Class: User
- Inherits:
-
ActiveRecord::Base
- Object
- ActiveRecord::Base
- User
- Includes:
- ActiveModel::Validations, ErpTechSvcs::Utils::CompassAccessNegotiator
- Defined in:
- app/models/user.rb
Instance Attribute Summary collapse
-
#password_validator ⇒ Object
Returns the value of attribute password_validator.
-
#skip_activation_email ⇒ Object
Returns the value of attribute skip_activation_email.
Instance Method Summary collapse
-
#add_group(group) ⇒ Object
Add a group to this user.
-
#add_groups(_groups) ⇒ Object
Add multiple groups to this user.
- #add_instance_attribute(k, v) ⇒ Object
- #add_role(role) ⇒ Object (also: #add_security_role)
- #add_roles(*passed_roles) ⇒ Object (also: #add_security_roles)
- #all_capabilities ⇒ Object
- #all_class_capabilities ⇒ Object
-
#all_roles ⇒ Object
composite roles for this user.
- #all_uniq_capabilities ⇒ Object
- #all_uniq_class_capabilities ⇒ Object
- #all_uniq_roles ⇒ Object
- #class_capabilities_to_hash ⇒ Object
- #email_cannot_match_username_of_other_user ⇒ Object
-
#generate_auth_token! ⇒ Object
auth token used for mobile app security.
- #group_capabilities ⇒ Object
- #group_class_capabilities ⇒ Object
-
#group_parties ⇒ Object
party records for the groups this user belongs to.
-
#group_roles ⇒ Object
roles assigned to the groups this user belongs to.
-
#groups ⇒ Object
groups this user belongs to.
-
#groups_not ⇒ Object
groups this user does NOT belong to.
- #has_role?(*passed_roles) ⇒ Boolean
-
#instance_attributes ⇒ Object
these two methods allow us to assign instance level attributes that are not persisted.
-
#remove_all_groups ⇒ Object
Remove all current groups from this user.
- #remove_all_roles ⇒ Object (also: #remove_all_security_roles)
-
#remove_group(group) ⇒ Object
Remove a group from this user.
-
#remove_groups(_groups) ⇒ Object
Remove multiple groups from this user.
- #remove_role(role) ⇒ Object (also: #remove_security_role)
- #remove_roles(*passed_roles) ⇒ Object (also: #remove_security_roles)
- #role_capabilities ⇒ Object
- #role_class_capabilities ⇒ Object
-
#roles ⇒ Object
roles this user has.
-
#roles_not ⇒ Object
roles this user does NOT have.
-
#send_activation_needed_email! ⇒ Object
This allows the disabling of the activation email sent via the sorcery user_activation submodule.
- #to_data_hash ⇒ Object
Methods included from ErpTechSvcs::Utils::CompassAccessNegotiator
#has_capability?, #with_capability
Instance Attribute Details
#password_validator ⇒ Object
Returns the value of attribute password_validator.
5 6 7 |
# File 'app/models/user.rb', line 5 def password_validator @password_validator end |
#skip_activation_email ⇒ Object
Returns the value of attribute skip_activation_email.
5 6 7 |
# File 'app/models/user.rb', line 5 def skip_activation_email @skip_activation_email end |
Instance Method Details
#add_group(group) ⇒ Object
Add a group to this user
137 138 139 |
# File 'app/models/user.rb', line 137 def add_group(group) group.add_user(self) end |
#add_groups(_groups) ⇒ Object
Add multiple groups to this user
144 145 146 147 148 |
# File 'app/models/user.rb', line 144 def add_groups(_groups) _groups.each do |group| add_group(group) end end |
#add_instance_attribute(k, v) ⇒ Object
53 54 55 56 |
# File 'app/models/user.rb', line 53 def add_instance_attribute(k, v) @instance_attrs = {} if @instance_attrs.nil? @instance_attrs[k] = v end |
#add_role(role) ⇒ Object Also known as: add_security_role
82 83 84 |
# File 'app/models/user.rb', line 82 def add_role(role) party.add_role(role) end |
#add_roles(*passed_roles) ⇒ Object Also known as: add_security_roles
88 89 90 |
# File 'app/models/user.rb', line 88 def add_roles(*passed_roles) party.add_roles(*passed_roles) end |
#all_capabilities ⇒ Object
198 199 200 201 202 203 204 205 206 |
# File 'app/models/user.rb', line 198 def all_capabilities Capability.includes(:capability_type).joins(:capability_type).joins(:capability_accessors). where("(capability_accessors.capability_accessor_record_type = 'Group' AND capability_accessor_record_id IN (#{groups.select('groups.id').to_sql})) OR (capability_accessors.capability_accessor_record_type = 'SecurityRole' AND capability_accessor_record_id IN (#{all_roles.select('security_roles.id').to_sql})) OR (capability_accessors.capability_accessor_record_type = 'User' AND capability_accessor_record_id = #{self.id})") end |
#all_class_capabilities ⇒ Object
222 223 224 225 |
# File 'app/models/user.rb', line 222 def all_class_capabilities scope_type = ScopeType.find_by_internal_identifier('class') all_capabilities.where(:scope_type_id => scope_type.id) end |
#all_roles ⇒ Object
composite roles for this user
175 176 177 178 179 180 |
# File 'app/models/user.rb', line 175 def all_roles SecurityRole.joins(:parties).joins("LEFT JOIN users ON parties.id=users.party_id"). where("(parties.business_party_type='Group' AND parties.business_party_id IN (#{groups.select('groups.id').to_sql})) OR (users.id=#{self.id})") end |
#all_uniq_capabilities ⇒ Object
208 209 210 |
# File 'app/models/user.rb', line 208 def all_uniq_capabilities all_capabilities.all.uniq end |
#all_uniq_class_capabilities ⇒ Object
227 228 229 |
# File 'app/models/user.rb', line 227 def all_uniq_class_capabilities all_class_capabilities.all.uniq end |
#all_uniq_roles ⇒ Object
182 183 184 |
# File 'app/models/user.rb', line 182 def all_uniq_roles all_roles.all.uniq end |
#class_capabilities_to_hash ⇒ Object
231 232 233 234 235 236 237 238 |
# File 'app/models/user.rb', line 231 def class_capabilities_to_hash all_uniq_class_capabilities.map { |capability| { capability_type_iid: capability.capability_type.internal_identifier, capability_type_description: capability.capability_type.description, capability_resource_type: capability.capability_resource_type } }.compact end |
#email_cannot_match_username_of_other_user ⇒ Object
30 31 32 33 34 |
# File 'app/models/user.rb', line 30 def email_cannot_match_username_of_other_user unless User.where(:username => self.email).where('id != ?', self.id).first.nil? errors.add(:email, "In use by another user") end end |
#generate_auth_token! ⇒ Object
auth token used for mobile app security
37 38 39 40 41 |
# File 'app/models/user.rb', line 37 def generate_auth_token! self.auth_token = SecureRandom.uuid self.auth_token_expires_at = Time.now + 30.days self.save end |
#group_capabilities ⇒ Object
186 187 188 189 190 |
# File 'app/models/user.rb', line 186 def group_capabilities Capability.includes(:capability_type).joins(:capability_type).joins(:capability_accessors). where(:capability_accessors => {:capability_accessor_record_type => "Group"}). where("capability_accessor_record_id IN (#{groups.select('groups.id').to_sql})") end |
#group_class_capabilities ⇒ Object
212 213 214 215 |
# File 'app/models/user.rb', line 212 def group_class_capabilities scope_type = ScopeType.find_by_internal_identifier('class') group_capabilities.where(:scope_type_id => scope_type.id) end |
#group_parties ⇒ Object
party records for the groups this user belongs to
113 114 115 |
# File 'app/models/user.rb', line 113 def group_parties Party.joins("JOIN #{group_member_join}") end |
#group_roles ⇒ Object
roles assigned to the groups this user belongs to
128 129 130 131 132 |
# File 'app/models/user.rb', line 128 def group_roles SecurityRole.joins(:parties). where(:parties => {:business_party_type => 'Group'}). where("parties.business_party_id IN (#{groups.select('groups.id').to_sql})") end |
#groups ⇒ Object
groups this user belongs to
118 119 120 |
# File 'app/models/user.rb', line 118 def groups Group.joins(:party).joins("JOIN #{group_member_join}") end |
#groups_not ⇒ Object
groups this user does NOT belong to
123 124 125 |
# File 'app/models/user.rb', line 123 def groups_not Group.joins(:party).joins("LEFT JOIN #{group_member_join}").where("party_relationships.id IS NULL") end |
#has_role?(*passed_roles) ⇒ Boolean
68 69 70 71 72 73 74 75 76 77 78 79 80 |
# File 'app/models/user.rb', line 68 def has_role?(*passed_roles) result = false passed_roles.flatten! passed_roles.each do |role| role_iid = role.is_a?(SecurityRole) ? role.internal_identifier : role.to_s all_uniq_roles.each do |this_role| result = true if (this_role.internal_identifier == role_iid) break if result end break if result end result end |
#instance_attributes ⇒ Object
these two methods allow us to assign instance level attributes that are not persisted. These are used for mailers
49 50 51 |
# File 'app/models/user.rb', line 49 def instance_attributes @instance_attrs.nil? ? {} : @instance_attrs end |
#remove_all_groups ⇒ Object
Remove all current groups from this user
168 169 170 171 172 |
# File 'app/models/user.rb', line 168 def remove_all_groups groups.each do |group| remove_group(group) end end |
#remove_all_roles ⇒ Object Also known as: remove_all_security_roles
106 107 108 |
# File 'app/models/user.rb', line 106 def remove_all_roles party.remove_all_roles end |
#remove_group(group) ⇒ Object
Remove a group from this user
153 154 155 |
# File 'app/models/user.rb', line 153 def remove_group(group) group.remove_user(self) end |
#remove_groups(_groups) ⇒ Object
Remove multiple groups from this user
160 161 162 163 164 |
# File 'app/models/user.rb', line 160 def remove_groups(_groups) _groups.each do |group| remove_group(group) end end |
#remove_role(role) ⇒ Object Also known as: remove_security_role
100 101 102 |
# File 'app/models/user.rb', line 100 def remove_role(role) party.remove_role(role) end |
#remove_roles(*passed_roles) ⇒ Object Also known as: remove_security_roles
94 95 96 |
# File 'app/models/user.rb', line 94 def remove_roles(*passed_roles) party.remove_roles(*passed_roles) end |
#role_capabilities ⇒ Object
192 193 194 195 196 |
# File 'app/models/user.rb', line 192 def role_capabilities Capability.includes(:capability_type).joins(:capability_type).joins(:capability_accessors). where(:capability_accessors => {:capability_accessor_record_type => "SecurityRole"}). where("capability_accessor_record_id IN (#{all_roles.select('security_roles.id').to_sql})") end |
#role_class_capabilities ⇒ Object
217 218 219 220 |
# File 'app/models/user.rb', line 217 def role_class_capabilities scope_type = ScopeType.find_by_internal_identifier('class') role_capabilities.where(:scope_type_id => scope_type.id) end |
#roles ⇒ Object
roles this user has
64 65 66 |
# File 'app/models/user.rb', line 64 def roles party.security_roles end |
#roles_not ⇒ Object
roles this user does NOT have
59 60 61 |
# File 'app/models/user.rb', line 59 def roles_not party.roles_not end |
#send_activation_needed_email! ⇒ Object
This allows the disabling of the activation email sent via the sorcery user_activation submodule
44 45 46 |
# File 'app/models/user.rb', line 44 def send_activation_needed_email! super unless skip_activation_email end |
#to_data_hash ⇒ Object
240 241 242 243 244 245 246 247 248 249 250 251 252 253 254 255 256 257 258 259 260 261 262 263 264 265 266 |
# File 'app/models/user.rb', line 240 def to_data_hash data = to_hash(only: [ :auth_token, :id, :username, :email, :activation_state, :last_login_at, :last_logout_at, :last_activity_at, :failed_logins_count, :created_at, :updated_at ], display_name: party.description, is_admin: party.has_security_role?('admin'), party: party.to_data_hash ) # add first name and last name if this party is an Individual if self.party.business_party.is_a?(Individual) data[:first_name] = self.party.business_party.current_first_name data[:last_name] = self.party.business_party.current_last_name end data end |