RubyGems - decidim - Versions diffs - 0.0.1.alpha7 → 0.0.1.alpha8 - Mend

decidim 0.0.1.alpha7 → 0.0.1.alpha8

Potentially problematic release.

This version of decidim might be problematic. Click here for more details.

Files changed (143) hide show

data/decidim-admin/app/assets/javascripts/decidim/admin/application.js DELETED Viewed

@@ -1,22 +0,0 @@
-// This is a manifest file that'll be compiled into application.js, which will include all the files
-// listed below.
-//
-// Any JavaScript/Coffee file within this directory, lib/assets/javascripts, vendor/assets/javascripts,
-// or any plugin's vendor/assets/javascripts directory can be referenced here using a relative path.
-//
-// It's not advisable to add code directly here, but if you do, it'll appear at the bottom of the
-// compiled file. JavaScript code in this file should be added after the last require_* statement.
-//
-// Read Sprockets README (https://github.com/rails/sprockets#sprockets-directives) for details
-// about supported directives.
-//
-//= require jquery
-//= require jquery_ujs
-//= require foundation
-//= require turbolinks
-//= require_self
-$(document).on("turbolinks:load", function() {
-  $(function(){ $(document).foundation(); });
-});

data/decidim-admin/app/controllers/concerns/decidim/needs_authorization.rb DELETED Viewed

@@ -1,50 +0,0 @@
-# frozen_string_literal: true
-require "active_support/concern"
-module Decidim
-  # Shared behaviour for controllers that need authorization to work.
-  module NeedsAuthorization
-    extend ActiveSupport::Concern
-    included do
-      include Pundit
-      after_action :verify_authorized
-      rescue_from Pundit::NotAuthorizedError, with: :user_not_authorized
-      private
-      # Overwrites the `policy` method from the `pundit` gem in order to be
-      # able to specify which policy class should be used in each case. This is
-      # due to `pundit` failing to correctly identify the policy class when the
-      # model class name is scoped and the policy class is in a different scope
-      # (eg. `Decidim::ParticipatoryProcess` and
-      # `Decidim::Admin::ParticipatoryProcessPolicy`). The original method does
-      # not let us specify the correct class.
-      #
-      # Remember that, in order to make this work, you'll need to define the
-      # `policy_class` method in the controller, which should only return a
-      # policy class name.
-      #
-      # record - the record that will be evaluated against the policy class.
-      def policy(record)
-        policies[record] ||= policy_class.new(current_user, record)
-      end
-      # Needed in order to make the `policy` method work. Overwirite it in the
-      # given controller and make it return a Policy class.
-      def policy_class
-        raise NotImplementedError, "Define this method and make it return a policy class name in order to make it work"
-      end
-      # Handles the case when a user visits a path that is not allowed to them.
-      # Redirects the user to the root path and shows a flash message telling
-      # them they are not authorized.
-      def user_not_authorized
-        flash[:alert] = t("actions.unauthorized", scope: "decidim.admin")
-        redirect_to(request.referrer || decidim_admin.root_path)
-      end
-    end
-  end
-end

data/decidim-admin/app/policies/decidim/admin/application_policy.rb DELETED Viewed

@@ -1,20 +0,0 @@
-# frozen_string_literal: true
-module Decidim
-  module Admin
-    # Main application policy so we don't ahve to repeat the initialization
-    # code in each Policy. To be used with Pundit.
-    class ApplicationPolicy
-      attr_reader :user, :record
-      # Initializes a Policy.
-      #
-      # user - The User that we want to authorize.
-      # record - The record on which to perform the authorizations.
-      #
-      def initialize(user, record)
-        @user = user
-        @record = record
-      end
-    end
-  end
-end

data/decidim-admin/app/policies/decidim/admin/dashboard_policy.rb DELETED Viewed

@@ -1,15 +0,0 @@
-# frozen_string_literal: true
-module Decidim
-  module Admin
-    # A policy to define all the authorizations regarding a
-    # ParticipatoryProcess, to be used with Pundit.
-    class DashboardPolicy < ApplicationPolicy
-      # Checks if the user can see the admin dashboard.
-      #
-      # Returns a Boolean.
-      def show?
-        user.roles.include?("admin")
-      end
-    end
-  end
-end

data/decidim-admin/app/policies/decidim/admin/organization_policy.rb DELETED Viewed

@@ -1,15 +0,0 @@
-# frozen_string_literal: true
-module Decidim
-  module Admin
-    # A policy to define all the authorizations regarding an Organization, to
-    # be used with Pundit.
-    class OrganizationPolicy < ApplicationPolicy
-      # Checks if the user can update an organization.
-      #
-      # Returns a Boolean.
-      def update?
-        user.roles.include?("admin") && user.organization == record
-      end
-    end
-  end
-end

data/decidim-admin/app/policies/decidim/admin/participatory_process_policy.rb DELETED Viewed

@@ -1,57 +0,0 @@
-# frozen_string_literal: true
-module Decidim
-  module Admin
-    # A policy to define all the authorizations regarding a
-    # ParticipatoryProcess, to be used with Pundit.
-    class ParticipatoryProcessPolicy < ApplicationPolicy
-      # Checks if the user can see the form for participatory process creation.
-      #
-      # Returns a Boolean.
-      def new?
-        user.roles.include?("admin")
-      end
-      # Checks if the user can create a participatory process.
-      #
-      # Returns a Boolean.
-      def create?
-        user.roles.include?("admin")
-      end
-      # Checks if the user can list a participatory process.
-      #
-      # Returns a Boolean.
-      def index?
-        user.roles.include?("admin") && user.organization == record.first.organization
-      end
-      # Checks if the user can see a participatory process.
-      #
-      # Returns a Boolean.
-      def show?
-        user.roles.include?("admin") && user.organization == record.organization
-      end
-      # Checks if the user can edit a participatory process.
-      #
-      # Returns a Boolean.
-      def edit?
-        user.roles.include?("admin") && user.organization == record.organization
-      end
-      # Checks if the user can update a participatory process.
-      #
-      # Returns a Boolean.
-      def update?
-        user.roles.include?("admin") && user.organization == record.organization
-      end
-      # Checks if the user can destroy a participatory process.
-      #
-      # Returns a Boolean.
-      def destroy?
-        user.roles.include?("admin") && user.organization == record.organization
-      end
-    end
-  end
-end

data/decidim-admin/spec/policies/dashboard_policy_spec.rb DELETED Viewed

@@ -1,23 +0,0 @@
-require "spec_helper"
-module Decidim
-  module Admin
-    describe DashboardPolicy do
-      subject { described_class.new(user, :dashboard) }
-      context "show?" do
-        context "being a regular user" do
-          let(:user) { create(:user) }
-          it { is_expected.to forbid_action(:show) }
-        end
-        context "being an admin" do
-          let(:user) { create(:user, :admin) }
-          it { is_expected.to permit_action(:show) }
-        end
-      end
-    end
-  end
-end

data/decidim-admin/spec/policies/organization_policy_spec.rb DELETED Viewed

@@ -1,41 +0,0 @@
-require "spec_helper"
-module Decidim
-  module Admin
-    describe OrganizationPolicy do
-      let(:organization) { create(:organization) }
-      subject { described_class.new(user, organization) }
-      context "within the same organization" do
-        context "being a regular user" do
-          let(:user) { create(:user, organization: organization) }
-          it { is_expected.to forbid_action(:update) }
-        end
-        context "being an admin" do
-          let(:user) { create(:user, :admin, organization: organization) }
-          it { is_expected.to permit_action(:update) }
-        end
-      end
-      context "in another organization" do
-        let(:other_organization) { create(:organization) }
-        context "being a regular user" do
-          let(:user) { create(:user, organization: other_organization) }
-          it { is_expected.to forbid_action(:update) }
-        end
-        context "being an admin" do
-          let(:user) { create(:user, :admin, organization: other_organization) }
-          it { is_expected.to forbid_action(:update) }
-        end
-      end
-    end
-  end
-end

data/decidim-admin/spec/policies/participatory_process_policy_spec.rb DELETED Viewed

@@ -1,153 +0,0 @@
-require "spec_helper"
-module Decidim
-  module Admin
-    describe ParticipatoryProcessPolicy do
-      let(:organization) { create :organization }
-      let(:organization2) { create :organization }
-      let(:process) { create(:process, organization: organization) }
-      subject { described_class.new(user, process) }
-      context "create?" do
-        context "being a regular user" do
-          let(:user) { create(:user) }
-          it { is_expected.to forbid_action(:create) }
-        end
-        context "being an admin" do
-          let(:user) { create(:user, :admin) }
-          it { is_expected.to permit_action(:create) }
-        end
-      end
-      context "new?" do
-        context "being a regular user" do
-          let(:user) { create(:user) }
-          it { is_expected.to forbid_action(:new) }
-        end
-        context "being an admin" do
-          let(:user) { create(:user, :admin) }
-          it { is_expected.to permit_action(:new) }
-        end
-      end
-      context "index?" do
-        let(:process) { [create(:process, organization: organization)] }
-        context "being a regular user" do
-          let(:user) { create(:user) }
-          it { is_expected.to forbid_action(:index) }
-        end
-        context "being an admin" do
-          let(:user) { create(:user, :admin, organization: organization) }
-          context "with the same organization" do
-            it { is_expected.to permit_action(:index) }
-          end
-          context "with a different organization" do
-            let(:user) { create(:user, :admin, organization: organization2) }
-            it { is_expected.to forbid_action(:index) }
-          end
-        end
-      end
-      context "show?" do
-        context "being a regular user" do
-          let(:user) { create(:user) }
-          it { is_expected.to forbid_action(:show) }
-        end
-        context "being an admin" do
-          let(:user) { create(:user, :admin, organization: organization) }
-          context "with the same organization" do
-            it { is_expected.to permit_action(:show) }
-          end
-          context "with a different organization" do
-            let(:user) { create(:user, :admin, organization: organization2) }
-            it { is_expected.to forbid_action(:show) }
-          end
-        end
-      end
-      context "edit?" do
-        context "being a regular user" do
-          let(:user) { create(:user) }
-          it { is_expected.to forbid_action(:edit) }
-        end
-        context "being an admin" do
-          let(:user) { create(:user, :admin, organization: organization) }
-          context "with the same organization" do
-            it { is_expected.to permit_action(:edit) }
-          end
-          context "with a different organization" do
-            let(:user) { create(:user, :admin, organization: organization2) }
-            it { is_expected.to forbid_action(:edit) }
-          end
-        end
-      end
-      context "update?" do
-        context "being a regular user" do
-          let(:user) { create(:user) }
-          it { is_expected.to forbid_action(:update) }
-        end
-        context "being an admin" do
-          let(:user) { create(:user, :admin, organization: organization) }
-          context "with the same organization" do
-            it { is_expected.to permit_action(:update) }
-          end
-          context "with a different organization" do
-            let(:user) { create(:user, :admin, organization: organization2) }
-            it { is_expected.to forbid_action(:update) }
-          end
-        end
-      end
-      context "destroy?" do
-        context "being a regular user" do
-          let(:user) { create(:user) }
-          it { is_expected.to forbid_action(:destroy) }
-        end
-        context "being an admin" do
-          let(:user) { create(:user, :admin, organization: organization) }
-          context "with the same organization" do
-            it { is_expected.to permit_action(:destroy) }
-          end
-          context "with a different organization" do
-            let(:user) { create(:user, :admin, organization: organization2) }
-            it { is_expected.to forbid_action(:destroy) }
-          end
-        end
-      end
-    end
-  end
-end

data/decidim-system/app/assets/javascripts/decidim/system/application.js DELETED Viewed

@@ -1,22 +0,0 @@
-// This is a manifest file that'll be compiled into application.js, which will include all the files
-// listed below.
-//
-// Any JavaScript/Coffee file within this directory, lib/assets/javascripts, vendor/assets/javascripts,
-// or any plugin's vendor/assets/javascripts directory can be referenced here using a relative path.
-//
-// It's not advisable to add code directly here, but if you do, it'll appear at the bottom of the
-// compiled file. JavaScript code in this file should be added after the last require_* statement.
-//
-// Read Sprockets README (https://github.com/rails/sprockets#sprockets-directives) for details
-// about supported directives.
-//
-//= require jquery
-//= require jquery_ujs
-//= require foundation
-//= require turbolinks
-//= require_self
-$(document).on("turbolinks:load", function() {
-  $(document).foundation();
-});