trabajo-afectivo/app/models/user.rb

508 lines
13 KiB
Ruby
Raw Normal View History

require 'digest/sha2'
require 'organization'
2012-04-16 08:04:49 +00:00
class User < ApplicationModel
2012-04-29 20:47:35 +00:00
include Gmaps
before_create :check_name, :check_email, :check_login, :check_image, :check_geo, :check_password
2013-02-19 19:04:35 +00:00
before_update :check_password, :check_image, :check_geo, :check_email, :check_login_update
2012-04-10 14:06:46 +00:00
2012-04-16 08:04:49 +00:00
has_and_belongs_to_many :groups, :after_add => :cache_update, :after_remove => :cache_update
has_and_belongs_to_many :roles, :after_add => :cache_update, :after_remove => :cache_update
has_and_belongs_to_many :organizations, :after_add => :cache_update, :after_remove => :cache_update
2012-04-23 06:55:16 +00:00
has_many :tokens, :after_add => :cache_update, :after_remove => :cache_update
2012-04-16 08:04:49 +00:00
has_many :authorizations, :after_add => :cache_update, :after_remove => :cache_update
belongs_to :organization, :class_name => 'Organization'
store :preferences
2012-07-10 08:09:58 +00:00
def fullname
fullname = ''
if self.firstname
fullname = fullname + self.firstname
end
if self.lastname
if fullname != ''
fullname = fullname + ' '
end
fullname = fullname + self.lastname
end
return fullname
end
2012-09-04 21:28:49 +00:00
def is_role( role_name )
self.roles.each { |role|
return role if role.name == role_name
}
return false
end
def self.authenticate( username, password )
2012-07-29 15:27:01 +00:00
# do not authenticate with nothing
return if !username || username == ''
return if !password || password == ''
2012-07-29 15:27:01 +00:00
# try to find user based on login
2013-02-07 21:24:03 +00:00
user = User.where( :login => username.downcase, :active => true ).first
2012-07-29 15:27:01 +00:00
# try second lookup with email
if !user
2013-02-07 21:24:03 +00:00
user = User.where( :email => username.downcase, :active => true ).first
end
2012-07-29 15:27:01 +00:00
2013-02-07 21:24:03 +00:00
# check failed logins
2013-02-12 22:49:52 +00:00
max_login_failed = Setting.get('password_max_login_failed') || 10
if user && user.login_failed > max_login_failed
return false
2013-02-07 21:24:03 +00:00
end
2012-07-29 15:27:01 +00:00
# use auth backends
config = [
{
:adapter => 'internal',
},
{
:adapter => 'test',
},
]
Setting.where( :area => 'Security::Authentication' ).each {|setting|
if setting.state[:value]
config.push setting.state[:value]
end
}
2013-02-07 21:24:03 +00:00
# try to login against configure auth backends
user_auth = nil
config.each {|config_item|
2013-05-05 22:47:58 +00:00
next if !config_item[:adapter]
2013-05-07 20:14:08 +00:00
next if config_item.class == TrueClass
file = "auth/#{config_item[:adapter]}"
require file
user_auth = Auth.const_get("#{config_item[:adapter].to_s.upcase}").check( username, password, config_item, user )
2013-02-07 21:24:03 +00:00
# auth ok
if user_auth
2013-02-12 22:49:52 +00:00
# remember last login date
2013-02-12 23:21:56 +00:00
user_auth.update_last_login
2013-02-07 21:24:03 +00:00
# reset login failed
2013-02-12 23:21:56 +00:00
user_auth.login_failed = 0
user_auth.save
2013-02-07 21:24:03 +00:00
return user_auth
end
}
2013-02-07 21:24:03 +00:00
# set login failed +1
2013-02-12 23:21:56 +00:00
if !user_auth && user
user.login_failed = user.login_failed + 1
user.save
end
2013-02-07 21:24:03 +00:00
# auth failed
2013-02-07 21:24:03 +00:00
sleep 1
return user_auth
2012-04-10 14:06:46 +00:00
end
2013-02-17 18:28:32 +00:00
def self.sso(params)
# use auth backends
config = [
{
:adapter => 'env',
},
{
:adapter => 'otrs',
},
]
# Setting.where( :area => 'Security::Authentication' ).each {|setting|
# if setting.state[:value]
# config.push setting.state[:value]
# end
# }
# try to login against configure auth backends
user_auth = nil
config.each {|config_item|
2013-05-05 22:47:58 +00:00
next if !config_item[:adapter]
2013-05-07 20:14:08 +00:00
next if config_item.class == TrueClass
2013-02-17 18:28:32 +00:00
file = "sso/#{config_item[:adapter]}"
require file
user_auth = SSO.const_get("#{config_item[:adapter].to_s.upcase}").check( params, config_item )
# auth ok
if user_auth
# remember last login date
user_auth.update_last_login
# reset login failed
user_auth.login_failed = 0
user_auth.save
return user_auth
end
}
return false
end
2012-04-10 14:06:46 +00:00
def self.create_from_hash!(hash)
url = ''
if hash['info']['urls'] then
url = hash['info']['urls']['Website'] || hash['info']['urls']['Twitter'] || ''
end
roles = Role.where( :name => 'Customer' )
2012-04-23 06:55:16 +00:00
self.create(
2012-04-10 14:06:46 +00:00
:login => hash['info']['nickname'] || hash['uid'],
:firstname => hash['info']['name'],
:email => hash['info']['email'],
:image => hash['info']['image'],
# :url => url.to_s,
:note => hash['info']['description'],
:source => hash['provider'],
:roles => roles,
2013-02-07 21:24:03 +00:00
:updated_by_id => 1,
:created_by_id => 1,
2012-04-10 14:06:46 +00:00
)
end
2012-04-23 06:55:16 +00:00
def self.password_reset_send(username)
return if !username || username == ''
# try to find user based on login
2013-02-07 21:24:03 +00:00
user = User.where( :login => username.downcase, :active => true ).first
2012-10-18 08:10:12 +00:00
2012-04-23 06:55:16 +00:00
# try second lookup with email
if !user
2013-02-07 21:24:03 +00:00
user = User.where( :email => username.downcase, :active => true ).first
2012-04-23 06:55:16 +00:00
end
# check if email address exists
return if !user
2012-04-23 06:55:16 +00:00
return if !user.email
# generate token
token = Token.create( :action => 'PasswordReset', :user_id => user.id )
# send mail
data = {}
data[:subject] = 'Reset your #{config.product_name} password'
data[:body] = 'Forgot your password?
We received a request to reset the password for your #{config.product_name} account (#{user.login}).
If you want to reset your password, click on the link below (or copy and paste the URL into your browser):
2012-04-23 18:50:04 +00:00
#{config.http_type}://#{config.fqdn}/#password_reset_verify/#{token.name}
2012-04-23 06:55:16 +00:00
This link takes you to a page where you can change your password.
If you don\'t want to reset your password, please ignore this message. Your password will not be reset.
Your #{config.product_name} Team
'
# prepare subject & body
[:subject, :body].each { |key|
data[key.to_sym] = NotificationFactory.build(
:locale => user.locale,
2012-04-23 06:55:16 +00:00
:string => data[key.to_sym],
:objects => {
:token => token,
:user => user,
}
)
}
# send notification
NotificationFactory.send(
:recipient => user,
:subject => data[:subject],
:body => data[:body]
)
return true
end
# check token
2012-04-23 06:55:16 +00:00
def self.password_reset_check(token)
2013-01-03 12:00:55 +00:00
user = Token.check( :action => 'PasswordReset', :name => token )
return user
2012-04-23 06:55:16 +00:00
end
def self.password_reset_via_token(token,password)
2012-07-23 22:22:23 +00:00
2012-04-23 06:55:16 +00:00
# check token
2013-01-03 12:00:55 +00:00
user = Token.check( :action => 'PasswordReset', :name => token )
return if !user
2012-07-23 22:22:23 +00:00
2012-04-23 06:55:16 +00:00
# reset password
2013-01-03 12:00:55 +00:00
user.update_attributes( :password => password )
2012-07-23 22:22:23 +00:00
2012-04-23 06:55:16 +00:00
# delete token
2013-01-03 12:00:55 +00:00
Token.where( :action => 'PasswordReset', :name => token ).first.destroy
return user
2012-04-23 06:55:16 +00:00
end
def self.find_fulldata(user_id)
cache = self.cache_get(user_id, true)
2012-07-29 15:27:01 +00:00
return cache if cache
# get user
user = User.find(user_id)
data = user.attributes
# do not show password
user['password'] = ''
# get linked accounts
data['accounts'] = {}
authorizations = user.authorizations() || []
authorizations.each do | authorization |
data['accounts'][authorization.provider] = {
:uid => authorization[:uid],
:username => authorization[:username]
}
end
2012-07-23 22:22:23 +00:00
# set roles
roles = []
user.roles.select('id, name').where( :active => true ).each { |role|
2012-07-29 15:27:01 +00:00
roles.push role.attributes
}
data['roles'] = roles
data['role_ids'] = user.role_ids
groups = []
user.groups.select('id, name').where( :active => true ).each { |group|
2012-07-29 15:27:01 +00:00
groups.push group.attributes
}
data['groups'] = groups
data['group_ids'] = user.group_ids
organization = user.organization
2012-07-29 15:27:01 +00:00
if organization
data['organization'] = organization.attributes
end
organizations = []
user.organizations.select('id, name').where( :active => true ).each { |organization|
2012-07-29 15:27:01 +00:00
organizations.push organization.attributes
}
data['organizations'] = organizations
data['organization_ids'] = user.organization_ids
self.cache_set(user.id, data, true)
return data
end
2012-07-23 22:22:23 +00:00
def self.user_data_full (user_id)
# get user
user = User.find_fulldata(user_id)
# do not show password
user['password'] = ''
# TEMP: compat. reasons
user['preferences'] = {} if user['preferences'] == nil
items = []
if user['preferences'][:tickets_open].to_i > 0
item = {
:url => '',
:name => 'open',
:count => user['preferences'][:tickets_open] || 0,
:title => 'Open Tickets',
:class => 'user-tickets',
:data => 'open'
}
items.push item
end
if user['preferences'][:tickets_closed].to_i > 0
item = {
:url => '',
:name => 'closed',
:count => user['preferences'][:tickets_closed] || 0,
:title => 'Closed Tickets',
:class => 'user-tickets',
:data => 'closed'
}
items.push item
end
# show linked topics and items
if items.count > 0
topic = {
:title => 'Tickets',
:items => items,
}
user['links'] = []
user['links'].push topic
end
return user
end
2012-04-29 20:47:35 +00:00
# update all users geo data
def self.geo_update_all
User.all.each { |user|
user.geo_update
user.save
}
end
# update geo data of one user
def geo_update
address = ''
location = ['street', 'zip', 'city', 'country']
location.each { |item|
if self[item] && self[item] != ''
address = address + ',' + self[item]
end
}
# return if no address is given
return if address == ''
# dp lookup
latlng = Gmaps.geocode(address)
if latlng
self.preferences['lat'] = latlng[0]
self.preferences['lng'] = latlng[1]
end
end
2012-10-18 08:10:12 +00:00
def update_last_login
self.last_login = Time.now
self.save
end
2012-04-10 14:06:46 +00:00
private
2012-04-29 20:47:35 +00:00
def check_geo
2012-05-02 00:26:41 +00:00
# geo update if no user exists
if !self.id
self.geo_update
return
end
2012-04-29 20:47:35 +00:00
location = ['street', 'zip', 'city', 'country']
2012-06-20 09:39:53 +00:00
# get current user data
current = User.where( :id => self.id ).first
return if !current
2012-04-29 20:47:35 +00:00
# check if geo update is needed
current_location = {}
location.each { |item|
current_location[item] = current[item]
}
2012-10-18 11:42:05 +00:00
2012-04-29 20:47:35 +00:00
# get full address
next_location = {}
location.each { |item|
next_location[item] = self[item]
}
# return if address hasn't changed and geo data is already available
return if ( current_location == next_location ) && ( self.preferences['lat'] && self.preferences['lng'] )
# geo update
self.geo_update
end
2012-04-10 14:06:46 +00:00
def check_name
2012-11-02 07:14:59 +00:00
if ( self.firstname && !self.firstname.empty? ) && ( !self.lastname || self.lastname.empty? )
# Lastname, Firstname
scan = self.firstname.scan(/, /)
if scan[0]
name = self.firstname.split(', ', 2)
self.lastname = name[0]
self.firstname = name[1]
return
end
# Firstname Lastname
2012-04-10 14:06:46 +00:00
name = self.firstname.split(' ', 2)
self.firstname = name[0]
self.lastname = name[1]
return
# -no name- firstname.lastname@example.com
2012-11-02 07:14:59 +00:00
elsif ( !self.firstname || self.firstname.empty? ) && ( !self.lastname || self.lastname.empty? ) && ( self.email && !self.email.empty? )
scan = self.email.scan(/^(.+?)\.(.+?)\@.+?$/)
if scan[0]
self.firstname = scan[0][0].capitalize
self.lastname = scan[0][1].capitalize
end
2012-04-10 14:06:46 +00:00
end
end
2012-04-29 20:47:35 +00:00
2012-04-10 14:06:46 +00:00
def check_email
2012-04-29 20:47:35 +00:00
if self.email
2012-04-10 14:06:46 +00:00
self.email = self.email.downcase
end
end
2012-04-29 20:47:35 +00:00
2012-11-12 12:04:14 +00:00
def check_login
2013-02-19 19:04:35 +00:00
if self.login
self.login = self.login.downcase
check = true
while check
exists = User.where( :login => self.login ).first
if exists
self.login = self.login + rand(99).to_s
else
check = false
end
end
end
end
# FIXME: Remove me later
def check_login_update
2012-11-12 12:04:14 +00:00
if self.login
self.login = self.login.downcase
end
end
2012-04-10 14:06:46 +00:00
def check_image
require 'digest/md5'
2012-04-29 20:47:35 +00:00
if !self.image || self.image == ''
if self.email
2012-04-10 14:06:46 +00:00
hash = Digest::MD5.hexdigest(self.email)
self.image = "http://www.gravatar.com/avatar/#{hash}?s=48"
end
end
end
2012-04-29 20:47:35 +00:00
def check_password
2012-10-18 11:42:05 +00:00
# set old password again if not given
if self.password == '' || !self.password
# get current record
if self.id
current = User.find(self.id)
self.password = current.password
end
# create crypted password if not already crypted
else
if self.password !~ /^\{sha2\}/
crypted = Digest::SHA2.hexdigest( self.password )
self.password = "{sha2}#{crypted}"
end
end
end
2012-04-10 14:06:46 +00:00
end