decidim-direct_verifications 0.17.6 → 0.22

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: baa520a6dc6b5d727bc233c5076a6dd0d042cfcd3fdd0ff4cdde46f7f1837cec
-  data.tar.gz: 94f879f2b21bfaf542d1820c4d65c84e6769f6e32b9e06ba8930f979dcebc02a
+  metadata.gz: 8a3a36032cc453d0d386579125ace610fbc73e85a975196b56ae84c3f10a2296
+  data.tar.gz: d20c11a81153e2c9fe79b0663d5b9cd7f077133714d8cf25a872ee1f70ca6741
 SHA512:
-  metadata.gz: f2aaa64f6b10b225353285a58f70c44d91c6ab0ac50051f6a82bf5dd63ed73a12f8c5df4e09230a3a5d5d535c5a6303af5c1f64d2c4908a7d37adbbe32632575
-  data.tar.gz: 9248e063925c40870f2ada644dd55b6a3efd8f5034d4c870945ef0f017277f1cbc256d88911559cd03c1bf1f43a250aeb385a75b4003e6e59191b6eaf428fa76
+  metadata.gz: b3201103a89ca52e19fbd493018e45727d81d3b7d626eca0a5735253bc4ee21b5fc3260038cca70c405aed30f4556c807ae35b3b1ec00bc6157acc3f0c16cc33
+  data.tar.gz: 170a4e48d8ecadd8abc262626669ed9b8820d85804a0a48350c1ea2a2dc7f2de4a87f6833f71ff23fe1b880ba817b81f8f4823059824bfcce9703d9b45720631

data/README.md

@@ -1,19 +1,21 @@
 # Decidim::DirectVerifications
 
-[![Build Status](https://travis-ci.org/Platoniq/decidim-verifications-direct_verifications.svg?branch=master)](https://travis-ci.org/Platoniq/decidim-verifications-direct_verifications)
+![[CI] Test](https://github.com/Platoniq/decidim-verifications-direct_verifications/workflows/%5BCI%5D%20Test/badge.svg)
+[![Maintainability](https://api.codeclimate.com/v1/badges/2195deb4de6c6354a6bc/maintainability)](https://codeclimate.com/github/Platoniq/decidim-verifications-direct_verifications/maintainability)
+[![codecov](https://codecov.io/gh/Platoniq/decidim-verifications-direct_verifications/branch/master/graph/badge.svg?token=FR1zkV71S2)](https://codecov.io/gh/Platoniq/decidim-verifications-direct_verifications)
 
 A [Decidim](https://github.com/decidim/decidim) that provides a verification method called `Direct verification`. Works only on the admin side, final users do not intervene in the verification process.
 
 This plugin allows to verify users against the `Direct verification` method by default, but it is not limited to it, it can be used to directly verify users against any other method registered for the organization.
 
-You can use this plugin in combination with the great [AccessRequests](https://github.com/mainio/decidim-module-access_requests) plugin from Maino Tech to provide and manage several levels of permissions to users in the platform Decidim.
-
-**Other features include:**
+**Features:**
 
 1. Allows to massively register users directly in the platform prior (or independently) to verify them by sending them invite emails.
 > **IMPORTANT:**<br>
 > You must only use this feature if you have explicit consent from your users, otherwise you might be violating the [GDPR](https://eugdpr.org/) regulation in EU.
-2. Can massively revoke authorizations given to any user with any verification method available.
+2. Massive authroizations of users using any verification method registered for the organization **if configured**.
+3. It can massively revoke authorizations given to any user with any verification method available.
+4. Shows user's statuses per verification method in a simple stats table.
 
 ## Screenshot
 
@@ -48,6 +50,66 @@ And then execute:
 bundle
 ```
 
+## Using additional verification methods
+
+You can manage other verification methods (or workflow) a part from `Direct verification`. You need to configure it in a new file in the `config/initializers` folder.
+For instance, you can use this same engine to have 2 levels of permissions in the platform. 
+
+Create a file like `config/initializers/decidim_verifications.rb` with content as:
+
+**`config/initializers/decidim_verifications.rb`:**
+
+```ruby
+# frozen_string_literal: true
+
+# We are using the same DirectVerifications engine without the admin part to 
+# create a custom verification method called "direct_verifications_managers"
+Decidim::Verifications.register_workflow(:direct_verifications_managers) do |workflow|
+  workflow.engine = Decidim::DirectVerifications::Verification::Engine
+end
+
+# We need to tell the plugin to handle this method in addition to the default "Direct verification". Any registered workflow is valid.
+Decidim::DirectVerifications.configure do |config|
+  config.manage_workflows = %w(direct_verifications_managers)
+end
+
+```
+
+You will need the locales entries corresponding to your custom workflow, create as many files as languages you have in your application in `config/locales`:
+
+**`config/locales/en.yml`:**
+
+```yaml
+en:
+  decidim:
+    authorization_handlers:
+      direct_verifications_managers:
+        name: Organization managers
+        explanation: Direct Verifications Subgroup explanation
+    verifications:
+      authorizations:
+        first_login:
+          actions:
+            direct_verifications_managers: Organization managers
+```
+
+Similarly, you can also overwrite the default title "Direct verification" by creating the key again in your locales:
+
+```yaml
+en:
+  decidim:
+    authorization_handlers:
+      direct_verifications:
+        name: Generic organization members
+        explanation: Direct Verifications Subgroup explanation
+    verifications:
+      authorizations:
+        first_login:
+          actions:
+            direct_verifications: Generic organization members
+```
+
+
 ## Contributing
 
 See [Decidim](https://github.com/decidim/decidim).

data/app/assets/config/direct_verifications_admin_manifest.js

@@ -0,0 +1 @@
+//= link decidim/direct_verifications/verification/admin/direct_verifications_admin.js

data/app/assets/javascripts/decidim/direct_verifications/verification/admin/direct_verifications_admin.js.es6

@@ -0,0 +1,7 @@
+// = require_self
+
+$(() => {
+  $('[type="checkbox"]#register').change(function () {
+      $(this).closest('label').find('.callout').toggleClass('hide', !$(this).prop('checked'))
+  })
+})

data/app/controllers/decidim/direct_verifications/verification/admin/direct_verifications_controller.rb

@@ -6,71 +6,106 @@ module Decidim
       module Admin
         class DirectVerificationsController < Decidim::Admin::ApplicationController
           include NeedsPermission
+          helper_method :workflows, :current_authorization_handler
 
           layout "decidim/admin/users"
 
           def index
-            enforce_permission_to :index, UserProcessor
+            enforce_permission_to :index, :authorization
           end
 
           def create
-            enforce_permission_to :create, UserProcessor
-
-            @userlist = params[:userlist]
-            processor = UserProcessor.new(current_organization, current_user)
-            processor.emails = extract_emails_to_hash @userlist
-            processor.authorization_handler = params[:authorization_handler] if params[:authorization_handler]
-            if params[:register]
-              processor.register_users
-              flash[:warning] = t(".registered", count: processor.emails.count,
-                                                 registered: processor.processed[:registered].count,
-                                                 errors: processor.errors[:registered].count)
-            end
-            if params[:authorize] == "in"
-              processor.authorize_users
-              flash[:notice] = t(".authorized", handler: t("#{processor.authorization_handler}.name", scope: "decidim.authorization_handlers"),
-                                                count: processor.emails.count,
-                                                authorized: processor.processed[:authorized].count,
-                                                errors: processor.errors[:authorized].count)
-            elsif params[:authorize] == "out"
-              processor.revoke_users
-              flash[:notice] = t(".revoked", handler: t("#{processor.authorization_handler}.name", scope: "decidim.authorization_handlers"),
-                                             count: processor.emails.count,
-                                             revoked: processor.processed[:revoked].count,
-                                             errors: processor.errors[:revoked].count)
-            else
-              flash[:info] = t(".info", handler: t("#{processor.authorization_handler}.name", scope: "decidim.authorization_handlers"),
-                                        count: processor.emails.count,
-                                        authorized: processor.total(:authorized),
-                                        unconfirmed: processor.total(:unconfirmed),
-                                        registered: processor.total(:registered))
-              render(action: :index) && return
-            end
+            enforce_permission_to :create, :authorization
+
+            @userslist = params[:userlist]
+            @processor = UserProcessor.new(current_organization, current_user, session)
+            @processor.emails = extract_emails_to_hash @userslist
+            @processor.authorization_handler = current_authorization_handler
+            @stats = UserStats.new(current_organization)
+            @stats.authorization_handler = @processor.authorization_handler
+            register_users
+            authorize_users
+            revoke_users
+
+            render(action: :index) && return if show_users_info
+
             redirect_to direct_verifications_path
           end
 
-          def permission_class_chain
-            [
-              Decidim::DirectVerifications::Verification::Admin::Permissions,
-              Decidim::Admin::Permissions,
-              Decidim::Permissions
-            ]
+          private
+
+          def register_users
+            return unless params[:register]
+
+            @processor.register_users
+            flash[:warning] = t(".registered", count: @processor.emails.count,
+                                               registered: @processor.processed[:registered].count,
+                                               errors: @processor.errors[:registered].count)
           end
 
-          def permission_scope
-            :admin
+          def authorize_users
+            return unless params[:authorize] == "in"
+
+            @processor.authorize_users
+            flash[:notice] = t(".authorized", handler: t("#{@processor.authorization_handler}.name", scope: "decidim.authorization_handlers"),
+                                              count: @processor.emails.count,
+                                              authorized: @processor.processed[:authorized].count,
+                                              errors: @processor.errors[:authorized].count)
           end
 
-          private
+          def revoke_users
+            return unless params[:authorize] == "out"
+
+            @processor.revoke_users
+            flash[:notice] = t(".revoked", handler: t("#{@processor.authorization_handler}.name", scope: "decidim.authorization_handlers"),
+                                           count: @processor.emails.count,
+                                           revoked: @processor.processed[:revoked].count,
+                                           errors: @processor.errors[:revoked].count)
+          end
+
+          def show_users_info
+            return if params[:authorize]
+
+            @stats.emails = @processor.emails.keys
+            flash.now[:info] = t(".info", handler: t("#{@processor.authorization_handler}.name", scope: "decidim.authorization_handlers"),
+                                          count: @processor.emails.count,
+                                          authorized: @stats.authorized,
+                                          unconfirmed: @stats.unconfirmed,
+                                          registered: @stats.registered)
+            true
+          end
 
           def extract_emails_to_hash(txt)
-            reg = /([^@\r\n]*)\b([A-Z0-9._%+-]+@[A-Z0-9.-]+\.[A-Z]{2,})\b/i
-            txt.scan(reg).map do |m|
-              [
-                m[1].delete("<>").strip,
-                m[0].gsub(/[^[:print:]]|[\"\$\<\>\|\\]/, "").strip
-              ]
-            end .to_h
+            reg = /([A-Z0-9+._-]+@[A-Z0-9._-]+\.[A-Z0-9_-]+)\b/i
+            emails = {}
+            txt.split(/[\r\n;,]/).each do |line|
+              reg.match line do |m|
+                n = line.split(m[0]).first
+                emails[m[0]] = (n.presence || "").gsub(/[^[:print:]]|[\"\$\<\>\|\\]/, "").strip
+              end
+            end
+            emails
+          end
+
+          def authorization_handler(authorization_handler)
+            @authorization_handler = authorization_handler.presence || :direct_verifications
+          end
+
+          def current_authorization_handler
+            authorization_handler(params[:authorization_handler])
+          end
+
+          def configured_workflows
+            return Decidim::DirectVerifications.config.manage_workflows if Decidim::DirectVerifications.config
+
+            ["direct_verifications"]
+          end
+
+          def workflows
+            workflows = configured_workflows & current_organization.available_authorizations.map.to_a
+            workflows.map do |a|
+              [t("#{a}.name", scope: "decidim.authorization_handlers"), a]
+            end
           end
         end
       end

data/app/controllers/decidim/direct_verifications/verification/admin/stats_controller.rb

@@ -0,0 +1,38 @@
+# frozen_string_literal: true
+
+module Decidim
+  module DirectVerifications
+    module Verification
+      module Admin
+        class StatsController < Decidim::Admin::ApplicationController
+          include NeedsPermission
+
+          layout "decidim/admin/users"
+
+          def index
+            enforce_permission_to :index, :authorization
+            stats = UserStats.new(current_organization)
+            @stats = {
+              t(".global") => stats_hash(stats)
+            }
+            current_organization.available_authorizations.map do |a|
+              stats.authorization_handler = a
+              @stats[t("#{a}.name", scope: "decidim.authorization_handlers")] = stats_hash(stats)
+            end
+          end
+
+          private
+
+          def stats_hash(stats)
+            {
+              registered: stats.registered,
+              authorized: stats.authorized,
+              unconfirmed: stats.unconfirmed,
+              authorized_unconfirmed: stats.authorized_unconfirmed
+            }
+          end
+        end
+      end
+    end
+  end
+end

data/app/views/decidim/direct_verifications/verification/admin/direct_verifications/index.html.erb

@@ -1,40 +1,44 @@
-
 <div class="card">
   <div class="card-divider">
     <h2 class="card-title">
-      <%= t('admin.index.title', scope: 'decidim.direct_verifications.verification') %>
+      <%= t("admin.index.title", scope: "decidim.direct_verifications.verification") %>
+      <%= link_to t("admin.index.stats", scope: "decidim.direct_verifications.verification"), stats_path, class: "button tiny button--title" %>
     </h2>
   </div>
   <div class="card-section">
-    <p><%= t('decidim.direct_verifications.verification.admin.new.info') %></p>
-    <%= form_tag direct_verifications_path, multipart: true, class: 'form' do %>
-      <%= label_tag :userlist, t('admin.new.textarea', scope: 'decidim.direct_verifications.verification') %>
-      <%= text_area_tag :userlist, @userlist, rows: 10 %>
+    <p><%= t("decidim.direct_verifications.verification.admin.new.info") %></p>
+    <%= form_tag direct_verifications_path, multipart: true, class: "form" do %>
+      <%= label_tag :userlist, t("admin.new.textarea", scope: "decidim.direct_verifications.verification") %>
+      <%= text_area_tag :userlist, @userslist, rows: 10 %>
       <label>
         <%= check_box_tag :register %>
-        <%= t('admin.new.register', scope: 'decidim.direct_verifications.verification') %>
+        <%= t("admin.new.register", scope: "decidim.direct_verifications.verification") %>
+        <div data-alert class="callout alert hide">
+          <%= t("admin.direct_verifications.gdpr_disclaimer", scope: "decidim.direct_verifications.verification") %>
+        </div>
       </label>
       <label>
-        <%= radio_button_tag :authorize, 'in' %>
-        <%= t('admin.new.authorize', scope: 'decidim.direct_verifications.verification') %>
+        <%= radio_button_tag :authorize, "in" %>
+        <%= t("admin.new.authorize", scope: "decidim.direct_verifications.verification") %>
       </label>
       <label>
-        <%= radio_button_tag :authorize, 'out' %>
-        <%= t('admin.new.revoke', scope: 'decidim.direct_verifications.verification') %>
+        <%= radio_button_tag :authorize, "out" %>
+        <%= t("admin.new.revoke", scope: "decidim.direct_verifications.verification") %>
       </label>
       <label>
-        <%= radio_button_tag :authorize, 'check', true %>
-        <%= t('admin.new.check', scope: 'decidim.direct_verifications.verification') %>
+        <%= radio_button_tag :authorize, "check", true %>
+        <%= t("admin.new.check", scope: "decidim.direct_verifications.verification") %>
       </label>
 
-      <%= label_tag :userlist, t('admin.new.authorization_handler', scope: 'decidim.direct_verifications.verification') %>
-      <%= select_tag :authorization_handler, options_for_select(current_organization.available_authorizations.map { |a|
-        [t("#{a}.name", scope: "decidim.authorization_handlers"), a]
-        }, :direct_verifications) %>
+      <%= label_tag :authorization_handler, t("admin.new.authorization_handler", scope: "decidim.direct_verifications.verification") %>
+
+      <%= select_tag :authorization_handler, options_for_select(workflows, current_authorization_handler) %>
 
-      <%= submit_tag t('admin.new.submit', scope: 'decidim.direct_verifications.verification'), class: 'button' %>
+      <%= submit_tag t("admin.new.submit", scope: "decidim.direct_verifications.verification"), class: "button" %>
 
     <% end %>
 
   </div>
 </div>
+
+<%= javascript_include_tag "decidim/direct_verifications/verification/admin/direct_verifications_admin" %>

data/app/views/decidim/direct_verifications/verification/admin/stats/index.html.erb

@@ -0,0 +1,35 @@
+<div class="card">
+  <div class="card-divider">
+    <h2 class="card-title">
+      <%= t("admin.index.stats", scope: "decidim.direct_verifications.verification") %>
+      <%= link_to t("admin.index.title", scope: "decidim.direct_verifications.verification"), direct_verifications_path, class: "button tiny button--title" %>
+    </h2>
+  </div>
+  <div class="card-section">
+    <table class="table-list">
+      <thead>
+        <tr>
+          <th><%= t("admin.new.authorization_handler", scope: "decidim.direct_verifications.verification") %></th>
+          <th><%= t(".registered") %></th>
+          <th><%= t(".authorized") %></th>
+          <th><%= t(".unconfirmed") %></th>
+          <th><%= t(".authorized_unconfirmed") %></th>
+          <th></th>
+        </tr>
+      </thead>
+      <tbody>
+        <% @stats.each do |a, s| %>
+        <tr>
+          <td>
+            <%= a %>
+          </td>
+          <td><%= s[:registered] %></td>
+          <td><%= s[:authorized] %></td>
+          <td><%= s[:unconfirmed] %></td>
+          <td><%= s[:authorized_unconfirmed] %></td>
+        </tr>
+        <% end %>
+      </tbody>
+    </table>
+  </div>
+</div>

data/config/locales/ca.yml

@@ -32,10 +32,15 @@ ca:
                 detectats, %{errors} errors)
               revoked: S'ha revocat correctament la verificació de %{revoked} usuaris
                 utilitzant [%{handler}] (%{count} detectats, %{errors} errors)
+            gdpr_disclaimer: Feu-ho sota la vostra responsabilitat. Recordeu que heu
+              de tenir el consentiment explícit dels vostres usuaris per registrar-los.
+              En cas contrari, estareu infringint la regulació GDPR als països de
+              la UE.
           index:
+            stats: Estadístiques d'usuaris
             title: Inscriu i autoritza usuaris
           new:
-            authorization_handler: 'Mètode de verificació:'
+            authorization_handler: Mètode de verificació
             authorize: Autoritza els usuaris
             check: Comprova l'estat dels usuaris
             info: Introdueix aquí els emails, un per línia. Si els emails estan precedits
@@ -43,10 +48,22 @@ ca:
             register: Registra els usuaris a la plataforma (si existeixen s'ignoraran)
             revoke: Revoca l'autorització dels usuaris
             submit: Envia i processa el llistat
-            textarea: 'Llista d''emails:'
+            textarea: Llista d''emails
+          stats:
+            index:
+              authorized: Verificats
+              authorized_unconfirmed: Verificats però no confirmats
+              global: "- Qualsevol mètode de verificació -"
+              registered: Registrats
+              unconfirmed: No confirmats
         authorizations:
           new:
             no_action: Aquest mètode requereix que un administrador us verifiqui
+    verifications:
+      authorizations:
+        first_login:
+          actions:
+            direct_verifications: Verificació directa
   devise:
     mailer:
       direct_invite:

data/config/locales/en.yml

@@ -31,10 +31,14 @@ en:
                 detected, %{errors} errors) "
               revoked: Verification from %{revoked} users have been revoked using
                 [%{handler}] (%{count} detected, %{errors} errors)
+            gdpr_disclaimer: Do this under your responsibility. Remember that you
+              need to have explicit consent from your users in order to register them.
+              Otherwise you will be infringing the GDPR regulation in EU countries.
           index:
+            stats: User stats
             title: Register and authorize users
           new:
-            authorization_handler: 'Verification method:'
+            authorization_handler: Verification method
             authorize: Authorize users
             check: Check users status
             info: Enter the emails here, one per line. If the emails are preceded
@@ -42,10 +46,22 @@ en:
             register: Register users in the platform (if they exist they will be ignored)
             revoke: Revoke authorization from users
             submit: Send and process the list
-            textarea: 'Emails list:'
+            textarea: Emails list
+          stats:
+            index:
+              authorized: Authorized
+              authorized_unconfirmed: Authorized but unconfirmed
+              global: "- Any verification method -"
+              registered: Registered
+              unconfirmed: Unconfirmed
         authorizations:
           new:
             no_action: This method requires an administrator that verifies you
+    verifications:
+      authorizations:
+        first_login:
+          actions:
+            direct_verifications: Direct verification
   devise:
     mailer:
       direct_invite:

data/config/locales/es.yml

@@ -32,10 +32,15 @@ es:
                 detectados, %{errors} errores)
               revoked: Se ha revocado correctament la verificación de %{revoked} usuarios
                 usando [%{handler}] (%{count} detectados, %{errors} errores)
+            gdpr_disclaimer: Haga esto bajo su responsabilidad. Recuerde que debe
+              contar con el consentimiento explícito de sus usuarios para poder registrarlos.
+              De lo contrario, estará infringiendo la regulación GDPR en los países
+              de la UE.
           index:
+            stats: Estadísticas de usuarios
             title: Inscribe y autoriza usuarios
           new:
-            authorization_handler: 'Método de verificación:'
+            authorization_handler: Método de verificación
             authorize: Autoriza los usuarios
             check: Comprueba el estado de los usuarios
             info: Introduce aquí los emails, uno por linea. Si los emails están precedidos
@@ -43,10 +48,22 @@ es:
             register: Registra los usuarios a la plataforma (si existen se ignorarán)
             revoke: Revoca la autorización de los usuarios
             submit: Envía y procesa el listado
-            textarea: 'Lista de emails:'
+            textarea: Lista de emails
+          stats:
+            index:
+              authorized: Verificados
+              authorized_unconfirmed: Verificados pero sin confirmar
+              global: "- Cualquier método de verificación -"
+              registered: Registrados
+              unconfirmed: Sin confirmar
         authorizations:
           new:
             no_action: Este método requiere que un administrador os verifique
+    verifications:
+      authorizations:
+        first_login:
+          actions:
+            direct_verifications: Verificación directa
   devise:
     mailer:
       direct_invite:

data/lib/decidim/direct_verifications.rb

@@ -1,7 +1,9 @@
 # frozen_string_literal: true
 
 require_relative "direct_verifications/version"
+require_relative "direct_verifications/config"
 require_relative "direct_verifications/user_processor"
+require_relative "direct_verifications/user_stats"
 require_relative "direct_verifications/verification"
 
 module Decidim

data/lib/decidim/direct_verifications/config.rb

@@ -0,0 +1,23 @@
+# frozen_string_literal: true
+
+module Decidim
+  module DirectVerifications
+    class << self
+      attr_accessor :config
+      def configure
+        yield self.config ||= Config.new
+      end
+    end
+
+    class Config
+      attr_reader :manage_workflows
+      def manage_workflows=(manage_workflows)
+        @manage_workflows.concat(manage_workflows).uniq!
+      end
+
+      def initialize
+        @manage_workflows = ["direct_verifications"]
+      end
+    end
+  end
+end

data/lib/decidim/direct_verifications/tests/verification_controller_examples.rb

@@ -0,0 +1,78 @@
+# frozen_string_literal: true
+
+shared_examples_for "checking users" do |params|
+  context "when check without mails" do
+    it "renders the index with info message" do
+      params[:userlist] = ""
+      perform_enqueued_jobs do
+        post :create, params: params
+        expect(flash[:info]).not_to be_empty
+        expect(flash[:info]).to include("0 users detected")
+        expect(subject).to render_template("decidim/direct_verifications/verification/admin/direct_verifications/index")
+      end
+    end
+  end
+
+  context "when check with mails" do
+    it "renders the index with info message" do
+      params[:userlist] = "mail@example.com"
+      perform_enqueued_jobs do
+        post :create, params: params
+        expect(flash[:info]).not_to be_empty
+        expect(flash[:info]).to include("1 users detected")
+        expect(subject).to render_template("decidim/direct_verifications/verification/admin/direct_verifications/index")
+      end
+    end
+  end
+end
+
+shared_examples_for "registering users" do |params|
+  context "when there are valid emails" do
+    it "creates warning message" do
+      perform_enqueued_jobs do
+        post :create, params: params
+        expect(flash[:warning]).not_to be_empty
+        expect(flash[:warning]).to include("1 detected")
+        expect(flash[:warning]).to include("0 errors")
+        expect(flash[:warning]).to include("1 users")
+        expect(flash[:warning]).to include("registered")
+      end
+    end
+  end
+end
+
+shared_examples_for "authorizing users" do |params|
+  context "when there are valid emails" do
+    it "creates notice message" do
+      perform_enqueued_jobs do
+        post :create, params: params
+        expect(flash[:notice]).not_to be_empty
+        expect(flash[:notice]).to include("1 detected")
+        expect(flash[:notice]).to include("0 errors")
+        expect(flash[:notice]).to include("1 users")
+        expect(flash[:notice]).to include("verified")
+      end
+    end
+  end
+end
+
+shared_examples_for "revoking users" do |params|
+  context "when there are valid emails" do
+    it "creates notice message" do
+      create(
+        :authorization,
+        :granted,
+        name: verification_type,
+        user: authorized_user
+      )
+      perform_enqueued_jobs do
+        post :create, params: params
+        expect(flash[:notice]).not_to be_empty
+        expect(flash[:notice]).to include("1 detected")
+        expect(flash[:notice]).to include("0 errors")
+        expect(flash[:notice]).to include("1 users")
+        expect(flash[:notice]).to include("revoked")
+      end
+    end
+  end
+end

data/lib/decidim/direct_verifications/user_processor.rb

@@ -3,16 +3,17 @@
 module Decidim
   module DirectVerifications
     class UserProcessor
-      def initialize(organization, current_user)
+      def initialize(organization, current_user, session)
         @organization = organization
         @current_user = current_user
         @authorization_handler = :direct_verifications
         @errors = { registered: [], authorized: [], revoked: [] }
         @processed = { registered: [], authorized: [], revoked: [] }
         @emails = {}
+        @session = session
       end
 
-      attr_reader :organization, :current_user, :errors, :processed, :emails
+      attr_reader :organization, :current_user, :session, :errors, :processed, :emails
       attr_accessor :authorization_handler
 
       def emails=(email_list)
@@ -22,6 +23,7 @@ module Decidim
       def register_users
         @emails.each do |email, name|
           next if find_user(email)
+
           form = register_form(email, name)
           begin
             InviteUser.call(form) do
@@ -43,8 +45,9 @@ module Decidim
         @emails.each do |email, _name|
           if (u = find_user(email))
             auth = authorization(u)
-            next if auth.granted?
-            Verification::ConfirmUserAuthorization.call(auth, authorize_form(u)) do
+            next unless !auth.granted? || auth.expired?
+
+            Verification::ConfirmUserAuthorization.call(auth, authorize_form(u), session) do
               on(:ok) do
                 add_processed :authorized, email
               end
@@ -63,6 +66,7 @@ module Decidim
           if (u = find_user(email))
             auth = authorization(u)
             next unless auth.granted?
+
             Verification::DestroyUserAuthorization.call(auth) do
               on(:ok) do
                 add_processed :revoked, email
@@ -77,24 +81,6 @@ module Decidim
         end
       end
 
-      def total(type)
-        if type == :registered
-          return User.where(email: @emails.keys, decidim_organization_id: @organization.id)
-                     .count
-        end
-        if type == :unconfirmed
-          return User.where(email: @emails.keys, decidim_organization_id: @organization.id)
-                     .where(confirmed_at: nil).count
-        end
-        if type == :authorized
-          return Decidim::Authorization.joins(:user)
-                                       .where(name: authorization_handler)
-                                       .where("decidim_users.email IN (:emails) AND decidim_users.decidim_organization_id=:org",
-                                              emails: @emails.keys, org: @organization.id).count
-        end
-        0
-      end
-
       private
 
       def find_user(email)

data/lib/decidim/direct_verifications/user_stats.rb

@@ -0,0 +1,76 @@
+# frozen_string_literal: true
+
+module Decidim
+  module DirectVerifications
+    class UserStats
+      def initialize(organization)
+        @organization = organization
+        @authorization_handler = ""
+        @emails = []
+      end
+
+      attr_reader :organization, :authorization_handler
+      attr_accessor :emails
+
+      def authorization_handler=(name)
+        @workflow_manifest = nil
+        @authorization_handler = name
+      end
+
+      def registered
+        registered_users.count
+      end
+
+      def unconfirmed
+        registered_users.where("decidim_users.confirmed_at IS NULL").count
+      end
+
+      def authorized
+        authorized_users.count
+      end
+
+      def authorized_unconfirmed
+        authorized_users.where("decidim_users.confirmed_at IS NULL").count
+      end
+
+      private
+
+      def registered_users
+        if authorization_handler.empty?
+          filter = { decidim_organization_id: organization.id }
+          filter[:email] = emails unless emails.empty?
+          return User.where(filter).where.not(email: "")
+        end
+        authorized_users(false)
+      end
+
+      def authorized_users(strict = true)
+        q = Decidim::Authorization.joins(:user)
+        unless authorization_handler.empty?
+          q = q.where(name: authorization_handler)
+          if strict
+            q = q.where.not(granted_at: nil)
+            q = q.where("decidim_authorizations.granted_at >= :date", date: Time.current - expires_in) if expires_in
+          end
+        end
+        q = q.where("decidim_users.decidim_organization_id=:org and decidim_users.email!=''", org: organization.id)
+        return q if emails.empty?
+
+        q.where("decidim_users.email IN (:emails)", emails: emails)
+      end
+
+      def expires_in
+        return unless workflow_manifest
+        return if workflow_manifest.expires_in.zero?
+
+        workflow_manifest.expires_in
+      end
+
+      def workflow_manifest
+        return if authorization_handler.empty?
+
+        @workflow_manifest ||= Decidim::Verifications.find_workflow_manifest(authorization_handler)
+      end
+    end
+  end
+end

data/lib/decidim/direct_verifications/verification/admin_engine.rb

@@ -8,10 +8,15 @@ module Decidim
         paths["db/migrate"] = nil
 
         routes do
-          resources :direct_verifications, only: [:index, :create]
+          resources :direct_verifications, only: [:index, :create, :stats]
+          resources :stats, only: [:index]
 
           root to: "direct_verifications#index"
         end
+
+        initializer "decidim_direct_verifications.admin_assets" do |app|
+          app.config.assets.precompile += %w(direct_verifications_admin_manifest.js)
+        end
       end
     end
   end

data/lib/decidim/direct_verifications/version.rb

@@ -3,7 +3,8 @@
 module Decidim
   # This holds the decidim-direct_verifications version.
   module DirectVerifications
-    VERSION = "0.17.6"
-    DECIDIM_VERSION = ">= 0.17.0"
+    VERSION = "0.22"
+    DECIDIM_VERSION = "0.22"
+    MIN_DECIDIM_VERSION = ">= 0.22.0"
   end
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: decidim-direct_verifications
 version: !ruby/object:Gem::Version
-  version: 0.17.6
+  version: '0.22'
 platform: ruby
 authors:
 - Ivan Vergés
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2019-04-04 00:00:00.000000000 Z
+date: 2020-11-12 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: decidim-admin
@@ -16,28 +16,28 @@ dependencies:
     requirements:
     - - ">="
       - !ruby/object:Gem::Version
-        version: 0.17.0
+        version: 0.22.0
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - ">="
       - !ruby/object:Gem::Version
-        version: 0.17.0
+        version: 0.22.0
 - !ruby/object:Gem::Dependency
   name: decidim-core
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - ">="
       - !ruby/object:Gem::Version
-        version: 0.17.0
+        version: 0.22.0
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - ">="
       - !ruby/object:Gem::Version
-        version: 0.17.0
+        version: 0.22.0
 description: Provides a verification method that also registers users directly in
   the platform. Can be used to mass verificate user with other verification handlers
 email:
@@ -49,20 +49,26 @@ files:
 - LICENSE-AGPLv3.txt
 - README.md
 - Rakefile
+- app/assets/config/direct_verifications_admin_manifest.js
+- app/assets/javascripts/decidim/direct_verifications/verification/admin/direct_verifications_admin.js.es6
 - app/commands/decidim/direct_verifications/verification/confirm_user_authorization.rb
 - app/commands/decidim/direct_verifications/verification/destroy_user_authorization.rb
 - app/controllers/decidim/direct_verifications/verification/admin/direct_verifications_controller.rb
+- app/controllers/decidim/direct_verifications/verification/admin/stats_controller.rb
 - app/controllers/decidim/direct_verifications/verification/authorizations_controller.rb
 - app/forms/decidim/direct_verifications/verification/direct_verifications_form.rb
-- app/permissions/decidim/direct_verifications/verification/admin/permissions.rb
 - app/views/decidim/direct_verifications/verification/admin/direct_verifications/index.html.erb
+- app/views/decidim/direct_verifications/verification/admin/stats/index.html.erb
 - app/views/devise/mailer/direct_invite.html.erb
 - app/views/devise/mailer/direct_invite.text.erb
 - config/locales/ca.yml
 - config/locales/en.yml
 - config/locales/es.yml
 - lib/decidim/direct_verifications.rb
+- lib/decidim/direct_verifications/config.rb
+- lib/decidim/direct_verifications/tests/verification_controller_examples.rb
 - lib/decidim/direct_verifications/user_processor.rb
+- lib/decidim/direct_verifications/user_stats.rb
 - lib/decidim/direct_verifications/verification.rb
 - lib/decidim/direct_verifications/verification/admin.rb
 - lib/decidim/direct_verifications/verification/admin_engine.rb

data/app/permissions/decidim/direct_verifications/verification/admin/permissions.rb

@@ -1,20 +0,0 @@
-# frozen_string_literal: true
-
-module Decidim
-  module DirectVerifications
-    module Verification
-      module Admin
-        # Defines the abilities related to direct_verifications for a logged in admin user.
-        class Permissions < Decidim::DefaultPermissions
-          def permissions
-            return permission_action if permission_action.scope != :admin
-            if user.organization.available_authorizations.include?("direct_verifications")
-              allow! if permission_action.subject == Decidim::DirectVerifications::UserProcessor
-              permission_action
-            end
-          end
-        end
-      end
-    end
-  end
-end