decidim-core 0.0.1.alpha7 → 0.0.1.alpha8

data/README.md

@@ -25,4 +25,4 @@ $ gem install decidim
 Contribution directions go here.
 
 ## License
-The gem is available as open source under the terms of the [MIT License](http://opensource.org/licenses/MIT).
+The gem is available as open source under the terms of the [AGPLv3 License](https://opensource.org/licenses/AGPL-3.0).

data/app/assets/javascripts/decidim.js.es6

@@ -0,0 +1,13 @@
+//= require foundation
+//= require modernizr
+//= require owl.carousel.min
+//= require svg4everybody.min
+//= require appendAround
+
+/* globals svg4everybody */
+
+$(document).on('turbolinks:load', () => {
+  $(document).foundation();
+  $('.js-append').appendAround();
+  svg4everybody();
+});

data/app/assets/stylesheets/decidim/_variables.scss

@@ -0,0 +1,23 @@
+// Variables
+$body-font-color: #3D393C;
+
+$primary: #ef604d !default;
+$secondary: #599aa6 !default;
+$success: #3adb76 !default;
+$warning: #ffae00 !default;
+$alert: #ec5840 !default;
+
+$light-gray: #fafafa !default;
+$light-gray-dark: darken($light-gray, 2.5) !default;
+$medium-gray: #e8e8e8 !default;
+$dark-gray: #2c2930 !default;
+$black: #1a181d !default;
+$white: #fff !default;
+
+$twitter: #55acee !default;
+$facebook: #3b5998 !default;
+$google: #dd4b39 !default;
+
+$muted: lighten($body-font-color, 30) !default;
+
+$border: 1px solid $medium-gray !default;

data/app/assets/stylesheets/decidim/application.sass

@@ -1,3 +1,4 @@
+@import "variables"
 @import "utils/*"
 
 @import foundation
@@ -5,3 +6,4 @@
 
 @import "modules/*"
 @import "layouts/*"
+@import "extras/*"

data/app/assets/stylesheets/decidim/extras/_turbolinks.scss

@@ -0,0 +1,3 @@
+.turbolinks-progress-bar{
+  background-color: $primary;
+}

data/app/assets/stylesheets/decidim/modules/_cards.scss

@@ -12,11 +12,6 @@ $card-margin-bottom: map-get($grid-column-gutter, medium);
 
 $card-footer-bg: $light-gray-dark;
 
-$card-proposal: $proposals;
-$card-action: $actions;
-$card-debate: $debates;
-$card-meeting: $meetings;
-
 $datetime-bg: $primary;
 
 

data/app/assets/stylesheets/decidim/utils/_settings.scss

@@ -49,19 +49,13 @@ $global-font-size: 100%;
 $global-width: rem-calc(1200);
 $global-lineheight: 1.5;
 $foundation-palette: (
-  primary: #ef604d,
-  secondary: #599aa6,
-  success: #57d685,
-  warning: #ffae00,
-  alert: #ec5840,
+  primary: $primary,
+  secondary: $secondary,
+  success: $success,
+  warning: $warning,
+  alert: $alert,
 );
-$light-gray: #fafafa;
-$medium-gray: #e8e8e8;
-$dark-gray: #2c2930;
-$black: #1a181d;
-$white: #fff;
 $body-background: $light-gray;
-$body-font-color: #3D393C;
 $body-font-family: 'Source Sans Pro', Helvetica, Roboto, Arial, sans-serif;
 $body-antialiased: true;
 $global-margin: 1rem;

data/app/commands/decidim/authorize_user.rb

@@ -0,0 +1,37 @@
+# frozen_string_literal: true
+module Decidim
+  # A command to authorize a user with an authorization handler.
+  class AuthorizeUser < Rectify::Command
+    # Public: Initializes the command.
+    #
+    # handler - An AuthorizationHandler object.
+    def initialize(handler)
+      @handler = handler
+    end
+
+    # Executes the command. Braodcasts these events:
+    #
+    # - :ok when everything is valid.
+    # - :invalid if the handler wasn't valid and we couldn't proceed.
+    #
+    # Returns nothing.
+    def call
+      return broadcast(:invalid) unless handler.valid?
+
+      create_authorization
+      broadcast(:ok)
+    end
+
+    private
+
+    attr_reader :handler
+
+    def create_authorization
+      Authorization.create!(
+        user: handler.user,
+        name: handler.handler_name,
+        metadata: handler.metadata
+      )
+    end
+  end
+end

data/app/controllers/concerns/decidim/needs_authorization.rb

@@ -0,0 +1,36 @@
+# frozen_string_literal: true
+
+require "active_support/concern"
+
+module Decidim
+  # Shared behaviour for controllers that need authorization to work.
+  module NeedsAuthorization
+    extend ActiveSupport::Concern
+
+    included do
+      check_authorization
+
+      rescue_from CanCan::AccessDenied, with: :user_not_authorized
+
+      private
+
+      # Overwrites `cancancan`'s method to point to the correct ability class,
+      # since the gem expects the ability class to be in the root namespace.
+      def current_ability
+        @current_ability ||= Decidim::Ability.new(current_user)
+      end
+
+      # Handles the case when a user visits a path that is not allowed to them.
+      # Redirects the user to the root path and shows a flash message telling
+      # them they are not authorized.
+      def user_not_authorized
+        flash[:alert] = t("actions.unauthorized", scope: "decidim.core")
+        redirect_to(request.referrer || user_not_authorized_path)
+      end
+
+      def user_not_authorized_path
+        raise NotImplementedError
+      end
+    end
+  end
+end

data/app/controllers/decidim/account_controller.rb

@@ -0,0 +1,26 @@
+# frozen_string_literal: true
+require_dependency "decidim/application_controller"
+
+module Decidim
+  # The controller to handle the user's account page.
+  class AccountController < ApplicationController
+    helper_method :authorizations, :handlers
+    authorize_resource :user_account, class: false
+
+    private
+
+    def handlers
+      @handlers ||= Decidim.authorization_handlers.reject do |handler|
+        authorized_handlers.include?(handler.handler_name)
+      end
+    end
+
+    def authorizations
+      @authorizations ||= current_user.authorizations
+    end
+
+    def authorized_handlers
+      authorizations.map(&:name)
+    end
+  end
+end

data/app/controllers/decidim/application_controller.rb

@@ -4,8 +4,13 @@ module Decidim
   class ApplicationController < ActionController::Base
     include Decidim::NeedsOrganization
     include Decidim::LocaleSwitcher
+    include NeedsAuthorization
     protect_from_forgery with: :exception, prepend: true
 
     layout "application"
+
+    def user_not_authorized_path
+      decidim.root_path
+    end
   end
 end

data/app/controllers/decidim/authorizations_controller.rb

@@ -0,0 +1,76 @@
+# frozen_string_literal: true
+require_dependency "decidim/application_controller"
+
+module Decidim
+  # This controller allows users to create and destroy their authorizations. It
+  # shouldn't be necessary to expand it to add new authorization schemes.
+  class AuthorizationsController < ApplicationController
+    helper_method :handler, :handlers
+    before_action :valid_handler, only: [:new, :create]
+    before_action :only_one_handler?, only: [:index]
+
+    def new
+      authorize! current_user, Authorization
+    end
+
+    def index
+      authorize! current_user, Authorization
+    end
+
+    def create
+      authorize! current_user, Authorization
+
+      AuthorizeUser.call(handler) do
+        on(:ok) do
+          flash[:notice] = t("authorizations.create.success", scope: "decidim")
+          redirect_to account_path
+        end
+
+        on(:invalid) do
+          flash[:alert] = t("authorizations.create.error", scope: "decidim")
+          render action: :new
+        end
+      end
+    end
+
+    def destroy
+      @authorization = current_user.authorizations.find(params[:id])
+      authorize! current_user, @authorization
+
+      @authorization.destroy
+      flash[:notice] = t("authorizations.destroy.success", scope: "decidim")
+      redirect_to account_path
+    end
+
+    def handler
+      @handler ||= AuthorizationHandler.handler_for(handler_name, handler_params)
+    end
+
+    def handlers
+      @handlers ||= Decidim.authorization_handlers
+    end
+
+    protected
+
+    def handler_params
+      (params[:authorization_handler] || {}).merge(user: current_user)
+    end
+
+    def handler_name
+      params[:handler] || params[:authorization_handler][:handler_name]
+    end
+
+    def valid_handler
+      return true if handler
+
+      logger.warn "Invalid authorization handler given: #{handler_name} doesn't"\
+        "exist or you haven't added it to `Decidim.authorization_handlers`"
+
+      redirect_to(account_path) && (return false)
+    end
+
+    def only_one_handler?
+      redirect_to(action: :new, handler: handlers.first.handler_name) && return if handlers.length == 1
+    end
+  end
+end

data/app/controllers/decidim/devise/registrations_controller.rb

@@ -12,7 +12,7 @@ module Decidim
       protected
 
       def configure_permitted_parameters
-        devise_parameter_sanitizer.permit(:sign_up, keys: [:name])
+        devise_parameter_sanitizer.permit(:sign_up, keys: [:name, :tos_agreement])
       end
 
       # Called before resource.save

data/app/controllers/decidim/devise/sessions_controller.rb

@@ -6,6 +6,14 @@ module Decidim
       include Decidim::NeedsOrganization
       include Decidim::LocaleSwitcher
       layout "application"
+
+      def after_sign_in_path_for(user)
+        if user.is_a?(User) && user.sign_in_count == 1 && Decidim.authorization_handlers.any?
+          authorizations_path
+        else
+          super
+        end
+      end
     end
   end
 end

data/app/controllers/decidim/locales_controller.rb

@@ -4,6 +4,8 @@ require_dependency "decidim/application_controller"
 module Decidim
   # A controller to allow users switching their locale.
   class LocalesController < ApplicationController
+    authorize_resource :locales, class: false
+
     def create
       if current_user && params["locale"] && available_locales.include?(params["locale"])
         current_user.update_attribute(:locale, params["locale"])

data/app/controllers/decidim/pages_controller.rb

@@ -0,0 +1,10 @@
+# frozen_string_literal: true
+require_dependency "decidim/application_controller"
+
+module Decidim
+  # This controller serves static pages using HighVoltage.
+  class PagesController < ApplicationController
+    include HighVoltage::StaticPage
+    authorize_resource :public_pages, class: false
+  end
+end

data/app/controllers/decidim/participatory_processes_controller.rb

@@ -0,0 +1,32 @@
+# frozen_string_literal: true
+require_dependency "decidim/application_controller"
+
+module Decidim
+  # A controller that holds the logic to show ParticipatoryProcesses in a
+  # public layout.
+  class ParticipatoryProcessesController < ApplicationController
+    helper_method :participatory_processes, :participatory_process, :promoted_processes
+
+    def index
+      authorize! :read, ParticipatoryProcess
+    end
+
+    def show
+      authorize! :read, participatory_process
+    end
+
+    private
+
+    def participatory_process
+      @participatory_process ||= ParticipatoryProcess.find(params[:id])
+    end
+
+    def participatory_processes
+      @participatory_processes ||= current_organization.participatory_processes.includes(:active_step).published
+    end
+
+    def promoted_processes
+      @promoted_processes ||= participatory_processes.promoted
+    end
+  end
+end

data/app/helpers/decidim/authorization_form_helper.rb

@@ -0,0 +1,25 @@
+# frozen_string_literal: true
+module Decidim
+  # A heper to expose an easy way to add authorization forms in a view.
+  module AuthorizationFormHelper
+    # Creates a ew authorization form in a view, accepts the same arguments as
+    # `form_for`.
+    #
+    # record  - The record to use in the form, it shoulde be a descendant of
+    # AuthorizationHandler.
+    # options - An optional hash with options to pass wo the form builder.
+    # block   - A block with the content of the form.
+    #
+    # Returns a String.
+    def authorization_form_for(record, options = {}, &block)
+      default_options = {
+        builder: AuthorizationFormBuilder,
+        as: "authorization_handler",
+        url: authorizations_path
+      }
+
+      options = default_options.merge(options)
+      form_for(record, options, &block)
+    end
+  end
+end

data/app/helpers/decidim/humanize_booleans_helper.rb

@@ -0,0 +1,14 @@
+# frozen_string_literal: true
+module Decidim
+  # Helper to print booleans in a human way.
+  module HumanizeBooleansHelper
+    # Displays booleans in a human way (yes/no, supporting i18n). Supports
+    # `nil` values as `false`.
+    #
+    # boolean - a Boolean that will be displayed in a human way.
+    def humanize_boolean(boolean)
+      value = boolean ? "true" : "false"
+      I18n.t(value, scope: "booleans")
+    end
+  end
+end

data/app/mailers/decidim/application_mailer.rb

@@ -5,7 +5,7 @@ module Decidim
   class ApplicationMailer < ActionMailer::Base
     include Roadie::Rails::Automatic
 
-    default from: "from@example.com"
+    default from: Decidim.config.mailer_sender
     layout "mailer"
   end
 end

data/app/models/decidim/abilities/everyone.rb

@@ -0,0 +1,16 @@
+# frozen_string_literal: true
+module Decidim
+  module Abilities
+    # Defines the base abilities for any user. Guest users will use these too.
+    # Intended to be used with `cancancan`.
+    class Everyone
+      include CanCan::Ability
+
+      def initialize(_user)
+        can :read, ParticipatoryProcess, &:published?
+        can :read, :public_pages
+        can :manage, :locales
+      end
+    end
+  end
+end