gitlab-org--gitlab-foss/app/services/users/build_service.rb

# frozen_string_literal: true

module Users
  class BuildService < BaseService
    delegate :user_default_internal_regex_enabled?,
             :user_default_internal_regex_instance,
             to: :'Gitlab::CurrentSettings.current_application_settings'

    def initialize(current_user, params = {})
      @current_user = current_user
      @params = params.dup
      @identity_params = params.slice(*identity_attributes)
    end

    def execute
      build_user
      build_identity
      update_canonical_email

      user
    end

    private

    attr_reader :identity_params, :user_params, :user

    def identity_attributes
      [:extern_uid, :provider]
    end

    def build_user
      if admin?
        admin_build_user
      else
        standard_build_user
      end
    end

    def admin?
      return false unless current_user

      current_user.admin?
    end

    def admin_build_user
      build_user_params_for_admin
      init_user
      password_reset
    end

    def standard_build_user
      # current_user non admin or nil
      validate_access!
      build_user_params_for_non_admin
      init_user
    end

    def build_user_params_for_admin
      @user_params = params.slice(*admin_create_params)
      @user_params.merge!(force_random_password: true, password_expires_at: nil) if params[:reset_password]
    end

    def init_user
      assign_common_user_params

      @user = User.new(user_params)
    end

    def assign_common_user_params
      @user_params[:created_by_id] = current_user&.id
      @user_params[:external] = user_external? if set_external_param?

      @user_params.delete(:user_type) unless project_bot?
    end

    def set_external_param?
      user_default_internal_regex_enabled? && !user_params.key?(:external)
    end

    def user_external?
      user_default_internal_regex_instance.match(params[:email]).nil?
    end

    def project_bot?
      user_params[:user_type]&.to_sym == :project_bot
    end

    def password_reset
      @reset_token = user.generate_reset_token if params[:reset_password]

      if user_params[:force_random_password]
        random_password = User.random_password
        @user.password = user.password_confirmation = random_password
      end
    end

    def validate_access!
      return if can_create_user?

      raise Gitlab::Access::AccessDeniedError
    end

    def can_create_user?
      current_user.nil? && Gitlab::CurrentSettings.allow_signup?
    end

    def build_user_params_for_non_admin
      @user_params = params.slice(*signup_params)
      @user_params[:skip_confirmation] = skip_user_confirmation_email_from_setting if assign_skip_confirmation_from_settings?
      @user_params[:name] = fallback_name if use_fallback_name?
    end

    def assign_skip_confirmation_from_settings?
      user_params[:skip_confirmation].nil?
    end

    def skip_user_confirmation_email_from_setting
      !Gitlab::CurrentSettings.send_user_confirmation_email
    end

    def use_fallback_name?
      user_params[:name].blank? && fallback_name.present?
    end

    def fallback_name
      "#{user_params[:first_name]} #{user_params[:last_name]}"
    end

    def build_identity
      return if identity_params.empty?

      user.identities.build(identity_params)
    end

    def update_canonical_email
      Users::UpdateCanonicalEmailService.new(user: user).execute
    end

    # Allowed params for creating a user (admins only)
    def admin_create_params
      [
        :access_level,
        :admin,
        :avatar,
        :bio,
        :can_create_group,
        :color_scheme_id,
        :email,
        :external,
        :force_random_password,
        :hide_no_password,
        :hide_no_ssh_key,
        :linkedin,
        :name,
        :password,
        :password_automatically_set,
        :password_expires_at,
        :projects_limit,
        :remember_me,
        :skip_confirmation,
        :skype,
        :theme_id,
        :twitter,
        :username,
        :website_url,
        :private_profile,
        :organization,
        :location,
        :public_email,
        :user_type,
        :note,
        :view_diffs_file_by_file
      ]
    end

    # Allowed params for user signup
    def signup_params
      [
        :email,
        :name,
        :password,
        :password_automatically_set,
        :username,
        :user_type,
        :first_name,
        :last_name
      ]
    end
  end
end

Users::BuildService.prepend_mod_with('Users::BuildService')
Enable more frozen string in app/services/*/.rb Partially addresses #47424. 2018-07-18 12:03:33 -04:00			`# frozen_string_literal: true`

Implement Users::BuildService 2017-04-13 04:47:52 -04:00			`module Users`
			`class BuildService < BaseService`
Allow whitelisting for "external collaborator by default" setting 2018-08-30 08:53:06 -04:00			`delegate :user_default_internal_regex_enabled?,`
			`:user_default_internal_regex_instance,`
			`to: :'Gitlab::CurrentSettings.current_application_settings'`

Implement Users::BuildService 2017-04-13 04:47:52 -04:00			`def initialize(current_user, params = {})`
			`@current_user = current_user`
			`@params = params.dup`
Updating CE repo to include new EE users API changes Updated users API documentation Moved API level changes to the service level 2019-06-19 16:27:34 -04:00			`@identity_params = params.slice(*identity_attributes)`
Implement Users::BuildService 2017-04-13 04:47:52 -04:00			`end`

Add latest changes from gitlab-org/gitlab@master 2021-05-31 11:11:12 -04:00			`def execute`
Add latest changes from gitlab-org/gitlab@master 2021-05-20 23:10:24 -04:00			`build_user`
			`build_identity`
			`update_canonical_email`
Implement Users::BuildService 2017-04-13 04:47:52 -04:00
Add latest changes from gitlab-org/gitlab@master 2021-05-20 23:10:24 -04:00			`user`
			`end`

			`private`

Add latest changes from gitlab-org/gitlab@master 2021-05-31 11:11:12 -04:00			`attr_reader :identity_params, :user_params, :user`
Implement Users::BuildService 2017-04-13 04:47:52 -04:00
Add latest changes from gitlab-org/gitlab@master 2021-05-20 23:10:24 -04:00			`def identity_attributes`
			`[:extern_uid, :provider]`
			`end`
Implement Users::BuildService 2017-04-13 04:47:52 -04:00
Add latest changes from gitlab-org/gitlab@master 2021-05-20 23:10:24 -04:00			`def build_user`
			`if admin?`
			`admin_build_user`
			`else`
			`standard_build_user`
Implement Users::BuildService 2017-04-13 04:47:52 -04:00			`end`
Add latest changes from gitlab-org/gitlab@master 2021-05-20 23:10:24 -04:00			`end`
Implement Users::BuildService 2017-04-13 04:47:52 -04:00
Add latest changes from gitlab-org/gitlab@master 2021-05-20 23:10:24 -04:00			`def admin?`
			`return false unless current_user`
Implement Users::BuildService 2017-04-13 04:47:52 -04:00
Add latest changes from gitlab-org/gitlab@master 2021-05-20 23:10:24 -04:00			`current_user.admin?`
			`end`
Add latest changes from gitlab-org/gitlab@master 2020-03-24 05:09:25 -04:00
Add latest changes from gitlab-org/gitlab@master 2021-05-20 23:10:24 -04:00			`def admin_build_user`
			`build_user_params_for_admin`
			`init_user`
			`password_reset`
Implement Users::BuildService 2017-04-13 04:47:52 -04:00			`end`

Add latest changes from gitlab-org/gitlab@master 2021-05-20 23:10:24 -04:00			`def standard_build_user`
			`# current_user non admin or nil`
			`validate_access!`
			`build_user_params_for_non_admin`
			`init_user`
			`end`
Implement Users::BuildService 2017-04-13 04:47:52 -04:00
Add latest changes from gitlab-org/gitlab@master 2021-05-20 23:10:24 -04:00			`def build_user_params_for_admin`
			`@user_params = params.slice(*admin_create_params)`
			`@user_params.merge!(force_random_password: true, password_expires_at: nil) if params[:reset_password]`
			`end`
Add latest changes from gitlab-org/gitlab@master 2021-04-27 23:09:58 -04:00
Add latest changes from gitlab-org/gitlab@master 2021-05-20 23:10:24 -04:00			`def init_user`
			`assign_common_user_params`

			`@user = User.new(user_params)`
			`end`

			`def assign_common_user_params`
			`@user_params[:created_by_id] = current_user&.id`
			`@user_params[:external] = user_external? if set_external_param?`

			`@user_params.delete(:user_type) unless project_bot?`
			`end`

			`def set_external_param?`
			`user_default_internal_regex_enabled? && !user_params.key?(:external)`
Add saml provider to user build service 2019-04-02 09:33:50 -04:00			`end`

Add latest changes from gitlab-org/gitlab@master 2021-05-20 23:10:24 -04:00			`def user_external?`
			`user_default_internal_regex_instance.match(params[:email]).nil?`
			`end`

			`def project_bot?`
			`user_params[:user_type]&.to_sym == :project_bot`
			`end`

			`def password_reset`
			`@reset_token = user.generate_reset_token if params[:reset_password]`

			`if user_params[:force_random_password]`
			`random_password = User.random_password`
			`@user.password = user.password_confirmation = random_password`
			`end`
			`end`

			`def validate_access!`
			`return if can_create_user?`

			`raise Gitlab::Access::AccessDeniedError`
			`end`

			`def can_create_user?`
			`current_user.nil? && Gitlab::CurrentSettings.allow_signup?`
			`end`

			`def build_user_params_for_non_admin`
Add latest changes from gitlab-org/gitlab@master 2021-05-31 11:11:12 -04:00			`@user_params = params.slice(*signup_params)`
Add latest changes from gitlab-org/gitlab@master 2021-05-20 23:10:24 -04:00			`@user_params[:skip_confirmation] = skip_user_confirmation_email_from_setting if assign_skip_confirmation_from_settings?`
			`@user_params[:name] = fallback_name if use_fallback_name?`
			`end`

			`def assign_skip_confirmation_from_settings?`
			`user_params[:skip_confirmation].nil?`
			`end`

			`def skip_user_confirmation_email_from_setting`
			`!Gitlab::CurrentSettings.send_user_confirmation_email`
			`end`

			`def use_fallback_name?`
			`user_params[:name].blank? && fallback_name.present?`
			`end`

			`def fallback_name`
			`"#{user_params[:first_name]} #{user_params[:last_name]}"`
			`end`

			`def build_identity`
Add latest changes from gitlab-org/gitlab@master 2020-03-16 20:09:12 -04:00			`return if identity_params.empty?`

			`user.identities.build(identity_params)`
			`end`

Add latest changes from gitlab-org/gitlab@master 2021-05-20 23:10:24 -04:00			`def update_canonical_email`
			`Users::UpdateCanonicalEmailService.new(user: user).execute`
Implement Users::BuildService 2017-04-13 04:47:52 -04:00			`end`

			`# Allowed params for creating a user (admins only)`
			`def admin_create_params`
			`[`
			`:access_level,`
			`:admin,`
			`:avatar,`
			`:bio,`
			`:can_create_group,`
			`:color_scheme_id,`
			`:email,`
			`:external,`
			`:force_random_password,`
			`:hide_no_password,`
			`:hide_no_ssh_key,`
			`:linkedin,`
			`:name,`
			`:password,`
			`:password_automatically_set,`
			`:password_expires_at,`
			`:projects_limit,`
			`:remember_me,`
			`:skip_confirmation,`
			`:skype,`
			`:theme_id,`
			`:twitter,`
			`:username,`
Add an option to have a private profile on GitLab 2018-07-24 08:46:19 -04:00			`:website_url,`
add missing allowed attributes 2018-09-26 11:25:31 -04:00			`:private_profile,`
			`:organization,`
allow users api to set public_email 2018-09-26 11:27:26 -04:00			`:location,`
Add latest changes from gitlab-org/gitlab@master 2020-04-21 11:21:10 -04:00			`:public_email,`
Add latest changes from gitlab-org/gitlab@master 2020-05-28 05:08:05 -04:00			`:user_type,`
Add latest changes from gitlab-org/gitlab@master 2021-02-25 01:10:51 -05:00			`:note,`
			`:view_diffs_file_by_file`
Implement Users::BuildService 2017-04-13 04:47:52 -04:00			`]`
			`end`

			`# Allowed params for user signup`
			`def signup_params`
			`[`
			`:email,`
			`:name,`
			`:password,`
Add latest changes from gitlab-org/gitlab@master 2021-05-20 23:10:24 -04:00			`:password_automatically_set,`
Add latest changes from gitlab-org/gitlab@master 2020-04-21 11:21:10 -04:00			`:username,`
Add latest changes from gitlab-org/gitlab@master 2021-05-20 23:10:24 -04:00			`:user_type,`
			`:first_name,`
			`:last_name`
Implement Users::BuildService 2017-04-13 04:47:52 -04:00			`]`
			`end`
			`end`
			`end`
Add latest changes from gitlab-org/gitlab@master 2019-09-13 09:26:31 -04:00
Add latest changes from gitlab-org/gitlab@master 2021-05-11 17:10:21 -04:00			`Users::BuildService.prepend_mod_with('Users::BuildService')`