UsersController - Code Metrics - Inspection of "GRN2-346: Another attempt at short sha (#2508)" - farhatahmad/greenlight - Measure and Improve Code Quality continuously with Scrutinizer

Passed

Push — master ( 23b088...27bc68 )

by Ahmad

created 2021-02-04 23:21 UTC

UsersController C

↳ Parent: Project

Complexity

Total Complexity

Size/Duplication

Total Lines	236
Duplicated Lines	2.97 %

Importance

Changes	5
Bugs	0	Features	0

Metric	Value
dl	7
loc	236
rs	6.4799
c	5
b	0
f	0
wmc	54

15 Methods

Rating	Name	Duplication	Size	Complexity
A	delete_account()	0	2	1
A	change_password()	0	3	2
B	update()	6	29	7
B	update_password()	0	22	5
A	edit()	0	3	2
B	create()	1	36	8
A	send_registration_email()	0	7	3
A	check_admin_of()	0	5	4
A	check_user_signup_allowed()	0	3	2
A	recordings()	0	9	3
C	destroy()	0	40	9
A	find_user()	0	3	1
A	terms()	0	8	3
A	user_params()	0	4	1
A	shared_access_list()	0	20	3

How to fix Duplicated Code Complexity

# frozen_string_literal: true

# BigBlueButton open source conferencing system - http://www.bigbluebutton.org/.
#
# Copyright (c) 2018 BigBlueButton Inc. and by respective authors (see below).
#
# This program is free software; you can redistribute it and/or modify it under the
# terms of the GNU Lesser General Public License as published by the Free Software
# Foundation; either version 3.0 of the License, or (at your option) any later
# version.
#
# BigBlueButton is distributed in the hope that it will be useful, but WITHOUT ANY
# WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A
# PARTICULAR PURPOSE. See the GNU Lesser General Public License for more details.
#
# You should have received a copy of the GNU Lesser General Public License along
# with BigBlueButton; if not, see <http://www.gnu.org/licenses/>.

class UsersController < ApplicationController
  include Pagy::Backend
  include Authenticator
  include Emailer
  include Registrar
  include Recorder
  include Rolify

  before_action :find_user, only: [:edit, :change_password, :delete_account, :update, :update_password]
  before_action :ensure_unauthenticated_except_twitter, only: [:create]
  before_action :check_user_signup_allowed, only: [:create]
  before_action :check_admin_of, only: [:edit, :change_password, :delete_account]

  # POST /u
  def create
    @user = User.new(user_params)
    @user.provider = @user_domain

    # User or recpatcha is not valid
    render("sessions/new") && return unless valid_user_or_captcha

    # Redirect to root if user token is either invalid or expired
    return redirect_to root_path, flash: { alert: I18n.t("registration.invite.fail") } unless passes_invite_reqs


    # User has passed all validations required
    @user.save

    logger.info "Support: #{@user.email} user has been created."

    # Set user to pending and redirect if Approval Registration is set
    if approval_registration
      @user.set_role :pending

      return redirect_to root_path,
        flash: { success: I18n.t("registration.approval.signup") } unless Rails.configuration.enable_email_verification
    end

    send_registration_email

    # Sign in automatically if email verification is disabled or if user is already verified.
    if !Rails.configuration.enable_email_verification || @user.email_verified
      @user.set_role(initial_user_role(@user.email))

      login(@user) && return
    end

    send_activation_email(@user, @user.create_activation_token)

    redirect_to root_path
  end

  # GET /u/:user_uid/edit
  def edit
    redirect_to root_path unless current_user
  end

  # GET /u/:user_uid/change_password
  def change_password
    redirect_to edit_user_path unless current_user.greenlight_account?
  end

  # GET /u/:user_uid/delete_account
  def delete_account
  end

  # POST /u/:user_uid/edit
  def update
    if session[:prev_url].present?

      path = session[:prev_url]
      session.delete(:prev_url)
    else
      path = admins_path
    end

    redirect_path = current_user.admin_of?(@user, "can_manage_users") ? path : edit_user_path(@user)

    unless can_edit_user?(@user, current_user)
      params[:user][:name] = @user.name
      params[:user][:email] = @user.email
    end

    if @user.update_attributes(user_params)
      @user.update_attributes(email_verified: false) if user_params[:email] != @user.email

      user_locale(@user)

      if update_roles(params[:user][:role_id])
        return redirect_to redirect_path, flash: { success: I18n.t("info_update_success") }
      else
        flash[:alert] = I18n.t("administrator.roles.invalid_assignment")
      end
    end

    render :edit
  end

  # POST /u/:user_uid/change_password
  def update_password
    # Update the users password.
    if @user.authenticate(user_params[:password])
      # Verify that the new passwords match.
      if user_params[:new_password] == user_params[:password_confirmation]
        @user.password = user_params[:new_password]
      else
        # New passwords don't match.
        @user.errors.add(:password_confirmation, "doesn't match")
      end
    else
      # Original password is incorrect, can't update.
      @user.errors.add(:password, "is incorrect")
    end

    # Notify the user that their account has been updated.
    return redirect_to change_password_path,
      flash: { success: I18n.t("info_update_success") } if @user.errors.empty? && @user.save

    # redirect_to change_password_path
    render :change_password
  end

  # DELETE /u/:user_uid
  def destroy
    # Include deleted users in the check
    admin_path = request.referer.present? ? request.referer : admins_path
    @user = User.include_deleted.find_by(uid: params[:user_uid])

    logger.info "Support: #{current_user.email} is deleting #{@user.email}."

    self_delete = current_user == @user
    redirect_url = self_delete ? root_path : admin_path

    begin
      if current_user && (self_delete || current_user.admin_of?(@user, "can_manage_users"))
        # Permanently delete if the user is deleting themself
        perm_delete = self_delete || (params[:permanent].present? && params[:permanent] == "true")

        # Permanently delete the rooms under the user if they have not been reassigned
        if perm_delete
          @user.rooms.include_deleted.each do |room|
            # Destroy all recordings then permanently delete the room
            delete_all_recordings(room.bbb_id)
            room.destroy(true)
          end
        end

        @user.destroy(perm_delete)

        # Log the user out if they are deleting themself
        session.delete(:user_id) if self_delete

        return redirect_to redirect_url, flash: { success: I18n.t("administrator.flash.delete") } unless self_delete
      else
        flash[:alert] = I18n.t("administrator.flash.delete_fail")
      end
    rescue => e
      logger.error "Support: Error in user deletion: #{e}"
      flash[:alert] = I18n.t(params[:message], default: I18n.t("administrator.flash.delete_fail"))
    end

    redirect_to redirect_url
  end

  # GET /u/:user_uid/recordings
  def recordings
    if current_user && current_user.uid == params[:user_uid]
      @search, @order_column, @order_direction, recs =
        all_recordings(current_user.rooms.pluck(:bbb_id), params.permit(:search, :column, :direction), true)
      @pagy, @recordings = pagy_array(recs)
    else
      redirect_to root_path
    end
  end

  # GET | POST /terms
  def terms
    redirect_to '/404' unless Rails.configuration.terms

    if params[:accept] == "true"
      current_user.update_attributes(accepted_terms: true)
      login(current_user)
    end
  end

  # GET /shared_access_list
  def shared_access_list
    # Don't allow searchs unless atleast 3 characters are passed
    return redirect_to '/404' if params[:search].length < 3

    roles_can_appear = []
    Role.where(provider: @user_domain).each do |role|
      roles_can_appear << role.name if role.get_permission("can_appear_in_share_list") && role.priority >= 0
    end

    initial_list = User.where.not(uid: params[:owner_uid])
                       .with_role(roles_can_appear)
                       .shared_list_search(params[:search])

    initial_list = initial_list.where(provider: @user_domain) if Rails.configuration.loadbalanced_configuration

    # Respond with JSON object of users
    respond_to do |format|
      format.json { render body: initial_list.pluck_to_hash(:uid, :name).to_json }
    end
  end

  private

  def find_user
    @user = User.find_by(uid: params[:user_uid])
  end

  # Verify that GreenLight is configured to allow user signup.
  def check_user_signup_allowed
    redirect_to root_path unless Rails.configuration.allow_user_signup
  end

  def user_params
    params.require(:user).permit(:name, :email, :image, :password, :password_confirmation,
      :new_password, :provider, :accepted_terms, :language)
  end

  def send_registration_email
    if invite_registration
      send_invite_user_signup_email(@user)
    elsif approval_registration
      send_approval_user_signup_email(@user)
    end
  end

  # Checks that the user is allowed to edit this user
  def check_admin_of
    redirect_to root_path if current_user &&
                             @user != current_user &&
                             !current_user.admin_of?(@user, "can_manage_users")
  end
end


1		# frozen_string_literal: true
2
3		# BigBlueButton open source conferencing system - http://www.bigbluebutton.org/.
4		#
5		# Copyright (c) 2018 BigBlueButton Inc. and by respective authors (see below).
6		#
7		# This program is free software; you can redistribute it and/or modify it under the
8		# terms of the GNU Lesser General Public License as published by the Free Software
9		# Foundation; either version 3.0 of the License, or (at your option) any later
10		# version.
11		#
12		# BigBlueButton is distributed in the hope that it will be useful, but WITHOUT ANY
13		# WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A
14		# PARTICULAR PURPOSE. See the GNU Lesser General Public License for more details.
15		#
16		# You should have received a copy of the GNU Lesser General Public License along
17		# with BigBlueButton; if not, see <http://www.gnu.org/licenses/>.
18
19		class UsersController < ApplicationController
20		include Pagy::Backend
21		include Authenticator
22		include Emailer
23		include Registrar
24		include Recorder
25		include Rolify
26
27		before_action :find_user, only: [:edit, :change_password, :delete_account, :update, :update_password]
28		before_action :ensure_unauthenticated_except_twitter, only: [:create]
29		before_action :check_user_signup_allowed, only: [:create]
30		before_action :check_admin_of, only: [:edit, :change_password, :delete_account]
31
32		# POST /u
33		def create
34		@user = User.new(user_params)
35		@user.provider = @user_domain
36
37		# User or recpatcha is not valid
38		render("sessions/new") && return unless valid_user_or_captcha
39
40		# Redirect to root if user token is either invalid or expired
41	View Code Duplication	return redirect_to root_path, flash: { alert: I18n.t("registration.invite.fail") } unless passes_invite_reqs
		0 ignored issues – show Duplication introduced 2019-05-16 21:00 UTC by Report Bug Copy Issue Report This code seems to be duplicated in your project. Loading history...
42
43		# User has passed all validations required
44		@user.save
45
46		logger.info "Support: #{@user.email} user has been created."
47
48		# Set user to pending and redirect if Approval Registration is set
49		if approval_registration
50		@user.set_role :pending
51
52		return redirect_to root_path,
53		flash: { success: I18n.t("registration.approval.signup") } unless Rails.configuration.enable_email_verification
54		end
55
56		send_registration_email
57
58		# Sign in automatically if email verification is disabled or if user is already verified.
59		if !Rails.configuration.enable_email_verification \|\| @user.email_verified
60		@user.set_role(initial_user_role(@user.email))
61
62		login(@user) && return
63		end
64
65		send_activation_email(@user, @user.create_activation_token)
66
67		redirect_to root_path
68		end
69
70		# GET /u/:user_uid/edit
71		def edit
72		redirect_to root_path unless current_user
73		end
74
75		# GET /u/:user_uid/change_password
76		def change_password
77		redirect_to edit_user_path unless current_user.greenlight_account?
78		end
79
80		# GET /u/:user_uid/delete_account
81		def delete_account
82		end
83
84		# POST /u/:user_uid/edit
85		def update
86	View Code Duplication	if session[:prev_url].present?
		0 ignored issues – show Duplication introduced 2020-06-03 20:34 UTC by Report Bug Copy Issue Report This code seems to be duplicated in your project. Loading history...
87		path = session[:prev_url]
88		session.delete(:prev_url)
89		else
90		path = admins_path
91		end
92
93		redirect_path = current_user.admin_of?(@user, "can_manage_users") ? path : edit_user_path(@user)
94
95		unless can_edit_user?(@user, current_user)
96		params[:user][:name] = @user.name
97		params[:user][:email] = @user.email
98		end
99
100		if @user.update_attributes(user_params)
101		@user.update_attributes(email_verified: false) if user_params[:email] != @user.email
102
103		user_locale(@user)
104
105		if update_roles(params[:user][:role_id])
106		return redirect_to redirect_path, flash: { success: I18n.t("info_update_success") }
107		else
108		flash[:alert] = I18n.t("administrator.roles.invalid_assignment")
109		end
110		end
111
112		render :edit
113		end
114
115		# POST /u/:user_uid/change_password
116		def update_password
117		# Update the users password.
118		if @user.authenticate(user_params[:password])
119		# Verify that the new passwords match.
120		if user_params[:new_password] == user_params[:password_confirmation]
121		@user.password = user_params[:new_password]
122		else
123		# New passwords don't match.
124		@user.errors.add(:password_confirmation, "doesn't match")
125		end
126		else
127		# Original password is incorrect, can't update.
128		@user.errors.add(:password, "is incorrect")
129		end
130
131		# Notify the user that their account has been updated.
132		return redirect_to change_password_path,
133		flash: { success: I18n.t("info_update_success") } if @user.errors.empty? && @user.save
134
135		# redirect_to change_password_path
136		render :change_password
137		end
138
139		# DELETE /u/:user_uid
140		def destroy
141		# Include deleted users in the check
142		admin_path = request.referer.present? ? request.referer : admins_path
143		@user = User.include_deleted.find_by(uid: params[:user_uid])
144
145		logger.info "Support: #{current_user.email} is deleting #{@user.email}."
146
147		self_delete = current_user == @user
148		redirect_url = self_delete ? root_path : admin_path
149
150		begin
151		if current_user && (self_delete \|\| current_user.admin_of?(@user, "can_manage_users"))
152		# Permanently delete if the user is deleting themself
153		perm_delete = self_delete \|\| (params[:permanent].present? && params[:permanent] == "true")
154
155		# Permanently delete the rooms under the user if they have not been reassigned
156		if perm_delete
157		@user.rooms.include_deleted.each do \|room\|
158		# Destroy all recordings then permanently delete the room
159		delete_all_recordings(room.bbb_id)
160		room.destroy(true)
161		end
162		end
163
164		@user.destroy(perm_delete)
165
166		# Log the user out if they are deleting themself
167		session.delete(:user_id) if self_delete
168
169		return redirect_to redirect_url, flash: { success: I18n.t("administrator.flash.delete") } unless self_delete
170		else
171		flash[:alert] = I18n.t("administrator.flash.delete_fail")
172		end
173		rescue => e
174		logger.error "Support: Error in user deletion: #{e}"
175		flash[:alert] = I18n.t(params[:message], default: I18n.t("administrator.flash.delete_fail"))
176		end
177
178		redirect_to redirect_url
179		end
180
181		# GET /u/:user_uid/recordings
182		def recordings
183		if current_user && current_user.uid == params[:user_uid]
184		@search, @order_column, @order_direction, recs =
185		all_recordings(current_user.rooms.pluck(:bbb_id), params.permit(:search, :column, :direction), true)
186		@pagy, @recordings = pagy_array(recs)
187		else
188		redirect_to root_path
189		end
190		end
191
192		# GET \| POST /terms
193		def terms
194		redirect_to '/404' unless Rails.configuration.terms
195
196		if params[:accept] == "true"
197		current_user.update_attributes(accepted_terms: true)
198		login(current_user)
199		end
200		end
201
202		# GET /shared_access_list
203		def shared_access_list
204		# Don't allow searchs unless atleast 3 characters are passed
205		return redirect_to '/404' if params[:search].length < 3
206
207		roles_can_appear = []
208		Role.where(provider: @user_domain).each do \|role\|
209		roles_can_appear << role.name if role.get_permission("can_appear_in_share_list") && role.priority >= 0
210		end
211
212		initial_list = User.where.not(uid: params[:owner_uid])
213		.with_role(roles_can_appear)
214		.shared_list_search(params[:search])
215
216		initial_list = initial_list.where(provider: @user_domain) if Rails.configuration.loadbalanced_configuration
217
218		# Respond with JSON object of users
219		respond_to do \|format\|
220		format.json { render body: initial_list.pluck_to_hash(:uid, :name).to_json }
221		end
222		end
223
224		private
225
226		def find_user
227		@user = User.find_by(uid: params[:user_uid])
228		end
229
230		# Verify that GreenLight is configured to allow user signup.
231		def check_user_signup_allowed
232		redirect_to root_path unless Rails.configuration.allow_user_signup
233		end
234
235		def user_params
236		params.require(:user).permit(:name, :email, :image, :password, :password_confirmation,
237		:new_password, :provider, :accepted_terms, :language)
238		end
239
240		def send_registration_email
241		if invite_registration
242		send_invite_user_signup_email(@user)
243		elsif approval_registration
244		send_approval_user_signup_email(@user)
245		end
246		end
247
248		# Checks that the user is allowed to edit this user
249		def check_admin_of
250		redirect_to root_path if current_user &&
251		@user != current_user &&
252		!current_user.admin_of?(@user, "can_manage_users")
253		end
254		end
255

farhatahmad / greenlight

Push — master ( 23b088...27bc68 )

UsersController C

Complexity

Size/Duplication

Importance

15 Methods

How to fix Duplicated Code Complexity

Duplicated Code

Complex Class

Duplication Side-by-Side

Filter issues like