Class: Member

Inherits:

ActiveRecord::Base

• Object
• ActiveRecord::Base
• Member

Defined in:

lib/models/member.rb

Class Method Summary

• .find_by_name_and_password(username, password) ⇒ Object

Instance Method Summary

• #create_homedir ⇒ Object

  Create user’s home dir if it’s not present.

• #has_mail_access? ⇒ Boolean
• #homedir ⇒ Object
• #salted_hash(text) ⇒ Object

  Calculates and returns IPB-style salted hash for a given text string.

• #to_authpipe ⇒ Object
• #valid_password?(cleartext) ⇒ Boolean

  Verifies if the given clear password matches hash and salt stored in IPB’s database, returns true/false depending on the result.

Class Method Details

.find_by_name_and_password(username, password) ⇒ Object

Raises:

• (IpcAuthpipe::AuthenticationFailed)

# File 'lib/models/member.rb', line 4

def self.find_by_name_and_password(username, password)
  member = find_by_name(username)
  raise(
      IpcAuthpipe::AuthenticationFailed, 'invalid password'
    ) unless member.kind_of?(Member) && member.valid_password?(password) && member.has_mail_access?

  member
end

Instance Method Details

#create_homedir ⇒ Object

Create user’s home dir if it’s not present

# File 'lib/models/member.rb', line 31

def create_homedir
  unless File.exists?(homedir)
    FileUtils.mkdir_p(homedir, :mode => 0750)
    FileUtils.mkdir_p("#{homedir}/cur", :mode => 0750)
    FileUtils.mkdir_p("#{homedir}/new", :mode => 0750)
    FileUtils.mkdir_p("#{homedir}/tmp", :mode => 0750)
    FileUtils.chown(IpcAuthpipe::config.mail['owner_name'], IpcAuthpipe::config.mail['owner_group'], "#{homedir}/..")
    FileUtils.chown_R(IpcAuthpipe::config.mail['owner_name'], IpcAuthpipe::config.mail['owner_group'], homedir)
  end
end

#has_mail_access? ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/models/member.rb', line 13

def has_mail_access?
  allowed_group = IpcAuthpipe::config.invision['allowed_group']
  if allowed_group
    # if allowed_group is defined - make sure that user is in this group
    # before allowing him to access email
    groups = [ member_group_id.to_s ] + mgroup_others.split(',')
    groups.include?(allowed_group.to_s)
  else
    # if allowed group is not set - allow all users to use the mail service
    true
  end
end

#homedir ⇒ Object

# File 'lib/models/member.rb', line 26

def homedir
  (IpcAuthpipe::config.mail['home_dir'] % "#{name[0..0]}/#{name}").downcase
end

#salted_hash(text) ⇒ Object

Calculates and returns IPB-style salted hash for a given text string

# File 'lib/models/member.rb', line 64

def salted_hash(text)
  return Digest::MD5.hexdigest(
    Digest::MD5.hexdigest(members_pass_salt) + Digest::MD5.hexdigest(text)
  )
end

#to_authpipe ⇒ Object

# File 'lib/models/member.rb', line 42

def to_authpipe
  IpcAuthpipe::Log.debug "Dumping authpipe string for member data #{inspect}"
  stringdump = [
    "UID=#{IpcAuthpipe::config.mail['owner_uid']}",
    "GID=#{IpcAuthpipe::config.mail['owner_gid']}",
    "HOME=#{homedir}/",
    "MAILDIR=#{homedir}/",
    "ADDRESS=#{(IpcAuthpipe::config.mail['address_format'] % name).downcase}",
    "."
  ].join("\n")+"\n"
  IpcAuthpipe::Log.debug "Authpipe dump: #{stringdump.inspect}"

  stringdump
end

#valid_password?(cleartext) ⇒ Boolean

Verifies if the given clear password matches hash and salt stored in IPB’s database, returns true/false depending on the result

Returns:

• (Boolean)

# File 'lib/models/member.rb', line 59

def valid_password?(cleartext)
  return salted_hash(cleartext) == members_pass_hash
end