decidim-core 0.26.0.rc2 → 0.26.2

data/app/packs/src/decidim/session_timeouter.js

@@ -1,5 +1,4 @@
 import moment from "moment"
-import Foundation from "foundation-sites"
 
 $(() => {
   let sessionTimeOutEnabled = true;
@@ -8,17 +7,18 @@ $(() => {
   const secondsUntilTimeoutPath = $timeoutModal.data("seconds-until-timeout-path");
   const heartbeatPath = $timeoutModal.data("heartbeat-path");
   const interval = parseInt($timeoutModal.data("session-timeout-interval"), 10);
+  const preventTimeOutSeconds = $timeoutModal.data("prevent-timeout-seconds");
   let endsAt = moment().add(timeoutInSeconds, "seconds");
   let lastAction = moment();
-  const popup = new Foundation.Reveal($timeoutModal);
   const $continueSessionButton = $("#continueSession");
   let lastActivityCheck = moment();
   // 5 * 60 seconds = 5 Minutes
   const activityCheckInterval = 5 * 60;
+  const preventTimeOutUntil = moment().add(preventTimeOutSeconds, "seconds");
 
   // Ajax request is made at timeout_modal.html.erb
   $continueSessionButton.on("click", () => {
-    $("#timeoutModal").foundation("close");
+    $timeoutModal.foundation("close");
     // In admin panel we have to hide all overlays
     $(".reveal-overlay").css("display", "none");
     lastActivityCheck = moment();
@@ -82,7 +82,12 @@ $(() => {
     }
 
     const timeRemaining = Math.round((endsAt - moment()) / 1000);
-    if (timeRemaining > 150) {
+    if (timeRemaining > 170) {
+      return;
+    }
+
+    if (moment() < preventTimeOutUntil) {
+      heartbeat();
       return;
     }
 
@@ -95,7 +100,7 @@ $(() => {
       } else if (secondsUntilSessionExpires <= 90) {
         $timeoutModal.find("#reveal-hidden-sign-out")[0].click();
       } else if (secondsUntilSessionExpires <= 150) {
-        popup.open();
+        $timeoutModal.foundation("open");
       }
     });
   }, interval);

data/app/packs/src/decidim/vendor/social-share-button.js

@@ -0,0 +1,174 @@
+/* eslint-disable complexity, default-case, no-param-reassign, consistent-return */
+
+/*
+ *
+ * Social Share Button
+ *
+ * Copyright (c) <2012> <Jason Lee> - The MIT license
+ * Originally copied fom https://github.com/huacnlee/social-share-button
+ * Transformed from Coffescript to Javascipt with decaffeintate
+ *
+ * We've copied itlocally so it works with webpacker
+ *
+ * decaffeinate suggestions:
+ * DS102: Remove unnecessary code created because of implicit returns
+ * DS205: Consider reworking code to avoid use of IIFEs
+ * DS207: Consider shorter variations of null checks
+ * Full docs: https://github.com/decaffeinate/decaffeinate/blob/master/docs/suggestions.md
+ */
+window.SocialShareButton = {
+  openUrl(url, width, height) {
+    if (width === null) {
+      width = 640;
+    }
+    if (height === null) {
+      height = 480;
+    }
+    const left = (screen.width / 2) - (width / 2);
+    const top = (screen.height * 0.3) - (height / 2);
+    const opt = `width=${width},height=${height},left=${left},top=${top},menubar=no,status=no,location=no`;
+    window.open(url, "popup", opt);
+    return false;
+  },
+
+  share(el) {
+    if (el.getAttribute === null) {
+      el = document.querySelector(el);
+    }
+
+    const site = el.getAttribute("data-site");
+    const appkey = el.getAttribute("data-appkey") || "";
+    const $parent = el.parentNode;
+    let title = encodeURIComponent(el.getAttribute(`data-${site}-title`) || $parent.getAttribute("data-title") || "");
+    const img = encodeURIComponent($parent.getAttribute("data-img") || "");
+    let url = encodeURIComponent($parent.getAttribute("data-url") || "");
+    const via = encodeURIComponent($parent.getAttribute("data-via") || "");
+    const desc = encodeURIComponent($parent.getAttribute("data-desc") || " ");
+
+    // tracking click events if google analytics enabled
+    const ga = window[window.GoogleAnalyticsObject || "ga"];
+    if (typeof ga === "function") {
+      ga("send", "event", "Social Share Button", "click", site);
+    }
+
+    if (url.length === 0) {
+      url = encodeURIComponent(location.href);
+    }
+    switch (site) {
+    case "email":
+      location.href = `mailto:?subject=${title}&body=${url}`;
+      break;
+    case "weibo":
+      this.openUrl(`http://service.weibo.com/share/share.php?url=${url}&type=3&pic=${img}&title=${title}&appkey=${appkey}`, 620, 370);
+      break;
+    case "twitter": {
+      let hashtags = encodeURIComponent(el.getAttribute(`data-${site}-hashtags`) || $parent.getAttribute("data-hashtags") || "");
+      let viaStr = "";
+      if (via.length > 0) {
+        viaStr = `&via=${via}`;
+      }
+      this.openUrl(`https://twitter.com/intent/tweet?url=${url}&text=${title}&hashtags=${hashtags}${viaStr}`, 650, 300);
+      break;
+    }
+    case "douban":
+      this.openUrl(`http://shuo.douban.com/!service/share?href=${url}&name=${title}&image=${img}&sel=${desc}`, 770, 470);
+      break;
+    case "facebook":
+      this.openUrl(`http://www.facebook.com/sharer/sharer.php?u=${url}`, 555, 400);
+      break;
+    case "qq":
+      this.openUrl(`http://sns.qzone.qq.com/cgi-bin/qzshare/cgi_qzshare_onekey?url=${url}&title=${title}&pics=${img}&summary=${desc}&site=${appkey}`);
+      break;
+    case "google_bookmark":
+      this.openUrl(`https://www.google.com/bookmarks/mark?op=edit&output=popup&bkmk=${url}&title=${title}`);
+      break;
+    case "delicious":
+      this.openUrl(`https://del.icio.us/save?url=${url}&title=${title}&jump=yes&pic=${img}`);
+      break;
+    case "pinterest":
+      this.openUrl(`http://www.pinterest.com/pin/create/button/?url=${url}&media=${img}&description=${title}`);
+      break;
+    case "linkedin":
+      this.openUrl(`https://www.linkedin.com/shareArticle?mini=true&url=${url}&title=${title}&summary=${desc}`);
+      break;
+    case "xing":
+      this.openUrl(`https://www.xing.com/spi/shares/new?url=${url}`);
+      break;
+    case "vkontakte":
+      this.openUrl(`http://vk.com/share.php?url=${url}&title=${title}&image=${img}`);
+      break;
+    case "odnoklassniki":
+      this.openUrl(`https://connect.ok.ru/offer?url=${url}&title=${title}&description=${desc}&imageUrl=${img}`);
+      break;
+    case "wechat":
+      if (!window.SocialShareWeChatButton) {
+        throw new Error("You should require social-share-button/wechat to your application.js");
+      }
+      window.SocialShareWeChatButton.qrcode({
+        url: decodeURIComponent(url),
+        header: el.getAttribute("title"),
+        footer: el.getAttribute("data-wechat-footer")
+      });
+      break;
+
+    case "tumblr": {
+      let getTumblrExtra = (param) => {
+        const cutomData = el.getAttribute(`data-${param}`);
+        if (cutomData) {
+          return encodeURIComponent(cutomData);
+        }
+      };
+
+      let tumblrParams = () => {
+        const path = getTumblrExtra("type") || "link";
+
+        const params = (() => {
+          switch (path) {
+          case "text": {
+            title = getTumblrExtra("title") || title;
+            return `title=${title}`;
+          }
+          case "photo": {
+            title = getTumblrExtra("caption") || title;
+            let source = getTumblrExtra("source") || img;
+            return `caption=${title}&source=${source}`;
+          }
+          case "quote": {
+            let quote = getTumblrExtra("quote") || title;
+            let source = getTumblrExtra("source") || "";
+            return `quote=${quote}&source=${source}`;
+          }
+          // actually, it's a link clause
+          default: {
+            title = getTumblrExtra("title") || title;
+            url = getTumblrExtra("url") || url;
+            return `name=${title}&url=${url}`;
+          }} })();
+
+        return `/${path}?${params}`;
+      };
+
+      this.openUrl(`http://www.tumblr.com/share${tumblrParams()}`);
+      break;
+    }
+    case "reddit":
+      this.openUrl(`http://www.reddit.com/submit?url=${url}&newwindow=1`, 555, 400);
+      break;
+    case "hacker_news":
+      this.openUrl(`http://news.ycombinator.com/submitlink?u=${url}&t=${title}`, 770, 500);
+      break;
+    case "telegram":
+      this.openUrl(`https://telegram.me/share/url?text=${title}&url=${url}`);
+      break;
+    case "whatsapp_app": {
+      let whatsappAppUrl = `whatsapp://send?text=${title}%0A${url}`;
+      window.open(whatsappAppUrl, "_top");
+      break;
+    }
+    case "whatsapp_web":
+      this.openUrl(`https://web.whatsapp.com/send?text=${title}%0A${url}`);
+      break;
+    }
+    return false;
+  }
+};

data/app/packs/stylesheets/decidim/extras/_quill.scss

@@ -13,8 +13,7 @@
 }
 
 .ql-reset-decidim{
-  display: flex;
-  flex-direction: column;
+  display: inline;
   padding: 0;
   white-space: inherit;
 }

data/app/packs/stylesheets/decidim/modules/_buttons.scss

@@ -372,7 +372,7 @@
 .link{
   cursor: pointer;
   color: var(--secondary);
-  font-weight: 600;
+  font-weight: $anchor-font-weight;
 
   &:hover{
     color: $anchor-color-hover;
@@ -384,6 +384,7 @@
 .link-alt{
   cursor: pointer;
   color: $anchor-color;
+  font-weight: $anchor-font-weight;
 
   &:hover{
     color: $anchor-color-hover;

data/app/packs/stylesheets/decidim/modules/_comments.scss

@@ -31,6 +31,7 @@ $comment-form-bg: $light-gray;
   display: flex;
 
   .comment__edited,
+  .comment__moderated,
   .comment__deleted{
     font-style: italic;
     color: $muted;

data/app/packs/stylesheets/decidim/modules/_forms.scss

@@ -135,13 +135,18 @@ input[type="radio"]{
   }
 
   &__trigger{
+    position: relative;
+    top: -$form-spacing;
+  }
+
+  &__button{
     position: absolute;
     bottom: $global-margin * .5;
     right: $global-margin;
     cursor: pointer;
   }
 
-  &__trigger svg{
+  &__button svg{
     width: 1em;
   }
 }

data/app/packs/stylesheets/decidim/modules/_typography.scss

@@ -9,6 +9,7 @@ input{
 
 a{
   color: $anchor-color;
+  font-weight: $anchor-font-weight;
 
   &:hover{
     color: $anchor-color-hover;
@@ -89,6 +90,7 @@ button{
 
 .heading-small{
   font-size: 1rem;
+  line-height: $header-lineheight;
 }
 
 hr{

data/app/packs/stylesheets/decidim/utils/_settings.scss

@@ -206,6 +206,7 @@ $anchor-outline-focus: 1px dotted rgba(black, .5);
 $anchor-outline-offset: 2px;
 $anchor-text-decoration: none;
 $anchor-text-decoration-hover: none;
+$anchor-font-weight: $global-weight-normal;
 $hr-width: $global-width;
 $hr-border: 1px solid $medium-gray;
 $hr-margin: 6rem auto 5rem;

data/app/packs/stylesheets/decidim/vendor/_social_share_button.scss

@@ -1,4 +1,10 @@
-// From social-share-button gem
+//
+// Social Share Button
+//
+// Copyright (c) <2012> <Jason Lee> - The MIT license
+// Originally copied fom https://github.com/huacnlee/social-share-button
+// Adapted to Decidim assets pipeline
+//
 
 .social-share-button .ssb-icon{
   background-position: center center;

data/app/permissions/decidim/permissions.rb

@@ -10,6 +10,8 @@ module Decidim
       component_public_action?
       search_scope_action?
 
+      public_report_content_action?
+
       return permission_action unless user
 
       user_manager_permissions
@@ -28,6 +30,13 @@ module Decidim
 
     private
 
+    def public_report_content_action?
+      return unless permission_action.action == :create &&
+                    permission_action.subject == :moderation
+
+      allow!
+    end
+
     def read_public_pages_action?
       return unless permission_action.subject == :public_page &&
                     permission_action.action == :read

data/app/presenters/decidim/menu_item_presenter.rb

@@ -27,7 +27,7 @@ module Decidim
 
     def render
       content_tag :li, class: link_wrapper_classes do
-        output = [link_to(composed_label, url)]
+        output = [link_to(composed_label, url, link_options)]
         output.push(@view.send(:simple_menu, @menu_item.submenu).render) if @menu_item.submenu
 
         safe_join(output)
@@ -36,6 +36,14 @@ module Decidim
 
     private
 
+    def link_options
+      if is_active_link?(url, active)
+        { aria: { current: "page" } }
+      else
+        {}
+      end
+    end
+
     def composed_label
       icon_name.present? ? icon(icon_name) + label : label
     end

data/app/validators/password_validator.rb

@@ -49,6 +49,15 @@ class PasswordValidator < ActiveModel::EachValidator
     I18n.t "password_validator.#{reason}"
   end
 
+  def organization
+    @organization ||= organization_from_record
+  end
+
+  def organization_from_record
+    return record.current_organization if record.respond_to?(:current_organization)
+    return record.organization if record.respond_to?(:organization)
+  end
+
   def strong?
     VALIDATION_METHODS.each do |method|
       @weak_password_reasons << method.to_s.sub(/\?$/, "").to_sym if send(method.to_s)
@@ -96,10 +105,10 @@ class PasswordValidator < ActiveModel::EachValidator
   end
 
   def domain_included_in_password?
-    return false unless record&.current_organization&.host
-    return true if value.include?(record.current_organization.host)
+    return false unless organization && organization.host
+    return true if value.include?(organization.host)
 
-    record.current_organization.host.split(".").each do |part|
+    organization.host.split(".").each do |part|
       next if part.length < IGNORE_SIMILARITY_SHORTER_THAN
 
       return true if value.include?(part)

data/app/views/decidim/account/show.html.erb

@@ -30,7 +30,7 @@
       <% else %>
         <% if current_organization.sign_in_enabled? %>
           <p>
-            <a data-toggle="passwordChange" class="change-password" href="#passwordChange"><%= t ".change_password" %></a>
+            <button type="button" data-toggle="passwordChange" class="link change-password"><%= t ".change_password" %></button>
           </p>
           <div id="passwordChange" class="toggle-show" data-toggler=".is-expanded">
             <%= render partial: "password_fields", locals: { form: f } %>

data/app/views/decidim/application/_collection.html.erb

@@ -1,11 +1,11 @@
 <% unless attachment_collection.unused? %>
   <div class="docs__container">
-    <span data-toggle="docs-collection-<%= attachment_collection.id %>"><%= icon "caret-right", class: "icon--small", role: "img", "aria-hidden": true %>&nbsp;
+    <button type="button" data-toggle="docs-collection-<%= attachment_collection.id %>"><%= icon "caret-right", class: "icon--small", role: "img", "aria-hidden": true %>&nbsp;
       <strong><%= translated_attribute(attachment_collection.name) %></strong>
 
       <% attachment_collection_documents_count =  attachment_collection.attachments.select(&:document?).count %>
       <small>(<%= attachment_collection_documents_count %> <%= t("decidim.application.collection.documents", count: attachment_collection_documents_count) %>)</small>
-    </span>
+    </button>
 
     <div id="docs-collection-<%= attachment_collection.id %>" class="docs__content hide" data-toggler=".hide">
       <p><%= translated_attribute(attachment_collection.description) %></p>

data/app/views/decidim/devise/invitations/edit.html.erb

@@ -27,11 +27,11 @@
 
             <% if f.object.class.require_password_on_accepting %>
               <div class="field">
-                <p><%= f.password_field :password, required: "required", minlength: ::Devise.password_length.min, maxlength: ::Devise.password_length.max %></p>
+                <p><%= f.password_field :password, required: "required", minlength: ::PasswordValidator::MINIMUM_LENGTH, maxlength: ::PasswordValidator::MAX_LENGTH %></p>
               </div>
 
               <div class="field">
-                <p><%= f.password_field :password_confirmation, required: "required", minlength: ::Devise.password_length.min, maxlength: ::Devise.password_length.max %></p>
+                <p><%= f.password_field :password_confirmation, required: "required", minlength: ::PasswordValidator::MINIMUM_LENGTH, maxlength: ::PasswordValidator::MAX_LENGTH %></p>
               </div>
             <% end %>
           </div>

data/app/views/decidim/endorsements/identities.html.erb

@@ -1,5 +1,5 @@
 <div class="reveal__header reveal__header--nomargin reveal__bg p-s">
-  <h6 class="heading6 m-none"><%= t ".select_identity" %></h6>
+  <h6 class="heading6 m-none reveal__title"><%= t ".select_identity" %></h6>
 </div>
 <ul class="reveal__list">
 <%= render_endorsement_identity(resource, current_user) %>

data/app/views/decidim/groups/new.html.erb

@@ -1,3 +1,5 @@
+<% add_decidim_page_title(t(".new_user_group")) %>
+
 <div class="wrapper">
 <div class="row collapse">
   <div class="row collapse">

data/app/views/decidim/messaging/conversations/_add_conversation_users.html.erb

@@ -2,7 +2,7 @@
   <div class="wrapper wrapper--inner">
     <div class="row">
       <div class="large-12">
-        <h2 id="modalTitle"> <%= t(".modal_title") %> </h2>
+        <h2 id="modalTitle" class="reveal__title"><%= t(".modal_title") %></h2>
       </div>
     </div>
     <div class="row">

data/app/views/decidim/messaging/conversations/_reply.html.erb

@@ -3,7 +3,7 @@
     <%= t(".title") %>
   </h2>
 
-  <%= form_for form, url: decidim.conversation_path(conversation.id), method: :put, remote: true do |f| %>
+  <%= decidim_form_for form, url: decidim.conversation_path(conversation.id), method: :put, remote: true do |f| %>
     <%= f.label :body, nil, class: "show-for-sr" %>
     <%= f.text_area :body, label: false, rows: 4, required: true, placeholder: t(".placeholder") %>
 

data/app/views/decidim/messaging/conversations/_start.html.erb

@@ -5,7 +5,7 @@
     <%= t(".title") %>
   </h2>
 
-  <%= form_for form, url: decidim.conversations_path, remote: true do |f| %>
+  <%= decidim_form_for form, url: decidim.conversations_path, remote: true do |f| %>
     <%= form_required_explanation %>
 
     <% @form.recipient.each do |recipient| %>

data/app/views/decidim/messaging/conversations/create.js.erb

@@ -1,2 +1,3 @@
 $("#messages").append("<%= j(render "messages", sender: conversation.messages.first.sender, messages: [conversation.messages.first]).html_safe %>");
 $(".add-message").replaceWith("<%= j(render "reply", form: form, conversation: conversation).html_safe %>");
+$("#new_message_").foundation();

data/app/views/layouts/decidim/_language_chooser.html.erb

@@ -7,10 +7,17 @@
       data-close-on-click="true"
       role="menubar">
       <li class="is-dropdown-submenu-parent" role="presentation">
-        <%= link_to t("name", scope: "locale"), "#language-chooser-menu", id: "language-chooser-control", "aria-label": t("layouts.decidim.language_chooser.choose_language"), "aria-controls": "language-chooser-menu", "aria-haspopup": "menu", role: "menuitem" %>
+        <%= link_to "#language-chooser-menu", id: "language-chooser-control", "aria-controls": "language-chooser-menu", "aria-haspopup": "menu", role: "menuitem" do %>
+          <span aria-hidden="true"><%= t("name", scope: "locale") %></span>
+          <span class="show-for-sr">
+            <% available_locales.each do |locale| %>
+              <span lang="<%= locale %>"><%= I18n.with_locale(locale) { t("layouts.decidim.language_chooser.choose_language") } %></span>
+            <% end %>
+          </span>
+        <% end %>
         <ul class="menu is-dropdown-submenu" id="language-chooser-menu" role="menu" aria-labelledby="language-chooser-control">
           <% (available_locales - [I18n.locale.to_s]).each do |locale| %>
-            <li lang="<%= locale %>" role="presentation"><%= link_to locale_name(locale), decidim.locale_path(locale: locale), method: :post, role: "menuitem" %></li>
+            <li role="presentation"><%= link_to locale_name(locale), decidim.locale_path(locale: locale), method: :post, role: "menuitem", lang: locale %></li>
           <% end %>
         </ul>
       </li>

data/app/views/layouts/decidim/_logo.html.erb

@@ -1,5 +1,5 @@
 <% if organization %>
-  <%= link_to decidim.root_url(host: organization.host), title: t("logo", scope: "decidim.accessibility", organization: organization.name) do %>
+  <%= link_to decidim.root_url(host: organization.host), "aria-label": t("front_page_link", scope: "decidim.accessibility") do %>
     <% if organization.logo.attached? %>
       <%= image_tag organization.attached_uploader(:logo).variant_path(:medium), alt: t("logo", scope: "decidim.accessibility", organization: organization.name) %>
     <% else %>

data/app/views/layouts/decidim/_timeout_modal.html.erb

@@ -1,9 +1,11 @@
 <% if current_user && !current_user.remember_created_at %>
   <% timeout_time_seconds = Decidim.config.expire_session_after.to_i %>
+  <% prevent_timeout_for = try(:prevent_timeout_seconds) || 0 %>
   <div class="reveal" id="timeoutModal" data-close-on-click="false" data-close-on-esc="false"
     data-seconds-until-timeout-path="<%= decidim.seconds_until_timeout_path %>"
     data-heartbeat-path="<%= decidim.heartbeat_path %>"
     data-session-timeout="<%= timeout_time_seconds %>"
+    data-prevent-timeout-seconds="<%= prevent_timeout_for %>"
     data-session-timeout-interval="<%= Decidim.config.session_timeout_interval.to_i * 1000 %>" data-reveal>
     <h2><%= t(".title") %></h2>
     <p><%= t(".body", minutes: (timeout_time_seconds / 60) - 2) %></p>

data/config/initializers/devise.rb

@@ -9,6 +9,13 @@ class RandomStalling < Devise::FailureApp
     sleep rand * 5
     super
   end
+
+  protected
+
+  def i18n_options(options)
+    options[:locale] = session[:user_locale]
+    super
+  end
 end
 
 Devise.setup do |config|
@@ -19,12 +26,6 @@ Devise.setup do |config|
   # by default. You can change it below and use your own secret key.
   # config.secret_key = 'e1f4e9899fb5e8b3123950b19cd0f6d22ecaa8c7fb792b6db5a939edc2b3bab722d06a6a46345ee9bf12caa0178408d6134ea92ed778977b8a7ed1007a0c6dbe'
 
-  # ==> Mailer Configuration
-  # Configure the e-mail address which will be shown in Devise::Mailer,
-  # note that it will be overwritten if you use your own mailer class
-  # with default "from" parameter.
-  config.mailer_sender = Decidim.config.mailer_sender
-
   # Configure the class responsible to send e-mails.
   config.mailer = "Decidim::DecidimDeviseMailer"
 
@@ -174,14 +175,6 @@ Devise.setup do |config|
   # Default: true
   config.allow_insecure_sign_in_after_accept = true
 
-  # ==> Configuration for :confirmable
-  # A period that the user is allowed to access the website even without
-  # confirming their account. For instance, if set to 2.days, the user will be
-  # able to access the website for two days without confirming their account,
-  # access will be blocked just in the third day. Default is 0.days, meaning
-  # the user cannot access the website without confirming their account.
-  config.allow_unconfirmed_access_for = Decidim.unconfirmed_access_for
-
   # A period that the user is allowed to confirm their account before their
   # token becomes invalid. For example, if set to 3.days, the user can confirm
   # their account within 3 days after the mail was sent, but on the fourth day
@@ -215,18 +208,14 @@ Devise.setup do |config|
 
   # ==> Configuration for :validatable
   # Range for password length.
-  config.password_length = 6..128
+  # NOTE: this will not be used as we're using our own PasswordValidator
+  # config.password_length = 6..128
 
   # Email regex used to validate email formats. It simply asserts that
   # one (and only one) @ exists in the given string. This is mainly
   # to give user feedback and not to assert the e-mail validity.
   config.email_regexp = /\A[^@\s]+@[^@\s]+\z/
 
-  # ==> Configuration for :timeoutable
-  # The time you want to timeout the user session without activity. After this
-  # time the user will be asked for credentials again. Default is 30 minutes.
-  config.timeout_in = Decidim.config.expire_session_after
-
   # ==> Configuration for :lockable
   # Defines which strategy will be used to lock an account.
   # :failed_attempts = Locks an account after a number of failed attempts to sign in.