users_controller.rb 4.66 KB
Newer Older
1
class Admin::UsersController < Admin::ApplicationController
2
  before_action :user, except: [:index, :new, :create]
3

gitlabhq's avatar
gitlabhq committed
4
  def index
5
    @users = User.order_name_asc.filter(params[:filter])
6
    @users = @users.search(params[:name]) if params[:name].present?
Valery Sizov's avatar
Valery Sizov committed
7
    @users = @users.sort(@sort = params[:sort])
8
    @users = @users.page(params[:page])
gitlabhq's avatar
gitlabhq committed
9 10 11
  end

  def show
12 13 14
  end

  def projects
15 16
    @personal_projects = user.personal_projects
    @joined_projects = user.projects.joined(@user)
17 18 19 20 21 22
  end

  def groups
  end

  def keys
23
    @keys = user.keys
gitlabhq's avatar
gitlabhq committed
24 25 26
  end

  def new
27
    @user = User.new
gitlabhq's avatar
gitlabhq committed
28 29 30
  end

  def edit
31
    user
gitlabhq's avatar
gitlabhq committed
32 33
  end

Douwe Maan's avatar
Douwe Maan committed
34 35 36 37 38 39 40 41 42 43
  def impersonate
    if user.blocked?
      flash[:alert] = "You cannot impersonate a blocked user"

      redirect_to admin_user_path(user)
    else
      session[:impersonator_id] = current_user.id

      warden.set_user(user, scope: :user)

44 45
      Gitlab::AppLogger.info("User #{current_user.username} has started impersonating #{user.username}")

Douwe Maan's avatar
Douwe Maan committed
46 47 48 49 50 51
      flash[:alert] = "You are now impersonating #{user.username}"

      redirect_to root_path
    end
  end

52
  def block
53
    if user.block
54
      redirect_back_or_admin_user(notice: "Successfully blocked")
55
    else
56
      redirect_back_or_admin_user(alert: "Error occurred. User was not blocked")
57 58 59
    end
  end

60
  def unblock
61 62 63
    if user.ldap_blocked?
      redirect_back_or_admin_user(alert: "This user cannot be unlocked manually from GitLab")
    elsif user.activate
64
      redirect_back_or_admin_user(notice: "Successfully unblocked")
65
    else
66
      redirect_back_or_admin_user(alert: "Error occurred. User was not unblocked")
67 68 69
    end
  end

70 71
  def unlock
    if user.unlock_access!
72
      redirect_back_or_admin_user(alert: "Successfully unlocked")
73
    else
74
      redirect_back_or_admin_user(alert: "Error occurred. User was not unlocked")
75 76 77
    end
  end

78
  def confirm
79
    if user.confirm
80
      redirect_back_or_admin_user(notice: "Successfully confirmed")
81
    else
82
      redirect_back_or_admin_user(alert: "Error occurred. User was not confirmed")
83 84 85
    end
  end

86 87 88 89 90 91
  def disable_two_factor
    user.disable_two_factor!
    redirect_to admin_user_path(user),
      notice: 'Two-factor Authentication has been disabled for this user'
  end

gitlabhq's avatar
gitlabhq committed
92
  def create
93 94
    opts = {
      force_random_password: true,
95
      password_expires_at: nil
96 97
    }

98
    @user = User.new(user_params.merge(opts))
99
    @user.created_by_id = current_user.id
arul's avatar
arul committed
100
    @user.generate_password
101
    @user.generate_reset_token
102
    @user.skip_confirmation!
gitlabhq's avatar
gitlabhq committed
103 104

    respond_to do |format|
105 106 107
      if @user.save
        format.html { redirect_to [:admin, @user], notice: 'User was successfully created.' }
        format.json { render json: @user, status: :created, location: @user }
gitlabhq's avatar
gitlabhq committed
108
      else
109
        format.html { render "new" }
110
        format.json { render json: @user.errors, status: :unprocessable_entity }
gitlabhq's avatar
gitlabhq committed
111 112 113 114 115
      end
    end
  end

  def update
116 117
    user_params_with_pass = user_params.dup

118
    if params[:user][:password].present?
119
      user_params_with_pass.merge!(
120 121 122
        password: params[:user][:password],
        password_confirmation: params[:user][:password_confirmation],
      )
123
    end
gitlabhq's avatar
gitlabhq committed
124 125

    respond_to do |format|
126
      user.skip_reconfirmation!
127
      if user.update_attributes(user_params_with_pass)
128
        format.html { redirect_to [:admin, user], notice: 'User was successfully updated.' }
gitlabhq's avatar
gitlabhq committed
129 130
        format.json { head :ok }
      else
131
        # restore username to keep form action url.
132
        user.username = params[:id]
133
        format.html { render "edit" }
134
        format.json { render json: user.errors, status: :unprocessable_entity }
gitlabhq's avatar
gitlabhq committed
135 136 137 138 139
      end
    end
  end

  def destroy
140
    DeleteUserWorker.perform_async(current_user.id, user.id)
gitlabhq's avatar
gitlabhq committed
141 142

    respond_to do |format|
143
      format.html { redirect_to admin_users_path, notice: "The user is being deleted." }
gitlabhq's avatar
gitlabhq committed
144 145 146
      format.json { head :ok }
    end
  end
147

148 149 150 151
  def remove_email
    email = user.emails.find(params[:email_id])
    email.destroy

152
    user.update_secondary_emails!
153

154
    respond_to do |format|
155
      format.html { redirect_back_or_admin_user(notice: "Successfully removed email.") }
156 157 158 159
      format.js { render nothing: true }
    end
  end

160 161
  protected

162
  def user
skv's avatar
skv committed
163
    @user ||= User.find_by!(username: params[:id])
164
  end
165 166 167

  def user_params
    params.require(:user).permit(
168
      :email, :remember_me, :bio, :name, :username,
169
      :skype, :linkedin, :twitter, :website_url, :color_scheme_id, :theme_id, :force_random_password,
170
      :extern_uid, :provider, :password_expires_at, :avatar, :hide_no_ssh_key, :hide_no_password,
Zeger-Jan van de Weg's avatar
Zeger-Jan van de Weg committed
171
      :projects_limit, :can_create_group, :admin, :key_id, :external
172 173
    )
  end
174 175 176 177 178 179 180 181

  def redirect_back_or_admin_user(options = {})
    redirect_back_or_default(default: default_route, options: options)
  end

  def default_route
    [:admin, @user]
  end
gitlabhq's avatar
gitlabhq committed
182
end