blob: fea7fc55d90bac3b9d1cc6d2882aa07f8ca4e921 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
|
# frozen_string_literal: true
module Users
class ApproveService < BaseService
def initialize(current_user)
@current_user = current_user
end
def execute(user)
return error(_('You are not allowed to approve a user'), :forbidden) unless allowed?
return error(_('The user you are trying to approve is not pending approval'), :conflict) if user.active? || !approval_required?(user)
if user.activate
# Resends confirmation email if the user isn't confirmed yet.
# Please see Devise's implementation of `resend_confirmation_instructions` for detail.
user.resend_confirmation_instructions
user.accept_pending_invitations! if user.active_for_authentication?
DeviseMailer.user_admin_approval(user).deliver_later
log_event(user)
after_approve_hook(user)
success(message: 'Success', http_status: :created)
else
error(user.errors.full_messages.uniq.join('. '), :unprocessable_entity)
end
end
private
attr_reader :current_user
def after_approve_hook(user)
# overridden by EE module
end
def allowed?
can?(current_user, :approve_user)
end
def approval_required?(user)
user.blocked_pending_approval?
end
def log_event(user)
Gitlab::AppLogger.info(message: "User instance access request approved", user: "#{user.username}", email: "#{user.email}", approved_by: "#{current_user.username}", ip_address: "#{current_user.current_sign_in_ip}")
end
end
end
Users::ApproveService.prepend_if_ee('EE::Users::ApproveService')
|