decidim-verifications 0.19.1 → 0.23.0

data/app/controllers/decidim/verifications/application_controller.rb

@@ -5,7 +5,7 @@ module Decidim
     class ApplicationController < Decidim::ApplicationController
       include NeedsPermission
 
-      before_action :confirmed_user, only: [:new, :create]
+      before_action :confirmed_user, only: [:new, :create, :renew]
 
       def new
         raise NotImplementedError
@@ -15,6 +15,10 @@ module Decidim
         raise NotImplementedError
       end
 
+      def renew
+        raise NotImplementedError
+      end
+
       private
 
       def confirmed_user

data/app/controllers/decidim/verifications/authorizations_controller.rb

@@ -4,14 +4,16 @@ module Decidim
   module Verifications
     # This controller allows users to create and destroy their authorizations. It
     # shouldn't be necessary to expand it to add new authorization schemes.
-    class AuthorizationsController < ApplicationController
-      helper_method :handler, :unauthorized_methods
+    class AuthorizationsController < Verifications::ApplicationController
+      helper_method :handler, :unauthorized_methods, :authorization_method, :authorization
       before_action :valid_handler, only: [:new, :create]
 
       include Decidim::UserProfile
+      include Decidim::Verifications::Renewable
       helper Decidim::DecidimFormHelper
       helper Decidim::CtaButtonHelper
       helper Decidim::AuthorizationFormHelper
+      helper Decidim::TranslationsHelper
 
       layout "layouts/decidim/user_profile", only: [:index]
 
@@ -48,6 +50,12 @@ module Decidim
 
       protected
 
+      def authorization_method(authorization)
+        return unless authorization
+
+        Decidim::Verifications::Adapter.from_element(authorization.name)
+      end
+
       def handler
         @handler ||= Decidim::AuthorizationHandler.handler_for(handler_name, handler_params)
       end
@@ -92,6 +100,15 @@ module Decidim
 
         store_location_for(:user, redirect_url)
       end
+
+      private
+
+      def authorization
+        @authorization ||= Decidim::Authorization.find_by(
+          user: current_user,
+          name: handler_name
+        )
+      end
     end
   end
 end

data/app/controllers/decidim/verifications/csv_census/authorizations_controller.rb

@@ -4,13 +4,15 @@ module Decidim
   module Verifications
     module CsvCensus
       class AuthorizationsController < Decidim::ApplicationController
+        include Decidim::Verifications::Renewable
+
         helper_method :authorization
 
         before_action :load_authorization
 
         def new
           @form = CensusForm.from_params(user: current_user)
-          ConfirmCensusAuthorization.call(@authorization, @form) do
+          ConfirmCensusAuthorization.call(@authorization, @form, session) do
             on(:ok) do
               flash[:notice] = t("authorizations.new.success", scope: "decidim.verifications.csv_census")
             end

data/app/controllers/decidim/verifications/id_documents/admin/confirmations_controller.rb

@@ -23,7 +23,7 @@ module Decidim
 
             @form = InformationForm.from_params(params)
 
-            ConfirmUserAuthorization.call(@pending_authorization, @form) do
+            ConfirmUserAuthorization.call(@pending_authorization, @form, session) do
               on(:ok) do
                 flash[:notice] = t("confirmations.create.success", scope: "decidim.verifications.id_documents.admin")
                 redirect_to pending_authorizations_path

data/app/controllers/decidim/verifications/id_documents/authorizations_controller.rb

@@ -7,6 +7,8 @@ module Decidim
       # Handles verification by identity document upload
       #
       class AuthorizationsController < ApplicationController
+        include Decidim::Verifications::Renewable
+
         helper_method :authorization, :verification_type, :using_offline?, :using_online?, :available_methods
 
         before_action :load_authorization

data/app/controllers/decidim/verifications/postal_letter/authorizations_controller.rb

@@ -4,6 +4,8 @@ module Decidim
   module Verifications
     module PostalLetter
       class AuthorizationsController < ApplicationController
+        include Decidim::Verifications::Renewable
+
         helper_method :authorization
 
         before_action :load_authorization
@@ -43,7 +45,7 @@ module Decidim
 
           @form = ConfirmationForm.from_params(params)
 
-          ConfirmUserAuthorization.call(@authorization, @form) do
+          ConfirmUserAuthorization.call(@authorization, @form, session) do
             on(:ok) do
               flash[:notice] = t("authorizations.update.success", scope: "decidim.verifications.postal_letter")
               redirect_to decidim_verifications.authorizations_path

data/app/controllers/decidim/verifications/sms/authorizations_controller.rb

@@ -4,6 +4,8 @@ module Decidim
   module Verifications
     module Sms
       class AuthorizationsController < ApplicationController
+        include Decidim::Verifications::Renewable
+
         helper_method :authorization
 
         def new
@@ -41,7 +43,7 @@ module Decidim
 
           @form = ConfirmationForm.from_params(params)
 
-          ConfirmUserAuthorization.call(authorization, @form) do
+          ConfirmUserAuthorization.call(authorization, @form, session) do
             on(:ok) do
               flash[:notice] = t("authorizations.update.success", scope: "decidim.verifications.sms")
 

data/app/forms/decidim/verifications/admin/revocations_before_date_form.rb

@@ -0,0 +1,16 @@
+# frozen_string_literal: true
+
+module Decidim
+  module Verifications
+    module Admin
+      class RevocationsBeforeDateForm < Decidim::Form
+        include TranslatableAttributes
+
+        attribute :impersonated_only, Boolean
+        attribute :before_date, Decidim::Attributes::LocalizedDate
+
+        validates :before_date, presence: true
+      end
+    end
+  end
+end

data/app/forms/decidim/verifications/id_documents/upload_form.rb

@@ -11,8 +11,7 @@ module Decidim
         attribute :verification_attachment, String
 
         validates :verification_attachment,
-                  file_size: { less_than_or_equal_to: ->(_record) { Decidim.maximum_attachment_size } },
-                  file_content_type: { allow: ["image/jpeg", "image/png"] },
+                  passthru: { to: Decidim::Authorization },
                   presence: true,
                   if: :uses_online_method?
       end

data/app/models/decidim/verifications/csv_census/data.rb

@@ -29,7 +29,7 @@ module Decidim
 
         def process_row(row)
           user_mail = row.first
-          if user_mail.present? && user_mail.match?(Devise.email_regexp)
+          if user_mail.present? && user_mail.match?(::Devise.email_regexp)
             values << user_mail
           else
             errors << row

data/app/queries/decidim/verifications/authorizations_before_date.rb

@@ -0,0 +1,51 @@
+# frozen_string_literal: true
+
+module Decidim
+  module Verifications
+    # Finds authorizations by different criteria
+    class AuthorizationsBeforeDate < Rectify::Query
+      # Initializes the class.
+      #
+      # @param organization [Organization] The organization where this authorization belongs to
+      # @param date [Date] The verification's date of an authorization
+      # @param granted [boolean] Whether return granted auths only or not granted only
+      # @param impersonated_only [boolean] Whether return impersonated auths only
+      def initialize(organization:, date:, granted: true, impersonated_only: false)
+        @organization = organization
+        @date = date
+        @granted = granted
+        @impersonated_only = impersonated_only
+      end
+
+      # Finds the Authorizations for the given method
+      #
+      # Returns an ActiveRecord::Relation.
+      def query
+        return Decidim::Authorization.none unless organization
+
+        query = Decidim::Authorization.left_outer_joins(:organization).where(decidim_organizations: { id: organization.id })
+
+        if impersonated_only
+          query = query
+                  .left_outer_joins(:user)
+                  .where(decidim_users: { decidim_organization_id: organization.id })
+                  .where(decidim_users: { managed: true })
+        end
+
+        query = query.where("#{Decidim::Authorization.table_name}.created_at < ?", date) unless date.nil?
+
+        query = if granted
+                  query.where.not(granted_at: nil)
+                else
+                  query.where(granted_at: nil)
+                end
+
+        query
+      end
+
+      private
+
+      attr_reader :organization, :date, :granted, :impersonated_only
+    end
+  end
+end

data/app/services/decidim/authorization_handler.rb

@@ -56,6 +56,10 @@ module Decidim
     # params the user sent with the authorization form want to be persisted for
     # future use.
     #
+    # As a convention, an 'extras' key can be used to store information not
+    # directly related with authorization. Thus, when rendering previous
+    # verification data, on renewal, 'extras' is not rendered to the user.
+    #
     # Returns a Hash.
     def metadata
       {}

data/app/views/decidim/verifications/authorizations/_granted_authorization.html.erb

@@ -1,27 +1,32 @@
-<div class="card--list__item">
-  <div class="card--list__text">
-    <%= icon "lock-locked", class: "card--list__icon" %>
-    <div>
-      <h5 class="card--list__heading">
-        <%= t("#{authorization.name}.name", scope: "decidim.authorization_handlers") %>
-      </h5>
-      <span class="text-small">
-        <% if authorization.expired? %>
-          <%= t("expired_at", scope: "decidim.authorization_handlers", timestamp: l(authorization.expires_at, format: :long)) %>
-        <% else %>
-          <%= t("granted_at", scope: "decidim.authorization_handlers", timestamp: l(authorization.granted_at, format: :long)) %>
-          <% if authorization.expires_at.present? %>
-            <%= t("expires_at", scope: "decidim.authorization_handlers", timestamp: l(authorization.expires_at, format: :long)) %>
-          <% end %>
+<div class="card--list__text">
+  <%= icon "lock-locked", class: "card--list__icon", role: "img", "aria-hidden": true %>
+  <div>
+    <h5 class="card--list__heading">
+      <%= t("#{authorization.name}.name", scope: "decidim.authorization_handlers") %>
+    </h5>
+    <span class="text-small <%= "alert" if authorization.expired? %>">
+      <% if authorization.expired? %>
+        <%= t("expired_at", scope: "decidim.authorization_handlers", timestamp: l(authorization.expires_at, format: :long)) %>
+      <% else %>
+        <%= t("granted_at", scope: "decidim.authorization_handlers", timestamp: l(authorization.granted_at, format: :long)) %>
+        <% if authorization.expires_at.present? %>
+          <%= t("expires_at", scope: "decidim.authorization_handlers", timestamp: l(authorization.expires_at, format: :long)) %>
         <% end %>
-      </span>
-    </div>
+      <% end %>
+    </span>
   </div>
-  <% if authorization.expired? %>
-    <div class="card--list__data">
-      <span class="card--list__data__icon">
-        <%= icon "reload" %>
-      </span>
-    </div>
-  <% end %>
 </div>
+
+<% if authorization.expired? %>
+  <div class="card--list__data">
+    <span class="card--list__data__icon">
+      <%= icon "reload", aria_label: t("renew", scope: "decidim.authorization_handlers"), role: "img" %>
+    </span>
+  </div>
+<% elsif authorization.renewable? %>
+  <div class="card--list__data">
+    <span class="card--list__data__icon">
+      <%= icon "reload", aria_label: t("renew", scope: "decidim.authorization_handlers"), role: "img" %>
+    </span>
+  </div>
+<% end %>

data/app/views/decidim/verifications/authorizations/first_login.html.erb

@@ -1,4 +1,4 @@
-<main class="wrapper">
+<div class="wrapper">
   <div class="row collapse">
     <div class="row collapse">
       <div class="columns large-8 large-centered text-center">
@@ -19,4 +19,4 @@
       </div>
     </div>
   </div>
-</main>
+</div>

data/app/views/decidim/verifications/authorizations/index.html.erb

@@ -1,28 +1,38 @@
+<% add_decidim_page_title(t("authorizations", scope: "layouts.decidim.user_profile")) %>
+<% content_for(:subtitle) { t("authorizations", scope: "layouts.decidim.user_profile") } %>
+<% url_params = (redirect_url.present? ? { redirect_url: redirect_url } : {}) %>
+
 <div class="row column authorizations-list">
   <section class="section">
     <% if @granted_authorizations.any? %>
       <div class="card card--list">
         <% @granted_authorizations.each do |authorization| %>
           <% if authorization.expired? %>
-            <% authorization_method = Decidim::Verifications::Adapter.from_element(authorization.name) %>
-            <%= link_to authorization_method.root_path do %>
+            <%= link_to authorization_method(authorization).root_path(url_params), title: t(".expired_verification"), class: "card--list__item" do %>
               <% render partial: "granted_authorization", locals: { authorization: authorization } %>
             <% end %>
+          <% elsif authorization.renewable? %>
+            <%= link_to "#", title: t(".show_renew_info"), data: { open: "renew-modal", "open-url": renew_modal_authorizations_path(handler: authorization.name) }, class: "card--list__item authorization-renewable" do %>
+               <%= render partial: "granted_authorization", locals: { authorization: authorization } %>
+            <% end %>
           <% else %>
-            <%= render partial: "granted_authorization", locals: { authorization: authorization } %>
+            <div class="card--list__item">
+              <%= render partial: "granted_authorization", locals: { authorization: authorization } %>
+            </div>
           <% end %>
         <% end %>
       </div>
+
+      <div id="renew-modal" data-reveal class="reveal" aria-labelledby="<%= t("renew_modal.title", scope: "decidim.verifications.authorizations") %>" aria-hidden="true" role="dialog"></div>
     <% end %>
 
     <% if @pending_authorizations.any? %>
       <div class="card card--list">
         <% @pending_authorizations.each do |authorization| %>
-          <% authorization_method = Decidim::Verifications::Adapter.from_element(authorization.name) %>
-          <%= link_to authorization_method.resume_authorization_path do %>
+          <%= link_to authorization_method(authorization).resume_authorization_path(url_params) do %>
             <div class="card--list__item">
               <div class="card--list__text">
-                <%= icon "reload", class: "card--list__icon" %>
+                <%= icon "reload", class: "card--list__icon", aria_label: t(".pending_verification"), role: "img" %>
                 <div>
                   <h5 class="card--list__heading">
                     <%= t("#{authorization.name}.name", scope: "decidim.authorization_handlers") %>
@@ -32,9 +42,9 @@
                   </span>
                 </div>
               </div>
-              <div class="card--list__data">
+              <div class="card--list__data" aria-hidden="true">
                 <span class="card--list__data__icon">
-                  <%= icon "chevron-right" %>
+                  <%= icon "chevron-right", role: "img", "aria-hidden": true %>
                 </span>
               </div>
             </div>
@@ -46,10 +56,10 @@
     <% if unauthorized_methods.any? %>
       <div class="card card--list">
         <% unauthorized_methods.each do |unauthorized_method| %>
-          <%= link_to unauthorized_method.root_path do %>
+          <%= link_to unauthorized_method.root_path(url_params) do %>
             <div class="card--list__item">
               <div class="card--list__text">
-                <%= icon "lock-unlocked", class: "card--list__icon" %>
+                <%= icon "lock-unlocked", class: "card--list__icon", aria_label: t(".unauthorized_verification"), role: "img" %>
                 <div>
                   <h5 class="card--list__heading">
                     <%= t("#{unauthorized_method.key}.name", scope: "decidim.authorization_handlers") %>
@@ -59,9 +69,9 @@
                   </span>
                 </div>
               </div>
-              <div class="card--list__data">
+              <div class="card--list__data" aria-hidden="true">
                 <span class="card--list__data__icon">
-                  <%= icon "chevron-right" %>
+                  <%= icon "chevron-right", role: "img", "aria-hidden": true %>
                 </span>
               </div>
             </div>

data/app/views/decidim/verifications/authorizations/new.html.erb

@@ -1,4 +1,4 @@
-<main class="wrapper">
+<div class="wrapper">
   <div class="row collapse">
     <div class="row collapse">
       <div class="columns large-8 large-centered text-center page-title">
@@ -29,4 +29,4 @@
       </div>
     </div>
   </div>
-</main>
+</div>

data/app/views/decidim/verifications/authorizations/renew_modal.html.erb

@@ -0,0 +1,38 @@
+<div class="reveal__header">
+  <h3 class="reveal__title">
+    <%= t("renew_modal.title", scope: "decidim.verifications.authorizations") %>
+  </h3>
+
+  <button class="close-button" data-close aria-label="<%= t("renew_modal.close", scope: "decidim.verifications.authorizations") %>"
+    type="button">
+    <span aria-hidden="true">&times;</span>
+  </button>
+</div>
+
+<div class="row">
+  <p>
+    <strong>
+      <%= t("#{authorization.name}.name", scope: "decidim.authorization_handlers") %>
+    </strong>
+    <br>
+    <span class="text-muted">
+      <%= t("#{authorization.name}.explanation", scope: "decidim.authorization_handlers") %>
+    </span>
+  </p>
+
+  <%= cell(authorization.metadata_cell, authorization) %>
+
+  <p>
+    <%= t("renew_modal.info_renew", scope: "decidim.verifications.authorizations") %>
+  </p>
+</div>
+
+<div class="row">
+  <div class="column flex-center">
+    <button class="clear button secondary expanded" data-close type="button">
+      <%= t("renew_modal.cancel", scope: "decidim.verifications.authorizations") %>
+    </button>
+
+    <%= link_to t("renew_modal.continue", scope: "decidim.verifications.authorizations"), authorization_method(authorization).renew_path, class: "button expanded" %>
+  </div>
+</div>

data/app/views/decidim/verifications/id_documents/admin/pending_authorizations/index.html.erb

@@ -15,8 +15,8 @@
         </tr>
       </thead>
       <tbody>
-        <tr>
-          <% @pending_online_authorizations.each do |authorization| %>
+        <% @pending_online_authorizations.each do |authorization| %>
+          <tr>
             <td>
               <%= link_to t(".verification_number", n: authorization.id),
                           new_pending_authorization_confirmation_path(authorization.id) %>
@@ -26,8 +26,8 @@
                 <%= image_tag authorization.verification_attachment.url(:thumbnail), class: "thumbnail-list" %>
               <% end %>
             </td>
-          <% end %>
-        </tr>
+          </tr>
+        <% end %>
       </tbody>
     </table>
   </div>