forked from External/greenlight
9f74b0e2c0
* Added the administrator role and functionality that comes with it (#403) * GRN-20: Added roles to the user model * GRN-75: Added a view for admins to see their users * GRN-77: Added Edit/Delete/Promote ability for admins * GRN-71: Added admin account by default * Changed the way locales are shown * Updated the rest of the locales * Changed the way available_locales are defined * Updated locales in Russian * Updated locaales for German * Update user.rb * Update admins.js * GRN-15: Added the ability to change color and image from admin interface (#425) * GRN-20: Added roles to the user model * GRN-75: Added a view for admins to see their users * GRN-77: Added Edit/Delete/Promote ability for admins * GRN-71: Added admin account by default * Changed the way locales are shown * Updated the rest of the locales * Changed the way available_locales are defined * Updated locales in Russian * Updated locaales for German * GRN-15: Added the ability for admins to customize color and image * Update user.rb * Update user.rb * Update routes.rb * Update admins_controller.rb * GRN-87:Added a super admin role and made changes to how to the design works (#430) * GRN-20: Added roles to the user model * GRN-75: Added a view for admins to see their users * GRN-77: Added Edit/Delete/Promote ability for admins * GRN-71: Added admin account by default * Changed the way locales are shown * Updated the rest of the locales * Changed the way available_locales are defined * Updated locales in Russian * Updated locaales for German * GRN-15: Added the ability for admins to customize color and image * Added the super admin and completed the design tab * Update user.rb * Update themes_controller_spec.rb * Update routes.rb * Update admins_controller.rb * Removed duplicated code that broke the build after last merge * GRN-78: Restructured some of the views to make the UI more consistent and responsive (#435) * GRN-20: Added roles to the user model * GRN-75: Added a view for admins to see their users * GRN-77: Added Edit/Delete/Promote ability for admins * GRN-71: Added admin account by default * GRN-15: Added the ability for admins to customize color and image * Added the super admin and completed the design tab * GRN-78: Cleaned up buttons and moved signin to its own page * GRN-78: Moved the Rooms and Recordings link to nav bar * Merge fix * Views restructure fix (#458) * Added cache to gitlab-ci.yml * Restructured seed * GRN2-99 -> GRN2-106: UI cleanup and refactoring (#478) * GRN2-98: Change Fullname to Full name * GRN2-105: Changed View Users to Manage Users * GRN2-101/103: Updated email to match branding * GRN2-100: Updated Email Sent flash to be more descriptive * GRN2-104: Redirect user to sign in page w/ flash after clicking activation link * GRN2-102: Changed the wording in the verification email * GRN2-99: Added email form validation * GRN2-106: Cleaned up Users list front end * Fixes to rake and admin password validator for passing rubocop * GRN2-113: Fixed issues with admin panel (#479) * GRN2-116: Code clean up after restructure of views (#482) * Removed unused references * Rubocop * Added pagination to admin view (#483) * GRN2-114: Added the ability for admins to ban/unban users (#487) * Added the ability for admins to ban and unban users * Update sessions_helper.rb * Merge branch 'master' into admin-panel (#492) * Updated rubocop gem * Updated rubocop and fixed issues (#490) * Rubocop fixes * GRN2-122: Updated sign in flow for admins and switch design tab to site settings (#489) * Switched design tab to site settings * Update _header with spaces instead of tabs * Added more test cases to increase coverage (#494)
168 lines
5.0 KiB
Ruby
168 lines
5.0 KiB
Ruby
# frozen_string_literal: true
|
|
|
|
# BigBlueButton open source conferencing system - http://www.bigbluebutton.org/.
|
|
#
|
|
# Copyright (c) 2018 BigBlueButton Inc. and by respective authors (see below).
|
|
#
|
|
# This program is free software; you can redistribute it and/or modify it under the
|
|
# terms of the GNU Lesser General Public License as published by the Free Software
|
|
# Foundation; either version 3.0 of the License, or (at your option) any later
|
|
# version.
|
|
#
|
|
# BigBlueButton is distributed in the hope that it will be useful, but WITHOUT ANY
|
|
# WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A
|
|
# PARTICULAR PURPOSE. See the GNU Lesser General Public License for more details.
|
|
#
|
|
# You should have received a copy of the GNU Lesser General Public License along
|
|
# with BigBlueButton; if not, see <http://www.gnu.org/licenses/>.
|
|
|
|
class UsersController < ApplicationController
|
|
include RecordingsHelper
|
|
include Verifier
|
|
|
|
before_action :find_user, only: [:edit, :update, :destroy]
|
|
before_action :ensure_unauthenticated, only: [:new, :create]
|
|
|
|
# POST /u
|
|
def create
|
|
# Verify that GreenLight is configured to allow user signup.
|
|
return unless Rails.configuration.allow_user_signup
|
|
|
|
@user = User.new(user_params)
|
|
@user.provider = @user_domain
|
|
|
|
# Handle error on user creation.
|
|
render(:new) && return unless @user.save
|
|
|
|
# Sign in automatically if email verification is disabled.
|
|
login(@user) && return unless Rails.configuration.enable_email_verification
|
|
|
|
# Start email verification and redirect to root.
|
|
begin
|
|
@user.send_activation_email(user_verification_link)
|
|
rescue => e
|
|
logger.error "Error in email delivery: #{e}"
|
|
flash[:alert] = I18n.t(params[:message], default: I18n.t("delivery_error"))
|
|
else
|
|
flash[:success] = I18n.t("email_sent", email_type: t("verify.verification"))
|
|
end
|
|
redirect_to(root_path)
|
|
end
|
|
|
|
# GET /signin
|
|
def signin
|
|
end
|
|
|
|
# GET /signup
|
|
def new
|
|
if Rails.configuration.allow_user_signup
|
|
@user = User.new
|
|
else
|
|
redirect_to root_path
|
|
end
|
|
end
|
|
|
|
# GET /u/:user_uid/edit
|
|
def edit
|
|
if current_user
|
|
redirect_to current_user.main_room if @user != current_user && !current_user.admin_of?(@user)
|
|
else
|
|
redirect_to root_path
|
|
end
|
|
end
|
|
|
|
# PATCH /u/:user_uid/edit
|
|
def update
|
|
if params[:setting] == "password"
|
|
# Update the users password.
|
|
errors = {}
|
|
|
|
if @user.authenticate(user_params[:password])
|
|
# Verify that the new passwords match.
|
|
if user_params[:new_password] == user_params[:password_confirmation]
|
|
@user.password = user_params[:new_password]
|
|
else
|
|
# New passwords don't match.
|
|
errors[:password_confirmation] = "doesn't match"
|
|
end
|
|
else
|
|
# Original password is incorrect, can't update.
|
|
errors[:password] = "is incorrect"
|
|
end
|
|
|
|
if errors.empty? && @user.save
|
|
# Notify the user that their account has been updated.
|
|
flash[:success] = I18n.t("info_update_success")
|
|
redirect_to edit_user_path(@user)
|
|
else
|
|
# Append custom errors.
|
|
errors.each { |k, v| @user.errors.add(k, v) }
|
|
render :edit, params: { settings: params[:settings] }
|
|
end
|
|
elsif user_params[:email] != @user.email && @user.update_attributes(user_params)
|
|
@user.update_attributes(email_verified: false)
|
|
flash[:success] = I18n.t("info_update_success")
|
|
redirect_to edit_user_path(@user)
|
|
elsif @user.update_attributes(user_params)
|
|
update_locale(@user)
|
|
flash[:success] = I18n.t("info_update_success")
|
|
redirect_to edit_user_path(@user)
|
|
else
|
|
render :edit, params: { settings: params[:settings] }
|
|
end
|
|
end
|
|
|
|
# DELETE /u/:user_uid
|
|
def destroy
|
|
if current_user && current_user == @user
|
|
@user.destroy
|
|
session.delete(:user_id)
|
|
elsif current_user.admin_of?(@user)
|
|
begin
|
|
@user.destroy
|
|
rescue => e
|
|
logger.error "Error in user deletion: #{e}"
|
|
flash[:alert] = I18n.t(params[:message], default: I18n.t("administrator.flash.delete_fail"))
|
|
else
|
|
flash[:success] = I18n.t("administrator.flash.delete")
|
|
end
|
|
redirect_to(admins_path) && return
|
|
end
|
|
redirect_to root_path
|
|
end
|
|
|
|
# GET /u/:user_uid/recordings
|
|
def recordings
|
|
if current_user && current_user.uid == params[:user_uid]
|
|
@recordings = current_user.all_recordings
|
|
else
|
|
redirect_to root_path
|
|
end
|
|
end
|
|
|
|
# GET | POST /terms
|
|
def terms
|
|
redirect_to '/404' unless Rails.configuration.terms
|
|
|
|
if params[:accept] == "true"
|
|
current_user.update_attributes(accepted_terms: true)
|
|
login(current_user)
|
|
end
|
|
end
|
|
|
|
private
|
|
|
|
def find_user
|
|
@user = User.find_by!(uid: params[:user_uid])
|
|
end
|
|
|
|
def ensure_unauthenticated
|
|
redirect_to current_user.main_room if current_user
|
|
end
|
|
|
|
def user_params
|
|
params.require(:user).permit(:name, :email, :image, :password, :password_confirmation,
|
|
:new_password, :provider, :accepted_terms, :language)
|
|
end
|
|
end
|