RubyGems - decidim-core - Versions diffs - 0.8.4 → 0.9.0 - Mend

decidim-core 0.8.4 → 0.9.0

Files changed (249) hide show

data/app/helpers/decidim/translations_helper.rb CHANGED Viewed

@@ -11,8 +11,12 @@ module Decidim
     #
     # Returns a String with the translation.
     def translated_attribute(attribute)
-      attribute.try(:[], I18n.locale.to_s).presence ||
-        attribute.try(:[], current_organization.default_locale).presence ||
+      return "" if attribute.nil?
+      return attribute unless attribute.is_a?(Hash)
+      attribute[I18n.locale.to_s].presence ||
+        attribute[current_organization.default_locale].presence ||
+        attribute[attribute.keys.first].presence ||
         ""
     end

data/app/mailers/decidim/decidim_devise_mailer.rb CHANGED Viewed

@@ -19,9 +19,7 @@ module Decidim
         @organization = user.organization
         @opts = opts
-        if opts[:invitation_instructions]
-          opts[:subject] = I18n.t("devise.mailer.#{opts[:invitation_instructions]}.subject", organization: user.organization.name)
-        end
+        opts[:subject] = I18n.t("devise.mailer.#{opts[:invitation_instructions]}.subject", organization: user.organization.name) if opts[:invitation_instructions]
       end
       devise_mail(user, opts[:invitation_instructions] || :invitation_instructions, opts)

data/app/mailers/decidim/messaging/conversation_mailer.rb CHANGED Viewed

@@ -19,7 +19,7 @@ module Decidim
           from: sender,
           to: user,
           conversation: conversation,
-          action: "new_conversation"
+          action: "new_message"
         )
       end

data/app/mailers/decidim/newsletter_mailer.rb CHANGED Viewed

@@ -3,24 +3,23 @@
 module Decidim
   class NewsletterMailer < ApplicationMailer
     helper Decidim::SanitizeHelper
+    include Decidim::NewslettersHelper
     add_template_helper Decidim::TranslationsHelper
     def newsletter(user, newsletter)
       @organization = user.organization
       @newsletter = newsletter
+      @user = user
+      @custom_url_for_mail_root = custom_url_for_mail_root(@organization, @newsletter.id) if Decidim.config.track_newsletter_links
+      @encrypted_token = Decidim::NewsletterEncryptor.sent_at_encrypted(@user.id, @newsletter.sent_at)
       with_user(user) do
-        @subject = parse_interpolations(@newsletter.subject[I18n.locale.to_s], user)
-        @body = parse_interpolations(@newsletter.body[I18n.locale.to_s], user)
+        @subject = parse_interpolations(@newsletter.subject[I18n.locale.to_s], user, @newsletter.id)
+        @body = parse_interpolations(@newsletter.body[I18n.locale.to_s], user, @newsletter.id)
         mail(to: "#{user.name} <#{user.email}>", subject: @subject)
       end
     end
-    private
-    def parse_interpolations(content, user)
-      content.gsub("%{name}", user.name)
-    end
   end
 end

data/app/models/decidim/abilities/everyone_ability.rb CHANGED Viewed

@@ -14,6 +14,7 @@ module Decidim
         can :read, Feature, &:published?
         can :search, Scope
+        can :pick, Scope
         can :manage, User do |other|
           other == user

data/app/models/decidim/authorization.rb CHANGED Viewed

@@ -31,14 +31,28 @@ module Decidim
       !granted_at.nil?
     end
+    # Calculates at when this authorization will expire, if it needs to.
+    #
+    # Returns nil if the authorization does not expire.
+    # Returns an ActiveSupport::TimeWithZone if it expires.
+    def expires_at
+      return unless workflow_manifest
+      return if workflow_manifest.expires_in.zero?
+      (granted_at || created_at) + workflow_manifest.expires_in
+    end
+    def expired?
+      expires_at.present? && expires_at < Time.zone.now
+    end
     private
     def active_handler?
-      if Decidim::Verifications.find_workflow_manifest(name)
-        true
-      else
-        false
-      end
+      workflow_manifest.present?
+    end
+    def workflow_manifest
+      @workflow_manifest ||= Decidim::Verifications.find_workflow_manifest(name)
     end
   end
 end

data/app/models/decidim/impersonation_log.rb CHANGED Viewed

@@ -10,7 +10,8 @@ module Decidim
     validate :same_organization, :non_active_impersonation
-    scope :active, -> { where(ended_at: nil) }
+    scope :active, -> { where(ended_at: nil, expired_at: nil) }
+    scope :expired, -> { where(ended_at: nil).where.not(expired_at: nil) }
     def ended?
       ended_at.present?

data/app/models/decidim/messaging/conversation.rb CHANGED Viewed

@@ -26,6 +26,8 @@ module Decidim
         joins(:receipts).merge(Receipt.unread_by(user)).distinct
       }
+      default_scope { order(updated_at: :desc) }
       delegate :mark_as_read, to: :receipts
       #

data/app/models/decidim/messaging/message.rb CHANGED Viewed

@@ -8,6 +8,8 @@ module Decidim
     # message, namely, the interlocutors of the sender in the conversation.
     #
     class Message < ApplicationRecord
+      include Decidim::FriendlyDates
       belongs_to :sender,
                  foreign_key: :decidim_sender_id,
                  class_name: "Decidim::User"
@@ -24,6 +26,8 @@ module Decidim
       validates :sender, :body, presence: true
       validates :body, length: { maximum: 1_000 }
+      default_scope { order(created_at: :asc) }
       validate :sender_is_participant
       #

data/app/models/decidim/organization.rb CHANGED Viewed

@@ -23,6 +23,7 @@ module Decidim
     mount_uploader :official_img_footer, Decidim::OfficialImageFooterUploader
     mount_uploader :logo, Decidim::OrganizationLogoUploader
     mount_uploader :favicon, Decidim::OrganizationFaviconUploader
+    mount_uploader :highlighted_content_banner_image, ImageUploader
     # Returns top level scopes for this organization.
     #

data/app/models/decidim/scope.rb CHANGED Viewed

@@ -47,11 +47,19 @@ module Decidim
       organization.scopes.where("? = ANY(decidim_scopes.part_of)", id)
     end
+    def ancestor_of?(scope)
+      scope && scope.part_of.member?(id)
+    end
     # Gets the scopes from the part_of list in descending order (first the top level scope, last itself)
     #
+    # root - The root scope to start retrieval. If present, ignores top level scopes until reaching the root scope.
+    #
     # Returns an array of Scope objects
-    def part_of_scopes
-      organization.scopes.where(id: part_of).sort { |s1, s2| part_of.index(s2.id) <=> part_of.index(s1.id) }
+    def part_of_scopes(root = nil)
+      scope_ids = part_of
+      scope_ids.select! { |id| id == root.id || !root.part_of.member?(id) } if root
+      organization.scopes.where(id: scope_ids).sort { |s1, s2| part_of.index(s2.id) <=> part_of.index(s1.id) }
     end
     private

data/app/models/decidim/user.rb CHANGED Viewed

@@ -6,6 +6,9 @@ require "valid_email2"
 module Decidim
   # A User is a citizen that wants to join the platform to participate.
   class User < ApplicationRecord
+    include Nicknamizable
+    include Decidim::Followable
     OMNIAUTH_PROVIDERS = [:facebook, :twitter, :google_oauth2, (:developer if Rails.env.development?)].compact
     ROLES = %w(admin user_manager).freeze
@@ -18,14 +21,14 @@ module Decidim
     has_many :identities, foreign_key: "decidim_user_id", class_name: "Decidim::Identity", dependent: :destroy
     has_many :memberships, class_name: "Decidim::UserGroupMembership", foreign_key: :decidim_user_id, dependent: :destroy
     has_many :user_groups, through: :memberships, class_name: "Decidim::UserGroup", foreign_key: :decidim_user_group_id
-    has_many :follows, foreign_key: "decidim_user_id", class_name: "Decidim::Follow", dependent: :destroy
     has_many :notifications, foreign_key: "decidim_user_id", class_name: "Decidim::Notification", dependent: :destroy
     validates :name, presence: true, unless: -> { deleted? }
+    validates :nickname, presence: true, unless: -> { deleted? || managed? }
     validates :locale, inclusion: { in: :available_locales }, allow_blank: true
     validates :tos_agreement, acceptance: true, allow_nil: false, on: :create
     validates :avatar, file_size: { less_than_or_equal_to: ->(_record) { Decidim.maximum_avatar_size } }
-    validates :email, uniqueness: { scope: :organization }, unless: -> { deleted? || managed? }
+    validates :email, :nickname, uniqueness: { scope: :organization }, unless: -> { deleted? || managed? }
     validates :email, 'valid_email_2/email': { disposable: true }
     validate :all_roles_are_valid
@@ -66,6 +69,11 @@ module Decidim
       deleted_at.present?
     end
+    # Public: whether the user has been officialized or not
+    def officialized?
+      !officialized_at.nil?
+    end
     def follows?(followable)
       Decidim::Follow.where(user: self, followable: followable).any?
     end

data/app/presenters/decidim/home_stats_presenter.rb CHANGED Viewed

@@ -51,13 +51,13 @@ module Decidim
     def global_stats(conditions)
       Decidim.stats.except([:users_count, :processes_count])
              .filter(conditions)
-             .with_context(published_features)
+             .with_context(organization)
              .map { |name, data| [name, data] }
     end
     def feature_stats(conditions)
-      Decidim.feature_manifests.map do |feature|
-        feature.stats.filter(conditions).with_context(published_features).map { |name, data| [name, data] }.flatten
+      Decidim.feature_manifests.flat_map do |feature|
+        feature.stats.filter(conditions).with_context(published_features).map { |name, data| [name, data] }
       end
     end
@@ -74,8 +74,14 @@ module Decidim
       end
     end
+    def public_participatory_spaces
+      @public_participatory_spaces ||= Decidim.participatory_space_manifests.flat_map do |manifest|
+        manifest.participatory_spaces.call(organization).public_spaces
+      end
+    end
     def published_features
-      @published_features ||= Feature.where(participatory_space: ParticipatoryProcesses::OrganizationPublishedParticipatoryProcesses.new(organization).query).published
+      @published_features ||= Feature.where(participatory_space: public_participatory_spaces).published
     end
   end
 end

data/app/presenters/decidim/user_group_presenter.rb ADDED Viewed

@@ -0,0 +1,28 @@
+# frozen_string_literal: true
+module Decidim
+  #
+  # Decorator for user groups
+  #
+  class UserGroupPresenter < SimpleDelegator
+    def nickname
+      ""
+    end
+    def deleted?
+      false
+    end
+    def badge
+      return "" unless verified?
+      "verified-badge"
+    end
+    def profile_path
+      ""
+    end
+    delegate :url, to: :avatar, prefix: true
+  end
+end

data/app/presenters/decidim/user_presenter.rb ADDED Viewed

@@ -0,0 +1,42 @@
+# frozen_string_literal: true
+module Decidim
+  #
+  # Decorator for users
+  #
+  class UserPresenter < SimpleDelegator
+    include Rails.application.routes.mounted_helpers
+    include ActionView::Helpers::UrlHelper
+    #
+    # nickname presented in a twitter-like style
+    #
+    def nickname
+      "@#{super}"
+    end
+    def badge
+      return "" unless officialized?
+      "verified-badge"
+    end
+    delegate :url, to: :avatar, prefix: true
+    def profile_url
+      return "" if deleted?
+      decidim.profile_url(__getobj__.nickname, host: __getobj__.organization.host)
+    end
+    def profile_path
+      return "" if deleted?
+      decidim.profile_path(__getobj__.nickname)
+    end
+    def display_mention
+      link_to nickname, profile_path, class: "user-mention"
+    end
+  end
+end

data/app/services/decidim/action_authorizer.rb CHANGED Viewed

@@ -4,94 +4,64 @@ module Decidim
   # This class is used to authorize a user against an action in the context of a
   # feature.
   class ActionAuthorizer
-    include Wisper::Publisher
+    #
     # Initializes the ActionAuthorizer.
     #
     # user    - The user to authorize against.
     # feature - The feature to authenticate against.
     # action  - The action to authenticate.
+    #
     def initialize(user, feature, action)
       @user = user
       @feature = feature
       @action = action.to_s if action
     end
-    # Public: Broadcasts different events given the status of the authentication.
     #
-    # Broadcasts:
-    #   failed       - When no valid authorization can be found.
-    #   unauthorized - When an authorization was found, but didn't match the credentials.
-    #   incomplete   - An authorization was found, but lacks some required fields. User
-    #                  should re-authenticate.
+    # Authorize user to perform an action in the context of a feature.
+    #
+    # Returns:
+    #   :ok an empty hash                      - When there is no authorization handler related to the action.
+    #   result of authorization handler check  - When there is an authorization handler related to the action. Check Decidim::Verifications::DefaultActionAuthorizer class docs.
     #
-    # Returns nil.
     def authorize
-      status_code, fields = *status_data
-      status(status_code, fields || {})
-    end
-    private
-    def status_data
       raise AuthorizationError, "Missing data" unless feature && action
-      if !authorization_handler_name
-        :ok
-      elsif !authorization
-        :missing
-      elsif !authorization.granted?
-        :pending
-      elsif unmatched_fields.any?
-        [:invalid, fields: unmatched_fields]
-      elsif missing_fields.any?
-        [:incomplete, fields: missing_fields]
-      else
-        :ok
-      end
-    end
+      status_code, data = if authorization_handler_name
+                            authorization_handler.authorize(authorization, permission_options)
+                          else
+                            [:ok, {}]
+                          end
-    def status(status_code, data = {})
-      AuthorizationStatus.new(status_code, authorization_handler_name, data)
+      AuthorizationStatus.new(status_code, authorization_handler, data)
     end
+    private
     attr_reader :user, :feature, :action
     def authorization
-      return nil unless user
+      return nil unless user && authorization_handler_name
-      handler = permission["authorization_handler_name"]
-      return nil unless handler
-      @authorization ||= Verifications::Authorizations.new(user: user, name: handler).first
+      @authorization ||= Verifications::Authorizations.new(user: user, name: authorization_handler_name).first
     end
-    def unmatched_fields
-      (permission_options.keys & authorization.metadata.to_h.keys).each_with_object({}) do |field, unmatched|
-        unmatched[field] = permission_options[field] if authorization.metadata[field] != permission_options[field]
-        unmatched
-      end
-    end
+    def authorization_handler
+      return unless authorization_handler_name
-    def missing_fields
-      permission_options.keys.each_with_object([]) do |field, missing|
-        missing << field if authorization.metadata[field].blank?
-        missing
-      end
-    end
-    def permission_options
-      permission["options"] || {}
+      @authorization_handler ||= Verifications::Adapter.from_element(authorization_handler_name)
     end
     def authorization_handler_name
       permission&.fetch("authorization_handler_name", nil)
     end
+    def permission_options
+      permission&.fetch("options", {})
+    end
     def permission
-      return nil unless feature
-      return nil unless action
+      return nil unless feature && action
       @permission ||= feature.permissions&.fetch(action, nil)
     end
@@ -99,32 +69,26 @@ module Decidim
     class AuthorizationStatus
       attr_reader :code, :data
-      def initialize(code, handler_name, data)
+      def initialize(code, authorization_handler, data)
         @code = code.to_sym
-        @handler_name = handler_name
+        @authorization_handler = authorization_handler
         @data = data.symbolize_keys
       end
-      def auth_method
-        return unless @handler_name
-        @auth_method ||= Verifications::Adapter.from_element(@handler_name)
-      end
       def current_path(redirect_url: nil)
-        return unless auth_method
+        return unless @authorization_handler
         if pending?
-          auth_method.resume_authorization_path(redirect_url: redirect_url)
+          @authorization_handler.resume_authorization_path(redirect_url: redirect_url)
         else
-          auth_method.root_path(redirect_url: redirect_url)
+          @authorization_handler.root_path(redirect_url: redirect_url)
         end
       end
       def handler_name
-        return unless auth_method
+        return unless @authorization_handler
-        auth_method.key
+        @authorization_handler.key
       end
       def ok?