Class: Cms::User
- Inherits:
-
ActiveRecord::Base
- Object
- ActiveRecord::Base
- Cms::User
- Includes:
- Authentication::Model
- Defined in:
- app/models/cms/user.rb
Direct Known Subclasses
Class Method Summary collapse
Instance Method Summary collapse
-
#able_to?(*required_permissions) ⇒ Boolean
Expects a list of names of Permissions true if the user has any of the permissions.
-
#able_to_edit?(object) ⇒ Boolean
Expects node to be a Section, Page or Link Returns true if the specified node, or any of its ancestor sections, is editable by any of the user’s ‘CMS User’ groups.
- #able_to_edit_or_publish_content? ⇒ Boolean
- #able_to_modify?(object) ⇒ Boolean
- #able_to_publish?(object) ⇒ Boolean
-
#able_to_view?(object) ⇒ Boolean
Determine if this user has permission to view the specific object.
-
#cms_access? ⇒ Boolean
Determines if this user should have access to the CMS administration tools.
- #disable ⇒ Object
- #disable! ⇒ Object
- #enable ⇒ Object
- #enable! ⇒ Object
- #expired? ⇒ Boolean
-
#expires_at_formatted ⇒ Object
This is to show a formated date on the input form.
- #full_name ⇒ Object
- #full_name_or_login ⇒ Object
- #full_name_with_login ⇒ Object
- #guest? ⇒ Boolean
- #modifiable_sections ⇒ Object
- #permissions ⇒ Object
- #viewable_sections ⇒ Object
Class Method Details
.current ⇒ Object
28 29 30 |
# File 'app/models/cms/user.rb', line 28 def self.current Thread.current[:cms_user] end |
.current=(user) ⇒ Object
32 33 34 |
# File 'app/models/cms/user.rb', line 32 def self.current=(user) Thread.current[:cms_user] = user end |
Instance Method Details
#able_to?(*required_permissions) ⇒ Boolean
Expects a list of names of Permissions true if the user has any of the permissions
114 115 116 117 118 119 |
# File 'app/models/cms/user.rb', line 114 def able_to?(*) perms = .map(&:to_sym) .any? do |p| perms.include?(p.name.to_sym) end end |
#able_to_edit?(object) ⇒ Boolean
Expects node to be a Section, Page or Link Returns true if the specified node, or any of its ancestor sections, is editable by any of the user’s ‘CMS User’ groups.
160 161 162 |
# File 'app/models/cms/user.rb', line 160 def able_to_edit?(object) able_to?(:edit_content) && able_to_modify?(object) end |
#able_to_edit_or_publish_content? ⇒ Boolean
168 169 170 |
# File 'app/models/cms/user.rb', line 168 def able_to_edit_or_publish_content? able_to?(:edit_content, :publish_content) end |
#able_to_modify?(object) ⇒ Boolean
142 143 144 145 146 147 148 149 150 151 152 153 154 155 |
# File 'app/models/cms/user.rb', line 142 def able_to_modify?(object) case object when Cms::Section modifiable_sections.include?(object) when Cms::Page, Cms::Link modifiable_sections.include?(object.section) else if object.class.respond_to?(:connectable?) && object.class.connectable? object.connected_pages.all? { |page| able_to_modify?(page) } else true end end end |
#able_to_publish?(object) ⇒ Boolean
164 165 166 |
# File 'app/models/cms/user.rb', line 164 def able_to_publish?(object) able_to?(:publish_content) && able_to_modify?(object) end |
#able_to_view?(object) ⇒ Boolean
Determine if this user has permission to view the specific object. Permissions
are always tied to a specific section. This method can take different input parameters
and will attempt to determine the relevant section to check.
Expects object to be of type:
1. Section - Will check the user's groups to see if any of those groups can view this section.
2. Path - Will look up the section based on the path, then check it. (Note that section paths are not currently unique, so this will check the first one it finds).
3. Other - Assumes it has a section attribute and will call that and check the return value.
Returns: true if the user can view this object, false otherwise. Raises: ActiveRecord::RecordNotFound if a path to a not existent section is passed in.
131 132 133 134 135 136 137 138 139 140 |
# File 'app/models/cms/user.rb', line 131 def able_to_view?(object) section = object if object.is_a?(String) section = Cms::Section.find_by_path(object) raise ActiveRecord::RecordNotFound.new("Could not find section with path = '#{object}'") unless section elsif !object.is_a?(Cms::Section) section = object.section end viewable_sections.include?(section) || cms_access? end |
#cms_access? ⇒ Boolean
Determines if this user should have access to the CMS administration tools. Can be overridden by specific users (like GuestUser) which may not need to check the database for that information.
46 47 48 |
# File 'app/models/cms/user.rb', line 46 def cms_access? groups.cms_access.count > 0 end |
#disable ⇒ Object
50 51 52 53 54 55 56 |
# File 'app/models/cms/user.rb', line 50 def disable if self.class.count(:conditions => ["expires_at is null and id != ?", id]) > 0 self.expires_at = Time.now - 2.minutes else false end end |
#disable! ⇒ Object
58 59 60 61 62 63 |
# File 'app/models/cms/user.rb', line 58 def disable! unless disable raise "You must have at least 1 enabled user" end save! end |
#enable ⇒ Object
69 70 71 |
# File 'app/models/cms/user.rb', line 69 def enable self.expires_at = nil end |
#enable! ⇒ Object
73 74 75 76 |
# File 'app/models/cms/user.rb', line 73 def enable! enable save! end |
#expired? ⇒ Boolean
65 66 67 |
# File 'app/models/cms/user.rb', line 65 def expired? expires_at && expires_at <= Time.now end |
#expires_at_formatted ⇒ Object
This is to show a formated date on the input form. I’m unsure that this is the best way to solve this, but it works.
96 97 98 |
# File 'app/models/cms/user.rb', line 96 def expires_at_formatted expires_at ? (expires_at.strftime '%m/%d/%Y') : nil end |
#full_name ⇒ Object
78 79 80 |
# File 'app/models/cms/user.rb', line 78 def full_name [first_name, last_name].reject { |e| e.nil? }.join(" ") end |
#full_name_or_login ⇒ Object
86 87 88 89 90 91 92 |
# File 'app/models/cms/user.rb', line 86 def full_name_or_login if full_name.strip.blank? login else full_name end end |
#full_name_with_login ⇒ Object
82 83 84 |
# File 'app/models/cms/user.rb', line 82 def full_name_with_login "#{full_name} (#{login})" end |
#guest? ⇒ Boolean
40 41 42 |
# File 'app/models/cms/user.rb', line 40 def guest? !!@guest end |
#modifiable_sections ⇒ Object
108 109 110 |
# File 'app/models/cms/user.rb', line 108 def modifiable_sections @modifiable_sections ||= Cms::Section.find(:all, :include => {:groups => [:group_type, :users]}, :conditions => ["#{Cms::User.table_name}.id = ? and #{GroupType.table_name}.cms_access = ?", id, true]) end |
#permissions ⇒ Object
100 101 102 |
# File 'app/models/cms/user.rb', line 100 def @permissions ||= Cms::Permission.find(:all, :include => {:groups => :users}, :conditions => ["#{User.table_name}.id = ?", id]) end |