RubyGems - decidim-assemblies - Versions diffs - 0.11.2 → 0.12.0.pre - Mend

decidim-assemblies 0.11.2 → 0.12.0.pre

Files changed (86) hide show

data/app/models/decidim/assembly.rb CHANGED Viewed

@@ -49,6 +49,11 @@ module Decidim
              dependent: :destroy,
              as: :participatory_space
+    has_many :members,
+             foreign_key: "decidim_assembly_id",
+             class_name: "Decidim::AssemblyMember",
+             dependent: :destroy
     has_many :components, as: :participatory_space, dependent: :destroy
     has_many :children, foreign_key: "parent_id", class_name: "Decidim::Assembly", inverse_of: :parent, dependent: :destroy
@@ -89,7 +94,7 @@ module Decidim
     end
     def self_and_ancestors
-      self.class.where("#{self.class.table_name}.parents_path @> ?", parents_path).order("string_to_array(#{self.class.table_name}.parents_path::text, '.')")
+      self.class.where("#{self.class.table_name}.parents_path @> ?", parents_path).order(Arel.sql("string_to_array(#{self.class.table_name}.parents_path::text, '.')"))
     end
     def ancestors
@@ -104,6 +109,12 @@ module Decidim
       super.where(private_space: false).or(Decidim::Assembly.where(private_space: true).where(is_transparent: true))
     end
+    def can_participate?(user)
+      return true unless private_space?
+      return true if private_space? && users.include?(user)
+      return false if private_space? && is_transparent?
+    end
     private
     # When an assembly changes their parent, we need to update the parents_path attribute

data/app/models/decidim/assembly_member.rb ADDED Viewed

@@ -0,0 +1,24 @@
+# frozen_string_literal: true
+module Decidim
+  # It represents a member of the assembly (president, secretary, ...)
+  # Can be linked to an existent user in the platform
+  class AssemblyMember < ApplicationRecord
+    include Decidim::Traceable
+    include Decidim::Loggable
+    POSITIONS = %w(president vice_president secretary other).freeze
+    belongs_to :user, foreign_key: "decidim_user_id", class_name: "Decidim::User", optional: true
+    belongs_to :assembly, foreign_key: "decidim_assembly_id", class_name: "Decidim::Assembly"
+    alias participatory_space assembly
+    default_scope { order(weight: :asc, created_at: :asc) }
+    scope :not_ceased, -> { where(ceased_date: nil) }
+    def self.log_presenter_class_for(_log)
+      Decidim::Assemblies::AdminLog::AssemblyMemberPresenter
+    end
+  end
+end

data/app/permissions/decidim/assemblies/permissions.rb ADDED Viewed

@@ -0,0 +1,230 @@
+# frozen_string_literal: true
+module Decidim
+  module Assemblies
+    class Permissions < Decidim::DefaultPermissions
+      def permissions
+        user_can_enter_space_area?
+        return permission_action if assembly && !assembly.is_a?(Decidim::Assembly)
+        if permission_action.scope == :public
+          public_list_assemblies_action?
+          public_read_assembly_action?
+          public_list_members_action?
+          public_report_content_action?
+          return permission_action
+        end
+        return permission_action unless user
+        if !has_manageable_assemblies? && !user.admin?
+          disallow!
+          return permission_action
+        end
+        return permission_action unless permission_action.scope == :admin
+        if read_admin_dashboard_action?
+          user_can_read_admin_dashboard?
+          return permission_action
+        end
+        user_can_read_assembly_list?
+        user_can_read_current_assembly?
+        user_can_create_assembly?
+        user_can_destroy_assembly?
+        # org admins and space admins can do everything in the admin section
+        org_admin_action?
+        return permission_action unless assembly
+        moderator_action?
+        collaborator_action?
+        assembly_admin_action?
+        permission_action
+      end
+      private
+      # It's an admin user if it's an organization admin or is a space admin
+      # for the current `assembly`.
+      def admin_user?
+        user.admin? || (assembly ? can_manage_assembly?(role: :admin) : has_manageable_assemblies?)
+      end
+      # Checks if it has any manageable assembly, with any possible role.
+      def has_manageable_assemblies?(role: :any)
+        return unless user
+        assemblies_with_role_privileges(role).any?
+      end
+      # Whether the user can manage the given assembly or not.
+      def can_manage_assembly?(role: :any)
+        return unless user
+        assemblies_with_role_privileges(role).include? assembly
+      end
+      # Returns a collection of assemblies where the given user has the
+      # specific role privilege.
+      def assemblies_with_role_privileges(role)
+        Decidim::Assemblies::AssembliesWithUserRole.for(user, role)
+      end
+      def public_list_assemblies_action?
+        return unless permission_action.action == :list &&
+                      permission_action.subject == :assembly
+        allow!
+      end
+      def public_read_assembly_action?
+        return unless permission_action.action == :read &&
+                      [:assembly, :participatory_space].include?(permission_action.subject) &&
+                      assembly
+        return allow! if user&.admin?
+        return allow! if assembly.published?
+        toggle_allow(can_manage_assembly?)
+      end
+      def public_list_members_action?
+        return unless permission_action.action == :list &&
+                      permission_action.subject == :members
+        allow!
+      end
+      def public_report_content_action?
+        return unless permission_action.action == :create &&
+                      permission_action.subject == :moderation
+        allow!
+      end
+      # All users with a relation to a assembly and organization admins can enter
+      # the space area. The sapce area is considered to be the assemblies zone,
+      # not the assembly groups one.
+      def user_can_enter_space_area?
+        return unless permission_action.action == :enter &&
+                      permission_action.scope == :admin &&
+                      permission_action.subject == :space_area &&
+                      context.fetch(:space_name, nil) == :assemblies
+        toggle_allow(user.admin? || has_manageable_assemblies?)
+      end
+      # Checks if the permission_action is to read in the admin or not.
+      def admin_read_permission_action?
+        permission_action.action == :read
+      end
+      def read_admin_dashboard_action?
+        permission_action.action == :read &&
+          permission_action.subject == :admin_dashboard
+      end
+      # Any user that can enter the space area can read the admin dashboard.
+      def user_can_read_admin_dashboard?
+        toggle_allow(user.admin? || has_manageable_assemblies?)
+      end
+      # Only organization admins can create a assembly
+      def user_can_create_assembly?
+        return unless permission_action.action == :create &&
+                      permission_action.subject == :assembly
+        toggle_allow(user.admin?)
+      end
+      # Only organization admins can destroy a assembly
+      def user_can_destroy_assembly?
+        return unless permission_action.action == :destroy &&
+                      permission_action.subject == :assembly
+        toggle_allow(user.admin?)
+      end
+      # Everyone can read the assembly list
+      def user_can_read_assembly_list?
+        return unless read_assembly_list_permission_action?
+        toggle_allow(user.admin? || has_manageable_assemblies?)
+      end
+      def user_can_read_current_assembly?
+        return unless read_assembly_list_permission_action?
+        return if permission_action.subject == :assembly_list
+        toggle_allow(user.admin? || can_manage_assembly?)
+      end
+      # A moderator needs to be able to read the assembly they are assigned to,
+      # and needs to perform all actions for the moderations of that assembly.
+      def moderator_action?
+        return unless can_manage_assembly?(role: :moderator)
+        allow! if permission_action.subject == :moderation
+      end
+      # Collaborators can read/preview everything inside their assembly.
+      def collaborator_action?
+        return unless can_manage_assembly?(role: :collaborator)
+        allow! if permission_action.action == :read || permission_action.action == :preview
+      end
+      # Process admins can eprform everything *inside* that assembly. They cannot
+      # create a assembly or perform actions on assembly groups or other
+      # assemblies. They cannot destroy their assembly either.
+      def assembly_admin_action?
+        return unless can_manage_assembly?(role: :admin)
+        return if user.admin?
+        return disallow! if permission_action.action == :create &&
+                            permission_action.subject == :assembly
+        return disallow! if permission_action.action == :destroy &&
+                            permission_action.subject == :assembly
+        is_allowed = [
+          :attachment,
+          :attachment_collection,
+          :category,
+          :component,
+          :component_data,
+          :moderation,
+          :assembly,
+          :assembly_user_role,
+          :assembly_member
+        ].include?(permission_action.subject)
+        allow! if is_allowed
+      end
+      def org_admin_action?
+        return unless user.admin?
+        is_allowed = [
+          :attachment,
+          :attachment_collection,
+          :category,
+          :component,
+          :component_data,
+          :moderation,
+          :assembly,
+          :assembly_user_role,
+          :assembly_member,
+          :space_private_user
+        ].include?(permission_action.subject)
+        allow! if is_allowed
+      end
+      # Checks if the permission_action is to read the admin assemblies list or
+      # not.
+      def read_assembly_list_permission_action?
+        permission_action.action == :read &&
+          [:assembly, :participatory_space, :assembly_list].include?(permission_action.subject)
+      end
+      def assembly
+        @assembly ||= context.fetch(:current_participatory_space, nil) || context.fetch(:assembly, nil)
+      end
+    end
+  end
+end

data/app/presenters/decidim/admin/assembly_member_presenter.rb ADDED Viewed

@@ -0,0 +1,24 @@
+# frozen_string_literal: true
+module Decidim
+  module Admin
+    #
+    # Decorator for assembly members
+    #
+    class AssemblyMemberPresenter < SimpleDelegator
+      def name
+        if user
+          "#{user.name} (#{Decidim::UserPresenter.new(user).nickname})"
+        else
+          full_name
+        end
+      end
+      def position
+        return position_other if __getobj__.position == "other"
+        I18n.t(__getobj__.position, scope: "decidim.admin.models.assembly_member.positions", default: "")
+      end
+    end
+  end
+end

data/app/presenters/decidim/assemblies/admin_log/assembly_member_presenter.rb ADDED Viewed

@@ -0,0 +1,52 @@
+# frozen_string_literal: true
+module Decidim
+  module Assemblies
+    module AdminLog
+      # This class holds the logic to present a `Decidim::AssemblyMember`
+      # for the `AdminLog` log.
+      #
+      # Usage should be automatic and you shouldn't need to call this class
+      # directly, but here's an example:
+      #
+      #    action_log = Decidim::ActionLog.last
+      #    view_helpers # => this comes from the views
+      #    AssemblyMemberPresenter.new(action_log, view_helpers).present
+      class AssemblyMemberPresenter < Decidim::Log::BasePresenter
+        private
+        def diff_fields_mapping
+          {
+            full_name: :string,
+            gender: :string,
+            birthday: :date,
+            birthplace: :string,
+            designation_date: :date,
+            designation_mode: :string,
+            position: "Decidim::Assemblies::AdminLog::ValueTypes::MemberPositionPresenter",
+            position_other: :string,
+            weight: :integer,
+            ceased_date: :date
+          }
+        end
+        def i18n_labels_scope
+          "activemodel.attributes.assembly_member"
+        end
+        def action_string
+          case action
+          when "create", "delete", "update"
+            "decidim.admin_log.assembly_member.#{action}"
+          else
+            super
+          end
+        end
+        def has_diff?
+          action == "delete" || super
+        end
+      end
+    end
+  end
+end

data/app/presenters/decidim/assemblies/admin_log/value_types/member_position_presenter.rb ADDED Viewed

@@ -0,0 +1,21 @@
+# frozen_string_literal: true
+module Decidim
+  module Assemblies
+    module AdminLog
+      module ValueTypes
+        # This class presents the given value as an assembly member position.
+        # Check the `DefaultPresenter` for more info on how value presenters work.
+        class MemberPositionPresenter < Decidim::Log::ValueTypes::DefaultPresenter
+          # Public: Presents the value as an assembly member position.
+          #
+          # Returns an HTML-safe String.
+          def present
+            return if value.blank?
+            h.t(value, scope: "decidim.admin.models.assembly_member.positions", default: value)
+          end
+        end
+      end
+    end
+  end
+end

data/app/presenters/decidim/assembly_member_presenter.rb ADDED Viewed

@@ -0,0 +1,46 @@
+# frozen_string_literal: true
+module Decidim
+  #
+  # Decorator for assembly members
+  #
+  class AssemblyMemberPresenter < SimpleDelegator
+    def age
+      (Time.current.strftime("%Y%m%d").to_i - birthday.strftime("%Y%m%d").to_i) / 10_000 if birthday
+    end
+    delegate :profile_url, :avatar_url, to: :user, allow_nil: true
+    def name
+      user ? user.name : full_name
+    end
+    def nickname
+      user.nickname if user
+    end
+    def personal_information
+      [
+        gender.presence,
+        age,
+        birthplace.presence
+      ].compact.join(" / ")
+    end
+    def position
+      return position_other if __getobj__.position == "other"
+      I18n.t(__getobj__.position, scope: "decidim.admin.models.assembly_member.positions", default: "")
+    end
+    private
+    def user
+      @user ||= begin
+        if (user = __getobj__.user.presence)
+          Decidim::UserPresenter.new(user)
+        end
+      end
+    end
+  end
+end

data/app/queries/decidim/assemblies/admin/assembly_members.rb ADDED Viewed

@@ -0,0 +1,55 @@
+# frozen_string_literal: true
+module Decidim
+  module Assemblies
+    module Admin
+      # A class used to find the AssemblyMembers's by their status status.
+      class AssemblyMembers < Rectify::Query
+        # Syntactic sugar to initialize the class and return the queried objects.
+        #
+        # assembly_members - the initial AssemblyMember relation that needs to be filtered.
+        # query - query to filter user group names
+        # status - ceased status to be used as a filter
+        def self.for(assembly_members, query = nil, status = nil)
+          new(assembly_members, query, status).query
+        end
+        # Initializes the class.
+        #
+        # assembly_members - the AssemblyMember relation that need to be filtered
+        # query - query to filter user group names
+        # status - ceased status to be used as a filter
+        def initialize(assembly_members, query = nil, status = nil)
+          @assembly_members = assembly_members
+          @query = query
+          @status = status
+        end
+        # List the assembly members by the different filters.
+        def query
+          @assembly_members = filter_by_search(@assembly_members)
+          @assembly_members = filter_by_status(@assembly_members)
+          @assembly_members
+        end
+        private
+        def filter_by_search(assembly_members)
+          return assembly_members if @query.blank?
+          assembly_members.where("LOWER(full_name) LIKE LOWER(?)", "%#{@query}%")
+        end
+        def filter_by_status(assembly_members)
+          case @status
+          when "ceased"
+            assembly_members.where.not(ceased_date: nil)
+          when "not_ceased"
+            assembly_members.where(ceased_date: nil)
+          else
+            assembly_members
+          end
+        end
+      end
+    end
+  end
+end