retrospring/app/models/user.rb

# frozen_string_literal: true

class User < ApplicationRecord
  include ActiveModel::OneTimePassword

  # Include default devise modules. Others available are:
  # :confirmable, :lockable, :timeoutable and :omniauthable
  devise :database_authenticatable, :async, :registerable,
         :recoverable, :rememberable, :trackable,
         :validatable, :confirmable, authentication_keys: [:login]

  has_one_time_password
  enum otp_module: { disabled: 0, enabled: 1 }, _prefix: true
  attr_accessor :otp_attempt, :otp_validation
  attr_writer :login

  rolify

  has_many :totp_recovery_codes, dependent: :destroy_async

  has_one :profile, dependent: :destroy

  SCREEN_NAME_REGEX = /\A[a-zA-Z0-9_]+\z/
  WEBSITE_REGEX = /https?:\/\/([A-Za-z.-]+)\/?(?:.*)/i

  before_validation do
    screen_name.strip!
  end

  validates :email, fake_email: true, typoed_email: true
  validates :sharing_custom_url, allow_blank: true, valid_url: true
  validates :screen_name,
            presence:    true,
            format:      { with: SCREEN_NAME_REGEX, message: I18n.t("activerecord.validation.user.screen_name.format") },
            length:      { minimum: 1, maximum: 16 },
            uniqueness:  { case_sensitive: false },
            screen_name: true

  mount_uploader :profile_picture, ProfilePictureUploader, mount_on: :profile_picture_file_name
  process_in_background :profile_picture
  mount_uploader :profile_header, ProfileHeaderUploader, mount_on: :profile_header_file_name
  process_in_background :profile_header

  after_destroy do
    Retrospring::Metrics::USERS_DESTROYED.increment
  end

  after_create do
    Profile.create(user_id: id) if Profile.where(user_id: id).count.zero?

    Retrospring::Metrics::USERS_CREATED.increment
  end

  # use the screen name as parameter for url helpers
  def to_param = screen_name

  def login = @login || screen_name || email

  def self.find_first_by_auth_conditions(warden_conditions)
    conditions = warden_conditions.dup
    if (login = conditions.delete(:login))
      where(conditions).where(["lower(screen_name) = :value OR lower(email) = :value", { value: login.downcase }]).first
    else
      where(conditions).first
    end
  end

  # @return [Boolean] is the user a moderator?
  def mod? = has_cached_role?(:moderator) || has_cached_role?(:administrator)

  def admin? = has_cached_role?(:administrator)
end
Move ban creation to `User#ban` method 2022-06-26 11:00:09 +02:00			`# frozen_string_literal: true`

Remove superfluous rubocop:disable comments 2023-10-15 10:21:46 +02:00			`class User < ApplicationRecord`
Implement Two Factor Authentication 2020-10-18 10:39:46 +02:00			`include ActiveModel::OneTimePassword`
Use cursored pagination, remove WillPaginate 2020-04-20 23:03:57 +02:00
added users model 2014-08-01 12:07:16 +02:00			`# Include default devise modules. Others available are:`
			`# :confirmable, :lockable, :timeoutable and :omniauthable`
:async 2015-01-01 18:17:34 +01:00			`devise :database_authenticatable, :async, :registerable,`
added authentication and everything 2014-08-01 15:27:08 +02:00			`:recoverable, :rememberable, :trackable,`
Clean up User model 2023-01-02 11:16:47 +01:00			`:validatable, :confirmable, authentication_keys: [:login]`
added smile model 2014-11-30 19:43:22 +01:00
Implement Two Factor Authentication 2020-10-18 10:39:46 +02:00			`has_one_time_password`
Fix OTP auth triggering for users who haven't set it up I thought I could be clever by using a null secret key as an indicator of it being disabled 2020-10-18 11:39:28 +02:00			`enum otp_module: { disabled: 0, enabled: 1 }, _prefix: true`
Implement Two Factor Authentication 2020-10-18 10:39:46 +02:00			`attr_accessor :otp_attempt, :otp_validation`
Clean up User model 2023-01-02 11:16:47 +01:00			`attr_writer :login`
Implement Two Factor Authentication 2020-10-18 10:39:46 +02:00
Use Rolify for admin and moderator roles 2020-04-19 22:35:58 +02:00			`rolify`

Use `dependent: :destroy_async` instead of `DeletionWorker` 2022-02-04 21:09:43 +01:00			`has_many :totp_recovery_codes, dependent: :destroy_async`
Support for post subscriptions 2015-04-21 03:12:11 +02:00
Ensure counters only get updated if the record exists 2022-02-04 22:08:25 +01:00			`has_one :profile, dependent: :destroy`
Fix anonymous block model associations 2024-01-14 13:14:04 +01:00
Fix screen_name regex being too lenient 2023-01-21 06:30:33 +01:00			`SCREEN_NAME_REGEX = /\A[a-zA-Z0-9_]+\z/`
Clean up User model 2023-01-02 11:16:47 +01:00			`WEBSITE_REGEX = /https?:\/\/([A-Za-z.-]+)\/?(?:.*)/i`
added smile model 2014-11-30 19:43:22 +01:00
added forbidden user names (including case insensitivity!) 2015-01-09 14:12:52 +01:00			`before_validation do`
			`screen_name.strip!`
			`end`

add validator for typoed emails It happens quite often that people typo their email address (I blame phone keyboards for that). Catch common cases in a validator and tell the user that they have a typo in their email. Why yes, I did write the tests for this first, thanks for asking! 2022-01-11 18:37:07 +01:00			`validates :email, fake_email: true, typoed_email: true`
make URI.parse part of the validation for the sharing URL the regexp alone and web browsers allows URLs to contain non-ASCII characters, which `URI.parse` does not like -- resulting in the inbox page to suddenly break. also changed the `redirect_to` in the controller to a `render :edit` so that validation errors are shown properly 2023-02-10 20:48:15 +01:00			`validates :sharing_custom_url, allow_blank: true, valid_url: true`
Split format and length validation for User `screen_name` 2023-01-21 06:16:14 +01:00			`validates :screen_name,`
			`presence: true,`
Add more explicit message for format validation errors 2023-01-21 13:14:15 +01:00			`format: { with: SCREEN_NAME_REGEX, message: I18n.t("activerecord.validation.user.screen_name.format") },`
Split format and length validation for User `screen_name` 2023-01-21 06:16:14 +01:00			`length: { minimum: 1, maximum: 16 },`
			`uniqueness: { case_sensitive: false },`
			`screen_name: true`
finally, setting the display_name works. 2014-11-11 20:20:00 +01:00
Replace paperclip with CarrierWave 2020-05-02 00:43:46 +02:00			`mount_uploader :profile_picture, ProfilePictureUploader, mount_on: :profile_picture_file_name`
Add CarrierWave Backgrounder 2020-05-17 20:58:27 +02:00			`process_in_background :profile_picture`
Replace paperclip with CarrierWave 2020-05-02 00:43:46 +02:00			`mount_uploader :profile_header, ProfileHeaderUploader, mount_on: :profile_header_file_name`
Add CarrierWave Backgrounder 2020-05-17 20:58:27 +02:00			`process_in_background :profile_header`
added profile_picture to users 2014-12-29 10:18:12 +01:00
metrics: add counter for created/destroyed users 2023-03-26 10:31:49 +02:00			`after_destroy do`
			`Retrospring::Metrics::USERS_DESTROYED.increment`
			`end`

Update remaining references to profile fields 2021-12-19 23:51:06 +01:00			`after_create do`
			`Profile.create(user_id: id) if Profile.where(user_id: id).count.zero?`
metrics: add counter for created/destroyed users 2023-03-26 10:31:49 +02:00
			`Retrospring::Metrics::USERS_CREATED.increment`
Update remaining references to profile fields 2021-12-19 23:51:06 +01:00			`end`

clean up routes - replace `match` with `get`/`post`/`patch`/`delete` - format routes.rb - rename the `show_user_{profile,question,answer}` routes to `profile`, `question`, `answer` so `url_for` (used by Rails Admin) works fine for these things - also add `to_param` to the `User` model so that `url_for(some_user)` uses the user name 2022-07-23 12:06:05 +02:00			`# use the screen name as parameter for url helpers`
			`def to_param = screen_name`

Clean up User model 2023-01-02 11:16:47 +01:00			`def login = @login \|\| screen_name \|\| email`
added smile model 2014-11-30 19:43:22 +01:00
added authentication and everything 2014-08-01 15:27:08 +02:00			`def self.find_first_by_auth_conditions(warden_conditions)`
closes Retrospring/bugs#17 2015-04-22 00:33:55 +02:00			`conditions = warden_conditions.dup`
Clean up User model 2023-01-02 11:16:47 +01:00			`if (login = conditions.delete(:login))`
			`where(conditions).where(["lower(screen_name) = :value OR lower(email) = :value", { value: login.downcase }]).first`
added authentication and everything 2014-08-01 15:27:08 +02:00			`else`
			`where(conditions).first`
			`end`
			`end`
added methods for following/unfollowing users 2014-11-30 15:13:17 +01:00
h 2014-12-28 19:32:08 +01:00			`# @return [Boolean] is the user a moderator?`
Clean up User model 2023-01-02 11:16:47 +01:00			`def mod? = has_cached_role?(:moderator) \|\| has_cached_role?(:administrator)`
add `admin?` shorthand to users 2022-08-21 15:02:49 +02:00
Clean up User model 2023-01-02 11:16:47 +01:00			`def admin? = has_cached_role?(:administrator)`
added users model 2014-08-01 12:07:16 +02:00			`end`