GitHub Access Token became invalid

It seems like the GitHub access token used for retrieving details about this repository from GitHub became invalid. This might prevent certain types of inspections from being run (in particular, everything related to pull requests).
Please ask an admin of your repository to re-new the access token on this website.
Completed
Push — v2.4-alpha ( acb141...84c1dc )
by Ahmad
04:48
created

SessionsController.session_params()   A

Complexity

Conditions 1

Size

Total Lines 3

Duplication

Lines 0
Ratio 0 %

Importance

Changes 1
Bugs 0 Features 0
Metric Value
cc 1
c 1
b 0
f 0
dl 0
loc 3
rs 10
1
# frozen_string_literal: true
2
3
# BigBlueButton open source conferencing system - http://www.bigbluebutton.org/.
4
#
5
# Copyright (c) 2018 BigBlueButton Inc. and by respective authors (see below).
6
#
7
# This program is free software; you can redistribute it and/or modify it under the
8
# terms of the GNU Lesser General Public License as published by the Free Software
9
# Foundation; either version 3.0 of the License, or (at your option) any later
10
# version.
11
#
12
# BigBlueButton is distributed in the hope that it will be useful, but WITHOUT ANY
13
# WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A
14
# PARTICULAR PURPOSE. See the GNU Lesser General Public License for more details.
15
#
16
# You should have received a copy of the GNU Lesser General Public License along
17
# with BigBlueButton; if not, see <http://www.gnu.org/licenses/>.
18
19
class SessionsController < ApplicationController
20
  include Authenticator
21
  include Registrar
22
  include Emailer
23
  include LdapAuthenticator
24
25
  skip_before_action :verify_authenticity_token, only: [:omniauth, :fail]
26
  before_action :check_user_signup_allowed, only: [:new]
27
  before_action :ensure_unauthenticated_except_twitter, only: [:new, :signin]
28
29
  # GET /signin
30
  def signin
31
    check_if_twitter_account
32
33
    providers = configured_providers
34
    if one_provider
35
      provider_path = if Rails.configuration.omniauth_ldap
36
        ldap_signin_path
37
      else
38
        "#{Rails.configuration.relative_url_root}/auth/#{providers.first}"
39
      end
40
41
      return redirect_to provider_path
42
    end
43
  end
44
45
  # GET /ldap_signin
46
  def ldap_signin
47
  end
48
49
  # GET /signup
50
  def new
51
    # Check if the user needs to be invited
52
    if invite_registration
53
      redirect_to root_path, flash: { alert: I18n.t("registration.invite.no_invite") } unless params[:invite_token]
54
55
      session[:invite_token] = params[:invite_token]
56
    end
57
58
    check_if_twitter_account(true)
59
60
    @user = User.new
61
  end
62
63
  # POST /users/login
64
  def create
65
    logger.info "Support: #{session_params[:email]} is attempting to login."
66
67
    admin = User.find_by(email: session_params[:email])
68
    if admin&.has_role? :super_admin
69
      user = admin
70
    else
71
      user = User.find_by(email: session_params[:email], provider: @user_domain)
72
      redirect_to(signin_path, alert: I18n.t("invalid_credentials")) && return unless user
73
      redirect_to(root_path, alert: I18n.t("invalid_login_method")) && return unless user.greenlight_account?
74
      redirect_to(account_activation_path(email: user.email)) && return unless user.activated?
75
    end
76
    redirect_to(signin_path, alert: I18n.t("invalid_credentials")) && return unless user.try(:authenticate,
77
      session_params[:password])
78
79
    login(user)
80
  end
81
82
  # GET /users/logout
83
  def destroy
84
    logout
85
    redirect_to root_path
86
  end
87
88
  # GET/POST /auth/:provider/callback
89
  def omniauth
90
    @auth = request.env['omniauth.auth']
91
92
    begin
93
      process_signin
94
    rescue => e
95
      logger.error "Error authenticating via omniauth: #{e}"
96
      omniauth_fail
97
    end
98
  end
99
100
  # POST /auth/failure
101
  def omniauth_fail
102
    if params[:message].nil?
103
      redirect_to root_path, alert: I18n.t("omniauth_error")
104
    else
105
      redirect_to root_path, alert: I18n.t("omniauth_specific_error", error: params["message"])
106
    end
107
  end
108
109
  # GET /auth/ldap
110
  def ldap
111
    ldap_config = {}
112
    ldap_config[:host] = ENV['LDAP_SERVER']
113
    ldap_config[:port] = ENV['LDAP_PORT'].to_i != 0 ? ENV['LDAP_PORT'].to_i : 389
114
    ldap_config[:bind_dn] = ENV['LDAP_BIND_DN']
115
    ldap_config[:password] = ENV['LDAP_PASSWORD']
116
    ldap_config[:encryption] = if ENV['LDAP_METHOD'] == 'ssl'
117
                                    'simple_tls'
118
                                elsif ENV['LDAP_METHOD'] == 'tls'
119
                                    'start_tls'
120
                                end
121
    ldap_config[:base] = ENV['LDAP_BASE']
122
    ldap_config[:uid] = ENV['LDAP_UID']
123
124
    result = send_ldap_request(params[:session], ldap_config)
125
126
    return redirect_to(ldap_signin_path, alert: I18n.t("invalid_credentials")) unless result
127
128
    @auth = parse_auth(result.first, ENV['LDAP_ROLE_FIELD'])
129
130
    begin
131
      process_signin
132
    rescue => e
133
      logger.error "Support: Error authenticating via omniauth: #{e}"
134
      omniauth_fail
135
    end
136
  end
137
138
  private
139
140
  # Verify that GreenLight is configured to allow user signup.
141
  def check_user_signup_allowed
142
    redirect_to root_path unless Rails.configuration.allow_user_signup
143
  end
144
145
  def session_params
146
    params.require(:session).permit(:email, :password)
147
  end
148
149
  def one_provider
150
    (!allow_user_signup? || !allow_greenlight_accounts?) && providers.count == 1 &&
151
      !Rails.configuration.loadbalanced_configuration
152
  end
153
154
  def check_user_exists
155
    provider = @auth['provider'] == "bn_launcher" ? @auth['info']['customer'] : @auth['provider']
156
    User.exists?(social_uid: @auth['uid'], provider: provider)
157
  end
158
159
  # Check if the user already exists, if not then check for invitation
160
  def passes_invite_reqs
161
    return true if @user_exists
162
163
    invitation = check_user_invited("", session[:invite_token], @user_domain)
164
    invitation[:present]
165
  end
166
167
  def process_signin
168
    @user_exists = check_user_exists
169
170
    if !@user_exists && @auth['provider'] == "twitter"
171
      return redirect_to root_path, flash: { alert: I18n.t("registration.deprecated.twitter_signup") }
172
    end
173
174
    # If using invitation registration method, make sure user is invited
175 View Code Duplication
    return redirect_to root_path, flash: { alert: I18n.t("registration.invite.no_invite") } unless passes_invite_reqs
0 ignored issues
show
Duplication introduced by
This code seems to be duplicated in your project.
Loading history...
176
177
    user = User.from_omniauth(@auth)
178
179
    logger.info "Support: Auth user #{user.email} is attempting to login."
180
181
    # Add pending role if approval method and is a new user
182
    if approval_registration && !@user_exists
183
      user.add_role :pending
184
185
      # Inform admins that a user signed up if emails are turned on
186
      send_approval_user_signup_email(user)
187
188
      return redirect_to root_path, flash: { success: I18n.t("registration.approval.signup") }
189
    end
190
191
    send_invite_user_signup_email(user) if invite_registration && !@user_exists
192
193
    login(user)
194
195
    if @auth['provider'] == "twitter"
196
      flash[:alert] = if allow_user_signup? && allow_greenlight_accounts?
197
        I18n.t("registration.deprecated.twitter_signin", link: signup_path(old_twitter_user_id: user.id))
198
      else
199
        I18n.t("registration.deprecated.twitter_signin", link: signin_path(old_twitter_user_id: user.id))
200
      end
201
    end
202
  end
203
end
204