add scripts

app/controllers/concerns/decidim/decidim_awesome/content_security_policy.rb

@@ -0,0 +1,27 @@
+# frozen_string_literal: true
+
+module Decidim
+  module DecidimAwesome
+    module ContentSecurityPolicy
+      extend ActiveSupport::Concern
+
+      included do
+        after_action :append_awesome_csp_directives
+      end
+
+      private
+
+      def append_awesome_csp_directives
+        return unless DecidimAwesome.enabled?(:intergram_for_admins) || DecidimAwesome.enabled?(:intergram_for_public)
+
+        intergram = URI.parse(DecidimAwesome.intergram_url)
+        if intergram.host && intergram.scheme
+          content_security_policy.append_csp_directive("script-src", "#{intergram.scheme}://#{intergram.host}")
+          content_security_policy.append_csp_directive("frame-src", "#{intergram.scheme}://#{intergram.host}")
+          # content_security_policy.append_csp_directive("frame-src", "http://www.loadmill.com")
+          # content_security_policy.append_csp_directive("frame-src", "http://app.loadmill.com")
+        end
+      end
+    end
+  end
+end

app/overrides/layouts/decidim/admin/_header/add_awesome_tags.html.erb.deface

@@ -4,3 +4,6 @@
 <% append_stylesheet_pack_tag("decidim_admin_decidim_awesome_global") %>
 <% append_javascript_pack_tag("decidim_admin_decidim_awesome_global") %>
 <% append_javascript_pack_tag("decidim_decidim_awesome_custom_fields") if Decidim::DecidimAwesome.enabled?(:proposal_custom_fields) %>
+<% if awesome_config[:intergram_for_admins] %>
+  <%= render partial: "layouts/decidim/decidim_awesome/intergram_widget", locals: { settings: organization_awesome_config[:intergram_for_admins_settings] } %>
+<% end %>

app/views/decidim/decidim_awesome/admin/config/_form_livechat.html.erb

@@ -1,4 +1,4 @@
-<div class="form__wrapper p-4 decidim_awesome-form">
+<div class="form__wrapper decidim_awesome-form">
   <% if config_enabled? :intergram_for_public %>
   <div class="row column">
     <%= form.check_box :intergram_for_public %>
@@ -17,8 +17,8 @@
       </div>
 
       <%= f.check_box :require_login, label: t("intergram_require_login", scope: "activemodel.attributes.config") %>
-      <%= f.check_box :use_floating_button, class: "mb-4", label: t("intergram_use_floating_button", scope: "activemodel.attributes.config") %>
-      <%= f.color_field :color, class: "mb-4 block w-full p-1", label: t("intergram_color", scope: "activemodel.attributes.config") %>
+      <%= f.check_box :use_floating_button, class: "mb-4", label: t("intergram_use_floating_button", scope: "activemodel.attributes.config"), label_options: { class: "block" } %>
+      <%= f.color_field :color, value: f.object.color || "#E91E63", class: "mb-4 block w-full p-1", label: t("intergram_color", scope: "activemodel.attributes.config") %>
 
       <%= f.text_field :title_open, class: "mb-4", label: t("intergram_title_open", scope: "activemodel.attributes.config"), placeholder: t("decidim.decidim_awesome.config.intergram.title_open") %>
       <%= f.text_field :title_closed, class: "mb-4", label: t("intergram_title_closed", scope: "activemodel.attributes.config"), placeholder: t("decidim.decidim_awesome.config.intergram.title_closed") %>
@@ -48,7 +48,7 @@
       </div>
 
       <%= f.check_box :use_floating_button, class: "mb-4", label: t("intergram_use_floating_button", scope: "activemodel.attributes.config") %>
-      <%= f.color_field :color, class: "mb-4 block w-full p-1", label: t("intergram_color", scope: "activemodel.attributes.config") %>
+      <%= f.color_field :color, value: f.object.color || "#E91E63", class: "mb-4 block w-full p-1", label: t("intergram_color", scope: "activemodel.attributes.config") %>
 
       <%= f.text_field :title_open, class: "mb-4", label: t("intergram_title_open", scope: "activemodel.attributes.config"), placeholder: t("decidim.decidim_awesome.config.intergram.title_open") %>
       <%= f.text_field :title_closed, class: "mb-4", label: t("intergram_title_closed", scope: "activemodel.attributes.config"), placeholder: t("decidim.decidim_awesome.config.intergram.title_closed") %>

app/views/decidim/decidim_awesome/admin/config/show.html.erb

@@ -1,5 +1,5 @@
-<div class="border-none item_show__header" style="margin-bottom: 0;">
-  <h2 class="item_show__header-title p-4 bg-gray-6 rounded-t">
+<div class="item_show__header">
+  <h2 class="item_show__header-title">
     <%= t(".title", setting: config_var) %>
   </h2>
 </div>

app/views/layouts/decidim/decidim_awesome/_intergram_widget.html.erb

@@ -1,5 +1,5 @@
 <script>
-  window.intergramId = "<%= j (settings[:chat_id]).html_safe %>";
+  window.intergramId = "<%= j (settings[:chat_id])&.html_safe %>";
 
   window.intergramOnOpen = {};
   window.intergramOnOpen.visitorName = "<%= j current_user&.nickname %>";

lib/decidim/decidim_awesome/engine.rb

@@ -84,6 +84,10 @@ class Engine < ::Rails::Engine
 
       initializer "decidim_decidim_awesome.overrides", after: "decidim.action_controller" do
         config.to_prepare do
+          # Auto-insert some csp directives
+          Decidim::ApplicationController.include(Decidim::DecidimAwesome::ContentSecurityPolicy)
+          Decidim::Admin::ApplicationController.include(Decidim::DecidimAwesome::ContentSecurityPolicy)
+
           # redirect unauthorized scoped admins to allowed places or custom redirects if configured
           Decidim::ErrorsController.include(Decidim::DecidimAwesome::NotFoundRedirect) if DecidimAwesome.enabled?([:scoped_admins, :custom_redirects])