diff --git a/.dev.env b/.dev.env
new file mode 100644
index 0000000..5eed5e9
--- /dev/null
+++ b/.dev.env
@@ -0,0 +1,139 @@
+# vim: et:ts=2:sw=2:tw=0:wm=0:fdm=marker
+# shellcheck disable=SC2034
+
+# Decidim {{{1
+
+DECIDIM_APPLICATION_NAME=DecidimOCL
+# DECIDIM_MAILER_SENDER=
+DECIDIM_AVAILABLE_LOCALES=en,de,fr,it
+DECIDIM_DEFAULT_LOCALE=de
+# DECIDIM_FORCE_SSL=
+DECIDIM_ENABLE_HTML_HEADER_SNIPPETS=true
+DECIDIM_CURRENCY_UNIT=CHF
+DECIDIM_CORS_ENABLED=false
+# DECIDIM_IMAGE_UPLOADER_QUALITY=
+# DECIDIM_MAXIMUM_ATTACHMENT_SIZE=
+# DECIDIM_MAXIMUM_AVATAR_SIZE=
+# DECIDIM_MAX_REPORTS_BEFORE_HIDING=
+# DECIDIM_TRACK_NEWSLETTER_LINKS=
+# DECIDIM_DOWNLOAD_YOUR_DATA_EXPIRY_TIME=
+# DECIDIM_THROTTLING_MAX_REQUESTS=
+# DECIDIM_THROTTLING_PERIOD=
+# DECIDIM_UNCONFIRMED_ACCESS_FOR=
+# DECIDIM_SYSTEM_ACCESSLIST_IPS=
+# DECIDIM_BASE_UPLOADS_PATH=
+# DECIDIM_DEFAULT_CSV_COL_SEP=
+# DECIDIM_CONSENT_COOKIE_NAME=
+# DECIDIM_CACHE_KEY_SEPARATOR=
+DECIDIM_EXPIRE_SESSION_AFTER=240
+# DECIDIM_SESSION_TIMEOUT_INTERVAL=
+DECIDIM_ENABLE_REMEMBER_ME=true
+DECIDIM_FOLLOW_HTTP_X_FORWARDED_HOST=true
+# DECIDIM_MAXIMUM_CONVERSATION_MESSAGE_LENGTH=
+# DECIDIM_PASSWORD_BLACKLIST=
+# DECIDIM_ALLOW_OPEN_REDIRECTS=
+# DECIDIM_SERVICE_WORKER_ENABLED=
+DECIDIM_ADMIN_PASSWORD_EXPIRATION_DAYS=0
+DECIDIM_ADMIN_PASSWORD_MIN_LENGTH=8
+DECIDIM_ADMIN_PASSWORD_REPETITION_TIMES=3
+DECIDIM_ADMIN_PASSWORD_STRONG=true
+# API_SCHEMA_MAX_PER_PAGE=
+# API_SCHEMA_MAX_COMPLEXITY=
+API_SCHEMA_MAX_DEPTH=50
+# PROPOSALS_SIMILARITY_THRESHOLD=
+# PROPOSALS_SIMILARITY_LIMIT=
+# PROPOSALS_PARTICIPATORY_SPACE_HIGHLIGHTED_PROPOSALS_LIMIT=
+# PROPOSALS_PROCESS_GROUP_HIGHLIGHTED_PROPOSALS_LIMIT=
+# MEETINGS_UPCOMING_MEETING_NOTIFICATION=
+# MEETINGS_ENABLE_PROPOSAL_LINKING=
+# MEETINGS_EMBEDDABLE_SERVICES=
+# BUDGETS_ENABLE_PROPOSAL_LINKING=
+# ACCOUNTABILITY_ENABLE_PROPOSAL_LINKING=
+# CONSULTATIONS_STATS_CACHE_EXPIRATION_TIME=
+# INITIATIVES_CREATION_ENABLED=
+# INITIATIVES_SIMILARITY_THRESHOLD=
+# INITIATIVES_SIMILARITY_LIMIT=
+# INITIATIVES_MINIMUM_COMMITTEE_MEMBERS=
+# INITIATIVES_DEFAULT_SIGNATURE_TIME_PERIOD_LENGTH=
+# INITIATIVES_DEFAULT_COMPONENTS=
+# INITIATIVES_FIRST_NOTIFICATION_PERCENTAGE=
+# INITIATIVES_SECOND_NOTIFICATION_PERCENTAGE=
+# INITIATIVES_STATS_CACHE_EXPIRATION_TIME=
+# INITIATIVES_MAX_TIME_IN_VALIDATING_STATE=
+# INITIATIVES_PRINT_ENABLED=
+# INITIATIVES_DO_NOT_REQUIRE_AUTHORIZATION=
+# VERIFICATIONS_DOCUMENT_TYPES=
+# ELECTIONS_BULLETIN_BOARD_SERVER=
+# STORAGE_PROVIDER=
+# STORAGE_CDN_HOST=
+# AWS_ACCESS_KEY_ID=
+# AWS_SECRET_ACCESS_KEY=
+# AWS_REGION=
+# AWS_BUCKET=
+# AWS_ENDPOINT=
+# AZURE_STORAGE_ACCESS_KEY=
+# AZURE_STORAGE_ACCOUNT_NAME=
+# AZURE_CONTAINER=
+# GCS_PROJECT=
+# GCS_BUCKET=
+# GCS_TYPE=
+# GCS_PROJECT_ID=
+# GCS_PRIVATE_KEY_ID=
+# GCS_PRIVATE_KEY=
+# GCS_CLIENT_EMAIL=
+# GCS_CLIENT_ID=
+# GCS_AUTH_URI=
+# GCS_TOKEN_URI=
+# GCS_AUTH_PROVIDER_X509_CERT_URL=
+# GCS_CLIENT_X509_CERT_URL=
+# OMNIAUTH_FACEBOOK_APP_ID=
+# OMNIAUTH_FACEBOOK_APP_ID=
+# OMNIAUTH_FACEBOOK_APP_SECRET=
+# OMNIAUTH_TWITTER_API_KEY=
+# OMNIAUTH_TWITTER_API_KEY=
+# OMNIAUTH_TWITTER_API_SECRET=
+# OMNIAUTH_GOOGLE_CLIENT_ID=
+# OMNIAUTH_GOOGLE_CLIENT_ID=
+# OMNIAUTH_GOOGLE_CLIENT_SECRET=
+# MAPS_DYNAMIC_PROVIDER=
+# MAPS_STATIC_PROVIDER=
+# MAPS_STATIC_API_KEY=
+# MAPS_DYNAMIC_API_KEY=
+# MAPS_DYNAMIC_URL=
+# MAPS_STATIC_URL=
+# MAPS_ATTRIBUTION=
+# MAPS_EXTRA_VARS=
+# MAPS_GEOCODING_HOST=
+# ETHERPAD_SERVER=
+# ETHERPAD_API_KEY=
+# ETHERPAD_API_VERSION=
+# VAPID_PUBLIC_KEY=
+# VAPID_PUBLIC_KEY=
+# VAPID_PRIVATE_KEY=
+# ELECTIONS_BULLETIN_BOARD_SERVER=
+
+# production {{{2
+# SECRET_KEY_BASE=
+# SMTP_USERNAME=
+# SMTP_PASSWORD=
+# SMTP_ADDRESS=
+# SMTP_DOMAIN=
+# SMTP_PORT=
+# SMTP_STARTTLS_AUTO=
+# SMTP_AUTHENTICATION=
+# BULLETIN_BOARD_SERVER=
+# BULLETIN_BOARD_PUBLIC_KEY=
+# BULLETIN_BOARD_API_KEY=
+# AUTHORITY_NAME=
+# AUTHORITY_PRIVATE_KEY=
+# ELECTIONS_SCHEME_NAME=
+# ELECTIONS_NUMBER_OF_TRUSTEES=
+# ELECTIONS_QUORUM=
+# ELECTIONS_SETUP_MINIMUM_HOURS_BEFORE_START=
+# ELECTIONS_START_VOTE_MAXIMUM_HOURS_BEFORE_START=
+# ELECTIONS_VOTER_TOKEN_EXPIRATION_MINUTES=
+# VOTINGS_CHECK_CENSUS_MAX_REQUESTS=
+# VOTINGS_THROTTLING_PERIOD=
+# VOTINGS_CENSUS_ACCESS_CODES_EXPORT_EXPIRY_TIME=
+# /production }}}2
+# /Decidim }}}1
diff --git a/.envrc b/.envrc
index 50ba751..29dc9b5 100644
--- a/.envrc
+++ b/.envrc
@@ -1,9 +1,13 @@
# vim: et:ts=2:sw=2:tw=0:wm=0:fdm=marker:ft=bash
+strict_env
+
PATH_add "./bin"
PATH_add "./scripts"
-case "${STLU_ENV}" in
+[[ ! -f .dev.env ]] && echo -e "\nIt seems you don't have a dev.env file locally. We need this to run.\n"
+
+case "${STLU_ENV:-dev}" in
dev*)
echo "Loading .dev.env"
dotenv_if_exists "./.dev.env"
@@ -21,5 +25,4 @@ esac
# Add your local changes into the .envrc.local, which is a full blown .envrc file
# You can find the available commands here: https://direnv.net/man/direnv-stdlib.1.html
echo "Loading .envrc.local"
-dotenv_if_exists "./.envrc.local"
-
+dotenv_if_exists "./.envrc.local"
\ No newline at end of file
diff --git a/.gitignore b/.gitignore
index fd2f1c3..e1088ac 100644
--- a/.gitignore
+++ b/.gitignore
@@ -44,7 +44,7 @@ bin/bundle
# Ignore server environment variables files and local .envrc
.envrc.local
/*.env
-/.env.*
+!/.dev.env
# Ignore local gems
vendor/bundle
diff --git a/config/initializers/decidim.rb b/config/initializers/decidim.rb
index 640512f..7681a0a 100644
--- a/config/initializers/decidim.rb
+++ b/config/initializers/decidim.rb
@@ -4,11 +4,107 @@
Decidim.register_assets_path File.expand_path('app/packs/fonts', Rails.application.root)
Decidim.configure do |config| # rubocop:disable Metrics/BlockLength
- config.application_name = 'DecidimOCL'
+ # The name of the application
+ config.application_name = Rails.application.secrets.decidim[:application_name]
- # Change these lines to set your preferred locales
- config.default_locale = :de
- config.available_locales = %i[en de fr it]
+ # The email that will be used as sender in all emails from Decidim
+ config.mailer_sender = Rails.application.secrets.decidim[:mailer_sender]
+
+ # Sets the list of available locales for the whole application.
+ #
+ # When an organization is created through the System area, system admins will
+ # be able to choose the available languages for that organization. That list
+ # of languages will be equal or a subset of the list in this file.
+ config.available_locales = Rails.application.secrets.decidim[:available_locales].presence || [:en]
+ # Or block set it up manually and prevent ENV manipulation:
+ # config.available_locales = %w(en ca es)
+ # Sets the default locale for new organizations. When creating a new
+ # organization from the System area, system admins will be able to overwrite
+ # this value for that specific organization.
+ config.default_locale = Rails.application.secrets.decidim[:default_locale].presence || :en
+ # Restrict access to the system part with an authorized ip list.
+ # You can use a single ip like ("1.2.3.4"), or an ip subnet like ("1.2.3.4/24")
+ # You may specify multiple ip in an array ["1.2.3.4", "1.2.3.4/24"]
+ config.system_accesslist_ips = Rails.application.secrets.decidim[:system_accesslist_ips] if Rails.application.secrets.decidim[:system_accesslist_ips].present?
+ # Defines a list of custom content processors. They are used to parse and
+ # render specific tags inside some user-provided content. Check the docs for
+ # more info.
+ # config.content_processors = []
+ # Whether SSL should be enabled or not.
+ # if this var is not defined, it is decided automatically per-rails-environment
+ config.force_ssl = Rails.application.secrets.decidim[:force_ssl].present? unless Rails.application.secrets.decidim[:force_ssl] == "auto"
+ # or set it up manually and prevent any ENV manipulation:
+ # config.force_ssl = true
+ # Enable the service worker. By default is disabled in development and enabled in the rest of environments
+ config.service_worker_enabled = Rails.application.secrets.decidim[:service_worker_enabled].present?
+ # Map and Geocoder configuration
+ #
+ # See Decidim docs at https://docs.decidim.org/en/develop/services/maps.html
+ # for more information about how it works and how to set it up.
+ #
+ # == HERE Maps ==
+ # config.maps = {
+ # provider: :here,
+ # api_key: Rails.application.secrets.maps[:api_key],
+ # static: { url: "https://image.maps.ls.hereapi.com/mia/1.6/mapview" }
+ # }
+ #
+ # == OpenStreetMap (OSM) services ==
+ # To use the OSM map service providers, you will need a service provider for
+ # the following map servers or host all of them yourself:
+ # - A tile server for the dynamic maps
+ # (https://wiki.openstreetmap.org/wiki/Tile_servers)
+ # - A Nominatim geocoding server for the geocoding functionality
+ # (https://wiki.openstreetmap.org/wiki/Nominatim)
+ # - A static map server for static map images
+ # (https://github.com/jperelli/osm-static-maps)
+ #
+ # When used, please read carefully the terms of service for your service
+ # provider.
+ #
+ # config.maps = {
+ # provider: :osm,
+ # api_key: Rails.application.secrets.maps[:api_key],
+ # dynamic: {
+ # tile_layer: {
+ # url: "https://tiles.example.org/{z}/{x}/{y}.png?key={apiKey}&{foo}",
+ # api_key: true,
+ # foo: "bar=baz",
+ # attribution: %(
+ # © OpenStreetMap contributors
+ # ).strip
+ # # Translatable attribution:
+ # # attribution: -> { I18n.t("tile_layer_attribution") }
+ # }
+ # },
+ # static: { url: "https://staticmap.example.org/" },
+ # geocoding: { host: "nominatim.example.org", use_https: true }
+ # }
+ #
+ # == Combination (OpenStreetMap default + HERE Maps dynamic map tiles) ==
+ # config.maps = {
+ # provider: :osm,
+ # api_key: Rails.application.secrets.maps[:api_key],
+ # dynamic: {
+ # provider: :here,
+ # api_key: Rails.application.secrets.maps[:here_api_key]
+ # },
+ # static: { url: "https://staticmap.example.org/" },
+ # geocoding: { host: "nominatim.example.org", use_https: true }
+ # }
+ # Geocoder configurations if you want to customize the default geocoding
+ # settings. The maps configuration will manage which geocoding service to use,
+ # so that does not need any additional configuration here. Use this only for
+ # the global geocoder preferences.
+ # config.geocoder = {
+ # # geocoding service request timeout, in seconds (default 3):
+ # timeout: 5,
+ # # set default units to kilometers:
+ # units: :km,
+ # # caching (see https://github.com/alexreisner/geocoder#caching for details):
+ # cache: Redis.new,
+ # cache_prefix: "..."
+ # }
config.maps = {
provider: :swisstopo,
@@ -53,23 +149,63 @@
}
}
- # Custom resource reference generator method
+ if Rails.application.secrets.maps.present? && Rails.application.secrets.maps[:static_provider].present?
+ static_provider = Rails.application.secrets.maps[:static_provider]
+ dynamic_provider = Rails.application.secrets.maps[:dynamic_provider]
+ dynamic_url = Rails.application.secrets.maps[:dynamic_url]
+ static_url = Rails.application.secrets.maps[:static_url]
+ static_url = "https://image.maps.ls.hereapi.com/mia/1.6/mapview" if static_provider == "here" && static_url.blank?
+ config.maps = {
+ provider: static_provider,
+ api_key: Rails.application.secrets.maps[:static_api_key],
+ static: { url: static_url },
+ dynamic: {
+ provider: dynamic_provider,
+ api_key: Rails.application.secrets.maps[:dynamic_api_key]
+ }
+ }
+ config.maps[:geocoding] = { host: Rails.application.secrets.maps[:geocoding_host], use_https: true } if Rails.application.secrets.maps[:geocoding_host]
+ config.maps[:dynamic][:tile_layer] = {}
+ config.maps[:dynamic][:tile_layer][:url] = dynamic_url if dynamic_url
+ config.maps[:dynamic][:tile_layer][:attribution] = Rails.application.secrets.maps[:attribution] if Rails.application.secrets.maps[:attribution]
+ if Rails.application.secrets.maps[:extra_vars].present?
+ vars = URI.decode_www_form(Rails.application.secrets.maps[:extra_vars])
+ vars.each do |key, value|
+ # perform a naive type conversion
+ config.maps[:dynamic][:tile_layer][key] = case value
+ when /^true$|^false$/i
+ value.downcase == "true"
+ when /\A[-+]?\d+\z/
+ value.to_i
+ else
+ value
+ end
+ end
+ end
+ end
+ # Custom resource reference generator method. Check the docs for more info.
# config.reference_generator = lambda do |resource, component|
# # Implement your custom method to generate resources references
# "1234-#{resource.id}"
# end
# Currency unit
- config.currency_unit = 'CHF'
+ config.currency_unit = Rails.application.secrets.decidim[:currency_unit] if Rails.application.secrets.decidim[:currency_unit].present?
+
+ # Workaround to enable SVG assets cors
+ config.cors_enabled = Rails.application.secrets.decidim[:cors_enabled].present?
- # Disable the default redirect to https, since we use nginx for ssl termination
- config.force_ssl = false
+ # Defines the quality of image uploads after processing. Image uploads are
+ # processed by Decidim, this value helps reduce the size of the files.
+ config.image_uploader_quality = Rails.application.secrets.decidim[:image_uploader_quality].to_i
# Disable the PWA functionality including the "add to home screen" feature for now
config.service_worker_enabled = false
- # The number of reports which an object can receive before hiding it
- # config.max_reports_before_hiding = 3
+ config.maximum_attachment_size = Rails.application.secrets.decidim[:maximum_attachment_size].to_i.megabytes
+ config.maximum_avatar_size = Rails.application.secrets.decidim[:maximum_avatar_size].to_i.megabytes
+ # The number of reports which a resource can receive before hiding it
+ config.max_reports_before_hiding = Rails.application.secrets.decidim[:max_reports_before_hiding].to_i
# Custom HTML Header snippets
#
@@ -84,7 +220,24 @@
# that an organization's administrator injects malicious scripts to spy on or
# take over user accounts.
#
- config.enable_html_header_snippets = true
+ config.enable_html_header_snippets = Rails.application.secrets.decidim[:enable_html_header_snippets].present?
+ # Allow organizations admins to track newsletter links.
+ config.track_newsletter_links = Rails.application.secrets.decidim[:track_newsletter_links].present? unless Rails.application.secrets.decidim[:track_newsletter_links] == "auto"
+ # Amount of time that the download your data files will be available in the server.
+ config.download_your_data_expiry_time = Rails.application.secrets.decidim[:download_your_data_expiry_time].to_i.days
+ # Max requests in a time period to prevent DoS attacks. Only applied on production.
+ config.throttling_max_requests = Rails.application.secrets.decidim[:throttling_max_requests].to_i
+ # Time window in which the throttling is applied.
+ config.throttling_period = Rails.application.secrets.decidim[:throttling_period].to_i.minutes
+ # Time window were users can access the website even if their email is not confirmed.
+ config.unconfirmed_access_for = Rails.application.secrets.decidim[:unconfirmed_access_for].to_i.days
+ # A base path for the uploads. If set, make sure it ends in a slash.
+ # Uploads will be set to `/uploads/`. This can be useful if you
+ # want to use the same uploads place for both staging and production
+ # environments, but in different folders.
+ #
+ # If not set, it will be ignored.
+ config.base_uploads_path = Rails.application.secrets.decidim[:base_uploads_path] if Rails.application.secrets.decidim[:base_uploads_path].present?
# SMS gateway configuration
#
@@ -107,6 +260,7 @@
# end
# end
#
+ # config.sms_gateway_service = "MySMSGatewayService"
config.sms_gateway_service = 'DecidimOCL::Verifications::Sms::AspsmsGateway'
# Timestamp service configuration
@@ -131,6 +285,7 @@
# end
# end
#
+ #
# config.timestamp_service = "MyTimestampService"
# PDF signature service configuration
@@ -159,17 +314,193 @@
# Etherpad configuration
#
# Only needed if you want to have Etherpad integration with Decidim. See
- # Decidim docs at docs/services/etherpad.md in order to set it up.
+ # Decidim docs at https://docs.decidim.org/en/services/etherpad/ in order to set it up.
#
- # config.etherpad = {
- # server: Rails.application.secrets.etherpad[:server],
- # api_key: Rails.application.secrets.etherpad[:api_key],
- # api_version: Rails.application.secrets.etherpad[:api_version]
- # }
+ if Rails.application.secrets.etherpad.present? && Rails.application.secrets.etherpad[:server].present?
+ config.etherpad = {
+ server: Rails.application.secrets.etherpad[:server],
+ api_key: Rails.application.secrets.etherpad[:api_key],
+ api_version: Rails.application.secrets.etherpad[:api_version]
+ }
+ end
+
+ # Sets Decidim::Exporters::CSV's default column separator
+ config.default_csv_col_sep = Rails.application.secrets.decidim[:default_csv_col_sep] if Rails.application.secrets.decidim[:default_csv_col_sep].present?
+ # The list of roles a user can have, not considering the space-specific roles.
+ # config.user_roles = %w(admin user_manager)
+ # The list of visibility options for amendments. An Array of Strings that
+ # serve both as locale keys and values to construct the input collection in
+ # Decidim::Amendment::VisibilityStepSetting::options.
+ #
+ # This collection is used in Decidim::Admin::SettingsHelper to generate a
+ # radio buttons collection input field form for a Decidim::Component
+ # step setting :amendments_visibility.
+ # config.amendments_visibility_options = %w(all participants)
+
+ # Machine Translation Configuration
+ #
+ # See Decidim docs at https://docs.decidim.org/en/develop/machine_translations/
+ # for more information about how it works and how to set it up.
+ #
+ # Enable machine translations
+ # config.enable_machine_translations = true
+ # config.machine_translation_delay = 0.seconds
+ #
+ # If you want to enable machine translation you can create your own service
+ # to interact with third party service to translate the user content.
+ #
+ # If you still want to use "Decidim::Dev::DummyTranslator" as translator placeholder,
+ # add the follwing line at the beginning of this file:
+ # require "decidim/dev/dummy_translator"
+ #
+ # An example class would be something like:
+ #
+ # class MyTranslationService
+ # attr_reader :text, :original_locale, :target_locale
+ #
+ # def initialize(text, original_locale, target_locale)
+ # @text = text
+ # @original_locale = original_locale
+ # @target_locale = target_locale
+ # end
+ #
+ # def translate
+ # # Actual code to translate the text
+ # end
+ # end
+ #
+ # config.machine_translation_service = "MyTranslationService"
- # Do not force admins to change their password every 90 days.
- # NIST does not recommend expiring passwords: https://pages.nist.gov/800-63-FAQ/#q-b05
- config.admin_password_expiration_days = 0
+ # Defines the name of the cookie used to check if the user allows Decidim to
+ # set cookies.
+ config.consent_cookie_name = Rails.application.secrets.decidim[:consent_cookie_name] if Rails.application.secrets.decidim[:consent_cookie_name].present?
+ # Defines data consent categories and the data stored in each category.
+ # config.consent_categories = [
+ # {
+ # slug: "essential",
+ # mandatory: true,
+ # items: [
+ # {
+ # type: "cookie",
+ # name: "_session_id"
+ # },
+ # {
+ # type: "cookie",
+ # name: Decidim.consent_cookie_name
+ # }
+ # ]
+ # },
+ # {
+ # slug: "preferences",
+ # mandatory: false
+ # },
+ # {
+ # slug: "analytics",
+ # mandatory: false
+ # },
+ # {
+ # slug: "marketing",
+ # mandatory: false
+ # }
+ # ]
+ # Admin admin password configurations
+ Rails.application.secrets.dig(:decidim, :admin_password, :strong).tap do |strong_pw|
+ # When the strong password is not configured, default to true
+ config.admin_password_strong = strong_pw.nil? ? true : strong_pw.present?
+ end
+ config.admin_password_expiration_days = Rails.application.secrets.dig(:decidim, :admin_password, :expiration_days).presence || 90
+ config.admin_password_min_length = Rails.application.secrets.dig(:decidim, :admin_password, :min_length).presence || 15
+ config.admin_password_repetition_times = Rails.application.secrets.dig(:decidim, :admin_password, :repetition_times).presence || 5
+ # Additional optional configurations (see decidim-core/lib/decidim/core.rb)
+ config.cache_key_separator = Rails.application.secrets.decidim[:cache_key_separator] if Rails.application.secrets.decidim[:cache_key_separator].present?
+ config.expire_session_after = Rails.application.secrets.decidim[:expire_session_after].to_i.minutes if Rails.application.secrets.decidim[:expire_session_after].present?
+ config.enable_remember_me = Rails.application.secrets.decidim[:enable_remember_me].present? unless Rails.application.secrets.decidim[:enable_remember_me] == "auto"
+ if Rails.application.secrets.decidim[:session_timeout_interval].present?
+ config.session_timeout_interval = Rails.application.secrets.decidim[:session_timeout_interval].to_i.seconds
+ end
+ config.follow_http_x_forwarded_host = Rails.application.secrets.decidim[:follow_http_x_forwarded_host].present?
+ config.maximum_conversation_message_length = Rails.application.secrets.decidim[:maximum_conversation_message_length].to_i
+ config.password_blacklist = Rails.application.secrets.decidim[:password_blacklist] if Rails.application.secrets.decidim[:password_blacklist].present?
+ config.allow_open_redirects = Rails.application.secrets.decidim[:allow_open_redirects] if Rails.application.secrets.decidim[:allow_open_redirects].present?
+end
+if Decidim.module_installed? :api
+ Decidim::Api.configure do |config|
+ config.schema_max_per_page = Rails.application.secrets.dig(:decidim, :api, :schema_max_per_page).presence || 50
+ config.schema_max_complexity = Rails.application.secrets.dig(:decidim, :api, :schema_max_complexity).presence || 5000
+ config.schema_max_depth = Rails.application.secrets.dig(:decidim, :api, :schema_max_depth).presence || 15
+ end
+end
+if Decidim.module_installed? :proposals
+ Decidim::Proposals.configure do |config|
+ config.similarity_threshold = Rails.application.secrets.dig(:decidim, :proposals, :similarity_threshold).presence || 0.25
+ config.similarity_limit = Rails.application.secrets.dig(:decidim, :proposals, :similarity_limit).presence || 10
+ config.participatory_space_highlighted_proposals_limit = Rails.application.secrets.dig(:decidim, :proposals, :participatory_space_highlighted_proposals_limit).presence || 4
+ config.process_group_highlighted_proposals_limit = Rails.application.secrets.dig(:decidim, :proposals, :process_group_highlighted_proposals_limit).presence || 3
+ end
+end
+if Decidim.module_installed? :meetings
+ Decidim::Meetings.configure do |config|
+ config.upcoming_meeting_notification = Rails.application.secrets.dig(:decidim, :meetings, :upcoming_meeting_notification).to_i.days
+ if Rails.application.secrets.dig(:decidim, :meetings, :embeddable_services).present?
+ config.embeddable_services = Rails.application.secrets.dig(:decidim, :meetings, :embeddable_services)
+ end
+ unless Rails.application.secrets.dig(:decidim, :meetings, :enable_proposal_linking) == "auto"
+ config.enable_proposal_linking = Rails.application.secrets.dig(:decidim, :meetings, :enable_proposal_linking).present?
+ end
+ end
+end
+if Decidim.module_installed? :budgets
+ Decidim::Budgets.configure do |config|
+ unless Rails.application.secrets.dig(:decidim, :budgets, :enable_proposal_linking) == "auto"
+ config.enable_proposal_linking = Rails.application.secrets.dig(:decidim, :budgets, :enable_proposal_linking).present?
+ end
+ end
+end
+if Decidim.module_installed? :accountability
+ Decidim::Accountability.configure do |config|
+ unless Rails.application.secrets.dig(:decidim, :accountability, :enable_proposal_linking) == "auto"
+ config.enable_proposal_linking = Rails.application.secrets.dig(:decidim, :accountability, :enable_proposal_linking).present?
+ end
+ end
+end
+if Decidim.module_installed? :consultations
+ Decidim::Consultations.configure do |config|
+ config.stats_cache_expiration_time = Rails.application.secrets.dig(:decidim, :consultations, :stats_cache_expiration_time).to_i.minutes
+ end
+end
+if Decidim.module_installed? :initiatives
+ Decidim::Initiatives.configure do |config|
+ unless Rails.application.secrets.dig(:decidim, :initiatives, :creation_enabled) == "auto"
+ config.creation_enabled = Rails.application.secrets.dig(:decidim, :initiatives, :creation_enabled).present?
+ end
+ config.similarity_threshold = Rails.application.secrets.dig(:decidim, :initiatives, :similarity_threshold).presence || 0.25
+ config.similarity_limit = Rails.application.secrets.dig(:decidim, :initiatives, :similarity_limit).presence || 5
+ config.minimum_committee_members = Rails.application.secrets.dig(:decidim, :initiatives, :minimum_committee_members).presence || 2
+ config.default_signature_time_period_length = Rails.application.secrets.dig(:decidim, :initiatives, :default_signature_time_period_length).presence || 120
+ config.default_components = Rails.application.secrets.dig(:decidim, :initiatives, :default_components)
+ config.first_notification_percentage = Rails.application.secrets.dig(:decidim, :initiatives, :first_notification_percentage).presence || 33
+ config.second_notification_percentage = Rails.application.secrets.dig(:decidim, :initiatives, :second_notification_percentage).presence || 66
+ config.stats_cache_expiration_time = Rails.application.secrets.dig(:decidim, :initiatives, :stats_cache_expiration_time).to_i.minutes
+ config.max_time_in_validating_state = Rails.application.secrets.dig(:decidim, :initiatives, :max_time_in_validating_state).to_i.days
+ unless Rails.application.secrets.dig(:decidim, :initiatives, :print_enabled) == "auto"
+ config.print_enabled = Rails.application.secrets.dig(:decidim, :initiatives, :print_enabled).present?
+ end
+ config.do_not_require_authorization = Rails.application.secrets.dig(:decidim, :initiatives, :do_not_require_authorization).present?
+ end
+end
+if Decidim.module_installed? :elections
+ Decidim::Elections.configure do |config|
+ config.setup_minimum_hours_before_start = Rails.application.secrets.dig(:elections, :setup_minimum_hours_before_start).presence || 3
+ config.start_vote_maximum_hours_before_start = Rails.application.secrets.dig(:elections, :start_vote_maximum_hours_before_start).presence || 6
+ config.voter_token_expiration_minutes = Rails.application.secrets.dig(:elections, :voter_token_expiration_minutes).presence || 120
+ end
+ Decidim::Votings.configure do |config|
+ config.check_census_max_requests = Rails.application.secrets.dig(:elections, :votings, :check_census_max_requests).presence || 5
+ config.throttling_period = Rails.application.secrets.dig(:elections, :votings, :throttling_period).to_i.minutes
+ end
+ Decidim::Votings::Census.configure do |config|
+ config.census_access_codes_export_expiry_time = Rails.application.secrets.dig(:elections, :votings, :census, :access_codes_export_expiry_time).to_i.days
+ end
end
Rails.application.config.i18n.available_locales = Decidim.available_locales
diff --git a/config/initializers/session_store.rb b/config/initializers/session_store.rb
index 167dac9..fb2359c 100644
--- a/config/initializers/session_store.rb
+++ b/config/initializers/session_store.rb
@@ -19,10 +19,8 @@ def cache_reachable?
def memcache_configured?
if Rails.env.production?
ENV['RAILS_MEMCACHED_HOST'].present?
- elsif Rails.env.development?
- true
else
- false
+ Rails.env.development?
end
end
diff --git a/config/secrets.old.yml b/config/secrets.old.yml
new file mode 100644
index 0000000..fa01d9c
--- /dev/null
+++ b/config/secrets.old.yml
@@ -0,0 +1,68 @@
+# Be sure to restart your server when you modify this file.
+
+# Your secret key is used for verifying the integrity of signed cookies.
+# If you change this key, all old signed cookies will become invalid!
+
+# Make sure the secret is at least 30 characters and all random,
+# no regular words or you'll be exposed to dictionary attacks.
+# You can use `rails secret` to generate a secure secret key.
+
+# Make sure the secrets in this file are kept private
+# if you're sharing your code publicly.
+
+default: &default
+ omniauth:
+ facebook:
+ # It must be a boolean. Remember ENV variables doesn't support booleans.
+ enabled: false
+ app_id: <%= ENV["OMNIAUTH_FACEBOOK_APP_ID"] %>
+ app_secret: <%= ENV["OMNIAUTH_FACEBOOK_APP_SECRET"] %>
+ twitter:
+ enabled: false
+ api_key: <%= ENV["OMNIAUTH_TWITTER_API_KEY"] %>
+ api_secret: <%= ENV["OMNIAUTH_TWITTER_API_SECRET"] %>
+ google_oauth2:
+ enabled: false
+ client_id: <%= ENV["OMNIAUTH_GOOGLE_CLIENT_ID"] %>
+ client_secret: <%= ENV["OMNIAUTH_GOOGLE_CLIENT_SECRET"] %>
+ geocoder:
+ here_app_id: <%= ENV["GEOCODER_LOOKUP_APP_ID"] %>
+ here_app_code: <%= ENV["GEOCODER_LOOKUP_APP_CODE"] %>
+ etherpad:
+ server: <%= ENV["ETHERPAD_SERVER"] %>
+ api_key: <%= ENV["ETHERPAD_API_KEY"] %>
+ api_version: "1.2.1"
+ vapid:
+ enabled: false
+
+development:
+ <<: *default
+ secret_key_base: <%= ENV.fetch('SECRET_KEY_BASE', '749f76d782d24874f078d18c6083081809460c063f2c352c8d74dbe459dbeda0349936cf017da956ce4bbbcd4dae52c4ecd90b77ee4a1290498b32f9df0e34b9') %>
+ omniauth:
+ developer:
+ enabled: true
+ icon: phone
+
+test:
+ <<: *default
+ secret_key_base: <%= ENV.fetch('SECRET_KEY_BASE', '2e8c848373143db6e88fd8163c3e1697a79ea82a625a2a034a9fb336fa2171e8af066aad0a85baba97984fa2aa50fb588a8e3d2abfcc55618b8d2d20b0c24166') %>
+ omniauth:
+ facebook:
+ enabled: true
+ twitter:
+ enabled: true
+ google_oauth2:
+ enabled: true
+
+# Do not keep production secrets in the repository,
+# instead read values from the environment.
+production:
+ <<: *default
+ secret_key_base: <%= ENV["SECRET_KEY_BASE"] %>
+ smtp_username: <%= ENV["SMTP_USERNAME"] %>
+ smtp_password: <%= ENV["SMTP_PASSWORD"] %>
+ smtp_address: <%= ENV["SMTP_ADDRESS"] %>
+ smtp_domain: <%= ENV["SMTP_DOMAIN"] %>
+ smtp_port: "587"
+ smtp_starttls_auto: true
+ smtp_authentication: "plain"
diff --git a/config/secrets.yml b/config/secrets.yml
index fa01d9c..b1ccca8 100644
--- a/config/secrets.yml
+++ b/config/secrets.yml
@@ -65,4 +65,4 @@ production:
smtp_domain: <%= ENV["SMTP_DOMAIN"] %>
smtp_port: "587"
smtp_starttls_auto: true
- smtp_authentication: "plain"
+ smtp_authentication: "plain"
\ No newline at end of file
diff --git a/db/schema.rb b/db/schema.rb
index c3bf6ab..3eb502e 100644
--- a/db/schema.rb
+++ b/db/schema.rb
@@ -13,7 +13,6 @@
ActiveRecord::Schema.define(version: 2024_11_01_162638) do
# These are extensions that must be enabled in order to support this database
- enable_extension "fuzzystrmatch"
enable_extension "ltree"
enable_extension "pg_trgm"
enable_extension "plpgsql"