RubyGems - decidim-initiatives - Versions diffs - 0.16.1 → 0.17.0 - Mend

decidim-initiatives 0.16.1 → 0.17.0

Files changed (126) hide show

data/app/helpers/decidim/initiatives/create_initiative_helper.rb CHANGED

@@ -4,22 +4,16 @@ module Decidim
   module Initiatives
     # Helper methods for the create initiative wizard.
     module CreateInitiativeHelper
-      def signature_type_options
+      def signature_type_options(initiative_form)
+        return all_signature_type_options unless initiative_form.signature_type_updatable?
         return online_signature_type_options unless Decidim::Initiatives.face_to_face_voting_allowed
-        return offline_signature_type_options unless Decidim::Initiatives.online_voting_allowed
+        return offline_signature_type_options unless online_signature_allowed?(initiative_form)
-        options = []
-        Initiative.signature_types.each_key do |type|
-          options << [
-            I18n.t(
-              type,
-              scope: %w(activemodel attributes initiative signature_type_values)
-            ), type
-          ]
-        end
-        options
+        all_signature_type_options
       end
+      private
       def online_signature_type_options
         [
           [
@@ -41,6 +35,25 @@ module Decidim
           ]
         ]
       end
+      def all_signature_type_options
+        Initiative.signature_types.keys.map do |type|
+          [
+            I18n.t(
+              type,
+              scope: %w(activemodel attributes initiative signature_type_values)
+            ), type
+          ]
+        end
+      end
+      def online_signature_allowed?(initiative_form)
+        Decidim::Initiatives.online_voting_allowed && online_signature_enabled_in_type?(initiative_form)
+      end
+      def online_signature_enabled_in_type?(initiative_form)
+        ::Decidim::InitiativesType.find(initiative_form.type_id).online_signature_enabled
+      end
     end
   end
 end

data/app/helpers/decidim/initiatives/initiative_helper.rb CHANGED

@@ -79,6 +79,24 @@ module Decidim
       def popularity_level5?(initiative)
         initiative.percentage >= 100
       end
+      def authorized_vote_modal_button(initiative, html_options, &block)
+        return if current_user && action_authorized_to("vote", resource: initiative, permissions_holder: initiative.type).ok?
+        tag = "button"
+        html_options ||= {}
+        if !current_user
+          html_options["data-open"] = "loginModal"
+        else
+          html_options["data-open"] = "authorizationModal"
+          html_options["data-open-url"] = authorization_sign_modal_initiative_path(initiative)
+        end
+        html_options["onclick"] = "event.preventDefault();"
+        send("#{tag}_to", "", html_options, &block)
+      end
     end
   end
 end

data/app/models/decidim/initiative.rb CHANGED

@@ -57,6 +57,8 @@ module Decidim
     validates :title, :description, :state, presence: true
     validates :signature_type, presence: true
+    validate :signature_type_allowed
     validates :hashtag,
               uniqueness: true,
               allow_blank: true,
@@ -78,6 +80,7 @@ module Decidim
     scope :with_state, ->(state) { where(state: state) if state.present? }
     scope :public_spaces, -> { published }
+    scope :signature_type_updatable, -> { created }
     scope :order_by_most_recent, -> { order(created_at: :desc) }
     scope :order_by_supports, -> { order(Arel.sql("initiative_votes_count + coalesce(offline_votes, 0) desc")) }
@@ -172,12 +175,22 @@ module Decidim
     # RETURNS string
     delegate :banner_image, to: :type
+    delegate :document_number_authorization_handler, to: :type
+    delegate :supports_required, to: :scoped_type
     def votes_enabled?
       published? &&
         signature_start_date <= Date.current &&
         signature_end_date >= Date.current
     end
+    # Public: Check if the user has voted the question.
+    #
+    # Returns Boolean.
+    def voted_by?(user)
+      votes.where(author: user).any?
+    end
     # Public: Checks if the organization has given an answer for the initiative.
     #
     # Returns Boolean.
@@ -239,9 +252,14 @@ module Decidim
     # Public: Returns the percentage of required supports reached
     def percentage
-      percentage = supports_count * 100 / scoped_type.supports_required
-      percentage = 100 if percentage > 100
-      percentage
+      return 100 if supports_goal_reached?
+      supports_count * 100 / supports_required
+    end
+    # Public: Whether the supports required objective has been reached
+    def supports_goal_reached?
+      supports_count >= supports_required
     end
     # Public: Overrides slug attribute from participatory processes.
@@ -281,8 +299,41 @@ module Decidim
         published?
     end
+    def accepts_online_votes?
+      Decidim::Initiatives.online_voting_allowed &&
+        (online? || any?) &&
+        votes_enabled?
+    end
+    def accepts_online_unvotes?
+      accepts_online_votes? && type.undo_online_signatures_enabled?
+    end
+    def minimum_committee_members
+      type.minimum_committee_members || Decidim::Initiatives.minimum_committee_members
+    end
+    def enough_committee_members?
+      committee_members.approved.count >= minimum_committee_members
+    end
+    # PUBLIC
+    #
+    # Checks if the type the initiative belongs to enables SMS code
+    # verification step. Tis configuration is ignored if the organization
+    # doesn't have the sms authorization available
+    #
+    # RETURNS boolean
+    def validate_sms_code_on_votes?
+      organization.available_authorizations.include?("sms") && type.validate_sms_code_on_votes?
+    end
     private
+    def signature_type_allowed
+      errors.add(:signature_type, :invalid) if !published? && type.allowed_signature_types_for_initiatives.exclude?(signature_type)
+    end
     def notify_state_change
       return unless saved_change_to_state?
       notifier = Decidim::Initiatives::StatusChangeNotifier.new(initiative: self)

data/app/models/decidim/initiatives_committee_member.rb CHANGED

@@ -19,5 +19,6 @@ module Decidim
     scope :approved, -> { where(state: :accepted) }
     scope :non_deleted, -> { includes(:user).where(decidim_users: { deleted_at: nil }) }
+    scope :excluding_author, -> { joins(:initiative).where.not("decidim_users_id = decidim_author_id") }
   end
 end

data/app/models/decidim/initiatives_type.rb CHANGED

@@ -3,7 +3,10 @@
 module Decidim
   # Initiative type.
   class InitiativesType < ApplicationRecord
+    include Decidim::HasResourcePermission
     validates :title, :description, presence: true
+    validates :online_signature_enabled, inclusion: { in: [true, false] }
     mount_uploader :banner_image, Decidim::BannerImageUploader
@@ -16,5 +19,32 @@ module Decidim
              class_name: "Decidim::InitiativesTypeScope",
              dependent: :destroy,
              inverse_of: :type
+    def allowed_signature_types_for_initiatives
+      signature_types = []
+      signature_types << "online" if Decidim::Initiatives.online_voting_allowed && online_signature_enabled
+      signature_types << "offline" if Decidim::Initiatives.face_to_face_voting_allowed
+      signature_types << "any" if signature_types.size == (Initiative.signature_types.size - 1)
+      signature_types
+    end
+    def initiatives
+      initiatives_ids = scopes.map { |scope| scope.initiatives.pluck(:id) }.flatten
+      Initiative.where(id: initiatives_ids)
+    end
+    def allow_resource_permissions?
+      true
+    end
+    def mounted_admin_engine
+      "decidim_admin_initiatives"
+    end
+    def mounted_params
+      { host: organization.host }
+    end
   end
 end

data/app/permissions/decidim/initiatives/admin/permissions.rb CHANGED

@@ -35,6 +35,7 @@ module Decidim
           initiative_type_scope_action?
           initiative_committee_action?
           initiative_admin_user_action?
+          moderator_action?
           allow! if permission_action.subject == :attachment
           permission_action
@@ -82,7 +83,7 @@ module Decidim
         end
         def initiative_type_action?
-          return unless permission_action.subject == :initiative_type
+          return unless [:initiative_type, :initiatives_type].include? permission_action.subject
           initiative_type = context.fetch(:initiative_type, nil)
@@ -136,6 +137,8 @@ module Decidim
             toggle_allow(initiative.published?)
           when :discard
             toggle_allow(initiative.validating?)
+          when :export_pdf_signatures
+            toggle_allow(initiative.published? || initiative.accepted? || initiative.rejected?)
           when :export_votes
             toggle_allow(initiative.offline? || initiative.any?)
           when :accept
@@ -153,6 +156,12 @@ module Decidim
           end
         end
+        def moderator_action?
+          return unless permission_action.subject == :moderation
+          allow!
+        end
         def read_initiative_list_action?
           return unless permission_action.subject == :initiative &&
                         permission_action.action == :list
@@ -171,8 +180,8 @@ module Decidim
             toggle_allow(initiative.created?)
           when :send_to_technical_validation
             allowed = initiative.created? && (
-                        !initiative.decidim_user_group_id.nil? ||
-                          initiative.committee_members.approved.count >= Decidim::Initiatives.minimum_committee_members
+                        !initiative.created_by_individual? ||
+                        initiative.enough_committee_members?
                       )
             toggle_allow(allowed)

data/app/permissions/decidim/initiatives/permissions.rb CHANGED

@@ -14,6 +14,7 @@ module Decidim
         return permission_action if permission_action.scope != :public
         # Non-logged users permissions
+        public_report_content_action?
         list_public_initiatives?
         read_public_initiative?
         search_initiative_types_and_scopes?
@@ -24,6 +25,7 @@ module Decidim
         request_membership?
         vote_initiative?
+        sign_initiative?
         unvote_initiative?
         permission_action
@@ -51,7 +53,7 @@ module Decidim
       def search_initiative_types_and_scopes?
         return unless permission_action.action == :search
-        return unless [:initiative_type, :initiative_type_scope].include?(permission_action.subject)
+        return unless [:initiative_type, :initiative_type_scope, :initiative_type_signature_types].include?(permission_action.subject)
         allow!
       end
@@ -104,30 +106,57 @@ module Decidim
         return unless permission_action.action == :vote &&
                       permission_action.subject == :initiative
-        can_vote = initiative.votes_enabled? &&
-                   initiative.organization&.id == user.organization&.id &&
-                   initiative.votes.where(decidim_author_id: user.id, decidim_user_group_id: decidim_user_group_id).empty? &&
-                   (can_user_support?(initiative) || Decidim::UserGroups::ManageableUserGroups.for(user).verified.any?)
+        toggle_allow(can_vote?)
+      end
+      def authorized?(permission_action, resource: nil, permissions_holder: nil)
+        return unless resource || permissions_holder
-        toggle_allow(can_vote)
+        ActionAuthorizer.new(user, permission_action, permissions_holder, resource).authorize.ok?
       end
       def unvote_initiative?
         return unless permission_action.action == :unvote &&
                       permission_action.subject == :initiative
-        can_unvote = initiative.votes_enabled? &&
+        can_unvote = initiative.accepts_online_unvotes? &&
                      initiative.organization&.id == user.organization&.id &&
                      initiative.votes.where(decidim_author_id: user.id, decidim_user_group_id: decidim_user_group_id).any? &&
-                     (can_user_support?(initiative) || Decidim::UserGroups::ManageableUserGroups.for(user).verified.any?)
+                     (can_user_support?(initiative) || Decidim::UserGroups::ManageableUserGroups.for(user).verified.any?) &&
+                     authorized?(:vote, resource: initiative, permissions_holder: initiative.type)
         toggle_allow(can_unvote)
       end
+      def public_report_content_action?
+        return unless permission_action.action == :create &&
+                      permission_action.subject == :moderation
+        allow!
+      end
+      def sign_initiative?
+        return unless permission_action.action == :sign_initiative &&
+                      permission_action.subject == :initiative
+        can_sign = can_vote? &&
+                   context.fetch(:signature_has_steps, false)
+        toggle_allow(can_sign)
+      end
       def decidim_user_group_id
         context.fetch(:group_id, nil)
       end
+      def can_vote?
+        initiative.votes_enabled? &&
+          initiative.organization&.id == user.organization&.id &&
+          initiative.votes.where(decidim_author_id: user.id, decidim_user_group_id: decidim_user_group_id).empty? &&
+          (can_user_support?(initiative) || Decidim::UserGroups::ManageableUserGroups.for(user).verified.any?) &&
+          authorized?(:vote, resource: initiative, permissions_holder: initiative.type)
+      end
       def can_user_support?(initiative)
         !initiative.offline? && (
           Decidim::Initiatives.do_not_require_authorization ||

data/app/queries/decidim/initiatives/admin/admin_users.rb ADDED

@@ -0,0 +1,39 @@
+# frozen_string_literal: true
+module Decidim
+  module Initiatives
+    module Admin
+      # A class used to find the admins for an initiative.
+      class AdminUsers < Rectify::Query
+        # Syntactic sugar to initialize the class and return the queried objects.
+        #
+        # initiative - Decidim::Initiative
+        def self.for(initiative)
+          new(initiative).query
+        end
+        # Initializes the class.
+        #
+        # initiative - Decidim::Initiative
+        def initialize(initiative)
+          @initiative = initiative
+        end
+        # Finds organization admins and the users with role admin for the given initiative.
+        #
+        # Returns an ActiveRecord::Relation.
+        def query
+          Decidim::User.where(id: organization_admins)
+        end
+        private
+        attr_reader :initiative
+        def organization_admins
+          initiative.organization.admins
+        end
+      end
+    end
+  end
+end

data/app/services/decidim/initiatives/data_encryptor.rb ADDED

@@ -0,0 +1,26 @@
+# frozen_string_literal: true
+module Decidim
+  module Initiatives
+    # Service to encrypt and decrypt metadata
+    class DataEncryptor
+      attr_reader :secret
+      def initialize(args = {})
+        @secret = args.fetch(:secret) || "default"
+        @key = ActiveSupport::KeyGenerator.new(secret).generate_key(
+          Rails.application.secrets.secret_key_base, ActiveSupport::MessageEncryptor.key_len
+        )
+        @encryptor = ActiveSupport::MessageEncryptor.new(@key)
+      end
+      def encrypt(data)
+        @encryptor.encrypt_and_sign(data)
+      end
+      def decrypt(encrypted_data)
+        @encryptor.decrypt_and_verify(encrypted_data)
+      end
+    end
+  end
+end

data/app/services/decidim/initiatives/dummy_timestamp.rb ADDED

@@ -0,0 +1,22 @@
+# frozen_string_literal: true
+module Decidim
+  module Initiatives
+    # Example of service to generate a timestamp for a document
+    class DummyTimestamp
+      attr_accessor :document
+      # Public: Initializes the service.
+      # document - The document for which the timestamp is going to be generated
+      # signature_type
+      def initialize(args = {})
+        @document = args.fetch(:document)
+      end
+      # Public: Timestamp generated from data
+      def timestamp
+        @timestamp ||= Base64.encode64(OpenSSL::Digest::SHA1.digest("#{@document}-#{Time.current}")).chop
+      end
+    end
+  end
+end