Class: MnoEnterprise::User

Inherits:
BaseResource show all
Extended by:
Devise::Models
Includes:
Concerns::Models::IntercomUser
Defined in:
app/models/mno_enterprise/user.rb

Class Method Summary collapse

Instance Method Summary collapse

Methods included from Concerns::Models::IntercomUser

#intercom_data, #intercom_user_hash

Methods inherited from BaseResource

#==, base_class, #cache_key, #clear_association_cache, #clear_attribute_changes!, exists?, find_by, first, last, #max_updated_column_timestamp, #read_attribute, #reload, #save, #save!, #update, #write_attribute

Methods included from HerExtension::Validations::RemoteUniquenessValidation

included

Class Method Details

.authenticate(auth_hash) ⇒ Object

Class Methods

The auth_hash includes an email and password Return nil in case of failure



99
100
101
102
103
104
105
106
107
108
 
# File 'app/models/mno_enterprise/user.rb', line 99

def self.authenticate(auth_hash)
  # retro compatibilty issue: previous version were returning nil if the user was not found or if the password was invalid
  # see https://maestrano.atlassian.net/browse/MNOE-209
  # we now validate that the password is valid in /core/lib/devise/strategies/remote_authenticatable.rb
  u = self.post("user_sessions", auth_hash.merge(validate_password: true))
  if u && u.id
    u.clear_attribute_changes!
  end
  return u
end

.confirm_by_token(confirmation_token) ⇒ Object

Override Devise to allow confirmation via original token Less secure but useful if user has been created by Maestrano Enterprise (happens when an orga_invite is sent to a new user)

Find a user by its confirmation token and try to confirm it. If no user is found, returns a new user with an error. If the user is already confirmed, create an error for the user Options must have the confirmation_token



125
126
127
128
129
 
# File 'app/models/mno_enterprise/user.rb', line 125

def self.confirm_by_token(confirmation_token)
  confirmable = self.find_for_confirmation(confirmation_token)
  confirmable.perform_confirmation(confirmation_token)
  confirmable
end

.create_from_omniauth(auth, opts = {}) ⇒ Object

Create a new user from omniauth hash



256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
 
# File 'app/models/mno_enterprise/user.rb', line 256

def self.create_from_omniauth(auth, opts = {})
  user = User.new(
    name: auth.info.first_name.presence || auth.info.email[/(\S*)@/, 1],
    surname: auth.info.last_name.presence || '',
    email: auth.info.email,
    password: Devise.friendly_token[0, 20],
    avatar_url: auth.info.image.presence
  )

  # opts hash is expected to contain additional attributes
  # to set on the model
  user.assign_attributes(opts)

  # Skip email confirmation if not from Intuit (Intuit email is NOT a confirmed email)
  user.skip_confirmation! unless auth.provider == 'intuit'
  user.save!

  user
end

.find_for_confirmation(confirmation_token) ⇒ Object

Find a user using a confirmation token



132
133
134
135
136
137
138
139
 
# File 'app/models/mno_enterprise/user.rb', line 132

def self.find_for_confirmation(confirmation_token)
  original_token     = confirmation_token
  confirmation_token = Devise.token_generator.digest(self, :confirmation_token, confirmation_token)

  confirmable = find_or_initialize_with_error_by(:confirmation_token, confirmation_token)
  confirmable = find_or_initialize_with_error_by(:confirmation_token, original_token) if confirmable.errors.any?
  confirmable
end

.find_for_oauth(auth, opts = {}, signed_in_resource = nil) ⇒ Object

Used by omniauth providers to find or create users on maestrano See Auth::OmniauthCallbacksController



219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
 
# File 'app/models/mno_enterprise/user.rb', line 219

def self.find_for_oauth(auth, opts = {}, signed_in_resource = nil)
  # Get the identity and user if they exist
  identity = Identity.find_for_oauth(auth)

  # If a signed_in_resource is provided it always overrides the existing user
  # to prevent the identity being locked with accidentally created accounts.
  # Note that this may leave zombie accounts (with no associated identity) which
  # can be cleaned up at a later date.
  user = signed_in_resource ? signed_in_resource : identity.user

  # Create the user if needed
  if user.blank? # WTF is wrong with user.nil?
    # Get the existing user by email.
    email = auth.info.email
    user = self.where(email: email).first if email

    # Create the user if it's a new registration
    if user.nil?
      user = create_from_omniauth(auth, opts.except(:authorized_link_to_email))
    elsif auth.provider == 'intuit'
      unless opts[:authorized_link_to_email] == user.email
        # Intuit email is NOT a confirmed email. Therefore we need to ask the user to
        # login the old fashion to make sure it is the right user!
        fail(SecurityError, 'reconfirm credentials')
      end
    end
  end

  # Associate the identity with the user if needed
  if identity.user != user
    identity.user_id = user.id
    identity.save!
  end
  user
end

Instance Method Details

#authenticatable_saltObject

Override Devise default method



180
181
182
 
# File 'app/models/mno_enterprise/user.rb', line 180

def authenticatable_salt
  read_attribute(:authenticatable_salt)
end

#errorsObject

It may happen that that the errors attribute become nil, which breaks the controller logic (rails responder) This getter ensures that ‘errors’ is always initialized



149
150
151
 
# File 'app/models/mno_enterprise/user.rb', line 149

def errors
  @errors ||= ActiveModel::Errors.new(self)
end

#expire_user_cacheObject 



203
204
205
206
 
# File 'app/models/mno_enterprise/user.rb', line 203

def expire_user_cache
  Rails.cache.delete(['user', self.to_key])
  true # Don't skip save if above return false (memory_store)
end

#failed_attemptsObject

Default value for failed attempts



175
176
177
 
# File 'app/models/mno_enterprise/user.rb', line 175

def failed_attempts
  read_attribute(:failed_attempts) || 0
end

#password_required?Boolean

Don’t require a password for unconfirmed users (user save password at confirmation step)

Returns:

  • (Boolean) 


154
155
156
 
# File 'app/models/mno_enterprise/user.rb', line 154

def password_required?
  super if confirmed?
end

#perform_confirmation(confirmation_token) ⇒ Object

Confirm the user and store confirmation_token



142
143
144
145
 
# File 'app/models/mno_enterprise/user.rb', line 142

def perform_confirmation(confirmation_token)
  self.confirm if self.persisted?
  self.confirmation_token = confirmation_token
end

#refresh_user_cacheObject 



208
209
210
211
212
213
214
 
# File 'app/models/mno_enterprise/user.rb', line 208

def refresh_user_cache
  self.reload
  Rails.cache.write(['user', self.to_key], self)
# singleton can't be dumped / undefined method `marshal_dump' for nil
rescue TypeError, NoMethodError
  expire_user_cache
end

#role(organization = nil) ⇒ Object

Return the role of this user for the provided organization



186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
 
# File 'app/models/mno_enterprise/user.rb', line 186

def role(organization = nil)
  # Return cached version if available
  return self.read_attribute(:role) if !organization

  # Find in arrays if organizations have been fetched
  # already. Perform remote query otherwise
  org = begin
    if self.organizations.loaded?
      self.organizations.to_a.find { |e| e.id == organization.id }
    else
      self.organizations.where(id: organization.id).first
    end
  end

  org ? org.role : nil
end

#to_audit_eventObject

Format for audit log



167
168
169
170
171
172
 
# File 'app/models/mno_enterprise/user.rb', line 167

def to_audit_event
  {
    user_name: to_s,
    user_email: email
  }
end

#to_sObject

Instance Methods



162
163
164
 
# File 'app/models/mno_enterprise/user.rb', line 162

def to_s
  "#{name} #{surname}"
end