Class: User

Inherits:

ActiveRecord::Base

• Object
• ActiveRecord::Base
• User

Includes:

Cms::Authentication::Model

Defined in:

app/models/user.rb

Direct Known Subclasses

GuestUser

Class Method Summary

• .current ⇒ Object
• .current=(user) ⇒ Object
• .guest(options = {}) ⇒ Object

Instance Method Summary

• #able_to?(*required_permissions) ⇒ Boolean

  Expects a list of names of Permissions true if the user has any of the permissions.

• #able_to_edit?(object) ⇒ Boolean

  Expects node to be a Section, Page or Link Returns true if the specified node, or any of its ancestor sections, is editable by any of the user’s ‘CMS User’ groups.

• #able_to_edit_or_publish_content? ⇒ Boolean
• #able_to_modify?(object) ⇒ Boolean
• #able_to_publish?(object) ⇒ Boolean
• #able_to_view?(object) ⇒ Boolean

  Determine if this user has permission to view the specific object.

• #cms_access? ⇒ Boolean

  Determines if this user should have access to the CMS administration tools.

• #disable ⇒ Object
• #disable! ⇒ Object
• #enable ⇒ Object
• #enable! ⇒ Object
• #expired? ⇒ Boolean
• #expires_at_formatted ⇒ Object

  This is to show a formated date on the input form.

• #full_name ⇒ Object
• #full_name_or_login ⇒ Object
• #full_name_with_login ⇒ Object
• #guest? ⇒ Boolean
• #modifiable_sections ⇒ Object
• #permissions ⇒ Object
• #viewable_sections ⇒ Object

Methods included from Cms::Authentication::Model

included

Class Method Details

.current ⇒ Object

# File 'app/models/user.rb', line 26

def self.current
  Thread.current[:cms_user]
end

.current=(user) ⇒ Object

# File 'app/models/user.rb', line 29

def self.current=(user)
  Thread.current[:cms_user] = user
end

.guest(options = {}) ⇒ Object

# File 'app/models/user.rb', line 33

def self.guest(options = {})
  GuestUser.new(options)
end

Instance Method Details

#able_to?(*required_permissions) ⇒ Boolean

Expects a list of names of Permissions true if the user has any of the permissions

Returns:

• (Boolean)

# File 'app/models/user.rb', line 111

def able_to?(*required_permissions)
  perms = required_permissions.map(&:to_sym)
  permissions.any? do |p| 
    perms.include?(p.name.to_sym) 
  end
end

#able_to_edit?(object) ⇒ Boolean

Expects node to be a Section, Page or Link Returns true if the specified node, or any of its ancestor sections, is editable by any of the user’s ‘CMS User’ groups.

Returns:

• (Boolean)

# File 'app/models/user.rb', line 157

def able_to_edit?(object)    
  able_to?(:edit_content) && able_to_modify?(object)
end

#able_to_edit_or_publish_content? ⇒ Boolean

Returns:

• (Boolean)

# File 'app/models/user.rb', line 165

def able_to_edit_or_publish_content?
  able_to?(:edit_content, :publish_content)
end

#able_to_modify?(object) ⇒ Boolean

Returns:

• (Boolean)

# File 'app/models/user.rb', line 139

def able_to_modify?(object)
  case object
    when Section
      modifiable_sections.include?(object)
    when Page, Link
      modifiable_sections.include?(object.section)
    else
      if object.class.respond_to?(:connectable?) && object.class.connectable?
        object.connected_pages.all? { |page| able_to_modify?(page) }
      else
        true
      end
  end
end

#able_to_publish?(object) ⇒ Boolean

Returns:

• (Boolean)

# File 'app/models/user.rb', line 161

def able_to_publish?(object)
  able_to?(:publish_content) && able_to_modify?(object)
end

#able_to_view?(object) ⇒ Boolean

Determine if this user has permission to view the specific object. Permissions

are always tied to a specific section. This method can take different input parameters
and will attempt to determine the relevant section to check.

Expects object to be of type:

1. Section - Will check the user's groups to see if any of those groups can view this section.
2. Path - Will look up the section based on the path, then check it.  (Note that section paths are not currently unique, so this will check the first one it finds).
3. Other - Assumes it has a section attribute and will call that and check the return value.

Returns: true if the user can view this object, false otherwise. Raises: ActiveRecord::RecordNotFound if a path to a not existent section is passed in.

Returns:

• (Boolean)

# File 'app/models/user.rb', line 128

def able_to_view?(object)
  section = object
  if object.is_a?(String)
     section = Section.find_by_path(object)
     raise ActiveRecord::RecordNotFound.new("Could not find section with path = '#{object}'") unless section
  elsif !object.is_a?(Section)
    section = object.section
  end
  viewable_sections.include?(section) || cms_access?
end

#cms_access? ⇒ Boolean

Determines if this user should have access to the CMS administration tools. Can be overridden by specific users (like GuestUser) which may not need to check the database for that information.

Returns:

• (Boolean)

# File 'app/models/user.rb', line 43

def cms_access?
  groups.cms_access.count > 0 
end

#disable ⇒ Object

# File 'app/models/user.rb', line 47

def disable
  if self.class.count(:conditions => ["expires_at is null and id != ?", id]) > 0
    self.expires_at = Time.now - 1.minutes
  else
    false
  end
end

#disable! ⇒ Object

# File 'app/models/user.rb', line 55

def disable!
  unless disable
    raise "You must have at least 1 enabled user"
  end
  save!
end

#enable ⇒ Object

# File 'app/models/user.rb', line 66

def enable
  self.expires_at = nil
end

#enable! ⇒ Object

# File 'app/models/user.rb', line 70

def enable!
  enable
  save!
end

#expired? ⇒ Boolean

Returns:

• (Boolean)

# File 'app/models/user.rb', line 62

def expired?
  expires_at && expires_at <= Time.now
end

#expires_at_formatted ⇒ Object

This is to show a formated date on the input form. I’m unsure that this is the best way to solve this, but it works.

# File 'app/models/user.rb', line 93

def expires_at_formatted
  expires_at ? (expires_at.strftime '%m/%d/%Y' ): nil
end

#full_name ⇒ Object

# File 'app/models/user.rb', line 75

def full_name
  [first_name, last_name].reject{|e| e.nil?}.join(" ")
end

#full_name_or_login ⇒ Object

# File 'app/models/user.rb', line 83

def full_name_or_login
  if full_name.strip.blank?
    login
  else
    full_name
  end
end

#full_name_with_login ⇒ Object

# File 'app/models/user.rb', line 79

def full_name_with_login
  "#{full_name} (#{login})"
end

#guest? ⇒ Boolean

Returns:

• (Boolean)

# File 'app/models/user.rb', line 37

def guest?
  !!@guest
end

#modifiable_sections ⇒ Object

# File 'app/models/user.rb', line 105

def modifiable_sections
  @modifiable_sections ||= Section.find(:all, :include => {:groups => [:group_type, :users]}, :conditions => ["users.id = ? and group_types.cms_access = ?", id, true])
end

#permissions ⇒ Object

# File 'app/models/user.rb', line 97

def permissions
  @permissions ||= Permission.find(:all, :include => {:groups => :users}, :conditions => ["users.id = ?", id])
end

#viewable_sections ⇒ Object

# File 'app/models/user.rb', line 101

def viewable_sections
  @viewable_sections ||= Section.find(:all, :include => {:groups => :users}, :conditions => ["users.id = ?", id])
end