AdminsController.merge_user() - Code Metrics - Inspection of "Translate /config/locales/en.yml in de_DE (#972)" - farhatahmad/greenlight - Measure and Improve Code Quality continuously with Scrutinizer

Passed

Push — master ( 6bc43d...2da2ee )

by Ahmad

created 2020-03-03 17:37 UTC

AdminsController.merge_user() A

↳ Parent: AdminsController

Complexity

Conditions

Size

Total Lines

Duplication

Lines	0
Ratio	0 %

Importance

Changes

Metric	Value
cc	3
dl	0
loc	36
rs	9.016
c	0
b	0
f	0

# frozen_string_literal: true

# BigBlueButton open source conferencing system - http://www.bigbluebutton.org/.
#
# Copyright (c) 2018 BigBlueButton Inc. and by respective authors (see below).
#
# This program is free software; you can redistribute it and/or modify it under the
# terms of the GNU Lesser General Public License as published by the Free Software
# Foundation; either version 3.0 of the License, or (at your option) any later
# version.
#
# BigBlueButton is distributed in the hope that it will be useful, but WITHOUT ANY
# WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A
# PARTICULAR PURPOSE. See the GNU Lesser General Public License for more details.
#
# You should have received a copy of the GNU Lesser General Public License along
# with BigBlueButton; if not, see <http://www.gnu.org/licenses/>.

class AdminsController < ApplicationController
  include Pagy::Backend
  include Themer
  include Emailer
  include Recorder
  include Rolify
  include Populator

  manage_users = [:edit_user, :promote, :demote, :ban_user, :unban_user, :approve, :reset, :merge_user]
  manage_deleted_users = [:undelete]
  authorize_resource class: false
  before_action :find_user, only: manage_users
  before_action :find_deleted_user, only: manage_deleted_users
  before_action :verify_admin_of_user, only: [manage_users, manage_deleted_users]

  # GET /admins
  def index
    # Initializa the data manipulation variables
    @search = params[:search] || ""
    @order_column = params[:column] && params[:direction] != "none" ? params[:column] : "created_at"
    @order_direction = params[:direction] && params[:direction] != "none" ? params[:direction] : "DESC"

    @role = params[:role] ? Role.find_by(name: params[:role], provider: @user_domain) : nil
    @tab = params[:tab] || "active"

    @user_list = merge_user_list

    @pagy, @users = pagy(manage_users_list)
  end

  # GET /admins/site_settings
  def site_settings
  end

  # GET /admins/server_recordings
  def server_recordings
    server_rooms = rooms_list_for_recordings

    @search, @order_column, @order_direction, recs =
      all_recordings(server_rooms, params.permit(:search, :column, :direction), true, true)

    @pagy, @recordings = pagy_array(recs)
  end

  # GET /admins/rooms
  def server_rooms
    @search = params[:search] || ""
    @order_column = params[:column] && params[:direction] != "none" ? params[:column] : "created_at"
    @order_direction = params[:direction] && params[:direction] != "none" ? params[:direction] : "DESC"

    @running_room_bbb_ids = all_running_meetings[:meetings].pluck(:meetingID)

    @user_list = shared_user_list if shared_access_allowed

    @pagy, @rooms = pagy_array(server_rooms_list)
  end

  # MANAGE USERS

  # GET /admins/edit/:user_uid
  def edit_user
    session[:prev_url] = request.referer if request.referer.present?
  end

  # POST /admins/ban/:user_uid
  def ban_user

    @user.roles = []
    @user.add_role :denied

    redirect_back fallback_location: admins_path, flash: { success: I18n.t("administrator.flash.banned") }
  end

  # POST /admins/unban/:user_uid
  def unban_user

    @user.remove_role :denied
    @user.add_role :user

    redirect_back fallback_location: admins_path, flash: { success: I18n.t("administrator.flash.unbanned") }
  end

  # POST /admins/approve/:user_uid
  def approve
    @user.remove_role :pending

    send_user_approved_email(@user)

    redirect_back fallback_location: admins_path, flash: { success: I18n.t("administrator.flash.approved") }
  end

  # POST /admins/approve/:user_uid
  def undelete
    # Undelete the user and all of his rooms
    @user.undelete!
    @user.rooms.deleted.each(&:undelete!)

    redirect_back fallback_location: admins_path, flash: { success: I18n.t("administrator.flash.restored") }
  end

  # POST /admins/invite
  def invite
    emails = params[:invite_user][:email].split(",")

    emails.each do |email|
      invitation = create_or_update_invite(email)

      send_invitation_email(current_user.name, email, invitation.invite_token)
    end

    redirect_to admins_path
  end

  # GET /admins/reset
  def reset
    @user.create_reset_digest

    send_password_reset_email(@user)

    if session[:prev_url].present?

      redirect_path = session[:prev_url]
      session.delete(:prev_url)
    else
      redirect_path = admins_path
    end

    redirect_to redirect_path, flash: { success: I18n.t("administrator.flash.reset_password") }
  end

  # POST /admins/merge/:user_uid
  def merge_user
    begin
      # Get uid of user that will be merged into the other account
      uid_to_merge = params[:merge]
      logger.info "#{current_user.uid} is attempting to merge #{uid_to_merge} into #{@user.uid}"

      # Check to make sure the 2 users are unique
      raise "Can not merge the user into themself" if uid_to_merge == @user.uid

      # Find user to merge
      user_to_merge = User.find_by(uid: uid_to_merge)

      # Move over user's rooms
      user_to_merge.rooms.each do |room|
        room.owner = @user

        room.name = "(#{I18n.t('merged')}) #{room.name}"

        room.save!
      end

      # Reload user to update merge rooms
      user_to_merge.reload

      # Delete merged user
      user_to_merge.destroy(true)
    rescue => e
      logger.info "Failed to merge #{uid_to_merge} into #{@user.uid}: #{e}"
      flash[:alert] = I18n.t("administrator.flash.merge_fail")
    else
      logger.info "#{current_user.uid} successfully merged #{uid_to_merge} into #{@user.uid}"
      flash[:success] = I18n.t("administrator.flash.merge_success")
    end

    redirect_back fallback_location: admins_path
  end

  # SITE SETTINGS

  # POST /admins/update_settings
  def update_settings
    @settings.update_value(params[:setting], params[:value])

    flash_message = I18n.t("administrator.flash.settings")

    if params[:value] == "Default Recording Visibility"
      flash_message += ". " + I18n.t("administrator.site_settings.recording_visibility.warning")
    end

    redirect_to admin_site_settings_path, flash: { success: flash_message }
  end

  # POST /admins/color
  def coloring
    @settings.update_value("Primary Color", params[:value])
    @settings.update_value("Primary Color Lighten", color_lighten(params[:value]))
    @settings.update_value("Primary Color Darken", color_darken(params[:value]))
    redirect_to admin_site_settings_path, flash: { success: I18n.t("administrator.flash.settings") }
  end

  # POST /admins/registration_method/:method
  def registration_method
    new_method = Rails.configuration.registration_methods[params[:value].to_sym]

    # Only allow change to Join by Invitation if user has emails enabled
    if !Rails.configuration.enable_email_verification && new_method == Rails.configuration.registration_methods[:invite]
      redirect_to admin_site_settings_path,
        flash: { alert: I18n.t("administrator.flash.invite_email_verification") }
    else
      @settings.update_value("Registration Method", new_method)
      redirect_to admin_site_settings_path,
        flash: { success: I18n.t("administrator.flash.registration_method_updated") }
    end
  end

  # POST /admins/clear_auth
  def clear_auth
    User.include_deleted.where(provider: @user_domain).update_all(social_uid: nil)

    redirect_to admin_site_settings_path, flash: { success: I18n.t("administrator.flash.settings") }
  end

  # POST /admins/clear_cache
  def clear_cache
    Rails.cache.delete("#{@user_domain}/getUser")
    Rails.cache.delete("#{@user_domain}/getUserGreenlightCredentials")

    redirect_to admin_site_settings_path, flash: { success: I18n.t("administrator.flash.settings") }
  end

  # POST /admins/log_level
  def log_level
    Rails.logger.level = params[:value].to_i

    redirect_to admin_site_settings_path, flash: { success: I18n.t("administrator.flash.settings") }
  end

  # ROLES

  # GET /admins/roles
  def roles
    @roles = all_roles(params[:selected_role])
  end

  # POST /admins/role
  # This method creates a new role scoped to the users provider
  def new_role
    new_role = create_role(params[:role][:name])

    return redirect_to admin_roles_path, flash: { alert: I18n.t("administrator.roles.invalid_create") } if new_role.nil?

    redirect_to admin_roles_path(selected_role: new_role.id)
  end

  # PATCH /admin/roles/order
  # This updates the priority of a site's roles
  # Note: A lower priority role will always get used before a higher priority one
  def change_role_order
    unless update_priority(params[:role])
      redirect_to admin_roles_path, flash: { alert: I18n.t("administrator.roles.invalid_order") }
    end
  end

  # POST /admin/role/:role_id
  # This method updates the permissions assigned to a role
  def update_role
    role = Role.find(params[:role_id])
    flash[:alert] = I18n.t("administrator.roles.invalid_update") unless update_permissions(role)
    redirect_to admin_roles_path(selected_role: role.id)
  end

  # DELETE admins/role/:role_id
  # This deletes a role
  def delete_role
    role = Role.find(params[:role_id])

    # Make sure no users are assigned to the role and the role isn't a reserved role
    # before deleting
    if role.users.count.positive?
      flash[:alert] = I18n.t("administrator.roles.role_has_users", user_count: role.users.count)
      return redirect_to admin_roles_path(selected_role: role.id)
    elsif Role::RESERVED_ROLE_NAMES.include?(role) || role.provider != @user_domain ||
          role.priority <= current_user.highest_priority_role.priority
      return redirect_to admin_roles_path(selected_role: role.id)
    else
      role.role_permissions.delete_all
      role.delete
    end

    redirect_to admin_roles_path
  end

  private

  def find_user
    @user = User.find_by(uid: params[:user_uid])
  end

  def find_deleted_user
    @user = User.deleted.find_by(uid: params[:user_uid])
  end

  # Verifies that admin is an administrator of the user in the action
  def verify_admin_of_user
    redirect_to admins_path,
      flash: { alert: I18n.t("administrator.flash.unauthorized") } unless current_user.admin_of?(@user)
  end

  # Creates the invite if it doesn't exist, or updates the updated_at time if it does
  def create_or_update_invite(email)
    invite = Invitation.find_by(email: email, provider: @user_domain)

    # Invite already exists
    if invite.present?
      # Updates updated_at to now
      invite.touch
    else
      # Creates invite
      invite = Invitation.create(email: email, provider: @user_domain)
    end

    invite
  end
end


1		# frozen_string_literal: true
2
3		# BigBlueButton open source conferencing system - http://www.bigbluebutton.org/.
4		#
5		# Copyright (c) 2018 BigBlueButton Inc. and by respective authors (see below).
6		#
7		# This program is free software; you can redistribute it and/or modify it under the
8		# terms of the GNU Lesser General Public License as published by the Free Software
9		# Foundation; either version 3.0 of the License, or (at your option) any later
10		# version.
11		#
12		# BigBlueButton is distributed in the hope that it will be useful, but WITHOUT ANY
13		# WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A
14		# PARTICULAR PURPOSE. See the GNU Lesser General Public License for more details.
15		#
16		# You should have received a copy of the GNU Lesser General Public License along
17		# with BigBlueButton; if not, see <http://www.gnu.org/licenses/>.
18
19		class AdminsController < ApplicationController
20		include Pagy::Backend
21		include Themer
22		include Emailer
23		include Recorder
24		include Rolify
25		include Populator
26
27		manage_users = [:edit_user, :promote, :demote, :ban_user, :unban_user, :approve, :reset, :merge_user]
28		manage_deleted_users = [:undelete]
29		authorize_resource class: false
30		before_action :find_user, only: manage_users
31		before_action :find_deleted_user, only: manage_deleted_users
32		before_action :verify_admin_of_user, only: [manage_users, manage_deleted_users]
33
34		# GET /admins
35		def index
36		# Initializa the data manipulation variables
37		@search = params[:search] \|\| ""
38		@order_column = params[:column] && params[:direction] != "none" ? params[:column] : "created_at"
39		@order_direction = params[:direction] && params[:direction] != "none" ? params[:direction] : "DESC"
40
41		@role = params[:role] ? Role.find_by(name: params[:role], provider: @user_domain) : nil
42		@tab = params[:tab] \|\| "active"
43
44		@user_list = merge_user_list
45
46		@pagy, @users = pagy(manage_users_list)
47		end
48
49		# GET /admins/site_settings
50		def site_settings
51		end
52
53		# GET /admins/server_recordings
54		def server_recordings
55		server_rooms = rooms_list_for_recordings
56
57		@search, @order_column, @order_direction, recs =
58		all_recordings(server_rooms, params.permit(:search, :column, :direction), true, true)
59
60		@pagy, @recordings = pagy_array(recs)
61		end
62
63		# GET /admins/rooms
64		def server_rooms
65		@search = params[:search] \|\| ""
66		@order_column = params[:column] && params[:direction] != "none" ? params[:column] : "created_at"
67		@order_direction = params[:direction] && params[:direction] != "none" ? params[:direction] : "DESC"
68
69		@running_room_bbb_ids = all_running_meetings[:meetings].pluck(:meetingID)
70
71		@user_list = shared_user_list if shared_access_allowed
72
73		@pagy, @rooms = pagy_array(server_rooms_list)
74		end
75
76		# MANAGE USERS
77
78		# GET /admins/edit/:user_uid
79		def edit_user
80		session[:prev_url] = request.referer if request.referer.present?
81		end
82
83		# POST /admins/ban/:user_uid
84	View Code Duplication	def ban_user
		0 ignored issues – show Duplication introduced 2020-03-03 17:44 UTC by Report Bug Copy Issue Report This code seems to be duplicated in your project. Loading history...
85		@user.roles = []
86		@user.add_role :denied
87
88		redirect_back fallback_location: admins_path, flash: { success: I18n.t("administrator.flash.banned") }
89		end
90
91		# POST /admins/unban/:user_uid
92	View Code Duplication	def unban_user
		0 ignored issues – show Duplication introduced 2020-03-03 17:44 UTC by Report Bug Copy Issue Report This code seems to be duplicated in your project. Loading history...
93		@user.remove_role :denied
94		@user.add_role :user
95
96		redirect_back fallback_location: admins_path, flash: { success: I18n.t("administrator.flash.unbanned") }
97		end
98
99		# POST /admins/approve/:user_uid
100		def approve
101		@user.remove_role :pending
102
103		send_user_approved_email(@user)
104
105		redirect_back fallback_location: admins_path, flash: { success: I18n.t("administrator.flash.approved") }
106		end
107
108		# POST /admins/approve/:user_uid
109		def undelete
110		# Undelete the user and all of his rooms
111		@user.undelete!
112		@user.rooms.deleted.each(&:undelete!)
113
114		redirect_back fallback_location: admins_path, flash: { success: I18n.t("administrator.flash.restored") }
115		end
116
117		# POST /admins/invite
118		def invite
119		emails = params[:invite_user][:email].split(",")
120
121		emails.each do \|email\|
122		invitation = create_or_update_invite(email)
123
124		send_invitation_email(current_user.name, email, invitation.invite_token)
125		end
126
127		redirect_to admins_path
128		end
129
130		# GET /admins/reset
131		def reset
132		@user.create_reset_digest
133
134		send_password_reset_email(@user)
135
136	View Code Duplication	if session[:prev_url].present?
		0 ignored issues – show Duplication introduced 2020-03-03 17:44 UTC by Report Bug Copy Issue Report This code seems to be duplicated in your project. Loading history...
137		redirect_path = session[:prev_url]
138		session.delete(:prev_url)
139		else
140		redirect_path = admins_path
141		end
142
143		redirect_to redirect_path, flash: { success: I18n.t("administrator.flash.reset_password") }
144		end
145
146		# POST /admins/merge/:user_uid
147		def merge_user
148		begin
149		# Get uid of user that will be merged into the other account
150		uid_to_merge = params[:merge]
151		logger.info "#{current_user.uid} is attempting to merge #{uid_to_merge} into #{@user.uid}"
152
153		# Check to make sure the 2 users are unique
154		raise "Can not merge the user into themself" if uid_to_merge == @user.uid
155
156		# Find user to merge
157		user_to_merge = User.find_by(uid: uid_to_merge)
158
159		# Move over user's rooms
160		user_to_merge.rooms.each do \|room\|
161		room.owner = @user
162
163		room.name = "(#{I18n.t('merged')}) #{room.name}"
164
165		room.save!
166		end
167
168		# Reload user to update merge rooms
169		user_to_merge.reload
170
171		# Delete merged user
172		user_to_merge.destroy(true)
173		rescue => e
174		logger.info "Failed to merge #{uid_to_merge} into #{@user.uid}: #{e}"
175		flash[:alert] = I18n.t("administrator.flash.merge_fail")
176		else
177		logger.info "#{current_user.uid} successfully merged #{uid_to_merge} into #{@user.uid}"
178		flash[:success] = I18n.t("administrator.flash.merge_success")
179		end
180
181		redirect_back fallback_location: admins_path
182		end
183
184		# SITE SETTINGS
185
186		# POST /admins/update_settings
187		def update_settings
188		@settings.update_value(params[:setting], params[:value])
189
190		flash_message = I18n.t("administrator.flash.settings")
191
192		if params[:value] == "Default Recording Visibility"
193		flash_message += ". " + I18n.t("administrator.site_settings.recording_visibility.warning")
194		end
195
196		redirect_to admin_site_settings_path, flash: { success: flash_message }
197		end
198
199		# POST /admins/color
200		def coloring
201		@settings.update_value("Primary Color", params[:value])
202		@settings.update_value("Primary Color Lighten", color_lighten(params[:value]))
203		@settings.update_value("Primary Color Darken", color_darken(params[:value]))
204		redirect_to admin_site_settings_path, flash: { success: I18n.t("administrator.flash.settings") }
205		end
206
207		# POST /admins/registration_method/:method
208		def registration_method
209		new_method = Rails.configuration.registration_methods[params[:value].to_sym]
210
211		# Only allow change to Join by Invitation if user has emails enabled
212		if !Rails.configuration.enable_email_verification && new_method == Rails.configuration.registration_methods[:invite]
213		redirect_to admin_site_settings_path,
214		flash: { alert: I18n.t("administrator.flash.invite_email_verification") }
215		else
216		@settings.update_value("Registration Method", new_method)
217		redirect_to admin_site_settings_path,
218		flash: { success: I18n.t("administrator.flash.registration_method_updated") }
219		end
220		end
221
222		# POST /admins/clear_auth
223		def clear_auth
224		User.include_deleted.where(provider: @user_domain).update_all(social_uid: nil)
225
226		redirect_to admin_site_settings_path, flash: { success: I18n.t("administrator.flash.settings") }
227		end
228
229		# POST /admins/clear_cache
230		def clear_cache
231		Rails.cache.delete("#{@user_domain}/getUser")
232		Rails.cache.delete("#{@user_domain}/getUserGreenlightCredentials")
233
234		redirect_to admin_site_settings_path, flash: { success: I18n.t("administrator.flash.settings") }
235		end
236
237		# POST /admins/log_level
238		def log_level
239		Rails.logger.level = params[:value].to_i
240
241		redirect_to admin_site_settings_path, flash: { success: I18n.t("administrator.flash.settings") }
242		end
243
244		# ROLES
245
246		# GET /admins/roles
247		def roles
248		@roles = all_roles(params[:selected_role])
249		end
250
251		# POST /admins/role
252		# This method creates a new role scoped to the users provider
253		def new_role
254		new_role = create_role(params[:role][:name])
255
256		return redirect_to admin_roles_path, flash: { alert: I18n.t("administrator.roles.invalid_create") } if new_role.nil?
257
258		redirect_to admin_roles_path(selected_role: new_role.id)
259		end
260
261		# PATCH /admin/roles/order
262		# This updates the priority of a site's roles
263		# Note: A lower priority role will always get used before a higher priority one
264		def change_role_order
265		unless update_priority(params[:role])
266		redirect_to admin_roles_path, flash: { alert: I18n.t("administrator.roles.invalid_order") }
267		end
268		end
269
270		# POST /admin/role/:role_id
271		# This method updates the permissions assigned to a role
272		def update_role
273		role = Role.find(params[:role_id])
274		flash[:alert] = I18n.t("administrator.roles.invalid_update") unless update_permissions(role)
275		redirect_to admin_roles_path(selected_role: role.id)
276		end
277
278		# DELETE admins/role/:role_id
279		# This deletes a role
280		def delete_role
281		role = Role.find(params[:role_id])
282
283		# Make sure no users are assigned to the role and the role isn't a reserved role
284		# before deleting
285		if role.users.count.positive?
286		flash[:alert] = I18n.t("administrator.roles.role_has_users", user_count: role.users.count)
287		return redirect_to admin_roles_path(selected_role: role.id)
288		elsif Role::RESERVED_ROLE_NAMES.include?(role) \|\| role.provider != @user_domain \|\|
289		role.priority <= current_user.highest_priority_role.priority
290		return redirect_to admin_roles_path(selected_role: role.id)
291		else
292		role.role_permissions.delete_all
293		role.delete
294		end
295
296		redirect_to admin_roles_path
297		end
298
299		private
300
301		def find_user
302		@user = User.find_by(uid: params[:user_uid])
303		end
304
305		def find_deleted_user
306		@user = User.deleted.find_by(uid: params[:user_uid])
307		end
308
309		# Verifies that admin is an administrator of the user in the action
310		def verify_admin_of_user
311		redirect_to admins_path,
312		flash: { alert: I18n.t("administrator.flash.unauthorized") } unless current_user.admin_of?(@user)
313		end
314
315		# Creates the invite if it doesn't exist, or updates the updated_at time if it does
316		def create_or_update_invite(email)
317		invite = Invitation.find_by(email: email, provider: @user_domain)
318
319		# Invite already exists
320		if invite.present?
321		# Updates updated_at to now
322		invite.touch
323		else
324		# Creates invite
325		invite = Invitation.create(email: email, provider: @user_domain)
326		end
327
328		invite
329		end
330		end
331

farhatahmad / greenlight

Push — master ( 6bc43d...2da2ee )

AdminsController.merge_user() A

Complexity

Size

Duplication

Importance

Duplication Side-by-Side

Filter issues like