Justin Edmund
8381c668bc
* Add migrations to add user roles and party visibility. * Update schema.rb * Add admin check in User model * Implement rudimentary visibility of teams * Adds checks to Party model * Hides parties from collection views depending on visibility * Disallows viewing private parties if you're not the owner * Add a party's visibility to blueprint * Add admin mode The API Controller checks if the user is logged in and whether they are an admin, and checks for the X-Admin-Mode header * Implement admin mode overrides * Add admin_mode to authorize * Note to self: Implement user editing by admins * Fix syntax error with equality in SQL * Fix syntax error with method name * Fix bug in who can see restricted parties * Add privacy control to user profiles
53 lines
1.1 KiB
Ruby
53 lines
1.1 KiB
Ruby
# frozen_string_literal: true
|
|
|
|
class User < ApplicationRecord
|
|
before_save { self.email = email.downcase }
|
|
|
|
##### ActiveRecord Associations
|
|
has_many :parties, dependent: :destroy
|
|
has_many :favorites, dependent: :destroy
|
|
|
|
##### ActiveRecord Validations
|
|
validates :username,
|
|
presence: true,
|
|
length: { minimum: 3, maximum: 26 }
|
|
|
|
validates :email,
|
|
presence: true,
|
|
uniqueness: true,
|
|
email: true
|
|
|
|
validates :password,
|
|
length: { minimum: 8 },
|
|
presence: true,
|
|
on: :create
|
|
|
|
validates :password,
|
|
length: { minimum: 8 },
|
|
on: :update,
|
|
if: :password_digest_changed?
|
|
|
|
validates :password_confirmation,
|
|
presence: true,
|
|
on: :create
|
|
|
|
validates :password_confirmation,
|
|
presence: true,
|
|
on: :update,
|
|
if: :password_digest_changed?
|
|
|
|
##### ActiveModel Security
|
|
has_secure_password
|
|
|
|
def favorite_parties
|
|
favorites.map(&:party)
|
|
end
|
|
|
|
def admin?
|
|
role == 9
|
|
end
|
|
|
|
def blueprint
|
|
UserBlueprint
|
|
end
|
|
end
|