RubyGems - decidim-core - Versions diffs - 0.28.0 → 0.28.2 - Mend

decidim-core 0.28.0 → 0.28.2

Files changed (246) hide show

data/lib/decidim/core/test/shared_examples/amendable/amendment_created_event_examples.rb CHANGED Viewed

@@ -12,36 +12,16 @@ shared_examples "amendment created event" do
   end
   it_behaves_like "a simple event"
+  it_behaves_like "a simple event email"
+  it_behaves_like "a simple event notification"
   let(:emendation_author_nickname) { "@#{emendation.creator_author.nickname}" }
   let(:emendation_path) { Decidim::ResourceLocatorPresenter.new(emendation).path }
   let(:emendation_author_path) { Decidim::UserPresenter.new(emendation.creator_author).profile_path }
   let(:amendable_path) { Decidim::ResourceLocatorPresenter.new(amendable).path }
-  describe "email_subject" do
-    it "is generated correctly" do
-      expect(subject.email_subject).to eq("New amendment for #{amendable_title}")
-    end
-  end
-  describe "email_intro" do
-    it "is generated correctly" do
-      expect(subject.email_intro)
-        .to eq("A new amendment has been created for #{amendable_title}. You can see it from this page:")
-    end
-  end
-  describe "email_outro" do
-    it "is generated correctly" do
-      expect(subject.email_outro)
-        .to eq("You have received this notification because you are following #{amendable_title}. You can stop receiving notifications following the previous link.")
-    end
-  end
-  describe "notification_title" do
-    it "is generated correctly" do
-      expect(subject.notification_title)
-        .to eq("A new amendment has been created for <a href=\"#{amendable_path}\">#{amendable_title}</a>.")
-    end
-  end
+  let(:email_subject) { "New amendment for #{amendable_title}" }
+  let(:email_intro) { "A new amendment has been created for #{amendable_title}. You can see it from this page:" }
+  let(:email_outro) { "You have received this notification because you are following #{amendable_title}. You can stop receiving notifications following the previous link." }
+  let(:notification_title) { "A new amendment has been created for <a href=\"#{amendable_path}\">#{amendable_title}</a>." }
 end

data/lib/decidim/core/test/shared_examples/amendable/amendment_promoted_event_examples.rb CHANGED Viewed

@@ -7,36 +7,18 @@ shared_examples "amendment promoted event" do
   let(:event_name) { "decidim.events.amendments.amendment_promoted" }
   it_behaves_like "a simple event"
+  it_behaves_like "a simple event email"
+  it_behaves_like "a simple event notification"
   let(:emendation_author_nickname) { "@#{emendation.creator_author.nickname}" }
   let(:emendation_path) { Decidim::ResourceLocatorPresenter.new(emendation).path }
   let(:emendation_author_path) { Decidim::UserPresenter.new(emendation.creator_author).profile_path }
   let(:amendable_path) { Decidim::ResourceLocatorPresenter.new(amendable).path }
-  describe "email_subject" do
-    it "is generated correctly" do
-      expect(subject.email_subject).to eq("An amendment from #{emendation_author_nickname} has been published as a new proposal")
-    end
-  end
-  describe "email_intro" do
-    it "is generated correctly" do
-      expect(subject.email_intro)
-        .to eq("A rejected amendment for #{amendable_title} has been published as a new #{amendable_type}. You can see it from this page:")
-    end
-  end
-  describe "email_outro" do
-    it "is generated correctly" do
-      expect(subject.email_outro)
-        .to eq("You have received this notification because you are following #{amendable_title}. You can stop receiving notifications following the previous link.")
-    end
-  end
-  describe "notification_title" do
-    it "is generated correctly" do
-      expect(subject.notification_title)
-        .to eq("A <a href=\"#{emendation_path}\">rejected amendment</a> for <a href=\"#{amendable_path}\">#{amendable_title}</a> has been published as a new #{amendable_type} by <a href=\"#{emendation_author_path}\">#{emendation_author_nickname}</a>.") # rubocop:disable Layout/LineLength
-    end
-  end
+  let(:email_subject) { "An amendment from #{emendation_author_nickname} has been published as a new proposal" }
+  let(:email_intro) { "A rejected amendment for #{amendable_title} has been published as a new #{amendable_type}. You can see it from this page:" }
+  let(:email_outro) { "You have received this notification because you are following #{amendable_title}. You can stop receiving notifications following the previous link." }
+  # rubocop:disable Layout/LineLength
+  let(:notification_title) { "A <a href=\"#{emendation_path}\">rejected amendment</a> for <a href=\"#{amendable_path}\">#{amendable_title}</a> has been published as a new #{amendable_type} by <a href=\"#{emendation_author_path}\">#{emendation_author_nickname}</a>." }
+  # rubocop:enable Layout/LineLength
 end

data/lib/decidim/core/test/shared_examples/comments_examples.rb CHANGED Viewed

@@ -54,7 +54,7 @@ shared_examples "comments" do
       expect(page).to have_css(".comment", minimum: 1)
       within("#accordion-#{single_comment.id}") do
-        expect(page).to have_content "Hide replies"
+        expect(page).to have_content "Hide reply"
       end
     end
@@ -70,7 +70,7 @@ shared_examples "comments" do
         expect(page).to have_css(".comment", minimum: 1)
         within("#accordion-#{single_comment.id}") do
-          expect(page).not_to have_content "Hide replies"
+          expect(page).not_to have_content "Hide reply"
         end
       end
     end
@@ -117,7 +117,8 @@ shared_examples "comments" do
   context "when not authenticated" do
     it "does not show form to add comments to user" do
       visit resource_path
-      expect(page).not_to have_selector(".add-comment form")
+      expect(page).not_to have_css(".add-comment form")
+      expect(page).to have_css(".comment-thread")
     end
   end
@@ -131,6 +132,32 @@ shared_examples "comments" do
       expect(page).to have_selector(".add-comment form")
     end
+    context "when user is not authorized to comment" do
+      let(:permissions) do
+        {
+          comment: {
+            authorization_handlers: {
+              "dummy_authorization_handler" => { "options" => {} }
+            }
+          }
+        }
+      end
+      before do
+        organization.available_authorizations = ["dummy_authorization_handler"]
+        organization.save!
+        commentable.create_resource_permission(permissions:)
+        allow(commentable).to receive(:user_allowed_to_comment?).with(user).and_return(false)
+        allow(commentable).to receive(:user_authorized_to_comment?).with(user).and_return(true)
+      end
+      it "shows a message indicating that comments are restricted" do
+        visit resource_path
+        expect(page).not_to have_content("Comments are disabled at this time")
+        expect(page).to have_content("You need to be verified to comment at this moment")
+      end
+    end
     describe "when using emojis" do
       before do
         within_language_menu do
@@ -520,7 +547,7 @@ shared_examples "comments" do
         it "displays the hide button" do
           visit current_path
           within "#comment_#{thread.id}" do
-            expect(page).to have_content("Hide replies")
+            expect(page).to have_content("Hide reply")
             expect(page).to have_content(new_reply_body)
           end
         end
@@ -528,7 +555,7 @@ shared_examples "comments" do
         it "displays the show button" do
           visit current_path
           within "#comment_#{thread.id}" do
-            click_button "Hide replies"
+            click_button "Hide reply"
             expect(page).to have_content("Show reply")
             expect(page).not_to have_content(new_reply_body)
           end
@@ -540,7 +567,7 @@ shared_examples "comments" do
           it "displays the show button" do
             visit current_path
             within "#comment_#{thread.id}" do
-              click_button "Hide replies"
+              click_button "Hide 3 replies"
               expect(page).to have_content("Show 3 replies")
               expect(page).not_to have_content(new_reply_body)
             end
@@ -969,3 +996,46 @@ shared_examples "comments" do
     end
   end
 end
+shared_examples "comments blocked" do
+  context "when not authenticated" do
+    context "when comments are blocked" do
+      let(:active_step_id) { component.participatory_space.active_step.id }
+      before do
+        component.update!(step_settings: { active_step_id => { comments_blocked: true } })
+      end
+      it "shows a message indicating that comments are disabled" do
+        visit resource_path
+        expect(page).to have_content("Comments are disabled at this time")
+        expect(page).not_to have_content("You need to be verified to comment at this moment")
+      end
+    end
+  end
+  context "when authenticated" do
+    let!(:organization) { create(:organization) }
+    let!(:user) { create(:user, :confirmed, organization:) }
+    let!(:comments) { create_list(:comment, 3, commentable:) }
+    before do
+      login_as user, scope: :user
+      visit resource_path
+    end
+    context "when comments are blocked" do
+      let(:active_step_id) { component.participatory_space.active_step.id }
+      before do
+        component.update!(step_settings: { active_step_id => { comments_blocked: true } })
+      end
+      it "shows a message indicating that comments are disabled" do
+        visit resource_path
+        expect(page).to have_content("Comments are disabled at this time")
+        expect(page).not_to have_content("You need to be verified to comment at this moment")
+      end
+    end
+  end
+end

data/lib/decidim/core/test/shared_examples/has_attachment_collections.rb CHANGED Viewed

@@ -13,13 +13,13 @@ shared_examples_for "has attachment collections" do
     end
     it "shows them" do
-      expect(page).to have_content(/#{translated(attachment_collection.name, locale: :en)}/i)
+      expect(page).to have_content(translated(attachment_collection.name))
     end
     it "show their documents" do
       within "[id*=documents-#{attachment_collection.id}]", visible: false do
-        expect(page).to have_content(:all, /#{translated(document.title, locale: :en)}/i)
-        expect(page).not_to have_content(:all, /#{translated(other_document.title, locale: :en)}/i)
+        expect(page).to have_content(:all, translated(document.title))
+        expect(page).not_to have_content(:all, translated(other_document.title))
       end
     end
   end
@@ -36,7 +36,9 @@ shared_examples_for "has attachment collections" do
     end
     it "shows them ordered" do
-      expect(translated(first_attachment_collection.name, locale: :en)).to appear_before(translated(last_attachment_collection.name, locale: :en))
+      expect(decidim_escape_translated(first_attachment_collection.name).gsub("&quot;",
+                                                                              "\"")).to appear_before(decidim_escape_translated(last_attachment_collection.name).gsub("&quot;",
+                                                                                                                                                                      "\""))
     end
   end
@@ -50,8 +52,8 @@ shared_examples_for "has attachment collections" do
     end
     it "is not present" do
-      expect(page).to have_content(/#{translated(attachment_collection.name, locale: :en)}/i)
-      expect(page).not_to have_content(/#{translated(empty_attachment_collection.name, locale: :en)}/i)
+      expect(page).to have_content(translated(attachment_collection.name))
+      expect(page).not_to have_content(translated(empty_attachment_collection.name))
     end
   end
 end

data/lib/decidim/core/test/shared_examples/has_attachments.rb CHANGED Viewed

@@ -14,7 +14,7 @@ shared_examples_for "has attachments content blocks" do
     it "shows them" do
       within "[data-content] .documents__container" do
-        expect(page).to have_content(/#{translated(document.title, locale: :en)}/i)
+        expect(page).to have_content(translated(document.title))
       end
       within "[data-content] [data-gallery]" do
@@ -27,7 +27,7 @@ shared_examples_for "has attachments content blocks" do
     let!(:last_document) { create(:attachment, :with_pdf, attached_to:, weight: 2) }
     let!(:first_document) { create(:attachment, :with_pdf, attached_to:, weight: 1) }
     let!(:last_image) { create(:attachment, attached_to:, weight: 2) }
-    let!(:fist_image) { create(:attachment, attached_to:, weight: 1) }
+    let!(:first_image) { create(:attachment, attached_to:, weight: 1) }
     before do
       visit current_path
@@ -35,11 +35,11 @@ shared_examples_for "has attachments content blocks" do
     it "shows them ordered" do
       within "[data-content] .documents__container" do
-        expect(translated(first_document.title, locale: :en)).to appear_before(translated(last_document.title, locale: :en))
+        expect(decidim_escape_translated(first_document.title).gsub("&quot;", "\"")).to appear_before(decidim_escape_translated(last_document.title).gsub("&quot;", "\""))
       end
       within "[data-content] [data-gallery]" do
-        expect(strip_tags(translated(fist_image.title, locale: :en))).to appear_before(strip_tags(translated(last_image.title, locale: :en)))
+        expect(strip_tags(translated(first_image.title, locale: :en))).to appear_before(strip_tags(translated(last_image.title, locale: :en)))
       end
     end
   end
@@ -58,7 +58,7 @@ shared_examples_for "has attachments tabs" do
     it "shows them" do
       find("li [data-controls='panel-documents']").click
       within "#panel-documents" do
-        expect(page).to have_content(/#{translated(document.title, locale: :en)}/i)
+        expect(page).to have_content(translated(document.title))
       end
       find("li [data-controls='panel-images']").click
@@ -72,7 +72,7 @@ shared_examples_for "has attachments tabs" do
     let!(:last_document) { create(:attachment, :with_pdf, attached_to:, weight: 2) }
     let!(:first_document) { create(:attachment, :with_pdf, attached_to:, weight: 1) }
     let!(:last_image) { create(:attachment, attached_to:, weight: 2) }
-    let!(:fist_image) { create(:attachment, attached_to:, weight: 1) }
+    let!(:first_image) { create(:attachment, attached_to:, weight: 1) }
     before do
       visit current_path
@@ -81,12 +81,12 @@ shared_examples_for "has attachments tabs" do
     it "shows them ordered" do
       find("li [data-controls='panel-documents']").click
       within "#panel-documents" do
-        expect(translated(first_document.title, locale: :en)).to appear_before(translated(last_document.title, locale: :en))
+        expect(decidim_escape_translated(first_document.title).gsub("&quot;", "\"")).to appear_before(decidim_escape_translated(last_document.title).gsub("&quot;", "\""))
       end
       find("li [data-controls='panel-images']").click
       within "#panel-images" do
-        expect(strip_tags(translated(fist_image.title, locale: :en))).to appear_before(strip_tags(translated(last_image.title, locale: :en)))
+        expect(strip_tags(translated(first_image.title, locale: :en))).to appear_before(strip_tags(translated(last_image.title, locale: :en)))
       end
     end
   end

data/lib/decidim/core/test/shared_examples/has_category.rb CHANGED Viewed

@@ -1,6 +1,8 @@
 # frozen_string_literal: true
 shared_examples_for "has category" do
+  let(:participatory_space) { subject.participatory_space }
   context "when the category is from another organization" do
     before do
       subject.category = create(:category)
@@ -8,4 +10,29 @@ shared_examples_for "has category" do
     it { is_expected.not_to be_valid }
   end
+  context "when the category is from the same organization" do
+    before do
+      subject.category = create(:category, participatory_space:)
+    end
+    it { is_expected.to be_valid }
+  end
+  context "when the resource is being deleted" do
+    before do
+      subject.category = create(:category, participatory_space:)
+      subject.save!
+    end
+    it "persists the categorization" do
+      expect(subject.categorization).to be_persisted
+    end
+    it "deletes the categorization" do
+      expect(Decidim::Categorization.count).to eq(1)
+      expect { subject.destroy }.to change(Decidim::Categorization, :count).by(-1)
+      expect(Decidim::Categorization.count).to eq(0)
+    end
+  end
 end

data/lib/decidim/core/test/shared_examples/has_reference.rb CHANGED Viewed

@@ -8,7 +8,7 @@ shared_examples_for "has reference" do
     context "when there is not a custom resource reference generator present" do
       it "generates a valid reference" do
-        expect(subject.reference).to match(/[A-z]+/)
+        expect(subject.reference).to match(/[a-zA-Z]+/)
       end
     end

data/lib/decidim/core/test/shared_examples/has_space_in_mcell_examples.rb CHANGED Viewed

@@ -8,7 +8,7 @@ shared_examples_for "has space in m-cell" do
     let(:show_space) { true }
     it "renders the space where the model belongs to" do
-      expect(cell_html).to have_content(translated(model.component.participatory_space.title, locale: :en))
+      expect(cell_html).to have_content(decidim_escape_translated(model.component.participatory_space.title))
     end
   end
 end

data/lib/decidim/core/test/shared_examples/logo_email.rb CHANGED Viewed

@@ -5,7 +5,7 @@ require "spec_helper"
 shared_examples "email with logo" do
   context "when organization has a logo" do
     let(:organization_logo) { Decidim::Dev.test_file("city.jpeg", "image/jpeg") }
-    let(:organization) { create(:organization, logo: organization_logo) }
+    let(:organization) { create(:organization, name: "O'Higgins", logo: organization_logo) }
     let(:mail) { described_class.event_received(event, event_class_name, resource, user, :follower, extra) }
     let(:logo_path) { Rails.application.routes.url_helpers.rails_representation_path(organization.logo.variant(resize_to_fit: [600, 160]), only_path: true) }
@@ -14,7 +14,7 @@ shared_examples "email with logo" do
     end
     it "includes organization logo with full link" do
-      expect(mail.body).to include("alt=\"#{organization.name}\"")
+      expect(mail.body).to include("alt=\"#{decidim_escape_translated(organization.name)}\"")
       expect(mail.body).to match(%r{https{0,1}://#{organization.host}:#{Capybara.server_port}#{logo_path}})
     end
   end

data/lib/decidim/core/test/shared_examples/map_examples.rb CHANGED Viewed

@@ -99,6 +99,8 @@ shared_context "with frontend map elements" do
   let(:html_body) { "" }
   before do
+    # Create a favicon so it does not fail when trying to fetch it
+    favicon = ""
     # Create a temporary route to display the generated HTML in a correct site
     # context.
     final_html = html_document
@@ -106,6 +108,7 @@ shared_context "with frontend map elements" do
       get "maptiles/:z/:x/:y.png", to: ->(_) { [200, {}, [final_html]] }
       get "test_dynamic_map", to: ->(_) { [200, {}, [final_html]] }
       get "offline", to: ->(_) { [200, {}, [""]] }
+      get "/favicon.ico", to: ->(_) { [200, {}, [favicon]] }
     end
     visit "/test_dynamic_map"

data/lib/decidim/core/test/shared_examples/resource_endorsed_event_examples.rb CHANGED Viewed

@@ -35,17 +35,20 @@ shared_examples_for "resource endorsed event" do
   end
   describe "email_intro" do
+    let(:resource_title) { decidim_sanitize_translated(resource.title) }
     it "is generated correctly" do
       expect(subject.email_intro)
         .to eq("#{author.name} #{author_presenter.nickname}, who you are following, " \
-               "has just endorsed \"#{translated resource.title}\" and we think it may be interesting to you. Check it out and contribute:")
+               "has just endorsed \"#{resource_title}\" and we think it may be interesting to you. Check it out and contribute:")
     end
   end
   describe "notification_title" do
+    let(:resource_title) { decidim_sanitize_translated(resource.title) }
     it "is generated correctly" do
       expect(subject.notification_title)
-        .to include("The <a href=\"#{resource_path}\">#{translated resource.title}</a> #{resource_type} has been endorsed by ")
+        .to include("The <a href=\"#{resource_path}\">#{resource_title}</a> #{resource_type} has been endorsed by ")
       expect(subject.notification_title)
         .to include("<a href=\"/profiles/#{author.nickname}\">#{author.name} #{author_presenter.nickname}</a>.")

data/lib/decidim/core/test/shared_examples/resource_locator_presenter_examples.rb ADDED Viewed

@@ -0,0 +1,134 @@
+# frozen_string_literal: true
+require "spec_helper"
+shared_examples "generates routes without query strings on slug" do
+  let(:organization) { create(:organization, host: "1.lvh.me") }
+  let(:participatory_space) { create(factory_name, organization:) }
+  let(:component) { create(:component, id: 1, participatory_space:) }
+  let(:resource) { create(:dummy_resource, id: 1, component:) }
+  context "with a component resource" do
+    describe "#url" do
+      subject { described_class.new(resource).url }
+      it { is_expected.to eq("http://1.lvh.me:#{Capybara.server_port}/#{route_fragment}/f/1/dummy_resources/1") }
+      context "when specific port configured" do
+        before do
+          allow(ActionMailer::Base)
+            .to receive(:default_url_options)
+            .and_return(port: 3000)
+        end
+        it { is_expected.to eq("http://1.lvh.me:3000/#{route_fragment}/f/1/dummy_resources/1") }
+      end
+    end
+    describe "#path" do
+      subject { described_class.new(resource).path }
+      it { is_expected.to eq("/#{route_fragment}/f/1/dummy_resources/1") }
+    end
+    describe "#show" do
+      subject { described_class.new(participatory_space).show }
+      it { is_expected.to eq("/admin/#{admin_route_fragment}") }
+    end
+    describe "#edit" do
+      subject { described_class.new(participatory_space).edit }
+      it { is_expected.to eq("/admin/#{admin_route_fragment}/edit") }
+    end
+  end
+  context "with a polymorphic resource" do
+    let(:nested_resource) do
+      create(:nested_dummy_resource, id: 1, dummy_resource: resource)
+    end
+    describe "#url" do
+      subject { described_class.new([resource, nested_resource]).url }
+      it { is_expected.to eq("http://1.lvh.me:#{Capybara.server_port}/#{route_fragment}/f/1/dummy_resources/1/nested_dummy_resources/1") }
+      context "when specific port configured" do
+        before do
+          allow(ActionMailer::Base)
+            .to receive(:default_url_options)
+            .and_return(port: 3000)
+        end
+        it { is_expected.to eq("http://1.lvh.me:3000/#{route_fragment}/f/1/dummy_resources/1/nested_dummy_resources/1") }
+      end
+    end
+    describe "#path" do
+      subject { described_class.new([resource, nested_resource]).path }
+      it { is_expected.to eq("/#{route_fragment}/f/1/dummy_resources/1/nested_dummy_resources/1") }
+    end
+    describe "#index" do
+      subject { described_class.new([resource, nested_resource]).index }
+      it { is_expected.to eq("/#{route_fragment}/f/1/dummy_resources/1/nested_dummy_resources") }
+    end
+    describe "#admin_index" do
+      subject { described_class.new([resource, nested_resource]).admin_index }
+      it { is_expected.to eq("/admin/#{admin_route_fragment}/components/1/manage/dummy_resources/1/nested_dummy_resources") }
+    end
+    describe "#show" do
+      subject { described_class.new([resource, nested_resource]).show }
+      it { is_expected.to eq("/admin/#{admin_route_fragment}/components/1/manage/dummy_resources/1/nested_dummy_resources/1") }
+    end
+    describe "#edit" do
+      subject { described_class.new([resource, nested_resource]).edit }
+      it { is_expected.to eq("/admin/#{admin_route_fragment}/components/1/manage/dummy_resources/1/nested_dummy_resources/1/edit") }
+    end
+  end
+  context "with a participatory_space" do
+    describe "#url" do
+      subject { described_class.new(participatory_space).url }
+      it { is_expected.to eq("http://1.lvh.me:#{Capybara.server_port}/#{route_fragment}") }
+      context "when specific port configured" do
+        before do
+          allow(ActionMailer::Base)
+            .to receive(:default_url_options)
+            .and_return(port: 3000)
+        end
+        it { is_expected.to eq("http://1.lvh.me:3000/#{route_fragment}") }
+      end
+    end
+    describe "#path" do
+      subject { described_class.new(participatory_space).path }
+      it { is_expected.to eq("/#{route_fragment}") }
+    end
+    describe "#show" do
+      subject { described_class.new(participatory_space).show }
+      it { is_expected.to eq("/admin/#{admin_route_fragment}") }
+    end
+    describe "#edit" do
+      subject { described_class.new(participatory_space).edit }
+      it { is_expected.to eq("/admin/#{admin_route_fragment}/edit") }
+    end
+  end
+end

data/lib/decidim/core/test/shared_examples/simple_event.rb CHANGED Viewed

@@ -28,10 +28,10 @@ shared_context "when a simple event" do
   let(:extra) { {} }
   let(:resource_path) { resource_locator(resource).path }
   let(:resource_url) { resource_locator(resource).url }
-  let(:resource_title) { resource.title["en"] }
+  let(:resource_title) { decidim_sanitize_translated(resource.title) }
   # to be used when resource is a component resource, not a participatory space, in which case should be overriden
   let(:participatory_space) { resource.participatory_space }
-  let(:participatory_space_title) { participatory_space.title["en"] }
+  let(:participatory_space_title) { decidim_sanitize_translated(participatory_space.title) }
   let(:participatory_space_path) { Decidim::ResourceLocatorPresenter.new(participatory_space).path }
   let(:participatory_space_url) { Decidim::ResourceLocatorPresenter.new(participatory_space).url }
   let(:author) do
@@ -65,6 +65,7 @@ shared_examples_for "a simple event" do |skip_space_checks|
     it "is generated correctly" do
       expect(subject.email_subject).to be_kind_of(String)
       expect(subject.email_subject).not_to include("translation missing")
+      expect(subject.email_subject).not_to include("script")
     end
   end
@@ -100,6 +101,7 @@ shared_examples_for "a simple event" do |skip_space_checks|
     it "is generated correctly" do
       expect(subject.notification_title).to be_kind_of(String)
       expect(subject.notification_title).not_to include("translation missing")
+      expect(subject.notification_title).not_to include("script")
     end
   end
@@ -129,6 +131,12 @@ shared_examples_for "a simple event" do |skip_space_checks|
         expect(subject.participatory_space_url).to start_with("http")
       end
     end
+    describe "participatory_space_title" do
+      it "is generated correctly" do
+        expect(translated(participatory_space.title)).to include("script")
+      end
+    end
   end
   describe "i18n_options" do
@@ -158,6 +166,10 @@ shared_examples_for "a simple event email" do
     it "is generated correctly" do
       expect(subject.email_subject).to eq(email_subject)
     end
+    it "is html safe" do
+      expect(subject.email_subject).not_to include("script")
+    end
   end
   describe "email_intro" do
@@ -179,5 +191,9 @@ shared_examples_for "a simple event notification" do
       expect(subject.notification_title)
         .to eq(notification_title)
     end
+    it "is html safe" do
+      expect(subject.notification_title).not_to include("script")
+    end
   end
 end

data/lib/decidim/core/test.rb CHANGED Viewed

@@ -77,3 +77,4 @@ require "decidim/core/test/shared_examples/digest_mail_examples"
 require "decidim/core/test/shared_examples/hideable_resource_examples"
 require "decidim/core/test/shared_examples/active_support_examples"
 require "decidim/core/test/shared_examples/statistics_cell_examples"
+require "decidim/core/test/shared_examples/resource_locator_presenter_examples"

data/lib/decidim/core/version.rb CHANGED Viewed

@@ -4,7 +4,7 @@ module Decidim
   # This holds the decidim-core version.
   module Core
     def self.version
-      "0.28.0"
+      "0.28.2"
     end
   end
 end