users_controller.rb 4.56 KB
Newer Older
1
class Admin::UsersController < Admin::ApplicationController
Dmitriy Zaporozhets's avatar
Dmitriy Zaporozhets committed
2
  before_action :user, except: [:index, :new, :create]
3

gitlabhq's avatar
gitlabhq committed
4
  def index
5
    @users = User.order_name_asc.filter(params[:filter])
6
    @users = @users.search(params[:name]) if params[:name].present?
Valery Sizov's avatar
Valery Sizov committed
7
    @users = @users.sort(@sort = params[:sort])
8
    @users = @users.page(params[:page])
gitlabhq's avatar
gitlabhq committed
9 10 11
  end

  def show
Dmitriy Zaporozhets's avatar
Dmitriy Zaporozhets committed
12 13 14
  end

  def projects
Dmitriy Zaporozhets's avatar
Dmitriy Zaporozhets committed
15 16
    @personal_projects = user.personal_projects
    @joined_projects = user.projects.joined(@user)
Dmitriy Zaporozhets's avatar
Dmitriy Zaporozhets committed
17 18 19 20 21 22
  end

  def groups
  end

  def keys
23
    @keys = user.keys
gitlabhq's avatar
gitlabhq committed
24 25 26
  end

  def new
27
    @user = User.new
gitlabhq's avatar
gitlabhq committed
28 29 30
  end

  def edit
31
    user
gitlabhq's avatar
gitlabhq committed
32 33
  end

Douwe Maan's avatar
Douwe Maan committed
34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49
  def impersonate
    if user.blocked?
      flash[:alert] = "You cannot impersonate a blocked user"

      redirect_to admin_user_path(user)
    else
      session[:impersonator_id] = current_user.id

      warden.set_user(user, scope: :user)

      flash[:alert] = "You are now impersonating #{user.username}"

      redirect_to root_path
    end
  end

50
  def block
51
    if user.block
52
      redirect_back_or_admin_user(notice: "Successfully blocked")
53
    else
54
      redirect_back_or_admin_user(alert: "Error occurred. User was not blocked")
55 56 57
    end
  end

58
  def unblock
59 60 61
    if user.ldap_blocked?
      redirect_back_or_admin_user(alert: "This user cannot be unlocked manually from GitLab")
    elsif user.activate
62
      redirect_back_or_admin_user(notice: "Successfully unblocked")
63
    else
64
      redirect_back_or_admin_user(alert: "Error occurred. User was not unblocked")
65 66 67
    end
  end

68 69
  def unlock
    if user.unlock_access!
70
      redirect_back_or_admin_user(alert: "Successfully unlocked")
71
    else
72
      redirect_back_or_admin_user(alert: "Error occurred. User was not unlocked")
73 74 75
    end
  end

76
  def confirm
77
    if user.confirm
78
      redirect_back_or_admin_user(notice: "Successfully confirmed")
79
    else
80
      redirect_back_or_admin_user(alert: "Error occurred. User was not confirmed")
81 82 83
    end
  end

84 85 86 87 88 89
  def disable_two_factor
    user.disable_two_factor!
    redirect_to admin_user_path(user),
      notice: 'Two-factor Authentication has been disabled for this user'
  end

gitlabhq's avatar
gitlabhq committed
90
  def create
91 92
    opts = {
      force_random_password: true,
Marin Jankovski's avatar
Marin Jankovski committed
93
      password_expires_at: nil
94 95
    }

96
    @user = User.new(user_params.merge(opts))
97
    @user.created_by_id = current_user.id
arul's avatar
arul committed
98
    @user.generate_password
99
    @user.generate_reset_token
100
    @user.skip_confirmation!
gitlabhq's avatar
gitlabhq committed
101 102

    respond_to do |format|
103 104 105
      if @user.save
        format.html { redirect_to [:admin, @user], notice: 'User was successfully created.' }
        format.json { render json: @user, status: :created, location: @user }
gitlabhq's avatar
gitlabhq committed
106
      else
107
        format.html { render "new" }
108
        format.json { render json: @user.errors, status: :unprocessable_entity }
gitlabhq's avatar
gitlabhq committed
109 110 111 112 113
      end
    end
  end

  def update
114 115
    user_params_with_pass = user_params.dup

116
    if params[:user][:password].present?
117
      user_params_with_pass.merge!(
118 119 120
        password: params[:user][:password],
        password_confirmation: params[:user][:password_confirmation],
      )
121
    end
gitlabhq's avatar
gitlabhq committed
122 123

    respond_to do |format|
124
      user.skip_reconfirmation!
125
      if user.update_attributes(user_params_with_pass)
126
        format.html { redirect_to [:admin, user], notice: 'User was successfully updated.' }
gitlabhq's avatar
gitlabhq committed
127 128
        format.json { head :ok }
      else
129
        # restore username to keep form action url.
130
        user.username = params[:id]
131
        format.html { render "edit" }
132
        format.json { render json: user.errors, status: :unprocessable_entity }
gitlabhq's avatar
gitlabhq committed
133 134 135 136 137
      end
    end
  end

  def destroy
138
    DeleteUserWorker.perform_async(current_user.id, user.id)
gitlabhq's avatar
gitlabhq committed
139 140

    respond_to do |format|
141
      format.html { redirect_to admin_users_path, notice: "The user is being deleted." }
gitlabhq's avatar
gitlabhq committed
142 143 144
      format.json { head :ok }
    end
  end
145

146 147 148 149
  def remove_email
    email = user.emails.find(params[:email_id])
    email.destroy

150
    user.update_secondary_emails!
151

152
    respond_to do |format|
153
      format.html { redirect_back_or_admin_user(notice: "Successfully removed email.") }
154 155 156 157
      format.js { render nothing: true }
    end
  end

158 159
  protected

160
  def user
skv's avatar
skv committed
161
    @user ||= User.find_by!(username: params[:id])
162
  end
163 164 165

  def user_params
    params.require(:user).permit(
166
      :email, :remember_me, :bio, :name, :username,
167
      :skype, :linkedin, :twitter, :website_url, :color_scheme_id, :theme_id, :force_random_password,
168
      :extern_uid, :provider, :password_expires_at, :avatar, :hide_no_ssh_key, :hide_no_password,
Zeger-Jan van de Weg's avatar
Zeger-Jan van de Weg committed
169
      :projects_limit, :can_create_group, :admin, :key_id, :external
170 171
    )
  end
172 173 174 175 176 177 178 179

  def redirect_back_or_admin_user(options = {})
    redirect_back_or_default(default: default_route, options: options)
  end

  def default_route
    [:admin, @user]
  end
gitlabhq's avatar
gitlabhq committed
180
end