Class: User

Inherits:

ActiveRecord::Base

• Object
• ActiveRecord::Base
• User

Extended by:

Gitlab::ConfigHelper

Includes:

CaseSensitivity, Gitlab::ConfigHelper, Gitlab::CurrentSettings, Referable, Sortable, TokenAuthenticatable

Defined in:

app/models/user.rb

Instance Attribute Summary

• #force_random_password ⇒ Object

  Returns the value of attribute force_random_password.

• #login ⇒ Object

  Virtual attribute for authenticating by either username or email.

Class Method Summary

• .build_user(attrs = {}) ⇒ Object
• .by_login(login) ⇒ Object
• .by_username_or_id(name_or_id) ⇒ Object
• .filter(filter_name) ⇒ Object
• .find_by_any_email(email) ⇒ Object

  Find a User by their primary email or any associated secondary email.

• .find_by_username!(username) ⇒ Object
• .find_for_database_authentication(warden_conditions) ⇒ Object

  Devise method overridden to allow sign in with email or username.

• .reference_pattern ⇒ Object

  Pattern used to extract `@user` user references from text.

• .reference_prefix ⇒ Object
• .search(query) ⇒ Object

  Searches users matching the given query.

• .sort(method) ⇒ Object

Instance Method Summary

• #abilities ⇒ Object
• #accessible_deploy_keys ⇒ Object
• #all_emails ⇒ Object
• #all_ssh_keys ⇒ Object
• #already_forked?(project) ⇒ Boolean
• #authorized_groups ⇒ Object

  Returns the groups a user has access to.

• #authorized_projects ⇒ Object

  Returns projects user is authorized to access.

• #avatar_type ⇒ Object
• #avatar_url(size = nil, scale = 2) ⇒ Object
• #can?(action, subject) ⇒ Boolean
• #can_be_removed? ⇒ Boolean
• #can_change_username? ⇒ Boolean
• #can_create_group? ⇒ Boolean
• #can_create_project? ⇒ Boolean
• #can_leave_project?(project) ⇒ Boolean
• #can_select_namespace? ⇒ Boolean
• #cared_merge_requests ⇒ Object
• #ci_authorized_runners ⇒ Object
• #contributed_projects ⇒ Object

  Returns the projects a user contributed to in the last year.

• #created_by ⇒ Object
• #disable_two_factor! ⇒ Object
• #ensure_namespace_correct ⇒ Object
• #first_name ⇒ Object
• #fork_of(project) ⇒ Object
• #full_website_url ⇒ Object
• #generate_password ⇒ Object
• #generate_reset_token ⇒ Object
• #hook_attrs ⇒ Object
• #is_admin? ⇒ Boolean
• #ldap_identity ⇒ Object
• #ldap_user? ⇒ Boolean
• #log_info(message) ⇒ Object
• #manageable_namespaces ⇒ Object
• #name_with_username ⇒ Object
• #namespace_id ⇒ Object
• #namespace_uniq ⇒ Object
• #namespaces ⇒ Object
• #notification_service ⇒ Object
• #notification_settings_for(source) ⇒ Object
• #oauth_authorized_tokens ⇒ Object
• #owned_projects ⇒ Object
• #owns_notification_email ⇒ Object
• #owns_public_email ⇒ Object
• #post_create_hook ⇒ Object
• #post_destroy_hook ⇒ Object
• #project_deploy_keys ⇒ Object
• #projects_limit_left ⇒ Object
• #projects_limit_percent ⇒ Object
• #projects_sorted_by_activity ⇒ Object
• #recent_push(project_id = nil) ⇒ Object
• #recently_sent_password_reset? ⇒ Boolean
• #require_password? ⇒ Boolean
• #require_ssh_key? ⇒ Boolean
• #requires_ldap_check? ⇒ Boolean
• #reset_events_cache ⇒ Object

  Reset project events cache related to this user.

• #restricted_signup_domains ⇒ Object
• #sanitize_attrs ⇒ Object
• #set_notification_email ⇒ Object
• #set_projects_limit ⇒ Object
• #set_public_email ⇒ Object
• #several_namespaces? ⇒ Boolean
• #short_website_url ⇒ Object
• #solo_owned_groups ⇒ Object
• #starred?(project) ⇒ Boolean
• #system_hook_service ⇒ Object
• #temp_oauth_email? ⇒ Boolean
• #tm_in_authorized_projects ⇒ Object

  Team membership in authorized projects.

• #tm_of(project) ⇒ Object
• #to_param ⇒ Object

  Instance methods.

• #to_reference(_from_project = nil) ⇒ Object
• #toggle_star(project) ⇒ Object
• #try_obtain_ldap_lease ⇒ Object
• #unique_email ⇒ Object
• #update_emails_with_primary_email ⇒ Object
• #update_secondary_emails! ⇒ Object
• #with_defaults ⇒ Object

Methods included from Gitlab::ConfigHelper

gitlab_config, gitlab_config_features

Methods included from Referable

#reference_link_text

Methods included from Gitlab::CurrentSettings

#current_application_settings, #fake_application_settings

Instance Attribute Details

#force_random_password ⇒ Object

Returns the value of attribute force_random_password

# File 'app/models/user.rb', line 98

def force_random_password
  @force_random_password
end

#login ⇒ Object

Virtual attribute for authenticating by either username or email

# File 'app/models/user.rb', line 101

def login
  @login
end

Class Method Details

.build_user(attrs = {}) ⇒ Object

# File 'app/models/user.rb', line 331

def build_user(attrs = {})
  User.new(attrs)
end

.by_login(login) ⇒ Object

# File 'app/models/user.rb', line 313

def by_login(login)
  return nil unless login

  if login.include?('@'.freeze)
    unscoped.iwhere(email: login).take
  else
    unscoped.iwhere(username: login).take
  end
end

.by_username_or_id(name_or_id) ⇒ Object

# File 'app/models/user.rb', line 327

def by_username_or_id(name_or_id)
  find_by('users.username = ? OR users.id = ?', name_or_id.to_s, name_or_id.to_i)
end

.filter(filter_name) ⇒ Object

# File 'app/models/user.rb', line 276

def filter(filter_name)
  case filter_name
  when 'admins'
    self.admins
  when 'blocked'
    self.blocked
  when 'two_factor_disabled'
    self.without_two_factor
  when 'two_factor_enabled'
    self.with_two_factor
  when 'wop'
    self.without_projects
  when 'external'
    self.external
  else
    self.active
  end
end

.find_by_any_email(email) ⇒ Object

Find a User by their primary email or any associated secondary email

# File 'app/models/user.rb', line 263

def find_by_any_email(email)
  sql = 'SELECT *
  FROM users
  WHERE id IN (
    SELECT id FROM users WHERE email = :email
    UNION
    SELECT emails.user_id FROM emails WHERE email = :email
  )
  LIMIT 1;'

  User.find_by_sql([sql, { email: email }]).first
end

.find_by_username!(username) ⇒ Object

# File 'app/models/user.rb', line 323

def find_by_username!(username)
  find_by!('lower(username) = ?', username.downcase)
end

.find_for_database_authentication(warden_conditions) ⇒ Object

Devise method overridden to allow sign in with email or username

# File 'app/models/user.rb', line 244

def find_for_database_authentication(warden_conditions)
  conditions = warden_conditions.dup
  if login = conditions.delete(:login)
    where(conditions).find_by("lower(username) = :value OR lower(email) = :value", value: login.downcase)
  else
    find_by(conditions)
  end
end

.reference_pattern ⇒ Object

Pattern used to extract `@user` user references from text

# File 'app/models/user.rb', line 340

def reference_pattern
  %r{
    #{Regexp.escape(reference_prefix)}
    (?<user>#{Gitlab::Regex::NAMESPACE_REGEX_STR})
  }x
end

.reference_prefix ⇒ Object

# File 'app/models/user.rb', line 335

def reference_prefix
  '@'
end

.search(query) ⇒ Object

Searches users matching the given query.

This method uses ILIKE on PostgreSQL and LIKE on MySQL.

query - The search query as a String

Returns an ActiveRecord::Relation.

# File 'app/models/user.rb', line 302

def search(query)
  table   = arel_table
  pattern = "%#{query}%"

  where(
    table[:name].matches(pattern).
      or(table[:email].matches(pattern)).
      or(table[:username].matches(pattern))
  )
end

.sort(method) ⇒ Object

# File 'app/models/user.rb', line 253

def sort(method)
  case method.to_s
  when 'recent_sign_in' then reorder(last_sign_in_at: :desc)
  when 'oldest_sign_in' then reorder(last_sign_in_at: :asc)
  else
    order_by(method)
  end
end

Instance Method Details

#abilities ⇒ Object

# File 'app/models/user.rb', line 484

def abilities
  Ability.abilities
end

#accessible_deploy_keys ⇒ Object

# File 'app/models/user.rb', line 579

def accessible_deploy_keys
  @accessible_deploy_keys ||= begin
    key_ids = project_deploy_keys.pluck(:id)
    key_ids.push(*DeployKey.are_public.pluck(:id))
    DeployKey.where(id: key_ids)
  end
end

#all_emails ⇒ Object

# File 'app/models/user.rb', line 699

def all_emails
  all_emails = []
  all_emails << self.email unless self.temp_oauth_email?
  all_emails.concat(self.emails.map(&:email))
  all_emails
end

#all_ssh_keys ⇒ Object

# File 'app/models/user.rb', line 683

def all_ssh_keys
  keys.map(&:publishable_key)
end

#already_forked?(project) ⇒ Boolean

Returns:

• (Boolean)

# File 'app/models/user.rb', line 553

def already_forked?(project)
  !!fork_of(project)
end

#authorized_groups ⇒ Object

Returns the groups a user has access to

# File 'app/models/user.rb', line 437

def authorized_groups
  union = Gitlab::SQL::Union.
    new([groups.select(:id), authorized_projects.select(:namespace_id)])

  Group.where("namespaces.id IN (#{union.to_sql})")
end

#authorized_projects ⇒ Object

Returns projects user is authorized to access.

# File 'app/models/user.rb', line 445

def authorized_projects
  Project.where("projects.id IN (#{projects_union.to_sql})")
end

#avatar_type ⇒ Object

# File 'app/models/user.rb', line 402

def avatar_type
  unless self.avatar.image?
    self.errors.add :avatar, "only images allowed"
  end
end

#avatar_url(size = nil, scale = 2) ⇒ Object

# File 'app/models/user.rb', line 691

def avatar_url(size = nil, scale = 2)
  if avatar.present?
    [gitlab_config.url, avatar.url].join
  else
    GravatarService.new.execute(email, size, scale)
  end
end

#can?(action, subject) ⇒ Boolean

Returns:

• (Boolean)

# File 'app/models/user.rb', line 492

def can?(action, subject)
  abilities.allowed?(self, action, subject)
end

#can_be_removed? ⇒ Boolean

Returns:

• (Boolean)

# File 'app/models/user.rb', line 821

def can_be_removed?
  !solo_owned_groups.present?
end

#can_change_username? ⇒ Boolean

Returns:

• (Boolean)

# File 'app/models/user.rb', line 472

def can_change_username?
  gitlab_config.username_changing_enabled
end

#can_create_group? ⇒ Boolean

Returns:

• (Boolean)

# File 'app/models/user.rb', line 480

def can_create_group?
  can?(:create_group, nil)
end

#can_create_project? ⇒ Boolean

Returns:

• (Boolean)

# File 'app/models/user.rb', line 476

def can_create_project?
  projects_limit_left > 0
end

#can_leave_project?(project) ⇒ Boolean

Returns:

• (Boolean)

# File 'app/models/user.rb', line 654

def can_leave_project?(project)
  project.namespace != namespace &&
    project.project_member(self)
end

#can_select_namespace? ⇒ Boolean

Returns:

• (Boolean)

# File 'app/models/user.rb', line 488

def can_select_namespace?
  several_namespaces? || admin
end

#cared_merge_requests ⇒ Object

# File 'app/models/user.rb', line 500

def cared_merge_requests
  MergeRequest.cared(self)
end

#ci_authorized_runners ⇒ Object

# File 'app/models/user.rb', line 825

def ci_authorized_runners
  @ci_authorized_runners ||= begin
    runner_ids = Ci::RunnerProject.
      where("ci_runner_projects.gl_project_id IN (#{ci_projects_union.to_sql})").
      select(:runner_id)
    Ci::Runner.specific.where(id: runner_ids)
  end
end

#contributed_projects ⇒ Object

Returns the projects a user contributed to in the last year.

This method relies on a subquery as this performs significantly better compared to a JOIN when coupled with, for example, `Project.visible_to_user`. That is, consider the following code:

some_user.contributed_projects.visible_to_user(other_user)

If this method were to use a JOIN the resulting query would take roughly 200 ms on a database with a similar size to GitLab.com's database. On the other hand, using a subquery means we can get the exact same data in about 40 ms.

# File 'app/models/user.rb', line 788

def contributed_projects
  events = Event.select(:project_id).
    contributions.where(author_id: self).
    where("created_at > ?", Time.now - 1.year).
    uniq.
    reorder(nil)

  Project.where(id: events)
end

#created_by ⇒ Object

# File 'app/models/user.rb', line 587

def created_by
  User.find_by(id: created_by_id) if created_by_id
end

#disable_two_factor! ⇒ Object

# File 'app/models/user.rb', line 379

def disable_two_factor!
  update_attributes(
    two_factor_enabled:          false,
    encrypted_otp_secret:        nil,
    encrypted_otp_secret_iv:     nil,
    encrypted_otp_secret_salt:   nil,
    otp_grace_period_started_at: nil,
    otp_backup_codes:            nil
  )
end

#ensure_namespace_correct ⇒ Object

# File 'app/models/user.rb', line 714

def ensure_namespace_correct
  # Ensure user has namespace
  self.create_namespace!(path: self.username, name: self.username) unless self.namespace

  if self.username_changed?
    self.namespace.update_attributes(path: self.username, name: self.username)
  end
end

#first_name ⇒ Object

# File 'app/models/user.rb', line 496

def first_name
  name.split.first unless name.blank?
end

#fork_of(project) ⇒ Object

# File 'app/models/user.rb', line 557

def fork_of(project)
  links = ForkedProjectLink.where(forked_from_project_id: project, forked_to_project_id: personal_projects)

  if links.any?
    links.first.forked_to_project
  else
    nil
  end
end

#full_website_url ⇒ Object

# File 'app/models/user.rb', line 673

def full_website_url
  return "http://#{website_url}" if website_url !~ /\Ahttps?:\/\//

  website_url
end

#generate_password ⇒ Object

# File 'app/models/user.rb', line 360

def generate_password
  if self.force_random_password
    self.password = self.password_confirmation = Devise.friendly_token.first(8)
  end
end

#generate_reset_token ⇒ Object

# File 'app/models/user.rb', line 366

def generate_reset_token
  @reset_token, enc = Devise.token_generator.generate(self.class, :reset_password_token)

  self.reset_password_token   = enc
  self.reset_password_sent_at = Time.now.utc

  @reset_token
end

#hook_attrs ⇒ Object

# File 'app/models/user.rb', line 706

def hook_attrs
  {
    name: name,
    username: username,
    avatar_url: avatar_url
  }
end

#is_admin? ⇒ Boolean

Returns:

• (Boolean)

# File 'app/models/user.rb', line 460

def is_admin?
  admin
end

#ldap_identity ⇒ Object

# File 'app/models/user.rb', line 571

def ldap_identity
  @ldap_identity ||= identities.find_by(["provider LIKE ?", "ldap%"])
end

#ldap_user? ⇒ Boolean

Returns:

• (Boolean)

# File 'app/models/user.rb', line 567

def ldap_user?
  identities.exists?(["provider LIKE ? AND extern_uid IS NOT NULL", "ldap%"])
end

#log_info(message) ⇒ Object

# File 'app/models/user.rb', line 738

def log_info(message)
  Gitlab::AppLogger.info message
end

#manageable_namespaces ⇒ Object

# File 'app/models/user.rb', line 763

def manageable_namespaces
  @manageable_namespaces ||= [namespace] + owned_groups + masters_groups
end

#name_with_username ⇒ Object

# File 'app/models/user.rb', line 545

def name_with_username
  "#{name} (#{username})"
end

#namespace_id ⇒ Object

# File 'app/models/user.rb', line 541

def namespace_id
  namespace.try :id
end

#namespace_uniq ⇒ Object

# File 'app/models/user.rb', line 390

def namespace_uniq
  # Return early if username already failed the first uniqueness validation
  return if self.errors.key?(:username) &&
    self.errors[:username].include?('has already been taken')

  namespace_name = self.username
  existing_namespace = Namespace.by_path(namespace_name)
  if existing_namespace && existing_namespace != self.namespace
    self.errors.add(:username, 'has already been taken')
  end
end

#namespaces ⇒ Object

# File 'app/models/user.rb', line 767

def namespaces
  namespace_ids = groups.pluck(:id)
  namespace_ids.push(namespace.id)
  Namespace.where(id: namespace_ids)
end

#notification_service ⇒ Object

# File 'app/models/user.rb', line 734

def notification_service
  NotificationService.new
end

#notification_settings_for(source) ⇒ Object

# File 'app/models/user.rb', line 834

def notification_settings_for(source)
  notification_settings.find_or_initialize_by(source: source)
end

#oauth_authorized_tokens ⇒ Object

# File 'app/models/user.rb', line 773

def oauth_authorized_tokens
  Doorkeeper::AccessToken.where(resource_owner_id: self.id, revoked_at: nil)
end

#owned_projects ⇒ Object

# File 'app/models/user.rb', line 449

def owned_projects
  @owned_projects ||=
    Project.where('namespace_id IN (?) OR namespace_id = ?',
                  owned_groups.select(:id), namespace.id).joins(:namespace)
end

#owns_notification_email ⇒ Object

# File 'app/models/user.rb', line 414

def owns_notification_email
  return if self.temp_oauth_email?

  self.errors.add(:notification_email, "is not an email you own") unless self.all_emails.include?(self.notification_email)
end

#owns_public_email ⇒ Object

# File 'app/models/user.rb', line 420

def owns_public_email
  return if self.public_email.blank?

  self.errors.add(:public_email, "is not an email you own") unless self.all_emails.include?(self.public_email)
end

#post_create_hook ⇒ Object

# File 'app/models/user.rb', line 723

def post_create_hook
  log_info("User \"#{self.name}\" (#{self.email}) was created")
  notification_service.new_user(self, @reset_token) if self.created_by_id
  system_hook_service.execute_hooks_for(self, :create)
end

#post_destroy_hook ⇒ Object

# File 'app/models/user.rb', line 729

def post_destroy_hook
  log_info("User \"#{self.name}\" (#{self.email})  was removed")
  system_hook_service.execute_hooks_for(self, :destroy)
end

#project_deploy_keys ⇒ Object

# File 'app/models/user.rb', line 575

def project_deploy_keys
  DeployKey.unscoped.in_projects(self.authorized_projects.pluck(:id)).distinct(:id)
end

#projects_limit_left ⇒ Object

# File 'app/models/user.rb', line 504

def projects_limit_left
  projects_limit - personal_projects.count
end

#projects_limit_percent ⇒ Object

# File 'app/models/user.rb', line 508

def projects_limit_percent
  return 100 if projects_limit.zero?
  (personal_projects.count.to_f / projects_limit) * 100
end

#projects_sorted_by_activity ⇒ Object

# File 'app/models/user.rb', line 533

def projects_sorted_by_activity
  authorized_projects.sorted_by_activity
end

#recent_push(project_id = nil) ⇒ Object

# File 'app/models/user.rb', line 513

def recent_push(project_id = nil)
  # Get push events not earlier than 2 hours ago
  events = recent_events.code_push.where("created_at > ?", Time.now - 2.hours)
  events = events.where(project_id: project_id) if project_id

  # Use the latest event that has not been pushed or merged recently
  events.recent.find do |event|
    project = Project.find_by_id(event.project_id)
    next unless project
    repo = project.repository

    if repo.branch_names.include?(event.branch_name)
      merge_requests = MergeRequest.where("created_at >= ?", event.created_at).
          where(source_project_id: project.id,
                source_branch: event.branch_name)
      merge_requests.empty?
    end
  end
end

#recently_sent_password_reset? ⇒ Boolean

Returns:

• (Boolean)

# File 'app/models/user.rb', line 375

def recently_sent_password_reset?
  reset_password_sent_at.present? && reset_password_sent_at >= 1.minute.ago
end

#require_password? ⇒ Boolean

Returns:

• (Boolean)

# File 'app/models/user.rb', line 468

def require_password?
  password_automatically_set? && !ldap_user?
end

#require_ssh_key? ⇒ Boolean

Returns:

• (Boolean)

# File 'app/models/user.rb', line 464

def require_ssh_key?
  keys.count == 0
end

#requires_ldap_check? ⇒ Boolean

Returns:

• (Boolean)

# File 'app/models/user.rb', line 623

def requires_ldap_check?
  if !Gitlab.config.ldap.enabled
    false
  elsif ldap_user?
    !last_credential_check_at || (last_credential_check_at + 1.hour) < Time.now
  else
    false
  end
end

#reset_events_cache ⇒ Object

Reset project events cache related to this user

Since we do cache @event we need to reset cache in special cases:

• when the user changes their avatar

Events cache stored like events/23-20130109142513. The cache key includes updated_at timestamp. Thus it will automatically generate a new fragment when the event is updated because the key changes.

# File 'app/models/user.rb', line 667

def reset_events_cache
  Event.where(author_id: self.id).
    order('id DESC').limit(1000).
    update_all(updated_at: Time.now)
end

#restricted_signup_domains ⇒ Object

# File 'app/models/user.rb', line 798

def restricted_signup_domains
  email_domains = current_application_settings.restricted_signup_domains

  unless email_domains.blank?
    match_found = email_domains.any? do |domain|
      escaped = Regexp.escape(domain).gsub('\*','.*?')
      regexp = Regexp.new "^#{escaped}$", Regexp::IGNORECASE
      email_domain = Mail::Address.new(self.email).domain
      email_domain =~ regexp
    end

    unless match_found
      self.errors.add :email,
                      'is not whitelisted. ' +
                      'Email domains valid for registration are: ' +
                      email_domains.join(', ')
      return false
    end
  end

  true
end

#sanitize_attrs ⇒ Object

# File 'app/models/user.rb', line 591

def sanitize_attrs
  %w(name username skype linkedin twitter).each do |attr|
    value = self.send(attr)
    self.send("#{attr}=", Sanitize.clean(value)) if value.present?
  end
end

#set_notification_email ⇒ Object

# File 'app/models/user.rb', line 598

def set_notification_email
  if self.notification_email.blank? || !self.all_emails.include?(self.notification_email)
    self.notification_email = self.email
  end
end

#set_projects_limit ⇒ Object

# File 'app/models/user.rb', line 616

def set_projects_limit
  connection_default_value_defined = new_record? && !projects_limit_changed?
  return unless self.projects_limit.nil? || connection_default_value_defined

  self.projects_limit = current_application_settings.default_projects_limit
end

#set_public_email ⇒ Object

# File 'app/models/user.rb', line 604

def set_public_email
  if self.public_email.blank? || !self.all_emails.include?(self.public_email)
    self.public_email = ''
  end
end

#several_namespaces? ⇒ Boolean

Returns:

• (Boolean)

# File 'app/models/user.rb', line 537

def several_namespaces?
  owned_groups.any? || masters_groups.any?
end

#short_website_url ⇒ Object

# File 'app/models/user.rb', line 679

def short_website_url
  website_url.sub(/\Ahttps?:\/\//, '')
end

#solo_owned_groups ⇒ Object

# File 'app/models/user.rb', line 640

def solo_owned_groups
  @solo_owned_groups ||= owned_groups.select do |group|
    group.owners == [self]
  end
end

#starred?(project) ⇒ Boolean

Returns:

• (Boolean)

# File 'app/models/user.rb', line 746

def starred?(project)
  starred_projects.exists?(project.id)
end

#system_hook_service ⇒ Object

# File 'app/models/user.rb', line 742

def system_hook_service
  SystemHooksService.new
end

#temp_oauth_email? ⇒ Boolean

Returns:

• (Boolean)

# File 'app/models/user.rb', line 687

def temp_oauth_email?
  email.start_with?('temp-email-for-oauth')
end

#tm_in_authorized_projects ⇒ Object

Team membership in authorized projects

# File 'app/models/user.rb', line 456

def tm_in_authorized_projects
  ProjectMember.where(source_id: authorized_projects.map(&:id), user_id: self.id)
end

#tm_of(project) ⇒ Object

# File 'app/models/user.rb', line 549

def tm_of(project)
  project.project_member_by_id(self.id)
end

#to_param ⇒ Object

Instance methods

# File 'app/models/user.rb', line 352

def to_param
  username
end

#to_reference(_from_project = nil) ⇒ Object

# File 'app/models/user.rb', line 356

def to_reference(_from_project = nil)
  "#{self.class.reference_prefix}#{username}"
end

#toggle_star(project) ⇒ Object

# File 'app/models/user.rb', line 750

def toggle_star(project)
  UsersStarProject.transaction do
    user_star_project = users_star_projects.
        where(project: project, user: self).lock(true).first

    if user_star_project
      user_star_project.destroy
    else
      UsersStarProject.create!(project: project, user: self)
    end
  end
end

#try_obtain_ldap_lease ⇒ Object

# File 'app/models/user.rb', line 633

def try_obtain_ldap_lease
  # After obtaining this lease LDAP checks will be blocked for 600 seconds
  # (10 minutes) for this user.
  lease = Gitlab::ExclusiveLease.new("user_ldap_check:#{id}", timeout: 600)
  lease.try_obtain
end

#unique_email ⇒ Object

# File 'app/models/user.rb', line 408

def unique_email
  if !self.emails.exists?(email: self.email) && Email.exists?(email: self.email)
    self.errors.add(:email, 'has already been taken')
  end
end

#update_emails_with_primary_email ⇒ Object

# File 'app/models/user.rb', line 426

def update_emails_with_primary_email
  primary_email_record = self.emails.find_by(email: self.email)
  if primary_email_record
    primary_email_record.destroy
    self.emails.create(email: self.email_was)

    self.update_secondary_emails!
  end
end

#update_secondary_emails! ⇒ Object

# File 'app/models/user.rb', line 610

def update_secondary_emails!
  self.set_notification_email
  self.set_public_email
  self.save if self.notification_email_changed? || self.public_email_changed?
end

#with_defaults ⇒ Object

# File 'app/models/user.rb', line 646

def with_defaults
  User.defaults.each do |k, v|
    self.send("#{k}=", v)
  end

  self
end