Commit 3e738e3b authored by Stan Hu's avatar Stan Hu

Add support for unlocking users in admin settings

Closes https://github.com/gitlabhq/gitlabhq/issues/9381
parent 2ca7ffd0
Please view this file on the master branch, on stable branches it's out of date. Please view this file on the master branch, on stable branches it's out of date.
v 7.13.0 (unreleased) v 7.13.0 (unreleased)
- Add support for unlocking users in admin settings (Stan Hu)
- Fix order of issues imported form GitHub (Hiroyuki Sato) - Fix order of issues imported form GitHub (Hiroyuki Sato)
- Bump rugments to 1.0.0beta8 to fix C prototype function highlighting (Jonathon Reinhart) - Bump rugments to 1.0.0beta8 to fix C prototype function highlighting (Jonathon Reinhart)
- Fix Merge Request webhook to properly fire "merge" action when accepted from the web UI - Fix Merge Request webhook to properly fire "merge" action when accepted from the web UI
......
...@@ -47,6 +47,14 @@ class Admin::UsersController < Admin::ApplicationController ...@@ -47,6 +47,14 @@ class Admin::UsersController < Admin::ApplicationController
end end
end end
def unlock
if user.unlock_access!
redirect_to :back, alert: "Successfully unlocked"
else
redirect_to :back, alert: "Error occurred. User was not unlocked"
end
end
def create def create
opts = { opts = {
force_random_password: true, force_random_password: true,
......
...@@ -93,6 +93,8 @@ ...@@ -93,6 +93,8 @@
= link_to 'Unblock', unblock_admin_user_path(user), method: :put, class: "btn btn-xs btn-success" = link_to 'Unblock', unblock_admin_user_path(user), method: :put, class: "btn btn-xs btn-success"
- else - else
= link_to 'Block', block_admin_user_path(user), data: {confirm: 'USER WILL BE BLOCKED! Are you sure?'}, method: :put, class: "btn btn-xs btn-warning" = link_to 'Block', block_admin_user_path(user), data: {confirm: 'USER WILL BE BLOCKED! Are you sure?'}, method: :put, class: "btn btn-xs btn-warning"
- if user.access_locked?
= link_to 'Unlock', unlock_admin_user_path(user), method: :put, class: "btn btn-xs btn-success", data: { confirm: 'Are you sure?' }
- if user.can_be_removed? - if user.can_be_removed?
= link_to 'Destroy', [:admin, user], data: { confirm: "USER #{user.name} WILL BE REMOVED! All tickets linked to this user will also be removed! Maybe block the user instead? Are you sure?" }, method: :delete, class: "btn btn-xs btn-remove" = link_to 'Destroy', [:admin, user], data: { confirm: "USER #{user.name} WILL BE REMOVED! All tickets linked to this user will also be removed! Maybe block the user instead? Are you sure?" }, method: :delete, class: "btn btn-xs btn-remove"
= paginate @users, theme: "gitlab" = paginate @users, theme: "gitlab"
...@@ -131,6 +131,14 @@ ...@@ -131,6 +131,14 @@
%li Owned groups will be left %li Owned groups will be left
%br %br
= link_to 'Block user', block_admin_user_path(@user), data: { confirm: 'USER WILL BE BLOCKED! Are you sure?' }, method: :put, class: "btn btn-warning" = link_to 'Block user', block_admin_user_path(@user), data: { confirm: 'USER WILL BE BLOCKED! Are you sure?' }, method: :put, class: "btn btn-warning"
- if @user.access_locked?
.panel.panel-info
.panel-heading
This account has been locked
.panel-body
%p This user has been temporarily locked due to excessive number of failed logins. You may manually unlock the account.
%br
= link_to 'Unlock user', unlock_admin_user_path(@user), method: :put, class: "btn btn-info", data: { confirm: 'Are you sure?' }
.panel.panel-danger .panel.panel-danger
.panel-heading .panel-heading
......
...@@ -158,6 +158,7 @@ Gitlab::Application.routes.draw do ...@@ -158,6 +158,7 @@ Gitlab::Application.routes.draw do
put :team_update put :team_update
put :block put :block
put :unblock put :unblock
put :unlock
delete 'remove/:email_id', action: 'remove_email', as: 'remove_email' delete 'remove/:email_id', action: 'remove_email', as: 'remove_email'
end end
end end
......
...@@ -21,4 +21,19 @@ describe Admin::UsersController do ...@@ -21,4 +21,19 @@ describe Admin::UsersController do
expect { User.find(user.id) }.to raise_exception(ActiveRecord::RecordNotFound) expect { User.find(user.id) }.to raise_exception(ActiveRecord::RecordNotFound)
end end
end end
describe 'PUT unlock/:id' do
let(:user) { create(:user) }
before do
request.env["HTTP_REFERER"] = "/"
user.lock_access!
end
it 'unlocks user' do
put :unlock, id: user.username
user.reload
expect(user.access_locked?).to be_falsey
end
end
end end
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment