users_controller.rb 4.97 KB
Newer Older
1
class Admin::UsersController < Admin::ApplicationController
2
  before_action :user, except: [:index, :new, :create]
3

gitlabhq's avatar
gitlabhq committed
4
  def index
5
    @users = User.order_name_asc.filter(params[:filter])
6
    @users = @users.search_with_secondary_emails(params[:search_query]) if params[:search_query].present?
Valery Sizov's avatar
Valery Sizov committed
7
    @users = @users.sort(@sort = params[:sort])
8
    @users = @users.page(params[:page])
gitlabhq's avatar
gitlabhq committed
9 10 11
  end

  def show
12 13 14
  end

  def projects
15 16
    @personal_projects = user.personal_projects
    @joined_projects = user.projects.joined(@user)
17 18 19
  end

  def keys
20
    @keys = user.keys
gitlabhq's avatar
gitlabhq committed
21 22 23
  end

  def new
24
    @user = User.new
gitlabhq's avatar
gitlabhq committed
25 26 27
  end

  def edit
28
    user
gitlabhq's avatar
gitlabhq committed
29 30
  end

Douwe Maan's avatar
Douwe Maan committed
31
  def impersonate
http://jneen.net/'s avatar
http://jneen.net/ committed
32
    if can?(user, :log_in)
Douwe Maan's avatar
Douwe Maan committed
33 34 35 36
      session[:impersonator_id] = current_user.id

      warden.set_user(user, scope: :user)

37 38
      Gitlab::AppLogger.info("User #{current_user.username} has started impersonating #{user.username}")

Douwe Maan's avatar
Douwe Maan committed
39 40 41
      flash[:alert] = "You are now impersonating #{user.username}"

      redirect_to root_path
42 43 44 45 46 47 48 49 50 51 52
    else
      flash[:alert] =
        if user.blocked?
          "You cannot impersonate a blocked user"
        elsif user.internal?
          "You cannot impersonate an internal user"
        else
          "You cannot impersonate a user who cannot log in"
        end

      redirect_to admin_user_path(user)
Douwe Maan's avatar
Douwe Maan committed
53 54 55
    end
  end

56
  def block
57
    if user.block
58
      redirect_back_or_admin_user(notice: "Successfully blocked")
59
    else
60
      redirect_back_or_admin_user(alert: "Error occurred. User was not blocked")
61 62 63
    end
  end

64
  def unblock
65 66 67
    if user.ldap_blocked?
      redirect_back_or_admin_user(alert: "This user cannot be unlocked manually from GitLab")
    elsif user.activate
68
      redirect_back_or_admin_user(notice: "Successfully unblocked")
69
    else
70
      redirect_back_or_admin_user(alert: "Error occurred. User was not unblocked")
71 72 73
    end
  end

74 75
  def unlock
    if user.unlock_access!
76
      redirect_back_or_admin_user(alert: "Successfully unlocked")
77
    else
78
      redirect_back_or_admin_user(alert: "Error occurred. User was not unlocked")
79 80 81
    end
  end

82
  def confirm
83
    if user.confirm
84
      redirect_back_or_admin_user(notice: "Successfully confirmed")
85
    else
86
      redirect_back_or_admin_user(alert: "Error occurred. User was not confirmed")
87 88 89
    end
  end

90 91 92 93 94 95
  def disable_two_factor
    user.disable_two_factor!
    redirect_to admin_user_path(user),
      notice: 'Two-factor Authentication has been disabled for this user'
  end

gitlabhq's avatar
gitlabhq committed
96
  def create
97
    opts = {
98 99
      reset_password: true,
      skip_confirmation: true
100 101
    }

102
    @user = Users::CreateService.new(current_user, user_params.merge(opts)).execute
gitlabhq's avatar
gitlabhq committed
103 104

    respond_to do |format|
105
      if @user.persisted?
106 107
        format.html { redirect_to [:admin, @user], notice: 'User was successfully created.' }
        format.json { render json: @user, status: :created, location: @user }
gitlabhq's avatar
gitlabhq committed
108
      else
109
        format.html { render "new" }
110
        format.json { render json: @user.errors, status: :unprocessable_entity }
gitlabhq's avatar
gitlabhq committed
111 112 113 114 115
      end
    end
  end

  def update
116 117
    user_params_with_pass = user_params.dup

118
    if params[:user][:password].present?
119
      user_params_with_pass.merge!(
120 121
        password: params[:user][:password],
        password_confirmation: params[:user][:password_confirmation],
122
        password_expires_at: Time.now
123
      )
124
    end
gitlabhq's avatar
gitlabhq committed
125 126

    respond_to do |format|
127
      user.skip_reconfirmation!
128
      if user.update_attributes(user_params_with_pass)
129
        format.html { redirect_to [:admin, user], notice: 'User was successfully updated.' }
gitlabhq's avatar
gitlabhq committed
130 131
        format.json { head :ok }
      else
132
        # restore username to keep form action url.
133
        user.username = params[:id]
134
        format.html { render "edit" }
135
        format.json { render json: user.errors, status: :unprocessable_entity }
gitlabhq's avatar
gitlabhq committed
136 137 138 139 140
      end
    end
  end

  def destroy
141
    DeleteUserWorker.perform_async(current_user.id, user.id)
gitlabhq's avatar
gitlabhq committed
142 143

    respond_to do |format|
144
      format.html { redirect_to admin_users_path, notice: "The user is being deleted." }
gitlabhq's avatar
gitlabhq committed
145 146 147
      format.json { head :ok }
    end
  end
148

149 150 151 152
  def remove_email
    email = user.emails.find(params[:email_id])
    email.destroy

153
    user.update_secondary_emails!
154

155
    respond_to do |format|
156
      format.html { redirect_back_or_admin_user(notice: "Successfully removed email.") }
157
      format.js { head :ok }
158 159 160
    end
  end

161 162
  protected

163
  def user
skv's avatar
skv committed
164
    @user ||= User.find_by!(username: params[:id])
165
  end
166

167 168 169 170 171 172 173
  def redirect_back_or_admin_user(options = {})
    redirect_back_or_default(default: default_route, options: options)
  end

  def default_route
    [:admin, @user]
  end
174 175 176 177 178 179 180

  def user_params
    params.require(:user).permit(user_params_ce)
  end

  def user_params_ce
    [
181
      :access_level,
182 183 184 185 186 187 188 189 190 191 192 193 194 195 196 197 198 199 200 201 202 203 204
      :avatar,
      :bio,
      :can_create_group,
      :color_scheme_id,
      :email,
      :extern_uid,
      :external,
      :force_random_password,
      :hide_no_password,
      :hide_no_ssh_key,
      :key_id,
      :linkedin,
      :name,
      :password_expires_at,
      :projects_limit,
      :provider,
      :remember_me,
      :skype,
      :twitter,
      :username,
      :website_url
    ]
  end
gitlabhq's avatar
gitlabhq committed
205
end