decidim-core 0.23.5 → 0.24.2

data/lib/decidim/metric_operation.rb

@@ -36,12 +36,11 @@ module Decidim
     # With 'metric_operation' and 'metric_name':
     #   - Returns a single manifest related to that two params
     def for(metric_operation, metric_name = nil)
-      list = if metric_name
-               all.find { |manifest| manifest.metric_operation == metric_operation.to_s && manifest.metric_name == metric_name.to_s }
-             else
-               all.find_all { |manifest| manifest.metric_operation == metric_operation.to_s }
-             end
-      list
+      if metric_name
+        all.find { |manifest| manifest.metric_operation == metric_operation.to_s && manifest.metric_name == metric_name.to_s }
+      else
+        all.find_all { |manifest| manifest.metric_operation == metric_operation.to_s }
+      end
     end
 
     def all

data/lib/decidim/participatory_space_resourceable.rb

@@ -54,9 +54,7 @@ module Decidim
         manifest = Decidim.find_participatory_space_manifest(participatory_space_name)
         return self.class.none unless manifest
 
-        scope = manifest.participatory_spaces.call(organization)
-
-        scope
+        manifest.participatory_spaces.call(organization)
       end
 
       # Links the given resources to this model, replaces any previous links with the same name.

data/lib/decidim/query_extensions.rb

@@ -1,8 +1,5 @@
 # frozen_string_literal: true
 
-require "decidim/api/component_interface"
-require "decidim/api/participatory_space_interface"
-
 module Decidim
   # This module's job is to extend the API with custom fields related to
   # decidim-core.
@@ -12,91 +9,115 @@ module Decidim
     # type - A GraphQL::BaseType to extend.
     #
     # Returns nothing.
-    def self.define(type)
-      Decidim.participatory_space_manifests.each do |participatory_space_manifest|
-        type.field participatory_space_manifest.name.to_s.camelize(:lower),
-                   type: type.types[participatory_space_manifest.query_type.constantize],
-                   description: "Lists all #{participatory_space_manifest.name}",
-                   function: participatory_space_manifest.query_list.constantize.new(manifest: participatory_space_manifest)
-
-        type.field participatory_space_manifest.name.to_s.singularize.camelize(:lower),
-                   type: participatory_space_manifest.query_type.constantize,
-                   description: "Finds a #{participatory_space_manifest.name.to_s.singularize}",
-                   function: participatory_space_manifest.query_finder.constantize.new(manifest: participatory_space_manifest)
+    def self.included(type)
+      type.field :participatory_processes,
+                 [Decidim::ParticipatoryProcesses::ParticipatoryProcessType],
+                 null: true,
+                 description: "Lists all participatory_processes" do
+        argument :filter, Decidim::ParticipatoryProcesses::ParticipatoryProcessInputFilter, "This argument let's you filter the results", required: false
+        argument :order, Decidim::ParticipatoryProcesses::ParticipatoryProcessInputSort, "This argument let's you order the results", required: false
       end
 
-      type.field :component, Decidim::Core::ComponentInterface do
-        description "Lists the components this space contains."
-        argument :id, !types.ID, "The ID of the component to be found"
+      type.field :participatory_process,
+                 Decidim::ParticipatoryProcesses::ParticipatoryProcessType,
+                 null: true,
+                 description: "Finds a participatory_process" do
+        argument :id, GraphQL::Types::ID, "The ID of the participatory space", required: false
+        argument :slug, String, "The slug of the participatory process", required: false
+      end
 
-        resolve lambda { |_, args, ctx|
-                  component = Decidim::Component.published.find_by(id: args[:id])
-                  component&.organization == ctx[:current_organization] ? component : nil
-                }
+      type.field :component, Decidim::Core::ComponentInterface, null: true do
+        description "Lists the components this space contains."
+        argument :id, GraphQL::Types::ID, required: true, description: "The ID of the component to be found"
       end
 
-      type.field :session do
-        type Core::SessionType
-        description "Return's information about the logged in user"
+      type.field :session, Core::SessionType, description: "Return's information about the logged in user", null: true
 
-        resolve lambda { |_obj, _args, ctx|
-          ctx[:current_user]
-        }
-      end
+      type.field :decidim, Core::DecidimType, "Decidim's framework properties.", null: true
+
+      type.field :organization, Core::OrganizationType, "The current organization", null: true
 
-      type.field :decidim, Core::DecidimType, "Decidim's framework properties." do
-        resolve ->(_obj, _args, _ctx) { Decidim }
+      type.field :hashtags, [Core::HashtagType], null: true, description: "The hashtags for current organization" do
+        argument :name, GraphQL::Types::String, "The name of the hashtag", required: false
       end
 
-      type.field :organization, Core::OrganizationType, "The current organization" do
-        resolve ->(_obj, _args, ctx) { ctx[:current_organization] }
+      type.field :metrics, type: [Decidim::Core::MetricType], null: true do
+        argument :names, [GraphQL::Types::String], "The names of the metrics you want to retrieve", camelize: false, required: false
+        argument :space_type, GraphQL::Types::String, "The type of ParticipatorySpace you want to filter with", camelize: false, required: false
+        argument :space_id, GraphQL::Types::Int, "The ID of ParticipatorySpace you want to filter with", camelize: false, required: false
       end
 
-      type.field :hashtags do
-        type types[Core::HashtagType]
-        description "The hashtags for current organization"
-        argument :name, types.String, "The name of the hashtag"
+      type.field :user,
+                 type: Core::AuthorInterface, null: true,
+                 description: "A participant (user or group) in the current organization" do
+        argument :id, GraphQL::Types::ID, "The ID of the participant", required: false
+        argument :nickname, GraphQL::Types::String, "The @nickname of the participant", required: false
+      end
 
-        resolve lambda { |_obj, args, ctx|
-          Decidim::HashtagsResolver.new(ctx[:current_organization], args[:name]).hashtags
-        }
+      type.field :users,
+                 type: [Core::AuthorInterface], null: true,
+                 description: "The participants (users or groups) for the current organization" do
+        argument :order, Decidim::Core::UserEntityInputSort, "Provides several methods to order the results", required: false
+        argument :filter, Decidim::Core::UserEntityInputFilter, "Provides several methods to filter the results", required: false
       end
+    end
 
-      type.field :metrics do
-        type types[Decidim::Core::MetricType]
-        argument :names, types[types.String], "The names of the metrics you want to retrieve"
-        argument :space_type, types.String, "The type of ParticipatorySpace you want to filter with"
-        argument :space_id, types.Int, "The ID of ParticipatorySpace you want to filter with"
-
-        resolve lambda { |_, args, ctx|
-                  manifests = if args[:names].blank?
-                                Decidim.metrics_registry.all
-                              else
-                                Decidim.metrics_registry.all.select do |manifest|
-                                  args[:names].include?(manifest.metric_name.to_s)
-                                end
-                              end
-                  filters = {}
-                  if args[:space_type].present? && args[:space_id].present?
-                    filters[:participatory_space_type] = args[:space_type]
-                    filters[:participatory_space_id] = args[:space_id]
-                  end
+    def participatory_processes(filter: {}, order: {})
+      manifest = Decidim.participatory_space_manifests.select { |m| m.name == :participatory_processes }.first
+      Decidim::Core::ParticipatorySpaceListBase.new(manifest: manifest).call(object, { filter: filter, order: order }, context)
+    end
+
+    def participatory_process(id: nil, slug: nil)
+      manifest = Decidim.participatory_space_manifests.select { |m| m.name == :participatory_processes }.first
+      Decidim::Core::ParticipatorySpaceFinderBase.new(manifest: manifest).call(object, { id: id, slug: slug }, context)
+    end
+
+    def component(id: {})
+      component = Decidim::Component.published.find_by(id: id)
+      component&.organization == context[:current_organization] ? component : nil
+    end
+
+    def session
+      context[:current_user]
+    end
+
+    def decidim
+      Decidim
+    end
+
+    def organization
+      context[:current_organization]
+    end
 
-                  manifests.map do |manifest|
-                    Decidim::Core::MetricResolver.new(manifest.metric_name, ctx[:current_organization], filters)
+    def hashtags(name: nil)
+      Decidim::HashtagsResolver.new(context[:current_organization], name).hashtags
+    end
+
+    def metrics(names: [], space_type: nil, space_id: nil)
+      manifests = if names.blank?
+                    Decidim.metrics_registry.all
+                  else
+                    Decidim.metrics_registry.all.select do |manifest|
+                      names.include?(manifest.metric_name.to_s)
+                    end
                   end
-                }
+      filters = {}
+      if space_type.present? && space_id.present?
+        filters[:participatory_space_type] = space_type
+        filters[:participatory_space_id] = space_id
       end
 
-      type.field :user,
-                 type: Core::AuthorInterface,
-                 description: "A participant (user or group) in the current organization",
-                 function: Core::UserEntityFinder.new
+      manifests.map do |manifest|
+        Decidim::Core::MetricResolver.new(manifest.metric_name, context[:current_organization], filters)
+      end
+    end
 
-      type.field :users,
-                 type: type.types[Core::AuthorInterface],
-                 description: "The participants (users or groups) for the current organization",
-                 function: Core::UserEntityList.new
+    def user(id: nil, nickname: nil)
+      Core::UserEntityFinder.new.call(object, { id: id, nickname: nickname }, context)
+    end
+
+    def users(filter: {}, order: {})
+      Core::UserEntityList.new.call(object, { filter: filter, order: order }, context)
     end
   end
 end

data/lib/decidim/randomable.rb

@@ -12,7 +12,12 @@ module Decidim
       def order_randomly(seed)
         transaction do
           connection.execute("SELECT setseed(#{connection.quote(seed)})")
-          order(Arel.sql("RANDOM()")).load
+          # Include the record IDs as a base number for the order calculation
+          # in order to avoid PostgreSQL random ordering when the records are
+          # updated. PostgreSQL can randomly change the base ordering in case
+          # the records are changed which is not desired as we want consistent
+          # orders for the records.
+          order(arel_table[primary_key] * Arel.sql("RANDOM()")).load
         end
       end
     end

data/lib/decidim/record_encryptor.rb

@@ -0,0 +1,149 @@
+# frozen_string_literal: true
+
+require "active_support/concern"
+
+module Decidim
+  # A concern that provides attribute encryption e.g. to active record models.
+  #
+  # Use this e.g. in models as follows:
+  #
+  # class Example < ApplicationRecord
+  #   include Decidim::RecordEncryptor
+  #
+  #   encrypt_attribute :name, type: :string
+  #   encrypt_attribute :metadata, type: :hash
+  # end
+  module RecordEncryptor
+    extend ActiveSupport::Concern
+
+    included do
+      # Store the encrypted attributes in a class accessor
+      cattr_accessor :encrypted_attributes
+
+      before_save :ensure_encrypted_attributes if respond_to?(:before_save)
+    end
+
+    class_methods do
+      # Public: Defines an attribute that should be encrypted
+      def encrypt_attribute(attribute, type:)
+        self.encrypted_attributes ||= []
+        raise "The attribute #{attribute} is already defined as encrypted" if encrypted_attributes.include?(attribute)
+
+        encrypted_attributes << attribute
+
+        # Defines the suffix for the encrypt and decrypt methods. E.g. when
+        # the `type` is `:hash`, method `decrypt_hash_values` would be called
+        # for decryption and `encrypt_hash_values` would be called for
+        # encryption.
+        method_suffix = begin
+          case type
+          when :hash
+            "hash_values"
+          else
+            "value"
+          end
+        end
+
+        # Dynamically defines the getter and setter for the encrypted attribute.
+        # E.g. when called as `encrypt_attribute :name, type: :string`, this
+        # would define the following methods:
+        #
+        #   def name
+        #     decrypt_value(super)
+        #   end
+        #
+        #   def name=(value)
+        #     super(encrypt_value(value))
+        #   end
+        class_eval <<-RUBY, __FILE__, __LINE__ + 1
+          def #{attribute}
+            return @#{attribute}_decrypted if instance_variable_defined?(:@#{attribute}_decrypted)
+
+            encrypted_value = begin
+              if defined?(super)
+                super
+              elsif instance_variable_defined?(:@#{attribute})
+                @#{attribute}
+              end
+            end
+            @#{attribute}_decrypted = decrypt_#{method_suffix}(encrypted_value)
+          end
+
+          def #{attribute}=(value)
+            remove_instance_variable(:@#{attribute}_decrypted) if instance_variable_defined?(:@#{attribute}_decrypted)
+            encrypted_value = encrypt_#{method_suffix}(value)
+
+            if defined?(super)
+              super(encrypted_value)
+            else
+              @#{attribute} = encrypted_value
+            end
+          end
+        RUBY
+      end
+    end
+
+    private
+
+    # Re-assign the encrypted attributes before save so they are also saved when
+    # they are modified without calling the accessors. This could happen e.g.
+    # for hashes which are modified directly as follows:
+    #
+    #  record = Example.find(1)
+    #  record.metadata["foo"] = "bar"
+    #  record.save!
+    #
+    # This will also clear the cached attributes during saving so that next time
+    # they are accessed, they will be updated according to the stored values.
+    def ensure_encrypted_attributes
+      self.class.encrypted_attributes.each do |attr|
+        send("#{attr}=", send(attr))
+      end
+    end
+
+    def decrypt_value(value)
+      Decidim::AttributeEncryptor.decrypt(value)
+    rescue ActiveSupport::MessageEncryptor::InvalidMessage, ActiveSupport::MessageVerifier::InvalidSignature
+      # Support for legacy unencrypted values. This is necessary e.g. when
+      # migrating the original unencrypted values to encrypted values.
+      value
+    end
+
+    def encrypt_value(value)
+      Decidim::AttributeEncryptor.encrypt(value)
+    end
+
+    def decrypt_hash_values(hash)
+      return hash unless hash.is_a?(Hash)
+
+      hash.transform_values do |value|
+        # If the value is not a String, it is likely a legacy unencrypted hash
+        # value. Also, `ActiveSupport::JSON.decode` expects the value passed to
+        # it to be a String. Otherwise it would raise a TypeError.
+        next value unless value.is_a?(String)
+
+        decrypted_value = decrypt_value(value)
+
+        # When handling legacy unencrypted hash values, the decrypted values
+        # could not be valid JSON strings. They could be normal strings that
+        # cannot be JSON decoded.
+        begin
+          ActiveSupport::JSON.decode(decrypted_value)
+        rescue TypeError
+          ""
+        rescue JSON::ParserError
+          decrypted_value
+        end
+      end
+    end
+
+    def encrypt_hash_values(hash)
+      return hash unless hash.is_a?(Hash)
+
+      # The values are stored in JSON encoded format in order to match the
+      # PostgreSQL adapter's default functionality as you can see at:
+      # https://git.io/JkdYJ
+      hash.transform_values { |value| encrypt_value(ActiveSupport::JSON.encode(value)) }
+    end
+  end
+end

data/lib/decidim/reportable.rb

@@ -42,6 +42,32 @@ module Decidim
       def reported_content_url
         raise NotImplementedError
       end
+
+      # Public: The collection of attribute names that are considered
+      #         to be reportable.
+      def reported_attributes
+        raise NotImplementedError
+      end
+
+      # Public: An `Array` of `String` that will be concatenated to
+      #         the reported searchable content. This content is used
+      #         in the admin dashboard to filter moderations.
+      def reported_searchable_content_extras
+        []
+      end
+
+      # Public: The reported searchable content in a text format so
+      #         moderations can be filtered by content.
+      def reported_searchable_content_text
+        reported_searchable_content_extras.concat(
+          reported_attributes.map do |attribute_name|
+            attribute_value = attributes.with_indifferent_access[attribute_name]
+            next attribute_value.values.join("\n") if attribute_value.is_a? Hash
+
+            attribute_value
+          end
+        ).join("\n")
+      end
     end
   end
 end

data/lib/decidim/resource_manifest.rb

@@ -36,6 +36,9 @@ module Decidim
     # The main card to render an instance of the resource.
     attribute :card, String
 
+    # The reported content to render an instance of the resource.
+    attribute :reported_content_cell, String
+
     # Set this to `true` if you want this resource to be searchable. It requires
     # the model to include the `Decidim::Searchable` concern.
     attribute :searchable, Boolean, default: false

data/lib/decidim/resourceable.rb

@@ -93,7 +93,7 @@ module Decidim
       # - the visibility of its participatory space.
       # - the visibility of the resource itself.
       def visible?
-        !component.participatory_space.try(:private_space?) && component.published? && resource_visible?
+        component.participatory_space.try(:visible?) && component.published? && resource_visible?
       end
 
       # Check only the resource visibility not its hierarchy.
@@ -102,11 +102,11 @@ module Decidim
       #
       # @return If the resource is also Publicable checks if the resource is published, otherwise returns true by default.
       def resource_visible?
-        if respond_to?(:published?)
-          published?
-        else
-          true
-        end
+        return !hidden? && published? if respond_to?(:hidden?) && respond_to?(:published?)
+        return published? if respond_to?(:published?)
+        return !hidden? if respond_to?(:hidden?)
+
+        true
       end
 
       # Public: Whether the permissions for this object actions can be set at resource level.