AdminsController.delete_role() - Code Metrics - Inspection of "GRN2-128: Added the ability to manage rooms" - bigbluebutton/greenlight - Measure and Improve Code Quality continuously with Scrutinizer

Passed

Pull Request — master (#848)

by Ahmad

created 2019-10-31 18:03 UTC

AdminsController.delete_role() A

↳ Parent: AdminsController

Complexity

Conditions

Size

Total Lines

Duplication

Lines	0
Ratio	0 %

Importance

Changes

Metric	Value
cc	5
dl	0
loc	18
rs	9.0333
c	0
b	0
f	0

# frozen_string_literal: true

# BigBlueButton open source conferencing system - http://www.bigbluebutton.org/.
#
# Copyright (c) 2018 BigBlueButton Inc. and by respective authors (see below).
#
# This program is free software; you can redistribute it and/or modify it under the
# terms of the GNU Lesser General Public License as published by the Free Software
# Foundation; either version 3.0 of the License, or (at your option) any later
# version.
#
# BigBlueButton is distributed in the hope that it will be useful, but WITHOUT ANY
# WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A
# PARTICULAR PURPOSE. See the GNU Lesser General Public License for more details.
#
# You should have received a copy of the GNU Lesser General Public License along
# with BigBlueButton; if not, see <http://www.gnu.org/licenses/>.

class AdminsController < ApplicationController
  include Pagy::Backend
  include Themer
  include Emailer
  include Recorder
  include Rolify

  manage_users = [:edit_user, :promote, :demote, :ban_user, :unban_user, :approve, :reset]
  manage_deleted_users = [:undelete]
  authorize_resource class: false
  before_action :find_user, only: manage_users
  before_action :find_deleted_user, only: manage_deleted_users
  before_action :verify_admin_of_user, only: [manage_users, manage_deleted_users]

  # GET /admins
  def index
    # Initializa the data manipulation variables
    @search = params[:search] || ""
    @order_column = params[:column] && params[:direction] != "none" ? params[:column] : "created_at"
    @order_direction = params[:direction] && params[:direction] != "none" ? params[:direction] : "DESC"

    @role = params[:role] ? Role.find_by(name: params[:role], provider: @user_domain) : nil
    @tab = params[:tab] || "active"

    @pagy, @users = pagy(user_list)
  end

  # GET /admins/site_settings
  def site_settings
  end

  # GET /admins/server_recordings
  def server_recordings
    server_rooms = if Rails.configuration.loadbalanced_configuration
      Room.includes(:owner).where(users: { provider: @user_domain }).pluck(:bbb_id)
    else
      Room.pluck(:bbb_id)
    end

    @search, @order_column, @order_direction, recs =
      all_recordings(server_rooms, params.permit(:search, :column, :direction), true, true)

    @pagy, @recordings = pagy_array(recs)
  end

  # GET /admins/rooms
  def server_rooms
    @search = params[:search] || ""
    @order_column = params[:column] && params[:direction] != "none" ? params[:column] : "created_at"
    @order_direction = params[:direction] && params[:direction] != "none" ? params[:direction] : "DESC"

    server_rooms = if Rails.configuration.loadbalanced_configuration
      Room.includes(:owner).where(users: { provider: @user_domain })
          .admins_search(@search)
          .admins_order(@order_column, @order_direction)
    else
      Room.all.admins_search(@search).admins_order(@order_column, @order_direction)
    end

    @pagy, @rooms = pagy_array(server_rooms)
  end

  # MANAGE USERS

  # GET /admins/edit/:user_uid
  def edit_user
  end

  # POST /admins/ban/:user_uid
  def ban_user
    @user.roles = []
    @user.add_role :denied
    redirect_to admins_path, flash: { success: I18n.t("administrator.flash.banned") }
  end

  # POST /admins/unban/:user_uid
  def unban_user
    @user.remove_role :denied
    @user.add_role :user
    redirect_to admins_path, flash: { success: I18n.t("administrator.flash.unbanned") }
  end

  # POST /admins/approve/:user_uid
  def approve
    @user.remove_role :pending

    send_user_approved_email(@user)

    redirect_to admins_path, flash: { success: I18n.t("administrator.flash.approved") }
  end

  # POST /admins/approve/:user_uid
  def undelete
    # Undelete the user and all of his rooms
    @user.undelete!
    @user.rooms.deleted.each(&:undelete!)

    redirect_to admins_path, flash: { success: I18n.t("administrator.flash.restored") }
  end

  # POST /admins/invite
  def invite
    emails = params[:invite_user][:email].split(",")

    emails.each do |email|
      invitation = create_or_update_invite(email)

      send_invitation_email(current_user.name, email, invitation.invite_token)
    end

    redirect_to admins_path
  end

  # GET /admins/reset
  def reset
    @user.create_reset_digest

    send_password_reset_email(@user)

    redirect_to admins_path, flash: { success: I18n.t("administrator.flash.reset_password") }
  end
  # SITE SETTINGS

  # POST /admins/update_settings
  def update_settings
    @settings.update_value(params[:setting], params[:value])

    flash_message = I18n.t("administrator.flash.settings")

    if params[:value] == "Default Recording Visibility"
      flash_message += ". " + I18n.t("administrator.site_settings.recording_visibility.warning")
    end

    redirect_to admin_site_settings_path, flash: { success: flash_message }
  end

  # POST /admins/color
  def coloring
    @settings.update_value("Primary Color", params[:value])
    @settings.update_value("Primary Color Lighten", color_lighten(params[:value]))
    @settings.update_value("Primary Color Darken", color_darken(params[:value]))
    redirect_to admin_site_settings_path, flash: { success: I18n.t("administrator.flash.settings") }
  end

  # POST /admins/registration_method/:method
  def registration_method
    new_method = Rails.configuration.registration_methods[params[:value].to_sym]

    # Only allow change to Join by Invitation if user has emails enabled
    if !Rails.configuration.enable_email_verification && new_method == Rails.configuration.registration_methods[:invite]
      redirect_to admin_site_settings_path,
        flash: { alert: I18n.t("administrator.flash.invite_email_verification") }
    else
      @settings.update_value("Registration Method", new_method)
      redirect_to admin_site_settings_path,
        flash: { success: I18n.t("administrator.flash.registration_method_updated") }
    end
  end

  # ROLES

  # GET /admins/roles
  def roles
    @roles = all_roles(params[:selected_role])
  end

  # POST /admins/role
  # This method creates a new role scoped to the users provider
  def new_role
    new_role = create_role(params[:role][:name])

    return redirect_to admin_roles_path, flash: { alert: I18n.t("administrator.roles.invalid_create") } if new_role.nil?

    redirect_to admin_roles_path(selected_role: new_role.id)
  end

  # PATCH /admin/roles/order
  # This updates the priority of a site's roles
  # Note: A lower priority role will always get used before a higher priority one
  def change_role_order
    unless update_priority(params[:role])
      redirect_to admin_roles_path, flash: { alert: I18n.t("administrator.roles.invalid_order") }
    end
  end

  # POST /admin/role/:role_id
  # This method updates the permissions assigned to a role
  def update_role
    role = Role.find(params[:role_id])
    flash[:alert] = I18n.t("administrator.roles.invalid_update") unless update_permissions(role)
    redirect_to admin_roles_path(selected_role: role.id)
  end

  # DELETE admins/role/:role_id
  # This deletes a role
  def delete_role
    role = Role.find(params[:role_id])

    # Make sure no users are assigned to the role and the role isn't a reserved role
    # before deleting
    if role.users.count.positive?
      flash[:alert] = I18n.t("administrator.roles.role_has_users", user_count: role.users.count)
      return redirect_to admin_roles_path(selected_role: role.id)
    elsif Role::RESERVED_ROLE_NAMES.include?(role) || role.provider != @user_domain ||
          role.priority <= current_user.highest_priority_role.priority
      return redirect_to admin_roles_path(selected_role: role.id)
    else
      role.role_permissions.delete_all
      role.delete
    end

    redirect_to admin_roles_path
  end

  private

  def find_user
    @user = User.where(uid: params[:user_uid]).includes(:roles).first
  end

  def find_deleted_user
    @user = User.deleted.where(uid: params[:user_uid]).includes(:roles).first
  end

  # Verifies that admin is an administrator of the user in the action
  def verify_admin_of_user
    redirect_to admins_path,
      flash: { alert: I18n.t("administrator.flash.unauthorized") } unless current_user.admin_of?(@user)
  end

  # Gets the list of users based on your configuration
  def user_list
    current_role = @role

    initial_user = case @tab
      when "active"
        User.without_role(:pending).without_role(:denied)
      when "deleted"
        User.deleted
      else
        User
    end

    current_role = Role.find_by(name: @tab, provider: @user_domain) if @tab == "pending" || @tab == "denied"

    initial_list = if current_user.has_role? :super_admin
      initial_user.where.not(id: current_user.id)
    else
      initial_user.without_role(:super_admin).where.not(id: current_user.id)
    end

    if Rails.configuration.loadbalanced_configuration
      initial_list.where(provider: @user_domain)
                  .admins_search(@search, current_role)
                  .admins_order(@order_column, @order_direction)
    else
      initial_list.admins_search(@search, current_role)
                  .admins_order(@order_column, @order_direction)
    end
  end

  # Creates the invite if it doesn't exist, or updates the updated_at time if it does
  def create_or_update_invite(email)
    invite = Invitation.find_by(email: email, provider: @user_domain)

    # Invite already exists
    if invite.present?
      # Updates updated_at to now
      invite.touch
    else
      # Creates invite
      invite = Invitation.create(email: email, provider: @user_domain)
    end

    invite
  end

  # Get the room status to display in the Server Rooms table
  def room_is_running(id)
    room_running?(id)
  end
  helper_method :room_is_running
end


1			# frozen_string_literal: true
2
3			# BigBlueButton open source conferencing system - http://www.bigbluebutton.org/.
4			#
5			# Copyright (c) 2018 BigBlueButton Inc. and by respective authors (see below).
6			#
7			# This program is free software; you can redistribute it and/or modify it under the
8			# terms of the GNU Lesser General Public License as published by the Free Software
9			# Foundation; either version 3.0 of the License, or (at your option) any later
10			# version.
11			#
12			# BigBlueButton is distributed in the hope that it will be useful, but WITHOUT ANY
13			# WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A
14			# PARTICULAR PURPOSE. See the GNU Lesser General Public License for more details.
15			#
16			# You should have received a copy of the GNU Lesser General Public License along
17			# with BigBlueButton; if not, see <http://www.gnu.org/licenses/>.
18
19			class AdminsController < ApplicationController
20			include Pagy::Backend
21			include Themer
22			include Emailer
23			include Recorder
24			include Rolify
25
26			manage_users = [:edit_user, :promote, :demote, :ban_user, :unban_user, :approve, :reset]
27			manage_deleted_users = [:undelete]
28			authorize_resource class: false
29			before_action :find_user, only: manage_users
30			before_action :find_deleted_user, only: manage_deleted_users
31			before_action :verify_admin_of_user, only: [manage_users, manage_deleted_users]
32
33			# GET /admins
34			def index
35			# Initializa the data manipulation variables
36			@search = params[:search] \|\| ""
37			@order_column = params[:column] && params[:direction] != "none" ? params[:column] : "created_at"
38			@order_direction = params[:direction] && params[:direction] != "none" ? params[:direction] : "DESC"
39
40			@role = params[:role] ? Role.find_by(name: params[:role], provider: @user_domain) : nil
41			@tab = params[:tab] \|\| "active"
42
43			@pagy, @users = pagy(user_list)
44			end
45
46			# GET /admins/site_settings
47			def site_settings
48			end
49
50			# GET /admins/server_recordings
51			def server_recordings
52			server_rooms = if Rails.configuration.loadbalanced_configuration
53			Room.includes(:owner).where(users: { provider: @user_domain }).pluck(:bbb_id)
54			else
55			Room.pluck(:bbb_id)
56			end
57
58			@search, @order_column, @order_direction, recs =
59			all_recordings(server_rooms, params.permit(:search, :column, :direction), true, true)
60
61			@pagy, @recordings = pagy_array(recs)
62			end
63
64			# GET /admins/rooms
65			def server_rooms
66			@search = params[:search] \|\| ""
67			@order_column = params[:column] && params[:direction] != "none" ? params[:column] : "created_at"
68			@order_direction = params[:direction] && params[:direction] != "none" ? params[:direction] : "DESC"
69
70			server_rooms = if Rails.configuration.loadbalanced_configuration
71			Room.includes(:owner).where(users: { provider: @user_domain })
72			.admins_search(@search)
73			.admins_order(@order_column, @order_direction)
74			else
75			Room.all.admins_search(@search).admins_order(@order_column, @order_direction)
76			end
77
78			@pagy, @rooms = pagy_array(server_rooms)
79			end
80
81			# MANAGE USERS
82
83			# GET /admins/edit/:user_uid
84			def edit_user
85			end
86
87			# POST /admins/ban/:user_uid
88			def ban_user
89			@user.roles = []
90			@user.add_role :denied
91			redirect_to admins_path, flash: { success: I18n.t("administrator.flash.banned") }
92			end
93
94			# POST /admins/unban/:user_uid
95			def unban_user
96			@user.remove_role :denied
97			@user.add_role :user
98			redirect_to admins_path, flash: { success: I18n.t("administrator.flash.unbanned") }
99			end
100
101			# POST /admins/approve/:user_uid
102			def approve
103			@user.remove_role :pending
104
105			send_user_approved_email(@user)
106
107			redirect_to admins_path, flash: { success: I18n.t("administrator.flash.approved") }
108			end
109
110			# POST /admins/approve/:user_uid
111			def undelete
112			# Undelete the user and all of his rooms
113			@user.undelete!
114			@user.rooms.deleted.each(&:undelete!)
115
116			redirect_to admins_path, flash: { success: I18n.t("administrator.flash.restored") }
117			end
118
119			# POST /admins/invite
120			def invite
121			emails = params[:invite_user][:email].split(",")
122
123			emails.each do \|email\|
124			invitation = create_or_update_invite(email)
125
126			send_invitation_email(current_user.name, email, invitation.invite_token)
127			end
128
129			redirect_to admins_path
130			end
131
132			# GET /admins/reset
133			def reset
134			@user.create_reset_digest
135
136			send_password_reset_email(@user)
137
138			redirect_to admins_path, flash: { success: I18n.t("administrator.flash.reset_password") }
139			end
140			# SITE SETTINGS
141
142			# POST /admins/update_settings
143			def update_settings
144			@settings.update_value(params[:setting], params[:value])
145
146			flash_message = I18n.t("administrator.flash.settings")
147
148			if params[:value] == "Default Recording Visibility"
149			flash_message += ". " + I18n.t("administrator.site_settings.recording_visibility.warning")
150			end
151
152			redirect_to admin_site_settings_path, flash: { success: flash_message }
153			end
154
155			# POST /admins/color
156			def coloring
157			@settings.update_value("Primary Color", params[:value])
158			@settings.update_value("Primary Color Lighten", color_lighten(params[:value]))
159			@settings.update_value("Primary Color Darken", color_darken(params[:value]))
160			redirect_to admin_site_settings_path, flash: { success: I18n.t("administrator.flash.settings") }
161			end
162
163			# POST /admins/registration_method/:method
164			def registration_method
165			new_method = Rails.configuration.registration_methods[params[:value].to_sym]
166
167			# Only allow change to Join by Invitation if user has emails enabled
168			if !Rails.configuration.enable_email_verification && new_method == Rails.configuration.registration_methods[:invite]
169			redirect_to admin_site_settings_path,
170			flash: { alert: I18n.t("administrator.flash.invite_email_verification") }
171			else
172			@settings.update_value("Registration Method", new_method)
173			redirect_to admin_site_settings_path,
174			flash: { success: I18n.t("administrator.flash.registration_method_updated") }
175			end
176			end
177
178			# ROLES
179
180			# GET /admins/roles
181			def roles
182			@roles = all_roles(params[:selected_role])
183			end
184
185			# POST /admins/role
186			# This method creates a new role scoped to the users provider
187			def new_role
188			new_role = create_role(params[:role][:name])
189
190			return redirect_to admin_roles_path, flash: { alert: I18n.t("administrator.roles.invalid_create") } if new_role.nil?
191
192			redirect_to admin_roles_path(selected_role: new_role.id)
193			end
194
195			# PATCH /admin/roles/order
196			# This updates the priority of a site's roles
197			# Note: A lower priority role will always get used before a higher priority one
198			def change_role_order
199			unless update_priority(params[:role])
200			redirect_to admin_roles_path, flash: { alert: I18n.t("administrator.roles.invalid_order") }
201			end
202			end
203
204			# POST /admin/role/:role_id
205			# This method updates the permissions assigned to a role
206			def update_role
207			role = Role.find(params[:role_id])
208			flash[:alert] = I18n.t("administrator.roles.invalid_update") unless update_permissions(role)
209			redirect_to admin_roles_path(selected_role: role.id)
210			end
211
212			# DELETE admins/role/:role_id
213			# This deletes a role
214			def delete_role
215			role = Role.find(params[:role_id])
216
217			# Make sure no users are assigned to the role and the role isn't a reserved role
218			# before deleting
219			if role.users.count.positive?
220			flash[:alert] = I18n.t("administrator.roles.role_has_users", user_count: role.users.count)
221			return redirect_to admin_roles_path(selected_role: role.id)
222			elsif Role::RESERVED_ROLE_NAMES.include?(role) \|\| role.provider != @user_domain \|\|
223			role.priority <= current_user.highest_priority_role.priority
224			return redirect_to admin_roles_path(selected_role: role.id)
225			else
226			role.role_permissions.delete_all
227			role.delete
228			end
229
230			redirect_to admin_roles_path
231			end
232
233			private
234
235			def find_user
236			@user = User.where(uid: params[:user_uid]).includes(:roles).first
237			end
238
239			def find_deleted_user
240			@user = User.deleted.where(uid: params[:user_uid]).includes(:roles).first
241			end
242
243			# Verifies that admin is an administrator of the user in the action
244			def verify_admin_of_user
245			redirect_to admins_path,
246			flash: { alert: I18n.t("administrator.flash.unauthorized") } unless current_user.admin_of?(@user)
247			end
248
249			# Gets the list of users based on your configuration
250			def user_list
251			current_role = @role
252
253			initial_user = case @tab
254			when "active"
255			User.without_role(:pending).without_role(:denied)
256			when "deleted"
257			User.deleted
258			else
259			User
260			end
261
262			current_role = Role.find_by(name: @tab, provider: @user_domain) if @tab == "pending" \|\| @tab == "denied"
263
264			initial_list = if current_user.has_role? :super_admin
265			initial_user.where.not(id: current_user.id)
266			else
267			initial_user.without_role(:super_admin).where.not(id: current_user.id)
268			end
269
270			if Rails.configuration.loadbalanced_configuration
271			initial_list.where(provider: @user_domain)
272			.admins_search(@search, current_role)
273			.admins_order(@order_column, @order_direction)
274			else
275			initial_list.admins_search(@search, current_role)
276			.admins_order(@order_column, @order_direction)
277			end
278			end
279
280			# Creates the invite if it doesn't exist, or updates the updated_at time if it does
281			def create_or_update_invite(email)
282			invite = Invitation.find_by(email: email, provider: @user_domain)
283
284			# Invite already exists
285			if invite.present?
286			# Updates updated_at to now
287			invite.touch
288			else
289			# Creates invite
290			invite = Invitation.create(email: email, provider: @user_domain)
291			end
292
293			invite
294			end
295
296			# Get the room status to display in the Server Rooms table
297			def room_is_running(id)
298			room_running?(id)
299			end
300			helper_method :room_is_running
301			end
302

bigbluebutton / greenlight

GitHub Access Token became invalid

Pull Request — master (#848)

AdminsController.delete_role() A

Complexity

Size

Duplication

Importance

Duplication Side-by-Side

Filter issues like