Class: User

Inherits:

ApplicationRecord

• Object
• ActiveRecord::Base
• ApplicationRecord
• User

Extended by:

FriendlyId

Defined in:

app/models/user.rb

Overview

rubocop:disable Metrics/ClassLength

Instance Attribute Summary

• #just_created ⇒ Object

  Returns the value of attribute just_created.

Class Method Summary

• .all_uids_string ⇒ Object

  Returns a string with the UID (netid) for all the users.

• .create_default_users ⇒ Object

  Creates the default users as indicated in the super_admin config file and the default administrators and submitters for each group.

• .create_users_from_csv(csv) ⇒ Object

  rubocop:enable Metrics/MethodLength.

• .email_from_access_token(access_token) ⇒ Object
• .from_cas(access_token) ⇒ Object
• .looks_like_email_address?(value) ⇒ Boolean
• .new_for_uid(uid) ⇒ Object

  Creates a new user by uid.

• .new_from_cas(access_token) ⇒ Object

  Create a new user with some basic information from CAS.

• .new_from_csv_params(csv_params) ⇒ Object

  rubocop:disable Metrics/MethodLength.

• .new_super_admin(uid) ⇒ Object
• .safe_uid(uid) ⇒ Object
• .update_super_admins ⇒ Object

Instance Method Summary

• #admin_groups ⇒ Object

  Returns the list of groups where the user is an administrator.

• #assign_default_role ⇒ Object
• #can_admin?(group) ⇒ Boolean

  Returns true if the user can admin the group.

• #can_submit?(group) ⇒ Boolean

  True if the user can submit datasets to the group.

• #default_group ⇒ Object

  Returns a reference to the user’s default group.

• #email_messages_enabled? ⇒ Boolean

  Returns true if the user has notification e-mails enabled.

• #full_name_safe ⇒ Object

  Returns a full name that always has a value This is needed because we have records in the Users table that are created automatically in which the only value we have for sure its their uid (aka NetID).

• #given_name_safe ⇒ Object

  Returns a display name that always has a value This is needed because we have records in the Users table that are created automatically in which the only value we have for sure its their uid (aka NetID).

• #moderator? ⇒ Boolean
• #pending_notifications_count ⇒ Object
• #safe_uid_check ⇒ Object
• #submitter_groups ⇒ Object

  Returns the list of groups where the user can submit datasets.

• #submitter_or_admin_groups ⇒ Object
• #super_admin? ⇒ Boolean

  Is this user a super_admin? super_admins automatically get admin status in every group, and they can make new groups.

• #update_with_cas(access_token) ⇒ Object

  Updates an existing User record with some information from CAS.

Instance Attribute Details

#just_created ⇒ Object

Returns the value of attribute just_created.

# File 'app/models/user.rb', line 23

def just_created
  @just_created
end

Class Method Details

.all_uids_string ⇒ Object

Returns a string with the UID (netid) for all the users. We use this string to power the JavaScript @mention functionality when adding messages to works.

# File 'app/models/user.rb', line 170

def self.all_uids_string
  User.all.map { |user| '"' + user.uid + '"' }.join(", ")
end

.create_default_users ⇒ Object

Creates the default users as indicated in the super_admin config file and the default administrators and submitters for each group. It only creates missing records, i.e. if the records already exist it will not create a duplicate. It also does not remove already configured access to other groups.

# File 'app/models/user.rb', line 143

def self.create_default_users
  update_super_admins

  Group.find_each do |group|
    Rails.logger.info "Setting up admins for group #{group.title}"
    group.default_admins_list.each do |uid|
      user = User.new_for_uid(uid)
      user.add_role :group_admin, group
    end

    Rails.logger.info "Setting up submitters for group #{group.title}"
    group.default_submitters_list.each do |uid|
      user = User.new_for_uid(uid)
      user.add_role :submitter, group
    end
  end
end

.create_users_from_csv(csv) ⇒ Object

rubocop:enable Metrics/MethodLength

# File 'app/models/user.rb', line 129

def self.create_users_from_csv(csv)
  users = []
  CSV.foreach(csv, headers: true) do |row|
    next if row["Net ID"] == "N/A"
    users << new_from_csv_params(row.to_hash)
  end
  users
end

.email_from_access_token(access_token) ⇒ Object

# File 'app/models/user.rb', line 61

def self.email_from_access_token(access_token)
  if !access_token.extra.mail.nil?
    # For typical Princeton accounts the email comes on the `email` field
    access_token.extra.mail
  elsif User.looks_like_email_address?(access_token.extra.givenname)
    # For Guest Access Accounts (GAP) the email comes in the `givenname`
    access_token.extra.givenname
  end
end

.from_cas(access_token) ⇒ Object

# File 'app/models/user.rb', line 32

def self.from_cas(access_token)
  user = User.find_by(uid: safe_uid(access_token.uid))
  if user.nil?
    user = new_from_cas(access_token)
  elsif user.provider.blank?
    user.update_with_cas(access_token)
  end
  user
end

.looks_like_email_address?(value) ⇒ Boolean

Returns:

• (Boolean)

# File 'app/models/user.rb', line 71

def self.looks_like_email_address?(value)
  URI::MailTo::EMAIL_REGEXP.match?(value)
end

.new_for_uid(uid) ⇒ Object

Creates a new user by uid. If the user already exists it returns the existing user.

# File 'app/models/user.rb', line 89

def self.new_for_uid(uid)
  user = User.find_by(uid:)
  if user.nil?
    user = User.new(uid:, email: "#{uid}@princeton.edu")
    user.save!
  end
  user
end

.new_from_cas(access_token) ⇒ Object

Create a new user with some basic information from CAS.

# File 'app/models/user.rb', line 43

def self.new_from_cas(access_token)
  user = User.new
  user.provider = access_token.provider
  user.uid = safe_uid(access_token.uid) # this is the netid
  user.email = User.email_from_access_token(access_token)
  user.given_name = access_token.extra.givenname || access_token.uid # Harriet
  user.family_name = access_token.extra.sn || access_token.uid # Tubman
  user.full_name = access_token.extra.displayname || access_token.uid # "Harriet Tubman"
  user.default_group_id = Group.default_for_department(access_token.extra.departmentnumber)&.id
  user.save!
  user
end

.new_from_csv_params(csv_params) ⇒ Object

rubocop:disable Metrics/MethodLength

# File 'app/models/user.rb', line 106

def self.new_from_csv_params(csv_params)
  email = "#{csv_params['Net ID']}@princeton.edu"
  uid = csv_params["Net ID"]
  given_name = csv_params["First Name"]
  family_name = csv_params["Last Name"]
  full_name = "#{given_name} #{family_name}"
  orcid = csv_params["ORCID ID"]
  user = User.where(email:).first_or_create
  params_hash = {
    email:,
    uid:,
    orcid:,
    full_name: (full_name if user.full_name.blank?),
    family_name: (family_name if user.family_name.blank?),
    given_name: (given_name if user.given_name.blank?)
  }.compact

  user.update(params_hash)
  Rails.logger.info "Successfully created or updated #{user.email}"
  user
end

.new_super_admin(uid) ⇒ Object

# File 'app/models/user.rb', line 98

def self.new_super_admin(uid)
  user = new_for_uid(uid)
  user.add_role(:super_admin) unless user.has_role?(:super_admin)
  user.add_role(:group_admin) unless user.has_role?(:group_admin)
  user
end

.safe_uid(uid) ⇒ Object

# File 'app/models/user.rb', line 56

def self.safe_uid(uid)
  return uid if uid.blank?
  uid.gsub(/[^(0-9a-zA-Z_\-)]/, "_")
end

.update_super_admins ⇒ Object

# File 'app/models/user.rb', line 161

def self.update_super_admins
  Rails.logger.info "Setting super administrators"
  Rails.configuration.super_admins.each do |uid|
    new_super_admin(uid)
  end
end

Instance Method Details

#admin_groups ⇒ Object

Returns the list of groups where the user is an administrator

# File 'app/models/user.rb', line 234

def admin_groups
  @admin_groups ||= if super_admin?
                      Group.all.to_a
                    else
                      Group.with_role(:group_admin, self)
                    end
end

#assign_default_role ⇒ Object

# File 'app/models/user.rb', line 250

def assign_default_role
  @just_created = true
  add_role(:submitter, default_group) unless has_role?(:submitter, default_group)
  default_group.enable_messages_for(user: self)
end

#can_admin?(group) ⇒ Boolean

Returns true if the user can admin the group

Returns:

• (Boolean)

# File 'app/models/user.rb', line 219

def can_admin?(group)
  return true if super_admin?
  has_role? :group_admin, group
end

#can_submit?(group) ⇒ Boolean

True if the user can submit datasets to the group

Returns:

• (Boolean)

# File 'app/models/user.rb', line 213

def can_submit?(group)
  return true if super_admin?
  has_role?(:submitter, group)
end

#default_group ⇒ Object

Returns a reference to the user’s default group.

# File 'app/models/user.rb', line 204

def default_group
  if default_group_id.nil?
    Group.default
  else
    Group.find(default_group_id)
  end
end

#email_messages_enabled? ⇒ Boolean

Returns true if the user has notification e-mails enabled

Returns:

• (Boolean)

# File 'app/models/user.rb', line 258

def email_messages_enabled?
  email_messages_enabled
end

#full_name_safe ⇒ Object

Returns a full name that always has a value This is needed because we have records in the Users table that are created automatically in which the only value we have for sure its their uid (aka NetID).

# File 'app/models/user.rb', line 195

def full_name_safe
  full_name&.strip.presence || uid
end

#given_name_safe ⇒ Object

Returns a display name that always has a value This is needed because we have records in the Users table that are created automatically in which the only value we have for sure its their uid (aka NetID).

# File 'app/models/user.rb', line 188

def given_name_safe
  given_name.presence || uid
end

#moderator? ⇒ Boolean

Returns:

• (Boolean)

# File 'app/models/user.rb', line 199

def moderator?
  admin_groups.count > 0
end

#pending_notifications_count ⇒ Object

# File 'app/models/user.rb', line 246

def pending_notifications_count
  WorkActivityNotification.where(user_id: id, read_at: nil).count
end

#safe_uid_check ⇒ Object

# File 'app/models/user.rb', line 262

def safe_uid_check
  self.uid = self.class.safe_uid(uid)
end

#submitter_groups ⇒ Object

Returns the list of groups where the user can submit datasets

# File 'app/models/user.rb', line 225

def submitter_groups
  @submitter_groups = if super_admin?
                        Group.all.to_a
                      else
                        (Group.with_role(:submitter, self) + Group.with_role(:group_admin, self)).uniq
                      end
end

#submitter_or_admin_groups ⇒ Object

# File 'app/models/user.rb', line 242

def submitter_or_admin_groups
  submitter_groups | admin_groups
end

#super_admin? ⇒ Boolean

Is this user a super_admin? super_admins automatically get admin status in every group, and they can make new groups.

Returns:

• (Boolean)

# File 'app/models/user.rb', line 178

def super_admin?
  has_role? :super_admin
rescue => ex
  Rails.logger.error("Unexpected error checking super_admin: #{ex}")
  false
end

#update_with_cas(access_token) ⇒ Object

Updates an existing User record with some information from CAS. This is useful for records created before the user ever logged in (e.g. to grant them permissions to groups).

# File 'app/models/user.rb', line 78

def update_with_cas(access_token)
  self.provider = access_token.provider
  self.email = User.email_from_access_token(access_token)
  self.given_name = access_token.extra.givenname || access_token.uid # Harriet
  self.family_name = access_token.extra.sn || access_token.uid # Tubman
  self.full_name = access_token.extra.displayname || access_token.uid # "Harriet Tubman"
  self.default_group_id ||= Group.default_for_department(access_token.extra.departmentnumber)&.id
  save!
end