decidim-core 0.31.3 → 0.31.5
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/app/cells/decidim/content_blocks/html_cell.rb +1 -1
- data/app/cells/decidim/content_blocks/static_page/section_cell.rb +1 -1
- data/app/cells/decidim/content_blocks/static_page/summary_cell.rb +1 -1
- data/app/cells/decidim/content_blocks/static_page/two_pane_section_cell.rb +2 -2
- data/app/cells/decidim/data_consent/category.erb +5 -5
- data/app/cells/decidim/nav_links/show.erb +3 -3
- data/app/cells/decidim/participatory_space_private_user/show.erb +6 -6
- data/app/cells/decidim/participatory_space_private_user_cell.rb +0 -4
- data/app/cells/decidim/upload_modal_cell.rb +5 -0
- data/app/controllers/decidim/download_your_data_controller.rb +1 -1
- data/app/controllers/decidim/notifications_subscriptions_controller.rb +8 -0
- data/app/controllers/decidim/private_downloads_controller.rb +29 -0
- data/app/helpers/decidim/mailer_helper.rb +36 -0
- data/app/helpers/decidim/menu_helper.rb +2 -1
- data/app/helpers/decidim/newsletters_helper.rb +4 -22
- data/app/mailers/decidim/application_mailer.rb +4 -0
- data/app/models/decidim/attachment.rb +20 -2
- data/app/models/decidim/authorization.rb +7 -0
- data/app/models/decidim/private_download.rb +61 -0
- data/app/models/decidim/private_export.rb +6 -0
- data/app/packs/src/decidim/controllers/accordion/accordion.test.js +118 -0
- data/app/packs/src/decidim/controllers/accordion/controller.js +24 -0
- data/app/packs/src/decidim/controllers/dropdown/controller.js +26 -0
- data/app/packs/src/decidim/controllers/dropdown/dropdown.test.js +187 -0
- data/app/packs/src/decidim/controllers/form_validator/form_validator.js +3 -2
- data/app/packs/src/decidim/controllers/form_validator/form_validator.test.js +5 -0
- data/app/packs/src/decidim/editor/extensions/image/index.js +49 -11
- data/app/packs/src/decidim/editor/extensions/image/node_view.js +9 -1
- data/app/packs/src/decidim/editor/extensions/link/bubble_menu.js +34 -6
- data/app/packs/src/decidim/editor/extensions/link/index.js +45 -12
- data/app/packs/src/decidim/editor/test/extensions/image_links.test.js +161 -0
- data/app/packs/src/decidim/sw/push-permissions.js +48 -13
- data/app/packs/stylesheets/decidim/_rich_text.scss +17 -0
- data/app/packs/stylesheets/decidim/editor.scss +10 -0
- data/app/presenters/decidim/menu_item_presenter.rb +7 -1
- data/app/services/decidim/notifications_subscriptions_persistor.rb +6 -0
- data/app/services/decidim/push_subscription_endpoint_validator.rb +34 -0
- data/app/services/decidim/send_push_notification.rb +5 -1
- data/app/views/decidim/devise/registrations/new.html.erb +1 -0
- data/app/views/decidim/devise/shared/_tos_fields.html.erb +3 -3
- data/app/views/decidim/notification_mailer/event_received.html.erb +3 -3
- data/app/views/decidim/notifications_settings/show.html.erb +5 -5
- data/app/views/decidim/pages/_tabbed.html.erb +3 -3
- data/app/views/decidim/shared/_filters.html.erb +5 -5
- data/app/views/decidim/shared/filters/_check_boxes_tree.html.erb +1 -1
- data/app/views/decidim/shared/filters/_collection.html.erb +1 -1
- data/config/locales/ca-IT.yml +1 -0
- data/config/locales/ca.yml +1 -0
- data/config/locales/cs.yml +2 -0
- data/config/locales/de.yml +27 -0
- data/config/locales/en.yml +1 -0
- data/config/locales/es-MX.yml +1 -0
- data/config/locales/es-PY.yml +1 -0
- data/config/locales/es.yml +1 -0
- data/config/locales/eu.yml +4 -0
- data/config/locales/fi-plain.yml +5 -0
- data/config/locales/fi.yml +7 -2
- data/config/locales/fr-CA.yml +1 -0
- data/config/locales/fr.yml +1 -0
- data/config/locales/it.yml +10 -0
- data/config/locales/pt-BR.yml +1 -1
- data/config/locales/sk.yml +1417 -0
- data/config/locales/sv.yml +1 -0
- data/config/routes.rb +1 -0
- data/lib/decidim/content_parsers/blob_parser.rb +3 -3
- data/lib/decidim/content_renderers/blob_renderer.rb +2 -2
- data/lib/decidim/core/test/shared_examples/participatory_space_members_shared_examples.rb +121 -0
- data/lib/decidim/core/version.rb +1 -1
- data/lib/decidim/participatory_space_user.rb +1 -1
- metadata +14 -6
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 62bd053e6fd5eba91bd7b08d3c502accbe3a13d9045cab68091035b0c95b2964
|
|
4
|
+
data.tar.gz: 1376e77830f2ec0e1f96c1503caa458f4c834d956f3e189e5d1176ad3403f430
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 4beb29f27737221e77294185ea9b1d1fde88cb3296cd21691cc91ad2477117669b20b3f8369a80d7e9443594d516701462134ef77936433b4d372571ddaf414a
|
|
7
|
+
data.tar.gz: 51aafb46408f1a5cb3067e73b9559661b10c8573a46d5fb3036b576e94a998d9f98952da18cb0330d67d1379c7d7e568b4e9f9c9c22a2c9e30a4a998e5484991
|
|
@@ -5,11 +5,11 @@ module Decidim
|
|
|
5
5
|
module StaticPage
|
|
6
6
|
class TwoPaneSectionCell < Decidim::ViewModel
|
|
7
7
|
def left_column
|
|
8
|
-
translated_attribute(model.settings.left_column)
|
|
8
|
+
decidim_sanitize_editor_admin(translated_attribute(model.settings.left_column))
|
|
9
9
|
end
|
|
10
10
|
|
|
11
11
|
def right_column
|
|
12
|
-
translated_attribute(model.settings.right_column)
|
|
12
|
+
decidim_sanitize_editor_admin(translated_attribute(model.settings.right_column))
|
|
13
13
|
end
|
|
14
14
|
end
|
|
15
15
|
end
|
|
@@ -13,12 +13,12 @@
|
|
|
13
13
|
<%= icon "close-line", class: "cookies__category-toggle-icon" %>
|
|
14
14
|
</label>
|
|
15
15
|
|
|
16
|
-
<
|
|
17
|
-
|
|
18
|
-
|
|
19
|
-
</h3>
|
|
16
|
+
<h3 id="accordion-title-<%= category[:slug] %>" class="cookies__category-trigger-title">
|
|
17
|
+
<%= category[:title] %>
|
|
18
|
+
</h3>
|
|
20
19
|
|
|
21
|
-
|
|
20
|
+
<div id="accordion-trigger-<%= category[:slug] %>" role="group" data-controls="accordion-panel-<%= category[:slug] %>" aria-labelledby="accordion-title-<%= category[:slug] %>">
|
|
21
|
+
<span aria-hidden="true">
|
|
22
22
|
<%= icon "arrow-down-s-line", class: "cookies__category-trigger-arrow" %>
|
|
23
23
|
<%= icon "arrow-up-s-line", class: "cookies__category-trigger-arrow" %>
|
|
24
24
|
</span>
|
|
@@ -1,12 +1,12 @@
|
|
|
1
1
|
<div class="participatory-space__nav-container">
|
|
2
|
-
<button id="dropdown-trigger-participatory-space" data-controller="dropdown" data-target="dropdown-menu-participatory-space" data-auto-close="true" data-scroll-to-menu="true">
|
|
2
|
+
<button id="dropdown-trigger-participatory-space" data-controller="dropdown" data-target="dropdown-menu-participatory-space" data-auto-close="true" data-scroll-to-menu="true" data-add-aria-roles="false" data-open-md="true">
|
|
3
3
|
<span><%= t("decidim.searches.filters.jump_to") %></span>
|
|
4
4
|
<%= icon "arrow-down-s-line" %>
|
|
5
5
|
<%= icon "arrow-up-s-line" %>
|
|
6
6
|
</button>
|
|
7
|
-
<ul id="dropdown-menu-participatory-space" class="participatory-space__nav"
|
|
7
|
+
<ul id="dropdown-menu-participatory-space" class="participatory-space__nav">
|
|
8
8
|
<% model.each do |item| %>
|
|
9
|
-
<li
|
|
9
|
+
<li>
|
|
10
10
|
<%= link_to item[:url], class: "participatory-space__nav-item" do %>
|
|
11
11
|
<%= decidim_escape_translated(item[:name]) %>
|
|
12
12
|
<%= icon "arrow-right-line" %>
|
|
@@ -1,13 +1,13 @@
|
|
|
1
|
-
|
|
1
|
+
<%= link_to profile_url, class: "profile__user" do %>
|
|
2
2
|
<div class="profile__user-avatar-container">
|
|
3
|
-
<div class="
|
|
4
|
-
<%= image_tag(
|
|
3
|
+
<div class="profile__user-avatar">
|
|
4
|
+
<%= image_tag(model.avatar_url(:big), alt: "member-avatar") %>
|
|
5
5
|
</div>
|
|
6
6
|
</div>
|
|
7
7
|
<div>
|
|
8
|
-
<
|
|
8
|
+
<span class="profile__user-name">
|
|
9
9
|
<%= name %>
|
|
10
|
-
</
|
|
10
|
+
</span>
|
|
11
11
|
<% if nickname.present? %>
|
|
12
12
|
<span class="profile__user-nick block">
|
|
13
13
|
<%= nickname %>
|
|
@@ -20,4 +20,4 @@
|
|
|
20
20
|
</span>
|
|
21
21
|
</div>
|
|
22
22
|
</div>
|
|
23
|
-
|
|
23
|
+
<% end %>
|
|
@@ -177,6 +177,11 @@ module Decidim
|
|
|
177
177
|
|
|
178
178
|
def file_attachment_path(attachment)
|
|
179
179
|
return unless attachment
|
|
180
|
+
|
|
181
|
+
if attachment.respond_to?(:record) && attachment.record.is_a?(Decidim::Authorization) && attachment.name.to_s == "verification_attachment"
|
|
182
|
+
return decidim.private_download_path(Decidim::PrivateDownload.for(attachment.record, attachment_name: attachment.name).token)
|
|
183
|
+
end
|
|
184
|
+
|
|
180
185
|
return Rails.application.routes.url_helpers.rails_blob_url(attachment, only_path: true) if attachment.is_a? ActiveStorage::Blob
|
|
181
186
|
|
|
182
187
|
if attachment.try(:attached?)
|
|
@@ -50,7 +50,7 @@ module Decidim
|
|
|
50
50
|
flash[:error] = t("decidim.account.download_your_data_export.export_expired")
|
|
51
51
|
redirect_to download_your_data_path
|
|
52
52
|
elsif private_export.file.attached?
|
|
53
|
-
redirect_to
|
|
53
|
+
redirect_to private_download_path(Decidim::PrivateDownload.for(private_export, attachment_name: :file).token)
|
|
54
54
|
else
|
|
55
55
|
flash[:error] = t("decidim.account.download_your_data_export.file_no_exists")
|
|
56
56
|
redirect_to download_your_data_path
|
|
@@ -3,6 +3,8 @@
|
|
|
3
3
|
module Decidim
|
|
4
4
|
# The controller to handle the subscriptions to push notifications
|
|
5
5
|
class NotificationsSubscriptionsController < Decidim::ApplicationController
|
|
6
|
+
rescue_from Decidim::NotificationsSubscriptionsPersistor::UnsupportedPushSubscriptionEndpointError, with: :unsupported_browser
|
|
7
|
+
|
|
6
8
|
def create
|
|
7
9
|
Decidim::NotificationsSubscriptionsPersistor.new(current_user).add_subscription(params)
|
|
8
10
|
head :ok
|
|
@@ -12,5 +14,11 @@ module Decidim
|
|
|
12
14
|
Decidim::NotificationsSubscriptionsPersistor.new(current_user).delete_subscription(params[:auth])
|
|
13
15
|
head :ok
|
|
14
16
|
end
|
|
17
|
+
|
|
18
|
+
private
|
|
19
|
+
|
|
20
|
+
def unsupported_browser
|
|
21
|
+
render json: { error: I18n.t("notifications_settings.show.push_notifications_unsupported_browser", scope: "decidim") }, status: :unprocessable_entity
|
|
22
|
+
end
|
|
15
23
|
end
|
|
16
24
|
end
|
|
@@ -0,0 +1,29 @@
|
|
|
1
|
+
# frozen_string_literal: true
|
|
2
|
+
|
|
3
|
+
module Decidim
|
|
4
|
+
class PrivateDownloadsController < Decidim::ApplicationController
|
|
5
|
+
before_action :authenticate_user!
|
|
6
|
+
|
|
7
|
+
def show
|
|
8
|
+
return head :not_found unless private_download.attached?
|
|
9
|
+
return head :not_found unless private_download.authorized_for?(current_user)
|
|
10
|
+
|
|
11
|
+
disposition = private_download.attachment.content_type.start_with?("image/") ? :inline : :attachment
|
|
12
|
+
|
|
13
|
+
send_data(
|
|
14
|
+
private_download.attachment.download,
|
|
15
|
+
filename: private_download.attachment.filename.to_s,
|
|
16
|
+
type: private_download.attachment.content_type,
|
|
17
|
+
disposition:
|
|
18
|
+
)
|
|
19
|
+
rescue Decidim::PrivateDownload::InvalidTokenError
|
|
20
|
+
head :not_found
|
|
21
|
+
end
|
|
22
|
+
|
|
23
|
+
private
|
|
24
|
+
|
|
25
|
+
def private_download
|
|
26
|
+
@private_download ||= Decidim::PrivateDownload.from_token(params[:id])
|
|
27
|
+
end
|
|
28
|
+
end
|
|
29
|
+
end
|
|
@@ -0,0 +1,36 @@
|
|
|
1
|
+
# frozen_string_literal: true
|
|
2
|
+
|
|
3
|
+
module Decidim
|
|
4
|
+
# Helper that provides methods to render order selector and links
|
|
5
|
+
module MailerHelper
|
|
6
|
+
# Transforms relative image URLs in HTML content to absolute URLs using the provided host.
|
|
7
|
+
# This is used in emails (newsletters and notifications) to ensure images display correctly
|
|
8
|
+
# in email clients.
|
|
9
|
+
#
|
|
10
|
+
# @param content [String] - HTML content with img tags
|
|
11
|
+
# @param host [String] - the Decidim::Organization host to use for the root URL
|
|
12
|
+
#
|
|
13
|
+
# @return [String] - the content with transformed image URLs
|
|
14
|
+
def decidim_transform_image_urls(content, host)
|
|
15
|
+
return content if host.blank? || content.blank?
|
|
16
|
+
|
|
17
|
+
root_url = if Decidim.storage_cdn_host.present?
|
|
18
|
+
Decidim.storage_cdn_host.chomp("/")
|
|
19
|
+
else
|
|
20
|
+
Decidim::EngineRouter.new("decidim", {}).root_url(host:).chomp("/")
|
|
21
|
+
end
|
|
22
|
+
|
|
23
|
+
content.gsub(/src\s*=\s*(['"])([^'"]*)\1/) do
|
|
24
|
+
quote = Regexp.last_match(1)
|
|
25
|
+
src_value = Regexp.last_match(2)
|
|
26
|
+
|
|
27
|
+
if src_value.blank? || src_value.start_with?("http://", "https://", "data:", "//", "cid:")
|
|
28
|
+
%(src=#{quote}#{src_value}#{quote})
|
|
29
|
+
else
|
|
30
|
+
normalized_src = src_value.start_with?("/") ? src_value : "/#{src_value}"
|
|
31
|
+
%(src=#{quote}#{root_url}#{normalized_src}#{quote})
|
|
32
|
+
end
|
|
33
|
+
end
|
|
34
|
+
end
|
|
35
|
+
end
|
|
36
|
+
end
|
|
@@ -57,7 +57,8 @@ module Decidim
|
|
|
57
57
|
self,
|
|
58
58
|
element_class: "font-semibold underline",
|
|
59
59
|
active_class: "is-active",
|
|
60
|
-
|
|
60
|
+
role: false,
|
|
61
|
+
container_options: { class: "space-y-4 break-inside-avoid" },
|
|
61
62
|
label: t("layouts.decidim.footer.decidim_title")
|
|
62
63
|
)
|
|
63
64
|
end
|
|
@@ -3,6 +3,9 @@
|
|
|
3
3
|
module Decidim
|
|
4
4
|
# Helper that provides methods to render links with utm codes, and replaced name
|
|
5
5
|
module NewslettersHelper
|
|
6
|
+
include Decidim::SanitizeHelper
|
|
7
|
+
include Decidim::MailerHelper
|
|
8
|
+
|
|
6
9
|
# If the newsletter body there are some links and the Decidim.track_newsletter_links = true
|
|
7
10
|
# it will be replaced with the utm_codes method described below.
|
|
8
11
|
# for example transform "https://es.lipsum.com/" to "https://es.lipsum.com/?utm_source=localhost&utm_campaign=newsletter_11"
|
|
@@ -19,7 +22,7 @@ module Decidim
|
|
|
19
22
|
|
|
20
23
|
content = interpret_name(content, user)
|
|
21
24
|
content = track_newsletter_links(content, id, host)
|
|
22
|
-
|
|
25
|
+
decidim_transform_image_urls(content, host)
|
|
23
26
|
end
|
|
24
27
|
|
|
25
28
|
# this method is used to generate the root link on mail with the utm_codes
|
|
@@ -67,27 +70,6 @@ module Decidim
|
|
|
67
70
|
content.gsub("%{name}", user.name)
|
|
68
71
|
end
|
|
69
72
|
|
|
70
|
-
# Find each img HTML tag with relative path in src attribute
|
|
71
|
-
# For each URL, prepends the decidim.root_url
|
|
72
|
-
# If host is not defined it returns full content
|
|
73
|
-
#
|
|
74
|
-
# @param content [String] - the string to convert
|
|
75
|
-
# @param host [String] - the Decidim::Organization host to replace
|
|
76
|
-
#
|
|
77
|
-
# @return [String] - the content converted
|
|
78
|
-
#
|
|
79
|
-
def transform_image_urls(content, host)
|
|
80
|
-
return content if host.blank?
|
|
81
|
-
|
|
82
|
-
content.scan(/src\s*=\s*"([^"]*)"/).each do |src|
|
|
83
|
-
root_url = decidim.root_url(host:)[0..-2]
|
|
84
|
-
src_replaced = "#{root_url}#{src.first}"
|
|
85
|
-
content = content.gsub(/src\s*=\s*"([^"]*#{src.first})"/, %(src="#{src_replaced}"))
|
|
86
|
-
end
|
|
87
|
-
|
|
88
|
-
content
|
|
89
|
-
end
|
|
90
|
-
|
|
91
73
|
# Add tracking query params to each links
|
|
92
74
|
#
|
|
93
75
|
# @param content [String] - the string to convert
|
|
@@ -7,9 +7,13 @@ module Decidim
|
|
|
7
7
|
include LocalisedMailer
|
|
8
8
|
include MultitenantAssetHost
|
|
9
9
|
include Decidim::SanitizeHelper
|
|
10
|
+
include Decidim::MailerHelper
|
|
10
11
|
include Decidim::OrganizationHelper
|
|
11
12
|
helper_method :organization_name, :decidim_escape_translated, :decidim_sanitize_translated, :translated_attribute, :decidim_sanitize, :decidim_sanitize_newsletter
|
|
12
13
|
|
|
14
|
+
helper Decidim::SanitizeHelper
|
|
15
|
+
helper Decidim::MailerHelper
|
|
16
|
+
|
|
13
17
|
after_action :set_smtp
|
|
14
18
|
after_action :set_from
|
|
15
19
|
|
|
@@ -88,7 +88,7 @@ module Decidim
|
|
|
88
88
|
# Returns String.
|
|
89
89
|
def file_type
|
|
90
90
|
if file?
|
|
91
|
-
|
|
91
|
+
file.filename.extension&.downcase
|
|
92
92
|
elsif link?
|
|
93
93
|
"link"
|
|
94
94
|
end
|
|
@@ -100,7 +100,13 @@ module Decidim
|
|
|
100
100
|
def url
|
|
101
101
|
@url ||=
|
|
102
102
|
if file?
|
|
103
|
-
|
|
103
|
+
if private_download_required?
|
|
104
|
+
Decidim::Core::Engine.routes.url_helpers.private_download_path(
|
|
105
|
+
Decidim::PrivateDownload.for(self, attachment_name: :file).token
|
|
106
|
+
)
|
|
107
|
+
else
|
|
108
|
+
attached_uploader(:file).url
|
|
109
|
+
end
|
|
104
110
|
elsif link?
|
|
105
111
|
link
|
|
106
112
|
end
|
|
@@ -144,5 +150,17 @@ module Decidim
|
|
|
144
150
|
|
|
145
151
|
attached_to.can_participate?(user)
|
|
146
152
|
end
|
|
153
|
+
|
|
154
|
+
def private_download_authorized?(user, requested_attachment_name)
|
|
155
|
+
return false unless requested_attachment_name.to_s == "file"
|
|
156
|
+
|
|
157
|
+
can_participate?(user)
|
|
158
|
+
end
|
|
159
|
+
|
|
160
|
+
def private_download_required?
|
|
161
|
+
return attached_to.private_space? if attached_to.respond_to?(:private_space?)
|
|
162
|
+
|
|
163
|
+
attached_to.respond_to?(:component) && attached_to.component&.private_non_transparent_space?
|
|
164
|
+
end
|
|
147
165
|
end
|
|
148
166
|
end
|
|
@@ -91,6 +91,13 @@ module Decidim
|
|
|
91
91
|
Decidim::AuthorizationTransfer.perform!(self, handler)
|
|
92
92
|
end
|
|
93
93
|
|
|
94
|
+
def private_download_authorized?(user, requested_attachment_name)
|
|
95
|
+
return false unless requested_attachment_name.to_s == "verification_attachment"
|
|
96
|
+
return true if user&.admin? && user.organization == organization
|
|
97
|
+
|
|
98
|
+
user == self.user
|
|
99
|
+
end
|
|
100
|
+
|
|
94
101
|
private
|
|
95
102
|
|
|
96
103
|
def active_handler?
|
|
@@ -0,0 +1,61 @@
|
|
|
1
|
+
# frozen_string_literal: true
|
|
2
|
+
|
|
3
|
+
module Decidim
|
|
4
|
+
class PrivateDownload
|
|
5
|
+
class InvalidTokenError < StandardError; end
|
|
6
|
+
|
|
7
|
+
VERIFIER_PURPOSE = :private_download
|
|
8
|
+
|
|
9
|
+
def self.for(record, attachment_name:)
|
|
10
|
+
new(record:, attachment_name:)
|
|
11
|
+
end
|
|
12
|
+
|
|
13
|
+
def self.from_token(token)
|
|
14
|
+
payload = verifier.verify(token, purpose: VERIFIER_PURPOSE).with_indifferent_access
|
|
15
|
+
record = GlobalID::Locator.locate(payload[:gid])
|
|
16
|
+
|
|
17
|
+
raise InvalidTokenError if record.blank?
|
|
18
|
+
|
|
19
|
+
new(record:, attachment_name: payload[:attachment_name])
|
|
20
|
+
rescue ActiveSupport::MessageVerifier::InvalidSignature, TypeError
|
|
21
|
+
raise InvalidTokenError
|
|
22
|
+
end
|
|
23
|
+
|
|
24
|
+
def self.verifier
|
|
25
|
+
@verifier ||= ActiveSupport::MessageVerifier.new(Rails.application.secret_key_base, serializer: JSON)
|
|
26
|
+
end
|
|
27
|
+
|
|
28
|
+
def initialize(record:, attachment_name:)
|
|
29
|
+
@record = record
|
|
30
|
+
@attachment_name = attachment_name.to_s
|
|
31
|
+
end
|
|
32
|
+
|
|
33
|
+
def token
|
|
34
|
+
self.class.verifier.generate(
|
|
35
|
+
{
|
|
36
|
+
gid: record.to_global_id.to_s,
|
|
37
|
+
attachment_name:
|
|
38
|
+
},
|
|
39
|
+
purpose: VERIFIER_PURPOSE
|
|
40
|
+
)
|
|
41
|
+
end
|
|
42
|
+
|
|
43
|
+
def attachment
|
|
44
|
+
record.public_send(attachment_name)
|
|
45
|
+
end
|
|
46
|
+
|
|
47
|
+
def attached?
|
|
48
|
+
attachment.respond_to?(:attached?) && attachment.attached?
|
|
49
|
+
end
|
|
50
|
+
|
|
51
|
+
def authorized_for?(user)
|
|
52
|
+
return false unless record.respond_to?(:private_download_authorized?)
|
|
53
|
+
|
|
54
|
+
record.private_download_authorized?(user, attachment_name)
|
|
55
|
+
end
|
|
56
|
+
|
|
57
|
+
private
|
|
58
|
+
|
|
59
|
+
attr_reader :record, :attachment_name
|
|
60
|
+
end
|
|
61
|
+
end
|
|
@@ -24,5 +24,11 @@ module Decidim
|
|
|
24
24
|
self.content_type = file.content_type
|
|
25
25
|
self.file_size = file.byte_size
|
|
26
26
|
end
|
|
27
|
+
|
|
28
|
+
def private_download_authorized?(user, requested_attachment_name)
|
|
29
|
+
return false unless requested_attachment_name.to_s == "file"
|
|
30
|
+
|
|
31
|
+
attached_to == user
|
|
32
|
+
end
|
|
27
33
|
end
|
|
28
34
|
end
|
|
@@ -0,0 +1,118 @@
|
|
|
1
|
+
/* global jest */
|
|
2
|
+
|
|
3
|
+
import AccordionController from "src/decidim/controllers/accordion/controller";
|
|
4
|
+
|
|
5
|
+
jest.mock("a11y-accordion-component", () => ({
|
|
6
|
+
render: jest.fn(),
|
|
7
|
+
destroy: jest.fn()
|
|
8
|
+
}));
|
|
9
|
+
|
|
10
|
+
describe("AccordionController", () => {
|
|
11
|
+
let controller = null;
|
|
12
|
+
let accordionElement = null;
|
|
13
|
+
let panel1 = null;
|
|
14
|
+
let panel2 = null;
|
|
15
|
+
|
|
16
|
+
const createController = (controllerElement) => {
|
|
17
|
+
const ControllerClass = AccordionController;
|
|
18
|
+
const instance = Object.create(ControllerClass.prototype);
|
|
19
|
+
Reflect.defineProperty(instance, "element", {
|
|
20
|
+
get: () => controllerElement,
|
|
21
|
+
configurable: true
|
|
22
|
+
});
|
|
23
|
+
return instance;
|
|
24
|
+
};
|
|
25
|
+
|
|
26
|
+
beforeEach(() => {
|
|
27
|
+
window.matchMedia = jest.fn().mockImplementation((query) => ({
|
|
28
|
+
matches: false,
|
|
29
|
+
media: query,
|
|
30
|
+
addListener: jest.fn(),
|
|
31
|
+
removeListener: jest.fn()
|
|
32
|
+
}));
|
|
33
|
+
|
|
34
|
+
document.body.innerHTML = `
|
|
35
|
+
<div id="test-accordion" data-controller="accordion">
|
|
36
|
+
<button id="trigger-1" data-controls="panel-1">Trigger 1</button>
|
|
37
|
+
<div id="panel-1">Panel 1 Content</div>
|
|
38
|
+
<button id="trigger-2" data-controls="panel-2">Trigger 2</button>
|
|
39
|
+
<div id="panel-2">Panel 2 Content</div>
|
|
40
|
+
</div>
|
|
41
|
+
`;
|
|
42
|
+
|
|
43
|
+
accordionElement = document.getElementById("test-accordion");
|
|
44
|
+
panel1 = document.getElementById("panel-1");
|
|
45
|
+
panel2 = document.getElementById("panel-2");
|
|
46
|
+
|
|
47
|
+
controller = createController(accordionElement);
|
|
48
|
+
});
|
|
49
|
+
|
|
50
|
+
afterEach(() => {
|
|
51
|
+
document.body.innerHTML = "";
|
|
52
|
+
Reflect.deleteProperty(window, "matchMedia");
|
|
53
|
+
});
|
|
54
|
+
|
|
55
|
+
describe("fixPanelRole", () => {
|
|
56
|
+
it("changes role from region to group when data-panel-role is group", () => {
|
|
57
|
+
panel1.setAttribute("role", "region");
|
|
58
|
+
panel2.setAttribute("role", "region");
|
|
59
|
+
|
|
60
|
+
accordionElement.dataset.panelRole = "group";
|
|
61
|
+
controller.fixPanelRole();
|
|
62
|
+
|
|
63
|
+
expect(panel1.getAttribute("role")).toBe("group");
|
|
64
|
+
expect(panel2.getAttribute("role")).toBe("group");
|
|
65
|
+
});
|
|
66
|
+
|
|
67
|
+
it("removes role attribute when data-panel-role is none", () => {
|
|
68
|
+
panel1.setAttribute("role", "region");
|
|
69
|
+
panel2.setAttribute("role", "region");
|
|
70
|
+
|
|
71
|
+
accordionElement.dataset.panelRole = "none";
|
|
72
|
+
controller.fixPanelRole();
|
|
73
|
+
|
|
74
|
+
expect(panel1.getAttribute("role")).toBeNull();
|
|
75
|
+
expect(panel2.getAttribute("role")).toBeNull();
|
|
76
|
+
});
|
|
77
|
+
|
|
78
|
+
it("does nothing when data-panel-role is not set", () => {
|
|
79
|
+
panel1.setAttribute("role", "region");
|
|
80
|
+
panel2.setAttribute("role", "region");
|
|
81
|
+
|
|
82
|
+
Reflect.deleteProperty(accordionElement.dataset, "panelRole");
|
|
83
|
+
controller.fixPanelRole();
|
|
84
|
+
|
|
85
|
+
expect(panel1.getAttribute("role")).toBe("region");
|
|
86
|
+
expect(panel2.getAttribute("role")).toBe("region");
|
|
87
|
+
});
|
|
88
|
+
|
|
89
|
+
it("does nothing when data-panel-role is empty", () => {
|
|
90
|
+
panel1.setAttribute("role", "region");
|
|
91
|
+
|
|
92
|
+
accordionElement.dataset.panelRole = "";
|
|
93
|
+
controller.fixPanelRole();
|
|
94
|
+
|
|
95
|
+
expect(panel1.getAttribute("role")).toBe("region");
|
|
96
|
+
});
|
|
97
|
+
|
|
98
|
+
it("sets custom role value when data-panel-role is set", () => {
|
|
99
|
+
panel1.setAttribute("role", "region");
|
|
100
|
+
|
|
101
|
+
accordionElement.dataset.panelRole = "navigation";
|
|
102
|
+
controller.fixPanelRole();
|
|
103
|
+
|
|
104
|
+
expect(panel1.getAttribute("role")).toBe("navigation");
|
|
105
|
+
});
|
|
106
|
+
|
|
107
|
+
it("handles nonexistent panels gracefully", () => {
|
|
108
|
+
accordionElement.dataset.panelRole = "group";
|
|
109
|
+
|
|
110
|
+
const nonExistentTrigger = document.createElement("button");
|
|
111
|
+
nonExistentTrigger.dataset.controls = "nonexistent-panel";
|
|
112
|
+
accordionElement.appendChild(nonExistentTrigger);
|
|
113
|
+
|
|
114
|
+
expect(() => controller.fixPanelRole()).not.toThrow();
|
|
115
|
+
});
|
|
116
|
+
});
|
|
117
|
+
});
|
|
118
|
+
|
|
@@ -39,6 +39,8 @@ export default class extends Controller {
|
|
|
39
39
|
|
|
40
40
|
Accordions.render(this.element.id, accordionOptions);
|
|
41
41
|
|
|
42
|
+
this.fixPanelRole();
|
|
43
|
+
|
|
42
44
|
this.expandIfNeeded();
|
|
43
45
|
|
|
44
46
|
this.boundReconnect = this.reconnect.bind(this);
|
|
@@ -88,6 +90,28 @@ export default class extends Controller {
|
|
|
88
90
|
this.previouslyExpanded = this.toggleButton.getAttribute("aria-expanded");
|
|
89
91
|
}
|
|
90
92
|
|
|
93
|
+
fixPanelRole() {
|
|
94
|
+
const panelRole = this.element.dataset.panelRole;
|
|
95
|
+
if (!panelRole) {
|
|
96
|
+
return;
|
|
97
|
+
}
|
|
98
|
+
|
|
99
|
+
const panels = this.element.querySelectorAll("[data-controls]");
|
|
100
|
+
panels.forEach((trigger) => {
|
|
101
|
+
const panelId = trigger.dataset.controls;
|
|
102
|
+
const panel = document.getElementById(panelId);
|
|
103
|
+
if (!panel) {
|
|
104
|
+
return;
|
|
105
|
+
}
|
|
106
|
+
|
|
107
|
+
if (panelRole === "none") {
|
|
108
|
+
panel.removeAttribute("role");
|
|
109
|
+
} else {
|
|
110
|
+
panel.setAttribute("role", panelRole);
|
|
111
|
+
}
|
|
112
|
+
});
|
|
113
|
+
}
|
|
114
|
+
|
|
91
115
|
/**
|
|
92
116
|
* Checks if a key is in the current viewport
|
|
93
117
|
*
|
|
@@ -76,6 +76,32 @@ export default class extends Controller {
|
|
|
76
76
|
}
|
|
77
77
|
|
|
78
78
|
Dropdowns.render(this.element.id, dropdownOptions);
|
|
79
|
+
|
|
80
|
+
const addAriaRoles = this.element.dataset.addAriaRoles !== "false";
|
|
81
|
+
if (!addAriaRoles) {
|
|
82
|
+
this.removeAriaRoles();
|
|
83
|
+
}
|
|
84
|
+
}
|
|
85
|
+
|
|
86
|
+
removeAriaRoles() {
|
|
87
|
+
const target = this.element.dataset.target;
|
|
88
|
+
const dropdownMenu = document.getElementById(target);
|
|
89
|
+
if (!dropdownMenu) {
|
|
90
|
+
return;
|
|
91
|
+
}
|
|
92
|
+
|
|
93
|
+
dropdownMenu.removeAttribute("role");
|
|
94
|
+
dropdownMenu.removeAttribute("aria-labelledby");
|
|
95
|
+
dropdownMenu.removeAttribute("tabindex");
|
|
96
|
+
|
|
97
|
+
dropdownMenu.querySelectorAll("li").forEach((li) => {
|
|
98
|
+
li.removeAttribute("role");
|
|
99
|
+
});
|
|
100
|
+
|
|
101
|
+
dropdownMenu.querySelectorAll("a").forEach((anchor) => {
|
|
102
|
+
anchor.removeAttribute("role");
|
|
103
|
+
anchor.removeAttribute("tabindex");
|
|
104
|
+
});
|
|
79
105
|
}
|
|
80
106
|
|
|
81
107
|
/**
|