Class: Decidim::Authorization

Inherits:
ApplicationRecord show all
Includes:
HasUploadValidations, Traceable
Defined in:
app/models/decidim/authorization.rb

Overview

An authorization is a record that a User has been authorized somehow. Other models in the system can use different kind of authorizations to allow a user to perform actions.

To create an authorization for a user we need to use an AuthorizationHandler that validates the user against a set of rules. An example could be a handler that validates a user email against an API and depending on the response it allows the creation of the authorization or not.

Class Method Summary collapse

Instance Method Summary collapse

Methods included from HasUploadValidations

#maximum_avatar_size, #maximum_upload_size

Class Method Details

.create_or_update_from(handler) ⇒ Object



29
30
31
32
33
34
35
36
37
38
39
40
41
# File 'app/models/decidim/authorization.rb', line 29

def self.create_or_update_from(handler)
  authorization = find_or_initialize_by(
    user: handler.user,
    name: handler.handler_name
  )

  authorization.attributes = {
    unique_id: handler.unique_id,
    metadata: handler.
  }

  authorization.grant!
end

Instance Method Details

#expired?Boolean

Returns:

  • (Boolean)


78
79
80
# File 'app/models/decidim/authorization.rb', line 78

def expired?
  expires_at.present? && expires_at < Time.current
end

#expires_atObject

Calculates at when this authorization will expire, if it needs to.

Returns nil if the authorization does not expire. Returns an ActiveSupport::TimeWithZone if it expires.



71
72
73
74
75
76
# File 'app/models/decidim/authorization.rb', line 71

def expires_at
  return unless workflow_manifest
  return if workflow_manifest.expires_in.zero?

  (granted_at || created_at) + workflow_manifest.expires_in
end

#grant!Object



43
44
45
46
47
# File 'app/models/decidim/authorization.rb', line 43

def grant!
  remove_verification_attachment!

  update!(granted_at: Time.current, verification_metadata: {})
end

#granted?Boolean

Returns:

  • (Boolean)


49
50
51
# File 'app/models/decidim/authorization.rb', line 49

def granted?
  !granted_at.nil?
end

#metadata_cellObject

Returns a String, the cell to be used to render the metadata



61
62
63
64
65
# File 'app/models/decidim/authorization.rb', line 61

def 
  return unless workflow_manifest

  workflow_manifest.
end

#renewable?Boolean

Returns true if the authorization is renewable by the participant

Returns:

  • (Boolean)


54
55
56
57
58
# File 'app/models/decidim/authorization.rb', line 54

def renewable?
  return unless workflow_manifest

  workflow_manifest.renewable && renewable_at < Time.current
end