decidim-core 0.28.4 → 0.28.5

data/config/locales/ru.yml

@@ -248,6 +248,10 @@ ru:
         name: Статистика организации
       sub_hero:
         name: Под-богатырский баннер
+    core:
+      application_helper:
+        filter_category_values:
+          all: Все
     devise:
       omniauth_registrations:
         new:

data/config/locales/sk.yml

@@ -342,6 +342,10 @@ sk:
         name: Štatistiky organizácie
       sub_hero:
         name: Pruh pod hlavným pruhom
+    core:
+      application_helper:
+        filter_category_values:
+          all: Všetko
     devise:
       omniauth_registrations:
         new:
@@ -824,7 +828,7 @@ sk:
     scopes:
       global: Globální oblast působnosti
       picker:
-        cancel: zrušenie
+        cancel: Zrušiť
         choose: Vybrat
         title: Vyberte %{field}
       prompt: Vyberte oblast

data/config/locales/sv.yml

@@ -595,7 +595,7 @@ sv:
           already_have_an_account?: Har du redan ett konto?
           log_in: Logga in
           newsletter: Få enstaka nyhetsbrev med relevant information
-          newsletter_title: Kontakttillstånd
+          newsletter_title: Tillåtelse att kontakta mig
           sign_up: Registrera dig
           subtitle: Registrera dig för att delta i diskussioner och stödja förslag.
           terms: användarvillkoren
@@ -938,9 +938,9 @@ sv:
         index:
           badge_title: "%{name} märke"
           how: Hur kan du få det
-          page_description: Märken visar att du varit aktiv som deltagare på plattformen och deltagit i behandlingen. Medan du upptäcker, deltar och samverkar på plattformen får du olika märken. Här är listan med märken och hur du kan få dem.
+          page_description: Märkena visar att du varit en aktiv deltagare på plattformen. Genom att utforska, delta och samverka på plattformen får du olika märken. Här är alla märken och hur du kan få dem.
           title: Märken
-      description: Märken visar att du varit aktiv som deltagare på plattformen och deltagit i behandlingen. Medan du upptäcker, deltar och samverkar på plattformen får du olika märken.
+      description: Märkena visar att du varit en aktiv deltagare på plattformen. Genom att utforska, delta och samverka på plattformen får du olika märken.
       level: Nivå %{level}
       reached_top: Du har nått den högsta nivån för detta märke.
       title: Vilka är märkena?
@@ -1033,7 +1033,7 @@ sv:
     help:
       main_topic:
         default_page:
-          content: "<p>I %{organization} kan du delta och besluta i de deltagandeprocesser som visas i toppmenyn: processer, samråd, namninsamlingar och konsultationer.</p> <p>Inom varje område kan du delta på olika sätt: lämna förslag – enskilt eller med andra människor – delta i debatter, prioritera projekt att genomföra, delta i möten med mera.</p>\n"
+          content: "<p>I %{organization} kan du delta och besluta i de deltagandeprocesser som visas i toppmenyn: processer, samråd, initiativ och konsultationer.</p> <p>Inom varje område kan du delta på olika sätt: lämna förslag – enskilt eller med andra människor – delta i debatter, prioritera projekt att genomföra, delta i möten med mera.</p>\n"
           title: Vad kan jag göra i %{organization}?
         description: Läs mer om %{organization}.
         title: Allmän hjälp
@@ -1436,7 +1436,7 @@ sv:
         jump_to: 'Gå till:'
         search: Sök
         state:
-          active: Aktiva
+          active: Pågående
           all: Alla
           future: Framtida
           past: Tidigare
@@ -1716,7 +1716,7 @@ sv:
       already_signed_out: Du är utloggad.
       new:
         log_in: Logga in
-      signed_in: Loggade in.
+      signed_in: Du är inloggad.
       signed_out: Du är utloggad.
     shared:
       links:
@@ -1969,7 +1969,7 @@ sv:
         account: Konto
         authorizations: Auktoriseringar
         delete_my_account: Radera mitt konto
-        my_data: Mitt data
+        my_data: Min data
         my_interests: Mina intressen
         notifications_settings: Meddelandeinställningar
         profile: Profil

data/config/locales/tr-TR.yml

@@ -379,6 +379,10 @@ tr:
         name: Organizasyon istatistikleri
       sub_hero:
         name: Alt ana afişi
+    core:
+      application_helper:
+        filter_category_values:
+          all: Herşey
     devise:
       omniauth_registrations:
         new:
@@ -957,7 +961,7 @@ tr:
     scopes:
       global: Küresel kapsamı
       picker:
-        cancel: İptal etmek
+        cancel: İptal Et
         change: Seçili kapsamı değiştir
         choose: seçmek
         currently_selected: Şu anda seçili kapsam
@@ -1027,6 +1031,7 @@ tr:
       participatory_space_filters:
         filters:
           areas: alanlar
+          scope: Kapsam
           select_an_area: Bir bölge seçin
       progress: "Süreç\nİlerleme"
       reference:

data/config/locales/uk.yml

@@ -191,6 +191,10 @@ uk:
         name: Статистика організації
       sub_hero:
         name: Під-багатирський банер
+    core:
+      application_helper:
+        filter_category_values:
+          all: Усі
     devise:
       omniauth_registrations:
         new:
@@ -417,7 +421,6 @@ uk:
     scopes:
       global: Всеохопний обсяг
       picker:
-        cancel: Скасувати
         choose: Оберіть
         title: Оберіть %{field}
       prompt: Оберіть обсяг

data/config/locales/zh-CN.yml

@@ -324,6 +324,10 @@ zh-CN:
         name: 组织统计
       sub_hero:
         name: 子英雄广告
+    core:
+      application_helper:
+        filter_category_values:
+          all: 所有的
     devise:
       omniauth_registrations:
         new:
@@ -923,6 +927,7 @@ zh-CN:
       participatory_space_filters:
         filters:
           areas: 地区
+          scope: 范围
           select_an_area: 选择区域
       reference:
         reference: '引用: %{reference}'

data/config/locales/zh-TW.yml

@@ -500,6 +500,9 @@ zh-TW:
       actions:
         login_before_access: 請先登入您的帳戶再進行訪問.
         unauthorized: 您無權限執行此操作.
+      application_helper:
+        filter_category_values:
+          all: 全部
     devise:
       omniauth_registrations:
         create:
@@ -1368,6 +1371,7 @@ zh-TW:
       participatory_space_filters:
         filters:
           areas: 區域
+          scope: 範圍
           select_an_area: 選擇一個地區
       public_participation:
         public_participation: 公開展示我的出席情況。

data/config/routes.rb

@@ -137,6 +137,7 @@ Decidim::Core::Engine.routes.draw do
     get "group_members", to: "profiles#group_members", as: "profile_group_members"
     get "group_admins", to: "profiles#group_admins", as: "profile_group_admins"
     get "activity", to: "user_activities#index", as: "profile_activity"
+    get "tooltip", to: "profiles#tooltip", as: "profile_tooltip"
     resources :conversations, except: [:destroy], controller: "user_conversations", as: "profile_conversations"
   end
 

data/decidim-core.gemspec

@@ -21,7 +21,7 @@ Gem::Specification.new do |s|
   }
   s.summary = "The core of the Decidim framework."
   s.description = "Adds core features so other engines can hook into the framework."
-  s.license = "AGPL-3.0"
+  s.license = "AGPL-3.0-or-later"
   s.required_ruby_version = "~> 3.1.0"
 
   s.files = Dir.chdir(__dir__) do
@@ -31,6 +31,9 @@ Gem::Specification.new do |s|
     end
   end
 
+  # Lock Temporarily as it is failing in 0.29 branch. More info: https://github.com/rails/rails/pull/54264
+  s.add_dependency "concurrent-ruby", "= 1.2.2"
+
   s.add_dependency "active_link_to", "~> 1.0"
   s.add_dependency "acts_as_list", "~> 1.0"
   s.add_dependency "batch-loader", "~> 1.2"

data/lib/decidim/api/functions/component_list.rb

@@ -27,7 +27,7 @@ module Decidim
         @query = Decidim::Component
         # remove default ordering if custom order required
         @query = @query.unscoped if args[:order]
-        @query = @query.where(participatory_space:).published
+        @query = @query.where(participatory_space:)
         add_filter_keys(args[:filter])
         add_order_keys(args[:order].to_h)
         add_default_order

data/lib/decidim/api/functions/participatory_space_finder_base.rb

@@ -22,7 +22,17 @@ module Decidim
         args.compact.keys.each do |key|
           query[key] = args[key]
         end
-        model_class.public_spaces.find_by(query)
+
+        @query =
+          if ctx[:current_user]&.admin?
+            model_class
+          elsif model_class.respond_to?(:visible_for)
+            model_class.visible_for(ctx[:current_user])
+          else
+            model_class.public_spaces
+          end
+
+        @query.find_by(query)
       end
     end
   end

data/lib/decidim/api/interfaces/participatory_space_interface.rb

@@ -23,7 +23,7 @@ module Decidim
         ParticipatorySpaceManifestPresenter.new(object.manifest, object.organization)
       end
 
-      field :components, [ComponentInterface], null: true, description: "Lists the components this space contains." do
+      field :components, [ComponentInterface, { null: true }], null: true, description: "Lists the components this space contains." do
         argument :filter, ComponentInputFilter, "Provides several methods to filter the results", required: false
         argument :order, ComponentInputSort, "Provides several methods to order the results", required: false
       end

data/lib/decidim/api/types/component_type.rb

@@ -5,6 +5,13 @@ module Decidim
     class ComponentType < Decidim::Api::Types::BaseObject
       implements Decidim::Core::ComponentInterface
       description "A base component with no particular specificities."
+
+      def self.authorized?(object, context)
+        context[:component] = object
+        context[:current_component] = object
+
+        super && allowed_to?(:read, :component, object, context)
+      end
     end
   end
 end

data/lib/decidim/api/types/user_group_type.rb

@@ -59,6 +59,10 @@ module Decidim
       def members_count
         object.accepted_memberships.count
       end
+
+      def self.authorized?(object, context)
+        super && !object.blocked?
+      end
     end
   end
 end

data/lib/decidim/api/types/user_type.rb

@@ -62,6 +62,10 @@ module Decidim
       def groups
         object.accepted_user_groups
       end
+
+      def self.authorized?(object, context)
+        super && object.confirmed? && !object.blocked? && !object.deleted?
+      end
     end
   end
 end

data/lib/decidim/attributes/rich_text.rb

@@ -0,0 +1,38 @@
+# frozen_string_literal: true
+
+module Decidim
+  module Attributes
+    # Custom attributes value to convert rich text strings in the database, i.e.
+    # strings that originate from the editor.
+    class RichText < Decidim::Attributes::CleanString
+      def type
+        :"decidim/attributes/rich_text"
+      end
+
+      # Serializes the value to the database.
+      def serialize(value)
+        serialize_value(value)
+      end
+
+      private
+
+      # From form to database
+      def serialize_value(value)
+        return value unless value.is_a?(String)
+
+        context = {}
+        parsed = Decidim::ContentProcessor.parse_with_processor(:blob, value, context)
+        parsed.rewrite
+      end
+
+      # From database to form
+      def cast_value(value)
+        clean_string = super
+        return clean_string unless clean_string.is_a?(String)
+
+        renderer = Decidim::ContentProcessor.renderer_klass(:blob).constantize.new(clean_string)
+        renderer.render
+      end
+    end
+  end
+end

data/lib/decidim/attributes/time_with_zone.rb

@@ -5,6 +5,15 @@ module Decidim
     # Custom attributes value to parse a String representing a Time using
     # the app TimeZone.
     class TimeWithZone < ActiveModel::Type::DateTime
+      # Date format: 2020-06-20T, 2020-06-20, 20/06/2020T or 20/06/2020
+      # Time format: 10:20, 10:20:30 or 10:20:30.123456
+      ISO_DATETIME_WITHOUT_TIMEZONE = %r{
+        \A
+        ((\d{4})-(\d\d)-(\d\d)|(\d\d)/(\d\d)/(\d{4}))(?:T|\s)
+        (\d\d):(\d\d)(:(\d\d)(?:\.(\d{1,6})\d*)?)?
+        \z
+      }x
+
       def type
         :"decidim/attributes/time_with_zone"
       end
@@ -18,8 +27,9 @@ module Decidim
       rescue ArgumentError
         fallback = super
         return fallback unless fallback.is_a?(Time)
+        return Time.zone.parse(fallback.strftime("%F %T")) if ISO_DATETIME_WITHOUT_TIMEZONE.match?(value)
 
-        Time.zone.parse(fallback.strftime("%F %T"))
+        ActiveSupport::TimeWithZone.new(fallback, Time.zone)
       end
     end
   end

data/lib/decidim/attributes.rb

@@ -5,6 +5,7 @@ module Decidim
     autoload :TimeWithZone, "decidim/attributes/time_with_zone"
     autoload :LocalizedDate, "decidim/attributes/localized_date"
     autoload :CleanString, "decidim/attributes/clean_string"
+    autoload :RichText, "decidim/attributes/rich_text"
     autoload :Blob, "decidim/attributes/blob"
     autoload :Array, "decidim/attributes/array"
     autoload :Hash, "decidim/attributes/hash"
@@ -27,6 +28,7 @@ module Decidim
     ActiveModel::Type.register(:"decidim/attributes/time_with_zone", Decidim::Attributes::TimeWithZone)
     ActiveModel::Type.register(:"decidim/attributes/localized_date", Decidim::Attributes::LocalizedDate)
     ActiveModel::Type.register(:"decidim/attributes/clean_string", Decidim::Attributes::CleanString)
+    ActiveModel::Type.register(:"decidim/attributes/rich_text", Decidim::Attributes::RichText)
     ActiveModel::Type.register(:"decidim/attributes/blob", Decidim::Attributes::Blob)
 
     # Overrides

data/lib/decidim/content_parsers/blob_parser.rb

@@ -0,0 +1,93 @@
+# frozen_string_literal: true
+
+module Decidim
+  module ContentParsers
+    # Parses any blob URLs from the content and replaces them with references
+    # to those blobs.
+    class BlobParser < BaseParser
+      # Matches all possible URLs pointing to ActiveStorage::Blob objects.
+      #
+      # Possible routes:
+      # get "/blobs/redirect/:signed_id/*filename"
+      # get "/blobs/proxy/:signed_id/*filename"
+      # get "/blobs/:signed_id/*filename"
+      # get "/representations/redirect/:signed_blob_id/:variation_key/*filename"
+      # get "/representations/proxy/:signed_blob_id/:variation_key/*filename"
+      # get "/representations/:signed_blob_id/:variation_key/*filename"
+      # get  "/disk/:encoded_key/*filename"
+      #
+      # See:
+      # https://github.com/rails/rails/blob/a7e379896552ce43b822385c03c37f2bd47739d3/activestorage/config/routes.rb#L5-L14
+      BLOB_REGEX = %r{
+        # Group 1: Host part
+        (
+          # Group 2: Domain and subpath part
+          https?://((?!/rails).)+
+        )?
+        /rails/active_storage
+        # Group 3: Blob path, representation path or disk service path
+        /(blobs/redirect|blobs/proxy|blobs|representations/redirect|representations/proxy|representations|disk)
+        # Group 4: Signed ID for blobs or encoded key for disk service
+        /([^/]+)
+        # Group 5: Variation part (only for representations)
+        (
+          # Group 6: Variation key for representations
+          /([\w.=-]+)
+        )?
+        # Group 7: Filename
+        /([\w.=-]+)
+      }x
+
+      def rewrite
+        replace_blobs(content)
+      end
+
+      private
+
+      def replace_blobs(text)
+        text.gsub(BLOB_REGEX) do |match|
+          type_part = Regexp.last_match(3)
+          key_part = Regexp.last_match(4)
+
+          variation_key = nil
+          blob =
+            if type_part == "disk"
+              # Disk service URL
+              decoded = ActiveStorage.verifier.verified(key_part, purpose: :blob_key)
+              ActiveStorage::Blob.find_by(key: decoded[:key]) if decoded
+            else
+              # Representation or blob
+              if type_part.start_with?("representations")
+                # Representation
+                variation_part = Regexp.last_match(6)
+                variation_key = generate_variation_key(variation_part)
+              end
+
+              ActiveStorage::Blob.find_signed(key_part)
+            end
+          next match unless blob
+
+          "#{blob.to_global_id}#{"/#{variation_key}" if variation_key}"
+        end
+      end
+
+      def generate_variation_key(variation_part)
+        # The variation part has to be decoded because it will eventually
+        # expire. This way we can preserve the variation information
+        # longer.
+        variation = ActiveStorage.verifier.verify(variation_part, purpose: :variation)
+        return unless variation
+
+        # Convert to base64 encoded JSON string for better representation within
+        # the URLs. This manually encoded part will not expire as it is
+        # persisted to the database.
+        Base64.strict_encode64(ActiveSupport::JSON.encode(variation))
+      rescue ActiveSupport::MessageVerifier::InvalidSignature
+        # This happens if the variation key is already expired in which
+        # case it cannot be represented and instead a URL to the blob is
+        # created.
+        variation_part
+      end
+    end
+  end
+end

data/lib/decidim/content_parsers.rb

@@ -3,6 +3,7 @@
 module Decidim
   module ContentParsers
     autoload :BaseParser, "decidim/content_parsers/base_parser"
+    autoload :BlobParser, "decidim/content_parsers/blob_parser"
     autoload :UserParser, "decidim/content_parsers/user_parser"
     autoload :UserGroupParser, "decidim/content_parsers/user_group_parser"
     autoload :HashtagParser, "decidim/content_parsers/hashtag_parser"

data/lib/decidim/content_renderers/blob_renderer.rb

@@ -0,0 +1,90 @@
+# frozen_string_literal: true
+
+module Decidim
+  module ContentRenderers
+    # A renderer that searches Global IDs representing blobs in content and
+    # replaces it with a URL to these blobs.
+    #
+    # e.g. gid://<APP_NAME>/ActiveStorage::Blob/1
+    #
+    # OR for representations
+    #
+    # e.g. gid://<APP_NAME>/ActiveStorage::Blob/1/<encoded variant transformations>
+    #
+    # The `<encoded variant transformations>` part of the URL is a Base64
+    # encoded string that contains an unencrypted JSON-encoded value about the
+    # blob transformations. This way the specific representations can be stored
+    # in the database without having these values expiring.
+    #
+    # @see BaseRenderer Examples of how to use a content renderer
+    class BlobRenderer < BaseRenderer
+      # Matches a global id representing a Decidim::User
+      GLOBAL_ID_REGEX = %r{(gid://[\w-]+/ActiveStorage::Blob/\d+)(/([\w=-]+))?}
+
+      # Replaces found Global IDs matching an existing blob with a URL to
+      # that blob. The Global IDs representing an invalid ActiveStorage::Blob
+      # are replaced with an empty string.
+      #
+      # @return [String] the content ready to display (contains HTML)
+      def render(_options = nil)
+        replace_pattern(content, GLOBAL_ID_REGEX)
+      end
+
+      protected
+
+      def replace_pattern(text, pattern)
+        return text unless text.respond_to?(:gsub)
+
+        text.gsub(pattern) do
+          blob_gid = Regexp.last_match(1)
+          variation_key = Regexp.last_match(3)
+
+          blob = GlobalID::Locator.locate(blob_gid)
+          if variation_key
+            variation = begin
+              ActiveSupport::JSON.decode(Base64.strict_decode64(variation_key))
+            rescue JSON::ParseError
+              variation_key
+            end
+            blob_url(blob, variation)
+          else
+            blob_url(blob)
+          end
+        rescue ActiveRecord::RecordNotFound => _e
+          ""
+        end
+      end
+
+      def blob_url(blob, variation = nil)
+        url = begin
+          if variation
+            blob.variant(variation).url
+          else
+            blob.url
+          end
+        rescue ArgumentError
+          # ArgumentError is raised in case the blob's service is set to
+          # ActiveStorage::Service::DiskService and
+          # `ActiveStorage::Current.url_options` is not set.
+        end
+        raise URI::InvalidURIError if url.blank?
+
+        url
+      rescue URI::InvalidURIError
+        local_blob_url(blob, variation)
+      end
+
+      def local_blob_url(blob, variation = nil)
+        if variation
+          routes.rails_representation_url(blob.variant(variation), only_path: true)
+        else
+          routes.rails_blob_url(blob, only_path: true)
+        end
+      end
+
+      def routes
+        @routes ||= Rails.application.routes.url_helpers
+      end
+    end
+  end
+end

data/lib/decidim/content_renderers.rb

@@ -3,6 +3,7 @@
 module Decidim
   module ContentRenderers
     autoload :BaseRenderer, "decidim/content_renderers/base_renderer"
+    autoload :BlobRenderer, "decidim/content_renderers/blob_renderer"
     autoload :UserRenderer, "decidim/content_renderers/user_renderer"
     autoload :UserGroupRenderer, "decidim/content_renderers/user_group_renderer"
     autoload :HashtagRenderer, "decidim/content_renderers/hashtag_renderer"

data/lib/decidim/core/engine.rb

@@ -237,6 +237,34 @@ module Decidim
         app.config.action_mailer.deliver_later_queue_name = :mailers
       end
 
+      initializer "decidim_core.active_storage", before: "active_storage.configs" do |app|
+        next if app.config.active_storage.service_urls_expire_in.present?
+
+        # Ensure that the ActiveStorage URLs are valid long enough because with
+        # the default configuration they would expire in 5 minutes which is a
+        # problem:
+        #   a) for the backend blob URL replacement
+        #   and
+        #   b) for caching
+        #
+        # Note the limitations for each storage service regarding the signed URL
+        # expiration times. This limitation has to be also considered when
+        # defining a caching strategy, otherwise e.g. images or files may not
+        # display correctly when caching is enabled.
+        #
+        # ActiveStorage disk service (default): no limitation
+        #
+        # S3: maximum is 7 days from the creation of the URL
+        # https://docs.aws.amazon.com/AmazonS3/latest/userguide/PresignedUrlUploadObject.html
+        #
+        # Google: maximum is 7 days (604800 seconds)
+        # https://cloud.google.com/storage/docs/access-control/signed-urls
+        #
+        # Azure: no limitation
+        # https://learn.microsoft.com/en-us/azure/storage/common/storage-sas-overview#best-practices-when-using-sas
+        app.config.active_storage.service_urls_expire_in = 7.days
+      end
+
       initializer "decidim_core.signed_global_id", after: "global_id" do |app|
         next if app.config.global_id.fetch(:expires_in, nil).present?
 
@@ -417,7 +445,7 @@ module Decidim
 
       initializer "decidim_core.content_processors" do |_app|
         Decidim.configure do |config|
-          config.content_processors += [:user, :user_group, :hashtag, :link]
+          config.content_processors += [:user, :user_group, :hashtag, :link, :blob]
         end
       end
 

data/lib/decidim/core/test/factories.rb

@@ -203,8 +203,15 @@ FactoryBot.define do
     end
 
     trait :deleted do
+      name { "" }
+      nickname { "" }
       email { "" }
+      delete_reason { "I want to delete my account" }
+      admin { false }
       deleted_at { Time.current }
+      avatar { nil }
+      personal_url { "" }
+      about { "" }
     end
 
     trait :admin_terms_accepted do
@@ -1001,4 +1008,25 @@ FactoryBot.define do
         end
     end
   end
+
+  factory :blob, class: "ActiveStorage::Blob" do
+    transient do
+      filepath { Decidim::Dev.asset("city.jpeg") }
+    end
+
+    filename { File.basename(filepath) }
+    content_type { MiniMime.lookup_by_filename(filepath)&.content_type || "text/plain" }
+
+    before(:create) do |object, evaluator|
+      object.upload(File.open(evaluator.filepath))
+    end
+
+    trait :image do
+      filepath { Decidim::Dev.asset("city.jpeg") }
+    end
+
+    trait :document do
+      filepath { Decidim::Dev.asset("Exampledocument.pdf") }
+    end
+  end
 end

data/lib/decidim/core/test/shared_examples/authorable_interface_examples.rb

@@ -18,7 +18,7 @@ shared_examples_for "authorable interface" do
     end
 
     describe "with a regular user" do
-      let(:author) { create(:user, organization: model.participatory_space.organization) }
+      let(:author) { create(:user, :confirmed, organization: model.participatory_space.organization) }
       let(:query) { "{ author { name } }" }
 
       before do