decidim-system 0.30.6 → 0.30.8

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 78e85fea3e505bb5f0925d6395429eb207542e633154411df6d7d0815a507134
-  data.tar.gz: c8acbbaa3f4f639b55ab42581917cd055a8cb43197ed357f3a5a0976862db83b
+  metadata.gz: 26dff893bfd173e7d638362b4b16e74de4c8e90438d590ed6f16d2f1e78d5a19
+  data.tar.gz: c4660940fc1bdbac9b5003a91c5db30a38bcc25b1f4f52592c176a5db06458fa
 SHA512:
-  metadata.gz: 28202fe87d28ad4c515064577234bcc209744520b2c1a1dddb5df697d0a830c74a23f812687058ec8f56447985ec42c442e564be50cf7dc3da19efc04b48e558
-  data.tar.gz: fe8ac3444342ffb46f231f83ca01376a92711570a960662c1ab1f0181d5c289e728951fe340ec8a780352be33afcd02254f6df409f51f599c59aab037df51da0
+  metadata.gz: 4ad2d233a3ee5900fcef140a77db4794830882a7f5d54a5a42746ea6bf62abfab574ae11201762dede399e9d1b8568a9e3b1a03936827d212501983edf31a336
+  data.tar.gz: 9f448f6d3b7c58200d403bc8cb5169e63375e625ca9dbc4ab35c142173f30c3c5594f6879d346d0c745f7f9c736410a4f8990437343380b14b86bdc45a1bb163

data/app/forms/decidim/system/base_organization_form.rb

@@ -61,6 +61,8 @@ module Decidim
       validate :validate_organization_uniqueness
       validate :validate_secret_key_base_for_encryption
       validates :users_registration_mode, inclusion: { in: Decidim::Organization.users_registration_modes }
+      validate :validate_host_format
+      validate :validate_secondary_hosts_format
 
       def map_model(model)
         self.default_locale = model.default_locale
@@ -122,6 +124,63 @@ module Decidim
       def validate_organization_uniqueness
         raise "#{self.class.name} is expected to implement #validate_organization_uniqueness"
       end
+
+      # Validates the host format for organization domains.
+      #
+      # Valid formats:
+      # - Fully Qualified Domain Names (FQDN): example.org, sub.example.org, my-site.example.org
+      # - Localhost: localhost (common for development)
+      # - IPv4 addresses: 127.0.0.1, 192.168.1.1
+      # - IPv6 addresses: ::1, 2001:db8::1, [::1]
+      #
+      # Invalid formats (will be rejected):
+      # - Hosts containing spaces
+      # - Hosts with invalid characters (!@#$%^&* etc.)
+      # - Hosts with leading/trailing hyphens in labels (e.g., -example.com or example-.com)
+      # - Labels longer than 63 characters
+      # - Total host length exceeding 253 characters
+      #
+      # @see https://en.wikipedia.org/wiki/Fully_qualified_domain_name
+      # @see https://en.wikipedia.org/wiki/IPv4_address
+      # @see https://en.wikipedia.org/wiki/IPv6_address
+      #
+      HOST_FORMAT_REGEX = %r{
+        \A
+        (?:
+          # FQDN: requires at least one dot, labels separated by dots.
+          # Each label: alphanumeric start/end, alphanumerics and hyphens inside, max 63 chars.
+          (?:[a-z0-9](?:[a-z0-9-]{0,61}[a-z0-9])?\.)+[a-z]{2,}
+          |
+          # Localhost: common development hostname.
+          localhost
+          |
+          # IPv4: four octets (0-255 each).
+          (?:(?:25[0-5]|2[0-4]\d|1\d{2}|[1-9]?\d)\.){3}(?:25[0-5]|2[0-4]\d|1\d{2}|[1-9]?\d)
+          |
+          # IPv6: bracketed form [::1] or unbracketed (standard and compressed forms).
+          (?:\[[\da-fA-F:]+\]|[\da-fA-F:]+\z)
+        )
+        \z
+      }x
+
+      def validate_host_format
+        return if host.blank?
+
+        return if host.match?(HOST_FORMAT_REGEX)
+
+        errors.add(:host, :invalid)
+      end
+
+      def validate_secondary_hosts_format
+        return if secondary_hosts.blank?
+
+        clean_secondary_hosts.each do |secondary_host|
+          next if secondary_host.match?(HOST_FORMAT_REGEX)
+
+          errors.add(:secondary_hosts, :invalid)
+          break
+        end
+      end
     end
   end
 end

data/config/locales/ca-IT.yml

@@ -3,7 +3,7 @@ ca-IT:
   activemodel:
     attributes:
       oauth_application:
-        name: Nom de l'aplicació OAuth
+        name: Nom de l'aplicació
         organization_logo: Logo de l'organització (quadrat)
         organization_name: Organització
         organization_url: URL de l'organització
@@ -34,8 +34,12 @@ ca-IT:
               must_be_ssl: L'URI de redirecció ha de ser una URI SSL
         organization:
           attributes:
+            host:
+              invalid: no és vàlid
             password:
               secret_key: Cal que defineixis la variable d'entorn SECRET_KEY_BASE per a poder guardar aquest camp
+            secondary_hosts:
+              invalid: no és vàlid
   decidim:
     system:
       actions:

data/config/locales/ca.yml

@@ -3,7 +3,7 @@ ca:
   activemodel:
     attributes:
       oauth_application:
-        name: Nom de l'aplicació OAuth
+        name: Nom de l'aplicació
         organization_logo: Logo de l'organització (quadrat)
         organization_name: Organització
         organization_url: URL de l'organització
@@ -34,8 +34,12 @@ ca:
               must_be_ssl: L'URI de redirecció ha de ser una URI SSL
         organization:
           attributes:
+            host:
+              invalid: no és vàlid
             password:
               secret_key: Cal que defineixis la variable d'entorn SECRET_KEY_BASE per a poder guardar aquest camp
+            secondary_hosts:
+              invalid: no és vàlid
   decidim:
     system:
       actions:

data/config/locales/cs.yml

@@ -34,8 +34,12 @@ cs:
               must_be_ssl: URI přesměrování musí být SSL URI
         organization:
           attributes:
+            host:
+              invalid: je neplatný
             password:
               secret_key: Abyste mohli toto pole uložit, musíte definovat proměnnou prostředí SECRET_KEY_BASE.
+            secondary_hosts:
+              invalid: je neplatný
   decidim:
     system:
       actions:

data/config/locales/en.yml

@@ -34,8 +34,12 @@ en:
               must_be_ssl: The redirect URI must be a SSL URI
         organization:
           attributes:
+            host:
+              invalid: is invalid
             password:
               secret_key: You need to define the SECRET_KEY_BASE environment variable to be able to save this field
+            secondary_hosts:
+              invalid: is invalid
   decidim:
     system:
       actions:

data/config/locales/es-MX.yml

@@ -34,8 +34,12 @@ es-MX:
               must_be_ssl: La URI de redirección debe ser una URI SSL
         organization:
           attributes:
+            host:
+              invalid: no es válido
             password:
               secret_key: Necesitas definir la variable de entorno SECRETA_KEY_BASE para poder guardar este campo
+            secondary_hosts:
+              invalid: no es válido
   decidim:
     system:
       actions:

data/config/locales/es-PY.yml

@@ -34,8 +34,12 @@ es-PY:
               must_be_ssl: La URI de redirección debe ser una URI SSL
         organization:
           attributes:
+            host:
+              invalid: no es válido
             password:
               secret_key: Necesitas definir la variable de entorno SECRETA_KEY_BASE para poder guardar este campo
+            secondary_hosts:
+              invalid: no es válido
   decidim:
     system:
       actions:

data/config/locales/es.yml

@@ -34,8 +34,12 @@ es:
               must_be_ssl: La URI de redirección debe ser una URI SSL
         organization:
           attributes:
+            host:
+              invalid: no es válido
             password:
               secret_key: Necesitas definir la variable de entorno SECRETA_KEY_BASE para poder guardar este campo
+            secondary_hosts:
+              invalid: no es válido
   decidim:
     system:
       actions:

data/config/locales/eu.yml

@@ -34,8 +34,12 @@ eu:
               must_be_ssl: Berbideratzeko URIa URI SSL izan behar da
         organization:
           attributes:
+            host:
+              invalid: baliogabea da
             password:
               secret_key: SECRET_KEY_BASE ingurunearen aldagaia definitu behar duzu eremu hau gorde ahal izateko
+            secondary_hosts:
+              invalid: baliogabea da
   decidim:
     system:
       actions:

data/config/locales/fi-plain.yml

@@ -34,8 +34,12 @@ fi-pl:
               must_be_ssl: Uudelleenohjaus osoite (URI) on oltava SSL-muotoinen osoite (URI)
         organization:
           attributes:
+            host:
+              invalid: on virheellinen
             password:
               secret_key: Sinun täytyy määritellä SECRET_KEY_BASE ympäristömuuttuja, jotta voit tallentaa tämän kentän.
+            secondary_hosts:
+              invalid: on virheellinen
   decidim:
     system:
       actions:

data/config/locales/fi.yml

@@ -34,8 +34,12 @@ fi:
               must_be_ssl: Uudelleenohjaus osoite (URI) on oltava SSL-muotoinen osoite (URI)
         organization:
           attributes:
+            host:
+              invalid: on virheellinen
             password:
               secret_key: Sinun täytyy määritellä SECRET_KEY_BASE ympäristömuuttuja, jotta voit tallentaa tämän kentän.
+            secondary_hosts:
+              invalid: on virheellinen
   decidim:
     system:
       actions:

data/config/locales/fr-CA.yml

@@ -34,8 +34,12 @@ fr-CA:
               must_be_ssl: L'URI de redirection doit être une URI SSL
         organization:
           attributes:
+            host:
+              invalid: est invalide
             password:
               secret_key: Vous devez définir la variable d'environnement SECRET_KEY_BASE pour pouvoir enregistrer ce champ
+            secondary_hosts:
+              invalid: est invalide
   decidim:
     system:
       actions:

data/config/locales/fr.yml

@@ -34,8 +34,12 @@ fr:
               must_be_ssl: L'URI de redirection doit être une URI SSL
         organization:
           attributes:
+            host:
+              invalid: est invalide
             password:
               secret_key: Vous devez définir la variable d'environnement SECRET_KEY_BASE pour pouvoir enregistrer ce champ
+            secondary_hosts:
+              invalid: est invalide
   decidim:
     system:
       actions:

data/lib/decidim/system/version.rb

@@ -4,7 +4,7 @@ module Decidim
   # This holds the decidim-system version.
   module System
     def self.version
-      "0.30.6"
+      "0.30.8"
     end
   end
 end

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: decidim-system
 version: !ruby/object:Gem::Version
-  version: 0.30.6
+  version: 0.30.8
 platform: ruby
 authors:
 - Josep Jaume Rey Peroy
@@ -10,7 +10,7 @@ authors:
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2026-02-26 00:00:00.000000000 Z
+date: 2026-04-24 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: active_link_to
@@ -32,14 +32,14 @@ dependencies:
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 0.30.6
+        version: 0.30.8
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 0.30.6
+        version: 0.30.8
 - !ruby/object:Gem::Dependency
   name: devise
   requirement: !ruby/object:Gem::Requirement
@@ -94,14 +94,14 @@ dependencies:
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 0.30.6
+        version: 0.30.8
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 0.30.6
+        version: 0.30.8
 description: System administration to create new organization in an installation.
 email:
 - josepjaume@gmail.com