Class: Decidim::Authorization
- Inherits:
-
ApplicationRecord
- Object
- ActiveRecord::Base
- ApplicationRecord
- Decidim::Authorization
- Includes:
- HasUploadValidations, RecordEncryptor, Traceable
- Defined in:
- app/models/decidim/authorization.rb
Overview
An authorization is a record that a User has been authorized somehow. Other models in the system can use different kind of authorizations to allow a user to perform actions.
To create an authorization for a user we need to use an AuthorizationHandler that validates the user against a set of rules. An example could be a handler that validates a user email against an API and depending on the response it allows the creation of the authorization or not.
Class Method Summary collapse
Instance Method Summary collapse
- #expired? ⇒ Boolean
-
#expires_at ⇒ Object
Calculates at when this authorization will expire, if it needs to.
- #grant! ⇒ Object
- #granted? ⇒ Boolean
-
#metadata_cell ⇒ Object
Returns a String, the cell to be used to render the metadata.
-
#renewable? ⇒ Boolean
Returns true if the authorization is renewable by the participant.
Methods included from HasUploadValidations
#attached_uploader, #maximum_avatar_size, #maximum_upload_size
Class Method Details
.create_or_update_from(handler) ⇒ Object
33 34 35 36 37 38 39 40 41 42 43 44 45 |
# File 'app/models/decidim/authorization.rb', line 33 def self.create_or_update_from(handler) = find_or_initialize_by( user: handler.user, name: handler.handler_name ) .attributes = { unique_id: handler.unique_id, metadata: handler. } .grant! end |
Instance Method Details
#expired? ⇒ Boolean
80 81 82 |
# File 'app/models/decidim/authorization.rb', line 80 def expired? expires_at.present? && expires_at < Time.current end |
#expires_at ⇒ Object
Calculates at when this authorization will expire, if it needs to.
Returns nil if the authorization does not expire. Returns an ActiveSupport::TimeWithZone if it expires.
73 74 75 76 77 78 |
# File 'app/models/decidim/authorization.rb', line 73 def expires_at return unless workflow_manifest return if workflow_manifest.expires_in.zero? (granted_at || created_at) + workflow_manifest.expires_in end |
#grant! ⇒ Object
47 48 49 |
# File 'app/models/decidim/authorization.rb', line 47 def grant! update!(granted_at: Time.current, verification_metadata: {}, verification_attachment: nil) end |
#granted? ⇒ Boolean
51 52 53 |
# File 'app/models/decidim/authorization.rb', line 51 def granted? !granted_at.nil? end |
#metadata_cell ⇒ Object
Returns a String, the cell to be used to render the metadata
63 64 65 66 67 |
# File 'app/models/decidim/authorization.rb', line 63 def return unless workflow_manifest workflow_manifest. end |
#renewable? ⇒ Boolean
Returns true if the authorization is renewable by the participant
56 57 58 59 60 |
# File 'app/models/decidim/authorization.rb', line 56 def renewable? return unless workflow_manifest workflow_manifest.renewable && renewable_at < Time.current end |