Class: DummyAuthorizationHandler::DummyActionAuthorizer

Inherits:

Decidim::Verifications::DefaultActionAuthorizer

Object
Decidim::Verifications::DefaultActionAuthorizer
DummyAuthorizationHandler::DummyActionAuthorizer

show all

Defined in:: decidim-generators/lib/decidim/generators/app_templates/dummy_authorization_handler.rb

Overview

If you need custom authorization logic, you can implement your own action authorizer. In this case, it allows to set a list of valid postal codes for an authorization.

Instance Attribute Summary collapse

#allowed_postal_codes ⇒ Object readonly

Returns the value of attribute allowed_postal_codes.

Instance Method Summary collapse

#authorize ⇒ Object

Overrides the parent class method, but it still uses it to keep the base behavior.
#redirect_params ⇒ Object

Adds the list of allowed postal codes to the redirect URL, to allow forms to inform about it.

Methods inherited from Decidim::Verifications::DefaultActionAuthorizer

#initialize

Constructor Details

This class inherits a constructor from Decidim::Verifications::DefaultActionAuthorizer

Instance Attribute Details

#allowed_postal_codes ⇒ `Object` (readonly)

Returns the value of attribute allowed_postal_codes.



77
78
79

# File 'decidim-generators/lib/decidim/generators/app_templates/dummy_authorization_handler.rb', line 77

def allowed_postal_codes
  @allowed_postal_codes
end

Instance Method Details

#authorize ⇒ `Object`

Overrides the parent class method, but it still uses it to keep the base behavior

# File 'decidim-generators/lib/decidim/generators/app_templates/dummy_authorization_handler.rb', line 80

def authorize
  # Remove the additional setting from the options hash to avoid to be considered missing.
  @allowed_postal_codes ||= options.delete("allowed_postal_codes")&.split(/[\W,;]+/)

  status_code, data = *super

  extra_explanations = []
  if allowed_postal_codes.present?
    # Does not authorize users with different postal codes
    status_code = :unauthorized if status_code == :ok && disallowed_user_postal_code

    # Adds an extra message for inform the user the additional restriction for this authorization
    if disallowed_user_postal_code
      if user_postal_code
        i18n_postal_codes_key = "extra_explanation.user_postal_codes"
        user_postal_code_params = { user_postal_code: }
      else
        i18n_postal_codes_key = "extra_explanation.postal_codes"
        user_postal_code_params = {}
      end

      extra_explanations << { key: i18n_postal_codes_key,
                              params: { scope: "decidim.verifications.dummy_authorization",
                                        count: allowed_postal_codes.count,
                                        postal_codes: allowed_postal_codes.join(", ") }.merge(user_postal_code_params) }
    end
  end

  data[:extra_explanation] = extra_explanations if extra_explanations.any?

  [status_code, data]
end

#redirect_params ⇒ `Object`

Adds the list of allowed postal codes to the redirect URL, to allow forms to inform about it



114
115
116

# File 'decidim-generators/lib/decidim/generators/app_templates/dummy_authorization_handler.rb', line 114

def redirect_params
  { postal_codes: allowed_postal_codes&.join(",") }.merge(user_metadata_params)
end