2018-12-05 23:21:45 +05:30
|
|
|
# frozen_string_literal: true
|
|
|
|
|
2015-09-11 14:41:01 +05:30
|
|
|
class ProfilesController < Profiles::ApplicationController
|
2014-09-02 18:07:02 +05:30
|
|
|
include ActionView::Helpers::SanitizeHelper
|
2021-01-03 14:25:43 +05:30
|
|
|
include Gitlab::Tracking
|
2014-09-02 18:07:02 +05:30
|
|
|
|
2015-09-11 14:41:01 +05:30
|
|
|
before_action :user
|
|
|
|
before_action :authorize_change_username!, only: :update_username
|
2022-03-02 08:16:31 +05:30
|
|
|
before_action only: :update_username do
|
2022-05-07 20:08:51 +05:30
|
|
|
check_rate_limit!(:profile_update_username, scope: current_user)
|
2022-03-02 08:16:31 +05:30
|
|
|
end
|
2015-09-11 14:41:01 +05:30
|
|
|
skip_before_action :require_email, only: [:show, :update]
|
2020-11-24 15:15:51 +05:30
|
|
|
before_action do
|
2022-07-16 23:28:13 +05:30
|
|
|
push_frontend_feature_flag(:webauthn)
|
2020-11-24 15:15:51 +05:30
|
|
|
end
|
2014-09-02 18:07:02 +05:30
|
|
|
|
2023-04-23 21:23:45 +05:30
|
|
|
feature_category :user_profile, [:show, :update, :reset_incoming_email_token, :reset_feed_token,
|
2022-07-23 23:45:48 +05:30
|
|
|
:reset_static_object_token, :update_username]
|
|
|
|
|
2023-05-27 22:25:52 +05:30
|
|
|
feature_category :system_access, [:audit_log]
|
2022-07-16 23:28:13 +05:30
|
|
|
urgency :low, [:show, :update]
|
2021-01-03 14:25:43 +05:30
|
|
|
|
2014-09-02 18:07:02 +05:30
|
|
|
def show
|
|
|
|
end
|
|
|
|
|
|
|
|
def update
|
|
|
|
respond_to do |format|
|
2021-11-18 22:05:49 +05:30
|
|
|
result = Users::UpdateService.new(current_user, user_params.merge(user: @user)).execute(check_password: true)
|
2017-09-10 17:25:29 +05:30
|
|
|
|
|
|
|
if result[:status] == :success
|
2019-09-04 21:01:54 +05:30
|
|
|
message = s_("Profiles|Profile was successfully updated")
|
2017-09-10 17:25:29 +05:30
|
|
|
|
2016-06-02 11:05:42 +05:30
|
|
|
format.html { redirect_back_or_default(default: { action: 'show' }, options: { notice: message }) }
|
|
|
|
format.json { render json: { message: message } }
|
|
|
|
else
|
2017-09-10 17:25:29 +05:30
|
|
|
format.html { redirect_back_or_default(default: { action: 'show' }, options: { alert: result[:message] }) }
|
|
|
|
format.json { render json: result }
|
2016-06-02 11:05:42 +05:30
|
|
|
end
|
2014-09-02 18:07:02 +05:30
|
|
|
end
|
|
|
|
end
|
|
|
|
|
2017-08-17 22:00:37 +05:30
|
|
|
def reset_incoming_email_token
|
2018-03-17 18:26:18 +05:30
|
|
|
Users::UpdateService.new(current_user, user: @user).execute! do |user|
|
2017-09-10 17:25:29 +05:30
|
|
|
user.reset_incoming_email_token!
|
|
|
|
end
|
|
|
|
|
2019-09-04 21:01:54 +05:30
|
|
|
flash[:notice] = s_("Profiles|Incoming email token was successfully reset")
|
2017-09-10 17:25:29 +05:30
|
|
|
|
2018-03-17 18:26:18 +05:30
|
|
|
redirect_to profile_personal_access_tokens_path
|
2017-09-10 17:25:29 +05:30
|
|
|
end
|
|
|
|
|
2018-11-08 19:23:39 +05:30
|
|
|
def reset_feed_token
|
2018-03-17 18:26:18 +05:30
|
|
|
Users::UpdateService.new(current_user, user: @user).execute! do |user|
|
2018-11-08 19:23:39 +05:30
|
|
|
user.reset_feed_token!
|
2014-09-02 18:07:02 +05:30
|
|
|
end
|
|
|
|
|
2019-09-04 21:01:54 +05:30
|
|
|
flash[:notice] = s_('Profiles|Feed token was successfully reset')
|
2017-09-10 17:25:29 +05:30
|
|
|
|
2018-03-17 18:26:18 +05:30
|
|
|
redirect_to profile_personal_access_tokens_path
|
2014-09-02 18:07:02 +05:30
|
|
|
end
|
|
|
|
|
2019-12-04 20:38:33 +05:30
|
|
|
def reset_static_object_token
|
|
|
|
Users::UpdateService.new(current_user, user: @user).execute! do |user|
|
|
|
|
user.reset_static_object_token!
|
|
|
|
end
|
|
|
|
|
|
|
|
redirect_to profile_personal_access_tokens_path,
|
|
|
|
notice: s_('Profiles|Static object token was successfully reset')
|
|
|
|
end
|
|
|
|
|
2018-12-05 23:21:45 +05:30
|
|
|
# rubocop: disable CodeReuse/ActiveRecord
|
2015-09-11 14:41:01 +05:30
|
|
|
def audit_log
|
2021-12-11 22:18:48 +05:30
|
|
|
@events = AuthenticationEvent.where(user: current_user)
|
2017-09-10 17:25:29 +05:30
|
|
|
.order("created_at DESC")
|
|
|
|
.page(params[:page])
|
2021-01-03 14:25:43 +05:30
|
|
|
|
2021-09-04 01:27:46 +05:30
|
|
|
Gitlab::Tracking.event(self.class.name, 'search_audit_event', user: current_user)
|
2014-09-02 18:07:02 +05:30
|
|
|
end
|
2018-12-05 23:21:45 +05:30
|
|
|
# rubocop: enable CodeReuse/ActiveRecord
|
2014-09-02 18:07:02 +05:30
|
|
|
|
|
|
|
def update_username
|
2018-05-09 12:01:36 +05:30
|
|
|
result = Users::UpdateService.new(current_user, user: @user, username: username_param).execute
|
2017-09-10 17:25:29 +05:30
|
|
|
|
2018-05-09 12:01:36 +05:30
|
|
|
respond_to do |format|
|
|
|
|
if result[:status] == :success
|
|
|
|
message = s_("Profiles|Username successfully changed")
|
|
|
|
|
|
|
|
format.html { redirect_back_or_default(default: { action: 'show' }, options: { notice: message }) }
|
|
|
|
format.json { render json: { message: message }, status: :ok }
|
|
|
|
else
|
|
|
|
message = s_("Profiles|Username change failed - %{message}") % { message: result[:message] }
|
2017-08-17 22:00:37 +05:30
|
|
|
|
2018-05-09 12:01:36 +05:30
|
|
|
format.html { redirect_back_or_default(default: { action: 'show' }, options: { alert: message }) }
|
|
|
|
format.json { render json: { message: message }, status: :unprocessable_entity }
|
|
|
|
end
|
|
|
|
end
|
2014-09-02 18:07:02 +05:30
|
|
|
end
|
|
|
|
|
|
|
|
private
|
|
|
|
|
|
|
|
def user
|
|
|
|
@user = current_user
|
|
|
|
end
|
|
|
|
|
|
|
|
def authorize_change_username!
|
|
|
|
return render_404 unless @user.can_change_username?
|
|
|
|
end
|
|
|
|
|
2018-05-09 12:01:36 +05:30
|
|
|
def username_param
|
|
|
|
@username_param ||= user_params.require(:username)
|
|
|
|
end
|
|
|
|
|
2021-11-11 11:23:49 +05:30
|
|
|
def user_params_attributes
|
|
|
|
[
|
2015-09-11 14:41:01 +05:30
|
|
|
:avatar,
|
|
|
|
:bio,
|
|
|
|
:email,
|
2019-12-21 20:55:43 +05:30
|
|
|
:role,
|
2020-11-24 15:15:51 +05:30
|
|
|
:gitpod_enabled,
|
2015-09-11 14:41:01 +05:30
|
|
|
:hide_no_password,
|
|
|
|
:hide_no_ssh_key,
|
2015-12-23 02:04:40 +05:30
|
|
|
:hide_project_limit,
|
2015-09-11 14:41:01 +05:30
|
|
|
:linkedin,
|
|
|
|
:location,
|
|
|
|
:name,
|
|
|
|
:public_email,
|
2018-12-05 23:21:45 +05:30
|
|
|
:commit_email,
|
2015-09-11 14:41:01 +05:30
|
|
|
:skype,
|
|
|
|
:twitter,
|
2023-04-23 21:23:45 +05:30
|
|
|
:discord,
|
2015-09-11 14:41:01 +05:30
|
|
|
:username,
|
2016-11-03 12:29:30 +05:30
|
|
|
:website_url,
|
2017-08-17 22:00:37 +05:30
|
|
|
:organization,
|
2018-11-18 11:00:15 +05:30
|
|
|
:private_profile,
|
2018-11-20 20:47:30 +05:30
|
|
|
:include_private_contributions,
|
2019-07-31 22:56:46 +05:30
|
|
|
:timezone,
|
2020-04-08 14:13:33 +05:30
|
|
|
:job_title,
|
2021-09-04 01:27:46 +05:30
|
|
|
:pronouns,
|
2021-10-27 15:23:28 +05:30
|
|
|
:pronunciation,
|
2021-11-18 22:05:49 +05:30
|
|
|
:validation_password,
|
2022-10-11 01:57:18 +05:30
|
|
|
status: [:emoji, :message, :availability, :clear_status_after]
|
2021-11-11 11:23:49 +05:30
|
|
|
]
|
|
|
|
end
|
|
|
|
|
|
|
|
def user_params
|
|
|
|
@user_params ||= params.require(:user).permit(user_params_attributes)
|
2014-09-02 18:07:02 +05:30
|
|
|
end
|
|
|
|
end
|
2021-11-11 11:23:49 +05:30
|
|
|
|
|
|
|
ProfilesController.prepend_mod
|