class Spud::SpudUserModel < ActiveRecord::Base self.table_name = 'spud_users' self.abstract_class = true acts_as_authentic do |c| c.transition_from_crypto_providers = Authlogic::CryptoProviders::Sha512 c.crypto_provider = Authlogic::CryptoProviders::SCrypt c.logged_in_timeout = 24.hours if Spud::Core.config.use_email_as_login c.login_field = :email end end belongs_to :role, :class_name => 'SpudRole', :foreign_key => 'spud_role_id' has_many :spud_user_settings before_validation :set_login_to_email, :if => ->{ Spud::Core.config.use_email_as_login } scope :admins, ->{ where('super_admin = 1 OR role_id IS NOT NULL') } scope :ordered, ->{ order('last_name asc, first_name asc, email asc') } def full_name if first_name.blank? && last_name.blank? return self.login end if self.first_name.blank? return self.last_name elsif self.last_name.blank? return self.first_name end return "#{self.first_name} #{self.last_name}" end # Returns true if user can view at least one dashboard app def has_admin_rights? if self.super_admin? return true else return Spud::Core.admin_applications.find{ |app| self.can_view_app?(app) }.present? end end # Returns true if the user can view a spud app based on it's key def can_view_app?(admin_application) if self.super_admin? return true else key = admin_application[:key] return self.permissions.find{ |p| p.apps.include?(key) }.present? end end # Check if a user has a given list of permissions # # * if one tag is supplied, return true if the tag matches # * if multiple tags are supplied, return true if ALL tags match def has_permission?(*tags) if self.super_admin? return true else my_tags = self.permissions.collect(&:tag) return tags.find{ |tag| !my_tags.include?(tag) }.blank? end end # Check if a user has at least one out of a given list of permissions # # * if one tag is supplied, return true if the tag matches # * if multiple tags are supplied, return true if ANY tag matches def has_any_permission?(*tags) if self.super_admin? return true else return self.permissions.find{ |p| tags.include?(p.tag) }.present? end end # Return a list of SpudPermission objects for the user's SpudRole def permissions if !self.role return [] else return self.role.permissions end end # Returns an ActiveRecord::Relation performing a LIKE query against name columns def self.where_name_like(string) like = '%' + string + '%' return self.where('login like ? or concat(`first_name`, " ", `last_name`) like ?', like, like) end # Return an array of users who have the requested permission # # * tag - Desired permission tag string (required) # * include_supers - Whether to include super user (default: true) def self.with_permission(tag, include_supers:true) role_ids = SpudRolePermission.where(:spud_permission_tag => tag).pluck(:spud_role_id).uniq() if include_supers return SpudUser.where('super_admin = 1 OR spud_role_id IN (?)', role_ids) else return SpudUser.where(:spud_role_id => role_ids) end end private def set_login_to_email if self.email.present? self.login = self.email end return true end end