-
Notifications
You must be signed in to change notification settings - Fork 0
User Responsibilities
awagener edited this page Dec 17, 2012
·
1 revision
# ------------------
# Devise
require 'devise'
# Include default devise modules. Others available are:
# :token_authenticatable, :confirmable, :lockable and :timeoutable
if self.respond_to?(:devise)
devise :database_authenticatable, :registerable, :recoverable, :rememberable,
:trackable, :validatable, :authentication_keys => [:login]
end
class << self
# Find user by email or username.
# https://github.com/plataformatec/devise/wiki/How-To:-Allow-users-to-sign_in-using-their-username-or-email-address
def find_for_database_authentication(conditions)
value = conditions[authentication_keys.first]
where(["username = :value OR email = :value", { :value => value }]).first
end
end
# ------------------
# Friendly Id
require 'friendly_id'
extend FriendlyId
friendly_id :username, :use => [:slugged]
# ------------------
# Search (Acts as indexed)
require 'acts_as_indexed'
# Docs for acts_as_indexed http://github.com/dougal/acts_as_indexed
acts_as_indexed :fields => [:username, :email]
# ------------------
# Roles
has_and_belongs_to_many :roles, :join_table => :refinery_roles_users
def can_delete?(user_to_delete = self)
user_to_delete.persisted? &&
!user_to_delete.has_role?(:superuser) &&
::Refinery::Role[:refinery].users.any? &&
id != user_to_delete.id
end
def can_edit?(user_to_edit = self)
user_to_edit.persisted? && (
user_to_edit == self ||
self.has_role?(:superuser)
)
end
def add_role(title)
raise ArgumentException, "Role should be the title of the role not a role object." if title.is_a?(::Refinery::Role)
roles << ::Refinery::Role[title] unless has_role?(title)
end
def has_role?(title)
raise ArgumentException, "Role should be the title of the role not a role object." if title.is_a?(::Refinery::Role)
roles.any?{|r| r.title == title.to_s.camelize}
end
# ------------------
# Plugins
has_many :plugins, :class_name => "UserPlugin", :order => "position ASC", :dependent => :destroy
attr_accessible :plugins
def plugins=(plugin_names)
if persisted? # don't add plugins when the user_id is nil.
UserPlugin.delete_all(:user_id => id)
plugin_names.each_with_index do |plugin_name, index|
plugins.create(:name => plugin_name, :position => index) if plugin_name.is_a?(String)
end
end
end
def authorized_plugins
plugins.collect(&:name) | ::Refinery::Plugins.always_allowed.names
end
# ------------------
# User stuff (logins)
# Setup accessible (or protected) attributes for your model
# :login is a virtual attribute for authenticating by either username or email
# This is in addition to a real persisted field like 'username'
attr_accessor :login
attr_accessible :email, :password, :password_confirmation, :remember_me, :username, :plugins, :login
validates :username, :presence => true, :uniqueness => true
before_validation :downcase_username
def create_first
if valid?
# first we need to save user
save
# add refinery role
add_role(:refinery)
# add superuser role if there are no other users
add_role(:superuser) if ::Refinery::Role[:refinery].users.count == 1
# add plugins
self.plugins = Refinery::Plugins.registered.in_menu.names
end
# return true/false based on validations
valid?
end
def to_s
username.to_s
end
private
# To ensure uniqueness without case sensitivity we first downcase the username.
# We do this here and not in SQL is that it will otherwise bypass indexes using LOWER:
# SELECT 1 FROM "refinery_users" WHERE LOWER("refinery_users"."username") = LOWER('UsErNAME') LIMIT 1
def downcase_username
self.username = self.username.downcase if self.username?
end