We use our own and third-party cookies for the proper functioning of the website, and if you give us your consent, we will also use cookies to collect data from your visits to obtain aggregate statistics to improve our services.

How to find User's authorizations in Decidim

Playing with the authorizations table

How to list the current authorizations in the authorizations table

irb(main)> Decidim::Authorization.select("distinct name")
=> #<ActiveRecord::Relation [#<Decidim::Authorization id: nil, name: "sms">, #<Decidim::Authorization id: nil, name: "census_authorization_handler">]>


Inspecting the metadata of Decidim Authorizations

Authorizations may have extra data stored in the metadata column. The following query shows the metadata associated with a given authorization:

irb(main):018:0> Decidim::Authorization.where(name: "census_authorization_handler").last.metadata
=> {"scope"=>"Sants-Montjuïc", "gender"=>"man", "postal_code"=>"010203", "date_of_birth"=>"2000-11-12"}


Querying Decidim Authorizations by their metadata

The metadata column of the Decidim::Authorization table is a jsonb field. PostgreSQL jsonb fields can be queried using  PostgreSQL's syntax in the following ways:

Decidim::Authorization.where(name: "census_authorization_handler").where("metadata ->> 'date_of_birth' like '16-12-2000'").last.metadata

Decidim::Authorization.where(name: "census_authorization_handler").where("metadata->>'scope' = 'Eixample'").where("metadata->>'postal_code' = '010203'")


User's sensible information must be stored securely using encryptation.

Imagine there's the need to remove all authorizations related with a given participant. If the participant is identified by its "document_number" as the unique_id for her authorizations, then the query must use the encrypted version of the "document_number". This is an example:

document_number= "12345678A"
unique_id= Digest::MD5.hexdigest("#{document_number&.upcase}-#{Rails.application.secrets.secret_key_base}")
Decidim::Authorization.where(name: "census_authorization_handler").where(unique_id: unique_id)