GitHub Access Token became invalid

It seems like the GitHub access token used for retrieving details about this repository from GitHub became invalid. This might prevent certain types of inspections from being run (in particular, everything related to pull requests).
Please ask an admin of your repository to re-new the access token on this website.
Passed
Push — master ( ec4722...b2f2e7 )
by Jesus
04:24 queued 10s
created

AdminsController   A

Complexity

Total Complexity 36

Size/Duplication

Total Lines 232
Duplicated Lines 0 %

Importance

Changes 2
Bugs 0 Features 0
Metric Value
dl 0
loc 232
rs 9.52
c 2
b 0
f 0
wmc 36

21 Methods

Rating   Name   Duplication   Size   Complexity  
A approve() 0 7 1
A unban_user() 0 5 1
A ban_user() 0 5 1
A site_settings() 0 2 1
A edit_user() 0 2 1
A server_recordings() 0 12 2
A index() 0 10 1
A coloring() 0 6 1
A delete_role() 0 18 5
A reset() 0 7 1
A find_user() 0 3 1
A invite() 0 11 1
A update_role() 0 5 2
A registration_method() 0 13 3
A user_list() 0 16 3
A new_role() 0 7 2
A roles() 0 3 1
A create_or_update_invite() 0 14 2
A verify_admin_of_user() 0 4 2
A change_role_order() 0 5 2
A update_settings() 0 11 2
1
# frozen_string_literal: true
2
3
# BigBlueButton open source conferencing system - http://www.bigbluebutton.org/.
4
#
5
# Copyright (c) 2018 BigBlueButton Inc. and by respective authors (see below).
6
#
7
# This program is free software; you can redistribute it and/or modify it under the
8
# terms of the GNU Lesser General Public License as published by the Free Software
9
# Foundation; either version 3.0 of the License, or (at your option) any later
10
# version.
11
#
12
# BigBlueButton is distributed in the hope that it will be useful, but WITHOUT ANY
13
# WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A
14
# PARTICULAR PURPOSE. See the GNU Lesser General Public License for more details.
15
#
16
# You should have received a copy of the GNU Lesser General Public License along
17
# with BigBlueButton; if not, see <http://www.gnu.org/licenses/>.
18
19
class AdminsController < ApplicationController
20
  include Pagy::Backend
21
  include Themer
22
  include Emailer
23
  include Recorder
24
  include Rolify
25
26
  manage_users = [:edit_user, :promote, :demote, :ban_user, :unban_user, :approve, :reset]
27
28
  authorize_resource class: false
29
  before_action :find_user, only: manage_users
30
  before_action :verify_admin_of_user, only: manage_users
31
32
  # GET /admins
33
  def index
34
    # Initializa the data manipulation variables
35
    @search = params[:search] || ""
36
    @order_column = params[:column] && params[:direction] != "none" ? params[:column] : "created_at"
37
    @order_direction = params[:direction] && params[:direction] != "none" ? params[:direction] : "DESC"
38
39
    @role = params[:role] ? Role.find_by(name: params[:role], provider: @user_domain) : nil
40
41
    @pagy, @users = pagy(user_list)
42
  end
43
44
  # GET /admins/site_settings
45
  def site_settings
46
  end
47
48
  # GET /admins/server_recordings
49
  def server_recordings
50
    server_rooms = if Rails.configuration.loadbalanced_configuration
51
      Room.includes(:owner).where(users: { provider: @user_domain }).pluck(:bbb_id)
52
    else
53
      Room.pluck(:bbb_id)
54
    end
55
56
    @search, @order_column, @order_direction, recs =
57
      all_recordings(server_rooms, params.permit(:search, :column, :direction), true, true)
58
59
    @pagy, @recordings = pagy_array(recs)
60
  end
61
62
  # MANAGE USERS
63
64
  # GET /admins/edit/:user_uid
65
  def edit_user
66
  end
67
68
  # POST /admins/ban/:user_uid
69
  def ban_user
70
    @user.roles = []
71
    @user.add_role :denied
72
    redirect_to admins_path, flash: { success: I18n.t("administrator.flash.banned") }
73
  end
74
75
  # POST /admins/unban/:user_uid
76
  def unban_user
77
    @user.remove_role :denied
78
    @user.add_role :user
79
    redirect_to admins_path, flash: { success: I18n.t("administrator.flash.unbanned") }
80
  end
81
82
  # POST /admins/approve/:user_uid
83
  def approve
84
    @user.remove_role :pending
85
86
    send_user_approved_email(@user)
87
88
    redirect_to admins_path, flash: { success: I18n.t("administrator.flash.approved") }
89
  end
90
91
  # POST /admins/invite
92
  def invite
93
    emails = params[:invite_user][:email].split(",")
94
95
    emails.each do |email|
96
      invitation = create_or_update_invite(email)
97
98
      send_invitation_email(current_user.name, email, invitation.invite_token)
99
    end
100
101
    redirect_to admins_path
102
  end
103
104
  # GET /admins/reset
105
  def reset
106
    @user.create_reset_digest
107
108
    send_password_reset_email(@user)
109
110
    redirect_to admins_path, flash: { success: I18n.t("administrator.flash.reset_password") }
111
  end
112
  # SITE SETTINGS
113
114
  # POST /admins/update_settings
115
  def update_settings
116
    @settings.update_value(params[:setting], params[:value])
117
118
    flash_message = I18n.t("administrator.flash.settings")
119
120
    if params[:value] == "Default Recording Visibility"
121
      flash_message += ". " + I18n.t("administrator.site_settings.recording_visibility.warning")
122
    end
123
124
    redirect_to admin_site_settings_path, flash: { success: flash_message }
125
  end
126
127
  # POST /admins/color
128
  def coloring
129
    @settings.update_value("Primary Color", params[:value])
130
    @settings.update_value("Primary Color Lighten", color_lighten(params[:value]))
131
    @settings.update_value("Primary Color Darken", color_darken(params[:value]))
132
    redirect_to admin_site_settings_path, flash: { success: I18n.t("administrator.flash.settings") }
133
  end
134
135
  # POST /admins/registration_method/:method
136
  def registration_method
137
    new_method = Rails.configuration.registration_methods[params[:value].to_sym]
138
139
    # Only allow change to Join by Invitation if user has emails enabled
140
    if !Rails.configuration.enable_email_verification && new_method == Rails.configuration.registration_methods[:invite]
141
      redirect_to admin_site_settings_path,
142
        flash: { alert: I18n.t("administrator.flash.invite_email_verification") }
143
    else
144
      @settings.update_value("Registration Method", new_method)
145
      redirect_to admin_site_settings_path,
146
        flash: { success: I18n.t("administrator.flash.registration_method_updated") }
147
    end
148
  end
149
150
  # ROLES
151
152
  # GET /admins/roles
153
  def roles
154
    @roles = all_roles(params[:selected_role])
155
  end
156
157
  # POST /admins/role
158
  # This method creates a new role scoped to the users provider
159
  def new_role
160
    new_role = create_role(params[:role][:name])
161
162
    return redirect_to admin_roles_path, flash: { alert: I18n.t("administrator.roles.invalid_create") } if new_role.nil?
163
164
    redirect_to admin_roles_path(selected_role: new_role.id)
165
  end
166
167
  # PATCH /admin/roles/order
168
  # This updates the priority of a site's roles
169
  # Note: A lower priority role will always get used before a higher priority one
170
  def change_role_order
171
    unless update_priority(params[:role])
172
      redirect_to admin_roles_path, flash: { alert: I18n.t("administrator.roles.invalid_order") }
173
    end
174
  end
175
176
  # POST /admin/role/:role_id
177
  # This method updates the permissions assigned to a role
178
  def update_role
179
    role = Role.find(params[:role_id])
180
    flash[:alert] = I18n.t("administrator.roles.invalid_update") unless update_permissions(role)
181
    redirect_to admin_roles_path(selected_role: role.id)
182
  end
183
184
  # DELETE admins/role/:role_id
185
  # This deletes a role
186
  def delete_role
187
    role = Role.find(params[:role_id])
188
189
    # Make sure no users are assigned to the role and the role isn't a reserved role
190
    # before deleting
191
    if role.users.count.positive?
192
      flash[:alert] = I18n.t("administrator.roles.role_has_users", user_count: role.users.count)
193
      return redirect_to admin_roles_path(selected_role: role.id)
194
    elsif Role::RESERVED_ROLE_NAMES.include?(role) || role.provider != @user_domain ||
195
          role.priority <= current_user.highest_priority_role.priority
196
      return redirect_to admin_roles_path(selected_role: role.id)
197
    else
198
      role.role_permissions.delete_all
199
      role.delete
200
    end
201
202
    redirect_to admin_roles_path
203
  end
204
205
  private
206
207
  def find_user
208
    @user = User.where(uid: params[:user_uid]).includes(:roles).first
209
  end
210
211
  # Verifies that admin is an administrator of the user in the action
212
  def verify_admin_of_user
213
    redirect_to admins_path,
214
      flash: { alert: I18n.t("administrator.flash.unauthorized") } unless current_user.admin_of?(@user)
215
  end
216
217
  # Gets the list of users based on your configuration
218
  def user_list
219
    initial_list = if current_user.has_role? :super_admin
220
      User.where.not(id: current_user.id)
221
    else
222
      User.without_role(:super_admin).where.not(id: current_user.id)
223
    end
224
225
    if Rails.configuration.loadbalanced_configuration
226
      initial_list.where(provider: @user_domain)
227
                  .admins_search(@search, @role)
228
                  .admins_order(@order_column, @order_direction)
229
    else
230
      initial_list.admins_search(@search, @role)
231
                  .admins_order(@order_column, @order_direction)
232
    end
233
  end
234
235
  # Creates the invite if it doesn't exist, or updates the updated_at time if it does
236
  def create_or_update_invite(email)
237
    invite = Invitation.find_by(email: email, provider: @user_domain)
238
239
    # Invite already exists
240
    if invite.present?
241
      # Updates updated_at to now
242
      invite.touch
243
    else
244
      # Creates invite
245
      invite = Invitation.create(email: email, provider: @user_domain)
246
    end
247
248
    invite
249
  end
250
end
251