Commit Graph

2313 Commits

Author SHA1 Message Date
taitus
7c48ba0116 Do not display the cookie banner when JS is disabled 2025-01-23 17:16:57 +01:00
taitus
018b00cd6e Allow managing versions of cookies consent
This can be useful when adding a new cookie or making
modifications that require asking the user again.
2025-01-23 17:16:57 +01:00
taitus
7407c386a6 Render third party cookies in the management component
Set cookie duration to 365 days based on the AEPD's cookie usage guidelines.

Note from the document: "Cookies with a duration of up to 24 months are
considered acceptable as long as they are periodically updated."
Reference: https://www.aepd.es/guias/guia-cookies.pdf
2025-01-23 17:16:55 +01:00
taitus
dc54fda71b Allow accepting all cookies in consent banner and management component
Create cookie consent "all" when accept all cookies

Set cookie duration to 365 days based on the AEPD's cookie usage guidelines.

Note from the document: "Cookies with a duration of up to 24 months are
considered acceptable as long as they are periodically updated."
Reference: https://www.aepd.es/guias/guia-cookies.pdf
2025-01-23 17:03:30 +01:00
taitus
390c749d24 Add switch to management component for essentials cookies 2025-01-23 16:48:55 +01:00
taitus
c95c80dc32 Create a new component to render checkboxes as switches
https://get.foundation/sites/docs/switch.html
2025-01-23 16:48:55 +01:00
taitus
d35455624f Allow accept essential cookies from management modal 2025-01-23 16:48:55 +01:00
taitus
119c4202fe Allow accessing to management modal from cookies consent banner 2025-01-23 16:48:55 +01:00
taitus
5d590a0aee Add modal management for show essential cookies information
Note that in order to avoid display duplicated vertical scroll when
render a modal, we are add an `overflow: unset` rule. This rule
overwrite a vendor rule both in the modal we are adding and in the
modal we already have when creating a budget in admin section.
2025-01-23 16:48:55 +01:00
taitus
0ef7f9f1fa Extract close button definition to mixin 2025-01-23 16:48:54 +01:00
taitus
1958a77842 Allow accept essential cookies from consent banner
Set cookie duration to 365 days based on the AEPD's cookie usage guidelines.

Note from the document: "Cookies with a duration of up to 24 months are
considered acceptable as long as they are periodically updated."
Reference: https://www.aepd.es/guias/guia-cookies.pdf
2025-01-23 16:48:53 +01:00
taitus
4c0b6455f6 Add cookies consent banner
Allow enabling from settings admin section.

Note that we set the z-index to 20 in order to will be greater than
the others z-index elements in the application like <header> on
mobile devices.
2025-01-23 16:05:40 +01:00
Javi Martín
e5bfb92564 Compile admin CSS in a different stylesheet
With this change, on my browser, reloading a page in development after
changing a CSS file is about 25% faster than simply splitting the CSS
code between `application.css` and `vendored.css`. Compared to using
only one `application.css` file containing everything, reloading a page
in development is about 35% faster.

The combined size of all the generated stylesheets is now about 0.5%
bigger. Not sure why (maybe placeholder selectors?), but the difference
is negligible.

Note that we could load the `administration.css` file only in the admin
area, reducing the size of the page for people accessing the public
area. However, the size of this stylesheet (compressed) is 28K, which is
less than 3% of the overall size of a page and, on the other hand,
there's a risk of some styles no longer being applied because we might
have overlooked the fact that some styles in the `administration.css`
are also applied to the public area.

So, for now, we're still loading the administration styles in the public
area. We might reconsider in the future.
2025-01-08 16:37:43 +01:00
Javi Martín
4646c056a7 Compile vendored CSS in a different stylesheet
With this change, on my browser, reloading a page in development after
changing a CSS file is about 10%-15% faster.

On the minus side, this change results in an extra request when browsing
the page; AFAIK it isn't that big of a deal, even when the server isn't
using HTTP/2.
2025-01-08 16:27:52 +01:00
Javi Martín
b6ffeeca62 Move styles from admin to layout
These styles are used in places other than the admin section. In
particular, the `.button.small.success` style is no longer used in the
admin section but only in the verified user form.

Note: I'm not sure whether the `table .callout` selector matches any
element, either in the admin or in the public section, so I'm leaving it
where it was.
2025-01-08 16:27:43 +01:00
Javi Martín
111516f660 Move stats styles to the stats stylesheet
These styles aren't only used in the admin section but also in the
public stats page.
2025-01-08 16:20:37 +01:00
Javi Martín
b3588b1865 Remove no-margin-bottom HTML class
It was only used once, and we can use a selector that makes it obvious
where it is used. Besides, the style for the no-margin-bottom class was
to remove the bottom margin, which was inconsistent with the style for
the no-margin-top class, which adds a negative margin to the element.

I'm not sure why we're removing the margin here, though, since it isn't
consistent with the rest of the forms in the application. For now, we're
keeping it the way it used to look.
2025-01-08 16:20:37 +01:00
Javi Martín
02aac86b04 Move edit password manually view to a component
We're restructuring the CSS of the admin stylesheet, and there was a
rule that is only applied to this component.
2025-01-08 16:20:37 +01:00
Javi Martín
0657749ead Remove unused CSS in admin stylesheet
* The `archived` class isn't used since commit cd982768f
* The `ignored` class isn't used since commit 343025872
* The `count-error` class isn't used since commit bddfee2b8
* The `edit-legislation-draft-version`, `edit-legislation-process` and
  `legislation-questions-answers` classes aren't used since commit
  d679c1eb7
* The `legislation-process-save`, `legislation-question-delete`,
  `legislation-process-version` and `legislation-process-question`
  classes aren't used since commit f8707a73cd
* The `is-featured` class isn't used since e60ffa3c0
* The `on-hover` and `on-hover-block` classes aren't used since commit
  d91388b2b
* The `total-price` class isn't used since commit d0b8fef6b
* The `login-as` class was never used in the first place
2025-01-08 16:19:44 +01:00
Javi Martín
89ffec2b87 Fix typo in investments stylesheets folder name
The styles were being loaded anyway because we use `budgets/**/*` to
load the stylesheets related to budgets.
2025-01-08 16:10:05 +01:00
CoslaJohn
624e60eab9 Added layer control to map to allow each geozone display to be toggled on/off
Note we're adding a `name` property to the geozones investments sidebar
map even if we don't render the geozones in the map, in order to
simplify the JavaScript function `geozoneLayers`.
2024-12-23 17:35:33 +01:00
CoslaJohn
cb8b0ad6ff Support different colors and headings on each feature
We're making sure each feature contains properties in order to avoid
possible JavaScript errors.

We're also adding a default color to a geozone.
2024-12-23 17:35:33 +01:00
CoslaJohn
5dbe2cbf24 Support FeatureCollection and MultiPolygon in geozones
We're reworking the format validation to correctly interpret feature
collection, feature, and geometry, according to RFC 7946 [1].

Since Leaflet interprets GeoJSON format, we're rendering the GeoJSON as
a layer instead of as a set of points. For that, we're normalizing the
GeoJSON to make sure it contains either a Feature or a
FeatureCollection. We're also adding the Leaflet images to the assets
path so the markers used for point geometries are rendered correctly.

Note we no longer allow a GeoJSON containing a geometry but not a
defined type. Since there might be invalid GeoJSON in existing Consul
Democracy databases, we're normalizing these existing geometry objects
to be part of a feature object.

We're also wrapping the outline points in a FeatureCollection object
because most of the large GIS systems eg ArcGIS, QGIS export geojson as
a complete FeatureCollection.

[1] https://datatracker.ietf.org/doc/html/rfc7946

Co-authored-by: Javi Martín <javim@elretirao.net>
2024-12-23 17:35:33 +01:00
Javi Martín
ddaf320d8a Add proper labels to shift date selectors
We were using one label for both date selectors, but it wasn't
associated with any of them.

So we're now rendering one label per control and, just like we only show
one of these date selectors at a time, we're only showing one label at a
time.
2024-11-12 15:58:26 +01:00
Javi Martín
ee34ead4ee Move poll shifts form partial to a component
Thanks to it, we can move a few helper methods to the component.
2024-11-12 15:17:16 +01:00
Javi Martín
4102330abc Add labels to investments filters
Note that adding the labels broke the layout because the button was no
longer aligned with the fields, so we're now using a flex layout.

Since we're using labels, we no longer need a placeholder (which wasn't
very informative, by the way) in the text field.
2024-11-11 15:04:40 +01:00
Javi Martín
670f4515ab Remove obsolete HTML class in advanced filters button
The `clear` class isn't needed since commit c9f31b8e1, when we moved
this button above the regular search fields.

We're also moving the `float` property to the CSS file.
2024-11-11 15:04:40 +01:00
Javi Martín
29968d1d9f Use a button to toggle advanced filters
As mentioned in commit 5311daadf, there are several reasons to use
buttons in these situations.
2024-11-11 15:04:40 +01:00
Javi Martín
c28ff49f10 Move investments search form partial to a component
As a bonus, we now have a few less helper methods :).
2024-11-11 15:04:40 +01:00
Javi Martín
1cefc040a7 Add labels to the search form in the management area
The text for the unfeasible checkbox wasn't correctly defined as a
label, while the fields to search investments and select the heading
weren't intuitive since their purpose wasn't obvious.
2024-11-11 15:04:35 +01:00
Javi Martín
87a5dd8ee5 Use a button to mark debates as featured
As mentioned in commit 5311daadf, there are several reasons to use
buttons in these situations. And, as mentioned in the previous commits,
using buttons instead of links for actions requiring confirmation will
help us test for accessibility issues.
2024-11-08 13:24:23 +01:00
Javi Martín
68744f110e Use CSS to add separators to the debates featured action
Just like we do in the moderation actions displayed next to id.
2024-11-08 13:24:23 +01:00
Javi Martín
d85a87a517 Use a button to delete surveys
As mentioned in commit 5311daadf, there are several reasons to use
buttons in these situations. And, as mentioned in the previous commits,
using buttons instead of links for actions requiring confirmation will
help us test for accessibility issues.
2024-11-08 13:11:02 +01:00
Javi Martín
11ef917802 Use a button to delete comments
As mentioned in commit 5311daadf, there are several reasons to use
buttons in these situations. And, as mentioned in the previous commits,
using buttons instead of links for actions requiring confirmation will
help us test for accessibility issues.
2024-11-08 13:01:01 +01:00
Javi Martín
891333abed Use a button to hide recommendations
As mentioned in commit 5311daadf, there are several reasons to use
buttons in these situations. And, as mentioned in the previous commits,
using buttons instead of links for actions requiring confirmation will
help us test for accessibility issues.

Since we're adding styles for this button, we're also adding the
`font-size` property instead of using the `small` class. We'll deal with
the `float-right` property in the next commit.
2024-11-08 13:00:14 +01:00
Javi Martín
b694ee7077 Use a button to delete an investment
Note that, since the button now generates a `form` tag, we need to
adjust the styles of this section.

As mentioned in commit 5311daadf, there are several reasons to use
buttons in these situations. And, as mentioned in the previous commits,
using buttons instead of links for actions requiring confirmation will
help us test for accessibility issues.

Note we're simplifying the `table .button` margin rules because the
`.button` class already defines `0` for all its margins except the
bottom margin. Otherwise, the margins defined by the `flex-with-gap`
mixin would be overwritten by the margins defined in the `table .button`
class.
2024-11-08 12:19:05 +01:00
Javi Martín
2fb8abe83f Use a button to delete documents
While testing for accessibility issues (in a development branch), we're
removing Turbolinks and monkey-patching the behavior of the `click_link`
method to check the page for accessibility issues after each request.
However, we were getting false positives when clicking links that act
like buttons.

So, for the reasons mentioned in commit 5311daadf, we're replacing the
link to delete a document with a button.
2024-11-07 15:18:37 +01:00
Javi Martín
75b03791b1 Extract component to render an execution
Note that, in order to be consistent with the name of the component,
we're renaming the `budget-execution` class to
`budget-executions-investment`.
2024-11-07 14:21:55 +01:00
Javi Martín
764d22f57a Use flex instead of an equalizer in executions
Just like we did in commits like f2e32b44b, a8537f7e1 and be9fc2265,
we're replacing a buggy JavaScript solution with one using just CSS.

Besides, we've had a failure in our test suite caused by an image not
being displayed on the page, with the message:

```
Failures:

1) Executions Images renders last milestone's image if investment has multiple milestones
   with images associated
   Failure/Error: expect(page).to have_css("img[alt='Second image']")
     expected to find visible css "img[alt='Second image']" but there were no matches.
     Also found "", which matched the selector but not all filters.

   # ./spec/system/budgets/executions_spec.rb:135:in `block (3 levels) in <top (required)>'
```

The text "matched the selector but not all filters" means that the
element was present on the page but wasn't visible. One possible cause
is that the equalizer was adjusting the height of the element containing
the image before the image was loaded.

Note that, after these changes, all investments on the same row will
have the same height but, unlike with Foundation's equalizer,
investments on different rows might have different heights.
2024-11-07 14:21:55 +01:00
Javi Martín
6e5ef9795e Track ahoy visits on the server side
In commit 96ae69fe9, we stopped using cookies to track Ahoy visits and
started using a combination of the IP and the browser agent instead.

However, since we're still using the legacy logic from Ahoy 1.x to track
visits (which we had to add in commit b5220effd), this way of tracking
visits doesn't work and counts every page visited by a user as an
independent visit.

Maybe we could migrate existing data, which uses the `visitor_id` column
so it uses the new `visit_token` and `visitor_token` columns, but
there's no mention in the Ahoy documentation regarding how to do so.

While deciding what to do about this, we found something interesting.

For two years, we've been seeing random failures in the
`system/admin/tenants_spec.rb` tests, with messages like:

```
1) Tenants Create Tenant with subdomain
     Failure/Error:
       raise TenantNotFound, <<~EXCEPTION_MESSAGE
         Could not set search path to schemas, they may be invalid:
           "#{tenant}" #{full_search_path}.
         Original error: #{exception.class}: #{exception}
       EXCEPTION_MESSAGE

     Apartment::TenantNotFound:
       Could not set search path to schemas, they may be invalid:
         "earth" "public", "shared_extensions".
       Original error:
         ActiveRecord::StatementInvalid: Could not find schema earth
```

And we've found one of the causes: the AJAX requests done by Ahoy to
track visits. Sometimes a test that creates or updates a tenant finishes
but the Ahoy AJAX request to, say, `earth.lvh.me/ahoy/visits`, is
handled by the next test, when the `earth` schema no longer exists, thus
raising an `Apartment::TenantNotFound` exception.

So by disabling these AJAX requests and tracking the visits in the
server instead, we're killing two birds in one stone: we're fixing the
bug regarding the visits count and we're reducing the flakiness in our
test suite. It looks like we're also removing the "phantom ahoy cookie"
we were getting since the mentioned commit b5220effd: an ahoy cookie was
quickly set and unset in the browser.

Note that, even though we aren't migrating any data, we're still adding
the new fields, because some tests started to fail because, when
tracking visits in the server without cookies, Ahoy expects the Visit
model to have a `visit_token` field.
2024-11-07 12:04:46 +01:00
Sebastia
d242170771 Merge pull request #5057 from consuldemocracy/only_manage_tenants
Add an option to enable the "Multitenancy management mode"
2024-11-06 14:59:50 +01:00
Sebastia
1c684c3daf Merge pull request #5752 from consuldemocracy/dependabot/bundler/sassc-embedded-1.80.1
Bump sassc-embedded from 1.70.1 to 1.80.1
2024-11-06 13:16:42 +01:00
dependabot[bot]
64bcedc8b2 Bump sassc-embedded from 1.70.1 to 1.80.1
Note: Since we update to 1.80.1 deprecation warnings are appear when execute the assets:precompile command.
In order to silence this deprecation, we add silence_deprecation option in sass.rb initializer.

The code has also been updated to remove the deprecation warnings that appeared related to the function
darken(), lighten() and "Using / for division" instead of the function calc().

Bumps [sassc-embedded](https://github.com/sass-contrib/sassc-embedded-shim-ruby) from 1.70.1 to 1.80.1.
- [Commits](https://github.com/sass-contrib/sassc-embedded-shim-ruby/compare/v1.70.1...v1.80.1)

---
updated-dependencies:
- dependency-name: sassc-embedded
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-11-06 13:01:58 +01:00
taitus
a5911f5c6a Modify admin layout to only manage tenants and admins
We only want to render the account link and login items in the header.
And we want only render the Multitenancy and Administrators sections in
the admin sidebar.

We include the administrators management so it's possible to give
permissions to other users to manage tenants.

In order to restrict access to other sections by typing the URL or
following a link, we're only enabling the rest of the routes when we
aren't in the multitenancy management mode.
2024-11-06 11:17:53 +01:00
Nicolas Fourre
a81fba71f0 fix(social-login): social button fill space when option are turn off 2024-10-28 21:25:22 +01:00
Javi Martín
463112c2ea Use a switch to toggle investment selection
Just like it happened with proposals, the button to select/deselect an
investment wasn't very intuitive; for example, it wasn't obvious that
pressing a button saying "selected" would deselect the investment.

So we're using a switch control, like we do to enable/disable features
since commit fabe97e50.

Note that we're making the text of the switch smaller than in other
places because the text in the investments table it is also smaller
(we're using `font-size: inherit` for that purpose). That made the
button look weird because we were using rems instead of ems for the
width of the button, so we're adjusting that as well.

Also note we're changing the width of the switch to `6em` instead of
`6.25em` (which would be 100px if 1em is 16px). We're doing so because
we used 100 for the minimum width because it's a round number, so
now we're using another round number.
2024-10-28 13:40:27 +01:00
Javi Martín
f72daff71f Simplify JavaScript to toggle investment selection
We don't need to replace the whole row, since the changes only affect
the button. Therefore, we don't need to depend on an `inserted` event to
decide which columns to render in that row.
2024-10-28 13:39:49 +01:00
Javi Martín
73166e164b Simplify HTML for an investment row
Since we define the `data-field` element, we can style each element
individually with CSS.

I'm not sure whether these styles make sense, though. For instance, why
is "Supports" aligned to the center, since it's a number? For now, we're
leaving it as it was.
2024-10-25 17:24:32 +02:00
Javi Martín
ced834200a Update documentation to customize JavaScript
Note that, while it doesn't really affect the way the application
behaves (as long as the JavaScript code doesn't rely on the order it's
loaded) we're requiring `app/assets/javascripts/custom.js` after
requiring any files in the `app/assets/javascripts/custom/` folder. This
is done for consistency, since we load the content of
`app/assets/javascripts/application.js` after requiring everything else.
2024-09-10 14:29:51 +02:00
Javi Martín
2ccf725815 Add properties-alphabetical-order Stylelint rule
We hadn't added this rule before because there was no such rule in
scss-lint. Instead, we were following it without a linter, and so we
unintentionally broke it sometimes.

But now we're using Stylelint, so we can add the rule and let the linter
check we're still following it.
2024-07-22 17:34:08 +02:00