Class: Decidim::Verifications::DefaultActionAuthorizer

Inherits:

Object

Object
Decidim::Verifications::DefaultActionAuthorizer

show all

Defined in:: lib/decidim/verifications/default_action_authorizer.rb

Instance Method Summary collapse

#authorize ⇒ Object

Checks the status of the given authorization.
#initialize(authorization, options, component, resource) ⇒ DefaultActionAuthorizer constructor

Initializes the DefaultActionAuthorizer class.
#redirect_params ⇒ Object

Allow to add params to redirect URLs, to modify forms behaviour based on the authorization process options.

Constructor Details

#initialize(authorization, options, component, resource) ⇒ `DefaultActionAuthorizer`

Initializes the DefaultActionAuthorizer class.

authorization - The existing authorization record to be evaluated. Can be nil. options - A hash with options related only to the current authorization process. component - The component where the authorization is taking place. resource - The resource where the authorization is taking place. Can be nil.

# File 'lib/decidim/verifications/default_action_authorizer.rb', line 14

def initialize(authorization, options, component, resource)
  @authorization = authorization
  @options = options.deep_dup || {} # options hash is cloned to allow changes applied to it without risks
  @component = resource.try(:component) || component
  @resource = resource
end

Instance Method Details

#authorize ⇒ `Object`

Checks the status of the given authorization.

Returns:

first value    - A symbol describing the authorization status.
  ok                - When everything is OK and the user is correctly authorized.
  missing           - When no authorization can be found.
  expired           - The validity time for the given authorization has run out, and
                      needs to be re-validated.
  pending           - When an authorization was found, but is not complete (eg. is
                      waiting for admin manual confirmation).
  unauthorized      - When an authorization was found, but the value of some of its fields
                      is not the expected one (eg. the user is authorized for scope A,
                      but this action is only for users in scope B).
  incomplete        - An authorization was found, but lacks some required fields. User
                      should re-authenticate.
last value     - A hash with information to be shown to the users.
  action            - Translation key to be used in the "authorize" button. A close button will be shown is missing.
  cancel            - If present and true a cancel button will be shown.
  fields            - Wrong fields to be shown. It could be a list of names or a hash with names a current values.
  extra_explanation - Hash with an additional key and params to be translated and shown to the user.

# File 'lib/decidim/verifications/default_action_authorizer.rb', line 43

def authorize
  if !authorization
    [:missing, { action: :authorize }]
  elsif authorization_expired?
    [:expired, { action: :authorize }]
  elsif !authorization.granted?
    [:pending, { action: :resume }]
  elsif unmatched_fields.any?
    [:unauthorized, { fields: unmatched_fields }]
  elsif missing_fields.any?
    [:incomplete, { fields: missing_fields, action: :reauthorize, cancel: true }]
  else
    [:ok, {}]
  end
end

#redirect_params ⇒ `Object`

Allow to add params to redirect URLs, to modify forms behaviour based on the authorization process options.

Returns a hash with keys added to redirect URLs.



64
65
66

# File 'lib/decidim/verifications/default_action_authorizer.rb', line 64

def redirect_params
  {}
end