##// END OF EJS Templates
jro_apps » redmine
RSS
Merged r1231 from trunk....
Jean-Philippe Lang -
r1218:a677817003fc
parent child
Show More
Side by Side Unified
Context file:
r1218:a677817003fc Loading diff...:
Show file before | Show file after | Hide comments
@@ -1,255 +1,257
1 # redMine - project management software
1 # redMine - project management software
2 # Copyright (C) 2006-2007 Jean-Philippe Lang
2 # Copyright (C) 2006-2007 Jean-Philippe Lang
3 #
3 #
4 # This program is free software; you can redistribute it and/or
4 # This program is free software; you can redistribute it and/or
5 # modify it under the terms of the GNU General Public License
5 # modify it under the terms of the GNU General Public License
6 # as published by the Free Software Foundation; either version 2
6 # as published by the Free Software Foundation; either version 2
7 # of the License, or (at your option) any later version.
7 # of the License, or (at your option) any later version.
8 #
8 #
9 # This program is distributed in the hope that it will be useful,
9 # This program is distributed in the hope that it will be useful,
10 # but WITHOUT ANY WARRANTY; without even the implied warranty of
10 # but WITHOUT ANY WARRANTY; without even the implied warranty of
11 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
11 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12 # GNU General Public License for more details.
12 # GNU General Public License for more details.
13 #
13 #
14 # You should have received a copy of the GNU General Public License
14 # You should have received a copy of the GNU General Public License
15 # along with this program; if not, write to the Free Software
15 # along with this program; if not, write to the Free Software
16 # Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
16 # Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
17
17
18 require "digest/sha1"
18 require "digest/sha1"
19
19
20 class User < ActiveRecord::Base
20 class User < ActiveRecord::Base
21 # Account statuses
21 # Account statuses
22 STATUS_ANONYMOUS = 0
22 STATUS_ANONYMOUS = 0
23 STATUS_ACTIVE = 1
23 STATUS_ACTIVE = 1
24 STATUS_REGISTERED = 2
24 STATUS_REGISTERED = 2
25 STATUS_LOCKED = 3
25 STATUS_LOCKED = 3
26
26
27 has_many :memberships, :class_name => 'Member', :include => [ :project, :role ], :conditions => "#{Project.table_name}.status=#{Project::STATUS_ACTIVE}", :order => "#{Project.table_name}.name", :dependent => :delete_all
27 has_many :memberships, :class_name => 'Member', :include => [ :project, :role ], :conditions => "#{Project.table_name}.status=#{Project::STATUS_ACTIVE}", :order => "#{Project.table_name}.name", :dependent => :delete_all
28 has_many :projects, :through => :memberships
28 has_many :projects, :through => :memberships
29 has_many :custom_values, :dependent => :delete_all, :as => :customized
29 has_many :custom_values, :dependent => :delete_all, :as => :customized
30 has_many :issue_categories, :foreign_key => 'assigned_to_id', :dependent => :nullify
30 has_many :issue_categories, :foreign_key => 'assigned_to_id', :dependent => :nullify
31 has_one :preference, :dependent => :destroy, :class_name => 'UserPreference'
31 has_one :preference, :dependent => :destroy, :class_name => 'UserPreference'
32 has_one :rss_token, :dependent => :destroy, :class_name => 'Token', :conditions => "action='feeds'"
32 has_one :rss_token, :dependent => :destroy, :class_name => 'Token', :conditions => "action='feeds'"
33 belongs_to :auth_source
33 belongs_to :auth_source
34
34
35 attr_accessor :password, :password_confirmation
35 attr_accessor :password, :password_confirmation
36 attr_accessor :last_before_login_on
36 attr_accessor :last_before_login_on
37 # Prevents unauthorized assignments
37 # Prevents unauthorized assignments
38 attr_protected :login, :admin, :password, :password_confirmation, :hashed_password
38 attr_protected :login, :admin, :password, :password_confirmation, :hashed_password
39
39
40 validates_presence_of :login, :firstname, :lastname, :mail, :if => Proc.new { |user| !user.is_a?(AnonymousUser) }
40 validates_presence_of :login, :firstname, :lastname, :mail, :if => Proc.new { |user| !user.is_a?(AnonymousUser) }
41 validates_uniqueness_of :login, :mail
41 validates_uniqueness_of :login, :mail
42 # Login must contain lettres, numbers, underscores only
42 # Login must contain lettres, numbers, underscores only
43 validates_format_of :login, :with => /^[a-z0-9_\-@\.]*$/i
43 validates_format_of :login, :with => /^[a-z0-9_\-@\.]*$/i
44 validates_length_of :login, :maximum => 30
44 validates_length_of :login, :maximum => 30
45 validates_format_of :firstname, :lastname, :with => /^[\w\s\'\-]*$/i
45 validates_format_of :firstname, :lastname, :with => /^[\w\s\'\-]*$/i
46 validates_length_of :firstname, :lastname, :maximum => 30
46 validates_length_of :firstname, :lastname, :maximum => 30
47 validates_format_of :mail, :with => /^([^@\s]+)@((?:[-a-z0-9]+\.)+[a-z]{2,})$/i, :allow_nil => true
47 validates_format_of :mail, :with => /^([^@\s]+)@((?:[-a-z0-9]+\.)+[a-z]{2,})$/i, :allow_nil => true
48 validates_length_of :mail, :maximum => 60, :allow_nil => true
48 validates_length_of :mail, :maximum => 60, :allow_nil => true
49 validates_length_of :password, :minimum => 4, :allow_nil => true
49 validates_length_of :password, :minimum => 4, :allow_nil => true
50 validates_confirmation_of :password, :allow_nil => true
50 validates_confirmation_of :password, :allow_nil => true
51 validates_associated :custom_values, :on => :update
51 validates_associated :custom_values, :on => :update
52
52
53 def before_create
53 def before_create
54 self.mail_notification = false
54 self.mail_notification = false
55 true
55 true
56 end
56 end
57
57
58 def before_save
58 def before_save
59 # update hashed_password if password was set
59 # update hashed_password if password was set
60 self.hashed_password = User.hash_password(self.password) if self.password
60 self.hashed_password = User.hash_password(self.password) if self.password
61 end
61 end
62
62
63 def self.active
63 def self.active
64 with_scope :find => { :conditions => [ "status = ?", STATUS_ACTIVE ] } do
64 with_scope :find => { :conditions => [ "status = ?", STATUS_ACTIVE ] } do
65 yield
65 yield
66 end
66 end
67 end
67 end
68
68
69 def self.find_active(*args)
69 def self.find_active(*args)
70 active do
70 active do
71 find(*args)
71 find(*args)
72 end
72 end
73 end
73 end
74
74
75 # Returns the user that matches provided login and password, or nil
75 # Returns the user that matches provided login and password, or nil
76 def self.try_to_login(login, password)
76 def self.try_to_login(login, password)
77 # Make sure no one can sign in with an empty password
78 return nil if password.to_s.empty?
77 user = find(:first, :conditions => ["login=?", login])
79 user = find(:first, :conditions => ["login=?", login])
78 if user
80 if user
79 # user is already in local database
81 # user is already in local database
80 return nil if !user.active?
82 return nil if !user.active?
81 if user.auth_source
83 if user.auth_source
82 # user has an external authentication method
84 # user has an external authentication method
83 return nil unless user.auth_source.authenticate(login, password)
85 return nil unless user.auth_source.authenticate(login, password)
84 else
86 else
85 # authentication with local password
87 # authentication with local password
86 return nil unless User.hash_password(password) == user.hashed_password
88 return nil unless User.hash_password(password) == user.hashed_password
87 end
89 end
88 else
90 else
89 # user is not yet registered, try to authenticate with available sources
91 # user is not yet registered, try to authenticate with available sources
90 attrs = AuthSource.authenticate(login, password)
92 attrs = AuthSource.authenticate(login, password)
91 if attrs
93 if attrs
92 onthefly = new(*attrs)
94 onthefly = new(*attrs)
93 onthefly.login = login
95 onthefly.login = login
94 onthefly.language = Setting.default_language
96 onthefly.language = Setting.default_language
95 if onthefly.save
97 if onthefly.save
96 user = find(:first, :conditions => ["login=?", login])
98 user = find(:first, :conditions => ["login=?", login])
97 logger.info("User '#{user.login}' created on the fly.") if logger
99 logger.info("User '#{user.login}' created on the fly.") if logger
98 end
100 end
99 end
101 end
100 end
102 end
101 user.update_attribute(:last_login_on, Time.now) if user
103 user.update_attribute(:last_login_on, Time.now) if user
102 user
104 user
103
105
104 rescue => text
106 rescue => text
105 raise text
107 raise text
106 end
108 end
107
109
108 # Return user's full name for display
110 # Return user's full name for display
109 def name
111 def name
110 "#{firstname} #{lastname}"
112 "#{firstname} #{lastname}"
111 end
113 end
112
114
113 def active?
115 def active?
114 self.status == STATUS_ACTIVE
116 self.status == STATUS_ACTIVE
115 end
117 end
116
118
117 def registered?
119 def registered?
118 self.status == STATUS_REGISTERED
120 self.status == STATUS_REGISTERED
119 end
121 end
120
122
121 def locked?
123 def locked?
122 self.status == STATUS_LOCKED
124 self.status == STATUS_LOCKED
123 end
125 end
124
126
125 def check_password?(clear_password)
127 def check_password?(clear_password)
126 User.hash_password(clear_password) == self.hashed_password
128 User.hash_password(clear_password) == self.hashed_password
127 end
129 end
128
130
129 def pref
131 def pref
130 self.preference ||= UserPreference.new(:user => self)
132 self.preference ||= UserPreference.new(:user => self)
131 end
133 end
132
134
133 def time_zone
135 def time_zone
134 self.pref.time_zone.nil? ? nil : TimeZone[self.pref.time_zone]
136 self.pref.time_zone.nil? ? nil : TimeZone[self.pref.time_zone]
135 end
137 end
136
138
137 # Return user's RSS key (a 40 chars long string), used to access feeds
139 # Return user's RSS key (a 40 chars long string), used to access feeds
138 def rss_key
140 def rss_key
139 token = self.rss_token || Token.create(:user => self, :action => 'feeds')
141 token = self.rss_token || Token.create(:user => self, :action => 'feeds')
140 token.value
142 token.value
141 end
143 end
142
144
143 # Return an array of project ids for which the user has explicitly turned mail notifications on
145 # Return an array of project ids for which the user has explicitly turned mail notifications on
144 def notified_projects_ids
146 def notified_projects_ids
145 @notified_projects_ids ||= memberships.select {|m| m.mail_notification?}.collect(&:project_id)
147 @notified_projects_ids ||= memberships.select {|m| m.mail_notification?}.collect(&:project_id)
146 end
148 end
147
149
148 def notified_project_ids=(ids)
150 def notified_project_ids=(ids)
149 Member.update_all("mail_notification = #{connection.quoted_false}", ['user_id = ?', id])
151 Member.update_all("mail_notification = #{connection.quoted_false}", ['user_id = ?', id])
150 Member.update_all("mail_notification = #{connection.quoted_true}", ['user_id = ? AND project_id IN (?)', id, ids]) if ids && !ids.empty?
152 Member.update_all("mail_notification = #{connection.quoted_true}", ['user_id = ? AND project_id IN (?)', id, ids]) if ids && !ids.empty?
151 @notified_projects_ids = nil
153 @notified_projects_ids = nil
152 notified_projects_ids
154 notified_projects_ids
153 end
155 end
154
156
155 def self.find_by_rss_key(key)
157 def self.find_by_rss_key(key)
156 token = Token.find_by_value(key)
158 token = Token.find_by_value(key)
157 token && token.user.active? ? token.user : nil
159 token && token.user.active? ? token.user : nil
158 end
160 end
159
161
160 def self.find_by_autologin_key(key)
162 def self.find_by_autologin_key(key)
161 token = Token.find_by_action_and_value('autologin', key)
163 token = Token.find_by_action_and_value('autologin', key)
162 token && (token.created_on > Setting.autologin.to_i.day.ago) && token.user.active? ? token.user : nil
164 token && (token.created_on > Setting.autologin.to_i.day.ago) && token.user.active? ? token.user : nil
163 end
165 end
164
166
165 def <=>(user)
167 def <=>(user)
166 user.nil? ? -1 : (lastname == user.lastname ? firstname <=> user.firstname : lastname <=> user.lastname)
168 user.nil? ? -1 : (lastname == user.lastname ? firstname <=> user.firstname : lastname <=> user.lastname)
167 end
169 end
168
170
169 def to_s
171 def to_s
170 name
172 name
171 end
173 end
172
174
173 def logged?
175 def logged?
174 true
176 true
175 end
177 end
176
178
177 # Return user's role for project
179 # Return user's role for project
178 def role_for_project(project)
180 def role_for_project(project)
179 # No role on archived projects
181 # No role on archived projects
180 return nil unless project && project.active?
182 return nil unless project && project.active?
181 if logged?
183 if logged?
182 # Find project membership
184 # Find project membership
183 membership = memberships.detect {|m| m.project_id == project.id}
185 membership = memberships.detect {|m| m.project_id == project.id}
184 if membership
186 if membership
185 membership.role
187 membership.role
186 else
188 else
187 @role_non_member ||= Role.non_member
189 @role_non_member ||= Role.non_member
188 end
190 end
189 else
191 else
190 @role_anonymous ||= Role.anonymous
192 @role_anonymous ||= Role.anonymous
191 end
193 end
192 end
194 end
193
195
194 # Return true if the user is a member of project
196 # Return true if the user is a member of project
195 def member_of?(project)
197 def member_of?(project)
196 role_for_project(project).member?
198 role_for_project(project).member?
197 end
199 end
198
200
199 # Return true if the user is allowed to do the specified action on project
201 # Return true if the user is allowed to do the specified action on project
200 # action can be:
202 # action can be:
201 # * a parameter-like Hash (eg. :controller => 'projects', :action => 'edit')
203 # * a parameter-like Hash (eg. :controller => 'projects', :action => 'edit')
202 # * a permission Symbol (eg. :edit_project)
204 # * a permission Symbol (eg. :edit_project)
203 def allowed_to?(action, project)
205 def allowed_to?(action, project)
204 # No action allowed on archived projects
206 # No action allowed on archived projects
205 return false unless project.active?
207 return false unless project.active?
206 # No action allowed on disabled modules
208 # No action allowed on disabled modules
207 return false unless project.allows_to?(action)
209 return false unless project.allows_to?(action)
208 # Admin users are authorized for anything else
210 # Admin users are authorized for anything else
209 return true if admin?
211 return true if admin?
210
212
211 role = role_for_project(project)
213 role = role_for_project(project)
212 return false unless role
214 return false unless role
213 role.allowed_to?(action) && (project.is_public? || role.member?)
215 role.allowed_to?(action) && (project.is_public? || role.member?)
214 end
216 end
215
217
216 def self.current=(user)
218 def self.current=(user)
217 @current_user = user
219 @current_user = user
218 end
220 end
219
221
220 def self.current
222 def self.current
221 @current_user ||= User.anonymous
223 @current_user ||= User.anonymous
222 end
224 end
223
225
224 def self.anonymous
226 def self.anonymous
225 return @anonymous_user if @anonymous_user
227 return @anonymous_user if @anonymous_user
226 anonymous_user = AnonymousUser.find(:first)
228 anonymous_user = AnonymousUser.find(:first)
227 if anonymous_user.nil?
229 if anonymous_user.nil?
228 anonymous_user = AnonymousUser.create(:lastname => 'Anonymous', :firstname => '', :mail => '', :login => '', :status => 0)
230 anonymous_user = AnonymousUser.create(:lastname => 'Anonymous', :firstname => '', :mail => '', :login => '', :status => 0)
229 raise 'Unable to create the anonymous user.' if anonymous_user.new_record?
231 raise 'Unable to create the anonymous user.' if anonymous_user.new_record?
230 end
232 end
231 @anonymous_user = anonymous_user
233 @anonymous_user = anonymous_user
232 end
234 end
233
235
234 private
236 private
235 # Return password digest
237 # Return password digest
236 def self.hash_password(clear_password)
238 def self.hash_password(clear_password)
237 Digest::SHA1.hexdigest(clear_password || "")
239 Digest::SHA1.hexdigest(clear_password || "")
238 end
240 end
239 end
241 end
240
242
241 class AnonymousUser < User
243 class AnonymousUser < User
242
244
243 def validate_on_create
245 def validate_on_create
244 # There should be only one AnonymousUser in the database
246 # There should be only one AnonymousUser in the database
245 errors.add_to_base 'An anonymous user already exists.' if AnonymousUser.find(:first)
247 errors.add_to_base 'An anonymous user already exists.' if AnonymousUser.find(:first)
246 end
248 end
247
249
248 # Overrides a few properties
250 # Overrides a few properties
249 def logged?; false end
251 def logged?; false end
250 def admin; false end
252 def admin; false end
251 def name; 'Anonymous' end
253 def name; 'Anonymous' end
252 def mail; nil end
254 def mail; nil end
253 def time_zone; nil end
255 def time_zone; nil end
254 def rss_key; nil end
256 def rss_key; nil end
255 end
257 end
General Comments 0
You need to be logged in to leave comments. Login now