Created
August 21, 2014 13:43
-
-
Save sonOfRa/3f7638e321a22f243ce9 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
class UsersController < ApplicationController | |
before_action :signed_in_user, only: [:show] | |
before_action :correct_user, only: [:update, :edit] | |
before_action :privileged_user, only: [:index, :new, :create, :destroy] | |
def new | |
@user = User.new | |
end | |
def index | |
ldap = Ldap.new @current_user.dn, @current_user.bindPassword | |
@users = ldap.all_users | |
end | |
def edit | |
ldap = Ldap.new @current_user.dn, @current_user.bindPassword | |
@user = ldap.find_user params[:id] || not_found | |
end | |
def create | |
@user = User.new new_user_params | |
if @user.valid? :new | |
ldap = Ldap.new @current_user.dn, @current_user.bindPassword | |
user_created = ldap.create_user(@user) | |
if user_created == Ldap.ok | |
redirect_to user_path @user.uid | |
else | |
if user_created == Ldap.error_user_not_created | |
flash[:danger] = 'User could not be created' | |
elsif user_created == Ldap.error_no_free_uidnumber | |
flash[:danger] = 'There are no free uidNumbers left. This is a fatal error, no new users can be created, until a new ID range is assigned.' | |
elsif user_created == Ldap.error_not_added_to_group | |
flash[:danger] = 'User could not be added to staff group' | |
elsif user_created == Ldap.error_alias_not_created | |
flash[:danger] = 'User alias was not created' | |
else | |
flash[:danger] = 'An unknown error occured.' | |
end | |
redirect_to internalerror_path | |
end | |
else | |
flash.now[:danger] = 'Creating user failed' | |
render 'new' | |
end | |
end | |
def update | |
@user.update(user_params) | |
if @user.valid? :update | |
ldap = Ldap.new @current_user.dn, @current_user.bindPassword | |
if ldap.update_user @user | |
flash[:success] = 'User updated' | |
redirect_to @user | |
else | |
flash.now[:error] = 'Update failed or only partially completed' | |
internal_server_error | |
end | |
else | |
render 'edit' | |
end | |
end | |
def destroy | |
ldap = Ldap.new @current_user.dn, @current_user.bindPassword | |
@user = ldap.find_user params[:id] | |
if ldap.delete_user(@user) == Ldap.ok | |
flash[:success] = 'User deleted' | |
redirect_to root_path | |
else | |
flash[:error] = 'User could not be deleted' | |
internalerror_path | |
end | |
end | |
def show | |
ldap = Ldap.new @current_user.dn, @current_user.bindPassword | |
@user = ldap.find_user params[:id] | |
if @user.nil? | |
not_found | |
else | |
@groups = ldap.find_groups(@user) | |
@aliases = ldap.find_aliases(@user) | |
end | |
end | |
private | |
def user_params | |
if @current_user_privileged | |
params.require(:user).permit :cn, :homeDirectory, :sn, :description, :gecos, :givenName, :mail, :loginShell, :password, :password_confirmation | |
else | |
params.require(:user).permit :password, :password_confirmation | |
end | |
end | |
def new_user_params | |
params.require(:user).permit :sn, :description, :gecos, :givenName, :password, :password_confirmation, :zarmall, :alias, :uid | |
end | |
def correct_user | |
signed_in_user | |
if @current_user | |
ldap = Ldap.new @current_user.dn, @current_user.bindPassword | |
@user = ldap.find_user params[:id] || not_found | |
unless (current_user? @user) || @current_user_privileged | |
forbidden | |
end | |
end | |
end | |
end | |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment