forked from External/greenlight
GRN2-247: Added Active Pending Banned Deleted tabs to manage users (#816)
* Added Active Pending Banned Deleted tabs to manage users * Removed hard coded strings * Fixed issues with sign in flow * Fixed issues with rooms not deleting
This commit is contained in:
parent
03bde37a2b
commit
49def8f405
|
@ -9,6 +9,9 @@ AllCops:
|
||||||
Bundler/OrderedGems:
|
Bundler/OrderedGems:
|
||||||
Enabled: false
|
Enabled: false
|
||||||
|
|
||||||
|
Style/BlockDelimiters:
|
||||||
|
Enabled: false
|
||||||
|
|
||||||
# Checks if uses of quotes match the configured preference.
|
# Checks if uses of quotes match the configured preference.
|
||||||
Style/StringLiterals:
|
Style/StringLiterals:
|
||||||
Enabled: false
|
Enabled: false
|
||||||
|
@ -97,6 +100,9 @@ Layout/AlignArguments:
|
||||||
Layout/IndentationWidth:
|
Layout/IndentationWidth:
|
||||||
Enabled: false
|
Enabled: false
|
||||||
|
|
||||||
|
Layout/CaseIndentation:
|
||||||
|
Enabled: false
|
||||||
|
|
||||||
# Checks for ambiguous block association with method when param passed without parentheses.
|
# Checks for ambiguous block association with method when param passed without parentheses.
|
||||||
Lint/AmbiguousBlockAssociation:
|
Lint/AmbiguousBlockAssociation:
|
||||||
Enabled: false
|
Enabled: false
|
||||||
|
|
|
@ -21,17 +21,6 @@ $(document).on('turbolinks:load', function(){
|
||||||
// Only run on the admins page.
|
// Only run on the admins page.
|
||||||
if (controller == "admins") {
|
if (controller == "admins") {
|
||||||
if(action == "index") {
|
if(action == "index") {
|
||||||
// show the modal with the correct form action url
|
|
||||||
$(".delete-user").click(function(data){
|
|
||||||
var uid = $(data.target).closest("tr").data("user-uid")
|
|
||||||
var url = $("body").data("relative-root")
|
|
||||||
if (!url.endsWith("/")) {
|
|
||||||
url += "/"
|
|
||||||
}
|
|
||||||
url += "u/" + uid
|
|
||||||
$("#delete-confirm").parent().attr("action", url)
|
|
||||||
})
|
|
||||||
|
|
||||||
//clear the role filter if user clicks on the x
|
//clear the role filter if user clicks on the x
|
||||||
$(".clear-role").click(function() {
|
$(".clear-role").click(function() {
|
||||||
var search = new URL(location.href).searchParams.get('search')
|
var search = new URL(location.href).searchParams.get('search')
|
||||||
|
@ -44,6 +33,14 @@ $(document).on('turbolinks:load', function(){
|
||||||
|
|
||||||
window.location.replace(url);
|
window.location.replace(url);
|
||||||
})
|
})
|
||||||
|
|
||||||
|
// Handle selected user tags
|
||||||
|
$(".manage-users-tab").click(function() {
|
||||||
|
$(".manage-users-tab").removeClass("selected")
|
||||||
|
$(this).addClass("selected")
|
||||||
|
|
||||||
|
updateTabParams(this.id)
|
||||||
|
})
|
||||||
}
|
}
|
||||||
else if(action == "site_settings"){
|
else if(action == "site_settings"){
|
||||||
loadColourSelectors()
|
loadColourSelectors()
|
||||||
|
@ -95,6 +92,20 @@ function filterRole(role) {
|
||||||
window.location.replace(url);
|
window.location.replace(url);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
function updateTabParams(tab) {
|
||||||
|
var search_params = new URLSearchParams(window.location.search)
|
||||||
|
|
||||||
|
if (window.location.href.includes("tab=")) {
|
||||||
|
search_params.set("tab", tab)
|
||||||
|
} else {
|
||||||
|
search_params.append("tab", tab)
|
||||||
|
}
|
||||||
|
|
||||||
|
search_params.delete("page")
|
||||||
|
|
||||||
|
window.location.search = search_params.toString()
|
||||||
|
}
|
||||||
|
|
||||||
function loadColourSelectors() {
|
function loadColourSelectors() {
|
||||||
const pickrRegular = new Pickr({
|
const pickrRegular = new Pickr({
|
||||||
el: '#colorinput-regular',
|
el: '#colorinput-regular',
|
||||||
|
|
|
@ -0,0 +1,57 @@
|
||||||
|
// BigBlueButton open source conferencing system - http://www.bigbluebutton.org/.
|
||||||
|
//
|
||||||
|
// Copyright (c) 2018 BigBlueButton Inc. and by respective authors (see below).
|
||||||
|
//
|
||||||
|
// This program is free software; you can redistribute it and/or modify it under the
|
||||||
|
// terms of the GNU Lesser General Public License as published by the Free Software
|
||||||
|
// Foundation; either version 3.0 of the License, or (at your option) any later
|
||||||
|
// version.
|
||||||
|
//
|
||||||
|
// BigBlueButton is distributed in the hope that it will be useful, but WITHOUT ANY
|
||||||
|
// WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A
|
||||||
|
// PARTICULAR PURPOSE. See the GNU Lesser General Public License for more details.
|
||||||
|
//
|
||||||
|
// You should have received a copy of the GNU Lesser General Public License along
|
||||||
|
// with BigBlueButton; if not, see <http://www.gnu.org/licenses/>.
|
||||||
|
|
||||||
|
$(document).on('turbolinks:load', function(){
|
||||||
|
var controller = $("body").data('controller');
|
||||||
|
var action = $("body").data('action');
|
||||||
|
|
||||||
|
// Only run on the admins page.
|
||||||
|
if (controller == "admins" && action == "index") {
|
||||||
|
// show the modal with the correct form action url
|
||||||
|
$(".delete-user").click(function(){
|
||||||
|
$("#delete-confirm").parent().attr("action", $(this).data("path"))
|
||||||
|
|
||||||
|
if ($(this).data("delete") == "temp-delete") {
|
||||||
|
$("#perm-delete").hide()
|
||||||
|
$("#delete-warning").show()
|
||||||
|
} else {
|
||||||
|
$("#perm-delete").show()
|
||||||
|
$("#delete-warning").hide()
|
||||||
|
}
|
||||||
|
})
|
||||||
|
}
|
||||||
|
|
||||||
|
$(".delete-user").click(function(data){
|
||||||
|
document.getElementById("delete-checkbox").checked = false
|
||||||
|
$("#delete-confirm").prop("disabled", "disabled")
|
||||||
|
|
||||||
|
if ($(data.target).data("delete") == "temp-delete") {
|
||||||
|
$("#perm-delete").hide()
|
||||||
|
$("#delete-warning").show()
|
||||||
|
} else {
|
||||||
|
$("#perm-delete").show()
|
||||||
|
$("#delete-warning").hide()
|
||||||
|
}
|
||||||
|
})
|
||||||
|
|
||||||
|
$("#delete-checkbox").click(function(data){
|
||||||
|
if (document.getElementById("delete-checkbox").checked) {
|
||||||
|
$("#delete-confirm").removeAttr("disabled")
|
||||||
|
} else {
|
||||||
|
$("#delete-confirm").prop("disabled", "disabled")
|
||||||
|
}
|
||||||
|
})
|
||||||
|
})
|
|
@ -69,10 +69,12 @@ function searchPage() {
|
||||||
|
|
||||||
// Check if the user filtered by role
|
// Check if the user filtered by role
|
||||||
var role = new URL(location.href).searchParams.get('role')
|
var role = new URL(location.href).searchParams.get('role')
|
||||||
|
var tab = new URL(location.href).searchParams.get('tab')
|
||||||
|
|
||||||
var url = window.location.pathname + "?page=1&search=" + search
|
var url = window.location.pathname + "?page=1&search=" + search
|
||||||
|
|
||||||
if (role) { url += "&role=" + role }
|
if (role) { url += "&role=" + role }
|
||||||
|
if (tab) { url += "&tab=" + tab }
|
||||||
|
|
||||||
window.location.replace(addRecordingTable(url));
|
window.location.replace(addRecordingTable(url));
|
||||||
}
|
}
|
||||||
|
@ -80,12 +82,16 @@ function searchPage() {
|
||||||
// Clears the search bar
|
// Clears the search bar
|
||||||
function clearSearch() {
|
function clearSearch() {
|
||||||
var role = new URL(location.href).searchParams.get('role')
|
var role = new URL(location.href).searchParams.get('role')
|
||||||
|
var tab = new URL(location.href).searchParams.get('tab')
|
||||||
|
|
||||||
var url = window.location.pathname + "?page=1"
|
var url = window.location.pathname + "?page=1"
|
||||||
|
|
||||||
if (role) { url += "&role=" + role }
|
if (role) { url += "&role=" + role }
|
||||||
|
if (tab) { url += "&tab=" + tab }
|
||||||
|
|
||||||
window.location.replace(addRecordingTable(url));
|
window.location.replace(addRecordingTable(url));
|
||||||
|
|
||||||
|
var search_params = new URLSearchParams(window.location.search)
|
||||||
}
|
}
|
||||||
|
|
||||||
function addRecordingTable(url) {
|
function addRecordingTable(url) {
|
||||||
|
|
|
@ -75,8 +75,17 @@
|
||||||
|
|
||||||
.custom-role-tag{
|
.custom-role-tag{
|
||||||
color: white !important;
|
color: white !important;
|
||||||
|
// Make it consistent with the manage users tab tags
|
||||||
|
padding-top: 1px;
|
||||||
|
padding-bottom: 1px;
|
||||||
}
|
}
|
||||||
|
|
||||||
.user-role-tag{
|
.user-role-tag{
|
||||||
color: white !important;
|
color: white !important;
|
||||||
|
}
|
||||||
|
|
||||||
|
.manage-users-tab {
|
||||||
|
&:hover {
|
||||||
|
cursor: pointer;
|
||||||
|
}
|
||||||
}
|
}
|
|
@ -175,3 +175,7 @@ table {
|
||||||
.cursor-pointer{
|
.cursor-pointer{
|
||||||
cursor: pointer;
|
cursor: pointer;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
#delete-confirm:disabled {
|
||||||
|
cursor: not-allowed;
|
||||||
|
}
|
|
@ -182,4 +182,14 @@ input:focus, select:focus {
|
||||||
.custom-switch-input:focus ~ .custom-switch-indicator {
|
.custom-switch-input:focus ~ .custom-switch-indicator {
|
||||||
box-shadow: 0 0 0 2px $primary-color-lighten;
|
box-shadow: 0 0 0 2px $primary-color-lighten;
|
||||||
border-color: $primary-color-darken !important;
|
border-color: $primary-color-darken !important;
|
||||||
|
}
|
||||||
|
|
||||||
|
.custom-control-label::before {
|
||||||
|
border-color: $primary-color-darken !important;
|
||||||
|
}
|
||||||
|
|
||||||
|
.manage-users-tab {
|
||||||
|
&.selected {
|
||||||
|
@extend .btn-primary;
|
||||||
|
}
|
||||||
}
|
}
|
|
@ -24,10 +24,11 @@ class AdminsController < ApplicationController
|
||||||
include Rolify
|
include Rolify
|
||||||
|
|
||||||
manage_users = [:edit_user, :promote, :demote, :ban_user, :unban_user, :approve, :reset]
|
manage_users = [:edit_user, :promote, :demote, :ban_user, :unban_user, :approve, :reset]
|
||||||
|
manage_deleted_users = [:undelete]
|
||||||
authorize_resource class: false
|
authorize_resource class: false
|
||||||
before_action :find_user, only: manage_users
|
before_action :find_user, only: manage_users
|
||||||
before_action :verify_admin_of_user, only: manage_users
|
before_action :find_deleted_user, only: manage_deleted_users
|
||||||
|
before_action :verify_admin_of_user, only: [manage_users, manage_deleted_users]
|
||||||
|
|
||||||
# GET /admins
|
# GET /admins
|
||||||
def index
|
def index
|
||||||
|
@ -37,6 +38,7 @@ class AdminsController < ApplicationController
|
||||||
@order_direction = params[:direction] && params[:direction] != "none" ? params[:direction] : "DESC"
|
@order_direction = params[:direction] && params[:direction] != "none" ? params[:direction] : "DESC"
|
||||||
|
|
||||||
@role = params[:role] ? Role.find_by(name: params[:role], provider: @user_domain) : nil
|
@role = params[:role] ? Role.find_by(name: params[:role], provider: @user_domain) : nil
|
||||||
|
@tab = params[:tab] || "active"
|
||||||
|
|
||||||
@pagy, @users = pagy(user_list)
|
@pagy, @users = pagy(user_list)
|
||||||
end
|
end
|
||||||
|
@ -88,6 +90,15 @@ class AdminsController < ApplicationController
|
||||||
redirect_to admins_path, flash: { success: I18n.t("administrator.flash.approved") }
|
redirect_to admins_path, flash: { success: I18n.t("administrator.flash.approved") }
|
||||||
end
|
end
|
||||||
|
|
||||||
|
# POST /admins/approve/:user_uid
|
||||||
|
def undelete
|
||||||
|
# Undelete the user and all of his rooms
|
||||||
|
@user.undelete!
|
||||||
|
@user.rooms.deleted.each(&:undelete!)
|
||||||
|
|
||||||
|
redirect_to admins_path, flash: { success: I18n.t("administrator.flash.restored") }
|
||||||
|
end
|
||||||
|
|
||||||
# POST /admins/invite
|
# POST /admins/invite
|
||||||
def invite
|
def invite
|
||||||
emails = params[:invite_user][:email].split(",")
|
emails = params[:invite_user][:email].split(",")
|
||||||
|
@ -208,6 +219,10 @@ class AdminsController < ApplicationController
|
||||||
@user = User.where(uid: params[:user_uid]).includes(:roles).first
|
@user = User.where(uid: params[:user_uid]).includes(:roles).first
|
||||||
end
|
end
|
||||||
|
|
||||||
|
def find_deleted_user
|
||||||
|
@user = User.deleted.where(uid: params[:user_uid]).includes(:roles).first
|
||||||
|
end
|
||||||
|
|
||||||
# Verifies that admin is an administrator of the user in the action
|
# Verifies that admin is an administrator of the user in the action
|
||||||
def verify_admin_of_user
|
def verify_admin_of_user
|
||||||
redirect_to admins_path,
|
redirect_to admins_path,
|
||||||
|
@ -216,18 +231,31 @@ class AdminsController < ApplicationController
|
||||||
|
|
||||||
# Gets the list of users based on your configuration
|
# Gets the list of users based on your configuration
|
||||||
def user_list
|
def user_list
|
||||||
|
current_role = @role
|
||||||
|
|
||||||
|
initial_user = case @tab
|
||||||
|
when "active"
|
||||||
|
User.without_role(:pending).without_role(:denied)
|
||||||
|
when "deleted"
|
||||||
|
User.deleted
|
||||||
|
else
|
||||||
|
User
|
||||||
|
end
|
||||||
|
|
||||||
|
current_role = Role.find_by(name: @tab, provider: @user_domain) if @tab == "pending" || @tab == "denied"
|
||||||
|
|
||||||
initial_list = if current_user.has_role? :super_admin
|
initial_list = if current_user.has_role? :super_admin
|
||||||
User.where.not(id: current_user.id)
|
initial_user.where.not(id: current_user.id)
|
||||||
else
|
else
|
||||||
User.without_role(:super_admin).where.not(id: current_user.id)
|
initial_user.without_role(:super_admin).where.not(id: current_user.id)
|
||||||
end
|
end
|
||||||
|
|
||||||
if Rails.configuration.loadbalanced_configuration
|
if Rails.configuration.loadbalanced_configuration
|
||||||
initial_list.where(provider: @user_domain)
|
initial_list.where(provider: @user_domain)
|
||||||
.admins_search(@search, @role)
|
.admins_search(@search, current_role)
|
||||||
.admins_order(@order_column, @order_direction)
|
.admins_order(@order_column, @order_direction)
|
||||||
else
|
else
|
||||||
initial_list.admins_search(@search, @role)
|
initial_list.admins_search(@search, current_role)
|
||||||
.admins_order(@order_column, @order_direction)
|
.admins_order(@order_column, @order_direction)
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
|
|
@ -63,17 +63,22 @@ class SessionsController < ApplicationController
|
||||||
def create
|
def create
|
||||||
logger.info "Support: #{session_params[:email]} is attempting to login."
|
logger.info "Support: #{session_params[:email]} is attempting to login."
|
||||||
|
|
||||||
admin = User.find_by(email: session_params[:email])
|
user = User.include_deleted.find_by(email: session_params[:email], provider: @user_domain)
|
||||||
if admin&.has_role? :super_admin
|
|
||||||
user = admin
|
# Check user with that email exists
|
||||||
else
|
return redirect_to(signin_path, alert: I18n.t("invalid_credentials")) unless user
|
||||||
user = User.find_by(email: session_params[:email], provider: @user_domain)
|
# Check correct password was entered
|
||||||
redirect_to(signin_path, alert: I18n.t("invalid_credentials")) && return unless user
|
return redirect_to(signin_path, alert: I18n.t("invalid_credentials")) unless user.try(:authenticate,
|
||||||
redirect_to(root_path, alert: I18n.t("invalid_login_method")) && return unless user.greenlight_account?
|
|
||||||
redirect_to(account_activation_path(email: user.email)) && return unless user.activated?
|
|
||||||
end
|
|
||||||
redirect_to(signin_path, alert: I18n.t("invalid_credentials")) && return unless user.try(:authenticate,
|
|
||||||
session_params[:password])
|
session_params[:password])
|
||||||
|
# Check that the user is not deleted
|
||||||
|
return redirect_to root_path, flash: { alert: I18n.t("registration.banned.fail") } if user.deleted?
|
||||||
|
|
||||||
|
unless user.has_role? :super_admin
|
||||||
|
# Check that the user is a Greenlight account
|
||||||
|
return redirect_to(root_path, alert: I18n.t("invalid_login_method")) unless user.greenlight_account?
|
||||||
|
# Check that the user has verified their account
|
||||||
|
return redirect_to(account_activation_path(email: user.email)) unless user.activated?
|
||||||
|
end
|
||||||
|
|
||||||
login(user)
|
login(user)
|
||||||
end
|
end
|
||||||
|
@ -153,8 +158,19 @@ class SessionsController < ApplicationController
|
||||||
end
|
end
|
||||||
|
|
||||||
def check_user_exists
|
def check_user_exists
|
||||||
provider = @auth['provider'] == "bn_launcher" ? @auth['info']['customer'] : @auth['provider']
|
User.exists?(social_uid: @auth['uid'], provider: current_provider)
|
||||||
User.exists?(social_uid: @auth['uid'], provider: provider)
|
end
|
||||||
|
|
||||||
|
def check_user_deleted(email)
|
||||||
|
User.deleted.exists?(email: email, provider: @user_domain)
|
||||||
|
end
|
||||||
|
|
||||||
|
def check_auth_deleted
|
||||||
|
User.deleted.exists?(social_uid: @auth['uid'], provider: current_provider)
|
||||||
|
end
|
||||||
|
|
||||||
|
def current_provider
|
||||||
|
@auth['provider'] == "bn_launcher" ? @auth['info']['customer'] : @auth['provider']
|
||||||
end
|
end
|
||||||
|
|
||||||
# Check if the user already exists, if not then check for invitation
|
# Check if the user already exists, if not then check for invitation
|
||||||
|
@ -172,6 +188,9 @@ class SessionsController < ApplicationController
|
||||||
return redirect_to root_path, flash: { alert: I18n.t("registration.deprecated.twitter_signup") }
|
return redirect_to root_path, flash: { alert: I18n.t("registration.deprecated.twitter_signup") }
|
||||||
end
|
end
|
||||||
|
|
||||||
|
# Check if user is deleted
|
||||||
|
return redirect_to root_path, flash: { alert: I18n.t("registration.banned.fail") } if check_auth_deleted
|
||||||
|
|
||||||
# If using invitation registration method, make sure user is invited
|
# If using invitation registration method, make sure user is invited
|
||||||
return redirect_to root_path, flash: { alert: I18n.t("registration.invite.no_invite") } unless passes_invite_reqs
|
return redirect_to root_path, flash: { alert: I18n.t("registration.invite.no_invite") } unless passes_invite_reqs
|
||||||
|
|
||||||
|
|
|
@ -24,7 +24,7 @@ class UsersController < ApplicationController
|
||||||
include Recorder
|
include Recorder
|
||||||
include Rolify
|
include Rolify
|
||||||
|
|
||||||
before_action :find_user, only: [:edit, :change_password, :delete_account, :update, :destroy]
|
before_action :find_user, only: [:edit, :change_password, :delete_account, :update]
|
||||||
before_action :ensure_unauthenticated_except_twitter, only: [:create]
|
before_action :ensure_unauthenticated_except_twitter, only: [:create]
|
||||||
before_action :check_user_signup_allowed, only: [:create]
|
before_action :check_user_signup_allowed, only: [:create]
|
||||||
before_action :check_admin_of, only: [:edit, :change_password, :delete_account]
|
before_action :check_admin_of, only: [:edit, :change_password, :delete_account]
|
||||||
|
@ -122,22 +122,41 @@ class UsersController < ApplicationController
|
||||||
|
|
||||||
# DELETE /u/:user_uid
|
# DELETE /u/:user_uid
|
||||||
def destroy
|
def destroy
|
||||||
|
# Include deleted users in the check
|
||||||
|
@user = User.include_deleted.find_by(uid: params[:user_uid])
|
||||||
|
|
||||||
logger.info "Support: #{current_user.email} is deleting #{@user.email}."
|
logger.info "Support: #{current_user.email} is deleting #{@user.email}."
|
||||||
|
|
||||||
self_delete = current_user == @user
|
self_delete = current_user == @user
|
||||||
|
redirect_url = self_delete ? root_path : admins_path
|
||||||
|
|
||||||
begin
|
begin
|
||||||
if current_user && (self_delete || current_user.admin_of?(@user))
|
if current_user && (self_delete || current_user.admin_of?(@user))
|
||||||
@user.destroy
|
# Permanently delete if the user is deleting themself
|
||||||
|
perm_delete = self_delete || (params[:permanent].present? && params[:permanent] == "true")
|
||||||
|
|
||||||
|
# Permanently delete the rooms under the user if they have not been reassigned
|
||||||
|
if perm_delete
|
||||||
|
@user.rooms.include_deleted.each do |room|
|
||||||
|
room.destroy(true)
|
||||||
|
end
|
||||||
|
end
|
||||||
|
|
||||||
|
@user.destroy(perm_delete)
|
||||||
|
|
||||||
|
# Log the user out if they are deleting themself
|
||||||
session.delete(:user_id) if self_delete
|
session.delete(:user_id) if self_delete
|
||||||
|
|
||||||
return redirect_to admins_path, flash: { success: I18n.t("administrator.flash.delete") } unless self_delete
|
return redirect_to redirect_url, flash: { success: I18n.t("administrator.flash.delete") } unless self_delete
|
||||||
|
else
|
||||||
|
flash[:alert] = I18n.t("administrator.flash.delete_fail")
|
||||||
end
|
end
|
||||||
rescue => e
|
rescue => e
|
||||||
logger.error "Support: Error in user deletion: #{e}"
|
logger.error "Support: Error in user deletion: #{e}"
|
||||||
flash[:alert] = I18n.t(params[:message], default: I18n.t("administrator.flash.delete_fail"))
|
flash[:alert] = I18n.t(params[:message], default: I18n.t("administrator.flash.delete_fail"))
|
||||||
end
|
end
|
||||||
|
|
||||||
redirect_to root_path
|
redirect_to redirect_url
|
||||||
end
|
end
|
||||||
|
|
||||||
# GET /u/:user_uid/recordings
|
# GET /u/:user_uid/recordings
|
||||||
|
|
|
@ -36,7 +36,7 @@ class Ability
|
||||||
|
|
||||||
if highest_role.get_permission("can_manage_users")
|
if highest_role.get_permission("can_manage_users")
|
||||||
can [:index, :roles, :edit_user, :promote, :demote, :ban_user, :unban_user,
|
can [:index, :roles, :edit_user, :promote, :demote, :ban_user, :unban_user,
|
||||||
:approve, :invite, :reset], :admin
|
:approve, :invite, :reset, :undelete], :admin
|
||||||
end
|
end
|
||||||
|
|
||||||
if !highest_role.get_permission("can_edit_site_settings") && !highest_role.get_permission("can_edit_roles") &&
|
if !highest_role.get_permission("can_edit_site_settings") && !highest_role.get_permission("can_edit_roles") &&
|
||||||
|
|
|
@ -26,20 +26,28 @@ module Deleteable
|
||||||
scope :deleted, -> { include_deleted.where(deleted: true) }
|
scope :deleted, -> { include_deleted.where(deleted: true) }
|
||||||
end
|
end
|
||||||
|
|
||||||
def destroy
|
def destroy(permanent = false)
|
||||||
run_callbacks :destroy
|
if permanent
|
||||||
update_attribute(:deleted, true)
|
super()
|
||||||
|
else
|
||||||
|
run_callbacks :destroy do end
|
||||||
|
update_attribute(:deleted, true)
|
||||||
|
end
|
||||||
end
|
end
|
||||||
|
|
||||||
def delete
|
def delete(permanent = false)
|
||||||
destroy
|
destroy(permanent)
|
||||||
end
|
|
||||||
|
|
||||||
def undelete
|
|
||||||
assign_attributes(deleted: false)
|
|
||||||
end
|
end
|
||||||
|
|
||||||
def undelete!
|
def undelete!
|
||||||
update_attribute(:deleted, false)
|
update_attribute(:deleted, false)
|
||||||
end
|
end
|
||||||
|
|
||||||
|
def permanent_delete
|
||||||
|
destroy(true)
|
||||||
|
end
|
||||||
|
|
||||||
|
def deleted?
|
||||||
|
deleted
|
||||||
|
end
|
||||||
end
|
end
|
||||||
|
|
|
@ -13,7 +13,7 @@
|
||||||
# with BigBlueButton; if not, see <http://www.gnu.org/licenses/>.
|
# with BigBlueButton; if not, see <http://www.gnu.org/licenses/>.
|
||||||
%>
|
%>
|
||||||
|
|
||||||
<div class="form-group">
|
<div class="form-group mt-n3">
|
||||||
<div class="row">
|
<div class="row">
|
||||||
<div class="col-12 tags">
|
<div class="col-12 tags">
|
||||||
<span style="<%= "background-color: #{role_colour(@role)};border-color: #{role_colour(@role)};" %>" class="tag custom-role-tag">
|
<span style="<%= "background-color: #{role_colour(@role)};border-color: #{role_colour(@role)};" %>" class="tag custom-role-tag">
|
||||||
|
|
|
@ -0,0 +1,33 @@
|
||||||
|
<%
|
||||||
|
# BigBlueButton open source conferencing system - http://www.bigbluespan.org/.
|
||||||
|
# Copyright (c) 2018 BigBlueButton Inc. and by respective authors (see below).
|
||||||
|
# This program is free software; you can redistribute it and/or modify it under the
|
||||||
|
# terms of the GNU Lesser General Public License as published by the Free Software
|
||||||
|
# Foundation; either version 3.0 of the License, or (at your option) any later
|
||||||
|
# version.
|
||||||
|
#
|
||||||
|
# BigBlueButton is distributed in the hope that it will be useful, but WITHOUT ANY
|
||||||
|
# WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A
|
||||||
|
# PARTICULAR PURPOSE. See the GNU Lesser General Public License for more details.
|
||||||
|
# You should have received a copy of the GNU Lesser General Public License along
|
||||||
|
# with BigBlueButton; if not, see <http://www.gnu.org/licenses/>.
|
||||||
|
%>
|
||||||
|
|
||||||
|
<div class="form-group mt-n3">
|
||||||
|
<div class="row">
|
||||||
|
<div class="col-12 tags">
|
||||||
|
<span id="active" class="btn btn-sm tag manage-users-tab <%= 'selected' if @tab == 'active' %>">
|
||||||
|
<%= t("roles.active") %>
|
||||||
|
</span>
|
||||||
|
<span id="pending" class="btn btn-sm tag manage-users-tab <%= 'selected' if @tab == 'pending' %>">
|
||||||
|
<%= t("roles.pending") %>
|
||||||
|
</span>
|
||||||
|
<span id="denied" class="btn btn-sm tag manage-users-tab <%= 'selected' if @tab == 'denied' %>">
|
||||||
|
<%= t("roles.banned") %>
|
||||||
|
</span>
|
||||||
|
<span id="deleted" class="btn btn-sm tag manage-users-tab <%= 'selected' if @tab == 'deleted' %>">
|
||||||
|
<%= t("roles.deleted") %>
|
||||||
|
</span>
|
||||||
|
</div>
|
||||||
|
</div>
|
||||||
|
</div>
|
|
@ -28,7 +28,9 @@
|
||||||
# with BigBlueButton; if not, see <http://www.gnu.org/licenses/>.
|
# with BigBlueButton; if not, see <http://www.gnu.org/licenses/>.
|
||||||
%>
|
%>
|
||||||
|
|
||||||
<% unless @role.nil? %>
|
<% if @role.nil? %>
|
||||||
|
<%= render "admins/components/manage_users_tags" %>
|
||||||
|
<% else %>
|
||||||
<%= render "admins/components/admins_tags" %>
|
<%= render "admins/components/admins_tags" %>
|
||||||
<% end %>
|
<% end %>
|
||||||
|
|
||||||
|
@ -91,40 +93,43 @@
|
||||||
<%= render "admins/components/admins_role", role: user.highest_priority_role %>
|
<%= render "admins/components/admins_role", role: user.highest_priority_role %>
|
||||||
</td>
|
</td>
|
||||||
<td>
|
<td>
|
||||||
<% if roles.include?("pending") %>
|
<% if !roles.include?("super_admin") %>
|
||||||
<div class="item-action dropdown">
|
<div class="item-action dropdown">
|
||||||
<a href="javascript:void(0)" data-toggle="dropdown" class="icon">
|
<a href="javascript:void(0)" data-toggle="dropdown" class="icon">
|
||||||
<i class="fas fa-ellipsis-v px-4"></i>
|
<i class="fas fa-ellipsis-v px-4"></i>
|
||||||
</a>
|
</a>
|
||||||
<div class="dropdown-menu dropdown-menu">
|
<div class="dropdown-menu dropdown-menu">
|
||||||
<%= button_to admin_approve_path(user_uid: user.uid), class: "dropdown-item" do %>
|
<% if user.deleted? %>
|
||||||
<i class="dropdown-icon far fa-check-circle"></i> <%= t("administrator.users.settings.approve") %>
|
<%= button_to admin_undelete_path(user_uid: user.uid), class: "dropdown-item" do %>
|
||||||
<% end %>
|
<i class="dropdown-icon fas fa-recycle"></i> <%= t("administrator.users.settings.undelete") %>
|
||||||
<%= button_to admin_ban_path(user_uid: user.uid), class: "dropdown-item" do %>
|
<% end %>
|
||||||
<i class="dropdown-icon far fa-times-circle"></i> <%= t("administrator.users.settings.decline") %>
|
<button class="delete-user dropdown-item" data-path="<%= delete_user_path(user_uid: user.uid, permanent: "true") %>" data-toggle="modal" data-target="#deleteAccountModal">
|
||||||
<% end %>
|
<i class="dropdown-icon fas fa-skull-crossbones"></i> <%= t("administrator.users.settings.perm_delete") %>
|
||||||
</div>
|
</button>
|
||||||
</div>
|
<% elsif roles.include?("denied") %>
|
||||||
<% elsif !roles.include?("super_admin") %>
|
|
||||||
<div class="item-action dropdown">
|
|
||||||
<a href="javascript:void(0)" data-toggle="dropdown" class="icon">
|
|
||||||
<i class="fas fa-ellipsis-v px-4"></i>
|
|
||||||
</a>
|
|
||||||
<div class="dropdown-menu dropdown-menu">
|
|
||||||
<% if roles.include?("denied") %>
|
|
||||||
<%= button_to admin_unban_path(user_uid: user.uid), class: "dropdown-item" do %>
|
<%= button_to admin_unban_path(user_uid: user.uid), class: "dropdown-item" do %>
|
||||||
<i class="dropdown-icon fas fa-lock-open"></i> <%= t("administrator.users.settings.unban") %>
|
<i class="dropdown-icon fas fa-lock-open"></i> <%= t("administrator.users.settings.unban") %>
|
||||||
<% end %>
|
<% end %>
|
||||||
|
<button class= "delete-user dropdown-item" data-path="<%= delete_user_path(user_uid: user.uid) %>" data-delete="temp-delete" data-toggle="modal" data-target="#deleteAccountModal">
|
||||||
|
<i class="dropdown-icon fas fa-user-minus"></i> <%= t("administrator.users.settings.delete") %>
|
||||||
|
</button>
|
||||||
|
<% elsif roles.include?("pending") %>
|
||||||
|
<%= button_to admin_approve_path(user_uid: user.uid), class: "dropdown-item" do %>
|
||||||
|
<i class="dropdown-icon far fa-check-circle"></i> <%= t("administrator.users.settings.approve") %>
|
||||||
|
<% end %>
|
||||||
|
<%= button_to admin_ban_path(user_uid: user.uid), class: "dropdown-item" do %>
|
||||||
|
<i class="dropdown-icon far fa-times-circle"></i> <%= t("administrator.users.settings.decline") %>
|
||||||
|
<% end %>
|
||||||
<% else %>
|
<% else %>
|
||||||
<%= link_to admin_edit_user_path(user_uid: user.uid), class: "dropdown-item" do %>
|
<%= link_to admin_edit_user_path(user_uid: user.uid), class: "dropdown-item" do %>
|
||||||
<i class="dropdown-icon fas fa-user-edit"></i> <%= t("administrator.users.settings.edit") %>
|
<i class="dropdown-icon fas fa-user-edit"></i> <%= t("administrator.users.settings.edit") %>
|
||||||
<% end %>
|
<% end %>
|
||||||
<button class= "delete-user dropdown-item" data-toggle="modal" data-target="#deleteAccountModal">
|
|
||||||
<i class="dropdown-icon fas fa-user-minus"></i> <%= t("administrator.users.settings.delete") %>
|
|
||||||
</button>
|
|
||||||
<%= button_to admin_ban_path(user_uid: user.uid), class: "dropdown-item" do %>
|
<%= button_to admin_ban_path(user_uid: user.uid), class: "dropdown-item" do %>
|
||||||
<i class="dropdown-icon fas fa-lock"></i> <%= t("administrator.users.settings.ban") %>
|
<i class="dropdown-icon fas fa-lock"></i> <%= t("administrator.users.settings.ban") %>
|
||||||
<% end %>
|
<% end %>
|
||||||
|
<button class= "delete-user dropdown-item" data-path="<%= delete_user_path(user_uid: user.uid) %>" data-delete="temp-delete" data-toggle="modal" data-target="#deleteAccountModal">
|
||||||
|
<i class="dropdown-icon fas fa-user-minus"></i> <%= t("administrator.users.settings.delete") %>
|
||||||
|
</button>
|
||||||
<% end %>
|
<% end %>
|
||||||
</div>
|
</div>
|
||||||
</div>
|
</div>
|
||||||
|
|
|
@ -26,13 +26,17 @@
|
||||||
<%= t("modal.delete_account.keep") %>
|
<%= t("modal.delete_account.keep") %>
|
||||||
</button>
|
</button>
|
||||||
|
|
||||||
<%= button_to delete_location, method: :delete, id: "delete-confirm", class: "btn btn-danger my-1 btn-del-room" do %>
|
<%= button_to delete_location, method: :delete, id: "delete-confirm", class: "btn btn-danger my-1 btn-del-room", disabled:"" do %>
|
||||||
<%= t("modal.delete_account.delete") %>
|
<%= t("modal.delete_account.delete") %>
|
||||||
<% end %>
|
<% end %>
|
||||||
|
|
||||||
</div>
|
</div>
|
||||||
<div class="card-footer">
|
<div class="card-footer">
|
||||||
<p><%= t("modal.delete_account.warning").html_safe %></p>
|
<label class="custom-control custom-checkbox">
|
||||||
|
<input id="delete-checkbox" type="checkbox" class="custom-control-input">
|
||||||
|
<p id="perm-delete" class="custom-control-label"><%= t("modal.delete_account.warning").html_safe %></p>
|
||||||
|
<p id="delete-warning" class="custom-control-label"><%= t("modal.delete_account.delete_warning").html_safe %></p>
|
||||||
|
</label>
|
||||||
</div>
|
</div>
|
||||||
</div>
|
</div>
|
||||||
</div>
|
</div>
|
||||||
|
|
|
@ -19,7 +19,7 @@
|
||||||
<center>
|
<center>
|
||||||
<%= t("settings.delete.disclaimer").html_safe %>
|
<%= t("settings.delete.disclaimer").html_safe %>
|
||||||
<br>
|
<br>
|
||||||
<a href="" data-toggle="modal" data-target="#deleteAccountModal" class="btn btn-danger mt-6">
|
<a href="" data-toggle="modal" data-path="<%= delete_user_path(user_uid: current_user.uid) %>" data-target="#deleteAccountModal" class="btn btn-danger mt-6 delete-user">
|
||||||
<%= t("settings.delete.button") %>
|
<%= t("settings.delete.button") %>
|
||||||
</a>
|
</a>
|
||||||
</center>
|
</center>
|
||||||
|
|
|
@ -77,9 +77,11 @@ en:
|
||||||
demoted: User has been successfully demoted
|
demoted: User has been successfully demoted
|
||||||
invite: Invite successfully sent to %{email}
|
invite: Invite successfully sent to %{email}
|
||||||
invite_email_verification: Emails must be enabled in order to use this method. Please contact your system administrator.
|
invite_email_verification: Emails must be enabled in order to use this method. Please contact your system administrator.
|
||||||
|
perm_deleted: User has been permanently deleted
|
||||||
promoted: User has been successfully promoted
|
promoted: User has been successfully promoted
|
||||||
registration_method_updated: Registration method successfully updated
|
registration_method_updated: Registration method successfully updated
|
||||||
reset_password: The user has been sent an email to reset their password. (Please ask them to check their spam folder if they haven't received it)
|
reset_password: The user has been sent an email to reset their password. (Please ask them to check their spam folder if they haven't received it)
|
||||||
|
restored: User has been successfully restored
|
||||||
settings: Site Settings successfully changed
|
settings: Site Settings successfully changed
|
||||||
unauthorized: You are not authorized to perform actions on this user
|
unauthorized: You are not authorized to perform actions on this user
|
||||||
recordings:
|
recordings:
|
||||||
|
@ -116,7 +118,9 @@ en:
|
||||||
delete: Delete
|
delete: Delete
|
||||||
edit: Edit
|
edit: Edit
|
||||||
edit_roles: Edit the user roles
|
edit_roles: Edit the user roles
|
||||||
|
perm_delete: Permanently Delete
|
||||||
unban: Unban User
|
unban: Unban User
|
||||||
|
undelete: Undelete
|
||||||
table:
|
table:
|
||||||
authenticator: Authenticator
|
authenticator: Authenticator
|
||||||
created: Created
|
created: Created
|
||||||
|
@ -307,6 +311,7 @@ en:
|
||||||
confirm: Are you sure you want to delete this account?
|
confirm: Are you sure you want to delete this account?
|
||||||
delete: I'm sure, delete this account.
|
delete: I'm sure, delete this account.
|
||||||
keep: Actually, I'll keep it.
|
keep: Actually, I'll keep it.
|
||||||
|
delete_warning: This will deactivate the user's account. All deactived users can be found under the deleted tab.
|
||||||
warning: This decision is final. You will <b>not</b> be able to recover associated data.
|
warning: This decision is final. You will <b>not</b> be able to recover associated data.
|
||||||
delete_room:
|
delete_room:
|
||||||
confirm: Are you sure you want to delete %{room}?
|
confirm: Are you sure you want to delete %{room}?
|
||||||
|
@ -401,8 +406,10 @@ en:
|
||||||
confirm: New Password Confirmation
|
confirm: New Password Confirmation
|
||||||
update: Update Password
|
update: Update Password
|
||||||
roles:
|
roles:
|
||||||
|
active: Active
|
||||||
admin: Admin
|
admin: Admin
|
||||||
banned: Banned
|
banned: Banned
|
||||||
|
deleted: Deleted
|
||||||
pending: Pending
|
pending: Pending
|
||||||
user: User
|
user: User
|
||||||
room:
|
room:
|
||||||
|
|
|
@ -48,6 +48,7 @@ Rails.application.routes.draw do
|
||||||
post '/invite', to: 'admins#invite', as: :invite_user
|
post '/invite', to: 'admins#invite', as: :invite_user
|
||||||
post '/approve/:user_uid', to: 'admins#approve', as: :admin_approve
|
post '/approve/:user_uid', to: 'admins#approve', as: :admin_approve
|
||||||
get '/reset', to: 'admins#reset', as: :admin_reset
|
get '/reset', to: 'admins#reset', as: :admin_reset
|
||||||
|
post '/undelete', to: 'admins#undelete', as: :admin_undelete
|
||||||
# Site Settings
|
# Site Settings
|
||||||
post '/update_settings', to: 'admins#update_settings', as: :admin_update_settings
|
post '/update_settings', to: 'admins#update_settings', as: :admin_update_settings
|
||||||
post '/registration_method', to: 'admins#registration_method', as: :admin_change_registration
|
post '/registration_method', to: 'admins#registration_method', as: :admin_change_registration
|
||||||
|
|
|
@ -166,6 +166,37 @@ describe AdminsController, type: :controller do
|
||||||
expect { post :approve, params: params }.to change { ActionMailer::Base.deliveries.count }.by(1)
|
expect { post :approve, params: params }.to change { ActionMailer::Base.deliveries.count }.by(1)
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
|
||||||
|
context "POST #undelete" do
|
||||||
|
it "undeletes a user" do
|
||||||
|
@request.session[:user_id] = @admin.id
|
||||||
|
|
||||||
|
@user.delete
|
||||||
|
|
||||||
|
expect(User.find_by(uid: @user.uid)).to be_nil
|
||||||
|
|
||||||
|
post :undelete, params: { user_uid: @user.uid }
|
||||||
|
|
||||||
|
expect(User.find_by(uid: @user.uid)).to be_present
|
||||||
|
expect(flash[:success]).to be_present
|
||||||
|
expect(response).to redirect_to(admins_path)
|
||||||
|
end
|
||||||
|
|
||||||
|
it "undeletes the users rooms" do
|
||||||
|
@request.session[:user_id] = @admin.id
|
||||||
|
|
||||||
|
@user.main_room.delete
|
||||||
|
@user.delete
|
||||||
|
|
||||||
|
expect(Room.find_by(uid: @user.main_room.uid)).to be_nil
|
||||||
|
|
||||||
|
post :undelete, params: { user_uid: @user.uid }
|
||||||
|
|
||||||
|
expect(Room.find_by(uid: @user.main_room.uid)).to be_present
|
||||||
|
expect(flash[:success]).to be_present
|
||||||
|
expect(response).to redirect_to(admins_path)
|
||||||
|
end
|
||||||
|
end
|
||||||
end
|
end
|
||||||
|
|
||||||
describe "User Design" do
|
describe "User Design" do
|
||||||
|
|
|
@ -134,6 +134,26 @@ describe SessionsController, type: :controller do
|
||||||
expect(response).to redirect_to(account_activation_path(email: @user3.email))
|
expect(response).to redirect_to(account_activation_path(email: @user3.email))
|
||||||
end
|
end
|
||||||
|
|
||||||
|
it "should not login user if account is deleted" do
|
||||||
|
user = create(:user, provider: "greenlight",
|
||||||
|
password: "example", password_confirmation: 'example')
|
||||||
|
|
||||||
|
user.delete
|
||||||
|
user.reload
|
||||||
|
expect(user.deleted?).to be true
|
||||||
|
|
||||||
|
post :create, params: {
|
||||||
|
session: {
|
||||||
|
email: user.email,
|
||||||
|
password: 'example',
|
||||||
|
},
|
||||||
|
}
|
||||||
|
|
||||||
|
expect(@request.session[:user_id]).to be_nil
|
||||||
|
expect(flash[:alert]).to eq(I18n.t("registration.banned.fail"))
|
||||||
|
expect(response).to redirect_to(root_path)
|
||||||
|
end
|
||||||
|
|
||||||
it "redirects the user to the page they clicked sign in from" do
|
it "redirects the user to the page they clicked sign in from" do
|
||||||
user = create(:user, provider: "greenlight",
|
user = create(:user, provider: "greenlight",
|
||||||
password: "example", password_confirmation: 'example')
|
password: "example", password_confirmation: 'example')
|
||||||
|
@ -289,6 +309,27 @@ describe SessionsController, type: :controller do
|
||||||
expect(@request.session[:user_id]).to eql(u.id)
|
expect(@request.session[:user_id]).to eql(u.id)
|
||||||
end
|
end
|
||||||
|
|
||||||
|
it "redirects a deleted user to the root page" do
|
||||||
|
# Create the user first
|
||||||
|
request.env["omniauth.auth"] = OmniAuth.config.mock_auth[:bn_launcher]
|
||||||
|
get :omniauth, params: { provider: 'bn_launcher' }
|
||||||
|
|
||||||
|
# Delete the user
|
||||||
|
user = User.find_by(social_uid: "bn-launcher-user")
|
||||||
|
|
||||||
|
@request.session[:user_id] = nil
|
||||||
|
user.delete
|
||||||
|
user.reload
|
||||||
|
expect(user.deleted?).to be true
|
||||||
|
|
||||||
|
# Try to sign back in
|
||||||
|
get :omniauth, params: { provider: 'bn_launcher' }
|
||||||
|
|
||||||
|
expect(@request.session[:user_id]).to be_nil
|
||||||
|
expect(flash[:alert]).to eq(I18n.t("registration.banned.fail"))
|
||||||
|
expect(response).to redirect_to(root_path)
|
||||||
|
end
|
||||||
|
|
||||||
it "should redirect to root on invalid omniauth login" do
|
it "should redirect to root on invalid omniauth login" do
|
||||||
request.env["omniauth.auth"] = :invalid_credentials
|
request.env["omniauth.auth"] = :invalid_credentials
|
||||||
get :omniauth, params: { provider: :google }
|
get :omniauth, params: { provider: :google }
|
||||||
|
|
|
@ -396,16 +396,17 @@ describe UsersController, type: :controller do
|
||||||
describe "DELETE #user" do
|
describe "DELETE #user" do
|
||||||
before { allow(Rails.configuration).to receive(:allow_user_signup).and_return(true) }
|
before { allow(Rails.configuration).to receive(:allow_user_signup).and_return(true) }
|
||||||
|
|
||||||
it "properly deletes user" do
|
it "permanently deletes user" do
|
||||||
user = create(:user)
|
user = create(:user)
|
||||||
@request.session[:user_id] = user.id
|
@request.session[:user_id] = user.id
|
||||||
|
|
||||||
delete :destroy, params: { user_uid: user.uid }
|
delete :destroy, params: { user_uid: user.uid }
|
||||||
|
|
||||||
|
expect(User.include_deleted.find_by(uid: user.uid)).to be_nil
|
||||||
expect(response).to redirect_to(root_path)
|
expect(response).to redirect_to(root_path)
|
||||||
end
|
end
|
||||||
|
|
||||||
it "allows admins to delete users" do
|
it "allows admins to tombstone users" do
|
||||||
allow(Rails.configuration).to receive(:loadbalanced_configuration).and_return(true)
|
allow(Rails.configuration).to receive(:loadbalanced_configuration).and_return(true)
|
||||||
allow_any_instance_of(User).to receive(:greenlight_account?).and_return(true)
|
allow_any_instance_of(User).to receive(:greenlight_account?).and_return(true)
|
||||||
allow_any_instance_of(ApplicationController).to receive(:set_user_domain).and_return("provider1")
|
allow_any_instance_of(ApplicationController).to receive(:set_user_domain).and_return("provider1")
|
||||||
|
@ -418,6 +419,46 @@ describe UsersController, type: :controller do
|
||||||
|
|
||||||
delete :destroy, params: { user_uid: user.uid }
|
delete :destroy, params: { user_uid: user.uid }
|
||||||
|
|
||||||
|
expect(User.deleted.find_by(uid: user.uid)).to be_present
|
||||||
|
expect(flash[:success]).to be_present
|
||||||
|
expect(response).to redirect_to(admins_path)
|
||||||
|
end
|
||||||
|
|
||||||
|
it "allows admins to permanently delete users" do
|
||||||
|
allow(Rails.configuration).to receive(:loadbalanced_configuration).and_return(true)
|
||||||
|
allow_any_instance_of(User).to receive(:greenlight_account?).and_return(true)
|
||||||
|
allow_any_instance_of(ApplicationController).to receive(:set_user_domain).and_return("provider1")
|
||||||
|
controller.instance_variable_set(:@user_domain, "provider1")
|
||||||
|
|
||||||
|
user = create(:user, provider: "provider1")
|
||||||
|
admin = create(:user, provider: "provider1")
|
||||||
|
admin.add_role :admin
|
||||||
|
@request.session[:user_id] = admin.id
|
||||||
|
|
||||||
|
delete :destroy, params: { user_uid: user.uid, permanent: "true" }
|
||||||
|
|
||||||
|
expect(User.include_deleted.find_by(uid: user.uid)).to be_nil
|
||||||
|
expect(flash[:success]).to be_present
|
||||||
|
expect(response).to redirect_to(admins_path)
|
||||||
|
end
|
||||||
|
|
||||||
|
it "permanently deletes the users rooms if the user is permanently deleted" do
|
||||||
|
allow(Rails.configuration).to receive(:loadbalanced_configuration).and_return(true)
|
||||||
|
allow_any_instance_of(User).to receive(:greenlight_account?).and_return(true)
|
||||||
|
allow_any_instance_of(ApplicationController).to receive(:set_user_domain).and_return("provider1")
|
||||||
|
controller.instance_variable_set(:@user_domain, "provider1")
|
||||||
|
|
||||||
|
user = create(:user, provider: "provider1")
|
||||||
|
admin = create(:user, provider: "provider1")
|
||||||
|
admin.add_role :admin
|
||||||
|
@request.session[:user_id] = admin.id
|
||||||
|
uid = user.main_room.uid
|
||||||
|
|
||||||
|
expect(Room.find_by(uid: uid)).to be_present
|
||||||
|
|
||||||
|
delete :destroy, params: { user_uid: user.uid, permanent: "true" }
|
||||||
|
|
||||||
|
expect(Room.include_deleted.find_by(uid: uid)).to be_nil
|
||||||
expect(flash[:success]).to be_present
|
expect(flash[:success]).to be_present
|
||||||
expect(response).to redirect_to(admins_path)
|
expect(response).to redirect_to(admins_path)
|
||||||
end
|
end
|
||||||
|
@ -435,7 +476,8 @@ describe UsersController, type: :controller do
|
||||||
|
|
||||||
delete :destroy, params: { user_uid: user.uid }
|
delete :destroy, params: { user_uid: user.uid }
|
||||||
|
|
||||||
expect(response).to redirect_to(root_path)
|
expect(flash[:alert]).to be_present
|
||||||
|
expect(response).to redirect_to(admins_path)
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
|
||||||
|
|
Loading…
Reference in New Issue