Class: DummyAuthorizationHandler::DummyActionAuthorizer

Inherits:
Decidim::Verifications::DefaultActionAuthorizer
  • Object
show all
Defined in:
lib/decidim/generators/app_templates/dummy_authorization_handler.rb

Overview

If you need custom authorization logic, you can implement your own action authorizer. In this case, it allows to set a list of valid postal codes for an authorization.

Instance Attribute Summary collapse

Instance Method Summary collapse

Instance Attribute Details

#allowed_postal_codesObject (readonly)

Returns the value of attribute allowed_postal_codes.



89
90
91
 
# File 'lib/decidim/generators/app_templates/dummy_authorization_handler.rb', line 89

def allowed_postal_codes
  @allowed_postal_codes
end

#allowed_scope_idObject (readonly)

Returns the value of attribute allowed_scope_id.



89
90
91
 
# File 'lib/decidim/generators/app_templates/dummy_authorization_handler.rb', line 89

def allowed_scope_id
  @allowed_scope_id
end

Instance Method Details

#authorizeObject

Overrides the parent class method, but it still uses it to keep the base behavior



92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
 
# File 'lib/decidim/generators/app_templates/dummy_authorization_handler.rb', line 92

def authorize
  # Remove the additional setting from the options hash to avoid to be considered missing.
  @allowed_postal_codes ||= options.delete("allowed_postal_codes")&.split(/[\W,;]+/)
  @allowed_scope_id ||= options.delete("allowed_scope_id")&.to_i

  status_code, data = *super

  extra_explanations = []
  if allowed_postal_codes.present?
    # Does not authorize users with different postal codes
    status_code = :unauthorized if status_code == :ok && disallowed_user_postal_code

    # Adds an extra message for inform the user the additional restriction for this authorization
    if disallowed_user_postal_code
      if user_postal_code
        i18n_postal_codes_key = "extra_explanation.user_postal_codes"
        user_postal_code_params = { user_postal_code: }
      else
        i18n_postal_codes_key = "extra_explanation.postal_codes"
        user_postal_code_params = {}
      end

      extra_explanations << { key: i18n_postal_codes_key,
                              params: { scope: "decidim.verifications.dummy_authorization",
                                        count: allowed_postal_codes.count,
                                        postal_codes: allowed_postal_codes.join(", ") }.merge(user_postal_code_params) }
    end
  end

  if allowed_scope.present?
    # Does not authorize users with different scope
    status_code = :unauthorized if status_code == :ok && disallowed_user_user_scope

    # Adds an extra message to inform the user about additional restrictions for this authorization
    if disallowed_user_user_scope
      if user_scope_id
        i18n_scope_key = "extra_explanation.user_scope"
        user_scope_params = { user_scope_name: }
      else
        i18n_scope_key = "extra_explanation.scope"
        user_scope_params = {}
      end

      extra_explanations << { key: i18n_scope_key,
                              params: { scope: "decidim.verifications.dummy_authorization",
                                        scope_name: allowed_scope.name[I18n.locale.to_s] }.merge(user_scope_params) }
    end
  end

  data[:extra_explanation] = extra_explanations if extra_explanations.any?

  [status_code, data]
end

#redirect_paramsObject

Adds the list of allowed postal codes and scope to the redirect URL, to allow forms to inform about it



147
148
149
 
# File 'lib/decidim/generators/app_templates/dummy_authorization_handler.rb', line 147

def redirect_params
  { postal_codes: allowed_postal_codes&.join(","), scope: allowed_scope_id }.merge(user_metadata_params)
end