class User < ActiveRecord::Base include SentientModel include Stampable has_paper_trail # Include default devise modules. Others available are: # :token_authenticatable, :encryptable, :timeoutable and :omniauthable devise :database_authenticatable, :registerable, :recoverable, :rememberable, :trackable, :validatable, :confirmable, :lockable, :omniauthable, :omniauth_providers => [:google_oauth2] validates :full_name, :presence => true # Setup accessible (or protected) attributes for your model # attr_accessible :email, :password, :password_confirmation, :remember_me, # :full_name has_many :authentications, :inverse_of => :user, :dependent => :destroy has_many :domains, :inverse_of => :user, :dependent => :destroy has_many :records, :inverse_of => :user, :dependent => :destroy has_many :permissions, :inverse_of => :user, :dependent => :destroy has_many :permitted_domains, :through => :permissions, :source => :domain def name full_name.blank? ? email : full_name end # domains per user limit for DOS protection def domains_exceeding? domains.count >= Settings.max_domains_per_user.to_i end # Called by Devise to see if an user can currently be signed in def active_for_authentication? active? && super end # Called by Devise to get the proper error message when an user cannot be signed in def inactive_message !active? ? :deactivated : super end def ban! self.class.transaction do update_column :active, false domains.each &:destroy records.each &:destroy permissions.each &:destroy end end def unban! update_column :active, true end def to_paper_trail "#{id} #{email} name:#{full_name} ip:#{current_sign_in_ip} last_ip:#{last_sign_in_ip}" end # @override def update_tracked_fields!(*) self.paper_trail_event = "sign_in" PaperTrail.whodunnit = to_paper_trail super end delegate :can?, :cannot?, :to => :ability def ability(options = {:reload => false}) options[:reload] ? _ability : (@ability ||= _ability) end def self.do_as(user) self.current = user yield self.current = nil end protected def _ability UserAbility.new(self) end end