RubyGems - decidim-admin - Versions diffs - 0.23.6 → 0.24.0.rc1 - Mend

decidim-admin 0.23.6 → 0.24.0.rc1

Potentially problematic release.

This version of decidim-admin might be problematic. Click here for more details.

Files changed (177) hide show

data/app/commands/decidim/admin/unreport_user.rb ADDED Viewed

@@ -0,0 +1,46 @@
+# frozen_string_literal: true
+module Decidim
+  module Admin
+    class UnreportUser < Rectify::Command
+      # Public: Initializes the command.
+      #
+      # reportable - A Decidim::User - The user reported
+      # current_user - the user performing the action
+      def initialize(reportable, current_user)
+        @reportable = reportable
+        @current_user = current_user
+      end
+      # Executes the command. Broadcasts these events:
+      #
+      # - :ok when everything is valid, together with the resource.
+      # - :invalid if the resource is not reported
+      #
+      # Returns nothing.
+      def call
+        return broadcast(:invalid) unless @reportable.reported?
+        unreport!
+        broadcast(:ok, @reportable)
+      end
+      private
+      def unreport!
+        Decidim.traceability.perform_action!(
+          "unreport",
+          @reportable.user_moderation,
+          @current_user,
+          extra: {
+            reportable_type: @reportable.class.name,
+            username: @reportable.name,
+            user_id: @reportable.id
+          }
+        ) do
+          @reportable.user_moderation.destroy!
+        end
+      end
+    end
+  end
+end

data/app/commands/decidim/admin/update_organization_appearance.rb CHANGED Viewed

@@ -10,6 +10,9 @@ module Decidim
       # organization - The Organization that will be updated.
       # form - A form object with the params.
       def initialize(organization, form)
+        image_fields.each do |field|
+          form.send("#{field}=".to_sym, organization.send(field)) if form.send(field).blank?
+        end
         @organization = organization
         @form = form
       end
@@ -27,14 +30,19 @@ module Decidim
           update_organization
           broadcast(:ok, organization)
         rescue ActiveRecord::RecordInvalid
-          form.errors.add(:official_img_header, organization.errors[:official_img_header]) if organization.errors.include? :official_img_header
-          form.errors.add(:official_img_footer, organization.errors[:official_img_footer]) if organization.errors.include? :official_img_footer
+          image_fields.each do |field|
+            form.errors.add(field, organization.errors[field]) if organization.errors.include? field
+          end
           broadcast(:invalid)
         end
       end
       private
+      def image_fields
+        [:highlighted_content_banner_image, :logo, :favicon, :official_img_header, :official_img_footer]
+      end
       attr_reader :form, :organization
       def update_organization
@@ -50,6 +58,7 @@ module Decidim
           .merge(highlighted_content_banner_attributes)
           .merge(omnipresent_banner_attributes)
           .merge(colors_attributes)
+          .delete_if { |_k, val| val.is_a?(Decidim::ApplicationUploader) }
           .tap do |attributes|
             attributes[:header_snippets] = form.header_snippets if Decidim.enable_html_header_snippets
           end
@@ -68,8 +77,7 @@ module Decidim
           remove_official_img_header: form.remove_official_img_header,
           official_img_footer: form.official_img_footer,
           remove_official_img_footer: form.remove_official_img_footer,
-          official_url: form.official_url,
-          show_statistics: form.show_statistics
+          official_url: form.official_url
         }
       end

data/app/commands/decidim/admin/update_static_page.rb CHANGED Viewed

@@ -46,7 +46,8 @@ module Decidim
           show_in_footer: form.show_in_footer,
           weight: form.weight,
           topic: form.topic,
-          content: form.content
+          content: form.content,
+          allow_public_access: form.allow_public_access
         }
       end

data/app/commands/decidim/admin/verify_user_group.rb CHANGED Viewed

@@ -8,7 +8,7 @@ module Decidim
       #
       # user_group - The user_group to verify
       # current_user - the user performing the action
-      def initialize(user_group, current_user, via_csv = false)
+      def initialize(user_group, current_user, via_csv: false)
         @user_group = user_group
         @current_user = current_user
         @via_csv = via_csv

data/app/controllers/concerns/decidim/admin/filterable.rb CHANGED Viewed

@@ -49,7 +49,7 @@ module Decidim
         end
         def allowed_query_params
-          [*extra_allowed_params, q: {}]
+          [*extra_allowed_params, { q: {} }]
         end
         # Non ransack params (outside :q) to be allowed in the query links.

data/app/controllers/concerns/decidim/admin/global_moderation_context.rb ADDED Viewed

@@ -0,0 +1,51 @@
+# frozen_string_literal: true
+require "active_support/concern"
+module Decidim
+  module Admin
+    module GlobalModerationContext
+      extend ActiveSupport::Concern
+      included do
+        # Private: Overwrites the method from the parent controller so that the
+        # permission system does not overwrite permissions.
+        def permission_resource
+          :global_moderation
+        end
+        # Private: Finds the participatory spaces the current user is admin to.
+        # This is only used for users that are "participatoy space admins", not
+        # organization-wide admins. This method will later be used to find out
+        # what moderations can the current user manage.
+        #
+        # Returns an Array.
+        def spaces_user_is_admin_to
+          @spaces_user_is_admin_to ||=
+            Decidim.participatory_space_manifests.flat_map do |manifest|
+              Decidim
+                .find_participatory_space_manifest(manifest.name)
+                .participatory_spaces
+                .call(current_organization)&.select do |space|
+                  space.moderators.exists?(id: current_user.id)
+                end
+            end
+        end
+        # Private: finds the moderations the current user can manage, taking into
+        # account whether the user is an organization-wide admin or a
+        # "participatory space admin".
+        #
+        # Returns an `ActiveRecord::Relation`
+        def moderations_for_user
+          @moderations_for_user ||=
+            if current_user.admin?
+              Decidim::Moderation.all
+            else
+              Decidim::Moderation.where(participatory_space: spaces_user_is_admin_to)
+            end
+        end
+      end
+    end
+  end
+end

data/app/controllers/concerns/decidim/admin/landing_page.rb ADDED Viewed

@@ -0,0 +1,105 @@
+# frozen_string_literal: true
+module Decidim
+  module Admin
+    module LandingPage
+      extend ActiveSupport::Concern
+      included do
+        helper_method :active_blocks, :active_content_blocks_title, :inactive_blocks,
+                      :inactive_content_blocks_title, :resource_content_block_cell,
+                      :resource_landing_page_content_block_path, :resource_sort_url,
+                      :scoped_resource
+        def edit
+          enforce_permission_to_update_resource
+          render "decidim/admin/shared/landing_page/edit"
+        end
+        def update
+          enforce_permission_to_update_resource
+          Decidim::Admin::ReorderContentBlocks.call(current_organization, content_block_scope, params[:manifests], scoped_resource.id) do
+            on(:ok) do
+              head :ok
+            end
+            on(:invalid) do
+              head :bad_request
+            end
+          end
+        end
+        private
+        # Method to be implemented at the controller. You need to
+        # return a symbol that defines the content block scope.
+        # Examples of scopes could be `:homepage` or `:landing_page`.
+        def content_block_scope
+          raise "#{self.class.name} is expected to implement #content_block_scope"
+        end
+        # Method to be implemented at the controller. Defines the permissions for
+        # edit and update actions.
+        # For example `enforce_permission_to :manage_landing_page, :voting, voting: current_space`.
+        def enforce_permission_to_update_resource
+          raise "#{self.class.name} is expected to implement #enforce_permission_to_update_resource"
+        end
+        # Method to be implemented at the controller. Returns the URL
+        # where the ordered/activated content_blocks is submitted to.
+        def resource_sort_url
+          raise "#{self.class.name} is expected to implement #resource_sort_url"
+        end
+        # Method to be implemented at the controller. Returns a string
+        # with the header text for the active content_block column.
+        #
+        # Example: `t("landing_page.edit.active_content_blocks", scope: "decidim.votings.admin")`
+        def active_content_blocks_title
+          raise "#{self.class.name} is expected to implement #active_content_blocks_title"
+        end
+        # Method to be implemented at the controller. Returns a string
+        # with the header text for the inactive content_block column.
+        #
+        # Example: `t("landing_page.edit.inactive_content_blocks", scope: "decidim.votings.admin")`
+        def inactive_content_blocks_title
+          raise "#{self.class.name} is expected to implement #inactive_content_blocks_title"
+        end
+        # Method to be implemented at the controller. Returns a string
+        # with the cell name to be used for the drag'n'drop for each content_block.
+        #
+        # Example: "decidim/votings/content_block"
+        def resource_content_block_cell
+          raise "#{self.class.name} is expected to implement #resource_content_block_cell"
+        end
+        # Shared methods
+        def content_blocks
+          @content_blocks ||= Decidim::ContentBlock.for_scope(
+            content_block_scope,
+            organization: current_organization
+          ).where(scoped_resource_id: scoped_resource.id)
+        end
+        def active_blocks
+          @active_blocks ||= content_blocks.published
+        end
+        def inactive_blocks
+          @inactive_blocks ||= content_blocks.unpublished + unused_manifests
+        end
+        def used_manifests
+          @used_manifests ||= content_blocks.map(&:manifest_name)
+        end
+        def unused_manifests
+          @unused_manifests ||= Decidim.content_blocks.for(content_block_scope).reject do |manifest|
+            used_manifests.include?(manifest.name.to_s)
+          end
+        end
+      end
+    end
+  end
+end

data/app/controllers/concerns/decidim/admin/landing_page_content_blocks.rb ADDED Viewed

@@ -0,0 +1,118 @@
+# frozen_string_literal: true
+module Decidim
+  module Admin
+    module LandingPageContentBlocks
+      extend ActiveSupport::Concern
+      included do
+        helper_method :content_block, :resource_landing_page_content_block_path,
+                      :scoped_resource, :submit_button_text
+        def edit
+          enforce_permission_to_update_resource
+          @form = form(Decidim::Admin::ContentBlockForm).from_model(content_block)
+          render "decidim/admin/shared/landing_page_content_blocks/edit"
+        end
+        def update
+          enforce_permission_to_update_resource
+          @form = form(Decidim::Admin::ContentBlockForm).from_params(params)
+          Decidim::Admin::UpdateContentBlock.call(@form, content_block, content_block_scope) do
+            on(:ok) do
+              redirect_to edit_resource_landing_page_path
+            end
+            on(:invalid) do
+              render "decidim/admin/shared/landing_page_content_blocks/edit"
+            end
+          end
+        end
+        private
+        # Method to be implemented at the controller. You need to
+        # return a symbol that defines the content block scope.
+        # Examples of scopes could be `:homepage` or `:voting_landing_page`.
+        def content_block_scope
+          raise "#{self.class.name} is expected to implement #content_block_scope"
+        end
+        # Method to be implemented at the controller. You need to
+        # return an Object to filter the content blocks for the given resource.
+        #
+        # For example a `Voting` record.
+        def scoped_resource
+          raise "#{self.class.name} is expected to implement #scoped_resource"
+        end
+        # Method to be implemented at the controller. Defines the permissions for
+        # edit and update actions.
+        #
+        # Example: `enforce_permission_to :manage_landing_page, :voting, voting: current_space`.
+        def enforce_permission_to_update_resource
+          raise "#{self.class.name} is expected to implement #enforce_permission_to_update_resource"
+        end
+        # Method to be implemented at the controller. Returns the URL
+        # to the edit landing page path.
+        #
+        # Example: `edit_voting_landing_page_path(scoped_resource)`
+        def edit_resource_landing_page_path
+          raise "#{self.class.name} is expected to implement #edit_resource_landing_page_path"
+        end
+        # Method to be implemented at the controller. Returns the URL
+        # where the ContentBlockForm is submitted.
+        #
+        # Example: `voting_landing_page_content_block_path(scoped_resource, params[:id])`
+        def resource_landing_page_content_block_path
+          raise "#{self.class.name} is expected to implement #resource_landing_page_content_block_path"
+        end
+        # Method to be implemented at the controller. Returns a string
+        # with the text for the submit button of the ContentBlockForm.
+        #
+        # Example: t("landing_page.content_blocks.edit.update", scope: "decidim.votings.admin")
+        def submit_button_text
+          raise "#{self.class.name} is expected to implement #submit_button_text"
+        end
+        # Shared methods
+        def content_block
+          @content_block ||= content_blocks.find_by(manifest_name: params[:id]) || content_block_from_manifest
+        end
+        def content_block_manifest
+          @content_block_manifest = unused_content_block_manifests.find { |manifest| manifest.name.to_s == params[:id] }
+        end
+        def content_blocks
+          @content_blocks ||= Decidim::ContentBlock.for_scope(
+            content_block_scope,
+            organization: current_organization
+          ).where(scoped_resource_id: scoped_resource.id)
+        end
+        def used_content_block_manifests
+          @used_content_block_manifests ||= content_blocks.map(&:manifest_name)
+        end
+        def unused_content_block_manifests
+          @unused_content_block_manifests ||= Decidim.content_blocks.for(content_block_scope).reject do |manifest|
+            used_content_block_manifests.include?(manifest.name.to_s)
+          end
+        end
+        def content_block_from_manifest
+          Decidim::ContentBlock.create!(
+            organization: current_organization,
+            scope_name: content_block_scope,
+            scoped_resource_id: scoped_resource.id,
+            manifest_name: params[:id]
+          )
+        end
+      end
+    end
+  end
+end

data/app/controllers/concerns/decidim/moderations/admin/filterable.rb ADDED Viewed

@@ -0,0 +1,54 @@
+# frozen_string_literal: true
+require "active_support/concern"
+module Decidim
+  module Moderations
+    module Admin
+      module Filterable
+        extend ActiveSupport::Concern
+        included do
+          include Decidim::Admin::Filterable
+          private
+          def base_query
+            collection
+          end
+          def filters
+            [
+              :reportable_type_string_eq
+            ]
+          end
+          def filters_with_values
+            {
+              reportable_type_string_eq: reportable_types
+            }
+          end
+          def dynamically_translated_filters
+            [:reportable_type_string_eq]
+          end
+          def translated_reportable_type_string_eq(value)
+            value.constantize.name.demodulize
+          end
+          # Private: the predicate used by `Ransack` to perform a search. We used `reported` instead
+          #          of `reportable` because otherwise `Ransack` try to traverse the polymorphic
+          #          association automatically and it fails.
+          def search_field_predicate
+            :reported_id_string_or_reported_content_cont
+          end
+          def reportable_types
+            collection.pluck(:decidim_reportable_type).uniq.sort
+          end
+        end
+      end
+    end
+  end
+end

data/app/controllers/decidim/admin/block_user_controller.rb ADDED Viewed

@@ -0,0 +1,60 @@
+# frozen_string_literal: true
+module Decidim
+  module Admin
+    class BlockUserController < Decidim::Admin::ApplicationController
+      layout "decidim/admin/users"
+      helper_method :user
+      def new
+        enforce_permission_to :block, :admin_user
+        @form = form(BlockUserForm).from_model(user)
+      end
+      def create
+        enforce_permission_to :block, :admin_user
+        @form = form(BlockUserForm).from_params(params)
+        BlockUser.call(@form) do
+          on(:ok) do
+            flash[:notice] = I18n.t("officializations.block.success", scope: "decidim.admin")
+            redirect_to officializations_path(q: { name_or_nickname_or_email_cont: user.name }), notice: notice
+          end
+          on(:invalid) do
+            flash[:alert] = I18n.t("officializations.block.error", scope: "decidim.admin")
+            render :new
+          end
+        end
+      end
+      def destroy
+        enforce_permission_to :block, :admin_user
+        UnblockUser.call(user, current_user) do
+          on(:ok) do
+            flash[:notice] = I18n.t("officializations.unblock.success", scope: "decidim.admin")
+          end
+          on(:invalid) do
+            flash[:alert] = I18n.t("officializations.unblock.error", scope: "decidim.admin")
+          end
+        end
+        redirect_to officializations_path(q: { name_or_nickname_or_email_cont: user.name }), notice: notice
+      end
+      private
+      def user
+        @user ||= Decidim::User.find_by(
+          id: params[:user_id],
+          organization: current_organization
+        )
+      end
+    end
+  end
+end

data/app/controllers/decidim/admin/components/base_controller.rb CHANGED Viewed

@@ -14,6 +14,7 @@ module Decidim
         helper Decidim::ResourceHelper
         helper Decidim::Admin::ExportsHelper
+        helper Decidim::Admin::ImportsHelper
         helper Decidim::Admin::BulkActionsHelper
         helper Decidim::Admin::ResourcePermissionsHelper

data/app/controllers/decidim/admin/conflicts_controller.rb ADDED Viewed

@@ -0,0 +1,46 @@
+# frozen_string_literal: true
+module Decidim
+  module Admin
+    class ConflictsController < Decidim::Admin::ApplicationController
+      layout "decidim/admin/users"
+      def index
+        @conflicts = Decidim::Verifications::Conflict.all
+      end
+      def edit
+        conflict = Decidim::Verifications::Conflict.find(params[:id])
+        @form = form(TransferUserForm).from_params(
+          user: conflict.current_user,
+          managed_user: conflict.managed_user,
+          conflict: conflict
+        )
+      end
+      def update
+        conflict = Decidim::Verifications::Conflict.find(params[:id])
+        @form = form(TransferUserForm).from_params(
+          current_user: current_user,
+          conflict: conflict,
+          reason: params[:transfer_user][:reason],
+          email: params[:transfer_user][:email]
+        )
+        TransferUser.call(@form) do
+          on(:ok) do
+            flash[:notice] = I18n.t("success", scope: "decidim.admin.conflicts.transfer")
+            redirect_to conflicts_path
+          end
+          on(:invalid) do
+            flash.now[:alert] = I18n.t("error", scope: "decidim.admin.conflicts.transfer")
+            redirect_to decidim.root_path
+          end
+        end
+      end
+    end
+  end
+end

data/app/controllers/decidim/admin/exports_controller.rb CHANGED Viewed

@@ -9,8 +9,7 @@ module Decidim
       def create
         enforce_permission_to :export, :component_data, component: component
         name = params[:id]
-        ExportJob.perform_later(current_user, component, name, params[:format] || default_format)
+        ExportJob.perform_later(current_user, component, name, params[:format] || default_format, params[:resource_id].presence)
         flash[:notice] = t("decidim.admin.exports.notice")

data/app/controllers/decidim/admin/global_moderations/reports_controller.rb ADDED Viewed

@@ -0,0 +1,18 @@
+# frozen_string_literal: true
+module Decidim
+  module Admin
+    module GlobalModerations
+      # This controller allows admins to manage reports in a moderation.
+      class ReportsController < Decidim::Admin::Moderations::ReportsController
+        layout "decidim/admin/global_moderations"
+        include Decidim::Admin::GlobalModerationContext
+        def moderation
+          @moderation ||= moderations_for_user.find(params[:moderation_id])
+        end
+      end
+    end
+  end
+end

data/app/controllers/decidim/admin/global_moderations_controller.rb ADDED Viewed

@@ -0,0 +1,32 @@
+# frozen_string_literal: true
+module Decidim
+  module Admin
+    # This controller allows admin users to manage all moderations from the
+    # participatory spaces they have access to.
+    class GlobalModerationsController < Decidim::Admin::ModerationsController
+      layout "decidim/admin/global_moderations"
+      include Decidim::Admin::GlobalModerationContext
+      # Private: This method is used by the `Filterable` concern as the base query
+      # without applying filtering and/or sorting options.
+      def collection
+        @collection ||=
+          if params[:hidden]
+            moderations_for_user.where.not(hidden_at: nil)
+          else
+            moderations_for_user.where(hidden_at: nil)
+          end
+      end
+      # Private: fins the reportable of the specific moderation the user is
+      # trying to manage.
+      #
+      # Returns a resource implementing the `Decidim::Reportable` concern.
+      def reportable
+        @reportable ||= moderations_for_user.find(params[:id]).reportable
+      end
+    end
+  end
+end

data/app/controllers/decidim/admin/impersonations_controller.rb CHANGED Viewed

@@ -97,7 +97,7 @@ module Decidim
           managed: true,
           name: params.dig(:impersonate_user, :name)
         ) do |u|
-          u.nickname = UserBaseEntity.nicknamize(u.name, organization: current_organization)
+          u.nickname = Decidim::UserBaseEntity.nicknamize(u.name, organization: current_organization)
           u.admin = false
           u.tos_agreement = true
         end