decidim-core 0.26.4 → 0.26.7
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/app/cells/decidim/announcement_cell.rb +1 -1
- data/app/cells/decidim/content_blocks/cta_cell.rb +1 -1
- data/app/cells/decidim/content_blocks/hero/show.erb +1 -1
- data/app/cells/decidim/content_blocks/highlighted_content_banner/show.erb +1 -1
- data/app/cells/decidim/content_blocks/sub_hero_cell.rb +1 -1
- data/app/cells/decidim/newsletter_templates/base_cell.rb +8 -0
- data/app/cells/decidim/newsletter_templates/basic_only_text/show.erb +4 -4
- data/app/cells/decidim/newsletter_templates/image_text_cta/show.erb +4 -4
- data/app/commands/decidim/unendorse_resource.rb +1 -1
- data/app/controllers/decidim/groups_controller.rb +5 -0
- data/app/controllers/decidim/links_controller.rb +10 -11
- data/app/controllers/decidim/profiles_controller.rb +1 -1
- data/app/helpers/decidim/cells_helper.rb +1 -0
- data/app/helpers/decidim/external_domain_helper.rb +14 -3
- data/app/helpers/decidim/icon_helper.rb +3 -3
- data/app/helpers/decidim/newsletters_helper.rb +1 -0
- data/app/helpers/decidim/sanitize_helper.rb +15 -5
- data/app/mailers/decidim/newsletter_mailer.rb +10 -3
- data/app/models/decidim/newsletter.rb +28 -0
- data/app/models/decidim/scope_type.rb +28 -0
- data/app/models/decidim/user.rb +0 -2
- data/app/models/decidim/user_base_entity.rb +2 -0
- data/app/models/decidim/user_block.rb +2 -2
- data/app/models/decidim/user_group.rb +1 -1
- data/app/packs/src/decidim/editor/clipboard_override.js +6 -2
- data/app/packs/src/decidim/editor.js +63 -33
- data/app/packs/src/decidim/form_filter.component.test.js +148 -5
- data/app/packs/src/decidim/form_filter.js +26 -4
- data/app/packs/stylesheets/decidim/_editor.scss +129 -0
- data/app/packs/stylesheets/decidim/email.scss +7 -0
- data/app/packs/stylesheets/decidim/extras/_quill.scss +0 -6
- data/app/packs/stylesheets/decidim/modules/_buttons.scss +10 -6
- data/app/packs/stylesheets/decidim/modules/_cards.scss +1 -1
- data/app/packs/stylesheets/decidim/modules/_comments.scss +24 -0
- data/app/packs/stylesheets/decidim/vizzs/_linechart.scss +2 -2
- data/app/packs/stylesheets/decidim/vizzs/_rowchart.scss +2 -2
- data/app/presenters/decidim/admin_log/user_group_presenter.rb +1 -1
- data/app/presenters/decidim/admin_log/user_moderation_presenter.rb +1 -1
- data/app/presenters/decidim/notification_presenter.rb +1 -1
- data/app/presenters/decidim/user_group_presenter.rb +1 -1
- data/app/presenters/decidim/user_presenter.rb +1 -1
- data/app/scrubbers/decidim/admin_input_scrubber.rb +27 -0
- data/app/scrubbers/decidim/user_input_scrubber.rb +32 -5
- data/app/services/decidim/traceability.rb +1 -0
- data/app/views/decidim/links/_invalid_url_modal.html.erb +17 -0
- data/app/views/decidim/links/_modal.html.erb +1 -1
- data/app/views/decidim/links/invalid_url.js.erb +24 -0
- data/app/views/decidim/links/new.html.erb +1 -1
- data/app/views/decidim/messaging/conversations/_conversation.html.erb +1 -5
- data/app/views/decidim/newsletter_mailer/newsletter.html.erb +3 -3
- data/app/views/decidim/newsletters/show.html.erb +1 -1
- data/app/views/decidim/pages/_standalone.html.erb +1 -1
- data/app/views/decidim/pages/_tabbed.html.erb +1 -1
- data/app/views/layouts/decidim/_mailer_logo.html.erb +2 -2
- data/app/views/layouts/decidim/newsletter_base.html.erb +2 -2
- data/config/locales/ar.yml +427 -11
- data/config/locales/bg.yml +6 -8
- data/config/locales/ca.yml +36 -30
- data/config/locales/cs.yml +27 -32
- data/config/locales/da.yml +3 -0
- data/config/locales/de.yml +4 -26
- data/config/locales/el.yml +6 -9
- data/config/locales/en.yml +21 -15
- data/config/locales/eo.yml +2 -1
- data/config/locales/es-MX.yml +28 -22
- data/config/locales/es-PY.yml +28 -22
- data/config/locales/es.yml +34 -28
- data/config/locales/et.yml +3 -0
- data/config/locales/eu.yml +108 -85
- data/config/locales/fa-IR.yml +1 -0
- data/config/locales/fi-plain.yml +6 -21
- data/config/locales/fi.yml +24 -18
- data/config/locales/fr-CA.yml +26 -20
- data/config/locales/fr.yml +24 -18
- data/config/locales/ga-IE.yml +1 -0
- data/config/locales/gl.yml +2 -26
- data/config/locales/gn-PY.yml +3 -0
- data/config/locales/hr.yml +3 -0
- data/config/locales/hu.yml +52 -29
- data/config/locales/id-ID.yml +7 -8
- data/config/locales/is-IS.yml +2 -2
- data/config/locales/it.yml +2 -16
- data/config/locales/ja.yml +29 -39
- data/config/locales/ka-GE.yml +4 -0
- data/config/locales/kaa.yml +1 -0
- data/config/locales/lb.yml +0 -8
- data/config/locales/lt.yml +0 -37
- data/config/locales/lv.yml +5 -7
- data/config/locales/nl.yml +1 -24
- data/config/locales/no.yml +3 -30
- data/config/locales/oc-FR.yml +2 -0
- data/config/locales/pl.yml +2 -38
- data/config/locales/pt-BR.yml +2 -10
- data/config/locales/pt.yml +0 -8
- data/config/locales/ro-RO.yml +10 -11
- data/config/locales/ru.yml +6 -4
- data/config/locales/sk.yml +8 -9
- data/config/locales/sl.yml +1 -0
- data/config/locales/sr-CS.yml +2 -0
- data/config/locales/sv.yml +3 -29
- data/config/locales/tr-TR.yml +7 -12
- data/config/locales/uk.yml +6 -4
- data/config/locales/zh-CN.yml +3 -8
- data/config/locales/zh-TW.yml +1712 -0
- data/lib/decidim/api/types/localized_string_type.rb +9 -0
- data/lib/decidim/api/types/translated_field_type.rb +20 -5
- data/lib/decidim/core/test/factories.rb +13 -6
- data/lib/decidim/core/test/shared_examples/comments_examples.rb +36 -0
- data/lib/decidim/core/test/shared_examples/editor_shared_examples.rb +10 -0
- data/lib/decidim/core/test/shared_examples/rich_text_editor_examples.rb +7 -3
- data/lib/decidim/core/test.rb +1 -0
- data/lib/decidim/core/version.rb +1 -1
- data/lib/decidim/form_builder.rb +1 -2
- data/lib/decidim/participatory_space_resourceable.rb +7 -1
- data/lib/decidim/publicable.rb +4 -0
- metadata +13 -6
|
@@ -27,8 +27,8 @@
|
|
|
27
27
|
@mixin loop-colors-types($color, $max: 12){
|
|
28
28
|
@for $i from 0 through ($max - 1){
|
|
29
29
|
$interval: ($i % 4) * 24 + 1;
|
|
30
|
-
$tints: tint($color, $interval);
|
|
31
|
-
$shades: shade($color, $interval);
|
|
30
|
+
$tints: tint($color, $interval * 1%);
|
|
31
|
+
$shades: shade($color, $interval * 1%);
|
|
32
32
|
$adjusts: adjust-color($color, $lightness: $interval * 1%, $hue: -$interval);
|
|
33
33
|
|
|
34
34
|
.type-#{$i}{
|
|
@@ -52,7 +52,7 @@ module Decidim
|
|
|
52
52
|
end
|
|
53
53
|
|
|
54
54
|
def unreported_user
|
|
55
|
-
@unreported_user ||= Decidim::
|
|
55
|
+
@unreported_user ||= Decidim::UserBaseEntity.find_by(id: action_log.extra.dig("extra", "user_id"))
|
|
56
56
|
end
|
|
57
57
|
|
|
58
58
|
def has_diff?
|
|
@@ -11,7 +11,7 @@ module Decidim
|
|
|
11
11
|
|
|
12
12
|
def created_at_in_words
|
|
13
13
|
if created_at.between?(1.month.ago, Time.current)
|
|
14
|
-
time_ago_in_words(created_at)
|
|
14
|
+
I18n.t("decidim.user_conversations.index.time_ago", time: time_ago_in_words(created_at))
|
|
15
15
|
else
|
|
16
16
|
format = created_at.year == Time.current.year ? :ddmm : :ddmmyyyy
|
|
17
17
|
I18n.l(created_at, format: format)
|
|
@@ -0,0 +1,27 @@
|
|
|
1
|
+
# frozen_string_literal: true
|
|
2
|
+
|
|
3
|
+
module Decidim
|
|
4
|
+
# Use this class as a scrubber to sanitize admin user input. The default
|
|
5
|
+
# scrubbed provided by Rails does not allow `iframe`s, and we are using
|
|
6
|
+
# them to embed videos, so we need to provide a whole new scrubber.
|
|
7
|
+
#
|
|
8
|
+
# Example:
|
|
9
|
+
#
|
|
10
|
+
# sanitize(@page.body, scrubber: Decidim::AdminInputScrubber.new)
|
|
11
|
+
#
|
|
12
|
+
# Lists of default tags and attributes are extracted from
|
|
13
|
+
# https://stackoverflow.com/a/35073814/2110884.
|
|
14
|
+
class AdminInputScrubber < UserInputScrubber
|
|
15
|
+
private
|
|
16
|
+
|
|
17
|
+
DECIDIM_ALLOWED_TAGS = %w(img video audio source comment iframe).freeze
|
|
18
|
+
|
|
19
|
+
def custom_allowed_attributes
|
|
20
|
+
super + %w(frameborder allowfullscreen) - %w(onerror)
|
|
21
|
+
end
|
|
22
|
+
|
|
23
|
+
def custom_allowed_tags
|
|
24
|
+
super + DECIDIM_ALLOWED_TAGS
|
|
25
|
+
end
|
|
26
|
+
end
|
|
27
|
+
end
|
|
@@ -1,9 +1,7 @@
|
|
|
1
1
|
# frozen_string_literal: true
|
|
2
2
|
|
|
3
3
|
module Decidim
|
|
4
|
-
# Use this class as a scrubber to sanitize user input.
|
|
5
|
-
# scrubbed provided by Rails does not allow `iframe`s, and we're using
|
|
6
|
-
# them to embed videos, so we need to provide a whole new scrubber.
|
|
4
|
+
# Use this class as a scrubber to sanitize participant user input.
|
|
7
5
|
#
|
|
8
6
|
# Example:
|
|
9
7
|
#
|
|
@@ -20,12 +18,41 @@ module Decidim
|
|
|
20
18
|
|
|
21
19
|
private
|
|
22
20
|
|
|
21
|
+
RESTRICTED_TAGS = %w(
|
|
22
|
+
area
|
|
23
|
+
article
|
|
24
|
+
aside
|
|
25
|
+
audio
|
|
26
|
+
button
|
|
27
|
+
canvas
|
|
28
|
+
fieldset
|
|
29
|
+
figcaption
|
|
30
|
+
figure
|
|
31
|
+
font
|
|
32
|
+
footer
|
|
33
|
+
form
|
|
34
|
+
header
|
|
35
|
+
img
|
|
36
|
+
input
|
|
37
|
+
label
|
|
38
|
+
legend
|
|
39
|
+
main
|
|
40
|
+
map
|
|
41
|
+
menu
|
|
42
|
+
optgroup
|
|
43
|
+
option
|
|
44
|
+
output
|
|
45
|
+
select
|
|
46
|
+
textarea
|
|
47
|
+
video
|
|
48
|
+
).freeze
|
|
49
|
+
|
|
23
50
|
def custom_allowed_attributes
|
|
24
|
-
Loofah::HTML5::SafeList::ALLOWED_ATTRIBUTES
|
|
51
|
+
Loofah::HTML5::SafeList::ALLOWED_ATTRIBUTES
|
|
25
52
|
end
|
|
26
53
|
|
|
27
54
|
def custom_allowed_tags
|
|
28
|
-
Loofah::HTML5::SafeList::
|
|
55
|
+
Loofah::HTML5::SafeList::ACCEPTABLE_ELEMENTS - RESTRICTED_TAGS
|
|
29
56
|
end
|
|
30
57
|
end
|
|
31
58
|
end
|
|
@@ -117,6 +117,7 @@ module Decidim
|
|
|
117
117
|
return unless user.is_a?(Decidim::User)
|
|
118
118
|
# If the record is not valid, it may not yet have an ID causing an
|
|
119
119
|
# exception when trying to save the log record.
|
|
120
|
+
return if resource.nil?
|
|
120
121
|
return unless resource.valid?
|
|
121
122
|
|
|
122
123
|
Decidim::ActionLogger.log(
|
|
@@ -0,0 +1,17 @@
|
|
|
1
|
+
<%= decidim_modal id: "external-domain-warning" do %>
|
|
2
|
+
<div data-dialog-container>
|
|
3
|
+
<%= icon "external-link-line" %>
|
|
4
|
+
<h2 id="dialog-title-external-domain-warning" tabindex="-1" data-dialog-title><%= t("decidim.links.warning.title") %></h2>
|
|
5
|
+
<div>
|
|
6
|
+
|
|
7
|
+
<code class="mt-5 block break-all text-alert">
|
|
8
|
+
<%= flash[:alert] %>
|
|
9
|
+
</code>
|
|
10
|
+
</div>
|
|
11
|
+
</div>
|
|
12
|
+
<div data-dialog-actions>
|
|
13
|
+
<button class="button button__lg button__transparent-secondary" data-dialog-close="external-domain-warning">
|
|
14
|
+
<%= t("decidim.links.warning.cancel") %>
|
|
15
|
+
</button>
|
|
16
|
+
</div>
|
|
17
|
+
<% end %>
|
|
@@ -13,7 +13,7 @@
|
|
|
13
13
|
</div>
|
|
14
14
|
</div>
|
|
15
15
|
<div class="row buttons">
|
|
16
|
-
<%= link_to t("decidim.links.warning.proceed"),
|
|
16
|
+
<%= link_to t("decidim.links.warning.proceed"), external_url.to_s, target: "_blank", data: { close: "" }, class: "button primary button--nomargin" %>
|
|
17
17
|
<button class="button clear" data-close>
|
|
18
18
|
<%= t("decidim.links.warning.cancel") %>
|
|
19
19
|
</button>
|
|
@@ -0,0 +1,24 @@
|
|
|
1
|
+
(function() {
|
|
2
|
+
const create = (selector) => {
|
|
3
|
+
const element = document.createElement("div")
|
|
4
|
+
element.id = selector
|
|
5
|
+
document.body.append(element)
|
|
6
|
+
return element
|
|
7
|
+
}
|
|
8
|
+
|
|
9
|
+
const selector = "external-domain-warning"
|
|
10
|
+
const selectorContainer = `${selector}-container`
|
|
11
|
+
|
|
12
|
+
// if the container does not exist in the DOM, it creates a new one, otherwise, replace the content
|
|
13
|
+
const externalDomainWarning = document.getElementById(selectorContainer) || create(selectorContainer)
|
|
14
|
+
|
|
15
|
+
externalDomainWarning.innerHTML = ''
|
|
16
|
+
externalDomainWarning.innerHTML = '<%= j(render partial: "invalid_url_modal").strip.html_safe %>'
|
|
17
|
+
|
|
18
|
+
new window.Decidim.Dialogs(`#${selector}`, {
|
|
19
|
+
closingSelector: `[data-dialog-close="${selector}"]`,
|
|
20
|
+
backdropSelector: `[data-dialog="${selector}"]`,
|
|
21
|
+
labelledby: `dialog-title-${selector}`,
|
|
22
|
+
describedby: `dialog-desc-${selector}`
|
|
23
|
+
}).open()
|
|
24
|
+
})()
|
|
@@ -12,7 +12,7 @@
|
|
|
12
12
|
</div>
|
|
13
13
|
<div class="row">
|
|
14
14
|
<div class="columns large-12 text-center">
|
|
15
|
-
<%= link_to t("decidim.links.warning.proceed"),
|
|
15
|
+
<%= link_to t("decidim.links.warning.proceed"), external_url.to_s, class: "button expanded primary" %>
|
|
16
16
|
</div>
|
|
17
17
|
</div>
|
|
18
18
|
</div>
|
|
@@ -33,11 +33,7 @@
|
|
|
33
33
|
<span class="text-small">
|
|
34
34
|
<%= t("last_message", scope: "decidim.messaging.conversations.index") %>:
|
|
35
35
|
<strong>
|
|
36
|
-
|
|
37
|
-
<%= t("ago", scope: "decidim.messaging.conversations.index") %> <%= time_ago_in_words(Time.parse(conversation.last_message.created_at.to_s)) %>
|
|
38
|
-
<% else %>
|
|
39
|
-
<%= time_ago_in_words(Time.parse(conversation.last_message.created_at.to_s)) %> <%= t("ago", scope: "decidim.messaging.conversations.index") %>
|
|
40
|
-
<% end %>
|
|
36
|
+
<%= t("decidim.user_conversations.index.time_ago", time: time_ago_in_words(Time.zone.parse(conversation.last_message.created_at.to_s))) %>
|
|
41
37
|
</strong>
|
|
42
38
|
</span>
|
|
43
39
|
</div>
|
|
@@ -1,16 +1,16 @@
|
|
|
1
1
|
<%= decidim_sanitize_newsletter cell.to_s %>
|
|
2
2
|
|
|
3
3
|
<% content_for :note do %>
|
|
4
|
-
<%== t ".note", organization_name: h(@organization.name), link:
|
|
4
|
+
<%== t ".note", organization_name: h(@organization.name), link: @newsletter.notifications_settings_url %>
|
|
5
5
|
<% end %>
|
|
6
6
|
|
|
7
7
|
<% content_for :unsubscribe do %>
|
|
8
|
-
<%== t ".unsubscribe", link:
|
|
8
|
+
<%== t ".unsubscribe", link: @newsletter.unsubscribe_newsletters_url(u: @encrypted_token) %>
|
|
9
9
|
<% end %>
|
|
10
10
|
|
|
11
11
|
<% content_for :see_on_website do %>
|
|
12
12
|
<center style="display: none">
|
|
13
13
|
<%== CGI.unescapeHTML truncate(cell.body, max_length: 50) %>
|
|
14
14
|
</center>
|
|
15
|
-
<%== t ".see_on_website", link:
|
|
15
|
+
<%== t ".see_on_website", link: @newsletter.url %>
|
|
16
16
|
<% end %>
|
|
@@ -5,7 +5,7 @@
|
|
|
5
5
|
newsletter: newsletter,
|
|
6
6
|
recipient_user: @user
|
|
7
7
|
) %>
|
|
8
|
-
<%=
|
|
8
|
+
<%= decidim_sanitize_newsletter @cell.to_s %>
|
|
9
9
|
|
|
10
10
|
<% content_for :note do %>
|
|
11
11
|
<%== t "note", scope: "decidim.newsletter_mailer.newsletter", organization_name: h(@organization.name), link: decidim.notifications_settings_url(host: @organization.host) %>
|
|
@@ -10,7 +10,7 @@
|
|
|
10
10
|
|
|
11
11
|
<div class="columns small-12">
|
|
12
12
|
<div class="card">
|
|
13
|
-
<div class="card__content"><%=
|
|
13
|
+
<div class="card__content"><%= decidim_sanitize_editor_admin translated_attribute page.content %></div>
|
|
14
14
|
</div>
|
|
15
15
|
</div>
|
|
16
16
|
|
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
<% if organization %>
|
|
2
|
-
<% if
|
|
3
|
-
<% url =
|
|
2
|
+
<% if defined?(custom_url_for_mail_root) && custom_url_for_mail_root.present? %>
|
|
3
|
+
<% url = custom_url_for_mail_root %>
|
|
4
4
|
<% else %>
|
|
5
5
|
<% url = decidim.root_url(host: organization.host) %>
|
|
6
6
|
<% end %>
|
|
@@ -6,7 +6,7 @@
|
|
|
6
6
|
<%= stylesheet_pack_tag "decidim_email" %>
|
|
7
7
|
</head>
|
|
8
8
|
|
|
9
|
-
|
|
9
|
+
<%= content_tag :body, class: @preview ? "preview" : nil do %>
|
|
10
10
|
<!-- <style> -->
|
|
11
11
|
<table class="body">
|
|
12
12
|
<% if content_for?(:see_on_website) %>
|
|
@@ -42,5 +42,5 @@
|
|
|
42
42
|
</td>
|
|
43
43
|
</tr>
|
|
44
44
|
</table>
|
|
45
|
-
|
|
45
|
+
<% end %>
|
|
46
46
|
</html>
|