diff options
author | Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com> | 2013-06-13 21:06:27 +0300 |
---|---|---|
committer | Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com> | 2013-06-13 21:06:27 +0300 |
commit | 6838304a85cd3b5dfdac076c600cb15f5643c674 (patch) | |
tree | 61785561cb8fde46b41630b0a6ad60ca8eb24b02 /app | |
parent | 00882b3c33cb377b903cdf8e2b91149081739785 (diff) | |
download | gitlab-ce-6838304a85cd3b5dfdac076c600cb15f5643c674.tar.gz |
Force user password change for users created by admin
Diffstat (limited to 'app')
-rw-r--r-- | app/controllers/admin/users_controller.rb | 8 | ||||
-rw-r--r-- | app/models/user.rb | 4 | ||||
-rw-r--r-- | app/views/admin/users/_form.html.haml | 30 | ||||
-rw-r--r-- | app/views/admin/users/show.html.haml | 112 | ||||
-rw-r--r-- | app/views/notify/new_user_email.html.haml | 9 | ||||
-rw-r--r-- | app/views/notify/new_user_email.text.erb | 5 |
6 files changed, 110 insertions, 58 deletions
diff --git a/app/controllers/admin/users_controller.rb b/app/controllers/admin/users_controller.rb index 185ad181b2a..ec3209fdfe2 100644 --- a/app/controllers/admin/users_controller.rb +++ b/app/controllers/admin/users_controller.rb @@ -55,8 +55,14 @@ class Admin::UsersController < Admin::ApplicationController def create admin = params[:user].delete("admin") - @admin_user = User.new(params[:user], as: :admin) + opts = { + force_random_password: true, + password_expires_at: Time.now + } + + @admin_user = User.new(params[:user].merge(opts), as: :admin) @admin_user.admin = (admin && admin.to_i > 0) + @admin_user.created_by_id = current_user.id respond_to do |format| if @admin_user.save diff --git a/app/models/user.rb b/app/models/user.rb index 3f92ca3f854..6de8d2d4c39 100644 --- a/app/models/user.rb +++ b/app/models/user.rb @@ -367,4 +367,8 @@ class User < ActiveRecord::Base def accessible_deploy_keys DeployKey.in_projects(self.master_projects).uniq end + + def created_by + User.find_by_id(created_by_id) if created_by_id + end end diff --git a/app/views/admin/users/_form.html.haml b/app/views/admin/users/_form.html.haml index 9bde50f8947..fdf37965091 100644 --- a/app/views/admin/users/_form.html.haml +++ b/app/views/admin/users/_form.html.haml @@ -24,19 +24,25 @@ = f.text_field :email, required: true, autocomplete: "off" %span.help-inline * required - %fieldset - %legend Password - .clearfix - = f.label :password - .input= f.password_field :password, disabled: f.object.force_random_password - .clearfix - = f.label :password_confirmation - .input= f.password_field :password_confirmation, disabled: f.object.force_random_password - -if f.object.new_record? + - if @admin_user.new_record? + %fieldset + %legend Password + .clearfix + = f.label :password + .input + %strong + A temporary password will be generated and sent to user. + %br + User will be forced to change it after first sign in + - else + %fieldset + %legend Password + .clearfix + = f.label :password + .input= f.password_field :password, disabled: f.object.force_random_password .clearfix - = f.label :force_random_password do - %span Generate random password - .input= f.check_box :force_random_password, {}, true, nil + = f.label :password_confirmation + .input= f.password_field :password_confirmation, disabled: f.object.force_random_password %fieldset %legend Access diff --git a/app/views/admin/users/show.html.haml b/app/views/admin/users/show.html.haml index 6709b8f8a6b..1b5340d687d 100644 --- a/app/views/admin/users/show.html.haml +++ b/app/views/admin/users/show.html.haml @@ -1,32 +1,65 @@ +%h3.page_title + User: + = @admin_user.name + - if @admin_user.blocked? + %span.cred (Blocked) + - if @admin_user.admin + %span.cred (Admin) + + .pull-right + = link_to edit_admin_user_path(@admin_user), class: "btn grouped btn-small" do + %i.icon-edit + Edit + - unless @admin_user == current_user + - if @admin_user.blocked? + = link_to 'Unblock', unblock_admin_user_path(@admin_user), method: :put, class: "btn grouped btn-small success" + - else + = link_to 'Block', block_admin_user_path(@admin_user), confirm: 'USER WILL BE BLOCKED! Are you sure?', method: :put, class: "btn grouped btn-small btn-remove" + = link_to 'Destroy', [:admin, @admin_user], confirm: "USER #{@admin_user.name} WILL BE REMOVED! Are you sure?", method: :delete, class: "btn grouped btn-small btn-remove" +%hr + .row .span6 - %h3.page_title - = image_tag gravatar_icon(@admin_user.email, 90), class: "avatar s90" - = @admin_user.name - - if @admin_user.blocked? - %span.cred (Blocked) - - if @admin_user.admin - %span.cred (Admin) - .pull-right - = link_to edit_admin_user_path(@admin_user), class: "btn pull-right" do - %i.icon-edit - Edit - %br - %small @#{@admin_user.username} - %br - %small member since #{@admin_user.created_at.stamp("Nov 12, 2031")} - .clearfix - %hr - %p - %span.btn.btn-small - %i.icon-envelope - = mail_to @admin_user.email - - unless @admin_user == current_user - - if @admin_user.blocked? - = link_to 'Unblock', unblock_admin_user_path(@admin_user), method: :put, class: "btn btn-small success" - - else - = link_to 'Block', block_admin_user_path(@admin_user), confirm: 'USER WILL BE BLOCKED! Are you sure?', method: :put, class: "btn btn-small btn-remove" - = link_to 'Destroy', [:admin, @admin_user], confirm: "USER #{@admin_user.name} WILL BE REMOVED! Are you sure?", method: :delete, class: "btn btn-small btn-remove" + .ui-box + %h5.title + Account: + .pull-right + = image_tag gravatar_icon(@admin_user.email, 32), class: "avatar s32" + %ul.well-list + %li + %span.light Name: + %strong= @admin_user.name + %li + %span.light Username: + %strong + = @admin_user.username + %li + %span.light Email: + %strong + = mail_to @admin_user.email + + %li + %span.light Member since: + %strong + = @admin_user.created_at.stamp("Nov 12, 2031") + + %li + %span.light Last sign-in at: + %strong + = @admin_user.last_sign_in_at.stamp("Nov 12, 2031") + + - if @admin_user.ldap_user? + %li + %span.light LDAP uid: + %strong + = @admin_user.extern_uid + + - if @admin_user.created_by + %li + %span.light Created by: + %strong + = link_to @admin_user.created_by.name, [:admin, @admin_user.created_by] + %hr %h5 Add User to Projects @@ -67,11 +100,11 @@ .span6 - = render 'users/profile', user: @admin_user .ui-box %h5.title Projects (#{@projects.count}) %ul.well-list - @projects.sort_by(&:name_with_namespace).each do |project| + - tm = project.team.get_tm(@admin_user.id) %li = link_to admin_project_path(project), class: dom_class(project) do - if project.namespace @@ -79,16 +112,17 @@ \/ %strong.well-title = truncate(project.name, length: 45) - %span.pull-right.light - - if project.owner == @admin_user - %i.icon-wrench - - tm = project.team.get_tm(@admin_user.id) - - if tm - = tm.project_access_human - = link_to edit_admin_project_member_path(project, tm.user), class: "btn btn-small" do + + - if project.owner == @admin_user + %span.label.label-info owner + + - if tm + .pull-right + = link_to edit_admin_project_member_path(project, tm.user), class: "btn grouped btn-small" do %i.icon-edit - = link_to admin_project_member_path(project, tm.user), confirm: remove_from_project_team_message(project, @admin_user), method: :delete, class: "btn btn-small btn-remove" do + = link_to admin_project_member_path(project, tm.user), confirm: remove_from_project_team_message(project, @admin_user), method: :delete, class: "btn grouped btn-small btn-remove" do %i.icon-remove - %p.light - %i.icon-wrench - – user is a project owner + + .pull-right.light + = tm.project_access_human + diff --git a/app/views/notify/new_user_email.html.haml b/app/views/notify/new_user_email.html.haml index 9804fbdd51e..fc2c02ef827 100644 --- a/app/views/notify/new_user_email.html.haml +++ b/app/views/notify/new_user_email.html.haml @@ -8,13 +8,14 @@ %p login.......................................... %code= @user['email'] -%p - - unless Gitlab.config.gitlab.signup_enabled + +- if @user.created_by_id + %p password.................................. %code= @password -%p - Please change your password immediately after login. + %p + You will be forced to change this password immediately after login. %p = link_to "Click here to login", root_url diff --git a/app/views/notify/new_user_email.text.erb b/app/views/notify/new_user_email.text.erb index 777930a2803..70fe0e0736a 100644 --- a/app/views/notify/new_user_email.text.erb +++ b/app/views/notify/new_user_email.text.erb @@ -3,10 +3,11 @@ Hi <%= @user.name %>! The Administrator created an account for you. Now you are a member of company GitLab application. login.................. <%= @user.email %> -<% unless Gitlab.config.gitlab.signup_enabled %> +<% if @user.created_by_id %> password............... <%= @password %> + + You will be forced to change this password immediately after login. <% end %> -Please change your password immediately after login. Click here to login: <%= url_for(root_url) %> |