Class: User

Inherits:
ActiveRecord::Base
  • Object
show all
Defined in:
app/models/user.rb

Direct Known Subclasses

AnonymousUser

Constant Summary

STATUS_ANONYMOUS =

Account statuses

0
STATUS_ACTIVE =
1
STATUS_REGISTERED =
2
STATUS_LOCKED =
3
USER_FORMATS =
{
  :firstname_lastname => '#{firstname} #{lastname}',
  :firstname => '#{firstname}',
  :lastname_firstname => '#{lastname} #{firstname}',
  :lastname_coma_firstname => '#{lastname}, #{firstname}',
  :username => '#{login}'
}

Instance Attribute Summary collapse

Class Method Summary collapse

Instance Method Summary collapse

Instance Attribute Details

#last_before_login_onObject

Returns the value of attribute last_before_login_on



51
52
53
# File 'app/models/user.rb', line 51

def 
  @last_before_login_on
end

#passwordObject

Returns the value of attribute password



50
51
52
# File 'app/models/user.rb', line 50

def password
  @password
end

#password_confirmationObject

Returns the value of attribute password_confirmation



50
51
52
# File 'app/models/user.rb', line 50

def password_confirmation
  @password_confirmation
end

Class Method Details

.anonymousObject



289
290
291
292
293
294
295
296
# File 'app/models/user.rb', line 289

def self.anonymous
  anonymous_user = AnonymousUser.find(:first)
  if anonymous_user.nil?
    anonymous_user = AnonymousUser.create(:lastname => 'Anonymous', :firstname => '', :mail => '', :login => '', :status => 0)
    raise 'Unable to create the anonymous user.' if anonymous_user.new_record?
  end
  anonymous_user
end

.currentObject



285
286
287
# File 'app/models/user.rb', line 285

def self.current
  @current_user ||= User.anonymous
end

.current=(user) ⇒ Object



281
282
283
# File 'app/models/user.rb', line 281

def self.current=(user)
  @current_user = user
end

.find_by_mail(mail) ⇒ Object

Makes find_by_mail case-insensitive



212
213
214
# File 'app/models/user.rb', line 212

def self.find_by_mail(mail)
  find(:first, :conditions => ["LOWER(mail) = ?", mail.to_s.downcase])
end

.find_by_rss_key(key) ⇒ Object



206
207
208
209
# File 'app/models/user.rb', line 206

def self.find_by_rss_key(key)
  token = Token.find_by_value(key)
  token && token.user.active? ? token.user : nil
end

.try_to_autologin(key) ⇒ Object

Returns the user who matches the given autologin key or nil



131
132
133
134
135
136
137
# File 'app/models/user.rb', line 131

def self.try_to_autologin(key)
  token = Token.find_by_action_and_value('autologin', key)
  if token && (token.created_on > Setting.autologin.to_i.day.ago) && token.user && token.user.active?
    token.user.update_attribute(:last_login_on, Time.now)
    token.user
  end
end

.try_to_login(login, password) ⇒ Object

Returns the user that matches provided login and password, or nil



97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
# File 'app/models/user.rb', line 97

def self.(, password)
  # Make sure no one can sign in with an empty password
  return nil if password.to_s.empty?
  user = find(:first, :conditions => ["login=?", ])
  if user
    # user is already in local database
    return nil if !user.active?
    if user.auth_source
      # user has an external authentication method
      return nil unless user.auth_source.authenticate(, password)
    else
      # authentication with local password
      return nil unless User.hash_password(password) == user.hashed_password        
    end
  else
    # user is not yet registered, try to authenticate with available sources
    attrs = AuthSource.authenticate(, password)
    if attrs
      user = new(*attrs)
      user. = 
      user.language = Setting.default_language
      if user.save
        user.reload
        logger.info("User '#{user.}' created from the LDAP") if logger
      end
    end
  end    
  user.update_attribute(:last_login_on, Time.now) if user && !user.new_record?
  user
rescue => text
  raise text
end

Instance Method Details

#<=>(user) ⇒ Object

Sort users by their display names



217
218
219
# File 'app/models/user.rb', line 217

def <=>(user)
  self.to_s.downcase <=> user.to_s.downcase
end

#active?Boolean



148
149
150
# File 'app/models/user.rb', line 148

def active?
  self.status == STATUS_ACTIVE
end

#allowed_to?(action, project, options = {}) ⇒ Boolean

Return true if the user is allowed to do the specified action on project action can be:

  • a parameter-like Hash (eg. :controller => 'projects', :action => 'edit')

  • a permission Symbol (eg. :edit_project)



259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
# File 'app/models/user.rb', line 259

def allowed_to?(action, project, options={})
  if project
    # No action allowed on archived projects
    return false unless project.active?
    # No action allowed on disabled modules
    return false unless project.allows_to?(action)
    # Admin users are authorized for anything else
    return true if admin?
    
    role = role_for_project(project)
    return false unless role
    role.allowed_to?(action) && (project.is_public? || role.member?)
    
  elsif options[:global]
    # authorize if user has at least one role that has this permission
    roles = memberships.collect {|m| m.role}.uniq
    roles.detect {|r| r.allowed_to?(action)} || (self.logged? ? Role.non_member.allowed_to?(action) : Role.anonymous.allowed_to?(action))
  else
    false
  end
end

#anonymous?Boolean



229
230
231
# File 'app/models/user.rb', line 229

def anonymous?
  !logged?
end

#before_createObject



68
69
70
71
# File 'app/models/user.rb', line 68

def before_create
  self.mail_notification = false
  true
end

#before_saveObject



73
74
75
76
# File 'app/models/user.rb', line 73

def before_save
  # update hashed_password if password was set
  self.hashed_password = User.hash_password(self.password) if self.password
end

#check_password?(clear_password) ⇒ Boolean



160
161
162
# File 'app/models/user.rb', line 160

def check_password?(clear_password)
  User.hash_password(clear_password) == self.hashed_password
end

#identity_url=(url) ⇒ Object



83
84
85
86
87
88
89
90
91
92
93
94
# File 'app/models/user.rb', line 83

def identity_url=(url)
  if url.blank?
    write_attribute(:identity_url, '')
  else
    begin
      write_attribute(:identity_url, OpenIdAuthentication.normalize_identifier(url))
    rescue OpenIdAuthentication::InvalidOpenId
      # Invlaid url, don't save
    end
  end
  self.read_attribute(:identity_url)
end

#locked?Boolean



156
157
158
# File 'app/models/user.rb', line 156

def locked?
  self.status == STATUS_LOCKED
end

#logged?Boolean



225
226
227
# File 'app/models/user.rb', line 225

def logged?
  true
end

#member_of?(project) ⇒ Boolean

Return true if the user is a member of project



251
252
253
# File 'app/models/user.rb', line 251

def member_of?(project)
  role_for_project(project).member?
end

#name(formatter = nil) ⇒ Object

Return user's full name for display



140
141
142
143
144
145
146
# File 'app/models/user.rb', line 140

def name(formatter = nil)
  if formatter
    eval('"' + (USER_FORMATS[formatter] || USER_FORMATS[:firstname_lastname]) + '"')
  else
    @name ||= eval('"' + (USER_FORMATS[Setting.user_format] || USER_FORMATS[:firstname_lastname]) + '"')
  end
end

#notified_project_ids=(ids) ⇒ Object



199
200
201
202
203
204
# File 'app/models/user.rb', line 199

def notified_project_ids=(ids)
  Member.update_all("mail_notification = #{connection.quoted_false}", ['user_id = ?', id])
  Member.update_all("mail_notification = #{connection.quoted_true}", ['user_id = ? AND project_id IN (?)', id, ids]) if ids && !ids.empty?
  @notified_projects_ids = nil
  notified_projects_ids
end

#notified_projects_idsObject

Return an array of project ids for which the user has explicitly turned mail notifications on



195
196
197
# File 'app/models/user.rb', line 195

def notified_projects_ids
  @notified_projects_ids ||= memberships.select {|m| m.mail_notification?}.collect(&:project_id)
end

#prefObject



176
177
178
# File 'app/models/user.rb', line 176

def pref
  self.preference ||= UserPreference.new(:user => self)
end

#random_passwordObject

Generate and set a random password. Useful for automated user creation Based on Token#generate_token_value



167
168
169
170
171
172
173
174
# File 'app/models/user.rb', line 167

def random_password
  chars = ("a".."z").to_a + ("A".."Z").to_a + ("0".."9").to_a
  password = ''
  40.times { |i| password << chars[rand(chars.size-1)] }
  self.password = password
  self.password_confirmation = password
  self
end

#registered?Boolean



152
153
154
# File 'app/models/user.rb', line 152

def registered?
  self.status == STATUS_REGISTERED
end

#reload(*args) ⇒ Object



78
79
80
81
# File 'app/models/user.rb', line 78

def reload(*args)
  @name = nil
  super
end

#role_for_project(project) ⇒ Object

Return user's role for project



234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
# File 'app/models/user.rb', line 234

def role_for_project(project)
  # No role on archived projects
  return nil unless project && project.active?
  if logged?
    # Find project membership
    membership = memberships.detect {|m| m.project_id == project.id}
    if membership
      membership.role
    else
      @role_non_member ||= Role.non_member
    end
  else
    @role_anonymous ||= Role.anonymous
  end
end

#rss_keyObject

Return user's RSS key (a 40 chars long string), used to access feeds



189
190
191
192
# File 'app/models/user.rb', line 189

def rss_key
  token = self.rss_token || Token.create(:user => self, :action => 'feeds')
  token.value
end

#time_zoneObject



180
181
182
# File 'app/models/user.rb', line 180

def time_zone
  @time_zone ||= (self.pref.time_zone.blank? ? nil : ActiveSupport::TimeZone[self.pref.time_zone])
end

#to_sObject



221
222
223
# File 'app/models/user.rb', line 221

def to_s
  name
end

#wants_comments_in_reverse_order?Boolean



184
185
186
# File 'app/models/user.rb', line 184

def wants_comments_in_reverse_order?
  self.pref[:comments_sorting] == 'desc'
end