discourse/app/controllers/admin/users_controller.rb

require_dependency 'user_destroyer'
require_dependency 'admin_user_index_query'
require_dependency 'boost_trust_level'

class Admin::UsersController < Admin::AdminController

  before_filter :fetch_user, only: [:ban, :unban, :refresh_browsers, :revoke_admin, :grant_admin, :revoke_moderation, :grant_moderation, :approve, :activate, :deactivate, :block, :unblock, :trust_level]

  def index
    query = ::AdminUserIndexQuery.new(params)
    render_serialized(query.find_users, AdminUserSerializer)
  end

  def show
    @user = User.where(username_lower: params[:id]).first
    raise Discourse::NotFound.new unless @user
    render_serialized(@user, AdminDetailedUserSerializer, root: false)
  end

  def delete_all_posts
    @user = User.where(id: params[:user_id]).first
    @user.delete_all_posts!(guardian)
    render nothing: true
  end

  def ban
    guardian.ensure_can_ban!(@user)
    @user.banned_till = params[:duration].to_i.days.from_now
    @user.banned_at = DateTime.now
    @user.save!
    # TODO logging
    render nothing: true
  end

  def unban
    guardian.ensure_can_ban!(@user)
    @user.banned_till = nil
    @user.banned_at = nil
    @user.save!
    # TODO logging
    render nothing: true
  end

  def refresh_browsers
    MessageBus.publish "/file-change", ["refresh"], user_ids: [@user.id]
    render nothing: true
  end

  def revoke_admin
    guardian.ensure_can_revoke_admin!(@user)
    @user.revoke_admin!
    render nothing: true
  end

  def grant_admin
    guardian.ensure_can_grant_admin!(@user)
    @user.grant_admin!
    render_serialized(@user, AdminUserSerializer)
  end

  def revoke_moderation
    guardian.ensure_can_revoke_moderation!(@user)
    @user.revoke_moderation!
    render nothing: true
  end

  def grant_moderation
    guardian.ensure_can_grant_moderation!(@user)
    @user.grant_moderation!
    render_serialized(@user, AdminUserSerializer)
  end

  def trust_level
    guardian.ensure_can_change_trust_level!(@user)
    logger = StaffActionLogger.new(current_user)
    BoostTrustLevel.new(user: @user, level: params[:level], logger: logger).save!
    render_serialized(@user, AdminUserSerializer)
  end

  def approve
    guardian.ensure_can_approve!(@user)
    @user.approve(current_user)
    render nothing: true
  end

  def approve_bulk
    User.where(id: params[:users]).each do |u|
      u.approve(current_user) if guardian.can_approve?(u)
    end
    render nothing: true
  end

  def activate
    guardian.ensure_can_activate!(@user)
    @user.activate
    render nothing: true
  end

  def deactivate
    guardian.ensure_can_deactivate!(@user)
    @user.deactivate
    render nothing: true
  end

  def block
    guardian.ensure_can_block_user! @user
    UserBlocker.block(@user, current_user)
    render nothing: true
  end

  def unblock
    guardian.ensure_can_unblock_user! @user
    UserBlocker.unblock(@user, current_user)
    render nothing: true
  end

  def destroy
    user = User.where(id: params[:id]).first
    guardian.ensure_can_delete_user!(user)
    if UserDestroyer.new(current_user).destroy(user)
      render json: {deleted: true}
    else
      render json: {deleted: false, user: AdminDetailedUserSerializer.new(user, root: false).as_json}
    end
  end


  private

    def fetch_user
      @user = User.where(id: params[:user_id]).first
    end

end
Add ability to destroy a user with 0 posts 2013-04-11 16:04:20 -04:00			`require_dependency 'user_destroyer'`
extract Admin::UsersController#index to its own query class - move query to its own class - use postgres ILIKE case insensitive - removed duplicated list of trust levels 2013-06-19 12:11:04 -04:00			`require_dependency 'admin_user_index_query'`
Back end - temporary boosting of trust levels 2013-07-03 04:27:40 -04:00			`require_dependency 'boost_trust_level'`
Add ability to destroy a user with 0 posts 2013-04-11 16:04:20 -04:00
Initial release of Discourse 2013-02-05 14:16:51 -05:00			`class Admin::UsersController < Admin::AdminController`

Back end - temporary boosting of trust levels 2013-07-03 04:27:40 -04:00			`before_filter :fetch_user, only: [:ban, :unban, :refresh_browsers, :revoke_admin, :grant_admin, :revoke_moderation, :grant_moderation, :approve, :activate, :deactivate, :block, :unblock, :trust_level]`
Automatically flag someone as a spammer if their posts get at least X spam flags from N users while their trust level is 'new user'. Staff can clear and set this status from the user record in admin. 2013-05-31 11:41:40 -04:00
Initial release of Discourse 2013-02-05 14:16:51 -05:00			`def index`
extract Admin::UsersController#index to its own query class - move query to its own class - use postgres ILIKE case insensitive - removed duplicated list of trust levels 2013-06-19 12:11:04 -04:00			`query = ::AdminUserIndexQuery.new(params)`
			`render_serialized(query.find_users, AdminUserSerializer)`
Initial release of Discourse 2013-02-05 14:16:51 -05:00			`end`

			`def show`
			`@user = User.where(username_lower: params[:id]).first`
Raise 404 from Admin::UsersController#show if no user found [Fixes #353] 2013-03-05 17:02:23 -05:00			`raise Discourse::NotFound.new unless @user`
Initial release of Discourse 2013-02-05 14:16:51 -05:00			`render_serialized(@user, AdminDetailedUserSerializer, root: false)`
			`end`

added delete all posts button wired up the ability to enable all themes 2013-02-07 02:11:56 -05:00			`def delete_all_posts`
			`@user = User.where(id: params[:user_id]).first`
			`@user.delete_all_posts!(guardian)`
			`render nothing: true`
			`end`
Work in Progress: Content Editing in Admin Section 2013-04-04 12:59:44 -04:00
Initial release of Discourse 2013-02-05 14:16:51 -05:00			`def ban`
			`guardian.ensure_can_ban!(@user)`
			`@user.banned_till = params[:duration].to_i.days.from_now`
			`@user.banned_at = DateTime.now`
			`@user.save!`
			`# TODO logging`
			`render nothing: true`
			`end`

			`def unban`
			`guardian.ensure_can_ban!(@user)`
			`@user.banned_till = nil`
			`@user.banned_at = nil`
			`@user.save!`
			`# TODO logging`
			`render nothing: true`
			`end`

			`def refresh_browsers`
			`MessageBus.publish "/file-change", ["refresh"], user_ids: [@user.id]`
add render nothing to refresh_browsers method 2013-03-23 17:37:37 -04:00			`render nothing: true`
Initial release of Discourse 2013-02-05 14:16:51 -05:00			`end`

			`def revoke_admin`
Automatically flag someone as a spammer if their posts get at least X spam flags from N users while their trust level is 'new user'. Staff can clear and set this status from the user record in admin. 2013-05-31 11:41:40 -04:00			`guardian.ensure_can_revoke_admin!(@user)`
			`@user.revoke_admin!`
Initial release of Discourse 2013-02-05 14:16:51 -05:00			`render nothing: true`
			`end`

			`def grant_admin`
			`guardian.ensure_can_grant_admin!(@user)`
automatic group infrustructure 2013-05-06 00:49:56 -04:00			`@user.grant_admin!`
Fix all the trailing whitespace 2013-02-07 10:45:24 -05:00			`render_serialized(@user, AdminUserSerializer)`
Initial release of Discourse 2013-02-05 14:16:51 -05:00			`end`

Adds grant and revoke moderation buttons so admins can make users moderators 2013-02-12 17:58:08 -05:00			`def revoke_moderation`
Automatically flag someone as a spammer if their posts get at least X spam flags from N users while their trust level is 'new user'. Staff can clear and set this status from the user record in admin. 2013-05-31 11:41:40 -04:00			`guardian.ensure_can_revoke_moderation!(@user)`
			`@user.revoke_moderation!`
Adds grant and revoke moderation buttons so admins can make users moderators 2013-02-12 17:58:08 -05:00			`render nothing: true`
			`end`

			`def grant_moderation`
			`guardian.ensure_can_grant_moderation!(@user)`
automatic group infrustructure 2013-05-06 00:49:56 -04:00			`@user.grant_moderation!`
Adds grant and revoke moderation buttons so admins can make users moderators 2013-02-12 17:58:08 -05:00			`render_serialized(@user, AdminUserSerializer)`
			`end`

Back end - temporary boosting of trust levels 2013-07-03 04:27:40 -04:00			`def trust_level`
			`guardian.ensure_can_change_trust_level!(@user)`
Rename AdminLog to StaffActionLog 2013-07-23 17:58:26 -04:00			`logger = StaffActionLogger.new(current_user)`
Log all changes of user trust level by an admin 2013-07-08 05:53:22 -04:00			`BoostTrustLevel.new(user: @user, level: params[:level], logger: logger).save!`
Back end - temporary boosting of trust levels 2013-07-03 04:27:40 -04:00			`render_serialized(@user, AdminUserSerializer)`
			`end`

Initial release of Discourse 2013-02-05 14:16:51 -05:00			`def approve`
			`guardian.ensure_can_approve!(@user)`
			`@user.approve(current_user)`
			`render nothing: true`
			`end`

			`def approve_bulk`
			`User.where(id: params[:users]).each do \|u\|`
			`u.approve(current_user) if guardian.can_approve?(u)`
			`end`
			`render nothing: true`
			`end`

Add ability for admins and mods to send another activation email to a user, to activate an account, and deactivate an account 2013-05-07 21:58:34 -04:00			`def activate`
			`guardian.ensure_can_activate!(@user)`
			`@user.activate`
			`render nothing: true`
			`end`

			`def deactivate`
			`guardian.ensure_can_deactivate!(@user)`
			`@user.deactivate`
			`render nothing: true`
			`end`

Automatically flag someone as a spammer if their posts get at least X spam flags from N users while their trust level is 'new user'. Staff can clear and set this status from the user record in admin. 2013-05-31 11:41:40 -04:00			`def block`
			`guardian.ensure_can_block_user! @user`
Refactor user blocking code; hide the Block button in admin 2013-07-02 14:42:30 -04:00			`UserBlocker.block(@user, current_user)`
Automatically flag someone as a spammer if their posts get at least X spam flags from N users while their trust level is 'new user'. Staff can clear and set this status from the user record in admin. 2013-05-31 11:41:40 -04:00			`render nothing: true`
			`end`

			`def unblock`
			`guardian.ensure_can_unblock_user! @user`
Refactor user blocking code; hide the Block button in admin 2013-07-02 14:42:30 -04:00			`UserBlocker.unblock(@user, current_user)`
Automatically flag someone as a spammer if their posts get at least X spam flags from N users while their trust level is 'new user'. Staff can clear and set this status from the user record in admin. 2013-05-31 11:41:40 -04:00			`render nothing: true`
			`end`

Add ability to destroy a user with 0 posts 2013-04-11 16:04:20 -04:00			`def destroy`
			`user = User.where(id: params[:id]).first`
			`guardian.ensure_can_delete_user!(user)`
			`if UserDestroyer.new(current_user).destroy(user)`
			`render json: {deleted: true}`
			`else`
			`render json: {deleted: false, user: AdminDetailedUserSerializer.new(user, root: false).as_json}`
			`end`
			`end`
Initial release of Discourse 2013-02-05 14:16:51 -05:00
Automatically flag someone as a spammer if their posts get at least X spam flags from N users while their trust level is 'new user'. Staff can clear and set this status from the user record in admin. 2013-05-31 11:41:40 -04:00
			`private`

			`def fetch_user`
			`@user = User.where(id: params[:user_id]).first`
			`end`

Add ability to destroy a user with 0 posts 2013-04-11 16:04:20 -04:00			`end`