debian-mirror-gitlab/app/controllers/profiles_controller.rb

# frozen_string_literal: true

class ProfilesController < Profiles::ApplicationController
  include ActionView::Helpers::SanitizeHelper
  include Gitlab::Tracking

  before_action :user
  before_action :authorize_change_username!, only: :update_username
  before_action only: :update_username do
    check_rate_limit!(:profile_update_username, scope: current_user) if Feature.enabled?(:rate_limit_profile_update_username, default_enabled: :yaml)
  end
  skip_before_action :require_email, only: [:show, :update]
  before_action do
    push_frontend_feature_flag(:webauthn, default_enabled: :yaml)
  end

  feature_category :users

  def show
  end

  def update
    respond_to do |format|
      result = Users::UpdateService.new(current_user, user_params.merge(user: @user)).execute(check_password: true)

      if result[:status] == :success
        message = s_("Profiles|Profile was successfully updated")

        format.html { redirect_back_or_default(default: { action: 'show' }, options: { notice: message }) }
        format.json { render json: { message: message } }
      else
        format.html { redirect_back_or_default(default: { action: 'show' }, options: { alert: result[:message] }) }
        format.json { render json: result }
      end
    end
  end

  def reset_incoming_email_token
    Users::UpdateService.new(current_user, user: @user).execute! do |user|
      user.reset_incoming_email_token!
    end

    flash[:notice] = s_("Profiles|Incoming email token was successfully reset")

    redirect_to profile_personal_access_tokens_path
  end

  def reset_feed_token
    Users::UpdateService.new(current_user, user: @user).execute! do |user|
      user.reset_feed_token!
    end

    flash[:notice] = s_('Profiles|Feed token was successfully reset')

    redirect_to profile_personal_access_tokens_path
  end

  def reset_static_object_token
    Users::UpdateService.new(current_user, user: @user).execute! do |user|
      user.reset_static_object_token!
    end

    redirect_to profile_personal_access_tokens_path,
      notice: s_('Profiles|Static object token was successfully reset')
  end

  # rubocop: disable CodeReuse/ActiveRecord
  def audit_log
    @events = AuthenticationEvent.where(user: current_user)
      .order("created_at DESC")
      .page(params[:page])

    Gitlab::Tracking.event(self.class.name, 'search_audit_event', user: current_user)
  end
  # rubocop: enable CodeReuse/ActiveRecord

  def update_username
    result = Users::UpdateService.new(current_user, user: @user, username: username_param).execute

    respond_to do |format|
      if result[:status] == :success
        message = s_("Profiles|Username successfully changed")

        format.html { redirect_back_or_default(default: { action: 'show' }, options: { notice: message }) }
        format.json { render json: { message: message }, status: :ok }
      else
        message = s_("Profiles|Username change failed - %{message}") % { message: result[:message] }

        format.html { redirect_back_or_default(default: { action: 'show' }, options: { alert: message }) }
        format.json { render json: { message: message }, status: :unprocessable_entity }
      end
    end
  end

  private

  def user
    @user = current_user
  end

  def authorize_change_username!
    return render_404 unless @user.can_change_username?
  end

  def username_param
    @username_param ||= user_params.require(:username)
  end

  def user_params_attributes
    [
      :avatar,
      :bio,
      :email,
      :role,
      :gitpod_enabled,
      :hide_no_password,
      :hide_no_ssh_key,
      :hide_project_limit,
      :linkedin,
      :location,
      :name,
      :public_email,
      :commit_email,
      :skype,
      :twitter,
      :username,
      :website_url,
      :organization,
      :private_profile,
      :include_private_contributions,
      :timezone,
      :job_title,
      :pronouns,
      :pronunciation,
      :validation_password,
      status: [:emoji, :message, :availability]
    ]
  end

  def user_params
    @user_params ||= params.require(:user).permit(user_params_attributes)
  end
end

ProfilesController.prepend_mod
New upstream version 11.4.9+dfsg 2018-12-05 23:21:45 +05:30			`# frozen_string_literal: true`

Imported Upstream version 7.14.3 2015-09-11 14:41:01 +05:30			`class ProfilesController < Profiles::ApplicationController`
Imported Upstream version 7.2.1 2014-09-02 18:07:02 +05:30			`include ActionView::Helpers::SanitizeHelper`
New upstream version 13.5.5 2021-01-03 14:25:43 +05:30			`include Gitlab::Tracking`
Imported Upstream version 7.2.1 2014-09-02 18:07:02 +05:30
Imported Upstream version 7.14.3 2015-09-11 14:41:01 +05:30			`before_action :user`
			`before_action :authorize_change_username!, only: :update_username`
New upstream version 14.7.4+ds1 2022-03-02 08:16:31 +05:30			`before_action only: :update_username do`
			`check_rate_limit!(:profile_update_username, scope: current_user) if Feature.enabled?(:rate_limit_profile_update_username, default_enabled: :yaml)`
			`end`
Imported Upstream version 7.14.3 2015-09-11 14:41:01 +05:30			`skip_before_action :require_email, only: [:show, :update]`
New upstream version 13.4.6 2020-11-24 15:15:51 +05:30			`before_action do`
New upstream version 14.6.3+ds1 2022-01-26 12:08:38 +05:30			`push_frontend_feature_flag(:webauthn, default_enabled: :yaml)`
New upstream version 13.4.6 2020-11-24 15:15:51 +05:30			`end`
Imported Upstream version 7.2.1 2014-09-02 18:07:02 +05:30
New upstream version 13.5.5 2021-01-03 14:25:43 +05:30			`feature_category :users`

Imported Upstream version 7.2.1 2014-09-02 18:07:02 +05:30			`def show`
			`end`

			`def update`
			`respond_to do \|format\|`
New upstream version 14.4.2+ds1 2021-11-18 22:05:49 +05:30			`result = Users::UpdateService.new(current_user, user_params.merge(user: @user)).execute(check_password: true)`
New upstream version 9.5.4+dfsg 2017-09-10 17:25:29 +05:30
			`if result[:status] == :success`
New upstream version 12.0.8 2019-09-04 21:01:54 +05:30			`message = s_("Profiles\|Profile was successfully updated")`
New upstream version 9.5.4+dfsg 2017-09-10 17:25:29 +05:30
Imported Upstream version 8.8.2+dfsg 2016-06-02 11:05:42 +05:30			`format.html { redirect_back_or_default(default: { action: 'show' }, options: { notice: message }) }`
			`format.json { render json: { message: message } }`
			`else`
New upstream version 9.5.4+dfsg 2017-09-10 17:25:29 +05:30			`format.html { redirect_back_or_default(default: { action: 'show' }, options: { alert: result[:message] }) }`
			`format.json { render json: result }`
Imported Upstream version 8.8.2+dfsg 2016-06-02 11:05:42 +05:30			`end`
Imported Upstream version 7.2.1 2014-09-02 18:07:02 +05:30			`end`
			`end`

New upstream version 9.2.10+dfsg 2017-08-17 22:00:37 +05:30			`def reset_incoming_email_token`
New upstream version 10.5.5+dfsg 2018-03-17 18:26:18 +05:30			`Users::UpdateService.new(current_user, user: @user).execute! do \|user\|`
New upstream version 9.5.4+dfsg 2017-09-10 17:25:29 +05:30			`user.reset_incoming_email_token!`
			`end`

New upstream version 12.0.8 2019-09-04 21:01:54 +05:30			`flash[:notice] = s_("Profiles\|Incoming email token was successfully reset")`
New upstream version 9.5.4+dfsg 2017-09-10 17:25:29 +05:30
New upstream version 10.5.5+dfsg 2018-03-17 18:26:18 +05:30			`redirect_to profile_personal_access_tokens_path`
New upstream version 9.5.4+dfsg 2017-09-10 17:25:29 +05:30			`end`

New upstream version 11.1.8+dfsg 2018-11-08 19:23:39 +05:30			`def reset_feed_token`
New upstream version 10.5.5+dfsg 2018-03-17 18:26:18 +05:30			`Users::UpdateService.new(current_user, user: @user).execute! do \|user\|`
New upstream version 11.1.8+dfsg 2018-11-08 19:23:39 +05:30			`user.reset_feed_token!`
Imported Upstream version 7.2.1 2014-09-02 18:07:02 +05:30			`end`

New upstream version 12.0.8 2019-09-04 21:01:54 +05:30			`flash[:notice] = s_('Profiles\|Feed token was successfully reset')`
New upstream version 9.5.4+dfsg 2017-09-10 17:25:29 +05:30
New upstream version 10.5.5+dfsg 2018-03-17 18:26:18 +05:30			`redirect_to profile_personal_access_tokens_path`
Imported Upstream version 7.2.1 2014-09-02 18:07:02 +05:30			`end`

New upstream version 12.3.8 2019-12-04 20:38:33 +05:30			`def reset_static_object_token`
			`Users::UpdateService.new(current_user, user: @user).execute! do \|user\|`
			`user.reset_static_object_token!`
			`end`

			`redirect_to profile_personal_access_tokens_path,`
			`notice: s_('Profiles\|Static object token was successfully reset')`
			`end`

New upstream version 11.4.9+dfsg 2018-12-05 23:21:45 +05:30			`# rubocop: disable CodeReuse/ActiveRecord`
Imported Upstream version 7.14.3 2015-09-11 14:41:01 +05:30			`def audit_log`
New upstream version 14.5.2+ds1 2021-12-11 22:18:48 +05:30			`@events = AuthenticationEvent.where(user: current_user)`
New upstream version 9.5.4+dfsg 2017-09-10 17:25:29 +05:30			`.order("created_at DESC")`
			`.page(params[:page])`
New upstream version 13.5.5 2021-01-03 14:25:43 +05:30
New upstream version 14.0.10 2021-09-04 01:27:46 +05:30			`Gitlab::Tracking.event(self.class.name, 'search_audit_event', user: current_user)`
Imported Upstream version 7.2.1 2014-09-02 18:07:02 +05:30			`end`
New upstream version 11.4.9+dfsg 2018-12-05 23:21:45 +05:30			`# rubocop: enable CodeReuse/ActiveRecord`
Imported Upstream version 7.2.1 2014-09-02 18:07:02 +05:30
			`def update_username`
New upstream version 10.7.3+dfsg 2018-05-09 12:01:36 +05:30			`result = Users::UpdateService.new(current_user, user: @user, username: username_param).execute`
New upstream version 9.5.4+dfsg 2017-09-10 17:25:29 +05:30
New upstream version 10.7.3+dfsg 2018-05-09 12:01:36 +05:30			`respond_to do \|format\|`
			`if result[:status] == :success`
			`message = s_("Profiles\|Username successfully changed")`

			`format.html { redirect_back_or_default(default: { action: 'show' }, options: { notice: message }) }`
			`format.json { render json: { message: message }, status: :ok }`
			`else`
			`message = s_("Profiles\|Username change failed - %{message}") % { message: result[:message] }`
New upstream version 9.2.10+dfsg 2017-08-17 22:00:37 +05:30
New upstream version 10.7.3+dfsg 2018-05-09 12:01:36 +05:30			`format.html { redirect_back_or_default(default: { action: 'show' }, options: { alert: message }) }`
			`format.json { render json: { message: message }, status: :unprocessable_entity }`
			`end`
			`end`
Imported Upstream version 7.2.1 2014-09-02 18:07:02 +05:30			`end`

			`private`

			`def user`
			`@user = current_user`
			`end`

			`def authorize_change_username!`
			`return render_404 unless @user.can_change_username?`
			`end`

New upstream version 10.7.3+dfsg 2018-05-09 12:01:36 +05:30			`def username_param`
			`@username_param \|\|= user_params.require(:username)`
			`end`

New upstream version 14.3.4+ds1 2021-11-11 11:23:49 +05:30			`def user_params_attributes`
			`[`
Imported Upstream version 7.14.3 2015-09-11 14:41:01 +05:30			`:avatar,`
			`:bio,`
			`:email,`
New upstream version 12.4.6 2019-12-21 20:55:43 +05:30			`:role,`
New upstream version 13.4.6 2020-11-24 15:15:51 +05:30			`:gitpod_enabled,`
Imported Upstream version 7.14.3 2015-09-11 14:41:01 +05:30			`:hide_no_password,`
			`:hide_no_ssh_key,`
Imported Upstream version 8.3.0+dfsg 2015-12-23 02:04:40 +05:30			`:hide_project_limit,`
Imported Upstream version 7.14.3 2015-09-11 14:41:01 +05:30			`:linkedin,`
			`:location,`
			`:name,`
			`:public_email,`
New upstream version 11.4.9+dfsg 2018-12-05 23:21:45 +05:30			`:commit_email,`
Imported Upstream version 7.14.3 2015-09-11 14:41:01 +05:30			`:skype,`
			`:twitter,`
			`:username,`
New upstream version 8.13.3+dfsg1 2016-11-03 12:29:30 +05:30			`:website_url,`
New upstream version 9.2.10+dfsg 2017-08-17 22:00:37 +05:30			`:organization,`
New upstream version 11.2.8+dfsg 2018-11-18 11:00:15 +05:30			`:private_profile,`
New upstream version 11.3.10+dfsg 2018-11-20 20:47:30 +05:30			`:include_private_contributions,`
New upstream version 11.11.7+dfsg 2019-07-31 22:56:46 +05:30			`:timezone,`
New upstream version 12.9.2 2020-04-08 14:13:33 +05:30			`:job_title,`
New upstream version 14.0.10 2021-09-04 01:27:46 +05:30			`:pronouns,`
New upstream version 14.2.5+ds1 2021-10-27 15:23:28 +05:30			`:pronunciation,`
New upstream version 14.4.2+ds1 2021-11-18 22:05:49 +05:30			`:validation_password,`
New upstream version 13.6.5 2021-01-29 00:20:46 +05:30			`status: [:emoji, :message, :availability]`
New upstream version 14.3.4+ds1 2021-11-11 11:23:49 +05:30			`]`
			`end`

			`def user_params`
			`@user_params \|\|= params.require(:user).permit(user_params_attributes)`
Imported Upstream version 7.2.1 2014-09-02 18:07:02 +05:30			`end`
			`end`
New upstream version 14.3.4+ds1 2021-11-11 11:23:49 +05:30
			`ProfilesController.prepend_mod`