decidim-decidim_awesome 0.11.1 → 0.11.3

data/app/controllers/decidim/decidim_awesome/admin/admin_authorizations_controller.rb

@@ -0,0 +1,122 @@
+# frozen_string_literal: true
+
+module Decidim
+  module DecidimAwesome
+    module Admin
+      class AdminAuthorizationsController < DecidimAwesome::Admin::ApplicationController
+        include NeedsAwesomeConfig
+
+        layout "layouts/decidim/decidim_awesome/admin/admin_authorizations"
+        helper_method :user, :authorization, :workflow, :handler, :conflict
+        # overwrite original rescue_from to ensure we print messages from ajax methods
+        rescue_from Decidim::ActionForbidden, with: :json_error
+
+        before_action do
+          enforce_permission_to :edit_config, :admins_available_authorizations, handler: workflow.name
+        end
+
+        def edit
+          render "authorization" if authorization
+        end
+
+        def update
+          if conflict
+            message = render_to_string("conflict")
+          else
+            message = render_to_string("callout", locals: { i18n_key: "user_authorized", klass: "success" })
+            Decidim::Verifications::AuthorizeUser.call(handler, current_organization) do
+              on(:transferred) do |transfer|
+                message += render_to_string("callout", locals: { i18n_key: "authorization_transferred", klass: "success" }) if transfer.records.any?
+              end
+              on(:invalid) do
+                if force_verification.present?
+                  create_forced_authorization
+                else
+                  message = render_to_string("callout", locals: { i18n_key: "user_not_authorized", klass: "alert" })
+                  message += render_to_string("edit", locals: { with_override: true })
+                end
+              end
+              on(:ok) do
+                Decidim::ActionLogger.log("admin_creates_authorization", current_user, user, nil, user_id: user.id, handler: workflow.name, handler_name: workflow.fullname)
+              end
+            end
+          end
+
+          render json: {
+            message:,
+            granted: granted?,
+            userId: user.id,
+            handler: workflow.name
+          }
+        end
+
+        def destroy
+          message = if destroy_authorization
+                      render_to_string("callout", locals: { i18n_key: "authorization_destroyed", klass: "success" })
+                    else
+                      render_to_string("callout", locals: { i18n_key: "authorization_not_destroyed", klass: "alert" })
+                    end
+
+          render json: {
+            message:,
+            granted: granted?,
+            userId: user.id,
+            handler: workflow.name
+          }
+        end
+
+        private
+
+        def create_forced_authorization
+          Decidim::Authorization.create_or_update_from(handler)
+          Decidim::ActionLogger.log("admin_forces_authorization", current_user, user, nil, handler: workflow.name, user_id: user.id, handler_name: workflow.fullname,
+                                                                                           reason: force_verification)
+        end
+
+        def destroy_authorization
+          if authorization&.destroy
+            Decidim::ActionLogger.log("admin_destroys_authorization", current_user, user, nil, user_id: user.id, handler: workflow.name, handler_name: workflow.fullname)
+          end
+        end
+
+        def json_error(exception)
+          render plain: render_to_string("callout", locals: { message: exception.message, klass: "alert" }), status: :unprocessable_entity
+        end
+
+        def user
+          @user ||= Decidim::User.find(params[:id])
+        end
+
+        def authorization
+          @authorization ||= Decidim::Authorization.where.not(granted_at: nil).find_by(user:, name: workflow.name)
+        end
+
+        def granted?
+          authorization&.reload.present?
+        rescue ActiveRecord::RecordNotFound
+          false
+        end
+
+        def workflow
+          @workflow ||= Decidim::Verifications.find_workflow_manifest(params[:handler])
+        end
+
+        def handler
+          @handler ||= Decidim::AuthorizationHandler.handler_for(params[:handler], handler_params)
+        end
+
+        def conflict
+          @conflict ||= Decidim::Authorization.find_by(unique_id: handler.unique_id)
+        end
+
+        def handler_params
+          (params[:authorization_handler] || {}).merge(user:)
+        end
+
+        def force_verification
+          @force_verification ||= params[:force_verification].to_s.strip.presence
+        end
+      end
+    end
+  end
+end

data/app/controllers/decidim/decidim_awesome/admin/checks_controller.rb

@@ -35,7 +35,7 @@ module Decidim
           case part
           when :CSS
             ['<%= append_stylesheet_pack_tag "decidim_decidim_awesome", media: "all" %>',
-             '<%= render(partial: "layouts/decidim/decidim_awesome/custom_styles") if awesome_custom_styles %>'].join("\n")
+             '<%= render(partial: "layouts/decidim/decidim_awesome/custom_styles") if awesome_scoped_styles %>'].join("\n")
           when :JavaScript
             ['<%= render partial: "layouts/decidim/decidim_awesome/awesome_config" %>',
              '<%= append_javascript_pack_tag "decidim_decidim_awesome", defer: false %>',

data/app/controllers/decidim/decidim_awesome/admin/config_controller.rb

@@ -9,7 +9,7 @@ module Decidim
         include ConfigConstraintsHelpers
         helper ConfigConstraintsHelpers
 
-        helper_method :constraints_for, :users_for, :config_var
+        helper_method :constraints_for, :users_for, :config_var, :available_authorizations
         before_action do
           enforce_permission_to :edit_config, configs
         end
@@ -98,6 +98,12 @@ module Decidim
         def format_user_name(user)
           "#{user.name} (@#{user.nickname} - #{user.email})"
         end
+
+        def available_authorizations
+          @available_authorizations ||= Decidim::Verifications::Adapter.from_collection(
+            current_organization.available_authorizations & Decidim.authorization_workflows.map(&:name)
+          )
+        end
       end
     end
   end

data/app/controllers/decidim/decidim_awesome/admin/constraints_controller.rb

@@ -10,8 +10,10 @@ module Decidim
         helper ConfigConstraintsHelpers
 
         layout false
+        helper_method :constraint_key
+
         before_action do
-          render plain: "no permissions for #{constraint_key}" unless allowed_to? :edit_config, constraint_key
+          render :no_permissions unless allowed_to? :edit_config, constraint_key
         end
 
         def show
@@ -128,6 +130,8 @@ module Decidim
           case key
           when /^scoped_style_/
             :scoped_styles
+          when /^scoped_admin_style_/
+            :scoped_admin_styles
           when /^scoped_admin_/
             :scoped_admins
           when /^proposal_custom_field_/

data/app/controllers/decidim/decidim_awesome/admin/maintenance_controller.rb

@@ -64,7 +64,7 @@ module Decidim
         end
 
         def private_data_finder
-          @private_data ||= PrivateDataFinder.new
+          @private_data_finder ||= PrivateDataFinder.new
         end
 
         def time_ago

data/app/controllers/decidim/decidim_awesome/admin/scoped_styles_controller.rb

@@ -6,7 +6,7 @@ module Decidim
       # Global configuration controller
       class ScopedStylesController < DecidimAwesome::Admin::ConfigController
         def create
-          CreateScopedStyle.call(current_organization) do
+          CreateScopedStyle.call(current_organization, config_var) do
             on(:ok) do |key|
               flash[:notice] = I18n.t("config.create_scoped_style.success", key:, scope: "decidim.decidim_awesome.admin")
             end
@@ -16,11 +16,11 @@ module Decidim
             end
           end
 
-          redirect_to decidim_admin_decidim_awesome.config_path(:styles)
+          redirect_to decidim_admin_decidim_awesome.config_path(config_var)
         end
 
         def destroy
-          DestroyScopedStyle.call(params[:key], current_organization) do
+          DestroyScopedStyle.call(params[:key], current_organization, config_var) do
             on(:ok) do |key|
               flash[:notice] = I18n.t("config.destroy_scoped_style.success", key:, scope: "decidim.decidim_awesome.admin")
             end
@@ -30,7 +30,15 @@ module Decidim
             end
           end
 
-          redirect_to decidim_admin_decidim_awesome.config_path(:styles)
+          redirect_to decidim_admin_decidim_awesome.config_path(config_var)
+        end
+
+        private
+
+        def config_var
+          return :scoped_admin_styles if params[:admin_panel] == "true"
+
+          :scoped_styles
         end
       end
     end

data/app/controllers/decidim/decidim_awesome/required_authorizations_controller.rb

@@ -0,0 +1,58 @@
+# frozen_string_literal: true
+
+module Decidim
+  module DecidimAwesome
+    # This controller handles image uploads for the Tiptap editor
+    class RequiredAuthorizationsController < DecidimAwesome::ApplicationController
+      layout "layouts/decidim/authorizations"
+      helper_method :granted_authorizations, :pending_authorizations, :missing_authorizations, :redirect_url
+
+      before_action do
+        redirect_to redirect_url unless user_signed_in?
+        redirect_to redirect_url if user_is_authorized?
+      end
+
+      def redirect_url
+        @redirect_url ||= begin
+          path = params[:redirect_url] || request.referer
+          if path.blank? || path.include?(decidim_decidim_awesome.required_authorizations_path.split("?").first)
+            decidim.root_path
+          else
+            path
+          end
+        end
+      end
+
+      def index
+        enforce_permission_to :read, :required_authorizations, user_is_authorized: user_is_authorized?
+      end
+
+      private
+
+      def missing_authorizations
+        @missing_authorizations ||= required_authorizations.filter do |manifest|
+          Decidim::Verifications::Authorizations.new(
+            organization: current_organization,
+            user: current_user,
+            name: required_authorizations.map(&:name)
+          ).pluck(:name).exclude?(manifest.name)
+        end
+      end
+
+      def pending_authorizations
+        @pending_authorizations ||= required_authorizations.filter do |manifest|
+          Decidim::Verifications::Authorizations.new(
+            organization: current_organization,
+            user: current_user,
+            name: required_authorizations.map(&:name),
+            granted: false
+          ).pluck(:name).include?(manifest.name)
+        end
+      end
+
+      def granted_authorizations
+        @granted_authorizations ||= required_authorizations.filter { |manifest| current_authorizations.pluck(:name).include?(manifest.name) }
+      end
+    end
+  end
+end

data/app/forms/concerns/decidim/decidim_awesome/account_form_override.rb

@@ -0,0 +1,25 @@
+# frozen_string_literal: true
+
+module Decidim
+  module DecidimAwesome
+    module AccountFormOverride
+      extend ActiveSupport::Concern
+
+      included do
+        attribute :user_time_zone
+        validates :user_time_zone, time_zone: true, if: -> { user_time_zone.present? }
+
+        def user_time_zone
+          return nil if awesome_config[:user_timezone].blank?
+
+          super.presence || current_user.extended_data["time_zone"].presence || current_organization.time_zone
+        end
+
+        # Used for the user_time_zone setting, which does not have constraints
+        def awesome_config
+          @awesome_config ||= Decidim::DecidimAwesome::Config.new(current_organization)&.organization_config || {}
+        end
+      end
+    end
+  end
+end

data/app/forms/concerns/decidim/decidim_awesome/system/organization_form_override.rb

@@ -0,0 +1,34 @@
+# frozen_string_literal: true
+
+module Decidim
+  module DecidimAwesome
+    module System
+      module OrganizationFormOverride
+        extend ActiveSupport::Concern
+
+        included do
+          alias_method :decidim_original_map_model, :map_model
+
+          attribute :awesome_admins_available_authorizations, Array[String]
+
+          def map_model(model)
+            decidim_original_map_model(model)
+            map_awesome_configs(model)
+          end
+
+          def clean_awesome_admins_available_authorizations
+            return unless awesome_admins_available_authorizations
+
+            awesome_admins_available_authorizations.select(&:present?)
+          end
+
+          private
+
+          def map_awesome_configs(organization)
+            self.awesome_admins_available_authorizations = Decidim::DecidimAwesome::AwesomeConfig.find_by(var: :admins_available_authorizations, organization:)&.value
+          end
+        end
+      end
+    end
+  end
+end

data/app/forms/decidim/decidim_awesome/admin/config_form.rb

@@ -7,14 +7,20 @@ module Decidim
     module Admin
       class ConfigForm < Decidim::Form
         include ActionView::Helpers::SanitizeHelper
+        include TranslatableAttributes
 
         attribute :allow_images_in_editors, Boolean
         attribute :allow_videos_in_editors, Boolean
         attribute :allow_images_in_proposals, Boolean
         attribute :auto_save_forms, Boolean
         attribute :scoped_styles, Hash
+        attribute :scoped_admin_styles, Hash
         attribute :proposal_custom_fields, Hash
         attribute :proposal_private_custom_fields, Hash
+        attribute :user_timezone, Boolean
+        attribute :force_authorization_after_login, Array
+        attribute :force_authorization_with_any_method, Boolean
+        translatable_attribute :force_authorization_help_text, String
         attribute :scoped_admins, Hash
         attribute :menu, [MenuForm]
         attribute :intergram_for_admins, Boolean
@@ -31,10 +37,10 @@ module Decidim
         attribute :validate_body_start_with_caps, Boolean, default: true
         attribute :additional_proposal_sortings, Array, default: Decidim::DecidimAwesome.possible_additional_proposal_sortings
 
-        # collect all keys anything not specified in the params (UpdateConfig command ignores it)
+        # collect all keys specified in the params (UpdateConfig command ignores everything else)
         attr_accessor :valid_keys
 
-        validate :css_syntax, if: ->(form) { form.scoped_styles.present? }
+        validate :css_syntax
         validate :json_syntax
 
         validates :validate_title_min_length, presence: true, numericality: { greater_than_or_equal_to: 1, less_than_or_equal_to: 100 }
@@ -43,16 +49,29 @@ module Decidim
         validates :validate_body_min_length, presence: true, numericality: { greater_than_or_equal_to: 0 }
         validates :validate_body_max_caps_percent, presence: true, numericality: { greater_than_or_equal_to: 0, less_than_or_equal_to: 100 }
         validates :validate_body_max_marks_together, presence: true, numericality: { greater_than_or_equal_to: 1 }
-
+        validate :force_authorization_after_login_is_valid
         # TODO: validate non general admins are here
 
         def self.from_params(params, additional_params = {})
           instance = super(params, additional_params)
-          instance.valid_keys = params.keys.map(&:to_sym) || []
+          instance.force_authorization_after_login = instance.force_authorization_after_login.compact_blank if instance.force_authorization_after_login.present?
+          instance.valid_keys = extract_valid_keys_from_params(params)
           instance.sanitize_labels!
           instance
         end
 
+        def self.extract_valid_keys_from_params(params)
+          keys = []
+          params.each do |key, _value|
+            keys << if key.to_s.starts_with?("force_authorization_help_text_")
+                      :force_authorization_help_text if keys.exclude?(:force_authorization_help_text)
+                    else
+                      key.to_sym
+                    end
+          end
+          keys
+        end
+
         def additional_proposal_sorting_labels
           Decidim::DecidimAwesome.possible_additional_proposal_sortings.index_by do |sorting|
             I18n.t(sorting, scope: "decidim.proposals.proposals.orders")
@@ -60,12 +79,15 @@ module Decidim
         end
 
         def css_syntax
-          scoped_styles.each do |key, code|
-            next unless code
+          styles = {}
+          styles.merge!(scoped_styles: scoped_styles.values) if scoped_styles.present?
+          styles.merge!(scoped_admin_styles: scoped_admin_styles.values) if scoped_admin_styles.present?
+          styles.each do |key, values|
+            next if values.blank?
 
-            SassC::Engine.new(code).render
+            values.each { |code| SassC::Engine.new(code).render }
           rescue SassC::SyntaxError => e
-            errors.add(:scoped_styles, I18n.t("config.form.errors.incorrect_css", key:, scope: "decidim.decidim_awesome.admin"))
+            errors.add(key, I18n.t("config.form.errors.incorrect_css", key:, scope: "decidim.decidim_awesome.admin"))
             errors.add(key.to_sym, e.message)
           end
         end
@@ -112,6 +134,17 @@ module Decidim
             code
           end
         end
+
+        private
+
+        def force_authorization_after_login_is_valid
+          return if force_authorization_after_login.blank?
+
+          invalid = force_authorization_after_login - (current_organization.available_authorizations & Decidim.authorization_workflows.map(&:name))
+          return if invalid.empty?
+
+          errors.add(:force_authorization_after_login, :invalid)
+        end
       end
     end
   end

data/app/helpers/decidim/decidim_awesome/map_helper.rb

@@ -20,32 +20,34 @@ module Decidim
         end
 
         html_options = {
-          "class" => "awesome-map",
-          "id" => "awesome-map",
-          "data-components" => components.map do |component|
-                                 {
-                                   id: component.id,
-                                   type: component.manifest.name,
-                                   name: translated_attribute(component.name),
-                                   url: Decidim::EngineRouter.main_proxy(component).root_path,
-                                   amendments: component.manifest.name == :proposals ? Decidim::Proposals::Proposal.where(component:).only_emendations.count : 0
-                                 }
-                               end.to_json,
-          "data-hide-controls" => settings_source.try(:hide_controls),
-          "data-collapsed" => global_settings.collapse,
-          "data-truncate" => global_settings.truncate || 255,
-          "data-map-center" => global_settings.map_center,
-          "data-map-zoom" => global_settings.map_zoom || 8,
-          "data-menu-merge-components" => global_settings.menu_merge_components,
-          "data-menu-amendments" => global_settings.menu_amendments,
-          "data-menu-meetings" => global_settings.menu_meetings,
-          "data-menu-categories" => global_settings.menu_categories,
-          "data-menu-hashtags" => global_settings.menu_hashtags,
-          "data-show-not-answered" => step_settings&.show_not_answered,
-          "data-show-accepted" => step_settings&.show_accepted,
-          "data-show-withdrawn" => step_settings&.show_withdrawn,
-          "data-show-evaluating" => step_settings&.show_evaluating,
-          "data-show-rejected" => step_settings&.show_rejected
+          class: "awesome-map",
+          id: "awesome-map",
+          data: {
+            "components" => components.map do |component|
+                              {
+                                id: component.id,
+                                type: component.manifest.name,
+                                name: translated_attribute(component.name),
+                                url: Decidim::EngineRouter.main_proxy(component).root_path,
+                                amendments: component.manifest.name == :proposals ? Decidim::Proposals::Proposal.where(component:).only_emendations.count : 0
+                              }
+                            end.to_json,
+            "hide-controls" => settings_source.try(:hide_controls),
+            "collapsed" => global_settings.collapse,
+            "truncate" => global_settings.truncate || 255,
+            "map-center" => global_settings.map_center,
+            "map-zoom" => global_settings.map_zoom || 8,
+            "menu-merge-components" => global_settings.menu_merge_components,
+            "menu-amendments" => global_settings.menu_amendments,
+            "menu-meetings" => global_settings.menu_meetings,
+            "menu-categories" => global_settings.menu_categories,
+            "menu-hashtags" => global_settings.menu_hashtags,
+            "show-not-answered" => step_settings&.show_not_answered,
+            "show-accepted" => step_settings&.show_accepted,
+            "show-withdrawn" => step_settings&.show_withdrawn,
+            "show-evaluating" => step_settings&.show_evaluating,
+            "show-rejected" => step_settings&.show_rejected
+          }
         }
 
         content_tag(:div, html_options) do

data/app/models/decidim/decidim_awesome/paper_trail_version.rb

@@ -9,6 +9,10 @@ module Decidim
         DecidimAwesome.participatory_space_roles.filter(&:safe_constantize)
       end
 
+      def self.safe_admin_role_type(admin_role)
+        Decidim.user_roles.find { |role| role == admin_role }
+      end
+
       scope :space_role_actions, lambda { |organization|
         role_changes = where(item_type: PaperTrailVersion.safe_user_roles, event: "create")
         user_ids_from_object_changes = role_changes.pluck(:object_changes).map { |change| change.match(/decidim_user_id:\n- ?\n- (\d+)/)[1].to_i }
@@ -33,7 +37,7 @@ module Decidim
         when "admin"
           base.where("object_changes LIKE '%\nadmin:\n- false\n- true%'")
         else
-          base.where(Arel.sql("object_changes LIKE '%\nroles:\n- []\n- - #{filter}\n%'"))
+          base.where("object_changes LIKE ?", "%\nroles:\n- []\n- - #{filter}\n%")
         end
       end
 

data/app/overrides/decidim/account/show/add_timezone_select.html.erb.deface

@@ -0,0 +1,3 @@
+<!-- insert_after 'erb[loud]:contains("@account.organization.available_locales")' -->
+
+<%= render partial: "decidim/decidim_awesome/account/timezone_select", locals: { f: f } %>

data/app/overrides/decidim/admin/officializations/index/add_modal.html.erb.deface

@@ -0,0 +1,3 @@
+<!-- insert_after "erb[loud]:contains('show_email_modal')" -->
+
+<%= render "decidim/decidim_awesome/admin/officializations/verification_modal" %>

data/app/overrides/decidim/admin/officializations/index/add_td.html.erb.deface

@@ -0,0 +1,5 @@
+<!-- insert_before "td.table-list__actions" -->
+
+<% if awesome_config[:admins_available_authorizations] %>
+  <%= render "decidim/decidim_awesome/admin/officializations/participants_td", user: %>
+<% end %>

data/app/overrides/decidim/admin/officializations/index/add_th.html.erb.deface

@@ -0,0 +1,5 @@
+<!-- insert_before "th:last" -->
+
+<% if awesome_config[:admins_available_authorizations] %>
+  <%= render "decidim/decidim_awesome/admin/officializations/participants_th" %>
+<% end %>

data/app/overrides/decidim/system/organizations/_advanced_settings/add_awesome_config.html.erb.deface

@@ -0,0 +1,9 @@
+<!-- insert_top '#advanced-settings-panel' -->
+
+<% if Decidim::DecidimAwesome.enabled?(:admins_available_authorizations) %>
+  <div class="awesome_available_authorizations border-2 rounded border-background p-4 form__wrapper mt-8 first:mt-0 last:pb-4">
+    <h3 class="h4"><%= t "decidim.decidim_awesome.system.organizations.awesome_tweaks" %></h3>
+
+    <%= render partial: "decidim/decidim_awesome/system/organizations/admin_allowed_authorizations", locals: { f: f } %>
+  </div>
+<% end %>

data/app/overrides/layouts/decidim/_head/add_awesome_tags.html.erb.deface

@@ -1,7 +1,7 @@
 <!-- insert_after "erb[loud]:contains('append_stylesheet_pack_tag')" -->
 
 <% append_stylesheet_pack_tag "decidim_decidim_awesome", media: "all" %>
-<%= render(partial: "layouts/decidim/decidim_awesome/custom_styles") if awesome_custom_styles.present? %>
+<%= render(partial: "layouts/decidim/decidim_awesome/custom_styles") if awesome_scoped_styles.present? %>
 
 <% append_javascript_pack_tag "decidim_decidim_awesome", defer: false %>
 <% append_javascript_pack_tag("decidim_decidim_awesome_custom_fields") if Decidim::DecidimAwesome.enabled?(:proposal_custom_fields) %>

data/app/overrides/layouts/decidim/admin/_header/add_awesome_custom_styles.html.erb.deface

@@ -0,0 +1,3 @@
+<!-- insert_after "erb[loud]:contains('snippets.display(:head)')" -->
+
+<%= render(partial: "layouts/decidim/decidim_awesome/admin/custom_styles") if awesome_scoped_admin_styles.present? %>

data/app/overrides/layouts/decidim/admin/_header/add_awesome_tags.html.erb.deface

@@ -3,6 +3,7 @@
 <%= render partial: "layouts/decidim/decidim_awesome/awesome_config" %>
 <% append_stylesheet_pack_tag("decidim_admin_decidim_awesome_global") %>
 <% append_javascript_pack_tag("decidim_admin_decidim_awesome_global") %>
+
 <% append_javascript_pack_tag("decidim_decidim_awesome_custom_fields") if Decidim::DecidimAwesome.enabled?(:proposal_custom_fields) %>
 <% if awesome_config[:intergram_for_admins] %>
   <%= render partial: "layouts/decidim/decidim_awesome/intergram_widget", locals: { settings: organization_awesome_config[:intergram_for_admins_settings] } %>

data/app/packs/src/decidim/decidim_awesome/admin/proposal_sortings.js

@@ -15,11 +15,6 @@ document.addEventListener("DOMContentLoaded", () => {
     render: {
       option: function (data, escape) {
         return `<div>${escape(data.text)}</div>`;
-      },
-      item: function (data, escape) {
-        return Boolean(data.is_admin) || data.isAdmin === "true"
-          ? `<div class="is-admin">${escape(data.text)}</div>`
-          : `<div>${escape(data.text)}</div>`;
       }
     }
   });

data/app/packs/src/decidim/decidim_awesome/admin/verification_selects.js

@@ -0,0 +1,21 @@
+/* eslint-disable no-new */
+
+import TomSelect from "tom-select/dist/cjs/tom-select.popular";
+
+document.addEventListener("DOMContentLoaded", () => {
+  const selectContainer = document.getElementById("config_force_authorization_after_login");
+
+  if (!selectContainer) {
+    return;
+  }
+
+  new TomSelect(selectContainer, {
+    plugins: ["remove_button", "dropdown_input"],
+    create: false,
+    render: {
+      option: function (data, escape) {
+        return `<div>${escape(data.text)}</div>`;
+      }
+    }
+  });
+});