wangtao
/
forgeplus
forked from Nigel/forgeplus
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
forgeplus/app/controllers/users_controller.rb

470 lines
19 KiB
Ruby
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

class UsersController < ApplicationController
include Ci::DbConnectable
before_action :load_user, only: [:show, :homepage_info, :sync_token, :sync_gitea_pwd, :projects, :watch_users, :fan_users]
before_action :check_user_exist, only: [:show, :homepage_info,:projects, :watch_users, :fan_users]
before_action :require_login, only: %i[me list]
before_action :connect_to_ci_database, only: :get_user_info, if: -> { current_user && !current_user.is_a?(AnonymousUser) && current_user.devops_certification? }
skip_before_action :check_sign, only: [:attachment_show]
def list
scope = User.active.recent.like(params[:search]).includes(:user_extension)
@total_count = scope.size
@users = paginate(scope)
end
def show
#待办事项,现在未做
@undo_events = 0
#用户的组织数量
# @user_composes_count = @user.composes.size
@user_composes_count = 0
user_projects = User.current.logged? && (User.current.admin? || User.current.login == @user.login) ? @user.projects : @user.projects.visible
@projects_common_count = user_projects.common.size
@projects_mirrior_count = user_projects.mirror.size
@projects_sync_mirrior_count = user_projects.sync_mirror.size
end
def watch_users
watchers = Watcher.watching_users(@user.id).includes(:user).order("watchers.created_at desc")
if params[:search].present?
search_user_ids = User.where(id: watchers.pluck(:watchable_id)).like(params[:search]).pluck(:id)
watchers = watchers.where(watchable_id: search_user_ids)
end
@watchers_count = watchers.size
@watchers = paginate(watchers)
end
def fan_users
watchers = @user.watchers.includes(:user).order("watchers.created_at desc")
watchers = watchers.joins(:user).where("LOWER(concat(users.lastname, users.firstname, users.login)) LIKE ?", "%#{params[:search].split(" ").join('|')}%") if params[:search].present?
@watchers_count = watchers.size
@watchers = paginate(watchers)
end
def update
@user = User.find params[:id]
@user.update!(user_params)
render_ok
end
def me
@user = current_user
end
# 贴吧获取用户信接口
def get_user_info
begin
@user = current_user
# TODO 等消息上线再打开注释
#@tidding_count = unviewed_tiddings(current_user) if current_user.present?
rescue Exception => e
uid_logger_error(e.message)
missing_template
end
end
def attachment_show
file_name = params[:file_name]
path = params[:path] || edu_setting('attachment_folder')
send_file "#{path}/#{file_name}", :filename => "#{file_name}",
:type => 'game',
:disposition => 'attachment' #inline can open in browser
end
def html_show
@contents = File.read("#{params[:path]}")
respond_to do |format|
format.html {render :layout => false}
end
end
# Redo: 消息总数缓存
def get_navigation_info
# @old_domain = edu_setting('old_edu_host')
# @user = current_user
# # 新消息数
# @new_message = @user.tidings.where("created_at > '#{@user.click_time}'").count > 0 || @user.private_messages.where("created_at > '#{@user.click_time}'").count > 0
#
# @user_url = "/users/#{@user.login}"
# @career = Career.where(status: true).order("created_at asc").pluck(:id, :name)
# @auth = User.current.ec_school.present? ? "#{@old_domain}/ecs/department?school_id=#{User.current.ec_school}" : nil
end
# 用户回复功能
def reply_message
message = JournalsForMessage.new(reply_message_params)
message.user_id = current_user.id
message.save!
render_ok(id: message.id)
end
# 搜索用户具有管理员角色的项目
def search_user_projects
projects = Project.where.not(status: 9)
projects = projects.joins(members: :member_roles).where(member_roles: { role_id: 3 })
projects = projects.where(members: { user_id: current_user.id })
search = params[:search].to_s.strip
projects = projects.where('projects.name LIKE ?', "%#{search}%") if search.present?
@projects = projects.select(:id, :name)
end
#TODO 个人主页信息forge上弃用-hs, 0602
def homepage_info
#待办事项,现在未做
@undo_events = 10
#用户的组织数量
# @user_composes_count = @user.composes.size
@user_composes_count = 10
end
def brief_introduction
content = params[:content].to_s.strip
current_user.user_extension.update!(brief_introduction: content)
render_ok
end
def attendance
attendance = Users::AttendanceService.call(current_user)
render_ok(grade: current_user.grade, next_gold: attendance.next_gold)
rescue Users::AttendanceService::Error => ex
render_error(ex.message)
end
# 其他平台登录后必须将token同步到forge平台实现sso登录功能
def sync_token
return render_error('未找相关用户!') unless @user
token = Token.get_or_create_permanent_login_token(@user, 'autologin')
token.update_column(:value, params[:token])
render_ok
end
def trustie_related_projects
projects = Project.includes(:owner, :members, :project_score).where(id: params[:ids]).order("updated_on desc")
projects_json = []
domain_url = EduSetting.get('host_name') + '/projects'
if projects.present?
projects.each do |p|
project_url = "/#{p.owner.login}/#{p.identifier}"
pj = {
id: p.id,
name: p.name,
is_public: p.is_public,
updated_on: p.updated_on.strftime("%Y-%m-%d"),
status: p.status,
is_member: p.member?(current_user.try(:id)),
owner: {
name: p.owner.try(:show_real_name),
login: p.owner.login
},
members_count: p&.members.size,
issues_count: p.issues_count - p.pull_requests_count,
commits_count: p&.project_score&.changeset_num.to_i,
http_url: domain_url + project_url,
http_collaborator_url: domain_url + project_url + "/setting/collaborator",
http_issues_url: domain_url + project_url + "/issues",
http_commits_url: domain_url + project_url + "/commits",
project_score: p&.project_score.present? ? p&.project_score&.as_json(:except=>[:created_at, :updated_at]).merge!(commit_time: format_time(p&.project_score&.commit_time)) : {}
}
projects_json.push(pj)
end
end
Rails.logger.info("==========projects_json========+########{projects_json}")
render json: { projects: projects_json.present? ? projects_json : {} }
end
def trustie_projects
user_id = User.select(:id, :login).where(login: params[:login])&.first&.id
projects = Project.visible
projects = projects.joins(:members).where(members: { user_id: user_id })
search = params[:search].to_s.strip
projects = projects.where('projects.name LIKE ?', "%#{search}%") if search.present?
projects = projects.select(:id, :name).limit(10).as_json
render json: { projects: projects }
end
def projects
is_current_admin_user = User.current.logged? && (current_user&.admin? || current_user.id == @user.id)
scope = Projects::ListMyQuery.call(params, @user,is_current_admin_user)
@total_count = scope.size
@projects = paginate(scope)
end
# query all projects with tokens by a user
def blockchain_balance
is_current_admin_user = User.current.logged? && (current_user&.admin? || current_user.id == params['user_id'].to_i)
results = Blockchain::BalanceQuery.call(params, is_current_admin_user)
if results[:status] == 0
@total_count = results[:projects].size
@projects = results[:projects]
else
@total_count = -1
@projects = []
end
render json: { status: results[:status], projects: @projects, total_count: @total_count }
end
# query one balance
def blockchain_balance_one_project
is_current_admin_user = User.current.logged? && (current_user&.admin? || current_user.id == params['user_id'].to_i)
if is_current_admin_user
owner = User.find_by(login: params['owner_login'])
if owner.nil?
raise Error, "项目创建者无法找到"
else
p = Project.find_by(user_id: owner.id, name: params['project_name'])
results = Blockchain::BalanceQueryOneProject.call({"user_id": params['user_id'].to_i, "project_id": p.id.to_i})
render json: { status: results[:status], balance: results[:balance]}
end
else
raise Error, '没有权限'
end
end
def blockchain_transfer
is_current_admin_user = User.current.logged? && (current_user&.admin? || current_user.id == params['payer_id'].to_i)
if is_current_admin_user
results = Blockchain::TransferService.call(params)
if results == true
render json: { status: 2 } # 重新查询余额
else
raise Error, "转账失败"
end
else
raise Error, "缺少权限"
end
end
# exchange money
def blockchain_exchange
#is_current_admin_user = User.current.logged? && (current_user&.admin? || current_user.id == params['user_id'].to_i)
#require 'alipay'
## setup the client to communicate with either production API or sandbox API
## https://openapi.alipay.com/gateway.do (Production)
## https://openapi.alipaydev.com/gateway.do (Sandbox)
#api_url = 'https://openapi.alipay.com/gateway.do'
#
## setup your own credentials and certificates
#app_id = '2021002140631434'
#app_private_key="-----BEGIN RSA PRIVATE KEY-----\nMIIEvAIBADANBgkqhkiG9w0BAQEFAASCBKYwggSiAgEAAoIBAQCPDsgc0n0RWRnbe9OMqtUbde8gu88OyjuZm8cJXeiSING18HX56C5zV4DsHQ6K9/JmQi/NYCc7/2Prh66Bei0L4Xm5TysJTPYi90+WlbJJESFF6fqULi8sSqZXUtaoMKRcUyeR144l2GQgXbZWBbVSQeZW5DqUDlurTF0I7vQ21wGqxQqBjQK8PSVw5hF+aIsNOfAY9M1tzdD5Jzo2Y3FJdsbXIJNMyhJJCZ+7KHFqma7lpjkXdCoyh/nOISkQdGtFI29gI94sqewI2AMU84uxuBIE3h90iLT+8xrd2dQKdBS7qfhQ3PgkBPVNs5jxsVBqSFdSFT6zcqFdHJzulCUJAgMBAAECggEAWocAGz0X5+J6emnhdSKluLrol85BORrAnHP3f/XtNouOKZQBFCPZQSQecUvx5/7/ZbZ8iXpPWahDkshJpaWq29nTLXDryvboyze1JZWVPKeaZqOp7htLvrt+h8PkEoq1d7cnUyMU0N4eflzPBaCXHXaWTGYgq5Bqcfvg48ZSxGBYeHt5WWU2+GW5fpsaVBBYkdyxxGMoy/bzYzGhvfSJkexqnl0XkAAODa02mu3WsHrzRid6Mf+3syYbq/MfUodU6Vng2tbCqwnWrHCyrD4RYl6rg1TKuAv2YAfBhLzwBxHYVC4SRqzjs+8AaOQoF+lCjr4JklPhEuRThzD31YwIAQKBgQDAg4S7ciMmxvbNxR+1eimoAYLLF9jPpPU6w3VFNPb4rDu4tX77bNf082YplfJX5TYtZKjKPKyYG87K6slGunyPL4AFRW81WPB9u1uP26dihyPCBSUE01jKRPPfRrQnnru5fpm8LL3L03V3yA6J+GyQ8wltRJJi1eBSSm+IWRsZewKBgQC+PBD9J1LYOEIVeK9KvN8BpkA1ZIkk//VuJaoGfVXn+1EzM1yFB05fnsEQkHFynisvuCIr7pH63HcdyffQhe1YOnw9iDCG1zPjsi5uTe9WAM0dnb7xdsaLPr/Q2LyoDOTN9344Qovy1AAnpWtGTn6omgHst5nZpp/mHOuBlKiqSwKBgBKRXM77fjpyPEGyfpFxW+0xYB0YirfUUDa/vWLUbfGkIwp4ruuvHtEoXLUsGjiyCdys9b6zxW3SWMqnhIxG1la1HSLlBInfryphVL52UBmnsSI4fs6NV+YCaocheaTMoYyNkmRc6F1tYsoPyJ80D7yXRFR+paPUvxMQzNsYxQ1bAoGAHd2uSSBQWFPUxCwzUQd/93FTaU6EXYO103okTGqG/ymsoN4ya0wvWMHCy8fxl64PV6mP69fDoV/Vb57SwjEUhyJ/eOWVwMWuhtPliDnCFn1/tmOao6wjFZ9fW/l6/OMxVMjDTy/bat8vuwm0YtBWAEBVhwV4KPyI5AasTqa5KCsCgYB/usnqhVx2zt+MxpBt2Q9Vxc0zXcZxMDs69UUdTY86gjcJyCFGe3bbumUcyfSJzIznC2hfFX5ZyS0oMwiAzWtslRMh9LRh3kofD/6BogL3RKOlBk3iekvQ8Gn0tbwk2Qzr4WJgfA7A4GTf5r7Y+bvOfazzsUQAfSK6nUTIlOj2Ew==\n-----END RSA PRIVATE KEY-----\n"
#alipay_public_key="-----BEGIN PUBLIC KEY-----\nMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgHXLD1BshMymbqqtZVKNyo95FNfxzXzaw3P1eI0KeO6RaL+JzrWxzIBFfTjkWv/8WM9u/NcXMOFt2QO9q5KIDx6PkqjRDTd1hgP/cTgdjOHQqnVSihCrQDVCDBSOXIujC8Lk/P4pFVRhQkYeZqEb1qb8b/2tzTY8g9PKKBSCQv7SfgL2TBcpAVbb+9xdJ6VainC/wYGk8T+c+st1hXnuBJSS0m7LFxJOsYkNk0wbA0tfdZLrO3us2F7sjC9t4h/05nr+gSuDkzo+1kCEefYLqScexN+vnQiLoylp/C82wNiP6okxfhmHz3EcYfUqUyGTN/oFaFcPFPpUtFNS8jFV9QIDAQAB\n-----END PUBLIC KEY-----\n"
#
## initialize a client to communicate with the Alipay API
#@alipay_client = Alipay::Client.new(
# url: api_url,
# app_id: app_id,
# app_private_key: app_private_key,
# alipay_public_key: alipay_public_key
#)
#
#return_result = @alipay_client.page_execute_url(
# method: 'alipay.trade.page.pay',
# biz_content: JSON.generate({
# out_trade_no: '20210420104600',
# product_code: 'FAST_INSTANT_TRADE_PAY',
# total_amount: '0.01',
# subject: 'test'
# }, ascii_only: true), # ascii_only is important!
# timestamp: '2021-04-20 10:46:00'
#)
#render json: { pay_url: return_result }
#
# 替代解决方案
# 读取所有交易信息
end
def blockchain_create_trade
is_current_admin_user = User.current.logged? && (current_user&.admin? || current_user.id == params['user_id'].to_i)
if is_current_admin_user
user_id = params['user_id'].to_i
project_id = params['project_id'].to_i
money = params['money'].to_f
#description = params['description']
token_num = params['token_num'].to_i
# 锁仓
result = Blockchain::CreateTrade.call({user_id: user_id, project_id: project_id, token_num: token_num})
if result == false
raise Error, "创建交易失败"
else
bt = BlockchainTrade.new(user_id: user_id, project_id: project_id, token_num: token_num, money: money, state: 0) # state=0表示创建交易; state=1表示执行中; state=2表示执行完成
bt.save()
status = 2 # 交易创建成功
render json: { status: status }
end
else
raise Error, "没有权限"
end
end
def blockchain_get_trades
trades = BlockchainTrade.where(state: 0).all()
results = []
trades.each do |t|
project_id = t.project_id
project = Project.find_by(id: project_id)
if !project.nil?
owner = User.find_by(id: project.user_id)
else
owner = nil
end
user_id = t.user_id
creator = User.find_by(id: user_id)
if project.nil? || owner.nil? || creator.nil?
else
results << [creator, owner, project, t]
end
end
render json: { results: results }
end
def blockchain_trade
is_current_admin_user = User.current.logged? && (current_user&.admin? || current_user.id == params['user_id'].to_i)
if is_current_admin_user
user_id2 = params['user_id2'].to_i
trade_id = params['trade_id'].to_i
BlockchainTrade.find(trade_id).update(user_id2: user_id2, state: 1) # state=1表示锁定了等待线下卖家发货
render json: {status: 2} # window.location.reload()
else
raise Error, "没有权限"
end
end
def blockchain_verify_trade
is_current_admin_user = User.current.logged? && (current_user&.admin? || current_user.id == params['user_id'].to_i)
if is_current_admin_user
trade_id = params['trade_id'].to_i
BlockchainTrade.find(trade_id).update(state: 2) # state=2表示确认收货
render json: {status: 2} # window.location.reload()
else
raise Error, "没有权限"
end
end
def blockchain_get_verify_trades
is_current_admin_user = User.current.logged? && (current_user&.admin? || current_user.id == params['user_id'].to_i)
if is_current_admin_user
trades = BlockchainTrade.where(state: 1).all()
results = []
trades.each do |t|
project_id = t.project_id
project = Project.find_by(id: project_id)
if !project.nil?
owner = User.find_by(id: project.user_id)
else
owner = nil
end
user_id = t.user_id
creator = User.find_by(id: user_id)
user_id2 = t.user_id2
buyer = User.find_by(id: user_id2)
if project.nil? || owner.nil? || creator.nil? || buyer.nil?
else
results << [creator, owner, project, t, buyer]
end
end
render json: { results: results }
else
raise Error, "没有权限"
end
end
def blockchain_get_history_trades
is_current_admin_user = User.current.logged? && (current_user&.admin? || current_user.id == params['user_id'].to_i)
if is_current_admin_user
trades = BlockchainTrade.where(state: 2).all()
results = []
trades.each do |t|
project_id = t.project_id
project = Project.find_by(id: project_id)
if !project.nil?
owner = User.find_by(id: project.user_id)
else
owner = nil
end
user_id = t.user_id
creator = User.find_by(id: user_id)
user_id2 = t.user_id2
buyer = User.find_by(id: user_id2)
if project.nil? || owner.nil? || creator.nil? || buyer.nil?
else
results << [creator, owner, project, t, buyer]
end
end
render json: { results: results }
else
raise Error, "没有权限"
end
end
def blockchain_get_issue_token_num
issue_id = params["issue_id"]['orderId'].to_i
issue = Issue.find_by(id: issue_id)
render json: {"blockchain_token_num": issue.blockchain_token_num}
end
# TODO 其他平台登录时同步修改gitea平台对应用户的密码
# 该方法主要用于别的平台初次部署对接forge平台同步用户后gitea平台对应的用户密码与forge平台用户密码不一致是问题
def sync_gitea_pwd
return render_error("未找到相关的用户") if @user.blank?
flag = sync_pwd_to_gitea!(@user, {password: params[:password].to_s})
flag ? render_ok : render_error('同步失败!')
end
# TODO
# 同步trusite平台用户的salt信息只需同步一次同步完成后该方法可以删除
def sync_salt
user = User.find_by_login params[:login]
return if user.blank?
user.update_column(:salt, params[:salt])
render_ok
end
private
def load_user
@user = User.find_by_login(params[:id]) || User.find_by(id: params[:id])
end
def user_params
params.require(:user).permit(:nickname, :lastname, :show_realname,:login,:mail,
user_extension_attributes: [
:gender, :location, :location_city,
:occupation, :technical_title,
:school_id, :department_id,:identity, :student_id, :description]
)
end
def reply_message_params
normal_status(-1, "参数不对") if params[:journals_for_message][:jour_type].nil? || params[:journals_for_message][:jour_id].nil? ||
params[:journals_for_message][:notes].nil? || params[:journals_for_message][:reply_id].nil?
params.require(:journals_for_message).permit(:jour_type, :jour_id, :notes, :m_parent_id, :reply_id)
end
def check_user_exist
return if @user.present?
render_not_found
end
end
Reference in New Issue View Git Blame Copy Permalink