decidim-direct_verifications 0.17.8 → 1.0

data/config/locales/cs.yml

@@ -0,0 +1,69 @@
+cs:
+  decidim:
+    admin:
+      models:
+        user:
+          fields:
+            roles:
+              participant: Účastník
+    authorization_handlers:
+      admin:
+        direct_verifications:
+          help:
+            - 'Umožňuje masivní zavedení uživatelů:'
+            - Přímá registrace v organizaci a odeslání pozvánek
+            - Ověřit je pomocí jakékoliv metody aktivního ověření
+            - Zrušit jejich ověření pomocí jakékoli metody aktivního ověření
+      direct_verifications:
+        explanation: Ruční ověření správcem organizace
+        name: Přímé ověření
+    direct_verifications:
+      verification:
+        admin:
+          authorizations:
+            index:
+              created_at: Vytvořeno v
+              metadata: Metadata
+              name: Název
+              title: Autorizace
+              user_name: Uživatelské jméno
+              new_import: Nový import
+          direct_verifications:
+            create:
+              authorized: "%{authorized} uživatelů bylo úspěšně ověřeno pomocí [%{handler}] (%{count} detekováno, %{errors} chyb)"
+              info: "Zjištěno %{count} uživatelů, z nichž %{registered} jsou registrováni, %{authorized} autorizováni pomocí [%{handler}] (%{unconfirmed} nepotvrzeno)"
+              registered: "%{registered} uživatelů bylo úspěšně zaregistrováno (%{count} detekováno, %{errors} chyb) "
+              revoked: Ověření od %{revoked} uživatelů bylo zrušeno pomocí [%{handler}] (%{count} detekováno, %{errors} chyb)
+            gdpr_disclaimer: Udělejte to v rámci vaší odpovědnosti. Nezapomeňte, že potřebujete mít výslovný souhlas svých uživatelů, abyste je mohli zaregistrovat. V opačném případě můžete porušovat nařízení o GDPR v zemích EU.
+          index:
+            authorizations: Autorizovaní uživatelé
+            stats: Statistiky uživatelů
+            title: Registrovat a autorizovat uživatele
+          new:
+            authorization_handler: Ověřovací metoda
+            authorize: Autorizovat uživatele
+            check: Zkontrolovat stav uživatelů
+            info: Zadejte e-maily zde, jeden na řádek. Pokud e-mailům předchází text, bude interpretován jako jméno uživatele
+            register: Registrovat uživatele na platformě (pokud existují, budou ignorováni)
+            revoke: Zrušit autorizaci od uživatelů
+            submit: Odeslat a zpracovat seznam
+            textarea: Seznam e-mailů
+          stats:
+            index:
+              authorized: Autorizováno
+              authorized_unconfirmed: Autorizováno, ale nepotvrzeno
+              global: "- Jakákoli metoda ověřování -"
+              registered: Registrován
+              unconfirmed: Nepotvrzeno
+        authorizations:
+          new:
+            no_action: Tato metoda vyžaduje administrátora, který vás ověřuje
+    verifications:
+      authorizations:
+        first_login:
+          actions:
+            direct_verifications: Přímé ověření
+  devise:
+    mailer:
+      direct_invite:
+        subject: Pokyny pro pozvání

data/config/locales/en.yml

@@ -21,12 +21,39 @@ en:
     direct_verifications:
       verification:
         admin:
+          imports:
+            new:
+              info: Import a CSV file with a user entry per line copying the format from the example below
+              submit: Upload file
+              file: CSV file with users data
+            create:
+              success: File successfully uploaded. We'll email you when all users are imported.
+              error: There was an error importing the file
+            mailer:
+              subject: File import results
+              authorized: "%{successful} users have been successfully verified using
+                [%{handler}] (%{count} detected, %{errors} errors)"
+              info: "%{count} users detected, of which %{registered} are registered,
+                %{authorized} authorized using [%{handler}] (%{unconfirmed} unconfirmed)"
+              registered: "%{successful} users have been successfully registered (%{count}
+                detected, %{errors} errors) "
+              revoked: Verification from %{successful} users have been revoked using
+                [%{handler}] (%{count} detected, %{errors} errors)
+          authorizations:
+            index:
+              created_at: Created at
+              metadata: Metadata
+              name: Name
+              title: Authorizations
+              user_name: User name
+              new_import: New import
           direct_verifications:
             create:
               authorized: "%{authorized} users have been successfully verified using
                 [%{handler}] (%{count} detected, %{errors} errors)"
               info: "%{count} users detected, of which %{registered} are registered,
                 %{authorized} authorized using [%{handler}] (%{unconfirmed} unconfirmed)"
+              missing_header: Please, provide a header row
               registered: "%{registered} users have been successfully registered (%{count}
                 detected, %{errors} errors) "
               revoked: Verification from %{revoked} users have been revoked using
@@ -35,14 +62,14 @@ en:
               need to have explicit consent from your users in order to register them.
               Otherwise you will be infringing the GDPR regulation in EU countries.
           index:
+            authorizations: Authorized users
             stats: User stats
             title: Register and authorize users
           new:
             authorization_handler: Verification method
             authorize: Authorize users
             check: Check users status
-            info: Enter the emails here, one per line. If the emails are preceded
-              by a text, it will be interpreted as the user's name
+            info_html: You can <a href=%{link}>import a CSV</a> or enter the emails here, one per line. If the emails are preceded by a text, it will be interpreted as the user's name.
             register: Register users in the platform (if they exist they will be ignored)
             revoke: Revoke authorization from users
             submit: Send and process the list
@@ -57,6 +84,11 @@ en:
         authorizations:
           new:
             no_action: This method requires an administrator that verifies you
+    verifications:
+      authorizations:
+        first_login:
+          actions:
+            direct_verifications: Direct verification
   devise:
     mailer:
       direct_invite:

data/config/locales/es.yml

@@ -1,4 +1,3 @@
----
 es:
   decidim:
     admin:
@@ -11,40 +10,41 @@ es:
       admin:
         direct_verifications:
           help:
-          - 'Permite la introducción masiva d usuarios con el fin de:'
-          - Registrarlos directamente a la organización con el envío de invitaciones
-          - Verificarlos en cualquier método de verificación activo
-          - Revocar la verificación en cualquier método de verificación activo
+            - 'Permite la introducción masiva d usuarios con el fin de:'
+            - Registrarlos directamente a la organización con el envío de invitaciones
+            - Verificarlos en cualquier método de verificación activo
+            - Revocar la verificación en cualquier método de verificación activo
       direct_verifications:
         explanation: Verificación manual por parte de los administradores de la organización
         name: Verificación directa
     direct_verifications:
       verification:
         admin:
+          authorizations:
+            index:
+              created_at: Creado el
+              metadata: Metadatos
+              name: Nombre
+              title: Autorizaciones
+              user_name: Nombre de usuario
+              new_import: Nueva importación
           direct_verifications:
             create:
-              authorized: Se han verificado correctamente %{authorized} usuarios usando
-                [%{handler}] (%{count} detectados, %{errors} errores)
-              info: Se han detectado %{count} usuarios, de los cuales %{registered}
-                están registrados, %{authorized} autorizados usando [%{handler}] (%{unconfirmed}
-                sin confirmar)
-              registered: Se han registrado correctamente %{registered} usuarios (%{count}
-                detectados, %{errors} errores)
-              revoked: Se ha revocado correctament la verificación de %{revoked} usuarios
-                usando [%{handler}] (%{count} detectados, %{errors} errores)
-            gdpr_disclaimer: Haga esto bajo su responsabilidad. Recuerde que debe
-              contar con el consentimiento explícito de sus usuarios para poder registrarlos.
-              De lo contrario, estará infringiendo la regulación GDPR en los países
-              de la UE.
+              authorized: "Se han verificado correctamente %{authorized} usuarios usando [%{handler}] (%{count} detectados, %{errors} errores)"
+              info: "Se han detectado %{count} usuarios, de los cuales %{registered} están registrados, %{authorized} autorizados usando [%{handler}] (%{unconfirmed} sin confirmar)"
+              missing_header: Por favor, proporcionad una fila de encabezamiento
+              registered: "Se han registrado correctamente %{registered} usuarios (%{count} detectados, %{errors} errores)"
+              revoked: Se ha revocado correctament la verificación de %{revoked} usuarios usando [%{handler}] (%{count} detectados, %{errors} errores)
+            gdpr_disclaimer: Haga esto bajo su responsabilidad. Recuerde que debe contar con el consentimiento explícito de sus usuarios para poder registrarlos. De lo contrario, estará infringiendo la regulación GDPR en los países de la UE.
           index:
+            authorizations: Usuarios autorizados
             stats: Estadísticas de usuarios
             title: Inscribe y autoriza usuarios
           new:
             authorization_handler: Método de verificación
             authorize: Autoriza los usuarios
             check: Comprueba el estado de los usuarios
-            info: Introduce aquí los emails, uno por linea. Si los emails están precedidos
-              por un texto, se interpretará como el nombre del usuario
+            info: Introduce aquí los emails, uno por linea. Si los emails están precedidos por un texto, se interpretará como el nombre del usuario
             register: Registra los usuarios a la plataforma (si existen se ignorarán)
             revoke: Revoca la autorización de los usuarios
             submit: Envía y procesa el listado
@@ -59,6 +59,11 @@ es:
         authorizations:
           new:
             no_action: Este método requiere que un administrador os verifique
+    verifications:
+      authorizations:
+        first_login:
+          actions:
+            direct_verifications: Verificación directa
   devise:
     mailer:
       direct_invite:

data/config/locales/fr.yml

@@ -0,0 +1,69 @@
+fr:
+  decidim:
+    admin:
+      models:
+        user:
+          fields:
+            roles:
+              participant: Participant
+    authorization_handlers:
+      admin:
+        direct_verifications:
+          help:
+            - 'Permet l''introduction massive des utilisateurs afin de :'
+            - Inscription directe au sein de l'organisation et envoie des invitations
+            - Vérifiez-les avec n'importe quelle méthode de vérification active
+            - Révoquer leur vérification dans toute méthode de vérification active
+      direct_verifications:
+        explanation: Vérification manuelle par les administrateurs de l'organisation
+        name: Vérification directe
+    direct_verifications:
+      verification:
+        admin:
+          authorizations:
+            index:
+              created_at: Créé à
+              metadata: Métadonnées
+              name: Nom
+              title: Autorisations
+              user_name: Nom de l'utilisateur
+              new_import: Nouvel import
+          direct_verifications:
+            create:
+              authorized: "%{authorized} utilisateurs ont été vérifiés avec succès en utilisant [%{handler}] (%{count} détectés, %{errors} erreurs)"
+              info: "%{count} utilisateurs détectés, dont %{registered} sont enregistrés, %{authorized} autorisés à utiliser [%{handler}] (%{unconfirmed} non confirmés)"
+              registered: "%{registered} utilisateurs ont été enregistrés avec succès (%{count} détectés, %{errors} erreurs) "
+              revoked: La vérification de %{revoked} utilisateurs ont été révoqués en utilisant [%{handler}] (%{count} détectés, %{errors} erreurs)
+            gdpr_disclaimer: Faites-le sous votre responsabilité. N'oubliez pas que vous devez avoir le consentement explicite de vos utilisateurs afin de les enregistrer. Dans le cas contraire, vous enfreindrez le règlement du RGPD dans les pays de l'UE.
+          index:
+            authorizations: Utilisateurs autorisés
+            stats: Statistiques des utilisateurs
+            title: Inscription et autorisation des utilisateurs
+          new:
+            authorization_handler: Méthode de vérification
+            authorize: Utilisateurs autorisés
+            check: Vérifier le statut des utilisateurs
+            info: Entrez les e-mails ici, un par ligne. Si les e-mails sont précédés d'un texte, il sera interprété comme le nom de l'utilisateur
+            register: Inscrire des utilisateurs sur la plateforme (si ils existent, ils seront ignorés)
+            revoke: Révoquer l'autorisation des utilisateurs
+            submit: Envoyer et traiter la liste
+            textarea: Liste d'emails
+          stats:
+            index:
+              authorized: Autorisé
+              authorized_unconfirmed: Autorisé mais non confirmé
+              global: "- N'importe quelle méthode de vérification -"
+              registered: Inscrits
+              unconfirmed: Non confirmé
+        authorizations:
+          new:
+            no_action: Cette méthode nécessite un administrateur qui vous vérifie
+    verifications:
+      authorizations:
+        first_login:
+          actions:
+            direct_verifications: Vérification directe
+  devise:
+    mailer:
+      direct_invite:
+        subject: Instructions d'invitation

data/lib/decidim/direct_verifications.rb

@@ -1,12 +1,35 @@
 # frozen_string_literal: true
 
 require_relative "direct_verifications/version"
-require_relative "direct_verifications/config"
 require_relative "direct_verifications/user_processor"
 require_relative "direct_verifications/user_stats"
 require_relative "direct_verifications/verification"
+require_relative "direct_verifications/parsers"
 
 module Decidim
   module DirectVerifications
+    include ActiveSupport::Configurable
+
+    class InputParserError < StandardError; end
+
+    # Specify in this variable which authorization methods can be managed by the plugin
+    # Be careful to specify only what you really need
+    config_accessor :manage_workflows do
+      ["direct_verifications"]
+    end
+
+    # The processor for the user uploaded data where to extract emails and other info
+    # be default it uses Decidim::DirectVerifications::Parsers::NameParser
+    # Currently available are:
+    # - :name_parser
+    # - :metadata_parser
+    # A custom parser can be specified as long it respects the module hierachy
+    config_accessor :input_parser do
+      :name_parser
+    end
+
+    def self.find_parser_class(manifest)
+      "Decidim::DirectVerifications::Parsers::#{manifest.to_s.camelize}".safe_constantize || Decidim::DirectVerifications::Parsers::NameParser
+    end
   end
 end

data/lib/decidim/direct_verifications/authorize_user.rb

@@ -0,0 +1,64 @@
+# frozen_string_literal: true
+
+module Decidim
+  module DirectVerifications
+    class AuthorizeUser
+      # rubocop:disable Metrics/ParameterLists
+      def initialize(email, data, session, organization, instrumenter, authorization_handler)
+        @email = email
+        @data = data
+        @session = session
+        @organization = organization
+        @instrumenter = instrumenter
+        @authorization_handler = authorization_handler
+      end
+      # rubocop:enable Metrics/ParameterLists
+
+      def call
+        unless user
+          instrumenter.add_error :authorized, email
+          return
+        end
+
+        return unless valid_authorization?
+
+        Verification::ConfirmUserAuthorization.call(authorization, form, session) do
+          on(:ok) do
+            instrumenter.add_processed :authorized, email
+          end
+          on(:invalid) do
+            instrumenter.add_error :authorized, email
+          end
+        end
+      end
+
+      private
+
+      attr_reader :email, :data, :session, :organization, :instrumenter, :authorization_handler
+
+      def valid_authorization?
+        !authorization.granted? || authorization.expired?
+      end
+
+      def user
+        @user ||= User.find_by(email: email, decidim_organization_id: organization.id)
+      end
+
+      def authorization
+        @authorization ||=
+          begin
+            auth = Authorization.find_or_initialize_by(
+              user: user,
+              name: authorization_handler
+            )
+            auth.metadata = data
+            auth
+          end
+      end
+
+      def form
+        Verification::DirectVerificationsForm.new(email: user.email, name: user.name)
+      end
+    end
+  end
+end

data/lib/decidim/direct_verifications/instrumenter.rb

@@ -0,0 +1,58 @@
+# frozen_string_literal: true
+
+module Decidim
+  module DirectVerifications
+    class Instrumenter
+      def initialize(current_user)
+        @current_user = current_user
+        @errors = { registered: Set.new, authorized: Set.new, revoked: Set.new }
+        @processed = { registered: Set.new, authorized: Set.new, revoked: Set.new }
+      end
+
+      def add_processed(type, email)
+        @processed[type] << email
+      end
+
+      def add_error(type, email)
+        @errors[type] << email
+      end
+
+      def processed_count(key)
+        processed[key].size
+      end
+
+      def errors_count(key)
+        errors[key].size
+      end
+
+      def emails_count(key)
+        @processed[key].size + @errors[key].size
+      end
+
+      def track(event, email, user = nil)
+        if user
+          add_processed event, email
+          log_action user
+        else
+          add_error event, email
+        end
+      end
+
+      private
+
+      attr_reader :current_user, :processed, :errors
+
+      def log_action(user)
+        Decidim.traceability.perform_action!(
+          "invite",
+          user,
+          current_user,
+          extra: {
+            invited_user_role: "participant",
+            invited_user_id: user.id
+          }
+        )
+      end
+    end
+  end
+end