Commit 7081ab1e authored by Dmitriy Zaporozhets's avatar Dmitriy Zaporozhets

Merge branch 'add-unlock-access' into 'master'

Add support for unlocking users in admin settings

### What does this MR do?

This MR gives the ability to unlock a user from the Admin panel.

### Why was this MR needed?

If a user fails to login a certain number of times, Devise locks the user out for a certain amount of time (e.g. 10 minutes). There is no way for an admin to unlock a user if this happens (aside from editing the `locked_at` field entirely).

### Screenshots

#### Admin index page

![image](https://gitlab.com/gitlab-org/gitlab-ce/uploads/14c661d1d1f026770997b19af714c514/image.png)

#### Admin edit user page

![image](https://gitlab.com/gitlab-org/gitlab-ce/uploads/0c6f795757e5f03eeb923d818b7d6a96/image.png)

### What are the relevant issue numbers?

This replaces !288.

Closes https://github.com/gitlabhq/gitlabhq/issues/9381

See merge request !922
parents d2f903c2 3e738e3b
...@@ -3,6 +3,7 @@ Please view this file on the master branch, on stable branches it's out of date. ...@@ -3,6 +3,7 @@ Please view this file on the master branch, on stable branches it's out of date.
v 7.13.0 (unreleased) v 7.13.0 (unreleased)
- Fix external issue tracker hook/test for HTTPS URLs (Daniel Gerhardt) - Fix external issue tracker hook/test for HTTPS URLs (Daniel Gerhardt)
- Remove link leading to a 404 error in Deploy Keys page (Stan Hu) - Remove link leading to a 404 error in Deploy Keys page (Stan Hu)
- Add support for unlocking users in admin settings (Stan Hu)
- Fix order of issues imported form GitHub (Hiroyuki Sato) - Fix order of issues imported form GitHub (Hiroyuki Sato)
- Bump rugments to 1.0.0beta8 to fix C prototype function highlighting (Jonathon Reinhart) - Bump rugments to 1.0.0beta8 to fix C prototype function highlighting (Jonathon Reinhart)
- Fix Merge Request webhook to properly fire "merge" action when accepted from the web UI - Fix Merge Request webhook to properly fire "merge" action when accepted from the web UI
......
...@@ -47,6 +47,14 @@ class Admin::UsersController < Admin::ApplicationController ...@@ -47,6 +47,14 @@ class Admin::UsersController < Admin::ApplicationController
end end
end end
def unlock
if user.unlock_access!
redirect_to :back, alert: "Successfully unlocked"
else
redirect_to :back, alert: "Error occurred. User was not unlocked"
end
end
def create def create
opts = { opts = {
force_random_password: true, force_random_password: true,
......
...@@ -93,6 +93,8 @@ ...@@ -93,6 +93,8 @@
= link_to 'Unblock', unblock_admin_user_path(user), method: :put, class: "btn btn-xs btn-success" = link_to 'Unblock', unblock_admin_user_path(user), method: :put, class: "btn btn-xs btn-success"
- else - else
= link_to 'Block', block_admin_user_path(user), data: {confirm: 'USER WILL BE BLOCKED! Are you sure?'}, method: :put, class: "btn btn-xs btn-warning" = link_to 'Block', block_admin_user_path(user), data: {confirm: 'USER WILL BE BLOCKED! Are you sure?'}, method: :put, class: "btn btn-xs btn-warning"
- if user.access_locked?
= link_to 'Unlock', unlock_admin_user_path(user), method: :put, class: "btn btn-xs btn-success", data: { confirm: 'Are you sure?' }
- if user.can_be_removed? - if user.can_be_removed?
= link_to 'Destroy', [:admin, user], data: { confirm: "USER #{user.name} WILL BE REMOVED! All tickets linked to this user will also be removed! Maybe block the user instead? Are you sure?" }, method: :delete, class: "btn btn-xs btn-remove" = link_to 'Destroy', [:admin, user], data: { confirm: "USER #{user.name} WILL BE REMOVED! All tickets linked to this user will also be removed! Maybe block the user instead? Are you sure?" }, method: :delete, class: "btn btn-xs btn-remove"
= paginate @users, theme: "gitlab" = paginate @users, theme: "gitlab"
...@@ -131,6 +131,14 @@ ...@@ -131,6 +131,14 @@
%li Owned groups will be left %li Owned groups will be left
%br %br
= link_to 'Block user', block_admin_user_path(@user), data: { confirm: 'USER WILL BE BLOCKED! Are you sure?' }, method: :put, class: "btn btn-warning" = link_to 'Block user', block_admin_user_path(@user), data: { confirm: 'USER WILL BE BLOCKED! Are you sure?' }, method: :put, class: "btn btn-warning"
- if @user.access_locked?
.panel.panel-info
.panel-heading
This account has been locked
.panel-body
%p This user has been temporarily locked due to excessive number of failed logins. You may manually unlock the account.
%br
= link_to 'Unlock user', unlock_admin_user_path(@user), method: :put, class: "btn btn-info", data: { confirm: 'Are you sure?' }
.panel.panel-danger .panel.panel-danger
.panel-heading .panel-heading
......
...@@ -158,6 +158,7 @@ Gitlab::Application.routes.draw do ...@@ -158,6 +158,7 @@ Gitlab::Application.routes.draw do
put :team_update put :team_update
put :block put :block
put :unblock put :unblock
put :unlock
delete 'remove/:email_id', action: 'remove_email', as: 'remove_email' delete 'remove/:email_id', action: 'remove_email', as: 'remove_email'
end end
end end
......
...@@ -21,4 +21,19 @@ describe Admin::UsersController do ...@@ -21,4 +21,19 @@ describe Admin::UsersController do
expect { User.find(user.id) }.to raise_exception(ActiveRecord::RecordNotFound) expect { User.find(user.id) }.to raise_exception(ActiveRecord::RecordNotFound)
end end
end end
describe 'PUT unlock/:id' do
let(:user) { create(:user) }
before do
request.env["HTTP_REFERER"] = "/"
user.lock_access!
end
it 'unlocks user' do
put :unlock, id: user.username
user.reload
expect(user.access_locked?).to be_falsey
end
end
end end
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment