Generated on Fri Aug 25 11:26:29 PDT 2006 with rcov 0.7.0
Code reported as executed by Ruby looks like this... and this: this line is also marked as covered. Lines considered as run by rcov, but not reported by Ruby, look like this, and this: these lines were inferred by rcov (using simple heuristics). Finally, here's a line marked as not executed.
| Name | Total lines | Lines of code | Total coverage | Code coverage | ||||||||
| app/models/user.rb | 178 | 137 |
|
|
1 require 'digest/sha1' 2 require 'utility' 3 require 'auditor' 4 # this model expects a certain database layout and its based on the name/login pattern. 5 class User < CachedModel 6 include Utility 7 include Auditor 8 9 after_create :audit_create 10 after_update :audit_update 11 after_destroy :audit_destroy 12 @@audit_switch = true 13 14 has_many :articles 15 has_many :assignments, :order => "position", :foreign_key => "assigned_to_id" 16 belongs_to :role 17 18 attr_accessor :new_password, :editor 19 before_destroy :dont_destroy_admin 20 before_update :dont_deny_admin 21 before_update :modify_timestamp 22 before_create :create_timestamp 23 24 def User::audit_off 25 @@audit_switch = false 26 end 27 28 def User::audit_on 29 @@audit_switch = true 30 end 31 32 def User::audit_switch? 33 @@audit_switch 34 end 35 36 def initialize(attributes = nil) 37 super 38 @new_password = false 39 end 40 41 def self.authenticate(username, pass) 42 u = find_first(["username = ? AND verified = 1 AND NOT (expires = 1 AND expires_at <= now()) AND NOT (deleted = 1)", username]) 43 return nil if u.nil? 44 find_first(["username = ? AND salted_password = ? AND verified = 1 AND NOT (deleted = 1)", username, salted_password(u.salt, hashed(pass))]) 45 end 46 47 def self.authenticate_by_token(id, token) 48 # Allow logins for deleted accounts, but only via this method (and 49 # not the regular authenticate call) 50 u = find_first(["id = ? AND security_token = ?", id, token]) 51 return nil if u.nil? or u.token_expired? 52 return nil if false == u.update_expiry 53 u 54 end 55 56 def token_expired? 57 self.security_token and self.token_expiry and (Time.now > self.token_expiry) 58 end 59 60 def enabled? 61 self.enabled > 0 62 end 63 64 def verified? 65 self.verified > 0 66 end 67 68 def update_expiry 69 write_attribute('token_expiry', [self.token_expiry, Time.at(Time.now.to_i + 600 * 1000)].min) 70 write_attribute('authenticated_by_token', true) 71 write_attribute("verified", 1) 72 update_without_callbacks 73 end 74 75 def generate_security_token(hours = nil) 76 if not hours.nil? or self.security_token.nil? or self.token_expiry.nil? or 77 (Time.now.to_i + token_lifetime / 2) >= self.token_expiry.to_i 78 return new_security_token(hours) 79 else 80 return self.security_token 81 end 82 end 83 84 def set_deleted 85 write_attribute('deleted', 1) 86 write_attribute('deleted_at', Time.now) 87 end 88 89 def set_delete_after 90 hours = UserSystem::CONFIG[:delayed_delete_days] * 24 91 write_attribute('deleted', 1) 92 write_attribute('deleted_at', Time.at(Time.now.to_i + hours * 60 * 60)) 93 94 # Generate and return a token here, so that it expires at 95 # the same time that the account deletion takes effect. 96 return generate_security_token(hours) 97 end 98 99 def change_password(pass, confirm = nil) 100 self.password = pass 101 self.password_confirmation = confirm.nil? ? pass : confirm 102 @new_password = true 103 end 104 105 def invalidate_user_session 106 #session_store = DRbObject.new(nil, "druby://localhost:9192") 107 #session_store.invalidate_data(self[:id]) 108 logger.info "call invalidate session...." 109 end 110 111 protected 112 113 attr_accessor :password, :password_confirmation 114 115 def validate_password? 116 @new_password 117 end 118 119 def self.hashed(str) 120 return Digest::SHA1.hexdigest("change-me--#{str}--")[0..39] 121 end 122 123 after_save '@new_password = false' 124 after_validation :crypt_password 125 def crypt_password 126 if @new_password 127 write_attribute("salt", self.class.hashed("pokeysalt-#{Time.now}-#{random_string(12)}")) 128 write_attribute("salted_password", self.class.salted_password(salt, self.class.hashed(@password))) 129 end 130 end 131 132 def new_security_token(hours = nil) 133 write_attribute('security_token', self.class.hashed(self.salted_password + Time.now.to_i.to_s + rand.to_s)) 134 write_attribute('token_expiry', Time.at(Time.now.to_i + token_lifetime(hours))) 135 update_without_callbacks 136 return self.security_token 137 end 138 139 def token_lifetime(hours = nil) 140 if hours.nil? 141 UserSystem::CONFIG[:security_token_life_hours] * 60 * 60 142 else 143 hours * 60 * 60 144 end 145 end 146 147 def self.salted_password(salt, hashed_password) 148 hashed(salt + hashed_password) 149 end 150 151 def dont_destroy_admin 152 raise "Can't destroy administrator" if self.username == 'administrator' 153 end 154 155 def dont_deny_admin 156 if self.username == "administrator" 157 # we'll just always set these values so that administrator cannot be disabled. 158 self.enabled = 1 159 self.verified = 1 160 self.expires = 0 161 self.deleted = 0 162 self.role_id = UserSystem::USER_ROLE[:god] 163 end 164 end 165 166 167 validates_presence_of :username, :on => :create 168 validates_length_of :username, :within => 3..40, :on => :create 169 validates_uniqueness_of :username, :on => :create 170 validates_uniqueness_of :email, :on => :create 171 172 validates_presence_of :password, :if => :validate_password? 173 validates_presence_of :display_name 174 validates_confirmation_of :password, :if => :validate_password? 175 validates_length_of :password, { :minimum => 5, :if => :validate_password? } 176 validates_length_of :password, { :maximum => 40, :if => :validate_password? } 177 end 178
Generated using the rcov code coverage analysis tool for Ruby version 0.7.0.