Class: GitAuth::User

Inherits:

SaveableClass

• Object
• SaveableClass
• GitAuth::User

Includes:

Loggable

Defined in:

lib/gitauth/user.rb

Instance Attribute Summary

• #admin ⇒ Object readonly

  Returns the value of attribute admin.

• #name ⇒ Object readonly

  Returns the value of attribute name.

Class Method Summary

• .clean_ssh_key(key) ⇒ Object
• .create(name, admin, key) ⇒ Object
• .get(name) ⇒ Object
• .valid_key?(key) ⇒ Boolean

Instance Method Summary

• #admin? ⇒ Boolean (also: #shell_accessible?)
• #can_execute?(command, repo) ⇒ Boolean
• #command_prefix ⇒ Object
• #destroy! ⇒ Object
• #groups ⇒ Object
• #initialize(name, admin = false) ⇒ User constructor

  A new instance of User.

• #pullable?(repo) ⇒ Boolean
• #pushable?(repo) ⇒ Boolean
• #to_s ⇒ Object
• #write_ssh_key!(key) ⇒ Object

Constructor Details

#initialize(name, admin = false) ⇒ User

Returns a new instance of User.

# File 'lib/gitauth/user.rb', line 46

def initialize(name, admin = false)
  @name = name
  @admin = admin
end

Instance Attribute Details

#admin ⇒ Object (readonly)

Returns the value of attribute admin.

# File 'lib/gitauth/user.rb', line 44

def admin
  @admin
end

#name ⇒ Object (readonly)

Returns the value of attribute name.

# File 'lib/gitauth/user.rb', line 44

def name
  @name
end

Class Method Details

.clean_ssh_key(key) ⇒ Object

# File 'lib/gitauth/user.rb', line 121

def self.clean_ssh_key(key)
  if key =~ /^(ssh-\w+ [a-zA-Z0-9\/\+]+==?).*$/
    return $1
  else
    return nil
  end
end

.create(name, admin, key) ⇒ Object

# File 'lib/gitauth/user.rb', line 29

def self.create(name, admin, key)
  # Basic sanity checking
  return false if name.nil? || admin.nil? || key.nil?
  # Require that the name is valid and admin is a boolean.
  return false unless name =~ /^([\w\_\-\.]+)$/ && !!admin == admin
  # Check there isn't an existing user
  return false unless get(name).blank?
  if (user = new(name, admin)).write_ssh_key!(key)
    add_item(user)
    return true
  else
    return false
  end
end

.get(name) ⇒ Object

# File 'lib/gitauth/user.rb', line 24

def self.get(name)
  logger.debug "Getting user for the name '#{name}'"
  (all || []).detect { |r| r.name == name }
end

.valid_key?(key) ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/gitauth/user.rb', line 129

def self.valid_key?(key)
  clean_ssh_key(key).present?
end

Instance Method Details

#admin? ⇒ Boolean Also known as: shell_accessible?

Returns:

• (Boolean)

# File 'lib/gitauth/user.rb', line 96

def admin?
  !!@admin
end

#can_execute?(command, repo) ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/gitauth/user.rb', line 110

def can_execute?(command, repo)
  return if command.bad?
  if command.write?
    logger.debug "Checking if #{self.name} can push to #{repo.name}"
    pushable?(repo)
  else
    logger.debug "Checking if #{self.name} can pull from #{repo.name}"
    pullable?(repo)
  end
end

#command_prefix ⇒ Object

# File 'lib/gitauth/user.rb', line 68

def command_prefix
  options  = ["command=\"#{GitAuth::Settings.shell_executable} #{@name}\"",
              "no-port-forwarding", "no-X11-forwarding", "no-agent-forwarding"]
  options << "no-pty" if !shell_accessible?
  options.join(",")
end

#destroy! ⇒ Object

# File 'lib/gitauth/user.rb', line 75

def destroy!
  GitAuth::Repo.all.each  { |r| r.remove_permissions_for(self) }
  GitAuth::Group.all.each { |g| g.remove_member(self) }
  # Remove the public key from the authorized_keys file.
  auth_keys_path = GitAuth::Settings.authorized_keys_file
  if File.exist?(auth_keys_path)
    contents = File.read(auth_keys_path)
    contents.gsub!(/#{command_prefix} ssh-\w+ [a-zA-Z0-9\/\+]+==\r?\n?/m, "")
    File.open(auth_keys_path, "w+") { |f| f.write contents }
  end
  self.class.all.reject! { |u| u == self }
  # Finally, save everything
  self.class.save!
  GitAuth::Repo.save!
  GitAuth::Group.save!
end

#groups ⇒ Object

# File 'lib/gitauth/user.rb', line 92

def groups
  (Group.all || []).select { |g| g.member?(self) }
end

#pullable?(repo) ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/gitauth/user.rb', line 106

def pullable?(repo)
  admin? || repo.readable_by?(self)
end

#pushable?(repo) ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/gitauth/user.rb', line 102

def pushable?(repo)
  admin? || repo.writeable_by?(self)
end

#to_s ⇒ Object

# File 'lib/gitauth/user.rb', line 51

def to_s
  @name.to_s
end

#write_ssh_key!(key) ⇒ Object

# File 'lib/gitauth/user.rb', line 55

def write_ssh_key!(key)
  cleaned_key = self.class.clean_ssh_key(key)
  if cleaned_key.nil?
    return false
  else
    output = "#{command_prefix} #{cleaned_key}"
    File.open(GitAuth::Settings.authorized_keys_file, "a+") do |file|
      file.puts output
    end
    return true
  end
end