Skip to content

Latest commit

 

History

History
267 lines (183 loc) · 9.93 KB

File metadata and controls

267 lines (183 loc) · 9.93 KB

Decidim::DirectVerifications

Test Maintainability codecov

A Decidim that provides a verification method called Direct verification. Works only on the admin side, final users do not intervene in the verification process.

This plugin allows to verify users against the Direct verification method by default, but it is not limited to it, it can be used to directly verify users against any other method registered for the organization.

Features:

  1. Allows to massively register users directly in the platform prior (or independently) to verify them by sending them invite emails.

IMPORTANT:
You must only use this feature if you have explicit consent from your users, otherwise you might be violating the GDPR regulation in EU.

  1. Massive authroizations of users using any verification method registered for the organization if configured.
  2. It can massively revoke authorizations given to any user with any verification method available.
  3. Shows user's statuses per verification method in a simple stats table.

Screenshot

Admin screenshot

Usage

DirectVerifications will be available as a new verification method under Participants/Verifications.

Final users take no action, verification is 100% in the admin side.

Verifications can only be managed by the admins. They have available a simple textarea form where to put a list of emails with no special format required. Emails (and names if possible) are detected automatically.

With the detected list of emails admin have different options available:

  1. Register the list of users in the platform
  2. Authorize the list of users using any verification method available (defaults to the built-in Direct verification method).
  3. Revoke the authorization for the list of users using any verification method available.
  4. Check the status of the users in order to know if they are verified or registered.

Metadata mode

This mode provides extra capabilities over the default processing:

  • Reads CSV format with header (copy and paste it from your spreadsheet)
  • Stores all columns except the email as authorization metadata

This enables querying the authorization metadata however fits you best.

To enable it create a new initializer, for instance config/initializers/decidim_direct_verifications.rb with the following contents

Decidim::DirectVerifications.configure do |config|
  config.input_parser = :metadata_parser
end

Direct managements of user's authorizations

This plugin also provides a place for admins to see and manage (if configured) existing verifications for any user. Admins can go to the "Participants" admin page and see a new management button, when clicked it shows a modal window with all the authorizations that this user has granted as well as the missing ones. If Direct Verfication is configured to manage that verification (through the manage_workflows config var) it can be granted or revoke just by clicking a button.

Participants mods

Participants modal management

This behavior can be disabled by disabling in a initializer the config var participants_modal.

config/initializers/decidim_verifications.rb:

# frozen_string_literal: true

Decidim::DirectVerifications.configure do |config|
  # Disable participants direct verifications management
  config.participants_modal = false
end

Installation

Add this line to your application's Gemfile:

gem "decidim-direct_verifications"

And then execute:

bundle

Depending on your Decidim version, you might want to specify the version to ensure compatibility:

Direct Verifications version Compatible Decidim versions
1.2 >= 0.25.x
1.1 >= 0.25.x
1.0 >= 0.23.x
0.22.x 0.22.x

Using additional verification methods

You can manage other verification methods (or workflow) a part from Direct verification. You need to configure it in a new file in the config/initializers folder. For instance, you can use this same engine to have 2 levels of permissions in the platform.

Create a file like config/initializers/decidim_verifications.rb with content as:

config/initializers/decidim_verifications.rb:

# frozen_string_literal: true

# We are using the same DirectVerifications engine without the admin part to 
# create a custom verification method called "direct_verifications_managers"
Decidim::Verifications.register_workflow(:direct_verifications_managers) do |workflow|
  workflow.engine = Decidim::DirectVerifications::Verification::Engine
end

# We need to tell the plugin to handle this method in addition to the default "Direct verification". Any registered workflow is valid.
Decidim::DirectVerifications.configure do |config|
  config.manage_workflows = %w(direct_verifications direct_verifications_managers)

  # change the to the metadata_parser if you want it
  # config.input_parser = :metadata_parser
end

You will need the locales entries corresponding to your custom workflow, create as many files as languages you have in your application in config/locales:

config/locales/en.yml:

en:
  decidim:
    authorization_handlers:
      direct_verifications_managers:
        name: Organization managers
        explanation: Direct Verifications Subgroup explanation
    verifications:
      authorizations:
        first_login:
          actions:
            direct_verifications_managers: Organization managers

Similarly, you can also overwrite the default title "Direct verification" by creating the key again in your locales:

en:
  decidim:
    authorization_handlers:
      direct_verifications:
        name: Generic organization members
        explanation: Direct Verifications Subgroup explanation
    verifications:
      authorizations:
        first_login:
          actions:
            direct_verifications: Generic organization members

Contributing

See Decidim.

Developing

To start contributing to this project, first:

  • Install the basic dependencies (such as Ruby and PostgreSQL)
  • Clone this repository

Decidim's main repository also provides a Docker configuration file if you prefer to use Docker instead of installing the dependencies locally on your machine.

You can create the development app by running the following commands after cloning this project:

$ bundle
$ DATABASE_USERNAME=<username> DATABASE_PASSWORD=<password> bundle exec rake development_app

Note that the database user has to have rights to create and drop a database in order to create the dummy test app database.

Then to test how the module works in Decidim, start the development server:

$ cd development_app
$ DATABASE_USERNAME=<username> DATABASE_PASSWORD=<password> bundle exec rails s

In case you are using rbenv and have the rbenv-vars plugin installed for it, you can add the environment variables to the root directory of the project in a file named .rbenv-vars. If these are defined for the environment, you can omit defining these in the commands shown above.

Code Styling

Please follow the code styling defined by the different linters that ensure we are all talking with the same language collaborating on the same project. This project is set to follow the same rules that Decidim itself follows.

Rubocop linter is used for the Ruby language.

You can run the code styling checks by running the following commands from the console:

$ bundle exec rubocop

To ease up following the style guide, you should install the plugin to your favorite editor, such as:

Testing

To run the tests run the following in the gem development path:

$ bundle
$ DATABASE_USERNAME=<username> DATABASE_PASSWORD=<password> bundle exec rake test_app
$ DATABASE_USERNAME=<username> DATABASE_PASSWORD=<password> bundle exec rspec

Note that the database user has to have rights to create and drop a database in order to create the dummy test app database.

In case you are using rbenv and have the rbenv-vars plugin installed for it, you can add these environment variables to the root directory of the project in a file named .rbenv-vars. In this case, you can omit defining these in the commands shown above.

Test code coverage

If you want to generate the code coverage report for the tests, you can use the SIMPLECOV=1 environment variable in the rspec command as follows:

$ SIMPLECOV=1 bundle exec rspec

This will generate a folder named coverage in the project root which contains the code coverage report.

License

This engine is distributed under the GNU AFFERO GENERAL PUBLIC LICENSE.

Also check

This plugin has been inspired by these two nice verification methods: