diff options
Diffstat (limited to 'app/controllers/profiles')
| -rw-r--r-- | app/controllers/profiles/accounts_controller.rb | 32 | ||||
| -rw-r--r-- | app/controllers/profiles/active_sessions_controller.rb | 7 | ||||
| -rw-r--r-- | app/controllers/profiles/application_controller.rb | 5 | ||||
| -rw-r--r-- | app/controllers/profiles/avatars_controller.rb | 11 | ||||
| -rw-r--r-- | app/controllers/profiles/chat_names_controller.rb | 66 | ||||
| -rw-r--r-- | app/controllers/profiles/emails_controller.rb | 48 | ||||
| -rw-r--r-- | app/controllers/profiles/gpg_keys_controller.rb | 49 | ||||
| -rw-r--r-- | app/controllers/profiles/groups_controller.rb | 24 | ||||
| -rw-r--r-- | app/controllers/profiles/keys_controller.rb | 60 | ||||
| -rw-r--r-- | app/controllers/profiles/notifications_controller.rb | 28 | ||||
| -rw-r--r-- | app/controllers/profiles/passwords_controller.rb | 89 | ||||
| -rw-r--r-- | app/controllers/profiles/personal_access_tokens_controller.rb | 53 | ||||
| -rw-r--r-- | app/controllers/profiles/preferences_controller.rb | 52 | ||||
| -rw-r--r-- | app/controllers/profiles/two_factor_auths_controller.rb | 132 | ||||
| -rw-r--r-- | app/controllers/profiles/u2f_registrations_controller.rb | 9 |
15 files changed, 0 insertions, 665 deletions
diff --git a/app/controllers/profiles/accounts_controller.rb b/app/controllers/profiles/accounts_controller.rb deleted file mode 100644 index b03f4b7435f..00000000000 --- a/app/controllers/profiles/accounts_controller.rb +++ /dev/null @@ -1,32 +0,0 @@ -# frozen_string_literal: true - -class Profiles::AccountsController < Profiles::ApplicationController - include AuthHelper - - def show - render(locals: show_view_variables) - end - - # rubocop: disable CodeReuse/ActiveRecord - def unlink - provider = params[:provider] - identity = current_user.identities.find_by(provider: provider) - - return render_404 unless identity - - if unlink_provider_allowed?(provider) - identity.destroy - else - flash[:alert] = _("You are not allowed to unlink your primary login account") - end - - redirect_to profile_account_path - end - # rubocop: enable CodeReuse/ActiveRecord - - private - - def show_view_variables - {} - end -end diff --git a/app/controllers/profiles/active_sessions_controller.rb b/app/controllers/profiles/active_sessions_controller.rb deleted file mode 100644 index c473023cacb..00000000000 --- a/app/controllers/profiles/active_sessions_controller.rb +++ /dev/null @@ -1,7 +0,0 @@ -# frozen_string_literal: true - -class Profiles::ActiveSessionsController < Profiles::ApplicationController - def index - @sessions = ActiveSession.list(current_user).reject(&:is_impersonated) - end -end diff --git a/app/controllers/profiles/application_controller.rb b/app/controllers/profiles/application_controller.rb deleted file mode 100644 index 52b046ef64f..00000000000 --- a/app/controllers/profiles/application_controller.rb +++ /dev/null @@ -1,5 +0,0 @@ -# frozen_string_literal: true - -class Profiles::ApplicationController < ApplicationController - layout 'profile' -end diff --git a/app/controllers/profiles/avatars_controller.rb b/app/controllers/profiles/avatars_controller.rb deleted file mode 100644 index 3378a09628c..00000000000 --- a/app/controllers/profiles/avatars_controller.rb +++ /dev/null @@ -1,11 +0,0 @@ -# frozen_string_literal: true - -class Profiles::AvatarsController < Profiles::ApplicationController - def destroy - @user = current_user - - Users::UpdateService.new(current_user, user: @user).execute { |user| user.remove_avatar! } - - redirect_to profile_path, status: :found - end -end diff --git a/app/controllers/profiles/chat_names_controller.rb b/app/controllers/profiles/chat_names_controller.rb deleted file mode 100644 index 80b8279e91e..00000000000 --- a/app/controllers/profiles/chat_names_controller.rb +++ /dev/null @@ -1,66 +0,0 @@ -# frozen_string_literal: true - -class Profiles::ChatNamesController < Profiles::ApplicationController - before_action :chat_name_token, only: [:new] - before_action :chat_name_params, only: [:new, :create, :deny] - - def index - @chat_names = current_user.chat_names - end - - def new - end - - def create - new_chat_name = current_user.chat_names.new(chat_name_params) - - if new_chat_name.save - flash[:notice] = _("Authorized %{new_chat_name}") % { new_chat_name: new_chat_name.chat_name } - else - flash[:alert] = _("Could not authorize chat nickname. Try again!") - end - - delete_chat_name_token - redirect_to profile_chat_names_path - end - - def deny - delete_chat_name_token - - flash[:notice] = _("Denied authorization of chat nickname %{user_name}.") % { user_name: chat_name_params[:user_name] } - - redirect_to profile_chat_names_path - end - - def destroy - @chat_name = chat_names.find(params[:id]) - - if @chat_name.destroy - flash[:notice] = _("Deleted chat nickname: %{chat_name}!") % { chat_name: @chat_name.chat_name } - else - flash[:alert] = _("Could not delete chat nickname %{chat_name}.") % { chat_name: @chat_name.chat_name } - end - - redirect_to profile_chat_names_path, status: :found - end - - private - - def delete_chat_name_token - chat_name_token.delete - end - - def chat_name_params - @chat_name_params ||= chat_name_token.get || render_404 - end - - def chat_name_token - return render_404 unless params[:token] || render_404 - - @chat_name_token ||= Gitlab::ChatNameToken.new(params[:token]) - end - - def chat_names - @chat_names ||= current_user.chat_names - end -end diff --git a/app/controllers/profiles/emails_controller.rb b/app/controllers/profiles/emails_controller.rb deleted file mode 100644 index f666a1150a6..00000000000 --- a/app/controllers/profiles/emails_controller.rb +++ /dev/null @@ -1,48 +0,0 @@ -# frozen_string_literal: true - -class Profiles::EmailsController < Profiles::ApplicationController - before_action :find_email, only: [:destroy, :resend_confirmation_instructions] - - def index - @primary_email = current_user.email - @emails = current_user.emails.order_id_desc - end - - def create - @email = Emails::CreateService.new(current_user, email_params.merge(user: current_user)).execute - unless @email.errors.blank? - flash[:alert] = @email.errors.full_messages.first - end - - redirect_to profile_emails_url - end - - def destroy - Emails::DestroyService.new(current_user, user: current_user).execute(@email) - - respond_to do |format| - format.html { redirect_to profile_emails_url, status: :found } - format.js { head :ok } - end - end - - def resend_confirmation_instructions - if Emails::ConfirmService.new(current_user, user: current_user).execute(@email) - flash[:notice] = _("Confirmation email sent to %{email}") % { email: @email.email } - else - flash[:alert] = _("There was a problem sending the confirmation email") - end - - redirect_to profile_emails_url - end - - private - - def email_params - params.require(:email).permit(:email) - end - - def find_email - @email = current_user.emails.find(params[:id]) - end -end diff --git a/app/controllers/profiles/gpg_keys_controller.rb b/app/controllers/profiles/gpg_keys_controller.rb deleted file mode 100644 index 8c34a66c374..00000000000 --- a/app/controllers/profiles/gpg_keys_controller.rb +++ /dev/null @@ -1,49 +0,0 @@ -# frozen_string_literal: true - -class Profiles::GpgKeysController < Profiles::ApplicationController - before_action :set_gpg_key, only: [:destroy, :revoke] - - def index - @gpg_keys = current_user.gpg_keys.with_subkeys - @gpg_key = GpgKey.new - end - - def create - @gpg_key = GpgKeys::CreateService.new(current_user, gpg_key_params).execute - - if @gpg_key.persisted? - redirect_to profile_gpg_keys_path - else - @gpg_keys = current_user.gpg_keys.select(&:persisted?) - render :index - end - end - - def destroy - @gpg_key.destroy - - respond_to do |format| - format.html { redirect_to profile_gpg_keys_url, status: :found } - format.js { head :ok } - end - end - - def revoke - @gpg_key.revoke - - respond_to do |format| - format.html { redirect_to profile_gpg_keys_url, status: :found } - format.js { head :ok } - end - end - - private - - def gpg_key_params - params.require(:gpg_key).permit(:key) - end - - def set_gpg_key - @gpg_key = current_user.gpg_keys.find(params[:id]) - end -end diff --git a/app/controllers/profiles/groups_controller.rb b/app/controllers/profiles/groups_controller.rb deleted file mode 100644 index c755bcb718a..00000000000 --- a/app/controllers/profiles/groups_controller.rb +++ /dev/null @@ -1,24 +0,0 @@ -# frozen_string_literal: true - -class Profiles::GroupsController < Profiles::ApplicationController - include RoutableActions - - def update - group = find_routable!(Group, params[:id]) - notification_setting = current_user.notification_settings.find_by(source: group) # rubocop: disable CodeReuse/ActiveRecord - - if notification_setting.update(update_params) - flash[:notice] = "Notification settings for #{group.name} saved" - else - flash[:alert] = "Failed to save new settings for #{group.name}" - end - - redirect_back_or_default(default: profile_notifications_path) - end - - private - - def update_params - params.require(:notification_setting).permit(:notification_email) - end -end diff --git a/app/controllers/profiles/keys_controller.rb b/app/controllers/profiles/keys_controller.rb deleted file mode 100644 index 055d900eece..00000000000 --- a/app/controllers/profiles/keys_controller.rb +++ /dev/null @@ -1,60 +0,0 @@ -# frozen_string_literal: true - -class Profiles::KeysController < Profiles::ApplicationController - skip_before_action :authenticate_user!, only: [:get_keys] - - def index - @keys = current_user.keys.order_id_desc - @key = Key.new - end - - def show - @key = current_user.keys.find(params[:id]) - end - - def create - @key = Keys::CreateService.new(current_user, key_params.merge(ip_address: request.remote_ip)).execute - - if @key.persisted? - redirect_to profile_key_path(@key) - else - @keys = current_user.keys.select(&:persisted?) - render :index - end - end - - def destroy - @key = current_user.keys.find(params[:id]) - Keys::DestroyService.new(current_user).execute(@key) - - respond_to do |format| - format.html { redirect_to profile_keys_url, status: :found } - format.js { head :ok } - end - end - - # Get all keys of a user(params[:username]) in a text format - # Helpful for sysadmins to put in respective servers - def get_keys - if params[:username].present? - begin - user = UserFinder.new(params[:username]).find_by_username - if user.present? - render plain: user.all_ssh_keys.join("\n") - else - return render_404 - end - rescue => e - render html: e.message - end - else - return render_404 - end - end - - private - - def key_params - params.require(:key).permit(:title, :key) - end -end diff --git a/app/controllers/profiles/notifications_controller.rb b/app/controllers/profiles/notifications_controller.rb deleted file mode 100644 index 617e5bb7cb3..00000000000 --- a/app/controllers/profiles/notifications_controller.rb +++ /dev/null @@ -1,28 +0,0 @@ -# frozen_string_literal: true - -class Profiles::NotificationsController < Profiles::ApplicationController - # rubocop: disable CodeReuse/ActiveRecord - def show - @user = current_user - @group_notifications = current_user.notification_settings.for_groups.order(:id) - @project_notifications = current_user.notification_settings.for_projects.order(:id) - @global_notification_setting = current_user.global_notification_setting - end - # rubocop: enable CodeReuse/ActiveRecord - - def update - result = Users::UpdateService.new(current_user, user_params.merge(user: current_user)).execute - - if result[:status] == :success - flash[:notice] = _("Notification settings saved") - else - flash[:alert] = _("Failed to save new settings") - end - - redirect_back_or_default(default: profile_notifications_path) - end - - def user_params - params.require(:user).permit(:notification_email, :notified_of_own_activity) - end -end diff --git a/app/controllers/profiles/passwords_controller.rb b/app/controllers/profiles/passwords_controller.rb deleted file mode 100644 index d2787c2e450..00000000000 --- a/app/controllers/profiles/passwords_controller.rb +++ /dev/null @@ -1,89 +0,0 @@ -# frozen_string_literal: true - -class Profiles::PasswordsController < Profiles::ApplicationController - skip_before_action :check_password_expiration, only: [:new, :create] - skip_before_action :check_two_factor_requirement, only: [:new, :create] - - before_action :set_user - before_action :authorize_change_password! - - layout :determine_layout - - def new - end - - def create - unless @user.password_automatically_set || @user.valid_password?(user_params[:current_password]) - redirect_to new_profile_password_path, alert: _('You must provide a valid current password') - return - end - - password_attributes = { - password: user_params[:password], - password_confirmation: user_params[:password_confirmation], - password_automatically_set: false - } - - result = Users::UpdateService.new(current_user, password_attributes.merge(user: @user)).execute - - if result[:status] == :success - Users::UpdateService.new(current_user, user: @user, password_expires_at: nil).execute - - redirect_to root_path, notice: _('Password successfully changed') - else - render :new - end - end - - def edit - end - - def update - password_attributes = user_params.select do |key, value| - %w(password password_confirmation).include?(key.to_s) - end - password_attributes[:password_automatically_set] = false - - unless @user.password_automatically_set || @user.valid_password?(user_params[:current_password]) - redirect_to edit_profile_password_path, alert: _('You must provide a valid current password') - return - end - - result = Users::UpdateService.new(current_user, password_attributes.merge(user: @user)).execute - - if result[:status] == :success - flash[:notice] = _('Password was successfully updated. Please login with it') - redirect_to new_user_session_path - else - @user.reset - render 'edit' - end - end - - def reset - current_user.send_reset_password_instructions - redirect_to edit_profile_password_path, notice: _('We sent you an email with reset password instructions') - end - - private - - def set_user - @user = current_user - end - - def determine_layout - if [:new, :create].include?(action_name.to_sym) - 'application' - else - 'profile' - end - end - - def authorize_change_password! - render_404 unless @user.allow_password_authentication? - end - - def user_params - params.require(:user).permit(:current_password, :password, :password_confirmation) - end -end diff --git a/app/controllers/profiles/personal_access_tokens_controller.rb b/app/controllers/profiles/personal_access_tokens_controller.rb deleted file mode 100644 index f1c07cd9a1d..00000000000 --- a/app/controllers/profiles/personal_access_tokens_controller.rb +++ /dev/null @@ -1,53 +0,0 @@ -# frozen_string_literal: true - -class Profiles::PersonalAccessTokensController < Profiles::ApplicationController - def index - set_index_vars - @personal_access_token = finder.build - end - - def create - @personal_access_token = finder.build(personal_access_token_params) - - if @personal_access_token.save - PersonalAccessToken.redis_store!(current_user.id, @personal_access_token.token) - redirect_to profile_personal_access_tokens_path, notice: _("Your new personal access token has been created.") - else - set_index_vars - render :index - end - end - - def revoke - @personal_access_token = finder.find(params[:id]) - - if @personal_access_token.revoke! - flash[:notice] = _("Revoked personal access token %{personal_access_token_name}!") % { personal_access_token_name: @personal_access_token.name } - else - flash[:alert] = _("Could not revoke personal access token %{personal_access_token_name}.") % { personal_access_token_name: @personal_access_token.name } - end - - redirect_to profile_personal_access_tokens_path - end - - private - - def finder(options = {}) - PersonalAccessTokensFinder.new({ user: current_user, impersonation: false }.merge(options)) - end - - def personal_access_token_params - params.require(:personal_access_token).permit(:name, :expires_at, scopes: []) - end - - # rubocop: disable CodeReuse/ActiveRecord - def set_index_vars - @scopes = Gitlab::Auth.available_scopes_for(current_user) - - @inactive_personal_access_tokens = finder(state: 'inactive').execute - @active_personal_access_tokens = finder(state: 'active').execute.order(:expires_at) - - @new_personal_access_token = PersonalAccessToken.redis_getdel(current_user.id) - end - # rubocop: enable CodeReuse/ActiveRecord -end diff --git a/app/controllers/profiles/preferences_controller.rb b/app/controllers/profiles/preferences_controller.rb deleted file mode 100644 index 62f98d9e549..00000000000 --- a/app/controllers/profiles/preferences_controller.rb +++ /dev/null @@ -1,52 +0,0 @@ -# frozen_string_literal: true - -class Profiles::PreferencesController < Profiles::ApplicationController - before_action :user - - def show - end - - def update - begin - result = Users::UpdateService.new(current_user, preferences_params.merge(user: user)).execute - - if result[:status] == :success - flash[:notice] = _('Preferences saved.') - else - flash[:alert] = _('Failed to save preferences.') - end - rescue ArgumentError => e - # Raised when `dashboard` is given an invalid value. - flash[:alert] = _("Failed to save preferences (%{error_message}).") % { error_message: e.message } - end - - respond_to do |format| - format.html { redirect_to profile_preferences_path } - format.js - end - end - - private - - def user - @user = current_user - end - - def preferences_params - params.require(:user).permit(preferences_param_names) - end - - def preferences_param_names - [ - :color_scheme_id, - :layout, - :dashboard, - :project_view, - :theme_id, - :first_day_of_week, - :preferred_language, - :time_display_relative, - :time_format_in_24h - ] - end -end diff --git a/app/controllers/profiles/two_factor_auths_controller.rb b/app/controllers/profiles/two_factor_auths_controller.rb deleted file mode 100644 index 95b9344c551..00000000000 --- a/app/controllers/profiles/two_factor_auths_controller.rb +++ /dev/null @@ -1,132 +0,0 @@ -# frozen_string_literal: true - -class Profiles::TwoFactorAuthsController < Profiles::ApplicationController - skip_before_action :check_two_factor_requirement - - def show - unless current_user.otp_secret - current_user.otp_secret = User.generate_otp_secret(32) - end - - unless current_user.otp_grace_period_started_at && two_factor_grace_period - current_user.otp_grace_period_started_at = Time.current - end - - Users::UpdateService.new(current_user, user: current_user).execute! - - if two_factor_authentication_required? && !current_user.two_factor_enabled? - two_factor_authentication_reason( - global: lambda do - flash.now[:alert] = - _('The global settings require you to enable Two-Factor Authentication for your account.') - end, - group: lambda do |groups| - flash.now[:alert] = groups_notification(groups) - end - ) - - unless two_factor_grace_period_expired? - grace_period_deadline = current_user.otp_grace_period_started_at + two_factor_grace_period.hours - flash.now[:alert] = flash.now[:alert] + _(" You need to do this before %{grace_period_deadline}.") % { grace_period_deadline: l(grace_period_deadline) } - end - end - - @qr_code = build_qr_code - @account_string = account_string - setup_u2f_registration - end - - def create - if current_user.validate_and_consume_otp!(params[:pin_code]) - Users::UpdateService.new(current_user, user: current_user, otp_required_for_login: true).execute! do |user| - @codes = user.generate_otp_backup_codes! - end - - render 'create' - else - @error = _('Invalid pin code') - @qr_code = build_qr_code - setup_u2f_registration - render 'show' - end - end - - # A U2F (universal 2nd factor) device's information is stored after successful - # registration, which is then used while 2FA authentication is taking place. - def create_u2f - @u2f_registration = U2fRegistration.register(current_user, u2f_app_id, u2f_registration_params, session[:challenges]) - - if @u2f_registration.persisted? - session.delete(:challenges) - redirect_to profile_two_factor_auth_path, notice: s_("Your U2F device was registered!") - else - @qr_code = build_qr_code - setup_u2f_registration - render :show - end - end - - def codes - Users::UpdateService.new(current_user, user: current_user).execute! do |user| - @codes = user.generate_otp_backup_codes! - end - end - - def destroy - current_user.disable_two_factor! - - redirect_to profile_account_path, status: :found - end - - def skip - if two_factor_grace_period_expired? - redirect_to new_profile_two_factor_auth_path, alert: s_('Cannot skip two factor authentication setup') - else - session[:skip_two_factor] = current_user.otp_grace_period_started_at + two_factor_grace_period.hours - redirect_to root_path - end - end - - private - - def build_qr_code - uri = current_user.otp_provisioning_uri(account_string, issuer: issuer_host) - RQRCode.render_qrcode(uri, :svg, level: :m, unit: 3) - end - - def account_string - "#{issuer_host}:#{current_user.email}" - end - - def issuer_host - Gitlab.config.gitlab.host - end - - # Setup in preparation of communication with a U2F (universal 2nd factor) device - # Actual communication is performed using a Javascript API - def setup_u2f_registration - @u2f_registration ||= U2fRegistration.new - @u2f_registrations = current_user.u2f_registrations - u2f = U2F::U2F.new(u2f_app_id) - - registration_requests = u2f.registration_requests - sign_requests = u2f.authentication_requests(@u2f_registrations.map(&:key_handle)) - session[:challenges] = registration_requests.map(&:challenge) - - gon.push(u2f: { challenges: session[:challenges], app_id: u2f_app_id, - register_requests: registration_requests, - sign_requests: sign_requests }) - end - - def u2f_registration_params - params.require(:u2f_registration).permit(:device_response, :name) - end - - def groups_notification(groups) - group_links = groups.map { |group| view_context.link_to group.full_name, group_path(group) }.to_sentence - leave_group_links = groups.map { |group| view_context.link_to (s_("leave %{group_name}") % { group_name: group.full_name }), leave_group_members_path(group), remote: false, method: :delete}.to_sentence - - s_(%{The group settings for %{group_links} require you to enable Two-Factor Authentication for your account. You can %{leave_group_links}.}) - .html_safe % { group_links: group_links.html_safe, leave_group_links: leave_group_links.html_safe } - end -end diff --git a/app/controllers/profiles/u2f_registrations_controller.rb b/app/controllers/profiles/u2f_registrations_controller.rb deleted file mode 100644 index 866c4dee6e2..00000000000 --- a/app/controllers/profiles/u2f_registrations_controller.rb +++ /dev/null @@ -1,9 +0,0 @@ -# frozen_string_literal: true - -class Profiles::U2fRegistrationsController < Profiles::ApplicationController - def destroy - u2f_registration = current_user.u2f_registrations.find(params[:id]) - u2f_registration.destroy - redirect_to profile_two_factor_auth_path, status: 302, notice: _("Successfully deleted U2F device.") - end -end |