Module: Auth::Concerns::UserConcern
- Extended by:
- ActiveSupport::Concern
- Includes:
- ChiefModelConcern, EsConcern
- Defined in:
- app/models/auth/concerns/user_concern.rb
Defined Under Namespace
Modules: ClassMethods
Instance Method Summary collapse
-
#additional_login_param_changed_on_unconfirmed_email ⇒ Object
if you change the additional login param while the email is not confirmed, you will get a validation error on additional_login_param.
- #additional_login_param_confirmed? ⇒ Boolean
-
#additional_login_param_confirmed_or_does_not_exist ⇒ Object
if the additional_login_param_status == 2.
-
#additional_login_param_format ⇒ Object
this method will validate the format of the additional_login_param.
-
#additional_login_param_name ⇒ Object
returns the additional login param name.
-
#additional_login_param_required? ⇒ Boolean
it is required only if the email is missing.
-
#as_json(options = {}) ⇒ Object
for the api responses.
-
#at_least_one_authentication_key_confirmed? ⇒ Boolean
at least one authentication_key should be confirmed.
-
#attr_blank_to_blank?(attr) ⇒ Boolean
has the attribute gone from blank to blank? what happens is that if submit the update form, it submits empty strings for input fields which we dont fill.
-
#authentication_keys_confirmed? ⇒ Boolean
used in auth/registrations/update.js.erb use it to chekc if the resource is fully confirmed, otherwise we redirect in the erb to whichever of the two needs to be confirmed.
-
#can_create_discount_coupons? ⇒ Boolean
@return true/false : override to decide how the user decides if it can create discount coupons for its contents or not.
-
#create_client ⇒ Object
tries to create a client with a unique api_key, and user id.
- #destroy_client ⇒ Object
-
#email_and_additional_login_param_both_changed ⇒ Object
now what if both have changed? keep this only on update.
-
#email_changed? ⇒ Boolean
skip_email_unique_validation is set to true in omni_concern in the situation: 1.there is no user with the given identity.
-
#email_changed_on_unconfirmed_additional_login_param ⇒ Object
if you change the email while the additional login param not confirmed, then you will get validation errors on the email, as long as you have enabled an additional_login_param in the configuration.
-
#email_confirmed_or_does_not_exist ⇒ Object
confirmed? OR both email and unconfirmed email are nil AND additional_login_param has been confirmed already.
-
#full_name ⇒ Object
@return the first name “ ” last_name, if none is defined, will return an empty string.
-
#get_user_info(keys) ⇒ Object
@param : array of field names that you want the values for.
-
#has_oauth_identity? ⇒ Boolean
returns true if there is at least one non empty oauth identity.
-
#has_phone ⇒ Object
THIS DEF CAN BE OVERRIDDEN IN YOUR MODEL TO SUIT YOUR NEEDS.
-
#is_admin?(args = nil) ⇒ Boolean
this method is to be overridden, it returns the value of the admin_variable.
-
#is_owner?(object) ⇒ Boolean
OWNERSHIP.
- #login ⇒ Object
-
#login=(login) ⇒ Object
FOR THE LOGIN AUTHENTICATION KEY PARAMETER, WE DEFINE GETTERS AND SETTERS.
-
#refresh_endpoints ⇒ Object
GCM - AMAZON ENDPOINT.
-
#reply_with_auth_token_es?(client, curr_user) ⇒ Boolean
this def is used to determine if the auth_token and es should be sent back.
-
#reply_with_redirect_url_and_auth_token_and_es?(redirect_url, client, curr_user) ⇒ Boolean
just a combination of having the redirect_url and the above method, and whether to redirect or not.
-
#resource_first_name ⇒ Object
override as needed.
-
#resource_key_for_auth_configuration ⇒ Object
> resource name converted to string with a capital => first letter.
-
#send_reset_password_link ⇒ Object
if the resource was created by an administrator, and the attr_accessor request_send_reset_password_link is true, then it will check if the email is confirmed, and then send the reset_password_instructions to the email.
-
#set_autocomplete_tags ⇒ Object
so the user’s will have to give a unique id, what if they want you to check that ?.
-
#set_client_authentication ⇒ Object
setting these as nil, forces a new auth_token and es to be generated because in the before_save hooks they are set if they are blank.
-
#set_client_authentication?(act_name, cont_name, client) ⇒ Boolean
no longer used.
- #set_primary_link ⇒ Object
-
#set_secondary_links ⇒ Object
now first we are going to test it with the ui.
- #token_expired? ⇒ Boolean
Instance Method Details
#additional_login_param_changed_on_unconfirmed_email ⇒ Object
if you change the additional login param while the email is not confirmed, you will get a validation error on additional_login_param
689 690 691 692 693 694 695 696 697 |
# File 'app/models/auth/concerns/user_concern.rb', line 689 def additional_login_param_changed_on_unconfirmed_email #puts "calling additional login param changed" #puts "pending reconfirmation?" #puts self.pending_reconfirmation? if additional_login_param_changed? && (self.pending_reconfirmation?) errors.add(:additional_login_param,"Please verify your email or add an email id before changing your #{additional_login_param_name}") end end |
#additional_login_param_confirmed? ⇒ Boolean
665 666 667 |
# File 'app/models/auth/concerns/user_concern.rb', line 665 def additional_login_param_confirmed? self.additional_login_param_status == 2 end |
#additional_login_param_confirmed_or_does_not_exist ⇒ Object
if the additional_login_param_status == 2
670 671 672 |
# File 'app/models/auth/concerns/user_concern.rb', line 670 def additional_login_param_confirmed_or_does_not_exist additional_login_param_confirmed? || self.additional_login_param_status == 0 end |
#additional_login_param_format ⇒ Object
this method will validate the format of the additional_login_param. it can be overridden by the user to do his own custom validation. default behaviour is not to add any errors in the validation process.
653 654 655 |
# File 'app/models/auth/concerns/user_concern.rb', line 653 def additional_login_param_format end |
#additional_login_param_name ⇒ Object
returns the additional login param name.
774 775 776 |
# File 'app/models/auth/concerns/user_concern.rb', line 774 def additional_login_param_name Auth.configuration.auth_resources[self.class.name.to_s.underscore.capitalize][:additional_login_param_name] end |
#additional_login_param_required? ⇒ Boolean
it is required only if the email is missing.
646 647 648 |
# File 'app/models/auth/concerns/user_concern.rb', line 646 def additional_login_param_required? email.nil? end |
#as_json(options = {}) ⇒ Object
for the api responses. if there is a current_app_id, then it will respond with the authentication-token and es if there is none, then it will return nil. it should return the errors irrespective of these settings. if otp_verification key is present in the options, then the auth_token and es will not be returned. this is needed in
592 593 594 595 596 597 598 599 600 601 602 603 604 605 606 607 608 609 610 611 612 613 614 615 616 617 618 619 620 621 622 623 624 |
# File 'app/models/auth/concerns/user_concern.rb', line 592 def as_json(={}) ## so if this does not work, then we go forward. json = {:nothing => true} if (!self.destroyed? && [:otp_verification].nil?) if self.m_client.blank? json = {} PUBLICLY_VISIBLE_FIELD_NAMES.each do |fname| json[fname.to_sym] = self.send(fname) unless self.send(fname).blank? end else if self.m_client.current_app_id && at_least_one_authentication_key_confirmed? && self.errors.empty? json = {} json[:es] = self.client_authentication[self.m_client.current_app_id] json[:authentication_token] = self.authentication_token unless [:show_id].nil? json[:id] = self.id.to_s json[:admin] = self.admin.to_s end end end if self.errors..size > 0 json[:errors] = self.errors. end end json end |
#at_least_one_authentication_key_confirmed? ⇒ Boolean
at least one authentication_key should be confirmed. so even if we change the other one, we still return the remote authentication options even when that one is still unconfirmed. used in lib/devise to decide whether to return the auth token and es and redirect. used in self.as_json, to see whether to return the auth_token and es.
678 679 680 |
# File 'app/models/auth/concerns/user_concern.rb', line 678 def at_least_one_authentication_key_confirmed? (self.confirmed? && !self.pending_reconfirmation?) || self.additional_login_param_status == 2 end |
#attr_blank_to_blank?(attr) ⇒ Boolean
has the attribute gone from blank to blank? what happens is that if submit the update form, it submits empty strings for input fields which we dont fill. so suppose you change the adiditonal_login_param , it will submit email as “”, in that case , earlier the email was nil, and now it becomes “”, so that is detected as an email change and it feels like both email and additional param have changed and triggers the validation #email_and_additional_login_param_both_changed, so we dont want that to happen, so we check if the param has gone from being blank to blank in the below validation.
710 711 712 713 714 715 716 717 718 |
# File 'app/models/auth/concerns/user_concern.rb', line 710 def attr_blank_to_blank?(attr) #puts "calling blank to blank." if self.respond_to?(attr) if (self.send("#{attr}_was").blank? && self.send("#{attr}").blank?) true end end end |
#authentication_keys_confirmed? ⇒ Boolean
used in auth/registrations/update.js.erb use it to chekc if the resource is fully confirmed, otherwise we redirect in the erb to whichever of the two needs to be confirmed.
684 685 686 |
# File 'app/models/auth/concerns/user_concern.rb', line 684 def authentication_keys_confirmed? return email_confirmed_or_does_not_exist && additional_login_param_confirmed_or_does_not_exist end |
#can_create_discount_coupons? ⇒ Boolean
@return true/false : override to decide how the user decides if it can create discount coupons for its contents or not. the current implementation returns true by default
816 817 818 |
# File 'app/models/auth/concerns/user_concern.rb', line 816 def can_create_discount_coupons? true end |
#create_client ⇒ Object
tries to create a client with a unique api_key, and user id. tries 10 attempts initially tries a versioned_create if the op is successfull then it breaks. if the op_count becomes zero it breaks. if there is no client with this user id, then and only then will it change the api_key and again try to create a client with this resource_id and this api_key. at the end it will exit, and there may or may not be a client with this resource_id. so this method basically fails silently, and so when you look at a user profiel and if you don’t see an api_key, it means that there is no client for him, that is the true sign that it failed. api key checking includes whether the user for that key is confirmed or not. client is created irrespective of whether the user is confirmed or not.
526 527 528 529 530 531 532 533 534 535 536 537 538 539 540 541 542 543 544 545 546 547 548 549 550 551 552 553 554 555 556 557 558 559 560 561 562 563 564 565 566 567 568 569 |
# File 'app/models/auth/concerns/user_concern.rb', line 526 def create_client #puts "self additional login param status changed ?" #puts self.additional_login_param_status_changed? #puts "self status is: #{self.additional_login_param_status}" ##we want to create a new client, provided that there is no client for this user id. ##if a client already exists, then we dont want to do anything. ##when we create the client we want to be sure that ##provided that there is no client with this user id. #puts "called create client." ##first find out if there is already a client for this user id. c = Auth::Client.new(:api_key => SecureRandom.hex(32), :resource_id => self.id) #puts "Came to create a client." c.versioned_create({:resource_id => self.id}) op_count = 10 #puts "-------CREATED A CLIENT AS FOLLOWS:-----------" #puts c.attributes.to_s while(true) if c.op_success? #puts "the op was a success" break elsif op_count == 0 #puts "op count was 0" break elsif (Auth::Client.where(:resource_id => self.id).count == 0) #puts "tried to create here." c.api_key = SecureRandom.hex(32) c.versioned_create({:resource_id => self.id}) op_count-=1 else #puts "finally broke." break end end end |
#destroy_client ⇒ Object
511 512 513 514 |
# File 'app/models/auth/concerns/user_concern.rb', line 511 def destroy_client @client = Auth::Client.find(self.id) @client.delete end |
#email_and_additional_login_param_both_changed ⇒ Object
now what if both have changed? keep this only on update. then we don’t have to give a shit really. whatever happens will work out thereafter.
724 725 726 727 728 729 730 731 732 |
# File 'app/models/auth/concerns/user_concern.rb', line 724 def email_and_additional_login_param_both_changed #puts "calling email and additional login param both changed" ##add error saying you cannot change both at the same time. ##additional login param can change as long as neither goes from nil to blank or blank to nil. if email_changed? && !attr_blank_to_blank?("email") && additional_login_param_changed? && !attr_blank_to_blank?("additional_login_param") errors.add(:email,"you cannot update your email and #{additional_login_param_name} at the same time") end end |
#email_changed? ⇒ Boolean
skip_email_unique_validation is set to true in omni_concern in the situation: 1.there is no user with the given identity. however it is possible that a user with this email exists. in that case, if we try to do versioned_create, then the prepare_insert block in mongoid_versioned_atomic, runs validations. these include, checking if the email is unique, and in this case, if a user with this email already exists, then the versioned_create doesnt happen at all. We don’t want to first check if there is already an account with this email, and in another step then try to do a versioned_update, because in the time in between another user could be created. So instead we simply just set #skip_email_unique_validation to true, and as a result the unique validation is skipped.
640 641 642 |
# File 'app/models/auth/concerns/user_concern.rb', line 640 def email_changed? super && skip_email_unique_validation.nil? end |
#email_changed_on_unconfirmed_additional_login_param ⇒ Object
if you change the email while the additional login param not confirmed, then you will get validation errors on the email, as long as you have enabled an additional_login_param in the configuration.
700 701 702 703 704 705 |
# File 'app/models/auth/concerns/user_concern.rb', line 700 def email_changed_on_unconfirmed_additional_login_param #puts "calling email changed" if email_changed? && (additional_login_param_status == 1) && additional_login_param_name errors.add(:email, "Please add or verify your #{additional_login_param_name} before changing your email id") end end |
#email_confirmed_or_does_not_exist ⇒ Object
confirmed? OR both email and unconfirmed email are nil AND additional_login_param has been confirmed already. currently used in this file in #authentication_keys_confirmed?
661 662 663 |
# File 'app/models/auth/concerns/user_concern.rb', line 661 def email_confirmed_or_does_not_exist (self.confirmed? && !self.pending_reconfirmation?) || (self.email.nil? && self.unconfirmed_email.nil?) end |
#full_name ⇒ Object
@return the first name “ ” last_name, if none is defined, will return an empty string. if only one of them is defined, will only return it.
805 806 807 808 809 810 |
# File 'app/models/auth/concerns/user_concern.rb', line 805 def full_name n = "" n+= self.first_name if self.first_name n+= " #{self.last_name}" if self.last_name n end |
#get_user_info(keys) ⇒ Object
573 574 575 576 577 |
# File 'app/models/auth/concerns/user_concern.rb', line 573 def get_user_info(keys) keys = keys.keep_if{ |c| (USER_INFO_FIELDS.include? c) && (self.respond_to(c.to_sym)) } return Hash[keys.map{|c| [c,self.send("#{c}")]}] end |
#has_oauth_identity? ⇒ Boolean
returns true if there is at least one non empty oauth identity
627 628 629 630 631 632 633 634 |
# File 'app/models/auth/concerns/user_concern.rb', line 627 def has_oauth_identity? return false unless self.respond_to? :identities self.identities.keep_if{|c| Auth::Identity.new(c).has_provider? }.size > 0 end |
#has_phone ⇒ Object
THIS DEF CAN BE OVERRIDDEN IN YOUR MODEL TO SUIT YOUR NEEDS.
785 786 787 |
# File 'app/models/auth/concerns/user_concern.rb', line 785 def has_phone Auth.configuration.auth_resources[resource_key_for_auth_configuration][:additional_login_param_name] && Auth.configuration.auth_resources[resource_key_for_auth_configuration][:additional_login_param_name] == "mobile" end |
#is_admin?(args = nil) ⇒ Boolean
this method is to be overridden, it returns the value of the admin_variable. it can be used to decide if the user is an admin.
798 799 800 |
# File 'app/models/auth/concerns/user_concern.rb', line 798 def is_admin?(args=nil) admin end |
#is_owner?(object) ⇒ Boolean
OWNERSHIP.
846 847 848 849 850 |
# File 'app/models/auth/concerns/user_concern.rb', line 846 def is_owner?(object) raise "object does not have a resource id field" unless ((object.respond_to? :resource_id) || (object.respond_to? :resource_class)) return true if ((object.resource_class == self.resource_class) && (object.resource_id == self.resource_id)) return false end |
#login ⇒ Object
381 382 383 |
# File 'app/models/auth/concerns/user_concern.rb', line 381 def login @login || self.email || self.additional_login_param end |
#login=(login) ⇒ Object
FOR THE LOGIN AUTHENTICATION KEY PARAMETER, WE DEFINE GETTERS AND SETTERS
377 378 379 |
# File 'app/models/auth/concerns/user_concern.rb', line 377 def login=(login) @login = login end |
#refresh_endpoints ⇒ Object
GCM - AMAZON ENDPOINT
829 830 831 832 833 834 835 836 837 |
# File 'app/models/auth/concerns/user_concern.rb', line 829 def refresh_endpoints if self.android_token_changed? endpoint = Auth::Endpoint.new endpoint.android_token = self.android_token self.android_endpoint = endpoint.set_android_endpoint end end |
#reply_with_auth_token_es?(client, curr_user) ⇒ Boolean
this def is used to determine if the auth_token and es should be sent back.
745 746 747 748 749 750 751 752 753 |
# File 'app/models/auth/concerns/user_concern.rb', line 745 def reply_with_auth_token_es?(client,curr_user) ##we have a client authentication for the client. ##we have an authentication token ##we are signed_in ##we have at least one authentication_key confirmed. return false if !curr_user client && client_authentication[client.current_app_id] && authentication_token && (id.to_s == curr_user.id.to_s) && at_least_one_authentication_key_confirmed? end |
#reply_with_redirect_url_and_auth_token_and_es?(redirect_url, client, curr_user) ⇒ Boolean
just a combination of having the redirect_url and the above method, and whether to redirect or not.
757 758 759 760 |
# File 'app/models/auth/concerns/user_concern.rb', line 757 def reply_with_redirect_url_and_auth_token_and_es?(redirect_url,client,curr_user) Auth.configuration.do_redirect && redirect_url && reply_with_auth_token_es?(client,curr_user) end |
#resource_first_name ⇒ Object
override as needed. currently used in _gateway.html.erb
791 792 793 |
# File 'app/models/auth/concerns/user_concern.rb', line 791 def resource_first_name name end |
#resource_key_for_auth_configuration ⇒ Object
> resource name converted to string with a capital
> first letter. eg : “User”
780 781 782 |
# File 'app/models/auth/concerns/user_concern.rb', line 780 def resource_key_for_auth_configuration self.class.name.to_s.underscore.capitalize end |
#send_reset_password_link ⇒ Object
if the resource was created by an administrator, and the attr_accessor request_send_reset_password_link is true, then it will check if the email is confirmed, and then send the reset_password_instructions to the email. otherwise will check if the mobile is confirmed, and will just generate that reset_password_link
454 455 456 457 458 459 460 461 462 463 464 465 466 467 468 469 470 471 472 473 474 475 476 477 478 479 480 481 482 483 484 485 486 487 488 489 490 491 492 493 494 495 496 497 498 499 500 501 502 503 504 505 506 507 508 |
# File 'app/models/auth/concerns/user_concern.rb', line 454 def send_reset_password_link #puts " --- came to set reset password link --- " reset_password_link = nil #puts "came to send reset password link, and this is the attr accessor." #puts self.request_send_reset_password_link.to_s ## if there was an unconfirmed_email present. ## this will happen only once. not again and again. ## the first time the link is sent, it won't get sent again. ## and only if created by admin. if self.created_by_admin #puts "is created by admin." #puts self.attributes.to_s #puts "is the additional login param confirmed" #puts self.additional_login_param_confirmed? ## this case is exceptional because the user will have gone to if self.confirmed? #puts "self is confirmed." begin self.class.skip_callback(:save, :after, :send_reset_password_link) self.class.send_reset_password_instructions(self.attributes) rescue ensure self.created_by_admin = false self.save self.class.set_callback(:save, :after, :send_reset_password_link) end elsif self.additional_login_param_confirmed? #puts "additiona login param is confirmed." begin #self.created_by_admin = false self.class.skip_callback(:save, :after, :send_reset_password_link) reset_password_link = Rails.application.routes.url_helpers.send("edit_#{self.class.name.downcase}_password_path",{:reset_password_token => self.set_reset_password_token}) rescue => e puts e.to_s ensure self.created_by_admin = false self.save self.class.set_callback(:save, :after, :send_reset_password_link) end end end reset_password_link end |
#set_autocomplete_tags ⇒ Object
so the user’s will have to give a unique id, what if they want you to check that ?
863 864 865 866 867 868 869 870 |
# File 'app/models/auth/concerns/user_concern.rb', line 863 def if self.new_record? self. << "user" self. << self.name self. << self.email self. << self.additional_login_param end end |
#set_client_authentication ⇒ Object
setting these as nil, forces a new auth_token and es to be generated because in the before_save hooks they are set if they are blank. def set_es
if !email.nil?
salt = SecureRandom.hex(32)
pre_es = salt + email
self.es = Digest::SHA256.hexdigest(pre_es)
end
end
428 429 430 431 432 433 434 435 436 437 438 439 440 441 442 443 444 445 446 447 448 |
# File 'app/models/auth/concerns/user_concern.rb', line 428 def set_client_authentication if !self.m_client.nil? #puts "the client is not nil" #puts "is self client authentication nil" #puts self.client_authentication[self.m_client.current_app_id].nil? #puts "is self valie" #puts self.valid? if self.client_authentication[self.m_client.current_app_id].nil? && self.valid? self.client_authentication[self.m_client.current_app_id] = SecureRandom.hex(32) self.save end else end # end |
#set_client_authentication?(act_name, cont_name, client) ⇒ Boolean
no longer used.
735 736 737 738 739 740 |
# File 'app/models/auth/concerns/user_concern.rb', line 735 def set_client_authentication?(act_name,cont_name,client) client && act_name != "destroy" && !(["passwords","confirmations","unlocks"].include? cont_name) end |
#set_primary_link ⇒ Object
872 873 874 |
# File 'app/models/auth/concerns/user_concern.rb', line 872 def set_primary_link self.primary_link = Rails.application.routes.url_helpers.profile_path(:id => self.id.to_s, :resource => self.class.name.pluralize.downcase) end |
#set_secondary_links ⇒ Object
now first we are going to test it with the ui. and we are going to test it with one admin and one non admin account before that, we are going to personality class kaha se ayega bhosadike?
882 883 884 885 886 887 888 889 890 891 892 893 894 895 896 897 898 899 900 901 902 903 904 905 906 907 908 909 910 911 912 913 |
# File 'app/models/auth/concerns/user_concern.rb', line 882 def set_secondary_links unless self.secondary_links["Add New Account"] self.secondary_links["Add New User"] = { :partial => "auth/admin_create_users/search_results/add_new_user.html.erb", :instance_name_in_locals => "user", :other_locals => {} } end unless self.secondary_links["Manage This Account"] self.secondary_links["Manage This User"] = { :partial => "auth/admin_create_users/search_results/manage_user.html.erb", :instance_name_in_locals => "user", :other_locals => {} } end unless self.secondary_links["Set Unset Proxy"] self.secondary_links["Set Unset Proxy"] = { :partial => "auth/profiles/search_results/switch_to_user.html.erb", :instance_name_in_locals => "user", :other_locals => {} } end ## switch to the user, and see all associated people. unless Auth.configuration.personality_class.blank? unless self.secondary_links["See All Associated People"] self.secondary_links["See All Associated People"] = { :url => Rails.application.routes.url_helpers.send(Auth::OmniAuth::Path.create_or_index_path(Auth.configuration.personality_class)) } end end end |
#token_expired? ⇒ Boolean
763 764 765 766 767 768 769 |
# File 'app/models/auth/concerns/user_concern.rb', line 763 def token_expired? if authentication_token_expires_at < Time.now.to_i ## the before_save callback in omniauth.rb, will automatically regenerate the authentication token #save true end end |