GitHub Access Token became invalid

It seems like the GitHub access token used for retrieving details about this repository from GitHub became invalid. This might prevent certain types of inspections from being run (in particular, everything related to pull requests).
Please ask an admin of your repository to re-new the access token on this website.
Completed
Pull Request — master (#865)
by Ahmad
05:34
created

AdminsController.verify_admin_of_user()   A

Complexity

Conditions 2

Size

Total Lines 4

Duplication

Lines 0
Ratio 0 %

Importance

Changes 1
Bugs 0 Features 0
Metric Value
cc 2
c 1
b 0
f 0
dl 0
loc 4
rs 10
1
# frozen_string_literal: true
2
3
# BigBlueButton open source conferencing system - http://www.bigbluebutton.org/.
4
#
5
# Copyright (c) 2018 BigBlueButton Inc. and by respective authors (see below).
6
#
7
# This program is free software; you can redistribute it and/or modify it under the
8
# terms of the GNU Lesser General Public License as published by the Free Software
9
# Foundation; either version 3.0 of the License, or (at your option) any later
10
# version.
11
#
12
# BigBlueButton is distributed in the hope that it will be useful, but WITHOUT ANY
13
# WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A
14
# PARTICULAR PURPOSE. See the GNU Lesser General Public License for more details.
15
#
16
# You should have received a copy of the GNU Lesser General Public License along
17
# with BigBlueButton; if not, see <http://www.gnu.org/licenses/>.
18
19
class AdminsController < ApplicationController
20
  include Pagy::Backend
21
  include Themer
22
  include Emailer
23
  include Recorder
24
  include Rolify
25
26
  manage_users = [:edit_user, :promote, :demote, :ban_user, :unban_user, :approve, :reset]
27
  manage_deleted_users = [:undelete]
28
  authorize_resource class: false
29
  before_action :find_user, only: manage_users
30
  before_action :find_deleted_user, only: manage_deleted_users
31
  before_action :verify_admin_of_user, only: [manage_users, manage_deleted_users]
32
33
  # GET /admins
34
  def index
35
    # Initializa the data manipulation variables
36
    @search = params[:search] || ""
37
    @order_column = params[:column] && params[:direction] != "none" ? params[:column] : "created_at"
38
    @order_direction = params[:direction] && params[:direction] != "none" ? params[:direction] : "DESC"
39
40
    @role = params[:role] ? Role.find_by(name: params[:role], provider: @user_domain) : nil
41
    @tab = params[:tab] || "active"
42
43
    @pagy, @users = pagy(user_list)
44
  end
45
46
  # GET /admins/site_settings
47
  def site_settings
48
  end
49
50
  # GET /admins/server_recordings
51
  def server_recordings
52
    server_rooms = if Rails.configuration.loadbalanced_configuration
53
      Room.includes(:owner).where(users: { provider: @user_domain }).pluck(:bbb_id)
54
    else
55
      Room.pluck(:bbb_id)
56
    end
57
58
    @search, @order_column, @order_direction, recs =
59
      all_recordings(server_rooms, params.permit(:search, :column, :direction), true, true)
60
61
    @pagy, @recordings = pagy_array(recs)
62
  end
63
64
  # MANAGE USERS
65
66
  # GET /admins/edit/:user_uid
67
  def edit_user
68
  end
69
70
  # POST /admins/ban/:user_uid
71
  def ban_user
72
    @user.roles = []
73
    @user.add_role :denied
74
    redirect_to admins_path, flash: { success: I18n.t("administrator.flash.banned") }
75
  end
76
77
  # POST /admins/unban/:user_uid
78
  def unban_user
79
    @user.remove_role :denied
80
    @user.add_role :user
81
    redirect_to admins_path, flash: { success: I18n.t("administrator.flash.unbanned") }
82
  end
83
84
  # POST /admins/approve/:user_uid
85
  def approve
86
    @user.remove_role :pending
87
88
    send_user_approved_email(@user)
89
90
    redirect_to admins_path, flash: { success: I18n.t("administrator.flash.approved") }
91
  end
92
93
  # POST /admins/approve/:user_uid
94
  def undelete
95
    # Undelete the user and all of his rooms
96
    @user.undelete!
97
    @user.rooms.deleted.each(&:undelete!)
98
99
    redirect_to admins_path, flash: { success: I18n.t("administrator.flash.restored") }
100
  end
101
102
  # POST /admins/invite
103
  def invite
104
    emails = params[:invite_user][:email].split(",")
105
106
    emails.each do |email|
107
      invitation = create_or_update_invite(email)
108
109
      send_invitation_email(current_user.name, email, invitation.invite_token)
110
    end
111
112
    redirect_to admins_path
113
  end
114
115
  # GET /admins/reset
116
  def reset
117
    @user.create_reset_digest
118
119
    send_password_reset_email(@user)
120
121
    redirect_to admins_path, flash: { success: I18n.t("administrator.flash.reset_password") }
122
  end
123
  # SITE SETTINGS
124
125
  # POST /admins/branding_image
126
  def branding_image
127
    begin
128
      # Upload file if its an image
129
      flash[:success] = "test"
130
    rescue e
131
      logger.error("Support: Image URL is not valid/available - #{user.uid} - #{user.image}")
132
      flash[:alert] = "test"
133
    end
134
135
    redirect_to admin_site_settings_path
136
  end
137
138
  # POST /admins/update_settings
139
  def update_settings
140
    @settings.update_value(params[:setting], params[:value])
141
142
    flash_message = I18n.t("administrator.flash.settings")
143
144
    if params[:value] == "Default Recording Visibility"
145
      flash_message += ". " + I18n.t("administrator.site_settings.recording_visibility.warning")
146
    end
147
148
    redirect_to admin_site_settings_path, flash: { success: flash_message }
149
  end
150
151
  # POST /admins/color
152
  def coloring
153
    @settings.update_value("Primary Color", params[:value])
154
    @settings.update_value("Primary Color Lighten", color_lighten(params[:value]))
155
    @settings.update_value("Primary Color Darken", color_darken(params[:value]))
156
    redirect_to admin_site_settings_path, flash: { success: I18n.t("administrator.flash.settings") }
157
  end
158
159
  # POST /admins/registration_method/:method
160
  def registration_method
161
    new_method = Rails.configuration.registration_methods[params[:value].to_sym]
162
163
    # Only allow change to Join by Invitation if user has emails enabled
164
    if !Rails.configuration.enable_email_verification && new_method == Rails.configuration.registration_methods[:invite]
165
      redirect_to admin_site_settings_path,
166
        flash: { alert: I18n.t("administrator.flash.invite_email_verification") }
167
    else
168
      @settings.update_value("Registration Method", new_method)
169
      redirect_to admin_site_settings_path,
170
        flash: { success: I18n.t("administrator.flash.registration_method_updated") }
171
    end
172
  end
173
174
  # ROLES
175
176
  # GET /admins/roles
177
  def roles
178
    @roles = all_roles(params[:selected_role])
179
  end
180
181
  # POST /admins/role
182
  # This method creates a new role scoped to the users provider
183
  def new_role
184
    new_role = create_role(params[:role][:name])
185
186
    return redirect_to admin_roles_path, flash: { alert: I18n.t("administrator.roles.invalid_create") } if new_role.nil?
187
188
    redirect_to admin_roles_path(selected_role: new_role.id)
189
  end
190
191
  # PATCH /admin/roles/order
192
  # This updates the priority of a site's roles
193
  # Note: A lower priority role will always get used before a higher priority one
194
  def change_role_order
195
    unless update_priority(params[:role])
196
      redirect_to admin_roles_path, flash: { alert: I18n.t("administrator.roles.invalid_order") }
197
    end
198
  end
199
200
  # POST /admin/role/:role_id
201
  # This method updates the permissions assigned to a role
202
  def update_role
203
    role = Role.find(params[:role_id])
204
    flash[:alert] = I18n.t("administrator.roles.invalid_update") unless update_permissions(role)
205
    redirect_to admin_roles_path(selected_role: role.id)
206
  end
207
208
  # DELETE admins/role/:role_id
209
  # This deletes a role
210
  def delete_role
211
    role = Role.find(params[:role_id])
212
213
    # Make sure no users are assigned to the role and the role isn't a reserved role
214
    # before deleting
215
    if role.users.count.positive?
216
      flash[:alert] = I18n.t("administrator.roles.role_has_users", user_count: role.users.count)
217
      return redirect_to admin_roles_path(selected_role: role.id)
218
    elsif Role::RESERVED_ROLE_NAMES.include?(role) || role.provider != @user_domain ||
219
          role.priority <= current_user.highest_priority_role.priority
220
      return redirect_to admin_roles_path(selected_role: role.id)
221
    else
222
      role.role_permissions.delete_all
223
      role.delete
224
    end
225
226
    redirect_to admin_roles_path
227
  end
228
229
  private
230
231
  def find_user
232
    @user = User.where(uid: params[:user_uid]).includes(:roles).first
233
  end
234
235
  def find_deleted_user
236
    @user = User.deleted.where(uid: params[:user_uid]).includes(:roles).first
237
  end
238
239
  # Verifies that admin is an administrator of the user in the action
240
  def verify_admin_of_user
241
    redirect_to admins_path,
242
      flash: { alert: I18n.t("administrator.flash.unauthorized") } unless current_user.admin_of?(@user)
243
  end
244
245
  # Gets the list of users based on your configuration
246
  def user_list
247
    current_role = @role
248
249
    initial_user = case @tab
250
      when "active"
251
        User.without_role(:pending).without_role(:denied)
252
      when "deleted"
253
        User.deleted
254
      else
255
        User
256
    end
257
258
    current_role = Role.find_by(name: @tab, provider: @user_domain) if @tab == "pending" || @tab == "denied"
259
260
    initial_list = if current_user.has_role? :super_admin
261
      initial_user.where.not(id: current_user.id)
262
    else
263
      initial_user.without_role(:super_admin).where.not(id: current_user.id)
264
    end
265
266
    if Rails.configuration.loadbalanced_configuration
267
      initial_list.where(provider: @user_domain)
268
                  .admins_search(@search, current_role)
269
                  .admins_order(@order_column, @order_direction)
270
    else
271
      initial_list.admins_search(@search, current_role)
272
                  .admins_order(@order_column, @order_direction)
273
    end
274
  end
275
276
  # Creates the invite if it doesn't exist, or updates the updated_at time if it does
277
  def create_or_update_invite(email)
278
    invite = Invitation.find_by(email: email, provider: @user_domain)
279
280
    # Invite already exists
281
    if invite.present?
282
      # Updates updated_at to now
283
      invite.touch
284
    else
285
      # Creates invite
286
      invite = Invitation.create(email: email, provider: @user_domain)
287
    end
288
289
    invite
290
  end
291
end
292