end
def check_auto_admin
- if User.where("uuid not like '%-000000000000000'").where(:is_admin => true).count == 0 and Rails.configuration.auto_admin_user
- if self.email == Rails.configuration.auto_admin_user
- self.is_admin = true
- self.is_active = true
- end
+ return if self.uuid.end_with?('anonymouspublic')
+ if (User.where("email = ?",self.email).where(:is_admin => true).count == 0 and
+ Rails.configuration.auto_admin_user and self.email == Rails.configuration.auto_admin_user) or
+ (User.where("uuid not like '%-000000000000000'").where(:is_admin => true).count == 0 and
+ Rails.configuration.auto_admin_first_user)
+ self.is_admin = true
+ self.is_active = true
end
end
# add the user to the 'All users' group
def create_user_group_link
- # Look up the "All users" group (we expect uuid *-*-fffffffffffffff).
- group = Group.where(name: 'All users').select do |g|
- g[:uuid].match /-f+$/
- end.first
-
- if not group
- logger.warn "No 'All users' group with uuid '*-*-fffffffffffffff'."
- raise "No 'All users' group with uuid '*-*-fffffffffffffff' is found"
- else
- logger.info { "\"All users\" group uuid: " + group[:uuid] }
-
- group_perms = Link.where(tail_uuid: self.uuid,
- head_uuid: group[:uuid],
- link_class: 'permission',
- name: 'can_read')
-
- if !group_perms.any?
- group_perm = Link.create(tail_uuid: self.uuid,
- head_uuid: group[:uuid],
- link_class: 'permission',
- name: 'can_read')
- logger.info { "group permission: " + group_perm[:uuid] }
- else
- group_perm = group_perms.first
- end
-
- return group_perm
- end
+ return (Link.where(tail_uuid: self.uuid,
+ head_uuid: all_users_group[:uuid],
+ link_class: 'permission',
+ name: 'can_read').first or
+ Link.create(tail_uuid: self.uuid,
+ head_uuid: all_users_group[:uuid],
+ link_class: 'permission',
+ name: 'can_read'))
end
# Give the special "System group" permission to manage this user and
# all of this user's stuff.
- #
def add_system_group_permission_link
+ return true if uuid == system_user_uuid
act_as_system_user do
Link.create(link_class: 'permission',
name: 'can_manage',