Module: AccountEngine::UserAccount

Defined in:

lib/account_engine/user_account.rb,
lib/account_engine/user_account/class_methods.rb

Defined Under Namespace

Modules: ClassMethods

Class Method Summary

• .included(base) ⇒ Object

Instance Method Summary

• #admin? ⇒ Boolean

  Returns true if this user is has the ‘admin’ role.

• #authorized?(controller, action = "index") ⇒ Boolean

  Returns true if this user is authorised to perform the given action.

• #fullname ⇒ Object

  override this method to return the full name of this user.

• #generate_password(n = 6) ⇒ Object
• #generate_security_token(hours = nil) ⇒ Object
• #password ⇒ Object
• #password=(pass) ⇒ Object
• #password? ⇒ Boolean
• #token_expired? ⇒ Boolean
• #update_expiry ⇒ Object

Class Method Details

.included(base) ⇒ Object

# File 'lib/account_engine/user_account.rb', line 10

def self.included(base)
  base.extend(ClassMethods)
  
  base.class_eval do
    
    # use the table name given
    set_table_name AccountEngine.users_table
    
    validates_presence_of :login
    validates_length_of :login, :within => 2..60
    validates_uniqueness_of :login
    
    validates_uniqueness_of :email, :if => :validate_email?
    validates_format_of :email, :with => /^[^@]+@.+$/, :if => :validate_email?
    
    validates_presence_of :password, :if => :validate_password?
    validates_confirmation_of :password, :if => :validate_password?
    validates_length_of :password, { :minimum => 4, :if => :validate_password? }
    validates_length_of :password, { :maximum => 40, :if => :validate_password? }
    
    after_validation :crypt_password
    
    has_and_belongs_to_many :roles, :join_table => AccountEngine.users_roles_table
    
    # ensure that all users recieve the 'user' role
    before_create :add_user_role
  end
end

Instance Method Details

#admin? ⇒ Boolean

Returns true if this user is has the ‘admin’ role

Returns:

• (Boolean)

# File 'lib/account_engine/user_account.rb', line 40

def admin?()
  roles.each { |r| return true if r.omnipotent? }
  false
end

#authorized?(controller, action = "index") ⇒ Boolean

Returns true if this user is authorised to perform the given action. A user is authorized if one or more of the Roles which this user holds is associated with a Permission object which matches the current controller and action.

Returns:

• (Boolean)

# File 'lib/account_engine/user_account.rb', line 161

def authorized?(controller, action="index")
  return true if self.admin?
  
  query = <<-EOS
SELECT DISTINCT #{AccountEngine.permissions_table}.* 
FROM #{AccountEngine.permissions_table}, #{AccountEngine.roles_table}, 
 #{AccountEngine.permissions_roles_table}, #{AccountEngine.users_roles_table},
 #{AccountEngine.users_table}
WHERE #{AccountEngine.users_table}.id = :person
AND #{AccountEngine.users_table}.id = #{AccountEngine.users_roles_table}.user_id
AND #{AccountEngine.users_roles_table}.role_id = #{AccountEngine.roles_table}.id
AND #{AccountEngine.roles_table}.id = #{AccountEngine.permissions_roles_table}.role_id
AND #{AccountEngine.permissions_roles_table}.permission_id = #{AccountEngine.permissions_table}.id
AND #{AccountEngine.permissions_table}.controller = :controller
AND #{AccountEngine.permissions_table}.action = :action
EOS

  result = Permission.find_by_sql([query, {:person => self.id, :controller => controller.to_s, :action => action.to_s}])
  return (result != nil) && (!result.empty?)   
end

#fullname ⇒ Object

override this method to return the full name of this user

# File 'lib/account_engine/user_account.rb', line 46

def fullname
  return self.login
end

#generate_password(n = 6) ⇒ Object

# File 'lib/account_engine/user_account.rb', line 81

def generate_password(n=6)
  change_password Password.phonemic(n, Password::ONE_CASE | Password::ONE_DIGIT )
end

#generate_security_token(hours = nil) ⇒ Object

# File 'lib/account_engine/user_account.rb', line 60

def generate_security_token(hours = nil)
  if not hours.nil? or self.security_token.nil? or self.token_expiry.nil? or 
      (Time.now.to_i + UserAccount.token_lifetime / 2) >= self.token_expiry.to_i
    return new_security_token(hours)
  else
    return self.security_token
  end
end

#password ⇒ Object

# File 'lib/account_engine/user_account.rb', line 73

def password
  @password
end

#password=(pass) ⇒ Object

# File 'lib/account_engine/user_account.rb', line 69

def password=(pass)
  change_password pass
end

#password? ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/account_engine/user_account.rb', line 77

def password?
  !(password || salted_password).nil?
end

#token_expired? ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/account_engine/user_account.rb', line 50

def token_expired?
  self.security_token and self.token_expiry and (Time.now > self.token_expiry)
end

#update_expiry ⇒ Object

# File 'lib/account_engine/user_account.rb', line 54

def update_expiry
  write_attribute('token_expiry', [self.token_expiry, Time.at(Time.now.to_i + 600 * 1000)].min)
  write_attribute("verified", 1)
  update_without_callbacks
end