Mercurial > hg > soundsoftware-site
diff app/models/user.rb @ 511:107d36338b70 live
Merge from branch "cannam"
| author | Chris Cannam |
|---|---|
| date | Thu, 14 Jul 2011 10:43:07 +0100 |
| parents | 753f1380d6bc |
| children | ec7c78040115 |
line wrap: on
line diff
--- a/app/models/user.rb Thu Jun 09 16:51:06 2011 +0100 +++ b/app/models/user.rb Thu Jul 14 10:43:07 2011 +0100 @@ -1,5 +1,5 @@ # Redmine - project management software -# Copyright (C) 2006-2009 Jean-Philippe Lang +# Copyright (C) 2006-2011 Jean-Philippe Lang # # This program is free software; you can redistribute it and/or # modify it under the terms of the GNU General Public License @@ -18,7 +18,8 @@ require "digest/sha1" class User < Principal - + include Redmine::SafeAttributes + # Account statuses STATUS_ANONYMOUS = 0 STATUS_ACTIVE = 1 @@ -34,21 +35,21 @@ } MAIL_NOTIFICATION_OPTIONS = [ - [:all, :label_user_mail_option_all], - [:selected, :label_user_mail_option_selected], - [:none, :label_user_mail_option_none], - [:only_my_events, :label_user_mail_option_only_my_events], - [:only_assigned, :label_user_mail_option_only_assigned], - [:only_owner, :label_user_mail_option_only_owner] - ] + ['all', :label_user_mail_option_all], + ['selected', :label_user_mail_option_selected], + ['only_my_events', :label_user_mail_option_only_my_events], + ['only_assigned', :label_user_mail_option_only_assigned], + ['only_owner', :label_user_mail_option_only_owner], + ['none', :label_user_mail_option_none] + ] has_and_belongs_to_many :groups, :after_add => Proc.new {|user, group| group.user_added(user)}, :after_remove => Proc.new {|user, group| group.user_removed(user)} has_many :issue_categories, :foreign_key => 'assigned_to_id', :dependent => :nullify has_many :changesets, :dependent => :nullify has_one :preference, :dependent => :destroy, :class_name => 'UserPreference' - has_one :rss_token, :dependent => :destroy, :class_name => 'Token', :conditions => "action='feeds'" - has_one :api_token, :dependent => :destroy, :class_name => 'Token', :conditions => "action='api'" + has_one :rss_token, :class_name => 'Token', :conditions => "action='feeds'" + has_one :api_token, :class_name => 'Token', :conditions => "action='api'" belongs_to :auth_source has_one :ssamr_user_detail, :dependent => :destroy, :class_name => 'SsamrUserDetail' @@ -62,7 +63,7 @@ attr_accessor :password, :password_confirmation attr_accessor :last_before_login_on # Prevents unauthorized assignments - attr_protected :login, :admin, :password, :password_confirmation, :hashed_password, :group_ids + attr_protected :login, :admin, :password, :password_confirmation, :hashed_password validates_presence_of :login, :firstname, :lastname, :mail, :if => Proc.new { |user| !user.is_a?(AnonymousUser) } @@ -73,14 +74,25 @@ # Login must contain lettres, numbers, underscores only validates_format_of :login, :with => /^[a-z0-9_\-@\.]*$/i validates_length_of :login, :maximum => 30 - validates_format_of :firstname, :lastname, :with => /^[\w\s\'\-\.]*$/i validates_length_of :firstname, :lastname, :maximum => 30 validates_format_of :mail, :with => /^([^@\s]+)@((?:[-a-z0-9]+\.)+[a-z]{2,})$/i, :allow_nil => true validates_length_of :mail, :maximum => 60, :allow_nil => true validates_confirmation_of :password, :allow_nil => true + validates_inclusion_of :mail_notification, :in => MAIL_NOTIFICATION_OPTIONS.collect(&:first), :allow_blank => true + before_destroy :remove_references_before_destroy + validates_acceptance_of :terms_and_conditions, :on => :create, :message => :must_accept_terms_and_conditions + named_scope :in_group, lambda {|group| + group_id = group.is_a?(Group) ? group.id : group.to_i + { :conditions => ["#{User.table_name}.id IN (SELECT gu.user_id FROM #{table_name_prefix}groups_users#{table_name_suffix} gu WHERE gu.group_id = ?)", group_id] } + } + named_scope :not_in_group, lambda {|group| + group_id = group.is_a?(Group) ? group.id : group.to_i + { :conditions => ["#{User.table_name}.id NOT IN (SELECT gu.user_id FROM #{table_name_prefix}groups_users#{table_name_suffix} gu WHERE gu.group_id = ?)", group_id] } + } + def before_create self.mail_notification = Setting.default_notification_option if self.mail_notification.blank? true @@ -88,11 +100,14 @@ def before_save # update hashed_password if password was set - self.hashed_password = User.hash_password(self.password) if self.password && self.auth_source_id.blank? + if self.password && self.auth_source_id.blank? + salt_password(password) + end end def reload(*args) @name = nil + @projects_by_role = nil super end @@ -130,7 +145,7 @@ return nil unless user.auth_source.authenticate(login, password) else # authentication with local password - return nil unless User.hash_password(password) == user.hashed_password + return nil unless user.check_password?(password) end else # user is not yet registered, try to authenticate with available sources @@ -209,13 +224,21 @@ update_attribute(:status, STATUS_LOCKED) end + # Returns true if +clear_password+ is the correct user's password, otherwise false def check_password?(clear_password) if auth_source_id.present? auth_source.authenticate(self.login, clear_password) else - User.hash_password(clear_password) == self.hashed_password + User.hash_password("#{salt}#{User.hash_password clear_password}") == hashed_password end end + + # Generates a random salt and computes hashed_password for +clear_password+ + # The hashed password is stored in the following form: SHA1(salt + SHA1(password)) + def salt_password(clear_password) + self.salt = User.generate_salt + self.hashed_password = User.hash_password("#{salt}#{User.hash_password clear_password}") + end # Does the backend storage allow this user to change their password? def change_password_allowed? @@ -271,12 +294,16 @@ notified_projects_ids end + def valid_notification_options + self.class.valid_notification_options(self) + end + # Only users that belong to more than 1 project can select projects for which they are notified - def valid_notification_options + def self.valid_notification_options(user=nil) # Note that @user.membership.size would fail since AR ignores # :include association option when doing a count - if memberships.length < 1 - MAIL_NOTIFICATION_OPTIONS.delete_if {|option| option.first == :selected} + if user.nil? || user.memberships.length < 1 + MAIL_NOTIFICATION_OPTIONS.reject {|option| option.first == 'selected'} else MAIL_NOTIFICATION_OPTIONS end @@ -356,16 +383,33 @@ !roles_for_project(project).detect {|role| role.member?}.nil? end + # Returns a hash of user's projects grouped by roles + def projects_by_role + return @projects_by_role if @projects_by_role + + @projects_by_role = Hash.new {|h,k| h[k]=[]} + memberships.each do |membership| + membership.roles.each do |role| + @projects_by_role[role] << membership.project if membership.project + end + end + @projects_by_role.each do |role, projects| + projects.uniq! + end + + @projects_by_role + end + # Return true if the user is allowed to do the specified action on a specific context # Action can be: # * a parameter-like Hash (eg. :controller => 'projects', :action => 'edit') # * a permission Symbol (eg. :edit_project) # Context can be: # * a project : returns true if user is allowed to do the specified action on this project - # * a group of projects : returns true if user is allowed on every project + # * an array of projects : returns true if user is allowed on every project # * nil with options[:global] set : check if user has at least one role allowed for this action, # or falls back to Non Member / Anonymous permissions depending if the user is logged - def allowed_to?(action, context, options={}) + def allowed_to?(action, context, options={}, &block) if context && context.is_a?(Project) # No action allowed on archived projects return false unless context.active? @@ -376,12 +420,15 @@ roles = roles_for_project(context) return false unless roles - roles.detect {|role| (context.is_public? || role.member?) && role.allowed_to?(action)} - + roles.detect {|role| + (context.is_public? || role.member?) && + role.allowed_to?(action) && + (block_given? ? yield(role, self) : true) + } elsif context && context.is_a?(Array) # Authorize if user is authorized on every element of the array context.map do |project| - allowed_to?(action,project,options) + allowed_to?(action, project, options, &block) end.inject do |memo,allowed| memo && allowed end @@ -391,7 +438,11 @@ # authorize if user has at least one role that has this permission roles = memberships.collect {|m| m.roles}.flatten.uniq - roles.detect {|r| r.allowed_to?(action)} || (self.logged? ? Role.non_member.allowed_to?(action) : Role.anonymous.allowed_to?(action)) + roles << (self.logged? ? Role.non_member : Role.anonymous) + roles.detect {|role| + role.allowed_to?(action) && + (block_given? ? yield(role, self) : true) + } else false end @@ -399,35 +450,57 @@ # Is the user allowed to do the specified action on any project? # See allowed_to? for the actions and valid options. - def allowed_to_globally?(action, options) - allowed_to?(action, nil, options.reverse_merge(:global => true)) + def allowed_to_globally?(action, options, &block) + allowed_to?(action, nil, options.reverse_merge(:global => true), &block) end + + safe_attributes 'login', + 'firstname', + 'lastname', + 'mail', + 'mail_notification', + 'language', + 'custom_field_values', + 'custom_fields', + 'identity_url' + + safe_attributes 'status', + 'auth_source_id', + :if => lambda {|user, current_user| current_user.admin?} + + safe_attributes 'group_ids', + :if => lambda {|user, current_user| current_user.admin? && !user.new_record?} # Utility method to help check if a user should be notified about an # event. # # TODO: only supports Issue events currently def notify_about?(object) - case mail_notification.to_sym - when :all + case mail_notification + when 'all' true - when :selected - # Handled by the Project - when :none - false - when :only_my_events + when 'selected' + # user receives notifications for created/assigned issues on unselected projects if object.is_a?(Issue) && (object.author == self || object.assigned_to == self) true else false end - when :only_assigned + when 'none' + false + when 'only_my_events' + if object.is_a?(Issue) && (object.author == self || object.assigned_to == self) + true + else + false + end + when 'only_assigned' if object.is_a?(Issue) && object.assigned_to == self true else false end - when :only_owner + when 'only_owner' if object.is_a?(Issue) && object.author == self true else @@ -456,6 +529,20 @@ end anonymous_user end + + # Salts all existing unsalted passwords + # It changes password storage scheme from SHA1(password) to SHA1(salt + SHA1(password)) + # This method is used in the SaltPasswords migration and is to be kept as is + def self.salt_unsalted_passwords! + transaction do + User.find_each(:conditions => "salt IS NULL OR salt = ''") do |user| + next if user.hashed_password.blank? + salt = User.generate_salt + hashed_password = User.hash_password("#{salt}#{user.hashed_password}") + User.update_all("salt = '#{salt}', hashed_password = '#{hashed_password}'", ["id = ?", user.id] ) + end + end + end protected @@ -467,11 +554,42 @@ end private + + # Removes references that are not handled by associations + # Things that are not deleted are reassociated with the anonymous user + def remove_references_before_destroy + return if self.id.nil? + + substitute = User.anonymous + Attachment.update_all ['author_id = ?', substitute.id], ['author_id = ?', id] + Comment.update_all ['author_id = ?', substitute.id], ['author_id = ?', id] + Issue.update_all ['author_id = ?', substitute.id], ['author_id = ?', id] + Issue.update_all 'assigned_to_id = NULL', ['assigned_to_id = ?', id] + Journal.update_all ['user_id = ?', substitute.id], ['user_id = ?', id] + JournalDetail.update_all ['old_value = ?', substitute.id.to_s], ["property = 'attr' AND prop_key = 'assigned_to_id' AND old_value = ?", id.to_s] + JournalDetail.update_all ['value = ?', substitute.id.to_s], ["property = 'attr' AND prop_key = 'assigned_to_id' AND value = ?", id.to_s] + Message.update_all ['author_id = ?', substitute.id], ['author_id = ?', id] + News.update_all ['author_id = ?', substitute.id], ['author_id = ?', id] + # Remove private queries and keep public ones + Query.delete_all ['user_id = ? AND is_public = ?', id, false] + Query.update_all ['user_id = ?', substitute.id], ['user_id = ?', id] + TimeEntry.update_all ['user_id = ?', substitute.id], ['user_id = ?', id] + Token.delete_all ['user_id = ?', id] + Watcher.delete_all ['user_id = ?', id] + WikiContent.update_all ['author_id = ?', substitute.id], ['author_id = ?', id] + WikiContent::Version.update_all ['author_id = ?', substitute.id], ['author_id = ?', id] + end # Return password digest def self.hash_password(clear_password) Digest::SHA1.hexdigest(clear_password || "") end + + # Returns a 128bits random salt as a hex string (32 chars long) + def self.generate_salt + ActiveSupport::SecureRandom.hex(16) + end + end class AnonymousUser < User @@ -492,4 +610,9 @@ def mail; nil end def time_zone; nil end def rss_key; nil end + + # Anonymous user can not be destroyed + def destroy + false + end end