debian-mirror-gitlab/app/services/users/deactivate_service.rb

# frozen_string_literal: true

module Users
  class DeactivateService < BaseService
    def initialize(current_user, skip_authorization: false)
      @current_user = current_user
      @skip_authorization = skip_authorization
    end

    def execute(user)
      unless allowed?
        return ::ServiceResponse.error(message: _('You are not authorized to perform this action'),
          reason: :forbidden)
      end

      if user.blocked?
        return ::ServiceResponse.error(message: _('Error occurred. A blocked user cannot be deactivated'),
          reason: :forbidden)
      end

      if user.internal?
        return ::ServiceResponse.error(message: _('Internal users cannot be deactivated'),
          reason: :forbidden)
      end

      return ::ServiceResponse.success(message: _('User has already been deactivated')) if user.deactivated?

      unless user.can_be_deactivated?
        message = _(
          'The user you are trying to deactivate has been active in the past %{minimum_inactive_days} days ' \
          'and cannot be deactivated')

        deactivation_error_message = format(message,
          minimum_inactive_days: Gitlab::CurrentSettings.deactivate_dormant_users_period)
        return ::ServiceResponse.error(message: deactivation_error_message, reason: :forbidden)
      end

      unless user.deactivate
        return ::ServiceResponse.error(message: user.errors.full_messages.to_sentence,
          reason: :bad_request)
      end

      log_event(user)

      ::ServiceResponse.success
    end

    private

    attr_reader :current_user

    def allowed?
      return true if @skip_authorization

      can?(current_user, :admin_all_resources)
    end

    def log_event(user)
      Gitlab::AppLogger.info(message: 'User deactivated', user: user.username.to_s, email: user.email.to_s,
        deactivated_by: current_user.username.to_s, ip_address: current_user.current_sign_in_ip.to_s)
    end
  end
end

Users::DeactivateService.prepend_mod_with('Users::DeactivateService')
New upstream version 16.0.7+ds1 2023-07-09 08:55:56 +05:30			`# frozen_string_literal: true`

			`module Users`
			`class DeactivateService < BaseService`
			`def initialize(current_user, skip_authorization: false)`
			`@current_user = current_user`
			`@skip_authorization = skip_authorization`
			`end`

			`def execute(user)`
			`unless allowed?`
			`return ::ServiceResponse.error(message: _('You are not authorized to perform this action'),`
			`reason: :forbidden)`
			`end`

			`if user.blocked?`
			`return ::ServiceResponse.error(message: _('Error occurred. A blocked user cannot be deactivated'),`
			`reason: :forbidden)`
			`end`

			`if user.internal?`
			`return ::ServiceResponse.error(message: _('Internal users cannot be deactivated'),`
			`reason: :forbidden)`
			`end`

			`return ::ServiceResponse.success(message: _('User has already been deactivated')) if user.deactivated?`

			`unless user.can_be_deactivated?`
			`message = _(`
			`'The user you are trying to deactivate has been active in the past %{minimum_inactive_days} days ' \`
			`'and cannot be deactivated')`

			`deactivation_error_message = format(message,`
			`minimum_inactive_days: Gitlab::CurrentSettings.deactivate_dormant_users_period)`
			`return ::ServiceResponse.error(message: deactivation_error_message, reason: :forbidden)`
			`end`

			`unless user.deactivate`
			`return ::ServiceResponse.error(message: user.errors.full_messages.to_sentence,`
			`reason: :bad_request)`
			`end`

			`log_event(user)`

			`::ServiceResponse.success`
			`end`

			`private`

			`attr_reader :current_user`

			`def allowed?`
			`return true if @skip_authorization`

			`can?(current_user, :admin_all_resources)`
			`end`

			`def log_event(user)`
			`Gitlab::AppLogger.info(message: 'User deactivated', user: user.username.to_s, email: user.email.to_s,`
			`deactivated_by: current_user.username.to_s, ip_address: current_user.current_sign_in_ip.to_s)`
			`end`
			`end`
			`end`

			`Users::DeactivateService.prepend_mod_with('Users::DeactivateService')`