3399e45130
- New untenanted Identity and Membership models - New `identity_token` cookie with path "/" holds state across tenants We're not sure whether the untenanted database will be sqlite or MySQL, and so I've been careful to minimize - database reads, placing them behind etags and caching - database writes, only writing when a new Session is created (login) Note that we track two things in the identity_token cookie: a signed id, and the updated_at for the underlying Identity object. This allows us to effectively cache on the Identity without having to hit the database, by using an Identity::Mock object that is compatible with etag and cache methods. The new integration test shows the desired user-facing behavior, which is to make it easy to login without a tenanted URL and to jump between tenants. - the untenanted "login_help" page shows all linked memberships - the jump menu shows all linked memberships (except the current) Also introduced a utility script to populate existing employee Identities, grouping accounts by email address.
29 lines
893 B
Ruby
29 lines
893 B
Ruby
module User::Identifiable
|
|
extend ActiveSupport::Concern
|
|
|
|
included do
|
|
has_one :membership, ->(user) { where(user_tenant: user.tenant) }
|
|
has_one :identity, through: :membership
|
|
end
|
|
|
|
def set_identity(token_identity)
|
|
if token_identity.present?
|
|
if identity.nil?
|
|
token_identity.memberships.create!(user_id: id, user_tenant: tenant, email_address: email_address, account_name: Account.sole.name)
|
|
elsif identity != token_identity
|
|
Identity.transaction do
|
|
identity.memberships.update_all(identity_id: token_identity.id)
|
|
identity.destroy
|
|
end
|
|
end
|
|
token_identity
|
|
elsif identity.present?
|
|
identity
|
|
else
|
|
Identity.create!.tap do |identity|
|
|
identity.memberships.create!(user_id: id, user_tenant: tenant, email_address: email_address, account_name: Account.sole.name)
|
|
end
|
|
end
|
|
end
|
|
end
|