trabajo-afectivo/app/models/user.rb

558 lines
13 KiB
Ruby
Raw Normal View History

2014-02-03 19:23:00 +00:00
# Copyright (C) 2012-2014 Zammad Foundation, http://zammad-foundation.org/
require 'digest/md5'
2012-04-16 08:04:49 +00:00
class User < ApplicationModel
load 'user/assets.rb'
include User::Assets
extend User::Search
include User::SearchIndex
before_create :check_name, :check_email, :check_login, :check_image, :check_password
before_update :check_password, :check_image, :check_email, :check_login_update
after_create :check_image_load, :notify_clients_after_create
after_update :check_image_load, :notify_clients_after_update
after_destroy :notify_clients_after_destroy
2012-04-10 14:06:46 +00:00
2012-04-16 08:04:49 +00:00
has_and_belongs_to_many :groups, :after_add => :cache_update, :after_remove => :cache_update
has_and_belongs_to_many :roles, :after_add => :cache_update, :after_remove => :cache_update
has_and_belongs_to_many :organizations, :after_add => :cache_update, :after_remove => :cache_update
2012-04-23 06:55:16 +00:00
has_many :tokens, :after_add => :cache_update, :after_remove => :cache_update
2012-04-16 08:04:49 +00:00
has_many :authorizations, :after_add => :cache_update, :after_remove => :cache_update
belongs_to :organization, :class_name => 'Organization'
store :preferences
2013-10-05 14:44:50 +00:00
activity_stream_support(
:role => 'Admin',
:ignore_attributes => {
:last_login => true,
:image => true,
2013-11-02 22:18:39 +00:00
:image_source => true,
}
2013-10-05 14:44:50 +00:00
)
2013-10-22 06:43:49 +00:00
history_support(
:ignore_attributes => {
:password => true,
:image => true,
:image_source => true,
2013-10-22 06:43:49 +00:00
}
)
search_index_support(
:ignore_attributes => {
:password => true,
:image => true,
:image_source => true,
:source => true,
:login_failed => true,
:preferences => true,
:locale => true,
}
)
2013-09-28 00:07:11 +00:00
2013-08-17 22:10:02 +00:00
=begin
fullname of user
user = User.find(123)
result = user.fulename
returns
result = "Bob Smith"
=end
2012-07-10 08:09:58 +00:00
def fullname
fullname = ''
if self.firstname
fullname = fullname + self.firstname
end
if self.lastname
if fullname != ''
fullname = fullname + ' '
end
fullname = fullname + self.lastname
end
2013-09-28 00:07:11 +00:00
fullname
2012-07-10 08:09:58 +00:00
end
2013-08-17 22:10:02 +00:00
=begin
check if user is in role
user = User.find(123)
result = user.is_role('Customer')
returns
result = true|false
=end
2012-09-04 21:28:49 +00:00
def is_role( role_name )
self.roles.each { |role|
return role if role.name == role_name
}
false
2012-09-04 21:28:49 +00:00
end
2013-08-17 22:10:02 +00:00
=begin
2013-09-28 00:07:11 +00:00
get users activity stream
user = User.find(123)
result = user.activity_stream( 20 )
returns
result = [
{
:id =>2,
:o_id =>2,
:created_by_id => 3,
:created_at => '2013-09-28 00:57:21',
:object => "User",
:type => "created",
},
{
:id =>2,
:o_id =>2,
:created_by_id => 3,
:created_at => '2013-09-28 00:59:21',
:object => "User",
:type => "updated",
},
]
=end
def activity_stream( limit, fulldata = false )
activity_stream = ActivityStream.list( self, limit )
return activity_stream if !fulldata
# get related objects
assets = ApplicationModel.assets_of_object_list(activity_stream)
2013-09-28 00:07:11 +00:00
return {
:activity_stream => activity_stream,
:assets => assets,
}
end
=begin
2013-08-17 22:10:02 +00:00
authenticate user
result = User.authenticate(username, password)
returns
result = user_model # user model if authentication was successfully
=end
def self.authenticate( username, password )
2012-07-29 15:27:01 +00:00
# do not authenticate with nothing
return if !username || username == ''
return if !password || password == ''
2012-07-29 15:27:01 +00:00
# try to find user based on login
2013-02-07 21:24:03 +00:00
user = User.where( :login => username.downcase, :active => true ).first
2012-07-29 15:27:01 +00:00
# try second lookup with email
if !user
2013-02-07 21:24:03 +00:00
user = User.where( :email => username.downcase, :active => true ).first
end
2012-07-29 15:27:01 +00:00
2013-02-07 21:24:03 +00:00
# check failed logins
2013-02-12 22:49:52 +00:00
max_login_failed = Setting.get('password_max_login_failed') || 10
if user && user.login_failed > max_login_failed
return false
2013-02-07 21:24:03 +00:00
end
2012-07-29 15:27:01 +00:00
2013-08-17 21:48:01 +00:00
user_auth = Auth.check( username, password, user )
2013-02-07 21:24:03 +00:00
# set login failed +1
2013-02-12 23:21:56 +00:00
if !user_auth && user
2013-08-17 21:48:01 +00:00
sleep 1
2013-02-12 23:21:56 +00:00
user.login_failed = user.login_failed + 1
user.save
end
2013-02-07 21:24:03 +00:00
2013-08-17 21:48:01 +00:00
# auth ok
2013-02-07 21:24:03 +00:00
return user_auth
2012-04-10 14:06:46 +00:00
end
2013-08-17 22:10:02 +00:00
=begin
authenticate user agains sso
result = User.sso(sso_params)
returns
result = user_model # user model if authentication was successfully
=end
2013-02-17 18:28:32 +00:00
def self.sso(params)
# try to login against configure auth backends
2013-08-19 08:22:31 +00:00
user_auth = Sso.check( params )
2013-08-17 21:48:01 +00:00
return if !user_auth
2013-02-17 18:28:32 +00:00
2013-08-17 21:48:01 +00:00
return user_auth
2013-02-17 18:28:32 +00:00
end
2013-08-17 22:10:02 +00:00
=begin
create user from from omni auth hash
result = User.create_from_hash!(hash)
returns
result = user_model # user model if create was successfully
=end
2012-04-10 14:06:46 +00:00
def self.create_from_hash!(hash)
url = ''
if hash['info']['urls'] then
url = hash['info']['urls']['Website'] || hash['info']['urls']['Twitter'] || ''
end
roles = Role.where( :name => 'Customer' )
2012-04-23 06:55:16 +00:00
self.create(
2012-04-10 14:06:46 +00:00
:login => hash['info']['nickname'] || hash['uid'],
:firstname => hash['info']['name'],
:email => hash['info']['email'],
:image => hash['info']['image'],
# :url => url.to_s,
2012-04-10 14:06:46 +00:00
:note => hash['info']['description'],
:source => hash['provider'],
:roles => roles,
2013-02-07 21:24:03 +00:00
:updated_by_id => 1,
:created_by_id => 1,
2012-04-10 14:06:46 +00:00
)
end
2012-04-23 06:55:16 +00:00
2013-08-17 22:10:02 +00:00
=begin
send reset password email with token to user
result = User.password_reset_send(username)
returns
result = true|false
=end
2012-04-23 06:55:16 +00:00
def self.password_reset_send(username)
return if !username || username == ''
# try to find user based on login
2013-02-07 21:24:03 +00:00
user = User.where( :login => username.downcase, :active => true ).first
2012-10-18 08:10:12 +00:00
2012-04-23 06:55:16 +00:00
# try second lookup with email
if !user
2013-02-07 21:24:03 +00:00
user = User.where( :email => username.downcase, :active => true ).first
2012-04-23 06:55:16 +00:00
end
# check if email address exists
return if !user
2012-04-23 06:55:16 +00:00
return if !user.email
# generate token
token = Token.create( :action => 'PasswordReset', :user_id => user.id )
# send mail
data = {}
data[:subject] = 'Reset your #{config.product_name} password'
data[:body] = 'Forgot your password?
We received a request to reset the password for your #{config.product_name} account (#{user.login}).
2012-04-23 06:55:16 +00:00
If you want to reset your password, click on the link below (or copy and paste the URL into your browser):
2012-04-23 06:55:16 +00:00
#{config.http_type}://#{config.fqdn}/#password_reset_verify/#{token.name}
2012-04-23 06:55:16 +00:00
This link takes you to a page where you can change your password.
2012-04-23 06:55:16 +00:00
If you don\'t want to reset your password, please ignore this message. Your password will not be reset.
2012-04-23 06:55:16 +00:00
Your #{config.product_name} Team
'
2012-04-23 06:55:16 +00:00
# prepare subject & body
[:subject, :body].each { |key|
data[key.to_sym] = NotificationFactory.build(
:locale => user.locale,
2012-04-23 06:55:16 +00:00
:string => data[key.to_sym],
:objects => {
:token => token,
:user => user,
}
)
}
# send notification
NotificationFactory.send(
:recipient => user,
:subject => data[:subject],
:body => data[:body]
)
return true
end
2013-08-17 22:10:02 +00:00
=begin
check reset password token
result = User.password_reset_check(token)
returns
result = user_model # user_model if token was verified
=end
2012-04-23 06:55:16 +00:00
def self.password_reset_check(token)
2013-01-03 12:00:55 +00:00
user = Token.check( :action => 'PasswordReset', :name => token )
# reset login failed if token is valid
if user
user.login_failed = 0
user.save
end
2013-01-03 12:00:55 +00:00
return user
2012-04-23 06:55:16 +00:00
end
2013-08-17 22:10:02 +00:00
=begin
reset reset password with token and set new password
result = User.password_reset_via_token(token,password)
returns
result = user_model # user_model if token was verified
=end
2012-04-23 06:55:16 +00:00
def self.password_reset_via_token(token,password)
2012-07-23 22:22:23 +00:00
2012-04-23 06:55:16 +00:00
# check token
2013-01-03 12:00:55 +00:00
user = Token.check( :action => 'PasswordReset', :name => token )
return if !user
2012-07-23 22:22:23 +00:00
2012-04-23 06:55:16 +00:00
# reset password
2013-01-03 12:00:55 +00:00
user.update_attributes( :password => password )
2012-07-23 22:22:23 +00:00
2012-04-23 06:55:16 +00:00
# delete token
2013-01-03 12:00:55 +00:00
Token.where( :action => 'PasswordReset', :name => token ).first.destroy
return user
2012-04-23 06:55:16 +00:00
end
2013-08-17 22:10:02 +00:00
=begin
2013-10-22 06:43:49 +00:00
update last login date and reset login_failed (is automatically done by auth and sso backend)
2013-08-17 22:10:02 +00:00
user = User.find(123)
result = user.update_last_login
returns
result = new_user_model
=end
2012-10-18 08:10:12 +00:00
def update_last_login
self.last_login = Time.now
2013-10-22 06:43:49 +00:00
# reset login failed
self.login_failed = 0
# set updated by user
self.updated_by_id = self.id
2012-10-18 08:10:12 +00:00
self.save
end
2014-07-27 11:40:42 +00:00
=begin
get image of user
user = User.find(123)
result = user.get_image
returns
result = {
:filename => 'some filename',
:content_type => 'image/png',
:content => bin_string,
}
=end
def get_image
# find file
list = Store.list( :object => 'User::Image', :o_id => self.id )
2014-10-26 12:17:00 +00:00
logger.debug list.inspect
2014-07-27 11:40:42 +00:00
if list && list[0]
file = Store.find( list[0] )
result = {
:content => file.content,
:filename => file.filename,
:content_type => file.preferences['Content-Type'] || file.preferences['Mime-Type'],
}
return result
end
# serve defalt image
image = 'R0lGODdhMAAwAOMAAMzMzJaWlr6+vqqqqqOjo8XFxbe3t7GxsZycnAAAAAAAAAAAAAAAAAAAAAAAAAAAACwAAAAAMAAwAAAEcxDISau9OOvNu/9gKI5kaZ5oqq5s675wLM90bd94ru98TwuAA+KQAQqJK8EAgBAgMEqmkzUgBIeSwWGZtR5XhSqAULACCoGCJGwlm1MGQrq9RqgB8fm4ZTUgDBIEcRR9fz6HiImKi4yNjo+QkZKTlJWWkBEAOw=='
result = {
:content => Base64.decode64(image),
:filename => 'image.gif',
:content_type => 'image/gif',
}
return result
end
2012-04-10 14:06:46 +00:00
private
def check_name
if ( self.firstname && !self.firstname.empty? ) && ( !self.lastname || self.lastname.empty? )
# Lastname, Firstname
scan = self.firstname.scan(/, /)
if scan[0]
name = self.firstname.split(', ', 2)
self.lastname = name[0]
self.firstname = name[1]
return
end
# Firstname Lastname
name = self.firstname.split(' ', 2)
self.firstname = name[0]
self.lastname = name[1]
return
# -no name- firstname.lastname@example.com
elsif ( !self.firstname || self.firstname.empty? ) && ( !self.lastname || self.lastname.empty? ) && ( self.email && !self.email.empty? )
scan = self.email.scan(/^(.+?)\.(.+?)\@.+?$/)
if scan[0]
self.firstname = scan[0][0].capitalize
self.lastname = scan[0][1].capitalize
2012-04-10 14:06:46 +00:00
end
2012-04-10 14:06:46 +00:00
end
end
2012-04-29 20:47:35 +00:00
def check_email
if self.email
self.email = self.email.downcase
2012-04-10 14:06:46 +00:00
end
end
2012-04-29 20:47:35 +00:00
def check_login
2014-09-25 06:20:20 +00:00
if !self.login && self.email
self.login = self.email
end
if self.login
self.login = self.login.downcase
check = true
while check
exists = User.where( :login => self.login ).first
if exists
self.login = self.login + rand(99).to_s
else
check = false
2013-02-19 19:04:35 +00:00
end
end
end
end
2013-02-19 19:04:35 +00:00
# FIXME: Remove me later
def check_login_update
if self.login
self.login = self.login.downcase
2012-11-12 12:04:14 +00:00
end
end
2012-11-12 12:04:14 +00:00
def check_image
if !self.image_source || self.image_source == '' || self.image_source =~ /gravatar.com/i
if self.email
hash = Digest::MD5.hexdigest(self.email)
self.image_source = "http://www.gravatar.com/avatar/#{hash}?s=48&d=404"
2014-10-26 12:17:00 +00:00
logger.debug "#{self.email}: #{self.image_source}"
2012-04-10 14:06:46 +00:00
end
end
end
2012-04-29 20:47:35 +00:00
def check_image_load
return if !self.image_source
return if self.image_source !~ /http/i
# download image
response = UserAgent.request( self.image_source )
if !response.success?
self.update_column( :image, 'none' )
2013-11-02 22:05:41 +00:00
self.cache_delete
2014-07-27 11:40:42 +00:00
#puts "WARNING: Can't fetch '#{self.image_source}' (maybe no avatar available), http code: #{response.code.to_s}"
2013-11-02 21:35:37 +00:00
#raise "Can't fetch '#{self.image_source}', http code: #{response.code.to_s}"
return
end
2014-07-27 11:40:42 +00:00
#puts "NOTICE: Fetch '#{self.image_source}', http code: #{response.code.to_s}"
# store image local
hash = Digest::MD5.hexdigest( response.body )
# check if image has changed
2014-07-21 22:43:58 +00:00
return if self.image == hash
2014-07-27 11:40:42 +00:00
#puts "NOTICE: update image in store"
# save new image
self.update_column( :image, hash )
Store.remove( :object => 'User::Image', :o_id => self.id )
Store.add(
:object => 'User::Image',
:o_id => self.id,
:data => response.body,
:filename => 'image',
:preferences => {
'Content-Type' => response.content_type
},
:created_by_id => self.updated_by_id,
)
2014-07-27 11:40:42 +00:00
self.cache_delete
end
def check_password
2012-10-18 11:42:05 +00:00
# set old password again if not given
if self.password == '' || !self.password
# get current record
if self.id
current = User.find(self.id)
self.password = current.password
end
# create crypted password if not already crypted
else
if self.password !~ /^\{sha2\}/
crypted = Digest::SHA2.hexdigest( self.password )
self.password = "{sha2}#{crypted}"
end
end
end
2012-04-10 14:06:46 +00:00
end