Class: Cms::User

Inherits:

ActiveRecord::Base

• Object
• ActiveRecord::Base
• Cms::User

Includes:

Authentication::Model

Defined in:

app/models/cms/user.rb

Direct Known Subclasses

GuestUser

Class Method Summary

• .current ⇒ Object
• .current=(user) ⇒ Object
• .guest(options = {}) ⇒ Object

Instance Method Summary

• #able_to?(*required_permissions) ⇒ Boolean

  Expects a list of names of Permissions true if the user has any of the permissions.

• #able_to_edit?(object) ⇒ Boolean

  Expects node to be a Section, Page or Link Returns true if the specified node, or any of its ancestor sections, is editable by any of the user’s ‘CMS User’ groups.

• #able_to_edit_or_publish_content? ⇒ Boolean
• #able_to_modify?(object) ⇒ Boolean
• #able_to_publish?(object) ⇒ Boolean
• #able_to_view?(object) ⇒ Boolean

  Determine if this user has permission to view the specific object.

• #cms_access? ⇒ Boolean

  Determines if this user should have access to the CMS administration tools.

• #disable ⇒ Object
• #disable! ⇒ Object
• #enable ⇒ Object
• #enable! ⇒ Object
• #expired? ⇒ Boolean
• #expires_at_formatted ⇒ Object

  This is to show a formated date on the input form.

• #full_name ⇒ Object
• #full_name_or_login ⇒ Object
• #full_name_with_login ⇒ Object
• #guest? ⇒ Boolean
• #modifiable_sections ⇒ Object
• #permissions ⇒ Object
• #viewable_sections ⇒ Object

Class Method Details

.current ⇒ Object

# File 'app/models/cms/user.rb', line 28

def self.current
  Thread.current[:cms_user]
end

.current=(user) ⇒ Object

# File 'app/models/cms/user.rb', line 32

def self.current=(user)
  Thread.current[:cms_user] = user
end

.guest(options = {}) ⇒ Object

# File 'app/models/cms/user.rb', line 36

def self.guest(options = {})
  Cms::GuestUser.new(options)
end

Instance Method Details

#able_to?(*required_permissions) ⇒ Boolean

Expects a list of names of Permissions true if the user has any of the permissions

Returns:

• (Boolean)

# File 'app/models/cms/user.rb', line 114

def able_to?(*required_permissions)
  perms = required_permissions.map(&:to_sym)
  permissions.any? do |p|
    perms.include?(p.name.to_sym)
  end
end

#able_to_edit?(object) ⇒ Boolean

Expects node to be a Section, Page or Link Returns true if the specified node, or any of its ancestor sections, is editable by any of the user’s ‘CMS User’ groups.

Returns:

• (Boolean)

# File 'app/models/cms/user.rb', line 160

def able_to_edit?(object)
  able_to?(:edit_content) && able_to_modify?(object)
end

#able_to_edit_or_publish_content? ⇒ Boolean

Returns:

• (Boolean)

# File 'app/models/cms/user.rb', line 168

def able_to_edit_or_publish_content?
  able_to?(:edit_content, :publish_content)
end

#able_to_modify?(object) ⇒ Boolean

Returns:

• (Boolean)

# File 'app/models/cms/user.rb', line 142

def able_to_modify?(object)
  case object
    when Cms::Section
      modifiable_sections.include?(object)
    when Cms::Page, Cms::Link
      modifiable_sections.include?(object.section)
    else
      if object.class.respond_to?(:connectable?) && object.class.connectable?
        object.connected_pages.all? { |page| able_to_modify?(page) }
      else
        true
      end
  end
end

#able_to_publish?(object) ⇒ Boolean

Returns:

• (Boolean)

# File 'app/models/cms/user.rb', line 164

def able_to_publish?(object)
  able_to?(:publish_content) && able_to_modify?(object)
end

#able_to_view?(object) ⇒ Boolean

Determine if this user has permission to view the specific object. Permissions

are always tied to a specific section. This method can take different input parameters
and will attempt to determine the relevant section to check.

Expects object to be of type:

1. Section - Will check the user's groups to see if any of those groups can view this section.
2. Path - Will look up the section based on the path, then check it.  (Note that section paths are not currently unique, so this will check the first one it finds).
3. Other - Assumes it has a section attribute and will call that and check the return value.

Returns: true if the user can view this object, false otherwise. Raises: ActiveRecord::RecordNotFound if a path to a not existent section is passed in.

Returns:

• (Boolean)

# File 'app/models/cms/user.rb', line 131

def able_to_view?(object)
  section = object
  if object.is_a?(String)
    section = Cms::Section.find_by_path(object)
    raise ActiveRecord::RecordNotFound.new("Could not find section with path = '#{object}'") unless section
  elsif !object.is_a?(Cms::Section)
    section = object.section
  end
  viewable_sections.include?(section) || cms_access?
end

#cms_access? ⇒ Boolean

Determines if this user should have access to the CMS administration tools. Can be overridden by specific users (like GuestUser) which may not need to check the database for that information.

Returns:

• (Boolean)

# File 'app/models/cms/user.rb', line 46

def cms_access?
  groups.cms_access.count > 0
end

#disable ⇒ Object

# File 'app/models/cms/user.rb', line 50

def disable
  if self.class.count(:conditions => ["expires_at is null and id != ?", id]) > 0
    self.expires_at = Time.now - 2.minutes
  else
    false
  end
end

#disable! ⇒ Object

# File 'app/models/cms/user.rb', line 58

def disable!
  unless disable
    raise "You must have at least 1 enabled user"
  end
  save!
end

#enable ⇒ Object

# File 'app/models/cms/user.rb', line 69

def enable
  self.expires_at = nil
end

#enable! ⇒ Object

# File 'app/models/cms/user.rb', line 73

def enable!
  enable
  save!
end

#expired? ⇒ Boolean

Returns:

• (Boolean)

# File 'app/models/cms/user.rb', line 65

def expired?
  expires_at && expires_at <= Time.now
end

#expires_at_formatted ⇒ Object

This is to show a formated date on the input form. I’m unsure that this is the best way to solve this, but it works.

# File 'app/models/cms/user.rb', line 96

def expires_at_formatted
  expires_at ? (expires_at.strftime '%m/%d/%Y') : nil
end

#full_name ⇒ Object

# File 'app/models/cms/user.rb', line 78

def full_name
  [first_name, last_name].reject { |e| e.nil? }.join(" ")
end

#full_name_or_login ⇒ Object

# File 'app/models/cms/user.rb', line 86

def full_name_or_login
  if full_name.strip.blank?
    login
  else
    full_name
  end
end

#full_name_with_login ⇒ Object

# File 'app/models/cms/user.rb', line 82

def full_name_with_login
  "#{full_name} (#{login})"
end

#guest? ⇒ Boolean

Returns:

• (Boolean)

# File 'app/models/cms/user.rb', line 40

def guest?
  !!@guest
end

#modifiable_sections ⇒ Object

# File 'app/models/cms/user.rb', line 108

def modifiable_sections
  @modifiable_sections ||= Cms::Section.find(:all, :include => {:groups => [:group_type, :users]}, :conditions => ["#{Cms::User.table_name}.id = ? and #{GroupType.table_name}.cms_access = ?", id, true])
end

#permissions ⇒ Object

# File 'app/models/cms/user.rb', line 100

def permissions
  @permissions ||= Cms::Permission.find(:all, :include => {:groups => :users}, :conditions => ["#{User.table_name}.id = ?", id])
end

#viewable_sections ⇒ Object

# File 'app/models/cms/user.rb', line 104

def viewable_sections
  @viewable_sections ||= Cms::Section.find(:all, :include => {:groups => :users}, :conditions => ["#{User.table_name}.id = ?", id])
end