2010-05-10 22:39:52 +00:00
|
|
|
class Membership
|
2010-07-23 20:09:54 +00:00
|
|
|
|
2010-06-01 00:06:46 +00:00
|
|
|
include Locomotive::Mongoid::Document
|
2010-07-23 20:09:54 +00:00
|
|
|
|
2010-05-10 22:39:52 +00:00
|
|
|
## fields ##
|
2011-06-25 16:25:31 +00:00
|
|
|
field :role, :default => 'author'
|
2010-07-23 20:09:54 +00:00
|
|
|
|
2010-05-10 22:39:52 +00:00
|
|
|
## associations ##
|
2011-05-16 21:06:46 +00:00
|
|
|
referenced_in :account, :validate => false
|
2010-05-10 22:39:52 +00:00
|
|
|
embedded_in :site, :inverse_of => :memberships
|
2010-07-23 20:09:54 +00:00
|
|
|
|
2010-05-10 22:39:52 +00:00
|
|
|
## validations ##
|
|
|
|
validates_presence_of :account
|
2011-09-17 14:23:43 +00:00
|
|
|
validate :can_change_role, :if => :role_changed?
|
2010-07-23 20:09:54 +00:00
|
|
|
|
2011-06-25 16:25:31 +00:00
|
|
|
## callbacks ##
|
|
|
|
before_save :define_role
|
|
|
|
|
2010-05-10 22:39:52 +00:00
|
|
|
## methods ##
|
2010-07-23 20:09:54 +00:00
|
|
|
|
2011-06-25 16:25:31 +00:00
|
|
|
Ability::ROLES.each do |_role|
|
|
|
|
define_method("#{_role}?") do
|
|
|
|
self.role == _role
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
2010-05-10 22:39:52 +00:00
|
|
|
def email; @email; end
|
2010-07-23 20:09:54 +00:00
|
|
|
|
2010-05-10 22:39:52 +00:00
|
|
|
def email=(email)
|
|
|
|
@email = email
|
|
|
|
self.account = Account.where(:email => email).first
|
|
|
|
end
|
2010-07-23 20:09:54 +00:00
|
|
|
|
2010-07-13 00:46:17 +00:00
|
|
|
def process!
|
2010-05-10 22:39:52 +00:00
|
|
|
if @email.blank?
|
2010-07-13 00:46:17 +00:00
|
|
|
self.errors.add_on_blank(:email)
|
2010-05-10 22:39:52 +00:00
|
|
|
:error
|
2010-07-29 23:21:48 +00:00
|
|
|
elsif self.account.blank?
|
2010-05-10 22:39:52 +00:00
|
|
|
:create_account
|
2011-07-05 16:30:12 +00:00
|
|
|
elsif self.site.memberships.any? { |m| m.account_id == self.account_id && m._id != self._id }
|
2010-07-13 00:46:17 +00:00
|
|
|
self.errors.add(:base, 'Already created')
|
2011-07-05 16:30:12 +00:00
|
|
|
:already_created
|
2010-05-10 22:39:52 +00:00
|
|
|
else
|
2010-07-13 00:46:17 +00:00
|
|
|
self.save
|
2010-05-10 22:39:52 +00:00
|
|
|
:save_it
|
|
|
|
end
|
|
|
|
end
|
2010-07-23 20:09:54 +00:00
|
|
|
|
2011-06-25 16:25:31 +00:00
|
|
|
def ability
|
|
|
|
@ability ||= Ability.new(self.account, self.site)
|
|
|
|
end
|
|
|
|
|
|
|
|
protected
|
|
|
|
|
|
|
|
def define_role
|
|
|
|
self.role = Ability::ROLES.include?(role.downcase) ? role.downcase : Ability::ROLES.first
|
|
|
|
end
|
|
|
|
|
2011-09-17 14:23:43 +00:00
|
|
|
# Users should not be able to set the role of another user to be higher than
|
|
|
|
# their own. A designer for example should not be able to set another user to
|
|
|
|
# be an administrator
|
|
|
|
def can_change_role
|
|
|
|
current_site = Thread.current[:site]
|
|
|
|
current_membership = current_site.memberships.where(:account_id => Thread.current[:admin].id).first if current_site.present?
|
|
|
|
|
|
|
|
if current_membership.present?
|
|
|
|
# The role cannot be set higher than the current one (we use the index in
|
|
|
|
# the roles array to check role presidence)
|
|
|
|
errors.add(:role, :invalid) if Ability::ROLES.index(role) < Ability::ROLES.index(current_membership.role)
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
2010-07-23 20:09:54 +00:00
|
|
|
end
|