gitlab-org--gitlab-foss/app/controllers/admin/users_controller.rb

class Admin::UsersController < Admin::ApplicationController
  before_filter :user, only: [:show, :edit, :update, :destroy]

  def index
    @users = User.filter(params[:filter])
    @users = @users.search(params[:name]) if params[:name].present?
    @users = @users.alphabetically.page(params[:page])
  end

  def show
    @projects = user.authorized_projects
  end

  def new
    @user = User.build_user
  end

  def edit
    user
  end

  def block
    if user.block
      redirect_to :back, alert: "Successfully blocked"
    else
      redirect_to :back, alert: "Error occurred. User was not blocked"
    end
  end

  def unblock
    if user.activate
      redirect_to :back, alert: "Successfully unblocked"
    else
      redirect_to :back, alert: "Error occurred. User was not unblocked"
    end
  end

  def create
    admin = params[:user].delete("admin")

    opts = {
      force_random_password: true,
      password_expires_at: Time.now
    }

    @user = User.build_user(params[:user].merge(opts), as: :admin)
    @user.admin = (admin && admin.to_i > 0)
    @user.created_by_id = current_user.id
    @user.generate_password
    @user.skip_confirmation!

    respond_to do |format|
      if @user.save
        format.html { redirect_to [:admin, @user], notice: 'User was successfully created.' }
        format.json { render json: @user, status: :created, location: @user }
      else
        format.html { render "new" }
        format.json { render json: @user.errors, status: :unprocessable_entity }
      end
    end
  end

  def update
    admin = params[:user].delete("admin")

    if params[:user][:password].blank?
      params[:user].delete(:password)
      params[:user].delete(:password_confirmation)
    end

    if admin.present?
      user.admin = !admin.to_i.zero?
    end

    respond_to do |format|
      if user.update_attributes(params[:user], as: :admin)
        user.confirm!
        format.html { redirect_to [:admin, user], notice: 'User was successfully updated.' }
        format.json { head :ok }
      else
        # restore username to keep form action url.
        user.username = params[:id]
        format.html { render "edit" }
        format.json { render json: user.errors, status: :unprocessable_entity }
      end
    end
  end

  def destroy
    # 1. Remove groups where user is the only owner
    user.solo_owned_groups.map(&:destroy)

    # 2. Remove user with all authored content including personal projects
    user.destroy

    respond_to do |format|
      format.html { redirect_to admin_users_path }
      format.json { head :ok }
    end
  end

  protected

  def user
    @user ||= User.find_by!(username: params[:id])
  end
end
Added the correct hierarchy of controllers for the administrative part 2013-01-20 11:20:50 +00:00			`class Admin::UsersController < Admin::ApplicationController`
Prevent confusion in naming user variable at admin area 2013-06-26 12:57:02 +00:00			`before_filter :user, only: [:show, :edit, :update, :destroy]`
Fix application crashes after #2772 2013-01-26 10:08:34 +00:00
init commit 2011-10-08 21:36:38 +00:00			`def index`
fix most of warnings 2013-12-14 13:43:48 +00:00			`@users = User.filter(params[:filter])`
Prevent confusion in naming user variable at admin area 2013-06-26 12:57:02 +00:00			`@users = @users.search(params[:name]) if params[:name].present?`
			`@users = @users.alphabetically.page(params[:page])`
init commit 2011-10-08 21:36:38 +00:00			`end`

			`def show`
Prevent confusion in naming user variable at admin area 2013-06-26 12:57:02 +00:00			`@projects = user.authorized_projects`
init commit 2011-10-08 21:36:38 +00:00			`end`

			`def new`
Update to only provide one way to get a default user -calling build_user will now apply defaults and only override them if as: :admin is set Change-Id: Id1d938c0967752ecc14370af54f2d88128d18c44 2013-08-15 21:43:46 +00:00			`@user = User.build_user`
init commit 2011-10-08 21:36:38 +00:00			`end`

			`def edit`
Prevent confusion in naming user variable at admin area 2013-06-26 12:57:02 +00:00			`user`
init commit 2011-10-08 21:36:38 +00:00			`end`

Add an AdminController base class for Admin controllers Handles stuff that's shared across admin controllers. 2012-09-16 11:44:54 +00:00			`def block`
Prevent confusion in naming user variable at admin area 2013-06-26 12:57:02 +00:00			`if user.block`
User blocking improved. Admin area styled 2012-04-16 20:33:03 +00:00			`redirect_to :back, alert: "Successfully blocked"`
Add an AdminController base class for Admin controllers Handles stuff that's shared across admin controllers. 2012-09-16 11:44:54 +00:00			`else`
Fix typos 2013-07-29 10:46:00 +00:00			`redirect_to :back, alert: "Error occurred. User was not blocked"`
User blocking improved. Admin area styled 2012-04-16 20:33:03 +00:00			`end`
			`end`

Add an AdminController base class for Admin controllers Handles stuff that's shared across admin controllers. 2012-09-16 11:44:54 +00:00			`def unblock`
Prevent confusion in naming user variable at admin area 2013-06-26 12:57:02 +00:00			`if user.activate`
User blocking improved. Admin area styled 2012-04-16 20:33:03 +00:00			`redirect_to :back, alert: "Successfully unblocked"`
Add an AdminController base class for Admin controllers Handles stuff that's shared across admin controllers. 2012-09-16 11:44:54 +00:00			`else`
Fix typos 2013-07-29 10:46:00 +00:00			`redirect_to :back, alert: "Error occurred. User was not unblocked"`
User blocking improved. Admin area styled 2012-04-16 20:33:03 +00:00			`end`
			`end`

init commit 2011-10-08 21:36:38 +00:00			`def create`
			`admin = params[:user].delete("admin")`

Force user password change for users created by admin 2013-06-13 18:06:27 +00:00			`opts = {`
			`force_random_password: true,`
			`password_expires_at: Time.now`
			`}`

Update to only provide one way to get a default user -calling build_user will now apply defaults and only override them if as: :admin is set Change-Id: Id1d938c0967752ecc14370af54f2d88128d18c44 2013-08-15 21:43:46 +00:00			`@user = User.build_user(params[:user].merge(opts), as: :admin)`
Prevent confusion in naming user variable at admin area 2013-06-26 12:57:02 +00:00			`@user.admin = (admin && admin.to_i > 0)`
			`@user.created_by_id = current_user.id`
Fix for issue #5431 2013-10-24 17:27:23 +00:00			`@user.generate_password`
Add User#email uniq validation. Fixed confirmation for admin/users form Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com> 2013-12-26 08:20:36 +00:00			`@user.skip_confirmation!`
init commit 2011-10-08 21:36:38 +00:00
			`respond_to do \|format\|`
Prevent confusion in naming user variable at admin area 2013-06-26 12:57:02 +00:00			`if @user.save`
			`format.html { redirect_to [:admin, @user], notice: 'User was successfully created.' }`
			`format.json { render json: @user, status: :created, location: @user }`
init commit 2011-10-08 21:36:38 +00:00			`else`
Use simple render syntax in controllers 2013-06-22 12:08:11 +00:00			`format.html { render "new" }`
Prevent confusion in naming user variable at admin area 2013-06-26 12:57:02 +00:00			`format.json { render json: @user.errors, status: :unprocessable_entity }`
init commit 2011-10-08 21:36:38 +00:00			`end`
			`end`
			`end`

			`def update`
			`admin = params[:user].delete("admin")`
Ability to block user 2012-04-13 05:12:34 +00:00
Fixing an issue in users#update when password is not present. 2012-01-11 15:21:15 +00:00			`if params[:user][:password].blank?`
clean-up code * Remove trailing whitespace * Converts hard-tabs into two-space soft-tabs * Remove consecutive blank lines 2011-10-26 13:46:25 +00:00			`params[:user].delete(:password)`
			`params[:user].delete(:password_confirmation)`
init commit 2011-10-08 21:36:38 +00:00			`end`

Fix 500 error when try to update own profile in admin area Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com> 2014-02-25 08:15:43 +00:00			`if admin.present?`
			`user.admin = !admin.to_i.zero?`
			`end`
init commit 2011-10-08 21:36:38 +00:00
			`respond_to do \|format\|`
Prevent confusion in naming user variable at admin area 2013-06-26 12:57:02 +00:00			`if user.update_attributes(params[:user], as: :admin)`
Show confirmation status in profile 2013-10-15 08:19:19 +00:00			`user.confirm!`
Prevent confusion in naming user variable at admin area 2013-06-26 12:57:02 +00:00			`format.html { redirect_to [:admin, user], notice: 'User was successfully updated.' }`
init commit 2011-10-08 21:36:38 +00:00			`format.json { head :ok }`
			`else`
Fix RoutingError when changing username to non ascii char. 2013-03-26 05:42:08 +00:00			`# restore username to keep form action url.`
Prevent confusion in naming user variable at admin area 2013-06-26 12:57:02 +00:00			`user.username = params[:id]`
Use simple render syntax in controllers 2013-06-22 12:08:11 +00:00			`format.html { render "edit" }`
Prevent confusion in naming user variable at admin area 2013-06-26 12:57:02 +00:00			`format.json { render json: user.errors, status: :unprocessable_entity }`
init commit 2011-10-08 21:36:38 +00:00			`end`
			`end`
			`end`

			`def destroy`
Improve user block/removal from admin area Provide UI with explanation what happens when you block or remove user When remove user - remove all groups where user is an only owner 2013-08-27 17:40:42 +00:00			`# 1. Remove groups where user is the only owner`
			`user.solo_owned_groups.map(&:destroy)`
Add description to user removal block. Transfer owned groups to admin before remove 2013-08-27 10:44:58 +00:00
Improve user block/removal from admin area Provide UI with explanation what happens when you block or remove user When remove user - remove all groups where user is an only owner 2013-08-27 17:40:42 +00:00			`# 2. Remove user with all authored content including personal projects`
Prevent confusion in naming user variable at admin area 2013-06-26 12:57:02 +00:00			`user.destroy`
init commit 2011-10-08 21:36:38 +00:00
			`respond_to do \|format\|`
rewrite admin users controller (use 1 variable and find by username) 2013-01-25 18:38:24 +00:00			`format.html { redirect_to admin_users_path }`
init commit 2011-10-08 21:36:38 +00:00			`format.json { head :ok }`
			`end`
			`end`
rewrite admin users controller (use 1 variable and find by username) 2013-01-25 18:38:24 +00:00
			`protected`

Prevent confusion in naming user variable at admin area 2013-06-26 12:57:02 +00:00			`def user`
Remove deprecated finders 2014-01-19 18:55:59 +00:00			`@user \|\|= User.find_by!(username: params[:id])`
rewrite admin users controller (use 1 variable and find by username) 2013-01-25 18:38:24 +00:00			`end`
init commit 2011-10-08 21:36:38 +00:00			`end`