diff --git a/.env-example b/.env-example index 4f38a5e5..66635ec4 100644 --- a/.env-example +++ b/.env-example @@ -39,4 +39,8 @@ DECIDIM_ADMIN_PASSWORD_STRONG="false" # PUMA_PRELOAD_APP=false # Override after confirmation path with custom route -# AH_REDIRECT_AFTER_CONFIRMATION="/initiatives" \ No newline at end of file +# AH_REDIRECT_AFTER_CONFIRMATION="/initiatives" + +# Automatically save AH metadata to user extended data +# Format : comma separated list of auhtorization handler names +# AUTO_EXPORT_AUTHORIZATIONS_DATA_TO_USER_DATA_ENABLED_FOR="authorization1,authorization2" \ No newline at end of file diff --git a/app/jobs/authorization_data_to_user_data_job.rb b/app/jobs/authorization_data_to_user_data_job.rb new file mode 100644 index 00000000..433f7f57 --- /dev/null +++ b/app/jobs/authorization_data_to_user_data_job.rb @@ -0,0 +1,9 @@ +# frozen_string_literal: true + +class AuthorizationDataToUserDataJob < ApplicationJob + queue_as :exports + + def perform(*args) + Decidim::AuthorizationDataToUserDataService.run(*args) + end +end diff --git a/app/services/decidim/authorization_data_to_user_data_service.rb b/app/services/decidim/authorization_data_to_user_data_service.rb new file mode 100644 index 00000000..db56519e --- /dev/null +++ b/app/services/decidim/authorization_data_to_user_data_service.rb @@ -0,0 +1,27 @@ +# frozen_string_literal: true + +module Decidim + class AuthorizationDataToUserDataService + def self.run(**args) + new(**args).execute + end + + def initialize(**args) + @name = args[:name] + @user = args[:user] + end + + def execute + Decidim::Authorization.find_each(filter) do |authorization| + authorization.user.update(extended_data: authorization.user.extended_data.merge({ @name.to_s => authorization.metadata })) + end + end + + def filter + @filter ||= { + name: @name, + user: @user + }.compact + end + end +end diff --git a/config/application.rb b/config/application.rb index 65f60ac4..9372e762 100644 --- a/config/application.rb +++ b/config/application.rb @@ -51,6 +51,7 @@ class Application < Rails::Application require "extends/forms/decidim/admin/organization_appearance_form_extends" require "extends/omniauth/strategies/france_connect_extends" require "extends/forms/decidim/omniauth_registration_form_extend" + require "extends/models/decidim/authorization_extends" end initializer "session cookie domain", after: "Expire sessions" do diff --git a/config/secrets.yml b/config/secrets.yml index c41ca0e8..72a0542e 100644 --- a/config/secrets.yml +++ b/config/secrets.yml @@ -13,6 +13,8 @@ default: &default asset_host: <%= ENV["ASSET_HOST"] %> decidim: + authorizations: + export_data_to_userdata_enabled_for: <%= ENV.fetch("AUTO_EXPORT_AUTHORIZATIONS_DATA_TO_USER_DATA_ENABLED_FOR", "") %> reminder: unconfirmed_email: days: <%= ENV["DECIDIM_REMINDER_UNCONFIRMED_EMAIL_DAYS"]&.to_i || 2 %> diff --git a/lib/extends/models/decidim/authorization_extends.rb b/lib/extends/models/decidim/authorization_extends.rb new file mode 100644 index 00000000..d157a38b --- /dev/null +++ b/lib/extends/models/decidim/authorization_extends.rb @@ -0,0 +1,19 @@ +# frozen_string_literal: true + +require "active_support/concern" +module AuthorizationExtends + extend ActiveSupport::Concern + + included do + after_commit :export_to_user_extended_data, if: proc { |authorization| + Rails.application.secrets.dig(:decidim, :export_data_to_userdata_enabled_for)&.split(",")&.include?(authorization.name) + } + + def export_to_user_extended_data + Decidim::AuthorizationDataToUserDataService.run(name: name, user: user) + end + end +end + +Decidim::Authorization.include(AuthorizationExtends) + diff --git a/lib/tasks/authorizations.rake b/lib/tasks/authorizations.rake new file mode 100644 index 00000000..c3430a6e --- /dev/null +++ b/lib/tasks/authorizations.rake @@ -0,0 +1,12 @@ +# frozen_string_literal: true + +namespace :authorizations do + task export_to_user_extended_data: :environment do + name = ENV["AUTHORIZATION_HANDLE_NAME"].presence + raise "AUTHORIZATION_HANDLE_NAME is blank." if name.blank? + + raise "No data found for authorization handler name '#{name}'" unless Decidim::Authorization.exists?(name: name) + + AuthorizationDataToUserDataJob.perform_later(name: name) + end +end