GitHub Access Token became invalid

It seems like the GitHub access token used for retrieving details about this repository from GitHub became invalid. This might prevent certain types of inspections from being run (in particular, everything related to pull requests).
Please ask an admin of your repository to re-new the access token on this website.
Passed
Push — master ( 177bf4...9ddc05 )
by Jesus
04:17
created

ApplicationController.check_admin_password()   A

Complexity

Conditions 5

Size

Total Lines 8

Duplication

Lines 0
Ratio 0 %

Importance

Changes 0
Metric Value
cc 5
dl 0
loc 8
rs 9.3333
c 0
b 0
f 0
1
# frozen_string_literal: true
2
3
# BigBlueButton open source conferencing system - http://www.bigbluebutton.org/.
4
#
5
# Copyright (c) 2018 BigBlueButton Inc. and by respective authors (see below).
6
#
7
# This program is free software; you can redistribute it and/or modify it under the
8
# terms of the GNU Lesser General Public License as published by the Free Software
9
# Foundation; either version 3.0 of the License, or (at your option) any later
10
# version.
11
#
12
# BigBlueButton is distributed in the hope that it will be useful, but WITHOUT ANY
13
# WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A
14
# PARTICULAR PURPOSE. See the GNU Lesser General Public License for more details.
15
#
16
# You should have received a copy of the GNU Lesser General Public License along
17
# with BigBlueButton; if not, see <http://www.gnu.org/licenses/>.
18
19
require 'bigbluebutton_api'
20
21
class ApplicationController < ActionController::Base
22
  include ApplicationHelper
23
  include SessionsHelper
24
  include ThemingHelper
25
26
  # Force SSL for loadbalancer configurations.
27
  before_action :redirect_to_https
28
29
  before_action :set_user_domain
30
  before_action :maintenance_mode?
31
  before_action :migration_error?
32
  before_action :set_locale
33
  before_action :check_admin_password
34
  before_action :check_user_role
35
36
  # Manually handle BigBlueButton errors
37
  rescue_from BigBlueButton::BigBlueButtonException, with: :handle_bigbluebutton_error
38
39
  protect_from_forgery with: :exception
40
41
  MEETING_NAME_LIMIT = 90
42
  USER_NAME_LIMIT = 32
43
44
  # Include user domain in lograge logs
45
  def append_info_to_payload(payload)
46
    super
47
    payload[:host] = @user_domain
48
  end
49
50
  # Show an information page when migration fails and there is a version error.
51
  def migration_error?
52
    render :migration_error unless ENV["DB_MIGRATE_FAILED"].blank?
53
  end
54
55
  def maintenance_mode?
56
    if Rails.configuration.maintenance_mode
57
      render "errors/greenlight_error", status: 503, formats: :html,
58
        locals: {
59
          status_code: 503,
60
          message: I18n.t("errors.maintenance.message"),
61
          help: I18n.t("errors.maintenance.help"),
62
        }
63
    end
64
    if Rails.configuration.maintenance_window.present?
65
      unless cookies[:maintenance_window] == Rails.configuration.maintenance_window
66
        flash.now[:maintenance] = I18n.t("maintenance.window_alert", date: Rails.configuration.maintenance_window)
67
      end
68
    end
69
  end
70
71
  # Sets the appropriate locale.
72
  def set_locale
73
    update_locale(current_user)
74
  end
75
76
  def update_locale(user)
77
    locale = if user && user.language != 'default'
78
      user.language
79
    else
80
      http_accept_language.language_region_compatible_from(I18n.available_locales)
81
    end
82
    I18n.locale = locale.tr('-', '_') unless locale.nil?
83
  end
84
85
  def meeting_name_limit
86
    MEETING_NAME_LIMIT
87
  end
88
  helper_method :meeting_name_limit
89
90
  def user_name_limit
91
    USER_NAME_LIMIT
92
  end
93
  helper_method :user_name_limit
94
95
  # Relative root helper (when deploying to subdirectory).
96
  def relative_root
97
    Rails.configuration.relative_url_root || ""
98
  end
99
  helper_method :relative_root
100
101
  # Determines if the BigBlueButton endpoint is configured (or set to default).
102
  def bigbluebutton_endpoint_default?
103
    return false if Rails.configuration.loadbalanced_configuration
104
    Rails.configuration.bigbluebutton_endpoint_default == Rails.configuration.bigbluebutton_endpoint
105
  end
106
  helper_method :bigbluebutton_endpoint_default?
107
108
  def recording_thumbnails?
109
    Rails.configuration.recording_thumbnails
110
  end
111
  helper_method :recording_thumbnails?
112
113
  def allow_greenlight_users?
114
    allow_greenlight_accounts?
115
  end
116
  helper_method :allow_greenlight_users?
117
118
  # Determines if a form field needs the is-invalid class.
119
  def form_is_invalid?(obj, key)
120
    'is-invalid' unless obj.errors.messages[key].empty?
121
  end
122
  helper_method :form_is_invalid?
123
124
  # Default, unconfigured meeting options.
125
  def default_meeting_options
126
    invite_msg = I18n.t("invite_message")
127
    {
128
      user_is_moderator: false,
129
      meeting_logout_url: request.base_url + logout_room_path(@room),
130
      meeting_recorded: true,
131
      moderator_message: "#{invite_msg}\n\n#{request.base_url + room_path(@room)}",
132
      host: request.host,
133
      recording_default_visibility: Setting.find_or_create_by!(provider: user_settings_provider)
134
                                           .get_value("Default Recording Visibility") == "public"
135
    }
136
  end
137
138
  # Manually deal with 401 errors
139
  rescue_from CanCan::AccessDenied do |_exception|
140
    render "errors/greenlight_error"
141
  end
142
143
  # Checks to make sure that the admin has changed his password from the default
144
  def check_admin_password
145
    if current_user&.has_role?(:admin) && current_user.email == "[email protected]" &&
146
       current_user&.greenlight_account? && current_user&.authenticate(Rails.configuration.admin_password_default)
147
148
      flash.now[:alert] = I18n.t("default_admin",
149
        edit_link: edit_user_path(user_uid: current_user.uid) + "?setting=password").html_safe
150
    end
151
  end
152
153
  def redirect_to_https
154
    if Rails.configuration.loadbalanced_configuration && request.headers["X-Forwarded-Proto"] == "http"
155
      redirect_to protocol: "https://"
156
    end
157
  end
158
159
  def set_user_domain
160
    if Rails.env.test? || !Rails.configuration.loadbalanced_configuration
161
      @user_domain = "greenlight"
162
    else
163
      @user_domain = parse_user_domain(request.host)
164
165
      check_provider_exists
166
    end
167
  end
168
  helper_method :set_user_domain
169
170
  # Checks if the user is banned and logs him out if he is
171
  def check_user_role
172
    if current_user&.has_role? :denied
173
      session.delete(:user_id)
174
      redirect_to root_path, flash: { alert: I18n.t("registration.banned.fail") }
175
    elsif current_user&.has_role? :pending
176
      session.delete(:user_id)
177
      redirect_to root_path, flash: { alert: I18n.t("registration.approval.fail") }
178
    end
179
  end
180
  helper_method :check_user_role
181
182
  # Manually Handle BigBlueButton errors
183
  def handle_bigbluebutton_error
184
    render "errors/bigbluebutton_error"
185
  end
186
187
  private
188
189
  def check_provider_exists
190
    # Checks to see if the user exists
191
    begin
192
      # Check if the session has already checked that the user exists
193
      # and return true if they did for this domain
194
      return if session[:provider_exists] == @user_domain
195
196
      retrieve_provider_info(@user_domain, 'api2', 'getUserGreenlightCredentials')
197
198
      # Add a session variable if the provider exists
199
      session[:provider_exists] = @user_domain
200
    rescue => e
201
      # Use the default site settings
202
      @user_domain = "greenlight"
203
204
      if e.message.eql? "No user with that id exists"
205
        render "errors/greenlight_error", locals: { message: I18n.t("errors.not_found.user_not_found.message"),
206
          help: I18n.t("errors.not_found.user_not_found.help") }
207
      elsif e.message.eql? "Provider not included."
208
        render "errors/greenlight_error", locals: { message: I18n.t("errors.not_found.user_missing.message"),
209
          help: I18n.t("errors.not_found.user_missing.help") }
210
      elsif e.message.eql? "That user has no configured provider."
211
        render "errors/greenlight_error", locals: { status_code: 501,
212
          message: I18n.t("errors.no_provider.message"),
213
          help: I18n.t("errors.no_provider.help") }
214
      else
215
        render "errors/greenlight_error", locals: { status_code: 500, message: I18n.t("errors.internal.message"),
216
          help: I18n.t("errors.internal.help"), display_back: true }
217
      end
218
    end
219
  end
220
end
221