- add_to_breadcrumbs _("Users"), admin_users_path
- breadcrumb_title @user.name
- page_title @user.name, _("Users")
= render 'admin/users/head'

.row
  .col-md-6
    .card
      .card-header
        = @user.name
      %ul.content-list
        %li
          = image_tag avatar_icon_for_user(@user, 60), class: "avatar s60"
        %li
          %span.light Profile page:
          %strong
            = link_to user_path(@user) do
              = @user.username
    = render 'admin/users/profile', user: @user

    .card
      .card-header
        Account:
      %ul.content-list
        %li
          %span.light Name:
          %strong= @user.name
        %li
          %span.light Username:
          %strong
            = @user.username
        %li
          %span.light Email:
          %strong
            = render partial: 'shared/email_with_badge', locals: { email: mail_to(@user.email), verified: @user.confirmed? }
        - @user.emails.each do |email|
          %li
            %span.light Secondary email:
            %strong
              = render partial: 'shared/email_with_badge', locals: { email: email.email, verified: email.confirmed? }
            = link_to remove_email_admin_user_path(@user, email), data: { confirm: "Are you sure you want to remove #{email.email}?" }, method: :delete, class: "btn btn-sm btn-danger gl-button btn-icon float-right", title: 'Remove secondary email', id: "remove_email_#{email.id}" do
              = sprite_icon('close', size: 16, css_class: 'gl-icon')
        %li
          %span.light ID:
          %strong{ data: { qa_selector: 'user_id_content' } }
            = @user.id
        %li
          %span.light= _('Namespace ID:')
          %strong
            = @user.namespace_id

        %li.two-factor-status
          %span.light Two-factor Authentication:
          %strong{ class: @user.two_factor_enabled? ? 'cgreen' : 'cred' }
            - if @user.two_factor_enabled?
              Enabled
              = link_to 'Disable', disable_two_factor_admin_user_path(@user), data: {confirm: 'Are you sure?'}, method: :patch, class: 'btn gl-button btn-sm btn-danger float-right', title: 'Disable Two-factor Authentication'
            - else
              Disabled

        = render_if_exists 'admin/namespace_plan_info', namespace: @user.namespace

        %li
          %span.light External User:
          %strong
            = @user.external? ? "Yes" : "No"
        %li
          %span.light Can create groups:
          %strong
            = @user.can_create_group ? "Yes" : "No"
        %li
          %span.light Personal projects limit:
          %strong
            = @user.projects_limit
        %li
          %span.light Member since:
          %strong
            = @user.created_at.to_s(:medium)
        - if @user.confirmed_at
          %li
            %span.light Confirmed at:
            %strong
              = @user.confirmed_at.to_s(:medium)
        - else
          %li
            %span.light Confirmed:
            %strong.cred
              No

        %li
          %span.light Current sign-in IP:
          %strong
            = @user.current_sign_in_ip || _('never')

        %li
          %span.light Current sign-in at:
          %strong
            = @user.current_sign_in_at&.to_s(:medium) || _('never')

        %li
          %span.light Last sign-in IP:
          %strong
            = @user.last_sign_in_ip || _('never')

        %li
          %span.light Last sign-in at:
          %strong
            = @user.last_sign_in_at&.to_s(:medium) || _('never')

        %li
          %span.light Sign-in count:
          %strong
            = @user.sign_in_count

        %li
          %span.light= _("Highest role:")
          %strong
            = Gitlab::Access.human_access_with_none(@user.highest_role)

        = render_if_exists 'admin/users/using_license_seat', user: @user

        - if @user.ldap_user?
          %li
            %span.light LDAP uid:
            %strong
              = @user.ldap_identity.extern_uid

        - if @user.created_by
          %li
            %span.light Created by:
            %strong
              = link_to @user.created_by.name, [:admin, @user.created_by]

        = render_if_exists 'namespaces/shared_runner_status', namespace: @user.namespace

    = render 'shared/custom_attributes', custom_attributes: @user.custom_attributes

  .col-md-6
    - unless @user == current_user
      - if can_force_email_confirmation?(@user)
        .card.border-info
          .card-header.bg-info.text-white
            Confirm user
          .card-body
            - if @user.unconfirmed_email.present?
              - email = " (#{@user.unconfirmed_email})"
            %p This user has an unconfirmed email address#{email}. You may force a confirmation.
            %br
            = link_to 'Confirm user', confirm_admin_user_path(@user), method: :put, class: "btn gl-button btn-info", data: { confirm: 'Are you sure?', qa_selector: 'confirm_user_button' }

      = render 'admin/users/user_detail_note'

      - unless @user.internal?
        - if @user.deactivated?
          .card.border-info
            .card-header.bg-info.text-white
              Reactivate this user
            .card-body
              = render partial: 'admin/users/user_activation_effects'
              %br
              %button.btn.gl-button.btn-info.js-confirm-modal-button{ data: user_activation_data(@user) }
                = s_('AdminUsers|Activate user')
        - elsif @user.can_be_deactivated?
          .card.border-warning
            .card-header.bg-warning.text-white
              Deactivate this user
            .card-body
              = user_deactivation_effects
              %br
              %button.btn.gl-button.btn-warning.js-confirm-modal-button{ data: user_deactivation_data(@user, s_('AdminUsers|You can always re-activate their account, their data will remain intact.')) }
                = s_('AdminUsers|Deactivate user')
      - if @user.blocked?
        - if @user.blocked_pending_approval?
          = render 'admin/users/approve_user', user: @user
          = render 'admin/users/reject_pending_user', user: @user
        - else
          .card.border-info
            .card-header.gl-bg-blue-500.gl-text-white
              This user is blocked
            .card-body
              %p A blocked user cannot:
              %ul
                %li Log in
                %li Access Git repositories
              %br
              %button.btn.gl-button.btn-info.js-confirm-modal-button{ data: user_unblock_data(@user) }
                = s_('AdminUsers|Unblock user')
      - elsif !@user.internal?
        = render 'admin/users/block_user', user: @user

      - if @user.access_locked?
        .card.border-info
          .card-header.bg-info.text-white
            This account has been locked
          .card-body
            %p This user has been temporarily locked due to excessive number of failed logins. You may manually unlock the account.
            %br
            = link_to 'Unlock user', unlock_admin_user_path(@user), method: :put, class: "btn gl-button btn-info", data: { confirm: 'Are you sure?' }
      - if !@user.blocked_pending_approval?
        .card.border-danger
          .card-header.bg-danger.text-white
            = s_('AdminUsers|Delete user')
          .card-body
            - if @user.can_be_removed? && can?(current_user, :destroy_user, @user)
              %p Deleting a user has the following effects:
              = render 'users/deletion_guidance', user: @user
              %br
              %button.delete-user-button.btn.gl-button.btn-danger{ data: { 'gl-modal-action': 'delete',
                delete_user_url: admin_user_path(@user),
                block_user_url: block_admin_user_path(@user),
                username: sanitize_name(@user.name) } }
                = s_('AdminUsers|Delete user')
            - else
              - if @user.solo_owned_groups.present?
                %p
                  This user is currently an owner in these groups:
                  %strong= @user.solo_owned_groups.map(&:name).join(', ')
                %p
                  You must transfer ownership or delete these groups before you can delete this user.
              - else
                %p
                  You don't have access to delete this user.

        .card.border-danger
          .card-header.bg-danger.text-white
            = s_('AdminUsers|Delete user and contributions')
          .card-body
            - if can?(current_user, :destroy_user, @user)
              %p
                This option deletes the user and any contributions that
                would usually be moved to the
                = succeed "." do
                  = link_to "system ghost user", help_page_path("user/profile/account/delete_account")
                As well as the user's personal projects, groups owned solely by
                the user, and projects in them, will also be removed. Commits
                to other projects are unaffected.
              %br
                %button.delete-user-button.btn.gl-button.btn-danger{ data: { 'gl-modal-action': 'delete-with-contributions',
                  delete_user_url: admin_user_path(@user, hard_delete: true),
                  block_user_url: block_admin_user_path(@user),
                  username: @user.name } }
                  = s_('AdminUsers|Delete user and contributions')
            - else
              %p
                You don't have access to delete this user.

= render partial: 'admin/users/modals'