Class: User

Inherits:

ActiveRecord::Base

• Object
• ActiveRecord::Base
• User

Includes:

ActiveModel::Validations, ErpTechSvcs::Utils::CompassAccessNegotiator

Defined in:

app/models/user.rb

Instance Attribute Summary

• #password_validator ⇒ Object

  Returns the value of attribute password_validator.

• #skip_activation_email ⇒ Object

  Returns the value of attribute skip_activation_email.

Instance Method Summary

• #add_group(group) ⇒ Object

  Add a group to this user.

• #add_groups(_groups) ⇒ Object

  Add multiple groups to this user.

• #add_instance_attribute(k, v) ⇒ Object
• #add_role(role) ⇒ Object (also: #add_security_role)
• #add_roles(*passed_roles) ⇒ Object (also: #add_security_roles)
• #all_capabilities ⇒ Object
• #all_class_capabilities ⇒ Object
• #all_roles ⇒ Object

  composite roles for this user.

• #all_uniq_capabilities ⇒ Object
• #all_uniq_class_capabilities ⇒ Object
• #all_uniq_roles ⇒ Object
• #class_capabilities_to_hash ⇒ Object
• #email_cannot_match_username_of_other_user ⇒ Object
• #generate_auth_token! ⇒ Object

  auth token used for mobile app security.

• #group_capabilities ⇒ Object
• #group_class_capabilities ⇒ Object
• #group_parties ⇒ Object

  party records for the groups this user belongs to.

• #group_roles ⇒ Object

  roles assigned to the groups this user belongs to.

• #groups ⇒ Object

  groups this user belongs to.

• #groups_not ⇒ Object

  groups this user does NOT belong to.

• #has_role?(*passed_roles) ⇒ Boolean
• #instance_attributes ⇒ Object

  these two methods allow us to assign instance level attributes that are not persisted.

• #remove_all_groups ⇒ Object

  Remove all current groups from this user.

• #remove_all_roles ⇒ Object (also: #remove_all_security_roles)
• #remove_group(group) ⇒ Object

  Remove a group from this user.

• #remove_groups(_groups) ⇒ Object

  Remove multiple groups from this user.

• #remove_role(role) ⇒ Object (also: #remove_security_role)
• #remove_roles(*passed_roles) ⇒ Object (also: #remove_security_roles)
• #role_capabilities ⇒ Object
• #role_class_capabilities ⇒ Object
• #roles ⇒ Object

  roles this user has.

• #roles_not ⇒ Object

  roles this user does NOT have.

• #send_activation_needed_email! ⇒ Object

  This allows the disabling of the activation email sent via the sorcery user_activation submodule.

• #to_data_hash ⇒ Object

Methods included from ErpTechSvcs::Utils::CompassAccessNegotiator

#has_capability?, #with_capability

Instance Attribute Details

#password_validator ⇒ Object

Returns the value of attribute password_validator.

# File 'app/models/user.rb', line 5

def password_validator
  @password_validator
end

#skip_activation_email ⇒ Object

Returns the value of attribute skip_activation_email.

# File 'app/models/user.rb', line 5

def skip_activation_email
  @skip_activation_email
end

Instance Method Details

#add_group(group) ⇒ Object

Add a group to this user

Parameters:

• group (Group) —

  Group to add

# File 'app/models/user.rb', line 137

def add_group(group)
  group.add_user(self)
end

#add_groups(_groups) ⇒ Object

Add multiple groups to this user

Parameters:

• _groups (Array) —

  Groups to add

# File 'app/models/user.rb', line 144

def add_groups(_groups)
  _groups.each do |group|
    add_group(group)
  end
end

#add_instance_attribute(k, v) ⇒ Object

# File 'app/models/user.rb', line 53

def add_instance_attribute(k, v)
  @instance_attrs = {} if @instance_attrs.nil?
  @instance_attrs[k] = v
end

#add_role(role) ⇒ Object Also known as: add_security_role

# File 'app/models/user.rb', line 82

def add_role(role)
  party.add_role(role)
end

#add_roles(*passed_roles) ⇒ Object Also known as: add_security_roles

# File 'app/models/user.rb', line 88

def add_roles(*passed_roles)
  party.add_roles(*passed_roles)
end

#all_capabilities ⇒ Object

# File 'app/models/user.rb', line 198

def all_capabilities
  Capability.includes(:capability_type).joins(:capability_type).joins(:capability_accessors).
  where("(capability_accessors.capability_accessor_record_type = 'Group' AND
                capability_accessor_record_id IN (#{groups.select('groups.id').to_sql})) OR
               (capability_accessors.capability_accessor_record_type = 'SecurityRole' AND
                capability_accessor_record_id IN (#{all_roles.select('security_roles.id').to_sql})) OR
               (capability_accessors.capability_accessor_record_type = 'User' AND
                capability_accessor_record_id = #{self.id})")
end

#all_class_capabilities ⇒ Object

# File 'app/models/user.rb', line 222

def all_class_capabilities
  scope_type = ScopeType.find_by_internal_identifier('class')
  all_capabilities.where(:scope_type_id => scope_type.id)
end

#all_roles ⇒ Object

composite roles for this user

# File 'app/models/user.rb', line 175

def all_roles
  SecurityRole.joins(:parties).joins("LEFT JOIN users ON parties.id=users.party_id").
  where("(parties.business_party_type='Group' AND
            parties.business_party_id IN (#{groups.select('groups.id').to_sql})) OR 
           (users.id=#{self.id})")
end

#all_uniq_capabilities ⇒ Object

# File 'app/models/user.rb', line 208

def all_uniq_capabilities
  all_capabilities.all.uniq
end

#all_uniq_class_capabilities ⇒ Object

# File 'app/models/user.rb', line 227

def all_uniq_class_capabilities
  all_class_capabilities.all.uniq
end

#all_uniq_roles ⇒ Object

# File 'app/models/user.rb', line 182

def all_uniq_roles
  all_roles.all.uniq
end

#class_capabilities_to_hash ⇒ Object

# File 'app/models/user.rb', line 231

def class_capabilities_to_hash
  all_uniq_class_capabilities.map { |capability|
    { capability_type_iid: capability.capability_type.internal_identifier,
      capability_type_description: capability.capability_type.description,
      capability_resource_type: capability.capability_resource_type
      }
  }.compact
end

#email_cannot_match_username_of_other_user ⇒ Object

# File 'app/models/user.rb', line 30

def email_cannot_match_username_of_other_user
  unless User.where(:username => self.email).where('id != ?', self.id).first.nil?
    errors.add(:email, "In use by another user")
  end
end

#generate_auth_token! ⇒ Object

auth token used for mobile app security

# File 'app/models/user.rb', line 37

def generate_auth_token!
  self.auth_token = SecureRandom.uuid
  self.auth_token_expires_at = Time.now + 30.days
  self.save
end

#group_capabilities ⇒ Object

# File 'app/models/user.rb', line 186

def group_capabilities
  Capability.includes(:capability_type).joins(:capability_type).joins(:capability_accessors).
    where(:capability_accessors => {:capability_accessor_record_type => "Group"}).
    where("capability_accessor_record_id IN (#{groups.select('groups.id').to_sql})")
end

#group_class_capabilities ⇒ Object

# File 'app/models/user.rb', line 212

def group_class_capabilities
  scope_type = ScopeType.find_by_internal_identifier('class')
  group_capabilities.where(:scope_type_id => scope_type.id)
end

#group_parties ⇒ Object

party records for the groups this user belongs to

# File 'app/models/user.rb', line 113

def group_parties
  Party.joins("JOIN #{group_member_join}")
end

#group_roles ⇒ Object

roles assigned to the groups this user belongs to

# File 'app/models/user.rb', line 128

def group_roles
  SecurityRole.joins(:parties).
    where(:parties => {:business_party_type => 'Group'}).
    where("parties.business_party_id IN (#{groups.select('groups.id').to_sql})")
end

#groups ⇒ Object

groups this user belongs to

# File 'app/models/user.rb', line 118

def groups
  Group.joins(:party).joins("JOIN #{group_member_join}")
end

#groups_not ⇒ Object

groups this user does NOT belong to

# File 'app/models/user.rb', line 123

def groups_not
  Group.joins(:party).joins("LEFT JOIN #{group_member_join}").where("party_relationships.id IS NULL")
end

#has_role?(*passed_roles) ⇒ Boolean

Returns:

• (Boolean)

# File 'app/models/user.rb', line 68

def has_role?(*passed_roles)
  result = false
  passed_roles.flatten!
  passed_roles.each do |role|
    role_iid = role.is_a?(SecurityRole) ? role.internal_identifier : role.to_s
    all_uniq_roles.each do |this_role|
      result = true if (this_role.internal_identifier == role_iid)
      break if result
    end
    break if result
  end
  result
end

#instance_attributes ⇒ Object

these two methods allow us to assign instance level attributes that are not persisted. These are used for mailers

# File 'app/models/user.rb', line 49

def instance_attributes
  @instance_attrs.nil? ? {} : @instance_attrs
end

#remove_all_groups ⇒ Object

Remove all current groups from this user

# File 'app/models/user.rb', line 168

def remove_all_groups
  groups.each do |group|
    remove_group(group)
  end
end

#remove_all_roles ⇒ Object Also known as: remove_all_security_roles

# File 'app/models/user.rb', line 106

def remove_all_roles
  party.remove_all_roles
end

#remove_group(group) ⇒ Object

Remove a group from this user

Parameters:

• group (Group) —

  Group to remove

# File 'app/models/user.rb', line 153

def remove_group(group)
  group.remove_user(self)
end

#remove_groups(_groups) ⇒ Object

Remove multiple groups from this user

Parameters:

• _groups (Array) —

  Groups to remove

# File 'app/models/user.rb', line 160

def remove_groups(_groups)
  _groups.each do |group|
    remove_group(group)
  end
end

#remove_role(role) ⇒ Object Also known as: remove_security_role

# File 'app/models/user.rb', line 100

def remove_role(role)
  party.remove_role(role)
end

#remove_roles(*passed_roles) ⇒ Object Also known as: remove_security_roles

# File 'app/models/user.rb', line 94

def remove_roles(*passed_roles)
  party.remove_roles(*passed_roles)
end

#role_capabilities ⇒ Object

# File 'app/models/user.rb', line 192

def role_capabilities
  Capability.includes(:capability_type).joins(:capability_type).joins(:capability_accessors).
    where(:capability_accessors => {:capability_accessor_record_type => "SecurityRole"}).
    where("capability_accessor_record_id IN (#{all_roles.select('security_roles.id').to_sql})")
end

#role_class_capabilities ⇒ Object

# File 'app/models/user.rb', line 217

def role_class_capabilities
  scope_type = ScopeType.find_by_internal_identifier('class')
  role_capabilities.where(:scope_type_id => scope_type.id)
end

#roles ⇒ Object

roles this user has

# File 'app/models/user.rb', line 64

def roles
  party.security_roles
end

#roles_not ⇒ Object

roles this user does NOT have

# File 'app/models/user.rb', line 59

def roles_not
  party.roles_not
end

#send_activation_needed_email! ⇒ Object

This allows the disabling of the activation email sent via the sorcery user_activation submodule

# File 'app/models/user.rb', line 44

def send_activation_needed_email!
  super unless skip_activation_email
end

#to_data_hash ⇒ Object

# File 'app/models/user.rb', line 240

def to_data_hash
  data = to_hash(only: [
                   :auth_token,
                   :id,
                   :username,
                   :email,
                   :activation_state,
                   :last_login_at,
                   :last_logout_at,
                   :last_activity_at,
                   :failed_logins_count,
                   :created_at,
                   :updated_at
                 ],
                 display_name: party.description,
                 is_admin: party.has_security_role?('admin'),
                 party: party.to_data_hash
                 )

  # add first name and last name if this party is an Individual
  if self.party.business_party.is_a?(Individual)
    data[:first_name] = self.party.business_party.current_first_name
    data[:last_name] = self.party.business_party.current_last_name
  end

  data
end