aboutsummaryrefslogtreecommitdiff
blob: 828840f44d736e5f0d4bcb9d457172f315c87fce (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
#TODO: merge before_creation hooks
# Model representing signed up users.
# Hooks:
#  * before creation application gives user token
#  * before creation application gives user mentor role and Gentoo nick if user
#           used https://dev.gentoo.org/~nick openid
class User < ActiveRecord::Base

  hobo_user_model # Don't put anything above this

  fields do
    name          :string, :required, :unique
    email_address :email_address, :login => true
    administrator :boolean, :default => false
    role          RichTypes::Role, :default => 'recruit'
    nick          :string
    openid        :string
    contributions HoboFields::MarkdownString
    project_lead  :boolean, :default => false
    token         :string
    timestamps
  end

  has_many    :user_categories
  has_many    :user_question_groups
  has_many    :question_categories, :through => :user_categories, :accessible => true, :uniq => true
  has_many    :grouped_questions, :through => :user_question_groups
  has_many    :answers, :foreign_key => :owner_id
  has_many    :answered_questions, :through => :answers, :class_name => "Question", :source => :question
  has_many    :project_acceptances, :accessible => true, :uniq => true

  belongs_to  :mentor, :class_name => "User"
  has_many    :recruits, :class_name => "User", :foreign_key => :mentor_id

  named_scope :mentorless_recruits, :conditions => { :role => 'recruit', :mentor_id => nil}
  named_scope :recruits_answered_all, :conditions => "role = 'recruit' AND NOT EXISTS
    (SELECT questions.id FROM questions
    INNER JOIN question_categories cat ON questions.question_category_id = cat.id INNER JOIN
    user_categories ON user_categories.question_category_id = cat.id  WHERE
    user_categories.user_id = users.id AND questions.question_group_id IS NULL AND NOT EXISTS (
    SELECT answers.id FROM answers WHERE answers.question_id = questions.id AND answers.owner_id = users.id))
    AND NOT EXISTS
    (SELECT questions.id FROM questions INNER JOIN user_question_groups ON questions.id = user_question_groups.question_id
     WHERE user_question_groups.user_id = users.id AND NOT EXISTS (
     SELECT answers.id FROM answers WHERE answers.question_id = questions.id AND answers.owner_id = users.id))"

  # --- Signup lifecycle --- #
  lifecycle do

    state :active, :default => true

    create :signup, :available_to => "Guest",
           :params => [:name, :email_address, :password, :password_confirmation],
           :become => :active

    transition :request_password_reset, { :active => :active }, :new_key => true do
      UserMailer.deliver_forgot_password(self, lifecycle.key)
    end

    transition :reset_password, { :active => :active }, :available_to => :key_holder,
               :params => [ :password, :password_confirmation ]

  end

  validate                :only_recruiter_can_be_administrator
  validate                :recruit_cant_mentor
  validate                :mentors_and_recruiters_must_have_nick
  validate                :mentor_is_gentoo_dev_long_enough
  validates_uniqueness_of :nick, :if => :nick
  validates_uniqueness_of :openid, :if => :openid

  never_show              :project_lead

  # Token
  never_show              :token

  # Generate new token
  def token=(more_salt)
    # Time.now.to_f.to_s gives enough precision to be considered random
    token = Digest::SHA1.hexdigest("#{Time.now.to_f.to_s}#{@salt}#{more_salt}")
    write_attribute("token", token)
    token
  end

  # Give user token on creation
  before_create do |u|
    u.token = ''
  end

  # --- Permissions --- #

  def create_permitted?
    false
  end

  def update_permitted?
    # Allow edit in one of four cases:
      # Acting user is administrator
      # Acting user is editing his/her self and changes only what [s]he is allowed to
      # Acting user is recruiter and changes only what [s]he is allowed to
      # Acting user was mentor of edited user and resigned
      # Acting user became mentor of edited recruit and edited user had no mentor
    return true if acting_user.administrator?
    return true if acting_user == self && changes_allowed_to_self?
    return true if acting_user.role.is_recruiter? && changes_allowed_for_recruiter?
    return true if role.is_recruit? && acting_user.role.is_mentor? && mentor_picked_up_or_resigned?
  end

  def role_edit_permitted?
    acting_user.role.is_recruiter?
  end

  def mentor_edit_permitted?
    return true if mentor_is?(acting_user)
    return true if mentor.nil? && acting_user.role.is_mentor?
    return true if mentor.nil? && acting_user.role.is_recruiter?
    return true if acting_user.administrator?
    false
  end

  def destroy_permitted?
    acting_user.administrator?
  end

  def view_permitted?(field)
    true
  end

  # Returns all questions user should answer
  # TODO: rewrite as SQL (?)
  def all_questions
    Question.ungrouped_questions_of_user(id) + Question.grouped_questions_of_user(id)
  end

  # Returns questions user should answer but didn't answer yet.
  def unanswered_questions
    Question.unanswered_grouped(id) + Question.unanswered_ungrouped(id)
  end

  def answered_all_questions?
    Question.unanswered_grouped(id).count.zero? && Question.unanswered_ungrouped(id).count.zero?
  end

  # Returns true if there is at least one unapproved project acceptance for this user
  def any_pending_project_acceptances?
    (ProjectAcceptance.count :conditions => { :accepting_nick => nick, :accepted => false}) > 0
  end

  # This returns named scope, so it's efficient to use
  #   some_user.questions_to_approve.count
  def questions_to_approve
    if administrator?
      Question.questions_to_approve
    else
      []
    end
  end

  def answered_all_multi_choice_questions?
    Question.multiple_choice.ungrouped_questions_of_user(id).unanswered(id).count == 0 &&
      Question.multiple_choice.grouped_questions_of_user(id).unanswered_grouped(id).count == 0
  end

  def required_questions_count
    Question.ungrouped_questions_of_user(id).count + Question.grouped_questions_of_user(id).count
  end

  def required_unanswered_count
    Question.unanswered_grouped(id).count + Question.unanswered_ungrouped(id).count
  end

  def required_answered_count
    self.required_questions_count - self.required_unanswered_count
  end

  # Returns string describing recruit progress. Includes information only about
  # question recruit is required to answer.
  def progress
    "Answered #{self.required_answered_count} of #{self.required_questions_count} questions."
  end

  before_create do |u|
    # Users using OpenID from dev.gentoo.org are mentors
    # Note that this doesn't make sure user can authenticate with
    # specified OpenID.
    match = /^https:\/\/dev.gentoo.org\/~(\w+)$/i.match(u.openid)
    if match
      u.role = :mentor
      u.nick = match.captures.first
    end
  end

  protected

    def only_recruiter_can_be_administrator
      errors.add(:administrator, 'only recruiters can be administrators')  if administrator and !role.is_recruiter?
    end

    def recruit_cant_mentor
      errors.add(:mentor, "recruit can't mentor")  if mentor && mentor.role.is_recruit?
    end

    def mentors_and_recruiters_must_have_nick
      if (role.is_mentor? || role.is_recruiter?) && (nick.nil? || nick.empty?)
        errors.add(:nick, "Mentors and administrators must have nicks set")
      end
    end

    def changes_allowed_for_recruiter?
      return mentor_picked_up_or_resigned? if mentor_changed?

      # make sure recruiters change only what they are allowed to
      return false unless only_changed?(:question_categories, :role, :nick)

      # and make sure change to role wasn't changed or was promotion of recruit
      # to mentor or demotion of mentor to recruit
      return true unless role_changed?
      return true if role.is_mentor? && RichTypes::Role.new(role_was).is_recruit?
      return true if role.is_recruit? && RichTypes::Role.new(role_was).is_mentor?

      false
    end

    def changes_allowed_to_self?
      only_changed?(:email_address, :crypted_password, :current_password,
        :password, :password_confirmation, :nick, :contributions, :name)
        # Note: crypted_password has attr_protected so although it is permitted to change, it cannot be changed
        # directly from a form submission.
    end

    def mentor_picked_up_or_resigned?
      # Mentor picked up or resigned if
      #   only mentor attribute was changed
      #   and mentor changed from nil to acting user
      #   or mentor changed from nil to current user
      return false unless only_changed?(:mentor)
      return false unless (mentor_id_was.nil? || (mentor_id_was == acting_user.id))
      return false unless (mentor_id.nil? || (mentor_id == acting_user.id))

      true
    end

    def mentor_is_gentoo_dev_long_enough
      return unless role.is_mentor?                         # User isn't mentor
      return unless APP_CONFIG['developer_data']['check']   # Configured not to check

      dev_data_str    = APP_CONFIG['developer_data']['data']  # Data about developers from configuration
      if dev_data_str.nil?                                  # If there isn't any fetch it from configured location
        uri           = URI.parse(APP_CONFIG['developer_data']['uri'])
        dev_data_str  = Net::HTTP.get_response(uri).body
      end

      dev_data        = YAML::load(dev_data_str)['developers']
      max_join_date   = APP_CONFIG['developer_data']['min_months_mentor_is_dev'].to_i.months.ago.to_date

      for dev in dev_data
        if dev['nick'] == nick                              # Found dev
          joined  = dev['joined'].to_date
          return  if joined < max_join_date                 # Joined early enough: finish check, no errors
                                                            # Otherwise: finish check, report error
          errors.add(:role, "developer with provided nick can't be mentor yet (joined Gentoo less then
            #{ APP_CONFIG['min_months_mentor_is_dev']} months ago)")
          return
        end
      end

      errors.add(:nick, "not found this nick amoung Gentoo Developers.")
    end
end