UsersController.update_roles() - Code Metrics - Inspection of "GRN2-180: First stages of refactoring code for v2...." - bigbluebutton/greenlight - Measure and Improve Code Quality continuously with Scrutinizer

Completed

Push — v2.4-alpha ( 96ace3...b4736b )

by Ahmad

created 2019-08-19 15:28 UTC

UsersController.update_roles() B

↳ Parent: Project

Complexity

Conditions

Size

Total Lines

Duplication

Lines	0
Ratio	0 %

Importance

Changes

Metric	Value
cc	3
c	0
b	0
f	0
dl	0
loc	59
rs	8.3417

How to fix Long Method

# frozen_string_literal: true

# BigBlueButton open source conferencing system - http://www.bigbluebutton.org/.
#
# Copyright (c) 2018 BigBlueButton Inc. and by respective authors (see below).
#
# This program is free software; you can redistribute it and/or modify it under the
# terms of the GNU Lesser General Public License as published by the Free Software
# Foundation; either version 3.0 of the License, or (at your option) any later
# version.
#
# BigBlueButton is distributed in the hope that it will be useful, but WITHOUT ANY
# WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A
# PARTICULAR PURPOSE. See the GNU Lesser General Public License for more details.
#
# You should have received a copy of the GNU Lesser General Public License along
# with BigBlueButton; if not, see <http://www.gnu.org/licenses/>.

class UsersController < ApplicationController
  include Pagy::Backend
  include Authenticator
  include Emailer
  include Registrar
  include Recorder
  include Rolify

  before_action :find_user, only: [:edit, :change_password, :delete_account, :update, :destroy]
  before_action :ensure_unauthenticated, only: [:new, :create, :signin]
  before_action :check_admin_of, only: [:edit, :change_password, :delete_account]

  # POST /u
  def create
    # Verify that GreenLight is configured to allow user signup.
    return unless Rails.configuration.allow_user_signup

    @user = User.new(user_params)
    @user.provider = @user_domain

    # User or recpatcha is not valid
    render(:new) && return unless valid_user_or_captcha

    # Redirect to root if user token is either invalid or expired
    return redirect_to root_path, flash: { alert: I18n.t("registration.invite.fail") } unless passes_invite_reqs


    # User has passed all validations required
    @user.save

    logger.info "Support: #{@user.email} user has been created."

    # Set user to pending and redirect if Approval Registration is set
    if approval_registration
      @user.add_role :pending

      return redirect_to root_path,
        flash: { success: I18n.t("registration.approval.signup") } unless Rails.configuration.enable_email_verification
    end

    send_registration_email

    # Sign in automatically if email verification is disabled or if user is already verified.
    login(@user) && return if !Rails.configuration.enable_email_verification || @user.email_verified

    send_activation_email(@user)

    redirect_to root_path
  end

  # GET /signin
  def signin
    unless params[:old_twitter_user_id].nil? && session[:old_twitter_user_id].nil?

      flash[:alert] = I18n.t("registration.deprecated.new_signin")
      session[:old_twitter_user_id] = params[:old_twitter_user_id] unless params[:old_twitter_user_id].nil?
    end

    providers = configured_providers
    if (!allow_user_signup? || !allow_greenlight_accounts?) && providers.count == 1 &&
       !Rails.configuration.loadbalanced_configuration
      provider_path = if Rails.configuration.omniauth_ldap
        ldap_signin_path
      else
        "#{Rails.configuration.relative_url_root}/auth/#{providers.first}"
      end

      return redirect_to provider_path
    end
  end

  # GET /ldap_signin
  def ldap_signin
  end

  # GET /signup
  def new
    return redirect_to root_path unless Rails.configuration.allow_user_signup

    # Check if the user needs to be invited
    if invite_registration
      redirect_to root_path, flash: { alert: I18n.t("registration.invite.no_invite") } unless params[:invite_token]

      session[:invite_token] = params[:invite_token]
    end

    unless params[:old_twitter_user_id].nil? && session[:old_twitter_user_id].nil?

      logout
      flash.now[:alert] = I18n.t("registration.deprecated.new_signin")
      session[:old_twitter_user_id] = params[:old_twitter_user_id] unless params[:old_twitter_user_id].nil?
    end

    @user = User.new
  end

  # GET /u/:user_uid/edit
  def edit
    redirect_to root_path unless current_user
  end

  # GET /u/:user_uid/change_password
  def change_password
  end

  # GET /u/:user_uid/delete_account
  def delete_account
  end

  # PATCH /u/:user_uid/edit
  def update
    redirect_path = current_user.admin_of?(@user) ? admins_path : edit_user_path(@user)

    if params[:setting] == "password"
      # Update the users password.
      errors = {}

      if @user.authenticate(user_params[:password])
        # Verify that the new passwords match.
        if user_params[:new_password] == user_params[:password_confirmation]
          @user.password = user_params[:new_password]
        else
          # New passwords don't match.
          errors[:password_confirmation] = "doesn't match"
        end
      else
        # Original password is incorrect, can't update.
        errors[:password] = "is incorrect"
      end

      if errors.empty? && @user.save
        # Notify the user that their account has been updated.
        redirect_to redirect_path, flash: { success: I18n.t("info_update_success") }
      else
        # Append custom errors.
        errors.each { |k, v| @user.errors.add(k, v) }
        render :edit, params: { settings: params[:settings] }
      end
    else
      if @user.update_attributes(user_params)
        @user.update_attributes(email_verified: false) if user_params[:email] != @user.email

        user_locale(@user)

        if update_roles(params[:user][:role_ids])
          return redirect_to redirect_path, flash: { success: I18n.t("info_update_success") }
        else
          flash[:alert] = I18n.t("administrator.roles.invalid_assignment")
        end
      end

      render :edit, params: { settings: params[:settings] }
    end
  end

  # DELETE /u/:user_uid
  def destroy
    logger.info "Support: #{current_user.email} is deleting #{@user.email}."

    if current_user && current_user == @user
      @user.destroy
      session.delete(:user_id)
    elsif current_user.admin_of?(@user)
      begin
        @user.destroy
      rescue => e
        logger.error "Support: Error in user deletion: #{e}"
        flash[:alert] = I18n.t(params[:message], default: I18n.t("administrator.flash.delete_fail"))
      else
        flash[:success] = I18n.t("administrator.flash.delete")
      end
      redirect_to(admins_path) && return
    end
    redirect_to root_path
  end

  # GET /u/:user_uid/recordings
  def recordings
    if current_user && current_user.uid == params[:user_uid]
      @search, @order_column, @order_direction, recs =
        all_recordings(current_user.rooms.pluck(:bbb_id), params.permit(:search, :column, :direction), true)
      @pagy, @recordings = pagy_array(recs)
    else
      redirect_to root_path
    end
  end

  # GET | POST /terms
  def terms
    redirect_to '/404' unless Rails.configuration.terms

    if params[:accept] == "true"
      current_user.update_attributes(accepted_terms: true)
      login(current_user)
    end
  end

  private

  def find_user
    @user = User.where(uid: params[:user_uid]).includes(:roles).first
  end

  def ensure_unauthenticated
    redirect_to current_user.main_room if current_user && params[:old_twitter_user_id].nil?
  end

  def user_params
    params.require(:user).permit(:name, :email, :image, :password, :password_confirmation,
      :new_password, :provider, :accepted_terms, :language)
  end

  def send_registration_email
    if invite_registration
      send_invite_user_signup_email(@user)
    elsif approval_registration
      send_approval_user_signup_email(@user)
    end
  end

  # Add validation errors to model if they exist
  def valid_user_or_captcha
    valid_user = @user.valid?
    valid_captcha = Rails.configuration.recaptcha_enabled ? verify_recaptcha(model: @user) : true

    logger.error("Support: #{@user.email} creation failed: User params are not valid.") unless valid_user

    valid_user && valid_captcha
  end

  # Checks if the user passes the requirements to be invited
  def passes_invite_reqs
    # check if user needs to be invited and IS invited
    invitation = check_user_invited(@user.email, session[:invite_token], @user_domain)

    @user.email_verified = true if invitation[:verified]

    invitation[:present]
  end

  # Checks that the user is allowed to edit this user
  def check_admin_of
    redirect_to current_user.main_room if current_user && @user != current_user && !current_user.admin_of?(@user)
  end
end


1		# frozen_string_literal: true
2
3		# BigBlueButton open source conferencing system - http://www.bigbluebutton.org/.
4		#
5		# Copyright (c) 2018 BigBlueButton Inc. and by respective authors (see below).
6		#
7		# This program is free software; you can redistribute it and/or modify it under the
8		# terms of the GNU Lesser General Public License as published by the Free Software
9		# Foundation; either version 3.0 of the License, or (at your option) any later
10		# version.
11		#
12		# BigBlueButton is distributed in the hope that it will be useful, but WITHOUT ANY
13		# WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A
14		# PARTICULAR PURPOSE. See the GNU Lesser General Public License for more details.
15		#
16		# You should have received a copy of the GNU Lesser General Public License along
17		# with BigBlueButton; if not, see <http://www.gnu.org/licenses/>.
18
19		class UsersController < ApplicationController
20		include Pagy::Backend
21		include Authenticator
22		include Emailer
23		include Registrar
24		include Recorder
25		include Rolify
26
27		before_action :find_user, only: [:edit, :change_password, :delete_account, :update, :destroy]
28		before_action :ensure_unauthenticated, only: [:new, :create, :signin]
29		before_action :check_admin_of, only: [:edit, :change_password, :delete_account]
30
31		# POST /u
32		def create
33		# Verify that GreenLight is configured to allow user signup.
34		return unless Rails.configuration.allow_user_signup
35
36		@user = User.new(user_params)
37		@user.provider = @user_domain
38
39		# User or recpatcha is not valid
40		render(:new) && return unless valid_user_or_captcha
41
42		# Redirect to root if user token is either invalid or expired
43	View Code Duplication	return redirect_to root_path, flash: { alert: I18n.t("registration.invite.fail") } unless passes_invite_reqs
		0 ignored issues – show Duplication introduced 2019-05-16 21:00 UTC by Report Bug Copy Issue Report This code seems to be duplicated in your project. Loading history...
44
45		# User has passed all validations required
46		@user.save
47
48		logger.info "Support: #{@user.email} user has been created."
49
50		# Set user to pending and redirect if Approval Registration is set
51		if approval_registration
52		@user.add_role :pending
53
54		return redirect_to root_path,
55		flash: { success: I18n.t("registration.approval.signup") } unless Rails.configuration.enable_email_verification
56		end
57
58		send_registration_email
59
60		# Sign in automatically if email verification is disabled or if user is already verified.
61		login(@user) && return if !Rails.configuration.enable_email_verification \|\| @user.email_verified
62
63		send_activation_email(@user)
64
65		redirect_to root_path
66		end
67
68		# GET /signin
69		def signin
70	View Code Duplication	unless params[:old_twitter_user_id].nil? && session[:old_twitter_user_id].nil?
		0 ignored issues – show Duplication introduced 2019-07-10 16:06 UTC by Report Bug Copy Issue Report This code seems to be duplicated in your project. Loading history...
71		flash[:alert] = I18n.t("registration.deprecated.new_signin")
72		session[:old_twitter_user_id] = params[:old_twitter_user_id] unless params[:old_twitter_user_id].nil?
73		end
74
75		providers = configured_providers
76		if (!allow_user_signup? \|\| !allow_greenlight_accounts?) && providers.count == 1 &&
77		!Rails.configuration.loadbalanced_configuration
78		provider_path = if Rails.configuration.omniauth_ldap
79		ldap_signin_path
80		else
81		"#{Rails.configuration.relative_url_root}/auth/#{providers.first}"
82		end
83
84		return redirect_to provider_path
85		end
86		end
87
88		# GET /ldap_signin
89		def ldap_signin
90		end
91
92		# GET /signup
93		def new
94		return redirect_to root_path unless Rails.configuration.allow_user_signup
95
96		# Check if the user needs to be invited
97		if invite_registration
98		redirect_to root_path, flash: { alert: I18n.t("registration.invite.no_invite") } unless params[:invite_token]
99
100		session[:invite_token] = params[:invite_token]
101		end
102
103	View Code Duplication	unless params[:old_twitter_user_id].nil? && session[:old_twitter_user_id].nil?
		0 ignored issues – show Duplication introduced 2019-07-10 16:06 UTC by Report Bug Copy Issue Report This code seems to be duplicated in your project. Loading history...
104		logout
105		flash.now[:alert] = I18n.t("registration.deprecated.new_signin")
106		session[:old_twitter_user_id] = params[:old_twitter_user_id] unless params[:old_twitter_user_id].nil?
107		end
108
109		@user = User.new
110		end
111
112		# GET /u/:user_uid/edit
113		def edit
114		redirect_to root_path unless current_user
115		end
116
117		# GET /u/:user_uid/change_password
118		def change_password
119		end
120
121		# GET /u/:user_uid/delete_account
122		def delete_account
123		end
124
125		# PATCH /u/:user_uid/edit
126		def update
127		redirect_path = current_user.admin_of?(@user) ? admins_path : edit_user_path(@user)
128
129		if params[:setting] == "password"
130		# Update the users password.
131		errors = {}
132
133		if @user.authenticate(user_params[:password])
134		# Verify that the new passwords match.
135		if user_params[:new_password] == user_params[:password_confirmation]
136		@user.password = user_params[:new_password]
137		else
138		# New passwords don't match.
139		errors[:password_confirmation] = "doesn't match"
140		end
141		else
142		# Original password is incorrect, can't update.
143		errors[:password] = "is incorrect"
144		end
145
146		if errors.empty? && @user.save
147		# Notify the user that their account has been updated.
148		redirect_to redirect_path, flash: { success: I18n.t("info_update_success") }
149		else
150		# Append custom errors.
151		errors.each { \|k, v\| @user.errors.add(k, v) }
152		render :edit, params: { settings: params[:settings] }
153		end
154		else
155		if @user.update_attributes(user_params)
156		@user.update_attributes(email_verified: false) if user_params[:email] != @user.email
157
158		user_locale(@user)
159
160		if update_roles(params[:user][:role_ids])
161		return redirect_to redirect_path, flash: { success: I18n.t("info_update_success") }
162		else
163		flash[:alert] = I18n.t("administrator.roles.invalid_assignment")
164		end
165		end
166
167		render :edit, params: { settings: params[:settings] }
168		end
169		end
170
171		# DELETE /u/:user_uid
172		def destroy
173		logger.info "Support: #{current_user.email} is deleting #{@user.email}."
174
175		if current_user && current_user == @user
176		@user.destroy
177		session.delete(:user_id)
178		elsif current_user.admin_of?(@user)
179		begin
180		@user.destroy
181		rescue => e
182		logger.error "Support: Error in user deletion: #{e}"
183		flash[:alert] = I18n.t(params[:message], default: I18n.t("administrator.flash.delete_fail"))
184		else
185		flash[:success] = I18n.t("administrator.flash.delete")
186		end
187		redirect_to(admins_path) && return
188		end
189		redirect_to root_path
190		end
191
192		# GET /u/:user_uid/recordings
193		def recordings
194		if current_user && current_user.uid == params[:user_uid]
195		@search, @order_column, @order_direction, recs =
196		all_recordings(current_user.rooms.pluck(:bbb_id), params.permit(:search, :column, :direction), true)
197		@pagy, @recordings = pagy_array(recs)
198		else
199		redirect_to root_path
200		end
201		end
202
203		# GET \| POST /terms
204		def terms
205		redirect_to '/404' unless Rails.configuration.terms
206
207		if params[:accept] == "true"
208		current_user.update_attributes(accepted_terms: true)
209		login(current_user)
210		end
211		end
212
213		private
214
215		def find_user
216		@user = User.where(uid: params[:user_uid]).includes(:roles).first
217		end
218
219		def ensure_unauthenticated
220		redirect_to current_user.main_room if current_user && params[:old_twitter_user_id].nil?
221		end
222
223		def user_params
224		params.require(:user).permit(:name, :email, :image, :password, :password_confirmation,
225		:new_password, :provider, :accepted_terms, :language)
226		end
227
228		def send_registration_email
229		if invite_registration
230		send_invite_user_signup_email(@user)
231		elsif approval_registration
232		send_approval_user_signup_email(@user)
233		end
234		end
235
236		# Add validation errors to model if they exist
237		def valid_user_or_captcha
238		valid_user = @user.valid?
239		valid_captcha = Rails.configuration.recaptcha_enabled ? verify_recaptcha(model: @user) : true
240
241		logger.error("Support: #{@user.email} creation failed: User params are not valid.") unless valid_user
242
243		valid_user && valid_captcha
244		end
245
246		# Checks if the user passes the requirements to be invited
247		def passes_invite_reqs
248		# check if user needs to be invited and IS invited
249		invitation = check_user_invited(@user.email, session[:invite_token], @user_domain)
250
251		@user.email_verified = true if invitation[:verified]
252
253		invitation[:present]
254		end
255
256		# Checks that the user is allowed to edit this user
257		def check_admin_of
258		redirect_to current_user.main_room if current_user && @user != current_user && !current_user.admin_of?(@user)
259		end
260		end
261

bigbluebutton / greenlight

GitHub Access Token became invalid

Push — v2.4-alpha ( 96ace3...b4736b )

UsersController.update_roles() B

Complexity

Size

Duplication

Importance

How to fix Long Method

Long Method

Duplication Side-by-Side

Filter issues like