Class: Decidim::Authorization
- Inherits:
-
ApplicationRecord
- Object
- ActiveRecord::Base
- ApplicationRecord
- Decidim::Authorization
- Includes:
- HasUploadValidations, RecordEncryptor, Traceable
- Defined in:
- decidim-core/app/models/decidim/authorization.rb
Overview
An authorization is a record that a User has been authorized somehow. Other models in the system can use different kind of authorizations to allow a user to perform actions.
To create an authorization for a user we need to use an AuthorizationHandler that validates the user against a set of rules. An example could be a handler that validates a user email against an API and depending on the response it allows the creation of the authorization or not.
Class Method Summary collapse
Instance Method Summary collapse
- #expired? ⇒ Boolean
-
#expires_at ⇒ Object
Calculates at when this authorization will expire, if it needs to.
- #grant! ⇒ Object
- #granted? ⇒ Boolean
-
#metadata_cell ⇒ Object
Returns a String, the cell to be used to render the metadata.
-
#renewable? ⇒ Boolean
Returns true if the authorization is renewable by the participant.
-
#transfer!(handler) ⇒ Decidim::AuthorizationTransfer
Transfers the authorization and data bound to the authorization to the other user provided as an argument.
Methods included from HasUploadValidations
#attached_uploader, #maximum_avatar_size, #maximum_upload_size
Class Method Details
.create_or_update_from(handler) ⇒ Object
34 35 36 37 38 39 40 41 42 43 |
# File 'decidim-core/app/models/decidim/authorization.rb', line 34 def self.create_or_update_from(handler) = find_or_initialize_by( user: handler.user, name: handler.handler_name ) .attributes = handler. .grant! end |
Instance Method Details
#expired? ⇒ Boolean
78 79 80 |
# File 'decidim-core/app/models/decidim/authorization.rb', line 78 def expired? expires_at.present? && expires_at < Time.current end |
#expires_at ⇒ Object
Calculates at when this authorization will expire, if it needs to.
Returns nil if the authorization does not expire. Returns an ActiveSupport::TimeWithZone if it expires.
71 72 73 74 75 76 |
# File 'decidim-core/app/models/decidim/authorization.rb', line 71 def expires_at return unless workflow_manifest return if workflow_manifest.expires_in.zero? (granted_at || created_at) + workflow_manifest.expires_in end |
#grant! ⇒ Object
45 46 47 |
# File 'decidim-core/app/models/decidim/authorization.rb', line 45 def grant! update!(granted_at: Time.current, verification_metadata: {}, verification_attachment: nil) end |
#granted? ⇒ Boolean
49 50 51 |
# File 'decidim-core/app/models/decidim/authorization.rb', line 49 def granted? !granted_at.nil? end |
#metadata_cell ⇒ Object
Returns a String, the cell to be used to render the metadata
61 62 63 64 65 |
# File 'decidim-core/app/models/decidim/authorization.rb', line 61 def return unless workflow_manifest workflow_manifest. end |
#renewable? ⇒ Boolean
Returns true if the authorization is renewable by the participant
54 55 56 57 58 |
# File 'decidim-core/app/models/decidim/authorization.rb', line 54 def renewable? return unless workflow_manifest workflow_manifest.renewable && renewable_at < Time.current end |
#transfer!(handler) ⇒ Decidim::AuthorizationTransfer
Transfers the authorization and data bound to the authorization to the other user provided as an argument.
90 91 92 |
# File 'decidim-core/app/models/decidim/authorization.rb', line 90 def transfer!(handler) Decidim::AuthorizationTransfer.perform!(self, handler) end |