diff --git a/app/assets/fonts/icons.eot b/app/assets/fonts/icons.eot index 9bb4f6a68..fed38cb4b 100644 Binary files a/app/assets/fonts/icons.eot and b/app/assets/fonts/icons.eot differ diff --git a/app/assets/fonts/icons.svg b/app/assets/fonts/icons.svg index 31e98dac3..602058baf 100644 --- a/app/assets/fonts/icons.svg +++ b/app/assets/fonts/icons.svg @@ -7,7 +7,6 @@ - @@ -44,5 +43,5 @@ -icons.eot + diff --git a/app/assets/fonts/icons.ttf b/app/assets/fonts/icons.ttf index 3524044cf..96e944231 100644 Binary files a/app/assets/fonts/icons.ttf and b/app/assets/fonts/icons.ttf differ diff --git a/app/assets/fonts/icons.woff b/app/assets/fonts/icons.woff index f9944c812..fb76f3b26 100644 Binary files a/app/assets/fonts/icons.woff and b/app/assets/fonts/icons.woff differ diff --git a/app/assets/stylesheets/admin.scss b/app/assets/stylesheets/admin.scss index 9d73002e5..85423df75 100644 --- a/app/assets/stylesheets/admin.scss +++ b/app/assets/stylesheets/admin.scss @@ -27,6 +27,12 @@ body.admin { .button { margin-top: 0; } + + input[type="text"] { + height: 36px\9; + line-height: 36px\9; + margin-bottom: 24px\9; + } } .dashboard { @@ -58,6 +64,18 @@ body.admin { .admin-content { margin-top: rem-calc(24); + + .filters h2 { + margin-top: 0; + } + + .proposal-new, .proposal-edit { + padding-top: 0; + } + + .proposal-show { + padding-top: rem-calc(54); + } } .is-featured { @@ -79,6 +97,10 @@ body.admin { margin-left: rem-calc(-20); } + a { + color: white\9 !important; + } + ul { list-style-type: none; margin-left: 0; @@ -89,6 +111,8 @@ body.admin { font-size: rem-calc(24); padding-right: rem-calc(24); padding-top: rem-calc(4); + padding-left: 12px\9 !important; + padding-right: 12px\9 !important; } li { @@ -277,11 +301,6 @@ body.admin { // 05. Management // - - - - - - - - - - - - - - - - - - - - - - - - - -.postfix { - height: rem-calc(48); - line-height: rem-calc(48); -} - .user-permissions { ul { diff --git a/app/assets/stylesheets/layout.scss b/app/assets/stylesheets/layout.scss index 1afa5cea2..5e7c189bb 100644 --- a/app/assets/stylesheets/layout.scss +++ b/app/assets/stylesheets/layout.scss @@ -450,7 +450,7 @@ header { } .top-bar { - background: none; + background: #112E51 !important; color: white; height: rem-calc(48); max-width: 1170px !important; @@ -958,8 +958,7 @@ form { em { background: white; - display: inline-block; - padding-left: rem-calc(6); + display: block; } } @@ -1147,9 +1146,9 @@ img.avatar, img.admin-avatar, img.moderator-avatar, img.initialjs-avatar { background-color: rgba(255,255,255,.5); color: rgba(0,0,0,.4); font-size: rem-calc(40); - left: 11px; + left: rem-calc(11); position: absolute; - top: 63px; + top: rem-calc(72); } .user-deleted { diff --git a/app/assets/stylesheets/print.css b/app/assets/stylesheets/print.css index b4495d459..9418d5ee0 100644 --- a/app/assets/stylesheets/print.css +++ b/app/assets/stylesheets/print.css @@ -2,40 +2,58 @@ /* Print proposals */ -.top-links, .tags a, .supports, .label-proposal, -#print_link, .admin-sidebar, img.left, .proposal-info a, -.icon-comments, .menu-icon, .icon-proposals, li.name span, -p.proposal-info span:nth-child(3) { - display: none !important; -} +.tags a { display: none !important; } + +.supports { display: none !important; } + +.label-proposal { display: none !important; } + +#print_link { display: none !important; } + +.admin-sidebar { display: none !important; } + +img.left { display: none !important; } + +.proposal-info a { display: none !important; } + +.icon-comments { display: none !important; } + +.menu-icon { display: none !important; } + +.icon-proposals { display: none !important; } + +.captcha { display: none !important; } + +li.name span { display: none !important; } + +p.proposal-info span:nth-child(3) { display: none !important; } + +.top-links { display: none !important; } + +.button { display: none !important; } + +input[type="submit"] { display: none !important; } .select-order { border: 0; font-size: 24px; font-weight: bold; - margin-left: -12px; -} - -p.proposal-info { margin-left: -6px; } -a { - text-decoration: none !important; -} +p.proposal-info { margin-left: -6px; } -a:after { - content: none !important; -} +a { text-decoration: none !important; } -.proposal .panel, .proposal .panel .proposal-content, -.proposal .panel h3 { - min-height: auto !important; -} +a:after { content: none !important; } -.proposal .panel .proposal-description { - height: auto; -} +.proposal .panel { min-height: auto !important; } + +.proposal .panel .proposal-content { min-height: auto !important; } + +.proposal .panel h3 { min-height: auto !important; } + +.proposal .panel .proposal-description { height: auto; } .proposal .panel { border-left: 0 !important; diff --git a/app/controllers/concerns/commentable_actions.rb b/app/controllers/concerns/commentable_actions.rb index ce1db310b..e98906f04 100644 --- a/app/controllers/concerns/commentable_actions.rb +++ b/app/controllers/concerns/commentable_actions.rb @@ -1,5 +1,6 @@ module CommentableActions extend ActiveSupport::Concern + include Polymorphic def index @resources = @search_terms.present? ? resource_model.search(@search_terms) : resource_model.all @@ -59,29 +60,6 @@ module CommentableActions end private - def resource - @resource ||= instance_variable_get("@#{resource_name}") - end - - def resource_name - @resource_name ||= resource_model.to_s.downcase - end - - def set_resource_instance - instance_variable_set("@#{resource_name}", @resource) - end - - def set_resources_instance - instance_variable_set("@#{resource_name.pluralize}", @resources) - end - - def set_resource_votes(instance) - send("set_#{resource_name}_votes", instance) - end - - def strong_params - send("#{resource_name}_params") - end def track_event ahoy.track "#{resource_name}_created".to_sym, "#{resource_name}_id": resource.id @@ -104,4 +82,8 @@ module CommentableActions def parse_search_terms @search_terms = params[:search] if params[:search].present? end + + def set_resource_votes(instance) + send("set_#{resource_name}_votes", instance) + end end \ No newline at end of file diff --git a/app/controllers/concerns/moderate_actions.rb b/app/controllers/concerns/moderate_actions.rb new file mode 100644 index 000000000..792dacde0 --- /dev/null +++ b/app/controllers/concerns/moderate_actions.rb @@ -0,0 +1,60 @@ +module ModerateActions + extend ActiveSupport::Concern + include Polymorphic + + def index + @resources = @resources.send(@current_filter) + .send("sort_by_#{@current_order}") + .page(params[:page]) + .per(50) + set_resources_instance + end + + def hide + hide_resource resource + end + + def moderate + set_resource_params + @resources = @resources.where(id: params[:resource_ids]) + + if params[:hide_resources].present? + @resources.accessible_by(current_ability, :hide).each {|resource| hide_resource resource} + + elsif params[:ignore_flags].present? + @resources.accessible_by(current_ability, :ignore_flag).each(&:ignore_flag) + + elsif params[:block_authors].present? + author_ids = @resources.pluck(author_id).uniq + User.where(id: author_ids).accessible_by(current_ability, :block).each {|user| block_user user} + end + + redirect_to request.query_parameters.merge(action: :index) + end + + private + + def load_resources + @resources = resource_model.accessible_by(current_ability, :moderate) + end + + def hide_resource(resource) + resource.hide + Activity.log(current_user, :hide, resource) + end + + def block_user(user) + user.block + Activity.log(current_user, :block, user) + end + + def set_resource_params + params[:resource_ids] = params["#{resource_name}_ids"] + params[:hide_resources] = params["hide_#{resource_name.pluralize}"] + end + + def author_id + :author_id + end + +end \ No newline at end of file diff --git a/app/controllers/concerns/polymorphic.rb b/app/controllers/concerns/polymorphic.rb new file mode 100644 index 000000000..51c5768c9 --- /dev/null +++ b/app/controllers/concerns/polymorphic.rb @@ -0,0 +1,24 @@ +module Polymorphic + + private + def resource + @resource ||= instance_variable_get("@#{resource_name}") + end + + def resource_name + @resource_name ||= resource_model.to_s.downcase + end + + def set_resource_instance + instance_variable_set("@#{resource_name}", @resource) + end + + def set_resources_instance + instance_variable_set("@#{resource_name.pluralize}", @resources) + end + + def strong_params + send("#{resource_name}_params") + end + +end \ No newline at end of file diff --git a/app/controllers/management/base_controller.rb b/app/controllers/management/base_controller.rb index 7d6c89b5f..144a28bfe 100644 --- a/app/controllers/management/base_controller.rb +++ b/app/controllers/management/base_controller.rb @@ -12,7 +12,7 @@ class Management::BaseController < ActionController::Base end def current_manager - @current_manager ||= Manager.find(session["manager_id"]) if session["manager_id"] + session["manager"] end def managed_user diff --git a/app/controllers/management/document_verifications_controller.rb b/app/controllers/management/document_verifications_controller.rb index 32d38c748..1b8fabcc2 100644 --- a/app/controllers/management/document_verifications_controller.rb +++ b/app/controllers/management/document_verifications_controller.rb @@ -1,5 +1,6 @@ class Management::DocumentVerificationsController < Management::BaseController + before_action :clean_document_number, only: :check before_action :set_document, only: :check def index @@ -41,4 +42,8 @@ class Management::DocumentVerificationsController < Management::BaseController session[:document_number] = params[:document_verification][:document_number] end + def clean_document_number + params[:document_verification][:document_number] = params[:document_verification][:document_number].gsub(/[^a-z0-9]+/i, "").upcase unless params[:document_verification][:document_number].blank? + end + end \ No newline at end of file diff --git a/app/controllers/management/proposals_controller.rb b/app/controllers/management/proposals_controller.rb index 3e9e7541f..340a6481c 100644 --- a/app/controllers/management/proposals_controller.rb +++ b/app/controllers/management/proposals_controller.rb @@ -6,7 +6,7 @@ class Management::ProposalsController < Management::BaseController before_action :set_proposal, only: [:vote, :show] before_action :parse_search_terms, only: :index - has_orders %w{hot_score confidence_score created_at most_commented random}, only: [:index, :print] + has_orders %w{confidence_score hot_score created_at most_commented random}, only: [:index, :print] def vote @proposal.register_vote(current_user, 'yes') @@ -34,7 +34,7 @@ class Management::ProposalsController < Management::BaseController def check_verified_user unless current_user.level_two_or_three_verified? - redirect_to management_root_path, alert: t("management.proposals.alert.unverified_user") + redirect_to management_document_verifications_path, alert: t("management.proposals.alert.unverified_user") end end diff --git a/app/controllers/management/sessions_controller.rb b/app/controllers/management/sessions_controller.rb index 78f5a14c8..72bfdda14 100644 --- a/app/controllers/management/sessions_controller.rb +++ b/app/controllers/management/sessions_controller.rb @@ -1,9 +1,11 @@ +require "manager_authenticator" + class Management::SessionsController < ActionController::Base def create destroy_session - if manager = Manager.valid_manager(params[:login], params[:clave_usuario]) - session["manager_id"] = manager.id + if manager = ManagerAuthenticator.new(params).auth + session["manager"] = manager redirect_to management_root_path else raise ActionController::RoutingError.new('Not Found') @@ -18,7 +20,7 @@ class Management::SessionsController < ActionController::Base private def destroy_session - session["manager_id"] = nil + session["manager"] = nil end end \ No newline at end of file diff --git a/app/controllers/moderation/comments_controller.rb b/app/controllers/moderation/comments_controller.rb index 7177911e8..cf3197383 100644 --- a/app/controllers/moderation/comments_controller.rb +++ b/app/controllers/moderation/comments_controller.rb @@ -1,53 +1,20 @@ class Moderation::CommentsController < Moderation::BaseController + include ModerateActions + has_filters %w{pending_flag_review all with_ignored_flag}, only: :index has_orders %w{flags created_at}, only: :index - before_action :load_comments, only: [:index, :moderate] + before_action :load_resources, only: [:index, :moderate] load_and_authorize_resource - def index - @comments = @comments.send(@current_filter) - .send("sort_by_#{@current_order}") - .page(params[:page]) - .per(50) - end - - def hide - hide_comment @comment - end - - def moderate - @comments = @comments.where(id: params[:comment_ids]) - - if params[:hide_comments].present? - @comments.accessible_by(current_ability, :hide).each {|comment| hide_comment comment} - - elsif params[:ignore_flags].present? - @comments.accessible_by(current_ability, :ignore_flag).each(&:ignore_flag) - - elsif params[:block_authors].present? - author_ids = @comments.pluck(:user_id).uniq - User.where(id: author_ids).accessible_by(current_ability, :block).each {|user| block_user user} - end - - redirect_to request.query_parameters.merge(action: :index) - end - private - def load_comments - @comments = Comment.accessible_by(current_ability, :moderate) + def resource_model + Comment end - def hide_comment(comment) - comment.hide - Activity.log(current_user, :hide, comment) + def author_id + :user_id end - - def block_user(user) - user.block - Activity.log(current_user, :block, user) - end - end diff --git a/app/controllers/moderation/debates_controller.rb b/app/controllers/moderation/debates_controller.rb index 57c6a0e05..e2a6ba2a0 100644 --- a/app/controllers/moderation/debates_controller.rb +++ b/app/controllers/moderation/debates_controller.rb @@ -1,53 +1,17 @@ class Moderation::DebatesController < Moderation::BaseController + include ModerateActions + has_filters %w{pending_flag_review all with_ignored_flag}, only: :index has_orders %w{flags created_at}, only: :index - before_action :load_debates, only: [:index, :moderate] + before_action :load_resources, only: [:index, :moderate] load_and_authorize_resource - def index - @debates = @debates.send(@current_filter) - .send("sort_by_#{@current_order}") - .page(params[:page]) - .per(50) - end - - def hide - hide_debate @debate - end - - def moderate - @debates = @debates.where(id: params[:debate_ids]) - - if params[:hide_debates].present? - @debates.accessible_by(current_ability, :hide).each {|debate| hide_debate debate} - - elsif params[:ignore_flags].present? - @debates.accessible_by(current_ability, :ignore_flag).each(&:ignore_flag) - - elsif params[:block_authors].present? - author_ids = @debates.pluck(:author_id).uniq - User.where(id: author_ids).accessible_by(current_ability, :block).each {|user| block_user user} - end - - redirect_to request.query_parameters.merge(action: :index) - end - private - def load_debates - @debates = Debate.accessible_by(current_ability, :moderate) - end - - def hide_debate(debate) - debate.hide - Activity.log(current_user, :hide, debate) - end - - def block_user(user) - user.block - Activity.log(current_user, :block, user) + def resource_model + Debate end end diff --git a/app/controllers/moderation/proposals_controller.rb b/app/controllers/moderation/proposals_controller.rb index e59f3c79f..7d48a7c07 100644 --- a/app/controllers/moderation/proposals_controller.rb +++ b/app/controllers/moderation/proposals_controller.rb @@ -1,54 +1,16 @@ class Moderation::ProposalsController < Moderation::BaseController + include ModerateActions has_filters %w{pending_flag_review all with_ignored_flag}, only: :index has_orders %w{flags created_at}, only: :index - before_filter :load_proposals, only: [:index, :moderate] + before_filter :load_resources, only: [:index, :moderate] load_and_authorize_resource - def index - @proposals = @proposals.send(@current_filter) - .send("sort_by_#{@current_order}") - .page(params[:page]) - .per(50) - end - - def hide - hide_proposal @proposal - end - - def moderate - @proposals = @proposals.where(id: params[:proposal_ids]) - - if params[:hide_proposals].present? - @proposals.accessible_by(current_ability, :hide).each {|proposal| hide_proposal proposal} - - elsif params[:ignore_flags].present? - @proposals.accessible_by(current_ability, :ignore_flag).each(&:ignore_flag) - - elsif params[:block_authors].present? - author_ids = @proposals.pluck(:author_id).uniq - User.where(id: author_ids).accessible_by(current_ability, :block).each {|user| block_user user} - end - - redirect_to request.query_parameters.merge(action: :index) - end - private - def load_proposals - @proposals = Proposal.accessible_by(current_ability, :moderate) + def resource_model + Proposal end - - def hide_proposal(proposal) - proposal.hide - Activity.log(current_user, :hide, proposal) - end - - def block_user(user) - user.block - Activity.log(current_user, :block, user) - end - end diff --git a/app/models/concerns/taggable.rb b/app/models/concerns/taggable.rb index 52efc04a7..9126e271a 100644 --- a/app/models/concerns/taggable.rb +++ b/app/models/concerns/taggable.rb @@ -3,7 +3,7 @@ module Taggable included do acts_as_taggable - validate :max_number_of_tags + validate :max_number_of_tags, on: :create end def tag_list_with_limit(limit = nil) diff --git a/app/models/manager.rb b/app/models/manager.rb deleted file mode 100644 index 6dc5cceea..000000000 --- a/app/models/manager.rb +++ /dev/null @@ -1,12 +0,0 @@ -class Manager < ActiveRecord::Base - validates :username, presence: true, uniqueness: true - validates :password_digest, presence: true - - has_secure_password - - def self.valid_manager(username = nil, password = nil) - return false unless username.present? && password.present? - Manager.find_by(username: username).try(:authenticate, password) - end - -end \ No newline at end of file diff --git a/app/models/verification/management/document.rb b/app/models/verification/management/document.rb index 6c9a8897f..ee9e5462d 100644 --- a/app/models/verification/management/document.rb +++ b/app/models/verification/management/document.rb @@ -1,5 +1,6 @@ class Verification::Management::Document include ActiveModel::Model + include ActiveModel::Dates attr_accessor :document_type attr_accessor :document_number @@ -17,7 +18,21 @@ class Verification::Management::Document end def in_census? - CensusApi.new.call(document_type, document_number).valid? + response = CensusApi.new.call(document_type, document_number) + response.valid? && valid_age?(response) + end + + def valid_age?(response) + if under_sixteen?(response) + errors.add(:age, true) + return false + else + return true + end + end + + def under_sixteen?(response) + 16.years.ago < string_to_date(response.date_of_birth) end def verified? @@ -28,7 +43,4 @@ class Verification::Management::Document user.update(verified_at: Time.now) if user? end -end - - - +end \ No newline at end of file diff --git a/app/views/layouts/management.html.erb b/app/views/layouts/management.html.erb index 019f3c44c..354fae1a1 100644 --- a/app/views/layouts/management.html.erb +++ b/app/views/layouts/management.html.erb @@ -4,7 +4,7 @@ - + <%= content_for?(:title) ? yield(:title) : "Admin" %> <%= stylesheet_link_tag "application", media: "all" %> <%= stylesheet_link_tag "print", media: "print" %> @@ -17,17 +17,17 @@
-
+
<%= render 'shared/locale_switcher' %>
-
+
diff --git a/app/views/management/dashboard/index.html.erb b/app/views/management/dashboard/index.html.erb index 8fc1b6100..4145592d8 100644 --- a/app/views/management/dashboard/index.html.erb +++ b/app/views/management/dashboard/index.html.erb @@ -1,3 +1,14 @@

<%= t("management.dashboard.index.title") %>

+ +

Desde aquí puedes gestionar usuarios a través de las siguientes acciones:

+ +

Usuarios

+ +

Crear propuesta

+ +

Apoyar propuesta

+ +

Imprimir propuestas

+
diff --git a/app/views/management/document_verifications/invalid_document.html.erb b/app/views/management/document_verifications/invalid_document.html.erb index ee7120c9b..3652e1db7 100644 --- a/app/views/management/document_verifications/invalid_document.html.erb +++ b/app/views/management/document_verifications/invalid_document.html.erb @@ -1,5 +1,9 @@
- <%= t("management.document_verifications.not_in_census") %> + <% if @document_verification.errors[:age].any? %> + <%= t("management.document_verifications.under_age") %> + <% else %> + <%= t("management.document_verifications.not_in_census") %> + <% end %>
<%= render 'management/user_permissions', diff --git a/app/views/management/proposals/new.html.erb b/app/views/management/proposals/new.html.erb index 3586594f6..28c150e86 100644 --- a/app/views/management/proposals/new.html.erb +++ b/app/views/management/proposals/new.html.erb @@ -1,6 +1,8 @@ -
+<%= render '/shared/print' %> +
+

<%= t("management.proposals.create_proposal") %>

<%= render "proposals/form", form_url: management_proposals_url %>
diff --git a/app/views/management/proposals/print.html.erb b/app/views/management/proposals/print.html.erb index 748092096..ddd36be14 100644 --- a/app/views/management/proposals/print.html.erb +++ b/app/views/management/proposals/print.html.erb @@ -1,7 +1,7 @@ -
+
- + <%= t('management.proposals.print.print_button') %> diff --git a/app/views/management/proposals/show.html.erb b/app/views/management/proposals/show.html.erb index 3b1f441f7..cc20459d4 100644 --- a/app/views/management/proposals/show.html.erb +++ b/app/views/management/proposals/show.html.erb @@ -1 +1,3 @@ -<%= render template: 'proposals/show' %> \ No newline at end of file +<%= render '/shared/print' %> + +<%= render template: 'proposals/show' %> diff --git a/app/views/pages/conditions.html.erb b/app/views/pages/conditions.html.erb index 81245849e..8cf4d5bf0 100644 --- a/app/views/pages/conditions.html.erb +++ b/app/views/pages/conditions.html.erb @@ -2,6 +2,9 @@
+ + <%= render '/shared/print' %> +

<%= t("pages.conditions") %>

AVISO LEGAL SOBRE LAS CONDICIONES DE USO, PRIVACIDAD Y PROTECCIÓN DE DATOS PERSONALES DEL PORTAL DE GOBIERNO ABIERTO DEL AYUNTAMIENTO DE MADRID

diff --git a/app/views/pages/privacy.html.erb b/app/views/pages/privacy.html.erb index a79000ac8..895fdbc76 100644 --- a/app/views/pages/privacy.html.erb +++ b/app/views/pages/privacy.html.erb @@ -2,6 +2,9 @@
+ + <%= render '/shared/print' %> +

<%= t("pages.privacy") %>

AVISO DE PROTECCIÓN DE DATOS

diff --git a/app/views/shared/_print.html.erb b/app/views/shared/_print.html.erb new file mode 100644 index 000000000..471cf6692 --- /dev/null +++ b/app/views/shared/_print.html.erb @@ -0,0 +1,3 @@ + + <%= t("shared.print.print_button") %> + \ No newline at end of file diff --git a/config/locales/en.yml b/config/locales/en.yml index c85a4114d..db56b3e4f 100644 --- a/config/locales/en.yml +++ b/config/locales/en.yml @@ -311,6 +311,8 @@ en: shared: tags_cloud: tags: Trend + print: + print_button: "Print this info" flag: Flag as inappropriate unflag: Undo flag collective: Collective diff --git a/config/locales/es.yml b/config/locales/es.yml index 1faa0196a..e05ed35e9 100644 --- a/config/locales/es.yml +++ b/config/locales/es.yml @@ -311,6 +311,8 @@ es: shared: tags_cloud: tags: Tendencias + print: + print_button: "Imprimir esta información" flag: Denunciar como inapropiado unflag: Deshacer denuncia collective: Colectivo diff --git a/config/locales/management.en.yml b/config/locales/management.en.yml index 903c8813d..d698995df 100644 --- a/config/locales/management.en.yml +++ b/config/locales/management.en.yml @@ -17,15 +17,16 @@ en: title: "Management" account_info: identified_label: "Identified as:" - username_label: "Username" - email_label: "Email" - document_number_label: "Document number" - document_type_label: "Document type" - logout: "Logout" + username_label: "Username:" + email_label: "Email:" + document_number_label: "Document number:" + document_type_label: "Document type:" + change_user: "Change user" sessions: signed_out: "Signed out successfully." - signed_out_managed_user: "Signed out successfully." + signed_out_managed_user: "User session signed out successfully." proposals: + create_proposal: "Create proposal" print: print_button: Print alert: @@ -41,6 +42,7 @@ en: already_verified: "This user account is already verified." in_census_has_following_permissions: "This user can participate in the website with the following permissions:" not_in_census: "This document is not registered in Madrid." + under_age: "You must be over 16 to verify your account." not_in_census_info: "Citizens not in the Census can participate in the website with the following permissions:" has_no_account_html: "In order to create an account, go to %{link} and click in 'Register' in the upper-left part of the screen." verify: "Verify" diff --git a/config/locales/management.es.yml b/config/locales/management.es.yml index f6a99abda..67dc9e33a 100644 --- a/config/locales/management.es.yml +++ b/config/locales/management.es.yml @@ -21,11 +21,12 @@ es: email_label: "Email:" document_number_label: "Número de documento:" document_type_label: "Tipo de documento:" - logout: "Salir" + change_user: "Cambiar usuario" sessions: signed_out: "Has cerrado la sesión correctamente." - signed_out_managed_user: "Has cerrado la sesión correctamente." + signed_out_managed_user: "Se ha cerrado correctamente la sesión del usuario." proposals: + create_proposal: "Crear propuesta" print: print_button: Imprimir alert: @@ -41,6 +42,7 @@ es: already_verified: "Esta cuenta de usuario ya está verificada." in_census_has_following_permissions: "Este usuario puede participar en el Portal de Gobierno Abierto del Ayuntamiento de Madrid con las siguientes posibilidades:" not_in_census: "Este documento no está registrado en el Padrón Municipal de Madrid." + under_age: "Debes ser mayor de 16 años para verificar tu cuenta." not_in_census_info: "Las personas no empadronadas en Madrid pueden participar en el Portal de Gobierno Abierto del Ayuntamiento de Madrid con las siguientes posibilidades:" has_no_account_html: "Para crear un usuario entre en %{link} y haga clic en la opción 'Registrarse' en la parte superior derecha de la pantalla." verify: "Verificar usuario" diff --git a/db/migrate/20151015135154_destroy_manager.rb b/db/migrate/20151015135154_destroy_manager.rb new file mode 100644 index 000000000..41e16f0e3 --- /dev/null +++ b/db/migrate/20151015135154_destroy_manager.rb @@ -0,0 +1,16 @@ +class DestroyManager < ActiveRecord::Migration + def self.up + drop_table :managers + end + + def self.down + create_table :managers do |t| + t.string :username, null: false + t.string :password_digest, null: false + t.timestamp :last_login_at + t.timestamps + end + + add_index :managers, [:username] + end +end diff --git a/db/schema.rb b/db/schema.rb index 2b19c382c..29fda8e68 100644 --- a/db/schema.rb +++ b/db/schema.rb @@ -168,16 +168,6 @@ ActiveRecord::Schema.define(version: 20151019133719) do add_index "locks", ["user_id"], name: "index_locks_on_user_id", using: :btree - create_table "managers", force: :cascade do |t| - t.string "username", null: false - t.string "password_digest", null: false - t.datetime "last_login_at" - t.datetime "created_at" - t.datetime "updated_at" - end - - add_index "managers", ["username"], name: "index_managers_on_username", using: :btree - create_table "moderators", force: :cascade do |t| t.integer "user_id" end diff --git a/lib/capistrano/tasks/upload_secrets.cap b/lib/capistrano/tasks/upload_secrets.cap index 525bcc85d..e8b75bfcf 100644 --- a/lib/capistrano/tasks/upload_secrets.cap +++ b/lib/capistrano/tasks/upload_secrets.cap @@ -1,5 +1,5 @@ namespace :deploy do - desc "compiles assets locally then rsyncs" + desc "rsyncs local config/secrets.yml file" task :upload_secrets do on roles(:app) do |role| run_locally do diff --git a/lib/manager_authenticator.rb b/lib/manager_authenticator.rb new file mode 100644 index 000000000..3f0d58357 --- /dev/null +++ b/lib/manager_authenticator.rb @@ -0,0 +1,44 @@ +class ManagerAuthenticator + + def initialize(data={}) + @manager = {login: data[:login], user_key: data[:clave_usuario], date: data[:fecha_conexion]} + end + + def auth + return false unless [@manager[:login], @manager[:user_key], @manager[:date]].all? {|_| _.present?} + return @manager if manager_exists? && application_authorized? + false + end + + private + + def manager_exists? + response = client.call(:get_status_user_data, message: { ub: {user_key: @manager[:user_key], date: @manager[:date]} }).body + parsed_response = parser.parse((response[:get_status_user_data_response][:get_status_user_data_return])) + @manager[:login] == parsed_response["USUARIO"]["LOGIN"] + rescue + false + end + + def application_authorized? + response = client.call(:get_applications_user_list, message: { ub: {user_key: @manager[:user_key]} }).body + parsed_response = parser.parse((response[:get_applications_user_list_response][:get_applications_user_list_return])) + aplication_value = parsed_response["APLICACIONES"]["APLICACION"] + # aplication_value from UWEB can be an array of hashes or a hash + aplication_value.include?( {"CLAVE_APLICACION" => application_key}) || aplication_value["CLAVE_APLICACION"] == application_key + rescue + false + end + + def client + @client ||= Savon.client(wsdl: Rails.application.secrets.managers_url) + end + + def parser + @parser ||= Nori.new + end + + def application_key + Rails.application.secrets.managers_application_key.to_s + end +end \ No newline at end of file diff --git a/spec/controllers/management/sessions_controller_spec.rb b/spec/controllers/management/sessions_controller_spec.rb index a1ac98279..f63cd3a56 100644 --- a/spec/controllers/management/sessions_controller_spec.rb +++ b/spec/controllers/management/sessions_controller_spec.rb @@ -2,36 +2,28 @@ require 'rails_helper' describe Management::SessionsController do - before(:all) do - create(:manager, username: "supermanager" , password: "secret") - end - describe 'Sign in' do - it "should return 404 if not username/password" do - expect { get :create }.to raise_error "Not Found" - end - - it "should return 404 if wrong username" do - expect { get :create, login: "nonexistent" , clave_usuario: "secret" }.to raise_error "Not Found" - end - - it "should return 404 if wrong password" do - expect { get :create, login: "supermanager" , clave_usuario: "wrong" }.to raise_error "Not Found" + it "should return 404 if wrong credentials" do + allow_any_instance_of(ManagerAuthenticator).to receive(:auth).and_return(false) + expect { get :create, login: "nonexistent" , clave_usuario: "wrong"}.to raise_error "Not Found" end it "should redirect to management root path if right credentials" do - get :create, login: "supermanager" , clave_usuario: "secret" + manager = {login: "JJB033", user_key: "31415926" , date: "20151031135905"} + allow_any_instance_of(ManagerAuthenticator).to receive(:auth).and_return(manager) + + get :create, login: "JJB033" , clave_usuario: "31415926", fecha_conexion: "20151031135905" expect(response).to be_redirect end end describe 'Sign out' do it "should destroy the session and redirect" do - session[:manager_id] = 1 + session[:manager] = {user_key: "31415926" , date: "20151031135905", login: "JJB033"} delete :destroy - expect(session[:manager_id]).to be_nil + expect(session[:manager]).to be_nil expect(response).to be_redirect end end diff --git a/spec/factories.rb b/spec/factories.rb index 6b665e884..83bc79af1 100644 --- a/spec/factories.rb +++ b/spec/factories.rb @@ -223,11 +223,6 @@ FactoryGirl.define do user end - factory :manager do - sequence(:username) { |n| "manager#{n}" } - password 'supersecret' - end - factory :organization do user responsible_name "Johnny Utah" diff --git a/spec/features/management/document_verifications_spec.rb b/spec/features/management/document_verifications_spec.rb index 4a9f8c44e..674349815 100644 --- a/spec/features/management/document_verifications_spec.rb +++ b/spec/features/management/document_verifications_spec.rb @@ -3,7 +3,7 @@ require 'rails_helper' feature 'DocumentVerifications' do background do - login_as_manager(create(:manager)) + login_as_manager end scenario 'Verifying a level 3 user shows an "already verified" page' do @@ -53,4 +53,23 @@ feature 'DocumentVerifications' do expect(page).to have_content "Please introduce the email used on the account" end + scenario 'Document number is format-standarized' do + + visit management_document_verifications_path + fill_in 'document_verification_document_number', with: '12345 - h' + click_button 'Check' + + expect(page).to have_content "Document number: 12345H" + end + + scenario 'User age is checked' do + expect_any_instance_of(Verification::Management::Document).to receive(:under_sixteen?).and_return(true) + + visit management_document_verifications_path + fill_in 'document_verification_document_number', with: '1234' + click_button 'Check' + + expect(page).to have_content "You must be over 16 to verify your account." + end + end \ No newline at end of file diff --git a/spec/features/management/email_verifications_spec.rb b/spec/features/management/email_verifications_spec.rb index 96c0c78ed..cb695a0f7 100644 --- a/spec/features/management/email_verifications_spec.rb +++ b/spec/features/management/email_verifications_spec.rb @@ -3,7 +3,7 @@ require 'rails_helper' feature 'EmailVerifications' do scenario 'Verifying a level 1 user via email' do - login_as_manager(create(:manager)) + login_as_manager user = create(:user) diff --git a/spec/features/management/managed_users_spec.rb b/spec/features/management/managed_users_spec.rb index 83a36047e..b4d94ca40 100644 --- a/spec/features/management/managed_users_spec.rb +++ b/spec/features/management/managed_users_spec.rb @@ -3,7 +3,7 @@ require 'rails_helper' feature 'Managed User' do background do - login_as_manager(create(:manager)) + login_as_manager end context "Currently managed user" do @@ -47,7 +47,7 @@ feature 'Managed User' do end scenario "User becomes verified as level two (pending email confirmation for level three)" do - login_as_manager(create(:manager)) + login_as_manager user = create(:user) @@ -71,7 +71,7 @@ feature 'Managed User' do end scenario "User is created as level three from scratch" do - login_as_manager(create(:manager)) + login_as_manager visit management_document_verifications_path fill_in 'document_verification_document_number', with: '1234' @@ -111,10 +111,10 @@ feature 'Managed User' do expect(page).to have_content "Identified as" expect(page).to have_content "#{user.username}" - click_link "Logout" + click_link "Change user" end - expect(page).to have_content "Signed out successfully." + expect(page).to have_content "User session signed out successfully." expect(current_path).to eq(management_root_path) end diff --git a/spec/features/management/proposals_spec.rb b/spec/features/management/proposals_spec.rb index 6c54dc04d..d3339020f 100644 --- a/spec/features/management/proposals_spec.rb +++ b/spec/features/management/proposals_spec.rb @@ -3,8 +3,7 @@ require 'rails_helper' feature 'Proposals' do background do - manager = create(:manager) - login_as_manager(manager) + login_as_manager end context "Create" do @@ -118,8 +117,8 @@ feature 'Proposals' do end scenario "Filtering proposals to be printed", :js do - create(:proposal, title: 'Best proposal').update_column(:confidence_score, 10) create(:proposal, title: 'Worst proposal').update_column(:confidence_score, 2) + create(:proposal, title: 'Best proposal').update_column(:confidence_score, 10) create(:proposal, title: 'Medium proposal').update_column(:confidence_score, 5) user = create(:user, :level_two) @@ -127,8 +126,6 @@ feature 'Proposals' do click_link "Print proposals" - select 'most supported', from: 'order-selector' - expect(page).to have_selector('.js-order-selector[data-order="confidence_score"]') within '#proposals' do @@ -136,8 +133,17 @@ feature 'Proposals' do expect('Medium proposal').to appear_before('Worst proposal') end - expect(current_url).to include('order=confidence_score') + select 'newest', from: 'order-selector' + + expect(page).to have_selector('.js-order-selector[data-order="created_at"]') + + expect(current_url).to include('order=created_at') expect(current_url).to include('page=1') + + within '#proposals' do + expect('Medium proposal').to appear_before('Best proposal') + expect('Best proposal').to appear_before('Worst proposal') + end end end diff --git a/spec/features/management/users_spec.rb b/spec/features/management/users_spec.rb index bb2ffe7b4..2e2564df8 100644 --- a/spec/features/management/users_spec.rb +++ b/spec/features/management/users_spec.rb @@ -4,7 +4,7 @@ feature 'users' do scenario 'Creating a level 3 user from scratch' do - login_as_manager(create(:manager)) + login_as_manager visit management_document_verifications_path fill_in 'document_verification_document_number', with: '1234' diff --git a/spec/lib/manager_authenticator_spec.rb b/spec/lib/manager_authenticator_spec.rb new file mode 100644 index 000000000..256303fdd --- /dev/null +++ b/spec/lib/manager_authenticator_spec.rb @@ -0,0 +1,65 @@ +require 'rails_helper' + +describe ManagerAuthenticator do + describe 'initialization params' do + it 'should cause auth to return false if blank login' do + authenticator = ManagerAuthenticator.new({login: "", clave_usuario: "31415926", fecha_conexion: "20151031135905"}) + expect(authenticator.auth).to be false + end + + it 'should cause auth to return false if blank user_key' do + authenticator = ManagerAuthenticator.new({login: "JJB033", clave_usuario: "", fecha_conexion: "20151031135905"}) + expect(authenticator.auth).to be false + end + + it 'should cause auth to return false if blank date' do + authenticator = ManagerAuthenticator.new({login: "JJB033", clave_usuario: "31415926", fecha_conexion: ""}) + expect(authenticator.auth).to be false + end + end + + describe '#auth' do + before(:all) do + @authenticator = ManagerAuthenticator.new({login: "JJB033", clave_usuario: "31415926", fecha_conexion: "20151031135905"}) + end + + it 'should return false if not manager_exists' do + allow(@authenticator).to receive(:manager_exists?).and_return(false) + allow(@authenticator).to receive(:application_authorized?).and_return(true) + + expect(@authenticator.auth).to be false + end + + it 'should return false if not application_authorized' do + allow(@authenticator).to receive(:manager_exists?).and_return(true) + allow(@authenticator).to receive(:application_authorized?).and_return(false) + + expect(@authenticator.auth).to be false + end + + it 'should return ok if manager_exists and application_authorized' do + allow(@authenticator).to receive(:manager_exists?).and_return(true) + allow(@authenticator).to receive(:application_authorized?).and_return(true) + + expect(@authenticator.auth).to be_truthy + end + end + + describe 'SOAP' do + before(:all) do + @authenticator = ManagerAuthenticator.new({login: "JJB033", clave_usuario: "31415926", fecha_conexion: "20151031135905"}) + end + + it 'should call the verification user method' do + allow(@authenticator).to receive(:application_authorized?).and_return(true) + expect(@authenticator.send(:client)).to receive(:call).with(:get_status_user_data, message: { ub: {user_key: "31415926", date: "20151031135905"} }) + @authenticator.auth + end + + it 'should call the permissions check method' do + allow(@authenticator).to receive(:manager_exists?).and_return(true) + expect(@authenticator.send(:client)).to receive(:call).with(:get_applications_user_list, message: { ub: {user_key: "31415926"} }) + @authenticator.auth + end + end +end \ No newline at end of file diff --git a/spec/models/manager_spec.rb b/spec/models/manager_spec.rb deleted file mode 100644 index a6a89427c..000000000 --- a/spec/models/manager_spec.rb +++ /dev/null @@ -1,46 +0,0 @@ -require 'rails_helper' - -describe Manager do - - describe "valid?" do - - let(:manager) { create(:manager) } - - it "is false when username is blank" do - manager.username = nil - expect(manager).to_not be_valid - end - it "is false when password is blank" do - manager.password_digest = nil - expect(manager).to_not be_valid - end - - it "is true if username and password present" do - expect(manager).to be_valid - end - end - - describe "self.valid_manager" do - before(:all) { create(:manager, username: "Silvia" ,password: "supersecret") } - - it "is false when username is blank" do - expect(Manager.valid_manager(nil, "supersecret")).to be_blank - end - it "is false when password is blank" do - expect(Manager.valid_manager("Silvia", nil)).to be_blank - end - - it "is false if manager unexistent" do - expect(Manager.valid_manager("Manager", "supersecret")).to be_blank - end - - it "is false if wrong password unexistent" do - expect(Manager.valid_manager("Silvia", "wrong")).to be_blank - end - - it "is true if right username/password combination" do - expect(Manager.valid_manager("Silvia", "supersecret")).to be_present - end - end - -end \ No newline at end of file diff --git a/spec/models/proposal_spec.rb b/spec/models/proposal_spec.rb index 6e5acb379..964f8f057 100644 --- a/spec/models/proposal_spec.rb +++ b/spec/models/proposal_spec.rb @@ -194,6 +194,22 @@ describe Proposal do end end + describe '#cached_votes_up' do + + describe "with deprecated long tag list" do + + it "should increase number of cached_total_votes" do + proposal = create(:proposal) + + tag_list = ["tag1", "tag2", "tag3", "tag4", "tag5", "tag6", "tag7"] + proposal.update_attribute(:tag_list, tag_list) + + expect(proposal.update_cached_votes).to eq(true) + end + + end + end + describe '#hot_score' do let(:now) { Time.now } diff --git a/spec/models/verification/management/document_spec.rb b/spec/models/verification/management/document_spec.rb new file mode 100644 index 000000000..b4140f7ed --- /dev/null +++ b/spec/models/verification/management/document_spec.rb @@ -0,0 +1,37 @@ +require 'rails_helper' + +describe Verification::Management::Document do + describe "#valid_age?" do + it "returns false when the user is younger than sixteen years old" do + census_response = double(date_of_birth: "31-12-#{16.years.ago.year}") + expect(Verification::Management::Document.new.valid_age?(census_response)).to be false + end + + it "returns true when the user is sixteen years old" do + census_response = double(date_of_birth: 16.years.ago.strftime("%d-%m-%Y")) + expect(Verification::Management::Document.new.valid_age?(census_response)).to be true + end + + it "returns true when the user is older than sixteen years old" do + census_response = double(date_of_birth: "31-12-#{33.years.ago.year}") + expect(Verification::Management::Document.new.valid_age?(census_response)).to be true + end + end + + describe "#under_sixteen?" do + it "returns true when the user is younger than sixteen years old" do + census_response = double(date_of_birth: "31-12-#{16.years.ago.year}") + expect(Verification::Management::Document.new.under_sixteen?(census_response)).to be true + end + + it "returns false when the user is sixteen years old" do + census_response = double(date_of_birth: 16.years.ago.strftime("%d-%m-%Y")) + expect(Verification::Management::Document.new.under_sixteen?(census_response)).to be false + end + + it "returns false when the user is older than sixteen years old" do + census_response = double(date_of_birth: "31-12-#{33.years.ago.year}") + expect(Verification::Management::Document.new.under_sixteen?(census_response)).to be false + end + end +end \ No newline at end of file diff --git a/spec/support/common_actions.rb b/spec/support/common_actions.rb index d57a5eaac..b53ff2816 100644 --- a/spec/support/common_actions.rb +++ b/spec/support/common_actions.rb @@ -24,8 +24,10 @@ module CommonActions click_button 'Log in' end - def login_as_manager(manager) - visit management_sign_in_path(login: manager.username, clave_usuario: manager.password) + def login_as_manager + login, user_key, date = "JJB042", "31415926", Time.now.strftime("%Y%m%d%H%M%S") + allow_any_instance_of(ManagerAuthenticator).to receive(:auth).and_return({login: login, user_key: user_key, date: date}) + visit management_sign_in_path(login: login, clave_usuario: user_key, fecha_conexion: date) end def login_managed_user(user)