codecombat/app/models/User.coffee

375 lines
14 KiB
CoffeeScript
Raw Normal View History

2014-01-03 13:32:13 -05:00
GRAVATAR_URL = 'https://www.gravatar.com/'
cache = {}
2014-06-30 22:16:26 -04:00
CocoModel = require './CocoModel'
util = require 'core/utils'
ThangType = require './ThangType'
Level = require './Level'
utils = require 'core/utils'
2014-01-03 13:32:13 -05:00
module.exports = class User extends CocoModel
2014-06-30 22:16:26 -04:00
@className: 'User'
@schema: require 'schemas/models/user'
2014-06-30 22:16:26 -04:00
urlRoot: '/db/user'
notyErrors: false
2014-01-03 13:32:13 -05:00
isAdmin: -> 'admin' in @get('permissions', true)
isArtisan: -> 'artisan' in @get('permissions', true)
isInGodMode: -> 'godmode' in @get('permissions', true)
isAnonymous: -> @get('anonymous', true)
displayName: -> @get('name', true)
broadName: ->
return '(deleted)' if @get('deleted')
name = _.filter([@get('firstName'), @get('lastName')]).join(' ')
return name if name
name = @get('name')
return name if name
Improve student account recovery This adds the ability to verify email addresses of a user, so we know they have access to the email address on their account. Until a user has verified their email address, any teacher of a class they're in can reset their password for them via the Teacher Dashboard. When a user's email address is verified, a teacher may trigger a password recovery email to be sent to the student. Verification links are valid forever, until the user changes the email address they have on file. They are created using a timestamp, with a sha256 of timestamp+salt+userID+email. Currently the hash value is rather long, could be shorter. Squashed commit messages: Add server endpoints for verifying email address Add server endpoints for verifying email address (pt 2) Add Server+Client endpoint for sending verification email Add client view for verification links Add Edit Student Modal for resetting passwords Add specs for EditStudentModal Tweak method name in EditStudentModal Add edit student button to TeacherClassView Fix up frontend for teacher password resetting Add middleware for teacher password resetting Improve button UX in EditStudentModal Add JoinClassModal Add welcome emails, use broad name Use email without domain as fallback instead of full email Fetch user on edit student modal open Don't allow password reset if student email is verified Set role to student on user signup with classCode Tweak interface for joinClassModal Add button to request verification email for yourself Fix verify email template ID Move text to en.coffee Minor tweaks Fix code review comments Fix some tests, disable a broken one Fix misc tests Fix more tests Refactor recovery email sending to auth Fix overbroad sass Add options to refactored recovery email function Rename getByCode to fetchByCode Fix error message Fix up error handling in users middleware Use .get instead of .toObject Use findById Fix more code review comments Disable still-broken test
2016-05-11 17:39:26 -04:00
[emailName, emailDomain] = @get('email')?.split('@') or []
return emailName if emailName
return 'Anonymous'
2014-01-03 13:32:13 -05:00
getPhotoURL: (size=80, useJobProfilePhoto=false, useEmployerPageAvatar=false) ->
photoURL = if useJobProfilePhoto then @get('jobProfile')?.photoURL else null
photoURL ||= @get('photoURL')
if photoURL
2014-06-30 22:16:26 -04:00
prefix = if photoURL.search(/\?/) is -1 then '?' else '&'
return "#{photoURL}#{prefix}s=#{size}" if photoURL.search('http') isnt -1 # legacy
return "/file/#{photoURL}#{prefix}s=#{size}"
return "/db/user/#{@id}/avatar?s=#{size}&employerPageAvatar=#{useEmployerPageAvatar}"
Improve student account recovery This adds the ability to verify email addresses of a user, so we know they have access to the email address on their account. Until a user has verified their email address, any teacher of a class they're in can reset their password for them via the Teacher Dashboard. When a user's email address is verified, a teacher may trigger a password recovery email to be sent to the student. Verification links are valid forever, until the user changes the email address they have on file. They are created using a timestamp, with a sha256 of timestamp+salt+userID+email. Currently the hash value is rather long, could be shorter. Squashed commit messages: Add server endpoints for verifying email address Add server endpoints for verifying email address (pt 2) Add Server+Client endpoint for sending verification email Add client view for verification links Add Edit Student Modal for resetting passwords Add specs for EditStudentModal Tweak method name in EditStudentModal Add edit student button to TeacherClassView Fix up frontend for teacher password resetting Add middleware for teacher password resetting Improve button UX in EditStudentModal Add JoinClassModal Add welcome emails, use broad name Use email without domain as fallback instead of full email Fetch user on edit student modal open Don't allow password reset if student email is verified Set role to student on user signup with classCode Tweak interface for joinClassModal Add button to request verification email for yourself Fix verify email template ID Move text to en.coffee Minor tweaks Fix code review comments Fix some tests, disable a broken one Fix misc tests Fix more tests Refactor recovery email sending to auth Fix overbroad sass Add options to refactored recovery email function Rename getByCode to fetchByCode Fix error message Fix up error handling in users middleware Use .get instead of .toObject Use findById Fix more code review comments Disable still-broken test
2016-05-11 17:39:26 -04:00
getRequestVerificationEmailURL: ->
@url() + "/request-verify-email"
2014-01-03 13:32:13 -05:00
getSlugOrID: -> @get('slug') or @get('_id')
2014-07-16 13:51:44 -04:00
set: ->
if arguments[0] is 'jobProfileApproved' and @get("jobProfileApproved") is false and not @get("jobProfileApprovedDate")
@set "jobProfileApprovedDate", (new Date()).toISOString()
super arguments...
2014-06-30 22:16:26 -04:00
@getUnconflictedName: (name, done) ->
2016-06-30 18:32:58 -04:00
# deprecate in favor of @checkNameConflicts, which uses Promises and returns the whole response
2016-05-03 17:47:24 -04:00
$.ajax "/auth/name/#{encodeURIComponent(name)}",
cache: false
2016-06-30 18:32:58 -04:00
success: (data) -> done(data.suggestedName)
@checkNameConflicts: (name) ->
new Promise (resolve, reject) ->
$.ajax "/auth/name/#{encodeURIComponent(name)}",
cache: false
success: resolve
error: (jqxhr) -> reject(jqxhr.responseJSON)
@checkEmailExists: (email) ->
new Promise (resolve, reject) ->
$.ajax "/auth/email/#{encodeURIComponent(email)}",
cache: false
success: resolve
error: (jqxhr) -> reject(jqxhr.responseJSON)
getEnabledEmails: ->
(emailName for emailName, emailDoc of @get('emails', true) when emailDoc.enabled)
2014-06-30 22:16:26 -04:00
setEmailSubscription: (name, enabled) ->
newSubs = _.clone(@get('emails')) or {}
(newSubs[name] ?= {}).enabled = enabled
@set 'emails', newSubs
2014-06-30 22:16:26 -04:00
isEmailSubscriptionEnabled: (name) -> (@get('emails') or {})[name]?.enabled
2016-03-09 17:40:52 -05:00
isStudent: -> @get('role') is 'student'
isTeacher: ->
2016-03-09 17:40:52 -05:00
return @get('role') in ['teacher', 'technology coordinator', 'advisor', 'principal', 'superintendent', 'parent']
justPlaysCourses: ->
# This heuristic could be better, but currently we don't add to me.get('courseInstances') for single-player anonymous intro courses, so they have to beat a level without choosing a hero.
return true if me.get('role') is 'student'
return me.get('stats')?.gamesCompleted and not me.get('heroConfig')
isSessionless: ->
# TODO: Fix old users who got mis-tagged as teachers
# TODO: Should this just be isTeacher, eventually?
2016-07-24 00:03:16 -04:00
Boolean((utils.getQueryVariable('dev', false) or me.isTeacher()) and utils.getQueryVariable('course', false))
setRole: (role, force=false) ->
oldRole = @get 'role'
return if oldRole is role or (oldRole and not force)
@set 'role', role
@patch()
application.tracker?.updateRole()
return @get 'role'
a = 5
b = 100
c = b
# y = a * ln(1/b * (x + c)) + 1
@levelFromExp: (xp) ->
if xp > 0 then Math.floor(a * Math.log((1 / b) * (xp + c))) + 1 else 1
# x = b * e^((y-1)/a) - c
@expForLevel: (level) ->
if level > 1 then Math.ceil Math.exp((level - 1)/ a) * b - c else 0
@tierFromLevel: (level) ->
# TODO: math
# For now, just eyeball it.
tiersByLevel[Math.min(level, tiersByLevel.length - 1)]
@levelForTier: (tier) ->
# TODO: math
for tierThreshold, level in tiersByLevel
return level if tierThreshold >= tier
level: ->
totalPoint = @get('points')
totalPoint = totalPoint + 1000000 if me.isInGodMode()
User.levelFromExp(totalPoint)
tier: ->
User.tierFromLevel @level()
gems: ->
gemsEarned = @get('earned')?.gems ? 0
gemsEarned = gemsEarned + 100000 if me.isInGodMode()
gemsPurchased = @get('purchased')?.gems ? 0
gemsSpent = @get('spent') ? 0
Math.floor gemsEarned + gemsPurchased - gemsSpent
heroes: ->
heroes = (me.get('purchased')?.heroes ? []).concat([ThangType.heroes.captain, ThangType.heroes.knight, ThangType.heroes.champion, ThangType.heroes.duelist])
#heroes = _.values ThangType.heroes if me.isAdmin()
heroes
items: -> (me.get('earned')?.items ? []).concat(me.get('purchased')?.items ? []).concat([ThangType.items['simple-boots']])
levels: -> (me.get('earned')?.levels ? []).concat(me.get('purchased')?.levels ? []).concat(Level.levels['dungeons-of-kithgard'])
ownsHero: (heroOriginal) -> me.isInGodMode() || heroOriginal in @heroes()
ownsItem: (itemOriginal) -> itemOriginal in @items()
ownsLevel: (levelOriginal) -> levelOriginal in @levels()
getHeroClasses: ->
idsToSlugs = _.invert ThangType.heroes
myHeroSlugs = (idsToSlugs[id] for id in @heroes())
myHeroClasses = []
myHeroClasses.push heroClass for heroClass, heroSlugs of ThangType.heroClasses when _.intersection(myHeroSlugs, heroSlugs).length
myHeroClasses
getAnnouncesActionAudioGroup: ->
return @announcesActionAudioGroup if @announcesActionAudioGroup
group = me.get('testGroupNumber') % 4
@announcesActionAudioGroup = switch group
when 0 then 'all-audio'
when 1 then 'no-audio'
when 2 then 'just-take-damage'
when 3 then 'without-take-damage'
@announcesActionAudioGroup = 'all-audio' if me.isAdmin()
application.tracker.identify announcesActionAudioGroup: @announcesActionAudioGroup unless me.isAdmin()
@announcesActionAudioGroup
getCampaignAdsGroup: ->
return @campaignAdsGroup if @campaignAdsGroup
2016-03-21 11:07:22 -04:00
# group = me.get('testGroupNumber') % 2
# @campaignAdsGroup = switch group
# when 0 then 'no-ads'
# when 1 then 'leaderboard-ads'
@campaignAdsGroup = 'leaderboard-ads'
@campaignAdsGroup = 'no-ads' if me.isAdmin()
application.tracker.identify campaignAdsGroup: @campaignAdsGroup unless me.isAdmin()
@campaignAdsGroup
# Signs and Portents was receiving updates after test started, and also had a big bug on March 4, so just look at test from March 5 on.
2015-03-10 12:45:21 -04:00
# ... and stopped working well until another update on March 10, so maybe March 11+...
# ... and another round, and then basically it just isn't completing well, so we pause the test until we can fix it.
getFourthLevelGroup: ->
return 'forgetful-gemsmith'
return @fourthLevelGroup if @fourthLevelGroup
group = me.get('testGroupNumber') % 8
@fourthLevelGroup = switch group
when 0, 1, 2, 3 then 'signs-and-portents'
when 4, 5, 6, 7 then 'forgetful-gemsmith'
@fourthLevelGroup = 'signs-and-portents' if me.isAdmin()
application.tracker.identify fourthLevelGroup: @fourthLevelGroup unless me.isAdmin()
@fourthLevelGroup
getHintsGroup: ->
# A/B testing two styles of hints
return @hintsGroup if @hintsGroup
group = me.get('testGroupNumber') % 3
@hintsGroup = switch group
when 0 then 'no-hints'
when 1 then 'hints'
when 2 then 'hintsB'
@hintsGroup = 'hints' if me.isAdmin()
application.tracker.identify hintsGroup: @hintsGroup unless me.isAdmin()
@hintsGroup
2014-12-18 02:55:11 -05:00
getVideoTutorialStylesIndex: (numVideos=0)->
# A/B Testing video tutorial styles
# Not a constant number of videos available (e.g. could be 0, 1, 3, or 4 currently)
return 0 unless numVideos > 0
return me.get('testGroupNumber') % numVideos
hasSubscription: ->
return false unless stripe = @get('stripe')
2015-03-13 18:19:20 -04:00
return true if stripe.sponsorID
return true if stripe.subscriptionID
return true if stripe.free is true
return true if _.isString(stripe.free) and new Date() < new Date(stripe.free)
isPremium: ->
return true if me.isInGodMode()
return true if me.isAdmin()
return true if me.hasSubscription()
return false
isOnPremiumServer: ->
return true if me.get('country') in ['brazil']
return true if me.get('country') in ['china'] and me.isPremium()
return false
isOnFreeOnlyServer: ->
return true if me.get('country') in ['china'] and not me.isPremium()
return false
Improve student account recovery This adds the ability to verify email addresses of a user, so we know they have access to the email address on their account. Until a user has verified their email address, any teacher of a class they're in can reset their password for them via the Teacher Dashboard. When a user's email address is verified, a teacher may trigger a password recovery email to be sent to the student. Verification links are valid forever, until the user changes the email address they have on file. They are created using a timestamp, with a sha256 of timestamp+salt+userID+email. Currently the hash value is rather long, could be shorter. Squashed commit messages: Add server endpoints for verifying email address Add server endpoints for verifying email address (pt 2) Add Server+Client endpoint for sending verification email Add client view for verification links Add Edit Student Modal for resetting passwords Add specs for EditStudentModal Tweak method name in EditStudentModal Add edit student button to TeacherClassView Fix up frontend for teacher password resetting Add middleware for teacher password resetting Improve button UX in EditStudentModal Add JoinClassModal Add welcome emails, use broad name Use email without domain as fallback instead of full email Fetch user on edit student modal open Don't allow password reset if student email is verified Set role to student on user signup with classCode Tweak interface for joinClassModal Add button to request verification email for yourself Fix verify email template ID Move text to en.coffee Minor tweaks Fix code review comments Fix some tests, disable a broken one Fix misc tests Fix more tests Refactor recovery email sending to auth Fix overbroad sass Add options to refactored recovery email function Rename getByCode to fetchByCode Fix error message Fix up error handling in users middleware Use .get instead of .toObject Use findById Fix more code review comments Disable still-broken test
2016-05-11 17:39:26 -04:00
sendVerificationCode: (code) ->
$.ajax({
method: 'POST'
url: "/db/user/#{@id}/verify/#{code}"
success: (attributes) =>
this.set attributes
@trigger 'email-verify-success'
error: =>
@trigger 'email-verify-error'
})
2016-03-09 17:39:40 -05:00
isEnrolled: -> @prepaidStatus() is 'enrolled'
prepaidStatus: -> # 'not-enrolled', 'enrolled', 'expired'
coursePrepaid = @get('coursePrepaid')
return 'not-enrolled' unless coursePrepaid
return 'enrolled' unless coursePrepaid.endDate
return if coursePrepaid.endDate > new Date().toISOString() then 'enrolled' else 'expired'
2016-03-09 17:39:40 -05:00
# Function meant for "me"
spy: (user, options={}) ->
user = user.id or user # User instance, user ID, email or username
options.url = '/auth/spy'
options.type = 'POST'
options.data ?= {}
options.data.user = user
@fetch(options)
stopSpying: (options={}) ->
options.url = '/auth/stop-spying'
options.type = 'POST'
@fetch(options)
2016-03-09 17:39:40 -05:00
logout: (options={}) ->
options.type = 'POST'
options.url = '/auth/logout'
FB?.logout?()
options.success ?= ->
location = _.result(currentView, 'logoutRedirectURL')
if location
window.location = location
else
window.location.reload()
@fetch(options)
2016-06-30 18:32:58 -04:00
signupWithPassword: (name, email, password, options={}) ->
2016-06-30 18:32:58 -04:00
options.url = _.result(@, 'url') + '/signup-with-password'
options.type = 'POST'
options.data ?= {}
_.extend(options.data, {name, email, password})
2016-06-30 18:32:58 -04:00
jqxhr = @fetch(options)
jqxhr.then ->
window.tracker?.trackEvent 'Finished Signup', category: "Signup", label: 'CodeCombat'
return jqxhr
2016-07-18 14:41:18 -04:00
signupWithFacebook: (name, email, facebookID, options={}) ->
2016-06-30 18:32:58 -04:00
options.url = _.result(@, 'url') + '/signup-with-facebook'
options.type = 'POST'
options.data ?= {}
2016-07-18 14:41:18 -04:00
_.extend(options.data, {name, email, facebookID, facebookAccessToken: application.facebookHandler.token()})
2016-06-30 18:32:58 -04:00
jqxhr = @fetch(options)
jqxhr.then ->
window.tracker?.trackEvent 'Facebook Login', category: "Signup", label: 'Facebook'
window.tracker?.trackEvent 'Finished Signup', category: "Signup", label: 'Facebook'
return jqxhr
2016-07-18 14:41:18 -04:00
signupWithGPlus: (name, email, gplusID, options={}) ->
2016-06-30 18:32:58 -04:00
options.url = _.result(@, 'url') + '/signup-with-gplus'
options.type = 'POST'
options.data ?= {}
2016-07-18 14:41:18 -04:00
_.extend(options.data, {name, email, gplusID, gplusAccessToken: application.gplusHandler.token()})
2016-06-30 18:32:58 -04:00
jqxhr = @fetch(options)
jqxhr.then ->
window.tracker?.trackEvent 'Google Login', category: "Signup", label: 'GPlus'
window.tracker?.trackEvent 'Finished Signup', category: "Signup", label: 'GPlus'
return jqxhr
2016-03-09 17:39:40 -05:00
fetchGPlusUser: (gplusID, options={}) ->
options.data ?= {}
options.data.gplusID = gplusID
options.data.gplusAccessToken = application.gplusHandler.token()
@fetch(options)
loginGPlusUser: (gplusID, options={}) ->
options.url = '/auth/login-gplus'
options.type = 'POST'
options.data ?= {}
options.data.gplusID = gplusID
options.data.gplusAccessToken = application.gplusHandler.token()
@fetch(options)
fetchFacebookUser: (facebookID, options={}) ->
options.data ?= {}
options.data.facebookID = facebookID
options.data.facebookAccessToken = application.facebookHandler.token()
@fetch(options)
loginFacebookUser: (facebookID, options={}) ->
options.url = '/auth/login-facebook'
options.type = 'POST'
options.data ?= {}
options.data.facebookID = facebookID
options.data.facebookAccessToken = application.facebookHandler.token()
@fetch(options)
loginPasswordUser: (usernameOrEmail, password, options={}) ->
options.url = '/auth/login'
options.type = 'POST'
options.data ?= {}
_.extend(options.data, { username: usernameOrEmail, password })
@fetch(options)
makeCoursePrepaid: ->
coursePrepaid = @get('coursePrepaid')
return null unless coursePrepaid
Prepaid = require 'models/Prepaid'
return new Prepaid(coursePrepaid)
becomeStudent: (options={}) ->
options.url = '/db/user/-/become-student'
options.type = 'PUT'
@fetch(options)
remainTeacher: (options={}) ->
options.url = '/db/user/-/remain-teacher'
options.type = 'PUT'
@fetch(options)
destudent: (options={}) ->
options.url = _.result(@, 'url') + '/destudent'
options.type = 'POST'
@fetch(options)
deteacher: (options={}) ->
options.url = _.result(@, 'url') + '/deteacher'
options.type = 'POST'
@fetch(options)
2014-11-28 15:11:51 -05:00
tiersByLevel = [-1, 0, 0.05, 0.14, 0.18, 0.32, 0.41, 0.5, 0.64, 0.82, 0.91, 1.04, 1.22, 1.35, 1.48, 1.65, 1.78, 1.96, 2.1, 2.24, 2.38, 2.55, 2.69, 2.86, 3.03, 3.16, 3.29, 3.42, 3.58, 3.74, 3.89, 4.04, 4.19, 4.32, 4.47, 4.64, 4.79, 4.96,
5, 5, 5, 5, 5, 5, 5, 5, 5, 5, 5, 5, 5, 5, 5, 5, 5, 5, 5, 5, 5, 5, 5, 5, 5, 5, 5, 5, 10, 10.5, 11, 11.5, 12, 12.5, 13, 13.5, 14, 14.5, 15
]