BigW Consortium Gitlab

user.rb 12.3 KB
Newer Older
1 2 3 4 5 6
# == Schema Information
#
# Table name: users
#
#  id                     :integer          not null, primary key
#  email                  :string(255)      default(""), not null
Dmitriy Zaporozhets committed
7
#  encrypted_password     :string(255)      default(""), not null
8 9 10 11 12 13 14 15
#  reset_password_token   :string(255)
#  reset_password_sent_at :datetime
#  remember_created_at    :datetime
#  sign_in_count          :integer          default(0)
#  current_sign_in_at     :datetime
#  last_sign_in_at        :datetime
#  current_sign_in_ip     :string(255)
#  last_sign_in_ip        :string(255)
Dmitriy Zaporozhets committed
16 17
#  created_at             :datetime         not null
#  updated_at             :datetime         not null
18 19 20 21 22 23 24 25 26 27 28 29 30
#  name                   :string(255)
#  admin                  :boolean          default(FALSE), not null
#  projects_limit         :integer          default(10)
#  skype                  :string(255)      default(""), not null
#  linkedin               :string(255)      default(""), not null
#  twitter                :string(255)      default(""), not null
#  authentication_token   :string(255)
#  theme_id               :integer          default(1), not null
#  bio                    :string(255)
#  failed_attempts        :integer          default(0)
#  locked_at              :datetime
#  extern_uid             :string(255)
#  provider               :string(255)
Dmitriy Zaporozhets committed
31
#  username               :string(255)
32 33
#  can_create_group       :boolean          default(TRUE), not null
#  can_create_team        :boolean          default(TRUE), not null
Dmitriy Zaporozhets committed
34 35
#  state                  :string(255)
#  color_scheme_id        :integer          default(1), not null
Dmitriy Zaporozhets committed
36
#  notification_level     :integer          default(1), not null
Dmitriy Zaporozhets committed
37 38
#  password_expires_at    :datetime
#  created_by_id          :integer
Dmitriy Zaporozhets committed
39 40 41 42 43
#  avatar                 :string(255)
#  confirmation_token     :string(255)
#  confirmed_at           :datetime
#  confirmation_sent_at   :datetime
#  unconfirmed_email      :string(255)
44 45
#

46 47 48
require 'carrierwave/orm/activerecord'
require 'file_size_validator'

gitlabhq committed
49
class User < ActiveRecord::Base
50
  devise :database_authenticatable, :token_authenticatable, :lockable, :async,
51
         :recoverable, :rememberable, :trackable, :validatable, :omniauthable, :confirmable, :registerable
gitlabhq committed
52

53
  attr_accessible :email, :password, :password_confirmation, :remember_me, :bio, :name, :username,
54
                  :skype, :linkedin, :twitter, :color_scheme_id, :theme_id, :force_random_password,
55
                  :extern_uid, :provider, :password_expires_at, :avatar,
56 57
                  as: [:default, :admin]

58
  attr_accessible :projects_limit, :can_create_group,
59
                  as: :admin
60 61

  attr_accessor :force_random_password
gitlabhq committed
62

63 64 65 66 67 68 69
  # Virtual attribute for authenticating by either username or email
  attr_accessor :login

  # Add login to attr_accessible
  attr_accessible :login


70 71 72 73
  #
  # Relations
  #

74
  # Namespace for personal projects
Andrey Kumanyaev committed
75 76
  has_one :namespace, dependent: :destroy, foreign_key: :owner_id, class_name: "Namespace", conditions: 'type IS NULL'

77 78 79 80
  # Profile
  has_many :keys, dependent: :destroy

  # Groups
81 82
  has_many :users_groups, dependent: :destroy
  has_many :groups, through: :users_groups
83
  has_many :owned_groups, through: :users_groups, source: :group, conditions: { users_groups: { group_access: UsersGroup::OWNER } }
84 85

  # Projects
86 87 88 89 90
  has_many :groups_projects,          through: :groups, source: :projects
  has_many :personal_projects,        through: :namespace, source: :projects
  has_many :projects,                 through: :users_projects
  has_many :created_projects,         foreign_key: :creator_id, class_name: 'Project'

91
  has_many :snippets,                 dependent: :destroy, foreign_key: :author_id, class_name: "Snippet"
92 93 94 95 96
  has_many :users_projects,           dependent: :destroy
  has_many :issues,                   dependent: :destroy, foreign_key: :author_id
  has_many :notes,                    dependent: :destroy, foreign_key: :author_id
  has_many :merge_requests,           dependent: :destroy, foreign_key: :author_id
  has_many :events,                   dependent: :destroy, foreign_key: :author_id,   class_name: "Event"
Andrey Kumanyaev committed
97
  has_many :recent_events,                                 foreign_key: :author_id,   class_name: "Event", order: "id DESC"
98 99 100
  has_many :assigned_issues,          dependent: :destroy, foreign_key: :assignee_id, class_name: "Issue"
  has_many :assigned_merge_requests,  dependent: :destroy, foreign_key: :assignee_id, class_name: "MergeRequest"

101

102 103 104
  #
  # Validations
  #
Cyril committed
105
  validates :name, presence: true
106
  validates :email, presence: true, format: { with: /\A([^@\s]+)@((?:[-a-z0-9]+\.)+[a-z]{2,})\Z/ }
107
  validates :bio, length: { within: 0..255 }
108
  validates :extern_uid, allow_blank: true, uniqueness: {scope: :provider}
109
  validates :projects_limit, presence: true, numericality: {greater_than_or_equal_to: 0}
110
  validates :username, presence: true, uniqueness: true,
Dmitriy Zaporozhets committed
111
            exclusion: { in: Gitlab::Blacklist.path },
112 113 114
            format: { with: Gitlab::Regex.username_regex,
                      message: "only letters, digits & '_' '-' '.' allowed. Letter should be first" }

Andrey Kumanyaev committed
115
  validates :notification_level, inclusion: { in: Notification.notification_levels }, presence: true
116

117 118
  validate :namespace_uniq, if: ->(user) { user.username_changed? }

119 120
  validates :avatar, file_size: { maximum: 100.kilobytes.to_i }

121
  before_validation :generate_password, on: :create
122 123
  before_validation :sanitize_attrs

124
  before_save :ensure_authentication_token
125

126
  alias_attribute :private_token, :authentication_token
127

128
  delegate :path, to: :namespace, allow_nil: true, prefix: true
129

130 131 132 133
  state_machine :state, initial: :active do
    after_transition any => :blocked do |user, transition|
      # Remove user from all projects and
      user.users_projects.find_each do |membership|
134 135 136 137 138 139 140 141 142
        # skip owned resources
        next if membership.project.owner == user

        return false unless membership.destroy
      end

      # Remove user from all groups
      user.users_groups.find_each do |membership|
        # skip owned resources
143
        next if membership.group.last_owner?(user)
144

145 146 147 148 149 150 151 152 153 154 155 156 157
        return false unless membership.destroy
      end
    end

    event :block do
      transition active: :blocked
    end

    event :activate do
      transition blocked: :active
    end
  end

158 159
  mount_uploader :avatar, AttachmentUploader

Andrey Kumanyaev committed
160
  # Scopes
161
  scope :admins, -> { where(admin:  true) }
162 163
  scope :blocked, -> { with_state(:blocked) }
  scope :active, -> { with_state(:active) }
164
  scope :alphabetically, -> { order('name ASC') }
165 166
  scope :in_team, ->(team){ where(id: team.member_ids) }
  scope :not_in_team, ->(team){ where('users.id NOT IN (:ids)', ids: team.member_ids) }
Andrey Kumanyaev committed
167 168
  scope :not_in_project, ->(project) { project.users.present? ? where("id not in (:ids)", ids: project.users.map(&:id) ) : scoped }
  scope :without_projects, -> { where('id NOT IN (SELECT DISTINCT(user_id) FROM users_projects)') }
169
  scope :ldap, -> { where(provider:  'ldap') }
Andrey Kumanyaev committed
170

171
  scope :potential_team_members, ->(team) { team.members.any? ? active.not_in_team(team) : active  }
Andrey Kumanyaev committed
172

173 174 175
  #
  # Class methods
  #
Andrey Kumanyaev committed
176
  class << self
177
    # Devise method overridden to allow sign in with email or username
178 179 180 181 182 183 184 185 186
    def find_for_database_authentication(warden_conditions)
      conditions = warden_conditions.dup
      if login = conditions.delete(:login)
        where(conditions).where(["lower(username) = :value OR lower(email) = :value", { value: login.downcase }]).first
      else
        where(conditions).first
      end
    end

Andrey Kumanyaev committed
187 188 189 190 191 192 193 194
    def filter filter_name
      case filter_name
      when "admins"; self.admins
      when "blocked"; self.blocked
      when "wop"; self.without_projects
      else
        self.active
      end
195 196
    end

Andrey Kumanyaev committed
197
    def search query
198
      where("name LIKE :query OR email LIKE :query OR username LIKE :query", query: "%#{query}%")
Andrey Kumanyaev committed
199
    end
200 201

    def by_username_or_id(name_or_id)
202
      where('username = ? OR id = ?', name_or_id, name_or_id).first
203
    end
204

205
    def build_user(attrs = {}, options= {})
206 207 208 209 210
      if options[:as] == :admin
        User.new(defaults.merge(attrs.symbolize_keys), options)
      else
        User.new(attrs, options).with_defaults
      end
211 212
    end

213
    def defaults
Izaak Alpert committed
214 215 216
      {
        projects_limit: Gitlab.config.gitlab.default_projects_limit,
        can_create_group: Gitlab.config.gitlab.default_can_create_group,
217
        theme_id: Gitlab.config.gitlab.default_theme
Izaak Alpert committed
218
      }
219
    end
vsizov committed
220
  end
randx committed
221

222 223 224
  #
  # Instance methods
  #
225 226 227 228 229

  def to_param
    username
  end

230 231 232 233
  def notification
    @notification ||= Notification.new(self)
  end

Andrey Kumanyaev committed
234 235 236 237
  def generate_password
    if self.force_random_password
      self.password = self.password_confirmation = Devise.friendly_token.first(8)
    end
randx committed
238
  end
239

240 241 242 243 244 245
  def namespace_uniq
    namespace_name = self.username
    if Namespace.find_by_path(namespace_name)
      self.errors.add :username, "already exist"
    end
  end
246 247 248

  # Groups user has access to
  def authorized_groups
249
    @authorized_groups ||= begin
250
                             group_ids = (groups.pluck(:id) + authorized_projects.pluck(:namespace_id))
251
                             Group.where(id: group_ids).order('namespaces.name ASC')
252
                           end
253 254 255 256 257
  end


  # Projects user has access to
  def authorized_projects
258
    @authorized_projects ||= begin
259
                               project_ids = (personal_projects.pluck(:id) + groups_projects.pluck(:id) + projects.pluck(:id)).uniq
260
                               Project.where(id: project_ids).joins(:namespace).order('namespaces.name ASC')
261
                             end
262 263
  end

264 265 266 267 268 269
  def owned_projects
    @owned_projects ||= begin
                          Project.where(namespace_id: owned_groups.pluck(:id).push(namespace.id)).joins(:namespace)
                        end
  end

270 271
  # Team membership in authorized projects
  def tm_in_authorized_projects
Andrey Kumanyaev committed
272
    UsersProject.where(project_id: authorized_projects.map(&:id), user_id: self.id)
273
  end
Dmitriy Zaporozhets committed
274 275 276 277 278 279 280 281 282

  def is_admin?
    admin
  end

  def require_ssh_key?
    keys.count == 0
  end

283 284 285 286
  def can_change_username?
    Gitlab.config.gitlab.username_changing_enabled
  end

Dmitriy Zaporozhets committed
287
  def can_create_project?
288
    projects_limit_left > 0
Dmitriy Zaporozhets committed
289 290 291
  end

  def can_create_group?
292
    can?(:create_group, nil)
Dmitriy Zaporozhets committed
293 294 295 296 297 298 299 300 301 302
  end

  def abilities
    @abilities ||= begin
                     abilities = Six.new
                     abilities << Ability
                     abilities
                   end
  end

303 304 305 306
  def can_select_namespace?
    several_namespaces? || admin
  end

Dmitriy Zaporozhets committed
307 308 309 310 311 312 313 314 315
  def can? action, subject
    abilities.allowed?(self, action, subject)
  end

  def first_name
    name.split.first unless name.blank?
  end

  def cared_merge_requests
316
    MergeRequest.cared(self)
Dmitriy Zaporozhets committed
317 318
  end

319
  def projects_limit_left
320
    projects_limit - personal_projects.count
321 322
  end

Dmitriy Zaporozhets committed
323 324
  def projects_limit_percent
    return 100 if projects_limit.zero?
325
    (personal_projects.count.to_f / projects_limit) * 100
Dmitriy Zaporozhets committed
326 327 328 329 330 331 332 333 334 335 336 337 338 339 340 341
  end

  def recent_push project_id = nil
    # Get push events not earlier than 2 hours ago
    events = recent_events.code_push.where("created_at > ?", Time.now - 2.hours)
    events = events.where(project_id: project_id) if project_id

    # Take only latest one
    events = events.recent.limit(1).first
  end

  def projects_sorted_by_activity
    authorized_projects.sorted_by_activity
  end

  def several_namespaces?
342
    owned_groups.any?
Dmitriy Zaporozhets committed
343 344 345 346 347
  end

  def namespace_id
    namespace.try :id
  end
348

349 350 351
  def name_with_username
    "#{name} (#{username})"
  end
352 353 354 355

  def tm_of(project)
    project.team_member_by_id(self.id)
  end
356 357 358 359 360 361 362 363 364 365 366 367 368 369

  def already_forked? project
    !!fork_of(project)
  end

  def fork_of project
    links = ForkedProjectLink.where(forked_from_project_id: project, forked_to_project_id: personal_projects)

    if links.any?
      links.first.forked_to_project
    else
      nil
    end
  end
370 371 372 373

  def ldap_user?
    extern_uid && provider == 'ldap'
  end
374

375
  def accessible_deploy_keys
376
    DeployKey.in_projects(self.authorized_projects).uniq
377
  end
378 379 380 381

  def created_by
    User.find_by_id(created_by_id) if created_by_id
  end
382 383 384 385 386 387 388

  def sanitize_attrs
    %w(name username skype linkedin twitter bio).each do |attr|
      value = self.send(attr)
      self.send("#{attr}=", Sanitize.clean(value)) if value.present?
    end
  end
389 390 391 392 393 394

  def solo_owned_groups
    @solo_owned_groups ||= owned_groups.select do |group|
      group.owners == [self]
    end
  end
395 396

  def with_defaults
397 398
    User.defaults.each do |k, v|
      self.send("#{k}=", v)
399
    end
400 401

    self
402
  end
403 404 405 406 407

  def can_leave_project?(project)
    project.namespace != namespace &&
      project.project_member(self)
  end
408
end