2018-09-14 05:42:05 +00:00
# frozen_string_literal: true
2012-11-06 13:30:48 +00:00
class RegistrationsController < Devise :: RegistrationsController
2015-12-27 17:03:06 +00:00
include Recaptcha :: Verify
2018-05-17 09:19:47 +00:00
include AcceptsPendingInvitations
2019-06-25 22:32:54 +00:00
include RecaptchaExperimentHelper
2019-08-14 12:05:24 +00:00
include InvisibleCaptcha
2012-11-06 13:30:48 +00:00
2019-10-07 15:05:59 +00:00
layout :choose_layout
2019-11-08 15:06:21 +00:00
skip_before_action :required_signup_info , only : [ :welcome , :update_registration ]
2019-05-13 16:04:09 +00:00
prepend_before_action :check_captcha , only : :create
2018-01-15 15:21:04 +00:00
before_action :whitelist_query_limiting , only : [ :destroy ]
2018-06-08 11:20:44 +00:00
before_action :ensure_terms_accepted ,
2019-02-27 07:41:14 +00:00
if : - > { action_name == 'create' && Gitlab :: CurrentSettings . current_application_settings . enforce_terms? }
2020-02-07 03:08:59 +00:00
before_action :load_recaptcha , only : :new
2018-01-15 15:21:04 +00:00
2015-02-05 14:56:28 +00:00
def new
2019-10-18 21:06:37 +00:00
if experiment_enabled? ( :signup_flow )
2019-10-23 15:06:29 +00:00
track_experiment_event ( :signup_flow , 'start' ) # We want this event to be tracked when the user is _in_ the experimental group
2019-10-07 15:05:59 +00:00
@resource = build_resource
else
redirect_to new_user_session_path ( anchor : 'register-pane' )
end
2015-02-05 14:56:28 +00:00
end
2015-12-27 17:03:06 +00:00
def create
2019-10-23 15:06:29 +00:00
track_experiment_event ( :signup_flow , 'end' ) unless experiment_enabled? ( :signup_flow ) # We want this event to be tracked when the user is _in_ the control group
2019-05-13 16:04:09 +00:00
accept_pending_invitations
super do | new_user |
persist_accepted_terms_if_required ( new_user )
2019-10-18 21:06:37 +00:00
set_role_required ( new_user )
2019-09-06 16:23:14 +00:00
yield new_user if block_given?
2015-12-27 17:03:06 +00:00
end
2019-10-18 21:06:37 +00:00
# Do not show the signed_up notice message when the signup_flow experiment is enabled.
2020-02-04 06:09:13 +00:00
# Instead, show it after successfully updating the role.
2019-10-18 21:06:37 +00:00
flash [ :notice ] = nil if experiment_enabled? ( :signup_flow )
2017-03-27 09:37:24 +00:00
rescue Gitlab :: Access :: AccessDeniedError
redirect_to ( new_user_session_path )
2015-12-27 17:03:06 +00:00
end
2013-02-06 11:44:09 +00:00
def destroy
2017-10-06 20:40:41 +00:00
if destroy_confirmation_valid?
current_user . delete_async ( deleted_by : current_user )
session . try ( :destroy )
2019-11-17 12:06:19 +00:00
redirect_to new_user_session_path , status : :see_other , notice : s_ ( 'Profiles|Account scheduled for removal.' )
2017-10-06 20:40:41 +00:00
else
2019-11-17 12:06:19 +00:00
redirect_to profile_account_path , status : :see_other , alert : destroy_confirmation_failure_message
2013-02-06 11:44:09 +00:00
end
end
2019-10-18 21:06:37 +00:00
def welcome
return redirect_to new_user_registration_path unless current_user
2020-02-05 09:08:43 +00:00
return redirect_to stored_location_or_dashboard ( current_user ) if current_user . role . present? && ! current_user . setup_for_company . nil?
2019-10-18 21:06:37 +00:00
end
2019-11-08 15:06:21 +00:00
def update_registration
2020-01-17 09:08:24 +00:00
user_params = params . require ( :user ) . permit ( :role , :setup_for_company )
2019-11-08 15:06:21 +00:00
result = :: Users :: SignupService . new ( current_user , user_params ) . execute
2019-10-18 21:06:37 +00:00
if result [ :status ] == :success
2019-10-23 15:06:29 +00:00
track_experiment_event ( :signup_flow , 'end' ) # We want this event to be tracked when the user is _in_ the experimental group
2019-10-18 21:06:37 +00:00
set_flash_message! :notice , :signed_up
2020-02-05 09:08:43 +00:00
redirect_to stored_location_or_dashboard ( current_user )
2019-10-18 21:06:37 +00:00
else
2020-01-31 12:08:33 +00:00
render :welcome
2019-10-18 21:06:37 +00:00
end
end
2013-03-18 11:22:41 +00:00
protected
2018-06-08 11:20:44 +00:00
def persist_accepted_terms_if_required ( new_user )
return unless new_user . persisted?
return unless Gitlab :: CurrentSettings . current_application_settings . enforce_terms?
if terms_accepted?
terms = ApplicationSetting :: Term . latest
Users :: RespondToTermsService . new ( new_user , terms ) . execute ( accepted : true )
end
end
2019-10-18 21:06:37 +00:00
def set_role_required ( new_user )
new_user . set_role_required! if new_user . persisted? && experiment_enabled? ( :signup_flow )
end
2017-10-06 20:40:41 +00:00
def destroy_confirmation_valid?
if current_user . confirm_deletion_with_password?
current_user . valid_password? ( params [ :password ] )
else
current_user . username == params [ :username ]
end
end
def destroy_confirmation_failure_message
if current_user . confirm_deletion_with_password?
s_ ( 'Profiles|Invalid password' )
else
s_ ( 'Profiles|Invalid username' )
end
end
2016-08-06 02:03:01 +00:00
def build_resource ( hash = nil )
2013-03-18 11:22:41 +00:00
super
end
2016-05-06 20:59:45 +00:00
def after_sign_up_path_for ( user )
2019-06-25 22:32:54 +00:00
Gitlab :: AppLogger . info ( user_created_message ( confirmed : user . confirmed? ) )
2019-10-18 21:06:37 +00:00
return users_sign_up_welcome_path if experiment_enabled? ( :signup_flow )
2020-02-05 09:08:43 +00:00
stored_location_or_dashboard ( user )
2014-07-04 12:19:59 +00:00
end
2017-08-23 04:40:16 +00:00
def after_inactive_sign_up_path_for ( resource )
2020-02-11 12:08:52 +00:00
# With the current `allow_unconfirmed_access_for` Devise setting in config/initializers/8_devise.rb,
# this method is never called. Leaving this here in case that value is set to 0.
2019-06-25 22:32:54 +00:00
Gitlab :: AppLogger . info ( user_created_message )
2020-02-11 12:08:52 +00:00
users_almost_there_path
2014-07-04 12:19:59 +00:00
end
2012-11-06 13:30:48 +00:00
private
2019-06-25 22:32:54 +00:00
def user_created_message ( confirmed : false )
" User Created: username= #{ resource . username } email= #{ resource . email } ip= #{ request . remote_ip } confirmed: #{ confirmed } "
end
def ensure_correct_params!
# To avoid duplicate form fields on the login page, the registration form
# names fields using `new_user`, but Devise still wants the params in
# `user`.
if params [ " new_ #{ resource_name } " ] . present? && params [ resource_name ] . blank?
params [ resource_name ] = params . delete ( :" new_ #{ resource_name } " )
end
end
2019-05-13 16:04:09 +00:00
def check_captcha
2019-06-25 22:32:54 +00:00
ensure_correct_params!
return unless Feature . enabled? ( :registrations_recaptcha , default_enabled : true ) # reCAPTCHA on the UI will still display however
return unless show_recaptcha_sign_up?
2019-05-13 16:04:09 +00:00
return unless Gitlab :: Recaptcha . load_configurations!
return if verify_recaptcha
flash [ :alert ] = _ ( 'There was an error with the reCAPTCHA. Please solve the reCAPTCHA again.' )
flash . delete :recaptcha_error
render action : 'new'
end
2014-07-10 17:31:05 +00:00
def sign_up_params
2020-01-17 09:08:24 +00:00
params . require ( :user ) . permit ( :username , :email , :email_confirmation , :name , :first_name , :last_name , :password )
2014-07-10 17:31:05 +00:00
end
2015-12-27 17:03:06 +00:00
def resource_name
:user
end
def resource
2017-04-13 08:47:52 +00:00
@resource || = Users :: BuildService . new ( current_user , sign_up_params ) . execute
2015-12-27 17:03:06 +00:00
end
def devise_mapping
@devise_mapping || = Devise . mappings [ :user ]
end
2018-01-15 15:21:04 +00:00
def whitelist_query_limiting
2019-09-18 14:02:45 +00:00
Gitlab :: QueryLimiting . whitelist ( 'https://gitlab.com/gitlab-org/gitlab-foss/issues/42380' )
2018-01-15 15:21:04 +00:00
end
2018-06-08 11:20:44 +00:00
def ensure_terms_accepted
return if terms_accepted?
redirect_to new_user_session_path , alert : _ ( 'You must accept our Terms of Service and privacy policy in order to register an account' )
end
def terms_accepted?
Gitlab :: Utils . to_boolean ( params [ :terms_opt_in ] )
end
2019-08-12 15:40:24 +00:00
def stored_location_or_dashboard ( user )
stored_location_for ( user ) || dashboard_projects_path
end
2019-10-07 15:05:59 +00:00
2020-02-07 03:08:59 +00:00
def load_recaptcha
Gitlab :: Recaptcha . load_configurations!
end
2019-10-07 15:05:59 +00:00
# Part of an experiment to build a new sign up flow. Will be resolved
# with https://gitlab.com/gitlab-org/growth/engineering/issues/64
def choose_layout
2019-10-18 21:06:37 +00:00
if experiment_enabled? ( :signup_flow )
2019-10-07 15:05:59 +00:00
'devise_experimental_separate_sign_up_flow'
else
'devise'
end
end
2013-03-18 11:22:41 +00:00
end
2019-09-13 13:26:31 +00:00
RegistrationsController . prepend_if_ee ( 'EE::RegistrationsController' )