diff --git a/OVERLOAD.md b/OVERLOAD.md index 0197d8d..8f7bb4d 100644 --- a/OVERLOAD.md +++ b/OVERLOAD.md @@ -1,5 +1,8 @@ # List of overloaded files for specific needs in this repository +## Backport meetings order +- **app/controllers/decidim/meetings/meetings_controller.rb** + ## Disable fast signup - **config/initializers/devise.rb** Added: diff --git a/app/controllers/decidim/meetings/meetings_controller.rb b/app/controllers/decidim/meetings/meetings_controller.rb new file mode 100644 index 0000000..d37c05c --- /dev/null +++ b/app/controllers/decidim/meetings/meetings_controller.rb @@ -0,0 +1,138 @@ +# frozen_string_literal: true + +module Decidim + module Meetings + # Exposes the meeting resource so users can view them + class MeetingsController < Decidim::Meetings::ApplicationController + include FilterResource + include Flaggable + include FormFactory + include Paginable + helper Decidim::WidgetUrlsHelper + helper Decidim::ResourceVersionsHelper + + helper_method :meetings, :meeting, :registration, :search + + def new + enforce_permission_to :create, :meeting + + @form = meeting_form.instance + end + + def create + enforce_permission_to :create, :meeting + + @form = meeting_form.from_params(params, current_component: current_component) + + CreateMeeting.call(@form) do + on(:ok) do |meeting| + flash[:notice] = I18n.t("meetings.create.success", scope: "decidim.meetings") + redirect_to meeting_path(meeting) + end + + on(:invalid) do + flash.now[:alert] = I18n.t("meetings.create.invalid", scope: "decidim.meetings") + render action: "new" + end + end + end + + def index + return unless search.results.blank? && params.dig("filter", "date") != %w(past) + + @past_meetings = search_klass.new(search_params.merge(date: %w(past))) + + if @past_meetings.results.present? + params[:filter] ||= {} + params[:filter][:date] = %w(past) + @forced_past_meetings = true + @search = @past_meetings + end + end + + def show + raise ActionController::RoutingError, "Not Found" unless meeting + + @report_form = form(Decidim::ReportForm).from_params(reason: "spam") + + return if meeting.current_user_can_visit_meeting?(current_user) + + flash[:alert] = I18n.t("meeting.not_allowed", scope: "decidim.meetings") + redirect_to(ResourceLocatorPresenter.new(meeting).index) + end + + def edit + enforce_permission_to :update, :meeting, meeting: meeting + + @form = meeting_form.from_model(meeting) + end + + def update + enforce_permission_to :update, :meeting, meeting: meeting + + @form = meeting_form.from_params(params) + + UpdateMeeting.call(@form, current_user, meeting) do + on(:ok) do |meeting| + flash[:notice] = I18n.t("meetings.update.success", scope: "decidim.meetings") + redirect_to Decidim::ResourceLocatorPresenter.new(meeting).path + end + + on(:invalid) do + flash.now[:alert] = I18n.t("meetings.update.invalid", scope: "decidim.meetings") + render :edit + end + end + end + + private + + def meeting + @meeting ||= Meeting.not_hidden.where(component: current_component).find(params[:id]) + end + + def meetings + # OSP OVERRIDES for meetings order + # - origin : + # @meetings ||= paginate(search.results.not_hidden) + # - override : + @meetings ||= paginate(search.results.order(start_time: params.dig("filter", "date")&.include?("past") ? :desc : :asc)) + end + + def registration + @registration ||= meeting.registrations.find_by(user: current_user) + end + + def search_klass + MeetingSearch + end + + def meeting_form + form(Decidim::Meetings::MeetingForm) + end + + def default_filter_params + { + search_text: "", + date: %w(upcoming), + scope_id: default_filter_scope_params, + category_id: default_filter_category_params, + origin: default_filter_origin_params + } + end + + def default_filter_origin_params + filter_origin_params = %w(citizens) + filter_origin_params << "official" + filter_origin_params << "user_group" if current_organization.user_groups_enabled? + filter_origin_params + end + + def default_search_params + { + scope: Meeting.visible_meeting_for(current_user) + } + end + end + end +end diff --git a/config/initializers/content_security_policy.rb b/config/initializers/content_security_policy.rb index 1eea16c..a97c309 100644 --- a/config/initializers/content_security_policy.rb +++ b/config/initializers/content_security_policy.rb @@ -14,6 +14,7 @@ policy.script_src :self, :https, :unsafe_inline, :unsafe_eval policy.style_src :self, :https, :unsafe_inline + # Specify URI for violation reports # policy.report_uri "/csp-violation-report-endpoint" end diff --git a/config/locales/en.yml b/config/locales/en.yml index 14e1214..1249c42 100644 --- a/config/locales/en.yml +++ b/config/locales/en.yml @@ -47,6 +47,16 @@ en: tos_agreement: Tos agreement tos_title: Tos title username_help: Username help + meetings: + meeting: + not_allowed: Vous n'êtes pas autorisé à vous inscrire à cette rencontre. + meetings: + create: + invalid: Il y a eu une erreur lors de la création de la rencontre. + success: La rencontre a été créée avec succès. + update: + invalid: Il y a eu une erreur lors de la mise à jour de la rencontre. + success: La rencontre a été mise à jour avec succès. verifications: authorizations: first_login: diff --git a/config/locales/fr.yml b/config/locales/fr.yml index 1a244cf..003729c 100644 --- a/config/locales/fr.yml +++ b/config/locales/fr.yml @@ -47,6 +47,16 @@ fr: tos_agreement: En vous inscrivant, vous acceptez %{link} tos_title: Conditions d'utilisation username_help: Le nom est public et apparaît dans votre profil et sur vos messages. Dans le but de garantir l'anonymat, vous pouvez choisir n'importe quel nom. + meetings: + meeting: + not_allowed: Vous n'êtes pas autorisé à vous inscrire à cette rencontre. + meetings: + create: + invalid: Il y a eu une erreur lors de la création de la rencontre. + success: La rencontre a été créée avec succès. + update: + invalid: Il y a eu une erreur lors de la mise à jour de la rencontre. + success: La rencontre a été mise à jour avec succès. verifications: authorizations: first_login: