Class: MnoEnterprise::User
- Inherits:
-
BaseResource
- Object
- BaseResource
- MnoEnterprise::User
- Extended by:
- Devise::Models
- Includes:
- Concerns::Models::IntercomUser
- Defined in:
- app/models/mno_enterprise/user.rb
Class Method Summary collapse
-
.authenticate(auth_hash) ⇒ Object
Class Methods ================================ The auth_hash includes an email and password Return nil in case of failure.
-
.confirm_by_token(confirmation_token) ⇒ Object
Override Devise to allow confirmation via original token Less secure but useful if user has been created by Maestrano Enterprise (happens when an orga_invite is sent to a new user).
-
.create_from_omniauth(auth, opts = {}) ⇒ Object
Create a new user from omniauth hash.
-
.find_for_confirmation(confirmation_token) ⇒ Object
Find a user using a confirmation token.
-
.find_for_oauth(auth, opts = {}, signed_in_resource = nil) ⇒ Object
Used by omniauth providers to find or create users on maestrano See Auth::OmniauthCallbacksController.
Instance Method Summary collapse
-
#authenticatable_salt ⇒ Object
Override Devise default method.
-
#errors ⇒ Object
It may happen that that the errors attribute become nil, which breaks the controller logic (rails responder) This getter ensures that ‘errors’ is always initialized.
- #expire_user_cache ⇒ Object
-
#failed_attempts ⇒ Object
Default value for failed attempts.
-
#password_required? ⇒ Boolean
Don’t require a password for unconfirmed users (user save password at confirmation step).
-
#perform_confirmation(confirmation_token) ⇒ Object
Confirm the user and store confirmation_token.
- #refresh_user_cache ⇒ Object
-
#role(organization = nil) ⇒ Object
Return the role of this user for the provided organization.
-
#to_audit_event ⇒ Object
Format for audit log.
-
#to_s ⇒ Object
Instance Methods ================================.
Methods included from Concerns::Models::IntercomUser
Methods inherited from BaseResource
#==, base_class, #cache_key, #clear_association_cache, #clear_attribute_changes!, exists?, find_by, first, last, #max_updated_column_timestamp, #read_attribute, #reload, #save, #save!, #update, #write_attribute
Methods included from HerExtension::Validations::RemoteUniquenessValidation
Class Method Details
.authenticate(auth_hash) ⇒ Object
Class Methods
The auth_hash includes an email and password Return nil in case of failure
91 92 93 94 95 96 97 98 99 100 |
# File 'app/models/mno_enterprise/user.rb', line 91 def self.authenticate(auth_hash) u = self.post("user_sessions", auth_hash) if u && u.id u.clear_attribute_changes! return u end nil end |
.confirm_by_token(confirmation_token) ⇒ Object
Override Devise to allow confirmation via original token Less secure but useful if user has been created by Maestrano Enterprise (happens when an orga_invite is sent to a new user)
Find a user by its confirmation token and try to confirm it. If no user is found, returns a new user with an error. If the user is already confirmed, create an error for the user Options must have the confirmation_token
117 118 119 120 121 |
# File 'app/models/mno_enterprise/user.rb', line 117 def self.confirm_by_token(confirmation_token) confirmable = self.find_for_confirmation(confirmation_token) confirmable.perform_confirmation(confirmation_token) confirmable end |
.create_from_omniauth(auth, opts = {}) ⇒ Object
Create a new user from omniauth hash
248 249 250 251 252 253 254 255 256 257 258 259 260 261 262 263 264 265 266 |
# File 'app/models/mno_enterprise/user.rb', line 248 def self.create_from_omniauth(auth, opts = {}) user = User.new( name: auth.info.first_name.presence || auth.info.email[/(\S*)@/, 1], surname: auth.info.last_name.presence || '', email: auth.info.email, password: Devise.friendly_token[0, 20], avatar_url: auth.info.image.presence ) # opts hash is expected to contain additional attributes # to set on the model user.assign_attributes(opts) # Skip email confirmation if not from Intuit (Intuit email is NOT a confirmed email) user.skip_confirmation! unless auth.provider == 'intuit' user.save! user end |
.find_for_confirmation(confirmation_token) ⇒ Object
Find a user using a confirmation token
124 125 126 127 128 129 130 131 |
# File 'app/models/mno_enterprise/user.rb', line 124 def self.find_for_confirmation(confirmation_token) original_token = confirmation_token confirmation_token = Devise.token_generator.digest(self, :confirmation_token, confirmation_token) confirmable = find_or_initialize_with_error_by(:confirmation_token, confirmation_token) confirmable = find_or_initialize_with_error_by(:confirmation_token, original_token) if confirmable.errors.any? confirmable end |
.find_for_oauth(auth, opts = {}, signed_in_resource = nil) ⇒ Object
Used by omniauth providers to find or create users on maestrano See Auth::OmniauthCallbacksController
211 212 213 214 215 216 217 218 219 220 221 222 223 224 225 226 227 228 229 230 231 232 233 234 235 236 237 238 239 240 241 242 243 244 245 |
# File 'app/models/mno_enterprise/user.rb', line 211 def self.find_for_oauth(auth, opts = {}, signed_in_resource = nil) # Get the identity and user if they exist identity = Identity.find_for_oauth(auth) # If a signed_in_resource is provided it always overrides the existing user # to prevent the identity being locked with accidentally created accounts. # Note that this may leave zombie accounts (with no associated identity) which # can be cleaned up at a later date. user = signed_in_resource ? signed_in_resource : identity.user # Create the user if needed if user.blank? # WTF is wrong with user.nil? # Get the existing user by email. email = auth.info.email user = self.where(email: email).first if email # Create the user if it's a new registration if user.nil? user = create_from_omniauth(auth, opts.except(:authorized_link_to_email)) elsif auth.provider == 'intuit' unless opts[:authorized_link_to_email] == user.email # Intuit email is NOT a confirmed email. Therefore we need to ask the user to # login the old fashion to make sure it is the right user! fail(SecurityError, 'reconfirm credentials') end end end # Associate the identity with the user if needed if identity.user != user identity.user_id = user.id identity.save! end user end |
Instance Method Details
#authenticatable_salt ⇒ Object
Override Devise default method
172 173 174 |
# File 'app/models/mno_enterprise/user.rb', line 172 def authenticatable_salt read_attribute(:authenticatable_salt) end |
#errors ⇒ Object
It may happen that that the errors attribute become nil, which breaks the controller logic (rails responder) This getter ensures that ‘errors’ is always initialized
141 142 143 |
# File 'app/models/mno_enterprise/user.rb', line 141 def errors @errors ||= ActiveModel::Errors.new(self) end |
#expire_user_cache ⇒ Object
195 196 197 198 |
# File 'app/models/mno_enterprise/user.rb', line 195 def expire_user_cache Rails.cache.delete(['user', self.to_key]) true # Don't skip save if above return false (memory_store) end |
#failed_attempts ⇒ Object
Default value for failed attempts
167 168 169 |
# File 'app/models/mno_enterprise/user.rb', line 167 def failed_attempts read_attribute(:failed_attempts) || 0 end |
#password_required? ⇒ Boolean
Don’t require a password for unconfirmed users (user save password at confirmation step)
146 147 148 |
# File 'app/models/mno_enterprise/user.rb', line 146 def password_required? super if confirmed? end |
#perform_confirmation(confirmation_token) ⇒ Object
Confirm the user and store confirmation_token
134 135 136 137 |
# File 'app/models/mno_enterprise/user.rb', line 134 def perform_confirmation(confirmation_token) self.confirm if self.persisted? self.confirmation_token = confirmation_token end |
#refresh_user_cache ⇒ Object
200 201 202 203 204 205 206 |
# File 'app/models/mno_enterprise/user.rb', line 200 def refresh_user_cache self.reload Rails.cache.write(['user', self.to_key], self) # singleton can't be dumped / undefined method `marshal_dump' for nil rescue TypeError, NoMethodError expire_user_cache end |
#role(organization = nil) ⇒ Object
Return the role of this user for the provided organization
178 179 180 181 182 183 184 185 186 187 188 189 190 191 192 193 |
# File 'app/models/mno_enterprise/user.rb', line 178 def role(organization = nil) # Return cached version if available return self.read_attribute(:role) if !organization # Find in arrays if organizations have been fetched # already. Perform remote query otherwise org = begin if self.organizations.loaded? self.organizations.to_a.find { |e| e.id == organization.id } else self.organizations.where(id: organization.id).first end end org ? org.role : nil end |
#to_audit_event ⇒ Object
Format for audit log
159 160 161 162 163 164 |
# File 'app/models/mno_enterprise/user.rb', line 159 def to_audit_event { user_name: to_s, user_email: email } end |
#to_s ⇒ Object
Instance Methods
154 155 156 |
# File 'app/models/mno_enterprise/user.rb', line 154 def to_s "#{name} #{surname}" end |