module Negroni::Models::Base::ClassMethods

Class Methods for the `Base` module.

Public Instance Methods

find_first_by_auth_conditions(tainted_conditions, options = {}) click to toggle source

Find the first record, given a set of `tainted_conditions`, and options.

@param tainted_conditions [Hash, ActionDispatch::Parameters]

the conditions used to find the record

@param options [Hash] additional conditions and options for the find

operation

@return [Object] the first record returned from the database

# File lib/negroni/models/base.rb, line 245
def find_first_by_auth_conditions(tainted_conditions, options = {})
  to_adapter.find_first(
    _param_filter.filter(tainted_conditions).merge(options)
  )
end
find_for_authentication(tainted_conditions) click to toggle source

Find first record based on conditions given (ie by the sign in form). This method is always called during an authentication process but it may be wrapped as well. For instance, database authenticable provides a `find_for_database_authentication` that wraps a call to this method. This allows you to customize both database authenticable or the whole authenticate stack by customize `find_for_authentication.`

Overwrite to add customized conditions, create a join, or maybe use a namedscope to filter records while authenticating.

@example

def self.find_for_authentication(tainted_conditions)
  find_first_by_auth_conditions(tainted_conditions, active: true)
end

Finally, notice that Negroni also queries for users in other scenarios besides authentication, for example when retrieving an user to send an e-mail for password reset. In such cases, find_for_authentication is not called.

# File lib/negroni/models/base.rb, line 232
def find_for_authentication(tainted_conditions)
  find_first_by_auth_conditions(tainted_conditions)
end
find_or_initialize_with_error_by(attr, value, error = :invalid) click to toggle source

Find or initialize a record setting an error if it can't be found.

# File lib/negroni/models/base.rb, line 252
def find_or_initialize_with_error_by(attr, value, error = :invalid)
  find_or_initialize_with_errors([attr], { attr => value }, error)
end
find_or_initialize_with_errors(required, attrs, error = :invalid) click to toggle source

Find or initialize a record with a group of attributes, based on a list of required attributes

# File lib/negroni/models/base.rb, line 258
def find_or_initialize_with_errors(required, attrs, error = :invalid)
  attrs = _indifferently(required, attrs).delete_if { |_, v| v.blank? }

  if attrs.size == required.size
    record = find_first_by_auth_conditions(attrs)
  end

  unless record
    record = new

    required.each do |key|
      value = attrs[key]
      record.send("#{key}=", value)
      record.errors.add(key, value.present? ? error : :blank)
    end
  end

  record
end
from_token_request(request) click to toggle source

Finds an entity of the including class by a token auth request. This allows users to sign in with either an email address or thier username.

@param request [Request] The request which contains the sign in params.

@return [Object, nil] The found entity, or `nil` if one was not found.

# File lib/negroni/models/base.rb, line 285
def from_token_request(request)
  # Bail if there is no `auth` param
  return nil unless (auth_params = request.params['auth'])

  # find_first_by_auth_conditions(auth_params)

  authentication_keys.each do |key|
    if (found_key = auth_params[key.to_s])
      return to_adapter.find_first(key => found_key)
    end
  end
end

Protected Instance Methods

_param_filter() click to toggle source
# File lib/negroni/models/base.rb, line 300
def _param_filter
  @_param_filter ||= Negroni::ParamFilter.new(
    case_insensitive_keys, strip_whitespace_keys
  )
end

Private Instance Methods

_indifferently(required, attributes) click to toggle source
# File lib/negroni/models/base.rb, line 308
def _indifferently(required, attributes)
  if attributes.respond_to?(:permit!)
    attributes.slice(*required).permit!.to_h.with_indifferent_access
  else
    attributes.with_indifferent_access.slice(*required)
  end
end