1
0
mirror of https://github.com/LaCasemate/fab-manager.git synced 2024-12-01 12:24:28 +01:00
fab-manager/app/models/user.rb

360 lines
12 KiB
Ruby
Raw Normal View History

# frozen_string_literal: true
# User is a physical or moral person with its authentication parameters
# It is linked to the Profile model with hold informations about this person (like address, name, etc.)
2015-05-05 03:10:25 +02:00
class User < ActiveRecord::Base
include NotifyWith::NotificationReceiver
include NotifyWith::NotificationAttachedObject
# Include default devise modules. Others available are:
# :lockable, :timeoutable and :omniauthable
devise :database_authenticatable, :registerable, :recoverable, :rememberable, :trackable, :validatable,
:confirmable
2015-05-05 03:10:25 +02:00
rolify
2016-03-23 18:39:41 +01:00
# enable OmniAuth authentication only if needed
devise :omniauthable, omniauth_providers: [AuthProvider.active.strategy_name.to_sym] unless
AuthProvider.active.providable_type == DatabaseProvider.name
2016-03-23 18:39:41 +01:00
2015-05-05 03:10:25 +02:00
extend FriendlyId
friendly_id :username, use: :slugged
has_one :profile, dependent: :destroy
accepts_nested_attributes_for :profile
2016-03-23 18:39:41 +01:00
has_many :my_projects, foreign_key: :author_id, class_name: 'Project', dependent: :destroy
2015-05-05 03:10:25 +02:00
has_many :project_users, dependent: :destroy
has_many :projects, through: :project_users
2016-03-23 18:39:41 +01:00
has_many :reservations, dependent: :destroy
accepts_nested_attributes_for :reservations, allow_destroy: true
# Trainings that were already passed
2016-03-23 18:39:41 +01:00
has_many :user_trainings, dependent: :destroy
has_many :trainings, through: :user_trainings
2015-05-05 03:10:25 +02:00
belongs_to :group
2016-03-23 18:39:41 +01:00
has_many :subscriptions, dependent: :destroy
accepts_nested_attributes_for :subscriptions, allow_destroy: true
has_many :users_credits, dependent: :destroy
has_many :credits, through: :users_credits
has_many :training_credits, through: :users_credits, source: :training_credit
has_many :machine_credits, through: :users_credits, source: :machine_credit
has_many :invoices, dependent: :destroy
2019-03-18 11:11:09 +01:00
has_many :operated_invoices, foreign_key: :operator_id, class_name: 'Invoice', dependent: :nullify
2016-03-23 18:39:41 +01:00
has_many :user_tags, dependent: :destroy
has_many :tags, through: :user_tags
accepts_nested_attributes_for :tags, allow_destroy: true
2016-07-18 18:16:54 +02:00
has_one :wallet, dependent: :destroy
2017-02-21 10:36:00 +01:00
has_many :wallet_transactions, dependent: :destroy
2016-07-18 18:16:54 +02:00
has_many :exports, dependent: :destroy
has_many :history_values, dependent: :nullify
2016-03-23 18:39:41 +01:00
# fix for create admin user
before_save do
email&.downcase!
2016-03-23 18:39:41 +01:00
end
2015-05-05 03:10:25 +02:00
before_create :assign_default_role
2016-07-18 18:16:54 +02:00
after_create :create_a_wallet
2016-03-23 18:39:41 +01:00
after_commit :create_stripe_customer, on: [:create]
after_commit :notify_admin_when_user_is_created, on: :create
after_update :notify_group_changed, if: :group_id_changed?
2015-05-05 03:10:25 +02:00
attr_accessor :cgu
2016-03-23 18:39:41 +01:00
delegate :first_name, to: :profile
delegate :last_name, to: :profile
2015-05-05 03:10:25 +02:00
validate :cgu_must_accept, if: :new_record?
validates :username, presence: true, uniqueness: true, length: { maximum: 30 }
2016-03-23 18:39:41 +01:00
scope :active, -> { where(is_active: true) }
2016-04-06 18:23:32 +02:00
scope :without_subscription, -> { includes(:subscriptions).where(subscriptions: { user_id: nil }) }
scope :with_subscription, -> { joins(:subscriptions) }
2016-03-23 18:39:41 +01:00
def to_json(*)
ApplicationController.new.view_context.render(
partial: 'api/members/member',
locals: { member: self },
formats: [:json],
handlers: [:jbuilder]
)
2015-05-05 03:10:25 +02:00
end
def self.admins
User.with_role(:admin)
end
def self.superadmin
return unless Rails.application.secrets.superadmin_email.present?
User.find_by(email: Rails.application.secrets.superadmin_email)
end
def training_machine?(machine)
return true if admin?
trainings.map(&:machines).flatten.uniq.include?(machine)
2016-03-23 18:39:41 +01:00
end
def training_reservation_by_machine(machine)
reservations.where(reservable_type: 'Training', reservable_id: machine.trainings.map(&:id)).first
end
def subscribed_plan
2018-12-10 17:20:23 +01:00
return nil if subscription.nil? || subscription.expired_at < Time.now
2016-03-23 18:39:41 +01:00
subscription.plan
end
def subscription
subscriptions.order(:created_at).last
2016-03-23 18:39:41 +01:00
end
def admin?
2015-05-05 03:10:25 +02:00
has_role? :admin
end
def member?
2015-05-05 03:10:25 +02:00
has_role? :member
end
def all_projects
my_projects.to_a.concat projects
end
2019-03-18 11:11:09 +01:00
def generate_subscription_invoice(operator_id)
return unless subscription
2019-03-18 11:11:09 +01:00
subscription.generate_and_save_invoice(operator_id)
2016-03-23 18:39:41 +01:00
end
def stripe_customer
Stripe::Customer.retrieve stp_customer_id
end
def soft_destroy
update_attribute(:is_active, false)
uninvolve_from_projects
end
def uninvolve_from_projects
my_projects.destroy_all
project_users.destroy_all
end
def active_for_authentication?
super && is_active?
2016-03-23 18:39:41 +01:00
end
def self.from_omniauth(auth)
active_provider = AuthProvider.active
if active_provider.strategy_name != auth.provider
raise SecurityError, 'The identity provider does not match the activated one'
end
where(provider: auth.provider, uid: auth.uid).first_or_create.tap do |user|
# execute this regardless of whether record exists or not (-> User#tap)
# this will init or update the user thanks to the information retrieved from the SSO
2016-03-23 18:39:41 +01:00
user.profile ||= Profile.new
auth.info.mapping.each do |key, value|
user.set_data_from_sso_mapping(key, value)
end
user.password = Devise.friendly_token[0,20]
end
end
def need_completion?
profile.gender.nil? || profile.first_name.blank? || profile.last_name.blank? || username.blank? ||
email.blank? || encrypted_password.blank? || group_id.nil? || profile.birthday.blank? || profile.phone.blank?
2016-03-23 18:39:41 +01:00
end
## Retrieve the requested data in the User and user's Profile tables
## @param sso_mapping {String} must be of form 'user._field_' or 'profile._field_'. Eg. 'user.email'
def get_data_from_sso_mapping(sso_mapping)
parsed = /^(user|profile)\.(.+)$/.match(sso_mapping)
if parsed[1] == 'user'
self[parsed[2].to_sym]
elsif parsed[1] == 'profile'
case sso_mapping
when 'profile.avatar'
profile.user_avatar.remote_attachment_url
when 'profile.address'
profile.address.address
when 'profile.organization_name'
profile.organization.name
when 'profile.organization_address'
profile.organization.address.address
else
profile[parsed[2].to_sym]
end
2016-03-23 18:39:41 +01:00
end
end
## Set some data on the current user, according to the sso_key given
## @param sso_mapping {String} must be of form 'user._field_' or 'profile._field_'. Eg. 'user.email'
## @param data {*} the data to put in the given key. Eg. 'user@example.com'
def set_data_from_sso_mapping(sso_mapping, data)
if sso_mapping.to_s.start_with? 'user.'
self[sso_mapping[5..-1].to_sym] = data unless data.nil?
elsif sso_mapping.to_s.start_with? 'profile.'
case sso_mapping.to_s
when 'profile.avatar'
profile.user_avatar ||= UserAvatar.new
profile.user_avatar.remote_attachment_url = data
when 'profile.address'
profile.address ||= Address.new
profile.address.address = data
when 'profile.organization_name'
profile.organization ||= Organization.new
profile.organization.name = data
when 'profile.organization_address'
profile.organization ||= Organization.new
profile.organization.address ||= Address.new
profile.organization.address.address = data
else
profile[sso_mapping[8..-1].to_sym] = data unless data.nil?
2016-03-23 18:39:41 +01:00
end
end
end
## used to allow the migration of existing users between authentication providers
def generate_auth_migration_token
update_attributes(auth_token: Devise.friendly_token)
2016-03-23 18:39:41 +01:00
end
## link the current user to the given provider (omniauth attributes hash)
## and remove the auth_token to mark his account as "migrated"
def link_with_omniauth_provider(auth)
active_provider = AuthProvider.active
if active_provider.strategy_name != auth.provider
raise SecurityError, 'The identity provider does not match the activated one'
end
if User.where(provider: auth.provider, uid: auth.uid).size.positive?
2016-03-23 18:39:41 +01:00
raise DuplicateIndexError, "This #{active_provider.name} account is already linked to an existing user"
end
update_attributes(provider: auth.provider, uid: auth.uid, auth_token: nil)
end
## Merge the provided User's SSO details into the current user and drop the provided user to ensure the unity
## @param sso_user {User} the provided user will be DELETED after the merge was successful
def merge_from_sso(sso_user)
# update the attributes to link the account to the sso account
2016-03-23 18:39:41 +01:00
self.provider = sso_user.provider
self.uid = sso_user.uid
# remove the token
self.auth_token = nil
self.merged_at = DateTime.now
# check that the email duplication was resolved
if sso_user.email.end_with? '-duplicate'
email_addr = sso_user.email.match(/^<([^>]+)>.{20}-duplicate$/)[1]
raise(DuplicateIndexError, email_addr) unless email_addr == email
2016-03-23 18:39:41 +01:00
end
# update the user's profile to set the data managed by the SSO
auth_provider = AuthProvider.from_strategy_name(sso_user.provider)
auth_provider.sso_fields.each do |field|
value = sso_user.get_data_from_sso_mapping(field)
# we do not merge the email field if its end with the special value '-duplicate' as this means
# that the user is currently merging with the account that have the same email than the sso
set_data_from_sso_mapping(field, value) unless field == 'user.email' && value.end_with?('-duplicate')
2016-03-23 18:39:41 +01:00
end
# run the account transfer in an SQL transaction to ensure data integrity
2016-03-23 18:39:41 +01:00
User.transaction do
# remove the temporary account
sso_user.destroy
# finally, save the new details
save!
2016-03-23 18:39:41 +01:00
end
end
def self.mapping
# we protect some fields as they are designed to be managed by the system and must not be updated externally
blacklist = %w[id encrypted_password reset_password_token reset_password_sent_at remember_created_at
sign_in_count current_sign_in_at last_sign_in_at current_sign_in_ip last_sign_in_ip confirmation_token
confirmed_at confirmation_sent_at unconfirmed_email failed_attempts unlock_token locked_at created_at
updated_at stp_customer_id slug provider auth_token merged_at]
User.column_types
.map { |k, v| [k, v.type.to_s] }
.delete_if { |col| blacklist.include?(col[0]) }
end
2016-03-23 18:39:41 +01:00
protected
2016-03-23 18:39:41 +01:00
def confirmation_required?
false
end
2015-05-05 03:10:25 +02:00
private
2015-05-05 03:10:25 +02:00
def assign_default_role
add_role(:member) if roles.blank?
2015-05-05 03:10:25 +02:00
end
2016-03-23 18:39:41 +01:00
def cached_has_role?(role)
roles = Rails.cache.fetch(
roles_for: { object_id: object_id },
expires_in: 1.day,
race_condition_ttl: 2.seconds
) { roles.map(&:name) }
2016-03-23 18:39:41 +01:00
roles.include?(role.to_s)
end
2015-05-05 03:10:25 +02:00
def cgu_must_accept
errors.add(:cgu, I18n.t('activerecord.errors.messages.empty')) if cgu == '0'
end
2016-03-23 18:39:41 +01:00
def create_stripe_customer
StripeWorker.perform_async(:create_stripe_customer, id)
end
2016-07-18 18:16:54 +02:00
def create_a_wallet
create_wallet
2016-07-18 18:16:54 +02:00
end
def send_devise_notification(notification, *args)
devise_mailer.send(notification, self, *args).deliver_later
end
2015-05-05 03:10:25 +02:00
def notify_admin_when_user_is_created
if need_completion? && !provider.nil?
2016-03-23 18:39:41 +01:00
NotificationCenter.call type: 'notify_admin_when_user_is_imported',
receiver: User.admins,
attached_object: self
else
NotificationCenter.call type: 'notify_admin_when_user_is_created',
receiver: User.admins,
attached_object: self
end
end
def notify_group_changed
return if changes[:group_id].first.nil?
2016-03-23 18:39:41 +01:00
ex_group = Group.find(changes[:group_id].first)
meta_data = { ex_group_name: ex_group.name }
2016-03-23 18:39:41 +01:00
NotificationCenter.call type: :notify_admin_user_group_changed,
receiver: User.admins,
attached_object: self,
meta_data: meta_data
NotificationCenter.call type: :notify_user_user_group_changed,
receiver: self,
attached_object: self
2016-03-23 18:39:41 +01:00
end
2015-05-05 03:10:25 +02:00
end