RubyGems - decidim-core - Versions diffs - 0.0.1 → 0.0.2 - Mend

decidim-core 0.0.1 → 0.0.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (118) hide show

data/app/controllers/concerns/decidim/needs_participatory_process.rb CHANGED

@@ -19,14 +19,13 @@ module Decidim
       #
       # Returns the current ParticipatoryProcess.
       def current_participatory_process
-        @current_participatory_process ||=
-          current_organization.participatory_processes.find_by(id: params[:participatory_process_id])
+        @current_participatory_process ||= current_organization.participatory_processes.find_by(id: params[:participatory_process_id] || params[:id])
       end
       private
       def verify_participatory_process
-        raise ActionController::RoutingError, "Not Found" unless current_participatory_process
+        raise ActionController::RoutingError, "Participatory process not found." unless current_participatory_process
       end
     end
   end

data/app/controllers/decidim/devise/confirmations_controller.rb CHANGED

@@ -5,6 +5,8 @@ module Decidim
     class ConfirmationsController < ::Devise::ConfirmationsController
       include Decidim::NeedsOrganization
       include Decidim::LocaleSwitcher
+      helper Decidim::TranslationsHelper
       layout "layouts/decidim/application"
     end
   end

data/app/controllers/decidim/devise/invitations_controller.rb CHANGED

@@ -3,6 +3,10 @@ module Decidim
   module Devise
     # This controller customizes the behaviour of Devise::Invitiable.
     class InvitationsController < ::Devise::InvitationsController
+      include Decidim::NeedsOrganization
+      include Decidim::LocaleSwitcher
+      helper Decidim::TranslationsHelper
       # We don't users to create invitations, so we just redirect them to the
       # homepage.
       def authenticate_inviter!

data/app/controllers/decidim/devise/omniauth_registrations_controller.rb ADDED

@@ -0,0 +1,96 @@
+# frozen_string_literal: true
+module Decidim
+  module Devise
+    # This controller customizes the behaviour of Devise::Omniauthable.
+    class OmniauthRegistrationsController < ::Devise::OmniauthCallbacksController
+      include FormFactory
+      include Decidim::NeedsOrganization
+      include Decidim::LocaleSwitcher
+      helper Decidim::TranslationsHelper
+      layout "layouts/decidim/application"
+      def new
+        @form = form(OmniauthRegistrationForm).from_params(params[:user])
+      end
+      def create
+        form_params = user_params_from_oauth_hash || params[:user]
+        @form = form(OmniauthRegistrationForm).from_params(form_params)
+        @form.email ||= verified_email
+        CreateOmniauthRegistration.call(@form, verified_email) do
+          on(:ok) do |user|
+            if user.active_for_authentication?
+              sign_in_and_redirect user, event: :authentication
+              set_flash_message :notice, :success, kind: @form.provider.capitalize
+            else
+              expire_data_after_sign_in!
+              redirect_to root_path
+              flash[:notice] = t("devise.registrations.signed_up_but_unconfirmed")
+            end
+          end
+          on(:invalid) do
+            set_flash_message :notice, :success, kind: @form.provider.capitalize
+            render :new
+          end
+          on(:error) do
+            redirect_to decidim.new_user_registration_path
+            set_flash_message :alert, :failure, kind: @form.provider, reason: t("decidim.devise.omniauth_registrations.create.email_already_exists")
+          end
+        end
+      end
+      def after_sign_in_path_for(user)
+        if !pending_redirect?(user) && first_login_and_not_authorized?(user)
+          authorizations_path
+        else
+          super
+        end
+      end
+      # Calling the `stored_location_for` method removes the key, so in order
+      # to check if there's any pending redirect after login I need to call
+      # this method and use the value to set a pending redirect. This is the
+      # only way to do this without checking the session directly.
+      def pending_redirect?(user)
+        store_location_for(user, stored_location_for(user))
+      end
+      def first_login_and_not_authorized?(user)
+        user.is_a?(User) && user.sign_in_count == 1 && Decidim.authorization_handlers.any?
+      end
+      def action_missing(action_name)
+        return send(:create) if devise_mapping.omniauthable? && User.omniauth_providers.include?(action_name.to_sym)
+        raise AbstractController::ActionNotFound, "The action '#{action_name}' could not be found for Decidim::Devise::OmniauthCallbacksController"
+      end
+      private
+      def oauth_data
+        return {} unless request.env["omniauth.auth"]
+        @oauth_data ||= request.env["omniauth.auth"].slice(:provider, :uid, :info)
+      end
+      # Private: Create form params from omniauth hash
+      # Since we are using trusted omniauth data we are generating a valid signature.
+      def user_params_from_oauth_hash
+        return nil unless request.env["omniauth.auth"]
+        {
+          provider: oauth_data[:provider],
+          uid: oauth_data[:uid],
+          name: oauth_data[:info][:name],
+          oauth_signature: OmniauthRegistrationForm.create_signature(oauth_data[:provider], oauth_data[:uid])
+        }
+      end
+      def verified_email
+        @verified_email ||= oauth_data.dig(:info, :email)
+      end
+    end
+  end
+end

data/app/controllers/decidim/devise/passwords_controller.rb CHANGED

@@ -5,6 +5,8 @@ module Decidim
     class PasswordsController < ::Devise::PasswordsController
       include Decidim::NeedsOrganization
       include Decidim::LocaleSwitcher
+      helper Decidim::TranslationsHelper
       layout "layouts/decidim/application"
     end
   end

data/app/controllers/decidim/devise/registrations_controller.rb CHANGED

@@ -6,9 +6,43 @@ module Decidim
     class RegistrationsController < ::Devise::RegistrationsController
       include Decidim::NeedsOrganization
       include Decidim::LocaleSwitcher
+      include FormFactory
+      helper Decidim::TranslationsHelper
+      helper Decidim::OmniauthHelper
       layout "layouts/decidim/application"
       before_action :configure_permitted_parameters
+      def new
+        @form = form(RegistrationForm).from_params(
+          user: {
+            sign_up_as: "user"
+          }
+        )
+      end
+      def create
+        @form = form(RegistrationForm).from_params(params[:user])
+        CreateRegistration.call(@form) do
+          on(:ok) do |user|
+            if user.active_for_authentication?
+              set_flash_message! :notice, :signed_up
+              sign_up(:user, user)
+              respond_with user, location: after_sign_up_path_for(user)
+            else
+              set_flash_message! :notice, :"signed_up_but_#{user.inactive_message}"
+              expire_data_after_sign_in!
+              respond_with user, location: after_inactive_sign_up_path_for(user)
+            end
+          end
+          on(:invalid) do
+            render :new
+          end
+        end
+      end
       protected
       def configure_permitted_parameters

data/app/controllers/decidim/devise/sessions_controller.rb CHANGED

@@ -6,6 +6,7 @@ module Decidim
       include Decidim::NeedsOrganization
       include Decidim::LocaleSwitcher
       helper Decidim::TranslationsHelper
+      helper Decidim::OmniauthHelper
       layout "layouts/decidim/application"

data/app/controllers/decidim/pages_controller.rb CHANGED

@@ -11,14 +11,22 @@ module Decidim
     authorize_resource :public_pages, class: false
     delegate :page, to: :page_finder
-    helper_method :page, :participatory_processes
+    helper_method :page, :participatory_processes, :promoted_participatory_processes, :users
     def page_finder
       @page_finder ||= Decidim::PageFinder.new(params[:id], current_organization)
     end
+    def promoted_participatory_processes
+      @promoted_participatory_processes ||= participatory_processes.promoted
+    end
     def participatory_processes
-      @participatory_processes ||= current_organization.participatory_processes.includes(:active_step).published.promoted
+      @participatory_processes ||= current_organization.participatory_processes.includes(:active_step).published
+    end
+    def users
+      @users ||= Decidim::User.where(organization: current_organization)
     end
   end
 end

data/app/controllers/decidim/participatory_process_steps_controller.rb ADDED

@@ -0,0 +1,16 @@
+# frozen_string_literal: true
+require_dependency "decidim/application_controller"
+module Decidim
+  # A controller that holds the logic to show ParticipatoryProcessSteps in a
+  # public layout.
+  class ParticipatoryProcessStepsController < ApplicationController
+    helper_method :participatory_process, :current_participatory_process
+    layout "layouts/decidim/participatory_process", only: [:index]
+    include NeedsParticipatoryProcess
+    def index
+      authorize! :read, ParticipatoryProcess
+    end
+  end
+end

data/app/controllers/decidim/participatory_processes_controller.rb CHANGED

@@ -5,29 +5,24 @@ module Decidim
   # A controller that holds the logic to show ParticipatoryProcesses in a
   # public layout.
   class ParticipatoryProcessesController < ApplicationController
-    helper_method :participatory_processes, :participatory_process, :promoted_processes
-    helper_method :current_participatory_process
+    include NeedsParticipatoryProcess
     layout "layouts/decidim/participatory_process", only: [:show]
+    helper_method :participatory_processes, :promoted_processes
+    skip_after_action :verify_participatory_process , only: [:index]
     def index
       authorize! :read, ParticipatoryProcess
     end
     def show
-      authorize! :read, participatory_process
+      authorize! :read, current_participatory_process
     end
     private
-    def current_participatory_process
-      participatory_process
-    end
-    def participatory_process
-      @participatory_process ||= ParticipatoryProcess.find(params[:id])
-    end
     def participatory_processes
       @participatory_processes ||= current_organization.participatory_processes.includes(:active_step).published
     end

data/app/forms/decidim/form.rb CHANGED

@@ -3,13 +3,13 @@ module Decidim
   # A base form object to hold common logic, like automatically adding as
   # public method the params sent as context by the `FormFactory` concern.
   class Form < Rectify::Form
-    attr_reader :current_organization, :current_user, :current_feature
+    delegate :current_organization,
+             :current_user,
+             :current_feature,
+             to: :context, prefix: false, allow_nil: true
-    def initialize(attributes = {})
-      @current_organization = attributes.delete("current_organization") || attributes.delete(:current_organization)
-      @current_user = attributes.delete("current_user") || attributes.delete(:current_user)
-      @current_feature = attributes.delete("current_feature") || attributes.delete(:current_feature)
-      super
+    def available_locales
+      current_organization&.available_locales
     end
   end
 end

data/app/forms/decidim/invite_admin_form.rb ADDED

@@ -0,0 +1,37 @@
+# frozen_string_literal: true
+module Decidim
+  # A form object used to invite admins to an organization.
+  #
+  class InviteAdminForm < Form
+    mimic :user
+    attribute :email, String
+    attribute :name, String
+    attribute :invitation_instructions, String
+    attribute :roles, Array[String]
+    attribute :organization, Decidim::Organization
+    attribute :invited_by, Decidim::User
+    validates :email, :name, :organization, :invitation_instructions, :roles, presence: true
+    validate :admin_uniqueness
+    def email
+      super&.downcase
+    end
+    def organization
+      super || current_organization
+    end
+    def invited_by
+      super || current_user
+    end
+    private
+    def admin_uniqueness
+      errors.add(:email, :taken) if organization.admins.where(email: email).exists?
+    end
+  end
+end

data/app/forms/decidim/omniauth_registration_form.rb ADDED

@@ -0,0 +1,24 @@
+# frozen_string_literal: true
+module Decidim
+  # A form object used to fisnish signup from omniauth data
+  class OmniauthRegistrationForm < Form
+    mimic :user
+    attribute :email, String
+    attribute :name, String
+    attribute :provider, String
+    attribute :uid, String
+    attribute :tos_agreement, Boolean
+    attribute :oauth_signature, String
+    validates :email, presence: true
+    validates :name, presence: true
+    validates :provider, presence: true
+    validates :uid, presence: true
+    def self.create_signature(provider, uid)
+      Digest::MD5.hexdigest("#{provider}-#{uid}-#{Rails.application.secrets.secret_key_base}")
+    end
+  end
+end

data/app/forms/decidim/registration_form.rb ADDED

@@ -0,0 +1,41 @@
+# frozen_string_literal: true
+module Decidim
+  # A form object used to handle user registrations
+  class RegistrationForm < Form
+    mimic :user
+    attribute :sign_up_as, String
+    attribute :name, String
+    attribute :email, String
+    attribute :password, String
+    attribute :password_confirmation, String
+    attribute :tos_agreement, Boolean
+    attribute :user_group_name, String
+    attribute :user_group_document_number, String
+    attribute :user_group_phone, String
+    validates :sign_up_as, inclusion: { in: %w(user user_group) }
+    validates :name, presence: true
+    validates :email, presence: true
+    validates :password, presence: true, confirmation: true
+    validates :tos_agreement, allow_nil: false, acceptance: true
+    validates :user_group_name, presence: true, if: :is_user_group?
+    validates :user_group_document_number, presence: true, if: :is_user_group?
+    validates :user_group_phone, presence: true, if: :is_user_group?
+    validate :email_unique_in_organization
+    def is_user_group?
+      sign_up_as == "user_group"
+    end
+    private
+    def email_unique_in_organization
+      errors.add :email, :taken if User.where(email: email, organization: current_organization).first.present?
+    end
+  end
+end

data/app/helpers/decidim/filters_helper.rb ADDED

@@ -0,0 +1,21 @@
+# frozen_string_literal: true
+module Decidim
+  # Helper that provides a single method to create filter resource forms
+  module FiltersHelper
+    # This method wraps everything in a div with class filters and calls
+    # the form_for helper with a custom builder
+    #
+    # filter - A filter object
+    # block  - A block to be called with the form builder
+    #
+    # Returns the filter resource form wrapped in a div
+    def filter_form_for(filter)
+      filters_container = content_tag :div, class: "filters" do
+        form_for filter, builder: FilterFormBuilder, url: url_for, as: :filter, method: :get, remote: true do |form|
+          yield form
+        end
+      end
+      filters_container + javascript_include_tag("decidim/filters")
+    end
+  end
+end

data/app/helpers/decidim/layout_helper.rb CHANGED

@@ -33,11 +33,27 @@ module Decidim
       html_properties["aria-label"] = options[:aria_label]
       html_properties["role"] = options[:role]
       html_properties["aria-hidden"] = options[:aria_hidden]
-      html_properties["class"] = "icon icon--#{name} #{options[:class]}"
+      icon_class = (options[:remove_icon_class] ? "" : "icon")
+      html_properties["class"] = "icon--#{name} #{icon_class} #{options[:class]}"
       content_tag :svg, html_properties do
         content_tag :use, nil, "xlink:href" => "#{asset_url("decidim/icons.svg")}#icon-#{name}"
       end
     end
+    # Outputs a SVG icon from an external file. It apparently renders an image
+    # tag, but then a JS script kicks in and replaces it with an inlined SVG
+    # version.
+    #
+    # path    - The asset's path
+    #
+    # Returns an <img /> tag with the SVG icon.
+    def external_icon(path)
+      # Ugly hack to prevent PhantomJS from freaking out with SVGs.
+      return content_tag(:span, "?", class: "external-svg", "data-src" => path) if Rails.env.test?
+      image_tag(path, class: "external-svg", style: "display: none")
+    end
   end
 end