From e2f19bcfb6dbce77746c2d61715340525b29a592 Mon Sep 17 00:00:00 2001 From: NavaL Date: Wed, 22 Jun 2016 19:17:15 +0200 Subject: [feature] expose is_admin in the user api So that whoever consumes the API can use this attribute to determine if admin functionalities should be made available to the current user. --- app/models/user.rb | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) (limited to 'app/models/user.rb') diff --git a/app/models/user.rb b/app/models/user.rb index cb093cf..e3246ad 100644 --- a/app/models/user.rb +++ b/app/models/user.rb @@ -75,7 +75,8 @@ class User < CouchRest::Model::Base :login => self.login, :ok => self.valid?, :id => self.id, - :enabled => self.enabled? + :enabled => self.enabled?, + :is_admin => self.is_admin? }.to_json(options) end -- cgit v1.2.3 From 638acc59a241e141cf0fc9ccbf4e3c5578b98f0c Mon Sep 17 00:00:00 2001 From: Azul Date: Mon, 4 Jul 2016 20:19:21 +0200 Subject: Fix db:migrate and similar tasks We saw errors from duplicate loading of LocalEmail and LoginFormatValidation. The latter resulted in a crash. In an attempt to ensure all subclasses of Couchrest::Model::Base are loaded Couchrest::Model::Utils::Migrate requires all files in app/models. We have an extension that does the same for the engines. During this process LoginFormatValidation and LocalEmail were autoloaded when 'identity' was required. Afterwards they were required again. It looks like rails' autoload mechanism does not play nicely with require. So to make sure they are not autoloaded first move the concerns and helper classes into the lib directory and require them explicitly. --- app/models/user.rb | 2 ++ 1 file changed, 2 insertions(+) (limited to 'app/models/user.rb') diff --git a/app/models/user.rb b/app/models/user.rb index cb093cf..206c0df 100644 --- a/app/models/user.rb +++ b/app/models/user.rb @@ -1,3 +1,5 @@ +require 'login_format_validation' + class User < CouchRest::Model::Base include LoginFormatValidation -- cgit v1.2.3 From 87e467530b686c41ae0b9a8fbf3ed571680bcb74 Mon Sep 17 00:00:00 2001 From: Azul Date: Tue, 12 Jul 2016 17:30:02 +0200 Subject: bugfix: require local email in user model --- app/models/user.rb | 1 + 1 file changed, 1 insertion(+) (limited to 'app/models/user.rb') diff --git a/app/models/user.rb b/app/models/user.rb index 206c0df..704700b 100644 --- a/app/models/user.rb +++ b/app/models/user.rb @@ -1,4 +1,5 @@ require 'login_format_validation' +require 'local_email' class User < CouchRest::Model::Base include LoginFormatValidation -- cgit v1.2.3 From ab1917c5fe0f03e7719863a5598ad575d9fef302 Mon Sep 17 00:00:00 2001 From: NavaL Date: Thu, 14 Jul 2016 15:06:20 +0200 Subject: [feature] restrict is_admin in the user api, to only allow querying for him/herself So that it we do not expose the is_admin property to anyone else including other admins. --- app/models/user.rb | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) (limited to 'app/models/user.rb') diff --git a/app/models/user.rb b/app/models/user.rb index 6541305..93830cc 100644 --- a/app/models/user.rb +++ b/app/models/user.rb @@ -74,13 +74,16 @@ class User < CouchRest::Model::Base end def to_json(options={}) + to_hash.to_json(options) + end + + def to_hash() { :login => self.login, :ok => self.valid?, :id => self.id, :enabled => self.enabled?, - :is_admin => self.is_admin? - }.to_json(options) + } end def salt -- cgit v1.2.3 From b4ff3b959d4dd6a7561ac3be063a43619c0bd89c Mon Sep 17 00:00:00 2001 From: Azul Date: Fri, 12 Aug 2016 11:34:01 +0200 Subject: move temporary_user into lib - fix load issue We already did the same for other concerns. The way we load models for couchrest migrations does not work well with concerns in the model directory as they will be loaded twice. --- app/models/user.rb | 1 + 1 file changed, 1 insertion(+) (limited to 'app/models/user.rb') diff --git a/app/models/user.rb b/app/models/user.rb index 93830cc..1116e6c 100644 --- a/app/models/user.rb +++ b/app/models/user.rb @@ -1,5 +1,6 @@ require 'login_format_validation' require 'local_email' +require 'temporary_user' class User < CouchRest::Model::Base include LoginFormatValidation -- cgit v1.2.3 From 8fbe70729da1d308a118c930e8f938837484a61c Mon Sep 17 00:00:00 2001 From: Azul Date: Fri, 12 Aug 2016 17:26:51 +0200 Subject: [db] def database on users instead of use_database use_database affects all uses of prepare_database - so also the one in tmp_database. In order to avoid that we do not use_database but just overwrite the database method itself. --- app/models/user.rb | 2 -- 1 file changed, 2 deletions(-) (limited to 'app/models/user.rb') diff --git a/app/models/user.rb b/app/models/user.rb index 1116e6c..9cebbca 100644 --- a/app/models/user.rb +++ b/app/models/user.rb @@ -5,8 +5,6 @@ require 'temporary_user' class User < CouchRest::Model::Base include LoginFormatValidation - use_database :users - property :login, String, :accessible => true property :password_verifier, String, :accessible => true property :password_salt, String, :accessible => true -- cgit v1.2.3