RubyGems - decidim-core - Versions diffs - 0.8.4 → 0.9.0 - Mend

decidim-core 0.8.4 → 0.9.0

Files changed (249) hide show

data/app/assets/stylesheets/decidim/utils/_toggle-expand.scss CHANGED Viewed

@@ -2,6 +2,7 @@
 .toggle-show{
   display: none;
   &.is-expanded{
     display: block;
   }

data/app/commands/decidim/create_omniauth_registration.rb CHANGED Viewed

@@ -50,6 +50,9 @@ module Decidim
       unless @user.persisted?
         @user.email = (verified_email || form.email)
         @user.name = form.name
+        @user.nickname = form.normalized_nickname
+        @user.newsletter_notifications = true
+        @user.email_on_notification = true
         @user.password = generated_password
         @user.password_confirmation = generated_password
         @user.skip_confirmation! if verified_email

data/app/commands/decidim/create_registration.rb CHANGED Viewed

@@ -35,11 +35,13 @@ module Decidim
     def create_user
       @user = User.create!(email: form.email,
                            name: form.name,
+                           nickname: form.nickname,
                            password: form.password,
                            password_confirmation: form.password_confirmation,
                            organization: form.current_organization,
                            tos_agreement: form.tos_agreement,
-                           newsletter_notifications: form.newsletter_notifications)
+                           newsletter_notifications: form.newsletter,
+                           email_on_notification: true)
     end
     def create_user_group

data/app/commands/decidim/destroy_account.rb CHANGED Viewed

@@ -28,6 +28,7 @@ module Decidim
     def destroy_user_account!
       @user.name = ""
+      @user.nickname = ""
       @user.email = ""
       @user.delete_reason = @form.delete_reason
       @user.deleted_at = Time.current

data/app/commands/decidim/invite_user_again.rb CHANGED Viewed

@@ -14,7 +14,7 @@ module Decidim
     def call
       return broadcast(:invalid) unless user&.invited_to_sign_up?
-      user.deliver_invitation(invitation_instructions: instructions)
+      user.invite!(user.invited_by, invitation_instructions: instructions)
       broadcast(:ok)
     end

data/app/commands/decidim/messaging/reply_to_conversation.rb CHANGED Viewed

@@ -43,9 +43,7 @@ module Decidim
       def notify_interlocutors
         conversation.interlocutors(sender).each do |recipient|
-          if conversation.unread_count(recipient) == 1
-            ConversationMailer.new_message(sender, recipient, conversation).deliver_later
-          end
+          ConversationMailer.new_message(sender, recipient, conversation).deliver_later if conversation.unread_count(recipient) == 1
         end
       end

data/app/commands/decidim/unsubscribe_settings.rb ADDED Viewed

@@ -0,0 +1,29 @@
+# frozen_string_literal: true
+module Decidim
+  # This command unsubscribes user from newsletter.
+  class UnsubscribeSettings < Rectify::Command
+    # unsubscribe user from newsletter.
+    #
+    # user - The user to be updated.
+    # newsletter_notifications - to be false
+    def initialize(user)
+      @user = user
+    end
+    def call
+      return broadcast(:invalid) unless @user.newsletter_notifications
+      update_settings
+      @user.save!
+      broadcast(:ok, @user)
+    end
+    private
+    def update_settings
+      @user.newsletter_notifications = false
+    end
+  end
+end

data/app/commands/decidim/update_account.rb CHANGED Viewed

@@ -21,11 +21,10 @@ module Decidim
       if @user.valid?
         @user.save!
+        notify_followers
         broadcast(:ok, @user.unconfirmed_email.present?)
       else
-        if @user.errors.has_key? :avatar
-          @form.errors.add :avatar, @user.errors[:avatar]
-        end
+        @form.errors.add :avatar, @user.errors[:avatar] if @user.errors.has_key? :avatar
         broadcast(:invalid)
       end
     end
@@ -34,7 +33,10 @@ module Decidim
     def update_personal_data
       @user.name = @form.name
+      @user.nickname = @form.nickname
       @user.email = @form.email
+      @user.personal_url = @form.personal_url
+      @user.about = @form.about
     end
     def update_avatar
@@ -48,5 +50,16 @@ module Decidim
       @user.password = @form.password
       @user.password_confirmation = @form.password_confirmation
     end
+    def notify_followers
+      return if (@user.previous_changes.keys & %w(about personal_url)).empty?
+      Decidim::EventsManager.publish(
+        event: "decidim.events.users.profile_updated",
+        event_class: Decidim::ProfileUpdatedEvent,
+        resource: @user,
+        recipient_ids: @user.followers.pluck(:id)
+      )
+    end
   end
 end

data/app/controllers/concerns/decidim/action_authorization.rb CHANGED Viewed

@@ -19,7 +19,7 @@ module Decidim
       status = action_authorization(action_name)
       return if status.ok?
-      raise Unauthorized if status.code == :invalid
+      raise Unauthorized if status.code == :unauthorized
       redirect_to authorize_action_path(action_name, redirect_url: redirect_url)
     end

data/app/controllers/concerns/decidim/devise_controllers.rb CHANGED Viewed

@@ -25,6 +25,10 @@ module Decidim
       helper Decidim::OmniauthHelper
       layout "layouts/decidim/application"
+      # Saves the location before loading each page so we can return to the
+      # right page.
+      before_action :store_current_location
     end
     # Overwrites `cancancan`'s method to point to the correct ability class,
@@ -32,5 +36,11 @@ module Decidim
     def current_ability_klass
       Decidim::Abilities::BaseAbility
     end
+    def store_current_location
+      return if params[:redirect_url].blank? || !request.format.html?
+      store_location_for(:user, params[:redirect_url])
+    end
   end
 end

data/app/controllers/concerns/decidim/form_factory.rb CHANGED Viewed

@@ -73,7 +73,8 @@ module Decidim
             {
               current_organization: @controller.try(:current_organization),
               current_feature: @controller.try(:current_feature),
-              current_user: @controller.try(:current_user)
+              current_user: @controller.try(:current_user),
+              current_participatory_space: @controller.try(:current_participatory_space)
             }
           end
         end.new(klass, self)

data/app/controllers/concerns/decidim/impersonate_users.rb CHANGED Viewed

@@ -37,14 +37,12 @@ module Decidim
       # Check if the active impersonation session has expired or not.
       def check_impersonation_log_expired
-        return unless can_impersonate_users? && impersonation_log
-        if impersonation_log.expired?
-          impersonation_log.ended_at = Time.current
-          impersonation_log.save!
-          flash[:alert] = I18n.t("managed_users.expired_session", scope: "decidim")
-          redirect_to decidim_admin.managed_users_path
-        end
+        return unless can_impersonate_users? && expired_log
+        expired_log.ended_at = Time.current
+        expired_log.save!
+        flash[:alert] = I18n.t("managed_users.expired_session", scope: "decidim")
+        redirect_to decidim_admin.managed_users_path
       end
       # Gets the ability instance for the real user logged in.
@@ -56,6 +54,13 @@ module Decidim
         real_user && real_ability.can?(:impersonate, :managed_users)
       end
+      def expired_log
+        @expired_log ||= Decidim::ImpersonationLog
+                         .where(admin: real_user)
+                         .expired
+                         .first
+      end
       def impersonation_log
         @impersonation_log ||= Decidim::ImpersonationLog
                                .where(admin: real_user)

data/app/controllers/concerns/decidim/participatory_space_context.rb CHANGED Viewed

@@ -49,7 +49,7 @@ module Decidim
     def ability_context
       super.merge(
-        current_participatory_space: current_participatory_space,
+        current_participatory_space: current_participatory_space
       )
     end

data/app/controllers/decidim/application_controller.rb CHANGED Viewed

@@ -20,6 +20,10 @@ module Decidim
     helper Decidim::FeaturePathHelper
     helper Decidim::ViewHooksHelper
+    # Saves the location before loading each page so we can return to the
+    # right page.
+    before_action :store_current_location
     protect_from_forgery with: :exception, prepend: true
     after_action :add_vary_header
@@ -27,6 +31,18 @@ module Decidim
     private
+    # Stores the url where the user will be redirected after login.
+    #
+    # Uses the `redirect_url` param or the current url if there's no param.
+    # In Devise controllers we only store the URL if it's from the params, we don't
+    # want to overwrite the stored URL for a Devise one.
+    def store_current_location
+      return if (devise_controller? && params[:redirect_url].blank?) || !request.format.html?
+      value = params[:redirect_url] || request.url
+      store_location_for(:user, value)
+    end
     def user_not_authorized_path
       decidim.root_path
     end

data/app/controllers/decidim/cookie_policy_controller.rb CHANGED Viewed

@@ -5,6 +5,8 @@ module Decidim
   class CookiePolicyController < Decidim::ApplicationController
     skip_authorization_check
+    skip_before_action :store_current_location
     def accept
       response.set_cookie "decidim-cc", value: "true",
                                         path: "/",

data/app/controllers/decidim/devise/invitations_controller.rb CHANGED Viewed

@@ -6,6 +6,8 @@ module Decidim
     class InvitationsController < ::Devise::InvitationsController
       include Decidim::DeviseControllers
+      before_action :configure_permitted_parameters
       # We don't users to create invitations, so we just redirect them to the
       # homepage.
       def authenticate_inviter!
@@ -16,7 +18,7 @@ module Decidim
       # invitation. Using the param `invite_redirect` we can redirect the user
       # to a custom path after it has accepted the invitation.
       def after_accept_path_for(resource)
-        params[:invite_redirect] || super
+        params[:invite_redirect] || after_sign_in_path_for(resource)
       end
       # When a managed user accepts the invitation is promoted to non-managed user.
@@ -25,6 +27,12 @@ module Decidim
         resource.update_attributes!(managed: false) if resource.managed?
         resource
       end
+      protected
+      def configure_permitted_parameters
+        devise_parameter_sanitizer.permit(:accept_invitation, keys: [:nickname])
+      end
     end
   end
 end

data/app/controllers/decidim/devise/omniauth_registrations_controller.rb CHANGED Viewed

@@ -44,13 +44,21 @@ module Decidim
       end
       def after_sign_in_path_for(user)
-        if first_login_and_not_authorized?(user)
+        if !pending_redirect?(user) && first_login_and_not_authorized?(user)
           decidim_verifications.authorizations_path
         else
           super
         end
       end
+      # Calling the `stored_location_for` method removes the key, so in order
+      # to check if there's any pending redirect after login I need to call
+      # this method and use the value to set a pending redirect. This is the
+      # only way to do this without checking the session directly.
+      def pending_redirect?(user)
+        store_location_for(user, stored_location_for(user))
+      end
       def first_login_and_not_authorized?(user)
         user.is_a?(User) && user.sign_in_count == 1 && Decidim::Verifications.workflows.any?
       end
@@ -75,6 +83,7 @@ module Decidim
           provider: oauth_data[:provider],
           uid: oauth_data[:uid],
           name: oauth_data[:info][:name],
+          nickname: oauth_data[:info][:nickname],
           oauth_signature: OmniauthRegistrationForm.create_signature(oauth_data[:provider], oauth_data[:uid])
         }
       end

data/app/controllers/decidim/devise/sessions_controller.rb CHANGED Viewed

@@ -7,13 +7,21 @@ module Decidim
       include Decidim::DeviseControllers
       def after_sign_in_path_for(user)
-        if first_login_and_not_authorized?(user) && !user.admin?
+        if first_login_and_not_authorized?(user) && !user.admin? && !pending_redirect?(user)
           decidim_verifications.first_login_authorizations_path
         else
           super
         end
       end
+      # Calling the `stored_location_for` method removes the key, so in order
+      # to check if there's any pending redirect after login I need to call
+      # this method and use the value to set a pending redirect. This is the
+      # only way to do this without checking the session directly.
+      def pending_redirect?(user)
+        store_location_for(user, stored_location_for(user))
+      end
       def first_login_and_not_authorized?(user)
         user.is_a?(User) && user.sign_in_count == 1 && current_organization.available_authorizations.any?
       end

data/app/controllers/decidim/locales_controller.rb CHANGED Viewed

@@ -3,12 +3,11 @@
 module Decidim
   # A controller to allow users switching their locale.
   class LocalesController < Decidim::ApplicationController
+    skip_before_action :store_current_location
     authorize_resource :locales, class: false
     def create
-      if current_user && params["locale"] && available_locales.include?(params["locale"])
-        current_user.update_attributes!(locale: params["locale"])
-      end
+      current_user.update_attributes!(locale: params["locale"]) if current_user && params["locale"] && available_locales.include?(params["locale"])
       redirect_to referer_with_new_locale
     end

data/app/controllers/decidim/messaging/conversations_controller.rb CHANGED Viewed

@@ -8,7 +8,6 @@ module Decidim
       include FormFactory
       helper ConversationHelper
-      helper Decidim::DatetimeHelper
       before_action :authenticate_user!
@@ -18,8 +17,9 @@ module Decidim
         authorize! :create, Conversation
         @form = form(ConversationForm).from_params(params)
-        conversation = conversation_between(current_user, @form.recipient)
+        redirect_back(fallback_location: profile_path(current_user.nickname)) && return unless @form.recipient
+        conversation = conversation_between(current_user, @form.recipient)
         redirect_to conversation_path(conversation) if conversation
       end

data/app/controllers/decidim/newsletters_controller.rb ADDED Viewed

@@ -0,0 +1,60 @@
+# frozen_string_literal: true
+module Decidim
+  # The controller to show the newsletter on the website.
+  class NewslettersController < Decidim::ApplicationController
+    skip_authorization_check
+    layout "decidim/mailer", only: [:show]
+    helper Decidim::SanitizeHelper
+    include Decidim::NewslettersHelper
+    helper_method :newsletter
+    def show
+      @user = current_user
+      @organization = current_organization
+      if newsletter.sent?
+        @encrypted_token = Decidim::NewsletterEncryptor.sent_at_encrypted(@user.id, newsletter.sent_at) if @user.present?
+        @body = parse_interpolations(newsletter.body[I18n.locale.to_s], @user, newsletter.id)
+      else
+        redirect_to "/404"
+      end
+    end
+    def unsubscribe
+      encryptor = Decidim::NewsletterEncryptor
+      decrypted_string = encryptor.sent_at_decrypted(params[:u])
+      user = User.find_by(decidim_organization_id: current_organization.id, id: decrypted_string.split("-").first)
+      sent_at_time = Time.zone.at(decrypted_string.split("-").second.to_i)
+      if sent_at_time > (Time.current - 15.days)
+        UnsubscribeSettings.call(user) do
+          on(:ok) do
+            flash.now[:notice] = t("newsletters.unsubscribe.success", scope: "decidim")
+          end
+          on(:invalid) do
+            flash.now[:alert] = t("newsletters.unsubscribe.error", scope: "decidim")
+            render action: :unsubscribe
+          end
+        end
+      else
+        flash.now[:alert] = t("newsletters.unsubscribe.token_error", scope: "decidim")
+        render action: :unsubscribe
+      end
+    end
+    def newsletter
+      @newsletter ||= collection.find(params[:id])
+    end
+    private
+    def collection
+      Newsletter.where(organization: current_organization)
+    end
+  end
+end