Fix users can comment into private assembly

[isaacmg410]

🎩 What? Why?

This PR fixes that as a normal user (no private user) I can comment on a private assembly where is available. Meetigns, Proposals, etc.

📌 Related Issues

• Related to Private processes or assemblies #2618 Non private users can participate to a private, transparent assembly #3438
• Fixes I can comment as a normal user in a private assembly #4869

📋 Subtasks

• Add CHANGELOG entry
• Add tests

📷 Screenshots (optional)

[mrcasals]

@isaacmg410 can we close #4893 then?

[isaacmg410]

@mrcasals yes! I will close now!

[isaacmg410]

@decidim/lot-core Can you make a first review, please? I know that there are some failing tests,but your review will be helpful

[mrcasals]

This should be removed.

[mrcasals]

Maybe I'd replace userCanComment with userAllowedToComment, or something similar. Maybe the user cannot comment because comments are not enabled, but "allowed" is tightly bound to permissions (which is what we're checking here)

[mrcasals]

What do you think about moving this to the concerns? This way logic can be overwritten by each participatory space. Take into account that this should work for all existing participatory spaces.

# participable.rb
def can_participate?(user)
  user.present?
end

# models/assembly.rb
def can_participate?(user)
  return true unless participatory_space.private_space?
  return false unless user

  participatory_space.users.include?(user)
end

# has_component.rb
def can_participate_in_space?(user)
  participatory_space.can_participate?(user)
end

[mrcasals]

Or even, move this logic to the permissions system, since this is what we're checking here: whether the user has permissions to comment on that space or not. Then you can skip these methods, move this to the permissions system and check the permissions in the API.

[isaacmg410]

@mrcasals is there any example of what you are saying?

move this to the permissions system and check the permissions in the API.

[isaacmg410]

also, this two methods already existis in concerns.

# participable.rb
def can_participate?(user)
  user.present?
end

# models/assembly.rb
def can_participate?(user)
  return true unless participatory_space.private_space?
  return false unless user

  participatory_space.users.include?(user)
end

So, I will extend the functionality using concerns.

[isaacmg410]

@decidim/lot-core de failing specs, are working good in local development. Any idea on how to solve it?

[isaacmg410]

@mrcasals got it! is this screenshot no? 👏 👏

[mrcasals]

@isaacmg410 yup!

[isaacmg410]

@decidim/lot-core ready to review and merge 😄

[isaacmg410]

Ei @decidim/lot-core all checks are green and no conflicts, can you review it againg, please?

[tramuntanal]

👏 👏