+ has_many :client_applications
+ has_many :oauth_tokens, :class_name => "OauthToken", :order => "authorized_at desc", :include => [:client_application]
+
+ has_many :active_blocks, :class_name => "UserBlock", :conditions => proc { [ "user_blocks.ends_at > :ends_at or user_blocks.needs_view", { :ends_at => Time.now.getutc } ] }
+ has_many :roles, :class_name => "UserRole"
+
+ scope :visible, where(:status => ["pending", "active", "confirmed"])
+ scope :active, where(:status => ["active", "confirmed"])
+ scope :public, where(:data_public => true)
+
+ validates_presence_of :email, :display_name
+ validates_confirmation_of :email#, :message => ' addresses must match'
+ validates_confirmation_of :pass_crypt#, :message => ' must match the confirmation password'
+ validates_uniqueness_of :display_name, :allow_nil => true, :case_sensitive => false, :if => Proc.new { |u| u.display_name_changed? }
+ validates_uniqueness_of :email, :case_sensitive => false, :if => Proc.new { |u| u.email_changed? }
+ validates_uniqueness_of :openid_url, :allow_nil => true
+ validates_length_of :pass_crypt, :within => 8..255
+ validates_length_of :display_name, :within => 3..255, :allow_nil => true
+ validates_email_format_of :email, :if => Proc.new { |u| u.email_changed? }
+ validates_email_format_of :new_email, :allow_blank => true, :if => Proc.new { |u| u.new_email_changed? }
+ validates_format_of :display_name, :with => /^[^\/;.,?]*$/, :if => Proc.new { |u| u.display_name_changed? }
+ validates_format_of :display_name, :with => /^\S/, :message => "has leading whitespace", :if => Proc.new { |u| u.display_name_changed? }
+ validates_format_of :display_name, :with => /\S$/, :message => "has trailing whitespace", :if => Proc.new { |u| u.display_name_changed? }
+ validates_numericality_of :home_lat, :allow_nil => true
+ validates_numericality_of :home_lon, :allow_nil => true
+ validates_numericality_of :home_zoom, :only_integer => true, :allow_nil => true
+ validates_inclusion_of :preferred_editor, :in => Editors::ALL_EDITORS, :allow_nil => true
+
+ attr_accessible :display_name, :email, :email_confirmation, :openid_url,
+ :pass_crypt, :pass_crypt_confirmation, :consider_pd
+
+ after_initialize :set_defaults
+ before_save :encrypt_password
+
+ has_attached_file :image,
+ :default_url => "/assets/:class/:attachment/:style.png",
+ :styles => { :large => "100x100>", :small => "50x50>" }
+
+ def self.authenticate(options)
+ if options[:username] and options[:password]
+ user = where("email = ? OR display_name = ?", options[:username], options[:username]).first
+
+ if user.nil?
+ users = where("LOWER(email) = LOWER(?) OR LOWER(display_name) = LOWER(?)", options[:username], options[:username])
+
+ if users.count == 1
+ user = users.first
+ end
+ end
+
+ user = nil if user and user.pass_crypt != OSM::encrypt_password(options[:password], user.pass_salt)
+ elsif options[:token]
+ token = UserToken.find_by_token(options[:token])
+ user = token.user if token
+ end
+
+ if user and
+ ( user.status == "deleted" or
+ ( user.status == "pending" and not options[:pending] ) or
+ ( user.status == "suspended" and not options[:suspended] ) )
+ user = nil
+ end
+
+ token.update_attribute(:expiry, 1.week.from_now) if token and user
+
+ return user
+ end
+
+ def to_xml
+ doc = OSM::API.new.get_xml_doc
+ doc.root << to_xml_node()
+ return doc