2018-09-14 01:42:05 -04:00
# frozen_string_literal: true
2012-11-06 08:30:48 -05:00
class RegistrationsController < Devise :: RegistrationsController
2015-12-27 12:03:06 -05:00
include Recaptcha :: Verify
2018-05-17 05:19:47 -04:00
include AcceptsPendingInvitations
2019-06-25 18:32:54 -04:00
include RecaptchaExperimentHelper
2019-08-14 08:05:24 -04:00
include InvisibleCaptcha
2012-11-06 08:30:48 -05:00
2019-10-07 11:05:59 -04:00
layout :choose_layout
2019-11-08 10:06:21 -05:00
skip_before_action :required_signup_info , only : [ :welcome , :update_registration ]
2019-05-13 12:04:09 -04:00
prepend_before_action :check_captcha , only : :create
2018-01-15 10:21:04 -05:00
before_action :whitelist_query_limiting , only : [ :destroy ]
2018-06-08 07:20:44 -04:00
before_action :ensure_terms_accepted ,
2019-02-27 02:41:14 -05:00
if : - > { action_name == 'create' && Gitlab :: CurrentSettings . current_application_settings . enforce_terms? }
2018-01-15 10:21:04 -05:00
2015-02-05 09:56:28 -05:00
def new
2019-10-18 17:06:37 -04:00
if experiment_enabled? ( :signup_flow )
2019-10-23 11:06:29 -04:00
track_experiment_event ( :signup_flow , 'start' ) # We want this event to be tracked when the user is _in_ the experimental group
2019-10-07 11:05:59 -04:00
@resource = build_resource
else
redirect_to new_user_session_path ( anchor : 'register-pane' )
end
2015-02-05 09:56:28 -05:00
end
2015-12-27 12:03:06 -05:00
def create
2019-10-23 11:06:29 -04:00
track_experiment_event ( :signup_flow , 'end' ) unless experiment_enabled? ( :signup_flow ) # We want this event to be tracked when the user is _in_ the control group
2019-05-13 12:04:09 -04:00
accept_pending_invitations
super do | new_user |
persist_accepted_terms_if_required ( new_user )
2019-10-18 17:06:37 -04:00
set_role_required ( new_user )
2019-09-06 12:23:14 -04:00
yield new_user if block_given?
2015-12-27 12:03:06 -05:00
end
2019-10-18 17:06:37 -04:00
# Do not show the signed_up notice message when the signup_flow experiment is enabled.
# Instead, show it after succesfully updating the role.
flash [ :notice ] = nil if experiment_enabled? ( :signup_flow )
2017-03-27 05:37:24 -04:00
rescue Gitlab :: Access :: AccessDeniedError
redirect_to ( new_user_session_path )
2015-12-27 12:03:06 -05:00
end
2013-02-06 06:44:09 -05:00
def destroy
2017-10-06 16:40:41 -04:00
if destroy_confirmation_valid?
current_user . delete_async ( deleted_by : current_user )
session . try ( :destroy )
2019-11-17 07:06:19 -05:00
redirect_to new_user_session_path , status : :see_other , notice : s_ ( 'Profiles|Account scheduled for removal.' )
2017-10-06 16:40:41 -04:00
else
2019-11-17 07:06:19 -05:00
redirect_to profile_account_path , status : :see_other , alert : destroy_confirmation_failure_message
2013-02-06 06:44:09 -05:00
end
end
2019-10-18 17:06:37 -04:00
def welcome
return redirect_to new_user_registration_path unless current_user
2019-11-08 10:06:21 -05:00
return redirect_to stored_location_or_dashboard_or_almost_there_path ( current_user ) if current_user . role . present? && ! current_user . setup_for_company . nil?
2019-10-18 17:06:37 -04:00
2019-11-08 10:06:21 -05:00
current_user . name = nil if current_user . name == current_user . username
2019-10-18 17:06:37 -04:00
render layout : 'devise_experimental_separate_sign_up_flow'
end
2019-11-08 10:06:21 -05:00
def update_registration
user_params = params . require ( :user ) . permit ( :name , :role , :setup_for_company )
result = :: Users :: SignupService . new ( current_user , user_params ) . execute
2019-10-18 17:06:37 -04:00
if result [ :status ] == :success
2019-10-23 11:06:29 -04:00
track_experiment_event ( :signup_flow , 'end' ) # We want this event to be tracked when the user is _in_ the experimental group
2019-10-18 17:06:37 -04:00
set_flash_message! :notice , :signed_up
redirect_to stored_location_or_dashboard_or_almost_there_path ( current_user )
else
2019-11-08 10:06:21 -05:00
render :welcome , layout : 'devise_experimental_separate_sign_up_flow'
2019-10-18 17:06:37 -04:00
end
end
2013-03-18 07:22:41 -04:00
protected
2018-06-08 07:20:44 -04:00
def persist_accepted_terms_if_required ( new_user )
return unless new_user . persisted?
return unless Gitlab :: CurrentSettings . current_application_settings . enforce_terms?
if terms_accepted?
terms = ApplicationSetting :: Term . latest
Users :: RespondToTermsService . new ( new_user , terms ) . execute ( accepted : true )
end
end
2019-10-18 17:06:37 -04:00
def set_role_required ( new_user )
new_user . set_role_required! if new_user . persisted? && experiment_enabled? ( :signup_flow )
end
2017-10-06 16:40:41 -04:00
def destroy_confirmation_valid?
if current_user . confirm_deletion_with_password?
current_user . valid_password? ( params [ :password ] )
else
current_user . username == params [ :username ]
end
end
def destroy_confirmation_failure_message
if current_user . confirm_deletion_with_password?
s_ ( 'Profiles|Invalid password' )
else
s_ ( 'Profiles|Invalid username' )
end
end
2016-08-05 22:03:01 -04:00
def build_resource ( hash = nil )
2013-03-18 07:22:41 -04:00
super
end
2016-05-06 16:59:45 -04:00
def after_sign_up_path_for ( user )
2019-06-25 18:32:54 -04:00
Gitlab :: AppLogger . info ( user_created_message ( confirmed : user . confirmed? ) )
2019-10-18 17:06:37 -04:00
return users_sign_up_welcome_path if experiment_enabled? ( :signup_flow )
stored_location_or_dashboard_or_almost_there_path ( user )
2014-07-04 08:19:59 -04:00
end
2017-08-23 00:40:16 -04:00
def after_inactive_sign_up_path_for ( resource )
2019-06-25 18:32:54 -04:00
Gitlab :: AppLogger . info ( user_created_message )
2019-07-31 10:49:52 -04:00
Feature . enabled? ( :soft_email_confirmation ) ? dashboard_projects_path : users_almost_there_path
2014-07-04 08:19:59 -04:00
end
2012-11-06 08:30:48 -05:00
private
2019-06-25 18:32:54 -04:00
def user_created_message ( confirmed : false )
" User Created: username= #{ resource . username } email= #{ resource . email } ip= #{ request . remote_ip } confirmed: #{ confirmed } "
end
def ensure_correct_params!
# To avoid duplicate form fields on the login page, the registration form
# names fields using `new_user`, but Devise still wants the params in
# `user`.
if params [ " new_ #{ resource_name } " ] . present? && params [ resource_name ] . blank?
params [ resource_name ] = params . delete ( :" new_ #{ resource_name } " )
end
end
2019-05-13 12:04:09 -04:00
def check_captcha
2019-06-25 18:32:54 -04:00
ensure_correct_params!
return unless Feature . enabled? ( :registrations_recaptcha , default_enabled : true ) # reCAPTCHA on the UI will still display however
2019-10-18 17:06:37 -04:00
return if experiment_enabled? ( :signup_flow ) # when the experimental signup flow is enabled for the current user, disable the reCAPTCHA check
2019-06-25 18:32:54 -04:00
return unless show_recaptcha_sign_up?
2019-05-13 12:04:09 -04:00
return unless Gitlab :: Recaptcha . load_configurations!
return if verify_recaptcha
flash [ :alert ] = _ ( 'There was an error with the reCAPTCHA. Please solve the reCAPTCHA again.' )
flash . delete :recaptcha_error
render action : 'new'
end
2014-07-10 13:31:05 -04:00
def sign_up_params
2019-10-18 17:06:37 -04:00
clean_params = params . require ( :user ) . permit ( :username , :email , :email_confirmation , :name , :password )
if experiment_enabled? ( :signup_flow )
clean_params [ :name ] = clean_params [ :username ]
end
clean_params
2014-07-10 13:31:05 -04:00
end
2015-12-27 12:03:06 -05:00
def resource_name
:user
end
def resource
2017-04-13 04:47:52 -04:00
@resource || = Users :: BuildService . new ( current_user , sign_up_params ) . execute
2015-12-27 12:03:06 -05:00
end
def devise_mapping
@devise_mapping || = Devise . mappings [ :user ]
end
2018-01-15 10:21:04 -05:00
def whitelist_query_limiting
2019-09-18 10:02:45 -04:00
Gitlab :: QueryLimiting . whitelist ( 'https://gitlab.com/gitlab-org/gitlab-foss/issues/42380' )
2018-01-15 10:21:04 -05:00
end
2018-06-08 07:20:44 -04:00
def ensure_terms_accepted
return if terms_accepted?
redirect_to new_user_session_path , alert : _ ( 'You must accept our Terms of Service and privacy policy in order to register an account' )
end
def terms_accepted?
Gitlab :: Utils . to_boolean ( params [ :terms_opt_in ] )
end
2019-08-12 11:40:24 -04:00
def confirmed_or_unconfirmed_access_allowed ( user )
2019-10-18 17:06:37 -04:00
user . confirmed? || Feature . enabled? ( :soft_email_confirmation ) || experiment_enabled? ( :signup_flow )
2019-08-12 11:40:24 -04:00
end
def stored_location_or_dashboard ( user )
stored_location_for ( user ) || dashboard_projects_path
end
2019-10-07 11:05:59 -04:00
2019-10-18 17:06:37 -04:00
def stored_location_or_dashboard_or_almost_there_path ( user )
confirmed_or_unconfirmed_access_allowed ( user ) ? stored_location_or_dashboard ( user ) : users_almost_there_path
end
2019-10-07 11:05:59 -04:00
# Part of an experiment to build a new sign up flow. Will be resolved
# with https://gitlab.com/gitlab-org/growth/engineering/issues/64
def choose_layout
2019-10-18 17:06:37 -04:00
if experiment_enabled? ( :signup_flow )
2019-10-07 11:05:59 -04:00
'devise_experimental_separate_sign_up_flow'
else
'devise'
end
end
2013-03-18 07:22:41 -04:00
end
2019-09-13 09:26:31 -04:00
RegistrationsController . prepend_if_ee ( 'EE::RegistrationsController' )