Revision 355bce36
Added by Ohad Levy over 10 years ago
app/controllers/users_controller.rb | ||
---|---|---|
class UsersController < ApplicationController
|
||
include Foreman::Controller::AutoCompleteSearch
|
||
include Foreman::Controller::UsersMixin
|
||
|
||
before_filter :find_user, :only => [:edit, :update, :destroy]
|
||
before_filter :find_resource, :only => [:edit, :update, :destroy]
|
||
skip_before_filter :require_mail, :only => [:edit, :update, :logout]
|
||
skip_before_filter :require_login, :authorize, :session_expiry, :update_activity_time, :set_taxonomy, :set_gettext_locale_db, :only => [:login, :logout, :extlogout]
|
||
skip_before_filter :authorize, :only => :extlogin
|
||
after_filter :update_activity_time, :only => :login
|
||
|
||
attr_accessor :editing_self
|
||
|
||
def index
|
||
begin
|
||
users = User.search_for(params[:search], :order => params[:order])
|
||
... | ... | |
end
|
||
|
||
def create
|
||
admin = params[:user].delete :admin
|
||
@user = User.new(params[:user]){|u| u.admin = admin }
|
||
if @user.save
|
||
@user.roles << Role.find_by_name("Anonymous") unless @user.roles.map(&:name).include? "Anonymous"
|
||
process_success
|
||
else
|
||
process_error
|
||
... | ... | |
end
|
||
|
||
def edit
|
||
editing_self?
|
||
if @user.user_facts.count == 0
|
||
user_fact = @user.user_facts.build :operator => "==", :andor => "or"
|
||
user_fact.fact_name_id = FactName.first.id if FactName.first
|
||
... | ... | |
end
|
||
|
||
def update
|
||
# Remove keys for restricted variables when the user is editing their own account
|
||
if editing_self
|
||
for key in params[:user].keys
|
||
params[:user].delete key unless %w{password_confirmation password mail firstname lastname locale}.include? key
|
||
end
|
||
User.current.editing_self = true
|
||
end
|
||
|
||
# Only an admin can update admin attribute of another user
|
||
# this is required, as the admin field is blacklisted above
|
||
admin = params[:user].delete :admin
|
||
@user.admin = admin if User.current.admin
|
||
|
||
if @user.update_attributes(params[:user])
|
||
@user.roles << Role.find_by_name("Anonymous") unless @user.roles.map(&:name).include? "Anonymous"
|
||
hostgroup_ids = params[:user]["hostgroup_ids"].reject(&:empty?).map(&:to_i) unless params[:user]["hostgroup_ids"].empty?
|
||
update_hostgroups_owners(hostgroup_ids) unless hostgroup_ids.empty?
|
||
process_success editing_self ? { :success_redirect => hosts_path } : {}
|
||
update_sub_hostgroups_owners
|
||
|
||
process_success((editing_self? && !current_user.allowed_to?({:controller => 'users', :action => 'index'})) ? { :success_redirect => hosts_path } : {})
|
||
else
|
||
process_error
|
||
end
|
||
User.current.editing_self = false if editing_self
|
||
|
||
# Remove locale from the session when set to "Browser Locale" and editing self
|
||
session.delete(:locale) if params[:user][:locale].try(:empty?) and params[:id].to_i == User.current.id
|
||
end
|
||
|
||
def destroy
|
||
... | ... | |
end
|
||
|
||
private
|
||
def authorize(ctrl = params[:controller], action = params[:action])
|
||
# Editing self is true when the user is granted access to just their own account details
|
||
|
||
if action == 'auto_complete_search' and User.current.allowed_to?({:controller => ctrl, :action => 'index'})
|
||
return true
|
||
end
|
||
|
||
self.editing_self = false
|
||
return true if User.current.allowed_to?({:controller => ctrl, :action => action})
|
||
if (action =~ /edit|update/ and params[:id].to_i == User.current.id)
|
||
return self.editing_self = true
|
||
else
|
||
deny_access and return
|
||
end
|
||
end
|
||
|
||
def find_user
|
||
@user = User.find(params[:id])
|
||
end
|
||
|
||
def update_hostgroups_owners(hostgroup_ids)
|
||
subhostgroups = Hostgroup.where(:id => hostgroup_ids).map(&:subtree).flatten.reject { |hg| hg.users.include?(@user) }
|
||
subhostgroups.each { |subhs| subhs.users << @user }
|
||
def find_resource
|
||
@user ||= User.find(params[:id])
|
||
end
|
||
|
||
def login_user(user)
|
Also available in: Unified diff
fixes #3930 - refactoring of edit_self implementation.