2018-07-18 12:03:33 -04:00
|
|
|
# frozen_string_literal: true
|
|
|
|
|
2017-04-13 04:47:52 -04:00
|
|
|
module Users
|
|
|
|
class BuildService < BaseService
|
2018-08-30 08:53:06 -04:00
|
|
|
delegate :user_default_internal_regex_enabled?,
|
|
|
|
:user_default_internal_regex_instance,
|
|
|
|
to: :'Gitlab::CurrentSettings.current_application_settings'
|
|
|
|
|
2017-04-13 04:47:52 -04:00
|
|
|
def initialize(current_user, params = {})
|
|
|
|
@current_user = current_user
|
|
|
|
@params = params.dup
|
2019-06-19 16:27:34 -04:00
|
|
|
@identity_params = params.slice(*identity_attributes)
|
2017-04-13 04:47:52 -04:00
|
|
|
end
|
|
|
|
|
2017-04-24 17:12:14 -04:00
|
|
|
def execute(skip_authorization: false)
|
2021-04-27 23:09:58 -04:00
|
|
|
@skip_authorization = skip_authorization
|
|
|
|
|
2021-05-20 23:10:24 -04:00
|
|
|
build_user
|
|
|
|
build_identity
|
|
|
|
update_canonical_email
|
2017-04-13 04:47:52 -04:00
|
|
|
|
2021-05-20 23:10:24 -04:00
|
|
|
user
|
|
|
|
end
|
|
|
|
|
|
|
|
private
|
|
|
|
|
|
|
|
attr_reader :skip_authorization, :identity_params, :user_params, :user
|
2017-04-13 04:47:52 -04:00
|
|
|
|
2021-05-20 23:10:24 -04:00
|
|
|
def identity_attributes
|
|
|
|
[:extern_uid, :provider]
|
|
|
|
end
|
2017-04-13 04:47:52 -04:00
|
|
|
|
2021-05-20 23:10:24 -04:00
|
|
|
def build_user
|
|
|
|
if admin?
|
|
|
|
admin_build_user
|
|
|
|
else
|
|
|
|
standard_build_user
|
2017-04-13 04:47:52 -04:00
|
|
|
end
|
2021-05-20 23:10:24 -04:00
|
|
|
end
|
2017-04-13 04:47:52 -04:00
|
|
|
|
2021-05-20 23:10:24 -04:00
|
|
|
def admin?
|
|
|
|
return false unless current_user
|
2017-04-13 04:47:52 -04:00
|
|
|
|
2021-05-20 23:10:24 -04:00
|
|
|
current_user.admin?
|
|
|
|
end
|
2020-03-24 05:09:25 -04:00
|
|
|
|
2021-05-20 23:10:24 -04:00
|
|
|
def admin_build_user
|
|
|
|
build_user_params_for_admin
|
|
|
|
init_user
|
|
|
|
password_reset
|
2017-04-13 04:47:52 -04:00
|
|
|
end
|
|
|
|
|
2021-05-20 23:10:24 -04:00
|
|
|
def standard_build_user
|
|
|
|
# current_user non admin or nil
|
|
|
|
validate_access!
|
|
|
|
build_user_params_for_non_admin
|
|
|
|
init_user
|
|
|
|
end
|
2017-04-13 04:47:52 -04:00
|
|
|
|
2021-05-20 23:10:24 -04:00
|
|
|
def build_user_params_for_admin
|
|
|
|
@user_params = params.slice(*admin_create_params)
|
|
|
|
@user_params.merge!(force_random_password: true, password_expires_at: nil) if params[:reset_password]
|
|
|
|
end
|
2021-04-27 23:09:58 -04:00
|
|
|
|
2021-05-20 23:10:24 -04:00
|
|
|
def init_user
|
|
|
|
assign_common_user_params
|
|
|
|
|
|
|
|
@user = User.new(user_params)
|
|
|
|
end
|
|
|
|
|
|
|
|
def assign_common_user_params
|
|
|
|
@user_params[:created_by_id] = current_user&.id
|
|
|
|
@user_params[:external] = user_external? if set_external_param?
|
|
|
|
|
|
|
|
@user_params.delete(:user_type) unless project_bot?
|
|
|
|
end
|
|
|
|
|
|
|
|
def set_external_param?
|
|
|
|
user_default_internal_regex_enabled? && !user_params.key?(:external)
|
2019-04-02 09:33:50 -04:00
|
|
|
end
|
|
|
|
|
2021-05-20 23:10:24 -04:00
|
|
|
def user_external?
|
|
|
|
user_default_internal_regex_instance.match(params[:email]).nil?
|
|
|
|
end
|
|
|
|
|
|
|
|
def project_bot?
|
|
|
|
user_params[:user_type]&.to_sym == :project_bot
|
|
|
|
end
|
|
|
|
|
|
|
|
def password_reset
|
|
|
|
@reset_token = user.generate_reset_token if params[:reset_password]
|
|
|
|
|
|
|
|
if user_params[:force_random_password]
|
|
|
|
random_password = User.random_password
|
|
|
|
@user.password = user.password_confirmation = random_password
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
def validate_access!
|
|
|
|
return if skip_authorization
|
|
|
|
return if can_create_user?
|
|
|
|
|
|
|
|
raise Gitlab::Access::AccessDeniedError
|
|
|
|
end
|
|
|
|
|
|
|
|
def can_create_user?
|
|
|
|
current_user.nil? && Gitlab::CurrentSettings.allow_signup?
|
|
|
|
end
|
|
|
|
|
|
|
|
def build_user_params_for_non_admin
|
|
|
|
allowed_signup_params = signup_params
|
|
|
|
allowed_signup_params << :skip_confirmation if allow_caller_to_request_skip_confirmation?
|
|
|
|
|
|
|
|
@user_params = params.slice(*allowed_signup_params)
|
|
|
|
@user_params[:skip_confirmation] = skip_user_confirmation_email_from_setting if assign_skip_confirmation_from_settings?
|
|
|
|
@user_params[:name] = fallback_name if use_fallback_name?
|
|
|
|
end
|
|
|
|
|
|
|
|
def allow_caller_to_request_skip_confirmation?
|
|
|
|
skip_authorization
|
|
|
|
end
|
|
|
|
|
|
|
|
def assign_skip_confirmation_from_settings?
|
|
|
|
user_params[:skip_confirmation].nil?
|
|
|
|
end
|
|
|
|
|
|
|
|
def skip_user_confirmation_email_from_setting
|
|
|
|
!Gitlab::CurrentSettings.send_user_confirmation_email
|
|
|
|
end
|
|
|
|
|
|
|
|
def use_fallback_name?
|
|
|
|
user_params[:name].blank? && fallback_name.present?
|
|
|
|
end
|
|
|
|
|
|
|
|
def fallback_name
|
|
|
|
"#{user_params[:first_name]} #{user_params[:last_name]}"
|
|
|
|
end
|
|
|
|
|
|
|
|
def build_identity
|
2020-03-16 20:09:12 -04:00
|
|
|
return if identity_params.empty?
|
|
|
|
|
|
|
|
user.identities.build(identity_params)
|
|
|
|
end
|
|
|
|
|
2021-05-20 23:10:24 -04:00
|
|
|
def update_canonical_email
|
|
|
|
Users::UpdateCanonicalEmailService.new(user: user).execute
|
2017-04-13 04:47:52 -04:00
|
|
|
end
|
|
|
|
|
|
|
|
# Allowed params for creating a user (admins only)
|
|
|
|
def admin_create_params
|
|
|
|
[
|
|
|
|
:access_level,
|
|
|
|
:admin,
|
|
|
|
:avatar,
|
|
|
|
:bio,
|
|
|
|
:can_create_group,
|
|
|
|
:color_scheme_id,
|
|
|
|
:email,
|
|
|
|
:external,
|
|
|
|
:force_random_password,
|
|
|
|
:hide_no_password,
|
|
|
|
:hide_no_ssh_key,
|
|
|
|
:linkedin,
|
|
|
|
:name,
|
|
|
|
:password,
|
|
|
|
:password_automatically_set,
|
|
|
|
:password_expires_at,
|
|
|
|
:projects_limit,
|
|
|
|
:remember_me,
|
|
|
|
:skip_confirmation,
|
|
|
|
:skype,
|
|
|
|
:theme_id,
|
|
|
|
:twitter,
|
|
|
|
:username,
|
2018-07-24 08:46:19 -04:00
|
|
|
:website_url,
|
2018-09-26 11:25:31 -04:00
|
|
|
:private_profile,
|
|
|
|
:organization,
|
2018-09-26 11:27:26 -04:00
|
|
|
:location,
|
2020-04-21 11:21:10 -04:00
|
|
|
:public_email,
|
2020-05-28 05:08:05 -04:00
|
|
|
:user_type,
|
2021-02-25 01:10:51 -05:00
|
|
|
:note,
|
|
|
|
:view_diffs_file_by_file
|
2017-04-13 04:47:52 -04:00
|
|
|
]
|
|
|
|
end
|
|
|
|
|
|
|
|
# Allowed params for user signup
|
|
|
|
def signup_params
|
|
|
|
[
|
|
|
|
:email,
|
|
|
|
:name,
|
|
|
|
:password,
|
2021-05-20 23:10:24 -04:00
|
|
|
:password_automatically_set,
|
2020-04-21 11:21:10 -04:00
|
|
|
:username,
|
2021-05-20 23:10:24 -04:00
|
|
|
:user_type,
|
|
|
|
:first_name,
|
|
|
|
:last_name
|
2017-04-13 04:47:52 -04:00
|
|
|
]
|
|
|
|
end
|
|
|
|
end
|
|
|
|
end
|
2019-09-13 09:26:31 -04:00
|
|
|
|
2021-05-11 17:10:21 -04:00
|
|
|
Users::BuildService.prepend_mod_with('Users::BuildService')
|