11 files changed, 32 insertions, 235 deletions

diff --git a/app/models/account.rb b/app/models/account.rb
index 7310250..d722caa 100644
--- a/app/models/account.rb
+++ b/app/models/account.rb
@@ -69,15 +69,13 @@ class Account
     @user.refresh_identity
   end
 
-  def destroy(destroy_identity=false)
+  def destroy(release_handles=false)
     return unless @user
     if !@user.is_tmp?
-      if destroy_identity == false
-        @user.identities.each do |id|
+      @user.identities.each do |id|
+        if release_handles == false
           id.orphan!
-        end
-      else
-        @user.identities.each do |id|
+        else
           id.destroy
         end
       end
diff --git a/app/models/api_monitor_user.rb b/app/models/api_monitor_user.rb
new file mode 100644
index 0000000..d0fe411
--- /dev/null
+++ b/app/models/api_monitor_user.rb
@@ -0,0 +1,11 @@
+#
+# A user that has limited admin access, to be used
+# for running monitor tests against a live production
+# installation.
+#
+class ApiMonitorUser < ApiUser
+  def is_monitor?
+    true
+  end
+end
+
diff --git a/app/models/api_user.rb b/app/models/api_user.rb
index 2efe1cb..c70cccb 100644
--- a/app/models/api_user.rb
+++ b/app/models/api_user.rb
@@ -3,21 +3,10 @@ class ApiUser < AnonymousUser
 end
 
 #
-# A user that has limited admin access, to be used
-# for running monitor tests against a live production
-# installation.
-#
-class ApiMonitorUser < ApiUser
-  def is_monitor?
-    true
-  end
-end
-
-#
 # Not yet supported:
 #
 #class ApiAdminUser < ApiUser
 #  def is_admin?
 #    true
 #  end
-#end
\ No newline at end of file
+#end
diff --git a/app/models/email.rb b/app/models/email.rb
deleted file mode 100644
index 4090275..0000000
--- a/app/models/email.rb
+++ /dev/null
@@ -1,31 +0,0 @@
-class Email < String
-  include ActiveModel::Validations
-
-  validates :email,
-    :format => {
-      :with => /\A([^@\s]+)@((?:[-a-z0-9]+\.)+[a-z]{2,})\Z/, #local part of email is case-sensitive, so allow uppercase letter.
-      :message => "needs to be a valid email address"
-    }
-
-  # Make sure we can call Email.new(nil) and get an invalid email address
-  def initialize(s)
-    super(s.to_s)
-  end
-
-  def to_partial_path
-    "emails/email"
-  end
-
-  def to_param
-    to_s
-  end
-
-  def email
-    self
-  end
-
-  def handle
-    self.split('@').first
-  end
-
-end
diff --git a/app/models/identity.rb b/app/models/identity.rb
index f987e4e..92f8f7a 100644
--- a/app/models/identity.rb
+++ b/app/models/identity.rb
@@ -1,3 +1,5 @@
+require 'login_format_validation'
+require 'local_email'
 #
 # Identity states:
 #
diff --git a/app/models/local_email.rb b/app/models/local_email.rb
deleted file mode 100644
index ded7baf..0000000
--- a/app/models/local_email.rb
+++ /dev/null
@@ -1,66 +0,0 @@
-class LocalEmail < Email
-
-  BLACKLIST_FROM_RFC2142 = [
-    'postmaster', 'hostmaster', 'domainadmin', 'webmaster', 'www',
-    'abuse', 'noc', 'security', 'usenet', 'news', 'uucp',
-    'ftp', 'sales', 'marketing', 'support', 'info'
-  ]
-
-  def self.domain
-    APP_CONFIG[:domain]
-  end
-
-  validates :email,
-    :format => {
-      :with => /@#{domain}\Z/i,
-      :message => "needs to end in @#{domain}"
-    }
-
-  validate :handle_allowed
-
-  def initialize(s)
-    super
-    append_domain_if_needed
-  end
-
-  def to_key
-    [handle]
-  end
-
-  def domain
-    LocalEmail.domain
-  end
-
-  protected
-
-  def append_domain_if_needed
-    unless self.index('@')
-      self << '@' + domain
-    end
-  end
-
-  def handle_allowed
-    errors.add(:handle, "is reserved.") if handle_reserved?
-  end
-
-  def handle_reserved?
-    # *ARRAY in a case statement tests if ARRAY includes the handle.
-    case handle
-    when *APP_CONFIG[:handle_blacklist]
-      true
-    when *APP_CONFIG[:handle_whitelist]
-      false
-    when *BLACKLIST_FROM_RFC2142
-      true
-    else
-      handle_in_passwd?
-    end
-  end
-
-  def handle_in_passwd?
-    Etc.getpwnam(handle).present?
-  rescue ArgumentError
-    # handle was not found
-    return false
-  end
-end
diff --git a/app/models/login_format_validation.rb b/app/models/login_format_validation.rb
deleted file mode 100644
index c1fcf70..0000000
--- a/app/models/login_format_validation.rb
+++ /dev/null
@@ -1,21 +0,0 @@
-module LoginFormatValidation
-  extend ActiveSupport::Concern
-
-  #TODO: Probably will replace this. Playing with using it for aliases too, but won't want it connected to login field.
-
-  included do
-    # Have multiple regular expression validations so we can get specific error messages:
-    validates :login,
-      :format => { :with => /\A.{2,}\z/,
-        :message => "Must have at least two characters"}
-    validates :login,
-      :format => { :with => /\A[a-z\d_\.-]+\z/,
-        :message => "Only lowercase letters, digits, . - and _ allowed."}
-    validates :login,
-      :format => { :with => /\A[a-z].*\z/,
-        :message => "Must begin with a lowercase letter"}
-    validates :login,
-      :format => { :with => /\A.*[a-z\d]\z/,
-        :message => "Must end with a letter or digit"}
-  end
-end
diff --git a/app/models/session.rb b/app/models/session.rb
index 0d7e10e..21e4dc6 100644
--- a/app/models/session.rb
+++ b/app/models/session.rb
@@ -1,3 +1,5 @@
+require 'login_format_validation'
+
 class Session < SRP::Session
   include ActiveModel::Validations
   include LoginFormatValidation
diff --git a/app/models/temporary_user.rb b/app/models/temporary_user.rb
deleted file mode 100644
index 2afae15..0000000
--- a/app/models/temporary_user.rb
+++ /dev/null
@@ -1,93 +0,0 @@
-#
-# For users with login '*test_user*', we don't want to store these documents in
-# the main users db. This is because we create and destroy a lot of test
-# users. This weirdness of using a different db for some users breaks a lot of
-# things, such as associations. However, this is OK for now since we don't need
-# those for running the frequent nagios tests.
-#
-# This module is included in user.rb. This will only work if it is included
-# after designs are defined, otherwise, the design definition will overwrite
-# find_by_login().
-#
-
-module TemporaryUser
-  extend ActiveSupport::Concern
-  include CouchRest::Model::DatabaseMethod
-
-  USER_DB     = 'users'
-  TMP_USER_DB = 'tmp_users'
-  TMP_LOGIN   = 'tmp_user'  # created and deleted frequently
-  TEST_LOGIN  = 'test_user' # created, rarely deleted
-
-  included do
-    use_database_method :db_name
-
-    # since the original find_by_login is dynamically created with
-    # instance_eval, it appears that we also need to use instance eval to
-    # override it.
-    instance_eval <<-EOS, __FILE__, __LINE__ + 1
-      def find_by_login(*args)
-        if args.grep(/^#{TMP_LOGIN}/).any?
-          by_login.database(tmp_database).key(*args).first()
-        else
-          by_login.key(*args).first()
-        end
-      end
-    EOS
-  end
-
-  module ClassMethods
-    def get(id, db = database)
-      super(id, db) || super(id, tmp_database)
-    end
-    alias :find :get
-
-    # calls db_name(TMP_LOGIN), then creates a CouchRest::Database
-    # from the name
-    def tmp_database
-      choose_database(TMP_LOGIN)
-    end
-
-    def db_name(login=nil)
-      if !login.nil? && login.include?(TMP_LOGIN)
-        TMP_USER_DB
-      else
-        USER_DB
-      end
-    end
-
-    # create the tmp db if it doesn't exist.
-    # requires admin access.
-    def create_tmp_database!
-      design_doc.sync!(tmp_database.tap{|db|db.create!})
-    end
-
-    def is_tmp?(login)
-      !login.nil? && login =~ /^#{TMP_LOGIN}/
-    end
-
-    def is_test?(login)
-      !login.nil? && (login =~ /^#{TMP_LOGIN}/ || login =~ /^#{TEST_LOGIN}/)
-    end
-  end
-
-  #
-  # this gets called each and every time a User object needs to
-  # access the database.
-  #
-  def db_name
-    self.class.db_name(self.login)
-  end
-
-  # returns true if this User instance is stored in tmp db.
-  def is_tmp?
-    self.class.is_tmp?(self.login)
-  end
-
-  # returns true if this user is used for testing purposes
-  # (either a temporary or long lived)
-  def is_test?
-    self.class.is_test?(self.login)
-  end
-
-end
diff --git a/app/models/token.rb b/app/models/token.rb
index b398fcb..8ac32b8 100644
--- a/app/models/token.rb
+++ b/app/models/token.rb
@@ -59,8 +59,8 @@ class Token < CouchRest::Model::Base
   # So let's make sure we don't crash if they disappeared
   def destroy_with_rescue
     destroy_without_rescue
-  rescue RestClient::ResourceNotFound # do nothing it's gone already
-  rescue RestClient::Conflict # do nothing - it's been updated - #7670
+  rescue CouchRest::NotFound
+  rescue CouchRest::Conflict # do nothing - it's been updated - #7670
   end
   alias_method_chain :destroy, :rescue
 
diff --git a/app/models/user.rb b/app/models/user.rb
index cb093cf..9cebbca 100644
--- a/app/models/user.rb
+++ b/app/models/user.rb
@@ -1,8 +1,10 @@
+require 'login_format_validation'
+require 'local_email'
+require 'temporary_user'
+
 class User < CouchRest::Model::Base
   include LoginFormatValidation
 
-  use_database :users
-
   property :login, String, :accessible => true
   property :password_verifier, String, :accessible => true
   property :password_salt, String, :accessible => true
@@ -71,12 +73,16 @@ class User < CouchRest::Model::Base
   end
 
   def to_json(options={})
+    to_hash.to_json(options)
+  end
+
+  def to_hash()
     {
       :login => self.login,
       :ok => self.valid?,
       :id => self.id,
-      :enabled => self.enabled?
-    }.to_json(options)
+      :enabled => self.enabled?,
+    }
   end
 
   def salt