Module: MuckProfiles::Models::MuckProfile

Extended by:

ActiveSupport::Concern

Defined in:

lib/muck-profiles/models/profile.rb

Instance Method Summary

• #can_edit?(user) ⇒ Boolean
• #guess_and_assign_location_via_ip ⇒ Object
• #sanitize_attributes ⇒ Object

  Sanitize content before saving.

• #sanitize_level ⇒ Object

  Override this method to control sanitization levels.

Instance Method Details

#can_edit?(user) ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/muck-profiles/models/profile.rb', line 71

def can_edit?(user)
  return false if user.nil?
  self.user_id == user.id || user.admin?
end

#guess_and_assign_location_via_ip ⇒ Object

# File 'lib/muck-profiles/models/profile.rb', line 76

def guess_and_assign_location_via_ip
  if MuckProfiles.configuration.enable_guess_location && self.user.current_login_ip
    location = Geokit::Geocoders::MultiGeocoder.geocode(self.user.current_login_ip)
    state = State.find_by_abbreviation(location.state)
    country = Country.find_by_abbreviation(location.country_code)
    self.update_attributes(
      :location => "#{location.city}, #{location.state || location.province} #{location.country_code}",
      :lat => location.lat,
      :lng => location.lng,
      :city => location.city,
      :state => state,
      :country => country)
  end
end

#sanitize_attributes ⇒ Object

Sanitize content before saving. This prevent XSS attacks and other malicious html.

# File 'lib/muck-profiles/models/profile.rb', line 92

def sanitize_attributes
  if self.sanitize_level
    self.about = Sanitize.clean(self.about, self.sanitize_level) unless self.about.blank?
    self.location = Sanitize.clean(self.location, self.sanitize_level) unless self.location.blank?
  end
end

#sanitize_level ⇒ Object

Override this method to control sanitization levels. Currently a user who is an admin will not have their content sanitized. A user in any role ‘editor’, ‘manager’, or ‘contributor’ will be given the ‘RELAXED’ settings while all other users will get ‘BASIC’.

Options are from sanitze: nil - no sanitize Sanitize::Config::RELAXED Sanitize::Config::BASIC Sanitize::Config::RESTRICTED for more details see: rgrove.github.com/sanitize/

# File 'lib/muck-profiles/models/profile.rb', line 110

def sanitize_level
  return Sanitize::Config::BASIC if self.user.nil?
  return nil if self.user.admin?
  return Sanitize::Config::RELAXED if self.user.any_role?('editor', 'manager', 'contributor')
  Sanitize::Config::BASIC
end