decidim-core 0.25.0 → 0.26.0.rc2

data/app/helpers/decidim/messaging/conversation_helper.rb

@@ -3,14 +3,43 @@
 module Decidim
   module Messaging
     module ConversationHelper
+      def conversation_name_for(users)
+        return content_tag(:span, t("decidim.profile.deleted"), class: "label label--small label--basic") if users.first.deleted?
+
+        content_tag = content_tag(:strong, users.first.name)
+        content_tag << tag.br
+        content_tag << content_tag(:span, "@#{users.first.nickname}", class: "muted")
+        content_tag
+      end
+
+      def conversation_label_for(participants)
+        return t("title", scope: "decidim.messaging.conversations.show", usernames: username_list(participants)) unless participants.count == 1
+
+        chat_with_user = if participants.first.deleted?
+                           t("decidim.profile.deleted")
+                         else
+                           "#{participants.first.name} (@#{participants.first.nickname})"
+                         end
+
+        "#{t("chat_with", scope: "decidim.messaging.conversations.show")} #{chat_with_user}"
+      end
+
       #
       # Generates a visualization of users for listing conversations threads
       #
       def username_list(users, shorten: false)
-        return users.pluck(:name).join(", ") unless shorten
-        return users.pluck(:name).join(", ") unless users.count > 3
+        content_tags = []
+        first_users = shorten ? users.first(3) : users
+        deleted_user_tag = content_tag(:span, t("decidim.profile.deleted"), class: "label label--small label--basic")
+        first_users.each do |u|
+          content_tags.push(u.deleted? ? deleted_user_tag : content_tag(:strong, u.name))
+        end
+
+        return content_tags.join(", ") unless shorten
+        return content_tags.join(", ") unless users.count > 3
 
-        "#{users.first(3).pluck(:name).join(", ")} + #{users.count - 3}"
+        content_tags.push(content_tag(:strong, " + #{users.count - 3}"))
+        content_tags.join(", ")
       end
 
       #

data/app/helpers/decidim/resource_versions_helper.rb

@@ -13,7 +13,7 @@ module Decidim
     #
     # Returns a String.
     def resource_version(resource, options = {})
-      return unless resource.respond_to?(:versions) && resource.versions.present?
+      return unless resource.respond_to?(:versions) && resource.versions_count.positive?
 
       html = []
       html << resource_version_number(resource.versions_count)

data/app/helpers/decidim/sanitize_helper.rb

@@ -5,6 +5,7 @@ module Decidim
   module SanitizeHelper
     def self.included(base)
       base.include ActionView::Helpers::SanitizeHelper
+      base.include ActionView::Helpers::TagHelper
     end
 
     # Public: It sanitizes a user-inputted string with the
@@ -30,6 +31,10 @@ module Decidim
       end
     end
 
+    def decidim_sanitize_editor(html, options = {})
+      content_tag(:div, decidim_sanitize(html, options), class: %w(ql-editor ql-reset-decidim))
+    end
+
     def decidim_html_escape(text)
       ERB::Util.unwrapped_html_escape(text.to_str)
     end
@@ -37,5 +42,65 @@ module Decidim
     def decidim_url_escape(text)
       decidim_html_escape(text).sub(/^javascript:/, "")
     end
+
+    private
+
+    # Maintains the paragraphs and lists separations with their bullet points and
+    # list numberings where appropriate.
+    #
+    # Returns a String.
+    def sanitize_text(text)
+      add_line_feeds(sanitize_ordered_lists(sanitize_unordered_lists(text)))
+    end
+
+    def sanitize_unordered_lists(text)
+      text.gsub(%r{(?=.*</ul>)(?!.*?<li>.*?</ol>.*?</ul>)<li>}) { |li| "#{li}• " }
+    end
+
+    def sanitize_ordered_lists(text)
+      i = 0
+
+      text.gsub(%r{(?=.*</ol>)(?!.*?<li>.*?</ul>.*?</ol>)<li>}) do |li|
+        i += 1
+
+        li + "#{i}. "
+      end
+    end
+
+    def add_line_feeds_to_paragraphs(text)
+      text.gsub("</p>") { |p| "#{p}\n\n" }
+    end
+
+    def add_line_feeds_to_list_items(text)
+      text.gsub("</li>") { |li| "#{li}\n" }
+    end
+
+    # Adds line feeds after the paragraph and list item closing tags.
+    #
+    # Returns a String.
+    def add_line_feeds(text)
+      add_line_feeds_to_paragraphs(add_line_feeds_to_list_items(text))
+    end
+
+    def content_handle_locale(body, all_locales, extras, links, strip_tags)
+      handle_locales(body, all_locales) do |content|
+        content = strip_tags(sanitize_text(content)) if strip_tags
+
+        renderer = Decidim::ContentRenderers::HashtagRenderer.new(content)
+        content = renderer.render(links: links, extras: extras).html_safe
+
+        content = Decidim::ContentRenderers::LinkRenderer.new(content).render if links
+        content
+      end
+    end
+
+    def render_sanitized_content(resource, method)
+      content = present(resource).send(method, links: true, strip_tags: !safe_content?)
+      content = simple_format(content, {}, sanitize: false)
+
+      return content unless safe_content?
+
+      decidim_sanitize_editor(content)
+    end
   end
 end

data/app/models/decidim/editor_image.rb

@@ -0,0 +1,14 @@
+# frozen_string_literal: true
+
+module Decidim
+  # Images attached to editors.
+  class EditorImage < ApplicationRecord
+    include Decidim::HasUploadValidations
+
+    belongs_to :author, foreign_key: :decidim_author_id, class_name: "Decidim::User"
+    belongs_to :organization, foreign_key: :decidim_organization_id, class_name: "Decidim::Organization"
+
+    has_one_attached :file
+    validates_upload :file, uploader: Decidim::EditorImageUploader
+  end
+end

data/app/models/decidim/messaging/conversation.rb

@@ -131,6 +131,15 @@ module Decidim
         blocked.blank?
       end
 
+      #
+      # Given a user, returns if ALL the interlocutors have their accounts deleted
+      #
+      # @return Boolean
+      #
+      def with_deleted_users?(user)
+        interlocutors(user).all?(&:deleted?)
+      end
+
       #
       # Given a user, returns if the user is participating in the conversation
       # for groups being part of a conversation all their admin member are accepted

data/app/models/decidim/participatory_space_private_user.rb

@@ -22,6 +22,22 @@ module Decidim
       Decidim::AdminLog::ParticipatorySpacePrivateUserPresenter
     end
 
+    ransacker :name do
+      Arel.sql(%{("decidim_users"."name")::text})
+    end
+
+    ransacker :email do
+      Arel.sql(%{("decidim_users"."email")::text})
+    end
+
+    ransacker :invitation_sent_at do
+      Arel.sql(%{("invitation_sent_at")::text})
+    end
+
+    ransacker :invitation_accepted_at do
+      Arel.sql(%{("invitation_accepted_at")::text})
+    end
+
     private
 
     # Private: check if the participatory space and the user have the same organization

data/app/models/decidim/user.rb

@@ -63,17 +63,11 @@ module Decidim
     scope :officialized, -> { where.not(officialized_at: nil) }
     scope :not_officialized, -> { where(officialized_at: nil) }
 
-    scope :confirmed, -> { where.not(confirmed_at: nil) }
-    scope :not_confirmed, -> { where(confirmed_at: nil) }
-
-    scope :blocked, -> { where(blocked: true) }
-    scope :not_blocked, -> { where(blocked: false) }
-
     scope :interested_in_scopes, lambda { |scope_ids|
       actual_ids = scope_ids.select(&:presence)
       if actual_ids.count.positive?
         ids = actual_ids.map(&:to_i).join(",")
-        where("extended_data->'interested_scopes' @> ANY('{#{ids}}')")
+        where(Arel.sql("extended_data->'interested_scopes' @> ANY('{#{ids}}')").to_s)
       else
         # Do not apply the scope filter when there are scope ids available. Note
         # that the active record scope must always return an active record
@@ -92,8 +86,8 @@ module Decidim
                         A: :name,
                         datetime: :created_at
                       },
-                      index_on_create: ->(user) { !user.deleted? },
-                      index_on_update: ->(user) { !user.deleted? })
+                      index_on_create: ->(user) { !(user.deleted? || user.blocked?) },
+                      index_on_update: ->(user) { !(user.deleted? || user.blocked?) })
 
     before_save :ensure_encrypted_password
 

data/app/models/decidim/user_base_entity.rb

@@ -25,26 +25,37 @@ module Decidim
 
     validates :name, format: { with: REGEXP_NAME }
 
-    # Public: Returns a collection with all the entities this user is following.
+    scope :confirmed, -> { where.not(confirmed_at: nil) }
+    scope :not_confirmed, -> { where(confirmed_at: nil) }
+
+    scope :blocked, -> { where(blocked: true) }
+    scope :not_blocked, -> { where(blocked: false) }
+
+    # Public: Returns a collection with all the public entities this user is following.
     #
     # This can't be done as with a `has_many :following, through: :following_follows`
     # since it's a polymorphic relation and Rails doesn't know how to load it. With
     # this implementation we only query the database once for each kind of following.
     #
     # Returns an Array of Decidim::Followable
-    def following
-      @following ||= begin
-        followings = following_follows.pluck(:decidim_followable_type, :decidim_followable_id)
-        grouped_followings = followings.each_with_object({}) do |(type, following_id), all|
-          all[type] ||= []
-          all[type] << following_id
-          all
-        end
-
-        grouped_followings.flat_map do |type, ids|
-          type.constantize.where(id: ids)
-        end
+    def public_followings
+      @public_followings ||= following_follows.select("array_agg(decidim_followable_id)")
+                                              .group(:decidim_followable_type)
+                                              .pluck(:decidim_followable_type, "array_agg(decidim_followable_id)")
+                                              .to_h
+                                              .flat_map do |type, ids|
+        only_public(type.constantize, ids)
       end
     end
+
+    private
+
+    def only_public(klass, ids)
+      scope = klass.where(id: ids)
+      scope = scope.public_spaces if klass.try(:participatory_space?)
+      scope = scope.includes(:component) if klass.try(:has_component?)
+      scope = scope.filter(&:visible?) if klass.method_defined?(:visible?)
+      scope
+    end
   end
 end

data/app/models/decidim/user_group.rb

@@ -144,6 +144,46 @@ module Decidim
       @unread_messages_count_for[user.id] ||= Decidim::Messaging::Conversation.user_collection(self).unread_messages_by(user).count
     end
 
+    def self.state_eq(value)
+      send(value.to_sym) if %w(all pending rejected verified).include?(value)
+    end
+
+    def self.ransackable_scopes(_auth = nil)
+      [:state_eq]
+    end
+
+    scope :sort_by_users_count_asc, lambda {
+      order("users_count ASC NULLS FIRST")
+    }
+
+    scope :sort_by_users_count_desc, lambda {
+      order("users_count DESC NULLS LAST")
+    }
+
+    def self.sort_by_document_number_asc
+      order(Arel.sql("extended_data->>'document_number' ASC"))
+    end
+
+    def self.sort_by_document_number_desc
+      order(Arel.sql("extended_data->>'document_number' DESC"))
+    end
+
+    def self.sort_by_phone_asc
+      order(Arel.sql("extended_data->>'phone' ASC"))
+    end
+
+    def self.sort_by_phone_desc
+      order(Arel.sql("extended_data->>'phone' DESC"))
+    end
+
+    def self.sort_by_state_asc
+      order(Arel.sql("extended_data->>'rejected_at' ASC, extended_data->>'verified_at' ASC, deleted_at ASC"))
+    end
+
+    def self.sort_by_state_desc
+      order(Arel.sql("extended_data->>'rejected_at' DESC, extended_data->>'verified_at' DESC, deleted_at DESC"))
+    end
+
     private
 
     # Private: Checks if the state user group is correct.

data/app/packs/entrypoints/decidim_core.js

@@ -31,6 +31,7 @@ import "src/decidim/account_form"
 import "src/decidim/data_picker"
 import "src/decidim/dropdowns_menus"
 import "src/decidim/append_redirect_url_to_modals"
+import "src/decidim/form_attachments"
 import "src/decidim/form_validator"
 import "src/decidim/ajax_modals"
 import "src/decidim/conferences"

data/app/packs/src/decidim/dialog_mode.js

@@ -0,0 +1,143 @@
+const focusGuardClass = "focusguard";
+const focusableNodes = ["A", "IFRAME", "OBJECT", "EMBED"];
+const focusableDisableableNodes = ["BUTTON", "INPUT", "TEXTAREA", "SELECT"];
+
+const isFocusGuard = (element) => {
+  return element.classList.contains(focusGuardClass);
+}
+
+const isFocusable = (element) => {
+  if (focusableNodes.indexOf(element.nodeName) > -1) {
+    return true;
+  }
+  if (focusableDisableableNodes.indexOf(element.nodeName) > -1 || element.getAttribute("contenteditable")) {
+    if (element.getAttribute("disabled")) {
+      return false;
+    }
+    return true;
+  }
+
+  const tabindex = parseInt(element.getAttribute("tabindex"), 10);
+  if (!isNaN(tabindex) && tabindex >= 0) {
+    return true;
+  }
+
+  return false;
+}
+
+const createFocusGuard = (position) => {
+  return $(`<div class="${focusGuardClass}" data-position="${position}" tabindex="0" aria-hidden="true"></div>`);
+};
+
+const handleContainerFocus = ($container, $guard) => {
+  const $reveal = $(".reveal:visible:last", $container);
+  if ($reveal.length > 0) {
+    handleContainerFocus($reveal, $guard);
+    return;
+  }
+
+  const $nodes = $("*:visible", $container);
+  let $target = null;
+
+  if ($guard.data("position") === "start") {
+    // Focus at the start guard, so focus the first focusable element after that
+    for (let ind = 0; ind < $nodes.length; ind += 1) {
+      if (!isFocusGuard($nodes[ind]) && isFocusable($nodes[ind])) {
+        $target = $($nodes[ind]);
+        break;
+      }
+    }
+  } else {
+    // Focus at the end guard, so focus the first focusable element after that
+    for (let ind = $nodes.length - 1; ind >= 0; ind -= 1) {
+      if (!isFocusGuard($nodes[ind]) && isFocusable($nodes[ind])) {
+        $target = $($nodes[ind]);
+        break;
+      }
+    }
+  }
+
+  if ($target) {
+    $target.trigger("focus");
+  } else {
+    // If no focusable element was found, blur the guard focus
+    $guard.blur();
+  }
+};
+
+/**
+ * A method to enable the dialog mode for the given dialog(s).
+ *
+ * This should be called when the dialog is opened. It implements two things for
+ * the dialog:
+ * 1. It places the focus to the title element making sure the screen reader
+ *    focuses in the correct position of the document. Otherwise some screen
+ *    readers continue reading outside of the document.
+ * 2. Document "tab guards" that force the keyboard focus within the modal when
+ *    the user is using keyboard or keyboard emulating devices for browsing the
+ *    document.
+ *
+ * The "tab guards" are added at the top and bottom of the document to keep the
+ * user's focus within the dialog if they accidentally or intentionally place
+ * the focus outside of the document, e.g. in different window or in the browser
+ * address bar. They guard the focus on both sides of the document returning
+ * focus back to the first or last focusable element within the dialog.
+ *
+ * @param {jQuery} $dialogs The jQuery element(s) to apply the mode for.
+ * @return {Void} Nothing
+ */
+export default ($dialogs) => {
+  $dialogs.each((_i, dialog) => {
+    const $dialog = $(dialog);
+
+    const $container = $("body");
+    const $title = $(".reveal__title:first", $dialog);
+
+    if ($title.length > 0) {
+      // Focus on the title to make the screen reader to start reading the
+      // content within the modal.
+      $title.attr("tabindex", $title.attr("tabindex") || -1);
+      $title.trigger("focus");
+    }
+
+    // Once the final modal closes, remove the focus guards from the container
+    $dialog.off("closed.zf.reveal.focusguard").on("closed.zf.reveal.focusguard", () => {
+      $dialog.off("closed.zf.reveal.focusguard");
+
+      // After the last dialog is closed, the tab guards should be removed.
+      // Note that there may be multiple dialogs open on top of each other at
+      // the same time.
+      if ($(".reveal:visible", $container).length < 1) {
+        $(`> .${focusGuardClass}`, $container).remove();
+      }
+    });
+
+    // Check if the guards already exists due to some other dialog
+    const $guards = $(`> .${focusGuardClass}`, $container);
+    if ($guards.length > 0) {
+      // Make sure the guards are the first and last element as there have
+      // been changes in the DOM.
+      $guards.each((_j, guard) => {
+        const $guard = $(guard);
+        if ($guard.data("position") === "start") {
+          $container.prepend($guard);
+        } else {
+          $container.append($guard);
+        }
+      });
+
+      return;
+    }
+
+    // Add guards at the start and end of the document and attach their focus
+    // listeners
+    const $startGuard = createFocusGuard("start");
+    const $endGuard = createFocusGuard("end");
+
+    $container.prepend($startGuard);
+    $container.append($endGuard);
+
+    $startGuard.on("focus", () => handleContainerFocus($container, $startGuard));
+    $endGuard.on("focus", () => handleContainerFocus($container, $endGuard));
+  });
+};

data/app/packs/src/decidim/dialog_mode.test.js

@@ -0,0 +1,168 @@
+/* global jest, global */
+
+// Mock jQuery because the visibility indicator works differently within jest.
+// This fixes jQuery reporting $(".element").is(":visible") correctly during the
+// tests and within foundation, too.
+jest.mock("jquery", () => {
+  const jq = jest.requireActual("jquery");
+
+  jq.expr.pseudos.visible = (elem) => {
+    const display = global.window.getComputedStyle(elem).display;
+    return ["inline", "block", "inline-block"].includes(display);
+  };
+
+  return jq;
+});
+
+import $ from "jquery"; // eslint-disable-line id-length
+import "foundation-sites";
+
+import dialogMode from "./dialog_mode.js";
+
+describe("dialogMode", () => {
+  const content = `
+    <div class="reveal" id="test-modal" data-reveal aria-modal="true" aria-labelledby="test-modal-label">
+      <div class="reveal__header">
+        <h3 id="test-modal-label" class="reveal__title">Testing modal</h3>
+        <button class="close-button" data-close aria-label="Close window"
+          type="button">
+          <span aria-hidden="true">&times;</span>
+        </button>
+      </div>
+      <div class="row">
+        <div class="columns medium-4 medium-centered">
+          <p>Here is some content within the modal.</p>
+          <button type="button" id="test-modal-button">Button at the bottom</button>
+        </div>
+      </div>
+    </div>
+
+    <div class="reveal" id="test-modal-2" data-reveal aria-modal="true" aria-labelledby="test-modal-2-label">
+      <div class="reveal__header">
+        <h3 id="test-modal-2-label" class="reveal__title">Other testing modal</h3>
+        <button class="close-button" data-close aria-label="Close window"
+          type="button">
+          <span aria-hidden="true">&times;</span>
+        </button>
+      </div>
+      <div class="row">
+        <div class="columns medium-4 medium-centered">
+          <p>Here is some content within the other modal.</p>
+          <button type="button" id="test-modal-2-button">Button at the bottom</button>
+        </div>
+      </div>
+    </div>
+  `;
+
+  beforeEach(() => {
+    $("body").html(content);
+
+    $(document).foundation();
+
+    // Make sure all reveals are hidden by default so that their visibility is
+    // correctly reported always.
+    $(".reveal").css("display", "none");
+
+    $(document).on("open.zf.reveal", (ev) => {
+      dialogMode($(ev.target));
+    });
+  });
+
+  it("focuses the title", () => {
+    $("#test-modal").foundation("open");
+
+    const $focused = $(document.activeElement);
+    expect($focused.is($("#test-modal-label"))).toBe(true);
+  });
+
+  it("adds the tab guads on both sides of the document", () => {
+    $("#test-modal").foundation("open");
+
+    const $first = $("body *:first");
+    const $last = $("body *:last");
+
+    expect($first[0].outerHTML).toEqual(
+      '<div class="focusguard" data-position="start" tabindex="0" aria-hidden="true"></div>'
+    );
+    expect($last[0].outerHTML).toEqual(
+      '<div class="focusguard" data-position="end" tabindex="0" aria-hidden="true"></div>'
+    );
+  });
+
+  it("removes the tab guards when the modal is closed", () => {
+    const $modal = $("#test-modal");
+    $modal.foundation("open");
+    $modal.foundation("close");
+
+    expect($(".focusguard").length).toEqual(0);
+  });
+
+  it("focuses the first focusable element when the start tab guard gets focus", () => {
+    const $modal = $("#test-modal");
+    $modal.foundation("open");
+
+    $(".focusguard[data-position='start']").trigger("focus");
+
+    const $focused = $(document.activeElement);
+    expect($focused.is($("#test-modal .close-button"))).toBe(true);
+  });
+
+  it("focuses the last focusable element when the end tab guard gets focus", () => {
+    const $modal = $("#test-modal");
+    $modal.foundation("open");
+
+    $(".focusguard[data-position='end']").trigger("focus");
+
+    const $focused = $(document.activeElement);
+    expect($focused.is($("#test-modal-button"))).toBe(true);
+  });
+
+  describe("when multiple modals are opened", () => {
+    it("adds the tab guads only once", () => {
+      $("#test-modal").foundation("open");
+      $("#test-modal-2").foundation("open");
+
+      expect($(".focusguard[data-position='start']").length).toEqual(1);
+      expect($(".focusguard[data-position='end']").length).toEqual(1);
+    });
+
+    it("does not remove the tab guards when modal is closed but there is still another modal open", () => {
+      $("#test-modal").foundation("open");
+      $("#test-modal-2").foundation("open");
+      $("#test-modal-2").foundation("close");
+
+      expect($(".focusguard[data-position='start']").length).toEqual(1);
+      expect($(".focusguard[data-position='end']").length).toEqual(1);
+    });
+
+    it("removes the tab guards when the last modal is closed", () => {
+      $("#test-modal").foundation("open");
+      $("#test-modal-2").foundation("open");
+      $("#test-modal-2").foundation("close");
+      $("#test-modal").foundation("close");
+
+      expect($(".focusguard").length).toEqual(0);
+    });
+
+    describe("within the active modal", () => {
+      beforeEach(() => {
+        $("#test-modal").foundation("open");
+        $("#test-modal-2").foundation("open");
+      });
+
+      it("focuses the first focusable element when the start tab guard gets focus", () => {
+        $(".focusguard[data-position='start']").trigger("focus");
+
+        const $focused = $(document.activeElement);
+        expect($focused.is($("#test-modal-2 .close-button"))).toBe(true);
+      });
+
+      it("focuses the last focusable element when the end tab guard gets focus", () => {
+        $(".focusguard[data-position='end']").trigger("focus");
+
+        const $focused = $(document.activeElement);
+        expect($focused.is($("#test-modal-2-button"))).toBe(true);
+      });
+    });
+  });
+});