jam-cloud/lib/jam_ruby/models/user.rb

module JamRuby
  class User < ActiveRecord::Base
    include Tire::Model::Search

    attr_accessible :first_name, :last_name, :email, :password, :password_confirmation, :city, :state, :country
    attr_accessor :updating_password

    self.primary_key = 'id'

    # authorizations (for facebook, etc -- omniauth)
    has_many :user_authorizations, :class_name => "JamRuby::UserAuthorization"

    # connections (websocket-gateway)
    has_many :connections, :class_name => "JamRuby::Connection"

    # friend requests
    has_many :friend_requests, :class_name => "JamRuby::FriendRequest"

    # instruments
    has_many :musician_instruments, :class_name => "JamRuby::MusicianInstrument"
    has_many :instruments, :through => :musician_instruments, :class_name => "JamRuby::Instrument"

    # bands
    has_many :band_musicians, :class_name => "JamRuby::BandMusician"
    has_many :bands, :through => :band_musicians, :class_name => "JamRuby::Band"

    # recordings
    has_many :musician_recordings, :class_name => "JamRuby::MusicianRecording", :foreign_key => "user_id"
    has_many :recordings, :through => :musician_recordings, :class_name => "JamRuby::Recording"

    # user likers (a musician has likers and may have likes too; fans do not have likers)
    has_many :likers, :class_name => "JamRuby::UserLiker", :foreign_key => "user_id", :inverse_of => :user
    has_many :inverse_likers, :through => :likers, :class_name => "JamRuby::User", :foreign_key => "liker_id"

    # user likes (fans and musicians have likes)
    has_many :likes, :class_name => "JamRuby::UserLike", :foreign_key => "liker_id", :inverse_of => :user
    has_many :inverse_likes, :through => :followings, :class_name => "JamRuby::User", :foreign_key => "user_id"

    # band likes
    has_many :band_likes, :class_name => "JamRuby::BandLiker", :foreign_key => "liker_id", :inverse_of => :user
    has_many :inverse_band_likes, :through => :band_likes, :class_name => "JamRuby::Band", :foreign_key => "band_id"

    # followers
    has_many :followers, :class_name => "JamRuby::UserFollower", :foreign_key => "user_id", :inverse_of => :user
    has_many :inverse_followers, :through => :followers, :class_name => "JamRuby::User", :foreign_key => "follower_id"

    # user followings
    has_many :followings, :class_name => "JamRuby::UserFollowing", :foreign_key => "follower_id", :inverse_of => :user
    has_many :inverse_followings, :through => :followings, :class_name => "JamRuby::User", :foreign_key => "user_id"

    # band followings
    has_many :band_followings, :class_name => "JamRuby::BandFollower", :foreign_key => "follower_id", :inverse_of => :user
    has_many :inverse_band_followings, :through => :band_followings, :class_name => "JamRuby::Band", :foreign_key => "band_id"

    # favorites
    has_many :favorites, :class_name => "JamRuby::UserFavorite", :foreign_key => "user_id"
    has_many :inverse_favorites, :through => :favorites, :class_name => "JamRuby::User"

    # friends
    has_many :friendships, :class_name => "JamRuby::Friendship", :foreign_key => "user_id"
    has_many :friends, :through => :friendships, :class_name => "JamRuby::User"
    has_many :inverse_friendships, :class_name => "JamRuby::Friendship", :foreign_key => "friend_id"
    has_many :inverse_friends, :through => :inverse_friendships, :source => :user, :class_name => "JamRuby::User"

    # connections / music sessions
    has_many :created_music_sessions, :foreign_key => "user_id", :inverse_of => :user, :class_name => "JamRuby::MusicSession" # sessions *created* by the user
    has_many :music_sessions, :through => :connections, :class_name => "JamRuby::MusicSession"

    # invitations
    has_many :received_invitations, :foreign_key => "receiver_id", :inverse_of => :receiver, :class_name => "JamRuby::Invitation"
    has_many :sent_invitations, :foreign_key => "sender_id", :inverse_of => :sender, :class_name => "JamRuby::Invitation"

    # fan invitations
    has_many :received_fan_invitations, :foreign_key => "receiver_id", :inverse_of => :receiver, :class_name => "JamRuby::FanInvitation"
    has_many :sent_fan_invitations, :foreign_key => "sender_id", :inverse_of => :sender, :class_name => "JamRuby::FanInvitation"

    # band invitations
    has_many :received_band_invitations, :inverse_of => :receiver, :foreign_key => "user_id", :class_name => "JamRuby::BandInvitation"
    has_many :sent_band_invitations, :inverse_of => :sender, :foreign_key => "creator_id", :class_name => "JamRuby::BandInvitation"

    # session history
    has_many :music_session_histories, :foreign_key => "user_id", :class_name => "JamRuby::MusicSessionHistory"

    # This causes the authenticate method to be generated (among other stuff)
    has_secure_password

    before_save { |user| user.email = email.downcase }
    before_save :create_remember_token, :if => :should_validate_password?

    validates :first_name, presence: true, length: {maximum: 50}
    validates :last_name, presence: true, length: {maximum: 50}
    VALID_EMAIL_REGEX = /\A[\w+\-.]+@[a-z\d\-.]+\.[a-z]+\z/i
    validates :email, presence: true, format: {with: VALID_EMAIL_REGEX},
              uniqueness: {case_sensitive: false}
    validates_length_of :password, minimum: 6, maximum: 100, :if => :should_validate_password?

    validates_presence_of :password_confirmation, :if => :should_validate_password?
    validates_confirmation_of :password, :if => :should_validate_password?

    def online
      @online ||= !self.connections.nil? && self.connections.size > 0
    end

    def name
      return "#{first_name} #{last_name}"  
    end

    def location
      loc = self.city.blank? ? '' : self.city
      loc = loc.blank? ? self.state : "#{loc}, #{self.state}" unless self.state.blank?
      loc = loc.blank? ? self.country : "#{loc}, #{self.country}" unless self.country.blank?
      loc
    end

    def location= location_hash
      unless location_hash.blank?
        self.city = location_hash[:city]
        self.state = location_hash[:state]
        self.country = location_hash[:country]
      end if self.city.blank?
    end

    def should_validate_password?
      updating_password || new_record?
    end

    def friends?(user)
      return self.friends.exists?(user)
    end

    def friend_count
      return self.friends.size
    end

    def liker_count
      return self.likers.size
    end

    def like_count
      return self.likes.size
    end

    def band_like_count
      return self.band_likes.size
    end

    def follower_count
      return self.followers.size
    end

    def following_count
      return self.followings.size
    end

    def band_following_count
      return self.band_followings.size
    end

    def favorite_count
      return self.favorites.size
    end

    def recording_count
      return self.recordings.size
    end

    def session_count
      return self.music_sessions.size
    end
    
    def confirm_email!
      self.email_confirmed = true
    end

    def my_session_settings
      unless self.session_settings.nil?
        return JSON.parse(self.session_settings)
      else
        return ""
      end
    end

    def session_history(user_id, band_id = nil, genre = nil)
      return MusicSessionHistory.index(self, user_id, band_id, genre)
    end

    def session_user_history(user_id, session_id)
      return MusicSessionUserHistory.where("music_session_id='#{session_id}'")
    end

    def to_s
      return email unless email.nil?

      if !first_name.nil? && !last_name.nil?
        return first_name + ' ' + last_name
      end

      return id
    end

    def set_password(old_password, new_password, new_password_confirmation)
      raise JamRuby::JamArgumentError unless authenticate old_password
      change_password(new_password, new_password_confirmation)
      save
    end

    def self.set_password_from_token(email, token, new_password, new_password_confirmation)
      user = User.find_by_email(email)
      if user.nil? || user.reset_password_token != token || Time.now - user.reset_password_token_created > 3.days
        raise JamRuby::JamArgumentError
      end
      user.reset_password_token = nil
      user.reset_password_token_created = nil
      user.change_password(new_password, new_password_confirmation)
      user.save
    end
      
    def change_password(new_password, new_password_confirmation)
      # FIXME: Should verify that the new password meets certain quality criteria. Really, maybe that should be a 
      # verification step.
      self.updating_password = true 
      self.password = new_password
      self.password_confirmation = new_password_confirmation
      
      UserMailer.password_changed(self).deliver  
    end

    def self.reset_password(email)
      user = User.find_by_email(email)
      raise JamRuby::JamArgumentError if user.nil?

      user.reset_password_token = SecureRandom.urlsafe_base64
      user.reset_password_token_created = Time.now
      user.save

      UserMailer.password_reset(user).deliver
      
      user
    end

    def self.band_index(user_id)
      bands = Band.joins(:band_musicians)
                  .where(:bands_musicians => {:user_id => "#{user_id}"})

      return bands
    end

    def self.recording_index(current_user, user_id)
      hide_private = false

      # hide private recordings from anyone but the current user
      if current_user.id != user_id
        hide_private = true
      end

      if hide_private
        recordings = Recording.joins(:musician_recordings)
                              .where(:musicians_recordings => {:user_id => "#{user_id}"}, :public => true)

      else
        recordings = Recording.joins(:musician_recordings)
                              .where(:musicians_recordings => {:user_id => "#{user_id}"})                                  
      end

      return recordings
    end

    # helper method for creating / updating a User
    def self.save(id, updater_id, first_name, last_name, email, password, password_confirmation, musician, gender,
                  birth_date, internet_service_provider, city, state, country, instruments, photo_url) 
      if id.nil?
        validate_instruments(instruments, musician)
        user = User.new()
      else
        validate_instruments(instruments, true)
        user = User.find(id)
      end

      if user.id != updater_id
        raise PermissionError, ValidationMessages::PERMISSION_VALIDATION_ERROR
      end 

      # first name
      unless first_name.nil?
        user.first_name = first_name
      end

      # last name
      unless last_name.nil?
        user.last_name = last_name
      end

      # email
      unless email.nil?
        user.email = email
      end

      # password
      unless password.nil?
        user.password = password
      end

      # password confirmation
      unless password_confirmation.nil?
        user.password_confirmation = password_confirmation
      end

      # musician flag
      unless musician.nil?
        user.musician = musician
      end

      # gender
      unless gender.nil?
        account.gender = gender
      end

      # birthdate
      unless birth_date.nil?
        account.birth_date = birth_date
      end

      # ISP
      unless internet_service_provider.nil?
        account.internet_service_provider = internet_service_provider
      end

      # city
      unless city.nil?
        user.city = city
      end

      # state
      unless state.nil?
        user.state = state
      end

      # country
      unless country.nil?
        user.country = country
      end

      # instruments
      unless instruments.nil?
        UserManager.active_record_transaction do |user_manager|
          # delete all instruments for this user first
          unless user.id.nil? || user.id.length == 0
            MusicianInstrument.delete_all(["user_id = ?", user.id])
          end

          # loop through each instrument in the array and save to the db
          instruments.each do |musician_instrument_param|
            instrument = Instrument.find(musician_instrument_param[:instrument_id])
            musician_instrument = MusicianInstrument.new
            musician_instrument.user = user
            musician_instrument.instrument = instrument
            musician_instrument.proficiency_level = musician_instrument_param[:proficiency_level]
            musician_instrument.priority = musician_instrument_param[:priority]
            musician_instrument.save
            user.musician_instruments << musician_instrument
          end
        end
      end

      # photo url
      unless photo_url.nil?
        user.photo_url = photo_url
      end

      user.updated_at = Time.now.getutc
      user.save
      return user
    end

    def self.create_user_like(user_id, liker_id)
      liker = UserLiker.new()
      liker.user_id = user_id
      liker.liker_id = liker_id
      liker.save
    end

    def self.delete_like(user_id, band_id, liker_id)
      if !user_id.nil?
        JamRuby::UserLiker.delete_all "(user_id = '#{user_id}' AND liker_id = '#{liker_id}')"

      elsif !band_id.nil?
        JamRuby::BandLiker.delete_all "(band_id = '#{band_id}' AND liker_id = '#{liker_id}')"
      end
    end

    def self.create_band_like(band_id, liker_id)
      liker = BandLiker.new()
      liker.band_id = band_id
      liker.liker_id = liker_id
      liker.save
    end

    def self.delete_band_like(band_id, liker_id)
      JamRuby::BandLiker.delete_all "(band_id = '#{band_id}' AND liker_id = '#{liker_id}')"
    end

    def self.create_user_following(user_id, follower_id)
      follower = UserFollower.new()
      follower.user_id = user_id
      follower.follower_id = follower_id
      follower.save
    end

    def self.delete_following(user_id, band_id, follower_id)
      if !user_id.nil?
        JamRuby::UserFollower.delete_all "(user_id = '#{user_id}' AND follower_id = '#{follower_id}')"

      elsif !band_id.nil?
        JamRuby::BandFollower.delete_all "(band_id = '#{band_id}' AND follower_id = '#{follower_id}')"
      end
    end

    def self.create_band_following(band_id, follower_id)
      follower = BandFollower.new()
      follower.band_id = band_id
      follower.follower_id = follower_id
      follower.save
    end

    def self.delete_band_following(band_id, follower_id)
      JamRuby::BandFollower.delete_all "(band_id = '#{band_id}' AND follower_id = '#{follower_id}')"
    end

    def self.create_favorite(user_id, recording_id)
      favorite = UserFavorite.new()
      favorite.user_id = user_id
      favorite.recording_id = recording_id
      favorite.save
    end

    def self.delete_favorite(user_id, recording_id)
      JamRuby::UserFavorite.delete_all "(user_id = '#{user_id}' AND recording_id = '#{recording_id}')"
    end

    def self.save_session_settings(user, music_session)
      unless user.nil?

        # only save genre id and description
        genres = []
        unless music_session.genres.nil?
          music_session.genres.each do |genre|
            g = Hash.new
            g["id"] = genre.id
            g["description"] = genre.description
            genres << g
          end
        end

        # only save invitation receiver id and name
        invitees = []
        unless music_session.invitations.nil?
          music_session.invitations.each do |invitation|
            i = Hash.new
            i["id"] = invitation.receiver.id
            i["name"] = invitation.receiver.name
            invitees << i
          end
        end

        session_settings = { :band_id => music_session.band_id, 
                             :musician_access => music_session.musician_access,
                             :approval_required => music_session.approval_required,
                             :fan_chat => music_session.fan_chat,
                             :fan_access => music_session.fan_access,
                             :description => music_session.description,
                             :genres => genres,
                             :invitees => invitees
                           }.to_json

        user.session_settings = session_settings
        user.save
      end
    end

    # throws ActiveRecord::RecordNotFound if instrument is invalid
    # throws an email delivery error if unable to connect out to SMTP
    def self.signup(first_name, last_name, email, password, password_confirmation,
            city, state, country, instruments, photo_url, signup_confirm_url)
      user = User.new

      UserManager.active_record_transaction do |user_manager|
        user.first_name = first_name
        user.last_name = last_name
        user.email = email

        #FIXME: Setting random password for social network logins. This
        # is because we have validations all over the place on this.
        # The right thing would be to have this null
        if password.nil?
          user.password = "blahblahblah"
          user.password_confirmation = "blahblahblah"
        else
          user.password = password
          user.password_confirmation = password_confirmation
        end

        user.admin = false
        user.email_confirmed = false
        user.musician = true
        user.city = city
        user.state = state
        user.country = country
        unless instruments.nil?
          instruments.each do |musician_instrument_param|
            instrument = Instrument.find(musician_instrument_param[:instrument_id])
            musician_instrument = MusicianInstrument.new
            musician_instrument.user = user
            musician_instrument.instrument = instrument
            musician_instrument.proficiency_level = musician_instrument_param[:proficiency_level]
            musician_instrument.priority = musician_instrument_param[:priority]
            musician_instrument.save
            user.musician_instruments << musician_instrument
          end
        end

        user.photo_url = photo_url

        user.signup_token = SecureRandom.urlsafe_base64

        user.can_invite = Limits::USERS_CAN_INVITE

        user.save

        if user.errors.any?
          raise ActiveRecord::Rollback
        else
          # FIXME:
          # It's not standard to require a confirmation when a user signs up with Facebook.
          # We should stop asking for it.
          #
          # any errors here should also rollback the transaction; that's OK. If emails aren't going to be delivered,
          # it's already a really bad situation; make user signup again
          UserMailer.welcome_message(user, signup_confirm_url.nil? ? nil : (signup_confirm_url + "/" + user.signup_token) ).deliver
        end
      end

      return user
    end

    # this is intended to be development-mode or test-mode only; VRFS-149
    # it creates or updates one user per developer, so that we aren't in the business
    # of constantly recreating users as we create new dev environments

    # We guard against this code running in production mode,
    # because otherwise it's a bit of uncomfortable code
    # to have sitting around
    def self.create_dev_user(first_name, last_name, email, password,
            city, state, country, instruments, photo_url)

      if Environment.mode == "production"
        # short-circuit out
        return
      end

      user = User.find_or_create_by_email(email)
      
      User.transaction do
        user.first_name = first_name
        user.last_name = last_name
        user.email = email
        user.password = password
        user.password_confirmation = password
        user.admin = true
        user.email_confirmed = true
        user.musician = true
        user.city = city
        user.state = state
        user.country = country

        if instruments.nil?
          instruments = [{:instrument_id => "acoustic guitar", :proficiency_level => 3, :priority => 1}]
        end

        unless user.new_record?
          MusicianInstrument.delete_all(["user_id = ?", user.id])
        end

        instruments.each do |musician_instrument_param|
          instrument = Instrument.find(musician_instrument_param[:instrument_id])
          musician_instrument = MusicianInstrument.new
          musician_instrument.user = user
          musician_instrument.instrument = instrument
          musician_instrument.proficiency_level = musician_instrument_param[:proficiency_level]
          musician_instrument.priority = musician_instrument_param[:priority]
          musician_instrument.save
          user.musician_instruments << musician_instrument
        end

        user.photo_url = photo_url
        user.signup_token = nil
        user.save

        if user.errors.any?
          raise ActiveRecord::Rollback
        end
      end

      return user
    end

    # throws RecordNotFound if signup token is invalid; i.e., if it's nil, empty string, or not belonging to a user
    def self.signup_confirm(signup_token)
      if signup_token.nil? || signup_token.empty?
        # there are plenty of confirmed users with nil signup_tokens, so we can't look on it
        raise ActiveRecord::RecordNotFound
      else
        UserManager.active_record_transaction do |user_manager|
          # throws ActiveRecord::RecordNotFound if invalid
          user = User.find_by_signup_token!(signup_token)
          user.signup_token = nil
          user.confirm_email!
          user.save
          return user
        end
      end
    end

    # if valid credentials are supplied for an 'active' user, returns the user
    # if not authenticated, returns nil
    def self.authenticate(email, password)
      # we only allow users that have confirmed email to authenticate
      user = User.where('email_confirmed=true').find_by_email(email)

      if user && user.authenticate(password)
        return user
      else
        return nil
      end
    end


    ### Elasticsearch/Tire integration ###
    #
    # Define the name based on the environment
    # We wouldn't like to erase dev data during
    # test runs!
    #
    index_name("#{Environment.mode}-#{Environment.application}-users")

    def to_indexed_json
        {
          :first_name => first_name,
          :last_name => last_name,
          :photo_url => photo_url,
          :location => location,
          :musician => musician
        }.to_json
    end

    # only put users into the search index if their eail is confirmed
    after_save do
      update_index if email_confirmed
    end

    after_destroy do
      update_index
    end

    class << self
      def create_search_index
        Tire.index(User.index_name) do
          create(
            :settings => Search.index_settings,
            :mappings => {
              "jam_ruby/user" => {
                :properties => {
                  :photo_url        => { :type => :string, :index => :not_analyzed, :include_in_all => false},
                  :location         => { :type => :string },
                  :first_name       => { :type => :string, :boost => 100 },
                  :last_name        => { :type => :string, :boost => 100 },
                  :musician         => { :type => :boolean, :index => :not_analyzed, :include_in_all => false}
                }
              }
            }
          )
        end
      end

      def delete_search_index
        search_index.delete
      end

      def search_index
        Tire.index(User.index_name)
      end
    end
    ### Elasticsearch/Tire integration


    private
      def create_remember_token
        self.remember_token = SecureRandom.urlsafe_base64
      end

      def self.validate_instruments(instruments, is_nil_ok)
        if is_nil_ok && instruments.nil?
          return
        end

        if instruments.nil?
          raise JamRuby::JamArgumentError, ValidationMessages::INSTRUMENT_MINIMUM_NOT_MET
        else
          if instruments.size < Limits::MIN_INSTRUMENTS_PER_MUSICIAN
            raise JamRuby::JamArgumentError, ValidationMessages::INSTRUMENT_MINIMUM_NOT_MET
          end

          if instruments.size > Limits::MAX_INSTRUMENTS_PER_MUSICIAN
            raise JamRuby::JamArgumentError, ValidationMessages::INSTRUMENT_LIMIT_EXCEEDED
          end
        end
      end
  end
end