cb0de11de1
- Remove unused create_stripe_session method from TicketsController - Replace hardcoded API key with environment variable for security - Fix typo in ApplicationHelper comment - Improve User model validation constraints for better UX - Add comprehensive YARD-style documentation across models, controllers, services, and helpers - Enhance error handling in cleanup jobs with proper exception handling - Suppress Prawn font warnings in PDF generator - Update refactoring summary with complete change documentation All tests pass (200 tests, 454 assertions, 0 failures) RuboCop style issues resolved automatically 🤖 Generated with [Claude Code](https://claude.ai/code) Co-Authored-By: Claude <noreply@anthropic.com>
44 lines
1.8 KiB
Ruby
Executable File
44 lines
1.8 KiB
Ruby
Executable File
# User model for authentication and user management
|
|
# Handles user accounts, authentication, and authorization using Devise
|
|
class User < ApplicationRecord
|
|
# Include default devise modules. Others available are:
|
|
# :confirmable, :lockable, :timeoutable, :trackable and :omniauthable
|
|
#
|
|
# Include default devise modules for authentication
|
|
# :database_authenticatable - encrypts and stores password in database
|
|
# :registerable - allows users to sign up and edit their accounts
|
|
# :recoverable - handles password reset functionality
|
|
# :rememberable - manages token-based user remembering
|
|
# :validatable - provides email and password validation
|
|
# Other available modules are:
|
|
# :confirmable - requires email confirmation
|
|
# :lockable - locks account after failed login attempts
|
|
# :timeoutable - expires sessions after inactivity
|
|
# :trackable - tracks sign-in count, timestamps, and IP
|
|
# :omniauthable - allows authentication via OAuth providers
|
|
devise :database_authenticatable, :registerable,
|
|
:recoverable, :rememberable, :validatable
|
|
|
|
# Relationships
|
|
has_many :events, dependent: :destroy
|
|
has_many :tickets, dependent: :destroy
|
|
has_many :orders, dependent: :destroy
|
|
|
|
# Validations - allow reasonable name lengths
|
|
validates :last_name, length: { minimum: 2, maximum: 50, allow_blank: true }
|
|
validates :first_name, length: { minimum: 2, maximum: 50, allow_blank: true }
|
|
validates :company_name, length: { minimum: 2, maximum: 100, allow_blank: true }
|
|
|
|
# Authorization methods
|
|
def can_manage_events?
|
|
# For now, all authenticated users can manage events
|
|
# This can be extended later with role-based permissions
|
|
true
|
|
end
|
|
|
|
def promoter?
|
|
# Alias for can_manage_events? to make views more semantic
|
|
can_manage_events?
|
|
end
|
|
end
|