2020-12-02 19:09:53 -05:00
|
|
|
# frozen_string_literal: true
|
|
|
|
|
|
|
|
|
|
module Users
|
|
|
|
|
class RejectService < BaseService
|
|
|
|
|
def initialize(current_user)
|
|
|
|
|
@current_user = current_user
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
def execute(user)
|
|
|
|
|
return error(_('You are not allowed to reject a user')) unless allowed?
|
|
|
|
|
return error(_('This user does not have a pending request')) unless user.blocked_pending_approval?
|
|
|
|
|
|
|
|
|
|
user.delete_async(deleted_by: current_user, params: { hard_delete: true })
|
|
|
|
|
|
2021-01-28 01:08:59 -05:00
|
|
|
after_reject_hook(user)
|
|
|
|
|
|
2020-12-02 19:09:53 -05:00
|
|
|
NotificationService.new.user_admin_rejection(user.name, user.email)
|
|
|
|
|
|
2021-01-29 16:09:34 -05:00
|
|
|
log_event(user)
|
|
|
|
|
|
2020-12-02 19:09:53 -05:00
|
|
|
success
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
private
|
|
|
|
|
|
|
|
|
|
attr_reader :current_user
|
|
|
|
|
|
|
|
|
|
def allowed?
|
|
|
|
|
can?(current_user, :reject_user)
|
|
|
|
|
end
|
2021-01-28 01:08:59 -05:00
|
|
|
|
|
|
|
|
def after_reject_hook(user)
|
|
|
|
|
# overridden by EE module
|
|
|
|
|
end
|
2021-01-29 16:09:34 -05:00
|
|
|
|
|
|
|
|
def log_event(user)
|
|
|
|
|
Gitlab::AppLogger.info(message: "User instance access request rejected", user: "#{user.username}", email: "#{user.email}", rejected_by: "#{current_user.username}", ip_address: "#{current_user.current_sign_in_ip}")
|
|
|
|
|
end
|
2020-12-02 19:09:53 -05:00
|
|
|
end
|
|
|
|
|
end
|
2021-01-28 01:08:59 -05:00
|
|
|
|
2021-05-11 17:10:21 -04:00
|
|
|
Users::RejectService.prepend_mod_with('Users::RejectService')
|
