diff options
| author | Jean-Philippe Lang <jp_lang@yahoo.fr> | 2016-03-20 07:09:20 +0000 |
|---|---|---|
| committer | Jean-Philippe Lang <jp_lang@yahoo.fr> | 2016-03-20 07:09:20 +0000 |
| commit | 4aef2735c878bf625527fea04dfefd16f714e896 (patch) | |
| tree | 0be37503fc9d9cbcd5c4081a39c8f2e7834840b1 /app/models/user.rb | |
| parent | e1aa18b33388901d47476df4a68a1d25f27a9658 (diff) | |
| download | redmine-4aef2735c878bf625527fea04dfefd16f714e896.tar.gz redmine-4aef2735c878bf625527fea04dfefd16f714e896.zip | |
Send a security notification when users gain or loose admin (#21421).
Patch by Jan Schulz-Hofen.
git-svn-id: http://svn.redmine.org/redmine/trunk@15265 e93f8b46-1217-0410-a6f0-8f06a7374b81
Diffstat (limited to 'app/models/user.rb')
| -rw-r--r-- | app/models/user.rb | 31 |
1 files changed, 30 insertions, 1 deletions
diff --git a/app/models/user.rb b/app/models/user.rb index e2a7c4559..dca472810 100644 --- a/app/models/user.rb +++ b/app/models/user.rb @@ -123,7 +123,8 @@ class User < Principal before_create :set_mail_notification before_save :generate_password_if_needed, :update_hashed_password before_destroy :remove_references_before_destroy - after_save :update_notified_project_ids, :destroy_tokens + after_save :update_notified_project_ids, :destroy_tokens, :deliver_security_notification + after_destroy :deliver_security_notification scope :in_group, lambda {|group| group_id = group.is_a?(Group) ? group.id : group.to_i @@ -835,6 +836,34 @@ class User < Principal def self.generate_salt Redmine::Utils.random_hex(16) end + # Send a security notification to all admins if the user has gained/lost admin privileges + def deliver_security_notification + options = { + field: :field_admin, + value: login, + title: :label_user_plural, + url: {controller: 'users', action: 'index'} + } + deliver = false + if (admin? && id_changed? && active?) || # newly created admin + (admin? && admin_changed? && active?) || # regular user became admin + (admin? && status_changed? && active?) # locked admin became active again + + deliver = true + options[:message] = :mail_body_security_notification_add + + elsif (admin? && destroyed? && active?) || # active admin user was deleted + (!admin? && admin_changed? && active?) || # admin is no longer admin + (admin? && status_changed? && !active?) # admin was locked + + deliver = true + options[:message] = :mail_body_security_notification_remove + end + + User.where(admin: true, status: Principal::STATUS_ACTIVE).each{|u| Mailer.security_notification(u, options).deliver} if deliver + end + + end |