debian-mirror-gitlab/app/controllers/admin/users_controller.rb

236 lines
6.1 KiB
Ruby
Raw Normal View History

2018-12-05 23:21:45 +05:30
# frozen_string_literal: true
2014-09-02 18:07:02 +05:30
class Admin::UsersController < Admin::ApplicationController
2015-09-11 14:41:01 +05:30
before_action :user, except: [:index, :new, :create]
2019-02-15 15:39:39 +05:30
before_action :check_impersonation_availability, only: :impersonate
2014-09-02 18:07:02 +05:30
def index
2019-05-30 16:15:17 +05:30
@users = User.order_name_asc.filter(params[:filter])
2017-08-17 22:00:37 +05:30
@users = @users.search_with_secondary_emails(params[:search_query]) if params[:search_query].present?
2018-05-09 12:01:36 +05:30
@users = @users.sort_by_attribute(@sort = params[:sort])
2015-04-26 12:48:37 +05:30
@users = @users.page(params[:page])
2014-09-02 18:07:02 +05:30
end
def show
2015-09-11 14:41:01 +05:30
end
def projects
2014-09-02 18:07:02 +05:30
@personal_projects = user.personal_projects
@joined_projects = user.projects.joined(@user)
2015-09-11 14:41:01 +05:30
end
def keys
2018-03-17 18:26:18 +05:30
@keys = user.keys.order_id_desc
2014-09-02 18:07:02 +05:30
end
def new
@user = User.new
end
def edit
user
end
2016-06-02 11:05:42 +05:30
def impersonate
2017-08-17 22:00:37 +05:30
if can?(user, :log_in)
2016-06-02 11:05:42 +05:30
session[:impersonator_id] = current_user.id
warden.set_user(user, scope: :user)
2019-05-30 16:15:17 +05:30
Gitlab::AppLogger.info("User #{current_user.username} has started impersonating #{user.username}")
2016-06-02 11:05:42 +05:30
2019-05-30 16:15:17 +05:30
flash[:alert] = "You are now impersonating #{user.username}"
2016-06-02 11:05:42 +05:30
redirect_to root_path
2017-08-17 22:00:37 +05:30
else
flash[:alert] =
if user.blocked?
2019-05-30 16:15:17 +05:30
"You cannot impersonate a blocked user"
2017-08-17 22:00:37 +05:30
elsif user.internal?
2019-05-30 16:15:17 +05:30
"You cannot impersonate an internal user"
2017-08-17 22:00:37 +05:30
else
2019-05-30 16:15:17 +05:30
"You cannot impersonate a user who cannot log in"
2017-08-17 22:00:37 +05:30
end
redirect_to admin_user_path(user)
2016-06-02 11:05:42 +05:30
end
end
2014-09-02 18:07:02 +05:30
def block
2017-09-10 17:25:29 +05:30
if update_user { |user| user.block }
2019-05-30 16:15:17 +05:30
redirect_back_or_admin_user(notice: "Successfully blocked")
2014-09-02 18:07:02 +05:30
else
2019-05-30 16:15:17 +05:30
redirect_back_or_admin_user(alert: "Error occurred. User was not blocked")
2014-09-02 18:07:02 +05:30
end
end
def unblock
if user.ldap_blocked?
2019-05-30 16:15:17 +05:30
redirect_back_or_admin_user(alert: "This user cannot be unlocked manually from GitLab")
2017-09-10 17:25:29 +05:30
elsif update_user { |user| user.activate }
2019-05-30 16:15:17 +05:30
redirect_back_or_admin_user(notice: "Successfully unblocked")
2014-09-02 18:07:02 +05:30
else
2019-05-30 16:15:17 +05:30
redirect_back_or_admin_user(alert: "Error occurred. User was not unblocked")
2014-09-02 18:07:02 +05:30
end
end
2015-09-11 14:41:01 +05:30
def unlock
2017-09-10 17:25:29 +05:30
if update_user { |user| user.unlock_access! }
2019-05-30 16:15:17 +05:30
redirect_back_or_admin_user(alert: "Successfully unlocked")
2015-09-11 14:41:01 +05:30
else
2019-05-30 16:15:17 +05:30
redirect_back_or_admin_user(alert: "Error occurred. User was not unlocked")
2015-09-11 14:41:01 +05:30
end
end
def confirm
2017-09-10 17:25:29 +05:30
if update_user { |user| user.confirm }
2019-05-30 16:15:17 +05:30
redirect_back_or_admin_user(notice: "Successfully confirmed")
2015-09-11 14:41:01 +05:30
else
2019-05-30 16:15:17 +05:30
redirect_back_or_admin_user(alert: "Error occurred. User was not confirmed")
2015-09-11 14:41:01 +05:30
end
end
def disable_two_factor
2017-09-10 17:25:29 +05:30
update_user { |user| user.disable_two_factor! }
2015-09-11 14:41:01 +05:30
redirect_to admin_user_path(user),
2019-05-30 16:15:17 +05:30
notice: 'Two-factor Authentication has been disabled for this user'
2015-09-11 14:41:01 +05:30
end
2014-09-02 18:07:02 +05:30
def create
opts = {
2017-08-17 22:00:37 +05:30
reset_password: true,
skip_confirmation: true
2014-09-02 18:07:02 +05:30
}
2017-08-17 22:00:37 +05:30
@user = Users::CreateService.new(current_user, user_params.merge(opts)).execute
2014-09-02 18:07:02 +05:30
respond_to do |format|
2017-08-17 22:00:37 +05:30
if @user.persisted?
2019-05-30 16:15:17 +05:30
format.html { redirect_to [:admin, @user], notice: 'User was successfully created.' }
2014-09-02 18:07:02 +05:30
format.json { render json: @user, status: :created, location: @user }
else
format.html { render "new" }
format.json { render json: @user.errors, status: :unprocessable_entity }
end
end
end
def update
user_params_with_pass = user_params.dup
if params[:user][:password].present?
2018-03-17 18:26:18 +05:30
password_params = {
2014-09-02 18:07:02 +05:30
password: params[:user][:password],
2018-03-17 18:26:18 +05:30
password_confirmation: params[:user][:password_confirmation]
}
password_params[:password_expires_at] = Time.now unless changing_own_password?
user_params_with_pass.merge!(password_params)
2014-09-02 18:07:02 +05:30
end
respond_to do |format|
2018-03-17 18:26:18 +05:30
result = Users::UpdateService.new(current_user, user_params_with_pass.merge(user: user)).execute do |user|
2017-09-10 17:25:29 +05:30
user.skip_reconfirmation!
end
if result[:status] == :success
2019-05-30 16:15:17 +05:30
format.html { redirect_to [:admin, user], notice: 'User was successfully updated.' }
2014-09-02 18:07:02 +05:30
format.json { head :ok }
else
# restore username to keep form action url.
user.username = params[:id]
format.html { render "edit" }
2017-09-10 17:25:29 +05:30
format.json { render json: [result[:message]], status: result[:status] }
2014-09-02 18:07:02 +05:30
end
end
end
def destroy
2017-09-10 17:25:29 +05:30
user.delete_async(deleted_by: current_user, params: params.permit(:hard_delete))
2014-09-02 18:07:02 +05:30
respond_to do |format|
2019-05-30 16:15:17 +05:30
format.html { redirect_to admin_users_path, status: 302, notice: "The user is being deleted." }
2014-09-02 18:07:02 +05:30
format.json { head :ok }
end
end
def remove_email
email = user.emails.find(params[:email_id])
2018-03-17 18:26:18 +05:30
success = Emails::DestroyService.new(current_user, user: user).execute(email)
2015-04-26 12:48:37 +05:30
2014-09-02 18:07:02 +05:30
respond_to do |format|
2017-09-10 17:25:29 +05:30
if success
2019-05-30 16:15:17 +05:30
format.html { redirect_back_or_admin_user(notice: 'Successfully removed email.') }
2017-09-10 17:25:29 +05:30
format.json { head :ok }
else
2019-05-30 16:15:17 +05:30
format.html { redirect_back_or_admin_user(alert: 'There was an error removing the e-mail.') }
format.json { render json: 'There was an error removing the e-mail.', status: :bad_request }
2017-09-10 17:25:29 +05:30
end
2014-09-02 18:07:02 +05:30
end
end
protected
2018-03-17 18:26:18 +05:30
def changing_own_password?
user == current_user
end
2019-05-30 16:15:17 +05:30
# rubocop: disable CodeReuse/ActiveRecord
2014-09-02 18:07:02 +05:30
def user
2019-05-30 16:15:17 +05:30
@user ||= User.find_by!(username: params[:id])
2014-09-02 18:07:02 +05:30
end
2019-05-30 16:15:17 +05:30
# rubocop: enable CodeReuse/ActiveRecord
2014-09-02 18:07:02 +05:30
2015-10-24 18:46:33 +05:30
def redirect_back_or_admin_user(options = {})
redirect_back_or_default(default: default_route, options: options)
end
def default_route
[:admin, @user]
end
2017-08-17 22:00:37 +05:30
def user_params
2018-11-08 19:23:39 +05:30
params.require(:user).permit(allowed_user_params)
2017-08-17 22:00:37 +05:30
end
2018-11-08 19:23:39 +05:30
def allowed_user_params
2017-08-17 22:00:37 +05:30
[
:access_level,
:avatar,
:bio,
:can_create_group,
:color_scheme_id,
:email,
:extern_uid,
:external,
:force_random_password,
:hide_no_password,
:hide_no_ssh_key,
:key_id,
:linkedin,
:name,
:password_expires_at,
:projects_limit,
:provider,
:remember_me,
:skype,
2018-03-17 18:26:18 +05:30
:theme_id,
2017-08-17 22:00:37 +05:30
:twitter,
:username,
:website_url
]
end
2017-09-10 17:25:29 +05:30
def update_user(&block)
2018-03-17 18:26:18 +05:30
result = Users::UpdateService.new(current_user, user: user).execute(&block)
2017-09-10 17:25:29 +05:30
result[:status] == :success
end
2019-02-15 15:39:39 +05:30
def check_impersonation_availability
access_denied! unless Gitlab.config.gitlab.impersonation_enabled
end
2014-09-02 18:07:02 +05:30
end