diff --git a/app/controllers/concerns/decidim/decidim_awesome/content_security_policy.rb b/app/controllers/concerns/decidim/decidim_awesome/content_security_policy.rb new file mode 100644 index 000000000..4a9bc26c5 --- /dev/null +++ b/app/controllers/concerns/decidim/decidim_awesome/content_security_policy.rb @@ -0,0 +1,27 @@ +# frozen_string_literal: true + +module Decidim + module DecidimAwesome + module ContentSecurityPolicy + extend ActiveSupport::Concern + + included do + after_action :append_awesome_csp_directives + end + + private + + def append_awesome_csp_directives + return unless DecidimAwesome.enabled?(:intergram_for_admins) || DecidimAwesome.enabled?(:intergram_for_public) + + intergram = URI.parse(DecidimAwesome.intergram_url) + if intergram.host && intergram.scheme + content_security_policy.append_csp_directive("script-src", "#{intergram.scheme}://#{intergram.host}") + content_security_policy.append_csp_directive("frame-src", "#{intergram.scheme}://#{intergram.host}") + # content_security_policy.append_csp_directive("frame-src", "http://www.loadmill.com") + # content_security_policy.append_csp_directive("frame-src", "http://app.loadmill.com") + end + end + end + end +end diff --git a/app/overrides/layouts/decidim/admin/_header/add_awesome_tags.html.erb.deface b/app/overrides/layouts/decidim/admin/_header/add_awesome_tags.html.erb.deface index c886b07bb..b73147dd5 100644 --- a/app/overrides/layouts/decidim/admin/_header/add_awesome_tags.html.erb.deface +++ b/app/overrides/layouts/decidim/admin/_header/add_awesome_tags.html.erb.deface @@ -4,3 +4,6 @@ <% append_stylesheet_pack_tag("decidim_admin_decidim_awesome_global") %> <% append_javascript_pack_tag("decidim_admin_decidim_awesome_global") %> <% append_javascript_pack_tag("decidim_decidim_awesome_custom_fields") if Decidim::DecidimAwesome.enabled?(:proposal_custom_fields) %> +<% if awesome_config[:intergram_for_admins] %> + <%= render partial: "layouts/decidim/decidim_awesome/intergram_widget", locals: { settings: organization_awesome_config[:intergram_for_admins_settings] } %> +<% end %> \ No newline at end of file diff --git a/app/views/decidim/decidim_awesome/admin/config/_form_livechat.html.erb b/app/views/decidim/decidim_awesome/admin/config/_form_livechat.html.erb index 4eab58821..80691ee0c 100644 --- a/app/views/decidim/decidim_awesome/admin/config/_form_livechat.html.erb +++ b/app/views/decidim/decidim_awesome/admin/config/_form_livechat.html.erb @@ -1,4 +1,4 @@ -
+
<% if config_enabled? :intergram_for_public %>
<%= form.check_box :intergram_for_public %> @@ -17,8 +17,8 @@
<%= f.check_box :require_login, label: t("intergram_require_login", scope: "activemodel.attributes.config") %> - <%= f.check_box :use_floating_button, class: "mb-4", label: t("intergram_use_floating_button", scope: "activemodel.attributes.config") %> - <%= f.color_field :color, class: "mb-4 block w-full p-1", label: t("intergram_color", scope: "activemodel.attributes.config") %> + <%= f.check_box :use_floating_button, class: "mb-4", label: t("intergram_use_floating_button", scope: "activemodel.attributes.config"), label_options: { class: "block" } %> + <%= f.color_field :color, value: f.object.color || "#E91E63", class: "mb-4 block w-full p-1", label: t("intergram_color", scope: "activemodel.attributes.config") %> <%= f.text_field :title_open, class: "mb-4", label: t("intergram_title_open", scope: "activemodel.attributes.config"), placeholder: t("decidim.decidim_awesome.config.intergram.title_open") %> <%= f.text_field :title_closed, class: "mb-4", label: t("intergram_title_closed", scope: "activemodel.attributes.config"), placeholder: t("decidim.decidim_awesome.config.intergram.title_closed") %> @@ -48,7 +48,7 @@
<%= f.check_box :use_floating_button, class: "mb-4", label: t("intergram_use_floating_button", scope: "activemodel.attributes.config") %> - <%= f.color_field :color, class: "mb-4 block w-full p-1", label: t("intergram_color", scope: "activemodel.attributes.config") %> + <%= f.color_field :color, value: f.object.color || "#E91E63", class: "mb-4 block w-full p-1", label: t("intergram_color", scope: "activemodel.attributes.config") %> <%= f.text_field :title_open, class: "mb-4", label: t("intergram_title_open", scope: "activemodel.attributes.config"), placeholder: t("decidim.decidim_awesome.config.intergram.title_open") %> <%= f.text_field :title_closed, class: "mb-4", label: t("intergram_title_closed", scope: "activemodel.attributes.config"), placeholder: t("decidim.decidim_awesome.config.intergram.title_closed") %> diff --git a/app/views/decidim/decidim_awesome/admin/config/show.html.erb b/app/views/decidim/decidim_awesome/admin/config/show.html.erb index 9e1f764a4..57ed77a01 100644 --- a/app/views/decidim/decidim_awesome/admin/config/show.html.erb +++ b/app/views/decidim/decidim_awesome/admin/config/show.html.erb @@ -1,5 +1,5 @@ -
-

+
+

<%= t(".title", setting: config_var) %>

diff --git a/app/views/layouts/decidim/decidim_awesome/_intergram_widget.html.erb b/app/views/layouts/decidim/decidim_awesome/_intergram_widget.html.erb index cd4e6805f..c89f61dbd 100644 --- a/app/views/layouts/decidim/decidim_awesome/_intergram_widget.html.erb +++ b/app/views/layouts/decidim/decidim_awesome/_intergram_widget.html.erb @@ -1,5 +1,5 @@