mirrors
/
redmine
mirror of https://github.com/redmine/redmine.git
Watch 1
Star 0
Fork 0
Code Issues 0 Releases 199 Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
18060 Commits
33 Branches
Tree: 13aeb797cf
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from '13aeb797cf'
${ noResults }
redmine/app/models/principal.rb

principal.rb 6.8KB
Raw Blame History

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221 
  1. # frozen_string_literal: true

  2. 

  3. # Redmine - project management software

  4. # Copyright (C) 2006-2023  Jean-Philippe Lang

  5. #

  6. # This program is free software; you can redistribute it and/or

  7. # modify it under the terms of the GNU General Public License

  8. # as published by the Free Software Foundation; either version 2

  9. # of the License, or (at your option) any later version.

  10. #

  11. # This program is distributed in the hope that it will be useful,

  12. # but WITHOUT ANY WARRANTY; without even the implied warranty of

  13. # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the

  14. # GNU General Public License for more details.

  15. #

  16. # You should have received a copy of the GNU General Public License

  17. # along with this program; if not, write to the Free Software

  18. # Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.

  19. 

  20. class Principal < ApplicationRecord

  21.   self.table_name = "#{table_name_prefix}users#{table_name_suffix}"

  22. 

  23.   # Account statuses

  24.   STATUS_ANONYMOUS  = 0

  25.   STATUS_ACTIVE     = 1

  26.   STATUS_REGISTERED = 2

  27.   STATUS_LOCKED     = 3

  28. 

  29.   class_attribute :valid_statuses

  30. 

  31.   has_many :members, :foreign_key => 'user_id', :dependent => :destroy

  32.   has_many :memberships,

  33.            lambda {joins(:project).where.not(:projects => {:status => Project::STATUS_ARCHIVED})},

  34.            :class_name => 'Member',

  35.            :foreign_key => 'user_id'

  36.   has_many :projects, :through => :memberships

  37.   has_many :issue_categories, :foreign_key => 'assigned_to_id', :dependent => :nullify

  38. 

  39.   validate :validate_status

  40. 

  41.   # Groups and active users

  42.   scope :active, lambda {where(:status => STATUS_ACTIVE)}

  43. 

  44.   scope :visible, (lambda do |*args|

  45.     user = args.first || User.current

  46. 

  47.     if user.admin?

  48.       all

  49.     else

  50.       view_all_active = false

  51.       if user.memberships.any?

  52.         view_all_active = User.where(id: user.id).joins(memberships: :roles).where("#{Role.table_name}.users_visibility = ?", 'all').any?

  53.       else

  54.         view_all_active = user.builtin_role.users_visibility == 'all'

  55.       end

  56. 

  57.       if view_all_active

  58.         active

  59.       else

  60.         # self and members of visible projects

  61.         active.where(

  62.           "#{table_name}.id = ? OR #{table_name}.id IN (SELECT user_id FROM #{Member.table_name} WHERE project_id IN (?))",

  63.           user.id, user.visible_project_ids

  64.         )

  65.       end

  66.     end

  67.   end)

  68. 

  69.   scope :like, (lambda do |q|

  70.     q = q.to_s

  71.     if q.blank?

  72.       where({})

  73.     else

  74.       pattern = "%#{sanitize_sql_like q}%"

  75.       sql = +"LOWER(#{table_name}.login) LIKE LOWER(:p) ESCAPE :s"

  76.       sql << " OR #{table_name}.id IN (SELECT user_id FROM #{EmailAddress.table_name} WHERE LOWER(address) LIKE LOWER(:p) ESCAPE :s)"

  77.       params = {:p => pattern, :s => '\\'}

  78. 

  79.       tokens = q.split(/\s+/).reject(&:blank?).map {|token| "%#{sanitize_sql_like token}%"}

  80.       if tokens.present?

  81.         sql << ' OR ('

  82.         sql << tokens.map.with_index do |token, index|

  83.           params[:"token_#{index}"] = token

  84.           "(LOWER(#{table_name}.firstname) LIKE LOWER(:token_#{index}) ESCAPE :s OR LOWER(#{table_name}.lastname) LIKE LOWER(:token_#{index}) ESCAPE :s)"

  85.         end.join(' AND ')

  86.         sql << ')'

  87.       end

  88.       where(sql, params)

  89.     end

  90.   end)

  91. 

  92.   # Principals that are members of a collection of projects

  93.   scope :member_of, (lambda do |projects|

  94.     projects = [projects] if projects.is_a?(Project)

  95.     if projects.blank?

  96.       where("1=0")

  97.     else

  98.       ids = projects.map(&:id)

  99.       # include active and locked users

  100.       where(:status => [STATUS_LOCKED, STATUS_ACTIVE]).

  101.       where("#{Principal.table_name}.id IN (SELECT DISTINCT user_id FROM #{Member.table_name} WHERE project_id IN (?))", ids)

  102.     end

  103.   end)

  104.   # Principals that are not members of projects

  105.   scope :not_member_of, (lambda do |projects|

  106.     projects = [projects] unless projects.is_a?(Array)

  107.     if projects.empty?

  108.       where("1=0")

  109.     else

  110.       ids = projects.map(&:id)

  111.       where("#{Principal.table_name}.id NOT IN (SELECT DISTINCT user_id FROM #{Member.table_name} WHERE project_id IN (?))", ids)

  112.     end

  113.   end)

  114.   scope :sorted, lambda {order(*Principal.fields_for_order_statement)}

  115. 

  116.   # Principals that can be added as watchers

  117.   scope :assignable_watchers, lambda {active.visible.where(:type => ['User', 'Group'])}

  118. 

  119.   before_create :set_default_empty_values

  120.   before_destroy :nullify_projects_default_assigned_to

  121. 

  122.   def reload(*args)

  123.     @project_ids = nil

  124.     super

  125.   end

  126. 

  127.   def name(formatter = nil)

  128.     to_s

  129.   end

  130. 

  131.   def mail=(*args)

  132.     nil

  133.   end

  134. 

  135.   def mail

  136.     nil

  137.   end

  138. 

  139.   def visible?(user=User.current)

  140.     Principal.visible(user).find_by(:id => id) == self

  141.   end

  142. 

  143.   # Returns true if the principal is a member of project

  144.   def member_of?(project)

  145.     project.is_a?(Project) && project_ids.include?(project.id)

  146.   end

  147. 

  148.   # Returns an array of the project ids that the principal is a member of

  149.   def project_ids

  150.     @project_ids ||= super.freeze

  151.   end

  152. 

  153.   def <=>(principal)

  154.     # avoid an error when sorting members without roles (#10053)

  155.     return -1 if principal.nil?

  156.     return nil unless principal.is_a?(Principal)

  157. 

  158.     if self.class.name == principal.class.name

  159.       self.to_s.casecmp(principal.to_s)

  160.     else

  161.       # groups after users

  162.       principal.class.name <=> self.class.name

  163.     end

  164.   end

  165. 

  166.   # Returns an array of fields names than can be used to make an order statement for principals.

  167.   # Users are sorted before Groups.

  168.   # Examples:

  169.   def self.fields_for_order_statement(table=nil)

  170.     table ||= table_name

  171.     columns = ['type DESC'] + (User.name_formatter[:order] - ['id']) + ['lastname', 'id']

  172.     columns.uniq.map {|field| "#{table}.#{field}"}

  173.   end

  174. 

  175.   # Returns the principal that matches the keyword among principals

  176.   def self.detect_by_keyword(principals, keyword)

  177.     keyword = keyword.to_s

  178.     return nil if keyword.blank?

  179. 

  180.     principal = nil

  181.     principal ||= principals.detect {|a| keyword.casecmp(a.login.to_s) == 0}

  182.     principal ||= principals.detect {|a| keyword.casecmp(a.mail.to_s) == 0}

  183. 

  184.     if principal.nil? && keyword.include?(' ')

  185.       firstname, lastname = *(keyword.split) # "First Last Throwaway"

  186.       principal ||=

  187.         principals.detect do |a|

  188.           a.is_a?(User) &&

  189.             firstname.casecmp(a.firstname.to_s) == 0 &&

  190.               lastname.casecmp(a.lastname.to_s) == 0

  191.         end

  192.     end

  193.     if principal.nil?

  194.       principal ||= principals.detect {|a| keyword.casecmp(a.name) == 0}

  195.     end

  196.     principal

  197.   end

  198. 

  199.   def nullify_projects_default_assigned_to

  200.     Project.where(default_assigned_to: self).update_all(default_assigned_to_id: nil)

  201.   end

  202. 

  203.   protected

  204. 

  205.   # Make sure we don't try to insert NULL values (see #4632)

  206.   def set_default_empty_values

  207.     self.login ||= ''

  208.     self.hashed_password ||= ''

  209.     self.firstname ||= ''

  210.     self.lastname ||= ''

  211.     true

  212.   end

  213. 

  214.   def validate_status

  215.     if status_changed? && self.class.valid_statuses.present?

  216.       unless self.class.valid_statuses.include?(status)

  217.         errors.add :status, :invalid

  218.       end

  219.     end

  220.   end

  221. end