init project

2026-05-04 04:03:25 +08:00 · 2020-03-09 00:40:16 +08:00
commit 2937b2a94d
6549 changed files with 7215173 additions and 0 deletions
--- a/app/models/user.rb
+++ b/app/models/user.rb
@@ -0,0 +1,809 @@
+class User < ApplicationRecord
+  include Watchable
+  include Likeable
+  include BaseModel
+  include ProjectOperable
+  include Searchable::Dependents::User
+
+  # Account statuses
+  STATUS_ANONYMOUS  = 0
+  STATUS_ACTIVE     = 1
+  STATUS_REGISTERED = 2
+  STATUS_LOCKED     = 3
+
+  # tpi tpm权限控制
+  EDU_ADMIN = 1       # 超级管理员
+  EDU_BUSINESS = 2    # 运营人员
+  EDU_SHIXUN_MANAGER = 3 # 实训管理员
+  EDU_SHIXUN_MEMBER = 4  # 实训成员
+  EDU_CERTIFICATION_TEACHER = 5 # 平台认证的老师
+  EDU_GAME_MANAGER = 6     # TPI的创建者
+  EDU_TEACHER = 7 # 平台老师,但是未认证
+  EDU_NORMAL = 8  # 普通用户
+
+  VALID_EMAIL_REGEX = /^[a-zA-Z0-9]+([.\-_\\]*[a-zA-Z0-9])*@([a-z0-9]+[-a-z0-9]*[a-z0-9]+.){1,63}[a-z0-9]+$/i
+  # VALID_PHONE_REGEX = /^1\d{10}$/
+  # 身份证
+  VALID_NUMBER_REGEX = /(^[1-9]\d{5}(18|19|20|(3\d))\d{2}((0[1-9])|(1[0-2]))(([0-2][1-9])|10|20|30|31)\d{3}[0-9Xx]$)|(^([A-Z]\d{6,10}(\(\w{1}\))?)$)/
+
+  LOGIN_LENGTH_LIMIT = 30
+  MAIL_LENGTH_LMIT = 60
+
+  MIX_PASSWORD_LIMIT = 8
+
+  LOGIN_CHARS = %W(2 3 4 5 6 7 8 9 a b c f e f g h i j k l m n o p q r s t u v w x y z).freeze
+
+  # FIX Invalid single-table inheritance type
+  self.inheritance_column = nil
+
+  # educoder: 来自Educoder平台
+  # trustie: 来自Trustie平台
+  # forge: 平台本身注册的用户
+  enum platform: [:forge, :educoder, :trustie]
+
+  belongs_to :laboratory, optional: true
+
+  has_one :user_extension, dependent: :destroy
+  has_many :open_users, dependent: :destroy
+  has_one :wechat_open_user, class_name: 'OpenUsers::Wechat'
+  has_one :qq_open_user, class_name: 'OpenUsers::QQ'
+  accepts_nested_attributes_for :user_extension, update_only: true
+
+  has_many :memos, foreign_key: 'author_id'
+  has_many :created_shixuns, class_name: 'Shixun'
+  has_many :shixun_members, :dependent => :destroy
+  has_many :shixuns, :through => :shixun_members
+  has_many :myshixuns, :dependent => :destroy
+  has_many :games, :dependent => :destroy
+  has_many :study_shixuns, through: :myshixuns, source: :shixun   # 已学习的实训
+  has_many :course_messages
+  has_many :courses, foreign_key: 'tea_id', dependent: :destroy
+  has_many :versions
+  has_many :issue_times, :dependent => :destroy
+
+  #试卷
+  has_many :exercise_banks, :dependent => :destroy
+  has_many :exercise_users, :dependent => :destroy
+  has_many :exercise_answers, :dependent => :destroy  #针对每个题目学生的答案
+  has_many :exercise_shixun_answers, :dependent => :destroy  #针对每个实训题目学生的答案
+  has_many :exercise_answer_comments, :dependent => :destroy
+  has_many :exercises, :dependent => :destroy  #创建的试卷
+
+  has_many :homework_banks, dependent: :destroy
+
+  has_many :graduation_works, dependent: :destroy
+
+  has_many :students_for_courses, foreign_key: :student_id, dependent: :destroy
+  has_one :onclick_time, :dependent => :destroy
+
+  # 新版私信
+  has_many :private_messages, dependent: :destroy
+  has_many :recent_contacts, through: :private_messages, source: :target
+  has_many :tidings, :dependent => :destroy
+
+  has_many :games, :dependent => :destroy
+  has_many :created_subjects, foreign_key: :user_id, class_name: 'Subject'
+  has_many :subject_members, :dependent => :destroy
+  has_many :subjects, :through => :subject_members
+  has_many :grades, :dependent => :destroy
+  has_many :experiences, :dependent => :destroy
+  has_many :student_works, :dependent => :destroy
+  has_many :student_works_scores
+  has_many :student_works_evaluation_distributions
+
+  # 毕业设计
+  has_many :graduation_topics, :dependent => :destroy
+  has_many :student_graduation_topics, :dependent => :destroy
+
+  # 题库
+  has_many :question_banks, :dependent => :destroy
+  # 毕设任务题库
+  has_many :gtask_banks, dependent: :destroy
+  has_many :gtopic_banks, dependent: :destroy
+
+  #问卷
+  has_many :course_members, :dependent => :destroy
+  has_many :poll_votes, :dependent => :destroy
+  has_many :poll_users, :dependent => :destroy
+
+  has_many :messages,foreign_key: 'author_id',:dependent => :destroy
+
+  has_many :journals_for_messages, :as => :jour, :dependent => :destroy
+  has_many :teacher_course_groups, :dependent => :destroy
+
+  has_many :attachments,foreign_key: :author_id, :dependent => :destroy
+
+  # 工程认证
+  has_many :ec_school_users,:dependent => :destroy
+  has_many :schools, :through => :ec_school_users
+
+  has_many :ec_major_school_users, :dependent => :destroy
+  has_many :ec_major_schools, :through => :ec_major_school_users
+
+  has_many :ec_course_users
+
+  has_many :department_members, dependent: :destroy #部门管理员
+
+  # 课堂
+  has_many :student_course_members, -> { course_students }, class_name: 'CourseMember'
+  has_many :as_student_courses, through: :student_course_members, source: :course
+  has_many :manage_course_members, -> { teachers_and_admin }, class_name: 'CourseMember'
+  has_many :manage_courses, through: :manage_course_members, source: :course
+
+  # 关注
+  has_many :be_watchers, foreign_key: :user_id, dependent: :destroy # 我的关注
+  has_many :be_watcher_users, through: :be_watchers, dependent: :destroy # 我关注的用户
+
+  # 认证
+  has_many :apply_user_authentication
+  has_one :process_real_name_apply, -> { processing.real_name_auth.order(created_at: :desc) }, class_name: 'ApplyUserAuthentication'
+  has_one :process_professional_apply, -> { processing.professional_auth.order(created_at: :desc) }, class_name: 'ApplyUserAuthentication'
+  has_many :apply_actions, dependent: :destroy
+  has_many :trail_auth_apply_actions, -> { where(container_type: 'TrialAuthorization') }, class_name: 'ApplyAction'
+
+  has_many :attendances
+
+  # 兴趣
+  has_many :user_interests, dependent: :delete_all
+  has_many :interests, through: :user_interests, source: :repertoire
+
+  # 众包
+  has_many :project_packages, foreign_key: :creator_id, dependent: :destroy
+  has_many :bidding_users, dependent: :destroy
+  has_many :bidden_project_packages, through: :bidding_users, source: :project_package
+
+  # 项目
+  has_many :applied_projects, dependent: :destroy
+
+  has_many :projects, dependent: :destroy
+  has_many :repositories, dependent: :destroy
+
+  # 教学案例
+  has_many :libraries, dependent: :destroy
+
+  # 视频
+  has_many :videos, dependent: :destroy
+
+  # 客户管理
+  has_many :partner_managers, dependent: :destroy
+  # OJ编程题
+  has_many :hacks, dependent: :destroy
+  has_many :hack_user_lastest_codes, dependent: :destroy
+
+  has_many :composes, dependent: :destroy
+  has_many :compose_users, dependent: :destroy
+
+  has_many :project_trends, dependent: :destroy
+  # 题库
+  has_many :item_banks, dependent: :destroy
+  has_many :item_baskets,  -> { order("item_baskets.position ASC") }, dependent: :destroy
+  has_many :examination_banks, dependent: :destroy
+  has_many :examination_intelligent_settings, dependent: :destroy
+
+  # Groups and active users
+  scope :active, lambda { where(status: STATUS_ACTIVE) }
+  scope :like, lambda { |keywords|
+    where("LOWER(concat(lastname, firstname, login)) LIKE ?", "%#{keywords.split(" ").join('|')}%") unless keywords.blank?
+  }
+
+  attr_accessor :password, :password_confirmation
+
+  delegate :gender, :department_id, :school_id, :location, :location_city, :technical_title, to: :user_extension, allow_nil: true
+
+  before_save :update_hashed_password
+  after_create do
+    SyncTrustieJob.perform_later("user", 1) if allow_sync_to_trustie?
+  end
+
+  #
+  # validations
+  #
+  validates :platform, inclusion: { in: %w(forge educoder trustie) }
+  validates_presence_of :login, :if => Proc.new { |user| !user.is_a?(AnonymousUser) }, case_sensitive: false
+  validates_uniqueness_of :login, :if => Proc.new { |user| user.login_changed? && user.login.present? }, case_sensitive: false
+  validates_uniqueness_of :mail, :if => Proc.new { |user| user.mail_changed? && user.mail.present? }, case_sensitive: false
+  # validates_uniqueness_of :phone, :if => Proc.new { |user| user.phone_changed? && user.phone.present? }, case_sensitive: false
+  validates_length_of :login, maximum: LOGIN_LENGTH_LIMIT
+  validates_length_of :mail, maximum: MAIL_LENGTH_LMIT
+  validate :validate_sensitive_string
+  validate :validate_password_length
+
+  # 删除自动登录的token，一旦退出下次会提示需要登录
+  def delete_autologin_token(value)
+    Token.where(:user_id => id, :action => 'autologin', :value => value).delete_all
+  end
+
+  def delete_session_token(value)
+    Token.where(:user_id => id, :action => 'session', :value => value).delete_all
+  end
+
+  def git_mail
+    mail.blank? ? "#{login}@educoder.net" : mail
+  end
+
+  def project_manager?(project)
+    project.manager_members.exists?(user: self) || self.admin?
+  end
+
+  # 学号
+  def student_id
+    self.user_extension.try(:student_id)
+  end
+
+  # 关注数
+  def follow_count
+    Watcher.where(user_id: id, watchable_type: %w(Principal User)).count
+    # User.watched_by(id).count
+  end
+
+  # 粉丝数
+  def fan_count
+    Watcher.where(watchable_type: %w(Principal User), watchable_id: id).count
+    # watchers.count
+  end
+
+  # 判断当前用户是否为老师
+  def is_teacher?
+    self.user_extension.teacher?
+  end
+
+  # 平台认证的老师
+  def is_certification_teacher
+    self.user_extension.teacher? && self.professional_certification
+  end
+
+  def certification_teacher?
+    professional_certification? && user_extension.teacher?
+  end
+
+  # 判断用户的身份
+  def identity
+    ue = self.user_extension
+    unless ue.blank?
+      if ue.teacher?
+        ue.technical_title ? ue.technical_title : "老师"
+      elsif ue.student?
+        "学生"
+      else
+        ue.technical_title ? ue.technical_title : "专业人士"
+      end
+    end
+  end
+
+  # 实名认证状态
+  def auth_status
+    status = if authentication
+              "已认证"
+            elsif process_real_name_apply.present?
+              "待审核"
+            else
+              "未认证"
+            end
+  end
+
+  # 职业认证状态
+  def pro_status
+    status = if professional_certification
+               "已认证"
+             elsif process_professional_apply.present?
+               "待审核"
+             else
+               "未认证"
+             end
+  end
+
+  # 判断当前用户是否通过职业认证
+  def pro_certification?
+    professional_certification
+  end
+
+  # 学校所在的地区
+  def school_province
+    user_extension&.school&.province || ''
+  end
+
+  # 用户的学校名称
+  def school_name
+    user_extension&.school&.name || ''
+  end
+
+  # 用户的学院名称
+  def department_name
+    user_extension&.department&.name || ''
+  end
+
+  # 课堂的所有身份
+  def course_role course
+    course.course_members.where(user_id: id).pluck(:role)
+  end
+
+  # 课堂的老师(创建者、老师、助教)
+  def teacher_of_course?(course)
+    course.course_members.exists?(user_id: id, role: [1,2,3], is_active: 1) || admin? || business?
+  end
+
+  # 课堂的老师(创建者、老师、助教)，不考虑超管和运营人员
+  def none_admin_teacher_of_course?(course)
+    course.course_members.exists?(user_id: id, role: [1,2,3], is_active: 1)
+  end
+
+  # 课堂的老师(创建者、老师、助教)，不用考虑当前身份
+  def teacher_of_course_non_active?(course)
+    course.course_members.exists?(user_id: id, role: [1,2,3])
+  end
+
+  # 是否是教师，课堂管理员或者超级管理员
+  def teacher_or_admin?(course)
+    course.course_members.exists?(user_id: id, role: [1,2], is_active: 1) || admin? || business?
+  end
+
+  # 课堂的创建者(考虑到多重身份的用户)
+  def creator_of_course?(course)
+    course.course_members.exists?(user_id: id, role: 1, is_active: 1) || admin? || business?
+  end
+
+  # 课堂的学生
+  def student_of_course?(course)
+    course.course_members.exists?(user_id: id, role: %i[STUDENT], is_active: 1)
+  end
+
+  # 课堂成员
+  def member_of_course?(course)
+    course&.course_members.exists?(user_id: id)
+  end
+
+  # 实训路径管理员
+  def creator_of_subject?(subject)
+    subject.user_id == id || admin?
+  end
+
+  # 实训路径：合作者、admin
+  def manager_of_subject?(subject)
+    subject.subject_members.exists?(user_id: id, role: [1,2]) || admin? || business?
+  end
+
+  # 实训管理员：实训合作者、admin
+  def manager_of_shixun?(shixun)
+    logger.info("############id: #{id}")
+     shixun.shixun_members.exists?(role: [1,2], user_id: id) || admin? || business?
+  end
+
+  # 实训管理员
+  def creator_of_shixun?(shixun)
+    id == shixun.user_id
+  end
+
+  # 实训的合作者
+  def member_of_shixun?(shixun)
+    #self.shixun_members.where(:role => 2, :shixun_id => shixun.id).present?
+    shixun.shixun_members.exists?(role: 2, user_id: id)
+  end
+
+  # TPI的创建者
+  def creator_of_game?(game)
+    id == game.user_id
+  end
+
+  # 用户账号状态
+  def active?
+    status == STATUS_ACTIVE
+  end
+
+  def registered?
+    status == STATUS_REGISTERED
+  end
+
+  def locked?
+    status == STATUS_LOCKED
+  end
+
+  def activate
+    self.status = STATUS_ACTIVE
+  end
+
+  def register
+    self.status = STATUS_REGISTERED
+  end
+
+  def lock
+    self.status = STATUS_LOCKED
+  end
+
+  def activate!
+    update_attribute(:status, STATUS_ACTIVE)
+  end
+
+  def register!
+    update_attribute(:status, STATUS_REGISTERED)
+  end
+
+  def lock!
+    update_attribute(:status, STATUS_LOCKED)
+  end
+
+  # 课程用户身份
+  def course_identity(course)
+    if !logged?
+      Course::Anonymous
+    elsif admin?
+      Course::ADMIN
+    elsif business?
+      Course::BUSINESS
+    else
+      role = course&.course_members&.find_by(user_id: id, is_active: 1)&.role
+      case role
+      when nil                   then Course::NORMAL
+      when 'CREATOR'             then Course::CREATOR
+      when 'PROFESSOR'           then Course::PROFESSOR
+      when 'STUDENT'             then Course::STUDENT
+      when 'ASSISTANT_PROFESSOR' then Course::ASSISTANT_PROFESSOR
+      end
+    end
+  end
+
+  # 实训用户身份
+  def shixun_identity(shixun)
+    @identity =
+        if admin?
+          User::EDU_ADMIN
+        elsif business?
+          User::EDU_BUSINESS
+        elsif creator_of_shixun?(shixun)
+          User::EDU_SHIXUN_MANAGER
+        elsif member_of_shixun?(shixun)
+          User::EDU_SHIXUN_MEMBER
+        elsif is_certification_teacher
+          User::EDU_CERTIFICATION_TEACHER
+        elsif is_teacher?
+          User::EDU_TEACHER
+        else
+          User::EDU_NORMAL
+        end
+    return @identity
+  end
+
+  # tpi的用户身份
+  def game_identity(game)
+    shixun = game.myshixun.shixun
+    @identity =
+        if admin?
+          User::EDU_ADMIN
+        elsif business?
+          User::EDU_BUSINESS
+        elsif creator_of_shixun?(shixun)
+          User::EDU_SHIXUN_MANAGER
+        elsif member_of_shixun?(shixun)
+          User::EDU_SHIXUN_MEMBER
+        elsif is_certification_teacher
+          User::EDU_CERTIFICATION_TEACHER
+        elsif creator_of_game?(game)
+          User::EDU_GAME_MANAGER
+        elsif is_teacher?
+          User::EDU_TEACHER
+        else
+          User::EDU_NORMAL
+        end
+    return @identity
+  end
+
+  # 我的实训
+  def my_shixuns
+    shixun_ids = shixun_members.pluck(:shixun_id) + myshixuns.pluck(:shixun_id)
+    Shixun.where(:id => shixun_ids).visible
+  end
+
+  # 用户是否有权限查看实训
+  # 1、实训删除只有管理员能看到
+  # 2、实训隐藏了只有管理员、实训合作者能看到
+  # 3、如果有限制学校范围，则学校的用户、管理员、实训合作者能看到
+  def shixun_permission(shixun)
+    case shixun.status
+    when -1 # 软删除只有管理员能访问
+      admin?
+    when 0, 1, 3 # 申请发布或者已关闭的实训，只有实训管理员可以访问
+      manager_of_shixun?(shixun)
+    when 2
+      if shixun.hidden
+        manager_of_shixun?(shixun)
+      else
+        shixun.use_scope == 0  || manager_of_shixun?(shixun) || shixun.shixun_schools.exists?(school_id: school_id)
+      end
+    end
+  end
+
+  # 用户在平台名称的显示方式
+  def full_name
+    return '游客' unless logged?
+
+    name = show_realname? ? lastname + firstname : nickname
+    name.blank? ? (nickname.blank? ? login : nickname) : name
+  end
+
+  # 用户的真实姓名（不考虑用户是否隐藏了真实姓名，课堂模块都用真实姓名）
+  def real_name
+    return '游客' unless logged?
+    name = lastname + firstname
+    name = name.blank? ? (nickname.blank? ? login : nickname) : name
+    name.gsub(/\s+/, '').strip    #6.11 -hs
+  end
+
+  def only_real_name
+    "#{lastname}#{firstname}"
+  end
+
+  # 用户是否选题毕设课题
+  def selected_topic?(topic)
+    student_graduation_topics.where(graduation_topic_id: topic.id).last.try(:status)
+  end
+
+  def click_time
+    click_time = OnclickTime.find_by(user_id: id) || OnclickTime.create(user_id: id, onclick_time: created_on)
+    click_time.onclick_time
+  end
+
+  def manager_of_memo?(memo)
+    id == memo.author_id || admin? || business?
+  end
+
+  # 是否是项目管理者
+  def manager_of_project?(project)
+    project.project_members.where(user_id: id).count > 0
+  end
+
+  def logged?
+    true
+  end
+
+  def active?
+    status == STATUS_ACTIVE
+  end
+
+  def locked?
+    status == STATUS_LOCKED
+  end
+
+  def phone_binded?
+    phone.present?
+  end
+
+  def email_binded?
+    mail.present?
+  end
+
+  # def self.current=(user)
+  #   Thread.current[:current_user] = user
+  # end
+  #
+  # def self.current
+  #   Thread.current[:current_user] ||= User.anonymous
+  # end
+
+  def self.current=(user)
+    RequestStore.store[:current_user] = user
+  end
+
+  def self.current
+    RequestStore.store[:current_user] ||= User.anonymous
+  end
+
+  def self.anonymous
+    anonymous_user = AnonymousUser.unscoped.take
+    if anonymous_user.nil?
+      anonymous_user = AnonymousUser.unscoped.create(lastname: 'Anonymous', firstname: '', login: '',
+                                                     mail: '358551897@qq.com', phone: '13333333333', status: 0, platform: User.platforms[:forge])
+      raise "Unable to create the anonymous user： error_info:#{anonymous_user.errors.messages}" if anonymous_user.new_record?
+    end
+    anonymous_user
+  end
+
+  # Returns the user who matches the given autologin +key+ or nil
+  def self.try_to_autologin(key)
+    user = Token.find_active_user('autologin', key)
+    user.update(last_login_on: Time.now) if user
+    user
+  end
+
+  def self.hash_password(clear_password)
+    Digest::SHA1.hexdigest(clear_password || "")
+  end
+
+  def check_password?(clear_password)
+    # Preventing Timing Attack
+    ActiveSupport::SecurityUtils.secure_compare(
+      User.hash_password("#{salt}#{User.hash_password clear_password}"),
+      hashed_password
+    )
+  end
+
+  # 工程认证的学校
+  def ec_school
+    school_id = self.ec_school_users.pluck(:school_id).first ||
+        self.ec_major_schools.pluck(:school_id).first ||
+        (self.ec_course_users.first && self.ec_course_users.first.try(:ec_course).try(:ec_year).try(:ec_major_school).try(:school_id))
+  end
+
+  # 登录，返回用户名与密码匹配的用户
+  def self.try_to_login(login, password)
+    login = login.to_s.strip
+    password = password.to_s
+
+    # Make sure no one can sign in with an empty login or password
+    return nil if login.empty? || password.empty?
+    if (login =~ VALID_EMAIL_REGEX)
+      user = find_by_mail(login)
+    elsif (login =~ VALID_PHONE_REGEX)
+      user = find_by_phone(login)
+    else
+      user = find_by_login(login)
+    end
+
+    user
+  rescue => text
+    raise text
+  end
+
+  def show_real_name
+    name = lastname + firstname
+    if name.blank?
+      nickname.blank? ? login : nickname
+    else
+      name
+    end
+  end
+
+  def update_hashed_password
+    if password
+      salt_password(password)
+    end
+  end
+
+  def salt_password(clear_password)
+    self.salt = User.generate_salt
+    self.hashed_password = User.hash_password("#{salt}#{User.hash_password clear_password}")
+  end
+
+  def self.generate_salt
+    Educoder::Utils.random_hex(16)
+  end
+
+  # 全部已认证
+  def all_certified?
+    authentication? && professional_certification?
+  end
+
+  # 是否绑定邮箱
+  def email_binded?
+    mail.present?
+  end
+
+  # 手机号：123***123
+  def hidden_phone
+    Util.conceal(phone, :phone).to_s
+  end
+
+  # 邮箱：w***l@qq.com
+  def hidden_mail
+    Util.conceal(mail, :email).to_s
+  end
+
+  # 学院的url标识
+  def college_identifier
+    Department.find_by_id(department_members.pluck(:department_id).first)&.identifier
+  end
+
+  # 是否能申请试用
+  def can_apply_trial?
+    return false if certification == 1
+
+    apply = ApplyAction.order(created_at: :desc).find_by(user_id: id, container_type: 'TrialAuthorization')
+
+    apply.present? && !apply.status.zero?
+  end
+
+  # 是否已经签到
+  def attendance_signed?
+    attendance = Attendance.find_by(user_id: id)
+
+    attendance.present? && Util.days_between(Time.zone.now, attendance.created_at).zero?
+  end
+
+  # 明日签到金币
+  def tomorrow_attendance_gold
+    Attendance.find_by(user_id: id)&.next_gold || 60  # 基础50，连续签到+10
+  end
+
+  def admin_or_business?
+    admin? || business?
+  end
+
+  def self.generate_login(prefix)
+    login = prefix + LOGIN_CHARS.sample(8).join('')
+    while User.exists?(login: login)
+      login = prefix + LOGIN_CHARS.sample(8).join('')
+    end
+
+    login
+  end
+
+  def bind_open_user?(type)
+    case type
+    when 'wechat' then wechat_open_user.present?
+    when 'qq' then qq_open_user.present?
+    else false
+    end
+  end
+
+  def reset_login_times!
+    LimitForbidControl::UserLogin.new(self).clear
+  end
+
+  def from_sub_site?
+    laboratory_id.present? && laboratory_id != 1
+  end
+
+  protected
+  def validate_password_length
+    # 管理员的初始密码是5位
+    if password.present? && password.size < MIX_PASSWORD_LIMIT && !User.current.admin?
+      raise("密码长度不能低于#{MIX_PASSWORD_LIMIT}位")
+    end
+
+    if password.present? && password.size > 16
+      raise('密码长度不能超过16位')
+    end
+  end
+
+  def validate_sensitive_string
+    raise("真实姓名包含敏感词汇，请重新输入") if lastname && !HarmoniousDictionary.clean?(lastname)
+    raise("昵称包含敏感词汇，请重新输入") if nickname && !HarmoniousDictionary.clean?(nickname)
+  end
+
+  def set_laboratory
+    return unless new_record?
+
+    self.laboratory = Laboratory.current if laboratory_id.blank?
+  end
+end
+
+
+class AnonymousUser < User
+  validate :validate_anonymous_uniqueness, :on => :create
+
+  def validate_anonymous_uniqueness
+    # There should be only one AnonymousUser in the database
+    errors.add :base, 'An anonymous user already exists.' if AnonymousUser.exists?
+  end
+
+  def available_custom_fields
+    []
+  end
+
+  # Overrides a few properties
+  def logged?; false end
+  def admin; false end
+  def name(*args); I18n.t(:label_user_anonymous) end
+  # def mail=(*args); nil end
+  # def mail; nil end
+  def time_zone; nil end
+  def rss_key; nil end
+
+
+  def membership(*args)
+    nil
+  end
+
+  def member_of?(*args)
+    false
+  end
+
+  # Anonymous user can not be destroyed
+  def destroy
+    false
+  end
+
+  protected
+
+  def instantiate_email_address
+  end
+
+end