diff --git a/decidim-core/app/views/layouts/decidim/header/_redesigned_main_links_dropdown.html.erb b/decidim-core/app/views/layouts/decidim/header/_main_links_dropdown.html.erb
similarity index 100%
rename from decidim-core/app/views/layouts/decidim/header/_redesigned_main_links_dropdown.html.erb
rename to decidim-core/app/views/layouts/decidim/header/_main_links_dropdown.html.erb
diff --git a/decidim-core/app/views/layouts/decidim/header/_redesigned_main_links_mobile.html.erb b/decidim-core/app/views/layouts/decidim/header/_main_links_mobile.html.erb
similarity index 100%
rename from decidim-core/app/views/layouts/decidim/header/_redesigned_main_links_mobile.html.erb
rename to decidim-core/app/views/layouts/decidim/header/_main_links_mobile.html.erb
diff --git a/decidim-core/app/views/layouts/decidim/header/_redesigned_main_links_mobile_account.html.erb b/decidim-core/app/views/layouts/decidim/header/_main_links_mobile_account.html.erb
similarity index 92%
rename from decidim-core/app/views/layouts/decidim/header/_redesigned_main_links_mobile_account.html.erb
rename to decidim-core/app/views/layouts/decidim/header/_main_links_mobile_account.html.erb
index 0f0752d206dac..5d7dfa4fd3ef2 100644
--- a/decidim-core/app/views/layouts/decidim/header/_redesigned_main_links_mobile_account.html.erb
+++ b/decidim-core/app/views/layouts/decidim/header/_main_links_mobile_account.html.erb
@@ -26,7 +26,7 @@
+ <%= yield %>
<% end %>
diff --git a/decidim-core/config/locales/en.yml b/decidim-core/config/locales/en.yml
index 15d94bfb8d605..b3a4b71cc8926 100644
--- a/decidim-core/config/locales/en.yml
+++ b/decidim-core/config/locales/en.yml
@@ -416,7 +416,6 @@ en:
started_at: Started at %{timestamp}
authorization_modals:
content:
- close_modal: Close modal
expired:
authorize: Reauthorize with "%{authorization}"
explanation: Your authorization has expired. In order to perform this action, you need to be reauthorized with "%{authorization}".
@@ -1488,12 +1487,10 @@ en:
spam: Contains clickbait, advertising, scams or script bots.
title: Report inappropriate User
floating_help:
- close: Close help
help: Help
follow_button:
sign_in_before_follow: Please sign in before performing this action
login_modal:
- close_modal: Close modal
please_sign_in: Please sign in
sign_up: Sign up
mentions_modal:
@@ -1506,9 +1503,6 @@ en:
select_an_area: Select an area
public_participation:
public_participation: Show my attendance publicly
- redesigned_login_modal:
- please_sign_in: Please sign in
- sign_up: Sign up
reference:
reference: 'Reference: %{reference}'
represent_user_group:
@@ -1518,7 +1512,6 @@ en:
label: 'Results per page:'
title: Select number of results per page
share_modal:
- close_window: Close window
copy_share_link: Copy
copy_share_link_clarification: Copy share link to clipboard
copy_share_link_copied: Copied!
@@ -1924,11 +1917,8 @@ en:
sign_up: Sign Up
terms_and_conditions: Terms and Conditions
header:
- close_menu: Close menu
main_menu: Main menu
- navigation: Navigation
sign_in: Sign In
- sign_up: Sign Up
user_menu: User menu
impersonation_warning:
close_session: Close session
diff --git a/decidim-core/lib/decidim/form_builder.rb b/decidim-core/lib/decidim/form_builder.rb
index a00fc96babe35..0ecb2a37035d1 100644
--- a/decidim-core/lib/decidim/form_builder.rb
+++ b/decidim-core/lib/decidim/form_builder.rb
@@ -471,7 +471,7 @@ def upload(attribute, options = {})
max_file_size = options[:max_file_size] || max_file_size(object, attribute)
button_label = options[:button_label] || choose_button_label(attribute)
help_messages = options[:help] || upload_help(object, attribute, options)
- redesigned = @template.try(:redesign_enabled?)
+ redesigned = @template.respond_to?(:redesign_enabled?) ? @template.redesign_enabled? : true
options = {
attribute:,
diff --git a/decidim-core/lib/decidim/redesigned_filter_form_builder.rb b/decidim-core/lib/decidim/redesigned_filter_form_builder.rb
index c468208b842bc..60218d03ba0f7 100644
--- a/decidim-core/lib/decidim/redesigned_filter_form_builder.rb
+++ b/decidim-core/lib/decidim/redesigned_filter_form_builder.rb
@@ -35,7 +35,7 @@ def collection_filter(method:, collection:, label_scope:, id:, **options)
end
@template.render(
- "decidim/shared/filters/redesigned_#{type}",
+ "decidim/shared/filters/#{type}",
**options.merge(
method:,
collection:,
diff --git a/decidim-core/lib/decidim/view_model.rb b/decidim-core/lib/decidim/view_model.rb
index 064ad4a84622b..85d6c8a6ed5ac 100644
--- a/decidim-core/lib/decidim/view_model.rb
+++ b/decidim-core/lib/decidim/view_model.rb
@@ -19,8 +19,6 @@ class ViewModel < Cell::ViewModel
delegate :current_organization, to: :controller
- delegate :redesigned_layout, :redesign_enabled?, to: :controller
-
cache :show, if: :perform_caching?, expires_in: :cache_expiry_time do
cache_hash
end
diff --git a/decidim-core/spec/cells/decidim/activity_cell_spec.rb b/decidim-core/spec/cells/decidim/activity_cell_spec.rb
index 606f5f5fd9c27..983da9c26644f 100644
--- a/decidim-core/spec/cells/decidim/activity_cell_spec.rb
+++ b/decidim-core/spec/cells/decidim/activity_cell_spec.rb
@@ -85,10 +85,6 @@
before do
allow(controller).to receive(:current_user).and_return(nil)
- allow(controller).to receive(:redesigned_layout).with(:cell_name).and_return(cell_name)
- allow(controller).to receive(:redesigned_layout) do |name|
- name
- end
end
context "when the author is shown" do
diff --git a/decidim-core/spec/cells/decidim/user_activity_cell_spec.rb b/decidim-core/spec/cells/decidim/user_activity_cell_spec.rb
index f82c2a8273fba..99029426a5578 100644
--- a/decidim-core/spec/cells/decidim/user_activity_cell_spec.rb
+++ b/decidim-core/spec/cells/decidim/user_activity_cell_spec.rb
@@ -65,13 +65,8 @@
end
let(:controller) { double }
- def redesigned_layout(name)
- name
- end
-
before do
allow(controller).to receive(:current_organization).and_return(component.organization)
- allow(controller).to receive(:redesign_enabled?).and_return(true)
allow(controller).to receive(:params).and_return(ActionController::Parameters.new({}))
allow(my_cell).to receive(:url_for).and_return("/")
diff --git a/decidim-core/spec/helpers/decidim/action_authorization_helper_spec.rb b/decidim-core/spec/helpers/decidim/action_authorization_helper_spec.rb
index 9296d0fa96893..f7bf261818da7 100644
--- a/decidim-core/spec/helpers/decidim/action_authorization_helper_spec.rb
+++ b/decidim-core/spec/helpers/decidim/action_authorization_helper_spec.rb
@@ -7,7 +7,6 @@ module Decidim
let(:component) { create(:component) }
let(:resource) { nil }
let(:permissions_holder) { nil }
- let(:redesign_enabled) { false }
let(:user) { create(:user) }
let(:action) { "foo" }
let(:status) { double(ok?: authorized) }
@@ -20,9 +19,6 @@ module Decidim
allow(helper).to receive(:current_component).and_return(component)
allow(helper).to receive(:current_user).and_return(user)
allow(helper).to receive(:action_authorized_to).with(action, resource:, permissions_holder:).and_return(status)
- # rubocop:disable RSpec/AnyInstance
- allow_any_instance_of(ActionView::Base).to receive(:redesign_enabled?).and_return(redesign_enabled)
- # rubocop:enable RSpec/AnyInstance
end
shared_examples "an action authorization widget helper" do |params|
@@ -32,8 +28,8 @@ module Decidim
it "renders a widget toggling the authorization modal" do
expect(subject).not_to include(path)
- expect(subject).to include('data-open="authorizationModal"')
- expect(subject).to include("data-open-url=\"/authorization_modals/#{action}/f/#{component.id}\"")
+ expect(subject).to include('data-dialog-open="authorizationModal"')
+ expect(subject).to include("data-dialog-remote-url=\"/authorization_modals/#{action}/f/#{component.id}\"")
expect(subject).to include(*params[:widget_parts])
end
@@ -42,8 +38,8 @@ module Decidim
it "renders a widget toggling the authorization modal" do
expect(subject).not_to include(path)
- expect(subject).to include('data-open="authorizationModal"')
- expect(subject).to include("data-open-url=\"/authorization_modals/#{action}/f/#{component.id}/#{resource.resource_manifest.name}/#{resource.id}\"")
+ expect(subject).to include('data-dialog-open="authorizationModal"')
+ expect(subject).to include("data-dialog-remote-url=\"/authorization_modals/#{action}/f/#{component.id}/#{resource.resource_manifest.name}/#{resource.id}\"")
expect(subject).to include(*params[:widget_parts])
end
end
@@ -55,8 +51,8 @@ module Decidim
it "renders a widget toggling the authorization modal of free resources not related with a component" do
expect(subject).not_to include(path)
- expect(subject).to include('data-open="authorizationModal"')
- expect(subject).to include("data-open-url=\"/free_resource_authorization_modals/#{action}/f/#{resource.resource_manifest.name}/#{resource.id}\"")
+ expect(subject).to include('data-dialog-open="authorizationModal"')
+ expect(subject).to include("data-dialog-remote-url=\"/free_resource_authorization_modals/#{action}/f/#{resource.resource_manifest.name}/#{resource.id}\"")
expect(subject).to include(*params[:widget_parts])
end
end
@@ -68,7 +64,7 @@ module Decidim
context "when #{params[:has_action] ? "the action is authorized" : "the user is logged"}" do
it "renders a regular widget" do
- expect(subject).not_to include("data-open")
+ expect(subject).not_to include("data-dialog-open")
expect(subject).to include(path)
expect(subject).to include(*params[:widget_parts])
end
@@ -79,7 +75,7 @@ module Decidim
it "renders a widget toggling the login modal" do
expect(subject).not_to include(path)
- expect(subject).to include('data-open="loginModal"')
+ expect(subject).to include('data-dialog-open="loginModal"')
expect(subject).to include(*params[:widget_parts])
end
end
diff --git a/decidim-core/spec/helpers/decidim/check_boxes_tree_helper_spec.rb b/decidim-core/spec/helpers/decidim/check_boxes_tree_helper_spec.rb
index b8ebaacc5f033..de50c9fc177cc 100644
--- a/decidim-core/spec/helpers/decidim/check_boxes_tree_helper_spec.rb
+++ b/decidim-core/spec/helpers/decidim/check_boxes_tree_helper_spec.rb
@@ -14,13 +14,11 @@ module Decidim
let!(:organization) { create(:organization) }
let!(:participatory_space) { create(:participatory_process, organization:) }
let!(:component) { create(:component, participatory_space:) }
- let(:redesign_enabled) { false }
before do
allow(helper).to receive(:current_participatory_space).and_return(participatory_space)
allow(helper).to receive(:current_component).and_return(component)
allow(helper).to receive(:current_organization).and_return(organization)
- allow(helper).to receive(:redesign_enabled?).and_return(redesign_enabled)
end
describe "#filter_scopes_values" do
diff --git a/decidim-core/spec/helpers/decidim/decidim_form_helper_spec.rb b/decidim-core/spec/helpers/decidim/decidim_form_helper_spec.rb
index 368d2779e0216..1b3386b29dbb5 100644
--- a/decidim-core/spec/helpers/decidim/decidim_form_helper_spec.rb
+++ b/decidim-core/spec/helpers/decidim/decidim_form_helper_spec.rb
@@ -4,14 +4,6 @@
module Decidim
describe DecidimFormHelper, type: :helper do
- let(:redesign_enabled) { false }
-
- before do
- # rubocop:disable RSpec/AnyInstance
- allow_any_instance_of(ActionView::Base).to receive(:redesign_enabled?).and_return(redesign_enabled)
- # rubocop:enable RSpec/AnyInstance
- end
-
describe "decidim_form_for" do
it "injects custom options" do
record = double("record").as_null_object
diff --git a/decidim-core/spec/helpers/decidim/endorsable_helper_spec.rb b/decidim-core/spec/helpers/decidim/endorsable_helper_spec.rb
index 232758ac09bad..35749856dd8b1 100644
--- a/decidim-core/spec/helpers/decidim/endorsable_helper_spec.rb
+++ b/decidim-core/spec/helpers/decidim/endorsable_helper_spec.rb
@@ -52,16 +52,11 @@ module Decidim
let(:resource) { create(:dummy_resource, component:) }
let(:user) { create(:user, :confirmed, organization:) }
let(:user_group) { nil }
- let(:redesign_enabled) { false }
before do
allow(helper).to receive(:endorsements_path).and_return(Decidim::Core::Engine.routes.url_helpers.endorsements_path(id: resource))
allow(helper).to receive(:endorsement_path).and_return(Decidim::Core::Engine.routes.url_helpers.endorsement_path(id: resource))
allow(controller).to receive(:current_user).and_return(user)
- allow(controller).to receive(:redesign_enabled?).and_return(redesign_enabled)
- # rubocop:disable RSpec/AnyInstance
- allow_any_instance_of(ActionView::Base).to receive(:redesign_enabled?).and_return(redesign_enabled)
- # rubocop:enable RSpec/AnyInstance
end
context "when it is a user" do
diff --git a/decidim-core/spec/helpers/decidim/icon_helper_spec.rb b/decidim-core/spec/helpers/decidim/icon_helper_spec.rb
index f530b1534b5c0..a30c7edbf3239 100644
--- a/decidim-core/spec/helpers/decidim/icon_helper_spec.rb
+++ b/decidim-core/spec/helpers/decidim/icon_helper_spec.rb
@@ -5,17 +5,10 @@
module Decidim
describe IconHelper do
describe "#component_icon" do
- let(:redesign_enabled) { false }
let(:component) do
create(:component, manifest_name: :dummy)
end
- before do
- # rubocop:disable RSpec/AnyInstance
- allow_any_instance_of(ActionView::Base).to receive(:redesign_enabled?).and_return(redesign_enabled)
- # rubocop:enable RSpec/AnyInstance
- end
-
describe "when the component has no icon" do
before do
allow(component.manifest).to receive(:icon).and_return(nil)
@@ -81,7 +74,7 @@ module Decidim
let(:resource) { build(:user) }
it "renders a person icon" do
- expect(result).to include("svg#icon-person")
+ expect(result).to include("svg#ri-person")
end
end
@@ -93,7 +86,7 @@ module Decidim
end
it "renders a generic icon" do
- expect(result).to include("svg#icon-bell")
+ expect(result).to include("svg#ri-bell")
end
end
@@ -105,7 +98,7 @@ module Decidim
end
it "renders a generic icon" do
- expect(result).to include("svg#icon-question-mark")
+ expect(result).to include("svg#ri-question-mark")
end
end
@@ -113,7 +106,7 @@ module Decidim
let(:resource) { "Something" }
it "renders a generic icon" do
- expect(result).to include("svg#icon-bell")
+ expect(result).to include("svg#ri-bell")
end
end
end
diff --git a/decidim-core/spec/helpers/decidim/social_share_button_helper_spec.rb b/decidim-core/spec/helpers/decidim/social_share_button_helper_spec.rb
index 7f4b804147a57..c7b92ab11ed7a 100644
--- a/decidim-core/spec/helpers/decidim/social_share_button_helper_spec.rb
+++ b/decidim-core/spec/helpers/decidim/social_share_button_helper_spec.rb
@@ -6,17 +6,10 @@ module Decidim
describe SocialShareButtonHelper do
let(:args) { { url: "http://example.org" } }
let(:result) { helper.social_share_button_tag("Hello", **args) }
- let(:redesign_enabled) { false }
-
- before do
- # rubocop:disable RSpec/AnyInstance
- allow_any_instance_of(ActionView::Base).to receive(:redesign_enabled?).and_return(redesign_enabled)
- # rubocop:enable RSpec/AnyInstance
- end
describe "social_share_button_tag" do
it "renders the class" do
- expect(result).to include(redesign_enabled ? "data-social-share" : "social-share-button")
+ expect(result).to include("data-social-share")
end
end
@@ -90,7 +83,7 @@ module Decidim
let(:args) { { hashtags: "Hello" } }
it "renders the correct HTML" do
- expect(result).to eq(redesign_enabled ? %() : %())
+ expect(result).to eq(%())
end
end
end
diff --git a/decidim-core/spec/lib/form_builder_spec.rb b/decidim-core/spec/lib/form_builder_spec.rb
index 5522ead3598e1..a0bc3fb72888b 100644
--- a/decidim-core/spec/lib/form_builder_spec.rb
+++ b/decidim-core/spec/lib/form_builder_spec.rb
@@ -9,7 +9,6 @@ module Decidim
let(:available_locales) { %w(ca en de-CH) }
let(:uploader) { Decidim::ApplicationUploader }
let(:organization) { create(:organization) }
- let(:redesign_enabled?) { false }
let(:resource) do
class DummyClass
@@ -80,7 +79,6 @@ def organization
before do
allow(Decidim).to receive(:available_locales).and_return available_locales
allow(I18n.config).to receive(:enforce_available_locales).and_return(false)
- allow(helper).to receive(:redesign_enabled?).and_return(redesign_enabled?)
end
describe "#editor" do
@@ -788,14 +786,14 @@ def organization
it "renders the correctly sorted values" do
html = output
- expect(html).to include(
- [
- "
This image will be resized and padded to 33 x 33 px.
",
- "
This image will be resized and padded to 99 x 99 px.
",
- "
This image will be resized to fit 32 x 32 px.
",
- "
This image will be resized to fit 100 x 100 px.
"
- ].join("\n \n ")
- )
+ [
+ "
This image will be resized and padded to 33 x 33 px.
",
+ "
This image will be resized and padded to 99 x 99 px.
",
+ "
This image will be resized to fit 32 x 32 px.
",
+ "
This image will be resized to fit 100 x 100 px.
"
+ ].each do |value|
+ expect(html).to include(value)
+ end
end
end
end
diff --git a/decidim-core/spec/system/data_consent/scripts_spec.rb b/decidim-core/spec/system/data_consent/scripts_spec.rb
index 04815ef10c8a5..77f70147d0472 100644
--- a/decidim-core/spec/system/data_consent/scripts_spec.rb
+++ b/decidim-core/spec/system/data_consent/scripts_spec.rb
@@ -51,10 +51,6 @@ def protect_against_forgery?
let(:html_body) { "" }
before do
- # rubocop:disable RSpec/AnyInstance
- allow_any_instance_of(Decidim::ViewModel).to receive(:redesign_enabled?).and_return(true)
- # rubocop:enable RSpec/AnyInstance
-
# Create a temporary route to display the generated HTML in a correct site
# context.
final_html = html_document
diff --git a/decidim-core/spec/system/social_share_button_spec.rb b/decidim-core/spec/system/social_share_button_spec.rb
index 0d7a85786975f..f0993ff5e4c46 100644
--- a/decidim-core/spec/system/social_share_button_spec.rb
+++ b/decidim-core/spec/system/social_share_button_spec.rb
@@ -5,44 +5,43 @@
describe "Social share button", type: :system do
let!(:resource) { create(:dummy_resource) }
let(:resource_path) { Decidim::ResourceLocatorPresenter.new(resource).path }
- let(:modal_selector) { Decidim.redesign_active ? "[data-social-share]" : ".social-share-button" }
before { switch_to_host(resource.organization.host) }
shared_examples_for "showing the social share buttons" do
it "shows the 'socialShare' modal" do
within "#socialShare", visible: :visible do
- expect(page).to have_css("h3", text: "Share:")
- expect(page).to have_css(modal_selector)
+ expect(page).to have_css("h2", text: "Share")
+ expect(page).to have_css("[data-social-share]")
end
end
it "shows the 'Share to Twitter' button" do
- within modal_selector do
+ within "[data-social-share]" do
expect(page).to have_css('a[data-site="twitter"]')
end
end
it "shows the 'Share to Facebook' button" do
- within modal_selector do
+ within "[data-social-share]" do
expect(page).to have_css('a[data-site="facebook"]')
end
end
it "shows the 'Share to Telegram' button" do
- within modal_selector do
+ within "[data-social-share]" do
expect(page).to have_css('a[data-site="telegram"]')
end
end
it "shows the 'Share to Whatsapp' button" do
- within modal_selector do
+ within "[data-social-share]" do
expect(page).to have_css('a[data-site="whatsapp"]')
end
end
it "does not have the external domain warning in the URL" do
- within modal_selector do
+ within "[data-social-share]" do
link = find('a[data-site="telegram"]')
expect(link[:href]).not_to include("/link?external_url")
end
diff --git a/decidim-core/spec/system/user_group_manage_admins_spec.rb b/decidim-core/spec/system/user_group_manage_admins_spec.rb
index 2d61ab1142157..3cf5940f23f38 100644
--- a/decidim-core/spec/system/user_group_manage_admins_spec.rb
+++ b/decidim-core/spec/system/user_group_manage_admins_spec.rb
@@ -21,11 +21,7 @@
end
it "does not show the link to edit" do
- if Decidim.redesign_active
- expect(page).not_to have_content("Manage group")
- else
- expect(page).not_to have_content("Manage admins")
- end
+ expect(page).not_to have_content("Manage group")
end
it "rejects the user that accesses manually" do
@@ -39,7 +35,7 @@
login_as creator, scope: :user
visit decidim.profile_path(user_group.nickname)
- click_button "Manage group" if Decidim.redesign_active
+ click_button "Manage group"
click_link "Manage admins"
end
diff --git a/decidim-debates/app/controllers/decidim/debates/application_controller.rb b/decidim-debates/app/controllers/decidim/debates/application_controller.rb
index eb5757cd81db6..716e85985e0e8 100644
--- a/decidim-debates/app/controllers/decidim/debates/application_controller.rb
+++ b/decidim-debates/app/controllers/decidim/debates/application_controller.rb
@@ -8,7 +8,6 @@ module Debates
# Note that it inherits from `Decidim::Components::BaseController`, which
# override its layout and provide all kinds of useful methods.
class ApplicationController < Decidim::Components::BaseController
- redesign_participatory_space_layout skip_authorize_participatory_space: true
end
end
end
diff --git a/decidim-dev/app/controllers/decidim/dummy_resources/dummy_resources_controller.rb b/decidim-dev/app/controllers/decidim/dummy_resources/dummy_resources_controller.rb
index 2c41e3abfed41..2525374289c95 100644
--- a/decidim-dev/app/controllers/decidim/dummy_resources/dummy_resources_controller.rb
+++ b/decidim-dev/app/controllers/decidim/dummy_resources/dummy_resources_controller.rb
@@ -6,8 +6,6 @@ class DummyResourcesController < Decidim::Components::BaseController
helper Decidim::Comments::CommentsHelper
include Decidim::TranslatableAttributes
- redesign_participatory_space_layout only: :show
-
def show
@commentable = DummyResources::DummyResource.find(params[:id])
end
diff --git a/decidim-dev/app/views/decidim/dummy_resources/dummy_resources/show.html.erb b/decidim-dev/app/views/decidim/dummy_resources/dummy_resources/show.html.erb
index 86d589a74d670..c1e91c32cd999 100644
--- a/decidim-dev/app/views/decidim/dummy_resources/dummy_resources/show.html.erb
+++ b/decidim-dev/app/views/decidim/dummy_resources/dummy_resources/show.html.erb
@@ -4,18 +4,22 @@
url: dummy_resource_url(@commentable)
}) %>
-
<%= render "decidim/elections/shared/broken_promises_modal" %>
From b6b024f7b093aeb97b1bded74792670b82fb8fc8 Mon Sep 17 00:00:00 2001
From: Alexandru Emil Lupu
Date: Fri, 28 Jul 2023 09:57:46 +0300
Subject: [PATCH 10/14] Add videos services to CSP (youtube-nocookie.com,
meet.jit.si, etc) (#11155)
* Fix content security policy
* Remove openstreetmap from CSP
* Apply review recommendations
---
decidim-core/lib/decidim/content_security_policy.rb | 2 +-
.../controllers/concerns/content_security_policy_spec.rb | 8 ++++----
decidim-core/spec/lib/content_security_policy_spec.rb | 2 +-
decidim-meetings/lib/decidim/meetings/engine.rb | 6 ++++++
4 files changed, 12 insertions(+), 6 deletions(-)
diff --git a/decidim-core/lib/decidim/content_security_policy.rb b/decidim-core/lib/decidim/content_security_policy.rb
index d5a982b65d4ae..b771face4da73 100644
--- a/decidim-core/lib/decidim/content_security_policy.rb
+++ b/decidim-core/lib/decidim/content_security_policy.rb
@@ -123,7 +123,7 @@ def default_policy
"img-src" => %w('self' *.hereapi.com data:),
"font-src" => %w('self'),
"connect-src" => %w('self' *.hereapi.com *.jsdelivr.net),
- "frame-src" => %w('self'),
+ "frame-src" => %w('self' www.youtube-nocookie.com player.vimeo.com),
"media-src" => %w('self')
}
end
diff --git a/decidim-core/spec/controllers/concerns/content_security_policy_spec.rb b/decidim-core/spec/controllers/concerns/content_security_policy_spec.rb
index 958b1e728fd28..c88a6675858ae 100644
--- a/decidim-core/spec/controllers/concerns/content_security_policy_spec.rb
+++ b/decidim-core/spec/controllers/concerns/content_security_policy_spec.rb
@@ -46,7 +46,7 @@ def show
expect(response.headers["Content-Security-Policy"]).to include("img-src 'self' *.hereapi.com data: https://via.placeholder.com;")
expect(response.headers["Content-Security-Policy"]).to include("connect-src 'self' *.hereapi.com *.jsdelivr.net;")
expect(response.headers["Content-Security-Policy"]).to include("font-src 'self';")
- expect(response.headers["Content-Security-Policy"]).to include("frame-src 'self';")
+ expect(response.headers["Content-Security-Policy"]).to include("frame-src 'self' www.youtube-nocookie.com player.vimeo.com;")
expect(response.headers["Content-Security-Policy"]).to include("media-src 'self'")
end
@@ -61,7 +61,7 @@ def show
expect(response.headers["Content-Security-Policy"]).to include("img-src 'self' *.hereapi.com data: https://via.placeholder.com https://img.example.org;")
expect(response.headers["Content-Security-Policy"]).to include("connect-src 'self' *.hereapi.com *.jsdelivr.net https://connect.example.org;")
expect(response.headers["Content-Security-Policy"]).to include("font-src 'self' https://font.example.org;")
- expect(response.headers["Content-Security-Policy"]).to include("frame-src 'self' https://frame.example.org;")
+ expect(response.headers["Content-Security-Policy"]).to include("frame-src 'self' www.youtube-nocookie.com player.vimeo.com https://frame.example.org;")
expect(response.headers["Content-Security-Policy"]).to include("media-src 'self' https://example.org")
end
end
@@ -76,7 +76,7 @@ def show
expect(response.headers["Content-Security-Policy"]).to include("img-src 'self' *.hereapi.com data: https://img.example.org;")
expect(response.headers["Content-Security-Policy"]).to include("connect-src 'self' *.hereapi.com *.jsdelivr.net https://connect.example.org;")
expect(response.headers["Content-Security-Policy"]).to include("font-src 'self' https://font.example.org;")
- expect(response.headers["Content-Security-Policy"]).to include("frame-src 'self' https://frame.example.org;")
+ expect(response.headers["Content-Security-Policy"]).to include("frame-src 'self' www.youtube-nocookie.com player.vimeo.com https://frame.example.org;")
expect(response.headers["Content-Security-Policy"]).to include("media-src 'self' https://example.org")
end
end
@@ -122,7 +122,7 @@ def show
expect(response.headers["Content-Security-Policy"]).to include("img-src 'self' *.hereapi.com data: https://img.example.org https://via.placeholder.com;")
expect(response.headers["Content-Security-Policy"]).to include("connect-src 'self' *.hereapi.com *.jsdelivr.net https://connect.example.org;")
expect(response.headers["Content-Security-Policy"]).to include("font-src 'self' https://font.example.org;")
- expect(response.headers["Content-Security-Policy"]).to include("frame-src 'self' https://frame.example.org;")
+ expect(response.headers["Content-Security-Policy"]).to include("frame-src 'self' www.youtube-nocookie.com player.vimeo.com https://frame.example.org;")
expect(response.headers["Content-Security-Policy"]).to include("media-src 'self' https://example.org")
end
end
diff --git a/decidim-core/spec/lib/content_security_policy_spec.rb b/decidim-core/spec/lib/content_security_policy_spec.rb
index 3cbd0d2a1e73c..f87088121f47e 100644
--- a/decidim-core/spec/lib/content_security_policy_spec.rb
+++ b/decidim-core/spec/lib/content_security_policy_spec.rb
@@ -18,7 +18,7 @@ module Decidim
it { expect(subject.output_policy).to include("img-src 'self' *.hereapi.com data:;") }
it { expect(subject.output_policy).to include("connect-src 'self' *.hereapi.com *.jsdelivr.net;") }
it { expect(subject.output_policy).to include("font-src 'self';") }
- it { expect(subject.output_policy).to include("frame-src 'self';") }
+ it { expect(subject.output_policy).to include("frame-src 'self' www.youtube-nocookie.com player.vimeo.com;") }
it { expect(subject.output_policy).to include("media-src 'self'") }
end
diff --git a/decidim-meetings/lib/decidim/meetings/engine.rb b/decidim-meetings/lib/decidim/meetings/engine.rb
index 6edcb2a5b46bc..685a2cc3ab9df 100644
--- a/decidim-meetings/lib/decidim/meetings/engine.rb
+++ b/decidim-meetings/lib/decidim/meetings/engine.rb
@@ -50,6 +50,12 @@ class Engine < ::Rails::Engine
end
end
+ initializer "decidim_meetings.content_security_handlers" do |_app|
+ Decidim.configure do |config|
+ config.content_security_policies_extra.deep_merge!({ "frame-src" => %w(player.twitch.tv meet.jit.si) })
+ end
+ end
+
initializer "decidim_meetings.view_hooks" do
Decidim.view_hooks.register(:participatory_space_highlighted_elements, priority: Decidim::ViewHooks::HIGH_PRIORITY) do |view_context|
view_context.cell("decidim/meetings/highlighted_meetings", view_context.current_participatory_space)
From 8389e5e96129fe3f1340b952dfa732b957b181e2 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Andr=C3=A9s=20Pereira=20de=20Lucena?=
Date: Fri, 28 Jul 2023 10:01:19 +0200
Subject: [PATCH 11/14] Reorder and renumber the RELEASES_NOTES (#11379)
* Move 'Configuration parameter change' to 'Changes in APIs' section
* Add exception explanation on `decidim-consultations` removal instructions
* Move 'Note for development' explanation to the correct place
* Fix numerations of titles
* Fix timestamp in DB migration
Suggested by code review
Co-authored-by: Alexandru Emil Lupu
---------
Co-authored-by: Alexandru Emil Lupu
---
RELEASE_NOTES.md | 111 +++++++++++++++++++++++++++++++++--------------
1 file changed, 79 insertions(+), 32 deletions(-)
diff --git a/RELEASE_NOTES.md b/RELEASE_NOTES.md
index 1df5789bb293d..88e2160d2e846 100644
--- a/RELEASE_NOTES.md
+++ b/RELEASE_NOTES.md
@@ -23,15 +23,6 @@ bin/rails db:migrate
### 1.3. Follow the steps and commands detailed in these notes
-#### 1.3.1 Configuration parameter change
-
-Prior to 0.28, there was the possibility of configuring a list of disallowed passwords using the configuration parameter `Decidim.password_blacklist` or the environment variable `DECIDIM_PASSWORD_BLACKLIST`. These methods have been renamed as follows:
-
-- `Decidim.password_blacklist` becomes `Decidim.denied_passwords`
-- `DECIDIM_PASSWORD_BLACKLIST` becomes `DECIDIM_DENIED_PASSWORDS`
-
-You can read more about this change on PR [\#10288](https://github.com/decidim/decidim/pull/10288).
-
## 2. General notes
## 2.1. Redesign
@@ -50,6 +41,53 @@ If you're not using it, then you don't need to do anything.
If you're maintaining a version of this module, please share the URL of the git repository by [creating an issue on the decidim.org website repository](https://github.com/decidim/decidim.org) so that we can update the [Modules page](https://decidim.org/modules).
+There's an error with the migrations after you've removed this module, you'd need to change them like this:
+
+### db/migrate/*_add_commentable_counter_cache_to_consultations.decidim_consultations.rb
+
+```ruby
+# frozen_string_literal: true
+# This migration comes from decidim_consultations (originally 20200827154143)
+
+class AddCommentableCounterCacheToConsultations < ActiveRecord::Migration[5.2]
+ class Question < ApplicationRecord
+ self.table_name = :decidim_consultations_questions
+ end
+
+ def change
+ add_column :decidim_consultations_questions, :comments_count, :integer, null: false, default: 0, index: true
+ Question.reset_column_information
+ Question.find_each(&:update_comments_count)
+ end
+end
+```
+
+### db/migrate/*_add_followable_counter_cache_to_consultations.decidim_consultations.rb
+
+```ruby
+# frozen_string_literal: true
+# This migration comes from decidim_consultations (originally 20210310120626)
+
+class AddFollowableCounterCacheToConsultations < ActiveRecord::Migration[5.2]
+ class Question < ApplicationRecord
+ self.table_name = :decidim_consultations_questions
+ end
+
+ def change
+ add_column :decidim_consultations_questions, :follows_count, :integer, null: false, default: 0, index: true
+
+ reversible do |dir|
+ dir.up do
+ Question.reset_column_information
+ Question.find_each do |record|
+ record.class.reset_counters(record.id, :follows)
+ end
+ end
+ end
+ end
+end
+```
+
You can read more about this change on PR [#11171](https://github.com/decidim/decidim/pull/11171).
## 3. One time actions
@@ -100,7 +138,7 @@ In some other cases when you run your application on a custom port (other than 3
You can read more about this change on PR [\#10519](https://github.com/decidim/decidim/pull/10519).
-### 3.3. User moderation panel changes
+### 3.4. User moderation panel changes
In older Decidim installations, when blocking an user directly from the participants menu, without being previously reported, it will hide that user, making it unavailable in the Reported Participants section. You will need to run this command once to make sure there are no users or entities that got blocked but are not visible in the participants listing.
@@ -110,7 +148,7 @@ bundle exec rake decidim:upgrade:moderation:fix_blocked_user_panel
You can read more about this change on PR [\#10521](https://github.com/decidim/decidim/pull/10521).
-### 3.4. Change Webpacker to Shakapacker
+### 3.5. Change Webpacker to Shakapacker
Since the Rails team has retired the Webpacker in favour or importmap-rails or js-bundling, we got ouserlves in a situation where performance improvements could not be performed.
In order to continue having support for Webpacker like syntax, we have switched to Shakapacker.
@@ -136,7 +174,23 @@ bundle exec rake decidim:webpacker:install
This will make the necessary changes in the `config/webpacker.yml`, but also in the `config/webpack/` folder.
-### 3.5. Initialize content blocks on spaces or resources with landing page
+#### Note for development
+
+If you are using the `Procfile.dev` file, you will need to make sure that you have the following line in your configuration. If you have not altered the `Procfile.dev` file, you will not need to do anything, as we covered that part:
+
+```console
+webpacker: ./bin/webpacker-dev-server
+```
+
+In order to run your development server, you will need to run the following command:
+
+```console
+./bin/dev
+```
+
+You can read more about this change on PR [\#10389](https://github.com/decidim/decidim/pull/10389).
+
+### 3.6. Initialize content blocks on spaces or resources with landing page
The processes and assemblies participatory spaces have changed the show page and now is composed using content blocks. For the new spaces created in this version a callback is executed creating the content blocks marked as `default!` in the engine for the corresponding homepage scope. To have the same initialization in the existing spaces there is a task to generate those blocks if not present already. Run the below command to generate default content blocks when not present for all spaces and resources with content blocks homepage (participatory processes, participatory process groups and assemblies):
@@ -156,29 +210,13 @@ For example, to generate the default content blocks and also the components bloc
bundle exec rake decidim:content_blocks:initialize_default_content_blocks[,,true]
```
-#### Note for development
-
-If you are using the `Procfile.dev` file, you will need to make sure that you have the following line in your configuration. If you have not altered the `Procfile.dev` file, you will not need to do anything, as we covered that part:
-
-```console
-webpacker: ./bin/webpacker-dev-server
-```
-
-In order to run your development server, you will need to run the following command:
-
-```console
-./bin/dev
-```
-
-You can read more about this change on PR [\#10389](https://github.com/decidim/decidim/pull/10389).
-
-### 3.5. Graphql upgrade
+### 3.7. Graphql upgrade
In [\#10606](https://github.com/decidim/decidim/pull/10606) we have upgraded the GraphQL gem to version 2.0.19. This upgrade introduces some breaking changes, so you will need to update your GraphQL queries to match the new API. This change should be transparent for most of the users, but if you have custom GraphQL queries, you will need to update them. Also, please note, there might be some issues with community plugins that offer support for GraphQL, so you might need to update them as well.
Please see the [change log](https://github.com/rmosolgo/graphql-ruby/blob/master/CHANGELOG.md) for graphql gem for more information.
-### 3.6. Orphans valuator assignments cleanup
+### 3.8. Orphans valuator assignments cleanup
We have added a new task that helps you clean the valuator assignements records of roles that have been deleted.
@@ -190,7 +228,7 @@ bundle exec rake decidim:proposals:upgrade:remove_valuator_orphan_records
You can see more details about this change on PR [\#10607](https://github.com/decidim/decidim/pull/10607)
-### 3.7. Initiatives pages exception fix
+### 3.9. Initiatives pages exception fix
We have added a new tasks to fix a bug related to the pages component inside of the Initiatives module (`decidim-initiatives`).
@@ -202,7 +240,7 @@ bundle exec rake decidim:initiatives:upgrade:fix_broken_pages
You can see more details about this change on PR [\#10928](https://github.com/decidim/decidim/pull/10928)
-### 3.7. Add Content Security Policy (CSP) support
+### 3.10. Add Content Security Policy (CSP) support
We have introduced support for Content Security Policy (CSP). This is a security feature that helps to detect and mitigate certain types of attacks, including Cross Site Scripting (XSS) and data injection attacks.
By default, the CSP is enabled, and is configured to be as restrictive as possible, having the following default configuration:
@@ -659,3 +697,12 @@ end
```
You can read more about this change at PR [\#10760](https://github.com/decidim/decidim/pull/10760).
+
+### 5.5. Configuration parameter change
+
+Prior to 0.28, there was the possibility of configuring a list of disallowed passwords using the configuration parameter `Decidim.password_blacklist` or the environment variable `DECIDIM_PASSWORD_BLACKLIST`. These methods have been renamed as follows:
+
+- `Decidim.password_blacklist` becomes `Decidim.denied_passwords`
+- `DECIDIM_PASSWORD_BLACKLIST` becomes `DECIDIM_DENIED_PASSWORDS`
+
+You can read more about this change on PR [\#10288](https://github.com/decidim/decidim/pull/10288).
From 6400355fd9089b413a2a59cca31a759cf4d69b44 Mon Sep 17 00:00:00 2001
From: Antti Hukkanen
Date: Fri, 28 Jul 2023 15:20:53 +0300
Subject: [PATCH 12/14] Add links to useful accessibility resources to the a11y
docs (#11401)
---
docs/modules/develop/pages/guide_accessibility.adoc | 6 ++++++
1 file changed, 6 insertions(+)
diff --git a/docs/modules/develop/pages/guide_accessibility.adoc b/docs/modules/develop/pages/guide_accessibility.adoc
index 6bda7a63e15fd..848f84799cf22 100644
--- a/docs/modules/develop/pages/guide_accessibility.adoc
+++ b/docs/modules/develop/pages/guide_accessibility.adoc
@@ -16,6 +16,12 @@ Accessibility of websites is based on the https://www.w3.org/WAI/standards-guide
These guidelines are constantly evolving and new versions can come out that may require changes in already implemented functionality. Some of the violations can be noticed automatically but others violations require a real person to test the website with the common assistive technologies used for browsing the internet (see the "Testing" section below).
+Accessibility is not only technical. The end results have to be well tested and audited by unbiased 3rd parties to ensure the best outcome. With the core development we aim to consider the following criteria for creating accessible user interfaces:
+
+. Technical accessibility using https://dequeuniversity.com/rules/axe/latest[Axe]
+. Perceived accessibility using latest version of https://www.w3.org/WAI/standards-guidelines/wcag/[the WCAG recommendations]
+. Cognitive accessibility using https://www.w3.org/WAI/WCAG2/supplemental/#cognitiveaccessibilityguidance[the WCAG Cognitive Accessibility Guidance] and the guide for https://www.w3.org/TR/coga-usable/[Making Content Usable for People with Cognitive and Learning Disabilities]
+
=== Common mistakes
This section contains some common mistakes that developers tend to do regarding accessibility. These do not cover all of the things you need to consider regarding accessibility but we add common issues in this list as we notice them.
From 2dd4d728f9a36e754cb8ec2f67ac9bad11337da6 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Andr=C3=A9s=20Pereira=20de=20Lucena?=
Date: Fri, 28 Jul 2023 15:25:08 +0200
Subject: [PATCH 13/14] Add "Tile usage" notice at the top of doc page for OSM
maps and geocoding (#11411)
* Add documentation link reference in initializer
* Add "Tile usage" notice at the top of doc page
* Apply suggestions from code review
---------
Co-authored-by: Alexandru Emil Lupu
---
.../lib/decidim/generators/app_templates/initializer.rb | 3 +++
docs/modules/services/pages/maps.adoc | 8 ++++++++
2 files changed, 11 insertions(+)
diff --git a/decidim-generators/lib/decidim/generators/app_templates/initializer.rb b/decidim-generators/lib/decidim/generators/app_templates/initializer.rb
index f6e08211d44a1..ed37a5f0d15b7 100644
--- a/decidim-generators/lib/decidim/generators/app_templates/initializer.rb
+++ b/decidim-generators/lib/decidim/generators/app_templates/initializer.rb
@@ -47,6 +47,9 @@
# Map and Geocoder configuration
#
+ # See Decidim docs at https://docs.decidim.org/en/develop/services/maps.html
+ # for more information about how it works and how to set it up.
+ #
# == HERE Maps ==
# config.maps = {
# provider: :here,
diff --git a/docs/modules/services/pages/maps.adoc b/docs/modules/services/pages/maps.adoc
index 262d2dbeb2d64..b820a0e39ffb4 100644
--- a/docs/modules/services/pages/maps.adoc
+++ b/docs/modules/services/pages/maps.adoc
@@ -1,6 +1,14 @@
= Maps and geocoding
Decidim has the ability to geocode proposals and meetings and display them on a map.
+
+[CAUTION]
+====
+It is important to notice that you cannot use the OpenStreetMap service from openstreetmap.org. As they mention in their https://operations.osmfoundation.org/policies/tiles/[tile usage policy]:
+
+> OpenStreetMap data is free for everyone to use. Our tile servers are not.
+====
+
Decidim has built-in support for the following map service providers:
* http://here.com[HERE Maps] (Recommended)
From 025fc4ffe2340de6086e224cc476017304acdce5 Mon Sep 17 00:00:00 2001
From: Alexandru Emil Lupu
Date: Mon, 31 Jul 2023 09:46:47 +0300
Subject: [PATCH 14/14] Fix Failing specs (#11419)
---
.../content_blocks/participatory_space_hero/show.erb | 2 +-
.../spec/cells/decidim/user_activity_cell_spec.rb | 8 ++++----
2 files changed, 5 insertions(+), 5 deletions(-)
diff --git a/decidim-core/app/cells/decidim/content_blocks/participatory_space_hero/show.erb b/decidim-core/app/cells/decidim/content_blocks/participatory_space_hero/show.erb
index e6b7e5a3be2b6..d5df02555fde5 100644
--- a/decidim-core/app/cells/decidim/content_blocks/participatory_space_hero/show.erb
+++ b/decidim-core/app/cells/decidim/content_blocks/participatory_space_hero/show.erb
@@ -1,4 +1,4 @@
->
+ data-process-hero>
diff --git a/decidim-core/spec/cells/decidim/user_activity_cell_spec.rb b/decidim-core/spec/cells/decidim/user_activity_cell_spec.rb
index 99029426a5578..4a65448ebedc9 100644
--- a/decidim-core/spec/cells/decidim/user_activity_cell_spec.rb
+++ b/decidim-core/spec/cells/decidim/user_activity_cell_spec.rb
@@ -76,7 +76,7 @@
it "displays the latest items on the first page and a pagination" do
logs.last(10).each do |log|
root_link = Decidim::ResourceLocatorPresenter.new(log.resource.root_commentable).path
- comment_link = "#{root_link}?commentId=#{log.resource.id}"
+ comment_link = "#{root_link}?commentId=#{log.resource.id}#comment_#{log.resource.id}"
title = html_truncate(translated_attribute(log.resource.root_commentable.title), length: 80)
expect(subject).to have_link(title, href: comment_link)
@@ -95,7 +95,7 @@
it "displays the oldest items and a pagination" do
logs.first(5).each do |log|
root_link = Decidim::ResourceLocatorPresenter.new(log.resource.root_commentable).path
- comment_link = "#{root_link}?commentId=#{log.resource.id}"
+ comment_link = "#{root_link}?commentId=#{log.resource.id}#comment_#{log.resource.id}"
title = html_truncate(translated_attribute(log.resource.root_commentable.title), length: 80)
expect(subject).to have_link(title, href: comment_link)
@@ -124,14 +124,14 @@
# The first five items should be hidden through moderation
logs.first(5).each do |log|
root_link = Decidim::ResourceLocatorPresenter.new(log.resource.root_commentable).path
- comment_link = "#{root_link}?commentId=#{log.resource.id}"
+ comment_link = "#{root_link}?commentId=#{log.resource.id}#comment_#{log.resource.id}"
title = html_truncate(translated_attribute(log.resource.root_commentable.title), length: 80)
expect(subject).not_to have_link(title, href: comment_link)
end
logs.last(10).each do |log|
root_link = Decidim::ResourceLocatorPresenter.new(log.resource.root_commentable).path
- comment_link = "#{root_link}?commentId=#{log.resource.id}"
+ comment_link = "#{root_link}?commentId=#{log.resource.id}#comment_#{log.resource.id}"
title = html_truncate(translated_attribute(log.resource.root_commentable.title), length: 80)
expect(subject).to have_link(title, href: comment_link)
<%= t(".share") %>:
-