1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
|
class User < ActiveRecord::Base
# Include default devise modules. Others available are:
# :token_authenticatable, :encryptable, :confirmable, :lockable, :timeoutable and :omniauthable, :database_authenticatable
@@authentication_type = "#{Rails.application.config.chouette_authentication_settings[:type]}_authenticatable".to_sym
cattr_reader :authentication_type
devise :invitable, :registerable, :validatable, :lockable,
:recoverable, :rememberable, :trackable, :async, authentication_type
# FIXME https://github.com/nbudin/devise_cas_authenticatable/issues/53
# Work around :validatable, when database_authenticatable is diabled.
attr_accessor :password unless authentication_type == :database_authenticatable
# Setup accessible (or protected) attributes for your model
# attr_accessible :email, :password, :current_password, :password_confirmation, :remember_me, :name, :organisation_attributes
belongs_to :organisation
accepts_nested_attributes_for :organisation
validates :organisation, :presence => true
validates :email, :presence => true, :uniqueness => true
validates :name, :presence => true
validate :permissions_unique_and_nonempty
before_validation(:on => :create) do
self.password ||= Devise.friendly_token.first(6)
self.password_confirmation ||= self.password
end
after_destroy :check_destroy_organisation
@@edit_offer_permissions = ['routes.create', 'routes.edit', 'routes.destroy', 'journey_patterns.create', 'journey_patterns.edit', 'journey_patterns.destroy',
'vehicle_journeys.create', 'vehicle_journeys.edit', 'vehicle_journeys.destroy', 'time_tables.create', 'time_tables.edit', 'time_tables.destroy',
'footnotes.edit', 'footnotes.create', 'footnotes.destroy', 'routing_constraint_zones.create', 'routing_constraint_zones.edit',
'routing_constraint_zones.destroy']
def cas_extra_attributes=(extra_attributes)
extra = extra_attributes.inject({}){|memo,(k,v)| memo[k.to_sym] = v; memo}
self.name = extra[:full_name]
self.email = extra[:email]
self.organisation = Organisation.sync_update extra[:organisation_code], extra[:organisation_name], extra[:functional_scope]
self.permissions = extra[:permissions].include?('boiv:edit-offer') ? @@edit_offer_permissions : []
end
def self.portail_api_request
conf = Rails.application.config.try(:stif_portail_api)
raise 'Rails.application.config.stif_portail_api settings is not defined' unless conf
conn = Faraday.new(:url => conf[:url]) do |c|
c.headers['Authorization'] = "Token token=\"#{conf[:key]}\""
c.adapter Faraday.default_adapter
end
resp = conn.get '/api/v1/users'
if resp.status == 200
JSON.parse resp.body
else
raise "Error on api request status : #{resp.status} => #{resp.body}"
end
end
def self.portail_sync
self.portail_api_request.each do |el|
user = User.find_or_initialize_by(username: el['username'])
user.name = "#{el['firstname']} #{el['lastname']}"
user.email = el['email']
user.locked_at = el['locked_at']
user.organisation = Organisation.sync_update el['organization_code'], el['organization_name'], el['functional_scope']
user.synced_at = Time.now
user.permissions = el['permissions'].include?('boiv:edit-offer') ? @@edit_offer_permissions : []
user.save
puts "✓ user #{user.username} has been updated" unless Rails.env.test?
end
end
def has_permission?(permission)
permissions && permissions.include?(permission)
end
private
# remove organisation and referentials if last user of it
def check_destroy_organisation
if organisation.users.empty?
organisation.destroy
end
end
def permissions_unique_and_nonempty
if permissions && permissions.any?
errors.add(:permissions, I18n.t('activerecord.errors.models.calendar.attributes.permissions.must_be_unique')) if permissions.uniq.length != permissions.length
errors.add(:permissions, I18n.t('activerecord.errors.models.calendar.attributes.permissions.must_be_nonempty')) if permissions.include? ''
end
end
end
|
