diff options
author | Azul <azul@riseup.net> | 2016-10-20 14:39:33 +0200 |
---|---|---|
committer | Azul <azul@riseup.net> | 2016-10-20 14:39:33 +0200 |
commit | b97daaed9b513006ace7e8eb5232a2211e965e77 (patch) | |
tree | e27002e8368e92410e5d4af2a945260c2ea6e2d1 /app/models | |
parent | c6c4d9fd10b8ca8e24889112727e44c9bf68dd60 (diff) | |
parent | 6eb2dae802e5453e2a4361ab28f614cce9294f4c (diff) |
Merge remote-tracking branch 'origin/develop'
We'll only use the master branch for development from now on.
Diffstat (limited to 'app/models')
-rw-r--r-- | app/models/account.rb | 10 | ||||
-rw-r--r-- | app/models/api_monitor_user.rb | 11 | ||||
-rw-r--r-- | app/models/api_user.rb | 13 | ||||
-rw-r--r-- | app/models/email.rb | 31 | ||||
-rw-r--r-- | app/models/identity.rb | 2 | ||||
-rw-r--r-- | app/models/local_email.rb | 66 | ||||
-rw-r--r-- | app/models/login_format_validation.rb | 21 | ||||
-rw-r--r-- | app/models/session.rb | 2 | ||||
-rw-r--r-- | app/models/temporary_user.rb | 93 | ||||
-rw-r--r-- | app/models/token.rb | 4 | ||||
-rw-r--r-- | app/models/user.rb | 14 |
11 files changed, 32 insertions, 235 deletions
diff --git a/app/models/account.rb b/app/models/account.rb index 7310250..d722caa 100644 --- a/app/models/account.rb +++ b/app/models/account.rb @@ -69,15 +69,13 @@ class Account @user.refresh_identity end - def destroy(destroy_identity=false) + def destroy(release_handles=false) return unless @user if !@user.is_tmp? - if destroy_identity == false - @user.identities.each do |id| + @user.identities.each do |id| + if release_handles == false id.orphan! - end - else - @user.identities.each do |id| + else id.destroy end end diff --git a/app/models/api_monitor_user.rb b/app/models/api_monitor_user.rb new file mode 100644 index 0000000..d0fe411 --- /dev/null +++ b/app/models/api_monitor_user.rb @@ -0,0 +1,11 @@ +# +# A user that has limited admin access, to be used +# for running monitor tests against a live production +# installation. +# +class ApiMonitorUser < ApiUser + def is_monitor? + true + end +end + diff --git a/app/models/api_user.rb b/app/models/api_user.rb index 2efe1cb..c70cccb 100644 --- a/app/models/api_user.rb +++ b/app/models/api_user.rb @@ -3,21 +3,10 @@ class ApiUser < AnonymousUser end # -# A user that has limited admin access, to be used -# for running monitor tests against a live production -# installation. -# -class ApiMonitorUser < ApiUser - def is_monitor? - true - end -end - -# # Not yet supported: # #class ApiAdminUser < ApiUser # def is_admin? # true # end -#end
\ No newline at end of file +#end diff --git a/app/models/email.rb b/app/models/email.rb deleted file mode 100644 index 4090275..0000000 --- a/app/models/email.rb +++ /dev/null @@ -1,31 +0,0 @@ -class Email < String - include ActiveModel::Validations - - validates :email, - :format => { - :with => /\A([^@\s]+)@((?:[-a-z0-9]+\.)+[a-z]{2,})\Z/, #local part of email is case-sensitive, so allow uppercase letter. - :message => "needs to be a valid email address" - } - - # Make sure we can call Email.new(nil) and get an invalid email address - def initialize(s) - super(s.to_s) - end - - def to_partial_path - "emails/email" - end - - def to_param - to_s - end - - def email - self - end - - def handle - self.split('@').first - end - -end diff --git a/app/models/identity.rb b/app/models/identity.rb index f987e4e..92f8f7a 100644 --- a/app/models/identity.rb +++ b/app/models/identity.rb @@ -1,3 +1,5 @@ +require 'login_format_validation' +require 'local_email' # # Identity states: # diff --git a/app/models/local_email.rb b/app/models/local_email.rb deleted file mode 100644 index ded7baf..0000000 --- a/app/models/local_email.rb +++ /dev/null @@ -1,66 +0,0 @@ -class LocalEmail < Email - - BLACKLIST_FROM_RFC2142 = [ - 'postmaster', 'hostmaster', 'domainadmin', 'webmaster', 'www', - 'abuse', 'noc', 'security', 'usenet', 'news', 'uucp', - 'ftp', 'sales', 'marketing', 'support', 'info' - ] - - def self.domain - APP_CONFIG[:domain] - end - - validates :email, - :format => { - :with => /@#{domain}\Z/i, - :message => "needs to end in @#{domain}" - } - - validate :handle_allowed - - def initialize(s) - super - append_domain_if_needed - end - - def to_key - [handle] - end - - def domain - LocalEmail.domain - end - - protected - - def append_domain_if_needed - unless self.index('@') - self << '@' + domain - end - end - - def handle_allowed - errors.add(:handle, "is reserved.") if handle_reserved? - end - - def handle_reserved? - # *ARRAY in a case statement tests if ARRAY includes the handle. - case handle - when *APP_CONFIG[:handle_blacklist] - true - when *APP_CONFIG[:handle_whitelist] - false - when *BLACKLIST_FROM_RFC2142 - true - else - handle_in_passwd? - end - end - - def handle_in_passwd? - Etc.getpwnam(handle).present? - rescue ArgumentError - # handle was not found - return false - end -end diff --git a/app/models/login_format_validation.rb b/app/models/login_format_validation.rb deleted file mode 100644 index c1fcf70..0000000 --- a/app/models/login_format_validation.rb +++ /dev/null @@ -1,21 +0,0 @@ -module LoginFormatValidation - extend ActiveSupport::Concern - - #TODO: Probably will replace this. Playing with using it for aliases too, but won't want it connected to login field. - - included do - # Have multiple regular expression validations so we can get specific error messages: - validates :login, - :format => { :with => /\A.{2,}\z/, - :message => "Must have at least two characters"} - validates :login, - :format => { :with => /\A[a-z\d_\.-]+\z/, - :message => "Only lowercase letters, digits, . - and _ allowed."} - validates :login, - :format => { :with => /\A[a-z].*\z/, - :message => "Must begin with a lowercase letter"} - validates :login, - :format => { :with => /\A.*[a-z\d]\z/, - :message => "Must end with a letter or digit"} - end -end diff --git a/app/models/session.rb b/app/models/session.rb index 0d7e10e..21e4dc6 100644 --- a/app/models/session.rb +++ b/app/models/session.rb @@ -1,3 +1,5 @@ +require 'login_format_validation' + class Session < SRP::Session include ActiveModel::Validations include LoginFormatValidation diff --git a/app/models/temporary_user.rb b/app/models/temporary_user.rb deleted file mode 100644 index 2afae15..0000000 --- a/app/models/temporary_user.rb +++ /dev/null @@ -1,93 +0,0 @@ -# -# For users with login '*test_user*', we don't want to store these documents in -# the main users db. This is because we create and destroy a lot of test -# users. This weirdness of using a different db for some users breaks a lot of -# things, such as associations. However, this is OK for now since we don't need -# those for running the frequent nagios tests. -# -# This module is included in user.rb. This will only work if it is included -# after designs are defined, otherwise, the design definition will overwrite -# find_by_login(). -# - -module TemporaryUser - extend ActiveSupport::Concern - include CouchRest::Model::DatabaseMethod - - USER_DB = 'users' - TMP_USER_DB = 'tmp_users' - TMP_LOGIN = 'tmp_user' # created and deleted frequently - TEST_LOGIN = 'test_user' # created, rarely deleted - - included do - use_database_method :db_name - - # since the original find_by_login is dynamically created with - # instance_eval, it appears that we also need to use instance eval to - # override it. - instance_eval <<-EOS, __FILE__, __LINE__ + 1 - def find_by_login(*args) - if args.grep(/^#{TMP_LOGIN}/).any? - by_login.database(tmp_database).key(*args).first() - else - by_login.key(*args).first() - end - end - EOS - end - - module ClassMethods - def get(id, db = database) - super(id, db) || super(id, tmp_database) - end - alias :find :get - - # calls db_name(TMP_LOGIN), then creates a CouchRest::Database - # from the name - def tmp_database - choose_database(TMP_LOGIN) - end - - def db_name(login=nil) - if !login.nil? && login.include?(TMP_LOGIN) - TMP_USER_DB - else - USER_DB - end - end - - # create the tmp db if it doesn't exist. - # requires admin access. - def create_tmp_database! - design_doc.sync!(tmp_database.tap{|db|db.create!}) - end - - def is_tmp?(login) - !login.nil? && login =~ /^#{TMP_LOGIN}/ - end - - def is_test?(login) - !login.nil? && (login =~ /^#{TMP_LOGIN}/ || login =~ /^#{TEST_LOGIN}/) - end - end - - # - # this gets called each and every time a User object needs to - # access the database. - # - def db_name - self.class.db_name(self.login) - end - - # returns true if this User instance is stored in tmp db. - def is_tmp? - self.class.is_tmp?(self.login) - end - - # returns true if this user is used for testing purposes - # (either a temporary or long lived) - def is_test? - self.class.is_test?(self.login) - end - -end diff --git a/app/models/token.rb b/app/models/token.rb index b398fcb..8ac32b8 100644 --- a/app/models/token.rb +++ b/app/models/token.rb @@ -59,8 +59,8 @@ class Token < CouchRest::Model::Base # So let's make sure we don't crash if they disappeared def destroy_with_rescue destroy_without_rescue - rescue RestClient::ResourceNotFound # do nothing it's gone already - rescue RestClient::Conflict # do nothing - it's been updated - #7670 + rescue CouchRest::NotFound + rescue CouchRest::Conflict # do nothing - it's been updated - #7670 end alias_method_chain :destroy, :rescue diff --git a/app/models/user.rb b/app/models/user.rb index cb093cf..9cebbca 100644 --- a/app/models/user.rb +++ b/app/models/user.rb @@ -1,8 +1,10 @@ +require 'login_format_validation' +require 'local_email' +require 'temporary_user' + class User < CouchRest::Model::Base include LoginFormatValidation - use_database :users - property :login, String, :accessible => true property :password_verifier, String, :accessible => true property :password_salt, String, :accessible => true @@ -71,12 +73,16 @@ class User < CouchRest::Model::Base end def to_json(options={}) + to_hash.to_json(options) + end + + def to_hash() { :login => self.login, :ok => self.valid?, :id => self.id, - :enabled => self.enabled? - }.to_json(options) + :enabled => self.enabled?, + } end def salt |