release: 2.5.0 (#616)

* bump: Bump custom proposal states (#599)

* Feat: custom sort for processes (#596)

* feat: add custom sort for processesdepending on new variable

* feat: update locales files

* feat: update seeds

* test: add controller tests for assemblies and processes

* chore: update i18n config for unused keys

* docs: update overrides

* refactor: update env variable after review

* Fix form initiatives (#600)

* fix: XSS vulnerability with img on initiative form and model

* test: add tests for new validation

* docs: update overrides section

* fix: interference from added extends with migration

* style: update with rubocop

* fix: ActiveRecord::NoDatabaseError

* fix: trying to fix again interference

* fix: update initiative fomr extends and modify admin initiative controller

* refactor: update with rubocop

* fix: validation in initiative_form extends and update test

* docs: update overrides section in overloads.md

* fix: Update OVERLOADS.md

---------

Co-authored-by: Quentin Champenois <[email protected]>

* bump: Decidim-Awesome to last commit (#607)

* feat: Bump decidim-awesome to last commit

* fix: Fix migration that has been changed since first implementation

* fix: Add Referrer-Policy to strict (#613)

* fix: Flash message on proposal limit per user reached (#609)

* fix error message displaying when reaching proposition add limit

* add test

* add keys in ignore_missing keys

* fix: Add block reported user task (#614)

* feat: Add module decidim-cleaner (#597)

* feat: Add decidim-cleaner

* refactor: Comment env var by default

---------

Co-authored-by: Quentin Champenois <[email protected]>

* Install GuestMeetingRegistration module (#615)

* Install GuestMeetingRegistration module

* Update registration module

* feat: Add Sendethics possibility to the sms gateway (#605)

Co-authored-by: Lucie Grau <[email protected]>

* Bump: Phone authorization handler module (#623)

* backport: remove sentry (#622)

* backport: Use cdn (#624)

* backport: self hosted cdn

* backport: update js files content

* fix: Missing image in survey question (#621)

* fix: update condition to not empty input value if image is present

* test: add system test to check for input value

* test: update check for image

* test: update img check again

* test: last update check img

* test: update

* test: another update

* test: if img is present

* test: update other test to avoid ambiguous selector error

* test: update to see if image is presnet after save

* fix: override editor js in decidim_awesome

* test: update system test

* fix: Questions order in survey export (#618)

* chore: update after pull

* fix: order questions by position in serializer

* test: add test for question order

* refactor: update test

* style: remove empty line

* bump: Guest meeting registration module (#625)

* Bump: Guest meeting registration module

* refactor(Gemfile): Remove ref reference in Gemfile

---------

Co-authored-by: Quentin Champenois <[email protected]>

* feat: add decypted private body to extra fields (#608)

* feat: add new column to proposal extra fields

* feat: add callback to proposal extra field model

* test: add test for proposal extra field model

* feat: add rake task to update existing data

* test: add test for new rake task

* feat: add proposal extra field model extends to config

* chore: update rubocop rules

* refactor: update task and test

* create the job file

* update rake task

* lint code

* add tests file

* fix rspec

* clean double specs

* update spec

* update spec

* update syntax test with a context instade of only 'it'

* lint code by removing useless line in job spec file

* update spec

* add more context in spec file

* lint code

* update rake tasks test

---------

Co-authored-by: barbara oliveira <[email protected]>
Co-authored-by: Lucie Grau <[email protected]>
Co-authored-by: Quentin Champenois <[email protected]>

* feat: Clear minio s3 bucket (#612)

* feat(Docker): Add minio service

* feat(rake): Add new tasks to cleanup s3 bucket

* fix: Add S3 purge rake task

* fix: S3 Bucket endpoint for docker local

* fix(rake): Active storage clear orphans job

* fix(sidekiq): Add sidekiq configuration

* fix: Logger for active_storage.rake job

* fix: Prevent duplicated ActiveRecord Query

* fix: Prevent error on PP sort with end_date nil (#626)

* fix: update to handle processes without start_date or end_date

* fix: update sort in controllers

* test: update test with process without end date

* refactor: optimize queries in controllers and update tests

* refactor: update sort processes in controllers

---------

Co-authored-by: Lucie Grau <[email protected]>

* bump: Module Spam Detection to 4.1.2 (#630)

* feat: Author notification on proposal publication  (#620)

* add notification with eventmanager

* base to watch the CI and see files on github

* fix translation key & notififaction displaying

* add send_pubication_notification to right file

* start test rspec

* continuing rspec

* potential final test file

* fix: Merge proposal command and anonymous proposals

* fix: Change ProposalPublishedEvent to SimpleEvent

* fix: Proposal Published Event

* fix: Push FR locales

* test: Add specs for proposal_published_event

* update methode & file name

* adjust trad key

* adjust test file & update name of test file

* lint

* lint fr trad key

* lint

* update trad key order

* lint

* correct trad key link in method

* correst rspec

* fix rspec

* fix: Notification small title

* lint(rubocop): Fix offenses

* ci: Exclude BeEq Rubocop rule

* clean

* fix CI

* delete test file

* add ignore trad key in i118n-tasks.yml to fix CI

* update text syntaxe via trad key

* add '' in fr trad key

---------

Co-authored-by: Quentin Champenois <[email protected]>

* revert: "fix: Flash message on proposal limit per user reached (#609)" (#634)

This reverts commit 28003b5.

---------

Co-authored-by: Guillaume MORET <[email protected]>
Co-authored-by: stephanierousset <[email protected]>
Co-authored-by: ’Barbara Oliveira <[email protected]>
Co-authored-by: Alexandru Emil Lupu <[email protected]>
Co-authored-by: Lucie Grau <[email protected]>
Co-authored-by: barbara oliveira <[email protected]>

.env-example

@@ -5,7 +5,6 @@ AWS_ACCESS_KEY_ID=
 AWS_SECRET_ACCESS_KEY=
 SECRET_KEY_BASE=
 GEOCODER_LOOKUP_API_KEY=
-SENTRY_DSN=
 HELP_SCOUT_BEACON_ID_MAIN=
 BACKUP_ENABLED=
 BACKUP_S3SYNC_ENABLED=
@@ -48,8 +47,6 @@ AVAILABLE_LOCALES="fr,en"
 # Force SSL - binary (default: 1)
 # Can be disable for reverse proxy setup
 FORCE_SSL=1
-SENTRY_SIDEKIQ_SAMPLE_RATE=0.1
-SENTRY_SAMPLE_RATE=0.5
 FRIENDLY_SIGNUP_OVERRIDE_PASSWORDS=1
 FRIENDLY_SIGNUP_INSTANT_VALIDATION=1
 FRIENDLY_SIGNUP_HIDE_NICKNAME=1
@@ -93,13 +90,34 @@ RAILS_LOG_LEVEL=warn
 # SMS_GATEWAY_PASSWORD=
 ## Set to replace the organization name
 # SMS_GATEWAY_PLATFORM="hashimoto.local"
+## In case you're using Sendethics service
+SMS_GATEWAY_MB_API_KEY=
+SMS_GATEWAY_MB_ACCOUNT_ID=
 
 #Timeout for the unsubscribe link of the newsletter
-#NEWSLETTERS_UNSUBSCRIBE_TIMEOUT=
+# NEWSLETTERS_UNSUBSCRIBE_TIMEOUT=
 
 # Redirect to the TOS page after signup (default: true)
 # DECIDIM_HALF_SIGNUP_SHOW_TOS_PAGE_AFTER_SIGNUP=true
 
 # Automatically save AH metadata to user extended data
 # Format : comma separated list of auhtorization handler names
-# AUTO_EXPORT_AUTHORIZATIONS_DATA_TO_USER_DATA_ENABLED_FOR="authorization1,authorization2"
+# AUTO_EXPORT_AUTHORIZATIONS_DATA_TO_USER_DATA_ENABLED_FOR="authorization1,authorization2"
+
+# Delay until a user is considered inactive and receive a warning email (in days, default: 365)
+# DECIDIM_CLEANER_INACTIVE_USERS_MAIL=
+
+# Delay until a user is deleted after receiving an email (in days, default: 30)
+# DECIDIM_CLEANER_DELETE_INACTIVE_USERS=
+
+# Delay until an admin log is deleted (in days, default: 365)
+# DECIDIM_CLEANER_DELETE_ADMIN_LOGS=
+
+# Delay until user's versions are deleted after the user deletion (in days, default: 30)
+# DECIDIM_CLEANER_DELETE_DELETED_USERS_DATA=
+
+# Delay until deleted authorization's versions are deleted after the authorization creation (in days, default: 30)
+# DECIDIM_CLEANER_DELETE_DELETED_AUTHORIZATIONS_DATA=
+
+# Sort participatory processes by date
+SORT_PROCESSES_BY_DATE=false

.overloads

@@ -58,7 +58,6 @@ config/initializers/filter_parameter_logging.rb
 config/initializers/inflections.rb
 config/initializers/mime_types.rb
 config/initializers/new_framework_defaults_5_2.rb
-config/initializers/sentry.rb
 config/initializers/social_share_button.rb
 config/initializers/wrap_parameters.rb
 config/locales/decidim-awesome/fr.yml

.rubocop_rails.yml

@@ -89,6 +89,8 @@ Rails/SkipsModelValidations:
   Enabled: true
   Exclude:
     - db/migrate/*.rb
+    - lib/extends/models/decidim/decidim_awesome/proposal_extra_field_extends.rb
+    - spec/lib/tasks/decidim_app/set_decrypted_private_body_task_spec.rb
 
 Rails/Validation:
   Include:
@@ -107,3 +109,7 @@ RSpec/MultipleMemoizedHelpers:
 
 RSpec/AnyInstance:
   Enabled: false
+
+RSpec/BeEq:
+  Exclude:
+    - spec/events/decidim/proposals/author_confirmation_proposal_event_spec.rb

Gemfile

@@ -23,8 +23,9 @@ gem "decidim-anonymous_proposals", DECIDIM_ANONYMOUS_PROPOSALS_VERSION
 gem "decidim-budget_category_voting", git: "https://github.com/alecslupu-pfa/decidim-budget_category_voting.git", branch: DECIDIM_BRANCH
 gem "decidim-cache_cleaner"
 gem "decidim-category_enhanced", "~> 0.0.1"
+gem "decidim-cleaner"
 gem "decidim-custom_proposal_states", git: "https://github.com/alecslupu-pfa/decidim-module-custom_proposal_states", branch: DECIDIM_BRANCH
-gem "decidim-decidim_awesome", git: "https://github.com/decidim-ice/decidim-module-decidim_awesome", branch: "main"
+gem "decidim-decidim_awesome", git: "https://github.com/decidim-ice/decidim-module-decidim_awesome", branch: DECIDIM_BRANCH
 gem "decidim-extended_socio_demographic_authorization_handler", git: "https://github.com/OpenSourcePolitics/decidim-module-extended_socio_demographic_authorization_handler.git",
                                                                 branch: DECIDIM_BRANCH
 gem "decidim-extra_user_fields", git: "https://github.com/OpenSourcePolitics/decidim-module-extra_user_fields.git", branch: "temp/twilio-compatibility-0.27"
@@ -34,10 +35,11 @@ gem "decidim-half_signup", git: "https://github.com/OpenSourcePolitics/decidim-m
 gem "decidim-homepage_interactive_map", git: "https://github.com/OpenSourcePolitics/decidim-module-homepage_interactive_map.git", branch: DECIDIM_BRANCH
 gem "decidim-phone_authorization_handler", git: "https://github.com/OpenSourcePolitics/decidim-module_phone_authorization_handler", branch: "release/0.27-stable"
 gem "decidim-simple_proposal", git: "https://github.com/OpenSourcePolitics/decidim-module-simple_proposal", branch: DECIDIM_BRANCH
-gem "decidim-spam_detection", git: "https://github.com/OpenSourcePolitics/decidim-spam_detection.git", tag: "4.1.1"
+gem "decidim-spam_detection", git: "https://github.com/OpenSourcePolitics/decidim-spam_detection.git", tag: "4.1.2"
 gem "decidim-survey_multiple_answers", git: "https://github.com/OpenSourcePolitics/decidim-module-survey_multiple_answers"
 gem "decidim-term_customizer", git: "https://github.com/OpenSourcePolitics/decidim-module-term_customizer.git", branch: "fix/email_with_precompile"
 
+gem "decidim-guest_meeting_registration", git: "https://github.com/alecslupu-pfa/guest-meeting-registration.git", branch: DECIDIM_BRANCH
 # Omniauth gems
 gem "omniauth-france_connect", git: "https://github.com/OpenSourcePolitics/omniauth-france_connect"
 gem "omniauth_openid_connect"
@@ -84,9 +86,6 @@ group :production do
   gem "health_check", "~> 3.1"
   gem "lograge"
   gem "sendgrid-ruby"
-  gem "sentry-rails"
-  gem "sentry-ruby"
-  gem "sentry-sidekiq"
   gem "sidekiq", "~> 6.0"
   gem "sidekiq-scheduler", "~> 5.0"
 end

Gemfile.lock

@@ -100,18 +100,18 @@ GIT
 
 GIT
   remote: https://github.com/OpenSourcePolitics/decidim-module_phone_authorization_handler
-  revision: a3e77fb29e9a19793b3ff8b5d2273d41fac0919b
+  revision: 885122479e7fb9d8294dcf4c4d4f2d34e978b3c6
   branch: release/0.27-stable
   specs:
     decidim-phone_authorization_handler (1.0.0)
       decidim-core (~> 0.27)
 
 GIT
   remote: https://github.com/OpenSourcePolitics/decidim-spam_detection.git
-  revision: fb2ee4624b728ce6f73603bfb84eda1d9b4e04d4
-  tag: 4.1.1
+  revision: 5e4f92f19b903228b8349fb002d735e900d63ed4
+  tag: 4.1.2
   specs:
-    decidim-spam_detection (4.1.1)
+    decidim-spam_detection (4.1.2)
       decidim-core (~> 0.27.0)
 
 GIT
@@ -143,20 +143,30 @@ GIT
 
 GIT
   remote: https://github.com/alecslupu-pfa/decidim-module-custom_proposal_states
-  revision: 66bc4d1a9f00eb66356e583365597e737e1d6917
+  revision: 848eb550d44d9bebc9e72c458c4e3aab79203d9e
   branch: release/0.27-stable
   specs:
     decidim-custom_proposal_states (0.27.5)
       decidim-core (~> 0.27)
       decidim-proposals (~> 0.27)
       deface (>= 1.9)
 
+GIT
+  remote: https://github.com/alecslupu-pfa/guest-meeting-registration.git
+  revision: 7b3af0d34d053cc430080e483cd6d1e48dcc0f32
+  branch: release/0.27-stable
+  specs:
+    decidim-guest_meeting_registration (0.27.7)
+      decidim-core (~> 0.27)
+      decidim-meetings (~> 0.27)
+      deface (>= 1.9)
+
 GIT
   remote: https://github.com/decidim-ice/decidim-module-decidim_awesome
-  revision: 058af7db47737e3ca108ac8e08efd5ec55d67a44
-  branch: main
+  revision: b9aae42bc835485edec5887cb02062caaaf64ed1
+  branch: release/0.27-stable
   specs:
-    decidim-decidim_awesome (0.10.2)
+    decidim-decidim_awesome (0.10.3)
       decidim-admin (>= 0.26.0, < 0.28)
       decidim-core (>= 0.26.0, < 0.28)
       deface (>= 1.5)
@@ -416,6 +426,8 @@ GEM
       decidim-admin (~> 0.27.0)
       decidim-core (~> 0.27.0)
       deface (>= 1.9)
+    decidim-cleaner (3.1.0)
+      decidim-core (~> 0.27.0)
     decidim-comments (0.27.4)
       decidim-core (= 0.27.4)
       redcarpet (~> 3.5, >= 3.5.1)
@@ -1023,14 +1035,6 @@ GEM
     semantic_range (3.0.0)
     sendgrid-ruby (6.7.0)
       ruby_http_client (~> 3.4)
-    sentry-rails (5.16.1)
-      railties (>= 5.0)
-      sentry-ruby (~> 5.16.1)
-    sentry-ruby (5.16.1)
-      concurrent-ruby (~> 1.0, >= 1.0.2)
-    sentry-sidekiq (5.16.1)
-      sentry-ruby (~> 5.16.1)
-      sidekiq (>= 3.0)
     seven_zip_ruby (1.3.0)
     sidekiq (6.5.12)
       connection_pool (>= 2.2.5, < 3)
@@ -1170,6 +1174,7 @@ DEPENDENCIES
   decidim-budgets_booth!
   decidim-cache_cleaner
   decidim-category_enhanced (~> 0.0.1)
+  decidim-cleaner
   decidim-conferences (~> 0.27.0)
   decidim-custom_proposal_states!
   decidim-decidim_awesome!
@@ -1178,6 +1183,7 @@ DEPENDENCIES
   decidim-extra_user_fields!
   decidim-friendly_signup!
   decidim-gallery!
+  decidim-guest_meeting_registration!
   decidim-half_signup!
   decidim-homepage_interactive_map!
   decidim-initiatives (~> 0.27.0)
@@ -1208,9 +1214,6 @@ DEPENDENCIES
   rack-attack (~> 6.6)
   rubocop-faker
   sendgrid-ruby
-  sentry-rails
-  sentry-ruby
-  sentry-sidekiq
   sidekiq (~> 6.0)
   sidekiq-scheduler (~> 5.0)
   spring (~> 2.0)
@@ -1223,4 +1226,4 @@ RUBY VERSION
    ruby 3.0.6p216
 
 BUNDLED WITH
-   2.4.9
+   2.5.22

OVERLOADS.md

@@ -2,6 +2,19 @@
 * `app/cells/decidim/version_cell.rb`
 This override the default `VersionCell` from `decidim-core`, by adding sanitization for `version_number` to prevent XSS attacks.
 
+* `app/controllers/decidim/assemblies/assemblies_controller.rb`
+This override the default `AssembliesController` from `decidim-assemblies`, by adding custom sort for assembly_participatory_processes
+
+* `app/helpers/decidim/assemblies/assemblies_helper.rb`
+This override the default `AssembliesHelpler` from `decidim-assemblies`, by adding custom html for sorted assembly_participatory_processes
+
+* `app/controllers/decidim/participatory_processes/participatory_processes_controller.rb`
+This override the default `ParticipatoryProcessesController` from `decidim-participatory_processes`, by adding custom sort for participatory_processes
+
+## Initiative form
+* `lib/extends/forms/decidim/initiatives/initiative_form_extends.rb`
+This adds a validation to form's description.
+
 ## Proposal's draft (Decidim awesome overrides 0.26.7)
 * `app/views/decidim/proposals/collaborative_drafts/_edit_form_fields.html.erb`
 

app.json

@@ -7,8 +7,7 @@
     "heroku-redis:hobby-dev",
     "memcachedcloud:30",
     "newrelic:wayne",
-    "sendgrid:starter",
-    "sentry:f1"
+    "sendgrid:starter"
   ],
   "scripts": {
     "postdeploy":"rake db:schema:load db:migrate"

app/commands/decidim/proposals/publish_proposal.rb

@@ -0,0 +1,126 @@
+# frozen_string_literal: true
+
+module Decidim
+  module Proposals
+    # A command with all the business logic when a user publishes a draft proposal.
+    class PublishProposal < Decidim::Command
+      include Decidim::AnonymousProposals::AnonymousBehaviorCommandsConcern
+
+      # Public: Initializes the command.
+      #
+      # proposal     - The proposal to publish.
+      # current_user - The current user.
+      # override: decidim-module-anonymous_proposals/app/commands/decidim/anonymous_proposals/publish_proposal_command_overrides.rb
+      def initialize(proposal, current_user)
+        @proposal = proposal
+        @is_anonymous = allow_anonymous_proposals? && (current_user.blank? || proposal.authored_by?(anonymous_group))
+        set_current_user(current_user)
+      end
+
+      # Executes the command. Broadcasts these events:
+      #
+      # - :ok when everything is valid and the proposal is published.
+      # - :invalid if the proposal's author is not the current user.
+      #
+      # Returns nothing.
+      def call
+        return broadcast(:invalid) unless @proposal.authored_by?(@current_user)
+
+        transaction do
+          publish_proposal
+          increment_scores
+          send_notification
+          send_notification_to_participatory_space
+          send_publication_notification
+        end
+
+        broadcast(:ok, @proposal)
+      end
+
+      private
+
+      # This will be the PaperTrail version that is
+      # shown in the version control feature (1 of 1)
+      #
+      # For an attribute to appear in the new version it has to be reset
+      # and reassigned, as PaperTrail only keeps track of object CHANGES.
+      def publish_proposal
+        title = reset(:title)
+        body = reset(:body)
+
+        Decidim.traceability.perform_action!(
+          "publish",
+          @proposal,
+          @current_user,
+          visibility: "public-only"
+        ) do
+          @proposal.update title: title, body: body, published_at: Time.current
+        end
+      end
+
+      # Reset the attribute to an empty string and return the old value
+      def reset(attribute)
+        attribute_value = @proposal[attribute]
+        PaperTrail.request(enabled: false) do
+          # rubocop:disable Rails/SkipsModelValidations
+          @proposal.update_attribute attribute, ""
+          # rubocop:enable Rails/SkipsModelValidations
+        end
+        attribute_value
+      end
+
+      def send_notification
+        return if @proposal.coauthorships.empty?
+
+        Decidim::EventsManager.publish(
+          event: "decidim.events.proposals.proposal_published",
+          event_class: Decidim::Proposals::PublishProposalEvent,
+          resource: @proposal,
+          followers: coauthors_followers
+        )
+      end
+
+      def send_publication_notification
+        Decidim::EventsManager.publish(
+          event: "decidim.events.proposals.author_confirmation_proposal_event",
+          event_class: Decidim::Proposals::AuthorConfirmationProposalEvent,
+          resource: @proposal,
+          affected_users: [@proposal.creator_identity],
+          extra: { force_email: true },
+          force_send: true
+        )
+      end
+
+      def send_notification_to_participatory_space
+        Decidim::EventsManager.publish(
+          event: "decidim.events.proposals.proposal_published",
+          event_class: Decidim::Proposals::PublishProposalEvent,
+          resource: @proposal,
+          followers: @proposal.participatory_space.followers - coauthors_followers,
+          extra: {
+            participatory_space: true
+          }
+        )
+      end
+
+      def coauthors_followers
+        @coauthors_followers ||= @proposal.authors.flat_map(&:followers)
+      end
+
+      def increment_scores
+        @proposal.coauthorships.find_each do |coauthorship|
+          if coauthorship.user_group
+            Decidim::Gamification.increment_score(coauthorship.user_group, :proposals)
+          else
+            Decidim::Gamification.increment_score(coauthorship.author, :proposals)
+          end
+        end
+      end
+
+      # override: decidim-module-anonymous_proposals/app/commands/decidim/anonymous_proposals/publish_proposal_command_overrides.rb
+      def component
+        @component ||= @proposal.component
+      end
+    end
+  end
+end