RubyGems - decidim-core - Versions diffs - 0.10.1 → 0.11.0.pre1 - Mend

decidim-core 0.10.1 → 0.11.0.pre1

Files changed (269) hide show

data/app/cells/decidim/card_cell.rb ADDED Viewed

@@ -0,0 +1,29 @@
+# frozen_string_literal: true
+module Decidim
+  # This cell renders the card of the given instance of a Component
+  # delegated to the components' cell if specified in the manifest
+  # otherwise a primary cell wil be shown.
+  class CardCell < Decidim::ViewModel
+    property :body
+    property :title
+    def show
+      if resource_cell?
+        cell(resource_cell, model, options)
+      else
+        render :show
+      end
+    end
+    private
+    def resource_cell?
+      resource_cell.present?
+    end
+    def resource_cell
+      @resource_cell ||= model.component.manifest.card
+    end
+  end
+end

data/app/cells/decidim/profile/profile_inline.erb ADDED Viewed

@@ -0,0 +1,21 @@
+<span class="author__avatar author__avatar--small">
+  <%= image_tag model.avatar_url %>
+</span>
+<% if model.deleted? %>
+  <span class="label label--small label--basic">
+    <%= t("decidim.profile.deleted") %>
+  </span>
+<% else %>
+  <span class="author__name"><%= model.name %></span>
+  <% if model.badge.present? %>
+    <span class="author__badge">
+      <%= icon model.badge %>
+    </span>
+  <% end %>
+  <% if model.nickname.present? %>
+    <span class="author__nickname"><%= model.nickname %></span>
+  <% end %>
+<% end %>

data/app/cells/decidim/profile/show.erb ADDED Viewed

@@ -0,0 +1,13 @@
+<div class="author author--inline">
+  <% if model.profile_path.present? %>
+    <%= link_to model.profile_path do %>
+      <%= render :profile_inline %>
+    <% end %>
+  <% else %>
+    <%= render :profile_inline %>
+  <% end %>
+  <% if model.profile_path.present? %>
+    <%= link_to_current_or_new_conversation_with(model) %>
+  <% end %>
+</div>

data/app/cells/decidim/profile_cell.rb ADDED Viewed

@@ -0,0 +1,17 @@
+# frozen_string_literal: true
+module Decidim
+  # This cell renders the avatar, name and nickname of
+  # the given user or user group, and adds some links
+  # to potential actions on the given profile.
+  class ProfileCell < Decidim::ViewModel
+    include LayoutHelper
+    include Messaging::ConversationHelper
+    def show
+      render
+    end
+    delegate :user_signed_in?, :current_user, to: :parent_controller
+  end
+end

data/app/commands/decidim/create_omniauth_registration.rb CHANGED Viewed

@@ -55,6 +55,7 @@ module Decidim
         @user.email_on_notification = true
         @user.password = generated_password
         @user.password_confirmation = generated_password
+        @user.remote_avatar_url = form.avatar_url if form.avatar_url.present?
         @user.skip_confirmation! if verified_email
       end
@@ -75,11 +76,11 @@ module Decidim
     end
     def existing_identity
-      @existing_identity ||= Identity.where(
+      @existing_identity ||= Identity.find_by(
         user: organization.users,
         provider: form.provider,
         uid: form.uid
-      ).first
+      )
     end
     def verify_oauth_signature!

data/app/commands/decidim/create_report.rb CHANGED Viewed

@@ -85,7 +85,7 @@ module Decidim
     end
     def participatory_space
-      @participatory_space ||= @reportable.feature.participatory_space
+      @participatory_space ||= @reportable.component.participatory_space
     end
   end
 end

data/app/commands/decidim/invite_user.rb CHANGED Viewed

@@ -27,7 +27,9 @@ module Decidim
     attr_reader :form
     def user
+      # rubocop:disable Rails/FindBy
       @user ||= Decidim::User.where(organization: form.organization).where(email: form.email.downcase).first
+      # rubocop:enable Rails/FindBy
     end
     def update_user

data/app/constraints/decidim/current_component.rb ADDED Viewed

@@ -0,0 +1,41 @@
+# frozen_string_literal: true
+module Decidim
+  # This class infers the current component we're scoped to by looking at the
+  # request parameters and injects it into the environment.
+  class CurrentComponent
+    # Public: Initializes the class.
+    #
+    # manifest - The manifest of the component to check against.
+    def initialize(manifest)
+      @manifest = manifest
+    end
+    # Public: Matches the request against a component and injects it into the
+    #         environment.
+    #
+    # request - The request that holds the current component relevant information.
+    #
+    # Returns a true if the request matched, false otherwise
+    def matches?(request)
+      env = request.env
+      @participatory_space = env["decidim.current_participatory_space"]
+      return false unless @participatory_space
+      current_component(env, request.params) ? true : false
+    end
+    private
+    def current_component(env, params)
+      env["decidim.current_component"] ||= detect_current_component(params)
+    end
+    def detect_current_component(params)
+      @participatory_space.components.find do |component|
+        params["component_id"] == component.id.to_s && component.manifest_name == @manifest.name.to_s
+      end
+    end
+  end
+end

data/app/controllers/concerns/decidim/action_authorization.rb CHANGED Viewed

@@ -10,10 +10,10 @@ module Decidim
       helper_method :authorize_action_path, :action_authorization
     end
-    # Public: Authorizes an action of a feature given an action name.
+    # Public: Authorizes an action of a component given an action name.
     #
     # action_name  - The action name to authorize. Actions are set up on the
-    #                feature's permissions panel.
+    #                component's permissions panel.
     # redirect_url - Url to be redirected to when the authorization is finished.
     def authorize_action!(action_name, redirect_url: nil)
       status = action_authorization(action_name)
@@ -49,7 +49,7 @@ module Decidim
     end
     def _action_authorizer(action_name)
-      ::Decidim::ActionAuthorizer.new(current_user, current_feature, action_name)
+      ::Decidim::ActionAuthorizer.new(current_user, current_component, action_name)
     end
     class Unauthorized < StandardError; end

data/app/controllers/concerns/decidim/devise_controllers.rb CHANGED Viewed

@@ -10,8 +10,9 @@ module Decidim
     included do
       include Decidim::NeedsOrganization
       include Decidim::LocaleSwitcher
+      include ImpersonateUsers
       include NeedsAuthorization
       skip_authorization_check
       helper Decidim::TranslationsHelper

data/app/controllers/concerns/decidim/filter_resource.rb CHANGED Viewed

@@ -62,7 +62,7 @@ module Decidim
       def context_params
         {
-          feature: current_feature,
+          component: current_component,
           current_user: current_user
         }
       end

data/app/controllers/concerns/decidim/form_factory.rb CHANGED Viewed

@@ -72,7 +72,7 @@ module Decidim
           def context
             {
               current_organization: @controller.try(:current_organization),
-              current_feature: @controller.try(:current_feature),
+              current_component: @controller.try(:current_component),
               current_user: @controller.try(:current_user),
               current_participatory_space: @controller.try(:current_participatory_space)
             }

data/app/controllers/concerns/decidim/impersonate_users.rb CHANGED Viewed

@@ -10,7 +10,7 @@ module Decidim
     included do
       before_action :check_impersonation_log_expired
-      helper_method :impersonation_session_ends_at, :impersonation_session_remaining_duration_in_minutes
+      helper_method :impersonation_session_ends_at, :impersonation_session_remaining_duration_in_minutes, :current_user_impersonated?
       alias_method :real_user, :current_user
@@ -29,6 +29,10 @@ module Decidim
       private
+      def current_user_impersonated?
+        current_user && impersonation_log.present?
+      end
       # Returns the managed user impersonated by an admin if exists
       def managed_user
         return unless can_impersonate_users?
@@ -42,7 +46,7 @@ module Decidim
         expired_log.ended_at = Time.current
         expired_log.save!
         flash[:alert] = I18n.t("managed_users.expired_session", scope: "decidim")
-        redirect_to decidim_admin.managed_users_path
+        redirect_to decidim_admin.impersonatable_users_path
       end
       # Gets the ability instance for the real user logged in.

data/app/controllers/concerns/decidim/needs_authorization.rb CHANGED Viewed

@@ -24,9 +24,9 @@ module Decidim
       def ability_context
         {
           current_settings: try(:current_settings),
-          feature_settings: try(:feature_settings),
+          component_settings: try(:component_settings),
           current_organization: try(:current_organization),
-          current_feature: try(:current_feature)
+          current_component: try(:current_component)
         }
       end

data/app/controllers/concerns/decidim/participatory_space_context.rb CHANGED Viewed

@@ -56,5 +56,20 @@ module Decidim
     def layout
       current_participatory_space_manifest.context(current_participatory_space_context).layout
     end
+    # Method for current user can visit the space (assembly or proces)
+    def current_user_can_visit_space?
+      (current_participatory_space.try(:private_space?) &&
+       current_participatory_space.users.include?(current_user)) ||
+        !current_participatory_space.try(:private_space?) ||
+        (current_participatory_space.try(:private_space?) &&
+        current_participatory_space.try(:is_transparent?))
+    end
+    def check_current_user_can_visit_space
+      return if current_user_can_visit_space?
+      flash[:alert] = I18n.t("participatory_space_private_users.not_allowed", scope: "decidim")
+      redirect_to action: "index"
+    end
   end
 end

data/app/controllers/concerns/decidim/settings.rb CHANGED Viewed

@@ -4,19 +4,19 @@ require "active_support/concern"
 module Decidim
   # This concern groups methods and helpers related to accessing the settings
-  # of a feature from a controller.
+  # of a component from a controller.
   module Settings
     extend ActiveSupport::Concern
     included do
-      helper_method :feature_settings, :current_settings
+      helper_method :component_settings, :current_settings
-      def feature_settings
-        @feature_settings ||= current_feature.settings
+      def component_settings
+        @component_settings ||= current_component.settings
       end
       def current_settings
-        @current_settings ||= current_feature.current_settings
+        @current_settings ||= current_component.current_settings
       end
     end
   end

data/app/controllers/decidim/application_controller.rb CHANGED Viewed

@@ -17,8 +17,9 @@ module Decidim
     helper Decidim::CookiesHelper
     helper Decidim::AriaSelectedLinkToHelper
     helper Decidim::MenuHelper
-    helper Decidim::FeaturePathHelper
+    helper Decidim::ComponentPathHelper
     helper Decidim::ViewHooksHelper
+    helper Decidim::CardHelper
     # Saves the location before loading each page so we can return to the
     # right page.

data/app/controllers/decidim/{features → components}/base_controller.rb RENAMED Viewed

@@ -1,8 +1,8 @@
 # frozen_string_literal: true
 module Decidim
-  module Features
-    # Controller from which all feature engines inherit from. It's in charge of
+  module Components
+    # Controller from which all component engines inherit from. It's in charge of
     # setting the appropiate layout, including necessary helpers, and overall
     # fooling the engine into thinking it's isolated.
     class BaseController < Decidim::ApplicationController
@@ -23,35 +23,43 @@ module Decidim
       helper Decidim::AttachmentsHelper
       helper Decidim::SanitizeHelper
-      helper_method :current_feature,
+      helper_method :current_component,
                     :current_participatory_space,
                     :current_manifest
       skip_authorize_resource
       before_action do
-        authorize! :read, current_feature
+        authorize! :read, current_component
       end
+      before_action :redirect_unless_feature_private
       def current_participatory_space
         request.env["decidim.current_participatory_space"]
       end
-      def current_feature
-        request.env["decidim.current_feature"]
+      deprecate current_feature: "current_feature is deprecated and will be removed from Decidim's next release"
+      def current_component
+        request.env["decidim.current_component"]
       end
+      alias current_feature current_component
       def current_manifest
-        @current_manifest ||= current_feature.manifest
+        @current_manifest ||= current_component.manifest
       end
       def ability_context
         super.merge(
           current_manifest: current_manifest,
           current_settings: current_settings,
-          feature_settings: feature_settings
+          component_settings: component_settings
         )
       end
+      def redirect_unless_feature_private
+        raise ActionController::RoutingError, "Not Found" unless current_user_can_visit_space?
+      end
     end
   end
 end

data/app/controllers/decidim/devise/omniauth_registrations_controller.rb CHANGED Viewed

@@ -13,6 +13,7 @@ module Decidim
       def create
         form_params = user_params_from_oauth_hash || params[:user]
         @form = form(OmniauthRegistrationForm).from_params(form_params)
         @form.email ||= verified_email
@@ -84,7 +85,8 @@ module Decidim
           uid: oauth_data[:uid],
           name: oauth_data[:info][:name],
           nickname: oauth_data[:info][:nickname],
-          oauth_signature: OmniauthRegistrationForm.create_signature(oauth_data[:provider], oauth_data[:uid])
+          oauth_signature: OmniauthRegistrationForm.create_signature(oauth_data[:provider], oauth_data[:uid]),
+          avatar_url: oauth_data[:info][:image]
         }
       end

data/app/controllers/decidim/devise/registrations_controller.rb CHANGED Viewed

@@ -8,8 +8,6 @@ module Decidim
       include FormFactory
       include Decidim::DeviseControllers
-      helper_method :terms_and_conditions_page
       before_action :configure_permitted_parameters
       helper_method :terms_and_conditions_page
@@ -48,7 +46,7 @@ module Decidim
       private
       def terms_and_conditions_page
-        @terms_and_conditions_page ||= Decidim::StaticPage.find_by(slug: "terms-and-conditions")
+        @terms_and_conditions_page ||= Decidim::StaticPage.find_by(slug: "terms-and-conditions", organization: current_organization)
       end
       protected

data/app/controllers/decidim/doorkeeper/authorizations_controller.rb ADDED Viewed

@@ -0,0 +1,16 @@
+# frozen_string_literal: true
+module Decidim
+  module Doorkeeper
+    # Custom Doorkeeper AuthorizationsController to avoid namespace problems.
+    class AuthorizationsController < ::Doorkeeper::AuthorizationsController
+      skip_authorization_check
+      helper_method :oauth_application
+      def oauth_application
+        @oauth_application ||= Decidim::OAuthApplication.find_by(uid: params[:client_id])
+      end
+    end
+  end
+end

data/app/controllers/decidim/doorkeeper/credentials_controller.rb ADDED Viewed

@@ -0,0 +1,46 @@
+# frozen_string_literal: true
+module Decidim
+  module Doorkeeper
+    # A controller to expose a simple JSON API so OAuth clients can get the user's information.
+    class CredentialsController < ApplicationController
+      skip_authorization_check
+      before_action :doorkeeper_authorize!
+      respond_to :json
+      def me
+        respond_with public_data
+      end
+      private
+      def public_data
+        {
+          id: current_resource_owner.id,
+          email: current_resource_owner.email,
+          name: current_resource_owner.name,
+          nickname: current_resource_owner.nickname,
+          image: avatar_url
+        }
+      end
+      def current_resource_owner
+        @current_resource_owner ||= Decidim::User.find(doorkeeper_token.resource_owner_id) if doorkeeper_token
+      end
+      def avatar_url
+        avatar_url = current_resource_owner.avatar_url
+        return unless avatar_url
+        unless avatar_url.match?(%r{/https?://})
+          request_uri = URI.parse(request.url)
+          request_uri.path = avatar_url
+          request_uri.query = nil
+          avatar_url = request_uri.to_s
+        end
+        avatar_url
+      end
+    end
+  end
+end

data/app/controllers/decidim/doorkeeper/token_info_controller.rb ADDED Viewed

@@ -0,0 +1,9 @@
+# frozen_string_literal: true
+module Decidim
+  module Doorkeeper
+    # Custom Doorkeeper TokenInfoController to avoid namespace problems.
+    class TokenInfoController < ::Doorkeeper::TokenInfoController
+    end
+  end
+end

data/app/controllers/decidim/doorkeeper/tokens_controller.rb ADDED Viewed

@@ -0,0 +1,9 @@
+# frozen_string_literal: true
+module Decidim
+  module Doorkeeper
+    # Custom Doorkeeper TokensController to avoid namespace problems.
+    class TokensController < ::Doorkeeper::TokensController
+    end
+  end
+end

data/app/controllers/decidim/widgets_controller.rb CHANGED Viewed

@@ -21,7 +21,7 @@ module Decidim
     private
     def current_participatory_space
-      @current_participatory_space ||= model.feature.participatory_space
+      @current_participatory_space ||= model.component.participatory_space
     end
     def iframe_url

data/app/forms/decidim/follow_form.rb CHANGED Viewed

@@ -14,7 +14,7 @@ module Decidim
     end
     def follow
-      @follow ||= Decidim::Follow.where(user: current_user, followable: followable).first
+      @follow ||= Decidim::Follow.find_by(user: current_user, followable: followable)
     end
   end
 end

data/app/forms/decidim/form.rb CHANGED Viewed

@@ -6,7 +6,7 @@ module Decidim
   class Form < Rectify::Form
     delegate :current_organization,
              :current_user,
-             :current_feature,
+             :current_component,
              :current_participatory_space,
              to: :context, prefix: false, allow_nil: true

data/app/forms/decidim/omniauth_registration_form.rb CHANGED Viewed

@@ -12,6 +12,7 @@ module Decidim
     attribute :uid, String
     attribute :tos_agreement, Boolean
     attribute :oauth_signature, String
+    attribute :avatar_url, String
     validates :email, presence: true
     validates :name, presence: true

data/app/forms/decidim/registration_form.rb CHANGED Viewed

@@ -41,22 +41,22 @@ module Decidim
     private
     def email_unique_in_organization
-      errors.add :email, :taken if User.where(email: email, organization: current_organization).first.present?
+      errors.add :email, :taken if User.find_by(email: email, organization: current_organization).present?
     end
     def nickname_unique_in_organization
-      errors.add :nickname, :taken if User.where(nickname: nickname, organization: current_organization).first.present?
+      errors.add :nickname, :taken if User.find_by(nickname: nickname, organization: current_organization).present?
     end
     def user_group_name_unique_in_organization
-      errors.add :user_group_name, :taken if UserGroup.where(name: user_group_name, decidim_organization_id: current_organization.id).first.present?
+      errors.add :user_group_name, :taken if UserGroup.find_by(name: user_group_name, decidim_organization_id: current_organization.id).present?
     end
     def user_group_document_number_unique_in_organization
-      errors.add :user_group_document_number, :taken if UserGroup.where(
+      errors.add :user_group_document_number, :taken if UserGroup.find_by(
         document_number: user_group_document_number,
         decidim_organization_id: current_organization.id
-      ).first.present?
+      ).present?
     end
   end
 end

data/app/helpers/decidim/card_helper.rb ADDED Viewed

@@ -0,0 +1,16 @@
+# frozen_string_literal: true
+module Decidim
+  # Helpers related to icons
+  module CardHelper
+    # Public: Returns a card given an instance of a Component.
+    #
+    # model - The component instance to generate the card for.
+    # options - a Hash with options, for the size of the card
+    #
+    # Returns an HTML.
+    def card_for(model, options = {})
+      cell "decidim/card", model, options
+    end
+  end
+end

data/app/helpers/decidim/component_path_helper.rb ADDED Viewed

@@ -0,0 +1,36 @@
+# frozen_string_literal: true
+module Decidim
+  # A helper to get the root path for a component.
+  module ComponentPathHelper
+    # Returns the defined root path for a given component.
+    #
+    # component - the Component we want to find the root path for.
+    #
+    # Returns a relative url.
+    def main_component_path(component)
+      current_params = try(:params) || {}
+      EngineRouter.main_proxy(component).root_path(locale: current_params[:locale])
+    end
+    # Returns the defined root url for a given component.
+    #
+    # component - the Component we want to find the root path for.
+    #
+    # Returns an absolute url.
+    def main_component_url(component)
+      current_params = try(:params) || {}
+      EngineRouter.main_proxy(component).root_url(locale: current_params[:locale])
+    end
+    # Returns the defined admin root path for a given component.
+    #
+    # component - the Component we want to find the root path for.
+    #
+    # Returns a relative url.
+    def manage_component_path(component)
+      current_params = try(:params) || {}
+      EngineRouter.admin_proxy(component).root_path(locale: current_params[:locale])
+    end
+  end
+end