decidim-core 0.25.2 → 0.26.0.rc1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/app/cells/decidim/activity_cell.rb +2 -1
- data/app/cells/decidim/author/flag_user.erb +1 -1
- data/app/cells/decidim/author/profile_inline.erb +1 -1
- data/app/cells/decidim/author/withdraw.erb +2 -2
- data/app/cells/decidim/author_cell.rb +32 -0
- data/app/cells/decidim/card_m_cell.rb +1 -1
- data/app/cells/decidim/content_blocks/cta_cell.rb +1 -1
- data/app/cells/decidim/content_blocks/hero_cell.rb +1 -1
- data/app/cells/decidim/content_blocks/highlighted_content_banner/show.erb +1 -1
- data/app/cells/decidim/content_blocks/last_activity_cell.rb +1 -1
- data/app/cells/decidim/content_blocks/stats_cell.rb +12 -0
- data/app/cells/decidim/endorsers_list_cell.rb +3 -1
- data/app/cells/decidim/flag_modal/flag_user.erb +2 -2
- data/app/cells/decidim/flag_modal/show.erb +2 -2
- data/app/cells/decidim/flag_modal_cell.rb +10 -0
- data/app/cells/decidim/notification/show.erb +31 -0
- data/app/cells/decidim/notification_cell.rb +20 -0
- data/app/cells/decidim/notifications/show.erb +1 -24
- data/app/cells/decidim/notifications_cell.rb +0 -1
- data/app/cells/decidim/user_conversation/conversation_header.erb +1 -1
- data/app/cells/decidim/user_conversation/show.erb +4 -2
- data/app/cells/decidim/user_conversations/conversation_item.erb +1 -1
- data/app/commands/decidim/create_editor_image.rb +41 -0
- data/app/controllers/decidim/cookie_policy_controller.rb +2 -0
- data/app/controllers/decidim/editor_images_controller.rb +47 -0
- data/app/controllers/decidim/user_activities_controller.rb +2 -1
- data/app/forms/decidim/editor_image_form.rb +16 -0
- data/app/helpers/decidim/amendments_helper.rb +1 -1
- data/app/helpers/decidim/application_helper.rb +2 -2
- data/app/helpers/decidim/messaging/conversation_helper.rb +32 -3
- data/app/helpers/decidim/resource_versions_helper.rb +1 -1
- data/app/helpers/decidim/sanitize_helper.rb +65 -0
- data/app/models/decidim/editor_image.rb +14 -0
- data/app/models/decidim/messaging/conversation.rb +9 -0
- data/app/models/decidim/participatory_space_private_user.rb +16 -0
- data/app/models/decidim/user.rb +3 -3
- data/app/models/decidim/user_group.rb +40 -0
- data/app/packs/entrypoints/decidim_core.js +1 -0
- data/app/packs/src/decidim/dialog_mode.js +143 -0
- data/app/packs/src/decidim/dialog_mode.test.js +168 -0
- data/app/packs/src/decidim/editor.js +56 -14
- data/app/packs/src/decidim/form_attachments.js +5 -0
- data/app/packs/src/decidim/index.js +4 -0
- data/app/packs/src/decidim/vendor/image-resize.min.js +3 -0
- data/app/packs/src/decidim/vendor/image-upload.min.js +8 -0
- data/app/packs/stylesheets/decidim/extras/_extras.scss +0 -1
- data/app/packs/stylesheets/decidim/extras/_quill.scss +7 -0
- data/app/packs/stylesheets/decidim/modules/_buttons.scss +11 -4
- data/app/packs/stylesheets/decidim/modules/_cards.scss +4 -0
- data/app/packs/stylesheets/decidim/modules/_layout.scss +1 -1
- data/app/presenters/decidim/nil_presenter.rb +2 -2
- data/app/presenters/decidim/notification_presenter.rb +25 -0
- data/app/presenters/decidim/official_author_presenter.rb +1 -1
- data/app/presenters/decidim/validation_errors_presenter.rb +27 -0
- data/app/queries/decidim/similar_emendations.rb +1 -1
- data/app/resolvers/decidim/core/metric_resolver.rb +1 -1
- data/app/services/decidim/activity_search.rb +2 -2
- data/app/services/decidim/email_notification_generator.rb +4 -1
- data/app/services/decidim/html_truncation.rb +130 -0
- data/app/services/decidim/open_data_exporter.rb +29 -5
- data/app/services/decidim/resource_search.rb +1 -1
- data/app/uploaders/decidim/editor_image_uploader.rb +6 -0
- data/app/validators/password_validator.rb +123 -0
- data/app/views/decidim/account/_password_fields.html.erb +1 -1
- data/app/views/decidim/devise/passwords/edit.html.erb +1 -1
- data/app/views/decidim/devise/registrations/new.html.erb +1 -1
- data/app/views/decidim/devise/shared/_omniauth_buttons_mini.html.erb +6 -4
- data/app/views/decidim/messaging/conversations/_conversation.html.erb +3 -3
- data/app/views/decidim/messaging/conversations/_messages.html.erb +8 -2
- data/app/views/decidim/messaging/conversations/_show.html.erb +10 -12
- data/app/views/decidim/messaging/conversations/show.html.erb +4 -2
- data/app/views/decidim/newsletters/show.html.erb +1 -1
- data/app/views/decidim/notification_mailer/event_received.html.erb +17 -0
- data/app/views/decidim/pages/_tabbed.html.erb +1 -1
- data/app/views/decidim/searches/_filters_small_view.html.erb +3 -3
- data/app/views/decidim/shared/_login_modal.html.erb +5 -5
- data/app/views/decidim/shared/_orders.html.erb +1 -1
- data/app/views/decidim/shared/_results_per_page.html.erb +1 -1
- data/app/views/decidim/shared/participatory_space_filters/_filters_small_view.html.erb +3 -3
- data/app/views/layouts/decidim/_application.html.erb +1 -12
- data/app/views/layouts/decidim/_head.html.erb +4 -0
- data/app/views/layouts/decidim/_language_chooser.html.erb +1 -1
- data/app/views/layouts/decidim/_meta_tags_config.html.erb +11 -0
- data/app/views/layouts/decidim/_wrapper.html.erb +1 -1
- data/config/brakeman.ignore +149 -0
- data/config/initializers/devise.rb +1 -1
- data/config/initializers/rack_attack.rb +23 -21
- data/config/locales/ca.yml +2 -0
- data/config/locales/cs.yml +60 -0
- data/config/locales/en.yml +45 -0
- data/config/locales/es.yml +45 -0
- data/config/locales/eu.yml +5 -0
- data/config/locales/fi-plain.yml +6 -0
- data/config/locales/fi.yml +45 -0
- data/config/locales/fr-CA.yml +38 -0
- data/config/locales/fr.yml +44 -6
- data/config/locales/gl.yml +5 -0
- data/config/locales/it.yml +11 -0
- data/config/locales/ja.yml +72 -36
- data/config/locales/lb-LU.yml +1354 -0
- data/config/locales/lb.yml +1 -1
- data/config/locales/nl.yml +54 -0
- data/config/locales/pl.yml +5 -5
- data/config/locales/pt-BR.yml +1 -1
- data/config/locales/ro-RO.yml +8 -0
- data/config/locales/sv.yml +5 -0
- data/config/locales/val-ES.yml +1 -0
- data/config/routes.rb +2 -0
- data/db/migrate/20210730112319_create_decidim_editor_images.rb +12 -0
- data/db/migrate/20211126183540_add_timestamps_to_content_blocks.rb +14 -0
- data/db/seeds.rb +16 -14
- data/lib/decidim/api/functions/user_entity_list.rb +1 -0
- data/lib/decidim/api/input_sorts/component_input_sort.rb +1 -1
- data/lib/decidim/common_passwords.rb +56 -0
- data/lib/decidim/content_parsers/inline_images_parser.rb +68 -0
- data/lib/decidim/content_parsers.rb +1 -0
- data/lib/decidim/content_renderers/link_renderer.rb +85 -1
- data/lib/decidim/content_renderers/user_group_renderer.rb +1 -1
- data/lib/decidim/content_renderers/user_renderer.rb +1 -1
- data/lib/decidim/core/engine.rb +3 -12
- data/lib/decidim/core/test/factories.rb +7 -1
- data/lib/decidim/core/test/shared_examples/translated_event_examples.rb +131 -0
- data/lib/decidim/core/test.rb +1 -0
- data/lib/decidim/core/version.rb +1 -1
- data/lib/decidim/core.rb +22 -5
- data/lib/decidim/db/common-passwords.txt +128420 -0
- data/lib/decidim/etherpad/pad.rb +48 -0
- data/lib/decidim/etherpad.rb +7 -0
- data/lib/decidim/events/base_event.rb +18 -0
- data/lib/decidim/events/machine_translated_event.rb +36 -0
- data/lib/decidim/events/user_group_event.rb +1 -3
- data/lib/decidim/events.rb +1 -0
- data/lib/decidim/exporters/csv.rb +7 -7
- data/lib/decidim/faker/localized.rb +15 -6
- data/lib/decidim/form_builder.rb +14 -4
- data/lib/decidim/has_attachments.rb +11 -4
- data/lib/decidim/importers/import_manifest.rb +103 -3
- data/lib/decidim/paddable.rb +1 -9
- data/lib/decidim/searchable.rb +2 -2
- data/lib/decidim/settings_manifest.rb +2 -0
- data/lib/decidim/translatable_attributes.rb +6 -6
- data/lib/decidim/view_model.rb +10 -0
- data/lib/tasks/decidim_active_storage_migration_tasks.rake +68 -0
- metadata +56 -65
- data/app/packs/stylesheets/decidim/extras/_social_icons_mini.scss +0 -11
|
@@ -5,9 +5,11 @@
|
|
|
5
5
|
<% end %>
|
|
6
6
|
</div>
|
|
7
7
|
|
|
8
|
-
<% if conversation.
|
|
8
|
+
<% if conversation.with_deleted_users?(current_user) %>
|
|
9
|
+
<div class="callout warning margin-top-2"><%= t ".deleted_accounts" %></div>
|
|
10
|
+
<% elsif conversation.accept_user?(current_user) %>
|
|
9
11
|
<%= render "reply", form: @form, conversation: conversation %>
|
|
10
12
|
<% else %>
|
|
11
|
-
<
|
|
13
|
+
<div class="callout warning margin-top-2"><%= t ".not_allowed" %></div>
|
|
12
14
|
<% end %>
|
|
13
15
|
<% end %>
|
|
@@ -5,7 +5,7 @@
|
|
|
5
5
|
newsletter: newsletter,
|
|
6
6
|
recipient_user: @user
|
|
7
7
|
) %>
|
|
8
|
-
<%=
|
|
8
|
+
<%= decidim_sanitize_editor @cell.to_s %>
|
|
9
9
|
|
|
10
10
|
<% content_for :note do %>
|
|
11
11
|
<%== t "note", scope: "decidim.newsletter_mailer.newsletter", organization_name: h(@organization.name), link: decidim.notifications_settings_url(host: @organization.host) %>
|
|
@@ -9,6 +9,10 @@
|
|
|
9
9
|
<% end %>
|
|
10
10
|
|
|
11
11
|
<% if @event_instance.try(:safe_resource_text).present? %>
|
|
12
|
+
<% if @event_instance.perform_translation? %>
|
|
13
|
+
<p style="font-weight: bold"><%= t(".original_text") %></p>
|
|
14
|
+
<% end %>
|
|
15
|
+
|
|
12
16
|
<blockquote>
|
|
13
17
|
<p>
|
|
14
18
|
<%= @event_instance.safe_resource_text %>
|
|
@@ -16,6 +20,19 @@
|
|
|
16
20
|
</blockquote>
|
|
17
21
|
<% end %>
|
|
18
22
|
|
|
23
|
+
<% if @event_instance.content_in_same_language? %>
|
|
24
|
+
<p><%= t(".same_language", language: I18n.locale.to_s ) %></p>
|
|
25
|
+
<% elsif @event_instance.translation_missing? %>
|
|
26
|
+
<p><%= t(".no_translation_available", link: @event_instance.resource_url ) %></p>
|
|
27
|
+
<% elsif @event_instance.perform_translation? %>
|
|
28
|
+
<p style="font-weight: bold"><%= t(".translated_text") %></p>
|
|
29
|
+
<blockquote>
|
|
30
|
+
<p>
|
|
31
|
+
<%= @event_instance.safe_resource_translated_text %>
|
|
32
|
+
</p>
|
|
33
|
+
</blockquote>
|
|
34
|
+
<% end %>
|
|
35
|
+
|
|
19
36
|
<% if @event_instance.has_button? %>
|
|
20
37
|
<table class="button expanded radius">
|
|
21
38
|
<tr>
|
|
@@ -1,13 +1,13 @@
|
|
|
1
1
|
<div class="filters-controls hide-for-mediumlarge">
|
|
2
|
-
<button data-open="filter-box" class="filters-controls__trigger">
|
|
2
|
+
<button data-open="filter-box" class="filters-controls__trigger" aria-controls="filter-box" aria-haspopup="dialog">
|
|
3
3
|
<%= t ".filter" %>
|
|
4
4
|
<%= icon "caret-bottom", class: "icon--small float-right", aria_label: t(".unfold"), role: "img" %>
|
|
5
5
|
</button>
|
|
6
6
|
</div>
|
|
7
7
|
|
|
8
|
-
<div class="reveal" id="filter-box" data-reveal>
|
|
8
|
+
<div class="reveal" id="filter-box" data-reveal role="dialog" aria-modal="true" aria-labelledby="filter-box-label">
|
|
9
9
|
<div class="reveal__header">
|
|
10
|
-
<h3 class="reveal__title"><%= t ".filter_by" %>:</h3>
|
|
10
|
+
<h3 id="filter-box-label" class="reveal__title"><%= t ".filter_by" %>:</h3>
|
|
11
11
|
<button class="close-button" data-close aria-label="<%= t(".close_modal") %>" type="button">
|
|
12
12
|
<span aria-hidden="true">×</span>
|
|
13
13
|
</button>
|
|
@@ -1,12 +1,15 @@
|
|
|
1
|
-
<div class="reveal" id="loginModal" data-reveal>
|
|
1
|
+
<div class="reveal" id="loginModal" data-reveal role="dialog" aria-modal="true" aria-labelledby="loginModal-label">
|
|
2
2
|
<div class="reveal__header">
|
|
3
|
-
<h2 class="reveal__title"><%= t(".please_sign_in") %></h2>
|
|
3
|
+
<h2 id="loginModal-label" class="reveal__title"><%= t(".please_sign_in") %></h2>
|
|
4
4
|
<button class="close-button" data-close aria-label="<%= t(".close_modal") %>"
|
|
5
5
|
type="button">
|
|
6
6
|
<span aria-hidden="true">×</span>
|
|
7
7
|
</button>
|
|
8
8
|
</div>
|
|
9
9
|
<% if current_organization.sign_in_enabled? %>
|
|
10
|
+
<% cache current_organization do %>
|
|
11
|
+
<%= render "decidim/devise/shared/omniauth_buttons_mini" %>
|
|
12
|
+
<% end %>
|
|
10
13
|
<div class="row">
|
|
11
14
|
<div class="columns medium-8 medium-centered">
|
|
12
15
|
<%
|
|
@@ -39,9 +42,6 @@
|
|
|
39
42
|
</p>
|
|
40
43
|
</div>
|
|
41
44
|
</div>
|
|
42
|
-
<% cache current_organization do %>
|
|
43
|
-
<%= render "decidim/devise/shared/omniauth_buttons_mini" %>
|
|
44
|
-
<% end %>
|
|
45
45
|
<% else %>
|
|
46
46
|
<div class="row">
|
|
47
47
|
<div class="columns medium-8 medium-centered">
|
|
@@ -9,7 +9,7 @@
|
|
|
9
9
|
data-close-on-click="true"
|
|
10
10
|
role="menubar">
|
|
11
11
|
<li class="is-dropdown-submenu-parent" role="presentation">
|
|
12
|
-
<a href="#" id="<%= menu_id %>-control" aria-controls="<%= menu_id %>" aria-haspopup="
|
|
12
|
+
<a href="#" id="<%= menu_id %>-control" aria-controls="<%= menu_id %>" aria-haspopup="menu" title="<%= t("#{i18n_scope}.label") %>" role="menuitem"><%= t("#{i18n_scope}.#{order}") %></a>
|
|
13
13
|
|
|
14
14
|
<ul id="<%= menu_id %>" class="menu" role="menu" aria-labelledby="<%= menu_id %>-control">
|
|
15
15
|
<% orders.each do |order_name| %>
|
|
@@ -9,7 +9,7 @@
|
|
|
9
9
|
data-close-on-click="true"
|
|
10
10
|
role="menubar">
|
|
11
11
|
<li class="is-dropdown-submenu-parent" role="presentation">
|
|
12
|
-
<a href="#" id="<%= menu_id %>-control" aria-controls="<%= menu_id %>" aria-haspopup="
|
|
12
|
+
<a href="#" id="<%= menu_id %>-control" aria-controls="<%= menu_id %>" aria-haspopup="menu" title="<%= t("decidim.shared.results_per_page.title") %>" role="menuitem"><%= per_page %></a>
|
|
13
13
|
<ul id="<%= menu_id %>" class="menu" role="menu" aria-labelledby="<%= menu_id %>-control">
|
|
14
14
|
<% Decidim::Paginable::OPTIONS.each do |per_page_option| %>
|
|
15
15
|
<li role="presentation">
|
|
@@ -1,13 +1,13 @@
|
|
|
1
1
|
<div class="filters-controls hide-for-mediumlarge">
|
|
2
|
-
<button data-open="filter-box" class="filters-controls__trigger">
|
|
2
|
+
<button data-open="filter-box" class="filters-controls__trigger" aria-controls="filter-box" aria-haspopup="dialog">
|
|
3
3
|
<%= t("filter", scope: "decidim.searches.filters_small_view") %>
|
|
4
4
|
<%= icon "caret-bottom", class: "icon--small float-right", aria_label: t("unfold", scope: "decidim.searches.filters_small_view"), role: "img" %>
|
|
5
5
|
</button>
|
|
6
6
|
</div>
|
|
7
7
|
|
|
8
|
-
<div class="reveal" id="filter-box" data-reveal>
|
|
8
|
+
<div class="reveal" id="filter-box" data-reveal role="dialog" aria-modal="true" aria-labelledby="filter-box-label">
|
|
9
9
|
<div class="reveal__header">
|
|
10
|
-
<h3 class="reveal__title"><%= t("filter_by", scope: "decidim.searches.filters_small_view") %>:</h3>
|
|
10
|
+
<h3 id="filter-box-label" class="reveal__title"><%= t("filter_by", scope: "decidim.searches.filters_small_view") %>:</h3>
|
|
11
11
|
<button class="close-button" data-close aria-label="<%= 't("close_modal", scope: "decidim.searches.filters_small_view")' %>" type="button">
|
|
12
12
|
<span aria-hidden="true">×</span>
|
|
13
13
|
</button>
|
|
@@ -1,15 +1,4 @@
|
|
|
1
|
-
|
|
2
|
-
description: strip_tags(translated_attribute(current_organization.description)),
|
|
3
|
-
title: current_organization.name,
|
|
4
|
-
url: request.original_url,
|
|
5
|
-
twitter_handler: current_organization.twitter_handler,
|
|
6
|
-
image_url: Decidim::ContentBlock.published.find_by(
|
|
7
|
-
organization: current_organization,
|
|
8
|
-
scope_name: :homepage,
|
|
9
|
-
manifest_name: :hero
|
|
10
|
-
).try(:images_container).try(:attached_uploader, :background_image).try(:path)
|
|
11
|
-
}) %>
|
|
12
|
-
|
|
1
|
+
<%= render partial: "layouts/decidim/meta_tags_config" %>
|
|
13
2
|
<!DOCTYPE html>
|
|
14
3
|
<html lang="<%= I18n.locale %>" class="no-js">
|
|
15
4
|
<head>
|
|
@@ -17,6 +17,10 @@
|
|
|
17
17
|
<meta property="og:description" content="<%= decidim_meta_description %>">
|
|
18
18
|
<meta property="og:image" content="<%= decidim_meta_image_url %>">
|
|
19
19
|
|
|
20
|
+
<% if current_organization.colors["theme"] %>
|
|
21
|
+
<meta name="theme-color" content="<%= current_organization.colors["theme"] %>">
|
|
22
|
+
<% end %>
|
|
23
|
+
|
|
20
24
|
<%= favicon %>
|
|
21
25
|
<%= stylesheet_pack_tag "decidim_core", media: "all" %>
|
|
22
26
|
<%= invisible_captcha_styles %>
|
|
@@ -7,7 +7,7 @@
|
|
|
7
7
|
data-close-on-click="true"
|
|
8
8
|
role="menubar">
|
|
9
9
|
<li class="is-dropdown-submenu-parent" role="presentation">
|
|
10
|
-
<%= link_to t("name", scope: "locale"), "#language-chooser-menu", id: "language-chooser-control", "aria-label": t("layouts.decidim.language_chooser.choose_language"), "aria-controls": "language-chooser-menu", "aria-haspopup": "
|
|
10
|
+
<%= link_to t("name", scope: "locale"), "#language-chooser-menu", id: "language-chooser-control", "aria-label": t("layouts.decidim.language_chooser.choose_language"), "aria-controls": "language-chooser-menu", "aria-haspopup": "menu", role: "menuitem" %>
|
|
11
11
|
<ul class="menu is-dropdown-submenu" id="language-chooser-menu" role="menu" aria-labelledby="language-chooser-control">
|
|
12
12
|
<% (available_locales - [I18n.locale.to_s]).each do |locale| %>
|
|
13
13
|
<li lang="<%= locale %>" role="presentation"><%= link_to locale_name(locale), decidim.locale_path(locale: locale), method: :post, role: "menuitem" %></li>
|
|
@@ -0,0 +1,11 @@
|
|
|
1
|
+
<% add_decidim_meta_tags({
|
|
2
|
+
description: strip_tags(translated_attribute(current_organization.description)),
|
|
3
|
+
title: current_organization.name,
|
|
4
|
+
url: request.original_url,
|
|
5
|
+
twitter_handler: current_organization.twitter_handler,
|
|
6
|
+
image_url: Decidim::ContentBlock.published.find_by(
|
|
7
|
+
organization: current_organization,
|
|
8
|
+
scope_name: :homepage,
|
|
9
|
+
manifest_name: :hero
|
|
10
|
+
).try(:images_container).try(:attached_uploader, :background_image).try(:path)
|
|
11
|
+
}) %>
|
|
@@ -66,7 +66,7 @@ end
|
|
|
66
66
|
data-close-on-click="true"
|
|
67
67
|
role="menubar">
|
|
68
68
|
<li class="is-dropdown-submenu-parent show-for-medium" role="presentation">
|
|
69
|
-
<%= link_to current_user.name, decidim.account_path, id: "user-menu-control", "aria-controls": "user-menu", "aria-haspopup": "
|
|
69
|
+
<%= link_to current_user.name, decidim.account_path, id: "user-menu-control", "aria-controls": "user-menu", "aria-haspopup": "menu", "aria-label": t("layouts.decidim.user_menu.account", name: current_user.name), "role": "menuitem" %>
|
|
70
70
|
<ul class="menu is-dropdown-submenu" id="user-menu" role="menu" aria-labelledby="user-menu-control">
|
|
71
71
|
<%= render partial: "layouts/decidim/user_menu" %>
|
|
72
72
|
</ul>
|
|
@@ -0,0 +1,149 @@
|
|
|
1
|
+
{
|
|
2
|
+
"ignored_warnings": [
|
|
3
|
+
{
|
|
4
|
+
"warning_type": "Cross-Site Scripting",
|
|
5
|
+
"warning_code": 2,
|
|
6
|
+
"fingerprint": "211ff4b5e0d738e40e3c7f6d27b6905f23b1ed4e20347c179af3df40f6e5694d",
|
|
7
|
+
"check_name": "CrossSiteScripting",
|
|
8
|
+
"message": "Unescaped model attribute",
|
|
9
|
+
"file": "app/views/decidim/messaging/conversations/_conversation.html.erb",
|
|
10
|
+
"line": 20,
|
|
11
|
+
"link": "https://brakemanscanner.org/docs/warning_types/cross_site_scripting",
|
|
12
|
+
"code": "username_list((Unresolved Model).new.interlocutors(current_user), :shorten => true)",
|
|
13
|
+
"render_path": [
|
|
14
|
+
{
|
|
15
|
+
"type": "template",
|
|
16
|
+
"name": "decidim/messaging/conversations/index",
|
|
17
|
+
"line": 25,
|
|
18
|
+
"file": "app/views/decidim/messaging/conversations/index.html.erb",
|
|
19
|
+
"rendered": {
|
|
20
|
+
"name": "decidim/messaging/conversations/_conversation",
|
|
21
|
+
"file": "app/views/decidim/messaging/conversations/_conversation.html.erb"
|
|
22
|
+
}
|
|
23
|
+
}
|
|
24
|
+
],
|
|
25
|
+
"location": {
|
|
26
|
+
"type": "template",
|
|
27
|
+
"template": "decidim/messaging/conversations/_conversation"
|
|
28
|
+
},
|
|
29
|
+
"user_input": "(Unresolved Model).new.interlocutors(current_user)",
|
|
30
|
+
"confidence": "Weak",
|
|
31
|
+
"note": ""
|
|
32
|
+
},
|
|
33
|
+
{
|
|
34
|
+
"warning_type": "Cross-Site Scripting",
|
|
35
|
+
"warning_code": 4,
|
|
36
|
+
"fingerprint": "2c7f1da812b5d4b350d2260b604e9061ef082ecae90073ae09fe2eb46c1b9a08",
|
|
37
|
+
"check_name": "LinkToHref",
|
|
38
|
+
"message": "Unsafe parameter value in `link_to` href",
|
|
39
|
+
"file": "app/views/decidim/links/_modal.html.erb",
|
|
40
|
+
"line": 16,
|
|
41
|
+
"link": "https://brakemanscanner.org/docs/warning_types/link_to_href",
|
|
42
|
+
"code": "link_to(t(\"decidim.links.warning.proceed\"), params[:external_url], :target => \"_blank\", :data => ({ :close => \"\" }), :class => \"button primary button--nomargin\")",
|
|
43
|
+
"render_path": [
|
|
44
|
+
{
|
|
45
|
+
"type": "controller",
|
|
46
|
+
"class": "Decidim::LinksController",
|
|
47
|
+
"method": "new",
|
|
48
|
+
"line": 16,
|
|
49
|
+
"file": "app/controllers/decidim/links_controller.rb",
|
|
50
|
+
"rendered": {
|
|
51
|
+
"name": "decidim/links/new",
|
|
52
|
+
"file": "app/views/decidim/links/new.js.erb"
|
|
53
|
+
}
|
|
54
|
+
},
|
|
55
|
+
{
|
|
56
|
+
"type": "template",
|
|
57
|
+
"name": "decidim/links/new",
|
|
58
|
+
"line": 3,
|
|
59
|
+
"file": "app/views/decidim/links/new.js.erb",
|
|
60
|
+
"rendered": {
|
|
61
|
+
"name": "decidim/links/_modal",
|
|
62
|
+
"file": "app/views/decidim/links/_modal.html.erb"
|
|
63
|
+
}
|
|
64
|
+
}
|
|
65
|
+
],
|
|
66
|
+
"location": {
|
|
67
|
+
"type": "template",
|
|
68
|
+
"template": "decidim/links/_modal"
|
|
69
|
+
},
|
|
70
|
+
"user_input": "params[:external_url]",
|
|
71
|
+
"confidence": "High",
|
|
72
|
+
"note": ""
|
|
73
|
+
},
|
|
74
|
+
{
|
|
75
|
+
"warning_type": "Cross-Site Scripting",
|
|
76
|
+
"warning_code": 2,
|
|
77
|
+
"fingerprint": "2d9910c9250df37f9cf9ddd225d4541ab9c411c61e74562b9a4b7b188e44cc47",
|
|
78
|
+
"check_name": "CrossSiteScripting",
|
|
79
|
+
"message": "Unescaped parameter value",
|
|
80
|
+
"file": "app/views/decidim/searches/index.js.erb",
|
|
81
|
+
"line": 5,
|
|
82
|
+
"link": "https://brakemanscanner.org/docs/warning_types/cross_site_scripting",
|
|
83
|
+
"code": "j(cell(\"decidim/search_results\", @sections, :params => (params)).show).strip",
|
|
84
|
+
"render_path": [
|
|
85
|
+
{
|
|
86
|
+
"type": "controller",
|
|
87
|
+
"class": "Decidim::SearchesController",
|
|
88
|
+
"method": "index",
|
|
89
|
+
"line": 15,
|
|
90
|
+
"file": "app/controllers/decidim/searches_controller.rb",
|
|
91
|
+
"rendered": {
|
|
92
|
+
"name": "decidim/searches/index",
|
|
93
|
+
"file": "app/views/decidim/searches/index.js.erb"
|
|
94
|
+
}
|
|
95
|
+
}
|
|
96
|
+
],
|
|
97
|
+
"location": {
|
|
98
|
+
"type": "template",
|
|
99
|
+
"template": "decidim/searches/index"
|
|
100
|
+
},
|
|
101
|
+
"user_input": "params",
|
|
102
|
+
"confidence": "Weak",
|
|
103
|
+
"note": ""
|
|
104
|
+
},
|
|
105
|
+
{
|
|
106
|
+
"warning_type": "Cross-Site Scripting",
|
|
107
|
+
"warning_code": 2,
|
|
108
|
+
"fingerprint": "b46eb40178db883a8a9065d3affe7fb7868369084048fd88321f887d8618eea5",
|
|
109
|
+
"check_name": "CrossSiteScripting",
|
|
110
|
+
"message": "Unescaped parameter value",
|
|
111
|
+
"file": "app/views/decidim/messaging/conversations/_show.html.erb",
|
|
112
|
+
"line": 29,
|
|
113
|
+
"link": "https://brakemanscanner.org/docs/warning_types/cross_site_scripting",
|
|
114
|
+
"code": "t(\".title\", :usernames => username_list(form(ConversationForm).from_params(params, :sender => current_user).recipient.to_a))",
|
|
115
|
+
"render_path": [
|
|
116
|
+
{
|
|
117
|
+
"type": "controller",
|
|
118
|
+
"class": "Decidim::Messaging::ConversationsController",
|
|
119
|
+
"method": "new",
|
|
120
|
+
"line": 35,
|
|
121
|
+
"file": "app/controllers/decidim/messaging/conversations_controller.rb",
|
|
122
|
+
"rendered": {
|
|
123
|
+
"name": "decidim/messaging/conversations/new",
|
|
124
|
+
"file": "app/views/decidim/messaging/conversations/new.html.erb"
|
|
125
|
+
}
|
|
126
|
+
},
|
|
127
|
+
{
|
|
128
|
+
"type": "template",
|
|
129
|
+
"name": "decidim/messaging/conversations/new",
|
|
130
|
+
"line": 1,
|
|
131
|
+
"file": "app/views/decidim/messaging/conversations/new.html.erb",
|
|
132
|
+
"rendered": {
|
|
133
|
+
"name": "decidim/messaging/conversations/_show",
|
|
134
|
+
"file": "app/views/decidim/messaging/conversations/_show.html.erb"
|
|
135
|
+
}
|
|
136
|
+
}
|
|
137
|
+
],
|
|
138
|
+
"location": {
|
|
139
|
+
"type": "template",
|
|
140
|
+
"template": "decidim/messaging/conversations/_show"
|
|
141
|
+
},
|
|
142
|
+
"user_input": "params",
|
|
143
|
+
"confidence": "Weak",
|
|
144
|
+
"note": ""
|
|
145
|
+
}
|
|
146
|
+
],
|
|
147
|
+
"updated": "2021-12-22 09:55:40 +0000",
|
|
148
|
+
"brakeman_version": "5.1.2"
|
|
149
|
+
}
|
|
@@ -88,7 +88,7 @@ Devise.setup do |config|
|
|
|
88
88
|
# It will change confirmation, password recovery and other workflows
|
|
89
89
|
# to behave the same regardless if the e-mail provided was right or wrong.
|
|
90
90
|
# Does not affect registerable.
|
|
91
|
-
|
|
91
|
+
config.paranoid = true
|
|
92
92
|
|
|
93
93
|
# By default Devise will store the user in session. You can skip storage for
|
|
94
94
|
# particular strategies by setting this option.
|
|
@@ -7,31 +7,33 @@ if Rails.env.production? || Rails.env.test?
|
|
|
7
7
|
config.middleware.use Rack::Attack
|
|
8
8
|
end
|
|
9
9
|
|
|
10
|
-
|
|
11
|
-
|
|
12
|
-
|
|
13
|
-
|
|
10
|
+
ActiveSupport::Reloader.to_prepare do
|
|
11
|
+
Rack::Attack.blocklist("block all access to system") do |request|
|
|
12
|
+
# Requests are blocked if the return value is truthy
|
|
13
|
+
if request.path.start_with?("/system")
|
|
14
|
+
Decidim.system_accesslist_ips.any? && Decidim.system_accesslist_ips.map { |ip_address| IPAddr.new(ip_address).include?(IPAddr.new(request.ip)) }.any?
|
|
15
|
+
end
|
|
14
16
|
end
|
|
15
|
-
end
|
|
16
17
|
|
|
17
|
-
|
|
18
|
-
|
|
19
|
-
|
|
20
|
-
|
|
21
|
-
|
|
22
|
-
|
|
23
|
-
|
|
18
|
+
unless Rails.env.test?
|
|
19
|
+
Rack::Attack.throttle(
|
|
20
|
+
"requests by ip",
|
|
21
|
+
limit: Decidim.throttling_max_requests,
|
|
22
|
+
period: Decidim.throttling_period,
|
|
23
|
+
&:ip
|
|
24
|
+
)
|
|
24
25
|
|
|
25
|
-
|
|
26
|
-
|
|
27
|
-
|
|
28
|
-
|
|
29
|
-
|
|
26
|
+
# Throttle login attempts for a given email parameter to 6 reqs/minute
|
|
27
|
+
# Return the email as a discriminator on POST /users/sign_in requests
|
|
28
|
+
Rack::Attack.throttle("limit logins per email", limit: 5, period: 60.seconds) do |request|
|
|
29
|
+
request.params["user"]["email"] if request.path == "/users/sign_in" && request.post?
|
|
30
|
+
end
|
|
30
31
|
|
|
31
|
-
|
|
32
|
-
|
|
33
|
-
|
|
34
|
-
|
|
32
|
+
# Throttle login attempts for a given email parameter to 6 reqs/minute
|
|
33
|
+
# Return the email as a discriminator on POST /users/sign_in requests
|
|
34
|
+
Rack::Attack.throttle("limit password recovery attempts per email", limit: 5, period: 60.seconds) do |request|
|
|
35
|
+
request.params["user"]["email"] if request.path == "/users/password" && request.post?
|
|
36
|
+
end
|
|
35
37
|
end
|
|
36
38
|
end
|
|
37
39
|
end
|
data/config/locales/ca.yml
CHANGED
|
@@ -967,6 +967,7 @@ ca:
|
|
|
967
967
|
show:
|
|
968
968
|
back: Tornar a totes les converses
|
|
969
969
|
chat_with: Conversa amb
|
|
970
|
+
deleted_accounts: No podeu tenir una conversa amb un compte d'usuari eliminat.
|
|
970
971
|
not_allowed: Aquesta participant no accepta missatges directes.
|
|
971
972
|
title: Conversa amb %{usernames}
|
|
972
973
|
start:
|
|
@@ -1331,6 +1332,7 @@ ca:
|
|
|
1331
1332
|
title_reply: Respondre
|
|
1332
1333
|
show:
|
|
1333
1334
|
back: Mostra totes les converses
|
|
1335
|
+
deleted_accounts: No podeu tenir una conversa amb un compte d'usuari eliminat.
|
|
1334
1336
|
not_allowed: Aquesta participant no accepta missatges directes.
|
|
1335
1337
|
title: Conversa amb %{usernames}
|
|
1336
1338
|
update:
|
data/config/locales/cs.yml
CHANGED
|
@@ -84,6 +84,49 @@ cs:
|
|
|
84
84
|
decidim_with_day_and_month_name: "%A %d %b %Y"
|
|
85
85
|
decidim_with_month_name: "%d %B %Y"
|
|
86
86
|
decidim_with_month_name_short: "%d %b"
|
|
87
|
+
datetime:
|
|
88
|
+
distance_in_words:
|
|
89
|
+
about_x_hours:
|
|
90
|
+
one: asi 1 hodina
|
|
91
|
+
few: asi %{count} hodiny
|
|
92
|
+
many: asi %{count} hodin
|
|
93
|
+
other: asi %{count} hodin
|
|
94
|
+
about_x_months:
|
|
95
|
+
one: asi 1 měsíc
|
|
96
|
+
few: asi %{count} měsíce
|
|
97
|
+
many: asi %{count} měsíců
|
|
98
|
+
other: asi %{count} měsíců
|
|
99
|
+
half_a_minute: půl minuty
|
|
100
|
+
less_than_x_minutes:
|
|
101
|
+
one: méně než minutu.
|
|
102
|
+
few: méně než %{count} minuty.
|
|
103
|
+
many: méně než %{count} minut.
|
|
104
|
+
other: méně než %{count} minut.
|
|
105
|
+
less_than_x_seconds:
|
|
106
|
+
one: právě teď
|
|
107
|
+
few: méně než %{count} vteřiny.
|
|
108
|
+
many: méně než %{count} vteřin.
|
|
109
|
+
other: méně než %{count} vteřin.
|
|
110
|
+
x_days:
|
|
111
|
+
one: před 1 dnem
|
|
112
|
+
few: "před %{count} dny"
|
|
113
|
+
many: "před %{count} ti dny"
|
|
114
|
+
other: "před %{count} ti dny"
|
|
115
|
+
x_hours:
|
|
116
|
+
one: před 1 hodinou
|
|
117
|
+
few: "před %{count} hodinami"
|
|
118
|
+
many: "před %{count} hodinami"
|
|
119
|
+
other: "před %{count} hodinami"
|
|
120
|
+
x_minutes:
|
|
121
|
+
one: před 1 minutou
|
|
122
|
+
few: "před %{count} minutami"
|
|
123
|
+
many: "před %{count} minutami"
|
|
124
|
+
other: "před %{count} minutami"
|
|
125
|
+
x_seconds:
|
|
126
|
+
one: před 1 vteřinou
|
|
127
|
+
few: "před %{count} vteřinami"
|
|
128
|
+
many: "před %{count} vteřinami"
|
|
129
|
+
other: "před %{count} vteřinami"
|
|
87
130
|
decidim:
|
|
88
131
|
accessibility:
|
|
89
132
|
external_link: Externí odkaz
|
|
@@ -527,6 +570,11 @@ cs:
|
|
|
527
570
|
this_application_will_not_be_able_to: 'Tato aplikace nebude moci:'
|
|
528
571
|
update_profile: Aktualizujte svůj profil
|
|
529
572
|
wants_to_use_your_account_html: "<strong>%{application_name}</strong> chce používat váš účet"
|
|
573
|
+
editor_images:
|
|
574
|
+
create:
|
|
575
|
+
error: Chyba při nahrávání obrázku
|
|
576
|
+
success: Obrázek byl úspěšně nahrán
|
|
577
|
+
drag_and_drop_help: Přidejte obrázky přetažením nebo vložením.
|
|
530
578
|
endorsable:
|
|
531
579
|
endorsements: Schválení
|
|
532
580
|
endorsements_count: Počet schvalování
|
|
@@ -992,6 +1040,7 @@ cs:
|
|
|
992
1040
|
show:
|
|
993
1041
|
back: Zpět ke všem konverzacím
|
|
994
1042
|
chat_with: Konverzace s
|
|
1043
|
+
deleted_accounts: Nemůžete mít konverzaci s odstraněnými účty.
|
|
995
1044
|
not_allowed: Tento uživatel nepřijímá přímé zprávy.
|
|
996
1045
|
title: Konverzace s číslem %{usernames}
|
|
997
1046
|
start:
|
|
@@ -1059,6 +1108,12 @@ cs:
|
|
|
1059
1108
|
greetings: Zdravím,<br/>%{organization_name}<br/><a href="%{organization_url}">%{organization_url}</a>
|
|
1060
1109
|
hello: Ahoj,
|
|
1061
1110
|
subject: Chcete nadále dostávat příslušné informace o %{organization_name}?
|
|
1111
|
+
notification_mailer:
|
|
1112
|
+
event_received:
|
|
1113
|
+
no_translation_available: Omlouváme se, po odeslání e-mailu nelze získat automatický překlad. Překlad původního textu můžete zkontrolovat na následujícím odkazu %{link}.
|
|
1114
|
+
original_text: 'Původní text:'
|
|
1115
|
+
same_language: Obsah byl zveřejněn ve vašem preferovaném jazyce (%{language}), proto se v tomto e-mailu nezobrazuje automatický překlad.
|
|
1116
|
+
translated_text: 'Automaticky přeložený text:'
|
|
1062
1117
|
notifications:
|
|
1063
1118
|
no_notifications: Zatím žádné oznámení.
|
|
1064
1119
|
notifications_settings:
|
|
@@ -1358,6 +1413,7 @@ cs:
|
|
|
1358
1413
|
title_reply: Odpovědět
|
|
1359
1414
|
show:
|
|
1360
1415
|
back: Zobrazit všechny konverzace
|
|
1416
|
+
deleted_accounts: Nemůžete mít konverzaci s odstraněnými účty.
|
|
1361
1417
|
not_allowed: Tento uživatel již nepřijímá žádné přímé zprávy.
|
|
1362
1418
|
title: Konverzace s %{usernames}
|
|
1363
1419
|
update:
|
|
@@ -1661,10 +1717,12 @@ cs:
|
|
|
1661
1717
|
name: Čeština
|
|
1662
1718
|
name_with_error: Čeština
|
|
1663
1719
|
password_validator:
|
|
1720
|
+
blacklisted: je na černé listině
|
|
1664
1721
|
domain_included_in_password: je příliš podobné tomuto názvu domény
|
|
1665
1722
|
email_included_in_password: je příliš podobný e-mailu
|
|
1666
1723
|
fallback: není platný
|
|
1667
1724
|
name_included_in_password: je příliš podobné vašemu jménu
|
|
1725
|
+
nickname_included_in_password: je příliš podobné vaší přezdívce
|
|
1668
1726
|
not_enough_unique_characters: nemá dostatek jedinečných znaků
|
|
1669
1727
|
password_not_allowed: není povoleno
|
|
1670
1728
|
password_too_common: je příliš běžné
|
|
@@ -1699,6 +1757,8 @@ cs:
|
|
|
1699
1757
|
day_of_week: "%a"
|
|
1700
1758
|
day_of_week_long: "%a %e"
|
|
1701
1759
|
day_of_year: "%d.%m.%y"
|
|
1760
|
+
ddmm: "%d.%m"
|
|
1761
|
+
ddmmyyyy: "%d.%m.%Y"
|
|
1702
1762
|
decidim_day_of_year: "%d %B %Y"
|
|
1703
1763
|
decidim_short: "%d/%m/%Y %H:%M"
|
|
1704
1764
|
default: "%a, %d %b %Y %H:%M:%S %z"
|