class User < ApplicationRecord has_many :user_accesses, :dependent => :destroy has_many :suppliers, :through => :user_accesses attr_reader :password validates :email, presence: true, uniqueness: true validates :password, confirmation: true validate do |user| unless user.password_hash.present? && user.password_salt.present? user.errors.add :password, :blank end end def self.attributes_protected_by_default super + %w(password_hash password_salt) end def has_access_to?(supplier) admin? or !UserAccess.where(supplier_id: supplier.id, user_id: id).first.nil? end def authenticate(password_plain) if self.password_hash == BCrypt::Engine.hash_secret(password_plain, self.password_salt) self else false end end def password=(password_plain) @password = password_plain unless password_plain.blank? new_salt = BCrypt::Engine.generate_salt self.password_hash = BCrypt::Engine.hash_secret(password_plain, new_salt) self.password_salt = new_salt end end def admin? !!admin end end