decidim-verifications 0.30.1 → 0.31.0.rc1

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 90a284f93c186bca0e06fb5409f3554ae7e0dbd728ae45d2e02014e8884ef8c4
-  data.tar.gz: 5a2c6b6544f731e6365d6ba62148b7d15f286ea60f091c74706a1927ac3095ff
+  metadata.gz: 7f5e445b04ef228652e17ed056aa508198045f6f2a8709a06e6f918ae32e31a2
+  data.tar.gz: e1ef5356582bcab1d2eadb41a71fde9c3980751ee08495c54e175410f10c83ec
 SHA512:
-  metadata.gz: 70b77457cbb0f8459ef82e146628eff2526c364c599ca1c9611354b663a7bed04c3b5888d1f40dbf1dfaa2ec6f6f2005ab3059ce9e6046064e5fd53889a51653
-  data.tar.gz: d5e08ed95e169338ed5098e0c2f489fee7100549058017b114588e41e543ccd25e90060805dfdec262129b2a7d3a04a15f5fcf13e134378dac84c48295d80856
+  metadata.gz: 1a46cbde1f71b5818775a8ef8b6f741945fd2b7bc5c3368ae849aa93e66cccf2e963cec21e7c7118616f294cd5f9b028d9c853433870fa942a8e8d2995f7976d
+  data.tar.gz: 78f7b084de6123dfd783f868d9ef674b25e9f35a0f2beba5150f18153fc635ca25dcf6edaa06379ad8bcbda46ba5ecdf7d4fa3e50e6cede99ce01b3ebca7da7c

data/README.md

@@ -59,7 +59,7 @@ Decidim implements two type of authorization methods:
   To register your handler, use
 
   ```ruby
-  # config/initializers/decidim.rb
+  # config/initializers/decidim_verifications.rb
 
   Decidim::Verifications.register_workflow(:census) do |workflow|
     workflow.form = "<myAuthorizationHandlerClass>"
@@ -74,7 +74,7 @@ Decidim implements two type of authorization methods:
   For example:
 
   ```ruby
-  # config/initializers/decidim.rb
+  # config/initializers/decidim_verifications.rb
 
   Decidim::Verifications.register_workflow(:my_verification) do |workflow|
     workflow.engine = Decidim::Verifications::MyVerification::Engine
@@ -103,7 +103,7 @@ Decidim implements two type of authorization methods:
   Optionally to change the renew modal content part of the data stored, you can set a new value for the cell used to render the metadata.
 
   ```ruby
-  # config/initializers/decidim.rb
+  # config/initializers/decidim_verifications.rb
 
   Decidim::Verifications.register_workflow(:census) do |workflow|
     workflow.form = "myAuthorizationHandlerClass"
@@ -146,7 +146,7 @@ SMS code using your preferred provider.
 In order to setup Decidim with SMS verification you need to:
 
 1. Create a class that accepts two parameters when initializing it (mobile phone and code) and a method named `deliver_code` that will send an SMS and return a truthy or falsey value if the delivery was OK or not.
-1. Set the `sms_gateway_service` configuration variable to the name of the class that you just created (use a String, not the actual class) at `config/initializers/decidim.rb`.
+1. Set the `sms_gateway_service` configuration variable to the name of the class that you just created (use a String, not the actual class) using the `DECIDIM_SMS_GATEWAY_SERVICE` environment variable
 
 Keep in mind that Decidim will not store a free text version of the mobile phone, only a hashed
 version so we can avoid duplicates and guarantee the users' privacy.
@@ -217,7 +217,7 @@ To be used by the verification method, this class should be referenced by name i
 its workflow manifest:
 
 ```ruby
-# config/initializers/decidim.rb
+# config/initializers/decidim_verifications.rb
 
 Decidim::Verifications.register_workflow(:my_verification) do |workflow|
   workflow.engine = Decidim::Verifications::MyVerification::Engine

data/app/commands/decidim/verifications/csv_census/admin/create_census_data.rb

@@ -7,9 +7,10 @@ module Decidim
         # A command with the business logic to create census data for a
         # organization.
         class CreateCensusData < Decidim::Command
-          def initialize(form, organization)
+          def initialize(form, current_user)
             @form = form
-            @organization = organization
+            @current_user = current_user
+            @organization = current_user.organization
           end
 
           # Executes the command. Broadcast this events:
@@ -21,13 +22,13 @@ module Decidim
             return broadcast(:invalid) unless @form.file
 
             data = @form.data
-            return broadcast(:invalid) unless data
+            return broadcast(:invalid) if data.blank? || data.values.empty?
 
             # rubocop:disable Rails/SkipsModelValidations
             CsvDatum.insert_all(@organization, data.values)
             # rubocop:enable Rails/SkipsModelValidations
-            RemoveDuplicatesJob.perform_later(@organization)
 
+            ProcessCensusDataJob.perform_later(data.values, @current_user)
             broadcast(:ok)
           end
         end

data/app/commands/decidim/verifications/csv_census/admin/create_census_record.rb

@@ -0,0 +1,23 @@
+# frozen_string_literal: true
+
+module Decidim
+  module Verifications
+    module CsvCensus
+      module Admin
+        # A command with the business logic to create census data for a
+        # organization.
+        class CreateCensusRecord < Decidim::Commands::CreateResource
+          fetch_form_attributes :email, :organization
+
+          private
+
+          def resource_class = Decidim::Verifications::CsvDatum
+
+          def run_after_hooks
+            @resource.authorize!
+          end
+        end
+      end
+    end
+  end
+end

data/app/commands/decidim/verifications/csv_census/admin/update_census_record.rb

@@ -0,0 +1,15 @@
+# frozen_string_literal: true
+
+module Decidim
+  module Verifications
+    module CsvCensus
+      module Admin
+        # A command with the business logic to create census data for a
+        # organization.
+        class UpdateCensusRecord < Decidim::Commands::UpdateResource
+          fetch_form_attributes :email
+        end
+      end
+    end
+  end
+end

data/app/controllers/concerns/decidim/verifications/admin/filterable.rb

@@ -0,0 +1,26 @@
+# frozen_string_literal: true
+
+require "active_support/concern"
+
+module Decidim
+  module Verifications
+    module Admin
+      module Filterable
+        extend ActiveSupport::Concern
+
+        included do
+          include Decidim::Admin::Filterable
+
+          private
+
+          def base_query
+            CsvDatum
+              .where(organization: current_organization)
+              .page(params[:page])
+              .per(15)
+          end
+        end
+      end
+    end
+  end
+end

data/app/controllers/decidim/verifications/authorizations_controller.rb

@@ -15,7 +15,6 @@ module Decidim
       include Decidim::HtmlSafeFlash
       include Decidim::Verifications::Renewable
       helper Decidim::DecidimFormHelper
-      helper Decidim::CtaButtonHelper
       helper Decidim::AuthorizationFormHelper
       helper Decidim::TranslationsHelper
 
@@ -87,7 +86,7 @@ module Decidim
 
           on(:invalid) do
             flash[:alert] = t("authorizations.create.error", scope: "decidim.verifications")
-            render action: :new
+            render action: :new, status: :unprocessable_entity
           end
         end
       end

data/app/controllers/decidim/verifications/csv_census/admin/census_controller.rb

@@ -10,41 +10,69 @@ module Decidim
           before_action :show_instructions,
                         unless: :csv_census_active?
 
+          include Decidim::Verifications::Admin::Filterable
           include Decidim::Admin::WorkflowsBreadcrumb
+          include Decidim::Paginable
 
           add_breadcrumb_item_from_menu :workflows_menu
 
-          def index
-            enforce_permission_to :index, :authorization
-            @form = form(CensusDataForm).instance
+          helper_method :csv_census_data, :last_login
+
+          def index; end
+
+          def destroy
+            Decidim::Commands::DestroyResource.call(census_data, current_user) do
+              on(:ok) do
+                flash[:notice] = I18n.t("census.destroy.success", scope: "decidim.verifications.csv_census.admin")
+                redirect_to census_logs_path
+              end
+            end
+          end
+
+          def new_import
+            @form = form(CensusDataForm).from_params(params)
             @status = Status.new(current_organization)
           end
 
-          def create
+          def create_import
             enforce_permission_to :create, :authorization
             @form = form(CensusDataForm).from_params(params)
             @status = Status.new(current_organization)
-            CreateCensusData.call(@form, current_organization) do
+
+            @form.validate_csv
+
+            if @form.errors.any?
+              error_messages = @form.errors.full_messages.map { |msg| "<li>#{msg}</li>" }.join
+              flash[:alert] = "<ul>#{error_messages}</ul>"
+              redirect_to(census_logs_path) && return
+            end
+
+            CreateCensusData.call(@form, current_user) do
               on(:ok) do
-                flash[:notice] = t(".success", count: @form.data.values.count, errors: @form.data.errors.count)
-                redirect_to census_path
+                flash[:notice] = I18n.t("census.create_import.success", scope: "decidim.verifications.csv_census.admin", count: @form.data.values.count)
+                redirect_to census_logs_path
               end
 
               on(:invalid) do
-                flash[:alert] = t(".error")
-                render :index
+                flash[:alert] = I18n.t("census.create_import.error", scope: "decidim.verifications.csv_census.admin")
+                redirect_to census_logs_path
               end
             end
           end
 
-          def destroy_all
-            enforce_permission_to :destroy, :authorization
-            CsvDatum.clear(current_organization)
+          private
 
-            redirect_to census_path, notice: t(".success")
+          def census_data
+            @census_data ||= CsvDatum.where(organization: current_organization).find(params[:id])
           end
 
-          private
+          def csv_census_data
+            @csv_census_data ||= filtered_collection
+          end
+
+          def collection
+            @collection ||= CsvDatum.where(organization: current_organization)
+          end
 
           def show_instructions
             enforce_permission_to :index, :authorization
@@ -54,6 +82,22 @@ module Decidim
           def csv_census_active?
             current_organization.available_authorizations.include?("csv_census")
           end
+
+          def last_login(data)
+            user = current_organization.users.available.find_by(email: data.email)
+
+            return { icon: nil, text: t(".no_user"), last_sign_in: nil } unless user
+
+            authorized = Decidim::Authorization.where(name: "csv_census", user:)
+                                               .where.not(granted_at: nil)
+                                               .exists?
+
+            icon = authorized ? "checkbox-circle-line" : "close-circle-line"
+            text = authorized ? t("index.authorized", scope: "decidim.verifications.csv_census.admin") : t("index.no_authorized", scope: "decidim.verifications.csv_census.admin")
+            last_sign_in = user.last_sign_in_at ? l(user.last_sign_in_at, format: :decidim_short) : t(".no_sign_in")
+
+            { icon:, text:, last_sign_in: }
+          end
         end
       end
     end

data/app/controllers/decidim/verifications/csv_census/admin/census_records_controller.rb

@@ -0,0 +1,63 @@
+# frozen_string_literal: true
+
+module Decidim
+  module Verifications
+    module CsvCensus
+      module Admin
+        class CensusRecordsController < Decidim::Admin::ApplicationController
+          layout false
+
+          helper_method :csv_census_data
+
+          def new_record
+            @form = form(Admin::CensusForm).instance
+          end
+
+          def create_record
+            @form = form(Admin::CensusForm).from_params(params)
+            Admin::CreateCensusRecord.call(@form) do
+              on(:ok) do
+                flash[:notice] = I18n.t("census_records.create_record.success", scope: "decidim.verifications.csv_census.admin")
+                render json: { redirect_url: census_logs_path }, status: :ok
+              end
+
+              on(:invalid) do
+                render :new_record, status: :unprocessable_entity
+              end
+            end
+          end
+
+          def edit_record
+            @form = form(Admin::CensusForm).from_model(census_data)
+          end
+
+          def update_record
+            @form = form(Admin::CensusForm).from_params(params)
+
+            Admin::UpdateCensusRecord.call(@form, census_data) do
+              on(:ok) do
+                flash[:notice] = I18n.t("census_records.update_record.success", scope: "decidim.verifications.csv_census.admin")
+                render json: { redirect_url: census_logs_path }, status: :ok
+              end
+
+              on(:invalid) do
+                flash.now[:alert] = I18n.t("census_records.update_record.invalid", scope: "decidim.verifications.csv_census.admin")
+                render action: "edit_record", status: :unprocessable_entity
+              end
+            end
+          end
+
+          private
+
+          def census_data
+            @census_data ||= CsvDatum.where(organization: current_organization).find_by(id: params[:id])
+          end
+
+          def csv_census_data
+            @csv_census_data ||= CsvDatum.where(organization: current_organization)
+          end
+        end
+      end
+    end
+  end
+end

data/app/controllers/decidim/verifications/id_documents/admin/config_controller.rb

@@ -33,7 +33,7 @@ module Decidim
 
               on(:invalid) do
                 flash.now[:alert] = t("config.update.error", scope: "decidim.verifications.id_documents.admin")
-                render action: :edit
+                render action: :edit, status: :unprocessable_entity
               end
             end
           end

data/app/controllers/decidim/verifications/id_documents/admin/confirmations_controller.rb

@@ -35,7 +35,7 @@ module Decidim
 
               on(:invalid) do
                 flash.now[:alert] = t("confirmations.create.error", scope: "decidim.verifications.id_documents.admin")
-                render action: :new
+                render action: :new, status: :unprocessable_entity
               end
             end
           end

data/app/controllers/decidim/verifications/id_documents/admin/offline_confirmations_controller.rb

@@ -33,7 +33,7 @@ module Decidim
 
               on(:invalid) do
                 flash.now[:alert] = t("offline_confirmations.create.error", scope: "decidim.verifications.id_documents.admin")
-                render action: :new
+                render action: :new, status: :unprocessable_entity
               end
             end
           end

data/app/controllers/decidim/verifications/id_documents/authorizations_controller.rb

@@ -42,7 +42,7 @@ module Decidim
 
             on(:invalid) do
               flash.now[:alert] = t("authorizations.create.error", scope: "decidim.verifications.id_documents")
-              render action: :new
+              render action: :new, status: :unprocessable_entity
             end
           end
         end
@@ -72,7 +72,7 @@ module Decidim
 
             on(:invalid) do
               flash.now[:alert] = t("authorizations.update.error", scope: "decidim.verifications.id_documents")
-              render action: :edit
+              render action: :edit, status: :unprocessable_entity
             end
           end
         end

data/app/controllers/decidim/verifications/postal_letter/authorizations_controller.rb

@@ -29,7 +29,7 @@ module Decidim
 
             on(:invalid) do
               flash.now[:alert] = t("authorizations.create.error", scope: "decidim.verifications.postal_letter")
-              render :new
+              render :new, status: :unprocessable_entity
             end
           end
         end
@@ -53,7 +53,7 @@ module Decidim
 
             on(:invalid) do
               flash.now[:alert] = t("authorizations.update.error", scope: "decidim.verifications.postal_letter")
-              render :edit
+              render :edit, status: :unprocessable_entity
             end
           end
         end

data/app/controllers/decidim/verifications/sms/authorizations_controller.rb

@@ -27,7 +27,7 @@ module Decidim
             end
             on(:invalid) do
               flash.now[:alert] = t("authorizations.create.error", scope: "decidim.verifications.sms")
-              render :new
+              render :new, status: :unprocessable_entity
             end
           end
         end
@@ -52,7 +52,7 @@ module Decidim
 
             on(:invalid) do
               flash.now[:alert] = t("authorizations.update.error", scope: "decidim.verifications.sms")
-              render :edit
+              render :edit, status: :unprocessable_entity
             end
           end
         end

data/app/forms/decidim/verifications/csv_census/admin/census_data_form.rb

@@ -6,16 +6,42 @@ module Decidim
       module Admin
         # A form to temporarily upload csv census data
         class CensusDataForm < Form
+          include Decidim::HasUploadValidations
+          include Decidim::ProcessesFileLocally
           mimic :census_data
 
-          attribute :file
+          attribute :file, Decidim::Attributes::Blob
+
+          validates :file, presence: true, file_content_type: { allow: ["text/csv"] }
 
           def data
-            CsvCensus::Data.new(file.path)
+            @data ||= process_data
+          end
+
+          def process_data
+            process_file_locally(file) do |file_path|
+              CsvCensus::Data.new(file_path)
+            end
           rescue CSV::MalformedCSVError
             errors.add(:file, :malformed)
+          end
+
+          def validate_csv
+            return unless data
+
+            errors.add(:base, I18n.t("decidim.verifications.errors.wrong_number_columns", expected: 1, actual: data.count)) if data.count != 1
+
+            errors.add(:base, I18n.t("decidim.verifications.errors.no_emails")) if data.values.empty?
+
+            data.values.each do |value|
+              errors.add(:base, I18n.t("decidim.verifications.errors.invalid_emails", invalid_emails: value)) unless valid_email?(value)
+            end
+          end
+
+          private
 
-            nil
+          def valid_email?(email)
+            URI::MailTo::EMAIL_REGEXP.match?(email)
           end
         end
       end

data/app/forms/decidim/verifications/csv_census/admin/census_form.rb

@@ -0,0 +1,29 @@
+# frozen_string_literal: true
+
+module Decidim
+  module Verifications
+    module CsvCensus
+      module Admin
+        # A form to temporarily upload csv census data
+        class CensusForm < Form
+          attribute :email
+
+          validates :email, presence: true, "valid_email_2/email": { disposable: true }
+          validate :unique_email
+
+          private
+
+          def unique_email
+            return true if CsvDatum.where(
+              organization: context.current_organization,
+              email:
+            ).empty?
+
+            errors.add :email, :taken
+            false
+          end
+        end
+      end
+    end
+  end
+end

data/app/forms/decidim/verifications/sms/mobile_phone_form.rb

@@ -17,7 +17,7 @@ module Decidim
 
         # A mobile phone can only be verified once but it should be private.
         def unique_id
-          Digest::MD5.hexdigest(
+          Digest::SHA256.hexdigest(
             "#{mobile_phone_number}-#{Rails.application.secret_key_base}"
           )
         end
@@ -57,7 +57,7 @@ module Decidim
         end
 
         def generated_code
-          @generated_code ||= SecureRandom.random_number(1_000_000).to_s
+          @generated_code ||= format("%06d", SecureRandom.random_number(1_000_000))
         end
       end
     end

data/app/jobs/decidim/verifications/csv_census/process_census_data_job.rb

@@ -0,0 +1,49 @@
+# frozen_string_literal: true
+
+module Decidim
+  module Verifications
+    module CsvCensus
+      class ProcessCensusDataJob < ApplicationJob
+        queue_as :default
+        attr_reader :imported_records, :failed, :user
+
+        def perform(data, user)
+          @user = user
+          @imported_records = []
+          @failed = []
+
+          data.each do |email|
+            record = CsvDatum.find_or_create_by(email:, organization: user.organization)
+            if record && record.valid?
+              @imported_records << record
+            else
+              @failed << email
+              Rails.logger.warn(I18n.t("census.new_import.errors.email_exists", scope: "decidim.verifications.csv_census.admin", email:, organization: user.organization.id))
+            end
+
+            record.authorize!
+          end
+
+          log_import_action
+        end
+
+        private
+
+        def log_import_action
+          return if imported_records.blank?
+
+          Decidim::ActionLogger.log(
+            "import",
+            user,
+            imported_records.first,
+            nil,
+            extra: {
+              imported_records:,
+              failed_count: failed.count
+            }
+          )
+        end
+      end
+    end
+  end
+end

data/app/models/decidim/verifications/csv_census/data.rb

@@ -14,20 +14,32 @@ module Decidim
       #
       # Returns nothing
       class Data
-        attr_reader :errors, :values
+        attr_reader :errors, :values, :file
 
         def initialize(file)
           @file = file
           @values = []
           @errors = []
+          @column_count = nil
 
           CSV.foreach(@file, encoding: "BOM|UTF-8") do |row|
             process_row(row)
+            @column_count ||= row.size
           end
+
+          @errors << I18n.t("decidim.verifications.errors.wrong_number_columns", expected: 1, actual: @column_count) if @column_count && @column_count > 1
+        end
+
+        def count
+          @column_count || 0
         end
 
         private
 
+        def valid_email?(email)
+          URI::MailTo::EMAIL_REGEXP.match?(email)
+        end
+
         def process_row(row)
           user_mail = row.first
           if user_mail.present? && user_mail.match?(::Devise.email_regexp)

data/app/models/decidim/verifications/csv_datum.rb

@@ -3,10 +3,14 @@
 module Decidim
   module Verifications
     class CsvDatum < ApplicationRecord
+      include Decidim::Traceable
+
       belongs_to :organization, foreign_key: :decidim_organization_id,
                                 class_name: "Decidim::Organization"
 
       validates :email, format: { with: ::Devise.email_regexp }
+      validates :email, presence: true
+      validates :email, uniqueness: { scope: :decidim_organization_id }
 
       def self.inside(organization)
         where(organization:)
@@ -26,6 +30,23 @@ module Decidim
       def self.clear(organization)
         inside(organization).delete_all
       end
+
+      def self.log_presenter_class_for(_log)
+        Decidim::Verifications::AdminLog::CsvDatumPresenter
+      end
+
+      def authorize!
+        user = organization.users.available.find_by(email:)
+
+        return unless user
+
+        authorization = Decidim::Authorization.find_or_initialize_by(
+          user:,
+          name: "csv_census"
+        )
+
+        authorization.grant! unless authorization.granted?
+      end
     end
   end
 end

data/app/packs/entrypoints/decidim_verifications.js

@@ -1,2 +1,5 @@
 // CSS
 import "stylesheets/verifications.scss"
+
+// JS
+import "src/csv_census"