Generate a unique token for a Poll Ballot and use it on answer buttons

app/controllers/polls/questions_controller.rb

@@ -9,6 +9,7 @@ class Polls::QuestionsController < ApplicationController
     answer = @question.answers.find_or_initialize_by(author: current_user)
 
     answer.answer = params[:answer]
+    answer.token = params[:token]
     answer.save!
     answer.record_voter_participation
 

app/controllers/polls_controller.rb

@@ -1,5 +1,7 @@
 class PollsController < ApplicationController
 
+  include PollsHelper
+
   load_and_authorize_resource
 
   has_filters %w{current expired incoming}
@@ -12,7 +14,7 @@ class PollsController < ApplicationController
 
   def show
     @questions = @poll.questions.for_render.sort_for_list
-
+    @token = poll_answer_author_token(@poll, current_user)
     @answers_by_question_id = {}
     poll_answers = ::Poll::Answer.by_question(@poll.question_ids).by_author(current_user.try(:id))
     poll_answers.each do |answer|

app/helpers/polls_helper.rb

@@ -41,4 +41,15 @@ module PollsHelper
     booth.name + location
   end
 
+  def poll_answer_author_token(poll, author)
+    existing_token = Poll::Answer.where(question: poll.questions, author: author)
+    existing_token.present? ? existing_token.first.token : poll_answer_unique_token
+  end
+
+  def poll_answer_unique_token
+    loop do
+      token = SecureRandom.hex(32)
+      break token unless Poll::Answer.where(token: token).exists?
+    end
+  end
 end

app/views/polls/questions/_answers.html.erb

@@ -2,13 +2,13 @@
   <% if can? :answer, question %>
     <% question.question_answers.each do |answer| %>
       <% if @answers_by_question_id[question.id] == answer.title %>
-        <span class="button answered" 
+        <span class="button answered"
               title="<%= t("poll_questions.show.voted", answer: answer)%>">
           <%= answer.title %>
         </span>
       <% else %>
         <%= link_to answer.title,
-          answer_question_path(question, answer: answer.title),
+          answer_question_path(question, answer: answer.title, token: token),
           method: :post,
           remote: true,
           title: t("poll_questions.show.vote_answer", answer: answer.title),

app/views/polls/questions/_question.html.erb

@@ -4,6 +4,6 @@
   </h3>
 
   <div id="<%= dom_id(question) %>_answers" class="padding">
-    <%= render 'polls/questions/answers', question: question %>
+    <%= render 'polls/questions/answers', question: question, token: token %>
   </div>
 </div>

app/views/polls/questions/answer.js.erb

@@ -1 +1,2 @@
-$("#<%= dom_id(@question) %>_answers").html('<%= j render("polls/questions/answers", question: @question) %>');
+<% token = poll_answer_author_token(@question.poll, current_user) %>
+$("#<%= dom_id(@question) %>_answers").html('<%= j render("polls/questions/answers", question: @question, token: token) %>');

app/views/polls/show.html.erb

@@ -39,7 +39,7 @@
         </div>
       <% else %>
         <% @questions.each do |question| %>
-          <%= render 'polls/questions/question', question: question %>
+          <%= render 'polls/questions/question', question: question, token: @token %>
         <% end %>
       <% end %>
     </div>

config/locales/en/general.yml

@@ -497,6 +497,7 @@ en:
     show:
       vote_answer: "Vote %{answer}"
       voted: "You have voted %{answer}"
+      voted_token: "You can write down this vote identifier, to check your vote on the final results."
   proposal_notifications:
     new:
       title: "Send message"

config/locales/es/general.yml

@@ -497,6 +497,7 @@ es:
     show:
       vote_answer: "Votar %{answer}"
       voted: "Has votado %{answer}"
+      voted_token: "Puedes apuntar este identificador de voto, para comprobar tu votación en el resultado final"
   proposal_notifications:
     new:
       title: "Enviar mensaje"