BigW Consortium Gitlab

users_controller.rb 4.15 KB
Newer Older
1
class Admin::UsersController < Admin::ApplicationController
2
  before_action :user, except: [:index, :new, :create]
3

gitlabhq committed
4
  def index
5
    @users = User.order_name_asc.filter(params[:filter])
6
    @users = @users.search(params[:name]) if params[:name].present?
Valery Sizov committed
7
    @users = @users.sort(@sort = params[:sort])
8
    @users = @users.page(params[:page])
gitlabhq committed
9 10 11
  end

  def show
12 13 14
  end

  def projects
15 16
    @personal_projects = user.personal_projects
    @joined_projects = user.projects.joined(@user)
17 18 19 20 21 22
  end

  def groups
  end

  def keys
23
    @keys = user.keys
gitlabhq committed
24 25 26
  end

  def new
27
    @user = User.new
gitlabhq committed
28 29 30
  end

  def edit
31
    user
gitlabhq committed
32 33
  end

34
  def block
35
    if user.block
36
      redirect_back_or_admin_user(notice: "Successfully blocked")
37
    else
38
      redirect_back_or_admin_user(alert: "Error occurred. User was not blocked")
39 40 41
    end
  end

42
  def unblock
43
    if user.activate
44
      redirect_back_or_admin_user(notice: "Successfully unblocked")
45
    else
46
      redirect_back_or_admin_user(alert: "Error occurred. User was not unblocked")
47 48 49
    end
  end

50 51
  def unlock
    if user.unlock_access!
52
      redirect_back_or_admin_user(alert: "Successfully unlocked")
53
    else
54
      redirect_back_or_admin_user(alert: "Error occurred. User was not unlocked")
55 56 57
    end
  end

58
  def confirm
59
    if user.confirm
60
      redirect_back_or_admin_user(notice: "Successfully confirmed")
61
    else
62
      redirect_back_or_admin_user(alert: "Error occurred. User was not confirmed")
63 64 65
    end
  end

66 67 68 69 70 71
  def login_as
    sign_in(user)
    flash[:alert] = "Logged in as #{user.username}"
    redirect_to root_path
  end

72 73 74 75 76 77
  def disable_two_factor
    user.disable_two_factor!
    redirect_to admin_user_path(user),
      notice: 'Two-factor Authentication has been disabled for this user'
  end

gitlabhq committed
78
  def create
79 80
    opts = {
      force_random_password: true,
81
      password_expires_at: nil
82 83
    }

84
    @user = User.new(user_params.merge(opts))
85
    @user.created_by_id = current_user.id
arul committed
86
    @user.generate_password
87
    @user.generate_reset_token
88
    @user.skip_confirmation!
gitlabhq committed
89 90

    respond_to do |format|
91 92 93
      if @user.save
        format.html { redirect_to [:admin, @user], notice: 'User was successfully created.' }
        format.json { render json: @user, status: :created, location: @user }
gitlabhq committed
94
      else
95
        format.html { render "new" }
96
        format.json { render json: @user.errors, status: :unprocessable_entity }
gitlabhq committed
97 98 99 100 101
      end
    end
  end

  def update
102 103
    user_params_with_pass = user_params.dup

104
    if params[:user][:password].present?
105
      user_params_with_pass.merge!(
106 107 108
        password: params[:user][:password],
        password_confirmation: params[:user][:password_confirmation],
      )
109
    end
gitlabhq committed
110 111

    respond_to do |format|
112
      user.skip_reconfirmation!
113
      if user.update_attributes(user_params_with_pass)
114
        format.html { redirect_to [:admin, user], notice: 'User was successfully updated.' }
gitlabhq committed
115 116
        format.json { head :ok }
      else
117
        # restore username to keep form action url.
118
        user.username = params[:id]
119
        format.html { render "edit" }
120
        format.json { render json: user.errors, status: :unprocessable_entity }
gitlabhq committed
121 122 123 124 125
      end
    end
  end

  def destroy
126
    DeleteUserService.new(current_user).execute(user)
gitlabhq committed
127 128

    respond_to do |format|
129
      format.html { redirect_to admin_users_path }
gitlabhq committed
130 131 132
      format.json { head :ok }
    end
  end
133

134 135 136 137
  def remove_email
    email = user.emails.find(params[:email_id])
    email.destroy

138
    user.update_secondary_emails!
139

140
    respond_to do |format|
141
      format.html { redirect_back_or_admin_user(notice: "Successfully removed email.") }
142 143 144 145
      format.js { render nothing: true }
    end
  end

146 147
  protected

148
  def user
skv committed
149
    @user ||= User.find_by!(username: params[:id])
150
  end
151 152 153

  def user_params
    params.require(:user).permit(
154
      :email, :remember_me, :bio, :name, :username,
155
      :skype, :linkedin, :twitter, :website_url, :color_scheme_id, :theme_id, :force_random_password,
156
      :extern_uid, :provider, :password_expires_at, :avatar, :hide_no_ssh_key, :hide_no_password,
157
      :projects_limit, :can_create_group, :admin, :key_id
158 159
    )
  end
160 161 162 163 164 165 166 167

  def redirect_back_or_admin_user(options = {})
    redirect_back_or_default(default: default_route, options: options)
  end

  def default_route
    [:admin, @user]
  end
gitlabhq committed
168
end