BigW Consortium Gitlab

users_controller.rb 5.57 KB
Newer Older
1
class Admin::UsersController < Admin::ApplicationController
2
  before_action :user, except: [:index, :new, :create]
3

gitlabhq committed
4
  def index
5
    @users = User.order_name_asc.filter(params[:filter])
6
    @users = @users.search_with_secondary_emails(params[:search_query]) if params[:search_query].present?
Valery Sizov committed
7
    @users = @users.sort(@sort = params[:sort])
8
    @users = @users.page(params[:page])
gitlabhq committed
9 10 11
  end

  def show
12 13 14
  end

  def projects
15 16
    @personal_projects = user.personal_projects
    @joined_projects = user.projects.joined(@user)
17 18 19
  end

  def keys
20
    @keys = user.keys
gitlabhq committed
21 22 23
  end

  def new
24
    @user = User.new
gitlabhq committed
25 26 27
  end

  def edit
28
    user
gitlabhq committed
29 30
  end

31
  def impersonate
32
    if can?(user, :log_in)
33 34 35 36
      session[:impersonator_id] = current_user.id

      warden.set_user(user, scope: :user)

37 38
      Gitlab::AppLogger.info("User #{current_user.username} has started impersonating #{user.username}")

39 40 41
      flash[:alert] = "You are now impersonating #{user.username}"

      redirect_to root_path
42 43 44 45 46 47 48 49 50 51 52
    else
      flash[:alert] =
        if user.blocked?
          "You cannot impersonate a blocked user"
        elsif user.internal?
          "You cannot impersonate an internal user"
        else
          "You cannot impersonate a user who cannot log in"
        end

      redirect_to admin_user_path(user)
53 54 55
    end
  end

56
  def block
57
    if update_user { |user| user.block }
58
      redirect_back_or_admin_user(notice: "Successfully blocked")
59
    else
60
      redirect_back_or_admin_user(alert: "Error occurred. User was not blocked")
61 62 63
    end
  end

64
  def unblock
65 66
    if user.ldap_blocked?
      redirect_back_or_admin_user(alert: "This user cannot be unlocked manually from GitLab")
67
    elsif update_user { |user| user.activate }
68
      redirect_back_or_admin_user(notice: "Successfully unblocked")
69
    else
70
      redirect_back_or_admin_user(alert: "Error occurred. User was not unblocked")
71 72 73
    end
  end

74
  def unlock
75
    if update_user { |user| user.unlock_access! }
76
      redirect_back_or_admin_user(alert: "Successfully unlocked")
77
    else
78
      redirect_back_or_admin_user(alert: "Error occurred. User was not unlocked")
79 80 81
    end
  end

82
  def confirm
83
    if update_user { |user| user.confirm }
84
      redirect_back_or_admin_user(notice: "Successfully confirmed")
85
    else
86
      redirect_back_or_admin_user(alert: "Error occurred. User was not confirmed")
87 88 89
    end
  end

90
  def disable_two_factor
91 92
    update_user { |user| user.disable_two_factor! }

93 94 95 96
    redirect_to admin_user_path(user),
      notice: 'Two-factor Authentication has been disabled for this user'
  end

gitlabhq committed
97
  def create
98
    opts = {
99 100
      reset_password: true,
      skip_confirmation: true
101 102
    }

103
    @user = Users::CreateService.new(current_user, user_params.merge(opts)).execute
gitlabhq committed
104 105

    respond_to do |format|
106
      if @user.persisted?
107 108
        format.html { redirect_to [:admin, @user], notice: 'User was successfully created.' }
        format.json { render json: @user, status: :created, location: @user }
gitlabhq committed
109
      else
110
        format.html { render "new" }
111
        format.json { render json: @user.errors, status: :unprocessable_entity }
gitlabhq committed
112 113 114 115 116
      end
    end
  end

  def update
117 118
    user_params_with_pass = user_params.dup

119
    if params[:user][:password].present?
120
      user_params_with_pass.merge!(
121 122
        password: params[:user][:password],
        password_confirmation: params[:user][:password_confirmation],
123
        password_expires_at: Time.now
124
      )
125
    end
gitlabhq committed
126 127

    respond_to do |format|
128
      result = Users::UpdateService.new(user, user_params_with_pass).execute do |user|
129 130
        user.skip_reconfirmation!
      end
James Lopez committed
131

132
      if result[:status] == :success
133
        format.html { redirect_to [:admin, user], notice: 'User was successfully updated.' }
gitlabhq committed
134 135
        format.json { head :ok }
      else
136
        # restore username to keep form action url.
137
        user.username = params[:id]
138
        format.html { render "edit" }
James Lopez committed
139
        format.json { render json: [result[:message]], status: result[:status] }
gitlabhq committed
140 141 142 143 144
      end
    end
  end

  def destroy
145
    user.delete_async(deleted_by: current_user, params: params.permit(:hard_delete))
gitlabhq committed
146 147

    respond_to do |format|
148
      format.html { redirect_to admin_users_path, status: 302, notice: "The user is being deleted." }
gitlabhq committed
149 150 151
      format.json { head :ok }
    end
  end
152

153 154
  def remove_email
    email = user.emails.find(params[:email_id])
James Lopez committed
155
    success = Emails::DestroyService.new(user, email: email.email).execute
156

James Lopez committed
157
    respond_to do |format|
158
      if success
James Lopez committed
159
        format.html { redirect_back_or_admin_user(notice: 'Successfully removed email.') }
James Lopez committed
160 161
        format.json { head :ok }
      else
James Lopez committed
162 163
        format.html { redirect_back_or_admin_user(alert: 'There was an error removing the e-mail.') }
        format.json { render json: 'There was an error removing the e-mail.', status: 400 }
James Lopez committed
164
      end
165 166 167
    end
  end

168 169
  protected

170
  def user
skv committed
171
    @user ||= User.find_by!(username: params[:id])
172
  end
173

174 175 176 177 178 179 180
  def redirect_back_or_admin_user(options = {})
    redirect_back_or_default(default: default_route, options: options)
  end

  def default_route
    [:admin, @user]
  end
181 182 183 184 185 186 187

  def user_params
    params.require(:user).permit(user_params_ce)
  end

  def user_params_ce
    [
188
      :access_level,
189 190 191 192 193 194 195 196 197 198 199 200 201 202 203 204 205 206 207 208 209 210 211
      :avatar,
      :bio,
      :can_create_group,
      :color_scheme_id,
      :email,
      :extern_uid,
      :external,
      :force_random_password,
      :hide_no_password,
      :hide_no_ssh_key,
      :key_id,
      :linkedin,
      :name,
      :password_expires_at,
      :projects_limit,
      :provider,
      :remember_me,
      :skype,
      :twitter,
      :username,
      :website_url
    ]
  end
212

213 214
  def update_user(&block)
    result = Users::UpdateService.new(user).execute(&block)
215 216 217

    result[:status] == :success
  end
gitlabhq committed
218
end