Class: Aker::User

Inherits:

Object

• Object
• Aker::User

Includes:

DeprecatedUser

Defined in:

lib/aker/user.rb

Constant Summary

ATTRIBUTES =

:username, :first_name, :middle_name, :last_name,
:title, :business_phone, :fax, :email, :address, :city, :state, :country

Instance Attribute Summary

• #default_portal ⇒ Symbol^?

  Specifies a default portal to use for subsequent calls which take a portal as a parameter.

• #portals ⇒ Array<Symbol>

  The portals to which this user has access.

Instance Method Summary

• #all_group_memberships ⇒ Hash<Symbol, GroupMemberships>

  Exposes all the group memberships that this instance knows about.

• #full_name ⇒ String

  A display-friendly name for this user.

• #group_memberships(portal = nil) ⇒ GroupMemberships

  Exposes the group memberships for a this user on a particular portal.

• #identifiers ⇒ Hash<Symbol, Object>

  A mapping of identifers that apply to this user.

• #initialize(username, portals = []) ⇒ User constructor

  Creates a new instance.

• #may_access?(portal = nil) ⇒ Boolean

  True if the user has access, otherwise false.

• #merge!(other) ⇒ Aker::User

  Modifies this user record in place, adding attributes from the other user.

• #permit?(*args) ⇒ Object

Constructor Details

#initialize(username, portals = []) ⇒ User

Creates a new instance.

Parameters:

• username (String) —

  the username for this new user

• portals (Array<Symbol>) (defaults to: []) —

  the portals to which this user has access.

# File 'lib/aker/user.rb', line 50

def initialize(username, portals=[])
  @username = username
  @portals = [*portals]
end

Instance Attribute Details

#default_portal ⇒ Symbol^?

Specifies a default portal to use for subsequent calls which take a portal as a parameter.

Returns:

• (Symbol, nil)

# File 'lib/aker/user.rb', line 35

def default_portal
  @default_portal
end

#portals ⇒ Array<Symbol>

The portals to which this user has access.

Returns:

• (Array<Symbol>)

See Also:

• #may_access?

# File 'lib/aker/user.rb', line 42

def portals
  @portals
end

Instance Method Details

#all_group_memberships ⇒ Hash<Symbol, GroupMemberships>

Exposes all the group memberships that this instance knows about. In general, #group_memberships is preferred unless you really need to iterate over everything.

Returns:

• (Hash<Symbol, GroupMemberships>)

# File 'lib/aker/user.rb', line 158

def all_group_memberships
  @gms ||= {}
end

#full_name ⇒ String

A display-friendly name for this user. Uses ‘first_name` and `last_name` if available, otherwise it just uses the username.

Returns:

• (String)

# File 'lib/aker/user.rb', line 109

def full_name
  display_name_parts = [first_name, last_name].compact
  if display_name_parts.empty?
    username
  else
    display_name_parts.join(' ')
  end
end

#group_memberships(portal = nil) ⇒ GroupMemberships

Exposes the group memberships for a this user on a particular portal.

This method never returns ‘nil`. Therefore, its return value should not be used to determine if a user has access to a portal &mdash; only for groups. Use #may_access? to determine portal access.

Parameters:

• portal (#to_sym, nil) (defaults to: nil) —

  the portal to get the memberships for. If nil, uses #default_portal.

Returns:

• (GroupMemberships) —

  for a particular portal

See Also:

• GroupMemberships#include?

# File 'lib/aker/user.rb', line 147

def group_memberships(portal=nil)
  portal = (portal || required_default_portal).to_sym
  all_group_memberships[portal] ||= GroupMemberships.new(portal)
end

#identifiers ⇒ Hash<Symbol, Object>

A mapping of identifers that apply to this user. The values that might be set in this hash are defined by authorities.

Returns:

• (Hash<Symbol, Object>) —

  the identifiers for this user.

Since:

• 2.2.0

# File 'lib/aker/user.rb', line 124

def identifiers
  @identifiers ||= {}
end

#may_access?(portal = nil) ⇒ Boolean

Returns true if the user has access, otherwise false.

Parameters:

• portal (#to_sym, nil) (defaults to: nil) —

  the portal in question. If nil, uses #default_portal.

Returns:

• (Boolean) —

  true if the user has access, otherwise false.

# File 'lib/aker/user.rb', line 59

def may_access?(portal=nil)
  portals.include?((portal || required_default_portal).to_sym)
end

#merge!(other) ⇒ Aker::User

Modifies this user record in place, adding attributes from the other user. Merge rules:

• For portals: the resulting portal list is a union of the portal list for this and the other user.

• For group memberships: group memberships are added from the other user for all portals which this user doesn’t already have group memberships. (That is, the group membership lists for a particular portal are not merged.) This rule is to prevent ambiguity if different authorities have different group hierarchies. In practice only one authority is providing authorization information for a portal, so this shouldn’t matter.

• For identifiers: any identifier in the other user that is not already set in this user is copied over.

• For all other attributes: an attribute is copied from other if that attribute is not already set in this user.

Note that these semantics are different from the semantics of ‘Hash#merge!` in the ruby standard library.

Parameters:

• other (Aker::User) —

  the user from which to take attribute values

Returns:

• (Aker::User) —

  self

# File 'lib/aker/user.rb', line 193

def merge!(other)
  ATTRIBUTES.each do |getter|
    already_set =
      begin
        self.send(getter)
      rescue
        false
      end
    unless already_set
      setter = :"#{getter}="
      value =
        begin
          other.send(getter)
        rescue
          nil # skip inaccessible attributes
        end
      self.send setter, value
    end
  end

  self.default_portal ||= other.default_portal
  self.portals |= other.portals
  other.all_group_memberships.keys.each do |other_portal|
    if self.group_memberships(other_portal).empty?
      self.group_memberships(other_portal).concat(other.group_memberships(other_portal))
    end
  end
  other.identifiers.each do |ident, value|
    identifiers[ident] ||= value
  end

  self
end

#permit?(*groups, options = {}) ⇒ Boolean #permit?(*groups, options = {}, &block) ⇒ Object^?

Overloads:

• #permit?(*groups, options = {}) ⇒ Boolean

  Determines whether this user has access to any of the given groups.

  Parameters:

  • groups (Array<#to_sym>) —

    the names of the groups to query

  • options (Hash) (defaults to: {}) —

    additional constraints on the query

  Options Hash (options):

  • :portal (#to_sym) — default: #default_portal —

    the portal within which to do the group check

  • :affiliate_ids (Array) — default: [] —

    Affiliate ids constraining group membership

  Returns:

  • (Boolean)
• #permit?(*groups, options = {}, &block) ⇒ Object^?

  Evaluates the given block if the user is in any of the given groups.

  Parameters:

  • groups (Array<#to_sym>) —

    the names of the groups to use as the condition

  • options (Hash) (defaults to: {}) —

    additional constraints on the condition

  Options Hash (options):

  • :portal (#to_sym) — default: #default_portal —

    the portal within which to do the group check

  • :affiliate_ids (Array) — default: [] —

    Affiliate ids constraining group membership

  Returns:

  • (Object, nil) —

    the value of the block if it is executed; otherwise nil

# File 'lib/aker/user.rb', line 85

def permit?(*args)
  options = args.last.is_a?(Hash) ? args.pop : { }
  portal = options[:portal] || default_portal
  affiliate_ids = options[:affiliate_ids] || []

  permitted =
    if args.empty?
      may_access?(portal)
    else
      args.detect { |group| group_memberships(portal).include?(group.to_sym, *affiliate_ids) }
    end

  if block_given?
    permitted ? yield : nil
  else
    permitted
  end
end