decidim-initiatives 0.30.2 → 0.31.0.rc1

data/app/packs/src/decidim/initiatives/check_code.js

@@ -0,0 +1,114 @@
+const focusDigit = (digit) => {
+  const length = digit.value.length;
+  digit.focus();
+  setTimeout(() => digit.setSelectionRange(length, length), 0);
+};
+
+const validateCode = (path, code) => {
+  return fetch(path, {
+    method: "PUT",
+    cache: "no-cache",
+    headers: {
+      "Content-Type": "application/json",
+      "X-CSRF-Token": document.querySelector("meta[name=csrf-token]")?.content
+    },
+    body: JSON.stringify({ confirmation: { "verification_code": code } })
+  }).
+    then((response) => response.json()).
+    then((json) => { return json.sms_code === "OK" });
+};
+
+const updateSubmit = (enable, includeAnnouncement) => {
+  const correctAnnouncement = document.querySelector(".code-correct-announcement");
+  const incorrectAnnouncement = document.querySelector(".code-incorrect-announcement");
+  const submitButton = document.querySelector("[data-submit-verification-code]");
+  const resendCodeMessage = document.querySelector("[data-resend-code]");
+
+  if (enable) {
+    if (includeAnnouncement) {
+      correctAnnouncement.classList.remove("hidden");
+      resendCodeMessage.classList.add("hidden");
+    } else {
+      correctAnnouncement.classList.add("hidden");
+      resendCodeMessage.classList.remove("hidden");
+    }
+    incorrectAnnouncement.classList.add("hidden");
+    submitButton.classList.remove("hidden");
+    submitButton.disabled = false;
+  } else {
+    if (includeAnnouncement) {
+      incorrectAnnouncement.classList.remove("hidden");
+      resendCodeMessage.classList.add("hidden");
+    } else {
+      incorrectAnnouncement.classList.add("hidden");
+      resendCodeMessage.classList.remove("hidden");
+    }
+    correctAnnouncement.classList.add("hidden");
+    submitButton.classList.add("hidden");
+    submitButton.disabled = true;
+  }
+}
+
+const updateValue = (codeInput, event, digitsInputs) => {
+  const checkCodePath = codeInput.dataset.checkCodePath;
+  const index = Number(event.target.dataset.verificationCode);
+  const prevDigit = digitsInputs[index - 1];
+  const nextDigit = digitsInputs[index + 1];
+  let digits = codeInput.value.split("");
+  const newDigit = event.target.value || "-";
+  if (newDigit.length > 0) {
+    const position = event.target.dataset.verificationCode;
+    digits[position] = newDigit;
+    const newCode = digits.join("")
+    if (codeInput.value !== newCode) {
+      codeInput.value = newCode;
+      if ((/^\d{6}$/).test(newCode)) {
+        validateCode(checkCodePath, newCode).then((validCode) => updateSubmit(validCode, true));
+      } else {
+        updateSubmit(false, false);
+      }
+    }
+
+    if (prevDigit && newDigit === "-") {
+      focusDigit(prevDigit);
+    } else if (nextDigit && newDigit !== "-") {
+      focusDigit(nextDigit);
+    }
+  }
+};
+
+const updatePosition = (codeInput, event, digitsInputs) => {
+  const index = Number(event.target.dataset.verificationCode);
+  const nextDigit = (() => {
+    if (event.key === "ArrowLeft" || ["Delete", "Backspace"].includes(event.key) && event.target.value === "") {
+      return digitsInputs[index - 1];
+    } else if (event.key === "ArrowRight" || (/^\d$/).test(event.key) && event.target.value.length > 0) {
+      return digitsInputs[index + 1];
+    }
+    return false;
+  })();
+
+  if (nextDigit) {
+    focusDigit(nextDigit);
+  }
+  return true;
+};
+
+
+const initializeCodeVerificator = (codeElement) => {
+  const codeInput = codeElement.querySelector("[data-check-code-path]");
+  const digitsInputs = codeElement.querySelectorAll("[data-verification-code]");
+
+  digitsInputs.forEach((digitInput) => {
+    digitInput.addEventListener("input", (event) => updateValue(codeInput, event, digitsInputs));
+    digitInput.addEventListener("keydown", (event) => updatePosition(codeInput, event, digitsInputs));
+  });
+  codeInput.value = "------";
+};
+
+document.addEventListener("turbo:load", () => {
+  const codeElement = document.querySelector("[data-check-code]");
+  if (codeElement) {
+    initializeCodeVerificator(codeElement);
+  }
+});

data/app/packs/src/decidim/initiatives/initiative_creation_wizard.js

@@ -0,0 +1,16 @@
+document.addEventListener("turbo:load", () => {
+  const selectInitiativeType = document.getElementById("select-initiative-type");
+
+  if (selectInitiativeType) {
+    const submitButton = selectInitiativeType.querySelector('button[type="submit"]');
+    const radioButtons = selectInitiativeType.querySelectorAll('input[type="radio"][name="initiative[type_id]"]');
+
+    submitButton.disabled = true;
+
+    for (const radioButton of radioButtons) {
+      radioButton.addEventListener("click", () => {
+        submitButton.disabled = false;
+      });
+    }
+  }
+});

data/app/packs/src/decidim/initiatives/scoped_type.js

@@ -27,7 +27,7 @@ const controlSelector = function (source, prefix, currentValueKey) {
   }
 };
 
-$(() => {
+document.addEventListener("turbo:load", () => {
   let typeSelector = $("[data-scope-selector]");
   controlSelector(typeSelector, "scope", "scope-id");
   controlSelector(typeSelector, "signature-types", "signature-type");

data/app/packs/stylesheets/initiatives.scss

@@ -3,7 +3,7 @@
 
   &__selection {
     .form-defaults {
-      @apply my-10;
+      @apply my-8;
     }
 
     .card__highlight {
@@ -90,7 +90,7 @@
   }
 
   &__form__committee {
-    @apply flex items-center px-4 py-2 border border-gray outline outline-1 outline-transparent rounded bg-background-2 focus:outline-2 focus:outline-secondary w-full;
+    @apply flex items-center px-4 py-2 border border-gray outline outline-1 outline-transparent rounded bg-background-2 focus:outline-2 focus:outline-secondary w-full mt-4;
 
     span {
       @apply text-black font-normal;
@@ -169,3 +169,17 @@
 .edit_initiative .profile__group__list {
   @apply w-full;
 }
+
+.pending-initiatives {
+  @apply bg-background rounded-lg px-4 py-8 mb-12;
+
+  .card__grid {
+    @apply bg-white;
+
+    --tw-ring-color: #ddd;
+
+    &:hover {
+      --tw-ring-color: var(--tertiary);
+    }
+  }
+}

data/app/permissions/decidim/initiatives/admin/permissions.rb

@@ -214,10 +214,7 @@ module Decidim
 
         def allowed_to_send_to_technical_validation?
           initiative.discarded? ||
-            (initiative.created? && (
-              !initiative.created_by_individual? ||
-              initiative.enough_committee_members?
-            ))
+            (initiative.created? && initiative.enough_committee_members?)
         end
       end
     end

data/app/permissions/decidim/initiatives/permissions.rb

@@ -15,12 +15,14 @@ module Decidim
         read_public_initiative?
         search_initiative_types_and_scopes?
         request_membership?
+        ephemeral_vote_initiative?
 
         return permission_action unless user
 
         create_initiative?
         edit_public_initiative?
         update_public_initiative?
+        discard_initiative?
         print_initiative?
 
         vote_initiative?
@@ -89,11 +91,17 @@ module Decidim
         toggle_allow(initiative&.created? && authorship_or_admin?)
       end
 
+      def discard_initiative?
+        return unless permission_action.subject == :initiative &&
+                      permission_action.action == :discard
+
+        toggle_allow(initiative&.created? && authorship_or_admin?)
+      end
+
       def creation_enabled?
         Decidim::Initiatives.creation_enabled && (
         Decidim::Initiatives.do_not_require_authorization ||
-          UserAuthorizations.for(user).any? ||
-          Decidim::UserGroups::ManageableUserGroups.for(user).verified.any?) &&
+          UserAuthorizations.for(user).any?) &&
           authorized?(:create, permissions_holder: initiative_type)
       end
 
@@ -120,8 +128,7 @@ module Decidim
           !initiative.has_authorship?(user) &&
           (
           Decidim::Initiatives.do_not_require_authorization ||
-              UserAuthorizations.for(user).any? ||
-              Decidim::UserGroups::ManageableUserGroups.for(user).verified.any?
+              UserAuthorizations.for(user).any?
         )
       end
 
@@ -143,6 +150,14 @@ module Decidim
         toggle_allow(can_vote?)
       end
 
+      def ephemeral_vote_initiative?
+        return unless permission_action.action == :vote &&
+                      permission_action.subject == :initiative &&
+                      user.blank?
+
+        toggle_allow(ephemeral_signature_workflow?)
+      end
+
       def authorized?(permission_action, resource: nil, permissions_holder: nil)
         return unless resource || permissions_holder
 
@@ -155,8 +170,7 @@ module Decidim
 
         can_unvote = initiative.accepts_online_unvotes? &&
                      initiative.organization&.id == user.organization&.id &&
-                     initiative.votes.where(author: user).any? &&
-                     authorized?(:vote, resource: initiative, permissions_holder: initiative.type)
+                     initiative.votes.where(author: user).any?
 
         toggle_allow(can_unvote)
       end
@@ -178,15 +192,10 @@ module Decidim
         toggle_allow(can_sign)
       end
 
-      def decidim_user_group_id
-        context.fetch(:group_id, nil)
-      end
-
       def can_vote?
         initiative.votes_enabled? &&
           initiative.organization&.id == user.organization&.id &&
-          initiative.votes.where(author: user).empty? &&
-          authorized?(:vote, resource: initiative, permissions_holder: initiative.type)
+          initiative.votes.where(author: user).empty?
       end
 
       def can_user_support?(initiative)
@@ -226,15 +235,16 @@ module Decidim
       end
 
       def allowed_to_send_to_technical_validation?
-        initiative.created? && (
-        !initiative.created_by_individual? ||
-            initiative.enough_committee_members?
-      )
+        initiative.created? && initiative.enough_committee_members?
       end
 
       def authorship_or_admin?
         initiative&.has_authorship?(user) || user.admin?
       end
+
+      def ephemeral_signature_workflow?
+        initiative.type.signature_workflow_manifest&.ephemeral?
+      end
     end
   end
 end

data/app/presenters/decidim/initiative_presenter.rb

@@ -4,13 +4,19 @@ module Decidim
   #
   # Decorator for initiatives
   #
-  class InitiativePresenter < SimpleDelegator
+  class InitiativePresenter < Decidim::ResourcePresenter
     def author
-      @author ||= if user_group
-                    Decidim::UserGroupPresenter.new(user_group)
-                  else
-                    Decidim::UserPresenter.new(super)
-                  end
+      @author ||= super.presenter
+    end
+
+    def initiative
+      __getobj__
+    end
+
+    def title(html_escape: false, all_locales: false)
+      return unless initiative
+
+      super(initiative.title, html_escape, all_locales)
     end
   end
 end

data/app/presenters/decidim/initiatives/admin_log/initiative_presenter.rb

@@ -31,8 +31,7 @@ module Decidim
             signature_start_date: :date,
             signature_end_date: :date,
             description: :i18n,
-            title: :i18n,
-            hashtag: :string
+            title: :i18n
           }
         end
 

data/app/queries/decidim/initiatives/initiatives_stats_followers_count.rb

@@ -0,0 +1,14 @@
+# frozen_string_literal: true
+
+module Decidim
+  module Initiatives
+    # This class counts all Followers of a initiative
+    class InitiativesStatsFollowersCount < Decidim::StatsFollowersCount
+      def self.for(participatory_space)
+        return 0 unless participatory_space.is_a?(Decidim::Initiatives)
+
+        new(participatory_space).query
+      end
+    end
+  end
+end

data/app/queries/decidim/initiatives/initiatives_stats_participants_count.rb

@@ -0,0 +1,14 @@
+# frozen_string_literal: true
+
+module Decidim
+  module Initiatives
+    # This class counts unique Participants on a initiative
+    class InitiativesStatsParticipantsCount < Decidim::StatsParticipantsCount
+      def self.for(participatory_space)
+        return 0 unless participatory_space.is_a?(Decidim::Initiatives)
+
+        new(participatory_space).query
+      end
+    end
+  end
+end

data/app/serializers/decidim/initiatives/open_data_initiative_serializer.rb

@@ -24,7 +24,6 @@ module Decidim
           answer: resource.answer,
           answered_at: resource.answered_at,
           answer_url: resource.answer_url,
-          hashtag: resource.hashtag,
           first_progress_notification_at: resource.first_progress_notification_at,
           second_progress_notification_at: resource.second_progress_notification_at,
           online_votes: resource.online_votes,

data/app/services/decidim/initiatives/data_encryptor.rb

@@ -8,7 +8,7 @@ module Decidim
 
       def initialize(args = {})
         @secret = args.fetch(:secret) || "default"
-        @key = ActiveSupport::KeyGenerator.new(secret).generate_key(
+        @key = ActiveSupport::KeyGenerator.new(secret, hash_digest_class: OpenSSL::Digest::SHA1).generate_key(
           Rails.application.secret_key_base, ActiveSupport::MessageEncryptor.key_len
         )
         @encryptor = ActiveSupport::MessageEncryptor.new(@key)

data/app/services/decidim/initiatives/legacy_signature_handler.rb

@@ -0,0 +1,25 @@
+# frozen_string_literal: true
+
+module Decidim
+  module Initiatives
+    # Signature handler which reproduces the old feature of
+    # `collect_personal_data` of initiative types. The handler will collect the
+    # name and surname, the document number and the date of birth
+    class LegacySignatureHandler < SignatureHandler
+      attribute :name_and_surname, String
+      attribute :document_number, String
+      attribute :date_of_birth, Date
+      attribute :postal_code, String
+
+      validates :name_and_surname, :document_number, :date_of_birth, :postal_code, presence: true
+
+      def unique_id
+        document_number
+      end
+
+      def metadata
+        super.merge(name_and_surname:, document_number:, date_of_birth:, postal_code:)
+      end
+    end
+  end
+end

data/app/services/decidim/initiatives/progress_notifier.rb

@@ -12,15 +12,9 @@ module Decidim
 
       # PUBLIC: Notifies the support progress of the initiative.
       #
-      # Notifies to Initiative's authors and followers about the
+      # Notifies to Initiative's authors about the
       # number of supports received by the initiative.
       def notify
-        initiative.followers.each do |follower|
-          Decidim::Initiatives::InitiativesMailer
-            .notify_progress(initiative, follower)
-            .deliver_later
-        end
-
         initiative.committee_members.approved.each do |committee_member|
           Decidim::Initiatives::InitiativesMailer
             .notify_progress(initiative, committee_member.user)

data/app/services/decidim/initiatives/signature_handler.rb

@@ -0,0 +1,248 @@
+# frozen_string_literal: true
+
+module Decidim
+  module Initiatives
+    # This is the base class for signature handlers, all implementations
+    # should inherit from it.
+    # Each SignatureHandler is a form that will be used to check if the
+    # signature is valid or not. When it is valid the initiatives votes
+    # defined by the initiative type will be created for the user.
+    #
+    # Feel free to use validations to assert fields against a remote API,
+    # local database, or whatever.
+    #
+    # It also sets two default attributes, `user` and `initiative`.
+    class SignatureHandler < Form
+      include ValidatableAuthorizations
+
+      mimic :initiatives_vote
+
+      # The user that is trying to sign, it is initialized with the
+      # `current_user` from the controller.
+      attribute :user, Decidim::User
+
+      # The initiative to be signed
+      attribute :initiative, Decidim::Initiative
+
+      attribute :tos_agreement, if: :ephemeral_tos_pending?
+      validates :tos_agreement, presence: true, if: :ephemeral_tos_pending?
+      validate :tos_agreement_acceptance, if: :ephemeral_tos_pending?
+
+      attribute :transfer_status
+
+      validates :initiative, :user, presence: true
+      validate :uniqueness
+      validate :valid_metadata
+      validate :valid_authorized_scopes
+
+      delegate :promote_authorization_validation_errors, :authorization_handler_form_class, :ephemeral?, to: :workflow_manifest
+      delegate :scope, to: :initiative
+
+      # A unique ID to be implemented by the signature handler that ensures
+      # no duplicates are created.
+      def unique_id
+        nil
+      end
+
+      def encrypted_metadata
+        return if metadata.blank?
+
+        @encrypted_metadata ||= encryptor.encrypt(metadata)
+      end
+
+      # Public: Builds the list of scopes where the user is authorized to vote in. This is used when
+      # the initiative allows also voting on child scopes, not only the main scope.
+      #
+      # Instead of just listing the children of the main scope, we just want to select the ones that
+      # have been added to the InitiativeType with its voting settings.
+      #
+      def authorized_scopes
+        initiative.votable_initiative_type_scopes.select do |initiative_type_scope|
+          initiative_type_scope.global_scope? ||
+            initiative_type_scope.scope == user_signature_scope ||
+            initiative_type_scope.scope.ancestor_of?(user_signature_scope)
+        end.flat_map(&:scope)
+      end
+
+      # Public: Finds the scope the user has an authorization for, this way the user can vote
+      # on that scope and its parents.
+      #
+      # This is can be used to allow users that are authorized with a children
+      # scope to sign an initiative with a parent scope.
+      #
+      # As an example: A city (global scope) has many districts (scopes with
+      # parent nil), and each district has different neighbourhoods (with its
+      # parent as a district). If we setup the authorization handler to match
+      # a neighbourhood, the same authorization can be used to participate
+      # in district, neighbourhoods or city initiatives.
+      #
+      # Returns a Decidim::Scope.
+      def user_signature_scope
+        return if signature_scope_id.blank?
+
+        @user_signature_scope ||= signature_scope_candidates.find do |scope_candidate|
+          scope_candidate&.id == signature_scope_id
+        end
+      end
+
+      # Public: Builds a list of Decidim::Scopes where the user could have a
+      # valid authorization.
+      #
+      # If the initiative is set with a global scope (meaning the scope is nil),
+      # all the scopes in the organization are valid.
+      #
+      # Returns an array of Decidim::Scopes.
+      def signature_scope_candidates
+        signature_scope_candidates = [initiative.scope]
+        signature_scope_candidates += if initiative.scope.present?
+                                        initiative.scope.descendants
+                                      else
+                                        initiative.organization.scopes
+                                      end
+        signature_scope_candidates.uniq
+      end
+
+      # Any data that the developer would like to inject to the `metadata` field
+      # of a vote when it is created. Can be useful if some of the params the
+      # user sent with the signature form want to be persisted for future use.
+      #
+      # Returns a Hash.
+      def metadata
+        {}
+      end
+
+      # Params to be sent to the authorization handler. By default consists on
+      # the metadata hash including the signer user
+      def authorization_handler_params
+        params = metadata.merge(user:)
+        params = params.merge(tos_agreement:) if ephemeral_tos_pending?
+        params
+      end
+
+      # The signature_scope_id can be defined in the signature workflow to be
+      # used by the author scope feature
+      def signature_scope_id
+        scope.id
+      end
+
+      def authorization_handler
+        return if authorization_handler_form_class.blank?
+
+        @authorization_handler ||= authorization_handler_form_class.from_params(authorization_handler_params)
+      end
+
+      def signature_workflow_name
+        @signature_workflow_name ||= initiative&.type&.document_number_authorization_handler
+      end
+
+      def hash_id
+        return unless initiative && (unique_id || user)
+
+        @hash_id ||= Digest::SHA256.hexdigest(
+          [
+            initiative.id,
+            unique_id || user.id,
+            Rails.application.secret_key_base
+          ].compact.join("-")
+        )
+      end
+
+      # The attributes of the handler that should be exposed as form input when
+      # rendering the handler in a form.
+      #
+      # Returns an Array of Strings.
+      def form_attributes
+        attributes.except("id", "user", "initiative", "tos_agreement", "transfer_status").keys
+      end
+
+      # The String partial path so Rails can render the handler as a form. This
+      # is useful if you want to have a custom view to render the form instead of
+      # the default view.
+      #
+      # Example:
+      #
+      #   A handler named Decidim::CensusHandler would look for its partial in:
+      #   decidim/census/form
+      #
+      # Returns a String.
+      def to_partial_path
+        "decidim/initiatives/initiative_signatures/#{signature_workflow_name.sub(/_handler$/, "")}/form"
+      end
+
+      def self.requires_extra_attributes?
+        new.form_attributes.present?
+      end
+
+      def already_voted?
+        Decidim::InitiativesVote.exists?(author: user, initiative:)
+      end
+
+      private
+
+      # It is expected to validate that no other user has voted with the same
+      # unique_id and scope. The unique_id should be defined by the classes
+      # inherited from this taking a personal data attribute like a document
+      # number. If not defined the user id is used
+      def uniqueness
+        add_invalid_base_error if Decidim::InitiativesVote.exists?(scope:, hash_id:)
+      end
+
+      def valid_metadata
+        return if authorization_handler_errors.blank?
+
+        keys = attributes.except("tos_agreement").keys.map(&:to_sym) & authorization_handler_errors.attribute_names
+
+        return if keys.blank? && authorization_handler_errors[:base].blank?
+
+        # Promote errors
+        if promote_authorization_validation_errors
+          keys.each do |attribute|
+            errors.add(attribute, authorization_handler_errors[attribute])
+          end
+        end
+
+        add_invalid_base_error
+      end
+
+      def tos_agreement_acceptance
+        return if (error_message = authorization_handler_errors[:tos_agreement]).blank?
+
+        errors.add(:tos_agreement, error_message)
+      end
+
+      def valid_authorized_scopes
+        return if authorized_scopes.present?
+
+        add_invalid_base_error
+      end
+
+      def add_invalid_base_error
+        errors.delete(:base)
+        errors.add(:base, I18n.t("invalid_data", scope: "decidim.initiatives.initiative_signatures.fill_personal_data"))
+      end
+
+      def encryptor
+        @encryptor ||= DataEncryptor.new(secret: Decidim::Initiatives.signature_handler_encryption_secret)
+      end
+
+      def workflow_manifest
+        @workflow_manifest ||= Decidim::Initiatives::Signatures.find_workflow_manifest(signature_workflow_name) || Decidim::Initiatives::SignatureWorkflowManifest.new
+      end
+
+      def ephemeral_tos_pending?
+        return unless ephemeral? && user.ephemeral?
+
+        !user.tos_accepted?
+      end
+
+      def authorization_handler_errors
+        @authorization_handler_errors ||= if authorization_handler.blank?
+                                            ActiveModel::Errors.new(nil)
+                                          else
+                                            authorization_handler.validate
+                                            authorization_handler.errors
+                                          end
+      end
+    end
+  end
+end