(feature) auto validate admins

2025-02-20 14:54:15 +01:00 · 2022-11-04 09:44:17 +01:00 · 2022-11-04 09:44:17 +01:00 · c9c9ed9a02
commit c9c9ed9a02
parent 1f97393a12
3 changed files with 64 additions and 18 deletions
--- a/app/services/setting_service.rb
+++ b/app/services/setting_service.rb
@ -4,31 +4,73 @@
 # Due to the way the controller updates the settings, we cannot safely use ActiveRecord's callbacks (eg. after_update, after_commit...)
 # so this service provides a wrapper around these operations.
 class SettingService
-  def self.before_update(setting)
-    return false if Rails.application.secrets.locked_settings.include? setting.name
+  class << self
+    def before_update(setting)
+      return false if Rails.application.secrets.locked_settings.include? setting.name

-    true
-  end
+      true
+    end

-  def self.after_update(setting)
-    # update the stylesheet
-    Stylesheet.theme&.rebuild! if %w[main_color secondary_color].include? setting.name
-    Stylesheet.home_page&.rebuild! if setting.name == 'home_css'
+    def after_update(setting)
+      update_theme_stylesheet(setting)
+      update_home_stylesheet(setting)
+      notify_privacy_update(setting)
+      sync_stripe_objects(setting)
+      build_stats(setting)
+      export_projects_to_openlab(setting)
+      validate_admins(setting)
+    end
+
+    private
+
+    # rebuild the theme stylesheet
+    def update_theme_stylesheet(setting)
+      return unless %w[main_color secondary_color].include? setting.name
+
+      Stylesheet.theme&.rebuild!
+    end
+
+    # rebuild the home page stylesheet
+    def update_home_stylesheet(setting)
+      return unless setting.name == 'home_css'
+
+      Stylesheet.home_page&.rebuild!
+    end

    # notify about a change in privacy policy
-    NotifyPrivacyUpdateWorker.perform_async(setting.id) if setting.name == 'privacy_body'
+    def notify_privacy_update(setting)
+      return unless setting.name == 'privacy_body'
+
+      NotifyPrivacyUpdateWorker.perform_async(setting.id)
+    end

    # sync all objects on stripe
-    SyncObjectsOnStripeWorker.perform_async(setting.history_values.last&.invoicing_profile&.user&.id) if setting.name == 'stripe_secret_key'
+    def sync_stripe_objects(setting)
+      return unless setting.name == 'stripe_secret_key'

-    # generate statistics
-    PeriodStatisticsWorker.perform_async(setting.previous_update) if setting.name == 'statistics_module' && setting.value == 'true'
+      SyncObjectsOnStripeWorker.perform_async(setting.history_values.last&.invoicing_profile&.user&.id)
+    end
+
+    # generate the statistics since the last update
+    def build_stats(setting)
+      return unless setting.name == 'statistics_module' && setting.value == 'true'
+
+      PeriodStatisticsWorker.perform_async(setting.previous_update)
+    end

    # export projects to openlab
-    if %w[openlab_app_id openlab_app_secret].include? setting.name
-      if Setting.get('openlab_app_id').present? && Setting.get('openlab_app_secret').present?
-        Project.all.each { |pr| pr.openlab_create }
-      end
+    def export_projects_to_openlab(setting)
+      return unless %w[openlab_app_id openlab_app_secret].include?(setting.name) &&
+                    Setting.get('openlab_app_id').present? && Setting.get('openlab_app_secret').present?
+
+      Project.all.each(&:openlab_create)
+    end
+
+    # automatically validate the admins
+    def validate_admins(setting)
+      return unless setting.name == 'user_validation_required' && setting.value == 'true'
+
+      User.admins.each { |admin| admin.update(validated_at: DateTime.current) if admin.validated_at.nil? }
    end
  end
 end
--- a/app/services/user_service.rb
+++ b/app/services/user_service.rb
@ -33,7 +33,7 @@ class UserService

    def create_admin(params)
      generated_password = SecurePassword.generate
-      admin = User.new(params.merge(password: generated_password))
+      admin = User.new(params.merge(password: generated_password, validated_at: DateTime.current))
      admin.send :set_slug

      # if the authentication is made through an SSO, generate a migration token
--- a/lib/tasks/fablab/setup.rake
+++ b/lib/tasks/fablab/setup.rake
@ -110,7 +110,7 @@ namespace :fablab do
      end
    end

-    desc 'migrate administrators to normal groups'
+    desc 'migrate administrators to normal groups and validate them'
    task set_admins_group: :environment do
      groups = Group.where.not(slug: 'admins').where(disabled: [false, nil]).order(:id)
      User.admins.each do |admin|
@ -120,6 +120,10 @@ namespace :fablab do
      end
      print "\e[91m::\e[0m \e[1mRemoving the 'admins' group...\e[0m\n"
      Group.find_by(slug: 'admins').destroy
+      if Setting.get('user_validation_required')
+        print "\e[91m::\e[0m \e[1mValidating the 'admins'...\e[0m\n"
+        User.admins.each { |admin| admin.update(validated_at: DateTime.current) if admin.validated_at.nil? }
+      end
      print "\e[32m✅\e[0m \e[1mDone\e[0m\n"
    end