Class: PuavoRest::User
- Inherits:
-
LdapModel
show all
- Defined in:
- resources/users.rb
Constant Summary
- BANNED_USERNAMES =
Set.new([
"root",
"administrator",
"postmaster",
"adm",
"admin"
])
- VALID_ROLES =
Set.new([
"teacher",
"staff",
"student",
"visitor",
"parent",
"admin",
"testuser"
])
Constants inherited
from LdapModel
LdapModel::ESCAPES, LdapModel::ESCAPE_RE, LdapModel::KRB_LOCK, LdapModel::PROF
Instance Attribute Summary
Attributes inherited from LdapModel
#ldap_attr_store, #serialize_attrs
Class Method Summary
(collapse)
Instance Method Summary
(collapse)
Methods inherited from LdapModel
#[], #[]=, _class_store, #add, #add_validation_error, after, all, #as_json, #assert_validation, base_filter, before, by_attr, by_attr!, by_dn, by_dn!, by_dn_array, by_id, by_id!, by_ldap_attr, by_ldap_attr!, callable_from_instance, #changed?, class_store, clear_setup, computed_attr, connection, #create!, create_connection, create_filter_lambda, #dirty?, dn_bind, #empty?, escape, filter, from_ldap_hash, #get_own, #get_raw, inherited, #initialize, is_dn, is_not_found?, ldap_attrs, ldap_map, #ldap_merge!, ldap_op, #ldap_set, #link, #merge, #new?, #object_model, organisation, organisation?, pretty_attrs_to_ldap, raw_by_dn, raw_filter, sasl_bind, #save!, search, #set, settings, settings=, setup, skip_serialize, #to_hash, #to_json, #to_ldap_hash, #transform, #update!, #validate!, #validate_unique, #write_raw
Constructor Details
This class inherits a constructor from LdapModel
Class Method Details
+ (Object) by_username(username, attrs = nil)
251
252
253
|
# File 'resources/users.rb', line 251
def self.by_username(username, attrs=nil)
by_attr(:username, username, :single, attrs)
end
|
+ (Object) by_username!(username, attrs = nil)
255
256
257
|
# File 'resources/users.rb', line 255
def self.by_username!(username, attrs=nil)
by_attr!(:username, username, :single, attrs)
end
|
+ (Object) current
386
387
388
389
390
391
392
393
394
395
396
397
398
|
# File 'resources/users.rb', line 386
def self.current
return settings[:credentials_cache][:current_user] if settings[:credentials_cache][:current_user]
user_credentials = settings[:credentials]
if user_credentials[:dn]
user = User.by_dn(user_credentials[:dn])
elsif user_credentials[:username]
user = User.by_username(user_credentials[:username])
end
settings[:credentials_cache][:current_user] = user
end
|
+ (Object) ldap_base
246
247
248
|
# File 'resources/users.rb', line 246
def self.ldap_base
"ou=People,#{ organisation["base"] }"
end
|
+ (Object) profile_image(uid)
264
265
266
267
268
269
270
271
|
# File 'resources/users.rb', line 264
def self.profile_image(uid)
data = raw_filter(ldap_base, "(uid=#{ escape uid })", ["jpegPhoto"])
if !data || data.size == 0
raise NotFound, :user => "Cannot find image data for user: #{ uid }"
end
data.first["jpegPhoto"]
end
|
+ (Object) resolve_dn(username)
260
261
262
|
# File 'resources/users.rb', line 260
def self.resolve_dn(username)
by_attr!(:username, username, ["dn"]).dn
end
|
+ (Object) search_filters
400
401
402
403
404
405
406
407
|
# File 'resources/users.rb', line 400
def self.search_filters
[
create_filter_lambda(:username),
create_filter_lambda(:first_name),
create_filter_lambda(:last_name),
create_filter_lambda(:email)
]
end
|
Instance Method Details
- (Boolean) admin?
335
336
337
|
# File 'resources/users.rb', line 335
def admin?
user_type == "admin"
end
|
- (Object) domain_username
350
351
352
|
# File 'resources/users.rb', line 350
def domain_username
"#{ username }@#{ organisation.domain }"
end
|
- (Object) email=(_email)
205
206
207
208
209
|
# File 'resources/users.rb', line 205
def email=(_email)
secondary_emails = Array(get_raw(:mail))[1..-1] || []
write_raw(:mail, [_email] + secondary_emails)
@cache[:email] = nil
end
|
- (Object) groups
339
340
341
|
# File 'resources/users.rb', line 339
def groups
@groups ||= Group.by_user_dn(dn)
end
|
- (Object) groups_within_school(school)
343
344
345
346
347
|
# File 'resources/users.rb', line 343
def groups_within_school(school)
groups.select do |group|
group.school_id == school.id
end
end
|
- (Object) home_directory=(value)
189
190
191
|
# File 'resources/users.rb', line 189
def home_directory=(value)
add_validation_error(:home_directory, :read_only, "home_directory is read only")
end
|
- (Object) homepage
355
356
357
358
359
|
# File 'resources/users.rb', line 355
def homepage
if school
school.homepage
end
end
|
- (Boolean) is_school_admin_in?(school)
218
219
220
|
# File 'resources/users.rb', line 218
def is_school_admin_in?(school)
admin_of_school_dns.include?(school.dn.downcase)
end
|
- (Object) locale
319
320
321
322
323
324
325
|
# File 'resources/users.rb', line 319
def locale
if get_own(:locale).nil? && school
school.locale
else
get_own(:locale)
end
end
|
- (Object) organisation
273
274
275
|
# File 'resources/users.rb', line 273
def organisation
User.organisation
end
|
- (Object) organisation_domain
278
279
280
|
# File 'resources/users.rb', line 278
def organisation_domain
organisation.domain
end
|
- (Object) organisation_name
283
284
285
|
# File 'resources/users.rb', line 283
def organisation_name
organisation.name
end
|
- (Object) password=(pw)
Just store password locally and handle it in after hook
168
169
170
|
# File 'resources/users.rb', line 168
def password=(pw)
@password = pw
end
|
- (Object) preferred_language
311
312
313
314
315
316
317
|
# File 'resources/users.rb', line 311
def preferred_language
if get_own(:preferred_language).nil? && school
school.preferred_language
else
get_own(:preferred_language)
end
end
|
- (Object) primary_school_id
300
301
302
|
# File 'resources/users.rb', line 300
def primary_school_id
school.id if school
end
|
- (Object) puavo_id
237
238
239
|
# File 'resources/users.rb', line 237
def puavo_id
id
end
|
- (Object) roles_within_school(school)
222
223
224
225
226
227
228
|
# File 'resources/users.rb', line 222
def roles_within_school(school)
_roles = roles
if is_school_admin_in?(school)
_roles.push("schooladmin")
end
_roles
end
|
- (Object) school
293
294
295
296
297
|
# File 'resources/users.rb', line 293
def school
return @school if @school
return if school_dn.nil?
@school = School.by_dn(school_dn)
end
|
- (Object) school_dn
288
289
290
|
# File 'resources/users.rb', line 288
def school_dn
Array(school_dns).first
end
|
- (Object) schools
304
305
306
307
308
309
|
# File 'resources/users.rb', line 304
def schools
@schools ||= school_dns.map do |dn|
School.by_dn(dn)
end.compact
end
|
- (Object) schools_hash
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
|
# File 'resources/users.rb', line 366
def schools_hash
schools.map do |school|
{
"id" => school.id,
"dn" => school.dn,
"name" => school.name,
"abbreviation" => school.abbreviation,
"roles" => roles_within_school(school),
"groups" => groups_within_school(school).map do |group|
{
"id" => group.id,
"dn" => group.dn,
"name" => group.name,
"abbreviation" => group.abbreviation
}
end
}
end
end
|
- (Object) secondary_emails=(emails)
211
212
213
214
215
216
|
# File 'resources/users.rb', line 211
def secondary_emails=(emails)
primary = Array(get_raw(:mail)).first
val = ([primary] + emails).compact
write_raw(:mail, val)
@cache[:secondary_emails] = nil
end
|
- (Boolean) server_user?
361
362
363
|
# File 'resources/users.rb', line 361
def server_user?
dn == CONFIG["server"][:dn]
end
|
- (Object) telephone_number=(value)
193
194
195
196
197
198
|
# File 'resources/users.rb', line 193
def telephone_number=(value)
return if value.to_s.strip == ""
write_raw(:telephoneNumber, transform(:telephone_number, :write, value))
end
|
- (Object) timezone
327
328
329
330
331
332
333
|
# File 'resources/users.rb', line 327
def timezone
if get_own(:timezone).nil? && school
school.timezone
else
get_own(:timezone)
end
end
|
- (Object) unique_id
242
243
244
|
# File 'resources/users.rb', line 242
def unique_id
dn.downcase
end
|
- (Object) user_type
232
233
234
|
# File 'resources/users.rb', line 232
def user_type
roles.first
end
|
- (Object) username=(_username)
200
201
202
203
|
# File 'resources/users.rb', line 200
def username=(_username)
write_raw(:uid, Array(_username))
write_raw(:cn, Array(_username))
end
|
- (Object) validate
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
|
# File 'resources/users.rb', line 75
def validate
if username.to_s.strip.empty?
add_validation_error(:username, :username_empty, "Username is empty")
else
validate_unique(:username)
if BANNED_USERNAMES.include?(username)
add_validation_error(:username, :username_not_allowed, "Username not allowed")
end
if username.start_with?("adm-")
add_validation_error(:username, :username_not_allowed, "'adm-' prefix is not allowed")
end
end
if roles.empty?
add_validation_error(:roles, :no_roles, "at least one role must be set")
else
roles.each do |role|
if !VALID_ROLES.include?(role)
add_validation_error(:roles, :unknown_role, "Unknow role #{ role }. Valid roles are #{ VALID_ROLES.to_a.join(", ") }")
end
end
end
if first_name.to_s.strip.empty?
add_validation_error(:first_name, :first_name_empty, "First name is empty")
end
if last_name.to_s.strip.empty?
add_validation_error(:last_name, :last_name_empty, "Last name is empty")
end
if !@password.nil? && @password.size < 8
add_validation_error(:password, :password_too_short, "Password must have at least 8 characters")
end
if school.nil?
add_validation_error(:school_dns, :must_have_school, "no schools are set")
end
if new? && school
home = "/home/#{ school.abbreviation }/#{ username }"
if User.by_attr(:home_directory, home)
add_validation_error(:username, :bad_home_directoy, "Home directory (#{ home }) if already in use for this username")
else
write_raw(:homeDirectory, transform(:home_directory, :write, home))
end
end
validate_unique(:email)
end
|