GitHub Access Token became invalid

It seems like the GitHub access token used for retrieving details about this repository from GitHub became invalid. This might prevent certain types of inspections from being run (in particular, everything related to pull requests).
Please ask an admin of your repository to re-new the access token on this website.
Passed
Push — master ( ec4722...b2f2e7 )
by Jesus
04:24 queued 10s
created

SessionsController   B

Complexity

Total Complexity 47

Size/Duplication

Total Lines 186
Duplicated Lines 0.54 %

Importance

Changes 1
Bugs 0 Features 0
Metric Value
c 1
b 0
f 0
dl 1
loc 186
rs 8.64
wmc 47

12 Methods

Rating   Name   Duplication   Size   Complexity  
A ldap_signin() 0 2 1
A check_user_signup_allowed() 0 3 2
A check_user_exists() 0 4 2
C process_signin() 1 36 11
A passes_invite_reqs() 0 6 2
B ldap() 0 27 6
A signin() 0 13 3
A one_provider() 0 6 1
A new() 0 12 3
A session_params() 0 3 1
C create() 0 17 10
A destroy() 0 4 1

How to fix   Duplicated Code    Complexity   

Duplicated Code

Duplicate code is one of the most pungent code smells. A rule that is often used is to re-structure code once it is duplicated in three or more places.

Common duplication problems, and corresponding solutions are:

Complex Class

 Tip:   Before tackling complexity, make sure that you eliminate any duplication first. This often can reduce the size of classes significantly.

Complex classes like SessionsController often do a lot of different things. To break such a class down, we need to identify a cohesive component within that class. A common approach to find such a component is to look for fields/methods that share the same prefixes, or suffixes.

Once you have determined the fields that belong together, you can apply the Extract Class refactoring. If the component makes sense as a sub-class, Extract Subclass is also a candidate, and is often faster.

1
# frozen_string_literal: true
2
3
# BigBlueButton open source conferencing system - http://www.bigbluebutton.org/.
4
#
5
# Copyright (c) 2018 BigBlueButton Inc. and by respective authors (see below).
6
#
7
# This program is free software; you can redistribute it and/or modify it under the
8
# terms of the GNU Lesser General Public License as published by the Free Software
9
# Foundation; either version 3.0 of the License, or (at your option) any later
10
# version.
11
#
12
# BigBlueButton is distributed in the hope that it will be useful, but WITHOUT ANY
13
# WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A
14
# PARTICULAR PURPOSE. See the GNU Lesser General Public License for more details.
15
#
16
# You should have received a copy of the GNU Lesser General Public License along
17
# with BigBlueButton; if not, see <http://www.gnu.org/licenses/>.
18
19
class SessionsController < ApplicationController
20
  include Authenticator
21
  include Registrar
22
  include Emailer
23
  include LdapAuthenticator
24
25
  skip_before_action :verify_authenticity_token, only: [:omniauth, :fail]
26
  before_action :check_user_signup_allowed, only: [:new]
27
  before_action :ensure_unauthenticated_except_twitter, only: [:new, :signin]
28
29
  # GET /signin
30
  def signin
31
    check_if_twitter_account
32
33
    if one_provider
34
      provider_path = if Rails.configuration.omniauth_ldap
35
        ldap_signin_path
36
      else
37
        "#{Rails.configuration.relative_url_root}/auth/#{providers.first}"
38
      end
39
40
      return redirect_to provider_path
41
    end
42
  end
43
44
  # GET /ldap_signin
45
  def ldap_signin
46
  end
47
48
  # GET /signup
49
  def new
50
    # Check if the user needs to be invited
51
    if invite_registration
52
      redirect_to root_path, flash: { alert: I18n.t("registration.invite.no_invite") } unless params[:invite_token]
53
54
      session[:invite_token] = params[:invite_token]
55
    end
56
57
    check_if_twitter_account(true)
58
59
    @user = User.new
60
  end
61
62
  # POST /users/login
63
  def create
64
    logger.info "Support: #{session_params[:email]} is attempting to login."
65
66
    admin = User.find_by(email: session_params[:email])
67
    if admin&.has_role? :super_admin
68
      user = admin
69
    else
70
      user = User.find_by(email: session_params[:email], provider: @user_domain)
71
      redirect_to(signin_path, alert: I18n.t("invalid_credentials")) && return unless user
72
      redirect_to(root_path, alert: I18n.t("invalid_login_method")) && return unless user.greenlight_account?
73
      redirect_to(account_activation_path(email: user.email)) && return unless user.activated?
74
    end
75
    redirect_to(signin_path, alert: I18n.t("invalid_credentials")) && return unless user.try(:authenticate,
76
      session_params[:password])
77
78
    login(user)
79
  end
80
81
  # GET /users/logout
82
  def destroy
83
    logout
84
    redirect_to root_path
85
  end
86
87
  # GET/POST /auth/:provider/callback
88
  def omniauth
89
    @auth = request.env['omniauth.auth']
90
91
    begin
92
      process_signin
93
    rescue => e
94
      logger.error "Error authenticating via omniauth: #{e}"
95
      omniauth_fail
96
    end
97
  end
98
99
  # POST /auth/failure
100
  def omniauth_fail
101
    if params[:message].nil?
102
      redirect_to root_path, alert: I18n.t("omniauth_error")
103
    else
104
      redirect_to root_path, alert: I18n.t("omniauth_specific_error", error: params["message"])
105
    end
106
  end
107
108
  # GET /auth/ldap
109
  def ldap
110
    ldap_config = {}
111
    ldap_config[:host] = ENV['LDAP_SERVER']
112
    ldap_config[:port] = ENV['LDAP_PORT'].to_i != 0 ? ENV['LDAP_PORT'].to_i : 389
113
    ldap_config[:bind_dn] = ENV['LDAP_BIND_DN']
114
    ldap_config[:password] = ENV['LDAP_PASSWORD']
115
    ldap_config[:encryption] = if ENV['LDAP_METHOD'] == 'ssl'
116
                                    'simple_tls'
117
                                elsif ENV['LDAP_METHOD'] == 'tls'
118
                                    'start_tls'
119
                                end
120
    ldap_config[:base] = ENV['LDAP_BASE']
121
    ldap_config[:uid] = ENV['LDAP_UID']
122
123
    result = send_ldap_request(params[:session], ldap_config)
124
125
    return redirect_to(ldap_signin_path, alert: I18n.t("invalid_credentials")) unless result
126
127
    @auth = parse_auth(result.first, ENV['LDAP_ROLE_FIELD'])
128
129
    begin
130
      process_signin
131
    rescue => e
132
      logger.error "Support: Error authenticating via omniauth: #{e}"
133
      omniauth_fail
134
    end
135
  end
136
137
  private
138
139
  # Verify that GreenLight is configured to allow user signup.
140
  def check_user_signup_allowed
141
    redirect_to root_path unless Rails.configuration.allow_user_signup
142
  end
143
144
  def session_params
145
    params.require(:session).permit(:email, :password)
146
  end
147
148
  def one_provider
149
    providers = configured_providers
150
151
    (!allow_user_signup? || !allow_greenlight_accounts?) && providers.count == 1 &&
152
      !Rails.configuration.loadbalanced_configuration
153
  end
154
155
  def check_user_exists
156
    provider = @auth['provider'] == "bn_launcher" ? @auth['info']['customer'] : @auth['provider']
157
    User.exists?(social_uid: @auth['uid'], provider: provider)
158
  end
159
160
  # Check if the user already exists, if not then check for invitation
161
  def passes_invite_reqs
162
    return true if @user_exists
163
164
    invitation = check_user_invited("", session[:invite_token], @user_domain)
165
    invitation[:present]
166
  end
167
168
  def process_signin
169
    @user_exists = check_user_exists
170
171
    if !@user_exists && @auth['provider'] == "twitter"
172
      return redirect_to root_path, flash: { alert: I18n.t("registration.deprecated.twitter_signup") }
173
    end
174
175
    # If using invitation registration method, make sure user is invited
176 View Code Duplication
    return redirect_to root_path, flash: { alert: I18n.t("registration.invite.no_invite") } unless passes_invite_reqs
0 ignored issues
show
Duplication introduced by
This code seems to be duplicated in your project.
Loading history...
177
178
    user = User.from_omniauth(@auth)
179
180
    logger.info "Support: Auth user #{user.email} is attempting to login."
181
182
    # Add pending role if approval method and is a new user
183
    if approval_registration && !@user_exists
184
      user.add_role :pending
185
186
      # Inform admins that a user signed up if emails are turned on
187
      send_approval_user_signup_email(user)
188
189
      return redirect_to root_path, flash: { success: I18n.t("registration.approval.signup") }
190
    end
191
192
    send_invite_user_signup_email(user) if invite_registration && !@user_exists
193
194
    login(user)
195
196
    if @auth['provider'] == "twitter"
197
      flash[:alert] = if allow_user_signup? && allow_greenlight_accounts?
198
        I18n.t("registration.deprecated.twitter_signin", link: signup_path(old_twitter_user_id: user.id))
199
      else
200
        I18n.t("registration.deprecated.twitter_signin", link: signin_path(old_twitter_user_id: user.id))
201
      end
202
    end
203
  end
204
end
205