decidim-core 0.25.2 → 0.26.0.rc1

data/config/locales/lb.yml

@@ -1283,7 +1283,7 @@ lb:
         share: Deelen
         share_link: Link deelen
     statistics:
-      comments_count: Kommentare
+      comments_count: Kommentarer
       endorsements_count: Ënnerstëtzungen
       followers_count: Follower
       headline: Statistiken

data/config/locales/nl.yml

@@ -75,6 +75,33 @@ nl:
       decidim_with_day_and_month_name: "%A %d %b %Y"
       decidim_with_month_name: "%d %B %Y"
       decidim_with_month_name_short: "%d %b"
+  datetime:
+    distance_in_words:
+      about_x_hours:
+        one: ongeveer 1 uur
+        other: ongeveer %{count} uren
+      about_x_months:
+        one: ongeveer 1 maand
+        other: ongeveer %{count} maanden
+      half_a_minute: een halve minuut
+      less_than_x_minutes:
+        one: minder dan een minuut
+        other: minder dan %{count} minuten
+      less_than_x_seconds:
+        one: nu meteen
+        other: minder dan %{count} seconden
+      x_days:
+        one: 1 dag geleden
+        other: "%{count} dagen geleden"
+      x_hours:
+        one: 1 uur geleden
+        other: "%{count} uren geleden"
+      x_minutes:
+        one: 1 minuut geleden
+        other: "%{count} minuten geleden"
+      x_seconds:
+        one: 1 seconde geleden
+        other: "%{count} seconden geleden"
   decidim:
     accessibility:
       external_link: Externe link
@@ -495,6 +522,11 @@ nl:
           this_application_will_not_be_able_to: 'Deze applicatie krijgt geen toegang tot:'
           update_profile: update je profiel
           wants_to_use_your_account_html: "<strong>%{application_name}</strong> wil toegang tot je account"
+    editor_images:
+      create:
+        error: Fout bij het uploaden van een afbeelding
+        success: Afbeelding met succes geüploaded
+      drag_and_drop_help: Voeg afbeeldingen toe door ze te slepen of te plakken.
     endorsable:
       endorsements: Aanbevelingen
       endorsements_count: Aantal suggesties
@@ -677,6 +709,7 @@ nl:
       no_followers: Nog geen volgers.
     following:
       no_followings: Volgt nog niets of niemand.
+      non_public_followings: Sommige van de gevolgde bronnen zijn niet openbaar.
     follows:
       create:
         button: Volgen
@@ -837,6 +870,15 @@ nl:
       index:
         last_activity: Laatste Activiteit
         resource_type: Type
+    links:
+      invalid_url: Ongeldige URL
+      warning:
+        body_1: Je staat op het punt om een externe link te bezoeken, wees voorzichtig met de inhoud van de externe site.
+        body_2: Controleer de link, zorg ervoor dat je deze herkent als een veilige site voor je verdergaat.
+        cancel: Annuleer
+        close_modal: Sluit venster
+        proceed: Doorgaan
+        title: Externe link openen
     log:
       base_presenter:
         create: "%{user_name} gemaakt %{resource_name}"
@@ -939,6 +981,7 @@ nl:
         show:
           back: Terug naar alle gesprekken
           chat_with: Gesprek met
+          deleted_accounts: Je kunt geen gesprek voeren met verwijderde accounts.
           not_allowed: Deze deelnemer aanvaardt geen rechtstreekse berichten.
           title: Gesprek met %{usernames}
         start:
@@ -1006,6 +1049,12 @@ nl:
         greetings: Groeten,<br/>%{organization_name}<br/><a href="%{organization_url}">%{organization_url}</a>
         hello: Hallo,
         subject: Wilt u relevante informatie over %{organization_name}blijven ontvangen?
+    notification_mailer:
+      event_received:
+        no_translation_available: Sorry, de geautomatiseerde vertaling kon niet worden opgehaald toen de e-mail is verzonden. Je kan de vertaling van de oorspronkelijke tekst controleren via de volgende link %{link}.
+        original_text: 'Originele tekst:'
+        same_language: De inhoud werd in je voorkeurstaal (%{language}) geplaatst. Dit is de reden waarom er geen automatische vertaling wordt weergegeven in deze e-mail.
+        translated_text: 'Automatisch vertaalde tekst:'
     notifications:
       no_notifications: Nog geen meldingen.
     notifications_settings:
@@ -1289,6 +1338,7 @@ nl:
         title_reply: Beantwoorden
       show:
         back: Toon alle gesprekken
+        deleted_accounts: Je kunt geen gesprek voeren met verwijderde accounts.
         not_allowed: Deze gebruiker accepteert geen directe berichten meer.
         title: Gesprek met %{usernames}
       update:
@@ -1573,10 +1623,12 @@ nl:
     name: Nederlands
     name_with_error: Engels (fout!)
   password_validator:
+    blacklisted: staat op de zwarte lijst
     domain_included_in_password: lijkt te veel op deze domeinnaam
     email_included_in_password: lijkt te veel op uw e-mail
     fallback: is niet geldig
     name_included_in_password: lijkt te veel op uw naam
+    nickname_included_in_password: lijkt te veel op jouw bijnaam
     not_enough_unique_characters: heeft niet genoeg unieke tekens
     password_not_allowed: is niet toegestaan
     password_too_common: te algemeen
@@ -1611,6 +1663,8 @@ nl:
       day_of_week: "%a"
       day_of_week_long: "%a %e"
       day_of_year: "%d.%m.%y"
+      ddmm: "%d.%m"
+      ddmmyyyy: "%d.%m.%Y"
       decidim_day_of_year: "%d %B %Y"
       decidim_short: "%d/%m/%Y %H:%M"
       default: "%a, %d %b %Y %H:%M:%S %z"

data/config/locales/pl.yml

@@ -412,7 +412,7 @@ pl:
         button_url: Adres url przycisku CTA
         description: Opis
       footer_sub_hero:
-        name: Banner podrzędny stopki
+        name: Baner podrzędny stopki
       hero:
         name: Obraz główny
       hero_settings_form:
@@ -439,7 +439,7 @@ pl:
       stats:
         name: Statystyki organizacji
       sub_hero:
-        name: Banner podrzędny
+        name: Baner podrzędny
     core:
       actions:
         login_before_access: Zaloguj się na swoje konto, żeby mieć dostęp
@@ -469,7 +469,7 @@ pl:
           newsletter: Chcę otrzymywać okazjonalne newslettery z istotnymi informacjami
           newsletter_title: Zgoda na subskrybcję
           nickname_help: Twój pseudonim w %{organization}. Może zawierać tylko litery, cyfry, '-' i '_'.
-          password_help: "Minimalna liczba znaków: %{minimun_characters}; nie może być zbyt powszechny (np. 123456) i musi różnić się od Twojego pseudonimu i adresu e-mail."
+          password_help: "Minimalna liczba znaków: %{minimun_characters}; nie może być zbyt powszechne (np. 123456) i musi różnić się od Twojego pseudonimu i adresu e-mail."
           sign_in: Zaloguj się
           sign_up: Zarejestruj się
           sign_up_as:
@@ -682,7 +682,7 @@ pl:
         click_button: 'Kliknij poniższy przycisk, aby pobrać swoje dane. <br/>Plik będzie dostępny do %{date}. <br/>Będziesz potrzebował <a href=''''https://www.7-zip.org/''''>7-Zip</a> (Windows), <a href="https://www.keka.io/en/">Keka</a> (MacOS) lub <a href="https://peazip.github.io">PeaZip</a> (Linux) do otwarcia pliku. Hasło: %{password}'
         download: Pobieranie
       export:
-        ready: Znajdź załączoną wersję eksportowanego pliku.
+        ready: Mail zawiera załączony plik eksportu.
       subject: Twój eksport "%{name}" jest gotowy
     filters:
       linked_classes:
@@ -1487,7 +1487,7 @@ pl:
         change_your_password: Zmień swoje hasło
         confirm_new_password: Potwierdź nowe hasło
         new_password: Nowe hasło
-        password_help: "Minimalna liczba znaków: %{minimun_characters}; nie może być zbyt powszechny (np. 123456) i musi różnić się od Twojego pseudonimu i adresu e-mail."
+        password_help: "Minimalna liczba znaków: %{minimun_characters}; nie może być zbyt powszechne (np. 123456) i musi różnić się od Twojego pseudonimu i adresu e-mail."
       new:
         forgot_your_password: Zapomniałeś hasła?
         send_me_reset_password_instructions: Wyślij mi instrukcje resetowania hasła

data/config/locales/pt-BR.yml

@@ -1,4 +1,4 @@
-pt:
+pt-BR:
   activemodel:
     attributes:
       account:

data/config/locales/ro-RO.yml

@@ -80,6 +80,9 @@ ro:
       decidim_with_day_and_month_name: "%A %d %b %Y"
       decidim_with_month_name: "%d %B %Y"
       decidim_with_month_name_short: "%d %b"
+  datetime:
+    distance_in_words:
+      half_a_minute: jumătate de minut
   decidim:
     accessibility:
       external_link: Link extern
@@ -518,6 +521,11 @@ ro:
           this_application_will_not_be_able_to: 'Această aplicație nu va putea să:'
           update_profile: Actualizeză-ți profilul
           wants_to_use_your_account_html: "<strong>%{application_name}</strong> vrea să folosească contul tău"
+    editor_images:
+      create:
+        error: Eroare la încărcarea imaginii
+        success: Imaginea a fost încărcată cu succes
+      drag_and_drop_help: Adaugă imagini prin tragere & plasare sau lipirea lor.
     endorsable:
       endorsements: Susținători
       endorsements_count: Număr de susțineri

data/config/locales/sv.yml

@@ -505,6 +505,11 @@ sv:
           this_application_will_not_be_able_to: 'Det här programmet kommer inte att kunna:'
           update_profile: Uppdatera din profil
           wants_to_use_your_account_html: "<strong>%{application_name}</strong> vill använda ditt konto"
+    editor_images:
+      create:
+        error: Fel vid uppladdning av bild
+        success: Bilden har laddats upp
+      drag_and_drop_help: Lägg till bilder genom att dra och släppa eller klistra in dem.
     endorsable:
       endorsements: Instämmanden
       endorsements_count: Antal Endorsements

data/config/locales/val-ES.yml

@@ -0,0 +1 @@
+val:

data/config/routes.rb

@@ -156,6 +156,8 @@ Decidim::Core::Engine.routes.draw do
     end
   end
 
+  resources :editor_images, only: [:create]
+
   namespace :gamification do
     resources :badges, only: [:index]
   end

data/db/migrate/20210730112319_create_decidim_editor_images.rb

@@ -0,0 +1,12 @@
+# frozen_string_literal: true
+
+class CreateDecidimEditorImages < ActiveRecord::Migration[6.0]
+  def change
+    create_table :decidim_editor_images do |t|
+      t.references :decidim_author, null: false, foreign_key: { to_table: :decidim_users }, index: { name: "decidim_editor_images_author" }
+      t.references :decidim_organization, null: false, foreign_key: true, index: { name: "decidim_editor_images_constraint_organization" }
+
+      t.timestamps
+    end
+  end
+end

data/db/migrate/20211126183540_add_timestamps_to_content_blocks.rb

@@ -0,0 +1,14 @@
+# frozen_string_literal: true
+
+class AddTimestampsToContentBlocks < ActiveRecord::Migration[6.0]
+  def up
+    add_timestamps :decidim_content_blocks, default: Time.zone.now
+    change_column_default :decidim_content_blocks, :created_at, nil
+    change_column_default :decidim_content_blocks, :updated_at, nil
+  end
+
+  def down
+    remove_column :decidim_content_blocks, :updated_at
+    remove_column :decidim_content_blocks, :created_at
+  end
+end

data/db/seeds.rb

@@ -132,21 +132,23 @@ if !Rails.env.production? || ENV["SEED"]
     admin_terms_accepted_at: Time.current
   )
 
-  regular_user = Decidim::User.find_or_initialize_by(email: "user@example.org")
+  ["user@example.org", "user2@example.org"].each do |email|
+    Decidim::User.find_or_initialize_by(email: email).update!(
+      name: Faker::Name.name,
+      nickname: Faker::Twitter.unique.screen_name,
+      password: "decidim123456",
+      password_confirmation: "decidim123456",
+      confirmed_at: Time.current,
+      locale: I18n.default_locale,
+      organization: organization,
+      tos_agreement: true,
+      personal_url: Faker::Internet.url,
+      about: Faker::Lorem.paragraph(sentence_count: 2),
+      accepted_tos_version: organization.tos_version
+    )
+  end
 
-  regular_user.update!(
-    name: Faker::Name.name,
-    nickname: Faker::Twitter.unique.screen_name,
-    password: "decidim123456",
-    password_confirmation: "decidim123456",
-    confirmed_at: Time.current,
-    locale: I18n.default_locale,
-    organization: organization,
-    tos_agreement: true,
-    personal_url: Faker::Internet.url,
-    about: Faker::Lorem.paragraph(sentence_count: 2),
-    accepted_tos_version: organization.tos_version
-  )
+  regular_user = Decidim::User.find_or_initialize_by(email: "user@example.org")
 
   locked_user = Decidim::User.find_or_initialize_by(email: "locked_user@example.org")
 

data/lib/decidim/api/functions/user_entity_list.rb

@@ -20,6 +20,7 @@ module Decidim
         @query = Decidim::UserBaseEntity
                  .where(organization: ctx[:current_organization])
                  .where.not(confirmed_at: nil)
+                 .includes(avatar_attachment: :blob)
         add_filter_keys(args[:filter])
         add_order_keys(args[:order].to_h)
         @query

data/lib/decidim/api/input_sorts/component_input_sort.rb

@@ -23,7 +23,7 @@ module Decidim
                prepare: lambda { |direction, ctx|
                           lambda { |locale|
                             locale = ctx[:current_organization].default_locale if locale.blank?
-                            [Arel.sql("name->? #{direction.upcase}"), locale]
+                            [Arel.sql("name->? #{direction.upcase}").to_s, locale]
                           }
                         }
     end

data/lib/decidim/common_passwords.rb

@@ -0,0 +1,56 @@
+# frozen_string_literal: true
+
+module Decidim
+  class CommonPasswords
+    include Singleton
+
+    attr_reader :passwords
+
+    URLS = %w(
+      https://raw.githubusercontent.com/danielmiessler/SecLists/master/Passwords/xato-net-10-million-passwords-1000000.txt
+      https://raw.githubusercontent.com/danielmiessler/SecLists/master/Passwords/darkweb2017-top10000.txt
+      https://raw.githubusercontent.com/danielmiessler/SecLists/master/Passwords/Common-Credentials/10-million-password-list-top-1000000.txt
+    ).freeze
+
+    def initialize
+      raise FileNotFoundError unless File.exist?(self.class.common_passwords_path)
+
+      File.open(self.class.common_passwords_path, "r") do |file|
+        @passwords = file.read.split
+      end
+    end
+
+    def self.update_passwords!
+      File.open(common_passwords_path, "w") do |file|
+        common_password_list.each { |item| file.puts(item) }
+      end
+    end
+
+    def self.common_password_list
+      @common_password_list ||= begin
+        list = []
+        URLS.each do |url|
+          URI.open(url) do |data|
+            data.read.split.each do |line|
+              list << line if line.length >= min_length
+            end
+          end
+        end
+
+        list.uniq
+      end
+    end
+
+    def self.min_length
+      return ::PasswordValidator::MINIMUM_LENGTH if defined?(::PasswordValidator)
+
+      10
+    end
+
+    def self.common_passwords_path
+      File.join(__dir__, "db", "common-passwords.txt")
+    end
+
+    class FileNotFoundError < StandardError; end
+  end
+end

data/lib/decidim/content_parsers/inline_images_parser.rb

@@ -0,0 +1,68 @@
+# frozen_string_literal: true
+
+module Decidim
+  module ContentParsers
+    # A parser that searches for inline images in an html content and
+    # replaces them with EditorImage attachments. Note that rewrite method may
+    # create EditorImage instances
+    #
+    # @see BaseParser Examples of how to use a content parser
+    class InlineImagesParser < BaseParser
+      # @return [String] the content with the inline images replaced.
+      def rewrite
+        return content unless inline_images?
+
+        replace_inline_images
+        parsed_content.to_html
+      end
+
+      def inline_images?
+        parsed_content.search(:img).find do |image|
+          image.attr(:src).start_with?(%r{data:image/[a-z]{3,4};base64,})
+        end
+      end
+
+      private
+
+      def parsed_content
+        @parsed_content ||= Nokogiri::HTML(content)
+      end
+
+      def replace_inline_images
+        parsed_content.search(:img).each do |image|
+          next unless image.attr(:src).start_with?(%r{data:image/[a-z]{3,4};base64,})
+
+          file = base64_tempfile(image.attr(:src))
+          editor_image = EditorImage.create!(
+            decidim_author_id: context[:user]&.id,
+            organization: context[:user].organization,
+            file: file
+          )
+
+          image.set_attribute(:src, editor_image.attached_uploader(:file).path)
+        end
+      end
+
+      def base64_tempfile(base64_data, filename = nil)
+        return base64_data unless base64_data.is_a? String
+
+        start_regex = %r{data:image/[a-z]{3,4};base64,}
+        filename ||= SecureRandom.hex
+
+        regex_result = start_regex.match(base64_data)
+
+        return unless base64_data && regex_result
+
+        start = regex_result.to_s
+        tempfile = Tempfile.new(filename)
+        tempfile.binmode
+        tempfile.write(Base64.decode64(base64_data[start.length..-1]))
+        ActionDispatch::Http::UploadedFile.new(
+          tempfile: tempfile,
+          filename: filename,
+          original_filename: filename
+        )
+      end
+    end
+  end
+end

data/lib/decidim/content_parsers.rb

@@ -8,5 +8,6 @@ module Decidim
     autoload :HashtagParser, "decidim/content_parsers/hashtag_parser"
     autoload :NewlineParser, "decidim/content_parsers/newline_parser"
     autoload :LinkParser, "decidim/content_parsers/link_parser"
+    autoload :InlineImagesParser, "decidim/content_parsers/inline_images_parser"
   end
 end

data/lib/decidim/content_renderers/link_renderer.rb

@@ -2,6 +2,7 @@
 
 module Decidim
   module ContentRenderers
+    # Original: https://github.com/neighborland/anchored/
     # A renderer that converts URLs to links and strips attributes in anchors.
     #
     # Examples:
@@ -20,7 +21,90 @@ module Decidim
         return content unless content.is_a?(String)
 
         options = { target: "_blank", rel: "nofollow noopener" }.merge(options)
-        Anchored::Linker.auto_link(content, options)
+        auto_link(content, options)
+      end
+
+      def auto_link(text, options = {}, &block)
+        return "" if text.to_s.empty?
+
+        auto_link_urls(text, options, &block)
+      end
+
+      # remove_target_if_local("http://same.com/x", "same.com", target: "_blank")
+      # => <a href="http://same.com/x">http://same.com/x</a>
+      #
+      # remove_target_if_local("http://same.com/x", "different.com", target: "_blank")
+      # => <a href="http://same.com/x" target="_blank">http://same.com/x</a>
+      #
+      # modifies options in place
+      def remove_target_if_local(href, domain, options)
+        return unless options[:target]
+
+        options.delete(:target) if href.include?("//#{domain}")
+      end
+
+      private
+
+      AUTO_LINK_RE = %r{(?: ((?:ftp|http|https):)// | www\. )[^\s<\u00A0"]+}ix.freeze
+
+      # # regexps for determining context, used high-volume
+      AUTO_LINK_CRE = [/<[^>]+$/, /^[^>]*>/, /<a\b.*?>/i, %r{</a>}i].freeze
+
+      PUNCTUATION_RE = %r{[^\p{Word}/=&]$}.freeze
+
+      BRACKETS = { "]" => "[", ")" => "(", "}" => "{" }.freeze
+
+      # Turns all urls into clickable links.  If a block is given, each url
+      # is yielded and the result is used as the link text.
+      def auto_link_urls(text, options = {})
+        # to_str is for SafeBuffer objects (text marked html_safe)
+        text.to_str.gsub(AUTO_LINK_RE) do
+          match = Regexp.last_match
+          href = match[0]
+          scheme = match[1]
+          punctuation = []
+
+          if auto_linked?(match)
+            # do not change string; URL is already linked
+            href
+          else
+            # don't include trailing punctuation character as part of the URL
+            while href.sub!(PUNCTUATION_RE, "")
+              punctuation.push Regexp.last_match(0)
+              if (opening = BRACKETS[punctuation.last]) && href.scan(opening).size > href.scan(punctuation.last).size
+                href << punctuation.pop
+                break
+              end
+            end
+
+            link_text = block_given? ? yield(href) : href
+            href = "http://#{href}" unless scheme
+
+            # content_tag(:a, link_text, html.merge(href: href)) + punctuation.reverse.join('')
+            anchor_tag(href, link_text, options) + punctuation.reverse.join
+          end
+        end
+      end
+
+      # Detects already linked context or position in the middle of a tag
+      # Note: this changes the current Regexp
+      def auto_linked?(match)
+        left = match.pre_match
+        right = match.post_match
+        (left =~ AUTO_LINK_CRE[0] && right =~ AUTO_LINK_CRE[1]) ||
+          (left.rindex(AUTO_LINK_CRE[2]) && Regexp.last_match.post_match !~ AUTO_LINK_CRE[3])
+      end
+
+      def anchor_attrs(options)
+        options.map { |k, v| %(#{k}="#{v}") }.unshift("").join(" ")
+      end
+
+      def anchor_tag(href, text, options)
+        options = options.dup
+        if (domain = options.delete(:domain))
+          remove_target_if_local href, domain, options
+        end
+        %(<a href="#{href}"#{anchor_attrs(options)}>#{text}</a>)
       end
     end
   end

data/lib/decidim/content_renderers/user_group_renderer.rb

@@ -10,7 +10,7 @@ module Decidim
     # @see BaseRenderer Examples of how to use a content renderer
     class UserGroupRenderer < BaseRenderer
       # Matches a global id representing a Decidim::UserGroup
-      GLOBAL_ID_REGEX = %r{gid://\S+/Decidim::UserGroup/\d+}.freeze
+      GLOBAL_ID_REGEX = %r{gid://[\w-]+/Decidim::UserGroup/\d+}.freeze
 
       # Replaces found Global IDs matching an existing user with
       # a link to their profile. The Global IDs representing an

data/lib/decidim/content_renderers/user_renderer.rb

@@ -10,7 +10,7 @@ module Decidim
     # @see BaseRenderer Examples of how to use a content renderer
     class UserRenderer < BaseRenderer
       # Matches a global id representing a Decidim::User
-      GLOBAL_ID_REGEX = %r{gid://\S+/Decidim::User/\d+}.freeze
+      GLOBAL_ID_REGEX = %r{gid://[\w-]+/Decidim::User/\d+}.freeze
 
       # Replaces found Global IDs matching an existing user with
       # a link to their profile. The Global IDs representing an

data/lib/decidim/core/engine.rb

@@ -17,7 +17,6 @@ require "rectify"
 require "carrierwave"
 require "rails-i18n"
 require "date_validator"
-require "truncato"
 require "file_validators"
 require "omniauth"
 require "omniauth-facebook"
@@ -34,11 +33,9 @@ require "cell/partial"
 require "kaminari"
 require "doorkeeper"
 require "doorkeeper-i18n"
-require "nobspw"
 require "batch-loader"
-require "etherpad-lite"
+require "mime-types"
 require "diffy"
-require "anchored"
 require "social-share-button"
 require "ransack"
 require "searchlight"
@@ -85,8 +82,6 @@ module Decidim
       end
 
       initializer "decidim.graphql_api" do
-        # Enable them method `!` everywhere for compatibility, this line will be removed when upgrading to GraphQL 2.0
-        GraphQL::DeprecatedDSL.activate
         Decidim::Api::QueryType.include Decidim::QueryExtensions
 
         Decidim::Api.add_orphan_type Decidim::Core::UserType
@@ -304,7 +299,7 @@ module Decidim
 
       initializer "SSL and HSTS" do
         Rails.application.configure do
-          config.force_ssl = Rails.env.production? && Decidim.config.force_ssl
+          config.force_ssl = Decidim.config.force_ssl
         end
       end
 
@@ -315,7 +310,7 @@ module Decidim
       end
 
       initializer "Expire sessions" do
-        Rails.application.config.session_store :cookie_store, expire_after: Decidim.config.expire_session_after
+        Rails.application.config.session_store :cookie_store, secure: Decidim.config.force_ssl, expire_after: Decidim.config.expire_session_after
       end
 
       initializer "decidim.core.register_resources" do
@@ -542,10 +537,6 @@ module Decidim
         end
       end
 
-      initializer "nbspw" do
-        NOBSPW.configuration.use_ruby_grep = true
-      end
-
       initializer "decidim.premailer" do
         Premailer::Adapter.use = :decidim
       end

data/lib/decidim/core/test/factories.rb

@@ -248,7 +248,7 @@ FactoryBot.define do
   end
 
   factory :user_group_membership, class: "Decidim::UserGroupMembership" do
-    user
+    user { create(:user, :confirmed, organization: user_group.organization) }
     role { :creator }
     user_group
   end
@@ -749,4 +749,10 @@ FactoryBot.define do
       last_used_at { 1.hour.ago }
     end
   end
+
+  factory :editor_image, class: "Decidim::EditorImage" do
+    organization
+    author { create(:user, :admin, :confirmed, organization: organization) }
+    file { Decidim::Dev.test_file("city.jpeg", "image/jpeg") }
+  end
 end