Class: Decidim::DecidimAwesome::UserGrantedAuthorizationsService

Inherits:

Object

• Object
• Decidim::DecidimAwesome::UserGrantedAuthorizationsService

Defined in:

app/services/decidim/decidim_awesome/user_granted_authorizations_service.rb

Instance Attribute Summary

• #available_handlers ⇒ Object readonly

  Returns the value of attribute available_handlers.

• #organization ⇒ Object readonly

  Returns the value of attribute organization.

• #user ⇒ Object readonly

  Returns the value of attribute user.

Instance Method Summary

• #all_handlers ⇒ Object

  Returns a hash with all the authorization handlers enabled in the organization defined in the force_authorizations config var and their status for the user { “key” => { “handler_name” => { “options” => …} } }.

• #component_with_invisible_resources ⇒ Object

  Returns a list of components ids which resources are invisible because authorization is not granted in that context.

• #granted_handlers ⇒ Object

  Returns a hash with only the authorization handlers enabled in the organization defined in the force_authorizations config var and granted for the user { “key” => { “handler_name” => { “options” => …} } }.

• #initialize(organization, user) ⇒ UserGrantedAuthorizationsService constructor

  A new instance of UserGrantedAuthorizationsService.

• #non_granted_handlers ⇒ Object
• #spaces_with_invisible_components ⇒ Object

  Returns a list of components that are invisible because authorization is not granted in that context.

• #user_authorizations ⇒ Object

Constructor Details

#initialize(organization, user) ⇒ UserGrantedAuthorizationsService

Returns a new instance of UserGrantedAuthorizationsService.

# File 'app/services/decidim/decidim_awesome/user_granted_authorizations_service.rb', line 6

def initialize(organization, user)
  @organization = organization
  @user = user
  @available_handlers = organization.available_authorizations & Decidim.authorization_workflows.map(&:name)
end

Instance Attribute Details

#available_handlers ⇒ Object (readonly)

Returns the value of attribute available_handlers.

# File 'app/services/decidim/decidim_awesome/user_granted_authorizations_service.rb', line 12

def available_handlers
  @available_handlers
end

#organization ⇒ Object (readonly)

Returns the value of attribute organization.

# File 'app/services/decidim/decidim_awesome/user_granted_authorizations_service.rb', line 12

def organization
  @organization
end

#user ⇒ Object (readonly)

Returns the value of attribute user.

# File 'app/services/decidim/decidim_awesome/user_granted_authorizations_service.rb', line 12

def user
  @user
end

Instance Method Details

#all_handlers ⇒ Object

Returns a hash with all the authorization handlers enabled in the organization defined in the force_authorizations config var and their status for the user { “key” => { “handler_name” => { “options” => …} } }

# File 'app/services/decidim/decidim_awesome/user_granted_authorizations_service.rb', line 42

def all_handlers
  @all_handlers ||= AwesomeConfig.find_by(organization:, var: "force_authorizations")&.value&.filter_map do |key, group|
    handlers = group&.fetch("authorization_handlers", {})&.filter do |handler, _options|
      available_handlers.include?(handler)
    end
    next if handlers.blank?

    [key, handlers]
  end.to_h
end

#component_with_invisible_resources ⇒ Object

Returns a list of components ids which resources are invisible because authorization is not granted in that context

# File 'app/services/decidim/decidim_awesome/user_granted_authorizations_service.rb', line 54

def component_with_invisible_resources
  @components_with_invisible_resources ||= constraints_with_invisible_resources.filter_map do |constraint|
    component_manifest = constraint.settings["component_manifest"]
    component_id = constraint.settings["component_id"]

    where = {}
    where[:manifest_name] = component_manifest if component_manifest.present?
    where[:id] = component_id if component_id.present?

    space_manifest = constraint.settings["participatory_space_manifest"]
    space_slug = constraint.settings["participatory_space_slug"]

    space_query = space_query_for(space_manifest, space_slug)
    where[:participatory_space] = space_query if space_query

    organization.published_components.where(where)
  end
end

#granted_handlers ⇒ Object

Returns a hash with only the authorization handlers enabled in the organization defined in the force_authorizations config var and granted for the user { “key” => { “handler_name” => { “options” => …} } }

# File 'app/services/decidim/decidim_awesome/user_granted_authorizations_service.rb', line 21

def granted_handlers
  @granted_handlers ||= all_handlers.filter_map do |key, group|
    # all handlers in the group must be granted
    next if (group.keys - user_authorizations).any?

    [key, group]
  end.to_h
end

#non_granted_handlers ⇒ Object

# File 'app/services/decidim/decidim_awesome/user_granted_authorizations_service.rb', line 30

def non_granted_handlers
  @non_granted_handlers ||= all_handlers.filter_map do |key, group|
    # at least one handler in the group must not be granted
    next if (group.keys - user_authorizations).empty?

    [key, group]
  end.to_h
end

#spaces_with_invisible_components ⇒ Object

Returns a list of components that are invisible because authorization is not granted in that context

# File 'app/services/decidim/decidim_awesome/user_granted_authorizations_service.rb', line 74

def spaces_with_invisible_components
  @spaces_with_invisible_components ||= constraints_with_invisible_components.filter_map do |constraint|
    space_manifest = constraint.settings["participatory_space_manifest"]
    space_slug = constraint.settings["participatory_space_slug"]

    space_query_for(space_manifest, space_slug)
  end
end

#user_authorizations ⇒ Object

# File 'app/services/decidim/decidim_awesome/user_granted_authorizations_service.rb', line 14

def user_authorizations
  @user_authorizations ||= Decidim::Authorization.where(user:, name: available_handlers).where.not(granted_at: nil).pluck(:name)
end