debian-mirror-gitlab/app/services/users/build_service.rb

Ignoring revisions in .git-blame-ignore-revs. Click here to bypass and see the normal blame view.

199 lines
4.7 KiB
Ruby
Raw Normal View History

2018-11-18 11:00:15 +05:30
# frozen_string_literal: true
2017-08-17 22:00:37 +05:30
module Users
class BuildService < BaseService
2023-07-09 08:55:56 +05:30
ALLOWED_USER_TYPES = %i[project_bot security_policy_bot].freeze
2018-11-20 20:47:30 +05:30
delegate :user_default_internal_regex_enabled?,
:user_default_internal_regex_instance,
to: :'Gitlab::CurrentSettings.current_application_settings'
2017-08-17 22:00:37 +05:30
def initialize(current_user, params = {})
@current_user = current_user
@params = params.dup
2019-09-30 21:07:59 +05:30
@identity_params = params.slice(*identity_attributes)
2017-08-17 22:00:37 +05:30
end
2021-09-04 01:27:46 +05:30
def execute
build_user
build_identity
update_canonical_email
2021-06-08 01:23:25 +05:30
2021-09-04 01:27:46 +05:30
user
end
2017-08-17 22:00:37 +05:30
2021-09-04 01:27:46 +05:30
private
2017-08-17 22:00:37 +05:30
2021-09-04 01:27:46 +05:30
attr_reader :identity_params, :user_params, :user
2017-08-17 22:00:37 +05:30
2021-09-04 01:27:46 +05:30
def identity_attributes
[:extern_uid, :provider]
end
def build_user
if admin?
admin_build_user
else
standard_build_user
2017-08-17 22:00:37 +05:30
end
2021-09-04 01:27:46 +05:30
end
2017-08-17 22:00:37 +05:30
2021-09-04 01:27:46 +05:30
def admin?
return false unless current_user
2017-08-17 22:00:37 +05:30
2021-09-04 01:27:46 +05:30
current_user.admin?
end
2020-04-22 19:07:51 +05:30
2021-09-04 01:27:46 +05:30
def admin_build_user
build_user_params_for_admin
init_user
password_reset
2017-08-17 22:00:37 +05:30
end
2021-09-04 01:27:46 +05:30
def standard_build_user
# current_user non admin or nil
validate_access!
build_user_params_for_non_admin
init_user
end
2017-08-17 22:00:37 +05:30
2021-09-04 01:27:46 +05:30
def build_user_params_for_admin
@user_params = params.slice(*admin_create_params)
@user_params.merge!(force_random_password: true, password_expires_at: nil) if params[:reset_password]
end
2021-06-08 01:23:25 +05:30
2021-09-04 01:27:46 +05:30
def init_user
assign_common_user_params
@user = User.new(user_params)
end
def assign_common_user_params
@user_params[:created_by_id] = current_user&.id
@user_params[:external] = user_external? if set_external_param?
2023-05-27 22:25:52 +05:30
@user_params.delete(:user_type) unless allowed_user_type?
2021-09-04 01:27:46 +05:30
end
def set_external_param?
user_default_internal_regex_enabled? && !user_params.key?(:external)
end
def user_external?
user_default_internal_regex_instance.match(params[:email]).nil?
end
2023-05-27 22:25:52 +05:30
def allowed_user_type?
2023-07-09 08:55:56 +05:30
ALLOWED_USER_TYPES.include?(user_params[:user_type]&.to_sym)
2021-09-04 01:27:46 +05:30
end
def password_reset
@reset_token = user.generate_reset_token if params[:reset_password]
if user_params[:force_random_password]
random_password = User.random_password
@user.password = user.password_confirmation = random_password
end
end
def validate_access!
return if can_create_user?
raise Gitlab::Access::AccessDeniedError
end
def can_create_user?
current_user.nil? && Gitlab::CurrentSettings.allow_signup?
end
def build_user_params_for_non_admin
@user_params = params.slice(*signup_params)
2022-11-25 23:54:43 +05:30
# if skip_confirmation is set to `true`, devise will set confirmed_at
# see: https://github.com/heartcombo/devise/blob/8593801130f2df94a50863b5db535c272b00efe1/lib/devise/models/confirmable.rb#L156
2021-09-04 01:27:46 +05:30
@user_params[:skip_confirmation] = skip_user_confirmation_email_from_setting if assign_skip_confirmation_from_settings?
@user_params[:name] = fallback_name if use_fallback_name?
end
def assign_skip_confirmation_from_settings?
user_params[:skip_confirmation].nil?
2019-07-07 11:18:12 +05:30
end
2021-09-04 01:27:46 +05:30
def skip_user_confirmation_email_from_setting
2023-03-04 22:38:38 +05:30
Gitlab::CurrentSettings.email_confirmation_setting_off?
2021-09-04 01:27:46 +05:30
end
def use_fallback_name?
user_params[:name].blank? && fallback_name.present?
end
def fallback_name
"#{user_params[:first_name]} #{user_params[:last_name]}"
end
def build_identity
2020-04-08 14:13:33 +05:30
return if identity_params.empty?
user.identities.build(identity_params)
end
2021-09-04 01:27:46 +05:30
def update_canonical_email
Users::UpdateCanonicalEmailService.new(user: user).execute
2017-08-17 22:00:37 +05:30
end
# Allowed params for creating a user (admins only)
def admin_create_params
[
:access_level,
:admin,
:avatar,
:bio,
:can_create_group,
:color_scheme_id,
:email,
:external,
:force_random_password,
:hide_no_password,
:hide_no_ssh_key,
:linkedin,
:name,
:password,
:password_automatically_set,
:password_expires_at,
:projects_limit,
:remember_me,
:skip_confirmation,
:skype,
:theme_id,
:twitter,
2023-04-23 21:23:45 +05:30
:discord,
2017-08-17 22:00:37 +05:30
:username,
2018-11-18 11:00:15 +05:30
:website_url,
2018-12-05 23:21:45 +05:30
:private_profile,
:organization,
:location,
2020-04-22 19:07:51 +05:30
:public_email,
2020-06-23 00:09:42 +05:30
:user_type,
2021-04-17 20:07:23 +05:30
:note,
:view_diffs_file_by_file
2017-08-17 22:00:37 +05:30
]
end
# Allowed params for user signup
def signup_params
2023-04-23 21:23:45 +05:30
[
2017-08-17 22:00:37 +05:30
:email,
:name,
:password,
2021-09-04 01:27:46 +05:30
:password_automatically_set,
2023-04-23 21:23:45 +05:30
:preferred_language,
2020-04-22 19:07:51 +05:30
:username,
2021-09-04 01:27:46 +05:30
:user_type,
:first_name,
:last_name
2017-08-17 22:00:37 +05:30
]
end
end
end
2019-12-04 20:38:33 +05:30
2021-06-08 01:23:25 +05:30
Users::BuildService.prepend_mod_with('Users::BuildService')