Class: User

Inherits:
Principal show all
Includes:
Redmine::SafeAttributes
Defined in:
app/models/user.rb

Overview

Since:

  • 0.4.0

Direct Known Subclasses

AnonymousUser

Constant Summary collapse

USER_FORMATS =

Different ways of displaying/sorting users

{
  :firstname_lastname => {
      :string => '#{firstname} #{lastname}',
      :order => %w(firstname lastname id),
      :setting_order => 1
    },
  :firstname_lastinitial => {
      :string => '#{firstname} #{lastname.to_s.chars.first}.',
      :order => %w(firstname lastname id),
      :setting_order => 2
    },
  :firstinitial_lastname => {
      :string => '#{firstname.to_s.gsub(/(([[:alpha:]])[[:alpha:]]*\.?)/, \'\2.\')} #{lastname}',
      :order => %w(firstname lastname id),
      :setting_order => 2
    },
  :firstname => {
      :string => '#{firstname}',
      :order => %w(firstname id),
      :setting_order => 3
    },
  :lastname_firstname => {
      :string => '#{lastname} #{firstname}',
      :order => %w(lastname firstname id),
      :setting_order => 4
    },
  :lastnamefirstname => {
      :string => '#{lastname}#{firstname}',
      :order => %w(lastname firstname id),
      :setting_order => 5
    },
  :lastname_comma_firstname => {
      :string => '#{lastname}, #{firstname}',
      :order => %w(lastname firstname id),
      :setting_order => 6
    },
  :lastname => {
      :string => '#{lastname}',
      :order => %w(lastname id),
      :setting_order => 7
    },
  :username => {
      :string => '#{login}',
      :order => %w(login id),
      :setting_order => 8
    },
}
MAIL_NOTIFICATION_OPTIONS = 
[
  ['all', :label_user_mail_option_all],
  ['selected', :label_user_mail_option_selected],
  ['only_my_events', :label_user_mail_option_only_my_events],
  ['only_assigned', :label_user_mail_option_only_assigned],
  ['only_owner', :label_user_mail_option_only_owner],
  ['none', :label_user_mail_option_none]
]
LOGIN_LENGTH_LIMIT = 
60
MAIL_LENGTH_LIMIT = 
60
LABEL_BY_STATUS = 
{
  STATUS_ANONYMOUS  => 'anon',
  STATUS_ACTIVE     => 'active',
  STATUS_REGISTERED => 'registered',
  STATUS_LOCKED     => 'locked'
}

Constants inherited from Principal

Principal::STATUS_ACTIVE, Principal::STATUS_ANONYMOUS, Principal::STATUS_LOCKED, Principal::STATUS_REGISTERED

Instance Attribute Summary collapse

Class Method Summary collapse

Instance Method Summary collapse

Methods included from Redmine::SafeAttributes

#delete_unsafe_attributes, #safe_attribute?, #safe_attribute_names, #safe_attributes=

Methods inherited from Principal

#<=>, detect_by_keyword, #member_of?, #nullify_projects_default_assigned_to, #project_ids, #visible?

Instance Attribute Details

#generate_passwordObject

Returns the value of attribute generate_password

Since:

  • 2.4.0



98
99
100
 
# File 'app/models/user.rb', line 98

def generate_password
  @generate_password
end

#last_before_login_onObject

Returns the value of attribute last_before_login_on



99
100
101
 
# File 'app/models/user.rb', line 99

def 
  @last_before_login_on
end

#passwordObject

Returns the value of attribute password



98
99
100
 
# File 'app/models/user.rb', line 98

def password
  @password
end

#password_confirmationObject

Returns the value of attribute password_confirmation



98
99
100
 
# File 'app/models/user.rb', line 98

def password_confirmation
  @password_confirmation
end

#remote_ipObject

Returns the value of attribute remote_ip

Since:

  • 3.3.0



100
101
102
 
# File 'app/models/user.rb', line 100

def remote_ip
  @remote_ip
end

Class Method Details

.anonymousObject

Returns the anonymous user. If the anonymous user does not exist, it is created. There can be only one anonymous user per database.

Since:

  • 0.6.0



800
801
802
803
804
805
806
807
 
# File 'app/models/user.rb', line 800

def self.anonymous
  anonymous_user = AnonymousUser.unscoped.find_by(:lastname => 'Anonymous')
  if anonymous_user.nil?
    anonymous_user = AnonymousUser.unscoped.create(:lastname => 'Anonymous', :firstname => '', :login => '', :status => 0)
    raise 'Unable to create the anonymous user.' if anonymous_user.new_record?
  end
  anonymous_user
end

.currentObject

Since:

  • 0.6.0



794
795
796
 
# File 'app/models/user.rb', line 794

def self.current
  RequestStore.store[:current_user] ||= User.anonymous
end

.current=(user) ⇒ Object

Since:

  • 0.6.0



790
791
792
 
# File 'app/models/user.rb', line 790

def self.current=(user)
  RequestStore.store[:current_user] = user
end

.default_admin_account_changed?Boolean

Returns true if the default admin account can no longer be used

Returns:

  • (Boolean)

Since:

  • 1.3.3



515
516
517
 
# File 'app/models/user.rb', line 515

def self.
  !User.active.("admin").try(:check_password?, "admin")
end

.fields_for_order_statement(table = nil) ⇒ Object

Returns an array of fields names than can be used to make an order statement for users according to how user names are displayed Examples:

User.fields_for_order_statement              => ['users.login', 'users.id']
User.fields_for_order_statement('authors')   => ['authors.login', 'authors.id']

Since:

  • 1.3.0



267
268
269
270
 
# File 'app/models/user.rb', line 267

def self.fields_for_order_statement(table=nil)
  table ||= table_name
  name_formatter[:order].map {|field| "#{table}.#{field}"}
end

.find_by_api_key(key) ⇒ Object

Since:

  • 0.9.0



505
506
507
 
# File 'app/models/user.rb', line 505

def self.find_by_api_key(key)
  Token.find_active_user('api', key)
end

.find_by_login(login) ⇒ Object

Find a user account by matching the exact login and then a case-insensitive version. Exact matches will be given priority.

Since:

  • 1.0.0



488
489
490
491
492
493
494
495
496
497
498
499
 
# File 'app/models/user.rb', line 488

def self.()
   = Redmine::CodesetUtil.replace_invalid_utf8(.to_s)
  if .present?
    # First look for an exact match
    user = where(:login => ).detect {|u| u. == }
    unless user
      # Fail over to case-insensitive if none was found
      user = find_by("LOWER(login) = ?", .downcase)
    end
    user
  end
end

.find_by_mail(mail) ⇒ Object

Makes find_by_mail case-insensitive

Since:

  • 0.8.0



510
511
512
 
# File 'app/models/user.rb', line 510

def self.find_by_mail(mail)
  having_mail(mail).first
end

.find_by_rss_key(key) ⇒ Object

Since:

  • 0.5.0



501
502
503
 
# File 'app/models/user.rb', line 501

def self.find_by_rss_key(key)
  Token.find_active_user('feeds', key)
end

.find_or_initialize_by_identity_url(url) ⇒ Object

Since:

  • 3.0.0



195
196
197
198
199
200
201
202
 
# File 'app/models/user.rb', line 195

def self.find_or_initialize_by_identity_url(url)
  user = where(:identity_url => url).first
  unless user
    user = User.new
    user.identity_url = url
  end
  user
end

.name_formatter(formatter = nil) ⇒ Object

Since:

  • 1.3.0



257
258
259
 
# File 'app/models/user.rb', line 257

def self.name_formatter(formatter = nil)
  USER_FORMATS[formatter || Setting.user_format] || USER_FORMATS[:firstname_lastname]
end

.salt_unsalted_passwords!Object

Salts all existing unsalted passwords It changes password storage scheme from SHA1(password) to SHA1(salt + SHA1(password)) This method is used in the SaltPasswords migration and is to be kept as is

Since:

  • 1.2.0



812
813
814
815
816
817
818
819
820
821
 
# File 'app/models/user.rb', line 812

def self.salt_unsalted_passwords!
  transaction do
    User.where("salt IS NULL OR salt = ''").find_each do |user|
      next if user.hashed_password.blank?
      salt = User.generate_salt
      hashed_password = User.hash_password("#{salt}#{user.hashed_password}")
      User.where(:id => user.id).update_all(:salt => salt, :hashed_password => hashed_password)
    end
  end
end

.try_to_autologin(key) ⇒ Object

Returns the user who matches the given autologin key or nil

Since:

  • 0.9.0



249
250
251
252
253
254
255
 
# File 'app/models/user.rb', line 249

def self.try_to_autologin(key)
  user = Token.find_active_user('autologin', key, Setting.autologin.to_i)
  if user
    user.
    user
  end
end

.try_to_login(login, password, active_only = true) ⇒ Object

Returns the user that matches provided login and password, or nil



218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
 
# File 'app/models/user.rb', line 218

def self.(, password, active_only=true)
   = .to_s.strip
  password = password.to_s

  # Make sure no one can sign in with an empty login or password
  return nil if .empty? || password.empty?
  user = ()
  if user
    # user is already in local database
    return nil unless user.check_password?(password)
    return nil if !user.active? && active_only
  else
    # user is not yet registered, try to authenticate with available sources
    attrs = AuthSource.authenticate(, password)
    if attrs
      user = new(attrs)
      user. = 
      user.language = Setting.default_language
      if user.save
        user.reload
        logger.info("User '#{user.}' created from external auth source: #{user.auth_source.type} - #{user.auth_source.name}") if logger && user.auth_source
      end
    end
  end
  user. if user && !user.new_record? && user.active?
  user
rescue => text
  raise text
end

.valid_notification_options(user = nil) ⇒ Object

Only users that belong to more than 1 project can select projects for which they are notified

Since:

  • 1.1.1



476
477
478
479
480
481
482
483
484
 
# File 'app/models/user.rb', line 476

def self.valid_notification_options(user=nil)
  # Note that @user.membership.size would fail since AR ignores
  # :include association option when doing a count
  if user.nil? || user.memberships.length < 1
    MAIL_NOTIFICATION_OPTIONS.reject {|option| option.first == 'selected'}
  else
    MAIL_NOTIFICATION_OPTIONS
  end
end

.verify_session_token(user_id, token) ⇒ Object

Returns true if token is a valid session token for the user whose id is user_id

Since:

  • 3.2.0



438
439
440
441
442
443
444
445
446
447
448
449
 
# File 'app/models/user.rb', line 438

def self.verify_session_token(user_id, token)
  return false if user_id.blank? || token.blank?

  scope = Token.where(:user_id => user_id, :value => token.to_s, :action => 'session')
  if Setting.session_lifetime?
    scope = scope.where("created_on > ?", Setting.session_lifetime.to_i.minutes.ago)
  end
  if Setting.session_timeout?
    scope = scope.where("updated_on > ?", Setting.session_timeout.to_i.minutes.ago)
  end
  scope.update_all(:updated_on => Time.now) == 1
end

Instance Method Details

#activateObject

Since:

  • 1.0.1



294
295
296
 
# File 'app/models/user.rb', line 294

def activate
  self.status = STATUS_ACTIVE
end

#activate!Object

Since:

  • 1.0.1



306
307
308
 
# File 'app/models/user.rb', line 306

def activate!
  update_attribute(:status, STATUS_ACTIVE)
end

#active?Boolean

Returns:

  • (Boolean) 


282
283
284
 
# File 'app/models/user.rb', line 282

def active?
  self.status == STATUS_ACTIVE
end

#allowed_to?(action, context, options = {}, &block) ⇒ Boolean

Return true if the user is allowed to do the specified action on a specific context Action can be:

  • a parameter-like Hash (eg. :controller => 'projects', :action => 'edit')

  • a permission Symbol (eg. :edit_project)

Context can be:

  • a project : returns true if user is allowed to do the specified action on this project

  • an array of projects : returns true if user is allowed on every project

  • nil with options set : check if user has at least one role allowed for this action, or falls back to Non Member / Anonymous permissions depending if the user is logged

Returns:

  • (Boolean)

Since:

  • 0.6.0



679
680
681
682
683
684
685
686
687
688
689
690
691
692
693
694
695
696
697
698
699
700
701
702
703
704
705
706
707
708
709
710
711
712
713
714
 
# File 'app/models/user.rb', line 679

def allowed_to?(action, context, options={}, &block)
  if context && context.is_a?(Project)
    return false unless context.allows_to?(action)
    # Admin users are authorized for anything else
    return true if admin?

    roles = roles_for_project(context)
    return false unless roles
    roles.any? {|role|
      (context.is_public? || role.member?) &&
      role.allowed_to?(action) &&
      (block_given? ? yield(role, self) : true)
    }
  elsif context && context.is_a?(Array)
    if context.empty?
      false
    else
      # Authorize if user is authorized on every element of the array
      context.map {|project| allowed_to?(action, project, options, &block)}.reduce(:&)
    end
  elsif context
    raise ArgumentError.new("#allowed_to? context argument must be a Project, an Array of projects or nil")
  elsif options[:global]
    # Admin users are always authorized
    return true if admin?

    # authorize if user has at least one role that has this permission
    roles = self.roles.to_a | [builtin_role]
    roles.any? {|role|
      role.allowed_to?(action) &&
      (block_given? ? yield(role, self) : true)
    }
  else
    false
  end
end

#allowed_to_globally?(action, options = {}, &block) ⇒ Boolean

Is the user allowed to do the specified action on any project? See allowed_to? for the actions and valid options.

NB: this method is not used anywhere in the core codebase as of 2.5.2, but it's used by many plugins so if we ever want to remove it it has to be carefully deprecated for a version or two.

Returns:

  • (Boolean)

Since:

  • 1.0.2



722
723
724
 
# File 'app/models/user.rb', line 722

def allowed_to_globally?(action, options={}, &block)
  allowed_to?(action, nil, options.reverse_merge(:global => true), &block)
end

#allowed_to_view_all_time_entries?(context) ⇒ Boolean

Returns:

  • (Boolean)

Since:

  • 3.1.0



726
727
728
729
730
 
# File 'app/models/user.rb', line 726

def allowed_to_view_all_time_entries?(context)
  allowed_to?(:view_time_entries, context) do |role, user|
    role.time_entries_visibility == 'all'
  end
end

#anonymous?Boolean

Returns:

  • (Boolean)

Since:

  • 0.8.0



556
557
558
 
# File 'app/models/user.rb', line 556

def anonymous?
  !logged?
end

#api_keyObject

Return user's API key (a 40 chars long string), used to access the API

Since:

  • 0.9.0



410
411
412
413
414
415
 
# File 'app/models/user.rb', line 410

def api_key
  if api_token.nil?
    create_api_token(:action => 'api')
  end
  api_token.value
end

#base_reloadObject

Since:

  • 2.3.0



163
 
# File 'app/models/user.rb', line 163

alias :base_reload :reload

#builtin_roleObject

Returns the user's bult-in role

Since:

  • 2.4.0



576
577
578
 
# File 'app/models/user.rb', line 576

def builtin_role
  @builtin_role ||= Role.non_member
end

#change_password_allowed?Boolean

Does the backend storage allow this user to change their password?

Returns:

  • (Boolean)

Since:

  • 1.0.0



342
343
344
345
 
# File 'app/models/user.rb', line 342

def change_password_allowed?
  return true if auth_source.nil?
  return auth_source.allow_password_changes?
end

#check_password?(clear_password) ⇒ Boolean

Returns true if clear_password is the correct user's password, otherwise false

Returns:

  • (Boolean) 


325
326
327
328
329
330
331
 
# File 'app/models/user.rb', line 325

def check_password?(clear_password)
  if auth_source_id.present?
    auth_source.authenticate(self., clear_password)
  else
    User.hash_password("#{salt}#{User.hash_password clear_password}") == hashed_password
  end
end

#css_classesObject

Since:

  • 2.2.0



530
531
532
 
# File 'app/models/user.rb', line 530

def css_classes
  "user #{LABEL_BY_STATUS[status]}"
end

#delete_autologin_token(value) ⇒ Object

Since:

  • 3.4.0



433
434
435
 
# File 'app/models/user.rb', line 433

def delete_autologin_token(value)
  Token.where(:user_id => id, :action => 'autologin', :value => value).delete_all
end

#delete_session_token(value) ⇒ Object

Since:

  • 3.4.0



423
424
425
 
# File 'app/models/user.rb', line 423

def delete_session_token(value)
  Token.where(:user_id => id, :action => 'session', :value => value).delete_all
end

#force_default_language?Boolean

Returns:

  • (Boolean)

Since:

  • 2.5.0



385
386
387
 
# File 'app/models/user.rb', line 385

def force_default_language?
  Setting.force_default_language_for_loggedin?
end

#generate_autologin_tokenObject

Generates a new autologin token and returns its value

Since:

  • 3.4.0



428
429
430
431
 
# File 'app/models/user.rb', line 428

def generate_autologin_token
  token = Token.create!(:user_id => id, :action => 'autologin')
  token.value
end

#generate_password?Boolean

Returns:

  • (Boolean)

Since:

  • 2.4.0



362
363
364
 
# File 'app/models/user.rb', line 362

def generate_password?
  ActiveRecord::Type::Boolean.new.deserialize(generate_password)
end

#generate_session_tokenObject

Generates a new session token and returns its value

Since:

  • 3.2.0



418
419
420
421
 
# File 'app/models/user.rb', line 418

def generate_session_token
  token = Token.create!(:user_id => id, :action => 'session')
  token.value
end

#identity_url=(url) ⇒ Object

Since:

  • 0.9.0



204
205
206
207
208
209
210
211
212
213
214
215
 
# File 'app/models/user.rb', line 204

def identity_url=(url)
  if url.blank?
    write_attribute(:identity_url, '')
  else
    begin
      write_attribute(:identity_url, OpenIdAuthentication.normalize_identifier(url))
    rescue OpenIdAuthentication::InvalidOpenId
      # Invalid url, don't save
    end
  end
  self.read_attribute(:identity_url)
end

#is_or_belongs_to?(arg) ⇒ Boolean

Returns true if user is arg or belongs to arg

Returns:

  • (Boolean)

Since:

  • 1.3.0



660
661
662
663
664
665
666
667
668
 
# File 'app/models/user.rb', line 660

def is_or_belongs_to?(arg)
  if arg.is_a?(User)
    self == arg
  elsif arg.is_a?(Group)
    arg.users.include?(self)
  else
    false
  end
end

#languageObject

Since:

  • 2.5.0



389
390
391
392
393
394
395
 
# File 'app/models/user.rb', line 389

def language
  if force_default_language?
    Setting.default_language
  else
    super
  end
end

#lockObject

Since:

  • 1.0.1



302
303
304
 
# File 'app/models/user.rb', line 302

def lock
  self.status = STATUS_LOCKED
end

#lock!Object

Since:

  • 1.0.1



314
315
316
 
# File 'app/models/user.rb', line 314

def lock!
  update_attribute(:status, STATUS_LOCKED)
end

#locked?Boolean

Returns:

  • (Boolean) 


290
291
292
 
# File 'app/models/user.rb', line 290

def locked?
  self.status == STATUS_LOCKED
end

#logged?Boolean

Returns:

  • (Boolean)

Since:

  • 0.6.0



552
553
554
 
# File 'app/models/user.rb', line 552

def logged?
  true
end

#mailObject

Since:

  • 3.0.0



178
179
180
 
# File 'app/models/user.rb', line 178

def mail
  email_address.try(:address)
end

#mail=(arg) ⇒ Object

Since:

  • 1.0.1



182
183
184
185
 
# File 'app/models/user.rb', line 182

def mail=(arg)
  email = email_address || build_email_address
  email.address = arg
end

#mail_changed?Boolean

Returns:

  • (Boolean)

Since:

  • 3.0.0



187
188
189
 
# File 'app/models/user.rb', line 187

def mail_changed?
  email_address.try(:address_changed?)
end

#mailsObject

Since:

  • 3.0.0



191
192
193
 
# File 'app/models/user.rb', line 191

def mails
  email_addresses.pluck(:address)
end

#managed_roles(project) ⇒ Object

Returns the roles that the user is allowed to manage for the given project

Since:

  • 3.1.0



651
652
653
654
655
656
657
 
# File 'app/models/user.rb', line 651

def managed_roles(project)
  if admin?
    @managed_roles ||= Role.givable.to_a
  else
    membership(project).try(:managed_roles) || []
  end
end

#membership(project) ⇒ Object

Returns user's membership for the given project or nil if the user is not a member of project

Since:

  • 2.3.0



562
563
564
565
566
567
568
569
 
# File 'app/models/user.rb', line 562

def membership(project)
  project_id = project.is_a?(Project) ? project.id : project

  @membership_by_project_id ||= Hash.new {|h, project_id|
    h[project_id] = memberships.where(:project_id => project_id).first
  }
  @membership_by_project_id[project_id]
end

#must_change_password?Boolean

Returns:

  • (Boolean)

Since:

  • 2.4.0



358
359
360
 
# File 'app/models/user.rb', line 358

def must_change_password?
  (must_change_passwd? || password_expired?) && change_password_allowed?
end

#name(formatter = nil) ⇒ Object

Return user's full name for display



273
274
275
276
277
278
279
280
 
# File 'app/models/user.rb', line 273

def name(formatter = nil)
  f = self.class.name_formatter(formatter)
  if formatter
    eval('"' + f[:string] + '"')
  else
    @name ||= eval('"' + f[:string] + '"')
  end
end

#notified_project_ids=(ids) ⇒ Object

Since:

  • 0.6.0



456
457
458
459
 
# File 'app/models/user.rb', line 456

def notified_project_ids=(ids)
  @notified_projects_ids_changed = true
  @notified_projects_ids = ids.map(&:to_i).uniq.select {|n| n > 0}
end

#notified_projects_idsObject

Return an array of project ids for which the user has explicitly turned mail notifications on

Since:

  • 0.6.0



452
453
454
 
# File 'app/models/user.rb', line 452

def notified_projects_ids
  @notified_projects_ids ||= memberships.select {|m| m.mail_notification?}.collect(&:project_id)
end

#notify_about?(object) ⇒ Boolean

Utility method to help check if a user should be notified about an event.

TODO: only supports Issue events currently

Returns:

  • (Boolean)

Since:

  • 1.1.0



766
767
768
769
770
771
772
773
774
775
776
777
778
779
780
781
782
783
784
785
786
787
788
 
# File 'app/models/user.rb', line 766

def notify_about?(object)
  if mail_notification == 'all'
    true
  elsif mail_notification.blank? || mail_notification == 'none'
    false
  else
    case object
    when Issue
      case mail_notification
      when 'selected', 'only_my_events'
        # user receives notifications for created/assigned issues on unselected projects
        object.author == self || is_or_belongs_to?(object.assigned_to) || is_or_belongs_to?(object.previous_assignee)
      when 'only_assigned'
        is_or_belongs_to?(object.assigned_to) || is_or_belongs_to?(object.previous_assignee)
      when 'only_owner'
        object.author == self
      end
    when News
      # always send to project members except when mail_notification is set to 'none'
      true
    end
  end
end

#own_account_deletable?Boolean

Returns true if the user is allowed to delete the user's own account

Returns:

  • (Boolean)

Since:

  • 1.4.1



733
734
735
736
 
# File 'app/models/user.rb', line 733

def 
  Setting.unsubscribe? &&
    (!admin? || User.active.admin.where("id <> ?", id).exists?)
end

#password_expired?Boolean

Returns true if the user password has expired

Returns:

  • (Boolean)

Since:

  • 3.1.0



348
349
350
351
352
353
354
355
356
 
# File 'app/models/user.rb', line 348

def password_expired?
  period = Setting.password_max_age.to_i
  if period.zero?
    false
  else
    changed_on = self.passwd_changed_on || Time.at(0)
    changed_on < period.days.ago
  end
end

#prefObject 



377
378
379
 
# File 'app/models/user.rb', line 377

def pref
  self.preference ||= UserPreference.new(:user => self)
end

#project_ids_by_roleObject

Returns a hash of project ids grouped by roles. Includes the projects that the user is a member of and the projects that grant custom permissions to the builtin groups.

Since:

  • 3.4.0



608
609
610
611
612
613
614
615
616
617
618
619
620
621
622
623
624
625
626
627
628
629
630
631
632
633
634
635
636
637
638
639
640
641
642
643
 
# File 'app/models/user.rb', line 608

def project_ids_by_role
  # Clear project condition for when called from chained scopes
  # eg. project.children.visible(user)
  Project.unscoped do
    return @project_ids_by_role if @project_ids_by_role

    group_class = anonymous? ? GroupAnonymous : GroupNonMember
    group_id = group_class.pluck(:id).first

    members = Member.joins(:project, :member_roles).
      where("#{Project.table_name}.status <> 9").
      where("#{Member.table_name}.user_id = ? OR (#{Project.table_name}.is_public = ? AND #{Member.table_name}.user_id = ?)", self.id, true, group_id).
      pluck(:user_id, :role_id, :project_id)

    hash = {}
    members.each do |user_id, role_id, project_id|
      # Ignore the roles of the builtin group if the user is a member of the project
      next if user_id != id && project_ids.include?(project_id)

      hash[role_id] ||= []
      hash[role_id] << project_id
    end

    result = Hash.new([])
    if hash.present?
      roles = Role.where(:id => hash.keys).to_a
      hash.each do |role_id, proj_ids|
        role = roles.detect {|r| r.id == role_id}
        if role
          result[role] = proj_ids.uniq
        end
      end
    end
    @project_ids_by_role = result
  end
end

#projects_by_roleObject

Returns a hash of user's projects grouped by roles TODO: No longer used, should be deprecated

Since:

  • 1.2.0



595
596
597
598
599
600
601
602
603
 
# File 'app/models/user.rb', line 595

def projects_by_role
  return @projects_by_role if @projects_by_role

  result = Hash.new([])
  project_ids_by_role.each do |role, ids|
    result[role] = Project.where(:id => ids).to_a
  end
  @projects_by_role = result
end

#random_password(length = 40) ⇒ Object

Generate and set a random password on given length

Since:

  • 0.9.0



367
368
369
370
371
372
373
374
375
 
# File 'app/models/user.rb', line 367

def random_password(length=40)
  chars = ("a".."z").to_a + ("A".."Z").to_a + ("0".."9").to_a
  chars -= %w(0 O 1 l)
  password = ''
  length.times {|i| password << chars[SecureRandom.random_number(chars.size)] }
  self.password = password
  self.password_confirmation = password
  self
end

#registerObject

Since:

  • 1.0.1



298
299
300
 
# File 'app/models/user.rb', line 298

def register
  self.status = STATUS_REGISTERED
end

#register!Object

Since:

  • 1.0.1



310
311
312
 
# File 'app/models/user.rb', line 310

def register!
  update_attribute(:status, STATUS_REGISTERED)
end

#registered?Boolean

Returns:

  • (Boolean) 


286
287
288
 
# File 'app/models/user.rb', line 286

def registered?
  self.status == STATUS_REGISTERED
end

#reload(*args) ⇒ Object

Since:

  • 0.8.0



164
165
166
167
168
169
170
171
172
173
174
175
176
 
# File 'app/models/user.rb', line 164

def reload(*args)
  @name = nil
  @roles = nil
  @projects_by_role = nil
  @project_ids_by_role = nil
  @membership_by_project_id = nil
  @notified_projects_ids = nil
  @notified_projects_ids_changed = false
  @builtin_role = nil
  @visible_project_ids = nil
  @managed_roles = nil
  base_reload(*args)
end

#rolesObject

Since:

  • 3.4.0



571
572
573
 
# File 'app/models/user.rb', line 571

def roles
  @roles ||= Role.joins(members: :project).where(["#{Project.table_name}.status <> ?", Project::STATUS_ARCHIVED]).where(Member.arel_table[:user_id].eq(id)).distinct
end

#roles_for_project(project) ⇒ Object

Return user's roles for project

Since:

  • 0.9.0



581
582
583
584
585
586
587
588
589
590
591
 
# File 'app/models/user.rb', line 581

def roles_for_project(project)
  # No role on archived projects
  return [] if project.nil? || project.archived?
  if membership = membership(project)
    membership.roles.to_a
  elsif project.is_public?
    project.override_roles(builtin_role)
  else
    []
  end
end

#rss_keyObject

Return user's RSS key (a 40 chars long string), used to access feeds

Since:

  • 0.6.0



402
403
404
405
406
407
 
# File 'app/models/user.rb', line 402

def rss_key
  if rss_token.nil?
    create_rss_token(:action => 'feeds')
  end
  rss_token.value
end

#salt_password(clear_password) ⇒ Object

Generates a random salt and computes hashed_password for clear_password The hashed password is stored in the following form: SHA1(salt + SHA1(password))

Since:

  • 1.2.0



335
336
337
338
339
 
# File 'app/models/user.rb', line 335

def salt_password(clear_password)
  self.salt = User.generate_salt
  self.hashed_password = User.hash_password("#{salt}#{User.hash_password clear_password}")
  self.passwd_changed_on = Time.now.change(:usec => 0)
end

#set_mail_notificationObject

Since:

  • 1.3.0



151
152
153
154
 
# File 'app/models/user.rb', line 151

def set_mail_notification
  self.mail_notification = Setting.default_notification_option if self.mail_notification.blank?
  true
end

#time_to_date(time) ⇒ Object

Returns the day of time according to user's time zone

Since:

  • 2.0.1



544
545
546
547
548
549
550
 
# File 'app/models/user.rb', line 544

def time_to_date(time)
  if time_zone.nil?
    time.to_date
  else
    time.in_time_zone(time_zone).to_date
  end
end

#time_zoneObject

Since:

  • 0.6.1



381
382
383
 
# File 'app/models/user.rb', line 381

def time_zone
  @time_zone ||= (self.pref.time_zone.blank? ? nil : ActiveSupport::TimeZone[self.pref.time_zone])
end

#to_sObject

Since:

  • 0.6.0



519
520
521
 
# File 'app/models/user.rb', line 519

def to_s
  name
end

#todayObject

Returns the current day according to user's time zone

Since:

  • 0.9.0



535
536
537
538
539
540
541
 
# File 'app/models/user.rb', line 535

def today
  if time_zone.nil?
    Date.today
  else
    time_zone.today
  end
end

#update_hashed_passwordObject

Since:

  • 1.3.0



156
157
158
159
160
161
 
# File 'app/models/user.rb', line 156

def update_hashed_password
  # update hashed_password if password was set
  if self.password && self.auth_source_id.blank?
    salt_password(password)
  end
end

#update_last_login_on!Object

Since:

  • 4.0.0



318
319
320
321
322
 
# File 'app/models/user.rb', line 318

def 
  return if .present? &&  >= 1.minute.ago

  update_column(:last_login_on, Time.now)
end

#valid_notification_optionsObject

Since:

  • 1.1.0



471
472
473
 
# File 'app/models/user.rb', line 471

def valid_notification_options
  self.class.valid_notification_options(self)
end

#visible_project_idsObject

Returns the ids of visible projects

Since:

  • 3.0.0



646
647
648
 
# File 'app/models/user.rb', line 646

def visible_project_ids
  @visible_project_ids ||= Project.visible(self).pluck(:id)
end

#wants_comments_in_reverse_order?Boolean

Returns:

  • (Boolean)

Since:

  • 0.7.0



397
398
399
 
# File 'app/models/user.rb', line 397

def wants_comments_in_reverse_order?
  self.pref[:comments_sorting] == 'desc'
end