Force user password change for users created by admin
This commit is contained in:
parent
00882b3c33
commit
6838304a85
9 changed files with 118 additions and 76 deletions
|
@ -55,8 +55,14 @@ class Admin::UsersController < Admin::ApplicationController
|
||||||
def create
|
def create
|
||||||
admin = params[:user].delete("admin")
|
admin = params[:user].delete("admin")
|
||||||
|
|
||||||
@admin_user = User.new(params[:user], as: :admin)
|
opts = {
|
||||||
|
force_random_password: true,
|
||||||
|
password_expires_at: Time.now
|
||||||
|
}
|
||||||
|
|
||||||
|
@admin_user = User.new(params[:user].merge(opts), as: :admin)
|
||||||
@admin_user.admin = (admin && admin.to_i > 0)
|
@admin_user.admin = (admin && admin.to_i > 0)
|
||||||
|
@admin_user.created_by_id = current_user.id
|
||||||
|
|
||||||
respond_to do |format|
|
respond_to do |format|
|
||||||
if @admin_user.save
|
if @admin_user.save
|
||||||
|
|
|
@ -367,4 +367,8 @@ class User < ActiveRecord::Base
|
||||||
def accessible_deploy_keys
|
def accessible_deploy_keys
|
||||||
DeployKey.in_projects(self.master_projects).uniq
|
DeployKey.in_projects(self.master_projects).uniq
|
||||||
end
|
end
|
||||||
|
|
||||||
|
def created_by
|
||||||
|
User.find_by_id(created_by_id) if created_by_id
|
||||||
|
end
|
||||||
end
|
end
|
||||||
|
|
|
@ -24,19 +24,25 @@
|
||||||
= f.text_field :email, required: true, autocomplete: "off"
|
= f.text_field :email, required: true, autocomplete: "off"
|
||||||
%span.help-inline * required
|
%span.help-inline * required
|
||||||
|
|
||||||
%fieldset
|
- if @admin_user.new_record?
|
||||||
%legend Password
|
%fieldset
|
||||||
.clearfix
|
%legend Password
|
||||||
= f.label :password
|
|
||||||
.input= f.password_field :password, disabled: f.object.force_random_password
|
|
||||||
.clearfix
|
|
||||||
= f.label :password_confirmation
|
|
||||||
.input= f.password_field :password_confirmation, disabled: f.object.force_random_password
|
|
||||||
-if f.object.new_record?
|
|
||||||
.clearfix
|
.clearfix
|
||||||
= f.label :force_random_password do
|
= f.label :password
|
||||||
%span Generate random password
|
.input
|
||||||
.input= f.check_box :force_random_password, {}, true, nil
|
%strong
|
||||||
|
A temporary password will be generated and sent to user.
|
||||||
|
%br
|
||||||
|
User will be forced to change it after first sign in
|
||||||
|
- else
|
||||||
|
%fieldset
|
||||||
|
%legend Password
|
||||||
|
.clearfix
|
||||||
|
= f.label :password
|
||||||
|
.input= f.password_field :password, disabled: f.object.force_random_password
|
||||||
|
.clearfix
|
||||||
|
= f.label :password_confirmation
|
||||||
|
.input= f.password_field :password_confirmation, disabled: f.object.force_random_password
|
||||||
|
|
||||||
%fieldset
|
%fieldset
|
||||||
%legend Access
|
%legend Access
|
||||||
|
|
|
@ -1,32 +1,65 @@
|
||||||
|
%h3.page_title
|
||||||
|
User:
|
||||||
|
= @admin_user.name
|
||||||
|
- if @admin_user.blocked?
|
||||||
|
%span.cred (Blocked)
|
||||||
|
- if @admin_user.admin
|
||||||
|
%span.cred (Admin)
|
||||||
|
|
||||||
|
.pull-right
|
||||||
|
= link_to edit_admin_user_path(@admin_user), class: "btn grouped btn-small" do
|
||||||
|
%i.icon-edit
|
||||||
|
Edit
|
||||||
|
- unless @admin_user == current_user
|
||||||
|
- if @admin_user.blocked?
|
||||||
|
= link_to 'Unblock', unblock_admin_user_path(@admin_user), method: :put, class: "btn grouped btn-small success"
|
||||||
|
- else
|
||||||
|
= link_to 'Block', block_admin_user_path(@admin_user), confirm: 'USER WILL BE BLOCKED! Are you sure?', method: :put, class: "btn grouped btn-small btn-remove"
|
||||||
|
= link_to 'Destroy', [:admin, @admin_user], confirm: "USER #{@admin_user.name} WILL BE REMOVED! Are you sure?", method: :delete, class: "btn grouped btn-small btn-remove"
|
||||||
|
%hr
|
||||||
|
|
||||||
.row
|
.row
|
||||||
.span6
|
.span6
|
||||||
%h3.page_title
|
.ui-box
|
||||||
= image_tag gravatar_icon(@admin_user.email, 90), class: "avatar s90"
|
%h5.title
|
||||||
= @admin_user.name
|
Account:
|
||||||
- if @admin_user.blocked?
|
.pull-right
|
||||||
%span.cred (Blocked)
|
= image_tag gravatar_icon(@admin_user.email, 32), class: "avatar s32"
|
||||||
- if @admin_user.admin
|
%ul.well-list
|
||||||
%span.cred (Admin)
|
%li
|
||||||
.pull-right
|
%span.light Name:
|
||||||
= link_to edit_admin_user_path(@admin_user), class: "btn pull-right" do
|
%strong= @admin_user.name
|
||||||
%i.icon-edit
|
%li
|
||||||
Edit
|
%span.light Username:
|
||||||
%br
|
%strong
|
||||||
%small @#{@admin_user.username}
|
= @admin_user.username
|
||||||
%br
|
%li
|
||||||
%small member since #{@admin_user.created_at.stamp("Nov 12, 2031")}
|
%span.light Email:
|
||||||
.clearfix
|
%strong
|
||||||
%hr
|
= mail_to @admin_user.email
|
||||||
%p
|
|
||||||
%span.btn.btn-small
|
%li
|
||||||
%i.icon-envelope
|
%span.light Member since:
|
||||||
= mail_to @admin_user.email
|
%strong
|
||||||
- unless @admin_user == current_user
|
= @admin_user.created_at.stamp("Nov 12, 2031")
|
||||||
- if @admin_user.blocked?
|
|
||||||
= link_to 'Unblock', unblock_admin_user_path(@admin_user), method: :put, class: "btn btn-small success"
|
%li
|
||||||
- else
|
%span.light Last sign-in at:
|
||||||
= link_to 'Block', block_admin_user_path(@admin_user), confirm: 'USER WILL BE BLOCKED! Are you sure?', method: :put, class: "btn btn-small btn-remove"
|
%strong
|
||||||
= link_to 'Destroy', [:admin, @admin_user], confirm: "USER #{@admin_user.name} WILL BE REMOVED! Are you sure?", method: :delete, class: "btn btn-small btn-remove"
|
= @admin_user.last_sign_in_at.stamp("Nov 12, 2031")
|
||||||
|
|
||||||
|
- if @admin_user.ldap_user?
|
||||||
|
%li
|
||||||
|
%span.light LDAP uid:
|
||||||
|
%strong
|
||||||
|
= @admin_user.extern_uid
|
||||||
|
|
||||||
|
- if @admin_user.created_by
|
||||||
|
%li
|
||||||
|
%span.light Created by:
|
||||||
|
%strong
|
||||||
|
= link_to @admin_user.created_by.name, [:admin, @admin_user.created_by]
|
||||||
|
|
||||||
%hr
|
%hr
|
||||||
%h5
|
%h5
|
||||||
Add User to Projects
|
Add User to Projects
|
||||||
|
@ -67,11 +100,11 @@
|
||||||
|
|
||||||
|
|
||||||
.span6
|
.span6
|
||||||
= render 'users/profile', user: @admin_user
|
|
||||||
.ui-box
|
.ui-box
|
||||||
%h5.title Projects (#{@projects.count})
|
%h5.title Projects (#{@projects.count})
|
||||||
%ul.well-list
|
%ul.well-list
|
||||||
- @projects.sort_by(&:name_with_namespace).each do |project|
|
- @projects.sort_by(&:name_with_namespace).each do |project|
|
||||||
|
- tm = project.team.get_tm(@admin_user.id)
|
||||||
%li
|
%li
|
||||||
= link_to admin_project_path(project), class: dom_class(project) do
|
= link_to admin_project_path(project), class: dom_class(project) do
|
||||||
- if project.namespace
|
- if project.namespace
|
||||||
|
@ -79,16 +112,17 @@
|
||||||
\/
|
\/
|
||||||
%strong.well-title
|
%strong.well-title
|
||||||
= truncate(project.name, length: 45)
|
= truncate(project.name, length: 45)
|
||||||
%span.pull-right.light
|
|
||||||
- if project.owner == @admin_user
|
- if project.owner == @admin_user
|
||||||
%i.icon-wrench
|
%span.label.label-info owner
|
||||||
- tm = project.team.get_tm(@admin_user.id)
|
|
||||||
- if tm
|
- if tm
|
||||||
= tm.project_access_human
|
.pull-right
|
||||||
= link_to edit_admin_project_member_path(project, tm.user), class: "btn btn-small" do
|
= link_to edit_admin_project_member_path(project, tm.user), class: "btn grouped btn-small" do
|
||||||
%i.icon-edit
|
%i.icon-edit
|
||||||
= link_to admin_project_member_path(project, tm.user), confirm: remove_from_project_team_message(project, @admin_user), method: :delete, class: "btn btn-small btn-remove" do
|
= link_to admin_project_member_path(project, tm.user), confirm: remove_from_project_team_message(project, @admin_user), method: :delete, class: "btn grouped btn-small btn-remove" do
|
||||||
%i.icon-remove
|
%i.icon-remove
|
||||||
%p.light
|
|
||||||
%i.icon-wrench
|
.pull-right.light
|
||||||
– user is a project owner
|
= tm.project_access_human
|
||||||
|
|
||||||
|
|
|
@ -8,13 +8,14 @@
|
||||||
%p
|
%p
|
||||||
login..........................................
|
login..........................................
|
||||||
%code= @user['email']
|
%code= @user['email']
|
||||||
%p
|
|
||||||
- unless Gitlab.config.gitlab.signup_enabled
|
- if @user.created_by_id
|
||||||
|
%p
|
||||||
password..................................
|
password..................................
|
||||||
%code= @password
|
%code= @password
|
||||||
|
|
||||||
%p
|
%p
|
||||||
Please change your password immediately after login.
|
You will be forced to change this password immediately after login.
|
||||||
|
|
||||||
%p
|
%p
|
||||||
= link_to "Click here to login", root_url
|
= link_to "Click here to login", root_url
|
||||||
|
|
|
@ -3,10 +3,11 @@ Hi <%= @user.name %>!
|
||||||
The Administrator created an account for you. Now you are a member of company GitLab application.
|
The Administrator created an account for you. Now you are a member of company GitLab application.
|
||||||
|
|
||||||
login.................. <%= @user.email %>
|
login.................. <%= @user.email %>
|
||||||
<% unless Gitlab.config.gitlab.signup_enabled %>
|
<% if @user.created_by_id %>
|
||||||
password............... <%= @password %>
|
password............... <%= @password %>
|
||||||
|
|
||||||
|
You will be forced to change this password immediately after login.
|
||||||
<% end %>
|
<% end %>
|
||||||
|
|
||||||
Please change your password immediately after login.
|
|
||||||
|
|
||||||
Click here to login: <%= url_for(root_url) %>
|
Click here to login: <%= url_for(root_url) %>
|
||||||
|
|
5
db/migrate/20130613173246_add_created_by_id_to_user.rb
Normal file
5
db/migrate/20130613173246_add_created_by_id_to_user.rb
Normal file
|
@ -0,0 +1,5 @@
|
||||||
|
class AddCreatedByIdToUser < ActiveRecord::Migration
|
||||||
|
def change
|
||||||
|
add_column :users, :created_by_id, :integer
|
||||||
|
end
|
||||||
|
end
|
|
@ -11,7 +11,7 @@
|
||||||
#
|
#
|
||||||
# It's strongly recommended to check this file into your version control system.
|
# It's strongly recommended to check this file into your version control system.
|
||||||
|
|
||||||
ActiveRecord::Schema.define(:version => 20130613165816) do
|
ActiveRecord::Schema.define(:version => 20130613173246) do
|
||||||
|
|
||||||
create_table "deploy_keys_projects", :force => true do |t|
|
create_table "deploy_keys_projects", :force => true do |t|
|
||||||
t.integer "deploy_key_id", :null => false
|
t.integer "deploy_key_id", :null => false
|
||||||
|
@ -293,6 +293,7 @@ ActiveRecord::Schema.define(:version => 20130613165816) do
|
||||||
t.integer "color_scheme_id", :default => 1, :null => false
|
t.integer "color_scheme_id", :default => 1, :null => false
|
||||||
t.integer "notification_level", :default => 1, :null => false
|
t.integer "notification_level", :default => 1, :null => false
|
||||||
t.datetime "password_expires_at"
|
t.datetime "password_expires_at"
|
||||||
|
t.integer "created_by_id"
|
||||||
end
|
end
|
||||||
|
|
||||||
add_index "users", ["admin"], :name => "index_users_on_admin"
|
add_index "users", ["admin"], :name => "index_users_on_admin"
|
||||||
|
|
|
@ -20,13 +20,10 @@ describe "Admin::Users" do
|
||||||
|
|
||||||
describe "GET /admin/users/new" do
|
describe "GET /admin/users/new" do
|
||||||
before do
|
before do
|
||||||
@password = "123ABC"
|
|
||||||
visit new_admin_user_path
|
visit new_admin_user_path
|
||||||
fill_in "user_name", with: "Big Bang"
|
fill_in "user_name", with: "Big Bang"
|
||||||
fill_in "user_username", with: "bang"
|
fill_in "user_username", with: "bang"
|
||||||
fill_in "user_email", with: "bigbang@mail.com"
|
fill_in "user_email", with: "bigbang@mail.com"
|
||||||
fill_in "user_password", with: @password
|
|
||||||
fill_in "user_password_confirmation", with: @password
|
|
||||||
end
|
end
|
||||||
|
|
||||||
it "should create new user" do
|
it "should create new user" do
|
||||||
|
@ -57,26 +54,13 @@ describe "Admin::Users" do
|
||||||
end
|
end
|
||||||
|
|
||||||
it "should send valid email to user with email & password" do
|
it "should send valid email to user with email & password" do
|
||||||
Gitlab.config.gitlab.stub(:signup_enabled).and_return(false)
|
|
||||||
User.observers.enable :user_observer do
|
User.observers.enable :user_observer do
|
||||||
click_button "Create user"
|
click_button "Create user"
|
||||||
user = User.last
|
user = User.last
|
||||||
email = ActionMailer::Base.deliveries.last
|
email = ActionMailer::Base.deliveries.last
|
||||||
email.subject.should have_content("Account was created")
|
email.subject.should have_content("Account was created")
|
||||||
email.text_part.body.should have_content(user.email)
|
email.text_part.body.should have_content(user.email)
|
||||||
email.text_part.body.should have_content(@password)
|
email.text_part.body.should have_content('password')
|
||||||
end
|
|
||||||
end
|
|
||||||
|
|
||||||
it "should send valid email to user with email without password when signup is enabled" do
|
|
||||||
Gitlab.config.gitlab.stub(:signup_enabled).and_return(true)
|
|
||||||
User.observers.enable :user_observer do
|
|
||||||
click_button "Create user"
|
|
||||||
user = User.last
|
|
||||||
email = ActionMailer::Base.deliveries.last
|
|
||||||
email.subject.should have_content("Account was created")
|
|
||||||
email.text_part.body.should have_content(user.email)
|
|
||||||
email.text_part.body.should_not have_content(@password)
|
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
|
Loading…
Reference in a new issue