مراية لـ
https://github.com/postalserver/postal.git
تم المزامنة 2025-12-01 05:43:04 +00:00
138 أسطر
4.0 KiB
Ruby
138 أسطر
4.0 KiB
Ruby
# frozen_string_literal: true
|
|
|
|
# == Schema Information
|
|
#
|
|
# Table name: users
|
|
#
|
|
# id :integer not null, primary key
|
|
# admin :boolean default(FALSE)
|
|
# email_address :string(255)
|
|
# email_verification_token :string(255)
|
|
# email_verified_at :datetime
|
|
# first_name :string(255)
|
|
# last_name :string(255)
|
|
# oidc_issuer :string(255)
|
|
# oidc_uid :string(255)
|
|
# password_digest :string(255)
|
|
# password_reset_token :string(255)
|
|
# password_reset_token_valid_until :datetime
|
|
# time_zone :string(255)
|
|
# uuid :string(255)
|
|
# created_at :datetime
|
|
# updated_at :datetime
|
|
#
|
|
# Indexes
|
|
#
|
|
# index_users_on_email_address (email_address)
|
|
# index_users_on_uuid (uuid)
|
|
#
|
|
|
|
class User < ApplicationRecord
|
|
|
|
include HasUUID
|
|
include HasAuthentication
|
|
|
|
validates :first_name, presence: true
|
|
validates :last_name, presence: true
|
|
validates :email_address, presence: true, uniqueness: { case_sensitive: false }, format: { with: /@/, allow_blank: true }
|
|
|
|
default_value :time_zone, -> { "UTC" }
|
|
|
|
has_many :organization_users, dependent: :destroy, as: :user
|
|
has_many :organizations, through: :organization_users
|
|
|
|
def organizations_scope
|
|
if admin?
|
|
@organizations_scope ||= Organization.present
|
|
else
|
|
@organizations_scope ||= organizations.present
|
|
end
|
|
end
|
|
|
|
def name
|
|
"#{first_name} #{last_name}"
|
|
end
|
|
|
|
def password?
|
|
password_digest.present?
|
|
end
|
|
|
|
def oidc?
|
|
oidc_uid.present?
|
|
end
|
|
|
|
def to_param
|
|
uuid
|
|
end
|
|
|
|
def email_tag
|
|
"#{name} <#{email_address}>"
|
|
end
|
|
|
|
class << self
|
|
|
|
# Lookup a user by email address
|
|
#
|
|
# @param email [String] the email address
|
|
#
|
|
# @return [User, nil] the user
|
|
def [](email)
|
|
find_by(email_address: email)
|
|
end
|
|
|
|
# Find a user based on an OIDC authentication hash
|
|
#
|
|
# @param auth [Hash] the authentication hash
|
|
# @param logger [Logger] a logger to log debug information to
|
|
#
|
|
# @return [User, nil] the user
|
|
def find_from_oidc(auth, logger: nil)
|
|
config = Postal::Config.oidc
|
|
|
|
uid = auth[config.uid_field]
|
|
oidc_name = auth[config.name_field]
|
|
oidc_email_address = auth[config.email_address_field]
|
|
|
|
logger&.debug "got auth details from issuer: #{auth.inspect}"
|
|
|
|
# look for an existing user with the same UID and OIDC issuer. If we find one,
|
|
# this is the user we'll want to use.
|
|
user = where(oidc_uid: uid, oidc_issuer: config.issuer).first
|
|
|
|
if user
|
|
logger&.debug "found user with UID #{uid} for issuer #{config.issuer} (user ID: #{user.id})"
|
|
else
|
|
logger&.debug "no user with UID #{uid} for issuer #{config.issuer}"
|
|
end
|
|
|
|
# if we don't have an existing user, we will look for users which have no OIDC
|
|
# credentials but with a matching e-mail address.
|
|
if user.nil? && oidc_email_address.present?
|
|
user = where(oidc_uid: nil, email_address: oidc_email_address).first
|
|
if user
|
|
logger&.debug "found user with e-mail address #{oidc_email_address} (user ID: #{user.id})"
|
|
else
|
|
logger&.debug "no user with e-mail address #{oidc_email_address}"
|
|
end
|
|
end
|
|
|
|
# now, if we still don't have a user, we're not going to create one so we'll just
|
|
# return nil (we might auto create users in the future but not right now)
|
|
return if user.nil?
|
|
|
|
# otherwise, let's update our user as appropriate
|
|
user.oidc_uid = uid
|
|
user.oidc_issuer = config.issuer
|
|
user.email_address = oidc_email_address if oidc_email_address.present?
|
|
user.first_name, user.last_name = oidc_name.split(/\s+/, 2) if oidc_name.present?
|
|
user.password = nil
|
|
user.save!
|
|
|
|
# return the user
|
|
user
|
|
end
|
|
|
|
end
|
|
|
|
end
|