RubyGems - decidim-admin - Versions diffs - 0.23.1 → 0.24.0.rc2 - Mend

decidim-admin 0.23.1 → 0.24.0.rc2

Potentially problematic release.

This version of decidim-admin might be problematic. Click here for more details.

Files changed (184) hide show

data/app/controllers/concerns/decidim/moderations/admin/filterable.rb ADDED Viewed

@@ -0,0 +1,54 @@
+# frozen_string_literal: true
+require "active_support/concern"
+module Decidim
+  module Moderations
+    module Admin
+      module Filterable
+        extend ActiveSupport::Concern
+        included do
+          include Decidim::Admin::Filterable
+          private
+          def base_query
+            collection
+          end
+          def filters
+            [
+              :reportable_type_string_eq
+            ]
+          end
+          def filters_with_values
+            {
+              reportable_type_string_eq: reportable_types
+            }
+          end
+          def dynamically_translated_filters
+            [:reportable_type_string_eq]
+          end
+          def translated_reportable_type_string_eq(value)
+            value.constantize.name.demodulize
+          end
+          # Private: the predicate used by `Ransack` to perform a search. We used `reported` instead
+          #          of `reportable` because otherwise `Ransack` try to traverse the polymorphic
+          #          association automatically and it fails.
+          def search_field_predicate
+            :reported_id_string_or_reported_content_cont
+          end
+          def reportable_types
+            collection.pluck(:decidim_reportable_type).uniq.sort
+          end
+        end
+      end
+    end
+  end
+end

data/app/controllers/decidim/admin/block_user_controller.rb ADDED Viewed

@@ -0,0 +1,60 @@
+# frozen_string_literal: true
+module Decidim
+  module Admin
+    class BlockUserController < Decidim::Admin::ApplicationController
+      layout "decidim/admin/users"
+      helper_method :user
+      def new
+        enforce_permission_to :block, :admin_user
+        @form = form(BlockUserForm).from_model(user)
+      end
+      def create
+        enforce_permission_to :block, :admin_user
+        @form = form(BlockUserForm).from_params(params)
+        BlockUser.call(@form) do
+          on(:ok) do
+            flash[:notice] = I18n.t("officializations.block.success", scope: "decidim.admin")
+            redirect_to officializations_path(q: { name_or_nickname_or_email_cont: user.name }), notice: notice
+          end
+          on(:invalid) do
+            flash[:alert] = I18n.t("officializations.block.error", scope: "decidim.admin")
+            render :new
+          end
+        end
+      end
+      def destroy
+        enforce_permission_to :block, :admin_user
+        UnblockUser.call(user, current_user) do
+          on(:ok) do
+            flash[:notice] = I18n.t("officializations.unblock.success", scope: "decidim.admin")
+          end
+          on(:invalid) do
+            flash[:alert] = I18n.t("officializations.unblock.error", scope: "decidim.admin")
+          end
+        end
+        redirect_to officializations_path(q: { name_or_nickname_or_email_cont: user.name }), notice: notice
+      end
+      private
+      def user
+        @user ||= Decidim::User.find_by(
+          id: params[:user_id],
+          organization: current_organization
+        )
+      end
+    end
+  end
+end

data/app/controllers/decidim/admin/components/base_controller.rb CHANGED Viewed

@@ -14,6 +14,7 @@ module Decidim
         helper Decidim::ResourceHelper
         helper Decidim::Admin::ExportsHelper
+        helper Decidim::Admin::ImportsHelper
         helper Decidim::Admin::BulkActionsHelper
         helper Decidim::Admin::ResourcePermissionsHelper

data/app/controllers/decidim/admin/conflicts_controller.rb ADDED Viewed

@@ -0,0 +1,46 @@
+# frozen_string_literal: true
+module Decidim
+  module Admin
+    class ConflictsController < Decidim::Admin::ApplicationController
+      layout "decidim/admin/users"
+      def index
+        @conflicts = Decidim::Verifications::Conflict.all
+      end
+      def edit
+        conflict = Decidim::Verifications::Conflict.find(params[:id])
+        @form = form(TransferUserForm).from_params(
+          user: conflict.current_user,
+          managed_user: conflict.managed_user,
+          conflict: conflict
+        )
+      end
+      def update
+        conflict = Decidim::Verifications::Conflict.find(params[:id])
+        @form = form(TransferUserForm).from_params(
+          current_user: current_user,
+          conflict: conflict,
+          reason: params[:transfer_user][:reason],
+          email: params[:transfer_user][:email]
+        )
+        TransferUser.call(@form) do
+          on(:ok) do
+            flash[:notice] = I18n.t("success", scope: "decidim.admin.conflicts.transfer")
+            redirect_to conflicts_path
+          end
+          on(:invalid) do
+            flash.now[:alert] = I18n.t("error", scope: "decidim.admin.conflicts.transfer")
+            redirect_to decidim.root_path
+          end
+        end
+      end
+    end
+  end
+end

data/app/controllers/decidim/admin/exports_controller.rb CHANGED Viewed

@@ -9,8 +9,7 @@ module Decidim
       def create
         enforce_permission_to :export, :component_data, component: component
         name = params[:id]
-        ExportJob.perform_later(current_user, component, name, params[:format] || default_format)
+        ExportJob.perform_later(current_user, component, name, params[:format] || default_format, params[:resource_id].presence)
         flash[:notice] = t("decidim.admin.exports.notice")

data/app/controllers/decidim/admin/global_moderations/reports_controller.rb ADDED Viewed

@@ -0,0 +1,18 @@
+# frozen_string_literal: true
+module Decidim
+  module Admin
+    module GlobalModerations
+      # This controller allows admins to manage reports in a moderation.
+      class ReportsController < Decidim::Admin::Moderations::ReportsController
+        layout "decidim/admin/global_moderations"
+        include Decidim::Admin::GlobalModerationContext
+        def moderation
+          @moderation ||= moderations_for_user.find(params[:moderation_id])
+        end
+      end
+    end
+  end
+end

data/app/controllers/decidim/admin/global_moderations_controller.rb ADDED Viewed

@@ -0,0 +1,32 @@
+# frozen_string_literal: true
+module Decidim
+  module Admin
+    # This controller allows admin users to manage all moderations from the
+    # participatory spaces they have access to.
+    class GlobalModerationsController < Decidim::Admin::ModerationsController
+      layout "decidim/admin/global_moderations"
+      include Decidim::Admin::GlobalModerationContext
+      # Private: This method is used by the `Filterable` concern as the base query
+      # without applying filtering and/or sorting options.
+      def collection
+        @collection ||=
+          if params[:hidden]
+            moderations_for_user.where.not(hidden_at: nil)
+          else
+            moderations_for_user.where(hidden_at: nil)
+          end
+      end
+      # Private: fins the reportable of the specific moderation the user is
+      # trying to manage.
+      #
+      # Returns a resource implementing the `Decidim::Reportable` concern.
+      def reportable
+        @reportable ||= moderations_for_user.find(params[:id]).reportable
+      end
+    end
+  end
+end

data/app/controllers/decidim/admin/impersonations_controller.rb CHANGED Viewed

@@ -97,7 +97,7 @@ module Decidim
           managed: true,
           name: params.dig(:impersonate_user, :name)
         ) do |u|
-          u.nickname = UserBaseEntity.nicknamize(u.name, organization: current_organization)
+          u.nickname = Decidim::UserBaseEntity.nicknamize(u.name, organization: current_organization)
           u.admin = false
           u.tos_agreement = true
         end

data/app/controllers/decidim/admin/imports_controller.rb ADDED Viewed

@@ -0,0 +1,52 @@
+# frozen_string_literal: true
+module Decidim
+  module Admin
+    # This controller allows admins to import resources from a file.
+    class ImportsController < Decidim::Admin::ApplicationController
+      include Decidim::ComponentPathHelper
+      def new
+        enforce_permission_to :import, :component_data, component: current_component
+        @form = form(Admin::ImportForm).from_params(
+          {
+            # We need to set "default" creator because form-class doesn't have context / current_component
+            # when it sets it's default values.
+            creator: current_component.manifest.import_manifests.first.creator
+          },
+          current_component: current_component
+        )
+      end
+      def create
+        enforce_permission_to :import, :component_data, component: current_component
+        @form = form(Admin::ImportForm).from_params(
+          params,
+          current_component: current_component,
+          current_organization: current_organization
+        )
+        CreateImport.call(@form) do
+          on(:ok) do |imported_data|
+            flash[:notice] = t("decidim.admin.imports.notice",
+                               number: imported_data.length,
+                               resource_name: imported_data.first.resource_manifest.name.pluralize)
+            redirect_to manage_component_path(current_component)
+          end
+          on(:invalid) do
+            flash.now[:alert] = t("decidim.admin.imports.error")
+            render :new
+          end
+        end
+      end
+      private
+      def current_component
+        @current_component ||= current_participatory_space.components.find(params[:component_id])
+      end
+    end
+  end
+end

data/app/controllers/decidim/admin/moderated_users_controller.rb ADDED Viewed

@@ -0,0 +1,44 @@
+# frozen_string_literal: true
+module Decidim
+  module Admin
+    class ModeratedUsersController < Decidim::Admin::ApplicationController
+      include Decidim::Moderations::Admin::Filterable
+      layout "decidim/admin/users"
+      def index
+        enforce_permission_to :read, :moderate_users
+        @moderated_users = filtered_collection.page(params[:page]).per(15)
+      end
+      def ignore
+        enforce_permission_to :unreport, :moderate_users
+        Admin::UnreportUser.call(reportable, current_user) do
+          on(:ok) do
+            flash[:notice] = I18n.t("reportable.unreport.success", scope: "decidim.moderations.admin")
+            redirect_to moderated_users_path
+          end
+          on(:invalid) do
+            flash.now[:alert] = I18n.t("reportable.unreport.invalid", scope: "decidim.moderations.admin")
+            redirect_to moderated_users_path
+          end
+        end
+      end
+      private
+      def reportable
+        @reportable ||= UserModeration.find(params[:id]).user
+      end
+      def collection
+        target_scope = params[:blocked] && params[:blocked] == "true" ? :blocked : :unblocked
+        UserModeration.send(target_scope)
+      end
+    end
+  end
+end

data/app/controllers/decidim/admin/moderations/reports_controller.rb ADDED Viewed

@@ -0,0 +1,39 @@
+# frozen_string_literal: true
+module Decidim
+  module Admin
+    module Moderations
+      # This controller allows admins to manage reports in a moderation.
+      class ReportsController < Decidim::Admin::ApplicationController
+        helper_method :moderation, :reports, :permission_resource
+        def index
+          enforce_permission_to :read, permission_resource
+        end
+        def show
+          enforce_permission_to :read, permission_resource
+          @report = reports.find(params[:id])
+        end
+        private
+        def reports
+          @reports ||= moderation.reports
+        end
+        def moderation
+          @moderation ||= participatory_space_moderations.find(params[:moderation_id])
+        end
+        def participatory_space_moderations
+          @participatory_space_moderations ||= Decidim::Moderation.where(participatory_space: current_participatory_space)
+        end
+        def permission_resource
+          :moderation
+        end
+      end
+    end
+  end
+end

data/app/controllers/decidim/admin/moderations_controller.rb CHANGED Viewed

@@ -4,14 +4,21 @@ module Decidim
   module Admin
     # This controller allows admins to manage moderations in a participatory process.
     class ModerationsController < Decidim::Admin::ApplicationController
-      helper_method :moderations, :allowed_to?
+      include Decidim::Moderations::Admin::Filterable
+      helper_method :moderations, :allowed_to?, :query, :permission_resource
       def index
-        enforce_permission_to :read, :moderation
+        enforce_permission_to :read, permission_resource
+      end
+      def show
+        enforce_permission_to :read, permission_resource
+        @moderation = collection.find(params[:id])
       end
       def unreport
-        enforce_permission_to :unreport, :moderation
+        enforce_permission_to :unreport, permission_resource
         Admin::UnreportResource.call(reportable, current_user) do
           on(:ok) do
@@ -27,7 +34,7 @@ module Decidim
       end
       def hide
-        enforce_permission_to :hide, :moderation
+        enforce_permission_to :hide, permission_resource
         Admin::HideResource.call(reportable, current_user) do
           on(:ok) do
@@ -43,7 +50,7 @@ module Decidim
       end
       def unhide
-        enforce_permission_to :unhide, :moderation
+        enforce_permission_to :unhide, permission_resource
         Admin::UnhideResource.call(reportable, current_user) do
           on(:ok) do
@@ -60,8 +67,10 @@ module Decidim
       private
-      def moderations
-        @moderations ||= begin
+      # Private: This method is used by the `Filterable` concern as the base query
+      #          without applying filtering and/or sorting options.
+      def collection
+        @collection ||= begin
           if params[:hidden]
             participatory_space_moderations.where.not(hidden_at: nil)
           else
@@ -70,6 +79,13 @@ module Decidim
         end
       end
+      # Private: Returns a collection of `Moderation` filtered and/or sorted by
+      #          some criteria. The `filtered_collection` is provided by the
+      #          `Filterable` concern.
+      def moderations
+        @moderations ||= filtered_collection
+      end
       def reportable
         @reportable ||= participatory_space_moderations.find(params[:id]).reportable
       end
@@ -77,6 +93,14 @@ module Decidim
       def participatory_space_moderations
         @participatory_space_moderations ||= Decidim::Moderation.where(participatory_space: current_participatory_space)
       end
+      # Private: Defines the resource that permissions will check. This is
+      # added so that the `GlobalModerationController` can overwrite this method
+      # and define the custom permission resource, so that the permission system
+      # is not overridden.
+      def permission_resource
+        :moderation
+      end
     end
   end
 end