Authorizable comment action for proposals

[verarojman]

🎩 What? Why?

By default, all registered users can create comments in a proposal (if comments are enabled). With this feature, admins will have the possibility to choose the verification method required for users to create comments in proposals.

This PR introduces the comment and vote_comment authorizable actions for proposals

Note: Only works for comments linked to components, not participatory spaces (meaning that this do not apply to questions in consultations as a question is treated as a participatory space). This is because the whole system of dealing with permissions in modals and other checks require a component (current_component) available. This should be refactored in another PR. See note in

decidim/decidim-comments/app/cells/decidim/comments/comment_cell.rb

Lines 161 to 163 in ec48813

	# actions are linked to objects belonging to a component
	# In consultations, a question belong to a participatory_space but it has comments
	# To apply :comment permission, the modal authorizer should be refactored to allow participatory spaces-level comments

📌 Related Issues

• Related to Proposal 15785 in metadecidim

Testing

• In the admin, visit any participatory space that has a proposals component.
• Go to the proposals list
• Click on the 🔑 icon to set permissions for one of those proposals
• Choose a verification method for the "Comment" action
• Choose a verification method for the "Vote Comment" action
• Visit the public page for the proposal
• Try to comment
• Try to vote an existing comment

📋 Checklist

• Manage permissions in admin for vote and vote_comment actions for a Proposal.
• Restrict commenting a Proposal if user not authorized
• Restrict voting a comment in a Proposal if user not authorized
• Add permissions to proposals globally
• Add permissions to proposals per-resource (individual)
• Show a button with the verification page i user is not?
• Give feedback to the user when trying to vote a comment and it is not allowed
• Tests cases with different verification statuses (at component level or resource level):
• I can comment but not vote
• I can vote but not comment
• I can comment and vote
• I cannot comment nor vote
• Add test cases for the controller comment and vote_comment permission class
• Add screenshots

📷 Screenshots

[mrcasals]

@microstudi @verarojman I now it's not ready for review, but just a heads-up: tests seem to be failing!

[verarojman]

Thanks @mrcasals, we've frozen this PR until we finish other tasks with higher priorities ;) As soon as we can we'll make the necessary changes and make sure tests pass.

[mrcasals]

@verarojman oh, ok! Thanks for the explanation! 😄

[verarojman]

Hi @mrcasals, this is finally ready for review thanks to @aitorlb ❤️