OpenProject is the leading open source project management software.
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
openproject/app/controllers/admin_controller.rb

155 lines
4.8 KiB

#-- encoding: UTF-8
#-- copyright
# OpenProject is an open source project management software.
# Copyright (C) 2012-2021 the OpenProject GmbH
#
# This program is free software; you can redistribute it and/or
# modify it under the terms of the GNU General Public License version 3.
#
# OpenProject is a fork of ChiliProject, which is a fork of Redmine. The copyright follows:
# Copyright (C) 2006-2013 Jean-Philippe Lang
# Copyright (C) 2010-2013 the ChiliProject Team
#
# This program is free software; you can redistribute it and/or
# modify it under the terms of the GNU General Public License
# as published by the Free Software Foundation; either version 2
# of the License, or (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
#
# See COPYRIGHT and LICENSE files for more details.
#++
require 'open3'
class AdminController < ApplicationController
layout 'admin'
[35507] Allow global permission to add and edit users (#8937) * Add global permission for add_user * Rename fieldset for global roles to "Global" * Add permission to admin actions * Add index action to add_user permission * Redirect to first admin item if only one * Hide status action for non admins * Break down user form into partials for easier rendering * Disable some user form tabs for non-admins * Make users API and services conformant with endpoints * Fix references to DeleteService#deletion_allowed? * Authorize add_user on show as well * Only show invite user toolbar item with permission * Fix Delete Service spec * Fix the way user prefs are handled in service * Ensure session_id is treated as string This causes a cast error otherwise as it passes rack session locally * Fix service call on onboarding controller * Fix service call on users controller * Add delete spec for global user * Hide login attribute again when adding a new user * Render auth source correctly in simple form * Fix creating invited users through service The invitation requires the mail attribute to be present. Previously, there was a manual error added to the mail. As the errors are now determined by the contract + model, we now end up with all missing properties as errors. * Properly constraint attributes for non-admins * Add specs for global user * Start working on how to update password from UsersController that code is a mess... * Change permitted_params spec to include non-admin params * Fix create user service spec * Remove mail_notification param from users controller It's not part of the contract/params passed to user * Remove todos * Extend docs * Correct the way backlogs patches into the user settings * Remove superfluous UpdateUserService * Rewrite duplicated update service examples into common shared example * Remove duplicate password writable check * Base Users::DeleteContract on base delete contract * Move checks for active users into the UserAllowedService * Restore password writable check as it is not an attribute * Fix menus for global user * Allow global users to add custom fields * Allow global user add permission to reinvite user * Fix changed var name in update service spec * Ensure also invited or registered users can be authroized This ensure that e.g., invited users can also be set as watchers * fix typo Co-authored-by: ulferts <jens.ulferts@googlemail.com>
4 years ago
before_action :require_admin, except: %i[index]
before_action :authorize_global, only: %i[index]
menu_item :plugins, only: [:plugins]
menu_item :info, only: [:info]
menu_item :admin_overview, only: [:index]
def index
@menu_nodes = Redmine::MenuManager.items(:admin_menu).children
@menu_nodes.delete_if { |node| node.name === :admin_overview }
@menu_nodes.delete_if { |node| node.condition && !node.condition.call }
[35507] Allow global permission to add and edit users (#8937) * Add global permission for add_user * Rename fieldset for global roles to "Global" * Add permission to admin actions * Add index action to add_user permission * Redirect to first admin item if only one * Hide status action for non admins * Break down user form into partials for easier rendering * Disable some user form tabs for non-admins * Make users API and services conformant with endpoints * Fix references to DeleteService#deletion_allowed? * Authorize add_user on show as well * Only show invite user toolbar item with permission * Fix Delete Service spec * Fix the way user prefs are handled in service * Ensure session_id is treated as string This causes a cast error otherwise as it passes rack session locally * Fix service call on onboarding controller * Fix service call on users controller * Add delete spec for global user * Hide login attribute again when adding a new user * Render auth source correctly in simple form * Fix creating invited users through service The invitation requires the mail attribute to be present. Previously, there was a manual error added to the mail. As the errors are now determined by the contract + model, we now end up with all missing properties as errors. * Properly constraint attributes for non-admins * Add specs for global user * Start working on how to update password from UsersController that code is a mess... * Change permitted_params spec to include non-admin params * Fix create user service spec * Remove mail_notification param from users controller It's not part of the contract/params passed to user * Remove todos * Extend docs * Correct the way backlogs patches into the user settings * Remove superfluous UpdateUserService * Rewrite duplicated update service examples into common shared example * Remove duplicate password writable check * Base Users::DeleteContract on base delete contract * Move checks for active users into the UserAllowedService * Restore password writable check as it is not an attribute * Fix menus for global user * Allow global users to add custom fields * Allow global user add permission to reinvite user * Fix changed var name in update service spec * Ensure also invited or registered users can be authroized This ensure that e.g., invited users can also be set as watchers * fix typo Co-authored-by: ulferts <jens.ulferts@googlemail.com>
4 years ago
if @menu_nodes.count == 1
redirect_to @menu_nodes.first.url
end
end
def projects
redirect_to controller: 'projects', action: 'index'
end
def plugins
@plugins = Redmine::Plugin.all.sort
end
def test_email
raise_delivery_errors = ActionMailer::Base.raise_delivery_errors
# Force ActionMailer to raise delivery errors so we can catch it
ActionMailer::Base.raise_delivery_errors = true
begin
@test = UserMailer.test_mail(User.current).deliver_now
flash[:notice] = I18n.t(:notice_email_sent, value: User.current.mail)
rescue StandardError => e
flash[:error] = I18n.t(:notice_email_error, value: Redmine::CodesetUtil.replace_invalid_utf8(e.message.dup))
end
ActionMailer::Base.raise_delivery_errors = raise_delivery_errors
redirect_to admin_settings_mail_notifications_path
end
def force_user_language
available_languages = Setting.find_by(name: 'available_languages').value
User.where(['language not in (?)', available_languages]).each do |u|
u.language = Setting.default_language
u.save
end
redirect_to :back
end
def info
@db_version = OpenProject::Database.version
@checklist = [
[:text_default_administrator_account_changed, User.default_admin_account_changed?],
[:text_database_allows_tsv, OpenProject::Database.allows_tsv?]
]
5 years ago
@checklist += file_storage_checks
@checklist += plaintext_extraction_checks
@checklist += admin_information_hook_checks
@checklist += image_conversion_checks
@storage_information = OpenProject::Storage.mount_information
end
def default_breadcrumb
case params[:action]
when 'plugins'
5 years ago
t(:label_plugins)
when 'info'
5 years ago
t(:label_information)
end
end
def show_local_breadcrumb
true
end
private
def plaintext_extraction_checks
5 years ago
if OpenProject::Database.allows_tsv?
[
[:'extraction.available.pdftotext', Plaintext::PdfHandler.available?],
[:'extraction.available.unrtf', Plaintext::RtfHandler.available?],
[:'extraction.available.catdoc', Plaintext::DocHandler.available?],
[:'extraction.available.xls2csv', Plaintext::XlsHandler.available?],
[:'extraction.available.catppt', Plaintext::PptHandler.available?],
[:'extraction.available.tesseract', Plaintext::ImageHandler.available?]
]
else
[]
end
end
def image_conversion_checks
[[:'image_conversion.imagemagick', image_conversion_libs_available?]]
end
def image_conversion_libs_available?
Open3.capture2e('convert', '-version').first.include?('ImageMagick')
rescue StandardError
false
end
5 years ago
def file_storage_checks
# Add local directory test if we're not using fog
if OpenProject::Configuration.file_storage?
repository_writable = File.writable?(OpenProject::Configuration.attachments_storage_path)
[[:text_file_repository_writable, repository_writable]]
else
[]
end
end
def admin_information_hook_checks
call_hook(:admin_information_checklist).flat_map do |result|
5 years ago
result
end
end
end