Skip to content

@sonOfRa /users_controller.rb
Created

Embed URL

HTTPS clone URL

Subversion checkout URL

You can clone with
or
.
Download ZIP
class UsersController < ApplicationController
before_action :signed_in_user, only: [:show]
before_action :correct_user, only: [:update, :edit]
before_action :privileged_user, only: [:index, :new, :create, :destroy]
def new
@user = User.new
end
def index
ldap = Ldap.new @current_user.dn, @current_user.bindPassword
@users = ldap.all_users
end
def edit
ldap = Ldap.new @current_user.dn, @current_user.bindPassword
@user = ldap.find_user params[:id] || not_found
end
def create
@user = User.new new_user_params
if @user.valid? :new
ldap = Ldap.new @current_user.dn, @current_user.bindPassword
user_created = ldap.create_user(@user)
if user_created == Ldap.ok
redirect_to user_path @user.uid
else
if user_created == Ldap.error_user_not_created
flash[:danger] = 'User could not be created'
elsif user_created == Ldap.error_no_free_uidnumber
flash[:danger] = 'There are no free uidNumbers left. This is a fatal error, no new users can be created, until a new ID range is assigned.'
elsif user_created == Ldap.error_not_added_to_group
flash[:danger] = 'User could not be added to staff group'
elsif user_created == Ldap.error_alias_not_created
flash[:danger] = 'User alias was not created'
else
flash[:danger] = 'An unknown error occured.'
end
redirect_to internalerror_path
end
else
flash.now[:danger] = 'Creating user failed'
render 'new'
end
end
def update
@user.update(user_params)
if @user.valid? :update
ldap = Ldap.new @current_user.dn, @current_user.bindPassword
if ldap.update_user @user
flash[:success] = 'User updated'
redirect_to @user
else
flash.now[:error] = 'Update failed or only partially completed'
internal_server_error
end
else
render 'edit'
end
end
def destroy
ldap = Ldap.new @current_user.dn, @current_user.bindPassword
@user = ldap.find_user params[:id]
if ldap.delete_user(@user) == Ldap.ok
flash[:success] = 'User deleted'
redirect_to root_path
else
flash[:error] = 'User could not be deleted'
internalerror_path
end
end
def show
ldap = Ldap.new @current_user.dn, @current_user.bindPassword
@user = ldap.find_user params[:id]
if @user.nil?
not_found
else
@groups = ldap.find_groups(@user)
@aliases = ldap.find_aliases(@user)
end
end
private
def user_params
if @current_user_privileged
params.require(:user).permit :cn, :homeDirectory, :sn, :description, :gecos, :givenName, :mail, :loginShell, :password, :password_confirmation
else
params.require(:user).permit :password, :password_confirmation
end
end
def new_user_params
params.require(:user).permit :sn, :description, :gecos, :givenName, :password, :password_confirmation, :zarmall, :alias, :uid
end
def correct_user
signed_in_user
if @current_user
ldap = Ldap.new @current_user.dn, @current_user.bindPassword
@user = ldap.find_user params[:id] || not_found
unless (current_user? @user) || @current_user_privileged
forbidden
end
end
end
end
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Something went wrong with that request. Please try again.