class Hippo::User
Constants
- USER_EDITABLE_ATTRIBUTES
We override the default implementation so that we can guarantee that the current user can always update their own information
Public Class Methods
# File lib/hippo/user.rb, line 68 def self.can_write_attributes?(attr, user) (attr['id'] && attr['id'].to_i == user.id) ? true : super end
If all that's needed is the user's id, see `current_id`, that method does not not attempt to instantiate a User
Defaults to nil @return [User] The user who's currently interacting with Hippo
.
# File lib/hippo/user.rb, line 94 def self.current uid = Thread.current[:hippo_current_user] if uid.is_a?(User) uid else user = Thread.current[:hippo_current_user] = User.find_by_id(uid) return user ? user.id : nil end end
Retrieve the current id of the user we're proxying for. get's a bit complicated since we can proxy both for a user object or just the user's id @return [Fixnum] current user's ID. If the current user is not set, returns 0
# File lib/hippo/user.rb, line 108 def self.current_id uid = Thread.current[:hippo_current_user] if uid.nil? 0 elsif uid.is_a?(User) uid.id else uid end end
# File lib/hippo/user.rb, line 81 def self.for_jwt_token(token) payload = JWT.decode( token, Hippo.config.session_secret_key_base, true, { :algorithm => 'HS256' } ) if payload.length && (uid = payload.first['uid']) return where(id: uid).first end end
sets the user for the duration of the block @example Inside a Rails
controller
class DocumentsController < ApplicationController around_filter :set_hippo_user # update's the Document's owner to current # But sets all the notes to be owned by admin def update_owner doc = Document.find(params[:id]) doc.current_owner = Hippo::User.current Hippo::User.scoped_to( admin_user ) do doc.notes.each{ |note| note.set_owner_to_current! } # will set to Hippoe::User.current end end private def set_hippo_user Hippo::User.scoped_to( session[:user_id] ) do yield end end end
@return [UserProxy] self
# File lib/hippo/user.rb, line 145 def self.scoped_to( user ) prev_user, Thread.current[:hippo_current_user] = self.current, user yield user ensure Thread.current[:hippo_current_user] = prev_user end
# File lib/hippo/user.rb, line 152 def self.seed_admin_account where(login: 'admin').first || create!( name: "Admin", email: "admin@test.com", password: 'password', login: 'admin', role_names: ['administrator'] ) end
# File lib/hippo/user.rb, line 17 def self.with_login(login) where("lower(login) = ?", login.downcase) end
Public Instance Methods
@return [Boolan] does the user have the “administrator” role?
# File lib/hippo/user.rb, line 73 def admin? roles.include? 'administrator' end
@param model [Hippo::Model] @param id [Numberic] the id for the model @return [Boolean] Can the User
delete the model?
# File lib/hippo/user.rb, line 55 def can_delete?(model, id) roles.can_delete?(model, id) end
@param model [Hippo::Model] @param attribute [Symbol] @return [Boolean] Can the User
view the model?
# File lib/hippo/user.rb, line 41 def can_read?(model, attribute = nil) roles.can_read?(model, attribute) end
@param model [Hippo::Model] @param attribute [Symbol] @return [Boolean] Can the User
create and update the model?
# File lib/hippo/user.rb, line 48 def can_write?(model, attribute = nil) roles.can_write?(model, attribute) end
# File lib/hippo/user.rb, line 65 def can_write_attributes?(attr, user) (!new_record? && user.id == self.id) ? true : super end
# File lib/hippo/user.rb, line 77 def jwt_token JWT.encode({'uid' => id}, Hippo.config.session_secret_key_base, 'HS256') end
# File lib/hippo/user.rb, line 21 def roles @cached_roles ||= Access::RoleCollection.new(self) end
Hippo::Concerns::ApiAttributeAccess#setting_attribute_is_allowed?
# File lib/hippo/user.rb, line 62 def setting_attribute_is_allowed?(name, user) ( !new_record? && user.id == self.id && USER_EDITABLE_ATTRIBUTES.include?(name) ) ? true : super end
# File lib/hippo/user.rb, line 25 def workspace_data user_data = attributes.slice( 'id','login','name','email', 'role_names', 'options', 'created_at','created_by','updated_at', 'updated_by' ) { user: user_data, access: Access.for_user(self), access_token: jwt_token, screen_ids: Hippo::Screen.ids_for_user(self) } end