Allow authorization handlers to control when reauthorization is allowed
Currently the only way to allow users to reauthorize themselves using a specific authorization is when it is expired. This is defined by this line in the core code:
This is not ideal for all cases. In some cases we want to control when reauthorization is allowed from the authorization handler itself.
This would mean that the authorization handlers would have a new method which would return a boolean indicating whether reauthorization is allowed. By default, this could just check whether the authorization is expired (as currently). Then it could be customized per authorization handler by overriding that method.
For the use case in question, we need to allow reauthorization in case the user has already been authorized with the handler AND has not yet cast any budgeting votes in any components attached to that authorization handler. Currently this is not possible in Decidim out of the box.
This requirement is only for the authorizations view under the user account views. It is already possible to allow this through the authorization modals.
Report a problem
Is this content inappropriate?