Class: Admin::UsersController
- Inherits:
-
ApplicationController
- Object
- ActionController::Base
- ApplicationController
- ApplicationController
- Admin::UsersController
- Includes:
- RoutableActions, SortingHelper
- Defined in:
- app/controllers/admin/users_controller.rb
Constant Summary collapse
- PAGINATION_WITH_COUNT_LIMIT =
1000
Constants included from Gitlab::EndpointAttributes
Gitlab::EndpointAttributes::DEFAULT_URGENCY
Constants included from Gitlab::Logging::CloudflareHelper
Gitlab::Logging::CloudflareHelper::CLOUDFLARE_CUSTOM_HEADERS
Constants included from Impersonation
Impersonation::SESSION_KEYS_TO_DELETE
Constants included from Gitlab::Experimentation::GroupTypes
Gitlab::Experimentation::GroupTypes::GROUP_CONTROL, Gitlab::Experimentation::GroupTypes::GROUP_EXPERIMENTAL
Constants included from EnforcesTwoFactorAuthentication
EnforcesTwoFactorAuthentication::MFA_HELP_PAGE
Constants included from Gitlab::NoCacheHeaders
Gitlab::NoCacheHeaders::DEFAULT_GITLAB_NO_CACHE_HEADERS
Instance Method Summary collapse
- #activate ⇒ Object
- #approve ⇒ Object
- #ban ⇒ Object
- #block ⇒ Object
- #confirm ⇒ Object
- #create ⇒ Object
- #deactivate ⇒ Object
- #destroy ⇒ Object
- #disable_two_factor ⇒ Object
- #edit ⇒ Object
- #impersonate ⇒ Object
- #index ⇒ Object
- #keys ⇒ Object
- #new ⇒ Object
-
#projects ⇒ Object
rubocop: disable CodeReuse/ActiveRecord.
- #reject ⇒ Object
- #remove_email ⇒ Object
- #show ⇒ Object
- #unban ⇒ Object
- #unblock ⇒ Object
- #unlock ⇒ Object
- #update ⇒ Object
Methods included from SortingHelper
#admin_groups_sort_options_hash, #admin_users_sort_options, #audit_logs_sort_order_hash, #branches_sort_options_hash, #forks_reverse_sort_options_hash, #forks_sort_direction_button, #forks_sort_options_hash, #groups_sort_options_hash, #issuable_reverse_sort_order_hash, #issuable_sort_direction_button, #issuable_sort_option_overrides, #issuable_sort_option_title, #label_sort_options_hash, #milestones_sort_options_hash, #packages_reverse_sort_order_hash, #packages_sort_direction_button, #packages_sort_option_title, #packages_sort_options_hash, #project_sort_direction_button, #projects_reverse_sort_options_hash, #projects_sort_option_titles, #projects_sort_options_hash, #runners_sort_options_hash, #sort_direction_button, #sort_direction_icon, #sort_options_hash, #sortable_item, #starrers_sort_options_hash, #subgroups_sort_options_hash, #tags_sort_options_hash, #users_sort_options_hash
Methods included from SortingTitlesValuesHelper
#sort_title_closed_date, #sort_title_closed_earlier, #sort_title_closed_recently, #sort_title_contacted_date, #sort_title_created_date, #sort_title_downvotes, #sort_title_due_date, #sort_title_due_date_later, #sort_title_due_date_soon, #sort_title_expire_date, #sort_title_label_priority, #sort_title_largest_group, #sort_title_largest_repo, #sort_title_latest_activity, #sort_title_merged_date, #sort_title_merged_earlier, #sort_title_merged_recently, #sort_title_milestone, #sort_title_milestone_later, #sort_title_milestone_soon, #sort_title_most_stars, #sort_title_name, #sort_title_name_asc, #sort_title_name_desc, #sort_title_oldest_activity, #sort_title_oldest_created, #sort_title_oldest_last_activity, #sort_title_oldest_signin, #sort_title_oldest_starred, #sort_title_oldest_updated, #sort_title_popularity, #sort_title_priority, #sort_title_recently_created, #sort_title_recently_last_activity, #sort_title_recently_signin, #sort_title_recently_starred, #sort_title_recently_updated, #sort_title_relative_position, #sort_title_size, #sort_title_stars, #sort_title_start_date_later, #sort_title_start_date_soon, #sort_title_title, #sort_title_upvotes, #sort_value_closed_date, #sort_value_closed_earlier, #sort_value_closed_recently, #sort_value_contacted_date, #sort_value_created_date, #sort_value_downvotes, #sort_value_due_date, #sort_value_due_date_later, #sort_value_due_date_soon, #sort_value_expire_date, #sort_value_label_priority, #sort_value_largest_group, #sort_value_largest_repo, #sort_value_latest_activity, #sort_value_least_popular, #sort_value_merged_date, #sort_value_merged_earlier, #sort_value_merged_recently, #sort_value_milestone, #sort_value_milestone_later, #sort_value_milestone_soon, #sort_value_most_popular, #sort_value_name, #sort_value_name_desc, #sort_value_oldest_activity, #sort_value_oldest_created, #sort_value_oldest_last_activity, #sort_value_oldest_signin, #sort_value_oldest_updated, #sort_value_popularity, #sort_value_priority, #sort_value_recently_created, #sort_value_recently_last_activity, #sort_value_recently_signin, #sort_value_recently_updated, #sort_value_relative_position, #sort_value_size, #sort_value_stars_asc, #sort_value_stars_desc, #sort_value_start_date_later, #sort_value_start_date_soon, #sort_value_title, #sort_value_title_desc, #sort_value_upvotes
Methods included from RoutableActions
#ensure_canonical_path, #find_routable!, #not_found_actions, #perform_not_found_actions, #routable_authorized?
Methods included from EnforcesAdminAuthentication
#authenticate_admin!, #storable_location?
Methods inherited from ApplicationController
endpoint_id_for_action, #feature_category, #not_found, #redirect_back_or_default, #render, #route_not_found, #urgency
Methods included from CheckRateLimit
Methods included from FlocOptOut
#floc_enabled?, #set_floc_opt_out_header
Methods included from Gitlab::Utils::StrongMemoize
#clear_memoization, #strong_memoize, #strong_memoized?
Methods included from Gitlab::Logging::CloudflareHelper
#store_cloudflare_headers!, #valid_cloudflare_header?
Methods included from Impersonation
Methods included from InitializesCurrentUserMode
Methods included from Gitlab::Experimentation::ControllerConcern
#experiment_enabled?, #experiment_tracking_category_and_group, #frontend_experimentation_tracking_data, #push_frontend_experiment, #record_experiment_conversion_event, #record_experiment_group, #record_experiment_user, #set_experimentation_subject_id_cookie, #track_experiment_event
Methods included from Gitlab::Tracking::Helpers
#dnt_enabled?, #trackable_html_request?
Methods included from SessionsHelper
#ensure_authenticated_session_time, #limit_session_time, #recently_confirmed_com?, #set_session_time, #unconfirmed_email?
Methods included from SessionlessAuthentication
#authenticate_sessionless_user!, #request_authenticator, #sessionless_bypass_admin_mode!, #sessionless_sign_in, #sessionless_user?
Methods included from Gitlab::SearchContext::ControllerConcern
Methods included from EnforcesTwoFactorAuthentication
#check_two_factor_requirement, #current_user_requires_two_factor?, #skip_two_factor?, #two_factor_authentication_reason, #two_factor_authentication_required?, #two_factor_grace_period, #two_factor_grace_period_expired?, #two_factor_skippable?, #two_factor_verifier
Methods included from WorkhorseHelper
#content_disposition_for_blob, #send_artifacts_entry, #send_dependency, #send_git_archive, #send_git_blob, #send_git_diff, #send_git_patch, #set_workhorse_internal_api_content_type, #workhorse_set_content_type!
Methods included from SafeParamsHelper
Methods included from PageLayoutHelper
#blank_container, #container_class, #favicon, #fluid_layout, #header_title, #nav, #page_canonical_link, #page_card_attributes, #page_card_meta_tags, #page_description, #page_image, #page_itemtype, #page_title, #search_context, #sidebar, #user_status_properties
Methods included from Routing::PseudonymizationHelper
Methods included from Routing::GraphqlHelper
#graphql_etag_pipeline_path, #graphql_etag_pipeline_sha_path, #graphql_etag_project_on_demand_scan_counts_path
Methods included from Routing::WikiHelper
Methods included from Routing::SnippetsHelper
#gitlab_dashboard_snippets_path, #gitlab_raw_snippet_blob_path, #gitlab_raw_snippet_blob_url, #gitlab_raw_snippet_path, #gitlab_raw_snippet_url, #gitlab_snippet_note_path, #gitlab_snippet_note_url, #gitlab_snippet_notes_path, #gitlab_snippet_notes_url, #gitlab_snippet_path, #gitlab_snippet_url, #gitlab_toggle_award_emoji_snippet_note_path, #gitlab_toggle_award_emoji_snippet_note_url, #gitlab_toggle_award_emoji_snippet_path, #gitlab_toggle_award_emoji_snippet_url, #preview_markdown_path, #toggle_award_emoji_personal_snippet_path, #toggle_award_emoji_project_project_snippet_path, #toggle_award_emoji_project_project_snippet_url
Methods included from Routing::PipelineSchedulesHelper
#edit_pipeline_schedule_path, #pipeline_schedule_path, #pipeline_schedules_path, #play_pipeline_schedule_path, #take_ownership_pipeline_schedule_path
Methods included from Routing::ArtifactsHelper
#artifacts_action_path, #expose_fast_artifacts_path, #fast_browse_project_job_artifacts_path, #fast_download_project_job_artifacts_path, #fast_keep_project_job_artifacts_path
Methods included from Routing::MembersHelper
Methods included from Routing::Groups::MembersHelper
#approve_access_request_group_member_path, #group_member_path, #group_members_url, #leave_group_members_path, #request_access_group_members_path, #resend_invite_group_member_path
Methods included from Routing::Projects::MembersHelper
#approve_access_request_project_member_path, #leave_project_members_path, #project_member_path, #project_members_url, #request_access_project_members_path, #resend_invite_project_member_path
Methods included from Routing::ProjectsHelper
#commit_url, #commits_url, #edit_milestone_path, #environment_delete_path, #environment_path, #issue_path, #issue_url, #merge_request_path, #merge_request_url, #pipeline_job_url, #pipeline_path, #pipeline_url, #project_commits_path, #project_ref_path, #project_tree_path, #release_url, #toggle_subscription_path
Methods included from API::Helpers::RelatedResourcesHelpers
#expose_path, #expose_url, #issues_available?, #mrs_available?
Methods included from ApplicationSettingsHelper
#all_protocols_enabled?, #allowed_protocols_present?, #deprecated_attributes, #enabled_protocol, #enabled_protocol_button, #expanded_by_default?, #external_authorization_client_certificate_help_text, #external_authorization_client_key_help_text, #external_authorization_client_pass_help_text, #external_authorization_client_url_help_text, #external_authorization_description, #external_authorization_service_attributes, #external_authorization_timeout_help_text, #external_authorization_url_help_text, #http_enabled?, #import_sources_checkboxes, #instance_clusters_enabled?, #integration_expanded?, #key_restriction_options_for_select, #kroki_available_formats, #oauth_providers_checkboxes, #omnibus_protected_paths_throttle?, #pending_user_count, #registration_features_can_be_prompted?, #repository_storages_options_json, #restricted_level_checkboxes, #self_monitoring_project_data, #sidekiq_job_limiter_mode_help_text, #sidekiq_job_limiter_modes_for_select, #signup_enabled?, #ssh_enabled?, #storage_weights, #user_oauth_applications?, #valid_runner_registrars, #visible_attributes
Methods included from ProjectsHelper
#able_to_see_issues?, #able_to_see_merge_requests?, #any_projects?, #author_content_tag, #autodeploy_flash_notice, #can_admin_project_member?, #can_change_visibility_level?, #can_disable_emails?, #delete_confirm_phrase, #directory?, #error_tracking_setting_project_json, #explore_projects_tab?, #external_classification_label_help_message, #fork_button_disabled_tooltip, #grafana_integration_enabled?, #grafana_integration_masked_token, #grafana_integration_url, #import_from_bitbucket_message, #import_from_gitlab_message, #last_push_event, #link_to_autodeploy_doc, #link_to_member, #link_to_member_avatar, #link_to_project, #load_pipeline_status, #membership_locked?, #metrics_dashboard_timezone, #metrics_external_dashboard_url, #no_password_message, #project_can_be_shared?, #project_classes, #project_incident_management_setting, #project_license_name, #project_list_cache_key, #project_permissions_panel_data, #project_search_tabs?, #project_title, #push_to_create_project_command, #remove_fork_project_confirm_json, #remove_fork_project_description_message, #remove_fork_project_warning_message, #remove_project_message, #share_project_description, #show_auto_devops_implicitly_enabled_banner?, #show_issue_count?, #show_merge_request_count?, #show_no_password_message?, #show_no_ssh_key_message?, #show_projects?, #show_terraform_banner?, #show_xcode_link?, #transfer_project_message, #visible_fork_source, #xcode_uri_to_repo
Methods included from Gitlab::NoCacheHeaders
Methods included from Gitlab::GonHelper
#add_gon_variables, #default_avatar_url, #push_force_frontend_feature_flag, #push_frontend_feature_flag, #push_to_gon_attributes
Methods included from WebpackHelper
#prefetch_link_tag, #webpack_bundle_tag, #webpack_controller_bundle_tags, #webpack_entrypoint_paths, #webpack_preload_asset_tag, #webpack_public_host, #webpack_public_path
Instance Method Details
#activate ⇒ Object
97 98 99 100 101 102 |
# File 'app/controllers/admin/users_controller.rb', line 97 def activate return redirect_back_or_admin_user(notice: _("Error occurred. A blocked user must be unblocked to be activated")) if user.blocked? user.activate redirect_back_or_admin_user(notice: _("Successfully activated")) end |
#approve ⇒ Object
77 78 79 80 81 82 83 84 85 |
# File 'app/controllers/admin/users_controller.rb', line 77 def approve result = Users::ApproveService.new(current_user).execute(user) if result[:status] == :success redirect_back_or_admin_user(notice: _("Successfully approved")) else redirect_back_or_admin_user(alert: result[:message]) end end |
#ban ⇒ Object
134 135 136 137 138 139 140 141 142 |
# File 'app/controllers/admin/users_controller.rb', line 134 def ban result = Users::BanService.new(current_user).execute(user) if result[:status] == :success redirect_back_or_admin_user(notice: _("Successfully banned")) else redirect_back_or_admin_user(alert: _("Error occurred. User was not banned")) end end |
#block ⇒ Object
114 115 116 117 118 119 120 121 122 |
# File 'app/controllers/admin/users_controller.rb', line 114 def block result = Users::BlockService.new(current_user).execute(user) if result[:status] == :success redirect_back_or_admin_user(notice: _("Successfully blocked")) else redirect_back_or_admin_user(alert: _("Error occurred. User was not blocked")) end end |
#confirm ⇒ Object
162 163 164 165 166 167 168 |
# File 'app/controllers/admin/users_controller.rb', line 162 def confirm if update_user { |user| user.force_confirm } redirect_back_or_admin_user(notice: _("Successfully confirmed")) else redirect_back_or_admin_user(alert: _("Error occurred. User was not confirmed")) end end |
#create ⇒ Object
181 182 183 184 185 186 187 188 189 190 191 192 193 194 195 196 197 198 |
# File 'app/controllers/admin/users_controller.rb', line 181 def create opts = { reset_password: true, skip_confirmation: true } @user = Users::CreateService.new(current_user, user_params.merge(opts)).execute respond_to do |format| if @user.persisted? format.html { redirect_to [:admin, @user], notice: _('User was successfully created.') } format.json { render json: @user, status: :created, location: @user } else format.html { render "new" } format.json { render json: @user.errors, status: :unprocessable_entity } end end end |
#deactivate ⇒ Object
104 105 106 107 108 109 110 111 112 |
# File 'app/controllers/admin/users_controller.rb', line 104 def deactivate return redirect_back_or_admin_user(notice: _("Error occurred. A blocked user cannot be deactivated")) if user.blocked? return redirect_back_or_admin_user(notice: _("Successfully deactivated")) if user.deactivated? return redirect_back_or_admin_user(notice: _("Internal users cannot be deactivated")) if user.internal? return redirect_back_or_admin_user(notice: _("The user you are trying to deactivate has been active in the past %{minimum_inactive_days} days and cannot be deactivated") % { minimum_inactive_days: ::User::MINIMUM_INACTIVE_DAYS }) unless user.can_be_deactivated? user.deactivate redirect_back_or_admin_user(notice: _("Successfully deactivated")) end |
#destroy ⇒ Object
235 236 237 238 239 240 241 242 |
# File 'app/controllers/admin/users_controller.rb', line 235 def destroy user.delete_async(deleted_by: current_user, params: destroy_params) respond_to do |format| format.html { redirect_to admin_users_path, status: :found, notice: _("The user is being deleted.") } format.json { head :ok } end end |
#disable_two_factor ⇒ Object
170 171 172 173 174 175 176 177 178 179 |
# File 'app/controllers/admin/users_controller.rb', line 170 def disable_two_factor result = TwoFactor::DestroyService.new(current_user, user: user).execute if result[:status] == :success redirect_to admin_user_path(user), notice: _('Two-factor authentication has been disabled for this user') else redirect_to admin_user_path(user), alert: result[:message] end end |
#edit ⇒ Object
45 46 47 |
# File 'app/controllers/admin/users_controller.rb', line 45 def edit user end |
#impersonate ⇒ Object
49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 |
# File 'app/controllers/admin/users_controller.rb', line 49 def impersonate if can?(user, :log_in) && !impersonation_in_progress? session[:impersonator_id] = current_user.id warden.set_user(user, scope: :user) clear_access_token_session_keys! log_impersonation_event flash[:alert] = _("You are now impersonating %{username}") % { username: user.username } redirect_to root_path else flash[:alert] = if impersonation_in_progress? _("You are already impersonating another user") elsif user.blocked? _("You cannot impersonate a blocked user") elsif user.internal? _("You cannot impersonate an internal user") else _("You cannot impersonate a user who cannot log in") end redirect_to admin_user_path(user) end end |
#index ⇒ Object
16 17 18 19 20 21 22 23 24 25 26 |
# File 'app/controllers/admin/users_controller.rb', line 16 def index return redirect_to admin_cohorts_path if params[:tab] == 'cohorts' @users = User.filter_items(params[:filter]).order_name_asc @users = @users.search(params[:search_query], with_private_emails: true) if params[:search_query].present? @users = users_with_included_associations(@users) @sort = params[:sort].presence || sort_value_name @users = @users.sort_by_attribute(@sort) @users = @users.page(params[:page]) @users = @users.without_count if paginate_without_count? end |
#keys ⇒ Object
37 38 39 |
# File 'app/controllers/admin/users_controller.rb', line 37 def keys @keys = user.keys.order_id_desc end |
#new ⇒ Object
41 42 43 |
# File 'app/controllers/admin/users_controller.rb', line 41 def new @user = User.new end |
#projects ⇒ Object
rubocop: disable CodeReuse/ActiveRecord
32 33 34 35 |
# File 'app/controllers/admin/users_controller.rb', line 32 def projects @personal_projects = user.personal_projects.includes(:topics) @joined_projects = user.projects.joined(@user).includes(:topics) end |
#reject ⇒ Object
87 88 89 90 91 92 93 94 95 |
# File 'app/controllers/admin/users_controller.rb', line 87 def reject result = Users::RejectService.new(current_user).execute(user) if result[:status] == :success redirect_to admin_users_path, status: :found, notice: _("You've rejected %{user}" % { user: user.name }) else redirect_back_or_admin_user(alert: result[:message]) end end |
#remove_email ⇒ Object
244 245 246 247 248 249 250 251 252 253 254 255 256 257 |
# File 'app/controllers/admin/users_controller.rb', line 244 def remove_email email = user.emails.find(params[:email_id]) success = Emails::DestroyService.new(current_user, user: user).execute(email) respond_to do |format| if success format.html { redirect_back_or_admin_user(notice: _('Successfully removed email.')) } format.json { head :ok } else format.html { redirect_back_or_admin_user(alert: _('There was an error removing the e-mail.')) } format.json { render json: _('There was an error removing the e-mail.'), status: :bad_request } end end end |
#show ⇒ Object
28 29 |
# File 'app/controllers/admin/users_controller.rb', line 28 def show end |
#unban ⇒ Object
144 145 146 147 148 149 150 151 152 |
# File 'app/controllers/admin/users_controller.rb', line 144 def unban result = Users::UnbanService.new(current_user).execute(user) if result[:status] == :success redirect_back_or_admin_user(notice: _("Successfully unbanned")) else redirect_back_or_admin_user(alert: _("Error occurred. User was not unbanned")) end end |
#unblock ⇒ Object
124 125 126 127 128 129 130 131 132 |
# File 'app/controllers/admin/users_controller.rb', line 124 def unblock if user.ldap_blocked? redirect_back_or_admin_user(alert: _("This user cannot be unlocked manually from GitLab")) elsif update_user { |user| user.activate } redirect_back_or_admin_user(notice: _("Successfully unblocked")) else redirect_back_or_admin_user(alert: _("Error occurred. User was not unblocked")) end end |
#unlock ⇒ Object
154 155 156 157 158 159 160 |
# File 'app/controllers/admin/users_controller.rb', line 154 def unlock if update_user { |user| user.unlock_access! } redirect_back_or_admin_user(notice: _("Successfully unlocked")) else redirect_back_or_admin_user(alert: _("Error occurred. User was not unlocked")) end end |
#update ⇒ Object
200 201 202 203 204 205 206 207 208 209 210 211 212 213 214 215 216 217 218 219 220 221 222 223 224 225 226 227 228 229 230 231 232 233 |
# File 'app/controllers/admin/users_controller.rb', line 200 def update user_params_with_pass = user_params.dup if params[:user][:password].present? password_params = { password: params[:user][:password], password_confirmation: params[:user][:password_confirmation] } password_params[:password_expires_at] = Time.current if admin_making_changes_for_another_user? user_params_with_pass.merge!(password_params) end cc_validation_params = process_credit_card_validation_params(user_params_with_pass.delete(:credit_card_validation_attributes)) user_params_with_pass.merge!(cc_validation_params) respond_to do |format| result = Users::UpdateService.new(current_user, user_params_with_pass.merge(user: user)).execute do |user| user.skip_reconfirmation! user.send_only_admin_changed_your_password_notification! if admin_making_changes_for_another_user? end if result[:status] == :success format.html { redirect_to [:admin, user], notice: _('User was successfully updated.') } format.json { head :ok } else # restore username to keep form action url. user.username = params[:id] format.html { render "edit" } format.json { render json: [result[:message]], status: :internal_server_error } end end end |