decidim-core 0.7.4 → 0.8.0

data/app/commands/decidim/authorize_user.rb

@@ -1,59 +0,0 @@
-# frozen_string_literal: true
-
-module Decidim
-  # A command to authorize a user with an authorization handler.
-  class AuthorizeUser < Rectify::Command
-    # Public: Initializes the command.
-    #
-    # handler - An AuthorizationHandler object.
-    def initialize(handler)
-      @handler = handler
-    end
-
-    # Executes the command. Broadcasts these events:
-    #
-    # - :ok when everything is valid.
-    # - :invalid if the handler wasn't valid and we couldn't proceed.
-    #
-    # Returns nothing.
-    def call
-      return broadcast(:invalid) unless handler.valid? && unique?
-
-      create_authorization
-      broadcast(:ok)
-    end
-
-    private
-
-    attr_reader :handler
-
-    def create_authorization
-      authorization = Authorization.find_or_initialize_by(
-        user: handler.user,
-        name: handler.handler_name
-      )
-
-      authorization.attributes = {
-        unique_id: handler.unique_id,
-        metadata: handler.metadata
-      }
-
-      authorization.save!
-    end
-
-    def unique?
-      return true if handler.unique_id.nil?
-
-      duplicates = Authorization.where(
-        user: User.where.not(id: handler.user.id).where(organization: handler.user.organization.id),
-        name: handler.handler_name,
-        unique_id: handler.unique_id
-      )
-
-      return true unless duplicates.any?
-
-      handler.errors.add(:base, I18n.t("decidim.authorization_handlers.errors.duplicate_authorization"))
-      false
-    end
-  end
-end

data/app/controllers/decidim/authorizations_controller.rb

@@ -1,80 +0,0 @@
-# frozen_string_literal: true
-
-module Decidim
-  # This controller allows users to create and destroy their authorizations. It
-  # shouldn't be necessary to expand it to add new authorization schemes.
-  class AuthorizationsController < Decidim::ApplicationController
-    helper_method :handler, :handlers
-    before_action :valid_handler, only: [:new, :create]
-
-    include Decidim::UserProfile
-    helper Decidim::DecidimFormHelper
-    helper Decidim::CtaButtonHelper
-    helper Decidim::AuthorizationFormHelper
-
-    layout "layouts/decidim/user_profile", only: [:index]
-
-    def new; end
-
-    def index
-      @authorizations = current_user.authorizations
-    end
-
-    def first_login
-      if handlers.length == 1
-        redirect_to(
-          action: :new,
-          handler: handlers.first.handler_name,
-          redirect_url: account_path
-        )
-      end
-    end
-
-    def create
-      AuthorizeUser.call(handler) do
-        on(:ok) do
-          flash[:notice] = t("authorizations.create.success", scope: "decidim")
-          redirect_to params[:redirect_url] || authorizations_path
-        end
-
-        on(:invalid) do
-          flash[:alert] = t("authorizations.create.error", scope: "decidim")
-          render action: :new
-        end
-      end
-    end
-
-    protected
-
-    def handler
-      @handler ||= AuthorizationHandler.handler_for(handler_name, handler_params)
-    end
-
-    def handler_params
-      (params[:authorization_handler] || {}).merge(user: current_user)
-    end
-
-    def handler_name
-      params[:handler] || params.dig(:authorization_handler, :handler_name)
-    end
-
-    def valid_handler
-      return true if handler
-
-      logger.warn "Invalid authorization handler given: #{handler_name} doesn't"\
-        "exist or you haven't added it to `Decidim.authorization_handlers`"
-
-      redirect_to(authorizations_path) && (return false)
-    end
-
-    def handlers
-      @handlers ||= available_authorization_handlers.reject do |handler|
-        authorized_handlers.include?(handler.handler_name)
-      end
-    end
-
-    def authorized_handlers
-      current_user.authorizations.map(&:name)
-    end
-  end
-end

data/app/services/decidim/authorization_handler.rb

@@ -1,95 +0,0 @@
-# frozen_string_literal: true
-
-module Decidim
-  # This is the base class for authorization handlers, all implementations
-  # should inherit from it.
-  # Each AuthorizationHandler is a form that will be used to check if the
-  # authorization is valid or not. When it is valid a new authorization will
-  # be created for the user.
-  #
-  # Feel free to use validations to assert fields against a remote API,
-  # local database, or whatever.
-  #
-  # It also sets two default attributes, `user` and `handler_name`.
-  class AuthorizationHandler < Form
-    # The user that is trying to authorize, it's initialized with the
-    # `current_user` from the controller.
-    attribute :user, Decidim::User
-    # The String name of the handler, should not be modified since it's used to
-    # infer the class name of the authorization handler.
-    attribute :handler_name, String
-
-    # A unique ID to be implemented by the authorization handler that ensures
-    # no duplicates are created. This uniqueness check will be skipped if
-    # unique_id returns nil.
-    def unique_id
-      nil
-    end
-
-    # THe attributes of the handler that should be exposed as form input when
-    # rendering the handler in a form.
-    #
-    # Returns an Array of Strings.
-    def form_attributes
-      attributes.except(:id, :user).keys
-    end
-
-    # The String partial path so Rails can render the handler as a form. This
-    # is useful if you want to have a custom view to render the form instead of
-    # the default view.
-    #
-    # Example:
-    #
-    #   A handler named Decidim::CensusHandler would look for its partial in:
-    #   decidim/census/form
-    #
-    # Returns a String.
-    def to_partial_path
-      handler_name.sub!(/_handler$/, "") + "/form"
-    end
-
-    # Any data that the developer would like to inject to the `metadata` field
-    # of an authorization when it's created. Can be useful if some of the
-    # params the user sent with the authorization form want to be persisted for
-    # future use.
-    #
-    # Returns a Hash.
-    def metadata
-      {}
-    end
-
-    # A serialized version of the handler's name.
-    #
-    # Returns a String.
-    def self.handler_name
-      name.underscore
-    end
-
-    # Same as the class method but accessible from the instance.
-    #
-    # Returns a String.
-    def handler_name
-      self.class.handler_name
-    end
-
-    # Finds a handler class from a String. This is necessary when processing
-    # the form data. It will only look for valid handlers that have also been
-    # configured in `Decidim.authorization_handlers`.
-    #
-    # name - The String name of the class to find, usually in the same shape as
-    # the one returned by `handler_name`.
-    # params - An optional Hash with params to initialize the handler.
-    #
-    # Returns an AuthorizationHandler descendant.
-    # Returns nil when no handlers could be found.
-    def self.handler_for(name, params = {})
-      return unless active_handler?(name)
-
-      name.classify.constantize.from_params(params || {})
-    end
-
-    def self.active_handler?(name)
-      name && Decidim.authorization_handlers.include?(name.classify)
-    end
-  end
-end

data/app/views/decidim/authorizations/first_login.html.erb

@@ -1,22 +0,0 @@
-<main class="wrapper">
-  <div class="row collapse">
-    <div class="row collapse">
-      <div class="columns large-8 large-centered text-center">
-        <h1 class="heading1 page-title"><%= t(".title") %></h1>
-        <p class="heading5"><%= t(".verify_with_these_options") %></p>
-      </div>
-    </div>
-    <div class="row">
-      <div class="columns medium-7 large-5 medium-centered">
-        <div class="card">
-          <div class="card__content">
-            <% handlers.each do |handler| %>
-              <%= link_to t("authorizations.first_login.actions.#{handler.handler_name}", scope: "decidim"), new_authorization_path(handler: handler.handler_name), class: "button expanded" %>
-            <% end %>
-            <p class="text-center skip"><%= t("decidim.authorizations.skip_verification", link: link_to(t("decidim.authorizations.start_exploring"), cta_button_path).html_safe).html_safe %>.</p>
-          </div>
-        </div>
-      </div>
-    </div>
-  </div>
-</main>

data/app/views/decidim/authorizations/index.html.erb

@@ -1,49 +0,0 @@
-<div class="row column authorizations-list">
-  <% if @authorizations.any? %>
-    <section class="section">
-      <div class="card card--list">
-        <% @authorizations.each do |authorization| %>
-          <div class="card--list__item">
-            <div class="card--list__text">
-              <%= icon "lock-unlocked", class: "card--list__icon" %>
-              <div>
-                <h5 class="card--list__heading">
-                  <%= t("#{authorization.name}.name", scope: "decidim.authorization_handlers") %>
-                </h5>
-                <span class="text-small"><%= l(authorization.updated_at, format: :long) %></span>
-              </div>
-            </div>
-            <div class="card--list__data">
-              <%= link_to new_authorization_path(handler: authorization.name), class: "card--list__data__icon" do %>
-                <%= icon "reload" %>
-              <% end %>
-            </div>
-          </div>
-        <% end %>
-      </div>
-    <% end %>
-    <% if handlers.any? %>
-      <div class="card card--list">
-        <% handlers.each do |handler| %>
-          <div class="card--list__item">
-            <div class="card--list__text">
-              <a href="#">
-                <%= icon "lock-locked", class: "card--list__icon" %>
-              </a>
-              <div>
-                <h5 class="card--list__heading">
-                  <%= link_to t("#{handler.handler_name}.name", scope: "decidim.authorization_handlers"), new_authorization_path(handler: handler.handler_name) %>
-                </h5>
-              </div>
-            </div>
-            <div class="card--list__data">
-              <%= link_to new_authorization_path(handler: handler.handler_name), class: "card--list__data__icon" do %>
-                <%= icon "chevron-right" %>
-              <% end %>
-            </div>
-          </div>
-        <% end %>
-      </div>
-    </section>
-  <% end %>
-</div>

data/app/views/decidim/authorizations/new.html.erb

@@ -1,33 +0,0 @@
-<main class="wrapper">
-  <div class="row collapse">
-    <div class="row collapse">
-      <div class="columns large-8 large-centered text-center page-title">
-        <h1><%= t(".authorize_with", authorizer: t("#{handler.handler_name}.name", scope: "decidim.authorization_handlers")) %></h1>
-      </div>
-    </div>
-
-    <div class="row">
-      <div class="columns large-6 medium-centered">
-        <div class="card">
-          <div class="card__content">
-            <%= authorization_form_for(handler, url: authorizations_path(redirect_url: params[:redirect_url])) do |form| %>
-              <%= form.error_for(:base) %>
-
-              <% if lookup_context.exists?(handler.to_partial_path, [], true) %>
-                <%= render partial: handler.to_partial_path, locals: { handler: handler, form: form } %>
-              <% else %>
-                <%= form.all_fields %>
-                <div class="actions">
-                  <%= form.submit t(".authorize"), class: "button expanded" %>
-                </div>
-              <% end %>
-            <% end %>
-            <p class="text-center skip">
-              <%= t("decidim.authorizations.skip_verification", link: link_to(t("decidim.authorizations.start_exploring"), cta_button_path).html_safe).html_safe %>.
-            </p>
-          </div>
-        </div>
-      </div>
-    </div>
-  </div>
-</main>