Class: EgovUtils::User
Constant Summary
collapse
- DEFAULT_ROLE =
nil
Class Method Summary
collapse
Instance Method Summary
collapse
Methods inherited from Principal
#auth_source, #ldap?, #ldap_domain, #organization_by_domain, #organization_id, #organization_id_by_key, #organization_key, #organization_with_suborganizations_ids, #organization_with_suborganizations_keys, #reload
Class Method Details
.anonymous ⇒ Object
79
80
81
|
# File 'app/models/egov_utils/user.rb', line 79
def self.anonymous
self.new
end
|
.authenticate(login, password, active_only = true) ⇒ Object
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
|
# File 'app/models/egov_utils/user.rb', line 41
def self.authenticate(login, password, active_only=true)
login = login.to_s
password = password.to_s
return nil if login.empty? || password.empty?
user = find_by(login: login) || where( arel_table[:login].lower.eq(login.downcase) ).first
if user
return nil unless user.password_check?(password)
return nil if active_only && !user.active?
else
attrs = EgovUtils::AuthSource.authenticate(login, password)
if attrs
user = new(attrs.merge(active: true))
if user.ldap_register_allowed? && user.save
user.reload
logger.info("User '#{user.login}' created from external auth source: #{user.provider}") if logger && user.auth_source
end
end
end
if user && !user.new_record?
if user.days_before_inactive && (user.last_login_at || user.created_at) < (Time.now - user.days_before_inactive.days)
user.update_column(:active, false)
end
user.update_column(:last_login_at, Time.now) if user.active?
end
user
end
|
.current ⇒ Object
87
88
89
|
# File 'app/models/egov_utils/user.rb', line 87
def self.current
RequestLocals.fetch(:current_user) { User.anonymous }
end
|
.current=(user) ⇒ Object
83
84
85
|
# File 'app/models/egov_utils/user.rb', line 83
def self.current=(user)
RequestLocals.store[:current_user] = user || anonymous
end
|
Instance Method Details
#admin? ⇒ Boolean
127
128
129
|
# File 'app/models/egov_utils/user.rb', line 127
def admin?
has_role?('admin')
end
|
#all_role_names ⇒ Object
135
136
137
138
139
|
# File 'app/models/egov_utils/user.rb', line 135
def all_role_names
@all_role_names ||= groups.map(&:roles).flatten + roles
@all_role_names << DEFAULT_ROLE if DEFAULT_ROLE && !@all_role_names.any?
@all_role_names
end
|
#all_roles ⇒ Object
141
142
143
|
# File 'app/models/egov_utils/user.rb', line 141
def all_roles
all_role_names.map{|rn| EgovUtils::UserUtils::Role.find(rn) }.compact.collect{|cls| cls.new }
end
|
#fullname ⇒ Object
123
124
125
|
# File 'app/models/egov_utils/user.rb', line 123
def fullname
"#{firstname} #{lastname}"
end
|
#generate_reset_password_token ⇒ Object
164
165
166
167
|
# File 'app/models/egov_utils/user.rb', line 164
def generate_reset_password_token
self.confirmation_code = nil
generate_confirmation_code
end
|
#has_role?(role_name) ⇒ Boolean
131
132
133
|
# File 'app/models/egov_utils/user.rb', line 131
def has_role?(role_name)
all_role_names.include?(role_name)
end
|
#ldap_dn ⇒ Object
145
146
147
148
149
150
|
# File 'app/models/egov_utils/user.rb', line 145
def ldap_dn
@ldap_dn ||= begin
dn = auth_source.send(:get_user_dn, login)
dn[:dn] if dn
end
end
|
#ldap_groups ⇒ Object
152
153
154
|
# File 'app/models/egov_utils/user.rb', line 152
def ldap_groups
groups.where.not(ldap_uid: nil)
end
|
#ldap_register_allowed? ⇒ Boolean
99
100
101
|
# File 'app/models/egov_utils/user.rb', line 99
def ldap_register_allowed?
auth_source && auth_source.register_members_only? && ldap_groups.any?
end
|
#locked? ⇒ Boolean
119
120
121
|
# File 'app/models/egov_utils/user.rb', line 119
def locked?
false
end
|
#logged? ⇒ Boolean
115
116
117
|
# File 'app/models/egov_utils/user.rb', line 115
def logged?
persisted?
end
|
#must_change_password? ⇒ Boolean
156
157
158
|
# File 'app/models/egov_utils/user.rb', line 156
def must_change_password?
(super || password_expired?) && !provider?
end
|
#password_change_possible? ⇒ Boolean
111
112
113
|
# File 'app/models/egov_utils/user.rb', line 111
def password_change_possible?
!provider.present?
end
|
#password_check?(password) ⇒ Boolean
103
104
105
106
107
108
109
|
# File 'app/models/egov_utils/user.rb', line 103
def password_check?(password)
if provider.present?
auth_source.authenticate(login, password)
else
authenticate(password)
end
end
|
#password_expired? ⇒ Boolean
160
161
162
|
# File 'app/models/egov_utils/user.rb', line 160
def password_expired?
false
end
|
#roles ⇒ Object
95
96
97
|
# File 'app/models/egov_utils/user.rb', line 95
def roles
logged? ? super : ['anonymous']
end
|
#to_s ⇒ Object
91
92
93
|
# File 'app/models/egov_utils/user.rb', line 91
def to_s
fullname
end
|