decidim-reporting_proposals 0.5.1 → 0.5.2

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 1c31fb493fe1dcdc1729de5b5fa4c8d794936b909945669882edec96f5394806
-  data.tar.gz: 5d7e54593eec73a4fa6216758466b121e8f3442128be1ceaca0d8922aa8eee33
+  metadata.gz: 557fb713574d707b2c60bbfad4178058d4b8e38864ecd7f23efc7430d32cef0a
+  data.tar.gz: 2344db1ea4e1bc83c0f62bdcdd1401121912580c88dfc9b65656a95f983a1c2f
 SHA512:
-  metadata.gz: e3771d1642893bf230a5b19187294ea43f44b2b61da1745326b3d6be7b49668c4c8370d77d157204d09750ceba3ab4f613c4a766d66667596f4e5ebcf80e39b9
-  data.tar.gz: 80f730ab582dad444cb25541ea7253802b2f17f010b7b5fbf655d0683695930a52cdd4ac58e0a0afb65ca7208d10ffbf85438bf169a9796828ef29dddaadeca0
+  metadata.gz: c1784b775ece69f3858daa07d14606ed68c19937de374d8501ab51ac24df8572063fb3bdd04979081fc5b81b1e9037839fe5f8b0b72fe199a23c9526819d80d1
+  data.tar.gz: 40e89f2934794e3c3b74831b55721e3f6441dd27a5f642b34ba5ae64edba5c2fba6b88baaddb24b96f6b56c25a0641c81aec33f6a6e482bbee164895db713f9e

data/.github/workflows/lint.yml

@@ -8,7 +8,7 @@ on:
 
 env:
   CI: "true"
-  RUBY_VERSION: 3.0.5
+  RUBY_VERSION: 3.0.6
   NODE_VERSION: 16.9.1
 
 jobs:

data/.github/workflows/test_integration.yml

@@ -8,8 +8,8 @@ on:
 
 env:
   CI: "true"
-  CODECOV: "true"
-  RUBY_VERSION: 3.0.5
+  SIMPLECOV: "true"
+  RUBY_VERSION: 3.0.6
   NODE_VERSION: 16.9.1
   RAILS_ENV: test
   DATABASE_USERNAME: postgres
@@ -68,7 +68,7 @@ jobs:
 
   test:
     name: Integration Tests
-    runs-on: ubuntu-20.04
+    runs-on: ubuntu-latest
     needs: build
     strategy:
       matrix:

data/.github/workflows/test_unit.yml

@@ -8,8 +8,8 @@ on:
 
 env:
   CI: "true"
-  CODECOV: "true"
-  RUBY_VERSION: 3.0.5
+  SIMPLECOV: "true"
+  RUBY_VERSION: 3.0.6
   NODE_VERSION: 16.9.1
 
 jobs:

data/.ruby-version

@@ -1 +1 @@
-3.0.5
+3.0.6

data/.simplecov

@@ -1,13 +1,18 @@
 # frozen_string_literal: true
 
-SimpleCov.start do
-  root ENV.fetch("ENGINE_ROOT", nil)
+if ENV["SIMPLECOV"]
+  SimpleCov.start do
+    # We ignore some of the files because they are never tested
+    add_filter "/config/"
+    add_filter "/db/"
+    add_filter "lib/decidim/reporting_proposals/version.rb"
+    add_filter "/spec"
+  end
 
-  add_filter "lib/decidim/reporting_proposals/version.rb"
-  add_filter "lib/decidim/reporting_proposals/component.rb"
-  add_filter "/spec"
-end
-
-SimpleCov.command_name ENV.fetch("COMMAND_NAME", nil) || File.basename(Dir.pwd)
+  SimpleCov.merge_timeout 1800
 
-SimpleCov.merge_timeout 1800
+  if ENV["CI"]
+    require "simplecov-cobertura"
+    SimpleCov.formatter = SimpleCov::Formatter::CoberturaFormatter
+  end
+end

data/Gemfile.lock

@@ -1,7 +1,7 @@
 PATH
   remote: .
   specs:
-    decidim-reporting_proposals (0.5.1)
+    decidim-reporting_proposals (0.5.2)
       decidim-admin (>= 0.27.0, < 0.28)
       decidim-core (>= 0.27.0, < 0.28)
       decidim-participatory_processes (>= 0.27.0, < 0.28)
@@ -873,7 +873,7 @@ DEPENDENCIES
   web-console
 
 RUBY VERSION
-   ruby 3.0.5p211
+   ruby 3.0.6p216
 
 BUNDLED WITH
    2.3.20

data/app/controllers/concerns/decidim/proposals/admin/valuation_assignments_controller_override.rb

@@ -23,6 +23,28 @@ module Decidim
             end
           end
 
+          def destroy
+            @form = form(Admin::ValuationAssignmentForm).from_params(destroy_params)
+
+            enforce_permission_to :unassign_from_valuator, :proposals, valuator: @form.valuator_user
+
+            Admin::UnassignProposalsFromValuator.call(@form) do
+              on(:ok) do |_proposal|
+                flash.keep[:notice] = I18n.t("valuation_assignments.delete.success", scope: "decidim.proposals.admin")
+                if current_user == @form.valuator_user
+                  redirect_to EngineRouter.admin_proxy(current_component).root_path
+                else
+                  redirect_back fallback_location: EngineRouter.admin_proxy(current_component).root_path
+                end
+              end
+
+              on(:invalid) do
+                flash.keep[:alert] = I18n.t("valuation_assignments.delete.invalid", scope: "decidim.proposals.admin")
+                redirect_back fallback_location: EngineRouter.admin_proxy(current_component).root_path
+              end
+            end
+          end
+
           def after_add_evaluator_url
             return request.referer if request.referer.present? && request.referer =~ %r{manage/proposals/[0-9]+}
 

data/app/controllers/concerns/decidim/reporting_proposals/admin/proposals_controller_override.rb

@@ -10,6 +10,8 @@ module Decidim
         included do
           helper_method :reporting_proposal?, :proposals, :query, :form_presenter, :proposal, :proposal_ids
           def show
+            enforce_permission_to :show, :proposal, proposal: proposal
+
             @notes_form = form(Decidim::Proposals::Admin::ProposalNoteForm).instance
             @answer_form = form(Decidim::Proposals::Admin::ProposalAnswerForm).from_model(proposal)
             @photo_form = form(Decidim::ReportingProposals::Admin::ProposalPhotoForm).instance

data/app/permissions/concerns/decidim/reporting_proposals/admin/permissions_override.rb

@@ -7,8 +7,81 @@ module Decidim
         extend ActiveSupport::Concern
 
         included do
+          # rubocop:disable Metrics/CyclomaticComplexity, Metrics/PerceivedComplexity
+          def permissions
+            # The public part needs to be implemented yet
+            return permission_action if permission_action.scope != :admin
+
+            # Valuators can only perform these actions
+            if user_is_valuator?
+              if valuator_assigned_to_proposal?
+                can_create_proposal_note?
+                can_create_proposal_answer?
+                allow! if action_is_show_on_proposal?
+              elsif action_is_show_on_proposal?
+                disallow!
+              end
+              can_export_proposals?
+              valuator_can_unassign_valuator_from_proposals?
+
+              return permission_action
+            end
+
+            if create_permission_action?
+              can_create_proposal_note?
+              can_create_proposal_from_admin?
+              can_create_proposal_answer?
+            end
+
+            # Allow any admin user to view a proposal.
+            allow! if action_is_show_on_proposal?
+
+            # Admins can only edit official proposals if they are within the
+            # time limit.
+            allow! if permission_action.subject == :proposal && permission_action.action == :edit && admin_edition_is_available?
+
+            # Every user allowed by the space can update the category of the proposal
+            allow! if permission_action.subject == :proposal_category && permission_action.action == :update
+
+            # Every user allowed by the space can update the scope of the proposal
+            allow! if permission_action.subject == :proposal_scope && permission_action.action == :update
+
+            # Every user allowed by the space can import proposals from another_component
+            allow! if permission_action.subject == :proposals && permission_action.action == :import
+
+            # Every user allowed by the space can export proposals
+            can_export_proposals?
+
+            # Every user allowed by the space can merge proposals to another component
+            allow! if permission_action.subject == :proposals && permission_action.action == :merge
+
+            # Every user allowed by the space can split proposals to another component
+            allow! if permission_action.subject == :proposals && permission_action.action == :split
+
+            # Every user allowed by the space can assign proposals to a valuator
+            allow! if permission_action.subject == :proposals && permission_action.action == :assign_to_valuator
+
+            # Every user allowed by the space can unassign a valuator from proposals
+            can_unassign_valuator_from_proposals?
+
+            # Only admin users can publish many answers at once
+            toggle_allow(user.admin?) if permission_action.subject == :proposals && permission_action.action == :publish_answers
+
+            if permission_action.subject == :participatory_texts && participatory_texts_are_enabled? && permission_action.action == :manage
+              # Every user allowed by the space can manage (import, update and publish) participatory texts to proposals
+              allow!
+            end
+
+            permission_action
+          end
+          # rubocop:enable Metrics/CyclomaticComplexity, Metrics/PerceivedComplexity
+
           private
 
+          def action_is_show_on_proposal?
+            permission_action.subject == :proposal && permission_action.action == :show
+          end
+
           def valuator_can_unassign_valuator_from_proposals?
             can_unassign_valuator_from_proposals? if user == context.fetch(:valuator, nil)
 

data/lib/decidim/reporting_proposals/version.rb

@@ -2,7 +2,7 @@
 
 module Decidim
   module ReportingProposals
-    VERSION = "0.5.1"
+    VERSION = "0.5.2"
     DECIDIM_VERSION = "0.27.4"
 
     COMPAT_DECIDIM_VERSION = [">= 0.27.0", "< 0.28"].freeze

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: decidim-reporting_proposals
 version: !ruby/object:Gem::Version
-  version: 0.5.1
+  version: 0.5.2
 platform: ruby
 authors:
 - Ivan Vergés
 autorequire: 
 bindir: exe
 cert_chain: []
-date: 2023-09-15 00:00:00.000000000 Z
+date: 2023-10-25 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: decidim-admin