Class: User

Inherits:
Principal show all
Defined in:
app/models/user.rb

Direct Known Subclasses

AnonymousUser

Constant Summary

STATUS_ANONYMOUS =

Account statuses

0
STATUS_ACTIVE =
1
STATUS_REGISTERED =
2
STATUS_LOCKED =
3
USER_FORMATS =
{
  :firstname_lastname => '#{firstname} #{lastname}',
  :firstname => '#{firstname}',
  :lastname_firstname => '#{lastname} #{firstname}',
  :lastname_coma_firstname => '#{lastname}, #{firstname}',
  :username => '#{login}'
}

Instance Attribute Summary

Class Method Summary

Instance Method Summary

Methods inherited from Principal

#<=>

Methods inherited from ActiveRecord::Base

quoted_table_name

Instance Attribute Details

- (Object) last_before_login_on

Returns the value of attribute last_before_login_on



51
52
53
# File 'app/models/user.rb', line 51

def 
  
end

- (Object) password

Returns the value of attribute password



50
51
52
# File 'app/models/user.rb', line 50

def password
  @password
end

- (Object) password_confirmation

Returns the value of attribute password_confirmation



50
51
52
# File 'app/models/user.rb', line 50

def password_confirmation
  @password_confirmation
end

Class Method Details

+ (Object) anonymous

Returns the anonymous user. If the anonymous user does not exist, it is created. There can be only one anonymous user per database.



316
317
318
319
320
321
322
323
# File 'app/models/user.rb', line 316

def self.anonymous
  anonymous_user = AnonymousUser.find(:first)
  if anonymous_user.nil?
    anonymous_user = AnonymousUser.create(:lastname => 'Anonymous', :firstname => '', :mail => '', :login => '', :status => 0)
    raise 'Unable to create the anonymous user.' if anonymous_user.new_record?
  end
  anonymous_user
end

+ (Object) current



310
311
312
# File 'app/models/user.rb', line 310

def self.current
  @current_user ||= User.anonymous
end

+ (Object) current=(user)



306
307
308
# File 'app/models/user.rb', line 306

def self.current=(user)
  @current_user = user
end

+ (Object) find_by_api_key(key)



220
221
222
223
# File 'app/models/user.rb', line 220

def self.find_by_api_key(key)
  token = Token.find_by_action_and_value('api', key)
  token && token.user.active? ? token.user : nil
end

+ (Object) find_by_mail(mail)

Makes find_by_mail case-insensitive



226
227
228
# File 'app/models/user.rb', line 226

def self.find_by_mail(mail)
  find(:first, :conditions => ["LOWER(mail) = ?", mail.to_s.downcase])
end

+ (Object) find_by_rss_key(key)



215
216
217
218
# File 'app/models/user.rb', line 215

def self.find_by_rss_key(key)
  token = Token.find_by_value(key)
  token && token.user.active? ? token.user : nil
end

+ (Object) try_to_autologin(key)

Returns the user who matches the given autologin key or nil



130
131
132
133
134
135
136
137
138
139
140
# File 'app/models/user.rb', line 130

def self.try_to_autologin(key)
  tokens = Token.find_all_by_action_and_value('autologin', key)
  # Make sure there's only 1 token that matches the key
  if tokens.size == 1
    token = tokens.first
    if (token.created_on > Setting.autologin.to_i.day.ago) && token.user && token.user.active?
      token.user.update_attribute(:last_login_on, Time.now)
      token.user
    end
  end
end

+ (Object) try_to_login(login, password)

Returns the user that matches provided login and password, or nil



96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
# File 'app/models/user.rb', line 96

def self.(, password)
  # Make sure no one can sign in with an empty password
  return nil if password.to_s.empty?
  user = find(:first, :conditions => ["login=?", ])
  if user
    # user is already in local database
    return nil if !user.active?
    if user.auth_source
      # user has an external authentication method
      return nil unless user.auth_source.authenticate(, password)
    else
      # authentication with local password
      return nil unless User.hash_password(password) == user.hashed_password        
    end
  else
    # user is not yet registered, try to authenticate with available sources
    attrs = AuthSource.authenticate(, password)
    if attrs
      user = new(attrs)
      user. = 
      user.language = Setting.default_language
      if user.save
        user.reload
        logger.info("User '#{user.login}' created from the LDAP") if logger
      end
    end
  end    
  user.update_attribute(:last_login_on, Time.now) if user && !user.new_record?
  user
rescue => text
  raise text
end

Instance Method Details

- (Boolean) active?

Returns:

  • (Boolean)


151
152
153
# File 'app/models/user.rb', line 151

def active?
  self.status == STATUS_ACTIVE
end

- (Boolean) allowed_to?(action, project, options = {})

Return true if the user is allowed to do the specified action on project action can be:

  • a parameter-like Hash (eg. :controller => ‘projects’, :action => ‘edit’)
  • a permission Symbol (eg. :edit_project)

Returns:

  • (Boolean)


281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
# File 'app/models/user.rb', line 281

def allowed_to?(action, project, options={})
  if project
    # No action allowed on archived projects
    return false unless project.active?
    # No action allowed on disabled modules
    return false unless project.allows_to?(action)
    # Admin users are authorized for anything else
    return true if admin?
    
    roles = roles_for_project(project)
    return false unless roles
    roles.detect {|role| (project.is_public? || role.member?) && role.allowed_to?(action)}
    
  elsif options[:global]
    # Admin users are always authorized
    return true if admin?
    
    # authorize if user has at least one role that has this permission
    roles = memberships.collect {|m| m.roles}.flatten.uniq
    roles.detect {|r| r.allowed_to?(action)} || (self.logged? ? Role.non_member.allowed_to?(action) : Role.anonymous.allowed_to?(action))
  else
    false
  end
end

- (Boolean) anonymous?

Returns:

  • (Boolean)


247
248
249
# File 'app/models/user.rb', line 247

def anonymous?
  !logged?
end

- (Object) api_key

Return user’s API key (a 40 chars long string), used to access the API



198
199
200
201
# File 'app/models/user.rb', line 198

def api_key
  token = self.api_token || self.create_api_token(:action => 'api')
  token.value
end

- (Object) before_create



67
68
69
70
# File 'app/models/user.rb', line 67

def before_create
  self.mail_notification = false
  true
end

- (Object) before_save



72
73
74
75
# File 'app/models/user.rb', line 72

def before_save
  # update hashed_password if password was set
  self.hashed_password = User.hash_password(self.password) if self.password
end

- (Boolean) check_password?(clear_password)

Returns:

  • (Boolean)


163
164
165
# File 'app/models/user.rb', line 163

def check_password?(clear_password)
  User.hash_password(clear_password) == self.hashed_password
end

- (Object) identity_url=(url)



82
83
84
85
86
87
88
89
90
91
92
93
# File 'app/models/user.rb', line 82

def identity_url=(url)
  if url.blank?
    write_attribute(:identity_url, '')
  else
    begin
      write_attribute(:identity_url, OpenIdAuthentication.normalize_identifier(url))
    rescue OpenIdAuthentication::InvalidOpenId
      # Invlaid url, don't save
    end
  end
  self.read_attribute(:identity_url)
end

- (Boolean) locked?

Returns:

  • (Boolean)


159
160
161
# File 'app/models/user.rb', line 159

def locked?
  self.status == STATUS_LOCKED
end

- (Boolean) logged?

Returns:

  • (Boolean)


243
244
245
# File 'app/models/user.rb', line 243

def logged?
  true
end

- (Boolean) member_of?(project)

Return true if the user is a member of project

Returns:

  • (Boolean)


273
274
275
# File 'app/models/user.rb', line 273

def member_of?(project)
  !roles_for_project(project).detect {|role| role.member?}.nil?
end

- (Object) name(formatter = nil)

Return user’s full name for display



143
144
145
146
147
148
149
# File 'app/models/user.rb', line 143

def name(formatter = nil)
  if formatter
    eval('"' + (USER_FORMATS[formatter] || USER_FORMATS[:firstname_lastname]) + '"')
  else
    @name ||= eval('"' + (USER_FORMATS[Setting.user_format] || USER_FORMATS[:firstname_lastname]) + '"')
  end
end

- (Object) notified_project_ids=(ids)



208
209
210
211
212
213
# File 'app/models/user.rb', line 208

def notified_project_ids=(ids)
  Member.update_all("mail_notification = #{connection.quoted_false}", ['user_id = ?', id])
  Member.update_all("mail_notification = #{connection.quoted_true}", ['user_id = ? AND project_id IN (?)', id, ids]) if ids && !ids.empty?
  @notified_projects_ids = nil
  notified_projects_ids
end

- (Object) notified_projects_ids

Return an array of project ids for which the user has explicitly turned mail notifications on



204
205
206
# File 'app/models/user.rb', line 204

def notified_projects_ids
  @notified_projects_ids ||= memberships.select {|m| m.mail_notification?}.collect(&:project_id)
end

- (Object) pref



179
180
181
# File 'app/models/user.rb', line 179

def pref
  self.preference ||= UserPreference.new(:user => self)
end

- (Object) random_password

Generate and set a random password. Useful for automated user creation Based on Token#generate_token_value



170
171
172
173
174
175
176
177
# File 'app/models/user.rb', line 170

def random_password
  chars = ("a".."z").to_a + ("A".."Z").to_a + ("0".."9").to_a
  password = ''
  40.times { |i| password << chars[rand(chars.size-1)] }
  self.password = password
  self.password_confirmation = password
  self
end

- (Boolean) registered?

Returns:

  • (Boolean)


155
156
157
# File 'app/models/user.rb', line 155

def registered?
  self.status == STATUS_REGISTERED
end

- (Object) reload(*args)



77
78
79
80
# File 'app/models/user.rb', line 77

def reload(*args)
  @name = nil
  super
end

- (Object) roles_for_project(project)

Return user’s roles for project



252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
# File 'app/models/user.rb', line 252

def roles_for_project(project)
  roles = []
  # No role on archived projects
  return roles unless project && project.active?
  if logged?
    # Find project membership
    membership = memberships.detect {|m| m.project_id == project.id}
    if membership
      roles = membership.roles
    else
      @role_non_member ||= Role.non_member
      roles << @role_non_member
    end
  else
    @role_anonymous ||= Role.anonymous
    roles << @role_anonymous
  end
  roles
end

- (Object) rss_key

Return user’s RSS key (a 40 chars long string), used to access feeds



192
193
194
195
# File 'app/models/user.rb', line 192

def rss_key
  token = self.rss_token || Token.create(:user => self, :action => 'feeds')
  token.value
end

- (Object) time_zone



183
184
185
# File 'app/models/user.rb', line 183

def time_zone
  @time_zone ||= (self.pref.time_zone.blank? ? nil : ActiveSupport::TimeZone[self.pref.time_zone])
end

- (Object) to_s



230
231
232
# File 'app/models/user.rb', line 230

def to_s
  name
end

- (Object) today

Returns the current day according to user’s time zone



235
236
237
238
239
240
241
# File 'app/models/user.rb', line 235

def today
  if time_zone.nil?
    Date.today
  else
    Time.now.in_time_zone(time_zone).to_date
  end
end

- (Boolean) wants_comments_in_reverse_order?

Returns:

  • (Boolean)


187
188
189
# File 'app/models/user.rb', line 187

def wants_comments_in_reverse_order?
  self.pref[:comments_sorting] == 'desc'
end