1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
|
class User < CouchRest::Model::Base
include LoginFormatValidation
use_database :users
property :login, String, :accessible => true
property :password_verifier, String, :accessible => true
property :password_salt, String, :accessible => true
property :enabled, TrueClass, :default => true
# these will be null by default but we shouldn't ever pull them directly, but only via the methods that will return the full ServiceLevel
property :desired_service_level_code, Integer, :accessible => true
property :effective_service_level_code, Integer, :accessible => true
before_save :update_effective_service_level
validates :login, :password_salt, :password_verifier,
:presence => true
validates :login,
:uniqueness => true,
:if => :serverside?
validate :login_is_unique_alias
validates :password_salt, :password_verifier,
:format => { :with => /\A[\dA-Fa-f]+\z/, :message => "Only hex numbers allowed" }
validates :password, :presence => true,
:confirmation => true,
:format => { :with => /.{8}.*/, :message => "needs to be at least 8 characters long" }
timestamps!
design do
own_path = Pathname.new(File.dirname(__FILE__))
load_views(own_path.join('..', 'designs', 'user'))
view :by_login
view :by_created_at
end # end of design
def to_json(options={})
{
:login => login,
:ok => valid?
}.to_json(options)
end
def salt
password_salt.hex
end
def verifier
password_verifier.hex
end
def username
login
end
def email_address
LocalEmail.new(login)
end
# Since we are storing admins by login, we cannot allow admins to change their login.
def is_admin?
APP_CONFIG['admins'].include? self.login
end
def most_recent_tickets(count=3)
Ticket.for_user(self).limit(count).all #defaults to having most recent updated first
end
# DEPRECATED
#
# Please set the key on the identity directly
# WARNING: This will not be serialized with the user record!
# It is only a workaround for the key form.
def public_key=(value)
identity.set_key(:pgp, value)
end
# DEPRECATED
#
# Please access identity.keys[:pgp] directly
def public_key
identity.keys[:pgp]
end
def account
Account.new(self)
end
def identity
@identity ||= Identity.for(self)
end
def refresh_identity
@identity = Identity.for(self)
end
def desired_service_level
code = self.desired_service_level_code || APP_CONFIG[:default_service_level]
ServiceLevel.new({level: code})
end
def effective_service_level
code = self.effective_service_level_code || self.desired_service_level.level
ServiceLevel.new({level: code})
end
protected
##
# Validation Functions
##
def login_is_unique_alias
alias_identity = Identity.find_by_address(self.email_address)
return if alias_identity.blank?
if alias_identity.user != self
errors.add(:login, "has already been taken")
end
end
def password
password_verifier
end
# used as a condition for validations that are server side only
def serverside?
true
end
def update_effective_service_level
# TODO: Is this always the case? Might there be a situation where the admin has set the effective service level and we don't want it changed to match the desired one?
if self.desired_service_level_code_changed?
self.effective_service_level_code = self.desired_service_level_code
end
end
end
|