RubyGems - decidim-core - Versions diffs - 0.22.0 → 0.23.0 - Mend

decidim-core 0.22.0 → 0.23.0

Potentially problematic release.

This version of decidim-core might be problematic. Click here for more details.

Files changed (306) hide show

checksums.yaml +4 -4
data/app/assets/config/decidim_core_manifest.js +5 -0
data/app/assets/javascripts/decidim.js.es6 +2 -0
data/app/assets/javascripts/decidim/ajax_modals.js.es6 +3 -3
data/app/assets/javascripts/decidim/confirm.js.es6 +3 -2
data/app/assets/javascripts/decidim/core/bundle.js +1 -1
data/app/assets/javascripts/decidim/core/bundle.js.map +1 -1
data/app/assets/javascripts/decidim/diff_mode_dropdown.js.es6 +18 -4
data/app/assets/javascripts/decidim/editor.js.es6 +3 -3
data/app/assets/javascripts/decidim/geocoding.js.es6 +60 -0
data/app/assets/javascripts/decidim/geocoding/attach_input.js.es6 +106 -0
data/app/assets/javascripts/decidim/geocoding/format_address.js.es6 +29 -0
data/app/assets/javascripts/decidim/geocoding/provider/here.js.es6 +107 -0
data/app/assets/javascripts/decidim/geocoding/provider/photon.js.es6 +77 -0
data/app/assets/javascripts/decidim/map.js.es6 +34 -124
data/app/assets/javascripts/decidim/map/controller.js.es6 +92 -0
data/app/assets/javascripts/decidim/map/controller/markers.js.es6 +65 -0
data/app/assets/javascripts/decidim/map/controller/static.es6 +48 -0
data/app/assets/javascripts/decidim/map/factory.js.es6 +51 -0
data/app/assets/javascripts/decidim/map/icon.js.es6 +31 -0
data/app/assets/javascripts/decidim/map/legacy.js.es6 +87 -0
data/app/assets/javascripts/decidim/map/provider/default.js.es6 +22 -0
data/app/assets/javascripts/decidim/map/provider/here.js.es6 +22 -0
data/app/assets/javascripts/decidim/security/selfxss_warning.js.es6 +19 -0
data/app/assets/stylesheets/decidim/_decidim.scss +2 -0
data/app/assets/stylesheets/decidim/modules/_cards.scss +15 -0
data/app/assets/stylesheets/decidim/modules/_forms.scss +14 -0
data/app/assets/stylesheets/decidim/modules/_layout.scss +11 -3
data/app/assets/stylesheets/decidim/modules/_map.scss +35 -0
data/app/assets/stylesheets/decidim/modules/_progress-bar.scss +4 -0
data/app/assets/stylesheets/decidim/modules/_reveal.scss +5 -0
data/app/assets/stylesheets/decidim/modules/_status-labels.scss +2 -1
data/app/cells/decidim/author/flag.erb +1 -1
data/app/cells/decidim/author/profile_inline.erb +2 -2
data/app/cells/decidim/author_cell.rb +5 -2
data/app/cells/decidim/card_cell.rb +21 -7
data/app/cells/decidim/card_m/show.erb +1 -1
data/app/cells/decidim/card_m_cell.rb +6 -4
data/app/cells/decidim/collapsible_authors_cell.rb +1 -1
data/app/cells/decidim/diff/diff_mode_html.erb +5 -5
data/app/cells/decidim/follow_button/show.erb +6 -6
data/app/cells/decidim/follow_button_cell.rb +8 -0
data/app/cells/decidim/progress_bar/show.erb +11 -4
data/app/cells/decidim/progress_bar_cell.rb +20 -1
data/app/cells/decidim/translation_bar/show.erb +6 -0
data/app/cells/decidim/translation_bar_cell.rb +52 -0
data/app/cells/decidim/version_cell.rb +1 -1
data/app/cells/decidim/versions_list_cell.rb +1 -1
data/app/commands/decidim/amendable/accept.rb +9 -3
data/app/commands/decidim/amendable/create_draft.rb +2 -0
data/app/commands/decidim/amendable/update_draft.rb +2 -0
data/app/commands/decidim/attachment_methods.rb +12 -5
data/app/commands/decidim/destroy_account.rb +1 -0
data/app/commands/decidim/gallery_methods.rb +16 -9
data/app/commands/decidim/messaging/reply_to_conversation.rb +1 -1
data/app/commands/decidim/multiple_attachments_methods.rb +56 -0
data/app/controllers/concerns/decidim/devise_controllers.rb +1 -0
data/app/controllers/concerns/decidim/filter_resource.rb +24 -6
data/app/controllers/concerns/decidim/flaggable.rb +20 -0
data/app/controllers/concerns/decidim/force_authentication.rb +1 -0
data/app/controllers/concerns/decidim/impersonate_users.rb +1 -1
data/app/controllers/concerns/decidim/needs_snippets.rb +20 -0
data/app/controllers/concerns/decidim/paginable.rb +5 -1
data/app/controllers/concerns/decidim/withdrawable.rb +20 -0
data/app/controllers/decidim/application_controller.rb +16 -0
data/app/controllers/decidim/components/base_controller.rb +6 -1
data/app/controllers/decidim/cookie_policy_controller.rb +6 -3
data/app/controllers/decidim/messaging/conversations_controller.rb +5 -2
data/app/forms/decidim/account_form.rb +5 -1
data/app/forms/decidim/amendable/create_form.rb +1 -1
data/app/forms/decidim/amendable/form.rb +44 -3
data/app/forms/decidim/attachment_form.rb +5 -1
data/app/forms/decidim/user_group_form.rb +5 -1
data/app/helpers/decidim/cells_helper.rb +3 -15
data/app/helpers/decidim/check_boxes_tree_helper.rb +21 -12
data/app/helpers/decidim/cookies_helper.rb +1 -1
data/app/helpers/decidim/decidim_form_helper.rb +1 -1
data/app/helpers/decidim/filter_params_helper.rb +30 -0
data/app/helpers/decidim/map_helper.rb +86 -23
data/app/helpers/decidim/orders_helper.rb +6 -1
data/app/helpers/decidim/paginate_helper.rb +3 -1
data/app/helpers/decidim/scopes_helper.rb +4 -4
data/app/helpers/decidim/translations_helper.rb +7 -1
data/app/jobs/decidim/machine_translation_fields_job.rb +30 -0
data/app/jobs/decidim/machine_translation_resource_job.rb +113 -0
data/app/jobs/decidim/machine_translation_save_job.rb +33 -0
data/app/mailers/decidim/reported_mailer.rb +8 -1
data/app/models/decidim/action_log.rb +1 -1
data/app/models/decidim/area.rb +3 -0
data/app/models/decidim/area_type.rb +4 -0
data/app/models/decidim/attachment.rb +30 -2
data/app/models/decidim/attachment_collection.rb +3 -0
data/app/models/decidim/authorization.rb +3 -0
data/app/models/decidim/category.rb +4 -0
data/app/models/decidim/component.rb +7 -0
data/app/models/decidim/content_block.rb +11 -1
data/app/models/decidim/contextual_help_section.rb +4 -0
data/app/models/decidim/follow.rb +3 -1
data/app/models/decidim/messaging/message.rb +1 -1
data/app/models/decidim/moderation.rb +1 -1
data/app/models/decidim/newsletter.rb +3 -0
data/app/models/decidim/oauth_application.rb +2 -0
data/app/models/decidim/organization.rb +53 -9
data/app/models/decidim/scope.rb +4 -1
data/app/models/decidim/scope_type.rb +3 -0
data/app/models/decidim/share_token.rb +49 -0
data/app/models/decidim/static_page.rb +4 -1
data/app/models/decidim/static_page_topic.rb +3 -0
data/app/models/decidim/user_base_entity.rb +6 -2
data/app/permissions/decidim/permissions.rb +9 -0
data/app/presenters/decidim/log/base_presenter.rb +1 -1
data/app/presenters/decidim/log/value_types/default_presenter.rb +1 -1
data/app/presenters/decidim/official_author_presenter.rb +36 -0
data/app/presenters/decidim/resource_locator_presenter.rb +63 -12
data/app/queries/decidim/similar_emendations.rb +4 -4
data/app/scrubbers/decidim/user_input_scrubber.rb +1 -1
data/app/serializers/decidim/importers/participatory_space_components_importer.rb +1 -1
data/app/services/decidim/base_diff_renderer.rb +17 -0
data/app/services/decidim/open_data_exporter.rb +2 -0
data/app/services/decidim/resource_search.rb +95 -6
data/app/services/decidim/static_map_generator.rb +10 -26
data/app/uploaders/decidim/application_uploader.rb +15 -1
data/app/uploaders/decidim/attachment_uploader.rb +23 -17
data/app/uploaders/decidim/banner_image_uploader.rb +1 -1
data/app/uploaders/decidim/hero_image_uploader.rb +1 -1
data/app/uploaders/decidim/homepage_image_uploader.rb +1 -1
data/app/uploaders/decidim/image_uploader.rb +6 -2
data/app/uploaders/decidim/oauth_application_logo_uploader.rb +1 -1
data/app/uploaders/decidim/official_image_footer_uploader.rb +1 -1
data/app/uploaders/decidim/official_image_header_uploader.rb +1 -1
data/app/uploaders/decidim/organization_logo_uploader.rb +1 -1
data/app/uploaders/decidim/record_image_uploader.rb +15 -0
data/app/validators/etiquette_validator.rb +0 -7
data/app/validators/geocoding_validator.rb +9 -4
data/app/validators/passthru_validator.rb +111 -0
data/app/validators/scope_belongs_to_component_validator.rb +16 -0
data/app/validators/uploader_content_type_validator.rb +44 -0
data/app/views/decidim/authorization_modals/_content.html.erb +2 -2
data/app/views/decidim/devise/registrations/new.html.erb +3 -1
data/app/views/decidim/devise/sessions/new.html.erb +3 -1
data/app/views/decidim/messaging/conversations/_error_modal.html.erb +21 -0
data/app/views/decidim/messaging/conversations/error.js.erb +10 -0
data/app/views/decidim/notification_mailer/event_received.html.erb +2 -2
data/app/views/decidim/reported_mailer/report.html.erb +49 -3
data/app/views/decidim/scopes/_scopes_picker_input.html.erb +15 -14
data/app/views/decidim/searches/_filters.html.erb +1 -0
data/app/views/decidim/shared/_login_modal.html.erb +14 -3
data/app/views/decidim/shared/_static_map.html.erb +1 -1
data/app/views/layouts/decidim/_head.html.erb +2 -0
data/app/views/layouts/decidim/_js_configuration.html.erb +7 -1
data/config/locales/am-ET.yml +1 -0
data/config/locales/ar.yml +3 -4
data/config/locales/bg.yml +1508 -0
data/config/locales/ca.yml +35 -8
data/config/locales/cs.yml +34 -7
data/config/locales/da.yml +1 -0
data/config/locales/de.yml +23 -4
data/config/locales/el.yml +0 -4
data/config/locales/en.yml +30 -3
data/config/locales/eo.yml +92 -0
data/config/locales/es-MX.yml +28 -1
data/config/locales/es-PY.yml +28 -1
data/config/locales/es.yml +44 -17
data/config/locales/et.yml +1 -0
data/config/locales/eu.yml +3 -4
data/config/locales/fi-plain.yml +28 -1
data/config/locales/fi.yml +29 -2
data/config/locales/fr-CA.yml +32 -4
data/config/locales/fr.yml +61 -33
data/config/locales/ga-IE.yml +0 -8
data/config/locales/gl.yml +3 -4
data/config/locales/hr.yml +1 -0
data/config/locales/hu.yml +7 -4
data/config/locales/id-ID.yml +3 -4
data/config/locales/is-IS.yml +3 -9
data/config/locales/is.yml +463 -0
data/config/locales/it.yml +36 -8
data/config/locales/ja-JP.yml +25 -16
data/config/locales/ja.yml +1605 -0
data/config/locales/ko-KR.yml +1 -0
data/config/locales/ko.yml +1 -0
data/config/locales/lt.yml +1 -0
data/config/locales/{lv-LV.yml → lv.yml} +0 -4
data/config/locales/mt.yml +1 -0
data/config/locales/nl.yml +25 -3
data/config/locales/no.yml +133 -6
data/config/locales/om-ET.yml +1 -0
data/config/locales/pl.yml +88 -71
data/config/locales/pt-BR.yml +3 -4
data/config/locales/pt.yml +10 -4
data/config/locales/ro-RO.yml +10 -4
data/config/locales/ru.yml +3 -10
data/config/locales/sk.yml +3 -4
data/config/locales/sl.yml +8 -7
data/config/locales/so-SO.yml +1 -0
data/config/locales/sr-CS.yml +0 -7
data/config/locales/sv.yml +17 -6
data/config/locales/ti-ER.yml +1 -0
data/config/locales/tr-TR.yml +3 -4
data/config/locales/uk.yml +3 -11
data/config/locales/vi-VN.yml +1 -0
data/config/locales/vi.yml +1 -0
data/config/locales/zh-CN.yml +1584 -0
data/config/locales/zh-TW.yml +1 -0
data/db/migrate/20200525184143_add_enable_machine_translation_to_decidim_organizations.rb +7 -0
data/db/migrate/20200702073419_create_decidim_share_tokens.rb +16 -0
data/db/migrate/20200707132401_add_comments_max_length_to_decidim_organization.rb +7 -0
data/db/migrate/20200730142511_add_file_upload_settings_to_decidim_organizations.rb +36 -0
data/db/migrate/20200806092109_add_machine_translation_display_priority_to_organizations.rb +17 -0
data/db/migrate/20201004160335_remove_notifications_with_continuity_badge.rb +9 -0
data/db/seeds.rb +5 -4
data/lib/decidim/authorable.rb +22 -1
data/lib/decidim/authorization_form_builder.rb +7 -0
data/lib/decidim/coauthorable.rb +22 -0
data/lib/decidim/component_manifest.rb +1 -1
data/lib/decidim/content_processor.rb +52 -29
data/lib/decidim/content_renderers/base_renderer.rb +1 -1
data/lib/decidim/content_renderers/hashtag_renderer.rb +2 -0
data/lib/decidim/content_renderers/link_renderer.rb +4 -1
data/lib/decidim/content_renderers/user_group_renderer.rb +3 -1
data/lib/decidim/content_renderers/user_renderer.rb +3 -1
data/lib/decidim/core.rb +67 -12
data/lib/decidim/core/engine.rb +60 -21
data/lib/decidim/core/test.rb +6 -0
data/lib/decidim/core/test/factories.rb +34 -8
data/lib/decidim/core/test/shared_examples/amendable/accept_amendment_examples.rb +4 -4
data/lib/decidim/core/test/shared_examples/amendable_proposals_interface_examples.rb +8 -8
data/lib/decidim/core/test/shared_examples/comments_examples.rb +52 -1
data/lib/decidim/core/test/shared_examples/embed_resource_examples.rb +49 -0
data/lib/decidim/core/test/shared_examples/follows_examples.rb +3 -3
data/lib/decidim/core/test/shared_examples/manage_component_share_tokens.rb +83 -0
data/lib/decidim/core/test/shared_examples/map_examples.rb +186 -0
data/lib/decidim/core/test/shared_examples/preview_component_with_share_token_examples.rb +55 -0
data/lib/decidim/core/test/shared_examples/resource_search_examples.rb +200 -0
data/lib/decidim/core/test/shared_examples/scopable_resource_examples.rb +43 -0
data/lib/decidim/core/test/shared_examples/scope_helper_examples.rb +12 -1
data/lib/decidim/core/test/shared_examples/searchable_participatory_space_examples.rb +2 -2
data/lib/decidim/core/test/shared_examples/searchable_results_examples.rb +15 -2
data/lib/decidim/core/test/shared_examples/simple_event.rb +7 -0
data/lib/decidim/core/test/shared_examples/system_endorse_resource_examples.rb +1 -0
data/lib/decidim/core/test/shared_examples/traceable_interface_examples.rb +1 -1
data/lib/decidim/core/test/shared_examples/uncommentable_component_examples.rb +1 -1
data/lib/decidim/core/version.rb +1 -1
data/lib/decidim/diffy_extension.rb +21 -0
data/lib/decidim/events/base_event.rb +11 -9
data/lib/decidim/exporters.rb +7 -0
data/lib/decidim/exporters/csv.rb +15 -1
data/lib/decidim/exporters/excel.rb +1 -1
data/lib/decidim/exporters/export_manifest.rb +29 -0
data/lib/decidim/exporters/pdf.rb +56 -0
data/lib/decidim/file_validator_humanizer.rb +98 -0
data/lib/decidim/form_builder.rb +65 -54
data/lib/decidim/geocodable.rb +79 -0
data/lib/decidim/has_attachments.rb +10 -0
data/lib/decidim/has_upload_validations.rb +36 -0
data/lib/decidim/map.rb +214 -0
data/lib/decidim/map/autocomplete.rb +67 -0
data/lib/decidim/map/dynamic_map.rb +89 -0
data/lib/decidim/map/frontend.rb +97 -0
data/lib/decidim/map/geocoding.rb +115 -0
data/lib/decidim/map/provider.rb +12 -0
data/lib/decidim/map/provider/autocomplete/here.rb +20 -0
data/lib/decidim/map/provider/autocomplete/osm.rb +20 -0
data/lib/decidim/map/provider/dynamic_map/here.rb +51 -0
data/lib/decidim/map/provider/dynamic_map/osm.rb +13 -0
data/lib/decidim/map/provider/geocoding/here.rb +58 -0
data/lib/decidim/map/provider/geocoding/osm.rb +30 -0
data/lib/decidim/map/provider/here.rb +21 -0
data/lib/decidim/map/provider/osm.rb +22 -0
data/lib/decidim/map/provider/static_map/here.rb +35 -0
data/lib/decidim/map/provider/static_map/osm.rb +29 -0
data/lib/decidim/map/static_map.rb +133 -0
data/lib/decidim/map/utility.rb +38 -0
data/lib/decidim/organization_settings.rb +267 -0
data/lib/decidim/resource_manifest.rb +1 -1
data/lib/decidim/scopable.rb +9 -6
data/lib/decidim/scopable_component.rb +29 -1
data/lib/decidim/scopable_participatory_space.rb +19 -0
data/lib/decidim/scopable_resource.rb +21 -0
data/lib/decidim/search_resource_fields_mapper.rb +15 -2
data/lib/decidim/searchable.rb +4 -0
data/lib/decidim/settings_manifest.rb +2 -1
data/lib/decidim/shareable_with_token.rb +27 -0
data/lib/decidim/snippets.rb +30 -0
data/lib/decidim/translatable_attributes.rb +42 -4
data/lib/decidim/translatable_resource.rb +78 -0
data/lib/decidim/view_model.rb +1 -0
data/lib/tasks/decidim_locales_tasks.rake +35 -0
data/lib/tasks/decidim_tasks.rake +1 -0
data/vendor/assets/javascripts/datepicker-locales/foundation-datepicker.bg.js +14 -0
data/vendor/assets/javascripts/datepicker-locales/foundation-datepicker.da.js +14 -0
data/vendor/assets/javascripts/datepicker-locales/foundation-datepicker.eo.js +17 -0
data/vendor/assets/javascripts/datepicker-locales/foundation-datepicker.et.js +18 -0
data/vendor/assets/javascripts/datepicker-locales/foundation-datepicker.fr-CA.js +16 -0
data/vendor/assets/javascripts/datepicker-locales/foundation-datepicker.ga.js +15 -0
data/vendor/assets/javascripts/datepicker-locales/foundation-datepicker.hr.js +13 -0
data/vendor/assets/javascripts/datepicker-locales/foundation-datepicker.is.js +14 -0
data/vendor/assets/javascripts/datepicker-locales/foundation-datepicker.ja.js +16 -0
data/vendor/assets/javascripts/datepicker-locales/foundation-datepicker.lt.js +16 -0
data/vendor/assets/javascripts/datepicker-locales/foundation-datepicker.lv.js +17 -0
data/vendor/assets/javascripts/datepicker-locales/foundation-datepicker.mt.js +15 -0
data/vendor/assets/javascripts/datepicker-locales/foundation-datepicker.sl.js +14 -0
data/vendor/assets/javascripts/datepicker-locales/foundation-datepicker.sr.js +16 -0
metadata +138 -26
data/app/helpers/decidim/multi_translation_helper.rb +0 -0
data/lib/decidim/hashtaggable.rb +0 -24

data/app/models/decidim/static_page.rb CHANGED

@@ -10,6 +10,9 @@ module Decidim
   class StaticPage < ApplicationRecord
     include Decidim::Traceable
     include Decidim::Loggable
+    include Decidim::TranslatableResource
+    translatable_fields :title, :content
     belongs_to :organization, foreign_key: "decidim_organization_id", class_name: "Decidim::Organization", inverse_of: :static_pages
     belongs_to :topic, foreign_key: "topic_id", class_name: "Decidim::StaticPageTopic", optional: true
@@ -19,7 +22,7 @@ module Decidim
     # These pages will be created by default when registering an organization
     # and cannot be deleted.
-    DEFAULT_PAGES = %w(faq terms-and-conditions accessibility).freeze
+    DEFAULT_PAGES = %w(terms-and-conditions).freeze
     after_create :update_organization_tos_version
     before_destroy :can_be_destroyed?

data/app/models/decidim/static_page_topic.rb CHANGED

@@ -3,6 +3,9 @@
 module Decidim
   class StaticPageTopic < ApplicationRecord
     validates :title, presence: true
+    include Decidim::TranslatableResource
+    translatable_fields :title, :description
     default_scope { order(arel_table[:weight].asc) }

data/app/models/decidim/user_base_entity.rb CHANGED

@@ -11,15 +11,19 @@ module Decidim
     include Resourceable
     include Decidim::Followable
     include Decidim::Loggable
+    include Decidim::HasUploadValidations
     belongs_to :organization, foreign_key: "decidim_organization_id", class_name: "Decidim::Organization"
     has_many :notifications, foreign_key: "decidim_user_id", class_name: "Decidim::Notification", dependent: :destroy
     has_many :following_follows, foreign_key: "decidim_user_id", class_name: "Decidim::Follow", dependent: :destroy
-    validates :avatar, file_size: { less_than_or_equal_to: ->(_record) { Decidim.maximum_avatar_size } }
+    # Regex for name & nickname format validations
+    REGEXP_NAME = /\A(?!.*[<>?%&\^*#@\(\)\[\]\=\+\:\;\"\{\}\\\|])/.freeze
+    validates_avatar
     mount_uploader :avatar, Decidim::AvatarUploader
-    validates :name, :nickname, format: { with: /\A(?!.*[<>?%&\^*#@\(\)\[\]\=\+\:\;\"\{\}\\\|])/ }
+    validates :name, :nickname, format: { with: REGEXP_NAME }
     # Public: Returns a collection with all the entities this user is following.
     #

data/app/permissions/decidim/permissions.rb CHANGED

@@ -46,6 +46,7 @@ module Decidim
                     permission_action.action == :read
       return allow! if component.published?
+      return allow! if user_can_preview_component?
       return allow! if user_can_admin_component?
       return allow! if user_can_admin_component_via_space?
@@ -152,6 +153,14 @@ module Decidim
       allow! if permission_action.subject == :user_group_invitations
     end
+    def user_can_preview_component?
+      return allow! if context[:share_token].present? && Decidim::ShareToken.use!(token_for: component, token: context[:share_token])
+    rescue ActiveRecord::RecordNotFound
+      nil
+    rescue StandardError
+      nil
+    end
     def user_can_admin_component?
       new_permission_action = Decidim::PermissionAction.new(
         action: permission_action.action,

data/app/presenters/decidim/log/base_presenter.rb CHANGED

@@ -190,7 +190,7 @@ module Decidim
       def i18n_params
         {
           user_name: user_presenter.present,
-          resource_name: resource_presenter.present,
+          resource_name: resource_presenter.try(:present),
           space_name: space_presenter.present
         }
       end

data/app/presenters/decidim/log/value_types/default_presenter.rb CHANGED

@@ -16,7 +16,7 @@ module Decidim
       #
       # Check the other presenters in this folder for more examples.
       class DefaultPresenter
-        # value - the vakue to render, can be of any type.
+        # value - the value to render, can be of any type.
         # view_helpers - an object encapsulating all the view helpers,
         #   it will most likely come from the top of the chain.
         def initialize(value, view_helpers)

data/app/presenters/decidim/official_author_presenter.rb ADDED

@@ -0,0 +1,36 @@
+# frozen_string_literal: true
+module Decidim
+  #
+  # A dummy presenter to abstract out the author of an official resource.
+  #
+  class OfficialAuthorPresenter
+    def nickname
+      ""
+    end
+    def badge
+      ""
+    end
+    def profile_path
+      ""
+    end
+    def avatar_url
+      ActionController::Base.helpers.asset_path("decidim/default-avatar.svg")
+    end
+    def deleted?
+      false
+    end
+    def can_be_contacted?
+      false
+    end
+    def has_tooltip?
+      false
+    end
+  end
+end

data/app/presenters/decidim/resource_locator_presenter.rb CHANGED

@@ -2,6 +2,7 @@
 module Decidim
   # A presenter to get the url or path from a resource.
+  # resource - a record or array of nested records.
   class ResourceLocatorPresenter
     def initialize(resource)
       @resource = resource
@@ -26,7 +27,7 @@ module Decidim
     #
     # Returns a String.
     def url(options = {})
-      member_route("url", options.merge(host: resource.organization.host))
+      member_route("url", options.merge(host: root_resource.organization.host))
     end
     # Builds the index path to the associated collection of resources.
@@ -53,7 +54,9 @@ module Decidim
     #
     # Returns a String.
     def show(options = {})
-      admin_route_proxy.send("#{member_route_name}_path", resource, options)
+      options.merge!(options_for_polymorphic)
+      admin_route_proxy.send("#{member_route_name}_path", target, options)
     end
     # Builds the admin edit path to the resource.
@@ -62,53 +65,101 @@ module Decidim
     #
     # Returns a String.
     def edit(options = {})
-      admin_route_proxy.send("edit_#{member_route_name}_path", resource, options)
+      options.merge!(options_for_polymorphic)
+      admin_route_proxy.send("edit_#{member_route_name}_path", target, options)
     end
     private
+    def polymorphic?
+      resource.is_a? Array
+    end
+    def target
+      if polymorphic?
+        resource.last
+      else
+        resource
+      end
+    end
+    def root_resource
+      if polymorphic?
+        resource.first
+      else
+        resource
+      end
+    end
     # Private: Build the route to the resource.
     #
     # Returns a String.
     def member_route(route_type, options)
-      route_proxy.send("#{member_route_name}_#{route_type}", resource, options)
+      options.merge!(options_for_polymorphic)
+      route_proxy.send("#{member_route_name}_#{route_type}", target, options)
     end
     # Private: Build the route to the associated collection of resources.
     #
     # Returns a String.
     def collection_route(route_type, options)
+      options.merge!(options_for_polymorphic)
       route_proxy.send("#{collection_route_name}_#{route_type}", options)
     end
     def admin_collection_route(route_type, options)
+      options.merge!(options_for_polymorphic)
       admin_route_proxy.send("#{collection_route_name}_#{route_type}", options)
     end
-    def manifest
-      resource.try(:resource_manifest) ||
-        resource.class.try(:resource_manifest) ||
-        resource.class.try(:participatory_space_manifest)
+    def manifest_for(record)
+      record.try(:resource_manifest) ||
+        record.class.try(:resource_manifest) ||
+        record.class.try(:participatory_space_manifest)
     end
     def component
-      resource.component if resource.respond_to?(:component)
+      root_resource.try(:component)
     end
     def member_route_name
-      manifest.route_name
+      if polymorphic?
+        polymorphic_member_route_name
+      else
+        manifest_for(target).route_name
+      end
+    end
+    def polymorphic_member_route_name
+      return unless polymorphic?
+      resource.map { |record| manifest_for(record).route_name }.join("_")
     end
     def collection_route_name
       member_route_name.pluralize
     end
+    def options_for_polymorphic
+      return {} unless polymorphic?
+      parent_resources = {}
+      (resource - [target]).each do |parent|
+        parent_resources["#{manifest_for(parent).route_name}_id"] = parent.id
+      end
+      parent_resources
+    end
     def route_proxy
-      @route_proxy ||= EngineRouter.main_proxy(component || resource)
+      @route_proxy ||= EngineRouter.main_proxy(component || target)
     end
     def admin_route_proxy
-      @admin_route_proxy ||= EngineRouter.admin_proxy(component || resource)
+      @admin_route_proxy ||= EngineRouter.admin_proxy(component || target)
     end
   end
 end

data/app/queries/decidim/similar_emendations.rb CHANGED

@@ -30,8 +30,8 @@ module Decidim
                 .not_hidden
                 .where(
                   "GREATEST(#{title_similarity}, #{body_similarity}) >= ?",
-                  emendation.title,
-                  emendation.body,
+                  translated_attribute(emendation.title),
+                  translated_attribute(emendation.body),
                   amendable_module.similarity_threshold
                 )
                 .limit(amendable_module.similarity_limit)
@@ -46,11 +46,11 @@ module Decidim
     end
     def title_similarity
-      "similarity(title, ?)"
+      "similarity(title::text, ?)"
     end
     def body_similarity
-      "similarity(body, ?)"
+      "similarity(body::text, ?)"
     end
   end
 end

data/app/scrubbers/decidim/user_input_scrubber.rb CHANGED

@@ -21,7 +21,7 @@ module Decidim
     private
     def custom_allowed_attributes
-      Loofah::HTML5::SafeList::ALLOWED_ATTRIBUTES + %w(frameborder allowfullscreen)
+      Loofah::HTML5::SafeList::ALLOWED_ATTRIBUTES + %w(frameborder allowfullscreen) - %w(onerror)
     end
     def custom_allowed_tags

data/app/serializers/decidim/importers/participatory_space_components_importer.rb CHANGED

@@ -64,7 +64,7 @@ module Decidim
       end
       def override_step_settings_ids(attributes, step_settings)
-        return if step_settings.nil?
+        return unless @participatory_space.has_steps? && step_settings.present?
         @participatory_space.steps.each do |step|
           old_id = attributes["settings"]["steps"].keys.first

data/app/services/decidim/base_diff_renderer.rb CHANGED

@@ -59,6 +59,22 @@ module Decidim
       diff
     end
+    def parse_user_group_changeset(attribute, values, type, diff)
+      return unless diff
+      old_user_group = Decidim::UserGroup.find_by(id: values[0])
+      new_user_group = Decidim::UserGroup.find_by(id: values[1])
+      diff.update(
+        attribute => {
+          type: type,
+          label: I18n.t(attribute, scope: i18n_scope),
+          old_value: old_user_group ? translated_attribute(old_user_group.name) : "",
+          new_value: new_user_group ? translated_attribute(new_user_group.name) : ""
+        }
+      )
+    end
     def parse_scope_changeset(attribute, values, type, diff)
       return unless diff
@@ -79,6 +95,7 @@ module Decidim
       return parse_i18n_changeset(attribute, values, type, diff) if [:i18n, :i18n_html].include?(type)
       return parse_scope_changeset(attribute, values, type, diff) if type == :scope
+      return parse_user_group_changeset(attribute, values, type, diff) if type == :user_group
       diff.update(
         attribute => {

data/app/services/decidim/open_data_exporter.rb CHANGED

@@ -1,5 +1,7 @@
 # frozen_string_literal: true
+require "zip"
 module Decidim
   # Public: It generates a ZIP file with Open Data CSV files ready
   # to be uploaded somewhere so users can download an organization

data/app/services/decidim/resource_search.rb CHANGED

@@ -4,6 +4,8 @@ module Decidim
   # This is the base class to be used by other search services.
   # Searchlight documentation: https://github.com/nathanl/searchlight
   class ResourceSearch < Searchlight::Search
+    attr_reader :user, :organization, :component
     # Initialize the Searchlight::Search base class with the options provided.
     #
     # scope   - The scope used to create the base query
@@ -13,6 +15,31 @@ module Decidim
     def initialize(scope, options = {})
       super(options)
       @scope = scope
+      @user = options[:current_user] || options[:user]
+      @component = options[:component]
+      @organization = options[:organization] || component&.organization
+    end
+    # Public: Companion method to `search_search_text` which defines the
+    # attributes where we should search for text values in a model.
+    def self.text_search_fields(*fields)
+      @text_search_fields = fields if fields.any?
+      @text_search_fields
+    end
+    # Handle the search_text filter. We have to cast the JSONB columns
+    # into a `text` type so that we can search.
+    def search_search_text
+      return query unless self.class.text_search_fields.any?
+      fields = self.class.text_search_fields.dup
+      text_query = query.where(localized_search_text_in("#{query.model_name.plural}.#{fields.shift}"), text: "%#{search_text}%")
+      fields.each do |field|
+        text_query = text_query.or(query.where(localized_search_text_in("#{query.model_name.plural}.#{field}"), text: "%#{search_text}%"))
+      end
+      text_query
     end
     # Creates the SearchLight base query.
@@ -51,8 +78,65 @@ module Decidim
       query.includes(:scope).references(:decidim_scopes).where(conditions.join(" OR "), *clean_scope_ids.map(&:to_i))
     end
+    # Handle the origin filter.
+    def search_origin
+      renamed_origin = Array(origin).map do |search_value|
+        "#{search_value}_origin"
+      end
+      apply_scopes(%w(official_origin citizens_origin user_group_origin meeting_origin), renamed_origin)
+    end
+    # We overwrite the `results` method to ensure we only return unique
+    # results. We can't use `#uniq` because it returns an Array and we're
+    # adding scopes in the controller, and `#distinct` doesn't work here
+    # because in the later scopes we're ordering by `RANDOM()` in a DB level,
+    # and `SELECT DISTINCT` doesn't work with `RANDOM()` sorting, so we need
+    # to perform two queries.
+    #
+    # The correct behaviour is backed by tests.
+    def results
+      base_query.model.where(id: super.pluck(:id))
+    end
     private
+    # Private: To be used by classes that inherit from ResourceSearch.
+    #
+    # This method is useful when the values of the filters match the names of
+    # defined scopes in a model, it applies those scopes that are included in
+    # the search values.
+    #
+    # Example:
+    #   Consider you want to filter by state, and your model has an `open` and
+    #   a `closed` ActiveRecord scope.
+    #
+    #   def search_state
+    #     apply_scopes(%w(open closed), state)
+    #   end
+    #
+    #   In this scenario, the `state` variable has the input by the use, who
+    #   has selected which states they want to see. `states` here is an array
+    #   of strings.
+    #
+    # Returns an ActiveRecord::Relation.
+    def apply_scopes(scopes, search_values)
+      search_values = Array(search_values)
+      conditions = scopes.map do |scope|
+        search_values.member?(scope.to_s) ? query.try(scope) : nil
+      end.compact
+      return query unless conditions.any?
+      scoped_query = query.where(id: conditions.shift)
+      conditions.each do |condition|
+        scoped_query = scoped_query.or(query.where(id: condition))
+      end
+      scoped_query
+    end
     # Private: Creates an array of category ids.
     # It contains categories' subcategories ids as well.
     def all_category_ids
@@ -67,7 +151,7 @@ module Decidim
     # Private: Returns an array with checked category ids.
     def category_ids
-      [category_id].flatten
+      Array(category_id)
     end
     # Private: Returns an array with checked scope ids.
@@ -75,14 +159,19 @@ module Decidim
       if scope_id.is_a?(Hash)
         scope_id.values
       else
-        [scope_id].flatten
+        Array(scope_id)
       end
     end
-    # Private: Since component is not used by a search method we need
-    # to define the method manually.
-    def component
-      options[:component]
+    # Internal: builds the needed query to search for a text in the organization's
+    # available locales. Note that it is intended to be used as follows:
+    #
+    # Example:
+    #   Resource.where(localized_search_text_for(:title, text: "my_query"))
+    #
+    # The Hash with the `:text` key is required or it won't work.
+    def localized_search_text_in(field)
+      organization.available_locales.map { |l| "#{field} ->> '#{l}' ILIKE :text" }.join(" OR ")
     end
   end
 end