RubyGems - decidim-core - Versions diffs - 0.0.1 → 0.0.2 - Mend

decidim-core 0.0.1 → 0.0.2

Files changed (118) hide show

data/app/controllers/concerns/decidim/needs_participatory_process.rb CHANGED

@@ -19,14 +19,13 @@ module Decidim
       #
       # Returns the current ParticipatoryProcess.
       def current_participatory_process
-        @current_participatory_process ||=
-          current_organization.participatory_processes.find_by(id: params[:participatory_process_id])
+        @current_participatory_process ||= current_organization.participatory_processes.find_by(id: params[:participatory_process_id] || params[:id])
       end
       private
       def verify_participatory_process
-        raise ActionController::RoutingError, "Not Found" unless current_participatory_process
+        raise ActionController::RoutingError, "Participatory process not found." unless current_participatory_process
       end
     end
   end

data/app/controllers/decidim/devise/confirmations_controller.rb CHANGED

@@ -5,6 +5,8 @@ module Decidim
     class ConfirmationsController < ::Devise::ConfirmationsController
       include Decidim::NeedsOrganization
       include Decidim::LocaleSwitcher
+      helper Decidim::TranslationsHelper
       layout "layouts/decidim/application"
     end
   end

data/app/controllers/decidim/devise/invitations_controller.rb CHANGED

@@ -3,6 +3,10 @@ module Decidim
   module Devise
     # This controller customizes the behaviour of Devise::Invitiable.
     class InvitationsController < ::Devise::InvitationsController
+      include Decidim::NeedsOrganization
+      include Decidim::LocaleSwitcher
+      helper Decidim::TranslationsHelper
       # We don't users to create invitations, so we just redirect them to the
       # homepage.
       def authenticate_inviter!

data/app/controllers/decidim/devise/omniauth_registrations_controller.rb ADDED

@@ -0,0 +1,96 @@
+# frozen_string_literal: true
+module Decidim
+  module Devise
+    # This controller customizes the behaviour of Devise::Omniauthable.
+    class OmniauthRegistrationsController < ::Devise::OmniauthCallbacksController
+      include FormFactory
+      include Decidim::NeedsOrganization
+      include Decidim::LocaleSwitcher
+      helper Decidim::TranslationsHelper
+      layout "layouts/decidim/application"
+      def new
+        @form = form(OmniauthRegistrationForm).from_params(params[:user])
+      end
+      def create
+        form_params = user_params_from_oauth_hash || params[:user]
+        @form = form(OmniauthRegistrationForm).from_params(form_params)
+        @form.email ||= verified_email
+        CreateOmniauthRegistration.call(@form, verified_email) do
+          on(:ok) do |user|
+            if user.active_for_authentication?
+              sign_in_and_redirect user, event: :authentication
+              set_flash_message :notice, :success, kind: @form.provider.capitalize
+            else
+              expire_data_after_sign_in!
+              redirect_to root_path
+              flash[:notice] = t("devise.registrations.signed_up_but_unconfirmed")
+            end
+          end
+          on(:invalid) do
+            set_flash_message :notice, :success, kind: @form.provider.capitalize
+            render :new
+          end
+          on(:error) do
+            redirect_to decidim.new_user_registration_path
+            set_flash_message :alert, :failure, kind: @form.provider, reason: t("decidim.devise.omniauth_registrations.create.email_already_exists")
+          end
+        end
+      end
+      def after_sign_in_path_for(user)
+        if !pending_redirect?(user) && first_login_and_not_authorized?(user)
+          authorizations_path
+        else
+          super
+        end
+      end
+      # Calling the `stored_location_for` method removes the key, so in order
+      # to check if there's any pending redirect after login I need to call
+      # this method and use the value to set a pending redirect. This is the
+      # only way to do this without checking the session directly.
+      def pending_redirect?(user)
+        store_location_for(user, stored_location_for(user))
+      end
+      def first_login_and_not_authorized?(user)
+        user.is_a?(User) && user.sign_in_count == 1 && Decidim.authorization_handlers.any?
+      end
+      def action_missing(action_name)
+        return send(:create) if devise_mapping.omniauthable? && User.omniauth_providers.include?(action_name.to_sym)
+        raise AbstractController::ActionNotFound, "The action '#{action_name}' could not be found for Decidim::Devise::OmniauthCallbacksController"
+      end
+      private
+      def oauth_data
+        return {} unless request.env["omniauth.auth"]
+        @oauth_data ||= request.env["omniauth.auth"].slice(:provider, :uid, :info)
+      end
+      # Private: Create form params from omniauth hash
+      # Since we are using trusted omniauth data we are generating a valid signature.
+      def user_params_from_oauth_hash
+        return nil unless request.env["omniauth.auth"]
+        {
+          provider: oauth_data[:provider],
+          uid: oauth_data[:uid],
+          name: oauth_data[:info][:name],
+          oauth_signature: OmniauthRegistrationForm.create_signature(oauth_data[:provider], oauth_data[:uid])
+        }
+      end
+      def verified_email
+        @verified_email ||= oauth_data.dig(:info, :email)
+      end
+    end
+  end
+end

data/app/controllers/decidim/devise/passwords_controller.rb CHANGED

@@ -5,6 +5,8 @@ module Decidim
     class PasswordsController < ::Devise::PasswordsController
       include Decidim::NeedsOrganization
       include Decidim::LocaleSwitcher
+      helper Decidim::TranslationsHelper
       layout "layouts/decidim/application"
     end
   end

data/app/controllers/decidim/devise/registrations_controller.rb CHANGED

@@ -6,9 +6,43 @@ module Decidim
     class RegistrationsController < ::Devise::RegistrationsController
       include Decidim::NeedsOrganization
       include Decidim::LocaleSwitcher
+      include FormFactory
+      helper Decidim::TranslationsHelper
+      helper Decidim::OmniauthHelper
       layout "layouts/decidim/application"
       before_action :configure_permitted_parameters
+      def new
+        @form = form(RegistrationForm).from_params(
+          user: {
+            sign_up_as: "user"
+          }
+        )
+      end
+      def create
+        @form = form(RegistrationForm).from_params(params[:user])
+        CreateRegistration.call(@form) do
+          on(:ok) do |user|
+            if user.active_for_authentication?
+              set_flash_message! :notice, :signed_up
+              sign_up(:user, user)
+              respond_with user, location: after_sign_up_path_for(user)
+            else
+              set_flash_message! :notice, :"signed_up_but_#{user.inactive_message}"
+              expire_data_after_sign_in!
+              respond_with user, location: after_inactive_sign_up_path_for(user)
+            end
+          end
+          on(:invalid) do
+            render :new
+          end
+        end
+      end
       protected
       def configure_permitted_parameters

data/app/controllers/decidim/devise/sessions_controller.rb CHANGED

@@ -6,6 +6,7 @@ module Decidim
       include Decidim::NeedsOrganization
       include Decidim::LocaleSwitcher
       helper Decidim::TranslationsHelper
+      helper Decidim::OmniauthHelper
       layout "layouts/decidim/application"

data/app/controllers/decidim/pages_controller.rb CHANGED

@@ -11,14 +11,22 @@ module Decidim
     authorize_resource :public_pages, class: false
     delegate :page, to: :page_finder
-    helper_method :page, :participatory_processes
+    helper_method :page, :participatory_processes, :promoted_participatory_processes, :users
     def page_finder
       @page_finder ||= Decidim::PageFinder.new(params[:id], current_organization)
     end
+    def promoted_participatory_processes
+      @promoted_participatory_processes ||= participatory_processes.promoted
+    end
     def participatory_processes
-      @participatory_processes ||= current_organization.participatory_processes.includes(:active_step).published.promoted
+      @participatory_processes ||= current_organization.participatory_processes.includes(:active_step).published
+    end
+    def users
+      @users ||= Decidim::User.where(organization: current_organization)
     end
   end
 end

data/app/controllers/decidim/participatory_process_steps_controller.rb ADDED

@@ -0,0 +1,16 @@
+# frozen_string_literal: true
+require_dependency "decidim/application_controller"
+module Decidim
+  # A controller that holds the logic to show ParticipatoryProcessSteps in a
+  # public layout.
+  class ParticipatoryProcessStepsController < ApplicationController
+    helper_method :participatory_process, :current_participatory_process
+    layout "layouts/decidim/participatory_process", only: [:index]
+    include NeedsParticipatoryProcess
+    def index
+      authorize! :read, ParticipatoryProcess
+    end
+  end
+end

data/app/controllers/decidim/participatory_processes_controller.rb CHANGED

@@ -5,29 +5,24 @@ module Decidim
   # A controller that holds the logic to show ParticipatoryProcesses in a
   # public layout.
   class ParticipatoryProcessesController < ApplicationController
-    helper_method :participatory_processes, :participatory_process, :promoted_processes
-    helper_method :current_participatory_process
+    include NeedsParticipatoryProcess
     layout "layouts/decidim/participatory_process", only: [:show]
+    helper_method :participatory_processes, :promoted_processes
+    skip_after_action :verify_participatory_process , only: [:index]
     def index
       authorize! :read, ParticipatoryProcess
     end
     def show
-      authorize! :read, participatory_process
+      authorize! :read, current_participatory_process
     end
     private
-    def current_participatory_process
-      participatory_process
-    end
-    def participatory_process
-      @participatory_process ||= ParticipatoryProcess.find(params[:id])
-    end
     def participatory_processes
       @participatory_processes ||= current_organization.participatory_processes.includes(:active_step).published
     end

data/app/forms/decidim/form.rb CHANGED

@@ -3,13 +3,13 @@ module Decidim
   # A base form object to hold common logic, like automatically adding as
   # public method the params sent as context by the `FormFactory` concern.
   class Form < Rectify::Form
-    attr_reader :current_organization, :current_user, :current_feature
+    delegate :current_organization,
+             :current_user,
+             :current_feature,
+             to: :context, prefix: false, allow_nil: true
-    def initialize(attributes = {})
-      @current_organization = attributes.delete("current_organization") || attributes.delete(:current_organization)
-      @current_user = attributes.delete("current_user") || attributes.delete(:current_user)
-      @current_feature = attributes.delete("current_feature") || attributes.delete(:current_feature)
-      super
+    def available_locales
+      current_organization&.available_locales
     end
   end
 end

data/app/forms/decidim/invite_admin_form.rb ADDED

@@ -0,0 +1,37 @@
+# frozen_string_literal: true
+module Decidim
+  # A form object used to invite admins to an organization.
+  #
+  class InviteAdminForm < Form
+    mimic :user
+    attribute :email, String
+    attribute :name, String
+    attribute :invitation_instructions, String
+    attribute :roles, Array[String]
+    attribute :organization, Decidim::Organization
+    attribute :invited_by, Decidim::User
+    validates :email, :name, :organization, :invitation_instructions, :roles, presence: true
+    validate :admin_uniqueness
+    def email
+      super&.downcase
+    end
+    def organization
+      super || current_organization
+    end
+    def invited_by
+      super || current_user
+    end
+    private
+    def admin_uniqueness
+      errors.add(:email, :taken) if organization.admins.where(email: email).exists?
+    end
+  end
+end

data/app/forms/decidim/omniauth_registration_form.rb ADDED

@@ -0,0 +1,24 @@
+# frozen_string_literal: true
+module Decidim
+  # A form object used to fisnish signup from omniauth data
+  class OmniauthRegistrationForm < Form
+    mimic :user
+    attribute :email, String
+    attribute :name, String
+    attribute :provider, String
+    attribute :uid, String
+    attribute :tos_agreement, Boolean
+    attribute :oauth_signature, String
+    validates :email, presence: true
+    validates :name, presence: true
+    validates :provider, presence: true
+    validates :uid, presence: true
+    def self.create_signature(provider, uid)
+      Digest::MD5.hexdigest("#{provider}-#{uid}-#{Rails.application.secrets.secret_key_base}")
+    end
+  end
+end

data/app/forms/decidim/registration_form.rb ADDED

@@ -0,0 +1,41 @@
+# frozen_string_literal: true
+module Decidim
+  # A form object used to handle user registrations
+  class RegistrationForm < Form
+    mimic :user
+    attribute :sign_up_as, String
+    attribute :name, String
+    attribute :email, String
+    attribute :password, String
+    attribute :password_confirmation, String
+    attribute :tos_agreement, Boolean
+    attribute :user_group_name, String
+    attribute :user_group_document_number, String
+    attribute :user_group_phone, String
+    validates :sign_up_as, inclusion: { in: %w(user user_group) }
+    validates :name, presence: true
+    validates :email, presence: true
+    validates :password, presence: true, confirmation: true
+    validates :tos_agreement, allow_nil: false, acceptance: true
+    validates :user_group_name, presence: true, if: :is_user_group?
+    validates :user_group_document_number, presence: true, if: :is_user_group?
+    validates :user_group_phone, presence: true, if: :is_user_group?
+    validate :email_unique_in_organization
+    def is_user_group?
+      sign_up_as == "user_group"
+    end
+    private
+    def email_unique_in_organization
+      errors.add :email, :taken if User.where(email: email, organization: current_organization).first.present?
+    end
+  end
+end

data/app/helpers/decidim/filters_helper.rb ADDED

@@ -0,0 +1,21 @@
+# frozen_string_literal: true
+module Decidim
+  # Helper that provides a single method to create filter resource forms
+  module FiltersHelper
+    # This method wraps everything in a div with class filters and calls
+    # the form_for helper with a custom builder
+    #
+    # filter - A filter object
+    # block  - A block to be called with the form builder
+    #
+    # Returns the filter resource form wrapped in a div
+    def filter_form_for(filter)
+      filters_container = content_tag :div, class: "filters" do
+        form_for filter, builder: FilterFormBuilder, url: url_for, as: :filter, method: :get, remote: true do |form|
+          yield form
+        end
+      end
+      filters_container + javascript_include_tag("decidim/filters")
+    end
+  end
+end

data/app/helpers/decidim/layout_helper.rb CHANGED

@@ -33,11 +33,27 @@ module Decidim
       html_properties["aria-label"] = options[:aria_label]
       html_properties["role"] = options[:role]
       html_properties["aria-hidden"] = options[:aria_hidden]
-      html_properties["class"] = "icon icon--#{name} #{options[:class]}"
+      icon_class = (options[:remove_icon_class] ? "" : "icon")
+      html_properties["class"] = "icon--#{name} #{icon_class} #{options[:class]}"
       content_tag :svg, html_properties do
         content_tag :use, nil, "xlink:href" => "#{asset_url("decidim/icons.svg")}#icon-#{name}"
       end
     end
+    # Outputs a SVG icon from an external file. It apparently renders an image
+    # tag, but then a JS script kicks in and replaces it with an inlined SVG
+    # version.
+    #
+    # path    - The asset's path
+    #
+    # Returns an <img /> tag with the SVG icon.
+    def external_icon(path)
+      # Ugly hack to prevent PhantomJS from freaking out with SVGs.
+      return content_tag(:span, "?", class: "external-svg", "data-src" => path) if Rails.env.test?
+      image_tag(path, class: "external-svg", style: "display: none")
+    end
   end
 end