6fdb17cbbe
- Add a `destroy_user` ability. This didn't exist before, and was implicit in other abilities (only admins could access the admin area, so only they could destroy all users; a user can only access their own account page, and so can destroy only themselves). - Grant this ability to admins, and when the current user is trying to destroy themselves. Disallow destroying ghost users in all cases. - Modify the `Users::DestroyService` to check this ability. Also check it in views to decide whether or not to show the "Delete User" button. - Add a short summary of the Ghost User to the bio.
194 lines
6.6 KiB
Text
194 lines
6.6 KiB
Text
- page_title @user.name, "Users"
|
|
= render 'admin/users/head'
|
|
|
|
.row
|
|
.col-md-6
|
|
.panel.panel-default
|
|
.panel-heading
|
|
= @user.name
|
|
%ul.well-list
|
|
%li
|
|
= image_tag avatar_icon(@user, 60), class: "avatar s60"
|
|
%li
|
|
%span.light Profile page:
|
|
%strong
|
|
= link_to user_path(@user) do
|
|
= @user.username
|
|
= render 'admin/users/profile', user: @user
|
|
|
|
.panel.panel-default
|
|
.panel-heading
|
|
Account:
|
|
%ul.well-list
|
|
%li
|
|
%span.light Name:
|
|
%strong= @user.name
|
|
%li
|
|
%span.light Username:
|
|
%strong
|
|
= @user.username
|
|
%li
|
|
%span.light Email:
|
|
%strong
|
|
= mail_to @user.email
|
|
- @user.emails.each do |email|
|
|
%li
|
|
%span.light Secondary email:
|
|
%strong= email.email
|
|
= link_to remove_email_admin_user_path(@user, email), data: { confirm: "Are you sure you want to remove #{email.email}?" }, method: :delete, class: "btn-xs btn btn-remove pull-right", title: 'Remove secondary email', id: "remove_email_#{email.id}" do
|
|
%i.fa.fa-times
|
|
|
|
%li.two-factor-status
|
|
%span.light Two-factor Authentication:
|
|
%strong{ class: @user.two_factor_enabled? ? 'cgreen' : 'cred' }
|
|
- if @user.two_factor_enabled?
|
|
Enabled
|
|
= link_to 'Disable', disable_two_factor_admin_user_path(@user), data: {confirm: 'Are you sure?'}, method: :patch, class: 'btn btn-xs btn-remove pull-right', title: 'Disable Two-factor Authentication'
|
|
- else
|
|
Disabled
|
|
|
|
%li
|
|
%span.light External User:
|
|
%strong
|
|
= @user.external? ? "Yes" : "No"
|
|
%li
|
|
%span.light Can create groups:
|
|
%strong
|
|
= @user.can_create_group ? "Yes" : "No"
|
|
%li
|
|
%span.light Personal projects limit:
|
|
%strong
|
|
= @user.projects_limit
|
|
%li
|
|
%span.light Member since:
|
|
%strong
|
|
= @user.created_at.to_s(:medium)
|
|
- if @user.confirmed_at
|
|
%li
|
|
%span.light Confirmed at:
|
|
%strong
|
|
= @user.confirmed_at.to_s(:medium)
|
|
- else
|
|
%li
|
|
%span.light Confirmed:
|
|
%strong.cred
|
|
No
|
|
|
|
%li
|
|
%span.light Current sign-in IP:
|
|
%strong
|
|
- if @user.current_sign_in_ip
|
|
= @user.current_sign_in_ip
|
|
- else
|
|
never
|
|
|
|
%li
|
|
%span.light Current sign-in at:
|
|
%strong
|
|
- if @user.current_sign_in_at
|
|
= @user.current_sign_in_at.to_s(:medium)
|
|
- else
|
|
never
|
|
|
|
%li
|
|
%span.light Last sign-in IP:
|
|
%strong
|
|
- if @user.last_sign_in_ip
|
|
= @user.last_sign_in_ip
|
|
- else
|
|
never
|
|
|
|
%li
|
|
%span.light Last sign-in at:
|
|
%strong
|
|
- if @user.last_sign_in_at
|
|
= @user.last_sign_in_at.to_s(:medium)
|
|
- else
|
|
never
|
|
|
|
%li
|
|
%span.light Sign-in count:
|
|
%strong
|
|
= @user.sign_in_count
|
|
|
|
- if @user.ldap_user?
|
|
%li
|
|
%span.light LDAP uid:
|
|
%strong
|
|
= @user.ldap_identity.extern_uid
|
|
|
|
- if @user.created_by
|
|
%li
|
|
%span.light Created by:
|
|
%strong
|
|
= link_to @user.created_by.name, [:admin, @user.created_by]
|
|
|
|
.col-md-6
|
|
- unless @user == current_user
|
|
- unless @user.confirmed?
|
|
.panel.panel-info
|
|
.panel-heading
|
|
Confirm user
|
|
.panel-body
|
|
- if @user.unconfirmed_email.present?
|
|
- email = " (#{@user.unconfirmed_email})"
|
|
%p This user has an unconfirmed email address#{email}. You may force a confirmation.
|
|
%br
|
|
= link_to 'Confirm user', confirm_admin_user_path(@user), method: :put, class: "btn btn-info", data: { confirm: 'Are you sure?' }
|
|
- if @user.blocked?
|
|
.panel.panel-info
|
|
.panel-heading
|
|
This user is blocked
|
|
.panel-body
|
|
%p A blocked user cannot:
|
|
%ul
|
|
%li Log in
|
|
%li Access Git repositories
|
|
%br
|
|
= link_to 'Unblock user', unblock_admin_user_path(@user), method: :put, class: "btn btn-info", data: { confirm: 'Are you sure?' }
|
|
- else
|
|
.panel.panel-warning
|
|
.panel-heading
|
|
Block this user
|
|
.panel-body
|
|
%p Blocking user has the following effects:
|
|
%ul
|
|
%li User will not be able to login
|
|
%li User will not be able to access git repositories
|
|
%li User will be removed from joined projects and groups
|
|
%li Personal projects will be left
|
|
%li Owned groups will be left
|
|
%br
|
|
= link_to 'Block user', block_admin_user_path(@user), data: { confirm: 'USER WILL BE BLOCKED! Are you sure?' }, method: :put, class: "btn btn-warning"
|
|
- if @user.access_locked?
|
|
.panel.panel-info
|
|
.panel-heading
|
|
This account has been locked
|
|
.panel-body
|
|
%p This user has been temporarily locked due to excessive number of failed logins. You may manually unlock the account.
|
|
%br
|
|
= link_to 'Unlock user', unlock_admin_user_path(@user), method: :put, class: "btn btn-info", data: { confirm: 'Are you sure?' }
|
|
|
|
.panel.panel-danger
|
|
.panel-heading
|
|
Remove user
|
|
.panel-body
|
|
- if @user.can_be_removed? && can?(current_user, :destroy_user, @user)
|
|
%p Deleting a user has the following effects:
|
|
%ul
|
|
%li All user content like authored issues, snippets, comments will be removed
|
|
- rp = @user.personal_projects.count
|
|
- unless rp.zero?
|
|
%li #{pluralize rp, 'personal project'} will be removed and cannot be restored
|
|
%br
|
|
= link_to 'Remove user', [:admin, @user], data: { confirm: "USER #{@user.name} WILL BE REMOVED! Are you sure?" }, method: :delete, class: "btn btn-remove"
|
|
- else
|
|
- if @user.solo_owned_groups.present?
|
|
%p
|
|
This user is currently an owner in these groups:
|
|
%strong= @user.solo_owned_groups.map(&:name).join(', ')
|
|
%p
|
|
You must transfer ownership or delete these groups before you can delete this user.
|
|
- else
|
|
%p
|
|
You don't have access to delete this user.
|