decidim-core 0.11.2 → 0.12.0.pre

data/lib/decidim/core/test.rb

@@ -21,3 +21,5 @@ require "decidim/core/test/shared_examples/user_localised_email_examples"
 require "decidim/core/test/shared_examples/follows_examples"
 require "decidim/core/test/shared_examples/simple_event"
 require "decidim/core/test/shared_examples/component_type"
+require "decidim/core/test/shared_examples/fingerprint_examples"
+require "decidim/core/test/shared_examples/searchable_results_examples"

data/lib/decidim/core/test/factories.rb

@@ -69,6 +69,14 @@ FactoryBot.define do
     official_url { Faker::Internet.url }
     highlighted_content_banner_enabled false
     enable_omnipresent_banner false
+    tos_version { Time.current }
+
+    trait :with_tos do
+      after(:create) do |organization|
+        tos_page = Decidim::StaticPage.find_by(slug: "terms-and-conditions", organization: organization)
+        create(:static_page, :tos, organization: organization) if tos_page.nil?
+      end
+    end
   end
 
   factory :user, class: "Decidim::User" do
@@ -84,6 +92,13 @@ FactoryBot.define do
     personal_url { Faker::Internet.url }
     about { Faker::Lorem.paragraph(2) }
 
+    after(:create) do |user|
+      tos_page = Decidim::StaticPage.find_by(slug: "terms-and-conditions", organization: user.organization)
+      create(:static_page, :tos, organization: user.organization) if tos_page.nil?
+      user.accepted_tos_version = user.organization.tos_version
+      user.save
+    end
+
     trait :confirmed do
       confirmed_at { Time.current }
     end
@@ -125,7 +140,7 @@ FactoryBot.define do
   end
 
   factory :user_group, class: "Decidim::UserGroup" do
-    name { Faker::Educator.course }
+    name { Faker::Educator.unique.course }
     document_number { Faker::Number.number(8) + "X" }
     phone { Faker::PhoneNumber.phone_number }
     avatar { Decidim::Dev.test_file("avatar.jpg", "image/jpeg") }
@@ -189,6 +204,10 @@ FactoryBot.define do
     trait :default do
       slug { Decidim::StaticPage::DEFAULT_PAGES.sample }
     end
+
+    trait :tos do
+      slug { "terms-and-conditions" }
+    end
   end
 
   factory :attachment_collection, class: "Decidim::AttachmentCollection" do
@@ -274,6 +293,7 @@ FactoryBot.define do
     title { generate(:name) }
     component { create(:component, manifest_name: "dummy") }
     author { create(:user, :confirmed, organization: component.organization) }
+    scope { create(:scope, organization: component.organization) }
   end
 
   factory :resource_link, class: "Decidim::ResourceLink" do
@@ -286,10 +306,8 @@ FactoryBot.define do
     author { build(:user, :confirmed, organization: organization) }
     organization
 
-    # rubocop:disable RSpec/EmptyLineAfterSubject
-    # Bug in rubocop-rspec
     subject { Decidim::Faker::Localized.sentence(3) }
-    # rubocop:enable RSpec/EmptyLineAfterSubject
+
     body { Decidim::Faker::Localized.wrapped("<p>", "</p>") { Decidim::Faker::Localized.sentence(4) } }
 
     trait :sent do
@@ -396,4 +414,16 @@ FactoryBot.define do
     created_at { Time.zone.now }
     scopes { "public" }
   end
+
+  factory :searchable_resource, class: "Decidim::SearchableResource" do
+    resource { build(:dummy_resource) }
+    resource_id { resource.id }
+    resource_type { resource.class.name }
+    organization { resource.component.organization }
+    decidim_participatory_space { resource.component.participatory_space }
+    locale { I18n.locale }
+    scope { resource.scope }
+    content_a { Faker::Lorem.sentence }
+    datetime { DateTime.current }
+  end
 end

data/lib/decidim/core/test/shared_examples/fingerprint_examples.rb

@@ -0,0 +1,15 @@
+# frozen_string_literal: true
+
+shared_examples "fingerprint" do
+  include_context("with a component")
+
+  it "shows a fingerprint" do
+    visit(resource_locator(fingerprintable).path)
+    click_link("Check fingerprint")
+
+    within ".fingerprint-dialog" do
+      expect(page).to(have_content(fingerprintable.fingerprint.value))
+      expect(page).to(have_content(fingerprintable.fingerprint.source))
+    end
+  end
+end

data/lib/decidim/core/test/shared_examples/searchable_results_examples.rb

@@ -0,0 +1,27 @@
+# frozen_string_literal: true
+
+shared_examples "searchable results" do
+  let(:organization) { create(:organization) }
+
+  before do
+    switch_to_host(organization.host)
+    visit decidim.root_path
+  end
+
+  context "when searching for indexed searchables" do
+    before do
+      expect(searchables).not_to be_empty
+      expect(term).not_to be_empty
+
+      fill_in "term", with: term
+      find("input#term").native.send_keys :enter
+    end
+
+    it "contains these searchables" do
+      expect(page).to have_current_path decidim.search_path, ignore_query: true
+      expect(page).to have_content(/results for the search: "#{term}"/i)
+      expect(page).to have_selector(".filters__section")
+      expect(page.find("#results-count").text.to_i).to be_positive
+    end
+  end
+end

data/lib/decidim/core/version.rb

@@ -4,7 +4,7 @@ module Decidim
   # This holds the decidim-core version.
   module Core
     def self.version
-      "0.11.2"
+      "0.12.0.pre"
     end
   end
 end

data/lib/decidim/events/base_event.rb

@@ -6,6 +6,7 @@ module Decidim
     # add more logic to a `Decidim::Notification` and are used to render them in the
     # notifications dashboard and to generate other notifications (emails, for example).
     class BaseEvent
+      extend ActiveModel::Translation
       include Decidim::TranslatableAttributes
 
       class_attribute :types
@@ -67,12 +68,15 @@ module Decidim
       # event to decide based on the params.
       #
       # It returns false when the resource or any element in the chain is a
-      # `Decidim::Publicable` and it isn't published.
+      # `Decidim::Publicable` and it isn't published or participatory_space
+      # is a `Decidim::Participable` and the user can't participate.
       def notifiable?
         return false if resource.is_a?(Decidim::Publicable) && !resource.published?
         return false if participatory_space.is_a?(Decidim::Publicable) && !participatory_space&.published?
         return false unless component&.published?
 
+        return false if participatory_space.is_a?(Decidim::Participable) && !participatory_space.can_participate?(user)
+
         true
       end
 

data/lib/decidim/fingerprint_calculator.rb

@@ -0,0 +1,42 @@
+# frozen_string_literal: true
+
+require "digest"
+
+module Decidim
+  # This class will generate a unique fingerprint given an arbitrarily deep hash,
+  # ensuring that the same fingerprint will be generated regardless of ordering and
+  # whether keys are symbols or strings.
+  #
+  class FingerprintCalculator
+    # Public: Initializes the class with a source data to be fingerprinted.
+    def initialize(data)
+      @data = data
+    end
+
+    # Public: Generates a fingerprint hash.
+    #
+    # Returns a String with the fingerprint.
+    def value
+      @value ||= Digest::SHA256.hexdigest(source)
+    end
+
+    # Public: Returns the fingerprint source *before* hashing, so that it can be
+    # inspected by the user.
+    #
+    # Returns a String with the JSON representation of the normalized data.
+    def source
+      @source ||= JSON.generate(sort_hash(@data))
+    end
+
+    private
+
+    def sort_hash(hash)
+      return hash unless hash.is_a?(Hash)
+
+      Hash[
+        hash.map { |key, value| [key, sort_hash(value)] }
+            .sort_by { |key, _value| key }
+      ]
+    end
+  end
+end

data/lib/decidim/fingerprintable.rb

@@ -0,0 +1,63 @@
+# frozen_string_literal: true
+
+require "active_support/concern"
+
+module Decidim
+  # This module adds support functionality to be able to generate a unique fingerprint
+  # from a model, given some fields. Its goal is to provide a way to give an informal
+  # "receipt" to a user to they can detect tampering.
+  #
+  module Fingerprintable
+    extend ActiveSupport::Concern
+
+    class_methods do
+      attr_reader :fingerprint_options
+
+      # Public: Configures fingerprinting for this model.
+      #
+      # fields - An `Array` of `symbols` specifying the fields that will be part of
+      #          the fingerprint generation.
+      # block  - (optional) When provided, it's given an instance of the model as a
+      #          parameter so the fingerprint can be generated in runtime.
+      #
+      # Returns nothing.
+      def fingerprint(fields: nil, &block)
+        @fingerprint_options = {}
+
+        if block_given?
+          @fingerprint_options[:block] = block
+        else
+          raise "You must provide a set of fields to generate the fingerprint." unless fields
+          @fingerprint_options[:fields] = fields
+        end
+      end
+    end
+
+    # Public: Returns an instance of `FingerprintCalculator` containing the fingerprint.
+    #
+    # Example:
+    #
+    #    model.fingerprint.value  # Returns the fingerprint as a String
+    #    model.fingerprint.source # Returns the source String (usually a json) from which
+    #                             # the fingerprint is generated.
+    def fingerprint
+      @fingerprint ||= FingerprintCalculator.new(fingerprint_data)
+    end
+
+    private
+
+    def fingerprint_data
+      options = self.class.fingerprint_options
+
+      if options[:block]
+        options[:block].call(self)
+      elsif options[:fields]
+        options[:fields].each_with_object({}) do |field, result|
+          result[field] = send(field)
+        end
+      else
+        raise "Fingerprinting needs to be set up via the `fingerprint` class method."
+      end
+    end
+  end
+end

data/lib/decidim/form_builder.rb

@@ -229,6 +229,7 @@ module Decidim
       picker_options[:class] += " is-invalid-input" if error?(attribute)
 
       items = object.send(attribute).collect { |item| [item, yield(item)] }
+
       template = ""
       template += label(attribute, label_for(attribute) + required_for_attribute(attribute)) unless options[:label] == false
       template += @template.render("decidim/widgets/data_picker", picker_options: picker_options, prompt_params: prompt_params, items: items)

data/lib/decidim/manifest_registry.rb

@@ -21,16 +21,10 @@ module Decidim
     end
 
     def find(name)
-      manifests.find { |manifest| manifest.name == name }
-    end
-
-    def resource_manifests
-      @resource_manifests ||= manifests.flat_map(&:resource_manifests)
-    end
-
-    def find_resource_manifest(resource_name_or_klass)
-      resource_manifests.find do |manifest|
-        manifest.model_class == resource_name_or_klass || manifest.name.to_s == resource_name_or_klass.to_s
+      manifests.find do |manifest|
+        manifest.try(:model_class_name) == name.to_s ||
+          manifest.name.to_s == name.to_s ||
+          manifest.name.to_s.pluralize == name.to_s
       end
     end
 

data/lib/decidim/participable.rb

@@ -64,6 +64,10 @@ module Decidim
       def manifest
         self.class.participatory_space_manifest
       end
+
+      def can_participate?(_user)
+        true
+      end
     end
 
     class_methods do

data/lib/decidim/participatory_space_manifest.rb

@@ -28,6 +28,18 @@ module Decidim
     # engine's assets path.
     attribute :icon, String
 
+    # The name of the class that handles the permissions for this space. It will
+    # probably have the form of `Decidim::<MySpace>::Permissions`.
+    attribute :permissions_class_name, String, default: "Decidim::DefaultPermissions"
+
+    # The cell path to use to render the card of a resource.
+    attribute :card, String
+
+    # A path with the `scss` stylesheet this engine provides. It is used to
+    # mix this engine's stylesheets with the main app's stylesheets so it can
+    # use the scss variables and mixins provided by Decidim::Core.
+    attribute :stylesheet, String, default: nil
+
     validates :name, presence: true
 
     # A context used to set the layout and behavior of a participatory space. Full documentation can
@@ -67,6 +79,7 @@ module Decidim
     #
     # Returns nothing.
     def seed!
+      print "Creating seeds for the #{name} space...\n" unless Rails.env.test?
       @seeds&.call
     end
 
@@ -85,5 +98,28 @@ module Decidim
     def participatory_spaces(&block)
       @participatory_spaces ||= block
     end
+
+    # Public: Finds the permission class from its name, using the
+    # `permissions_class_name` attribute. If the class does not exist,
+    # it raises an exception. If the class name is not set, it returns nil.
+    #
+    # Returns a Class.
+    def permissions_class
+      permissions_class_name&.constantize
+    end
+
+    # Public: Registers a resource. Exposes a DSL defined by
+    # `Decidim::ResourceManifest`.
+    #
+    # Resource manifests are a way to expose a resource from one engine to
+    # the whole system. This way resources can be linked between them.
+    #
+    # name - A name for that resource. Should be singular (ie not plural).
+    # block - A Block that will be called to set the Resource attributes.
+    #
+    # Returns nothing.
+    def register_resource(name, &block)
+      Decidim.register_resource(name, &block)
+    end
   end
 end

data/lib/decidim/participatory_space_resourceable.rb

@@ -26,6 +26,8 @@ module Decidim
       # An association with all the links that are originated from this model.
       has_many :participatory_space_resource_links_from, as: :from, class_name: "Decidim::ParticipatorySpaceLink"
 
+      delegate :resource_manifest, to: :class
+
       # Finds all the linked resources to or from this model for a given resource
       # name and link name.
       #
@@ -76,5 +78,14 @@ module Decidim
         end
       end
     end
+
+    class_methods do
+      # Finds the resource manifest for the model.
+      #
+      # Returns a Decidim::ResourceManifest
+      def resource_manifest
+        Decidim.find_resource_manifest(self)
+      end
+    end
   end
 end

data/lib/decidim/resource_manifest.rb

@@ -8,7 +8,7 @@ module Decidim
   # used directly, you should use `register_resource` inside a component.
   #
   # Example:
-  #   component.register_resource do |resource|
+  #   component.register_resource(:my_model) do |resource|
   #     resource.model_class = Decidim::MyEngine::MyModel
   #     resource.template    = "decidim/myengine/myengine/linked_models"
   #   end
@@ -30,19 +30,25 @@ module Decidim
     # When not explicitly set, it will use the model name.
     attribute :route_name, String
 
-    # The template to use to render the collection of a resource.
+    # The template to use to render the collection of the resource.
     attribute :template, String
 
-    validates :component_manifest, :model_class_name, :route_name, presence: true
+    # The main card to render an instance of the resource.
+    attribute :card, String
+
+    validates :model_class_name, :route_name, :name, presence: true
 
     # Finds an ActiveRecord::Relation of the resource `model_class`, scoped to the
     # given component. This way you can find resources from another engine without
-    # actually coupling both engines.
+    # actually coupling both engines. If no `component_manifest` is set for this
+    # manifest, it returns an empty collection.
     #
     # component - a Decidim::Component
     #
     # Returns an ActiveRecord::Relation.
     def resource_scope(component)
+      return model_class.none unless component_manifest
+
       component_ids = Decidim::Component.where(participatory_space: component.participatory_space, manifest_name: component_manifest.name).pluck(:id)
       return model_class.none if component_ids.empty?
 
@@ -57,13 +63,6 @@ module Decidim
       model_class_name.constantize
     end
 
-    # The name of the resource we are exposing.
-    #
-    # Returns a String.
-    def name
-      super || model_class_name.demodulize.underscore.pluralize.to_sym
-    end
-
     # The name of the named Rails route to create the url to the resource.
     #
     # Returns a String.