fixes conflicts with budget

app/controllers/account_controller.rb

@@ -25,7 +25,7 @@ class AccountController < ApplicationController
       if @account.organization?
         params.require(:account).permit(:phone_number, :email_on_comment, :email_on_comment_reply, :newsletter, organization_attributes: [:name, :responsible_name])
       else
-        params.require(:account).permit(:username, :public_activity, :email_on_comment, :email_on_comment_reply, :newsletter)
+        params.require(:account).permit(:username, :public_activity, :email_on_comment, :email_on_comment_reply, :email_on_direct_message, :email_digest, :newsletter, :official_position_badge)
       end
     end
 

app/controllers/admin/banners_controller.rb

@@ -0,0 +1,56 @@
+class Admin::BannersController < Admin::BaseController
+
+  has_filters %w{all with_active with_inactive}, only: :index
+
+  before_action :find_banner, only: [:edit, :update, :destroy]
+  before_action :banner_styles, only: [:edit, :new, :create, :update]
+  before_action :banner_imgs, only: [:edit, :new, :create, :update]
+
+  respond_to :html, :js
+
+  load_and_authorize_resource
+
+  def index
+    @banners = Banner.send(@current_filter).page(params[:page])
+  end
+
+  def create
+    @banner = Banner.new(banner_params)
+    if @banner.save
+      redirect_to admin_banners_path
+    else
+      render :new
+    end
+  end
+
+  def update
+    @banner.assign_attributes(banner_params)
+    if @banner.update(banner_params)
+      redirect_to admin_banners_path
+    else
+      render :edit
+    end
+  end
+
+  def destroy
+    @banner.destroy
+    redirect_to admin_banners_path
+  end
+
+  private
+    def banner_params
+      params.require(:banner).permit(:title, :description, :target_url, :style, :image, :post_started_at, :post_ended_at)
+    end
+
+    def find_banner
+      @banner = Banner.find(params[:id])
+    end
+
+    def banner_styles
+      @banner_styles = Setting.all.banner_style.map { |banner_style| [banner_style.value, banner_style.key.split('.')[1]] }
+    end
+
+    def banner_imgs
+      @banner_imgs = Setting.all.banner_img.map { |banner_img| [banner_img.value, banner_img.key.split('.')[1]] }
+    end
+end

app/controllers/admin/settings_controller.rb

@@ -1,9 +1,11 @@
 class Admin::SettingsController < Admin::BaseController
 
   def index
-    all_settings = (Setting.all).group_by { |s| s.feature_flag? }
-    @settings = all_settings[false]
-    @feature_flags = all_settings[true]
+    all_settings = (Setting.all).group_by { |s| s.type  }
+    @settings = all_settings['common']
+    @feature_flags = all_settings['feature']
+    @banner_styles = all_settings['banner-style']
+    @banner_imgs = all_settings['banner-img']
   end
 
   def update

app/controllers/admin/stats_controller.rb

@@ -21,6 +21,15 @@ class Admin::StatsController < Admin::BaseController
     @user_ids_who_voted_proposals = ActsAsVotable::Vote.where(votable_type: 'Proposal').distinct.count(:voter_id)
     @user_ids_who_didnt_vote_proposals = @verified_users - @user_ids_who_voted_proposals
     @spending_proposals = SpendingProposal.count
+  end
 
+  def proposal_notifications
+    @proposal_notifications = ProposalNotification.all
+    @proposals_with_notifications = @proposal_notifications.select(:proposal_id).distinct.count
+  end
+
+  def direct_messages
+    @direct_messages = DirectMessage.count
+    @users_who_have_sent_message = DirectMessage.select(:sender_id).distinct.count
   end
 end

app/controllers/budget/budgets_controller.rb

@@ -0,0 +1,10 @@
+class Budget
+  class BudgetsController < ApplicationController
+    load_and_authorize_resource
+
+    def index
+      @budgets = Budget.all
+    end
+
+  end
+end

app/controllers/budget/investments_controller.rb

@@ -0,0 +1,85 @@
+class Budget
+  class InvestmentsController < ApplicationController
+    include FeatureFlags
+
+    before_action :load_investments, only: [:index]
+    before_action :load_geozone, only: [:index, :unfeasible]
+
+    skip_authorization_check
+
+    before_action :authenticate_user!, except: [:index, :show]
+    before_action -> { flash.now[:notice] = flash[:notice].html_safe if flash[:html_safe] && flash[:notice] }
+
+    load_and_authorize_resource
+
+    feature_flag :spending_proposals
+
+    invisible_captcha only: [:create, :update], honeypot: :subtitle
+
+    respond_to :html, :js
+
+    def index
+      load_investments
+      set_spending_proposal_votes(@investments)
+    end
+
+    def new
+      @spending_proposal = SpendingProposal.new
+    end
+
+    def show
+      set_spending_proposal_votes(@spending_proposal)
+    end
+
+    def create
+      @spending_proposal = SpendingProposal.new(spending_proposal_params)
+      @spending_proposal.author = current_user
+
+      if @spending_proposal.save
+        notice = t('flash.actions.create.spending_proposal', activity: "<a href='#{user_path(current_user, filter: :spending_proposals)}'>#{t('layouts.header.my_activity_link')}</a>")
+        redirect_to @spending_proposal, notice: notice, flash: { html_safe: true }
+      else
+        render :new
+      end
+    end
+
+    def destroy
+      spending_proposal = SpendingProposal.find(params[:id])
+      spending_proposal.destroy
+      redirect_to user_path(current_user, filter: 'spending_proposals'), notice: t('flash.actions.destroy.spending_proposal')
+    end
+
+    def vote
+      @spending_proposal.register_vote(current_user, 'yes')
+      set_spending_proposal_votes(@spending_proposal)
+    end
+
+    private
+
+      def spending_proposal_params
+        params.require(:spending_proposal).permit(:title, :description, :external_url, :geozone_id, :association_name, :terms_of_service)
+      end
+
+      def load_investments
+        @investments = filter_and_search(Budget::Investment)
+      end
+
+      def filter_and_search(target)
+        target = target.unfeasible if params[:unfeasible].present?
+        target = target.by_geozone(params[:geozone]) if params[:geozone].present?
+        target = target.search(params[:search])      if params[:search].present?
+        target.page(params[:page]).for_render
+      end
+
+      def load_geozone
+        return if params[:geozone].blank?
+
+        if params[:geozone] == 'all'
+          @geozone_name = t('geozones.none')
+        else
+          @geozone_name = Geozone.find(params[:geozone]).name
+        end
+      end
+
+  end
+end

app/controllers/concerns/commentable_actions.rb

@@ -11,6 +11,8 @@ module CommentableActions
     index_customization if index_customization.present?
 
     @tag_cloud = tag_cloud
+    @banners = Banner.with_active
+    
     set_resource_votes(@resources)
     set_resources_instance
   end

app/controllers/concerns/feature_flags.rb

@@ -3,7 +3,7 @@ module FeatureFlags
 
   class_methods do
     def feature_flag(name, *options)
-      before_filter(*options) do
+      before_action(*options) do
         check_feature_flag(name)
       end
     end

app/controllers/direct_messages_controller.rb

@@ -0,0 +1,36 @@
+class DirectMessagesController < ApplicationController
+  load_and_authorize_resource
+
+  def new
+    @receiver = User.find(params[:user_id])
+    @direct_message = DirectMessage.new(receiver: @receiver)
+  end
+
+  def create
+    @sender = current_user
+    @receiver = User.find(params[:user_id])
+
+    @direct_message = DirectMessage.new(parsed_params)
+    if @direct_message.save
+      Mailer.direct_message_for_receiver(@direct_message).deliver_later
+      Mailer.direct_message_for_sender(@direct_message).deliver_later
+      redirect_to [@receiver, @direct_message], notice: I18n.t("flash.actions.create.direct_message")
+    else
+      render :new
+    end
+  end
+
+  def show
+    @direct_message = DirectMessage.find(params[:id])
+  end
+
+  private
+
+    def direct_message_params
+      params.require(:direct_message).permit(:title, :body)
+    end
+
+    def parsed_params
+      direct_message_params.merge(sender: @sender, receiver: @receiver)
+    end
+end

app/controllers/management/proposals_controller.rb

@@ -13,6 +13,7 @@ class Management::ProposalsController < Management::BaseController
 
   def show
     super
+    @notifications = @proposal.notifications
     redirect_to management_proposal_path(@proposal), status: :moved_permanently if request.path != management_proposal_path(@proposal)
   end
 

app/controllers/management/user_invites_controller.rb

@@ -0,0 +1,13 @@
+class Management::UserInvitesController < Management::BaseController
+
+  def new
+  end
+
+  def create
+    @emails = params[:emails].split(",").map(&:strip)
+    @emails.each do |email|
+      Mailer.user_invite(email).deliver_later
+    end
+  end
+
+end

app/controllers/notifications_controller.rb

@@ -9,7 +9,7 @@ class NotificationsController < ApplicationController
 
   def show
     @notification = current_user.notifications.find(params[:id])
-    redirect_to url_for(@notification.notifiable)
+    redirect_to url_for(@notification.linkable_resource)
   end
 
   def mark_all_as_read

app/controllers/proposal_notifications_controller.rb

@@ -0,0 +1,33 @@
+class ProposalNotificationsController < ApplicationController
+  load_and_authorize_resource except: [:new]
+
+  def new
+    @proposal = Proposal.find(params[:proposal_id])
+    @notification = ProposalNotification.new(proposal_id: @proposal.id)
+    authorize! :new, @notification
+  end
+
+  def create
+    @notification = ProposalNotification.new(proposal_notification_params)
+    @proposal = Proposal.find(proposal_notification_params[:proposal_id])
+    if @notification.save
+      @proposal.voters.each do |voter|
+        Notification.add(voter.id, @notification)
+      end
+      redirect_to @notification, notice: I18n.t("flash.actions.create.proposal_notification")
+    else
+      render :new
+    end
+  end
+
+  def show
+    @notification = ProposalNotification.find(params[:id])
+  end
+
+  private
+
+  def proposal_notification_params
+    params.require(:proposal_notification).permit(:title, :body, :proposal_id)
+  end
+
+end

app/controllers/proposals_controller.rb

@@ -2,7 +2,6 @@ class ProposalsController < ApplicationController
   include CommentableActions
   include FlagActions
 
-
   before_action :parse_search_terms, only: [:index, :suggest]
   before_action :parse_advanced_search_terms, only: :index
   before_action :parse_tag_filter, only: :index
@@ -22,6 +21,7 @@ class ProposalsController < ApplicationController
 
   def show
     super
+    @notifications = @proposal.notifications
     redirect_to proposal_path(@proposal), status: :moved_permanently if request.path != proposal_path(@proposal)
   end
 

app/controllers/spending_proposals_controller.rb

@@ -1,7 +1,7 @@
 class SpendingProposalsController < ApplicationController
   include FeatureFlags
 
-  before_action :authenticate_user!, except: [:index]
+  before_action :authenticate_user!, except: [:index, :show]
   before_action -> { flash.now[:notice] = flash[:notice].html_safe if flash[:html_safe] && flash[:notice] }
 
   load_and_authorize_resource

app/controllers/users_controller.rb

@@ -3,6 +3,7 @@ class UsersController < ApplicationController
 
   load_and_authorize_resource
   helper_method :authorized_for_filter?
+  helper_method :author?
   helper_method :author_or_admin?
 
   def show
@@ -65,8 +66,12 @@ class UsersController < ApplicationController
       @user.public_activity || authorized_current_user?
     end
 
+    def author?
+      @author ||= current_user && (current_user == @user)
+    end
+
     def author_or_admin?
-      @author_or_admin ||= current_user && (current_user == @user || current_user.administrator?)
+      @author_or_admin ||= current_user && (author? || current_user.administrator?)
     end
 
     def authorized_current_user?