Page MenuHomeGRNET
Files F1090757

No OneTemporary
Actions

File Metadata

Created
Wed, Oct 15, 11:25 AM

View Options

diff --git a/app/controllers/users_controller.rb b/app/controllers/users_controller.rb
index d089edd..7974bb4 100644
--- a/app/controllers/users_controller.rb
+++ b/app/controllers/users_controller.rb
@@ -1,16 +1,16 @@
class UsersController < ApplicationController
# GET users/1
def show; end
# PATCH users/1/generate_token
def generate_token
- if current_user.create_token
+ if current_user.create_token(save: true)
flash[:success] = 'Token created'
else
flash[:error] = 'Token not created'
end
redirect_to user_path(current_user)
end
end
diff --git a/app/models/user.rb b/app/models/user.rb
index 2fb883d..81517a1 100644
--- a/app/models/user.rb
+++ b/app/models/user.rb
@@ -1,138 +1,139 @@
class User < ActiveRecord::Base
establish_connection ARCHIVING_CONF
attr_accessor :password, :retype_password
serialize :temp_hosts, JSON
has_many :ownerships
has_many :hosts, through: :ownerships, inverse_of: :users
has_many :invitations
enum user_type: { institutional: 0, vima: 1, okeanos: 2, admin: 3 }
validates :user_type, presence: true
validates :username, presence: true, uniqueness: { scope: :user_type }
validates :email, presence: true, uniqueness: { scope: :user_type }
before_create :confirm_passwords, if: :admin?
+ before_create :create_token
# Returns an admin user with the given password
#
# @param username[String] username from user input
# @param a_password[String] password from user input
#
# @return [User] the admin user or nil
def self.fetch_admin_with_password(username, a_password)
hashed_pass = Digest::SHA256.hexdigest(a_password + Rails.application.secrets.salt)
admin = User.admin.find_by_username_and_password_hash(username, hashed_pass)
admin
end
# Initializes a user token which will be used for API access
- def create_token
+ def create_token(opts = {})
self.token = Digest::SHA256.hexdigest(
Time.now.to_s + Rails.application.secrets.salt + email
)
- save
+ save if opts[:save] == true
end
# Composes the user's display name from the user's username and email
#
# @return [String]
def display_name
"#{username} <#{email}>"
end
# Determines if the user must select hosts from a list or enter their
# FQDN manually
#
# @return [Boolean]
def needs_host_list?
vima? || okeanos?
end
# Determines if the user is editable or not.
# Editable users are only admin users, all others come from 3rd party authorization
#
# @return [Boolean]
def editable?
admin?
end
# Marks a user as not enabled
def ban
self.enabled = false
save
end
# Marks a user as enabled
def unban
self.enabled = true
save
end
# Stores a hashed password as a password_hash
#
# @param a_password[String] the user submitted password
#
# @return [Boolean] the save exit status
def add_password(a_password)
self.password_hash = Digest::SHA256.hexdigest(a_password + Rails.application.secrets.salt)
self.save
end
# Fetches the user's unverified hosts
#
# @return [Array] of Strings containing the hosts' names
def unverified_hosts
hosts.unverified.pluck(:name)
end
# Fetches the user's hosts that are being backed up by bacula
#
# @return [Array] of Strings configuration the host's names
def baculized_hosts
hosts.in_bacula.pluck(:name)
end
# Fetches the user's hosts that are NOT being backed up by bacula
#
# @return [Array] of Strings configuration the host's names
def non_baculized_hosts
hosts.not_baculized.pluck(:name)
end
# Determines if a vima user needs to update his hosts' list
#
# @return [Boolean]
def refetch_hosts?
return false unless vima?
return true if hosts_updated_at.nil?
hosts_updated_at < Archiving.settings[:skip_host_fetch_time_period].ago
end
# Determines if a user has admin access to archiving or not
#
# @return [Boolean]
def has_admin_access?
admin? || moderator?
end
private
def confirm_passwords
if password.blank?
self.errors.add(:password, 'Must give a password')
return false
end
if password != retype_password
self.errors.add(:password, 'Passwords mismatch')
self.errors.add(:retype_password, 'Passwords mismatch')
return false
end
true
end
end

Event Timeline