Class: Locomotive::Account

Inherits:
Object
  • Object
show all
Includes:
Mongoid::Document
Defined in:
app/models/locomotive/account.rb

Class Method Summary collapse

Instance Method Summary collapse

Class Method Details

.create_api_token(site, email, password, api_key) ⇒ String

Create the API token which will be passed to all the requests to the Locomotive API. It requires the credentials of an account with admin role OR the API key of the site. If an error occurs (invalid account, …etc), this method raises an exception that has to be caught somewhere.

Parameters:

  • site (Site)

    The site where the authentication request is made

  • email (String)

    The email of the account

  • password (String)

    The password of the account

  • api_key (String)

    The API key of the site.

Returns:



88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
# File 'app/models/locomotive/account.rb', line 88

def self.create_api_token(site, email, password, api_key)
  if api_key.present?
     = self.where(api_key: api_key).first

    raise 'The API key is invalid.' if .nil?
  elsif email.present? && password.present?
     = self.where(email: email.downcase).first

    raise 'Invalid email or password.' if .nil? || !.valid_password?(password)
  else
    raise 'The request must contain either the user email and password OR the API key.'
  end

  .ensure_authentication_token!

  .authentication_token
end

.invalidate_api_token(token) ⇒ String

Logout the user responding to the token passed in parameter from the API. An exception is raised if no account corresponds to the token.

Parameters:

  • token (String)

    The API token created by the create_api_token method.

Returns:



113
114
115
116
117
118
119
120
121
# File 'app/models/locomotive/account.rb', line 113

def self.invalidate_api_token(token)
   = self.where(authentication_token: token).first

  raise 'Invalid token.' if .nil?

  .reset_authentication_token!

  token
end

Instance Method Details

#admin?Boolean

Tell if the account has admin privileges or not. Actually, an account is considered as an admin if it owns at least one admin membership in all its sites.

Returns:



57
58
59
# File 'app/models/locomotive/account.rb', line 57

def admin?
  Site.where(memberships: { '$elemMatch' => { account_id: self._id, role: :admin } }).count > 0
end

#api_keyObject

protected attributes ##



28
# File 'app/models/locomotive/account.rb', line 28

attr_protected :api_key

#devise_mailerObject



123
124
125
# File 'app/models/locomotive/account.rb', line 123

def devise_mailer
  Locomotive::DeviseMailer
end

#nameObject

validations ##



23
# File 'app/models/locomotive/account.rb', line 23

field :name

#orderedObject

scopes ##



40
# File 'app/models/locomotive/account.rb', line 40

scope :ordered, order_by(name: :asc)

#regenerate_api_keyString

Regenerate the API key without saving the account.

Returns:

  • (String)

    The new api key



65
66
67
# File 'app/models/locomotive/account.rb', line 65

def regenerate_api_key
  self.api_key = Digest::SHA1.hexdigest("#{self._id}-#{Time.now.to_f}-#{self.created_at}")
end

#regenerate_api_key!Object

Regenerate the API key AND then save the account.



71
72
73
74
# File 'app/models/locomotive/account.rb', line 71

def regenerate_api_key!
  self.regenerate_api_key
  self.save
end

#remember_created_atObject

devise fields (need to be declared since 2.x) ##



9
# File 'app/models/locomotive/account.rb', line 9

field :remember_created_at,     type: Time

#sitesObject

methods ##



47
48
49
# File 'app/models/locomotive/account.rb', line 47

def sites
  @sites ||= Site.where('memberships.account_id' => self._id)
end