AdminsController.verify_admin_of_user() - Code Metrics - Inspection of "Translate /config/locales/en.yml in es_MX (#760)" - jfederico/greenlight - Measure and Improve Code Quality continuously with Scrutinizer

Passed

Push — master ( c31cf1...d3eb06 )

by Jesus

created 2019-08-22 16:46 UTC

AdminsController.verify_admin_of_user() A

↳ Parent: AdminsController

Complexity

Conditions

Size

Total Lines

Duplication

Lines	0
Ratio	0 %

Importance

Changes	1
Bugs	0	Features	0

Metric	Value
cc	2
c	1
b	0
f	0
dl	0
loc	4
rs	10

# frozen_string_literal: true

# BigBlueButton open source conferencing system - http://www.bigbluebutton.org/.
#
# Copyright (c) 2018 BigBlueButton Inc. and by respective authors (see below).
#
# This program is free software; you can redistribute it and/or modify it under the
# terms of the GNU Lesser General Public License as published by the Free Software
# Foundation; either version 3.0 of the License, or (at your option) any later
# version.
#
# BigBlueButton is distributed in the hope that it will be useful, but WITHOUT ANY
# WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A
# PARTICULAR PURPOSE. See the GNU Lesser General Public License for more details.
#
# You should have received a copy of the GNU Lesser General Public License along
# with BigBlueButton; if not, see <http://www.gnu.org/licenses/>.

class AdminsController < ApplicationController
  include Pagy::Backend
  include Themer
  include Emailer
  include Recorder

  manage_users = [:edit_user, :promote, :demote, :ban_user, :unban_user, :approve, :reset]
  site_settings = [:branding, :coloring, :coloring_lighten, :coloring_darken,
                   :registration_method, :room_authentication, :room_limit, :default_recording_visibility]

  authorize_resource class: false
  before_action :find_user, only: manage_users
  before_action :verify_admin_of_user, only: manage_users
  before_action :find_setting, only: site_settings

  # GET /admins
  def index
    @search = params[:search] || ""
    @order_column = params[:column] && params[:direction] != "none" ? params[:column] : "created_at"
    @order_direction = params[:direction] && params[:direction] != "none" ? params[:direction] : "DESC"

    @role = params[:role] ? Role.find_by(name: params[:role], provider: @user_domain) : nil

    @pagy, @users = pagy(user_list)
  end

  # GET /admins/site_settings
  def site_settings
  end

  # GET /admins/server_recordings
  def server_recordings
    server_rooms = if Rails.configuration.loadbalanced_configuration
      Room.includes(:owner).where(users: { provider: user_settings_provider }).pluck(:bbb_id)
    else
      Room.pluck(:bbb_id)
    end

    @search, @order_column, @order_direction, recs =
      all_recordings(server_rooms, @user_domain, params.permit(:search, :column, :direction), true, true)
    @pagy, @recordings = pagy_array(recs)
  end

  # MANAGE USERS

  # GET /admins/edit/:user_uid
  def edit_user
  end

  # POST /admins/ban/:user_uid
  def ban_user
    @user.roles = []
    @user.add_role :denied
    redirect_to admins_path, flash: { success: I18n.t("administrator.flash.banned") }
  end

  # POST /admins/unban/:user_uid
  def unban_user
    @user.remove_role :denied
    @user.add_role :user
    redirect_to admins_path, flash: { success: I18n.t("administrator.flash.unbanned") }
  end

  # POST /admins/approve/:user_uid
  def approve
    @user.remove_role :pending

    send_user_approved_email(@user)

    redirect_to admins_path, flash: { success: I18n.t("administrator.flash.approved") }
  end

  # POST /admins/invite
  def invite
    email = params[:invite_user][:email]

    begin
      invitation = create_or_update_invite(email)

      send_invitation_email(current_user.name, email, invitation.invite_token)
    rescue => e
      logger.error "Support: Error in email delivery: #{e}"
      flash[:alert] = I18n.t(params[:message], default: I18n.t("delivery_error"))
    else
      flash[:success] = I18n.t("administrator.flash.invite", email: email)
    end

    redirect_to admins_path
  end

  # GET /admins/reset
  def reset
    @user.create_reset_digest

    send_password_reset_email(@user)

    redirect_to admins_path, flash: { success: I18n.t("administrator.flash.reset_password") }
  end
  # SITE SETTINGS

  # POST /admins/branding
  def branding
    @settings.update_value("Branding Image", params[:url])
    redirect_to admin_site_settings_path, flash: { success: I18n.t("administrator.flash.settings") }
  end

  # POST /admins/color
  def coloring
    @settings.update_value("Primary Color", params[:color])
    @settings.update_value("Primary Color Lighten", color_lighten(params[:color]))
    @settings.update_value("Primary Color Darken", color_darken(params[:color]))
    redirect_to admin_site_settings_path, flash: { success: I18n.t("administrator.flash.settings") }
  end

  def coloring_lighten

    @settings.update_value("Primary Color Lighten", params[:color])
    redirect_to admin_site_settings_path, flash: { success: I18n.t("administrator.flash.settings") }
  end

  def coloring_darken

    @settings.update_value("Primary Color Darken", params[:color])
    redirect_to admin_site_settings_path, flash: { success: I18n.t("administrator.flash.settings") }
  end

  # POST /admins/room_authentication
  def room_authentication
    @settings.update_value("Room Authentication", params[:value])
    redirect_to admin_site_settings_path, flash: { success: I18n.t("administrator.flash.settings") }
  end

  # POST /admins/registration_method/:method
  def registration_method
    new_method = Rails.configuration.registration_methods[params[:method].to_sym]

    # Only allow change to Join by Invitation if user has emails enabled
    if !Rails.configuration.enable_email_verification && new_method == Rails.configuration.registration_methods[:invite]
      redirect_to admin_site_settings_path,
        flash: { alert: I18n.t("administrator.flash.invite_email_verification") }
    else
      @settings.update_value("Registration Method", new_method)
      redirect_to admin_site_settings_path,
        flash: { success: I18n.t("administrator.flash.registration_method_updated") }
    end
  end

  # POST /admins/room_limit
  def room_limit
    @settings.update_value("Room Limit", params[:limit])
    redirect_to admin_site_settings_path, flash: { success: I18n.t("administrator.flash.settings") }
  end

  # POST /admins/default_recording_visibility
  def default_recording_visibility
    @settings.update_value("Default Recording Visibility", params[:visibility])
    redirect_to admin_site_settings_path, flash: {
      success: I18n.t("administrator.flash.settings") + ". " +
               I18n.t("administrator.site_settings.recording_visibility.warning")
    }
  end

  # POST /admins/clear_cache
  def clear_cache
    Rails.cache.delete("#{@user_domain}/getUser")
    Rails.cache.delete("#{@user_domain}/getUserGreenlightCredentials")

    redirect_to admin_site_settings_path, flash: { success: I18n.t("administrator.flash.settings") }
  end

  # ROLES

  # GET /admins/roles
  def roles
    @roles = Role.editable_roles(@user_domain)

    if @roles.count.zero?
      Role.create_default_roles(@user_domain)
      @roles = Role.editable_roles(@user_domain)
    end

    @selected_role = if params[:selected_role].nil?
                        @roles.find_by(name: 'user')
                      else
                        @roles.find(params[:selected_role])
                     end
  end

  # POST /admin/role
  # This method creates a new role scope to the users provider
  def new_role
    new_role_name = params[:role][:name]

    # Make sure that the role name isn't a duplicate or a reserved name like super_admin
    if Role.duplicate_name(new_role_name, @user_domain)
      flash[:alert] = I18n.t("administrator.roles.duplicate_name")

      return redirect_to admin_roles_path
    end

    # Make sure the role name isn't empty
    if new_role_name.strip.empty?
      flash[:alert] = I18n.t("administrator.roles.empty_name")

      return redirect_to admin_roles_path
    end

    new_role = Role.create_new_role(new_role_name, @user_domain)

    redirect_to admin_roles_path(selected_role: new_role.id)
  end

  # PATCH /admin/roles/order
  # This updates the priority of a site's roles
  # Note: A lower priority role will always get used before a higher priority one
  def change_role_order
    user_role = Role.find_by(name: "user", provider: @user_domain)
    admin_role = Role.find_by(name: "admin", provider: @user_domain)

    current_user_role = current_user.highest_priority_role

    # Users aren't allowed to update the priority of the admin or user roles
    if params[:role].include?(user_role.id.to_s) || params[:role].include?(admin_role.id.to_s)
      flash[:alert] = I18n.t("administrator.roles.invalid_order")

      return redirect_to admin_roles_path
    end

    # Restrict users to only updating the priority for roles in their domain with a higher
    # priority
    params[:role].each do |id|
      role = Role.find(id)
      if role.priority <= current_user_role.priority || role.provider != @user_domain
        flash[:alert] = I18n.t("administrator.roles.invalid_update")
        return redirect_to admin_roles_path
      end
    end

    # Update the roles priority including the user role
    top_priority = 0

    params[:role].each_with_index do |id, index|
      new_priority = index + [current_user_role.priority, 0].max + 1
      top_priority = new_priority
      Role.where(id: id).update_all(priority: new_priority)
    end

    user_role.priority = top_priority + 1
    user_role.save!
  end

  # POST /admin/role/:role_id
  # This method updates the permissions assigned to a role
  def update_role
    role = Role.find(params[:role_id])
    current_user_role = current_user.highest_priority_role

    # Checks that it is valid for the provider to update the role
    if role.priority <= current_user_role.priority || role.provider != @user_domain
      flash[:alert] = I18n.t("administrator.roles.invalid_update")
      return redirect_to admin_roles_path(selected_role: role.id)
    end

    role_params = params.require(:role).permit(:name)
    permission_params = params.require(:role)
                              .permit(
                                :can_create_rooms,
                                :send_promoted_email,
                                :send_demoted_email,
                                :can_edit_site_settings,
                                :can_edit_roles,
                                :can_manage_users,
                                :colour
                              )

    # Role is a default role so users can't change the name
    role_params[:name] = role.name if Role::RESERVED_ROLE_NAMES.include?(role.name)

    # Make sure if the user is updating the role name that the role name is valid
    if role.name != role_params[:name] && !Role.duplicate_name(role_params[:name], @user_domain) &&
       !role_params[:name].strip.empty?
      role.name = role_params[:name]
    elsif role.name != role_params[:name]
      flash[:alert] = I18n.t("administrator.roles.duplicate_name")

      return redirect_to admin_roles_path(selected_role: role.id)
    end

    role.update(permission_params)

    role.save!

    redirect_to admin_roles_path(selected_role: role.id)
  end

  # DELETE admins/role/:role_id
  # This deletes a role
  def delete_role
    role = Role.find(params[:role_id])

    # Make sure no users are assigned to the role and the role isn't a reserved role
    # before deleting
    if role.users.count.positive?
      flash[:alert] = I18n.t("administrator.roles.role_has_users", user_count: role.users.count)
      return redirect_to admin_roles_path(selected_role: role.id)
    elsif Role::RESERVED_ROLE_NAMES.include?(role) || role.provider != @user_domain ||
          role.priority <= current_user.highest_priority_role.priority
      return redirect_to admin_roles_path(selected_role: role.id)
    else
      role.delete
    end

    redirect_to admin_roles_path
  end

  private

  def find_user
    @user = User.where(uid: params[:user_uid]).includes(:roles).first
  end

  def find_setting
    @settings = Setting.find_or_create_by!(provider: user_settings_provider)
  end

  def verify_admin_of_user
    redirect_to admins_path,
      flash: { alert: I18n.t("administrator.flash.unauthorized") } unless current_user.admin_of?(@user)
  end

  # Gets the list of users based on your configuration
  def user_list
    initial_list = if current_user.has_role? :super_admin
      User.where.not(id: current_user.id)
    else
      User.without_role(:super_admin).where.not(id: current_user.id)
    end

    if Rails.configuration.loadbalanced_configuration
      initial_list.where(provider: user_settings_provider)
                  .admins_search(@search, @role)
                  .admins_order(@order_column, @order_direction)
    else
      initial_list.admins_search(@search, @role)
                  .admins_order(@order_column, @order_direction)
    end
  end

  # Creates the invite if it doesn't exist, or updates the updated_at time if it does
  def create_or_update_invite(email)
    invite = Invitation.find_by(email: email, provider: @user_domain)

    # Invite already exists
    if invite.present?
      # Updates updated_at to now
      invite.touch
    else
      # Creates invite
      invite = Invitation.create(email: email, provider: @user_domain)
    end

    invite
  end
end


1		# frozen_string_literal: true
2
3		# BigBlueButton open source conferencing system - http://www.bigbluebutton.org/.
4		#
5		# Copyright (c) 2018 BigBlueButton Inc. and by respective authors (see below).
6		#
7		# This program is free software; you can redistribute it and/or modify it under the
8		# terms of the GNU Lesser General Public License as published by the Free Software
9		# Foundation; either version 3.0 of the License, or (at your option) any later
10		# version.
11		#
12		# BigBlueButton is distributed in the hope that it will be useful, but WITHOUT ANY
13		# WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A
14		# PARTICULAR PURPOSE. See the GNU Lesser General Public License for more details.
15		#
16		# You should have received a copy of the GNU Lesser General Public License along
17		# with BigBlueButton; if not, see <http://www.gnu.org/licenses/>.
18
19		class AdminsController < ApplicationController
20		include Pagy::Backend
21		include Themer
22		include Emailer
23		include Recorder
24
25		manage_users = [:edit_user, :promote, :demote, :ban_user, :unban_user, :approve, :reset]
26		site_settings = [:branding, :coloring, :coloring_lighten, :coloring_darken,
27		:registration_method, :room_authentication, :room_limit, :default_recording_visibility]
28
29		authorize_resource class: false
30		before_action :find_user, only: manage_users
31		before_action :verify_admin_of_user, only: manage_users
32		before_action :find_setting, only: site_settings
33
34		# GET /admins
35		def index
36		@search = params[:search] \|\| ""
37		@order_column = params[:column] && params[:direction] != "none" ? params[:column] : "created_at"
38		@order_direction = params[:direction] && params[:direction] != "none" ? params[:direction] : "DESC"
39
40		@role = params[:role] ? Role.find_by(name: params[:role], provider: @user_domain) : nil
41
42		@pagy, @users = pagy(user_list)
43		end
44
45		# GET /admins/site_settings
46		def site_settings
47		end
48
49		# GET /admins/server_recordings
50		def server_recordings
51		server_rooms = if Rails.configuration.loadbalanced_configuration
52		Room.includes(:owner).where(users: { provider: user_settings_provider }).pluck(:bbb_id)
53		else
54		Room.pluck(:bbb_id)
55		end
56
57		@search, @order_column, @order_direction, recs =
58		all_recordings(server_rooms, @user_domain, params.permit(:search, :column, :direction), true, true)
59		@pagy, @recordings = pagy_array(recs)
60		end
61
62		# MANAGE USERS
63
64		# GET /admins/edit/:user_uid
65		def edit_user
66		end
67
68		# POST /admins/ban/:user_uid
69		def ban_user
70		@user.roles = []
71		@user.add_role :denied
72		redirect_to admins_path, flash: { success: I18n.t("administrator.flash.banned") }
73		end
74
75		# POST /admins/unban/:user_uid
76		def unban_user
77		@user.remove_role :denied
78		@user.add_role :user
79		redirect_to admins_path, flash: { success: I18n.t("administrator.flash.unbanned") }
80		end
81
82		# POST /admins/approve/:user_uid
83		def approve
84		@user.remove_role :pending
85
86		send_user_approved_email(@user)
87
88		redirect_to admins_path, flash: { success: I18n.t("administrator.flash.approved") }
89		end
90
91		# POST /admins/invite
92		def invite
93		email = params[:invite_user][:email]
94
95		begin
96		invitation = create_or_update_invite(email)
97
98		send_invitation_email(current_user.name, email, invitation.invite_token)
99		rescue => e
100		logger.error "Support: Error in email delivery: #{e}"
101		flash[:alert] = I18n.t(params[:message], default: I18n.t("delivery_error"))
102		else
103		flash[:success] = I18n.t("administrator.flash.invite", email: email)
104		end
105
106		redirect_to admins_path
107		end
108
109		# GET /admins/reset
110		def reset
111		@user.create_reset_digest
112
113		send_password_reset_email(@user)
114
115		redirect_to admins_path, flash: { success: I18n.t("administrator.flash.reset_password") }
116		end
117		# SITE SETTINGS
118
119		# POST /admins/branding
120		def branding
121		@settings.update_value("Branding Image", params[:url])
122		redirect_to admin_site_settings_path, flash: { success: I18n.t("administrator.flash.settings") }
123		end
124
125		# POST /admins/color
126		def coloring
127		@settings.update_value("Primary Color", params[:color])
128		@settings.update_value("Primary Color Lighten", color_lighten(params[:color]))
129		@settings.update_value("Primary Color Darken", color_darken(params[:color]))
130		redirect_to admin_site_settings_path, flash: { success: I18n.t("administrator.flash.settings") }
131		end
132
133	View Code Duplication	def coloring_lighten
		0 ignored issues – show Duplication introduced 2019-05-24 15:56 UTC by Report Bug Copy Issue Report This code seems to be duplicated in your project. Loading history...
134		@settings.update_value("Primary Color Lighten", params[:color])
135		redirect_to admin_site_settings_path, flash: { success: I18n.t("administrator.flash.settings") }
136		end
137
138	View Code Duplication	def coloring_darken
		0 ignored issues – show Duplication introduced 2019-05-24 15:56 UTC by Report Bug Copy Issue Report This code seems to be duplicated in your project. Loading history...
139		@settings.update_value("Primary Color Darken", params[:color])
140		redirect_to admin_site_settings_path, flash: { success: I18n.t("administrator.flash.settings") }
141		end
142
143		# POST /admins/room_authentication
144		def room_authentication
145		@settings.update_value("Room Authentication", params[:value])
146		redirect_to admin_site_settings_path, flash: { success: I18n.t("administrator.flash.settings") }
147		end
148
149		# POST /admins/registration_method/:method
150		def registration_method
151		new_method = Rails.configuration.registration_methods[params[:method].to_sym]
152
153		# Only allow change to Join by Invitation if user has emails enabled
154		if !Rails.configuration.enable_email_verification && new_method == Rails.configuration.registration_methods[:invite]
155		redirect_to admin_site_settings_path,
156		flash: { alert: I18n.t("administrator.flash.invite_email_verification") }
157		else
158		@settings.update_value("Registration Method", new_method)
159		redirect_to admin_site_settings_path,
160		flash: { success: I18n.t("administrator.flash.registration_method_updated") }
161		end
162		end
163
164		# POST /admins/room_limit
165		def room_limit
166		@settings.update_value("Room Limit", params[:limit])
167		redirect_to admin_site_settings_path, flash: { success: I18n.t("administrator.flash.settings") }
168		end
169
170		# POST /admins/default_recording_visibility
171		def default_recording_visibility
172		@settings.update_value("Default Recording Visibility", params[:visibility])
173		redirect_to admin_site_settings_path, flash: {
174		success: I18n.t("administrator.flash.settings") + ". " +
175		I18n.t("administrator.site_settings.recording_visibility.warning")
176		}
177		end
178
179		# POST /admins/clear_cache
180		def clear_cache
181		Rails.cache.delete("#{@user_domain}/getUser")
182		Rails.cache.delete("#{@user_domain}/getUserGreenlightCredentials")
183
184		redirect_to admin_site_settings_path, flash: { success: I18n.t("administrator.flash.settings") }
185		end
186
187		# ROLES
188
189		# GET /admins/roles
190		def roles
191		@roles = Role.editable_roles(@user_domain)
192
193		if @roles.count.zero?
194		Role.create_default_roles(@user_domain)
195		@roles = Role.editable_roles(@user_domain)
196		end
197
198		@selected_role = if params[:selected_role].nil?
199		@roles.find_by(name: 'user')
200		else
201		@roles.find(params[:selected_role])
202		end
203		end
204
205		# POST /admin/role
206		# This method creates a new role scope to the users provider
207		def new_role
208		new_role_name = params[:role][:name]
209
210		# Make sure that the role name isn't a duplicate or a reserved name like super_admin
211		if Role.duplicate_name(new_role_name, @user_domain)
212		flash[:alert] = I18n.t("administrator.roles.duplicate_name")
213
214		return redirect_to admin_roles_path
215		end
216
217		# Make sure the role name isn't empty
218		if new_role_name.strip.empty?
219		flash[:alert] = I18n.t("administrator.roles.empty_name")
220
221		return redirect_to admin_roles_path
222		end
223
224		new_role = Role.create_new_role(new_role_name, @user_domain)
225
226		redirect_to admin_roles_path(selected_role: new_role.id)
227		end
228
229		# PATCH /admin/roles/order
230		# This updates the priority of a site's roles
231		# Note: A lower priority role will always get used before a higher priority one
232		def change_role_order
233		user_role = Role.find_by(name: "user", provider: @user_domain)
234		admin_role = Role.find_by(name: "admin", provider: @user_domain)
235
236		current_user_role = current_user.highest_priority_role
237
238		# Users aren't allowed to update the priority of the admin or user roles
239		if params[:role].include?(user_role.id.to_s) \|\| params[:role].include?(admin_role.id.to_s)
240		flash[:alert] = I18n.t("administrator.roles.invalid_order")
241
242		return redirect_to admin_roles_path
243		end
244
245		# Restrict users to only updating the priority for roles in their domain with a higher
246		# priority
247		params[:role].each do \|id\|
248		role = Role.find(id)
249		if role.priority <= current_user_role.priority \|\| role.provider != @user_domain
250		flash[:alert] = I18n.t("administrator.roles.invalid_update")
251		return redirect_to admin_roles_path
252		end
253		end
254
255		# Update the roles priority including the user role
256		top_priority = 0
257
258		params[:role].each_with_index do \|id, index\|
259		new_priority = index + [current_user_role.priority, 0].max + 1
260		top_priority = new_priority
261		Role.where(id: id).update_all(priority: new_priority)
262		end
263
264		user_role.priority = top_priority + 1
265		user_role.save!
266		end
267
268		# POST /admin/role/:role_id
269		# This method updates the permissions assigned to a role
270		def update_role
271		role = Role.find(params[:role_id])
272		current_user_role = current_user.highest_priority_role
273
274		# Checks that it is valid for the provider to update the role
275		if role.priority <= current_user_role.priority \|\| role.provider != @user_domain
276		flash[:alert] = I18n.t("administrator.roles.invalid_update")
277		return redirect_to admin_roles_path(selected_role: role.id)
278		end
279
280		role_params = params.require(:role).permit(:name)
281		permission_params = params.require(:role)
282		.permit(
283		:can_create_rooms,
284		:send_promoted_email,
285		:send_demoted_email,
286		:can_edit_site_settings,
287		:can_edit_roles,
288		:can_manage_users,
289		:colour
290		)
291
292		# Role is a default role so users can't change the name
293		role_params[:name] = role.name if Role::RESERVED_ROLE_NAMES.include?(role.name)
294
295		# Make sure if the user is updating the role name that the role name is valid
296		if role.name != role_params[:name] && !Role.duplicate_name(role_params[:name], @user_domain) &&
297		!role_params[:name].strip.empty?
298		role.name = role_params[:name]
299		elsif role.name != role_params[:name]
300		flash[:alert] = I18n.t("administrator.roles.duplicate_name")
301
302		return redirect_to admin_roles_path(selected_role: role.id)
303		end
304
305		role.update(permission_params)
306
307		role.save!
308
309		redirect_to admin_roles_path(selected_role: role.id)
310		end
311
312		# DELETE admins/role/:role_id
313		# This deletes a role
314		def delete_role
315		role = Role.find(params[:role_id])
316
317		# Make sure no users are assigned to the role and the role isn't a reserved role
318		# before deleting
319		if role.users.count.positive?
320		flash[:alert] = I18n.t("administrator.roles.role_has_users", user_count: role.users.count)
321		return redirect_to admin_roles_path(selected_role: role.id)
322		elsif Role::RESERVED_ROLE_NAMES.include?(role) \|\| role.provider != @user_domain \|\|
323		role.priority <= current_user.highest_priority_role.priority
324		return redirect_to admin_roles_path(selected_role: role.id)
325		else
326		role.delete
327		end
328
329		redirect_to admin_roles_path
330		end
331
332		private
333
334		def find_user
335		@user = User.where(uid: params[:user_uid]).includes(:roles).first
336		end
337
338		def find_setting
339		@settings = Setting.find_or_create_by!(provider: user_settings_provider)
340		end
341
342		def verify_admin_of_user
343		redirect_to admins_path,
344		flash: { alert: I18n.t("administrator.flash.unauthorized") } unless current_user.admin_of?(@user)
345		end
346
347		# Gets the list of users based on your configuration
348		def user_list
349		initial_list = if current_user.has_role? :super_admin
350		User.where.not(id: current_user.id)
351		else
352		User.without_role(:super_admin).where.not(id: current_user.id)
353		end
354
355		if Rails.configuration.loadbalanced_configuration
356		initial_list.where(provider: user_settings_provider)
357		.admins_search(@search, @role)
358		.admins_order(@order_column, @order_direction)
359		else
360		initial_list.admins_search(@search, @role)
361		.admins_order(@order_column, @order_direction)
362		end
363		end
364
365		# Creates the invite if it doesn't exist, or updates the updated_at time if it does
366		def create_or_update_invite(email)
367		invite = Invitation.find_by(email: email, provider: @user_domain)
368
369		# Invite already exists
370		if invite.present?
371		# Updates updated_at to now
372		invite.touch
373		else
374		# Creates invite
375		invite = Invitation.create(email: email, provider: @user_domain)
376		end
377
378		invite
379		end
380		end
381

jfederico / greenlight

Push — master ( c31cf1...d3eb06 )

AdminsController.verify_admin_of_user() A

Complexity

Size

Duplication

Importance

Duplication Side-by-Side

Filter issues like