Merge branch 'develop' into feat/minio_s3_bucket

.env-example

@@ -95,11 +95,29 @@ RAILS_LOG_LEVEL=warn
 # SMS_GATEWAY_PLATFORM="hashimoto.local"
 
 #Timeout for the unsubscribe link of the newsletter
-#NEWSLETTERS_UNSUBSCRIBE_TIMEOUT=
+# NEWSLETTERS_UNSUBSCRIBE_TIMEOUT=
 
 # Redirect to the TOS page after signup (default: true)
 # DECIDIM_HALF_SIGNUP_SHOW_TOS_PAGE_AFTER_SIGNUP=true
 
 # Automatically save AH metadata to user extended data
 # Format : comma separated list of auhtorization handler names
-# AUTO_EXPORT_AUTHORIZATIONS_DATA_TO_USER_DATA_ENABLED_FOR="authorization1,authorization2"
+# AUTO_EXPORT_AUTHORIZATIONS_DATA_TO_USER_DATA_ENABLED_FOR="authorization1,authorization2"
+
+# Delay until a user is considered inactive and receive a warning email (in days, default: 365)
+# DECIDIM_CLEANER_INACTIVE_USERS_MAIL=
+
+# Delay until a user is deleted after receiving an email (in days, default: 30)
+# DECIDIM_CLEANER_DELETE_INACTIVE_USERS=
+
+# Delay until an admin log is deleted (in days, default: 365)
+# DECIDIM_CLEANER_DELETE_ADMIN_LOGS=
+
+# Delay until user's versions are deleted after the user deletion (in days, default: 30)
+# DECIDIM_CLEANER_DELETE_DELETED_USERS_DATA=
+
+# Delay until deleted authorization's versions are deleted after the authorization creation (in days, default: 30)
+# DECIDIM_CLEANER_DELETE_DELETED_AUTHORIZATIONS_DATA=
+
+# Sort participatory processes by date
+SORT_PROCESSES_BY_DATE=false

Gemfile

@@ -23,8 +23,9 @@ gem "decidim-anonymous_proposals", DECIDIM_ANONYMOUS_PROPOSALS_VERSION
 gem "decidim-budget_category_voting", git: "https://github.com/alecslupu-pfa/decidim-budget_category_voting.git", branch: DECIDIM_BRANCH
 gem "decidim-cache_cleaner"
 gem "decidim-category_enhanced", "~> 0.0.1"
+gem "decidim-cleaner"
 gem "decidim-custom_proposal_states", git: "https://github.com/alecslupu-pfa/decidim-module-custom_proposal_states", branch: DECIDIM_BRANCH
-gem "decidim-decidim_awesome", git: "https://github.com/decidim-ice/decidim-module-decidim_awesome", branch: "main"
+gem "decidim-decidim_awesome", git: "https://github.com/decidim-ice/decidim-module-decidim_awesome", branch: DECIDIM_BRANCH
 gem "decidim-extended_socio_demographic_authorization_handler", git: "https://github.com/OpenSourcePolitics/decidim-module-extended_socio_demographic_authorization_handler.git",
                                                                 branch: DECIDIM_BRANCH
 gem "decidim-extra_user_fields", git: "https://github.com/OpenSourcePolitics/decidim-module-extra_user_fields.git", branch: "temp/twilio-compatibility-0.27"
@@ -34,7 +35,7 @@ gem "decidim-half_signup", git: "https://github.com/OpenSourcePolitics/decidim-m
 gem "decidim-homepage_interactive_map", git: "https://github.com/OpenSourcePolitics/decidim-module-homepage_interactive_map.git", branch: DECIDIM_BRANCH
 gem "decidim-phone_authorization_handler", git: "https://github.com/OpenSourcePolitics/decidim-module_phone_authorization_handler", branch: "release/0.27-stable"
 gem "decidim-simple_proposal", git: "https://github.com/OpenSourcePolitics/decidim-module-simple_proposal", branch: DECIDIM_BRANCH
-gem "decidim-spam_detection"
+gem "decidim-spam_detection", git: "https://github.com/OpenSourcePolitics/decidim-spam_detection.git", tag: "4.1.1"
 gem "decidim-survey_multiple_answers", git: "https://github.com/OpenSourcePolitics/decidim-module-survey_multiple_answers"
 gem "decidim-term_customizer", git: "https://github.com/OpenSourcePolitics/decidim-module-term_customizer.git", branch: "fix/email_with_precompile"
 

Gemfile.lock

@@ -106,6 +106,14 @@ GIT
     decidim-phone_authorization_handler (1.0.0)
       decidim-core (~> 0.27)
 
+GIT
+  remote: https://github.com/OpenSourcePolitics/decidim-spam_detection.git
+  revision: fb2ee4624b728ce6f73603bfb84eda1d9b4e04d4
+  tag: 4.1.1
+  specs:
+    decidim-spam_detection (4.1.1)
+      decidim-core (~> 0.27.0)
+
 GIT
   remote: https://github.com/OpenSourcePolitics/omniauth-france_connect
   revision: 14a53ad31928c8a83742360cfbdb90938d0a057e
@@ -145,10 +153,10 @@ GIT
 
 GIT
   remote: https://github.com/decidim-ice/decidim-module-decidim_awesome
-  revision: 058af7db47737e3ca108ac8e08efd5ec55d67a44
-  branch: main
+  revision: 51bc593da8fb72d14c2e5b5df55dbb686be1fbbe
+  branch: release/0.27-stable
   specs:
-    decidim-decidim_awesome (0.10.2)
+    decidim-decidim_awesome (0.10.3)
       decidim-admin (>= 0.26.0, < 0.28)
       decidim-core (>= 0.26.0, < 0.28)
       deface (>= 1.5)
@@ -408,6 +416,8 @@ GEM
       decidim-admin (~> 0.27.0)
       decidim-core (~> 0.27.0)
       deface (>= 1.9)
+    decidim-cleaner (3.1.0)
+      decidim-core (~> 0.27.0)
     decidim-comments (0.27.4)
       decidim-core (= 0.27.4)
       redcarpet (~> 3.5, >= 3.5.1)
@@ -532,8 +542,6 @@ GEM
       decidim-comments (= 0.27.4)
       decidim-core (= 0.27.4)
       decidim-proposals (= 0.27.4)
-    decidim-spam_detection (4.0.0)
-      decidim-core (~> 0.27.0)
     decidim-surveys (0.27.4)
       decidim-core (= 0.27.4)
       decidim-forms (= 0.27.4)
@@ -1164,6 +1172,7 @@ DEPENDENCIES
   decidim-budgets_booth!
   decidim-cache_cleaner
   decidim-category_enhanced (~> 0.0.1)
+  decidim-cleaner
   decidim-conferences (~> 0.27.0)
   decidim-custom_proposal_states!
   decidim-decidim_awesome!
@@ -1177,7 +1186,7 @@ DEPENDENCIES
   decidim-initiatives (~> 0.27.0)
   decidim-phone_authorization_handler!
   decidim-simple_proposal!
-  decidim-spam_detection
+  decidim-spam_detection!
   decidim-survey_multiple_answers!
   decidim-templates (~> 0.27.0)
   decidim-term_customizer!
@@ -1217,4 +1226,4 @@ RUBY VERSION
    ruby 3.0.6p216
 
 BUNDLED WITH
-   2.4.9
+   2.4.6

OVERLOADS.md

@@ -2,6 +2,19 @@
 * `app/cells/decidim/version_cell.rb`
 This override the default `VersionCell` from `decidim-core`, by adding sanitization for `version_number` to prevent XSS attacks.
 
+* `app/controllers/decidim/assemblies/assemblies_controller.rb`
+This override the default `AssembliesController` from `decidim-assemblies`, by adding custom sort for assembly_participatory_processes
+
+* `app/helpers/decidim/assemblies/assemblies_helper.rb`
+This override the default `AssembliesHelpler` from `decidim-assemblies`, by adding custom html for sorted assembly_participatory_processes
+
+* `app/controllers/decidim/participatory_processes/participatory_processes_controller.rb`
+This override the default `ParticipatoryProcessesController` from `decidim-participatory_processes`, by adding custom sort for participatory_processes
+
+## Initiative form
+* `lib/extends/forms/decidim/initiatives/initiative_form_extends.rb`
+This adds a validation to form's description.
+
 ## Proposal's draft (Decidim awesome overrides 0.26.7)
 * `app/views/decidim/proposals/collaborative_drafts/_edit_form_fields.html.erb`
 

app/controllers/concerns/decidim/simple_proposal/proposals_controller_override.rb

@@ -56,6 +56,12 @@ def create
           enforce_permission_to :create, :proposal
           @step = Decidim::Proposals::ProposalsController::STEP1
           @form = form(Decidim::Proposals::ProposalForm).from_params(proposal_creation_params)
+          if proposal_limit_reached?
+            @form.errors.add(:base, I18n.t("decidim.proposals.new.limit_reached"))
+            flash.now[:alert] = I18n.t("proposals.create.error", scope: "decidim")
+            render :new
+            return
+          end
 
           @proposal = Decidim::Proposals::Proposal.new(@form.attributes.except(
             :user_group_id,
@@ -186,6 +192,17 @@ def map_attachment_objects(attachments)
             end
           end
         end
+
+        def proposal_limit_reached?(form = form_proposal_params)
+          proposal_limit = form.current_component.settings.proposal_limit
+          return false if proposal_limit.zero?
+
+          current_user_proposals(form).count >= proposal_limit
+        end
+
+        def current_user_proposals(form)
+          Decidim::Proposals::Proposal.from_author(current_user).where(component: form.current_component).except_withdrawn
+        end
       end
     end
   end

app/controllers/decidim/assemblies/assemblies_controller.rb

@@ -0,0 +1,106 @@
+# frozen_string_literal: true
+
+module Decidim
+  module Assemblies
+    # A controller that holds the logic to show Assemblies in a public layout.
+    class AssembliesController < Decidim::Assemblies::ApplicationController
+      include ParticipatorySpaceContext
+      participatory_space_layout only: :show
+      include FilterResource
+
+      helper_method :parent_assemblies, :promoted_assemblies, :stats, :assembly_participatory_processes, :current_assemblies_settings
+
+      def index
+        enforce_permission_to :list, :assembly
+
+        respond_to do |format|
+          format.html do
+            raise ActionController::RoutingError, "Not Found" if published_assemblies.none?
+
+            render "index"
+          end
+
+          format.js do
+            raise ActionController::RoutingError, "Not Found" if published_assemblies.none?
+
+            render "index"
+          end
+
+          format.json do
+            render json: published_assemblies.query.includes(:children).where(parent: nil).collect { |assembly|
+              {
+                name: assembly.title[I18n.locale.to_s],
+                children: assembly.children.collect do |child|
+                  {
+                    name: child.title[I18n.locale.to_s],
+                    children: child.children.collect { |child_of_child| { name: child_of_child.title[I18n.locale.to_s] } }
+                  }
+                end
+              }
+            }
+          end
+        end
+      end
+
+      def show
+        enforce_permission_to :read, :assembly, assembly: current_participatory_space
+      end
+
+      private
+
+      def search_collection
+        Assembly.where(organization: current_organization).published.visible_for(current_user)
+      end
+
+      def default_filter_params
+        {
+          with_scope: nil,
+          with_area: nil,
+          type_id_eq: nil
+        }
+      end
+
+      def current_participatory_space
+        return unless params[:slug]
+
+        @current_participatory_space ||= OrganizationAssemblies.new(current_organization).query.where(slug: params[:slug]).or(
+          OrganizationAssemblies.new(current_organization).query.where(id: params[:slug])
+        ).first!
+      end
+
+      def published_assemblies
+        @published_assemblies ||= OrganizationPublishedAssemblies.new(current_organization, current_user)
+      end
+
+      def promoted_assemblies
+        @promoted_assemblies ||= published_assemblies | PromotedAssemblies.new
+      end
+
+      def parent_assemblies
+        search.result.parent_assemblies.order(weight: :asc, promoted: :desc)
+      end
+
+      def stats
+        @stats ||= AssemblyStatsPresenter.new(assembly: current_participatory_space)
+      end
+
+      def assembly_participatory_processes
+        if Rails.application.secrets.dig(:decidim, :participatory_processes, :sort_by_date) == false
+          @assembly_participatory_processes ||= @current_participatory_space.linked_participatory_space_resources(:participatory_processes, "included_participatory_processes")
+        else
+          @assembly_participatory_processes = @current_participatory_space.linked_participatory_space_resources(:participatory_processes, "included_participatory_processes")
+          sorted_by_date = {
+            active: @assembly_participatory_processes.active_spaces.sort_by(&:end_date),
+            future: @assembly_participatory_processes.future_spaces.sort_by(&:start_date),
+            past: @assembly_participatory_processes.past_spaces.sort_by(&:end_date).reverse
+          }
+          @assembly_participatory_processes = sorted_by_date
+        end
+      end
+
+      def current_assemblies_settings
+        @current_assemblies_settings ||= Decidim::AssembliesSetting.find_or_create_by(decidim_organization_id: current_organization.id)
+      end
+    end
+  end
+end

app/controllers/decidim/initiatives/admin/initiatives_controller.rb

@@ -34,6 +34,8 @@ def edit
                     initiative: current_initiative
                   )
           @form.attachment = form_attachment_model
+          # "sanitize" the translated description, if the value is a hash (for machine_translation key) we don't modify it
+          @form.description.transform_values! { |v| v.instance_of?(String) ? v.gsub(/on\w+=("|')/, "nothing") : v }
 
           render layout: "decidim/admin/initiative"
         end