39 lines
931 B
Ruby
39 lines
931 B
Ruby
class User < ApplicationRecord
|
|
|
|
has_many :user_accesses, :dependent => :destroy
|
|
has_many :suppliers, :through => :user_accesses
|
|
|
|
|
|
attr_accessor :password
|
|
before_save :encrypt_password
|
|
|
|
validates_confirmation_of :password
|
|
validates_presence_of :password, :on => :create
|
|
validates_presence_of :email
|
|
validates_uniqueness_of :email
|
|
|
|
def self.authenticate(email, password)
|
|
user = find_by_email(email)
|
|
if user && user.password_hash == BCrypt::Engine.hash_secret(password, user.password_salt)
|
|
user
|
|
else
|
|
nil
|
|
end
|
|
end
|
|
|
|
def encrypt_password
|
|
if password.present?
|
|
self.password_salt = BCrypt::Engine.generate_salt
|
|
self.password_hash = BCrypt::Engine.hash_secret(password, password_salt)
|
|
end
|
|
end
|
|
|
|
def has_access_to?(supplier)
|
|
admin? or !UserAccess.first(:conditions => {:supplier_id => supplier.id, :user_id => id}).nil?
|
|
end
|
|
|
|
def admin?
|
|
!!admin
|
|
end
|
|
|
|
end
|