Class: Decidim::DummyAuthorizationHandler::ActionAuthorizer

Inherits:

Verifications::DefaultActionAuthorizer

Object
Verifications::DefaultActionAuthorizer
Decidim::DummyAuthorizationHandler::ActionAuthorizer

show all

Defined in:: app/services/decidim/dummy_authorization_handler.rb

Overview

An example implementation of a DefaultActionAuthorizer inherited class to override authorization status checking process. In this case, it allows to set a list of valid postal codes for an authorization.

Instance Attribute Summary collapse

#allowed_postal_codes ⇒ Object readonly

Returns the value of attribute allowed_postal_codes.

Instance Method Summary collapse

#authorize ⇒ Object

Overrides the parent class method, but it still uses it to keep the base behavior.
#redirect_params ⇒ Object

Adds the list of allowed postal codes to the redirect URL, to allow forms to inform about it.

Methods inherited from Verifications::DefaultActionAuthorizer

#initialize

Constructor Details

This class inherits a constructor from Decidim::Verifications::DefaultActionAuthorizer

Instance Attribute Details

#allowed_postal_codes ⇒ `Object` (readonly)

Returns the value of attribute allowed_postal_codes.



30
31
32

# File 'app/services/decidim/dummy_authorization_handler.rb', line 30

def allowed_postal_codes
  @allowed_postal_codes
end

Instance Method Details

#authorize ⇒ `Object`

Overrides the parent class method, but it still uses it to keep the base behavior

# File 'app/services/decidim/dummy_authorization_handler.rb', line 33

def authorize
  # Remove the additional setting from the options hash to avoid to be considered missing.
  @allowed_postal_codes ||= options.delete("allowed_postal_codes")

  status_code, data = *super

  if allowed_postal_codes.present?
    # Does not authorize users with different postal codes
    if status_code == :ok && !allowed_postal_codes.member?(authorization.metadata["postal_code"])
      status_code = :unauthorized
      data[:fields] = { "postal_code" => authorization.metadata["postal_code"] }
    end

    # Adds an extra message for inform the user the additional restriction for this authorization
    data[:extra_explanation] = { key: "extra_explanation",
                                 params: { scope: "decidim.verifications.dummy_authorization",
                                           count: allowed_postal_codes.count,
                                           postal_codes: allowed_postal_codes.join(", ") } }
  end

  [status_code, data]
end

#redirect_params ⇒ `Object`

Adds the list of allowed postal codes to the redirect URL, to allow forms to inform about it



57
58
59

# File 'app/services/decidim/dummy_authorization_handler.rb', line 57

def redirect_params
  { "postal_codes" => allowed_postal_codes&.join("-") }
end