jro_apps/redmine Commit - r915:f80f04e379a8

1

# redMine - project management software

1

# redMine - project management software

2

3

#

3

#

4

# This program is free software; you can redistribute it and/or

4

# This program is free software; you can redistribute it and/or

5

# modify it under the terms of the GNU General Public License

5

# modify it under the terms of the GNU General Public License

6

# as published by the Free Software Foundation; either version 2

6

# as published by the Free Software Foundation; either version 2

7

# of the License, or (at your option) any later version.

7

# of the License, or (at your option) any later version.

8

#

8

#

9

# This program is distributed in the hope that it will be useful,

9

# This program is distributed in the hope that it will be useful,

10

# but WITHOUT ANY WARRANTY; without even the implied warranty of

10

# but WITHOUT ANY WARRANTY; without even the implied warranty of

11

# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the

11

# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the

12

# GNU General Public License for more details.

12

# GNU General Public License for more details.

13

#

13

#

14

# You should have received a copy of the GNU General Public License

14

# You should have received a copy of the GNU General Public License

15

# along with this program; if not, write to the Free Software

15

# along with this program; if not, write to the Free Software

16

# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.

16

# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.

17

18

require "digest/sha1"

18

require "digest/sha1"

19

20

class User < ActiveRecord::Base

20

class User < ActiveRecord::Base

21

# Account statuses

21

# Account statuses

22

STATUS_ANONYMOUS = 0

22

STATUS_ANONYMOUS = 0

23

STATUS_ACTIVE = 1

23

STATUS_ACTIVE = 1

24

STATUS_REGISTERED = 2

24

STATUS_REGISTERED = 2

25

STATUS_LOCKED = 3

25

STATUS_LOCKED = 3

26

27

has_many :memberships, :class_name => 'Member', :include => [ :project, :role ], :conditions => "#{Project.table_name}.status=#{Project::STATUS_ACTIVE}", :order => "#{Project.table_name}.name", :dependent => :delete_all

27

has_many :memberships, :class_name => 'Member', :include => [ :project, :role ], :conditions => "#{Project.table_name}.status=#{Project::STATUS_ACTIVE}", :order => "#{Project.table_name}.name", :dependent => :delete_all

28

has_many :projects, :through => :memberships

28

has_many :projects, :through => :memberships

29

has_many :custom_values, :dependent => :delete_all, :as => :customized

29

has_many :custom_values, :dependent => :delete_all, :as => :customized

30

has_many :issue_categories, :foreign_key => 'assigned_to_id', :dependent => :nullify

30

has_many :issue_categories, :foreign_key => 'assigned_to_id', :dependent => :nullify

31

has_one :preference, :dependent => :destroy, :class_name => 'UserPreference'

31

has_one :preference, :dependent => :destroy, :class_name => 'UserPreference'

32

has_one :rss_token, :dependent => :destroy, :class_name => 'Token', :conditions => "action='feeds'"

32

has_one :rss_token, :dependent => :destroy, :class_name => 'Token', :conditions => "action='feeds'"

33

belongs_to :auth_source

33

belongs_to :auth_source

34

35

attr_accessor :password, :password_confirmation

35

attr_accessor :password, :password_confirmation

36

attr_accessor :last_before_login_on

36

attr_accessor :last_before_login_on

37

# Prevents unauthorized assignments

37

# Prevents unauthorized assignments

38

attr_protected :login, :admin, :password, :password_confirmation, :hashed_password

38

attr_protected :login, :admin, :password, :password_confirmation, :hashed_password

39

40

validates_presence_of :login, :firstname, :lastname, :mail, :if => Proc.new { |user| !user.is_a?(AnonymousUser) }

40

validates_presence_of :login, :firstname, :lastname, :mail, :if => Proc.new { |user| !user.is_a?(AnonymousUser) }

41

validates_uniqueness_of :login, :mail

41

validates_uniqueness_of :login, :mail

42

# Login must contain lettres, numbers, underscores only

42

# Login must contain lettres, numbers, underscores only

43

validates_format_of :login, :with => /^[a-z0-9_\-@\.]*$/i

43

validates_format_of :login, :with => /^[a-z0-9_\-@\.]*$/i

44

validates_length_of :login, :maximum => 30

44

validates_length_of :login, :maximum => 30

45

validates_format_of :firstname, :lastname, :with => /^[\w\s\'\-]*$/i

45

validates_format_of :firstname, :lastname, :with => /^[\w\s\'\-]*$/i

46

validates_length_of :firstname, :lastname, :maximum => 30

46

validates_length_of :firstname, :lastname, :maximum => 30

47

validates_format_of :mail, :with => /^([^@\s]+)@((?:[-a-z0-9]+\.)+[a-z]{2,})$/i, :allow_nil => true

47

validates_format_of :mail, :with => /^([^@\s]+)@((?:[-a-z0-9]+\.)+[a-z]{2,})$/i, :allow_nil => true

48

validates_length_of :mail, :maximum => 60, :allow_nil => true

48

validates_length_of :mail, :maximum => 60, :allow_nil => true

49

validates_length_of :password, :minimum => 4, :allow_nil => true

49

validates_length_of :password, :minimum => 4, :allow_nil => true

50

validates_confirmation_of :password, :allow_nil => true

50

validates_confirmation_of :password, :allow_nil => true

51

validates_associated :custom_values, :on => :update

51

validates_associated :custom_values, :on => :update

52

53

def before_create

53

def before_create

54

self.mail_notification = false

54

self.mail_notification = false

55

true

55

true

56

end

56

end

57

58

def before_save

58

def before_save

59

# update hashed_password if password was set

59

# update hashed_password if password was set

60

self.hashed_password = User.hash_password(self.password) if self.password

60

self.hashed_password = User.hash_password(self.password) if self.password

61

end

61

end

62

63

def self.active

63

def self.active

64

with_scope :find => { :conditions => [ "status = ?", STATUS_ACTIVE ] } do

64

with_scope :find => { :conditions => [ "status = ?", STATUS_ACTIVE ] } do

65

yield

65

yield

66

end

66

end

67

end

67

end

68

69

def self.find_active(*args)

69

def self.find_active(*args)

70

active do

70

active do

71

find(*args)

71

find(*args)

72

end

72

end

73

end

73

end

74

75

# Returns the user that matches provided login and password, or nil

75

# Returns the user that matches provided login and password, or nil

76

def self.try_to_login(login, password)

76

def self.try_to_login(login, password)

77

user = find(:first, :conditions => ["login=?", login])

77

user = find(:first, :conditions => ["login=?", login])

78

if user

78

if user

79

# user is already in local database

79

# user is already in local database

80

return nil if !user.active?

80

return nil if !user.active?

81

if user.auth_source

81

if user.auth_source

82

# user has an external authentication method

82

# user has an external authentication method

83

return nil unless user.auth_source.authenticate(login, password)

83

return nil unless user.auth_source.authenticate(login, password)

84

else

84

else

85

# authentication with local password

85

# authentication with local password

86

return nil unless User.hash_password(password) == user.hashed_password

86

return nil unless User.hash_password(password) == user.hashed_password

87

end

87

end

88

else

88

else

89

# user is not yet registered, try to authenticate with available sources

89

# user is not yet registered, try to authenticate with available sources

90

attrs = AuthSource.authenticate(login, password)

90

attrs = AuthSource.authenticate(login, password)

91

if attrs

91

if attrs

92

onthefly = new(*attrs)

92

onthefly = new(*attrs)

93

onthefly.login = login

93

onthefly.login = login

94

onthefly.language = Setting.default_language

94

onthefly.language = Setting.default_language

95

if onthefly.save

95

if onthefly.save

96

user = find(:first, :conditions => ["login=?", login])

96

user = find(:first, :conditions => ["login=?", login])

97

logger.info("User '#{user.login}' created on the fly.") if logger

97

logger.info("User '#{user.login}' created on the fly.") if logger

98

end

98

end

99

end

99

end

100

end

100

end

101

user.update_attribute(:last_login_on, Time.now) if user

101

user.update_attribute(:last_login_on, Time.now) if user

102

user

102

user

103

104

rescue => text

104

rescue => text

105

raise text

105

raise text

106

end

106

end

107

108

# Return user's full name for display

108

# Return user's full name for display

109

def name

109

def name

110

"#{firstname} #{lastname}"

110

"#{firstname} #{lastname}"

111

end

111

end

112

113

def active?

113

def active?

114

self.status == STATUS_ACTIVE

114

self.status == STATUS_ACTIVE

115

end

115

end

116

117

def registered?

117

def registered?

118

self.status == STATUS_REGISTERED

118

self.status == STATUS_REGISTERED

119

end

119

end

120

121

def locked?

121

def locked?

122

self.status == STATUS_LOCKED

122

self.status == STATUS_LOCKED

123

end

123

end

124

125

def check_password?(clear_password)

125

def check_password?(clear_password)

126

User.hash_password(clear_password) == self.hashed_password

126

User.hash_password(clear_password) == self.hashed_password

127

end

127

end

128

129

def pref

129

def pref

130

self.preference ||= UserPreference.new(:user => self)

130

self.preference ||= UserPreference.new(:user => self)

131

end

131

end

132

133

def time_zone

133

def time_zone

134

self.pref.time_zone.nil? ? nil : TimeZone[self.pref.time_zone]

134

self.pref.time_zone.nil? ? nil : TimeZone[self.pref.time_zone]

135

end

135

end

136

137

# Return user's RSS key (a 40 chars long string), used to access feeds

137

# Return user's RSS key (a 40 chars long string), used to access feeds

138

def rss_key

138

def rss_key

139

token = self.rss_token || Token.create(:user => self, :action => 'feeds')

139

token = self.rss_token || Token.create(:user => self, :action => 'feeds')

140

token.value

140

token.value

141

end

141

end

142

143

# Return an array of project ids for which the user has explicitly turned mail notifications on

143

# Return an array of project ids for which the user has explicitly turned mail notifications on

144

def notified_projects_ids

144

def notified_projects_ids

145

@notified_projects_ids ||= memberships.select {|m| m.mail_notification?}.collect(&:project_id)

145

@notified_projects_ids ||= memberships.select {|m| m.mail_notification?}.collect(&:project_id)

146

end

146

end

147

148

def notified_project_ids=(ids)

148

def notified_project_ids=(ids)

149

Member.update_all("mail_notification = #{connection.quoted_false}", ['user_id = ?', id])

149

Member.update_all("mail_notification = #{connection.quoted_false}", ['user_id = ?', id])

150

Member.update_all("mail_notification = #{connection.quoted_true}", ['user_id = ? AND project_id IN (?)', id, ids]) if ids && !ids.empty?

150

Member.update_all("mail_notification = #{connection.quoted_true}", ['user_id = ? AND project_id IN (?)', id, ids]) if ids && !ids.empty?

151

@notified_projects_ids = nil

151

@notified_projects_ids = nil

152

notified_projects_ids

152

notified_projects_ids

153

end

153

end

154

155

def self.find_by_rss_key(key)

155

def self.find_by_rss_key(key)

156

token = Token.find_by_value(key)

156

token = Token.find_by_value(key)

157

token && token.user.active? ? token.user : nil

157

token && token.user.active? ? token.user : nil

158

end

158

end

159

160

def self.find_by_autologin_key(key)

160

def self.find_by_autologin_key(key)

161

token = Token.find_by_action_and_value('autologin', key)

161

token = Token.find_by_action_and_value('autologin', key)

162

token && (token.created_on > Setting.autologin.to_i.day.ago) && token.user.active? ? token.user : nil

162

token && (token.created_on > Setting.autologin.to_i.day.ago) && token.user.active? ? token.user : nil

163

end

163

end

164

165

def <=>(user)

165

def <=>(user)

166

lastname == user.lastname ? firstname <=> user.firstname : lastname <=> user.lastname

166

lastname == user.lastname ? firstname <=> user.firstname : lastname <=> user.lastname

167

end

167

end

168

169

def to_s

169

def to_s

170

name

170

name

171

end

171

end

172

173

def logged?

173

def logged?

174

true

174

true

175

end

175

end

176

177

# Return user's role for project

177

# Return user's role for project

178

def role_for_project(project)

178

def role_for_project(project)

179

# No role on archived projects

179

# No role on archived projects

180

return nil unless project && project.active?

180

return nil unless project && project.active?

181

# Find project membership

181

if logged?

182

membership = memberships.detect {|m| m.project_id == project.id}

182

# Find project membership

183

if membership

183

membership = memberships.detect {|m| m.project_id == project.id}

184

membership.~~role~~

184

if membership

185

elsif logged?

185

membership.role

186

Role.non_member

186

else

187

@role_non_member ||= Role.non_member

188

end

187

else

189

else

188

Role.anonymous

190

@role_anonymous ||= Role.anonymous

189

end

191

end

190

end

192

end

191

193

192

# Return true if the user is a member of project

194

# Return true if the user is a member of project

193

def member_of?(project)

195

def member_of?(project)

194

role_for_project(project).member?

196

role_for_project(project).member?

195

end

197

end

196

198

197

# Return true if the user is allowed to do the specified action on project

199

# Return true if the user is allowed to do the specified action on project

198

# action can be:

200

# action can be:

199

# * a parameter-like Hash (eg. :controller => 'projects', :action => 'edit')

201

# * a parameter-like Hash (eg. :controller => 'projects', :action => 'edit')

200

# * a permission Symbol (eg. :edit_project)

202

# * a permission Symbol (eg. :edit_project)

201

def allowed_to?(action, project)

203

def allowed_to?(action, project)

202

# No action allowed on archived projects

204

# No action allowed on archived projects

203

return false unless project.active?

205

return false unless project.active?

204

# No action allowed on disabled modules

206

# No action allowed on disabled modules

205

return false unless project.allows_to?(action)

207

return false unless project.allows_to?(action)

206

# Admin users are authorized for anything else

208

# Admin users are authorized for anything else

207

return true if admin?

209

return true if admin?

208

210

209

role = role_for_project(project)

211

role = role_for_project(project)

210

return false unless role

212

return false unless role

211

role.allowed_to?(action) && (project.is_public? || role.member?)

213

role.allowed_to?(action) && (project.is_public? || role.member?)

212

end

214

end

213

215

214

def self.current=(user)

216

def self.current=(user)

215

@current_user = user

217

@current_user = user

216

end

218

end

217

219

218

def self.current

220

def self.current

219

@current_user ||= User.anonymous

221

@current_user ||= User.anonymous

220

end

222

end

221

223

222

def self.anonymous

224

def self.anonymous

223

return @anonymous_user if @anonymous_user

225

return @anonymous_user if @anonymous_user

224

anonymous_user = AnonymousUser.find(:first)

226

anonymous_user = AnonymousUser.find(:first)

225

if anonymous_user.nil?

227

if anonymous_user.nil?

226

anonymous_user = AnonymousUser.create(:lastname => 'Anonymous', :firstname => '', :mail => '', :login => '', :status => 0)

228

anonymous_user = AnonymousUser.create(:lastname => 'Anonymous', :firstname => '', :mail => '', :login => '', :status => 0)

227

raise 'Unable to create the anonymous user.' if anonymous_user.new_record?

229

raise 'Unable to create the anonymous user.' if anonymous_user.new_record?

228

end

230

end

229

@anonymous_user = anonymous_user

231

@anonymous_user = anonymous_user

230

end

232

end

231

233

232

private

234

private

233

# Return password digest

235

# Return password digest

234

def self.hash_password(clear_password)

236

def self.hash_password(clear_password)

235

Digest::SHA1.hexdigest(clear_password || "")

237

Digest::SHA1.hexdigest(clear_password || "")

236

end

238

end

237

end

239

end

238

240

239

class AnonymousUser < User

241

class AnonymousUser < User

240

242

241

def validate_on_create

243

def validate_on_create

242

# There should be only one AnonymousUser in the database

244

# There should be only one AnonymousUser in the database

243

errors.add_to_base 'An anonymous user already exists.' if AnonymousUser.find(:first)

245

errors.add_to_base 'An anonymous user already exists.' if AnonymousUser.find(:first)

244

end

246

end

245

247

246

# Overrides a few properties

248

# Overrides a few properties

247

def logged?; false end

249

def logged?; false end

248

def admin; false end

250

def admin; false end

249

def name; 'Anonymous' end

251

def name; 'Anonymous' end

250

def mail; nil end

252

def mail; nil end

251

def time_zone; nil end

253

def time_zone; nil end

252

def rss_key; nil end

254

def rss_key; nil end

253

end

255

end

	Site-wide shortcuts
/	Use quick search box
g h	Goto home page
g g	Goto my private gists page
g G	Goto my public gists page
g 0-9	Goto bookmarked items from 0-9
n r	New repository page
n g	New gist page

	Repositories
g s	Goto summary page
g c	Goto changelog page
g f	Goto files page
g F	Goto files page with file search activated
g p	Goto pull requests page
g o	Goto repository settings
g O	Goto repository access permissions settings
t s	Toggle sidebar on some pages

             # redMine - project management software
             # Copyright (C) 2006-2007  Jean-Philippe Lang
             #
             # This program is free software; you can redistribute it and/or
             # modify it under the terms of the GNU General Public License
             # as published by the Free Software Foundation; either version 2
             # of the License, or (at your option) any later version.
             #
             # This program is distributed in the hope that it will be useful,
             # but WITHOUT ANY WARRANTY; without even the implied warranty of
             # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
             # GNU General Public License for more details.
             #
             # You should have received a copy of the GNU General Public License
             # along with this program; if not, write to the Free Software
             # Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.
             require "digest/sha1"
             class User < ActiveRecord::Base
               # Account statuses
               STATUS_ANONYMOUS  = 0
               STATUS_ACTIVE     = 1
               STATUS_REGISTERED = 2
               STATUS_LOCKED     = 3
               has_many :memberships, :class_name => 'Member', :include => [ :project, :role ], :conditions => "#{Project.table_name}.status=#{Project::STATUS_ACTIVE}", :order => "#{Project.table_name}.name", :dependent => :delete_all
               has_many :projects, :through => :memberships
               has_many :custom_values, :dependent => :delete_all, :as => :customized
               has_many :issue_categories, :foreign_key => 'assigned_to_id', :dependent => :nullify
               has_one :preference, :dependent => :destroy, :class_name => 'UserPreference'
               has_one :rss_token, :dependent => :destroy, :class_name => 'Token', :conditions => "action='feeds'"
               belongs_to :auth_source
               attr_accessor :password, :password_confirmation
               attr_accessor :last_before_login_on
               # Prevents unauthorized assignments
               attr_protected :login, :admin, :password, :password_confirmation, :hashed_password
               validates_presence_of :login, :firstname, :lastname, :mail, :if => Proc.new { |user| !user.is_a?(AnonymousUser) }
               validates_uniqueness_of :login, :mail
               # Login must contain lettres, numbers, underscores only
               validates_format_of :login, :with => /^[a-z0-9_\-@\.]*$/i
               validates_length_of :login, :maximum => 30
               validates_format_of :firstname, :lastname, :with => /^[\w\s\'\-]*$/i
               validates_length_of :firstname, :lastname, :maximum => 30
               validates_format_of :mail, :with => /^([^@\s]+)@((?:[-a-z0-9]+\.)+[a-z]{2,})$/i, :allow_nil => true
               validates_length_of :mail, :maximum => 60, :allow_nil => true
               validates_length_of :password, :minimum => 4, :allow_nil => true
               validates_confirmation_of :password, :allow_nil => true
               validates_associated :custom_values, :on => :update
               def before_create
                 self.mail_notification = false
                 true
               end
               def before_save
                 # update hashed_password if password was set
                 self.hashed_password = User.hash_password(self.password) if self.password
               end
               def self.active
                 with_scope :find => { :conditions => [ "status = ?", STATUS_ACTIVE ] } do
                   yield
                 end
               end
               def self.find_active(*args)
                 active do
                   find(*args)
                 end
               end
               # Returns the user that matches provided login and password, or nil
               def self.try_to_login(login, password)
                 user = find(:first, :conditions => ["login=?", login])
                 if user
                   # user is already in local database
                   return nil if !user.active?
                   if user.auth_source
                     # user has an external authentication method
                     return nil unless user.auth_source.authenticate(login, password)
                   else
                     # authentication with local password
                     return nil unless User.hash_password(password) == user.hashed_password
                   end
                 else
                   # user is not yet registered, try to authenticate with available sources
                   attrs = AuthSource.authenticate(login, password)
                   if attrs
                     onthefly = new(*attrs)
                     onthefly.login = login
                     onthefly.language = Setting.default_language
                     if onthefly.save
                       user = find(:first, :conditions => ["login=?", login])
                       logger.info("User '#{user.login}' created on the fly.") if logger
                     end
                   end
                 end
                 user.update_attribute(:last_login_on, Time.now) if user
                 user
                 rescue => text
                   raise text
               end
               # Return user's full name for display
               def name
                 "#{firstname} #{lastname}"
               end
               def active?
                 self.status == STATUS_ACTIVE
               end
               def registered?
                 self.status == STATUS_REGISTERED
               end
               def locked?
                 self.status == STATUS_LOCKED
               end
               def check_password?(clear_password)
                 User.hash_password(clear_password) == self.hashed_password
               end
               def pref
                 self.preference ||= UserPreference.new(:user => self)
               end
               def time_zone
                 self.pref.time_zone.nil? ? nil : TimeZone[self.pref.time_zone]
               end
               # Return user's RSS key (a 40 chars long string), used to access feeds
               def rss_key
                 token = self.rss_token || Token.create(:user => self, :action => 'feeds')
                 token.value
               end
               # Return an array of project ids for which the user has explicitly turned mail notifications on
               def notified_projects_ids
                 @notified_projects_ids ||= memberships.select {|m| m.mail_notification?}.collect(&:project_id)
               end
               def notified_project_ids=(ids)
                 Member.update_all("mail_notification = #{connection.quoted_false}", ['user_id = ?', id])
                 Member.update_all("mail_notification = #{connection.quoted_true}", ['user_id = ? AND project_id IN (?)', id, ids]) if ids && !ids.empty?
                 @notified_projects_ids = nil
                 notified_projects_ids
               end
               def self.find_by_rss_key(key)
                 token = Token.find_by_value(key)
                 token && token.user.active? ? token.user : nil
               end
               def self.find_by_autologin_key(key)
                 token = Token.find_by_action_and_value('autologin', key)
                 token && (token.created_on > Setting.autologin.to_i.day.ago) && token.user.active? ? token.user : nil
               end
               def <=>(user)
                 lastname == user.lastname ? firstname <=> user.firstname : lastname <=> user.lastname
               end
               def to_s
                 name
               end
               def logged?
                 true
               end
               # Return user's role for project
               def role_for_project(project)
                 # No role on archived projects
                 return nil unless project && project.active?
-                # Find project membership
+                if logged?
-                membership = memberships.detect {|m| m.project_id == project.id}
+                  # Find project membership
-                if membership
+                  membership = memberships.detect {|m| m.project_id == project.id}
-                  membership.role
+                  if membership
-                elsif logged?
+                    membership.role
-                  Role.non_member
+                  else
+                    @role_non_member ||= Role.non_member
+                  end
                 else
-                  Role.anonymous
+                  @role_anonymous ||= Role.anonymous
                 end
               end
               # Return true if the user is a member of project
               def member_of?(project)
                 role_for_project(project).member?
               end
               # Return true if the user is allowed to do the specified action on project
               # action can be:
               # * a parameter-like Hash (eg. :controller => 'projects', :action => 'edit')
               # * a permission Symbol (eg. :edit_project)
               def allowed_to?(action, project)
                 # No action allowed on archived projects
                 return false unless project.active?
                 # No action allowed on disabled modules
                 return false unless project.allows_to?(action)
                 # Admin users are authorized for anything else
                 return true if admin?
                 role = role_for_project(project)
                 return false unless role
                 role.allowed_to?(action) && (project.is_public? || role.member?)
               end
               def self.current=(user)
                 @current_user = user
               end
               def self.current
                 @current_user ||= User.anonymous
               end
               def self.anonymous
                 return @anonymous_user if @anonymous_user
                 anonymous_user = AnonymousUser.find(:first)
                 if anonymous_user.nil?
                   anonymous_user = AnonymousUser.create(:lastname => 'Anonymous', :firstname => '', :mail => '', :login => '', :status => 0)
                   raise 'Unable to create the anonymous user.' if anonymous_user.new_record?
                 end
                 @anonymous_user = anonymous_user
               end
             private
               # Return password digest
               def self.hash_password(clear_password)
                 Digest::SHA1.hexdigest(clear_password || "")
               end
             end
             class AnonymousUser < User
               def validate_on_create
                 # There should be only one AnonymousUser in the database
                 errors.add_to_base 'An anonymous user already exists.' if AnonymousUser.find(:first)
               end
               # Overrides a few properties
               def logged?; false end
               def admin; false end
               def name; 'Anonymous' end
               def mail; nil end
               def time_zone; nil end
               def rss_key; nil end
             end