "x-go-name": "StarredRepos"
         },
         "visibility": {
-          "description": "User visibility level option: public (default), limited, private",
+          "description": "User visibility level option: public, limited, private",
           "type": "string",
           "x-go-name": "Visibility"
         },
diff --git a/templates/user/settings/profile.tmpl b/templates/user/settings/profile.tmpl
index b6bf6f35d570c..4879fad74fff6 100644
--- a/templates/user/settings/profile.tmpl
+++ b/templates/user/settings/profile.tmpl
@@ -71,7 +71,7 @@
 				<div class="inline field {{if .Err_Visibility}}error{{end}}">
 					<span class="inline required field"><label for="visibility">{{.i18n.Tr "settings.visibility"}}</label></span>
 					<div class="ui selection type dropdown">
-						<input type="hidden" id="visibility" name="visibility" value="{{.visibility}}">
+						<input type="hidden" id="visibility" name="visibility" value="{{.SignedUser.Visibility}}">
 						<div class="text">
 						{{if .User.Visibility.IsPublic}}{{.i18n.Tr "settings.visibility.public"}}{{end}}
 						{{if .User.Visibility.IsLimited}}{{.i18n.Tr "settings.visibility.limited"}}{{end}}

From f768063f28f306d4067bb2f68693df5003fccd68 Mon Sep 17 00:00:00 2001
From: Sergey Dryabzhinsky <sergey@rusoft.ru>
Date: Fri, 25 Jun 2021 17:00:23 +0300
Subject: [PATCH 59/67] Fix user_test - need to check with app-default value,
 fix selected value in templates

---
 routers/web/admin/users_test.go      |  3 ++-
 templates/admin/user/edit.tmpl       | 10 +++++++++-
 templates/user/settings/profile.tmpl | 16 ++++++++++++----
 3 files changed, 23 insertions(+), 6 deletions(-)

diff --git a/routers/web/admin/users_test.go b/routers/web/admin/users_test.go
index cb68f0110e3c0..17c5a309b4d93 100644
--- a/routers/web/admin/users_test.go
+++ b/routers/web/admin/users_test.go
@@ -8,6 +8,7 @@ import (
 	"testing"
 
 	"code.gitea.io/gitea/models"
+	"code.gitea.io/gitea/modules/setting"
 	api "code.gitea.io/gitea/modules/structs"
 	"code.gitea.io/gitea/modules/test"
 	"code.gitea.io/gitea/modules/web"
@@ -159,7 +160,7 @@ func TestNewUserPost_VisiblityDefaultPublic(t *testing.T) {
 	assert.Equal(t, username, u.Name)
 	assert.Equal(t, email, u.Email)
 	// As default user visibility
-	assert.True(t, u.Visibility.IsPublic())
+	assert.Equal(t, setting.Service.DefaultUserVisibilityMode, u.Visibility)
 }
 
 func TestNewUserPost_VisibilityPrivate(t *testing.T) {
diff --git a/templates/admin/user/edit.tmpl b/templates/admin/user/edit.tmpl
index 117d5943faa8d..dba24d9837df0 100644
--- a/templates/admin/user/edit.tmpl
+++ b/templates/admin/user/edit.tmpl
@@ -32,7 +32,15 @@
 				<div class="inline field {{if .Err_Visibility}}error{{end}}">
 					<span class="inline required field"><label for="visibility">{{.i18n.Tr "settings.visibility"}}</label></span>
 					<div class="ui selection type dropdown">
-						<input type="hidden" id="visibility" name="visibility" value="{{.visibility}}">
+						{{if .User.Visibility.IsPublic}}
+						<input type="hidden" id="visibility" name="visibility" value="0">
+						{{end}}
+						{{if .User.Visibility.IsLimited}}
+						<input type="hidden" id="visibility" name="visibility" value="1">
+						{{end}}
+						{{if .User.Visibility.IsPrivate}}
+						<input type="hidden" id="visibility" name="visibility" value="2">
+						{{end}}
 						<div class="text">
 						{{if .User.Visibility.IsPublic}}{{.i18n.Tr "settings.visibility.public"}}{{end}}
 						{{if .User.Visibility.IsLimited}}{{.i18n.Tr "settings.visibility.limited"}}{{end}}
diff --git a/templates/user/settings/profile.tmpl b/templates/user/settings/profile.tmpl
index 4879fad74fff6..4b860049d8323 100644
--- a/templates/user/settings/profile.tmpl
+++ b/templates/user/settings/profile.tmpl
@@ -71,11 +71,19 @@
 				<div class="inline field {{if .Err_Visibility}}error{{end}}">
 					<span class="inline required field"><label for="visibility">{{.i18n.Tr "settings.visibility"}}</label></span>
 					<div class="ui selection type dropdown">
-						<input type="hidden" id="visibility" name="visibility" value="{{.SignedUser.Visibility}}">
+						{{if .SignedUser.Visibility.IsPublic}}
+						<input type="hidden" id="visibility" name="visibility" value="0">
+						{{end}}
+						{{if .SignedUser.Visibility.IsLimited}}
+						<input type="hidden" id="visibility" name="visibility" value="1">
+						{{end}}
+						{{if .SignedUser.Visibility.IsPrivate}}
+						<input type="hidden" id="visibility" name="visibility" value="2">
+						{{end}}
 						<div class="text">
-						{{if .User.Visibility.IsPublic}}{{.i18n.Tr "settings.visibility.public"}}{{end}}
-						{{if .User.Visibility.IsLimited}}{{.i18n.Tr "settings.visibility.limited"}}{{end}}
-						{{if .User.Visibility.IsPrivate}}{{.i18n.Tr "settings.visibility.private"}}{{end}}
+						{{if .SignedUser.Visibility.IsPublic}}{{.i18n.Tr "settings.visibility.public"}}{{end}}
+						{{if .SignedUser.Visibility.IsLimited}}{{.i18n.Tr "settings.visibility.limited"}}{{end}}
+						{{if .SignedUser.Visibility.IsPrivate}}{{.i18n.Tr "settings.visibility.private"}}{{end}}
 						</div>
 						{{svg "octicon-triangle-down" 14 "dropdown icon"}}
 						<div class="menu">

From 7fcb9be24861b62bd59f2dad44b0b2e494592f4a Mon Sep 17 00:00:00 2001
From: 6543 <6543@obermui.de>
Date: Fri, 25 Jun 2021 15:51:45 +0200
Subject: [PATCH 60/67] User-Repos respect user Visible setting

---
 models/org.go               | 16 ++++++++--------
 models/org_test.go          | 18 +++++++++---------
 models/repo.go              |  3 +--
 models/repo_permission.go   |  6 +++---
 routers/api/v1/org/org.go   |  4 ++--
 routers/api/v1/repo/repo.go |  4 ++--
 routers/web/org/home.go     |  4 ++--
 7 files changed, 27 insertions(+), 28 deletions(-)

diff --git a/models/org.go b/models/org.go
index 7f9e3cce5b624..073b26c2f8b69 100644
--- a/models/org.go
+++ b/models/org.go
@@ -455,22 +455,22 @@ func getOwnedOrgsByUserID(sess *xorm.Session, userID int64) ([]*User, error) {
 		Find(&orgs)
 }
 
-// HasOrgVisible tells if the given user can see the given org
-func HasOrgVisible(org, user *User) bool {
-	return hasOrgVisible(x, org, user)
+// HasOrgOrUserVisible tells if the given user can see the given org or user
+func HasOrgOrUserVisible(org, user *User) bool {
+	return hasOrgOrUserVisible(x, org, user)
 }
 
-func hasOrgVisible(e Engine, org, user *User) bool {
+func hasOrgOrUserVisible(e Engine, orgOrUser, user *User) bool {
 	// Not SignedUser
 	if user == nil {
-		return org.Visibility == structs.VisibleTypePublic
+		return orgOrUser.Visibility == structs.VisibleTypePublic
 	}
 
-	if user.IsAdmin {
+	if user.IsAdmin || orgOrUser.ID == user.ID {
 		return true
 	}
 
-	if (org.Visibility == structs.VisibleTypePrivate || user.IsRestricted) && !org.hasMemberWithUserID(e, user.ID) {
+	if (orgOrUser.Visibility == structs.VisibleTypePrivate || user.IsRestricted) && !orgOrUser.hasMemberWithUserID(e, user.ID) {
 		return false
 	}
 	return true
@@ -483,7 +483,7 @@ func HasOrgsVisible(orgs []*User, user *User) bool {
 	}
 
 	for _, org := range orgs {
-		if HasOrgVisible(org, user) {
+		if HasOrgOrUserVisible(org, user) {
 			return true
 		}
 	}
diff --git a/models/org_test.go b/models/org_test.go
index bed7a6eb8632f..e494e502dd31e 100644
--- a/models/org_test.go
+++ b/models/org_test.go
@@ -586,9 +586,9 @@ func TestHasOrgVisibleTypePublic(t *testing.T) {
 	assert.NoError(t, CreateOrganization(org, owner))
 	org = AssertExistsAndLoadBean(t,
 		&User{Name: org.Name, Type: UserTypeOrganization}).(*User)
-	test1 := HasOrgVisible(org, owner)
-	test2 := HasOrgVisible(org, user3)
-	test3 := HasOrgVisible(org, nil)
+	test1 := HasOrgOrUserVisible(org, owner)
+	test2 := HasOrgOrUserVisible(org, user3)
+	test3 := HasOrgOrUserVisible(org, nil)
 	assert.True(t, test1) // owner of org
 	assert.True(t, test2) // user not a part of org
 	assert.True(t, test3) // logged out user
@@ -609,9 +609,9 @@ func TestHasOrgVisibleTypeLimited(t *testing.T) {
 	assert.NoError(t, CreateOrganization(org, owner))
 	org = AssertExistsAndLoadBean(t,
 		&User{Name: org.Name, Type: UserTypeOrganization}).(*User)
-	test1 := HasOrgVisible(org, owner)
-	test2 := HasOrgVisible(org, user3)
-	test3 := HasOrgVisible(org, nil)
+	test1 := HasOrgOrUserVisible(org, owner)
+	test2 := HasOrgOrUserVisible(org, user3)
+	test3 := HasOrgOrUserVisible(org, nil)
 	assert.True(t, test1)  // owner of org
 	assert.True(t, test2)  // user not a part of org
 	assert.False(t, test3) // logged out user
@@ -632,9 +632,9 @@ func TestHasOrgVisibleTypePrivate(t *testing.T) {
 	assert.NoError(t, CreateOrganization(org, owner))
 	org = AssertExistsAndLoadBean(t,
 		&User{Name: org.Name, Type: UserTypeOrganization}).(*User)
-	test1 := HasOrgVisible(org, owner)
-	test2 := HasOrgVisible(org, user3)
-	test3 := HasOrgVisible(org, nil)
+	test1 := HasOrgOrUserVisible(org, owner)
+	test2 := HasOrgOrUserVisible(org, user3)
+	test3 := HasOrgOrUserVisible(org, nil)
 	assert.True(t, test1)  // owner of org
 	assert.False(t, test2) // user not a part of org
 	assert.False(t, test3) // logged out user
diff --git a/models/repo.go b/models/repo.go
index 2baf6e9bdd945..a526afff1f145 100644
--- a/models/repo.go
+++ b/models/repo.go
@@ -585,8 +585,7 @@ func (repo *Repository) getReviewers(e Engine, doerID, posterID int64) ([]*User,
 
 	var users []*User
 
-	if repo.IsPrivate ||
-		(repo.Owner.IsOrganization() && repo.Owner.Visibility == api.VisibleTypePrivate) {
+	if repo.IsPrivate || repo.Owner.Visibility == api.VisibleTypePrivate {
 		// This a private repository:
 		// Anyone who can read the repository is a requestable reviewer
 		if err := e.
diff --git a/models/repo_permission.go b/models/repo_permission.go
index 138613b2e92e3..94475b7a1d0b3 100644
--- a/models/repo_permission.go
+++ b/models/repo_permission.go
@@ -176,9 +176,9 @@ func getUserRepoPermission(e Engine, repo *Repository, user *User) (perm Permiss
 		return
 	}
 
-	// Prevent strangers from checking out public repo of private orginization
-	// Allow user if they are collaborator of a repo within a private orginization but not a member of the orginization itself
-	if repo.Owner.IsOrganization() && !hasOrgVisible(e, repo.Owner, user) && !isCollaborator {
+	// Prevent strangers from checking out public repo of private orginization/users
+	// Allow user if they are collaborator of a repo within a private user or a private orginization but not a member of the orginization itself
+	if !hasOrgOrUserVisible(e, repo.Owner, user) && !isCollaborator {
 		perm.AccessMode = AccessModeNone
 		return
 	}
diff --git a/routers/api/v1/org/org.go b/routers/api/v1/org/org.go
index f4a634f4d56c0..5c16594f89d18 100644
--- a/routers/api/v1/org/org.go
+++ b/routers/api/v1/org/org.go
@@ -225,8 +225,8 @@ func Get(ctx *context.APIContext) {
 	//   "200":
 	//     "$ref": "#/responses/Organization"
 
-	if !models.HasOrgVisible(ctx.Org.Organization, ctx.User) {
-		ctx.NotFound("HasOrgVisible", nil)
+	if !models.HasOrgOrUserVisible(ctx.Org.Organization, ctx.User) {
+		ctx.NotFound("HasOrgOrUserVisible", nil)
 		return
 	}
 	ctx.JSON(http.StatusOK, convert.ToOrganization(ctx.Org.Organization))
diff --git a/routers/api/v1/repo/repo.go b/routers/api/v1/repo/repo.go
index 7a3160fa9937e..35d349051057d 100644
--- a/routers/api/v1/repo/repo.go
+++ b/routers/api/v1/repo/repo.go
@@ -375,8 +375,8 @@ func CreateOrgRepo(ctx *context.APIContext) {
 		return
 	}
 
-	if !models.HasOrgVisible(org, ctx.User) {
-		ctx.NotFound("HasOrgVisible", nil)
+	if !models.HasOrgOrUserVisible(org, ctx.User) {
+		ctx.NotFound("HasOrgOrUserVisible", nil)
 		return
 	}
 
diff --git a/routers/web/org/home.go b/routers/web/org/home.go
index ad14f18454447..aad0a2a90b336 100644
--- a/routers/web/org/home.go
+++ b/routers/web/org/home.go
@@ -30,8 +30,8 @@ func Home(ctx *context.Context) {
 
 	org := ctx.Org.Organization
 
-	if !models.HasOrgVisible(org, ctx.User) {
-		ctx.NotFound("HasOrgVisible", nil)
+	if !models.HasOrgOrUserVisible(org, ctx.User) {
+		ctx.NotFound("HasOrgOrUserVisible", nil)
 		return
 	}
 

From d04c7280b6f63cdb987251f580fdffe3815561c0 Mon Sep 17 00:00:00 2001
From: Sergey Dryabzhinsky <sergey@rusoft.ru>
Date: Fri, 25 Jun 2021 17:11:53 +0300
Subject: [PATCH 61/67] Respect current User in list search

---
 routers/web/admin/orgs.go | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/routers/web/admin/orgs.go b/routers/web/admin/orgs.go
index 618f945704492..a2b3ed1bcc0fe 100644
--- a/routers/web/admin/orgs.go
+++ b/routers/web/admin/orgs.go
@@ -25,7 +25,8 @@ func Organizations(ctx *context.Context) {
 	ctx.Data["PageIsAdminOrganizations"] = true
 
 	explore.RenderUserSearch(ctx, &models.SearchUserOptions{
-		Type: models.UserTypeOrganization,
+		Actor: ctx.User,
+		Type:  models.UserTypeOrganization,
 		ListOptions: models.ListOptions{
 			PageSize: setting.UI.Admin.OrgPagingNum,
 		},

From e4b39c2c8811fb0740a86ae51d3394600ad723a1 Mon Sep 17 00:00:00 2001
From: 6543 <6543@obermui.de>
Date: Fri, 25 Jun 2021 16:18:04 +0200
Subject: [PATCH 62/67] hide user provile

---
 models/user.go              | 19 +++++++++++++++++++
 routers/web/user/profile.go | 16 +++++++++++-----
 2 files changed, 30 insertions(+), 5 deletions(-)

diff --git a/models/user.go b/models/user.go
index ee55b88192a5f..1753bf541600a 100644
--- a/models/user.go
+++ b/models/user.go
@@ -432,6 +432,25 @@ func (u *User) IsPasswordSet() bool {
 	return len(u.Passwd) != 0
 }
 
+func (u *User) IsVisibleToUser(viewer *User) bool {
+	switch u.Visibility {
+	case structs.VisibleTypePublic:
+		return true
+	case structs.VisibleTypeLimited:
+		if viewer == nil || viewer.IsRestricted {
+			return false
+		}
+		return true
+	case structs.VisibleTypePrivate:
+		if viewer == nil || viewer.IsRestricted {
+			return false
+		}
+		// if private user if follow the viewer he know each other ...
+		return IsFollowing(u.ID, viewer.ID) || viewer.IsAdmin
+	}
+	return false
+}
+
 // IsOrganization returns true if user is actually a organization.
 func (u *User) IsOrganization() bool {
 	return u.Type == UserTypeOrganization
diff --git a/routers/web/user/profile.go b/routers/web/user/profile.go
index 72d00666453e2..631ca2113512a 100644
--- a/routers/web/user/profile.go
+++ b/routers/web/user/profile.go
@@ -75,6 +75,17 @@ func Profile(ctx *context.Context) {
 		return
 	}
 
+	if ctxUser.IsOrganization() {
+		org.Home(ctx)
+		return
+	}
+
+	// check view permissions
+	if !ctxUser.IsVisibleToUser(ctx.User) {
+		ctx.NotFound("user", fmt.Errorf(uname))
+		return
+	}
+
 	// Show SSH keys.
 	if isShowKeys {
 		ShowSSHKeys(ctx, ctxUser.ID)
@@ -87,11 +98,6 @@ func Profile(ctx *context.Context) {
 		return
 	}
 
-	if ctxUser.IsOrganization() {
-		org.Home(ctx)
-		return
-	}
-
 	// Show OpenID URIs
 	openIDs, err := models.GetUserOpenIDs(ctxUser.ID)
 	if err != nil {

From fd4f14728b9ff01c48a4768a8fc8b419b0686b9a Mon Sep 17 00:00:00 2001
From: 6543 <6543@obermui.de>
Date: Fri, 25 Jun 2021 16:25:36 +0200
Subject: [PATCH 63/67] fix lint

---
 models/user.go | 1 +
 1 file changed, 1 insertion(+)

diff --git a/models/user.go b/models/user.go
index 1753bf541600a..720dba5fa2d10 100644
--- a/models/user.go
+++ b/models/user.go
@@ -432,6 +432,7 @@ func (u *User) IsPasswordSet() bool {
 	return len(u.Passwd) != 0
 }
 
+// IsVisibleToUser check if viewer is able to see user profile
 func (u *User) IsVisibleToUser(viewer *User) bool {
 	switch u.Visibility {
 	case structs.VisibleTypePublic:

From f24d3bc54710b48b9db73fd8cdfbb7c6face0171 Mon Sep 17 00:00:00 2001
From: Sergey Dryabzhinsky <sergey@rusoft.ru>
Date: Fri, 25 Jun 2021 19:49:36 +0300
Subject: [PATCH 64/67] Append simple visibility check to user GetInfo api

---
 routers/api/v1/user/user.go | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/routers/api/v1/user/user.go b/routers/api/v1/user/user.go
index 5eee127350ae2..44d392c47839b 100644
--- a/routers/api/v1/user/user.go
+++ b/routers/api/v1/user/user.go
@@ -103,6 +103,10 @@ func GetInfo(ctx *context.APIContext) {
 	//     "$ref": "#/responses/notFound"
 
 	u := GetUserByParams(ctx)
+	if !u.IsVisibleToUser(ctx.User) {
+		ctx.JSON(http.StatusNotFound, nil)
+		return
+	}
 	if ctx.Written() {
 		return
 	}

From 89255e93f5a30b7d107b28c560b34424b6ad8002 Mon Sep 17 00:00:00 2001
From: Sergey Dryabzhinsky <sergey@rusoft.ru>
Date: Fri, 25 Jun 2021 22:09:01 +0300
Subject: [PATCH 65/67] Fix visibility check for api get user info:

- check for teams intersection
- fix context output
- right fake 404 if not visible
---
 models/user.go                | 62 +++++++++++++++++++++++++++++++++--
 routers/api/v1/user/helper.go |  2 +-
 routers/api/v1/user/user.go   | 10 +++---
 3 files changed, 67 insertions(+), 7 deletions(-)

diff --git a/models/user.go b/models/user.go
index 720dba5fa2d10..9e5d08ef7cf85 100644
--- a/models/user.go
+++ b/models/user.go
@@ -434,6 +434,11 @@ func (u *User) IsPasswordSet() bool {
 
 // IsVisibleToUser check if viewer is able to see user profile
 func (u *User) IsVisibleToUser(viewer *User) bool {
+
+	if viewer != nil && viewer.IsAdmin {
+		return true
+	}
+
 	switch u.Visibility {
 	case structs.VisibleTypePublic:
 		return true
@@ -446,8 +451,61 @@ func (u *User) IsVisibleToUser(viewer *User) bool {
 		if viewer == nil || viewer.IsRestricted {
 			return false
 		}
-		// if private user if follow the viewer he know each other ...
-		return IsFollowing(u.ID, viewer.ID) || viewer.IsAdmin
+
+		// If they follow - they see each over
+		follower := IsFollowing(u.ID, viewer.ID)
+		if follower {
+			return true
+		}
+
+		// Now we need to check if they in some team together
+
+		var orgIds1 []int64
+		var orgIds2 []int64
+
+		// First user all teams organization
+		if err := x.Table("team_user").
+			Cols("team_user.org_id").
+			Where("team_user.uid = ?", u.ID).
+			Find(&orgIds1); err != nil {
+			return false
+		}
+		if len(orgIds1) == 0 {
+			// No teams 1
+			return false
+		}
+
+		// Second user all teams organization
+		if err := x.Table("team_user").
+			Cols("team_user.org_id").
+			Where("team_user.uid = ?", viewer.ID).
+			Find(&orgIds2); err != nil {
+			return false
+		}
+		if len(orgIds2) == 0 {
+			// No teams 2
+			return false
+		}
+
+		// Intersect they organizations
+		var cond builder.Cond = builder.
+			In("id", orgIds1).
+			And(builder.In("id", orgIds2)).
+			And(builder.Eq{"type": UserTypeOrganization})
+		count, err := x.Table("user").
+			Cols("id").
+			Where(cond).
+			Count(1)
+		if err != nil {
+			return false
+		}
+		if count == 0 {
+			// they teams from different orgs?
+			return false
+		}
+
+		// they in some organizations together
+		return true
 	}
 	return false
 }
diff --git a/routers/api/v1/user/helper.go b/routers/api/v1/user/helper.go
index fcdac257edc8d..a3500e0ee6487 100644
--- a/routers/api/v1/user/helper.go
+++ b/routers/api/v1/user/helper.go
@@ -17,7 +17,7 @@ func GetUserByParamsName(ctx *context.APIContext, name string) *models.User {
 	user, err := models.GetUserByName(username)
 	if err != nil {
 		if models.IsErrUserNotExist(err) {
-			if redirectUserID, err := models.LookupUserRedirect(username); err == nil {
+			if redirectUserID, err2 := models.LookupUserRedirect(username); err2 == nil {
 				context.RedirectToUser(ctx.Context, username, redirectUserID)
 			} else {
 				ctx.NotFound("GetUserByName", err)
diff --git a/routers/api/v1/user/user.go b/routers/api/v1/user/user.go
index 44d392c47839b..ac543d597d7e8 100644
--- a/routers/api/v1/user/user.go
+++ b/routers/api/v1/user/user.go
@@ -103,14 +103,16 @@ func GetInfo(ctx *context.APIContext) {
 	//     "$ref": "#/responses/notFound"
 
 	u := GetUserByParams(ctx)
-	if !u.IsVisibleToUser(ctx.User) {
-		ctx.JSON(http.StatusNotFound, nil)
-		return
-	}
+
 	if ctx.Written() {
 		return
 	}
 
+	if !u.IsVisibleToUser(ctx.User) {
+		// fake ErrUserNotExist error message to not leak information about existence
+		ctx.NotFound("GetUserByName", models.ErrUserNotExist{Name: ctx.Params(":username")})
+		return
+	}
 	ctx.JSON(http.StatusOK, convert.ToUser(u, ctx.User))
 }
 

From 79770b5ad48eee108028ec38f110f7ae853f7540 Mon Sep 17 00:00:00 2001
From: Andrew Thornton <art27@cantab.net>
Date: Sat, 26 Jun 2021 18:28:16 +0100
Subject: [PATCH 66/67] Improve the team test

Signed-off-by: Andrew Thornton <art27@cantab.net>
---
 models/user.go | 60 ++++++++++++++++----------------------------------
 1 file changed, 19 insertions(+), 41 deletions(-)

diff --git a/models/user.go b/models/user.go
index 9e5d08ef7cf85..221c840a7f7f3 100644
--- a/models/user.go
+++ b/models/user.go
@@ -434,7 +434,10 @@ func (u *User) IsPasswordSet() bool {
 
 // IsVisibleToUser check if viewer is able to see user profile
 func (u *User) IsVisibleToUser(viewer *User) bool {
+	return u.isVisibleToUser(x, viewer)
+}
 
+func (u *User) isVisibleToUser(e Engine, viewer *User) bool {
 	if viewer != nil && viewer.IsAdmin {
 		return true
 	}
@@ -458,53 +461,28 @@ func (u *User) IsVisibleToUser(viewer *User) bool {
 			return true
 		}
 
-		// Now we need to check if they in some team together
-
-		var orgIds1 []int64
-		var orgIds2 []int64
-
-		// First user all teams organization
-		if err := x.Table("team_user").
-			Cols("team_user.org_id").
-			Where("team_user.uid = ?", u.ID).
-			Find(&orgIds1); err != nil {
-			return false
-		}
-		if len(orgIds1) == 0 {
-			// No teams 1
-			return false
-		}
-
-		// Second user all teams organization
-		if err := x.Table("team_user").
-			Cols("team_user.org_id").
-			Where("team_user.uid = ?", viewer.ID).
-			Find(&orgIds2); err != nil {
-			return false
-		}
-		if len(orgIds2) == 0 {
-			// No teams 2
-			return false
-		}
-
-		// Intersect they organizations
-		var cond builder.Cond = builder.
-			In("id", orgIds1).
-			And(builder.In("id", orgIds2)).
-			And(builder.Eq{"type": UserTypeOrganization})
-		count, err := x.Table("user").
-			Cols("id").
-			Where(cond).
-			Count(1)
+		// Now we need to check if they in some organization together
+		count, err := x.Table("team_user").
+			Where(
+				builder.And(
+					builder.Eq{"uid": viewer.ID},
+					builder.Or(
+						builder.Eq{"org_id": u.ID},
+						builder.In("org_id",
+							builder.Select("org_id").
+								From("team_user", "t2").
+								Where(builder.Eq{"uid": u.ID}))))).
+			Count(new(TeamUser))
 		if err != nil {
 			return false
 		}
-		if count == 0 {
-			// they teams from different orgs?
+
+		if count < 0 {
+			// No common organization
 			return false
 		}
 
-		// they in some organizations together
+		// they are in an organization together
 		return true
 	}
 	return false

From 06fbdd59b41a3847d46b37e9340e77f6d8187e4c Mon Sep 17 00:00:00 2001
From: zeripath <art27@cantab.net>
Date: Sat, 26 Jun 2021 18:34:52 +0100
Subject: [PATCH 67/67] Update models/repo_permission.go

---
 models/repo_permission.go | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/models/repo_permission.go b/models/repo_permission.go
index 94475b7a1d0b3..4f043a58ccfae 100644
--- a/models/repo_permission.go
+++ b/models/repo_permission.go
@@ -177,7 +177,7 @@ func getUserRepoPermission(e Engine, repo *Repository, user *User) (perm Permiss
 	}
 
 	// Prevent strangers from checking out public repo of private orginization/users
-	// Allow user if they are collaborator of a repo within a private user or a private orginization but not a member of the orginization itself
+	// Allow user if they are collaborator of a repo within a private user or a private organization but not a member of the organization itself
 	if !hasOrgOrUserVisible(e, repo.Owner, user) && !isCollaborator {
 		perm.AccessMode = AccessModeNone
 		return