| Class | User |
| In: |
app/models/user.rb
|
| Parent: | ActiveRecord::Base |
# File app/models/user.rb, line 29
29: def self.current=(user)
30: Thread.current[:cms_user] = user
31: end
# File app/models/user.rb, line 33
33: def self.guest(options = {})
34: GuestUser.new(options)
35: end
Expects a list of names of Permissions true if the user has any of the permissions
# File app/models/user.rb, line 111
111: def able_to?(*required_permissions)
112: perms = required_permissions.map(&:to_sym)
113: permissions.any? do |p|
114: perms.include?(p.name.to_sym)
115: end
116: end
# File app/models/user.rb, line 165
165: def able_to_edit_or_publish_content?
166: able_to?(:edit_content, :publish_content)
167: end
# File app/models/user.rb, line 139
139: def able_to_modify?(object)
140: case object
141: when Section
142: modifiable_sections.include?(object)
143: when Page, Link
144: modifiable_sections.include?(object.section)
145: else
146: if object.class.respond_to?(:connectable?) && object.class.connectable?
147: object.connected_pages.all? { |page| able_to_modify?(page) }
148: else
149: true
150: end
151: end
152: end
# File app/models/user.rb, line 161
161: def able_to_publish?(object)
162: able_to?(:publish_content) && able_to_modify?(object)
163: end
Determine if this user has permission to view the specific object. Permissions
are always tied to a specific section. This method can take different input parameters and will attempt to determine the relevant section to check.
Expects object to be of type:
1. Section - Will check the user's groups to see if any of those groups can view this section. 2. Path - Will look up the section based on the path, then check it. (Note that section paths are not currently unique, so this will check the first one it finds). 3. Other - Assumes it has a section attribute and will call that and check the return value.
Returns: true if the user can view this object, false otherwise. Raises: ActiveRecord::RecordNotFound if a path to a not existent section is passed in.
# File app/models/user.rb, line 128
128: def able_to_view?(object)
129: section = object
130: if object.is_a?(String)
131: section = Section.find_by_path(object)
132: raise ActiveRecord::RecordNotFound.new("Could not find section with path = '#{object}'") unless section
133: elsif !object.is_a?(Section)
134: section = object.section
135: end
136: viewable_sections.include?(section) || cms_access?
137: end
# File app/models/user.rb, line 47
47: def disable
48: if self.class.count(:conditions => ["expires_at is null and id != ?", id]) > 0
49: self.expires_at = Time.now - 1.minutes
50: else
51: false
52: end
53: end
# File app/models/user.rb, line 55
55: def disable!
56: unless disable
57: raise "You must have at least 1 enabled user"
58: end
59: save!
60: end
# File app/models/user.rb, line 62
62: def expired?
63: expires_at && expires_at <= Time.now
64: end
This is to show a formated date on the input form. I‘m unsure that this is the best way to solve this, but it works.
# File app/models/user.rb, line 93
93: def expires_at_formatted
94: expires_at ? (expires_at.strftime '%m/%d/%Y' ): nil
95: end
# File app/models/user.rb, line 75
75: def full_name
76: [first_name, last_name].reject{|e| e.nil?}.join(" ")
77: end
# File app/models/user.rb, line 83
83: def full_name_or_login
84: if full_name.strip.blank?
85: login
86: else
87: full_name
88: end
89: end
# File app/models/user.rb, line 79
79: def full_name_with_login
80: "#{full_name} (#{login})"
81: end
# File app/models/user.rb, line 105
105: def modifiable_sections
106: @modifiable_sections ||= Section.find(:all, :include => {:groups => [:group_type, :users]}, :conditions => ["users.id = ? and group_types.cms_access = ?", id, true])
107: end
# File app/models/user.rb, line 97
97: def permissions
98: @permissions ||= Permission.find(:all, :include => {:groups => :users}, :conditions => ["users.id = ?", id])
99: end