decidim-verifications 0.11.2 → 0.12.0.pre

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 0e08ca1a5127107a68f42f8e713783d202a78df58a9601b3062021b7c33f7a19
-  data.tar.gz: dd2248607b155c81b29c981363affb11d3dbc4fe60d1818239d5d339116172a8
+  metadata.gz: 697e2cfabb509f91d19fa63bfb1ed743ca656db92435c0350f84193d55bc4b00
+  data.tar.gz: fa06aa8dfb5423b4fb44f24037e1ffe129bab58b3c24bed93083f49b429e5e42
 SHA512:
-  metadata.gz: 6f1374e5f469df6adbb0d04b55205dcc92bcab11025f17fd362a3eda9e2e88b504cbc2f6570013f61e529a374bfdc1cbb7a26f9812e158f198069455bc600cfe
-  data.tar.gz: 33d658f5cad09b84b9867be2a38f486a39d988edf0c30ba08be7d69b725b5458f0046d8ad672f1c3c2afa550152cfab33c5a2f121944b6bf5f9209373ee0e6c5
+  metadata.gz: 7c035b21d66752276f869f15bb4b799d26ab311e12e5d4dcb9e62b22c88852bb5b376f36c10e54447dad6bcf54320c164e008a224a79f70fc8f516d8975d0196
+  data.tar.gz: ab12caf3cda046c88458b66399f8218d7d98e71e11ecb42f57f942c5458819e3623e68d9d970c15220228f00296258f151e65fb4e622dff496d245f39b58271e

data/README.md

@@ -5,6 +5,24 @@ perform certain privileged actions. This module implements several of those meth
 and also offers a way for installation to implement their custom verification
 methods.
 
+There are several use cases for this, such as
+
+* Sending a SMS code to users to verify that their have a valid cellphone
+
+* Allowing users to upload a photo or scanned image of their identity document
+
+* Sending users a code through postal code
+
+* Allowing users to go to to a physical office and check their documentation
+
+* Checking some information through other systems (as a Municipal Census on the
+  case of Municipalities, Cities or Towns)
+
+* Having a list of valid users emails
+
+Right now Decidim supports only a few of these cases, but we have an internal
+API where you can program your own kind of authorizations.
+
 ## Introduction
 
 Each decidim instance is in full control of its authorizations, and can customize:
@@ -31,8 +49,12 @@ Decidim implements two type of authorization methods:
   a census API you will need a form with some fields that your users will use to
   authenticate against a census (for example, an ID and a Postal Code). You'll
   implement this with a form class. See the documentation for the [parent
-  class][authorization handler base class] or have a look at a
-  [live example][live authorization handler example] in decidim-barcelona.
+  class][authorization handler base class] or have a look at some live examples,
+  such as:
+
+  * [Decidim Barcelona].
+  * [Decidim Terrassa].
+  * [Decidim Sant Cugat].
 
   To register your handler, use
 
@@ -75,6 +97,30 @@ Decidim implements two type of authorization methods:
   * `edit_authorization_path`: This is the entry point to resume an existing
     authorization process.
 
+## Authorization options
+
+Sometimes you want to scope authorizations only to users that meet certain
+requirements. For example, you might only allow users registered at a certain
+postal code to be verified and thus perform certain actions.
+
+You can do this with authorization options. For example, in the case just
+presented, you should define something like this in your authorization workflow:
+
+```ruby
+Decidim::Verifications.register_workflow(:my_workflow) do |workflow|
+  workflow.form = "MyAuthorizationHandler"
+
+  workflow.options do |options|
+    options.attribute :postal_code, type: :string, required: false
+  end
+end
+```
+
+The format of the options you can define is the standard for a virtus attribute,
+plus an additional `required` (true by default) option were you can choose
+whether the option is compulsory when configuring the workflow as a permission
+for an action or not.
+
 ## Custom action authorizers
 
 Custom action authorizers are an advanced component that can be used in both types of
@@ -150,4 +196,7 @@ See [Decidim](https://github.com/decidim/decidim).
 See [Decidim](https://github.com/decidim/decidim).
 
 [authorization handler base class]: https://github.com/decidim/decidim/blob/master/decidim-core/app/services/decidim/authorization_handler.rb
-[real authorization handler]: https://github.com/decidim/decidim-barcelona/blob/master/app/services/census_authorization_handler.rb
+
+[Decidim Barcelona]: https://github.com/AjuntamentdeBarcelona/decidim-barcelona/blob/master/app/services/census_authorization_handler.rb
+[Decidim Terrassa]: https://github.com/AjuntamentDeTerrassa/decidim-terrassa/blob/master/app/services/census_authorization_handler.rb
+[Decidim Sant Cugat]: https://github.com/AjuntamentdeSantCugat/decidim-sant_cugat/blob/master/app/services/census_authorization_handler.rb

data/app/controllers/decidim/verifications/id_documents/admin/confirmations_controller.rb

@@ -13,13 +13,13 @@ module Decidim
           before_action :load_pending_authorization
 
           def new
-            authorize! :update, @pending_authorization
+            enforce_permission_to :update, :authorization, authorization: @pending_authorization
 
             @form = InformationForm.new
           end
 
           def create
-            authorize! :update, @pending_authorization
+            enforce_permission_to :update, :authorization, authorization: @pending_authorization
 
             @form = InformationForm.from_params(params)
 

data/app/controllers/decidim/verifications/id_documents/admin/pending_authorizations_controller.rb

@@ -8,7 +8,7 @@ module Decidim
           layout "decidim/admin/users"
 
           def index
-            authorize! :index, Authorization
+            enforce_permission_to :index, :authorization
 
             @pending_authorizations = pending_authorizations
           end

data/app/controllers/decidim/verifications/id_documents/admin/rejections_controller.rb

@@ -13,7 +13,7 @@ module Decidim
           before_action :load_pending_authorization
 
           def create
-            authorize! :update, @pending_authorization
+            enforce_permission_to :update, :authorization, authorization: @pending_authorization
 
             @form = InformationRejectionForm.from_model(@pending_authorization)
 

data/app/controllers/decidim/verifications/id_documents/authorizations_controller.rb

@@ -12,13 +12,13 @@ module Decidim
         before_action :load_authorization
 
         def new
-          authorize! :create, @authorization
+          enforce_permission_to :create, :authorization, authorization: @authorization
 
           @form = UploadForm.new
         end
 
         def create
-          authorize! :create, @authorization
+          enforce_permission_to :create, :authorization, authorization: @authorization
 
           @form = UploadForm.from_params(params.merge(user: current_user))
 
@@ -36,13 +36,13 @@ module Decidim
         end
 
         def edit
-          authorize! :update, @authorization
+          enforce_permission_to :update, :authorization, authorization: @authorization
 
           @form = UploadForm.from_model(@authorization)
         end
 
         def update
-          authorize! :update, @authorization
+          enforce_permission_to :update, :authorization, authorization: @authorization
 
           @form = UploadForm.from_params(
             params.merge(

data/app/controllers/decidim/verifications/postal_letter/admin/pending_authorizations_controller.rb

@@ -8,7 +8,7 @@ module Decidim
           layout "decidim/admin/users"
 
           def index
-            authorize! :index, Authorization
+            enforce_permission_to :index, :authorization
 
             @pending_authorizations = AuthorizationPresenter.for_collection(
               pending_authorizations

data/app/controllers/decidim/verifications/postal_letter/admin/postages_controller.rb

@@ -13,7 +13,7 @@ module Decidim
           before_action :load_pending_authorization
 
           def create
-            authorize! :update, @pending_authorization
+            enforce_permission_to :update, :authorization, authorization: @pending_authorization
 
             @form = PostageForm.from_model(@pending_authorization)
 

data/app/controllers/decidim/verifications/postal_letter/authorizations_controller.rb

@@ -9,13 +9,13 @@ module Decidim
         before_action :load_authorization
 
         def new
-          authorize! :create, @authorization
+          enforce_permission_to :create, :authorization, authorization: @authorization
 
           @form = AddressForm.new
         end
 
         def create
-          authorize! :create, @authorization
+          enforce_permission_to :create, :authorization, authorization: @authorization
 
           @form = AddressForm.from_params(params.merge(user: current_user))
 
@@ -33,13 +33,13 @@ module Decidim
         end
 
         def edit
-          authorize! :update, @authorization
+          enforce_permission_to :update, :authorization, authorization: @authorization
 
           @form = ConfirmationForm.from_params(params)
         end
 
         def update
-          authorize! :update, @authorization
+          enforce_permission_to :update, :authorization, authorization: @authorization
 
           @form = ConfirmationForm.from_params(params)
 

data/config/locales/ca.yml

@@ -51,6 +51,7 @@ ca:
           success: Has estat autoritzat amb èxit.
         first_login:
           actions:
+            another_dummy_authorization_handler: Verifiqueu contra un altre exemple de controlador d'autorització
             dummy_authorization_handler: Verificar contra l'autorització d'exemple
             dummy_authorization_workflow: Verificar contra l'exemple de flux d'autorització
             id_documents: Verifica't carregant el teu document d'identitat

data/config/locales/en.yml

@@ -52,6 +52,7 @@ en:
           success: You've been successfully authorized.
         first_login:
           actions:
+            another_dummy_authorization_handler: Verify against another example of authorization handler
             dummy_authorization_handler: Verify against the example authorization handler
             dummy_authorization_workflow: Verify against the example authorization workflow
             id_documents: Get verified by uploading your identity document

data/config/locales/es.yml

@@ -51,6 +51,7 @@ es:
           success: Has sido autorizado/a correctamente.
         first_login:
           actions:
+            another_dummy_authorization_handler: Verificar contra otro ejemplo de controlador de autorización
             dummy_authorization_handler: Verificar contra el gestor de autorización de ejemplo
             dummy_authorization_workflow: Verificar contra el flujo de autorización de ejemplo
             id_documents: Verifícate subiendo tu documento de identidad

data/config/locales/eu.yml

@@ -51,6 +51,7 @@ eu:
           success: Ongi baimendu duzu.
         first_login:
           actions:
+            another_dummy_authorization_handler: Egiaztatu baimenen kudeatzailearen beste adibide baten aurka
             dummy_authorization_handler: Egiaztatu adibide-baimenaren kudeatzailearen aurka
             dummy_authorization_workflow: Egiaztatu baimenen laneko fluxuaren aurka
             id_documents: Egiaztatu zure identifikazio dokumentua kargatzen

data/config/locales/fi.yml

@@ -51,6 +51,7 @@ fi:
           success: Tilisi on onnistuneesti vahvistettu.
         first_login:
           actions:
+            another_dummy_authorization_handler: Varmista toinen esimerkki valtuutuksen käsittelijästä
             dummy_authorization_handler: Vahvista tili esimerkkivaltuuttajan avulla
             dummy_authorization_workflow: Vahvista esimerkkivaltuutuksen työnkulkuprosessin kautta
             id_documents: Vahvista tilisi lataamalla henkilöllisyystodistuksesi

data/config/locales/fr.yml

@@ -51,6 +51,7 @@ fr:
           success: Vous avez été autorisé avec succès.
         first_login:
           actions:
+            another_dummy_authorization_handler: Vérifier avec un autre exemple de gestionnaire d'autorisation
             dummy_authorization_handler: Vérifier en comparant avec l'exemple du gestionnaire d'autorisation
             dummy_authorization_workflow: Vérifiez par rapport à l'exemple de procédure d'autorisation
             id_documents: Soyez vérifié en téléchargeant votre document d'identité

data/config/locales/gl.yml

@@ -51,6 +51,7 @@ gl:
           success: Autorizouse con éxito.
         first_login:
           actions:
+            another_dummy_authorization_handler: Verifique contra outro exemplo de controlador de autorización
             dummy_authorization_handler: Verifique contra o controlador de autorización de exemplo
             dummy_authorization_workflow: Verifique contra o fluxo de traballo de autorización de exemplo
             id_documents: Verifique a carga do documento de identidade

data/config/locales/it.yml

@@ -51,6 +51,7 @@ it:
           success: Sei stato autorizzato con successo.
         first_login:
           actions:
+            another_dummy_authorization_handler: Verificare contro un altro esempio di gestore di autorizzazioni
             dummy_authorization_handler: Verificare contro il gestore di autorizzazione di esempio
             dummy_authorization_workflow: Verificare il flusso di lavoro di autorizzazione di esempio
             id_documents: Ottieni la verifica caricando il tuo documento di identità

data/config/locales/nl.yml

@@ -51,6 +51,7 @@ nl:
           success: U bent geautoriseerd.
         first_login:
           actions:
+            another_dummy_authorization_handler: Controleer tegen een ander voorbeeld van autorisatieaanduiding
             dummy_authorization_handler: Verifieer met het voorbeeld van de autorisatieaanduiding
             dummy_authorization_workflow: Controleer aan de hand van het machtigingsworkflow voorbeeld
             id_documents: Wordt geverifieerd door uw identiteitsdocument te uploaden

data/config/locales/pl.yml

@@ -51,6 +51,7 @@ pl:
           success: Pomyślnie autoryzowano.
         first_login:
           actions:
+            another_dummy_authorization_handler: Sprawdź na przykładzie innego przykładu procedury obsługi autoryzacji
             dummy_authorization_handler: Sprawdź na przykładzie przykładowej procedury autoryzacji
             dummy_authorization_workflow: Sprawdź w przykładowym przepływie pracy autoryzacji
             id_documents: Uzyskaj weryfikację, przesyłając swój dokument tożsamości

data/config/locales/pt-BR.yml

@@ -51,6 +51,7 @@ pt-BR:
           success: Você foi autorizado com sucesso.
         first_login:
           actions:
+            another_dummy_authorization_handler: Verificar contra outro exemplo de manipulador de autorização
             dummy_authorization_handler: Verifique contra o manipulador de autorização de exemplo
             dummy_authorization_workflow: Verifique o exemplo de fluxo de trabalho de autorização
             id_documents: Seja verificado ao fazer o upload do documento de identidade

data/config/locales/pt.yml

@@ -51,6 +51,7 @@ pt:
           success: Você foi autorizado com sucesso.
         first_login:
           actions:
+            another_dummy_authorization_handler: Verificar contra outro exemplo de manipulador de autorização
             dummy_authorization_handler: Verifique contra o manipulador de autorização de exemplo
             dummy_authorization_workflow: Verifique o exemplo de fluxo de trabalho de autorização
             id_documents: Seja verificado ao fazer o upload do documento de identidade

data/config/locales/ru.yml

@@ -9,6 +9,13 @@ ru:
         document_type: Вид вашего документа
         user: Участник
         verification_attachment: Скан вашего документа
+      postal_letter_address:
+        full_address: Полный адрес
+      postal_letter_confirmation:
+        verification_code: Проверочный код
+      postal_letter_postage:
+        full_address: Полный адрес
+        verification_code: Проверочный код
   decidim:
     admin:
       menu:
@@ -44,6 +51,7 @@ ru:
           success: Вы успешно подтвердили свою личность.
         first_login:
           actions:
+            another_dummy_authorization_handler: Проведите подтверждение, сравнив с другим примером подтверждения личности
             dummy_authorization_handler: Проведите подтверждение, сравнив с примером подтверждения личности
             dummy_authorization_workflow: Проведите подтверждение, сравнив с примером пути подтверждения личности
             id_documents: Подтвердите личность, загрузив документ, удостоверяющий её
@@ -55,6 +63,12 @@ ru:
           authorize_with: Подтвердить личность с помощью %{authorizer}
         skip_verification: Вы можете пока что пропустить это и %{link}
         start_exploring: начать изучать
+      dummy_authorization:
+        extra_explanation:
+          one: Участие ограничено участниками с почтовым кодом %{postal_codes}.
+          few: 'Участие ограничено участниками с почтовыми кодами %{postal_codes}.'
+          many: 'Участие ограничено участниками с почтовыми кодами %{postal_codes}.'
+          other: 'Участие ограничено участниками с почтовыми кодами %{postal_codes}.'
       id_documents:
         admin:
           confirmations:

data/config/locales/sv.yml

@@ -51,6 +51,7 @@ sv:
           success: Du har godkänts.
         first_login:
           actions:
+            another_dummy_authorization_handler: Verifiera mot ett annat exempel på behörighetshanteraren
             dummy_authorization_handler: Verifiera mot exemplet behörighetshanteraren
             dummy_authorization_workflow: Verifiera mot arbetsflödet för godkännande av exempel
             id_documents: Få verifierad genom att ladda upp ditt identitetsdokument

data/config/locales/uk.yml

@@ -51,6 +51,7 @@ uk:
           success: Ви успішно підтвердили свою особу.
         first_login:
           actions:
+            another_dummy_authorization_handler: Підтвердьте, порівнявши з іншим прикладом підтвердження своєї особи
             dummy_authorization_handler: Підтвердьте, порівнявши з прикладом підтвердження своєї особи
             dummy_authorization_workflow: Підтвердьте, порівнявши з прикладом підтвердження своєї особи
             id_documents: Підтвердіть особу, завантаживши ваш документ

data/lib/decidim/verifications.rb

@@ -6,7 +6,6 @@ require "decidim/verifications/workflows"
 
 require "decidim/verifications/id_documents"
 require "decidim/verifications/postal_letter"
-require "decidim/verifications/dummy"
 
 module Decidim
   def self.authorization_workflows

data/lib/decidim/verifications/version.rb

@@ -4,7 +4,7 @@ module Decidim
   # This holds the decidim-verifications version.
   module Verifications
     def self.version
-      "0.11.2"
+      "0.12.0.pre"
     end
   end
 end

data/lib/decidim/verifications/workflow_manifest.rb

@@ -1,5 +1,7 @@
 # frozen_string_literal: true
 
+require "decidim/settings_manifest"
+
 module Decidim
   module Verifications
     autoload :DefaultActionAuthorizer, "decidim/verifications/default_action_authorizer"
@@ -63,6 +65,26 @@ module Decidim
           DefaultActionAuthorizer
         end
       end
+
+      # Public: Adds configurable settings for this verification workflow. It
+      # uses the DSL specified under `Decidim::SettingsManifest`.
+      #
+      # &block - The DSL present on `Decidim::SettingsManifest`
+      #
+      # Examples:
+      #
+      #   workflow.options do |options|
+      #     options.attribute :minimum_age, type: :integer, default: 18
+      #   end
+      #
+      # Returns nothing.
+      def options
+        @options ||= SettingsManifest.new
+
+        yield(@options) if block_given?
+
+        @options
+      end
     end
   end
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: decidim-verifications
 version: !ruby/object:Gem::Version
-  version: 0.11.2
+  version: 0.12.0.pre
 platform: ruby
 authors:
 - David Rodriguez
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2018-06-13 00:00:00.000000000 Z
+date: 2018-06-06 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: decidim-core
@@ -16,42 +16,42 @@ dependencies:
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 0.11.2
+        version: 0.12.0.pre
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 0.11.2
+        version: 0.12.0.pre
 - !ruby/object:Gem::Dependency
   name: decidim-admin
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 0.11.2
+        version: 0.12.0.pre
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 0.11.2
+        version: 0.12.0.pre
 - !ruby/object:Gem::Dependency
   name: decidim-dev
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 0.11.2
+        version: 0.12.0.pre
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 0.11.2
+        version: 0.12.0.pre
 description: Several verification methods for your decidim instance
 email:
 - deivid.rodriguez@riseup.net
@@ -82,7 +82,6 @@ files:
 - app/presenters/decidim/verifications/postal_letter/authorization_presenter.rb
 - app/queries/decidim/verifications/authorizations.rb
 - app/services/decidim/authorization_handler.rb
-- app/services/decidim/dummy_authorization_handler.rb
 - app/uploaders/decidim/verifications/attachment_uploader.rb
 - app/views/decidim/verifications/authorizations/_granted_authorization.html.erb
 - app/views/decidim/verifications/authorizations/first_login.html.erb
@@ -115,7 +114,6 @@ files:
 - lib/decidim/verifications.rb
 - lib/decidim/verifications/adapter.rb
 - lib/decidim/verifications/default_action_authorizer.rb
-- lib/decidim/verifications/dummy.rb
 - lib/decidim/verifications/engine.rb
 - lib/decidim/verifications/id_documents.rb
 - lib/decidim/verifications/id_documents/admin.rb
@@ -146,9 +144,9 @@ required_ruby_version: !ruby/object:Gem::Requirement
       version: '0'
 required_rubygems_version: !ruby/object:Gem::Requirement
   requirements:
-  - - ">="
+  - - ">"
     - !ruby/object:Gem::Version
-      version: '0'
+      version: 1.3.1
 requirements: []
 rubyforge_project: 
 rubygems_version: 2.7.6

data/app/services/decidim/dummy_authorization_handler.rb

@@ -1,62 +0,0 @@
-# frozen_string_literal: true
-
-module Decidim
-  # An example implementation of an AuthorizationHandler to be used in tests.
-  class DummyAuthorizationHandler < AuthorizationHandler
-    attribute :document_number, String
-    attribute :postal_code, String
-    attribute :birthday, Date
-
-    validates :document_number, presence: true
-    validate :valid_document_number
-
-    def metadata
-      super.merge(document_number: document_number, postal_code: postal_code)
-    end
-
-    def unique_id
-      document_number
-    end
-
-    private
-
-    def valid_document_number
-      errors.add(:document_number, :invalid) unless document_number.to_s.end_with?("X")
-    end
-
-    # An example implementation of a DefaultActionAuthorizer inherited class to override authorization status
-    # checking process. In this case, it allows to set a list of valid postal codes for an authorization.
-    class ActionAuthorizer < Decidim::Verifications::DefaultActionAuthorizer
-      attr_reader :allowed_postal_codes
-
-      # Overrides the parent class method, but it still uses it to keep the base behavior
-      def authorize
-        # Remove the additional setting from the options hash to avoid to be considered missing.
-        @allowed_postal_codes ||= options.delete("allowed_postal_codes")
-
-        status_code, data = *super
-
-        if allowed_postal_codes.present?
-          # Does not authorize users with different postal codes
-          if status_code == :ok && !allowed_postal_codes.member?(authorization.metadata["postal_code"])
-            status_code = :unauthorized
-            data[:fields] = { "postal_code" => authorization.metadata["postal_code"] }
-          end
-
-          # Adds an extra message for inform the user the additional restriction for this authorization
-          data[:extra_explanation] = { key: "extra_explanation",
-                                       params: { scope: "decidim.verifications.dummy_authorization",
-                                                 count: allowed_postal_codes.count,
-                                                 postal_codes: allowed_postal_codes.join(", ") } }
-        end
-
-        [status_code, data]
-      end
-
-      # Adds the list of allowed postal codes to the redirect URL, to allow forms to inform about it
-      def redirect_params
-        { "postal_codes" => allowed_postal_codes&.join("-") }
-      end
-    end
-  end
-end

data/lib/decidim/verifications/dummy.rb

@@ -1,7 +0,0 @@
-# frozen_string_literal: true
-
-Decidim::Verifications.register_workflow(:dummy_authorization_handler) do |workflow|
-  workflow.form = "Decidim::DummyAuthorizationHandler"
-  workflow.action_authorizer = "Decidim::DummyAuthorizationHandler::ActionAuthorizer"
-  workflow.expires_in = 1.hour
-end