# user.rbrequire 'digest/sha1'class User < ActiveRecord::Base # Const

1. # user.rb
2.  
3. require 'digest/sha1'
4.  
5. class User < ActiveRecord::Base
6. # Constants
7. SCREEN_NAME_MINIMUM_LENGTH = 2
8. SCREEN_NAME_MAXIMUM_LENGTH = 20
9.  
10. EMAIL_MAXIMUM_LENGTH = 50
11.  
12. PASSWORD_MINIMUM_LENGTH = 6
13. PASSWORD_MAXIMUM_LENGTH = 20
14.  
15. # Ranges
16. SCREEN_NAME_RANGE = SCREEN_NAME_MINIMUM_LENGTH..SCREEN_NAME_MAXIMUM_LENGTH
17. PASSWORD_RANGE = PASSWORD_MINIMUM_LENGTH..PASSWORD_MAXIMUM_LENGTH
18.  
19. # Unique validations
20. validates_uniqueness_of :screen_name, :email
21. # Length validations
22. validates_length_of :screen_name, :within => SCREEN_NAME_RANGE
23. validates_length_of :password, :within => PASSWORD_RANGE
24. validates_length_of :email, :maximum => EMAIL_MAXIMUM_LENGTH
25. # Presence validations
26. validates_presence_of :screen_name, :email, :password
27. # Format validations
28. validates_format_of :email,
29. :with => /^\S+\@(\[?)[a-zA-Z0-9\-\.]+\.([a-zA-Z]{2,4}|[0-9]{1,4})(\]?)$/ix,
30. :message => "not a valid email address!"
31. # Exclusion validations
32. validates_exclusion_of :screen_name,
33. :in => %w( admin Admin guest Guest administrator Administrator ),
34. :message => "is reserved and cannot be registered."
35.  
36. def self.authenticate(name, password)
37. @user = self.find_by_name(name)
38. if @user
39. expected_password = encrypted_password(password, @user.salt)
40. if @user.hashed_password != expected_password
41. @user = nil
42. end
43. end
44. @user
45. end
46.  
47. def password
48. @password
49. end
50.  
51. def password=(pwd)
52. @password = pwd
53. return if pwd.blank?
54. create_new_salt
55. self.hashed_password = User.encrypted_password(self.password, self.salt)
56. end
57.  
58. def after_destroy
59. if User.count.zero?
60. raise "Can't delete last user"
61. end
62. end
63.  
64. private
65.  
66. def self.encrypted_password(password, salt)
67. string_to_hash = password + "somethingrandom" + salt
68. Digest::SHA1.hexdigest(string_to_hash)
69. end
70.  
71. def create_new_salt
72. self.salt = self.object_id.to_s + rand.to_s
73. end
74. end
75.  
76. # user_test.rb
77.  
78. require File.dirname(__FILE__) + '/../test_helper'
79.  
80. class UserTest < Test::Unit::TestCase
81. fixtures :users
82.  
83. def setup
84. @valid_user = users(:valid_user)
85. @invalid_user = users(:invalid_user)
86. end
87.  
88. def test_user_validity
89. assert @valid_user.valid?
90. end
91.  
92. def test_user_invalidity
93. assert !@invalid_user.valid?
94. attributes = [:screen_name, :email, :hashed_password, :salt]
95. attributes.each do |attribute|
96. assert @invalid_user.errors.invalid?(attribute)
97. end
98. end
99. end
100.  
101. # users.yaml
102.  
103. valid_user:
104. id: 1
105. screen_name: testing
106. email: blah@blah.com
107. hashed_password: 4a10675pff47c4e298ae7a368bbd60f6bc59f7ed
108. salt: 284601900.605789
109.  
110. invalid_user:
111. id: 2
112. screen_name: a
113. email: a/a.com
114. hashed_password: 4a10675pff47c4e298ae7a368bbd60f6bc59f7ed
115. salt: 284601900.605789
116.  
117. # errors
118.  
119. Started
120. .FF
121. Finished in 0.099934 seconds.
122.  
123. 1) Failure:
124. test_user_invalidity(UserTest)
125. [./test/unit/user_test.rb:19:in `test_user_invalidity'
126. ./test/unit/user_test.rb:18:in `each'
127. ./test/unit/user_test.rb:18:in `test_user_invalidity']:
128. <false> is not true.
129.  
130. 2) Failure:
131. test_user_validity(UserTest) [./test/unit/user_test.rb:12]:
132. <false> is not true.
133.  
134. 3 tests, 6 assertions, 2 failures, 0 errors
135. rake aborted!
136. Command failed with status (1): [/opt/local/bin/ruby -Ilib:test "/opt/local...]
137.  
138. (See full trace by running task with --trace)