diff --git a/.gitignore b/.gitignore index 953e12ed..6014a7aa 100644 --- a/.gitignore +++ b/.gitignore @@ -35,6 +35,8 @@ env # IDEs .idea .idea/** +.vscode +.vscode/** config/terms.md coverage* diff --git a/.rubocop.yml b/.rubocop.yml index 6c4f976b..eebb25d8 100644 --- a/.rubocop.yml +++ b/.rubocop.yml @@ -41,6 +41,10 @@ Style/MixinUsage: Style/SymbolArray: Enabled: false +# Don't use begin blocks when they are not needed. +Style/RedundantBegin: + Enabled: false + # Use `%`-literal delimiters consistently Style/PercentLiteralDelimiters: Enabled: false diff --git a/Gemfile.lock b/Gemfile.lock index 3bcd53c3..5735fddc 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -215,7 +215,7 @@ GEM rake (>= 0.8.7) thor (>= 0.18.1, < 2.0) rainbow (3.0.0) - rake (12.3.1) + rake (12.3.2) random_password (0.1.1) rb-fsevent (0.10.3) rb-inotify (0.9.10) diff --git a/app/assets/javascripts/header.js b/app/assets/javascripts/header.js index 1fbb9fc5..842af35a 100644 --- a/app/assets/javascripts/header.js +++ b/app/assets/javascripts/header.js @@ -17,7 +17,8 @@ $(document).on('turbolinks:load', function(){ // Stores the current url when the user clicks the sign in button $(".sign-in-button").click(function(){ - document.cookie ="return_to=" + window.location.href + var url = [location.protocol, '//', location.host, location.pathname].join(''); + document.cookie ="return_to=" + url }) // Checks to see if the user provided an image url and displays it if they did diff --git a/app/assets/stylesheets/utilities/_primary_themes.scss b/app/assets/stylesheets/utilities/_primary_themes.scss index 33d29a56..12ae6fe0 100644 --- a/app/assets/stylesheets/utilities/_primary_themes.scss +++ b/app/assets/stylesheets/utilities/_primary_themes.scss @@ -9,7 +9,6 @@ .btn-primary:active, .btn-primary:active:focus, .btn-primary:active:hover, -.btn-primary:focus, .btn-primary:hover, .btn-primary:hover i { background-color: $primary-color-darken !important; @@ -17,6 +16,13 @@ color: white !important; } +.btn-primary:focus { + background-color: $primary-color-darken !important; + border-color: $primary-color-darken !important; + color: white !important; + box-shadow: 0 0 0 2px $primary-color-lighten !important; +} + a { color: $primary-color !important; } @@ -39,7 +45,7 @@ a { } &:focus { - box-shadow: 0 0 0 2px $primary-color-lighten; + box-shadow: 0 0 0 2px $primary-color-lighten !important; } } diff --git a/app/controllers/account_activations_controller.rb b/app/controllers/account_activations_controller.rb index 80e7ba22..1aa32ca5 100644 --- a/app/controllers/account_activations_controller.rb +++ b/app/controllers/account_activations_controller.rb @@ -32,6 +32,10 @@ class AccountActivationsController < ApplicationController if @user && !@user.activated? && @user.authenticated?(:activation, params[:token]) @user.activate + # Redirect user to root with account pending flash if account is still pending + return redirect_to root_path, + flash: { success: I18n.t("registration.approval.signup") } if @user.has_role?(:pending) + flash[:success] = I18n.t("verify.activated") + " " + I18n.t("verify.signin") redirect_to signin_path else diff --git a/app/controllers/admins_controller.rb b/app/controllers/admins_controller.rb index 7d3fb668..6e206b49 100644 --- a/app/controllers/admins_controller.rb +++ b/app/controllers/admins_controller.rb @@ -18,10 +18,15 @@ class AdminsController < ApplicationController include Pagy::Backend + include Emailer + + manage_users = [:edit_user, :promote, :demote, :ban_user, :unban_user, :approve] + site_settings = [:branding, :coloring, :registration_method] + authorize_resource class: false - before_action :find_user, only: [:edit_user, :promote, :demote, :ban_user, :unban_user] - before_action :verify_admin_of_user, only: [:edit_user, :promote, :demote, :ban_user, :unban_user] - before_action :find_setting, only: [:branding, :coloring] + before_action :find_user, only: manage_users + before_action :verify_admin_of_user, only: manage_users + before_action :find_setting, only: site_settings # GET /admins def index @@ -29,19 +34,11 @@ class AdminsController < ApplicationController @order_column = params[:column] && params[:direction] != "none" ? params[:column] : "created_at" @order_direction = params[:direction] && params[:direction] != "none" ? params[:direction] : "DESC" - if Rails.configuration.loadbalanced_configuration - @pagy, @users = pagy(User.without_role(:super_admin) - .where(provider: user_settings_provider) - .where.not(id: current_user.id) - .admins_search(@search) - .admins_order(@order_column, @order_direction)) - else - @pagy, @users = pagy(User.where.not(id: current_user.id) - .admins_search(@search) - .admins_order(@order_column, @order_direction)) - end + @pagy, @users = pagy(user_list) end + # MANAGE USERS + # GET /admins/edit/:user_uid def edit_user render "admins/index", locals: { setting_id: "account" } @@ -59,6 +56,48 @@ class AdminsController < ApplicationController redirect_to admins_path, flash: { success: I18n.t("administrator.flash.demoted") } end + # POST /admins/ban/:user_uid + def ban_user + @user.remove_role :pending if @user.has_role? :pending + @user.add_role :denied + redirect_to admins_path, flash: { success: I18n.t("administrator.flash.banned") } + end + + # POST /admins/unban/:user_uid + def unban_user + @user.remove_role :denied + redirect_to admins_path, flash: { success: I18n.t("administrator.flash.unbanned") } + end + + # POST /admins/approve/:user_uid + def approve + @user.remove_role :pending + + send_user_approved_email(@user) + + redirect_to admins_path, flash: { success: I18n.t("administrator.flash.approved") } + end + + # POST /admins/invite + def invite + email = params[:invite_user][:email] + + begin + invitation = create_or_update_invite(email) + + send_invitation_email(current_user.name, email, invitation.invite_token) + rescue => e + logger.error "Error in email delivery: #{e}" + flash[:alert] = I18n.t(params[:message], default: I18n.t("delivery_error")) + else + flash[:success] = I18n.t("administrator.flash.invite", email: email) + end + + redirect_to admins_path + end + + # SITE SETTINGS + # POST /admins/branding def branding @settings.update_value("Branding Image", params[:url]) @@ -68,19 +107,22 @@ class AdminsController < ApplicationController # POST /admins/color def coloring @settings.update_value("Primary Color", params[:color]) - redirect_to admins_path(setting: "site_settings") + redirect_to admins_path end - # POST /admins/ban/:user_uid - def ban_user - @user.add_role :denied - redirect_to admins_path, flash: { success: I18n.t("administrator.flash.banned") } - end + # POST /admins/registration_method/:method + def registration_method + new_method = Rails.configuration.registration_methods[params[:method].to_sym] - # POST /admins/unban/:user_uid - def unban_user - @user.remove_role :denied - redirect_to admins_path, flash: { success: I18n.t("administrator.flash.unbanned") } + # Only allow change to Join by Invitation if user has emails enabled + if !Rails.configuration.enable_email_verification && new_method == Rails.configuration.registration_methods[:invite] + redirect_to admins_path, + flash: { alert: I18n.t("administrator.flash.invite_email_verification") } + else + @settings.update_value("Registration Method", new_method) + redirect_to admins_path, + flash: { success: I18n.t("administrator.flash.registration_method_updated") } + end end private @@ -97,4 +139,35 @@ class AdminsController < ApplicationController redirect_to admins_path, flash: { alert: I18n.t("administrator.flash.unauthorized") } unless current_user.admin_of?(@user) end + + # Gets the list of users based on your configuration + def user_list + if Rails.configuration.loadbalanced_configuration + User.without_role(:super_admin) + .where(provider: user_settings_provider) + .where.not(id: current_user.id) + .admins_search(@search) + .admins_order(@order_column, @order_direction) + else + User.where.not(id: current_user.id) + .admins_search(@search) + .admins_order(@order_column, @order_direction) + end + end + + # Creates the invite if it doesn't exist, or updates the updated_at time if it does + def create_or_update_invite(email) + invite = Invitation.find_by(email: email, provider: @user_domain) + + # Invite already exists + if invite.present? + # Updates updated_at to now + invite.touch + else + # Creates invite + invite = Invitation.create(email: email, provider: @user_domain) + end + + invite + end end diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb index dc241760..bbd6f29e 100644 --- a/app/controllers/application_controller.rb +++ b/app/controllers/application_controller.rb @@ -19,6 +19,7 @@ require 'bigbluebutton_api' class ApplicationController < ActionController::Base + include ApplicationHelper include SessionsHelper include ThemingHelper @@ -26,7 +27,7 @@ class ApplicationController < ActionController::Base before_action :set_locale before_action :check_admin_password before_action :set_user_domain - before_action :check_if_unbanned + before_action :check_user_role # Force SSL for loadbalancer configurations. before_action :redirect_to_https @@ -84,7 +85,7 @@ class ApplicationController < ActionController::Base helper_method :recording_thumbnails? def allow_greenlight_users? - Rails.configuration.greenlight_accounts + allow_greenlight_accounts? end helper_method :allow_greenlight_users? @@ -136,11 +137,14 @@ class ApplicationController < ActionController::Base helper_method :set_user_domain # Checks if the user is banned and logs him out if he is - def check_if_unbanned - if current_user&.has_role?(:denied) + def check_user_role + if current_user&.has_role? :denied session.delete(:user_id) - redirect_to unauthorized_path + redirect_to root_path, flash: { alert: I18n.t("registration.banned.fail") } + elsif current_user&.has_role? :pending + session.delete(:user_id) + redirect_to root_path, flash: { alert: I18n.t("registration.approval.fail") } end end - helper_method :check_if_unbanned + helper_method :check_user_role end diff --git a/app/controllers/concerns/emailer.rb b/app/controllers/concerns/emailer.rb index 53a10a9c..c4a22e83 100644 --- a/app/controllers/concerns/emailer.rb +++ b/app/controllers/concerns/emailer.rb @@ -31,12 +31,32 @@ module Emailer UserMailer.password_reset(@user, reset_link, logo_image, user_color).deliver_now end + # Sends inivitation to join + def send_invitation_email(name, email, token) + @token = token + UserMailer.invite_email(name, email, invitation_link, logo_image, user_color).deliver_now + end + + def send_user_approved_email(user) + UserMailer.approve_user(user, root_url, logo_image, user_color).deliver_now + end + + private + # Returns the link the user needs to click to verify their account def user_verification_link - request.base_url + edit_account_activation_path(token: @user.activation_token, email: @user.email) + edit_account_activation_url(token: @user.activation_token, email: @user.email) end def reset_link - request.base_url + edit_password_reset_path(@user.reset_token, email: @user.email) + edit_password_reset_url(@user.reset_token, email: @user.email) + end + + def invitation_link + if allow_greenlight_users? + signup_url(invite_token: @token) + else + root_url(invite_token: @token) + end end end diff --git a/app/controllers/concerns/registrar.rb b/app/controllers/concerns/registrar.rb new file mode 100644 index 00000000..79c0a622 --- /dev/null +++ b/app/controllers/concerns/registrar.rb @@ -0,0 +1,54 @@ +# frozen_string_literal: true + +# BigBlueButton open source conferencing system - http://www.bigbluebutton.org/. +# +# Copyright (c) 2018 BigBlueButton Inc. and by respective authors (see below). +# +# This program is free software; you can redistribute it and/or modify it under the +# terms of the GNU Lesser General Public License as published by the Free Software +# Foundation; either version 3.0 of the License, or (at your option) any later +# version. +# +# BigBlueButton is distributed in the hope that it will be useful, but WITHOUT ANY +# WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A +# PARTICULAR PURPOSE. See the GNU Lesser General Public License for more details. +# +# You should have received a copy of the GNU Lesser General Public License along +# with BigBlueButton; if not, see . + +module Registrar + extend ActiveSupport::Concern + + def registration_method + Setting.find_or_create_by!(provider: user_settings_provider).get_value("Registration Method") + end + + def open_registration + registration_method == Rails.configuration.registration_methods[:open] + end + + def approval_registration + registration_method == Rails.configuration.registration_methods[:approval] + end + + def invite_registration + registration_method == Rails.configuration.registration_methods[:invite] + end + + # Returns a hash containing whether the user has been invited and if they + # signed up with the same email that they were invited with + def check_user_invited(email, token, domain) + return { present: true, verified: false } unless invite_registration + return { present: false, verified: false } if token.nil? + + invite = Invitation.valid.find_by(invite_token: token, provider: domain) + if invite.present? + # Check if they used the same email to sign up + same_email = email.casecmp(invite.email).zero? + invite.destroy + { present: true, verified: same_email } + else + { present: false, verified: false } + end + end +end diff --git a/app/controllers/main_controller.rb b/app/controllers/main_controller.rb index a6ac81bc..df97a090 100644 --- a/app/controllers/main_controller.rb +++ b/app/controllers/main_controller.rb @@ -17,7 +17,10 @@ # with BigBlueButton; if not, see . class MainController < ApplicationController + include Registrar # GET / def index + # Store invite token + session[:invite_token] = params[:invite_token] if params[:invite_token] && invite_registration end end diff --git a/app/controllers/sessions_controller.rb b/app/controllers/sessions_controller.rb index 0dc85d40..e08bb005 100644 --- a/app/controllers/sessions_controller.rb +++ b/app/controllers/sessions_controller.rb @@ -17,6 +17,8 @@ # with BigBlueButton; if not, see . class SessionsController < ApplicationController + include Registrar + skip_before_action :verify_authenticity_token, only: [:omniauth, :fail] # GET /users/logout @@ -32,11 +34,11 @@ class SessionsController < ApplicationController user = admin else user = User.find_by(email: session_params[:email], provider: @user_domain) - redirect_to(root_path, alert: I18n.t("invalid_user")) && return unless user + redirect_to(signin_path, alert: I18n.t("invalid_user")) && return unless user redirect_to(root_path, alert: I18n.t("invalid_login_method")) && return unless user.greenlight_account? redirect_to(account_activation_path(email: user.email)) && return unless user.activated? end - redirect_to(root_path, alert: I18n.t("invalid_credentials")) && return unless user.try(:authenticate, + redirect_to(signin_path, alert: I18n.t("invalid_credentials")) && return unless user.try(:authenticate, session_params[:password]) login(user) @@ -44,11 +46,26 @@ class SessionsController < ApplicationController # GET/POST /auth/:provider/callback def omniauth - user = User.from_omniauth(request.env['omniauth.auth']) - login(user) - rescue => e - logger.error "Error authenticating via omniauth: #{e}" - omniauth_fail + begin + @auth = request.env['omniauth.auth'] + @user_exists = check_user_exists + + # If using invitation registration method, make sure user is invited + return redirect_to root_path, flash: { alert: I18n.t("registration.invite.no_invite") } unless passes_invite_reqs + + user = User.from_omniauth(@auth) + + # Add pending role if approval method and is a new user + if approval_registration && !@user_exists + user.add_role :pending + return redirect_to root_path, flash: { success: I18n.t("registration.approval.signup") } + end + + login(user) + rescue => e + logger.error "Error authenticating via omniauth: #{e}" + omniauth_fail + end end # POST /auth/failure @@ -61,4 +78,17 @@ class SessionsController < ApplicationController def session_params params.require(:session).permit(:email, :password) end + + def check_user_exists + provider = @auth['provider'] == "bn_launcher" ? @auth['info']['customer'] : @auth['provider'] + User.exists?(social_uid: @auth['uid'], provider: provider) + end + + # Check if the user already exists, if not then check for invitation + def passes_invite_reqs + return true if @user_exists + + invitation = check_user_invited("", session[:invite_token], @user_domain) + invitation[:present] + end end diff --git a/app/controllers/users_controller.rb b/app/controllers/users_controller.rb index 026bb3e2..cdf60820 100644 --- a/app/controllers/users_controller.rb +++ b/app/controllers/users_controller.rb @@ -20,6 +20,7 @@ class UsersController < ApplicationController include RecordingsHelper include Pagy::Backend include Emailer + include Registrar before_action :find_user, only: [:edit, :update, :destroy] before_action :ensure_unauthenticated, only: [:new, :create] @@ -32,29 +33,29 @@ class UsersController < ApplicationController @user = User.new(user_params) @user.provider = @user_domain - # Add validation errors to model if they exist - valid_user = @user.valid? - valid_captcha = Rails.configuration.recaptcha_enabled ? verify_recaptcha(model: @user) : true + # User or recpatcha is not valid + render(:new) && return unless valid_user_or_captcha - if valid_user && valid_captcha - @user.save - else - render(:new) && return + # Redirect to root if user token is either invalid or expired + return redirect_to root_path, flash: { alert: I18n.t("registration.invite.fail") } unless passes_invite_reqs + + # User has passed all validations required + @user.save + + # Set user to pending and redirect if Approval Registration is set + if approval_registration + @user.add_role :pending + + return redirect_to root_path, + flash: { success: I18n.t("registration.approval.signup") } unless Rails.configuration.enable_email_verification end - # Sign in automatically if email verification is disabled. - login(@user) && return unless Rails.configuration.enable_email_verification + # Sign in automatically if email verification is disabled or if user is already verified. + login(@user) && return if !Rails.configuration.enable_email_verification || @user.email_verified - # Start email verification and redirect to root. - begin - send_activation_email(@user) - rescue => e - logger.error "Error in email delivery: #{e}" - flash[:alert] = I18n.t(params[:message], default: I18n.t("delivery_error")) - else - flash[:success] = I18n.t("email_sent", email_type: t("verify.verification")) - end - redirect_to(root_path) + send_verification + + redirect_to root_path end # GET /signin @@ -63,11 +64,16 @@ class UsersController < ApplicationController # GET /signup def new - if Rails.configuration.allow_user_signup - @user = User.new - else - redirect_to root_path + return redirect_to root_path unless Rails.configuration.allow_user_signup + + # Check if the user needs to be invited + if invite_registration + redirect_to root_path, flash: { alert: I18n.t("registration.invite.no_invite") } unless params[:invite_token] + + session[:invite_token] = params[:invite_token] end + + @user = User.new end # GET /u/:user_uid/edit @@ -174,4 +180,34 @@ class UsersController < ApplicationController params.require(:user).permit(:name, :email, :image, :password, :password_confirmation, :new_password, :provider, :accepted_terms, :language) end + + def send_verification + # Start email verification and redirect to root. + begin + send_activation_email(@user) + rescue => e + logger.error "Error in email delivery: #{e}" + flash[:alert] = I18n.t(params[:message], default: I18n.t("delivery_error")) + else + flash[:success] = I18n.t("email_sent", email_type: t("verify.verification")) + end + end + + # Add validation errors to model if they exist + def valid_user_or_captcha + valid_user = @user.valid? + valid_captcha = Rails.configuration.recaptcha_enabled ? verify_recaptcha(model: @user) : true + + valid_user && valid_captcha + end + + # Checks if the user passes the requirements to be invited + def passes_invite_reqs + # check if user needs to be invited and IS invited + invitation = check_user_invited(@user.email, session[:invite_token], @user_domain) + + @user.email_verified = true if invitation[:verified] + + invitation[:present] + end end diff --git a/app/helpers/admins_helper.rb b/app/helpers/admins_helper.rb index e0aa5c5c..4ad6bb35 100644 --- a/app/helpers/admins_helper.rb +++ b/app/helpers/admins_helper.rb @@ -18,4 +18,31 @@ module AdminsHelper include Pagy::Frontend + + def display_invite + current_page?(admins_path) && invite_registration + end + + def registration_method + Setting.find_or_create_by!(provider: user_settings_provider).get_value("Registration Method") + end + + def invite_registration + registration_method == Rails.configuration.registration_methods[:invite] + end + + def approval_registration + registration_method == Rails.configuration.registration_methods[:approval] + end + + def registration_method_string + case registration_method + when Rails.configuration.registration_methods[:open] + I18n.t("administrator.site_settings.registration.methods.open") + when Rails.configuration.registration_methods[:invite] + I18n.t("administrator.site_settings.registration.methods.invite") + when Rails.configuration.registration_methods[:approval] + I18n.t("administrator.site_settings.registration.methods.approval") + end + end end diff --git a/app/mailers/user_mailer.rb b/app/mailers/user_mailer.rb index 3ffee474..7f911b6b 100644 --- a/app/mailers/user_mailer.rb +++ b/app/mailers/user_mailer.rb @@ -34,4 +34,21 @@ class UserMailer < ApplicationMailer @color = color mail to: user.email, subject: t('reset_password.subtitle') end + + def invite_email(name, email, url, image, color) + @name = name + @email = email + @url = url + @image = image + @color = color + mail to: email, subject: t('mailer.user.invite.subject') + end + + def approve_user(user, url, image, color) + @user = user + @url = url + @image = image + @color = color + mail to: user.email, subject: t('mailer.user.approve.subject') + end end diff --git a/app/models/invitation.rb b/app/models/invitation.rb new file mode 100644 index 00000000..b1e36afb --- /dev/null +++ b/app/models/invitation.rb @@ -0,0 +1,23 @@ +# frozen_string_literal: true + +# BigBlueButton open source conferencing system - http://www.bigbluebutton.org/. +# +# Copyright (c) 2018 BigBlueButton Inc. and by respective authors (see below). +# +# This program is free software; you can redistribute it and/or modify it under the +# terms of the GNU Lesser General Public License as published by the Free Software +# Foundation; either version 3.0 of the License, or (at your option) any later +# version. +# +# BigBlueButton is distributed in the hope that it will be useful, but WITHOUT ANY +# WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A +# PARTICULAR PURPOSE. See the GNU Lesser General Public License for more details. +# +# You should have received a copy of the GNU Lesser General Public License along +# with BigBlueButton; if not, see . + +class Invitation < ApplicationRecord + has_secure_token :invite_token + + scope :valid, -> { where(updated_at: (Time.now - 48.hours)..Time.now) } +end diff --git a/app/models/setting.rb b/app/models/setting.rb index c0e859e3..3daaa26e 100644 --- a/app/models/setting.rb +++ b/app/models/setting.rb @@ -37,6 +37,8 @@ class Setting < ApplicationRecord Rails.configuration.branding_image_default when "Primary Color" Rails.configuration.primary_color_default + when "Registration Method" + Rails.configuration.registration_method_default end end end diff --git a/app/views/errors/unauthorized.html.erb b/app/views/errors/unauthorized.html.erb index e54591d7..1e6682a8 100644 --- a/app/views/errors/unauthorized.html.erb +++ b/app/views/errors/unauthorized.html.erb @@ -15,6 +15,6 @@
401
-

<%= t("errors.unauthorized.message") %>

-

<%= t("errors.unauthorized.help") %>

+

<%= I18n.t("errors.unauthorized.message") %>

+

<%= I18n.t("errors.unauthorized.help") %>

diff --git a/app/views/shared/admin_settings/_site_settings.html.erb b/app/views/shared/admin_settings/_site_settings.html.erb index 793083db..660cde17 100644 --- a/app/views/shared/admin_settings/_site_settings.html.erb +++ b/app/views/shared/admin_settings/_site_settings.html.erb @@ -26,8 +26,11 @@ - -
+
+ +
+
+
@@ -44,4 +47,28 @@
+
+
+
+ + +
+ +
+ <%= button_to admin_change_registration_path("open"), class: "dropdown-item" do %> + <%= t("administrator.site_settings.registration.methods.open") %> + <% end %> + <%= button_to admin_change_registration_path("invite"), class: "dropdown-item" do %> + <%= t("administrator.site_settings.registration.methods.invite") %> + <% end %> + <%= button_to admin_change_registration_path("approval"), class: "dropdown-item" do %> + <%= t("administrator.site_settings.registration.methods.approval") %> + <% end %> +
+
+
+
+
diff --git a/app/views/shared/admin_settings/_users.html.erb b/app/views/shared/admin_settings/_users.html.erb index 47140dd5..5aebf6ea 100644 --- a/app/views/shared/admin_settings/_users.html.erb +++ b/app/views/shared/admin_settings/_users.html.erb @@ -68,11 +68,15 @@ <%= user.email && user.email != "" ? user.email : user.username%> <%= user.provider %> - <% roles = user.roles().pluck(:name) %> + <% roles = user.roles().pluck(:name) %> <% if roles.include?("denied")%>
<%= t("roles.banned") %>
+ <% elsif roles.include?("pending") %> +
+ <%= t("roles.pending") %> +
<% elsif roles.include?("super_admin") %>
<%= t("roles.super_admin") %> @@ -88,7 +92,21 @@ <% end %> - <% unless roles.include?("super_admin") %> + <% if roles.include?("pending") %> +
+ + + +
+ <%= button_to admin_approve_path(user_uid: user.uid), class: "dropdown-item" do %> + <%= t("administrator.users.settings.approve") %> + <% end %> + <%= button_to admin_ban_path(user_uid: user.uid), class: "dropdown-item" do %> + <%= t("administrator.users.settings.decline") %> + <% end %> +
+
+ <% elsif !roles.include?("super_admin") %>
@@ -142,3 +160,5 @@
+ +<%= render "shared/modals/invite_user_modal" %> diff --git a/app/views/shared/components/_subtitle.html.erb b/app/views/shared/components/_subtitle.html.erb index 29870f89..f051494a 100644 --- a/app/views/shared/components/_subtitle.html.erb +++ b/app/views/shared/components/_subtitle.html.erb @@ -14,12 +14,20 @@ %>
-
+

<%= subtitle %>

<% if search %> -
-