SessionsController - Code Metrics - Inspection of "Merge pull request #621 from bigbluebutton/v2.2-al..." - bigbluebutton/greenlight - Measure and Improve Code Quality continuously with Scrutinizer

Completed

Push — master ( ce2c9c...5a8758 )

by Jesus

created 2019-07-10 16:08 UTC

SessionsController A

↳ Parent: Project

Complexity

Total Complexity

Size/Duplication

Total Lines	132
Duplicated Lines	6.82 %

Importance

Changes	2
Bugs	0	Features	0

Metric	Value
dl	9
loc	132
rs	9.44
c	2
b	0
f	0
wmc	37

7 Methods

Rating	Name	Duplication	Size	Complexity
A	session_params()	0	3	1
C	create()	0	15	10
A	check_user_exists()	0	4	2
A	destroy()	0	4	1
F	process_signin()	9	42	14
A	passes_invite_reqs()	0	6	2
B	ldap()	0	26	5

How to fix Duplicated Code

# frozen_string_literal: true

# BigBlueButton open source conferencing system - http://www.bigbluebutton.org/.
#
# Copyright (c) 2018 BigBlueButton Inc. and by respective authors (see below).
#
# This program is free software; you can redistribute it and/or modify it under the
# terms of the GNU Lesser General Public License as published by the Free Software
# Foundation; either version 3.0 of the License, or (at your option) any later
# version.
#
# BigBlueButton is distributed in the hope that it will be useful, but WITHOUT ANY
# WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A
# PARTICULAR PURPOSE. See the GNU Lesser General Public License for more details.
#
# You should have received a copy of the GNU Lesser General Public License along
# with BigBlueButton; if not, see <http://www.gnu.org/licenses/>.

class SessionsController < ApplicationController
  include Registrar
  include Emailer
  include LdapAuthenticator

  skip_before_action :verify_authenticity_token, only: [:omniauth, :fail]

  # GET /users/logout
  def destroy
    logout
    redirect_to root_path
  end

  # POST /users/login
  def create
    admin = User.find_by(email: session_params[:email])
    if admin&.has_role? :super_admin
      user = admin
    else
      user = User.find_by(email: session_params[:email], provider: @user_domain)
      redirect_to(signin_path, alert: I18n.t("invalid_user")) && return unless user
      redirect_to(root_path, alert: I18n.t("invalid_login_method")) && return unless user.greenlight_account?
      redirect_to(account_activation_path(email: user.email)) && return unless user.activated?
    end
    redirect_to(signin_path, alert: I18n.t("invalid_credentials")) && return unless user.try(:authenticate,
      session_params[:password])

    login(user)
  end

  # GET/POST /auth/:provider/callback
  def omniauth
    @auth = request.env['omniauth.auth']

    process_signin
  end

  # POST /auth/failure
  def omniauth_fail
    redirect_to root_path, alert: I18n.t(params[:message], default: I18n.t("omniauth_error"))
  end

  # GET /auth/ldap
  def ldap
    ldap_config = {}
    ldap_config[:host] = ENV['LDAP_SERVER']
    ldap_config[:port] = ENV['LDAP_PORT'].to_i != 0 ? ENV['LDAP_PORT'].to_i : 389
    ldap_config[:bind_dn] = ENV['LDAP_BIND_DN']
    ldap_config[:password] = ENV['LDAP_PASSWORD']
    ldap_config[:encryption] = if ENV['LDAP_METHOD'] == 'ssl'
                                    'simple_tls'
                                elsif ENV['LDAP_METHOD'] == 'tls'
                                    'start_tls'
                                end
    ldap_config[:base] = ENV['LDAP_BASE']
    ldap_config[:uid] = ENV['LDAP_UID']

    result = send_ldap_request(params[:session], ldap_config)

    if result
      result = result.first
    else
      return redirect_to(ldap_signin_path, alert: I18n.t("invalid_credentials"))
    end

    @auth = parse_auth(result)

    process_signin
  end

  private

  def session_params
    params.require(:session).permit(:email, :password)
  end

  def check_user_exists
    provider = @auth['provider'] == "bn_launcher" ? @auth['info']['customer'] : @auth['provider']
    User.exists?(social_uid: @auth['uid'], provider: provider)
  end

  # Check if the user already exists, if not then check for invitation
  def passes_invite_reqs
    return true if @user_exists

    invitation = check_user_invited("", session[:invite_token], @user_domain)
    invitation[:present]
  end

  def process_signin
    begin
      @user_exists = check_user_exists

      if !@user_exists && @auth['provider'] == "twitter"
        return redirect_to root_path, flash: { alert: I18n.t("registration.deprecated.twitter_signup") }
      end

      # If using invitation registration method, make sure user is invited
      return redirect_to root_path, flash: { alert: I18n.t("registration.invite.no_invite") } unless passes_invite_reqs


      user = User.from_omniauth(@auth)

      # Add pending role if approval method and is a new user
      if approval_registration && !@user_exists

        user.add_role :pending

        # Inform admins that a user signed up if emails are turned on
        send_approval_user_signup_email(user) if Rails.configuration.enable_email_verification

        return redirect_to root_path, flash: { success: I18n.t("registration.approval.signup") }
      end

      send_invite_user_signup_email(user) if Rails.configuration.enable_email_verification &&
                                             invite_registration && !@user_exists

      login(user)

      if @auth['provider'] == "twitter"
        flash[:alert] = if allow_user_signup? && allow_greenlight_accounts?
                          I18n.t("registration.deprecated.twitter_signin",
                            link: signup_path(old_twitter_user_id: user.id))
                        else
                          I18n.t("registration.deprecated.twitter_signin",
                            link: signin_path(old_twitter_user_id: user.id))
                        end
      end
    rescue => e
        logger.error "Error authenticating via omniauth: #{e}"
        omniauth_fail
    end
  end
end


1		# frozen_string_literal: true
2
3		# BigBlueButton open source conferencing system - http://www.bigbluebutton.org/.
4		#
5		# Copyright (c) 2018 BigBlueButton Inc. and by respective authors (see below).
6		#
7		# This program is free software; you can redistribute it and/or modify it under the
8		# terms of the GNU Lesser General Public License as published by the Free Software
9		# Foundation; either version 3.0 of the License, or (at your option) any later
10		# version.
11		#
12		# BigBlueButton is distributed in the hope that it will be useful, but WITHOUT ANY
13		# WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A
14		# PARTICULAR PURPOSE. See the GNU Lesser General Public License for more details.
15		#
16		# You should have received a copy of the GNU Lesser General Public License along
17		# with BigBlueButton; if not, see <http://www.gnu.org/licenses/>.
18
19		class SessionsController < ApplicationController
20		include Registrar
21		include Emailer
22		include LdapAuthenticator
23
24		skip_before_action :verify_authenticity_token, only: [:omniauth, :fail]
25
26		# GET /users/logout
27		def destroy
28		logout
29		redirect_to root_path
30		end
31
32		# POST /users/login
33		def create
34		admin = User.find_by(email: session_params[:email])
35		if admin&.has_role? :super_admin
36		user = admin
37		else
38		user = User.find_by(email: session_params[:email], provider: @user_domain)
39		redirect_to(signin_path, alert: I18n.t("invalid_user")) && return unless user
40		redirect_to(root_path, alert: I18n.t("invalid_login_method")) && return unless user.greenlight_account?
41		redirect_to(account_activation_path(email: user.email)) && return unless user.activated?
42		end
43		redirect_to(signin_path, alert: I18n.t("invalid_credentials")) && return unless user.try(:authenticate,
44		session_params[:password])
45
46		login(user)
47		end
48
49		# GET/POST /auth/:provider/callback
50		def omniauth
51		@auth = request.env['omniauth.auth']
52
53		process_signin
54		end
55
56		# POST /auth/failure
57		def omniauth_fail
58		redirect_to root_path, alert: I18n.t(params[:message], default: I18n.t("omniauth_error"))
59		end
60
61		# GET /auth/ldap
62		def ldap
63		ldap_config = {}
64		ldap_config[:host] = ENV['LDAP_SERVER']
65		ldap_config[:port] = ENV['LDAP_PORT'].to_i != 0 ? ENV['LDAP_PORT'].to_i : 389
66		ldap_config[:bind_dn] = ENV['LDAP_BIND_DN']
67		ldap_config[:password] = ENV['LDAP_PASSWORD']
68		ldap_config[:encryption] = if ENV['LDAP_METHOD'] == 'ssl'
69		'simple_tls'
70		elsif ENV['LDAP_METHOD'] == 'tls'
71		'start_tls'
72		end
73		ldap_config[:base] = ENV['LDAP_BASE']
74		ldap_config[:uid] = ENV['LDAP_UID']
75
76		result = send_ldap_request(params[:session], ldap_config)
77
78		if result
79		result = result.first
80		else
81		return redirect_to(ldap_signin_path, alert: I18n.t("invalid_credentials"))
82		end
83
84		@auth = parse_auth(result)
85
86		process_signin
87		end
88
89		private
90
91		def session_params
92		params.require(:session).permit(:email, :password)
93		end
94
95		def check_user_exists
96		provider = @auth['provider'] == "bn_launcher" ? @auth['info']['customer'] : @auth['provider']
97		User.exists?(social_uid: @auth['uid'], provider: provider)
98		end
99
100		# Check if the user already exists, if not then check for invitation
101		def passes_invite_reqs
102		return true if @user_exists
103
104		invitation = check_user_invited("", session[:invite_token], @user_domain)
105		invitation[:present]
106		end
107
108		def process_signin
109		begin
110		@user_exists = check_user_exists
111
112		if !@user_exists && @auth['provider'] == "twitter"
113		return redirect_to root_path, flash: { alert: I18n.t("registration.deprecated.twitter_signup") }
114		end
115
116		# If using invitation registration method, make sure user is invited
117	View Code Duplication	return redirect_to root_path, flash: { alert: I18n.t("registration.invite.no_invite") } unless passes_invite_reqs
		0 ignored issues – show Duplication introduced 2019-05-16 21:00 UTC by Report Bug Copy Issue Report This code seems to be duplicated in your project. Loading history...
118
119		user = User.from_omniauth(@auth)
120
121		# Add pending role if approval method and is a new user
122	View Code Duplication	if approval_registration && !@user_exists
		0 ignored issues – show Duplication introduced 2019-05-24 15:47 UTC by Report Bug Copy Issue Report This code seems to be duplicated in your project. Loading history...
123		user.add_role :pending
124
125		# Inform admins that a user signed up if emails are turned on
126		send_approval_user_signup_email(user) if Rails.configuration.enable_email_verification
127
128		return redirect_to root_path, flash: { success: I18n.t("registration.approval.signup") }
129		end
130
131		send_invite_user_signup_email(user) if Rails.configuration.enable_email_verification &&
132		invite_registration && !@user_exists
133
134		login(user)
135
136		if @auth['provider'] == "twitter"
137		flash[:alert] = if allow_user_signup? && allow_greenlight_accounts?
138		I18n.t("registration.deprecated.twitter_signin",
139		link: signup_path(old_twitter_user_id: user.id))
140		else
141		I18n.t("registration.deprecated.twitter_signin",
142		link: signin_path(old_twitter_user_id: user.id))
143		end
144		end
145		rescue => e
146		logger.error "Error authenticating via omniauth: #{e}"
147		omniauth_fail
148		end
149		end
150		end
151

bigbluebutton / greenlight

GitHub Access Token became invalid

Push — master ( ce2c9c...5a8758 )

SessionsController A

Complexity

Size/Duplication

Importance

7 Methods

How to fix Duplicated Code

Duplicated Code

Duplication Side-by-Side

Filter issues like