Module: Ixtlan::Models::User

Defined in:
lib/ixtlan/models/user.rb

Constant Summary collapse

GROUP = 
Object.full_const_get(Models::GROUP)
GROUP_USER = 
Object.full_const_get(Models::GROUP_USER)

Class Method Summary collapse

Instance Method Summary collapse

Class Method Details

.included(model) ⇒ Object 



141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
 
# File 'lib/ixtlan/models/user.rb', line 141

def self.included(model)
  model.send(:include, DataMapper::Resource)
  model.send(:include, UpdateChildren)

  model.property :id, ::DataMapper::Types::Serial, :field => "uidnumber"

  model.property :login, String, :required => true, :field => "uid", :length => 4..32, :unique_index => true, :format => /^[a-zA-Z0-9._-]*$/, :writer => :private

  model.property :name, String, :required => true, :format => /^[^<">]*$/, :length => 2..64, :field => "cn"

  model.property :email, String, :required => true, :format => :email_address, :required => true, :length => 8..64, :unique_index => true, :field => "mail"

  model.property :language, String, :required => false, :format => /[a-z][a-z]/, :length => 2, :field => "preferredlanguage"

  model.property :hashed_password, String, :required => false, :length => 128, :accessor => :private, :field => "userpassword"

  if !model.const_defined?('LDAP') || !model.const_get('LDAP')
    model.timestamps :at
    model.modified_by ::Ixtlan::Models::USER
  end

  #validates_is_unique  :login
  #validates_is_unique  :email

  model.class_eval <<-EOS, __FILE__, __LINE__
  # make sure login is immutable
  def login=(new_login)
    attribute_set(:login, new_login) if login.nil?
  end

  def self.authenticate(login, password)
    user = first(:login => login) # need to get the salt
    if user
      digest = user.digest
      salt = digest[20,147]
      if ::Digest::SHA1.digest("\#{password}" + salt) == digest[0,20]
        user
      else
        "wrong password"
      end
    else
      "unknown login"
    end
  end

  def self.first_or_get!(id_or_login)
    first(:login => id_or_login) || get!(id_or_login)
  end

  def self.first_or_get(id_or_login)
    first(:login => id_or_login) || get(id_or_login)
  end

  if protected_instance_methods.find {|m| m == 'to_x'}.nil?
    alias :to_x :to_xml_document

    protected

    def to_xml_document(opts={}, doc = nil)
      unless(opts[:methods])
        opts.merge!({ 
                      :skip_types => true,
                      :skip_empty_tags => true,
                      :methods => [:groups, :created_by, :updated_by], 
                      :groups => {
                        :exclude => [:created_at, :created_by_id], 
                        :methods => [:locales, :domains], 
                        :locales => {
                          :methods => [], 
                          :exclude => [:created_at]
                        }, 
                        :domains => {
                          :methods => [], 
                          :exclude => [:created_at]
                        }
                      },
                      :created_by => {
                        :methods => [], 
                        :exclude => [:created_at, :updated_at, :hashed_password, :created_by_id, :updated_by_id, :language]
                      },
                      :updated_by => {
                        :methods => [], 
                        :exclude => [:created_at, :updated_at, :hashed_password, :created_by_id, :updated_by_id, :language]
                      }                        
                    })
      end
      unless(opts[:exclude])
        opts.merge!({:exclude => [:hashed_password, :created_by_id, :updated_by_id]})
      end
      to_x(opts, doc)
    end
  end
EOS
end

Instance Method Details

#digestObject 



38
39
40
 
# File 'lib/ixtlan/models/user.rb', line 38

def digest
  ::Base64.decode64(@hashed_password[6,200])
end

#domains_admin?Boolean

Returns:

  • (Boolean) 


24
25
26
 
# File 'lib/ixtlan/models/user.rb', line 24

def domains_admin?
  groups.detect { |g| g.domains_admin? } || false
end

#groupsObject 



41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
 
# File 'lib/ixtlan/models/user.rb', line 41

def groups
  if @groups.nil?
    # TODO spec the empty array to make sure new relations are stored
    # in the database or the groups collection is empty before filling it
    @groups = ::DataMapper::Collection.new(::DataMapper::Query.new(self.repository, GROUP), [])
    GROUP_USER.all(:memberuid => ).each do |gu|
      @groups << gu.group
    end
    def @groups.user=(user)
      @user = user
    end
    @groups.user = self
    def @groups.<<(group)
      group.locales(@user)
      group.domains(@user)
      unless member? group
        gu = GROUP_USER.create(:memberuid => @user., :gidnumber => group.id)
        super
      end

      self
    end

    def @groups.delete(group)
      gu = GROUP_USER.first(:memberuid => @user., :gidnumber => group.id)
      if gu
        gu.destroy
      end
      super
    end
    @groups.each do |g|
      g.locales(self)
      g.domains(self)
    end
  end
  @groups
end

#locales_admin?Boolean

Returns:

  • (Boolean) 


20
21
22
 
# File 'lib/ixtlan/models/user.rb', line 20

def locales_admin?
  groups.detect { |g| g.locales_admin? } || false
end

#passwordObject 



28
29
30
 
# File 'lib/ixtlan/models/user.rb', line 28

def password
  @password
end

#reset_password(len = 12) ⇒ Object 



32
33
34
35
36
 
# File 'lib/ixtlan/models/user.rb', line 32

def reset_password(len = 12)
  @password = Ixtlan::Passwords.generate(len)
  attribute_set(:hashed_password, Ixtlan::Digest.ssha(@password, "--#{Time.now}--#{}--"))
  @password
end

#root?Boolean

Returns:

  • (Boolean) 


16
17
18
 
# File 'lib/ixtlan/models/user.rb', line 16

def root?
  groups.detect { |g| g.root? } || false
end

#update_all_children(new_groups) ⇒ Object 



79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
 
# File 'lib/ixtlan/models/user.rb', line 79

def update_all_children(new_groups)
  if current_user.root?
    # root has no restrictions
    update_children(new_groups, :groups)
    update_locales_domains(new_groups)
  else
    update_restricted_children(new_groups, :groups, current_user.groups)
    if current_user.locales_admin? || current_user.domains_admin?
      # locales/domains admin can use all locales/domains
      update_locales_domains(new_groups)
    end
    if !current_user.locales_admin? || !current_user.domains_admin?
      update_restricted_locales_domains(new_groups, current_user.groups)
    end
  end
end

#update_locales_domains(new_groups) ⇒ Object 



96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
 
# File 'lib/ixtlan/models/user.rb', line 96

def update_locales_domains(new_groups)
  if(new_groups)
    # make sure we have an array
    new_groups = new_groups.is_a?(Array) ? new_groups : new_groups[:group]
    new_groups = [new_groups] unless new_groups.is_a? Array

    # create a map group_id =>  group
    user_groups_map = {}
    groups.each { |g| user_groups_map[g.id.to_s] = g }

    # for each new groups update the locales/domains respectively
    new_groups.each do |group|
      if user_groups_map.key?(group[:id])
        user_groups_map[group[:id]].update_children(group[:locales], :locales) if current_user.locales_admin? || current_user.root?
        user_groups_map[group[:id]].update_children(group[:domains], :domains) if current_user.domains_admin? || current_user.root?
      end
    end
  end
end

#update_restricted_locales_domains(new_groups, ref_groups) ⇒ Object 



116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
 
# File 'lib/ixtlan/models/user.rb', line 116

def update_restricted_locales_domains(new_groups, ref_groups)
  if(new_groups)
    # make sure we have an array
    new_groups = new_groups[:group]
    new_groups = [new_groups] unless new_groups.is_a? Array

    # create a map group_id =>  group
    user_groups_map = {}
    groups.each { |g| user_groups_map[g.id.to_s] = g }
    # create a map group_id =>  group for the reference group
    ref_group_locales = {}
    ref_groups.each { |g| ref_group_locales[g.id.to_s] = g.locales }
    ref_group_domains = {}
    ref_groups.each { |g| ref_group_domains[g.id.to_s] = g.domains }

    # for each new groups update the locales respectively
    new_groups.each do |group|
      if user_groups_map.key?(group[:id])
        user_groups_map[group[:id]].update_restricted_children(group[:locales], :locales, ref_group_locales[group[:id]] || []) unless current_user.locales_admin?
        user_groups_map[group[:id]].update_restricted_children(group[:domains], :domains, ref_group_domains[group[:id]] || []) unless current_user.domains_admin?
      end
    end
  end
end