This repository has been archived by the owner on Sep 10, 2019. It is now read-only.
-
Notifications
You must be signed in to change notification settings - Fork 0
/
user.rb
91 lines (71 loc) · 2.94 KB
/
user.rb
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
require 'digest/sha1'
class User < ActiveRecord::Base
# ---------------------------------------
# The following code has been generated by role_requirement.
# You may wish to modify it to suit your need
has_and_belongs_to_many :roles
# has_role? simply needs to return true or false whether a user has a role or not.
# It may be a good idea to have "admin" roles return true always
def has_role?(role_in_question)
@_list ||= self.roles.collect(&:name)
return true if @_list.include?("admin")
(@_list.include?(role_in_question.to_s) )
end
# ---------------------------------------
include Authentication
include Authentication::ByPassword
include Authentication::ByCookieToken
has_many :submissions
has_many :challenges
validates_presence_of :login
validates_length_of :login, :within => 3..40
validates_uniqueness_of :login
validates_format_of :login, :with => Authentication.login_regex, :message => Authentication.bad_login_message
validates_format_of :name, :with => Authentication.name_regex, :message => Authentication.bad_name_message, :allow_nil => true
validates_length_of :name, :maximum => 100
validates_presence_of :email
validates_length_of :email, :within => 6..100 #[email protected]
validates_uniqueness_of :email
validates_format_of :email, :with => Authentication.email_regex, :message => Authentication.bad_email_message
before_create :make_activation_code
# HACK HACK HACK -- how to do attr_accessible from here?
# prevents a user from submitting a crafted form that bypasses activation
# anything else you want your user to change should be added here.
attr_accessible :login, :email, :name, :password, :password_confirmation
# Activates the user in the database.
def activate!
@activated = true
self.activated_at = Time.now.utc
self.activation_code = nil
save(false)
end
# Returns true if the user has just been activated.
def recently_activated?
@activated
end
def active?
# the existence of an activation code means they have not activated yet
activation_code.nil?
end
# Authenticates a user by their login name and unencrypted password. Returns the user or nil.
#
# uff. this is really an authorization, not authentication routine.
# We really need a Dispatch Chain here or something.
# This will also let us return a human error message.
#
def self.authenticate(login, password)
return nil if login.blank? || password.blank?
u = find :first, :conditions => ['login = ? and activated_at IS NOT NULL', login] # need to get the salt
u && u.authenticated?(password) ? u : nil
end
def login=(value)
write_attribute :login, (value ? value.downcase : nil)
end
def email=(value)
write_attribute :email, (value ? value.downcase : nil)
end
protected
def make_activation_code
self.activation_code = self.class.make_token
end
end