2016-11-16 02:56:29 +11:00
|
|
|
# frozen_string_literal: true
|
2017-05-02 10:14:47 +10:00
|
|
|
# == Schema Information
|
|
|
|
#
|
|
|
|
# Table name: users
|
|
|
|
#
|
2017-11-13 02:18:50 +11:00
|
|
|
# id :bigint not null, primary key
|
2017-05-02 10:14:47 +10:00
|
|
|
# email :string default(""), not null
|
|
|
|
# created_at :datetime not null
|
|
|
|
# updated_at :datetime not null
|
|
|
|
# encrypted_password :string default(""), not null
|
|
|
|
# reset_password_token :string
|
|
|
|
# reset_password_sent_at :datetime
|
|
|
|
# remember_created_at :datetime
|
|
|
|
# sign_in_count :integer default(0), not null
|
|
|
|
# current_sign_in_at :datetime
|
|
|
|
# last_sign_in_at :datetime
|
|
|
|
# current_sign_in_ip :inet
|
|
|
|
# last_sign_in_ip :inet
|
2017-07-13 11:12:25 +10:00
|
|
|
# admin :boolean default(FALSE), not null
|
2017-05-02 10:14:47 +10:00
|
|
|
# confirmation_token :string
|
|
|
|
# confirmed_at :datetime
|
|
|
|
# confirmation_sent_at :datetime
|
|
|
|
# unconfirmed_email :string
|
|
|
|
# locale :string
|
|
|
|
# encrypted_otp_secret :string
|
|
|
|
# encrypted_otp_secret_iv :string
|
|
|
|
# encrypted_otp_secret_salt :string
|
|
|
|
# consumed_timestep :integer
|
2017-07-13 11:12:25 +10:00
|
|
|
# otp_required_for_login :boolean default(FALSE), not null
|
2017-05-02 10:14:47 +10:00
|
|
|
# last_emailed_at :datetime
|
|
|
|
# otp_backup_codes :string is an Array
|
2017-05-21 01:32:44 +10:00
|
|
|
# filtered_languages :string default([]), not null, is an Array
|
2017-11-13 02:18:50 +11:00
|
|
|
# account_id :bigint not null
|
2017-11-08 05:06:44 +11:00
|
|
|
# disabled :boolean default(FALSE), not null
|
2017-11-12 06:23:33 +11:00
|
|
|
# moderator :boolean default(FALSE), not null
|
2017-05-02 10:14:47 +10:00
|
|
|
#
|
2016-11-16 02:56:29 +11:00
|
|
|
|
2016-08-18 01:56:23 +10:00
|
|
|
class User < ApplicationRecord
|
2017-01-13 12:42:22 +11:00
|
|
|
include Settings::Extend
|
2017-11-08 05:06:44 +11:00
|
|
|
|
2017-05-23 03:36:21 +10:00
|
|
|
ACTIVE_DURATION = 14.days
|
2017-01-13 06:46:24 +11:00
|
|
|
|
2017-01-28 06:28:46 +11:00
|
|
|
devise :registerable, :recoverable,
|
|
|
|
:rememberable, :trackable, :validatable, :confirmable,
|
2017-04-15 21:26:03 +10:00
|
|
|
:two_factor_authenticatable, :two_factor_backupable,
|
|
|
|
otp_secret_encryption_key: ENV['OTP_SECRET'],
|
|
|
|
otp_number_of_backup_codes: 10
|
2016-03-05 23:12:24 +11:00
|
|
|
|
2017-04-17 23:54:33 +10:00
|
|
|
belongs_to :account, inverse_of: :user, required: true
|
2016-03-06 08:43:05 +11:00
|
|
|
accepts_nested_attributes_for :account
|
2016-03-05 23:12:24 +11:00
|
|
|
|
2017-08-23 02:33:57 +10:00
|
|
|
has_many :applications, class_name: 'Doorkeeper::Application', as: :owner
|
|
|
|
|
2017-05-19 11:11:23 +10:00
|
|
|
validates :locale, inclusion: I18n.available_locales.map(&:to_s), if: :locale?
|
2017-06-10 03:46:01 +10:00
|
|
|
validates_with BlacklistedEmailValidator, if: :email_changed?
|
2016-03-15 03:49:13 +11:00
|
|
|
|
2017-11-12 06:23:33 +11:00
|
|
|
scope :recent, -> { order(id: :desc) }
|
|
|
|
scope :admins, -> { where(admin: true) }
|
|
|
|
scope :moderators, -> { where(moderator: true) }
|
|
|
|
scope :staff, -> { admins.or(moderators) }
|
2017-03-04 09:45:48 +11:00
|
|
|
scope :confirmed, -> { where.not(confirmed_at: nil) }
|
2017-05-23 03:36:21 +10:00
|
|
|
scope :inactive, -> { where(arel_table[:current_sign_in_at].lt(ACTIVE_DURATION.ago)) }
|
2017-07-23 09:15:04 +10:00
|
|
|
scope :active, -> { confirmed.where(arel_table[:current_sign_in_at].gteq(ACTIVE_DURATION.ago)).joins(:account).where(accounts: { suspended: false }) }
|
2017-05-23 05:50:58 +10:00
|
|
|
scope :matches_email, ->(value) { where(arel_table[:email].matches("#{value}%")) }
|
|
|
|
scope :with_recent_ip_address, ->(value) { where(arel_table[:current_sign_in_ip].eq(value).or(arel_table[:last_sign_in_ip].eq(value))) }
|
2016-10-07 22:17:56 +11:00
|
|
|
|
2017-05-08 11:32:52 +10:00
|
|
|
before_validation :sanitize_languages
|
|
|
|
|
2017-06-02 04:53:37 +10:00
|
|
|
# This avoids a deprecation warning from Rails 5.1
|
|
|
|
# It seems possible that a future release of devise-two-factor will
|
|
|
|
# handle this itself, and this can be removed from our User class.
|
|
|
|
attribute :otp_secret
|
|
|
|
|
2017-06-24 02:50:53 +10:00
|
|
|
has_many :session_activations, dependent: :destroy
|
|
|
|
|
2017-11-16 02:05:20 +11:00
|
|
|
delegate :auto_play_gif, :default_sensitive, :unfollow_modal, :boost_modal, :delete_modal,
|
|
|
|
:reduce_motion, :system_font_ui, :noindex, :theme,
|
|
|
|
to: :settings, prefix: :setting, allow_nil: false
|
|
|
|
|
2017-04-23 12:43:42 +10:00
|
|
|
def confirmed?
|
|
|
|
confirmed_at.present?
|
|
|
|
end
|
|
|
|
|
2017-11-12 06:23:33 +11:00
|
|
|
def staff?
|
|
|
|
admin? || moderator?
|
|
|
|
end
|
|
|
|
|
|
|
|
def role
|
|
|
|
if admin?
|
|
|
|
'admin'
|
|
|
|
elsif moderator?
|
|
|
|
'moderator'
|
|
|
|
else
|
|
|
|
'user'
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
2017-11-08 05:06:44 +11:00
|
|
|
def disable!
|
|
|
|
update!(disabled: true,
|
|
|
|
last_sign_in_at: current_sign_in_at,
|
|
|
|
current_sign_in_at: nil)
|
|
|
|
end
|
|
|
|
|
|
|
|
def enable!
|
|
|
|
update!(disabled: false)
|
|
|
|
end
|
|
|
|
|
2017-11-12 06:23:33 +11:00
|
|
|
def confirm!
|
|
|
|
skip_confirmation!
|
|
|
|
save!
|
|
|
|
end
|
|
|
|
|
|
|
|
def promote!
|
|
|
|
if moderator?
|
|
|
|
update!(moderator: false, admin: true)
|
|
|
|
elsif !admin?
|
|
|
|
update!(moderator: true)
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
def demote!
|
|
|
|
if admin?
|
|
|
|
update!(admin: false, moderator: true)
|
|
|
|
elsif moderator?
|
|
|
|
update!(moderator: false)
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
2017-05-03 05:07:12 +10:00
|
|
|
def disable_two_factor!
|
|
|
|
self.otp_required_for_login = false
|
|
|
|
otp_backup_codes&.clear
|
|
|
|
save!
|
|
|
|
end
|
|
|
|
|
2017-11-08 05:06:44 +11:00
|
|
|
def active_for_authentication?
|
|
|
|
super && !disabled?
|
|
|
|
end
|
|
|
|
|
2017-02-07 09:16:20 +11:00
|
|
|
def setting_default_privacy
|
|
|
|
settings.default_privacy || (account.locked? ? 'private' : 'public')
|
|
|
|
end
|
2017-04-12 00:10:16 +10:00
|
|
|
|
2017-08-23 02:33:57 +10:00
|
|
|
def token_for_app(a)
|
|
|
|
return nil if a.nil? || a.owner != self
|
|
|
|
Doorkeeper::AccessToken
|
|
|
|
.find_or_create_by(application_id: a.id, resource_owner_id: id) do |t|
|
|
|
|
|
|
|
|
t.scopes = a.scopes
|
|
|
|
t.expires_in = Doorkeeper.configuration.access_token_expires_in
|
|
|
|
t.use_refresh_token = Doorkeeper.configuration.refresh_token_enabled?
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
2017-06-26 00:54:30 +10:00
|
|
|
def activate_session(request)
|
|
|
|
session_activations.activate(session_id: SecureRandom.hex,
|
|
|
|
user_agent: request.user_agent,
|
2017-08-30 18:24:30 +10:00
|
|
|
ip: request.remote_ip).session_id
|
2017-06-24 02:50:53 +10:00
|
|
|
end
|
|
|
|
|
|
|
|
def exclusive_session(id)
|
|
|
|
session_activations.exclusive(id)
|
|
|
|
end
|
|
|
|
|
|
|
|
def session_active?(id)
|
|
|
|
session_activations.active? id
|
|
|
|
end
|
|
|
|
|
2017-07-14 06:15:32 +10:00
|
|
|
def web_push_subscription(session)
|
|
|
|
session.web_push_subscription.nil? ? nil : session.web_push_subscription.as_payload
|
|
|
|
end
|
|
|
|
|
2017-05-30 23:28:56 +10:00
|
|
|
protected
|
|
|
|
|
|
|
|
def send_devise_notification(notification, *args)
|
|
|
|
devise_mailer.send(notification, self, *args).deliver_later
|
|
|
|
end
|
|
|
|
|
2017-05-08 11:32:52 +10:00
|
|
|
private
|
|
|
|
|
|
|
|
def sanitize_languages
|
2017-05-21 01:32:44 +10:00
|
|
|
filtered_languages.reject!(&:blank?)
|
2017-05-08 11:32:52 +10:00
|
|
|
end
|
2016-02-23 02:00:20 +11:00
|
|
|
end
|