debian-mirror-gitlab/app/controllers/admin/users_controller.rb

184 lines
4.7 KiB
Ruby
Raw Normal View History

2014-09-02 18:07:02 +05:30
class Admin::UsersController < Admin::ApplicationController
2015-09-11 14:41:01 +05:30
before_action :user, except: [:index, :new, :create]
2014-09-02 18:07:02 +05:30
def index
2015-04-26 12:48:37 +05:30
@users = User.order_name_asc.filter(params[:filter])
2014-09-02 18:07:02 +05:30
@users = @users.search(params[:name]) if params[:name].present?
2015-04-26 12:48:37 +05:30
@users = @users.sort(@sort = params[:sort])
@users = @users.page(params[:page])
2014-09-02 18:07:02 +05:30
end
def show
2015-09-11 14:41:01 +05:30
end
def projects
2014-09-02 18:07:02 +05:30
@personal_projects = user.personal_projects
@joined_projects = user.projects.joined(@user)
2015-09-11 14:41:01 +05:30
end
def groups
end
def keys
2015-04-26 12:48:37 +05:30
@keys = user.keys
2014-09-02 18:07:02 +05:30
end
def new
@user = User.new
end
def edit
user
end
2016-06-02 11:05:42 +05:30
def impersonate
if user.blocked?
flash[:alert] = "You cannot impersonate a blocked user"
redirect_to admin_user_path(user)
else
session[:impersonator_id] = current_user.id
warden.set_user(user, scope: :user)
Gitlab::AppLogger.info("User #{current_user.username} has started impersonating #{user.username}")
flash[:alert] = "You are now impersonating #{user.username}"
redirect_to root_path
end
end
2014-09-02 18:07:02 +05:30
def block
if user.block
2015-10-24 18:46:33 +05:30
redirect_back_or_admin_user(notice: "Successfully blocked")
2014-09-02 18:07:02 +05:30
else
2015-10-24 18:46:33 +05:30
redirect_back_or_admin_user(alert: "Error occurred. User was not blocked")
2014-09-02 18:07:02 +05:30
end
end
def unblock
if user.ldap_blocked?
redirect_back_or_admin_user(alert: "This user cannot be unlocked manually from GitLab")
elsif user.activate
2015-10-24 18:46:33 +05:30
redirect_back_or_admin_user(notice: "Successfully unblocked")
2014-09-02 18:07:02 +05:30
else
2015-10-24 18:46:33 +05:30
redirect_back_or_admin_user(alert: "Error occurred. User was not unblocked")
2014-09-02 18:07:02 +05:30
end
end
2015-09-11 14:41:01 +05:30
def unlock
if user.unlock_access!
2015-10-24 18:46:33 +05:30
redirect_back_or_admin_user(alert: "Successfully unlocked")
2015-09-11 14:41:01 +05:30
else
2015-10-24 18:46:33 +05:30
redirect_back_or_admin_user(alert: "Error occurred. User was not unlocked")
2015-09-11 14:41:01 +05:30
end
end
def confirm
2015-09-25 12:07:36 +05:30
if user.confirm
2015-10-24 18:46:33 +05:30
redirect_back_or_admin_user(notice: "Successfully confirmed")
2015-09-11 14:41:01 +05:30
else
2015-10-24 18:46:33 +05:30
redirect_back_or_admin_user(alert: "Error occurred. User was not confirmed")
2015-09-11 14:41:01 +05:30
end
end
def disable_two_factor
user.disable_two_factor!
redirect_to admin_user_path(user),
notice: 'Two-factor Authentication has been disabled for this user'
end
2014-09-02 18:07:02 +05:30
def create
opts = {
force_random_password: true,
password_expires_at: nil
}
@user = User.new(user_params.merge(opts))
@user.created_by_id = current_user.id
@user.generate_password
@user.generate_reset_token
@user.skip_confirmation!
respond_to do |format|
if @user.save
format.html { redirect_to [:admin, @user], notice: 'User was successfully created.' }
format.json { render json: @user, status: :created, location: @user }
else
format.html { render "new" }
format.json { render json: @user.errors, status: :unprocessable_entity }
end
end
end
def update
user_params_with_pass = user_params.dup
if params[:user][:password].present?
user_params_with_pass.merge!(
password: params[:user][:password],
password_confirmation: params[:user][:password_confirmation],
2016-06-02 11:05:42 +05:30
password_expires_at: Time.now
2014-09-02 18:07:02 +05:30
)
end
respond_to do |format|
2015-04-26 12:48:37 +05:30
user.skip_reconfirmation!
2014-09-02 18:07:02 +05:30
if user.update_attributes(user_params_with_pass)
format.html { redirect_to [:admin, user], notice: 'User was successfully updated.' }
format.json { head :ok }
else
# restore username to keep form action url.
user.username = params[:id]
format.html { render "edit" }
format.json { render json: user.errors, status: :unprocessable_entity }
end
end
end
def destroy
2016-06-02 11:05:42 +05:30
DeleteUserWorker.perform_async(current_user.id, user.id)
2014-09-02 18:07:02 +05:30
respond_to do |format|
2016-06-02 11:05:42 +05:30
format.html { redirect_to admin_users_path, notice: "The user is being deleted." }
2014-09-02 18:07:02 +05:30
format.json { head :ok }
end
end
def remove_email
email = user.emails.find(params[:email_id])
email.destroy
2015-09-11 14:41:01 +05:30
user.update_secondary_emails!
2015-04-26 12:48:37 +05:30
2014-09-02 18:07:02 +05:30
respond_to do |format|
2015-10-24 18:46:33 +05:30
format.html { redirect_back_or_admin_user(notice: "Successfully removed email.") }
2016-06-02 11:05:42 +05:30
format.js { head :ok }
2014-09-02 18:07:02 +05:30
end
end
protected
def user
@user ||= User.find_by!(username: params[:id])
end
def user_params
params.require(:user).permit(
:email, :remember_me, :bio, :name, :username,
:skype, :linkedin, :twitter, :website_url, :color_scheme_id, :theme_id, :force_random_password,
2015-04-26 12:48:37 +05:30
:extern_uid, :provider, :password_expires_at, :avatar, :hide_no_ssh_key, :hide_no_password,
2016-06-02 11:05:42 +05:30
:projects_limit, :can_create_group, :admin, :key_id, :external
2014-09-02 18:07:02 +05:30
)
end
2015-10-24 18:46:33 +05:30
def redirect_back_or_admin_user(options = {})
redirect_back_or_default(default: default_route, options: options)
end
def default_route
[:admin, @user]
end
2014-09-02 18:07:02 +05:30
end