| 1 |  |  | # frozen_string_literal: true | 
            
                                                                                                            
                            
            
                                    
            
            
                | 2 |  |  |  | 
            
                                                                                                            
                            
            
                                    
            
            
                | 3 |  |  | # BigBlueButton open source conferencing system - http://www.bigbluebutton.org/. | 
            
                                                                                                            
                            
            
                                    
            
            
                | 4 |  |  | # | 
            
                                                                                                            
                            
            
                                    
            
            
                | 5 |  |  | # Copyright (c) 2018 BigBlueButton Inc. and by respective authors (see below). | 
            
                                                                                                            
                            
            
                                    
            
            
                | 6 |  |  | # | 
            
                                                                                                            
                            
            
                                    
            
            
                | 7 |  |  | # This program is free software; you can redistribute it and/or modify it under the | 
            
                                                                                                            
                            
            
                                    
            
            
                | 8 |  |  | # terms of the GNU Lesser General Public License as published by the Free Software | 
            
                                                                                                            
                            
            
                                    
            
            
                | 9 |  |  | # Foundation; either version 3.0 of the License, or (at your option) any later | 
            
                                                                                                            
                            
            
                                    
            
            
                | 10 |  |  | # version. | 
            
                                                                                                            
                            
            
                                    
            
            
                | 11 |  |  | # | 
            
                                                                                                            
                            
            
                                    
            
            
                | 12 |  |  | # BigBlueButton is distributed in the hope that it will be useful, but WITHOUT ANY | 
            
                                                                                                            
                            
            
                                    
            
            
                | 13 |  |  | # WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A | 
            
                                                                                                            
                            
            
                                    
            
            
                | 14 |  |  | # PARTICULAR PURPOSE. See the GNU Lesser General Public License for more details. | 
            
                                                                                                            
                            
            
                                    
            
            
                | 15 |  |  | # | 
            
                                                                                                            
                            
            
                                    
            
            
                | 16 |  |  | # You should have received a copy of the GNU Lesser General Public License along | 
            
                                                                                                            
                            
            
                                    
            
            
                | 17 |  |  | # with BigBlueButton; if not, see <http://www.gnu.org/licenses/>. | 
            
                                                                                                            
                            
            
                                    
            
            
                | 18 |  |  |  | 
            
                                                                                                            
                            
            
                                    
            
            
                | 19 |  |  | class UsersController < ApplicationController | 
            
                                                                                                            
                            
            
                                    
            
            
                | 20 |  |  |   include Pagy::Backend | 
            
                                                                                                            
                            
            
                                    
            
            
                | 21 |  |  |   include Authenticator | 
            
                                                                                                            
                            
            
                                    
            
            
                | 22 |  |  |   include Emailer | 
            
                                                                                                            
                            
            
                                    
            
            
                | 23 |  |  |   include Registrar | 
            
                                                                                                            
                            
            
                                    
            
            
                | 24 |  |  |   include Recorder | 
            
                                                                                                            
                            
            
                                    
            
            
                | 25 |  |  |   include Rolify | 
            
                                                                                                            
                            
            
                                    
            
            
                | 26 |  |  |  | 
            
                                                                                                            
                            
            
                                    
            
            
                | 27 |  |  |   before_action :find_user, only: [:edit, :change_password, :delete_account, :update, :destroy] | 
            
                                                                                                            
                            
            
                                    
            
            
                | 28 |  |  |   before_action :ensure_unauthenticated_except_twitter, only: [:create] | 
            
                                                                                                            
                            
            
                                    
            
            
                | 29 |  |  |   before_action :check_user_signup_allowed, only: [:create] | 
            
                                                                                                            
                            
            
                                    
            
            
                | 30 |  |  |   before_action :check_admin_of, only: [:edit, :change_password, :delete_account] | 
            
                                                                                                            
                            
            
                                    
            
            
                | 31 |  |  |  | 
            
                                                                                                            
                            
            
                                    
            
            
                | 32 |  |  |   # POST /u | 
            
                                                                                                            
                            
            
                                    
            
            
                | 33 |  |  |   def create | 
            
                                                                                                            
                            
            
                                    
            
            
                | 34 |  |  |     @user = User.new(user_params) | 
            
                                                                                                            
                            
            
                                    
            
            
                | 35 |  |  |     @user.provider = @user_domain | 
            
                                                                                                            
                            
            
                                    
            
            
                | 36 |  |  |  | 
            
                                                                                                            
                            
            
                                    
            
            
                | 37 |  |  |     # User or recpatcha is not valid | 
            
                                                                                                            
                            
            
                                    
            
            
                | 38 |  |  |     render("sessions/new") && return unless valid_user_or_captcha | 
            
                                                                                                            
                            
            
                                    
            
            
                | 39 |  |  |  | 
            
                                                                                                            
                            
            
                                    
            
            
                | 40 |  |  |     # Redirect to root if user token is either invalid or expired | 
            
                                                                                                            
                            
            
                                                                    
                                                                                                        
            
            
                | 41 |  | View Code Duplication |     return redirect_to root_path, flash: { alert: I18n.t("registration.invite.fail") } unless passes_invite_reqs | 
                            
                    |  |  |  | 
                                                                                        
                                                                                     | 
            
                                                                                                            
                            
            
                                    
            
            
                | 42 |  |  |  | 
            
                                                                                                            
                            
            
                                    
            
            
                | 43 |  |  |     # User has passed all validations required | 
            
                                                                                                            
                            
            
                                    
            
            
                | 44 |  |  |     @user.save | 
            
                                                                                                            
                            
            
                                    
            
            
                | 45 |  |  |  | 
            
                                                                                                            
                            
            
                                    
            
            
                | 46 |  |  |     logger.info "Support: #{@user.email} user has been created." | 
            
                                                                                                            
                            
            
                                    
            
            
                | 47 |  |  |  | 
            
                                                                                                            
                            
            
                                    
            
            
                | 48 |  |  |     # Set user to pending and redirect if Approval Registration is set | 
            
                                                                                                            
                            
            
                                    
            
            
                | 49 |  |  |     if approval_registration | 
            
                                                                                                            
                            
            
                                    
            
            
                | 50 |  |  |       @user.add_role :pending | 
            
                                                                                                            
                            
            
                                    
            
            
                | 51 |  |  |  | 
            
                                                                                                            
                            
            
                                    
            
            
                | 52 |  |  |       return redirect_to root_path, | 
            
                                                                                                            
                            
            
                                    
            
            
                | 53 |  |  |         flash: { success: I18n.t("registration.approval.signup") } unless Rails.configuration.enable_email_verification | 
            
                                                                                                            
                            
            
                                    
            
            
                | 54 |  |  |     end | 
            
                                                                                                            
                            
            
                                    
            
            
                | 55 |  |  |  | 
            
                                                                                                            
                            
            
                                    
            
            
                | 56 |  |  |     send_registration_email | 
            
                                                                                                            
                            
            
                                    
            
            
                | 57 |  |  |  | 
            
                                                                                                            
                            
            
                                    
            
            
                | 58 |  |  |     # Sign in automatically if email verification is disabled or if user is already verified. | 
            
                                                                                                            
                            
            
                                    
            
            
                | 59 |  |  |     login(@user) && return if !Rails.configuration.enable_email_verification || @user.email_verified | 
            
                                                                                                            
                            
            
                                    
            
            
                | 60 |  |  |  | 
            
                                                                                                            
                            
            
                                    
            
            
                | 61 |  |  |     send_activation_email(@user) | 
            
                                                                                                            
                            
            
                                    
            
            
                | 62 |  |  |  | 
            
                                                                                                            
                            
            
                                    
            
            
                | 63 |  |  |     redirect_to root_path | 
            
                                                                                                            
                            
            
                                    
            
            
                | 64 |  |  |   end | 
            
                                                                                                            
                            
            
                                    
            
            
                | 65 |  |  |  | 
            
                                                                                                            
                            
            
                                    
            
            
                | 66 |  |  |   # GET /u/:user_uid/edit | 
            
                                                                                                            
                            
            
                                    
            
            
                | 67 |  |  |   def edit | 
            
                                                                                                            
                            
            
                                    
            
            
                | 68 |  |  |     redirect_to root_path unless current_user | 
            
                                                                                                            
                            
            
                                    
            
            
                | 69 |  |  |   end | 
            
                                                                                                            
                            
            
                                    
            
            
                | 70 |  |  |  | 
            
                                                                                                            
                            
            
                                    
            
            
                | 71 |  |  |   # GET /u/:user_uid/change_password | 
            
                                                                                                            
                            
            
                                    
            
            
                | 72 |  |  |   def change_password | 
            
                                                                                                            
                            
            
                                    
            
            
                | 73 |  |  |     redirect_to edit_user_path unless current_user.greenlight_account? | 
            
                                                                                                            
                            
            
                                    
            
            
                | 74 |  |  |   end | 
            
                                                                                                            
                            
            
                                    
            
            
                | 75 |  |  |  | 
            
                                                                                                            
                                                                
            
                                    
            
            
                | 76 |  |  |   # GET /u/:user_uid/delete_account | 
            
                                                                        
                            
            
                                    
            
            
                | 77 |  |  |   def delete_account | 
            
                                                                        
                            
            
                                    
            
            
                | 78 |  |  |   end | 
            
                                                                                                            
                            
            
                                    
            
            
                | 79 |  |  |  | 
            
                                                                                                            
                            
            
                                    
            
            
                | 80 |  |  |   # PATCH /u/:user_uid/edit | 
            
                                                                                                            
                            
            
                                    
            
            
                | 81 |  |  |   def update | 
            
                                                                                                            
                            
            
                                    
            
            
                | 82 |  |  |     profile = params[:setting] == "password" ? change_password_path(@user) : edit_user_path(@user) | 
            
                                                                                                            
                            
            
                                    
            
            
                | 83 |  |  |     redirect_path = current_user.admin_of?(@user) ? admins_path : profile | 
            
                                                                                                            
                            
            
                                    
            
            
                | 84 |  |  |  | 
            
                                                                                                            
                            
            
                                    
            
            
                | 85 |  |  |     if params[:setting] == "password" | 
            
                                                                                                            
                            
            
                                    
            
            
                | 86 |  |  |       # Update the users password. | 
            
                                                                                                            
                            
            
                                    
            
            
                | 87 |  |  |  | 
            
                                                                                                            
                            
            
                                    
            
            
                | 88 |  |  |       if @user.authenticate(user_params[:password]) | 
            
                                                                                                            
                            
            
                                    
            
            
                | 89 |  |  |         # Verify that the new passwords match. | 
            
                                                                                                            
                            
            
                                    
            
            
                | 90 |  |  |         if user_params[:new_password] == user_params[:password_confirmation] | 
            
                                                                                                            
                            
            
                                    
            
            
                | 91 |  |  |           @user.password = user_params[:new_password] | 
            
                                                                                                            
                            
            
                                    
            
            
                | 92 |  |  |         else | 
            
                                                                                                            
                            
            
                                    
            
            
                | 93 |  |  |           # New passwords don't match. | 
            
                                                                                                            
                            
            
                                    
            
            
                | 94 |  |  |           @user.errors.add(:password_confirmation, "doesn't match") | 
            
                                                                                                            
                            
            
                                    
            
            
                | 95 |  |  |         end | 
            
                                                                                                            
                            
            
                                    
            
            
                | 96 |  |  |       else | 
            
                                                                                                            
                            
            
                                    
            
            
                | 97 |  |  |         # Original password is incorrect, can't update. | 
            
                                                                                                            
                            
            
                                    
            
            
                | 98 |  |  |         @user.errors.add(:password, "is incorrect") | 
            
                                                                                                            
                            
            
                                    
            
            
                | 99 |  |  |       end | 
            
                                                                                                            
                            
            
                                    
            
            
                | 100 |  |  |  | 
            
                                                                                                            
                            
            
                                    
            
            
                | 101 |  |  |       # Notify the user that their account has been updated. | 
            
                                                                                                            
                            
            
                                    
            
            
                | 102 |  |  |       return redirect_to redirect_path, | 
            
                                                                                                            
                            
            
                                    
            
            
                | 103 |  |  |         flash: { success: I18n.t("info_update_success") } if @user.errors.empty? && @user.save | 
            
                                                                                                            
                            
            
                                    
            
            
                | 104 |  |  |  | 
            
                                                                                                            
                            
            
                                    
            
            
                | 105 |  |  |       render :change_password | 
            
                                                                                                            
                            
            
                                    
            
            
                | 106 |  |  |     else | 
            
                                                                                                            
                            
            
                                    
            
            
                | 107 |  |  |       if @user.update_attributes(user_params) | 
            
                                                                                                            
                            
            
                                    
            
            
                | 108 |  |  |         @user.update_attributes(email_verified: false) if user_params[:email] != @user.email | 
            
                                                                                                            
                            
            
                                    
            
            
                | 109 |  |  |  | 
            
                                                                                                            
                            
            
                                    
            
            
                | 110 |  |  |         user_locale(@user) | 
            
                                                                                                            
                            
            
                                    
            
            
                | 111 |  |  |  | 
            
                                                                                                            
                            
            
                                    
            
            
                | 112 |  |  |         if update_roles(params[:user][:role_ids]) | 
            
                                                                                                            
                            
            
                                    
            
            
                | 113 |  |  |           return redirect_to redirect_path, flash: { success: I18n.t("info_update_success") } | 
            
                                                                                                            
                            
            
                                    
            
            
                | 114 |  |  |         else | 
            
                                                                                                            
                            
            
                                    
            
            
                | 115 |  |  |           flash[:alert] = I18n.t("administrator.roles.invalid_assignment") | 
            
                                                                                                            
                            
            
                                    
            
            
                | 116 |  |  |         end | 
            
                                                                                                            
                            
            
                                    
            
            
                | 117 |  |  |       end | 
            
                                                                                                            
                            
            
                                    
            
            
                | 118 |  |  |  | 
            
                                                                                                            
                            
            
                                    
            
            
                | 119 |  |  |       render :edit | 
            
                                                                                                            
                            
            
                                    
            
            
                | 120 |  |  |     end | 
            
                                                                                                            
                            
            
                                    
            
            
                | 121 |  |  |   end | 
            
                                                                                                            
                            
            
                                    
            
            
                | 122 |  |  |  | 
            
                                                                                                            
                            
            
                                    
            
            
                | 123 |  |  |   # DELETE /u/:user_uid | 
            
                                                                                                            
                            
            
                                    
            
            
                | 124 |  |  |   def destroy | 
            
                                                                                                            
                            
            
                                    
            
            
                | 125 |  |  |     logger.info "Support: #{current_user.email} is deleting #{@user.email}." | 
            
                                                                                                            
                            
            
                                    
            
            
                | 126 |  |  |  | 
            
                                                                                                            
                            
            
                                    
            
            
                | 127 |  |  |     self_delete = current_user == @user | 
            
                                                                                                            
                            
            
                                    
            
            
                | 128 |  |  |     begin | 
            
                                                                                                            
                            
            
                                    
            
            
                | 129 |  |  |       if current_user && (self_delete || current_user.admin_of?(@user)) | 
            
                                                                                                            
                            
            
                                    
            
            
                | 130 |  |  |         @user.destroy | 
            
                                                                                                            
                            
            
                                    
            
            
                | 131 |  |  |         session.delete(:user_id) if self_delete | 
            
                                                                                                            
                            
            
                                    
            
            
                | 132 |  |  |  | 
            
                                                                                                            
                            
            
                                    
            
            
                | 133 |  |  |         return redirect_to admins_path, flash: { success: I18n.t("administrator.flash.delete") } unless self_delete | 
            
                                                                                                            
                            
            
                                    
            
            
                | 134 |  |  |       end | 
            
                                                                                                            
                            
            
                                    
            
            
                | 135 |  |  |     rescue => e | 
            
                                                                                                            
                            
            
                                    
            
            
                | 136 |  |  |       logger.error "Support: Error in user deletion: #{e}" | 
            
                                                                                                            
                            
            
                                    
            
            
                | 137 |  |  |       flash[:alert] = I18n.t(params[:message], default: I18n.t("administrator.flash.delete_fail")) | 
            
                                                                                                            
                            
            
                                    
            
            
                | 138 |  |  |     end | 
            
                                                                                                            
                            
            
                                    
            
            
                | 139 |  |  |  | 
            
                                                                                                            
                            
            
                                    
            
            
                | 140 |  |  |     redirect_to root_path | 
            
                                                                                                            
                            
            
                                    
            
            
                | 141 |  |  |   end | 
            
                                                                                                            
                            
            
                                    
            
            
                | 142 |  |  |  | 
            
                                                                                                            
                            
            
                                    
            
            
                | 143 |  |  |   # GET /u/:user_uid/recordings | 
            
                                                                                                            
                            
            
                                    
            
            
                | 144 |  |  |   def recordings | 
            
                                                                                                            
                            
            
                                    
            
            
                | 145 |  |  |     if current_user && current_user.uid == params[:user_uid] | 
            
                                                                                                            
                            
            
                                    
            
            
                | 146 |  |  |       @search, @order_column, @order_direction, recs = | 
            
                                                                                                            
                            
            
                                    
            
            
                | 147 |  |  |         all_recordings(current_user.rooms.pluck(:bbb_id), params.permit(:search, :column, :direction), true) | 
            
                                                                                                            
                            
            
                                    
            
            
                | 148 |  |  |       @pagy, @recordings = pagy_array(recs) | 
            
                                                                                                            
                            
            
                                    
            
            
                | 149 |  |  |     else | 
            
                                                                                                            
                            
            
                                    
            
            
                | 150 |  |  |       redirect_to root_path | 
            
                                                                                                            
                            
            
                                    
            
            
                | 151 |  |  |     end | 
            
                                                                                                            
                            
            
                                    
            
            
                | 152 |  |  |   end | 
            
                                                                                                            
                            
            
                                    
            
            
                | 153 |  |  |  | 
            
                                                                                                            
                            
            
                                    
            
            
                | 154 |  |  |   # GET | POST /terms | 
            
                                                                                                            
                            
            
                                    
            
            
                | 155 |  |  |   def terms | 
            
                                                                                                            
                            
            
                                    
            
            
                | 156 |  |  |     redirect_to '/404' unless Rails.configuration.terms | 
            
                                                                                                            
                            
            
                                    
            
            
                | 157 |  |  |  | 
            
                                                                                                            
                            
            
                                    
            
            
                | 158 |  |  |     if params[:accept] == "true" | 
            
                                                                                                            
                            
            
                                    
            
            
                | 159 |  |  |       current_user.update_attributes(accepted_terms: true) | 
            
                                                                                                            
                            
            
                                    
            
            
                | 160 |  |  |       login(current_user) | 
            
                                                                                                            
                            
            
                                    
            
            
                | 161 |  |  |     end | 
            
                                                                                                            
                            
            
                                    
            
            
                | 162 |  |  |   end | 
            
                                                                                                            
                            
            
                                    
            
            
                | 163 |  |  |  | 
            
                                                                                                            
                            
            
                                    
            
            
                | 164 |  |  |   private | 
            
                                                                                                            
                            
            
                                    
            
            
                | 165 |  |  |  | 
            
                                                                                                            
                            
            
                                    
            
            
                | 166 |  |  |   def find_user | 
            
                                                                                                            
                            
            
                                    
            
            
                | 167 |  |  |     @user = User.where(uid: params[:user_uid]).includes(:roles).first | 
            
                                                                                                            
                            
            
                                    
            
            
                | 168 |  |  |   end | 
            
                                                                                                            
                            
            
                                    
            
            
                | 169 |  |  |  | 
            
                                                                                                            
                            
            
                                    
            
            
                | 170 |  |  |   # Verify that GreenLight is configured to allow user signup. | 
            
                                                                                                            
                            
            
                                    
            
            
                | 171 |  |  |   def check_user_signup_allowed | 
            
                                                                                                            
                            
            
                                    
            
            
                | 172 |  |  |     redirect_to root_path unless Rails.configuration.allow_user_signup | 
            
                                                                                                            
                            
            
                                    
            
            
                | 173 |  |  |   end | 
            
                                                                                                            
                            
            
                                    
            
            
                | 174 |  |  |  | 
            
                                                                                                            
                            
            
                                    
            
            
                | 175 |  |  |   def user_params | 
            
                                                                                                            
                            
            
                                    
            
            
                | 176 |  |  |     params.require(:user).permit(:name, :email, :image, :password, :password_confirmation, | 
            
                                                                                                            
                            
            
                                    
            
            
                | 177 |  |  |       :new_password, :provider, :accepted_terms, :language) | 
            
                                                                                                            
                            
            
                                    
            
            
                | 178 |  |  |   end | 
            
                                                                                                            
                            
            
                                    
            
            
                | 179 |  |  |  | 
            
                                                                                                            
                            
            
                                    
            
            
                | 180 |  |  |   def send_registration_email | 
            
                                                                                                            
                            
            
                                    
            
            
                | 181 |  |  |     if invite_registration | 
            
                                                                                                            
                            
            
                                    
            
            
                | 182 |  |  |       send_invite_user_signup_email(@user) | 
            
                                                                                                            
                            
            
                                    
            
            
                | 183 |  |  |     elsif approval_registration | 
            
                                                                                                            
                            
            
                                    
            
            
                | 184 |  |  |       send_approval_user_signup_email(@user) | 
            
                                                                                                            
                            
            
                                    
            
            
                | 185 |  |  |     end | 
            
                                                                                                            
                            
            
                                    
            
            
                | 186 |  |  |   end | 
            
                                                                                                            
                            
            
                                    
            
            
                | 187 |  |  |  | 
            
                                                                                                            
                            
            
                                    
            
            
                | 188 |  |  |   # Checks that the user is allowed to edit this user | 
            
                                                                                                            
                            
            
                                    
            
            
                | 189 |  |  |   def check_admin_of | 
            
                                                                                                            
                            
            
                                    
            
            
                | 190 |  |  |     redirect_to current_user.main_room if current_user && @user != current_user && !current_user.admin_of?(@user) | 
            
                                                                                                            
                            
            
                                    
            
            
                | 191 |  |  |   end | 
            
                                                                                                            
                                                                
            
                                    
            
            
                | 192 |  |  | end | 
            
                                                        
            
                                    
            
            
                | 193 |  |  |  |