Class: MnoEnterprise::User

Inherits:
BaseResource show all
Extended by:
Devise::Models
Includes:
Concerns::Models::IntercomUser
Defined in:
app/models/mno_enterprise/user.rb

Class Method Summary collapse

Instance Method Summary collapse

Methods included from Concerns::Models::IntercomUser

#intercom_data, #intercom_user_hash

Methods inherited from BaseResource

#==, base_class, #cache_key, #clear_association_cache, #clear_attribute_changes!, exists?, find_by, first, last, #max_updated_column_timestamp, #read_attribute, #reload, #save, #save!, #update, #write_attribute

Methods included from HerExtension::Validations::RemoteUniquenessValidation

included

Class Method Details

.authenticate(auth_hash) ⇒ Object

Class Methods

The auth_hash includes an email and password Return nil in case of failure



96
97
98
99
100
101
102
103
104
105
 
# File 'app/models/mno_enterprise/user.rb', line 96

def self.authenticate(auth_hash)
  # retro compatibilty issue: previous version were returning nil if the user was not found or if the password was invalid
  # see https://maestrano.atlassian.net/browse/MNOE-209
  # we now validate that the password is valid in /core/lib/devise/strategies/remote_authenticatable.rb
  u = self.post("user_sessions", auth_hash.merge(validate_password: true))
  if u && u.id
    u.clear_attribute_changes!
  end
  return u
end

.confirm_by_token(confirmation_token) ⇒ Object

Override Devise to allow confirmation via original token Less secure but useful if user has been created by Maestrano Enterprise (happens when an orga_invite is sent to a new user)

Find a user by its confirmation token and try to confirm it. If no user is found, returns a new user with an error. If the user is already confirmed, create an error for the user Options must have the confirmation_token



122
123
124
125
126
 
# File 'app/models/mno_enterprise/user.rb', line 122

def self.confirm_by_token(confirmation_token)
  confirmable = self.find_for_confirmation(confirmation_token)
  confirmable.perform_confirmation(confirmation_token)
  confirmable
end

.create_from_omniauth(auth, opts = {}) ⇒ Object

Create a new user from omniauth hash



253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
 
# File 'app/models/mno_enterprise/user.rb', line 253

def self.create_from_omniauth(auth, opts = {})
  user = User.new(
    name: auth.info.first_name.presence || auth.info.email[/(\S*)@/, 1],
    surname: auth.info.last_name.presence || '',
    email: auth.info.email,
    password: Devise.friendly_token[0, 20],
    avatar_url: auth.info.image.presence
  )

  # opts hash is expected to contain additional attributes
  # to set on the model
  user.assign_attributes(opts)

  # Skip email confirmation if not from Intuit (Intuit email is NOT a confirmed email)
  user.skip_confirmation! unless auth.provider == 'intuit'
  user.save!

  user
end

.find_for_confirmation(confirmation_token) ⇒ Object

Find a user using a confirmation token



129
130
131
132
133
134
135
136
 
# File 'app/models/mno_enterprise/user.rb', line 129

def self.find_for_confirmation(confirmation_token)
  original_token     = confirmation_token
  confirmation_token = Devise.token_generator.digest(self, :confirmation_token, confirmation_token)

  confirmable = find_or_initialize_with_error_by(:confirmation_token, confirmation_token)
  confirmable = find_or_initialize_with_error_by(:confirmation_token, original_token) if confirmable.errors.any?
  confirmable
end

.find_for_oauth(auth, opts = {}, signed_in_resource = nil) ⇒ Object

Used by omniauth providers to find or create users on maestrano See Auth::OmniauthCallbacksController



216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
 
# File 'app/models/mno_enterprise/user.rb', line 216

def self.find_for_oauth(auth, opts = {}, signed_in_resource = nil)
  # Get the identity and user if they exist
  identity = Identity.find_for_oauth(auth)

  # If a signed_in_resource is provided it always overrides the existing user
  # to prevent the identity being locked with accidentally created accounts.
  # Note that this may leave zombie accounts (with no associated identity) which
  # can be cleaned up at a later date.
  user = signed_in_resource ? signed_in_resource : identity.user

  # Create the user if needed
  if user.blank? # WTF is wrong with user.nil?
    # Get the existing user by email.
    email = auth.info.email
    user = self.where(email: email).first if email

    # Create the user if it's a new registration
    if user.nil?
      user = create_from_omniauth(auth, opts.except(:authorized_link_to_email))
    elsif auth.provider == 'intuit'
      unless opts[:authorized_link_to_email] == user.email
        # Intuit email is NOT a confirmed email. Therefore we need to ask the user to
        # login the old fashion to make sure it is the right user!
        fail(SecurityError, 'reconfirm credentials')
      end
    end
  end

  # Associate the identity with the user if needed
  if identity.user != user
    identity.user_id = user.id
    identity.save!
  end
  user
end

Instance Method Details

#authenticatable_saltObject

Override Devise default method



177
178
179
 
# File 'app/models/mno_enterprise/user.rb', line 177

def authenticatable_salt
  read_attribute(:authenticatable_salt)
end

#errorsObject

It may happen that that the errors attribute become nil, which breaks the controller logic (rails responder) This getter ensures that ‘errors’ is always initialized



146
147
148
 
# File 'app/models/mno_enterprise/user.rb', line 146

def errors
  @errors ||= ActiveModel::Errors.new(self)
end

#expire_user_cacheObject 



200
201
202
203
 
# File 'app/models/mno_enterprise/user.rb', line 200

def expire_user_cache
  Rails.cache.delete(['user', self.to_key])
  true # Don't skip save if above return false (memory_store)
end

#failed_attemptsObject

Default value for failed attempts



172
173
174
 
# File 'app/models/mno_enterprise/user.rb', line 172

def failed_attempts
  read_attribute(:failed_attempts) || 0
end

#password_required?Boolean

Don’t require a password for unconfirmed users (user save password at confirmation step)

Returns:

  • (Boolean) 


151
152
153
 
# File 'app/models/mno_enterprise/user.rb', line 151

def password_required?
  super if confirmed?
end

#perform_confirmation(confirmation_token) ⇒ Object

Confirm the user and store confirmation_token



139
140
141
142
 
# File 'app/models/mno_enterprise/user.rb', line 139

def perform_confirmation(confirmation_token)
  self.confirm if self.persisted?
  self.confirmation_token = confirmation_token
end

#refresh_user_cacheObject 



205
206
207
208
209
210
211
 
# File 'app/models/mno_enterprise/user.rb', line 205

def refresh_user_cache
  self.reload
  Rails.cache.write(['user', self.to_key], self)
# singleton can't be dumped / undefined method `marshal_dump' for nil
rescue TypeError, NoMethodError
  expire_user_cache
end

#role(organization = nil) ⇒ Object

Return the role of this user for the provided organization



183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
 
# File 'app/models/mno_enterprise/user.rb', line 183

def role(organization = nil)
  # Return cached version if available
  return self.read_attribute(:role) if !organization

  # Find in arrays if organizations have been fetched
  # already. Perform remote query otherwise
  org = begin
    if self.organizations.loaded?
      self.organizations.to_a.find { |e| e.id == organization.id }
    else
      self.organizations.where(id: organization.id).first
    end
  end

  org ? org.role : nil
end

#to_audit_eventObject

Format for audit log



164
165
166
167
168
169
 
# File 'app/models/mno_enterprise/user.rb', line 164

def to_audit_event
  {
    user_name: to_s,
    user_email: email
  }
end

#to_sObject

Instance Methods



159
160
161
 
# File 'app/models/mno_enterprise/user.rb', line 159

def to_s
  "#{name} #{surname}"
end