闭社主体 forked from https://github.com/tootsuite/mastodon
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

123 lines
3.8 KiB

  1. # frozen_string_literal: true
  2. # == Schema Information
  3. #
  4. # Table name: users
  5. #
  6. # id :integer not null, primary key
  7. # email :string default(""), not null
  8. # account_id :integer not null
  9. # created_at :datetime not null
  10. # updated_at :datetime not null
  11. # encrypted_password :string default(""), not null
  12. # reset_password_token :string
  13. # reset_password_sent_at :datetime
  14. # remember_created_at :datetime
  15. # sign_in_count :integer default(0), not null
  16. # current_sign_in_at :datetime
  17. # last_sign_in_at :datetime
  18. # current_sign_in_ip :inet
  19. # last_sign_in_ip :inet
  20. # admin :boolean default(FALSE)
  21. # confirmation_token :string
  22. # confirmed_at :datetime
  23. # confirmation_sent_at :datetime
  24. # unconfirmed_email :string
  25. # locale :string
  26. # encrypted_otp_secret :string
  27. # encrypted_otp_secret_iv :string
  28. # encrypted_otp_secret_salt :string
  29. # consumed_timestep :integer
  30. # otp_required_for_login :boolean
  31. # last_emailed_at :datetime
  32. # otp_backup_codes :string is an Array
  33. # filtered_languages :string default([]), not null, is an Array
  34. #
  35. class User < ApplicationRecord
  36. include Settings::Extend
  37. ACTIVE_DURATION = 14.days
  38. devise :registerable, :recoverable,
  39. :rememberable, :trackable, :validatable, :confirmable,
  40. :two_factor_authenticatable, :two_factor_backupable,
  41. otp_secret_encryption_key: ENV['OTP_SECRET'],
  42. otp_number_of_backup_codes: 10
  43. belongs_to :account, inverse_of: :user, required: true
  44. accepts_nested_attributes_for :account
  45. validates :locale, inclusion: I18n.available_locales.map(&:to_s), if: :locale?
  46. validates_with BlacklistedEmailValidator, if: :email_changed?
  47. scope :recent, -> { order(id: :desc) }
  48. scope :admins, -> { where(admin: true) }
  49. scope :confirmed, -> { where.not(confirmed_at: nil) }
  50. scope :inactive, -> { where(arel_table[:current_sign_in_at].lt(ACTIVE_DURATION.ago)) }
  51. scope :matches_email, ->(value) { where(arel_table[:email].matches("#{value}%")) }
  52. scope :with_recent_ip_address, ->(value) { where(arel_table[:current_sign_in_ip].eq(value).or(arel_table[:last_sign_in_ip].eq(value))) }
  53. before_validation :sanitize_languages
  54. # This avoids a deprecation warning from Rails 5.1
  55. # It seems possible that a future release of devise-two-factor will
  56. # handle this itself, and this can be removed from our User class.
  57. attribute :otp_secret
  58. has_many :session_activations, dependent: :destroy
  59. def confirmed?
  60. confirmed_at.present?
  61. end
  62. def disable_two_factor!
  63. self.otp_required_for_login = false
  64. otp_backup_codes&.clear
  65. save!
  66. end
  67. def setting_default_privacy
  68. settings.default_privacy || (account.locked? ? 'private' : 'public')
  69. end
  70. def setting_boost_modal
  71. settings.boost_modal
  72. end
  73. def setting_delete_modal
  74. settings.delete_modal
  75. end
  76. def setting_auto_play_gif
  77. settings.auto_play_gif
  78. end
  79. def setting_system_font_ui
  80. settings.system_font_ui
  81. end
  82. def activate_session(request)
  83. session_activations.activate(session_id: SecureRandom.hex,
  84. user_agent: request.user_agent,
  85. ip: request.ip).session_id
  86. end
  87. def exclusive_session(id)
  88. session_activations.exclusive(id)
  89. end
  90. def session_active?(id)
  91. session_activations.active? id
  92. end
  93. protected
  94. def send_devise_notification(notification, *args)
  95. devise_mailer.send(notification, self, *args).deliver_later
  96. end
  97. private
  98. def sanitize_languages
  99. filtered_languages.reject!(&:blank?)
  100. end
  101. end