RubyGems - decidim-initiatives - Versions diffs - 0.20.0 → 0.23.1.rc1 - Mend

decidim-initiatives 0.20.0 → 0.23.1.rc1

Files changed (185) hide show

data/app/forms/decidim/initiatives/admin/initiative_type_form.rb CHANGED

@@ -14,6 +14,11 @@ module Decidim
         attribute :banner_image, String
         attribute :signature_type, String
         attribute :undo_online_signatures_enabled, Boolean
+        attribute :attachments_enabled, Boolean
+        attribute :custom_signature_end_date_enabled, Boolean
+        attribute :area_enabled, Boolean
+        attribute :child_scope_threshold_enabled, Boolean
+        attribute :only_global_scope_enabled, Boolean
         attribute :promoting_committee_enabled, Boolean
         attribute :minimum_committee_members, Integer
         attribute :collect_user_extra_fields, Boolean
@@ -22,9 +27,11 @@ module Decidim
         attribute :document_number_authorization_handler, String
         validates :title, :description, translatable_presence: true
-        validates :undo_online_signatures_enabled, :promoting_committee_enabled, inclusion: { in: [true, false] }
+        validates :attachments_enabled, :undo_online_signatures_enabled, :custom_signature_end_date_enabled,
+                  :area_enabled, :promoting_committee_enabled, inclusion: { in: [true, false] }
         validates :minimum_committee_members, numericality: { only_integer: true }, allow_nil: true
         validates :banner_image, presence: true, if: ->(form) { form.context.initiative_type.nil? }
+        validates :document_number_authorization_handler, presence: true, if: ->(form) { form.collect_user_extra_fields? }
         def minimum_committee_members=(value)
           super(value.presence)

data/app/forms/decidim/initiatives/initiative_form.rb CHANGED

@@ -12,15 +12,24 @@ module Decidim
       attribute :description, String
       attribute :type_id, Integer
       attribute :scope_id, Integer
+      attribute :area_id, Integer
       attribute :decidim_user_group_id, Integer
       attribute :signature_type, String
+      attribute :signature_end_date, Date
       attribute :state, String
+      attribute :attachment, AttachmentForm
       validates :title, :description, presence: true
       validates :title, length: { maximum: 150 }
       validates :signature_type, presence: true
       validates :type_id, presence: true
+      validates :area, presence: true, if: ->(form) { form.area_id.present? }
       validate :scope_exists
+      validate :notify_missing_attachment_if_errored
+      validate :trigger_attachment_errors
+      validates :signature_end_date, date: { after: Date.current }, if: lambda { |form|
+        form.context.initiative_type.custom_signature_end_date_enabled? && form.signature_end_date.present?
+      }
       def map_model(model)
         self.type_id = model.type.id
@@ -32,15 +41,61 @@ module Decidim
       end
       def scope_id
+        return nil if initiative_type.only_global_scope_enabled?
         super.presence
       end
+      def area
+        @area ||= current_organization.areas.find_by(id: area_id)
+      end
+      def initiative_type
+        @initiative_type ||= InitiativesType.find(type_id)
+      end
+      def available_scopes
+        @available_scopes ||= if initiative_type.only_global_scope_enabled?
+                                initiative_type.scopes.where(scope: nil)
+                              else
+                                initiative_type.scopes
+                              end
+      end
+      def scope
+        @scope ||= Scope.find(scope_id) if scope_id.present?
+      end
       private
       def scope_exists
         return if scope_id.blank?
-        errors.add(:scope_id, :invalid) unless InitiativesTypeScope.where(decidim_initiatives_types_id: type_id, decidim_scopes_id: scope_id).exists?
+        errors.add(:scope_id, :invalid) unless InitiativesTypeScope.where(type: initiative_type, scope: scope).exists?
+      end
+      # This method will add an error to the `attachment` field only if there's
+      # any error in any other field. This is needed because when the form has
+      # an error, the attachment is lost, so we need a way to inform the user of
+      # this problem.
+      def notify_missing_attachment_if_errored
+        return if attachment.blank?
+        errors.add(:attachment, :needs_to_be_reattached) if errors.any?
+      end
+      def trigger_attachment_errors
+        return if attachment.blank?
+        return if attachment.valid?
+        attachment.errors.each { |error| errors.add(:attachment, error) }
+        attachment = Attachment.new(
+          attached_to: attachment.try(:attached_to),
+          file: attachment.try(:file)
+        )
+        errors.add(:attachment, :file) if !attachment.save && attachment.errors.has_key?(:file)
       end
     end
   end

data/app/forms/decidim/initiatives/vote_form.rb CHANGED

@@ -19,110 +19,163 @@ module Decidim
       attribute :encrypted_metadata, String
       attribute :hash_id, String
-      attribute :initiative_id, Integer
-      attribute :author_id, Integer
-      attribute :group_id, Integer
+      attribute :initiative, Decidim::Initiative
+      attribute :signer, Decidim::User
-      validates :name_and_surname, :document_number, :date_of_birth, :postal_code, presence: true, if: :required_personal_data?
-      validates :encrypted_metadata, presence: true, if: :required_personal_data?
-      validates :initiative_id, presence: true
-      validates :author_id, presence: true
+      validates :initiative, :signer, presence: true
-      validate :document_number_authorized, if: :required_personal_data?
-      validate :document_number_uniqueness, if: :required_personal_data?
-      validate :personal_data_consistent_with_metadata, if: :required_personal_data?
-      def initiative
-        @initiative ||= Decidim::Initiative.find_by(id: initiative_id)
+      with_options if: :required_personal_data? do
+        validates :name_and_surname, :document_number, :date_of_birth, :postal_code, :encrypted_metadata, :hash_id, presence: true
+        validate :document_number_authorized?
+        validate :already_voted?
       end
       delegate :scope, to: :initiative
-      def metadata
-        { name_and_surname: name_and_surname,
-          document_number: document_number,
-          date_of_birth: date_of_birth,
-          postal_code: postal_code }
-      end
       def encrypted_metadata
-        @encrypted_metadata ||= encrypt_metadata
+        return unless required_personal_data?
+        @encrypted_metadata ||= encryptor.encrypt(metadata)
       end
+      # Public: The hash to uniquely identify an initiative vote. It uses the
+      # initiative scope as a default.
+      #
+      # Returns a String.
       def hash_id
-        Digest::MD5.hexdigest(
-          "#{initiative_id}-#{document_number || author_id}-#{Rails.application.secrets.secret_key_base}"
+        return unless initiative && (document_number || signer)
+        @hash_id ||= Digest::MD5.hexdigest(
+          [
+            initiative.id,
+            document_number || signer.id,
+            Rails.application.secrets.secret_key_base
+          ].compact.join("-")
         )
       end
-      def decrypted_metadata
-        return unless encrypted_metadata
+      # Public: Builds the list of scopes where the user is authorized to vote in. This is used when
+      # the initiative allows also voting on child scopes, not only the main scope.
+      #
+      # Instead of just listing the children of the main scope, we just want to select the ones that
+      # have been added to the InitiativeType with its voting settings.
+      #
+      def authorized_scopes
+        initiative.votable_initiative_type_scopes.select do |initiative_type_scope|
+          initiative_type_scope.global_scope? ||
+            initiative_type_scope.scope == user_authorized_scope ||
+            initiative_type_scope.scope.ancestor_of?(user_authorized_scope)
+        end.flat_map(&:scope)
+      end
+      # Public: Finds the scope the user has an authorization for, this way the user can vote
+      # on that scope and its parents.
+      #
+      # This is can be used to allow users that are authorized with a children
+      # scope to sign an initiative with a parent scope.
+      #
+      # As an example: A city (global scope) has many districts (scopes with
+      # parent nil), and each district has different neighbourhoods (with its
+      # parent as a district). If we setup the authorization handler to match
+      # a neighbourhood, the same authorization can be used to participate
+      # in district, neighbourhoods or city initiatives.
+      #
+      # Returns a Decidim::Scope.
+      def user_authorized_scope
+        return scope if handler_name.blank?
+        return unless authorized?
+        @user_authorized_scope ||= authorized_scope_candidates.find do |scope|
+          scope&.id == authorization.metadata.symbolize_keys[:scope_id]
+        end
+      end
+      # Public: Builds a list of Decidim::Scopes where the user could have a
+      # valid authorization.
+      #
+      # If the intiative is set with a global scope (meaning the scope is nil),
+      # all the scopes in the organizaton are valid.
+      #
+      # Returns an array of Decidim::Scopes.
+      def authorized_scope_candidates
+        authorized_scope_candidates = [initiative.scope]
+        authorized_scope_candidates += if initiative.scope.present?
+                                         initiative.scope.descendants
+                                       else
+                                         initiative.organization.scopes
+                                       end
+        authorized_scope_candidates.uniq
+      end
-        encryptor.decrypt(encrypted_metadata)
+      def metadata
+        {
+          name_and_surname: name_and_surname,
+          document_number: document_number,
+          date_of_birth: date_of_birth,
+          postal_code: postal_code
+        }
       end
       protected
+      # Private: Whether the personal data given when signing the initiative should
+      # be stored together with the vote or not.
+      #
+      # Returns a Boolean.
       def required_personal_data?
-        initiative_type&.collect_user_extra_fields?
+        @required_personal_data ||= initiative&.type&.collect_user_extra_fields?
       end
-      def initiative_type
-        @initiative_type ||= initiative&.scoped_type&.type
-      end
-      def encryptor
-        @encryptor ||= DataEncryptor.new(secret: "personal user metadata")
-      end
-      def encrypt_metadata
-        return unless required_personal_data?
-        encryptor.encrypt(metadata)
-      end
-      def document_number_authorized
+      # Private: Checks that the unique hash computed from the authorization
+      # and the user provided data match.
+      #
+      # This prevents users that know partial data from another user to sign
+      # initiatives with someone elses identity.
+      def document_number_authorized?
         return if initiative.document_number_authorization_handler.blank?
         errors.add(:document_number, :invalid) unless authorized? && authorization_handler && authorization.unique_id == authorization_handler.unique_id
       end
-      def document_number_uniqueness
-        errors.add(:document_number, :taken) if initiative.votes.where(hash_id: hash_id).exists?
-      end
-      def personal_data_consistent_with_metadata
-        return if initiative.document_number_authorization_handler.blank?
-        errors.add(:base, :invalid) unless authorized? &&
-                                           authorization_handler &&
-                                           authorization_handler_metadata_variations.any? { |variation| authorization.metadata.symbolize_keys == variation.symbolize_keys }
+      # Private: Checks if there's any existing vote that matches the user's data.
+      def already_voted?
+        errors.add(:document_number, :taken) if initiative.votes.where(hash_id: hash_id, scope: scope).exists?
       end
       def author
         @author ||= current_organization.users.find_by(id: author_id)
       end
+      # Private: Finds an authorization for the user signing the initiative and
+      # the configured handler.
       def authorization
-        return unless author && handler_name
-        @authorization ||= Verifications::Authorizations.new(organization: author.organization, user: author, name: handler_name).first
-      end
-      def authorization_status
-        return unless authorization
+        return unless signer && handler_name
-        Decidim::Verifications::Adapter.from_element(handler_name).authorize(authorization, {}, nil, nil)
+        @authorization ||= Verifications::Authorizations.new(
+          organization: signer.organization,
+          user: signer,
+          name: handler_name
+        ).first
       end
+      # Private: Checks if the authorization hasn't expired or is invalid.
       def authorized?
         authorization_status&.first == :ok
       end
-      def handler_name
-        initiative.document_number_authorization_handler
-      end
+      # Private: Builds an authorization handler with the data the user provided
+      # when signing the initiative.
+      #
+      # This is currently tied to authorization handlers that have, at least, these attributes:
+      #   * document_number
+      #   * name_and_surname
+      #   * date_of_birth
+      #   * postal_code
+      #
+      # Once we have the authorization handler we can use is to compute the
+      # unique_id and compare it to an existing authorization.
+      #
+      # Returns a Decidim::AuthorizationHandler.
       def authorization_handler
         return unless document_number && handler_name
@@ -130,21 +183,25 @@ module Decidim
                                                                              document_number: document_number,
                                                                              name_and_surname: name_and_surname,
                                                                              date_of_birth: date_of_birth,
-                                                                             postal_code: postal_code,
-                                                                             scope_id: scope&.id)
+                                                                             postal_code: postal_code)
       end
-      def authorization_handler_metadata_variations
-        return [] unless authorization_handler && scope.present?
+      # Private: The AuthorizationHandler name used to verify the user's
+      # document number.
+      #
+      # Returns a String.
+      def handler_name
+        initiative.document_number_authorization_handler
+      end
+      def authorization_status
+        return unless authorization
-        scope.children.map do |child_scope|
-          Decidim::AuthorizationHandler.handler_for(handler_name,
-                                                    document_number: document_number,
-                                                    name_and_surname: name_and_surname,
-                                                    date_of_birth: date_of_birth,
-                                                    postal_code: postal_code,
-                                                    scope_id: child_scope&.id)
-        end.unshift(authorization_handler).map(&:metadata)
+        Decidim::Verifications::Adapter.from_element(handler_name).authorize(authorization, {}, nil, nil)
+      end
+      def encryptor
+        @encryptor ||= DataEncryptor.new(secret: "personal user metadata")
       end
     end
   end

data/app/helpers/decidim/initiatives/application_helper.rb ADDED

@@ -0,0 +1,104 @@
+# frozen_string_literal: true
+module Decidim
+  module Initiatives
+    # Custom helpers, scoped to the initiatives engine.
+    #
+    module ApplicationHelper
+      include Decidim::CheckBoxesTreeHelper
+      def filter_states_values
+        TreeNode.new(
+          TreePoint.new("", t("decidim.initiatives.application_helper.filter_state_values.all")),
+          [
+            TreePoint.new("open", t("decidim.initiatives.application_helper.filter_state_values.open")),
+            TreeNode.new(
+              TreePoint.new("closed", t("decidim.initiatives.application_helper.filter_state_values.closed")),
+              [
+                TreePoint.new("accepted", t("decidim.initiatives.application_helper.filter_state_values.accepted")),
+                TreePoint.new("rejected", t("decidim.initiatives.application_helper.filter_state_values.rejected"))
+              ]
+            ),
+            TreePoint.new("answered", t("decidim.initiatives.application_helper.filter_state_values.answered"))
+          ]
+        )
+      end
+      def filter_scopes_values
+        main_scopes = current_organization.scopes.top_level
+        scopes_values = main_scopes.includes(:scope_type, :children).flat_map do |scope|
+          TreeNode.new(
+            TreePoint.new(scope.id.to_s, translated_attribute(scope.name, current_organization)),
+            scope_children_to_tree(scope)
+          )
+        end
+        scopes_values.prepend(TreePoint.new("global", t("decidim.scopes.global")))
+        TreeNode.new(
+          TreePoint.new("", t("decidim.initiatives.application_helper.filter_scope_values.all")),
+          scopes_values
+        )
+      end
+      def scope_children_to_tree(scope)
+        return unless scope.children.any?
+        scope.children.includes(:scope_type, :children).flat_map do |child|
+          TreeNode.new(
+            TreePoint.new(child.id.to_s, translated_attribute(child.name, current_organization)),
+            scope_children_to_tree(child)
+          )
+        end
+      end
+      def filter_types_values
+        types_values = Decidim::InitiativesType.where(organization: current_organization).map do |type|
+          TreeNode.new(
+            TreePoint.new(type.id.to_s, type.title[I18n.locale.to_s])
+          )
+        end
+        TreeNode.new(
+          TreePoint.new("", t("decidim.initiatives.application_helper.filter_type_values.all")),
+          types_values
+        )
+      end
+      def filter_areas_values
+        areas_or_types = areas_for_select(current_organization)
+        areas_values = if areas_or_types.first.is_a?(Decidim::Area)
+                         filter_areas(areas_or_types)
+                       else
+                         filter_areas_and_types(areas_or_types)
+                       end
+        TreeNode.new(
+          TreePoint.new("", t("decidim.initiatives.application_helper.filter_area_values.all")),
+          areas_values
+        )
+      end
+      def filter_areas(areas)
+        areas.map do |area|
+          TreeNode.new(
+            TreePoint.new(area.id.to_s, area.name[I18n.locale.to_s])
+          )
+        end
+      end
+      def filter_areas_and_types(area_types)
+        area_types.map do |area_type|
+          TreeNode.new(
+            TreePoint.new(area_type.area_ids.join("_"), area_type.name[I18n.locale.to_s]),
+            area_type.areas.map do |area|
+              TreePoint.new(area.id.to_s, area.name[I18n.locale.to_s])
+            end
+          )
+        end
+      end
+    end
+  end
+end