From 97ce32fd5246ccac5b0443305a371eb5076852f7 Mon Sep 17 00:00:00 2001 From: Pete Matsyburka Date: Tue, 7 Apr 2026 16:34:15 +0300 Subject: [PATCH 01/14] set attachment name --- lib/submitters.rb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lib/submitters.rb b/lib/submitters.rb index be0690b1..02f29d4f 100644 --- a/lib/submitters.rb +++ b/lib/submitters.rb @@ -138,7 +138,7 @@ module Submitters ActiveStorage::Attachment.create!( blob:, - name: params[:name], + name: 'attachments', record: submitter ) end From 339ceda18dd1229d173ec7206a2a29ce09da33bb Mon Sep 17 00:00:00 2001 From: Pete Matsyburka Date: Tue, 7 Apr 2026 17:59:20 +0300 Subject: [PATCH 02/14] upload attachment if not completed --- app/controllers/api/attachments_controller.rb | 14 ++++++++++++++ 1 file changed, 14 insertions(+) diff --git a/app/controllers/api/attachments_controller.rb b/app/controllers/api/attachments_controller.rb index f00552cd..c81aa0f9 100644 --- a/app/controllers/api/attachments_controller.rb +++ b/app/controllers/api/attachments_controller.rb @@ -10,6 +10,12 @@ module Api def create submitter = Submitter.find_by!(slug: params[:submitter_slug]) + unless can_upload?(submitter) + Rollbar.error("Can't upload: #{submitter.id}") if defined?(Rollbar) + + return render json: { error: I18n.t('form_has_been_archived') }, status: :unprocessable_content + end + if params[:type].in?(%w[initials signature]) image = Vips::Image.new_from_file(params[:file].path) @@ -40,6 +46,14 @@ module Api render json: { error: e.message }, status: :unprocessable_content end + def can_upload?(submitter) + !submitter.declined_at? && + !submitter.completed_at? && + !submitter.submission.archived_at? && + !submitter.submission.expired? && + !submitter.submission.template&.archived_at? + end + def build_new_cookie_signatures_json(submitter, attachment) values = begin From 20375c3a4224e76ce1e4d0e58cdf501154328f51 Mon Sep 17 00:00:00 2001 From: Pete Matsyburka Date: Wed, 8 Apr 2026 08:40:41 +0300 Subject: [PATCH 03/14] update gem --- Gemfile.lock | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Gemfile.lock b/Gemfile.lock index 27ceef50..0d90a305 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -388,7 +388,7 @@ GEM rack (3.2.6) rack-proxy (0.7.7) rack - rack-session (2.1.1) + rack-session (2.1.2) base64 (>= 0.1.0) rack (>= 3.0.0) rack-test (2.2.0) From 89e797b95f14737923a5b249d88d6055c647fd00 Mon Sep 17 00:00:00 2001 From: Pete Matsyburka Date: Wed, 8 Apr 2026 10:29:45 +0300 Subject: [PATCH 04/14] update message --- app/controllers/accounts_controller.rb | 4 +++- config/locales/i18n.yml | 21 ++++++++++++++------- 2 files changed, 17 insertions(+), 8 deletions(-) diff --git a/app/controllers/accounts_controller.rb b/app/controllers/accounts_controller.rb index b24c6b45..49314f32 100644 --- a/app/controllers/accounts_controller.rb +++ b/app/controllers/accounts_controller.rb @@ -53,7 +53,9 @@ class AccountsController < ApplicationController # rubocop:disable Layout/LineLength render turbo_stream: turbo_stream.replace( :account_delete_button, - html: helpers.tag.p(I18n.t('your_account_removal_request_will_be_processed_within_2_months_please_contact_us_if_you_want_to_keep_your_account')) + html: helpers.tag.p(I18n.t('your_account_will_be_permanently_deleted_within_2_months_please_contact_us_if_you_want_to_keep_your_account')) + + helpers.tag.br + + helpers.tag.p(I18n.t('your_email_address_has_been_released_immediately_you_can_now_be_added_to_your_company_team_without_waiting_for_the_deletion_period_to_end')) ) # rubocop:enable Layout/LineLength end diff --git a/config/locales/i18n.yml b/config/locales/i18n.yml index 0baaa19b..da006683 100644 --- a/config/locales/i18n.yml +++ b/config/locales/i18n.yml @@ -30,6 +30,7 @@ en: &en thanks: Thanks private: Private _variables: Variables + your_email_address_has_been_released_immediately_you_can_now_be_added_to_your_company_team_without_waiting_for_the_deletion_period_to_end: Your email address has been released immediately. If you're joining a team, you can now be invited to your company team without waiting for the deletion period to end. make_all_newly_created_templates_private_to_their_creator_and_admins_by_default: Make all newly created templates private to their creator and admins by default. create_templates_with_admin_access_by_default: Create templates with admin access by default require_email_2fa: Require email 2FA @@ -218,7 +219,7 @@ en: &en you_are_scheduling_your_account_for_deletion_after_deletion_your_data_will_be_permanently_removed_and_cannot_be_recovered_click_ok_if_you_would_like_to_continue: "You are scheduling your account for deletion. After deletion, your data will be permanently removed and cannot be recovered.\n\nClick OK if you would like to continue." account_information_has_been_updated: Account information has been updated. should_be_a_valid_url: should be a valid URL - your_account_removal_request_will_be_processed_within_2_months_please_contact_us_if_you_want_to_keep_your_account: Your account removal request will be processed within 2 months. Please contact us if you want to keep your account. + your_account_will_be_permanently_deleted_within_2_months_please_contact_us_if_you_want_to_keep_your_account: Your account will be permanently deleted within 2 months. Please contact us if you want to keep your account. test_mode: Test mode copy: Copy copied: Copied @@ -1083,6 +1084,7 @@ es: &es re_connect_stripe: Volver a conectar Stripe private: Privado _variables: Variables + your_email_address_has_been_released_immediately_you_can_now_be_added_to_your_company_team_without_waiting_for_the_deletion_period_to_end: Su dirección de correo electrónico ha sido liberada inmediatamente. Si se une a un equipo, ahora puede ser invitado al equipo de su empresa sin esperar a que finalice el período de eliminación. make_all_newly_created_templates_private_to_their_creator_and_admins_by_default: Hacer que todas las plantillas recién creadas sean privadas para su creador y los administradores por defecto. create_templates_with_admin_access_by_default: Crear plantillas con acceso de administrador por defecto require_email_2fa: Requerir 2FA por correo electrónico @@ -1256,7 +1258,7 @@ es: &es you_are_scheduling_your_account_for_deletion_after_deletion_your_data_will_be_permanently_removed_and_cannot_be_recovered_click_ok_if_you_would_like_to_continue: "Estás programando la eliminación de tu cuenta. Después de la eliminación, tus datos se eliminarán permanentemente y no podrán recuperarse.\n\nHaz clic en OK si deseas continuar." account_information_has_been_updated: La información de la cuenta ha sido actualizada. should_be_a_valid_url: debe ser una URL válida - your_account_removal_request_will_be_processed_within_2_months_please_contact_us_if_you_want_to_keep_your_account: Tu solicitud de eliminación de cuenta se procesará en un plazo de 2 meses. Por favor contáctanos si deseas mantener tu cuenta. + your_account_will_be_permanently_deleted_within_2_months_please_contact_us_if_you_want_to_keep_your_account: Tu solicitud de eliminación de cuenta se procesará en un plazo de 2 meses. Por favor contáctanos si deseas mantener tu cuenta. test_mode: Modo de prueba copy: Copiar copied: Copiado @@ -2118,6 +2120,7 @@ it: &it re_connect_stripe: Ricollega Stripe private: Privato _variables: Variabili + your_email_address_has_been_released_immediately_you_can_now_be_added_to_your_company_team_without_waiting_for_the_deletion_period_to_end: Il tuo indirizzo email è stato rilasciato immediatamente. Se stai per unirti a un team, ora puoi essere invitato nel team della tua azienda senza aspettare la fine del periodo di eliminazione. make_all_newly_created_templates_private_to_their_creator_and_admins_by_default: Rendere tutte le nuove template private per il creatore e gli amministratori per impostazione predefinita. create_templates_with_admin_access_by_default: Crea modelli con accesso amministratore per impostazione predefinita require_email_2fa: Richiedi 2FA email @@ -2291,7 +2294,7 @@ it: &it you_are_scheduling_your_account_for_deletion_after_deletion_your_data_will_be_permanently_removed_and_cannot_be_recovered_click_ok_if_you_would_like_to_continue: "Stai programmando l'eliminazione del tuo account. Dopo l'eliminazione, i tuoi dati saranno rimossi in modo permanente e non potranno essere recuperati.\n\nFai clic su OK se desideri continuare." account_information_has_been_updated: "Le informazioni dell'account sono state aggiornate." should_be_a_valid_url: deve essere un URL valido - your_account_removal_request_will_be_processed_within_2_months_please_contact_us_if_you_want_to_keep_your_account: "La tua richiesta di rimozione dell'account sarà elaborata entro 2 mesi. Contattaci se desideri mantenere il tuo account." + your_account_will_be_permanently_deleted_within_2_months_please_contact_us_if_you_want_to_keep_your_account: "La tua richiesta di rimozione dell'account sarà elaborata entro 2 mesi. Contattaci se desideri mantenere il tuo account." test_mode: Modalità di test copy: Copia copied: Copiato @@ -3154,6 +3157,7 @@ fr: &fr re_connect_stripe: Reconnecter Stripe private: Privé _variables: Variables + your_email_address_has_been_released_immediately_you_can_now_be_added_to_your_company_team_without_waiting_for_the_deletion_period_to_end: Votre adresse e-mail a été libérée immédiatement. Si vous rejoignez une équipe, vous pouvez maintenant être invité dans l'équipe de votre entreprise sans attendre la fin de la période de suppression. make_all_newly_created_templates_private_to_their_creator_and_admins_by_default: Rendre tous les nouveaux modèles privés pour leur créateur et les administrateurs par défaut. create_templates_with_admin_access_by_default: Créer des modèles avec un accès administrateur par défaut require_email_2fa: Exiger la 2FA par email @@ -3327,7 +3331,7 @@ fr: &fr you_are_scheduling_your_account_for_deletion_after_deletion_your_data_will_be_permanently_removed_and_cannot_be_recovered_click_ok_if_you_would_like_to_continue: "Vous planifiez la suppression de votre compte. Après suppression, vos données seront définitivement supprimées et ne pourront pas être récupérées.\n\nCliquez sur OK pour continuer." account_information_has_been_updated: Les informations du compte ont été mises à jour. should_be_a_valid_url: doit être une URL valide - your_account_removal_request_will_be_processed_within_2_months_please_contact_us_if_you_want_to_keep_your_account: Votre demande de suppression de compte sera traitée sous 2 mois. Veuillez nous contacter si vous souhaitez conserver votre compte. + your_account_will_be_permanently_deleted_within_2_months_please_contact_us_if_you_want_to_keep_your_account: Votre demande de suppression de compte sera traitée sous 2 mois. Veuillez nous contacter si vous souhaitez conserver votre compte. test_mode: Mode test copy: Copier copied: Copié @@ -4186,6 +4190,7 @@ pt: &pt re_connect_stripe: Reconectar Stripe private: Privado _variables: Variáveis + your_email_address_has_been_released_immediately_you_can_now_be_added_to_your_company_team_without_waiting_for_the_deletion_period_to_end: Seu endereço de e-mail foi liberado imediatamente. Se você estiver entrando em uma equipe, agora pode ser convidado para a equipe da sua empresa sem esperar o fim do período de exclusão. make_all_newly_created_templates_private_to_their_creator_and_admins_by_default: Tornar todos os modelos recém-criados privados para seu criador e administradores por padrão. create_templates_with_admin_access_by_default: Criar modelos com acesso de administrador por padrão require_email_2fa: Exigir 2FA por email @@ -4359,7 +4364,7 @@ pt: &pt you_are_scheduling_your_account_for_deletion_after_deletion_your_data_will_be_permanently_removed_and_cannot_be_recovered_click_ok_if_you_would_like_to_continue: "Você está agendando a exclusão da sua conta. Após a exclusão, seus dados serão permanentemente removidos e não poderão ser recuperados.\n\nClique em OK se desejar continuar." account_information_has_been_updated: As informações da conta foram atualizadas. should_be_a_valid_url: deve ser um URL válido - your_account_removal_request_will_be_processed_within_2_months_please_contact_us_if_you_want_to_keep_your_account: Seu pedido de remoção da conta será processado em até 2 meses. Entre em contato conosco se você quiser manter sua conta. + your_account_will_be_permanently_deleted_within_2_months_please_contact_us_if_you_want_to_keep_your_account: Seu pedido de remoção da conta será processado em até 2 meses. Entre em contato conosco se você quiser manter sua conta. test_mode: Modo de teste copy: Copiar copied: Copiado @@ -5207,6 +5212,7 @@ de: &de thanks: Danke private: Privat _variables: Variablen + your_email_address_has_been_released_immediately_you_can_now_be_added_to_your_company_team_without_waiting_for_the_deletion_period_to_end: Ihre E-Mail-Adresse wurde sofort freigegeben. Wenn Sie einem Team beitreten, können Sie jetzt in das Team Ihres Unternehmens eingeladen werden, ohne auf das Ende der Löschfrist warten zu müssen. make_all_newly_created_templates_private_to_their_creator_and_admins_by_default: Alle neu erstellten Vorlagen standardmäßig nur für ihren Ersteller und Administratoren sichtbar machen. create_templates_with_admin_access_by_default: Vorlagen standardmäßig mit Administratorzugriff erstellen require_email_2fa: E-Mail 2FA erforderlich @@ -5394,7 +5400,7 @@ de: &de you_are_scheduling_your_account_for_deletion_after_deletion_your_data_will_be_permanently_removed_and_cannot_be_recovered_click_ok_if_you_would_like_to_continue: "Sie planen die Löschung Ihres Kontos. Nach der Löschung werden Ihre Daten dauerhaft entfernt und können nicht wiederhergestellt werden.\n\nKlicken Sie auf OK, wenn Sie fortfahren möchten." account_information_has_been_updated: Die Kontoinformationen wurden aktualisiert. should_be_a_valid_url: sollte eine gültige URL sein - your_account_removal_request_will_be_processed_within_2_months_please_contact_us_if_you_want_to_keep_your_account: Ihre Anfrage zur Kontolöschung wird innerhalb von 2 Monaten bearbeitet. Bitte kontaktieren Sie uns, wenn Sie Ihr Konto behalten möchten. + your_account_will_be_permanently_deleted_within_2_months_please_contact_us_if_you_want_to_keep_your_account: Ihre Anfrage zur Kontolöschung wird innerhalb von 2 Monaten bearbeitet. Bitte kontaktieren Sie uns, wenn Sie Ihr Konto behalten möchten. test_mode: Testmodus copy: Kopieren copied: Kopiert @@ -6642,6 +6648,7 @@ nl: &nl thanks: Bedankt private: Privé _variables: Variabelen + your_email_address_has_been_released_immediately_you_can_now_be_added_to_your_company_team_without_waiting_for_the_deletion_period_to_end: Uw e-mailadres is onmiddellijk vrijgegeven. Als u lid wordt van een team, kunt u nu worden uitgenodigd voor het team van uw bedrijf zonder te wachten tot de verwijderingsperiode is afgelopen. make_all_newly_created_templates_private_to_their_creator_and_admins_by_default: Maak alle nieuw aangemaakte sjablonen standaard privé voor hun maker en admins. create_templates_with_admin_access_by_default: Sjablonen standaard met admin-toegang maken require_email_2fa: E-mail 2FA vereist @@ -6830,7 +6837,7 @@ nl: &nl you_are_scheduling_your_account_for_deletion_after_deletion_your_data_will_be_permanently_removed_and_cannot_be_recovered_click_ok_if_you_would_like_to_continue: "U plant uw account voor verwijdering. Na verwijdering worden uw gegevens permanent verwijderd en kunnen ze niet worden hersteld.\n\nKlik op OK als u wilt doorgaan." account_information_has_been_updated: Accountinformatie is bijgewerkt. should_be_a_valid_url: moet een geldige URL zijn - your_account_removal_request_will_be_processed_within_2_months_please_contact_us_if_you_want_to_keep_your_account: Uw verzoek tot verwijdering van uw account wordt binnen 2 maanden verwerkt. Neem contact met ons op als u uw account wilt behouden. + your_account_will_be_permanently_deleted_within_2_months_please_contact_us_if_you_want_to_keep_your_account: Uw verzoek tot verwijdering van uw account wordt binnen 2 maanden verwerkt. Neem contact met ons op als u uw account wilt behouden. test_mode: Testmodus copy: Kopiëren copied: Gekopieerd From 2303c21cea273f2cf58ac1bc6ee710f583fd7030 Mon Sep 17 00:00:00 2001 From: Pete Matsyburka Date: Wed, 8 Apr 2026 11:23:59 +0300 Subject: [PATCH 05/14] download users csv --- app/controllers/users_controller.rb | 14 +++++++++++++- app/views/users/_bottom_links.html.erb | 14 +++++++++++++- lib/users.rb | 15 +++++++++++++++ 3 files changed, 41 insertions(+), 2 deletions(-) create mode 100644 lib/users.rb diff --git a/app/controllers/users_controller.rb b/app/controllers/users_controller.rb index 9affdf4c..2d8f818f 100644 --- a/app/controllers/users_controller.rb +++ b/app/controllers/users_controller.rb @@ -16,7 +16,19 @@ class UsersController < ApplicationController @users.active.where.not(role: 'integration') end - @pagy, @users = pagy(@users.preload(account: :account_accesses).where(account: current_account).order(id: :desc)) + @users = @users.preload(account: :account_accesses).where(account: current_account).order(id: :desc) + + respond_to do |format| + format.html do + @pagy, @users = pagy(@users) + end + + if current_ability.can?(:manage, current_account) + format.csv do + send_data Users.generate_csv(@users), filename: "users-#{Time.current.iso8601}.csv", type: 'text/csv' + end + end + end end def new; end diff --git a/app/views/users/_bottom_links.html.erb b/app/views/users/_bottom_links.html.erb index 8fbc73e1..7f8c234b 100644 --- a/app/views/users/_bottom_links.html.erb +++ b/app/views/users/_bottom_links.html.erb @@ -1,15 +1,27 @@
+ <% if (is_with_download = can?(:manage, :download_users) && can?(:manage, current_account)) %> + <%= button_to(t(:download), url_for(format: :csv), class: 'link text-sm', form: { class: 'flex' }, method: :get) %> + <% end %> <% if %w[archived integration].include?(params[:status]) %> + <% if is_with_download %> + | + <% end %> <%= link_to t('view_active'), settings_users_path, class: 'link text-sm' %> <% else %> <% archived_exists = current_account.users.archived.where.not(role: 'integration').exists? %> - <% if current_account.users.active.exists?(role: 'integration') %> + <% if (integration_exists = current_account.users.active.exists?(role: 'integration')) %> + <% if is_with_download %> + | + <% end %> <%= link_to t('view_embedding_users'), settings_integration_users_path, class: 'link text-sm' %> <% if archived_exists %> | <% end %> <% end %> <% if archived_exists %> + <% if !integration_exists && is_with_download %> + | + <% end %> <%= link_to t('view_archived'), settings_archived_users_path, class: 'link text-sm' %> <% end %> <% end %> diff --git a/lib/users.rb b/lib/users.rb new file mode 100644 index 00000000..49989a4f --- /dev/null +++ b/lib/users.rb @@ -0,0 +1,15 @@ +# frozen_string_literal: true + +module Users + module_function + + def generate_csv(users) + headers = %w[email first_name last_name role current_sign_in_at last_sign_in_at updated_at created_at] + + CSVSafe.generate do |csv| + csv << headers + + users.each { |user| csv << user.values_at(*headers) } + end + end +end From cf09a4f733b0564bb653bd0766b95032f4cc1294 Mon Sep 17 00:00:00 2001 From: Pete Matsyburka Date: Wed, 8 Apr 2026 12:24:31 +0300 Subject: [PATCH 06/14] update gem --- Gemfile.lock | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Gemfile.lock b/Gemfile.lock index 0d90a305..de5ce993 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -75,7 +75,7 @@ GEM securerandom (>= 0.3) tzinfo (~> 2.0, >= 2.0.5) uri (>= 0.13.1) - addressable (2.8.9) + addressable (2.9.0) public_suffix (>= 2.0.2, < 8.0) annotaterb (4.22.0) activerecord (>= 6.0.0) From ff53436fd49761009856341bcde318b9081759cc Mon Sep 17 00:00:00 2001 From: Pete Matsyburka Date: Wed, 8 Apr 2026 17:18:38 +0300 Subject: [PATCH 07/14] fix dynamic editor layout --- app/javascript/template_builder/dynamic_editor.js | 4 ---- 1 file changed, 4 deletions(-) diff --git a/app/javascript/template_builder/dynamic_editor.js b/app/javascript/template_builder/dynamic_editor.js index bb4c7743..745f95d0 100644 --- a/app/javascript/template_builder/dynamic_editor.js +++ b/app/javascript/template_builder/dynamic_editor.js @@ -19,10 +19,6 @@ export const tiptapStylesheet = new CSSStyleSheet() tiptapStylesheet.replaceSync( `.ProseMirror { - position: relative; -} - -.ProseMirror { word-wrap: break-word; white-space: pre-wrap; white-space: break-spaces; From 8f8b36617a85562db34aac3e042de260a6a378f6 Mon Sep 17 00:00:00 2001 From: Pete Matsyburka Date: Fri, 10 Apr 2026 11:07:19 +0300 Subject: [PATCH 08/14] fix first party download from preview --- .../submissions_download_controller.rb | 60 +++-------------- .../submissions_preview_controller.rb | 8 ++- .../submitters_download_controller.rb | 66 +++++++++++++++++++ app/views/submissions/show.html.erb | 7 +- config/routes.rb | 3 +- lib/submitters.rb | 32 +++++++++ 6 files changed, 118 insertions(+), 58 deletions(-) create mode 100644 app/controllers/submitters_download_controller.rb diff --git a/app/controllers/submissions_download_controller.rb b/app/controllers/submissions_download_controller.rb index 39dee165..98e369be 100644 --- a/app/controllers/submissions_download_controller.rb +++ b/app/controllers/submissions_download_controller.rb @@ -5,30 +5,20 @@ class SubmissionsDownloadController < ApplicationController skip_authorization_check TTL = 40.minutes - FILES_TTL = 5.minutes def index - @submitter = Submitter.find_signed(params[:sig], purpose: :download_completed) if params[:sig].present? + @submission = Submission.find_by!(slug: params[:submission_slug] || params[:submissions_preview_slug]) - signature_valid = - if @submitter&.slug == params[:submitter_slug] - true - else - @submitter = nil - end - - @submitter ||= Submitter.find_by!(slug: params[:submitter_slug]) - - Submissions::EnsureResultGenerated.call(@submitter) - - last_submitter = @submitter.submission.submitters.where.not(completed_at: nil).order(:completed_at).last - - return head :not_found unless last_submitter + last_submitter = @submission.submitters.where.not(completed_at: nil).order(:completed_at).last Submissions::EnsureResultGenerated.call(last_submitter) - if !signature_valid && !current_user_submitter?(last_submitter) - return head :not_found unless Submitters::AuthorizedForForm.call(@submitter, current_user, request) + unless current_user_submitter?(last_submitter) + unless Submitters::AuthorizedForForm.call(last_submitter, current_user, request) + Rollbar.info("2FA download error: #{last_submitter.id}") if defined?(Rollbar) + + return head :not_found + end if last_submitter.completed_at < TTL.ago Rollbar.info("TTL: #{last_submitter.id}") if defined?(Rollbar) @@ -40,14 +30,14 @@ class SubmissionsDownloadController < ApplicationController if params[:combined] == 'true' respond_with_combined(last_submitter) else - render json: build_urls(last_submitter) + render json: Submitters.build_document_urls(last_submitter) end end private def respond_with_combined(submitter) - url = build_combined_url(submitter) + url = Submitters.build_combined_url(submitter) if url render json: [url] @@ -59,34 +49,4 @@ class SubmissionsDownloadController < ApplicationController def current_user_submitter?(submitter) current_user && current_ability.can?(:read, submitter) end - - def build_urls(submitter) - filename_format = AccountConfig.find_or_initialize_by(account_id: submitter.account_id, - key: AccountConfig::DOCUMENT_FILENAME_FORMAT_KEY)&.value - - Submitters.select_attachments_for_download(submitter).map do |attachment| - ActiveStorage::Blob.proxy_path( - attachment.blob, - expires_at: FILES_TTL.from_now.to_i, - filename: Submitters.build_document_filename(submitter, attachment.blob, filename_format) - ) - end - end - - def build_combined_url(submitter) - return if submitter.submission.submitters.exists?(completed_at: nil) - return if submitter.submission.submitters.order(:completed_at).last != submitter - - attachment = submitter.submission.combined_document_attachment - attachment ||= Submissions::EnsureCombinedGenerated.call(submitter) - - filename_format = AccountConfig.find_or_initialize_by(account_id: submitter.account_id, - key: AccountConfig::DOCUMENT_FILENAME_FORMAT_KEY)&.value - - ActiveStorage::Blob.proxy_path( - attachment.blob, - expires_at: FILES_TTL.from_now.to_i, - filename: Submitters.build_document_filename(submitter, attachment.blob, filename_format) - ) - end end diff --git a/app/controllers/submissions_preview_controller.rb b/app/controllers/submissions_preview_controller.rb index 6163c36b..10e45358 100644 --- a/app/controllers/submissions_preview_controller.rb +++ b/app/controllers/submissions_preview_controller.rb @@ -10,13 +10,15 @@ class SubmissionsPreviewController < ApplicationController TTL = 40.minutes def show - submitter = Submitter.find_signed(params[:sig], purpose: :download_completed) if params[:sig].present? + @sig_submitter = Submitter.find_signed(params[:sig], purpose: :download_completed) if params[:sig].present? signature_valid = - if submitter && submitter.submission.slug == params[:slug] - @submission = submitter.submission + if @sig_submitter && @sig_submitter.submission.slug == params[:slug] + @submission = @sig_submitter.submission true + else + @sig_submitter = nil end @submission ||= Submission.find_by!(slug: params[:slug]) diff --git a/app/controllers/submitters_download_controller.rb b/app/controllers/submitters_download_controller.rb new file mode 100644 index 00000000..28a354bc --- /dev/null +++ b/app/controllers/submitters_download_controller.rb @@ -0,0 +1,66 @@ +# frozen_string_literal: true + +class SubmittersDownloadController < ApplicationController + skip_before_action :authenticate_user! + skip_authorization_check + + TTL = 40.minutes + FILES_TTL = 5.minutes + + def index + @submitter = Submitter.find_signed(params[:sig], purpose: :download_completed) if params[:sig].present? + + signature_valid = + if @submitter&.slug == params[:submitter_slug] + true + else + @submitter = nil + end + + @submitter ||= Submitter.find_by!(slug: params[:submitter_slug]) + + Submissions::EnsureResultGenerated.call(@submitter) + + last_submitter = @submitter.submission.submitters.where.not(completed_at: nil).order(:completed_at).last + + return head :not_found unless last_submitter + + Submissions::EnsureResultGenerated.call(last_submitter) + + if !signature_valid && !current_user_submitter?(last_submitter) + unless Submitters::AuthorizedForForm.call(@submitter, current_user, request) + Rollbar.info("2FA download error: #{last_submitter.id}") if defined?(Rollbar) + + return head :not_found + end + + if last_submitter.completed_at < TTL.ago + Rollbar.info("TTL: #{last_submitter.id}") if defined?(Rollbar) + + return head :not_found + end + end + + if params[:combined] == 'true' + respond_with_combined(last_submitter) + else + render json: Submitters.build_document_urls(last_submitter) + end + end + + private + + def respond_with_combined(submitter) + url = Submitters.build_combined_url(submitter) + + if url + render json: [url] + else + head :not_found + end + end + + def current_user_submitter?(submitter) + current_user && current_ability.can?(:read, submitter) + end +end diff --git a/app/views/submissions/show.html.erb b/app/views/submissions/show.html.erb index f925f6ce..bf8e6eba 100644 --- a/app/views/submissions/show.html.erb +++ b/app/views/submissions/show.html.erb @@ -15,7 +15,6 @@ <% (@submission.name || @submission.template.name).split(/(_)/).each do |item| %><%= item %><% end %>
- <% last_submitter = @submission.submitters.to_a.select(&:completed_at?).max_by(&:completed_at) %> <% is_all_completed = @submission.submitters.to_a.all?(&:completed_at?) %> <% if signed_in? && can?(:create, @submission) && @submission.archived_at? && !is_all_completed %> <%= button_to button_title(title: t('unarchive'), disabled_with: t('unarchive')[0..-2], icon: svg_icon('rotate', class: 'w-6 h-6')), submission_unarchive_index_path(@submission), class: 'btn btn-primary btn-ghost text-base hidden md:flex' %> @@ -31,10 +30,10 @@ <% end %> <% end %> - <% if last_submitter %> + <% if is_all_completed || @submission.submitters.to_a.any?(&:completed_at?) %> <% if is_all_completed || !is_combined_enabled %>
- + <%= svg_icon('download', class: 'w-6 h-6') %> @@ -53,7 +52,7 @@
  • - + <%= svg_icon('download', class: 'w-6 h-6 flex-shrink-0') %> <%= t('download_combined_pdf') %> diff --git a/config/routes.rb b/config/routes.rb index ee700493..53ebe582 100644 --- a/config/routes.rb +++ b/config/routes.rb @@ -155,12 +155,13 @@ Rails.application.routes.draw do resources :submissions_preview, only: %i[show], path: 'e', param: 'slug' do get :completed + resources :download, only: %i[index], controller: 'submissions_download' end resources :send_submission_email, only: %i[create] resources :submitters, only: %i[], param: 'slug' do - resources :download, only: %i[index], controller: 'submissions_download' + resources :download, only: %i[index], controller: 'submitters_download' resources :send_email, only: %i[create], controller: 'submitters_send_email' resources :debug, only: %i[index], controller: 'submissions_debug' if Rails.env.development? end diff --git a/lib/submitters.rb b/lib/submitters.rb index 02f29d4f..1dfb9c1c 100644 --- a/lib/submitters.rb +++ b/lib/submitters.rb @@ -25,6 +25,8 @@ module Submitters drv scr ins isp mst paf prf shb shs slk ws wsc inf1 inf2 ].freeze) + FILES_TTL = 5.minutes + module_function def search(current_user, submitters, keyword) @@ -254,6 +256,36 @@ module Submitters true end + def build_document_urls(submitter, ttl: FILES_TTL) + filename_format = AccountConfig.find_or_initialize_by(account_id: submitter.account_id, + key: AccountConfig::DOCUMENT_FILENAME_FORMAT_KEY)&.value + + Submitters.select_attachments_for_download(submitter).map do |attachment| + ActiveStorage::Blob.proxy_path( + attachment.blob, + expires_at: ttl.from_now.to_i, + filename: Submitters.build_document_filename(submitter, attachment.blob, filename_format) + ) + end + end + + def build_combined_url(submitter, ttl: FILES_TTL) + return if submitter.submission.submitters.exists?(completed_at: nil) + return if submitter.submission.submitters.order(:completed_at).last != submitter + + attachment = submitter.submission.combined_document_attachment + attachment ||= Submissions::EnsureCombinedGenerated.call(submitter) + + filename_format = AccountConfig.find_or_initialize_by(account_id: submitter.account_id, + key: AccountConfig::DOCUMENT_FILENAME_FORMAT_KEY)&.value + + ActiveStorage::Blob.proxy_path( + attachment.blob, + expires_at: ttl.from_now.to_i, + filename: Submitters.build_document_filename(submitter, attachment.blob, filename_format) + ) + end + def populate_completed_is_first Account.find_each do |account| submissions_index = {} From bb2fb7a0c200c62f4a7736f6b0c8c202a1e471f4 Mon Sep 17 00:00:00 2001 From: Pete Matsyburka Date: Fri, 10 Apr 2026 12:08:22 +0300 Subject: [PATCH 09/14] refactor download --- .../submissions_debug_controller.rb | 2 +- .../submissions_download_controller.rb | 45 +++--------- .../submissions_preview_controller.rb | 2 +- ...submissions_preview_download_controller.rb | 64 +++++++++++++++++ ...bmit_form_completed_download_controller.rb | 70 +++++++++++++++++++ .../submit_form_download_controller.rb | 2 +- .../submitters_download_controller.rb | 59 +--------------- .../submitters_send_email_controller.rb | 2 +- app/views/submissions/show.html.erb | 10 +-- app/views/submit_form/completed.html.erb | 2 +- app/views/templates/_submission.html.erb | 6 +- config/routes.rb | 11 +-- lib/submitters.rb | 6 +- 13 files changed, 168 insertions(+), 113 deletions(-) create mode 100644 app/controllers/submissions_preview_download_controller.rb create mode 100644 app/controllers/submit_form_completed_download_controller.rb diff --git a/app/controllers/submissions_debug_controller.rb b/app/controllers/submissions_debug_controller.rb index 4a6e8b9d..b9a137d0 100644 --- a/app/controllers/submissions_debug_controller.rb +++ b/app/controllers/submissions_debug_controller.rb @@ -9,7 +9,7 @@ class SubmissionsDebugController < ApplicationController def index @submitter = Submitter.preload({ attachments_attachments: :blob }, submission: { template: { documents_attachments: :blob } }) - .find_by(slug: params[:submitter_slug]) + .find_by(slug: params[:submit_form_slug]) respond_to do |f| f.html do diff --git a/app/controllers/submissions_download_controller.rb b/app/controllers/submissions_download_controller.rb index 98e369be..74287451 100644 --- a/app/controllers/submissions_download_controller.rb +++ b/app/controllers/submissions_download_controller.rb @@ -1,52 +1,25 @@ # frozen_string_literal: true class SubmissionsDownloadController < ApplicationController - skip_before_action :authenticate_user! - skip_authorization_check - - TTL = 40.minutes + load_and_authorize_resource :submission def index - @submission = Submission.find_by!(slug: params[:submission_slug] || params[:submissions_preview_slug]) - last_submitter = @submission.submitters.where.not(completed_at: nil).order(:completed_at).last - Submissions::EnsureResultGenerated.call(last_submitter) + return head :not_found unless last_submitter - unless current_user_submitter?(last_submitter) - unless Submitters::AuthorizedForForm.call(last_submitter, current_user, request) - Rollbar.info("2FA download error: #{last_submitter.id}") if defined?(Rollbar) - - return head :not_found - end + Submissions::EnsureResultGenerated.call(last_submitter) - if last_submitter.completed_at < TTL.ago - Rollbar.info("TTL: #{last_submitter.id}") if defined?(Rollbar) + if params[:combined] == 'true' + url = Submitters.build_combined_url(last_submitter) - return head :not_found + if url + render json: [url] + else + head :not_found end - end - - if params[:combined] == 'true' - respond_with_combined(last_submitter) else render json: Submitters.build_document_urls(last_submitter) end end - - private - - def respond_with_combined(submitter) - url = Submitters.build_combined_url(submitter) - - if url - render json: [url] - else - head :not_found - end - end - - def current_user_submitter?(submitter) - current_user && current_ability.can?(:read, submitter) - end end diff --git a/app/controllers/submissions_preview_controller.rb b/app/controllers/submissions_preview_controller.rb index 10e45358..ed83c407 100644 --- a/app/controllers/submissions_preview_controller.rb +++ b/app/controllers/submissions_preview_controller.rb @@ -38,7 +38,7 @@ class SubmissionsPreviewController < ApplicationController @submission = Submissions.preload_with_pages(@submission) - render 'submissions/show', layout: 'plain' + render 'submissions/show', layout: 'plain', locals: { is_preview: true } end def completed diff --git a/app/controllers/submissions_preview_download_controller.rb b/app/controllers/submissions_preview_download_controller.rb new file mode 100644 index 00000000..da50785a --- /dev/null +++ b/app/controllers/submissions_preview_download_controller.rb @@ -0,0 +1,64 @@ +# frozen_string_literal: true + +class SubmissionsPreviewDownloadController < ApplicationController + skip_before_action :authenticate_user! + skip_authorization_check + + TTL = 40.minutes + + def index + @submission = Submission.find_by!(slug: params[:submission_slug] || params[:submissions_preview_slug]) + + last_submitter = @submission.submitters.where.not(completed_at: nil).order(:completed_at).last + + return head :not_found unless last_submitter + + Submissions::EnsureResultGenerated.call(last_submitter) + + unless current_user_submission?(@submission) + if use_2fa?(@submission) + Rollbar.info("2FA download error: #{last_submitter.id}") if defined?(Rollbar) + + return head :not_found + end + + if last_submitter.completed_at < TTL.ago + Rollbar.info("TTL: #{last_submitter.id}") if defined?(Rollbar) + + return head :not_found + end + end + + if params[:combined] == 'true' + respond_with_combined(last_submitter) + else + render json: Submitters.build_document_urls(last_submitter) + end + end + + private + + def respond_with_combined(submitter) + url = Submitters.build_combined_url(submitter) + + if url + render json: [url] + else + head :not_found + end + end + + def current_user_submission?(submission) + current_user && current_ability.can?(:read, submission) + end + + def use_2fa?(submission) + return true if submission.submitters.any? do |e| + e.preferences['require_phone_2fa'] || e.preferences['require_email_2fa'] + end + return true if submission.template&.preferences&.dig('require_phone_2fa') + return true if submission.template&.preferences&.dig('require_email_2fa') + + false + end +end diff --git a/app/controllers/submit_form_completed_download_controller.rb b/app/controllers/submit_form_completed_download_controller.rb new file mode 100644 index 00000000..19dfafb1 --- /dev/null +++ b/app/controllers/submit_form_completed_download_controller.rb @@ -0,0 +1,70 @@ +# frozen_string_literal: true + +class SubmitFormCompletedDownloadController < ApplicationController + skip_before_action :authenticate_user! + skip_authorization_check + + TTL = 40.minutes + FILES_TTL = 5.minutes + + def index + @submitter = Submitter.find_signed(params[:sig], purpose: :download_completed) if params[:sig].present? + + signature_valid = + if @submitter&.slug == submitter_slug + true + else + @submitter = nil + end + + @submitter ||= Submitter.find_by!(slug: submitter_slug) + + Submissions::EnsureResultGenerated.call(@submitter) + + last_submitter = @submitter.submission.submitters.where.not(completed_at: nil).order(:completed_at).last + + return head :not_found unless last_submitter + + Submissions::EnsureResultGenerated.call(last_submitter) + + if !signature_valid && !current_user_submitter?(last_submitter) + unless Submitters::AuthorizedForForm.call(@submitter, current_user, request) + Rollbar.info("2FA download error: #{last_submitter.id}") if defined?(Rollbar) + + return head :not_found + end + + if last_submitter.completed_at < TTL.ago + Rollbar.info("TTL: #{last_submitter.id}") if defined?(Rollbar) + + return head :not_found + end + end + + if params[:combined] == 'true' + respond_with_combined(last_submitter) + else + render json: Submitters.build_document_urls(last_submitter) + end + end + + private + + def submitter_slug + params[:submit_form_slug] || params[:submitter_slug] || params[:submitter_id] + end + + def respond_with_combined(submitter) + url = Submitters.build_combined_url(submitter) + + if url + render json: [url] + else + head :not_found + end + end + + def current_user_submitter?(submitter) + current_user && current_ability.can?(:read, submitter) + end +end diff --git a/app/controllers/submit_form_download_controller.rb b/app/controllers/submit_form_download_controller.rb index af9cbeb4..e1c22eba 100644 --- a/app/controllers/submit_form_download_controller.rb +++ b/app/controllers/submit_form_download_controller.rb @@ -9,7 +9,7 @@ class SubmitFormDownloadController < ApplicationController def index @submitter = Submitter.find_by!(slug: params[:submit_form_slug]) - return redirect_to submitter_download_index_path(@submitter.slug) if @submitter.completed_at? + return redirect_to submit_form_documents_path(@submitter.slug) if @submitter.completed_at? return head :unprocessable_content if @submitter.declined_at? || @submitter.submission.archived_at? || diff --git a/app/controllers/submitters_download_controller.rb b/app/controllers/submitters_download_controller.rb index 28a354bc..c4588ca2 100644 --- a/app/controllers/submitters_download_controller.rb +++ b/app/controllers/submitters_download_controller.rb @@ -1,66 +1,11 @@ # frozen_string_literal: true class SubmittersDownloadController < ApplicationController - skip_before_action :authenticate_user! - skip_authorization_check - - TTL = 40.minutes - FILES_TTL = 5.minutes + load_and_authorize_resource :submitter def index - @submitter = Submitter.find_signed(params[:sig], purpose: :download_completed) if params[:sig].present? - - signature_valid = - if @submitter&.slug == params[:submitter_slug] - true - else - @submitter = nil - end - - @submitter ||= Submitter.find_by!(slug: params[:submitter_slug]) - Submissions::EnsureResultGenerated.call(@submitter) - last_submitter = @submitter.submission.submitters.where.not(completed_at: nil).order(:completed_at).last - - return head :not_found unless last_submitter - - Submissions::EnsureResultGenerated.call(last_submitter) - - if !signature_valid && !current_user_submitter?(last_submitter) - unless Submitters::AuthorizedForForm.call(@submitter, current_user, request) - Rollbar.info("2FA download error: #{last_submitter.id}") if defined?(Rollbar) - - return head :not_found - end - - if last_submitter.completed_at < TTL.ago - Rollbar.info("TTL: #{last_submitter.id}") if defined?(Rollbar) - - return head :not_found - end - end - - if params[:combined] == 'true' - respond_with_combined(last_submitter) - else - render json: Submitters.build_document_urls(last_submitter) - end - end - - private - - def respond_with_combined(submitter) - url = Submitters.build_combined_url(submitter) - - if url - render json: [url] - else - head :not_found - end - end - - def current_user_submitter?(submitter) - current_user && current_ability.can?(:read, submitter) + render json: Submitters.build_document_urls(@submitter) end end diff --git a/app/controllers/submitters_send_email_controller.rb b/app/controllers/submitters_send_email_controller.rb index f3eb3187..51c7c1b7 100644 --- a/app/controllers/submitters_send_email_controller.rb +++ b/app/controllers/submitters_send_email_controller.rb @@ -1,7 +1,7 @@ # frozen_string_literal: true class SubmittersSendEmailController < ApplicationController - load_and_authorize_resource :submitter, id_param: :submitter_slug, find_by: :slug + load_and_authorize_resource :submitter def create if Docuseal.multitenant? && SubmissionEvent.exists?(submitter: @submitter, diff --git a/app/views/submissions/show.html.erb b/app/views/submissions/show.html.erb index bf8e6eba..de82482b 100644 --- a/app/views/submissions/show.html.erb +++ b/app/views/submissions/show.html.erb @@ -1,4 +1,4 @@ -<% if params[:controller] == 'submissions_preview' %> +<% if local_assigns[:is_preview] %> <%= render 'submissions/preview_tags' %> <% end %> <% font_scale = 1040.0 / PdfUtils::US_LETTER_W %> @@ -30,10 +30,10 @@ <% end %> <% end %> - <% if is_all_completed || @submission.submitters.to_a.any?(&:completed_at?) %> + <% if @submission.submitters.to_a.any?(&:completed_at?) %> <% if is_all_completed || !is_combined_enabled %>
    - + <%= svg_icon('download', class: 'w-6 h-6') %> @@ -52,7 +52,7 @@
    • - + <%= svg_icon('download', class: 'w-6 h-6 flex-shrink-0') %> <%= t('download_combined_pdf') %> @@ -227,7 +227,7 @@ <% end %> <% if signed_in? && submitter && submitter.email && !submitter.completed_at && !@submission.archived_at? && !@submission.template&.archived_at? && can?(:update, @submission) && Accounts.can_send_emails?(current_account) && !@submission.expired? && !submitter.declined_at? %>
      - <%= button_to button_title(title: submitter.sent_at? ? t('re_send_email') : t('send_email'), disabled_with: t('sending')), submitter_send_email_index_path(submitter_slug: submitter.slug), class: 'btn btn-sm btn-primary w-full' %> + <%= button_to button_title(title: submitter.sent_at? ? t('re_send_email') : t('send_email'), disabled_with: t('sending')), submitter_send_email_index_path(submitter), class: 'btn btn-sm btn-primary w-full' %>
      <% end %> <% if signed_in? && submitter && submitter.phone && !submitter.completed_at && !@submission.archived_at? && !@submission.template&.archived_at? && can?(:update, @submission) && !@submission.expired? && !submitter.declined_at? %> diff --git a/app/views/submit_form/completed.html.erb b/app/views/submit_form/completed.html.erb index 004c9027..7b0b7d5b 100644 --- a/app/views/submit_form/completed.html.erb +++ b/app/views/submit_form/completed.html.erb @@ -30,7 +30,7 @@ <% end %> <% end %> <% if @submitter.completed_at > 30.minutes.ago || (current_user && current_user.account.submitters.exists?(id: @submitter.id)) %> - + <%= svg_icon('download', class: 'w-6 h-6') %> <%= t('download_documents') %> diff --git a/app/views/templates/_submission.html.erb b/app/views/templates/_submission.html.erb index bcfcd66c..35e45851 100644 --- a/app/views/templates/_submission.html.erb +++ b/app/views/templates/_submission.html.erb @@ -66,7 +66,7 @@ <% if submitter.completed_at? %>
      - + <%= svg_icon('download', class: 'w-5 h-5 stroke-2') %> <%= t('download') %> @@ -154,7 +154,7 @@ <% if submitter.completed_at? && !is_submission_completed %> - + <%= svg_icon('download', class: 'w-4 h-4 stroke-2') %> <%= t('download') %> @@ -190,7 +190,7 @@ <% latest_submitter = submitters.select(&:completed_at?).max_by(&:completed_at) %>
      - + <%= svg_icon('download', class: 'w-5 h-5 stroke-2') %> <%= t('download') %> diff --git a/config/routes.rb b/config/routes.rb index 53ebe582..f9d3ae38 100644 --- a/config/routes.rb +++ b/config/routes.rb @@ -71,6 +71,7 @@ Rails.application.routes.draw do resources :submissions, only: %i[show destroy] do resources :unarchive, only: %i[create], controller: 'submissions_unarchive' resources :events, only: %i[index], controller: 'submission_events' + resources :download, only: %i[index], controller: 'submissions_download' end resources :submitters, only: %i[edit update] resources :console_redirect, only: %i[index] @@ -144,9 +145,11 @@ Rails.application.routes.draw do resources :submit_form, only: %i[show update], path: 's', param: 'slug' do resources :values, only: %i[index], controller: 'submit_form_values' resources :download, only: %i[index], controller: 'submit_form_download' + resources :documents, only: %i[index], controller: 'submit_form_completed_download' resources :decline, only: %i[create], controller: 'submit_form_decline' resources :delegate, only: %i[create], controller: 'submit_form_delegate' resources :invite, only: %i[create], controller: 'submit_form_invite' + resources :debug, only: %i[index], controller: 'submissions_debug' if Rails.env.development? get :completed get :delegated end @@ -155,15 +158,15 @@ Rails.application.routes.draw do resources :submissions_preview, only: %i[show], path: 'e', param: 'slug' do get :completed - resources :download, only: %i[index], controller: 'submissions_download' + resources :download, only: %i[index], controller: 'submissions_preview_download' end resources :send_submission_email, only: %i[create] - resources :submitters, only: %i[], param: 'slug' do - resources :download, only: %i[index], controller: 'submitters_download' + resources :submitters, only: %i[] do + resources :download, only: %i[index], controller: 'submitters_download', constraints: { submitter_id: /\d+/ } + resources :download, only: %i[index], controller: 'submit_form_completed_download' resources :send_email, only: %i[create], controller: 'submitters_send_email' - resources :debug, only: %i[index], controller: 'submissions_debug' if Rails.env.development? end scope '/settings', as: :settings do diff --git a/lib/submitters.rb b/lib/submitters.rb index 1dfb9c1c..ec8330b1 100644 --- a/lib/submitters.rb +++ b/lib/submitters.rb @@ -260,11 +260,11 @@ module Submitters filename_format = AccountConfig.find_or_initialize_by(account_id: submitter.account_id, key: AccountConfig::DOCUMENT_FILENAME_FORMAT_KEY)&.value - Submitters.select_attachments_for_download(submitter).map do |attachment| + select_attachments_for_download(submitter).map do |attachment| ActiveStorage::Blob.proxy_path( attachment.blob, expires_at: ttl.from_now.to_i, - filename: Submitters.build_document_filename(submitter, attachment.blob, filename_format) + filename: build_document_filename(submitter, attachment.blob, filename_format) ) end end @@ -282,7 +282,7 @@ module Submitters ActiveStorage::Blob.proxy_path( attachment.blob, expires_at: ttl.from_now.to_i, - filename: Submitters.build_document_filename(submitter, attachment.blob, filename_format) + filename: build_document_filename(submitter, attachment.blob, filename_format) ) end From 8b59c0aaa046710c4bf9f9f5236f63806beea878 Mon Sep 17 00:00:00 2001 From: Pete Matsyburka Date: Fri, 10 Apr 2026 15:20:35 +0300 Subject: [PATCH 10/14] adjust normalize values --- app/controllers/api/submissions_controller.rb | 2 +- app/controllers/api/submitters_controller.rb | 3 ++- lib/submissions/normalize_param_utils.rb | 10 ++++++---- .../maybe_assign_default_browser_signature.rb | 2 +- lib/submitters/normalize_values.rb | 18 ++++++++++++------ 5 files changed, 22 insertions(+), 13 deletions(-) diff --git a/app/controllers/api/submissions_controller.rb b/app/controllers/api/submissions_controller.rb index 77b4e615..b8ffa5ff 100644 --- a/app/controllers/api/submissions_controller.rb +++ b/app/controllers/api/submissions_controller.rb @@ -156,7 +156,7 @@ module Api params:) else submissions_attrs, attachments = - Submissions::NormalizeParamUtils.normalize_submissions_params!(submissions_params, template) + Submissions::NormalizeParamUtils.normalize_submissions_params!(submissions_params, template, purpose: :api) submissions = Submissions.create_from_submitters( template:, diff --git a/app/controllers/api/submitters_controller.rb b/app/controllers/api/submitters_controller.rb index 8f6d77fc..71dad23a 100644 --- a/app/controllers/api/submitters_controller.rb +++ b/app/controllers/api/submitters_controller.rb @@ -50,7 +50,8 @@ module Api normalized_params, new_attachments = Submissions::NormalizeParamUtils.normalize_submitter_params!( submitter_params.merge(role:), @submitter.template || Template.new(submitters: submission.template_submitters, account: @submitter.account), - for_submitter: @submitter + for_submitter: @submitter, + purpose: :api ) Submissions::CreateFromSubmitters.maybe_set_template_fields(submission, [normalized_params], diff --git a/lib/submissions/normalize_param_utils.rb b/lib/submissions/normalize_param_utils.rb index 0e459063..c861864a 100644 --- a/lib/submissions/normalize_param_utils.rb +++ b/lib/submissions/normalize_param_utils.rb @@ -4,14 +4,14 @@ module Submissions module NormalizeParamUtils module_function - def normalize_submissions_params!(submissions_params, template, add_fields: false) + def normalize_submissions_params!(submissions_params, template, add_fields: false, purpose: nil) attachments = [] fields = [] Array.wrap(submissions_params).each do |submission| submission[:submitters].each_with_index do |submitter, index| _, new_attachments, new_fields = - normalize_submitter_params!(submitter, template, submitter[:index] || index, add_fields:) + normalize_submitter_params!(submitter, template, submitter[:index] || index, add_fields:, purpose:) attachments.push(*new_attachments) fields.push(*new_fields) @@ -21,7 +21,8 @@ module Submissions [submissions_params, attachments, fields] end - def normalize_submitter_params!(submitter_params, template, index = nil, for_submitter: nil, add_fields: false) + def normalize_submitter_params!(submitter_params, template, index = nil, for_submitter: nil, add_fields: false, + purpose: nil) with_values = submitter_params[:values].present? default_values = with_values ? submitter_params[:values] : {} @@ -44,7 +45,8 @@ module Submissions role_names: submitter_params[:roles], for_submitter:, add_fields:, - throw_errors: !with_values + throw_errors: !with_values, + purpose: ) submitter_params[:values] = values diff --git a/lib/submitters/maybe_assign_default_browser_signature.rb b/lib/submitters/maybe_assign_default_browser_signature.rb index 88431f91..50ad4a57 100644 --- a/lib/submitters/maybe_assign_default_browser_signature.rb +++ b/lib/submitters/maybe_assign_default_browser_signature.rb @@ -23,7 +23,7 @@ module Submitters { 'type' => 'signature' }, submitter.account, attachments, - submitter) + for_submitter: submitter) attachment.record ||= submitter diff --git a/lib/submitters/normalize_values.rb b/lib/submitters/normalize_values.rb index 1eee3dfd..c70cef7d 100644 --- a/lib/submitters/normalize_values.rb +++ b/lib/submitters/normalize_values.rb @@ -19,7 +19,7 @@ module Submitters # rubocop:disable Metrics def call(template, values, submitter_name: nil, role_names: nil, for_submitter: nil, throw_errors: false, - add_fields: false) + add_fields: false, purpose: nil) fields = if role_names.present? fetch_roles_fields(template, roles: role_names) @@ -68,7 +68,7 @@ module Submitters value_fields.each do |field| if field['type'].in?(%w[initials signature image file stamp]) && value.present? new_value, new_attachments = - normalize_attachment_value(value, field, template.account, attachments, for_submitter) + normalize_attachment_value(value, field, template.account, attachments, for_submitter:, purpose:) attachments.push(*new_attachments) @@ -153,17 +153,17 @@ module Submitters .merge(fields.group_by { |e| e['name'].to_s.downcase }) end - def normalize_attachment_value(value, field, account, attachments, for_submitter = nil) + def normalize_attachment_value(value, field, account, attachments, for_submitter: nil, purpose: nil) if value.is_a?(Array) new_attachments = value.map do |v| - new_attachment = find_or_build_attachment(v, field, account, for_submitter) + new_attachment = find_or_build_attachment(v, field, account, for_submitter:, purpose:) attachments.find { |a| a.blob_id == new_attachment.blob_id } || new_attachment end [new_attachments.map(&:uuid), new_attachments] else - new_attachment = find_or_build_attachment(value, field, account, for_submitter) + new_attachment = find_or_build_attachment(value, field, account, for_submitter:, purpose:) existing_attachment = attachments.find { |a| a.blob_id == new_attachment.blob_id } @@ -173,11 +173,15 @@ module Submitters end end - def find_or_build_attachment(value, field, account, for_submitter = nil) + def find_or_build_attachment(value, field, account, for_submitter: nil, purpose: nil) type = field['type'] + raise InvalidDefaultValue, "Invalid #{type} value" if purpose == :bulk + blob = if value.match?(%r{\Ahttps?://}) + raise InvalidDefaultValue, "Invalid #{type} value" unless purpose == :api + find_or_create_blob_from_url(account, value) elsif type.in?(%w[signature initials]) && value.length < 60 find_or_create_blob_from_text(account, value, type) @@ -185,6 +189,8 @@ module Submitters Marcel::MimeType.for(data).exclude?('octet-stream') find_or_create_blob_from_base64(account, data, type) elsif type == 'image' && (value.starts_with?('') || value.starts_with?(' Date: Sat, 11 Apr 2026 08:12:30 +0300 Subject: [PATCH 11/14] remove mathjs --- app/javascript/submission_form/calculator.js | 874 ++++++++++++++++++ .../submission_form/formula_areas.vue | 29 +- .../submission_form/payment_step.vue | 29 +- package.json | 1 - yarn.lock | 67 -- 5 files changed, 878 insertions(+), 122 deletions(-) create mode 100644 app/javascript/submission_form/calculator.js diff --git a/app/javascript/submission_form/calculator.js b/app/javascript/submission_form/calculator.js new file mode 100644 index 00000000..55cc185f --- /dev/null +++ b/app/javascript/submission_form/calculator.js @@ -0,0 +1,874 @@ +/* + * Portions of this file are derived from the Dentaku gem + * https://github.com/rubysolo/dentaku + * + * MIT License + * + * Copyright (c) 2012 Solomon White + * + * Permission is hereby granted, free of charge, to any person obtaining a copy + * of this software and associated documentation files (the "Software"), to deal + * in the Software without restriction, including without limitation the rights + * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell + * copies of the Software, and to permit persons to whom the Software is + * furnished to do so, subject to the following conditions: + * + * The above copyright notice and this permission notice shall be included in all + * copies or substantial portions of the Software. + * + * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR + * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, + * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE + * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER + * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, + * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE + * SOFTWARE. + * + * Modifications and JavaScript port + * Copyright (c) 2026 DocuSeal, LLC + */ + +class CalculatorError extends Error { constructor (msg) { super(msg); this.name = 'CalculatorError' } } +class ParseError extends CalculatorError { constructor (msg) { super(msg); this.name = 'ParseError' } } +class TokenizerError extends CalculatorError { constructor (msg) { super(msg); this.name = 'TokenizerError' } } +class ArgumentError extends CalculatorError { constructor (msg) { super(msg); this.name = 'ArgumentError' } } +class ZeroDivisionError extends CalculatorError { constructor () { super('divided by 0'); this.name = 'ZeroDivisionError' } } +class UnboundVariableError extends CalculatorError { + constructor (vars) { + super('no value provided for variables: ' + vars.join(', ')) + this.name = 'UnboundVariableError' + this.unbound = vars + } +} + +class Token { + constructor (category, value, raw) { + this.category = category + this.value = value + this.raw = raw == null ? String(value) : String(raw) + } + + is (cat) { return this.category === cat } +} + +const OPERATOR_NAMES = { + '^': 'pow', + '+': 'add', + '-': 'subtract', + '*': 'multiply', + '/': 'divide', + '%': 'mod', + '|': 'bitor', + '&': 'bitand', + '<<': 'bitshiftleft', + '>>': 'bitshiftright' +} +const COMPARATOR_NAMES = { + '<=': 'le', + '>=': 'ge', + '!=': 'ne', + '<>': 'ne', + '<': 'lt', + '>': 'gt', + '==': 'eq', + '=': 'eq' +} +const GROUPING_NAMES = { '(': 'open', ')': 'close', ',': 'comma' } + +function buildScanners (caseSensitive) { + return [ + (s) => { + const m = /^\s+/.exec(s) + return m ? { tokens: [], length: m[0].length } : null + }, + (s) => { + const m = /^null\b/i.exec(s) + return m ? { tokens: [new Token('null', null, m[0])], length: m[0].length } : null + }, + (s) => { + const m = /^((?:\d+(?:\.\d+)?|\.\d+)(?:[eE][+-]?\d+)?)\b/.exec(s) + if (!m) return null + return { tokens: [new Token('numeric', Number(m[0]), m[0])], length: m[0].length } + }, + (s) => { + const m = /^0x[0-9a-f]+\b/i.exec(s) + if (!m) return null + return { tokens: [new Token('numeric', parseInt(m[0].slice(2), 16), m[0])], length: m[0].length } + }, + (s) => { + const m = /^"([^"]*)"/.exec(s) + if (!m) return null + return { tokens: [new Token('string', m[1], m[0])], length: m[0].length } + }, + (s) => { + const m = /^'([^']*)'/.exec(s) + if (!m) return null + return { tokens: [new Token('string', m[1], m[0])], length: m[0].length } + }, + (s, last) => { + if (s[0] !== '-') return null + const ok = last == null || + last.is('operator') || + last.is('comparator') || + last.is('combinator') || + last.value === 'open' || + last.value === 'comma' || + last.value === 'array_start' + if (!ok) return null + return { tokens: [new Token('operator', 'negate', '-')], length: 1 } + }, + (s) => { + const m = /^(and|or|&&|\|\|)\s/i.exec(s) + if (!m) return null + const raw = m[1].toLowerCase() + const name = raw === '&&' ? 'and' : raw === '||' ? 'or' : raw + return { tokens: [new Token('combinator', name, m[0])], length: m[0].length } + }, + (s) => { + const m = /^(<<|>>|\^|\+|-|\*|\/|%|\||&)/.exec(s) + if (!m) return null + return { tokens: [new Token('operator', OPERATOR_NAMES[m[0]], m[0])], length: m[0].length } + }, + (s) => { + const m = /^(\(|\)|,)/.exec(s) + if (!m) return null + return { tokens: [new Token('grouping', GROUPING_NAMES[m[0]], m[0])], length: m[0].length } + }, + (s) => { + if (s[0] === '{') return { tokens: [new Token('array', 'array_start', '{')], length: 1 } + if (s[0] === '}') return { tokens: [new Token('array', 'array_end', '}')], length: 1 } + return null + }, + (s) => { + const m = /^(<=|>=|!=|<>|==|=|<|>)/.exec(s) + if (!m) return null + return { tokens: [new Token('comparator', COMPARATOR_NAMES[m[0]], m[0])], length: m[0].length } + }, + (s) => { + const m = /^(true|false)\b/i.exec(s) + if (!m) return null + return { tokens: [new Token('logical', m[0].toLowerCase() === 'true', m[0])], length: m[0].length } + }, + (s) => { + const m = /^(\w+!?)\s*\(/.exec(s) + if (!m) return null + const name = m[1].toLowerCase() + return { + tokens: [ + new Token('function', name, m[1]), + new Token('grouping', 'open', '(') + ], + length: m[0].length + } + }, + (s) => { + const m = /^[A-Za-z_][\w.]*\b/.exec(s) + if (!m) return null + const value = caseSensitive ? m[0] : m[0].toLowerCase() + return { tokens: [new Token('identifier', value, m[0])], length: m[0].length } + }, + (s) => { + const m = /^`([^`]*)`/.exec(s) + if (!m) return null + return { tokens: [new Token('identifier', m[1], m[0])], length: m[0].length } + } + ] +} + +function tokenize (input, options) { + options = options || {} + let remaining = String(input).replace(/\/\*[\s\S]*?\*\//g, '') + const scanners = buildScanners(options.caseSensitive === true) + const tokens = [] + let nesting = 0 + + while (remaining.length > 0) { + let matched = false + for (let i = 0; i < scanners.length; i++) { + const result = scanners[i](remaining, tokens.length ? tokens[tokens.length - 1] : null) + if (result) { + for (const tok of result.tokens) { + if (tok.category === 'grouping' && tok.value === 'open') nesting++ + if (tok.category === 'grouping' && tok.value === 'close') { + nesting-- + if (nesting < 0) throw new TokenizerError('too many closing parentheses') + } + tokens.push(tok) + } + remaining = remaining.slice(result.length) + matched = true + break + } + } + if (!matched) throw new TokenizerError("parse error at: '" + remaining + "'") + } + if (nesting > 0) throw new TokenizerError('too many opening parentheses') + return tokens +} + +function uniq (arr) { + const seen = new Set() + const out = [] + for (const x of arr) { if (!seen.has(x)) { seen.add(x); out.push(x) } } + return out +} + +function toNumber (val) { + if (typeof val === 'number') return val + if (typeof val === 'boolean') return val ? 1 : 0 + if (val == null) throw new ArgumentError("'" + val + "' is not coercible to numeric") + if (typeof val === 'string') { + if (val.length === 0) throw new ArgumentError("'' is not coercible to numeric") + const n = Number(val) + if (isNaN(n)) throw new ArgumentError("'" + val + "' is not coercible to numeric") + return n + } + throw new ArgumentError("'" + val + "' is not coercible to numeric") +} + +class Node { + static precedence = 0 + static arity = null + static rightAssociative = false + static resolveClass () { return this } + static minParamCount () { return this.arity } + static maxParamCount () { return this.arity } + value () { return null } + dependencies () { return [] } + get type () { return null } +} + +class NilNode extends Node { value () { return null } } + +class Numeric extends Node { + constructor (token) { super(); this.v = token.value } + value () { return this.v } + get type () { return 'numeric' } +} + +class Logical extends Node { + constructor (token) { super(); this.v = token.value } + value () { return this.v } + get type () { return 'logical' } +} + +class StringNode extends Node { + constructor (token) { super(); this.v = token.value } + value () { return this.v } + get type () { return 'string' } +} + +class Identifier extends Node { + constructor (token) { super(); this.ident = token.value } + value (ctx) { + if (ctx && (this.ident in ctx)) { + const v = ctx[this.ident] + if (v instanceof Node) return v.value(ctx) + if (typeof v === 'function') return v() + return v + } + throw new UnboundVariableError([this.ident]) + } + + dependencies (ctx) { + if (ctx && (this.ident in ctx)) { + const v = ctx[this.ident] + return v instanceof Node ? v.dependencies(ctx) : [] + } + return [this.ident] + } +} + +class Grouping extends Node { + constructor (node) { super(); this.node = node } + value (ctx) { return this.node.value(ctx) } + get type () { return this.node.type } + dependencies (ctx) { return this.node.dependencies(ctx) } +} + +class Operation extends Node { + constructor (left, right) { super(); this.left = left; this.right = right } + dependencies (ctx) { + const l = this.left ? this.left.dependencies(ctx) : [] + const r = this.right ? this.right.dependencies(ctx) : [] + return uniq(l.concat(r)) + } +} + +class Arithmetic extends Operation { get type () { return 'numeric' } } + +class Addition extends Arithmetic { + static precedence = 10 + value (ctx) { + const l = this.left.value(ctx) + const r = this.right.value(ctx) + if (typeof l === 'string' || typeof r === 'string') return String(l) + String(r) + return toNumber(l) + toNumber(r) + } +} + +class Subtraction extends Arithmetic { + static precedence = 10 + value (ctx) { return toNumber(this.left.value(ctx)) - toNumber(this.right.value(ctx)) } +} + +class Multiplication extends Arithmetic { + static precedence = 20 + value (ctx) { return toNumber(this.left.value(ctx)) * toNumber(this.right.value(ctx)) } +} + +class Division extends Arithmetic { + static precedence = 20 + value (ctx) { + const r = toNumber(this.right.value(ctx)) + if (r === 0) throw new ZeroDivisionError() + return toNumber(this.left.value(ctx)) / r + } +} + +class Modulo extends Arithmetic { + static arity = 2 + static precedence = 20 + static resolveClass (nextTok) { + if (!nextTok) return Percentage + if (nextTok.category === 'operator') return Percentage + if (nextTok.category === 'comparator') return Percentage + if (nextTok.category === 'combinator') return Percentage + if (nextTok.category === 'grouping' && (nextTok.value === 'close' || nextTok.value === 'comma')) return Percentage + if (nextTok.category === 'array' && nextTok.value === 'array_end') return Percentage + return Modulo + } + + value (ctx) { + const r = toNumber(this.right.value(ctx)) + if (r === 0) throw new ZeroDivisionError() + return toNumber(this.left.value(ctx)) % r + } +} + +class Percentage extends Arithmetic { + static arity = 1 + static precedence = 30 + constructor (child) { super(child, null) } + value (ctx) { return toNumber(this.left.value(ctx)) * 0.01 } + dependencies (ctx) { return this.left.dependencies(ctx) } +} + +class Exponentiation extends Arithmetic { + static precedence = 30 + static rightAssociative = true + value (ctx) { return Math.pow(toNumber(this.left.value(ctx)), toNumber(this.right.value(ctx))) } +} + +class Negation extends Arithmetic { + static arity = 1 + static precedence = 40 + static rightAssociative = true + constructor (node) { super(node, null) } + value (ctx) { return -toNumber(this.left.value(ctx)) } + dependencies (ctx) { return this.left.dependencies(ctx) } +} + +class BitwiseOr extends Operation { + static precedence = 10 + value (ctx) { return toNumber(this.left.value(ctx)) | toNumber(this.right.value(ctx)) } + get type () { return 'numeric' } +} +class BitwiseAnd extends Operation { + static precedence = 10 + value (ctx) { return toNumber(this.left.value(ctx)) & toNumber(this.right.value(ctx)) } + get type () { return 'numeric' } +} +class BitwiseShiftLeft extends Operation { + static precedence = 10 + value (ctx) { return toNumber(this.left.value(ctx)) << toNumber(this.right.value(ctx)) } + get type () { return 'numeric' } +} +class BitwiseShiftRight extends Operation { + static precedence = 10 + value (ctx) { return toNumber(this.left.value(ctx)) >> toNumber(this.right.value(ctx)) } + get type () { return 'numeric' } +} + +function cmpCast (v) { + if (typeof v === 'string' && /^-?\d*\.?\d+$/.test(v)) return Number(v) + return v +} +class Comparator extends Operation { + static precedence = 5 + get type () { return 'logical' } +} +class LessThan extends Comparator { value (ctx) { return cmpCast(this.left.value(ctx)) < cmpCast(this.right.value(ctx)) } } +class LessThanOrEqual extends Comparator { value (ctx) { return cmpCast(this.left.value(ctx)) <= cmpCast(this.right.value(ctx)) } } +class GreaterThan extends Comparator { value (ctx) { return cmpCast(this.left.value(ctx)) > cmpCast(this.right.value(ctx)) } } +class GreaterThanOrEqual extends Comparator { value (ctx) { return cmpCast(this.left.value(ctx)) >= cmpCast(this.right.value(ctx)) } } +class NotEqual extends Comparator { + value (ctx) { + const l = cmpCast(this.left.value(ctx)) + const r = cmpCast(this.right.value(ctx)) + return l !== r + } +} +class Equal extends Comparator { + value (ctx) { + const l = cmpCast(this.left.value(ctx)) + const r = cmpCast(this.right.value(ctx)) + return l === r + } +} + +class Combinator extends Operation { + static precedence = 0 + get type () { return 'logical' } +} +class And extends Combinator { value (ctx) { return Boolean(this.left.value(ctx)) && Boolean(this.right.value(ctx)) } } +class Or extends Combinator { value (ctx) { return Boolean(this.left.value(ctx)) || Boolean(this.right.value(ctx)) } } + +class ArrayNode extends Node { + static arity = null + static minParamCount () { return 0 } + static maxParamCount () { return Infinity } + constructor (...items) { + super() + this.items = items + } + + value (ctx) { return this.items.map((i) => i.value(ctx)) } + dependencies (ctx) { + return uniq([].concat.apply([], this.items.map((i) => i.dependencies(ctx)))) + } + + get type () { return 'array' } +} + +class FunctionNode extends Node { + static arity = null + static minParamCount () { return 0 } + static maxParamCount () { return Infinity } + constructor (...args) { + super() + this.args = args + } + + dependencies (ctx) { + return uniq([].concat.apply([], this.args.map((a) => a.dependencies(ctx)))) + } +} + +const FUNCTION_REGISTRY = Object.create(null) +function registerFunctionClass (name, cls) { FUNCTION_REGISTRY[name.toLowerCase()] = cls } +function getFunctionClass (name) { return FUNCTION_REGISTRY[name.toLowerCase()] } + +function defineFunction (name, spec) { + const min = spec.min == null ? 0 : spec.min + const max = spec.max == null ? Infinity : spec.max + const call = spec.call + const type = spec.type || 'numeric' + class F extends FunctionNode { + static arity = (min === max) ? min : null + static minParamCount () { return min } + static maxParamCount () { return max } + value (ctx) { + const vals = this.args.map((a) => a.value(ctx)) + return call(vals, ctx) + } + + get type () { return type } + } + registerFunctionClass(name, F) + return F +} + +function flattenNumeric (vals) { + const out = []; + (function walk (v) { + if (Array.isArray(v)) v.forEach(walk) + else out.push(toNumber(v)) + })(vals) + return out +} + +defineFunction('abs', { min: 1, max: 1, call: (v) => Math.abs(toNumber(v[0])) }) +defineFunction('min', { min: 1, call: (v) => Math.min.apply(null, flattenNumeric(v)) }) +defineFunction('max', { min: 1, call: (v) => Math.max.apply(null, flattenNumeric(v)) }) +defineFunction('sum', { min: 1, call: (v) => flattenNumeric(v).reduce((a, b) => a + b, 0) }) +defineFunction('avg', { + min: 1, + call: (v) => { + const nums = flattenNumeric(v) + if (nums.length === 0) return 0 + return nums.reduce((a, b) => a + b, 0) / nums.length + } +}) +defineFunction('count', { + min: 1, + max: 1, + call: (v) => Array.isArray(v[0]) ? v[0].length : (v[0] == null ? 0 : 1) +}) +defineFunction('round', { + min: 1, + max: 2, + call: (v) => { + const n = toNumber(v[0]) + const p = v.length > 1 ? toNumber(v[1]) : 0 + const f = Math.pow(10, p) + return Math.round(n * f) / f + } +}) +defineFunction('roundup', { + min: 1, + max: 2, + call: (v) => { + const n = toNumber(v[0]) + const p = v.length > 1 ? toNumber(v[1]) : 0 + const f = Math.pow(10, p) + return (n < 0 ? -Math.floor(-n * f) : Math.ceil(n * f)) / f + } +}) +defineFunction('rounddown', { + min: 1, + max: 2, + call: (v) => { + const n = toNumber(v[0]) + const p = v.length > 1 ? toNumber(v[1]) : 0 + const f = Math.pow(10, p) + return (n < 0 ? -Math.ceil(-n * f) : Math.floor(n * f)) / f + } +}) + +const MATH_FNS = { + sqrt: Math.sqrt, + cbrt: Math.cbrt, + sin: Math.sin, + cos: Math.cos, + tan: Math.tan, + asin: Math.asin, + acos: Math.acos, + atan: Math.atan, + sinh: Math.sinh, + cosh: Math.cosh, + tanh: Math.tanh, + exp: Math.exp, + log: Math.log, + log2: Math.log2, + log10: Math.log10, + floor: Math.floor, + ceil: Math.ceil +} +Object.keys(MATH_FNS).forEach((name) => { + const fn = MATH_FNS[name] + defineFunction(name, { min: 1, max: 1, call: (v) => fn(toNumber(v[0])) }) +}) +defineFunction('atan2', { min: 2, max: 2, call: (v) => Math.atan2(toNumber(v[0]), toNumber(v[1])) }) +defineFunction('hypot', { min: 1, call: (v) => Math.hypot.apply(null, flattenNumeric(v)) }) +defineFunction('pow', { min: 2, max: 2, call: (v) => Math.pow(toNumber(v[0]), toNumber(v[1])) }) +defineFunction('pi', { min: 0, max: 0, call: () => Math.PI }) +defineFunction('e', { min: 0, max: 0, call: () => Math.E }) + +defineFunction('not', { min: 1, max: 1, type: 'logical', call: (v) => !v[0] }) +defineFunction('and', { min: 1, type: 'logical', call: (v) => v.every((x) => Boolean(x)) }) +defineFunction('or', { min: 1, type: 'logical', call: (v) => v.some((x) => Boolean(x)) }) +defineFunction('xor', { + min: 2, + type: 'logical', + call: (v) => v.reduce((acc, x) => acc !== Boolean(x), false) +}) + +class IfFunction extends FunctionNode { + static arity = 3 + static minParamCount () { return 3 } + static maxParamCount () { return 3 } + value (ctx) { + return this.args[0].value(ctx) ? this.args[1].value(ctx) : this.args[2].value(ctx) + } + + get type () { return this.args[1].type } + dependencies (ctx) { + try { + return this.args[0].value(ctx) ? this.args[1].dependencies(ctx) : this.args[2].dependencies(ctx) + } catch (e) { + return uniq([].concat.apply([], this.args.map((a) => a.dependencies(ctx)))) + } + } +} +registerFunctionClass('if', IfFunction) + +defineFunction('length', { min: 1, max: 1, call: (v) => v[0] == null ? 0 : String(v[0]).length }) +defineFunction('upcase', { min: 1, max: 1, type: 'string', call: (v) => String(v[0]).toUpperCase() }) +defineFunction('downcase', { min: 1, max: 1, type: 'string', call: (v) => String(v[0]).toLowerCase() }) +defineFunction('concat', { min: 1, type: 'string', call: (v) => v.map((x) => String(x)).join('') }) +defineFunction('left', { + min: 2, + max: 2, + type: 'string', + call: (v) => String(v[0]).slice(0, toNumber(v[1])) +}) +defineFunction('right', { + min: 2, + max: 2, + type: 'string', + call: (v) => { + const n = toNumber(v[1]) + return n === 0 ? '' : String(v[0]).slice(-n) + } +}) +defineFunction('mid', { + min: 3, + max: 3, + type: 'string', + call: (v) => { + const s = String(v[0]) + const start = toNumber(v[1]) - 1 + const len = toNumber(v[2]) + return s.slice(start, start + len) + } +}) +defineFunction('trim', { min: 1, max: 1, type: 'string', call: (v) => String(v[0]).trim() }) +defineFunction('contains', { + min: 2, + max: 2, + type: 'logical', + call: (v) => { + if (Array.isArray(v[0])) return v[0].indexOf(v[1]) !== -1 + return String(v[0]).indexOf(String(v[1])) !== -1 + } +}) + +const OP_CLASSES = { + add: Addition, + subtract: Subtraction, + multiply: Multiplication, + divide: Division, + pow: Exponentiation, + negate: Negation, + mod: Modulo, + bitor: BitwiseOr, + bitand: BitwiseAnd, + bitshiftleft: BitwiseShiftLeft, + bitshiftright: BitwiseShiftRight, + lt: LessThan, + gt: GreaterThan, + le: LessThanOrEqual, + ge: GreaterThanOrEqual, + ne: NotEqual, + eq: Equal, + and: And, + or: Or +} + +function isOperationClass (cls) { + return cls && (cls.prototype instanceof Operation) +} + +function parse (tokens) { + if (!tokens || tokens.length === 0) return new NilNode() + + const output = [] + const operations = [] + const arities = [] + const skip = new Set() + + function consume (count) { + if (count == null) count = 2 + const op = operations.pop() + if (!op) throw new ParseError('invalid statement') + + const outputSize = output.length + const opMin = (typeof op.minParamCount === 'function') ? op.minParamCount() : null + const opMax = (typeof op.maxParamCount === 'function') ? op.maxParamCount() : null + + const actualArgs = (op.arity != null) ? op.arity : count + const minSize = (op.arity != null) ? op.arity : (opMin != null ? opMin : count) + const maxSize = (op.arity != null) ? op.arity : (opMax != null ? opMax : count) + + if (outputSize < minSize || actualArgs < minSize) { + throw new ParseError((op.name || 'operator') + ' has too few operands (given ' + outputSize + ', expected ' + minSize + ')') + } + if ((outputSize > maxSize && operations.length === 0) || actualArgs > maxSize) { + throw new ParseError((op.name || 'operator') + ' has too many operands (given ' + outputSize + ', expected ' + maxSize + ')') + } + + if (op === ArrayNode && output.length === 0) { + output.push(new ArrayNode()) + return + } + + if (outputSize < actualArgs) throw new ParseError('invalid statement') + const args = [] + for (let i = 0; i < actualArgs; i++) args.unshift(output.pop()) + + // eslint-disable-next-line new-cap + output.push(new op(...args)) + } + + function handleOperator (token, lookahead) { + let cls = OP_CLASSES[token.value] + if (!cls) throw new ParseError('Unknown operator ' + token.value) + if (typeof cls.resolveClass === 'function') cls = cls.resolveClass(lookahead) + const prec = cls.precedence + if (cls.rightAssociative) { + while (operations.length > 0) { + const top = operations[operations.length - 1] + if (isOperationClass(top) && prec < top.precedence) consume() + else break + } + } else { + while (operations.length > 0) { + const top = operations[operations.length - 1] + if (isOperationClass(top) && prec <= top.precedence) consume() + else break + } + } + operations.push(cls) + } + + function handleFunction (token) { + const fn = getFunctionClass(token.value) + if (!fn) throw new ParseError('Undefined function ' + token.value) + arities.push(0) + operations.push(fn) + } + + function handleArray (token) { + if (token.value === 'array_start') { + operations.push(ArrayNode) + arities.push(0) + } else { + while (operations.length > 0 && operations[operations.length - 1] !== ArrayNode) consume() + if (operations[operations.length - 1] !== ArrayNode) throw new ParseError('Unbalanced bracket') + consume(arities.pop() + 1) + } + } + + function handleGrouping (token, lookahead, index) { + if (token.value === 'open') { + if (lookahead && lookahead.value === 'close') { + skip.add(index + 1) + arities.pop() + consume(0) + } else { + operations.push(Grouping) + } + } else if (token.value === 'close') { + while (operations.length > 0 && operations[operations.length - 1] !== Grouping) consume() + const lparen = operations.pop() + if (lparen !== Grouping) throw new ParseError('Unbalanced parenthesis') + const top = operations[operations.length - 1] + if (top && (top.prototype instanceof FunctionNode)) consume(arities.pop() + 1) + } else if (token.value === 'comma') { + if (arities.length === 0) throw new ParseError('invalid statement') + arities[arities.length - 1] += 1 + while (operations.length > 0 && + operations[operations.length - 1] !== Grouping && + operations[operations.length - 1] !== ArrayNode) consume() + } else { + throw new ParseError('Unknown grouping token ' + token.value) + } + } + + for (let i = 0; i < tokens.length; i++) { + if (skip.has(i)) continue + const token = tokens[i] + const lookahead = tokens[i + 1] + + switch (token.category) { + case 'numeric': output.push(new Numeric(token)); break + case 'logical': output.push(new Logical(token)); break + case 'string': output.push(new StringNode(token)); break + case 'identifier': output.push(new Identifier(token)); break + case 'null': output.push(new NilNode()); break + case 'operator': + case 'comparator': + case 'combinator': + handleOperator(token, lookahead); break + case 'function': handleFunction(token); break + case 'array': handleArray(token); break + case 'grouping': handleGrouping(token, lookahead, i); break + default: + throw new ParseError('Not implemented for tokens of category ' + token.category) + } + } + + while (operations.length > 0) consume() + + if (output.length !== 1) throw new ParseError('Invalid statement') + return output[0] +} + +class Calculator { + constructor (options) { + options = options || {} + this.caseSensitive = options.caseSensitive === true + this.memory = Object.create(null) + this._astCache = Object.create(null) + } + + key (k) { return this.caseSensitive ? k : String(k).toLowerCase() } + + normalize (data) { + const out = Object.create(null) + if (!data) return out + for (const k of Object.keys(data)) out[this.key(k)] = data[k] + return out + } + + store (data) { Object.assign(this.memory, this.normalize(data)); return this } + bind (data) { return this.store(data) } + clear () { this.memory = Object.create(null); return this } + + ast (expression) { + const cached = this._astCache[expression] + if (cached) return cached + const node = parse(tokenize(expression, { caseSensitive: this.caseSensitive })) + this._astCache[expression] = node + return node + } + + tokenize (expression) { + return tokenize(expression, { caseSensitive: this.caseSensitive }) + } + + dependencies (expression) { + return this.ast(expression).dependencies(this.memory) + } + + evaluate (expression, data, onError) { + try { + return this.evaluateStrict(expression, data) + } catch (e) { + if (typeof data === 'function') return data(expression, e) + if (typeof onError === 'function') return onError(expression, e) + return undefined + } + } + + evaluateStrict (expression, data) { + const ctx = Object.assign(Object.create(null), this.memory, this.normalize(data)) + const node = this.ast(expression) + return node.value(ctx) + } + + addFunction (name, spec) { + defineFunction(name, { + min: spec.minArgs == null ? (spec.min == null ? 0 : spec.min) : spec.minArgs, + max: spec.maxArgs == null ? (spec.max == null ? Infinity : spec.max) : spec.maxArgs, + type: spec.type || 'numeric', + call: spec.call + }) + return this + } +} + +export { + Calculator, + tokenize, + parse, + CalculatorError, + ParseError, + TokenizerError, + UnboundVariableError, + ZeroDivisionError, + ArgumentError +} + +export function addFunction (name, spec) { defineFunction(name, spec) } diff --git a/app/javascript/submission_form/formula_areas.vue b/app/javascript/submission_form/formula_areas.vue index d5f80507..b0b1698c 100644 --- a/app/javascript/submission_form/formula_areas.vue +++ b/app/javascript/submission_form/formula_areas.vue @@ -68,34 +68,9 @@ export default { } }, async mounted () { - const { - create, - evaluateDependencies, - addDependencies, - subtractDependencies, - divideDependencies, - multiplyDependencies, - powDependencies, - roundDependencies, - absDependencies, - sinDependencies, - tanDependencies, - cosDependencies - } = await import('mathjs') + const { Calculator } = await import('./calculator') - this.math = create({ - evaluateDependencies, - addDependencies, - subtractDependencies, - divideDependencies, - multiplyDependencies, - powDependencies, - roundDependencies, - absDependencies, - sinDependencies, - tanDependencies, - cosDependencies - }) + this.math = new Calculator() this.isMathLoaded = true }, diff --git a/app/javascript/submission_form/payment_step.vue b/app/javascript/submission_form/payment_step.vue index adf4e19c..bcf32892 100644 --- a/app/javascript/submission_form/payment_step.vue +++ b/app/javascript/submission_form/payment_step.vue @@ -165,34 +165,9 @@ export default { } if (this.field.preferences?.formula) { - const { - create, - evaluateDependencies, - addDependencies, - subtractDependencies, - divideDependencies, - multiplyDependencies, - powDependencies, - roundDependencies, - absDependencies, - sinDependencies, - tanDependencies, - cosDependencies - } = await import('mathjs') + const { Calculator } = await import('./calculator') - this.math = create({ - evaluateDependencies, - addDependencies, - subtractDependencies, - divideDependencies, - multiplyDependencies, - powDependencies, - roundDependencies, - absDependencies, - sinDependencies, - tanDependencies, - cosDependencies - }) + this.math = new Calculator() this.isMathLoaded = true } diff --git a/package.json b/package.json index be3c55d9..24f3130e 100644 --- a/package.json +++ b/package.json @@ -42,7 +42,6 @@ "css-minimizer-webpack-plugin": "^5.0.0", "daisyui": "^3.9.4", "driver.js": "^1.3.5", - "mathjs": "^12.4.0", "mini-css-extract-plugin": "^2.10.0", "postcss": "^8.4.31", "postcss-import": "^15.1.0", diff --git a/yarn.lock b/yarn.lock index 1069bd9a..71b9ddda 100644 --- a/yarn.lock +++ b/yarn.lock @@ -966,13 +966,6 @@ dependencies: regenerator-runtime "^0.13.11" -"@babel/runtime@^7.23.9": - version "7.23.9" - resolved "https://registry.yarnpkg.com/@babel/runtime/-/runtime-7.23.9.tgz#47791a15e4603bb5f905bc0753801cf21d6345f7" - integrity sha512-0CX6F+BI2s9dkUqr08KFrAIZgNFj75rdBU/DjCyYLIaV/quFjkk6T+EJ2LkZHyZTbEV4L5p97mNkUsHl2wLFAw== - dependencies: - regenerator-runtime "^0.14.0" - "@babel/template@^7.18.10", "@babel/template@^7.20.7": version "7.20.7" resolved "https://registry.yarnpkg.com/@babel/template/-/template-7.20.7.tgz#a15090c2839a83b02aa996c0b4994005841fd5a8" @@ -2994,11 +2987,6 @@ commondir@^1.0.1: resolved "https://registry.yarnpkg.com/commondir/-/commondir-1.0.1.tgz#ddd800da0c66127393cca5950ea968a3aaf1253b" integrity sha512-W9pAhw0ja1Edb5GVdIF1mjZw/ASI0AlShXM83UUGe2DVr5TdAPEA1OA8m/g8zWp9x6On7gqufY+FatDbC3MDQg== -complex.js@^2.1.1: - version "2.1.1" - resolved "https://registry.yarnpkg.com/complex.js/-/complex.js-2.1.1.tgz#0675dac8e464ec431fb2ab7d30f41d889fb25c31" - integrity sha512-8njCHOTtFFLtegk6zQo0kkVX1rngygb/KQI6z1qZxlFI3scluC+LVTCFbrkWjBv4vvLlbQ9t88IPMC6k95VTTg== - compressible@~2.0.18: version "2.0.18" resolved "https://registry.yarnpkg.com/compressible/-/compressible-2.0.18.tgz#af53cca6b070d4c3c0750fbd77286a6d7cc46fba" @@ -3317,11 +3305,6 @@ decache@^3.0.5: dependencies: find "^0.2.4" -decimal.js@^10.4.3: - version "10.4.3" - resolved "https://registry.yarnpkg.com/decimal.js/-/decimal.js-10.4.3.tgz#1044092884d245d1b7f65725fa4ad4c6f781cc23" - integrity sha512-VBBaLc1MgL5XpzgIP7ny5Z6Nx3UrRkIViUkPUdtl9aya5amy3De1gsUUSB1g3+3sExYNjCAsAznmukyxCb1GRA== - deep-is@^0.1.3: version "0.1.4" resolved "https://registry.yarnpkg.com/deep-is/-/deep-is-0.1.4.tgz#a6f2dce612fadd2ef1f519b73551f17e85199831" @@ -3632,11 +3615,6 @@ escape-html@~1.0.3: resolved "https://registry.yarnpkg.com/escape-html/-/escape-html-1.0.3.tgz#0258eae4d3d0c0974de1c169188ef0051d1d1988" integrity sha512-NiSupZ4OeuGwr68lGIeym/ksIZMJodUGOSCZ/FSnTxcrekbvqrgdUxlJOMpijaKZVjAJrWrGs/6Jy8OMuyj9ow== -escape-latex@^1.2.0: - version "1.2.0" - resolved "https://registry.yarnpkg.com/escape-latex/-/escape-latex-1.2.0.tgz#07c03818cf7dac250cce517f4fda1b001ef2bca1" - integrity sha512-nV5aVWW1K0wEiUIEdZ4erkGGH8mDxGyxSeqPzRNtWP7ataw+/olFObw7hujFWlVjNsaDFw5VZ5NzVSIqRgfTiw== - escape-string-regexp@^1.0.5: version "1.0.5" resolved "https://registry.yarnpkg.com/escape-string-regexp/-/escape-string-regexp-1.0.5.tgz#1b61c0562190a8dff6ae3bb2cf0200ca130b86d4" @@ -4091,11 +4069,6 @@ forwarded@0.2.0: resolved "https://registry.yarnpkg.com/forwarded/-/forwarded-0.2.0.tgz#2269936428aad4c15c7ebe9779a84bf0b2a81811" integrity sha512-buRG0fpBtRHSTCOASe6hD258tEubFoRLb4ZNA6NxMVHNw2gOcwHo9wyablzMzOA5z9xA9L1KNjk/Nt6MT9aYow== -fraction.js@4.3.4: - version "4.3.4" - resolved "https://registry.yarnpkg.com/fraction.js/-/fraction.js-4.3.4.tgz#b2bac8249a610c3396106da97c5a71da75b94b1c" - integrity sha512-pwiTgt0Q7t+GHZA4yaLjObx4vXmmdcS0iSJ19o8d/goUGgItX9UZWKWNnLHehxviD8wU2IWRsnR8cD5+yOJP2Q== - fraction.js@^4.2.0: version "4.2.0" resolved "https://registry.yarnpkg.com/fraction.js/-/fraction.js-4.2.0.tgz#448e5109a313a3527f5a3ab2119ec4cf0e0e2950" @@ -4745,11 +4718,6 @@ jackspeak@^3.1.2: optionalDependencies: "@pkgjs/parseargs" "^0.11.0" -javascript-natural-sort@^0.7.1: - version "0.7.1" - resolved "https://registry.yarnpkg.com/javascript-natural-sort/-/javascript-natural-sort-0.7.1.tgz#f9e2303d4507f6d74355a73664d1440fb5a0ef59" - integrity sha512-nO6jcEfZWQXDhOiBtG2KvKyEptz7RVbpGP4vTD2hLBdmNQSsCiicO2Ioinv6UI4y9ukqnBpy+XZ9H6uLNgJTlw== - jest-util@^29.5.0: version "29.5.0" resolved "https://registry.yarnpkg.com/jest-util/-/jest-util-29.5.0.tgz#24a4d3d92fc39ce90425311b23c27a6e0ef16b8f" @@ -5022,21 +4990,6 @@ math-intrinsics@^1.1.0: resolved "https://registry.yarnpkg.com/math-intrinsics/-/math-intrinsics-1.1.0.tgz#a0dd74be81e2aa5c2f27e65ce283605ee4e2b7f9" integrity sha512-/IXtbwEk5HTPyEwyKX6hGkYXxM9nbj64B+ilVJnC/R6B0pH5G4V3b0pVbL7DBj4tkhBAppbQUlf6F6Xl9LHu1g== -mathjs@^12.4.0: - version "12.4.0" - resolved "https://registry.yarnpkg.com/mathjs/-/mathjs-12.4.0.tgz#875c2ec19e5be69885b29769f78bbb37220322b6" - integrity sha512-4Moy0RNjwMSajEkGGxNUyMMC/CZAcl87WBopvNsJWB4E4EFebpTedr+0/rhqmnOSTH3Wu/3WfiWiw6mqiaHxVw== - dependencies: - "@babel/runtime" "^7.23.9" - complex.js "^2.1.1" - decimal.js "^10.4.3" - escape-latex "^1.2.0" - fraction.js "4.3.4" - javascript-natural-sort "^0.7.1" - seedrandom "^3.0.5" - tiny-emitter "^2.1.0" - typed-function "^4.1.1" - mdn-data@2.0.28: version "2.0.28" resolved "https://registry.yarnpkg.com/mdn-data/-/mdn-data-2.0.28.tgz#5ec48e7bef120654539069e1ae4ddc81ca490eba" @@ -6192,11 +6145,6 @@ regenerator-runtime@^0.13.11: resolved "https://registry.yarnpkg.com/regenerator-runtime/-/regenerator-runtime-0.13.11.tgz#f6dca3e7ceec20590d07ada785636a90cdca17f9" integrity sha512-kY1AZVr2Ra+t+piVaJ4gxaFaReZVH40AKNo7UCX6W+dEwBo/2oZJzqfuN1qLq1oL45o56cPaTXELwrTh8Fpggg== -regenerator-runtime@^0.14.0: - version "0.14.1" - resolved "https://registry.yarnpkg.com/regenerator-runtime/-/regenerator-runtime-0.14.1.tgz#356ade10263f685dda125100cd862c1db895327f" - integrity sha512-dYnhHh0nJoMfnkZs6GmmhFknAGRrLznOu5nc9ML+EJxGvrx6H7teuevqVqCuPcPK//3eDrrjQhehXVx9cnkGdw== - regenerator-transform@^0.15.1: version "0.15.1" resolved "https://registry.yarnpkg.com/regenerator-transform/-/regenerator-transform-0.15.1.tgz#f6c4e99fc1b4591f780db2586328e4d9a9d8dc56" @@ -6406,11 +6354,6 @@ schema-utils@^4.2.0, schema-utils@^4.3.0, schema-utils@^4.3.3: ajv-formats "^2.1.1" ajv-keywords "^5.1.0" -seedrandom@^3.0.5: - version "3.0.5" - resolved "https://registry.yarnpkg.com/seedrandom/-/seedrandom-3.0.5.tgz#54edc85c95222525b0c7a6f6b3543d8e0b3aa0a7" - integrity sha512-8OwmbklUNzwezjGInmZ+2clQmExQPvomqjL7LFqOYqtmuxRgQYqOD3mHaU+MvZn5FLUeVxVfQjwLZW/n/JFuqg== - select-hose@^2.0.0: version "2.0.0" resolved "https://registry.yarnpkg.com/select-hose/-/select-hose-2.0.0.tgz#625d8658f865af43ec962bfc376a37359a4994ca" @@ -7003,11 +6946,6 @@ thunky@^1.0.2: resolved "https://registry.yarnpkg.com/thunky/-/thunky-1.1.0.tgz#5abaf714a9405db0504732bbccd2cedd9ef9537d" integrity sha512-eHY7nBftgThBqOyHGVN+l8gF0BucP09fMo0oO/Lb0w1OF80dJv+lDVpXG60WMQvkcxAkNybKsrEIE3ZtKGmPrA== -tiny-emitter@^2.1.0: - version "2.1.0" - resolved "https://registry.yarnpkg.com/tiny-emitter/-/tiny-emitter-2.1.0.tgz#1d1a56edfc51c43e863cbb5382a72330e3555423" - integrity sha512-NB6Dk1A9xgQPMoGqC5CVXn123gWyte215ONT5Pp5a0yt4nlEoO1ZWeCwpncaekPHXO60i47ihFnZPiRPjRMq4Q== - to-fast-properties@^2.0.0: version "2.0.0" resolved "https://registry.yarnpkg.com/to-fast-properties/-/to-fast-properties-2.0.0.tgz#dc5e698cbd079265bc73e0377681a4e4e83f616e" @@ -7111,11 +7049,6 @@ typed-assert@^1.0.8: resolved "https://registry.yarnpkg.com/typed-assert/-/typed-assert-1.0.9.tgz#8af9d4f93432c4970ec717e3006f33f135b06213" integrity sha512-KNNZtayBCtmnNmbo5mG47p1XsCyrx6iVqomjcZnec/1Y5GGARaxPs6r49RnSPeUP3YjNYiU9sQHAtY4BBvnZwg== -typed-function@^4.1.1: - version "4.1.1" - resolved "https://registry.yarnpkg.com/typed-function/-/typed-function-4.1.1.tgz#38ce3cae31f4f513bcb263563fdad27b2afa73e8" - integrity sha512-Pq1DVubcvibmm8bYcMowjVnnMwPVMeh0DIdA8ad8NZY2sJgapANJmiigSUwlt+EgXxpfIv8MWrQXTIzkfYZLYQ== - uc.micro@^2.0.0, uc.micro@^2.1.0: version "2.1.0" resolved "https://registry.yarnpkg.com/uc.micro/-/uc.micro-2.1.0.tgz#f8d3f7d0ec4c3dea35a7e3c8efa4cb8b45c9e7ee" From 11b0b16ca7ec215e755f3e7354326475c260e64f Mon Sep 17 00:00:00 2001 From: Pete Matsyburka Date: Sat, 11 Apr 2026 11:50:41 +0300 Subject: [PATCH 12/14] prefill signature client side --- app/javascript/form.js | 1 + app/javascript/submission_form/form.vue | 12 ++++ .../submission_form/signature_step.vue | 62 ++++++++++++++++++- .../submit_form/_submission_form.html.erb | 2 +- .../maybe_assign_default_browser_signature.rb | 18 +----- 5 files changed, 74 insertions(+), 21 deletions(-) diff --git a/app/javascript/form.js b/app/javascript/form.js index 00ec8743..f8561dc0 100644 --- a/app/javascript/form.js +++ b/app/javascript/form.js @@ -31,6 +31,7 @@ safeRegisterElement('submission-form', class extends HTMLElement { isDemo: this.dataset.isDemo === 'true', attribution: this.dataset.attribution !== 'false', scrollPadding: this.dataset.scrollPadding || '-80px', + signatureText: this.dataset.signatureText, language: this.dataset.language, dryRun: this.dataset.dryRun === 'true', expand: ['true', 'false'].includes(this.dataset.expand) ? this.dataset.expand === 'true' : null, diff --git a/app/javascript/submission_form/form.vue b/app/javascript/submission_form/form.vue index e2bdcf42..0f469459 100644 --- a/app/javascript/submission_form/form.vue +++ b/app/javascript/submission_form/form.vue @@ -402,6 +402,8 @@ :remember-signature="rememberSignature" :attachments-index="attachmentsIndex" :require-signing-reason="requireSigningReason" + :signature-text="signatureText" + :signature-src="signatureSrc" :button-text="submitButtonText" :dry-run="dryRun" :with-disclosure="withDisclosure" @@ -832,6 +834,16 @@ export default { required: false, default: '' }, + signatureText: { + type: String, + required: false, + default: '' + }, + signatureSrc: { + type: String, + required: false, + default: '' + }, previousSignatureValue: { type: String, required: false, diff --git a/app/javascript/submission_form/signature_step.vue b/app/javascript/submission_form/signature_step.vue index 2651f8d5..fb59ef3b 100644 --- a/app/javascript/submission_form/signature_step.vue +++ b/app/javascript/submission_form/signature_step.vue @@ -408,6 +408,16 @@ export default { required: false, default: '' }, + signatureText: { + type: String, + required: false, + default: '' + }, + signatureSrc: { + type: String, + required: false, + default: '' + }, modelValue: { type: String, required: false, @@ -422,7 +432,7 @@ export default { isOtherReason: false, isUsePreviousValue: true, isTouchAttachment: false, - isTextSignature: this.field.preferences?.format === 'typed' || this.field.preferences?.format === 'typed_or_upload', + isTextSignature: !this.signatureSrc && (!!this.signatureText || this.field.preferences?.format === 'typed' || this.field.preferences?.format === 'typed_or_upload'), uploadImageInputKey: Math.random().toString() } }, @@ -482,7 +492,9 @@ export default { if (entry.isIntersecting) { this.setCanvasSize() - if (this.isTextSignature) { + if (this.signatureSrc) { + this.$nextTick(() => this.drawSignatureSrc()) + } else if (this.isTextSignature) { this.$nextTick(() => { if (this.$refs.textInput) { this.initTypedSignature() @@ -686,7 +698,9 @@ export default { } }, async initTypedSignature () { - if (this.submitter.name) { + if (this.signatureText) { + this.$refs.textInput.value = this.signatureText + } else if (this.submitter.name) { this.$refs.textInput.value = this.submitter.name } @@ -696,6 +710,48 @@ export default { this.updateWrittenSignature({ target: this.$refs.textInput }) } }, + drawSignatureSrc () { + const canvas = this.$refs.canvas + + if (!canvas) return + + const img = new Image() + + img.crossOrigin = 'anonymous' + + img.onload = () => { + const context = canvas.getContext('2d') + + const aspectRatio = img.width / img.height + const canvasWidth = canvas.width / scale + const canvasHeight = canvas.height / scale + + let targetWidth = canvasWidth + let targetHeight = canvasHeight + + if (canvasWidth / canvasHeight > aspectRatio) { + targetWidth = canvasHeight * aspectRatio + } else { + targetHeight = canvasWidth / aspectRatio + } + + const x = (canvasWidth - targetWidth) / 2 + const y = (canvasHeight - targetHeight) / 2 + + context.clearRect(0, 0, canvasWidth, canvasHeight) + context.drawImage(img, x, y, targetWidth, targetHeight) + + this.isSignatureStarted = true + + this.$emit('start') + } + + img.onerror = () => { + console.error(`Failed to load signature image from ${this.signatureSrc}. The remote server must send an Access-Control-Allow-Origin header to allow CORS access.`) + } + + img.src = this.signatureSrc + }, drawImage (event) { this.remove() this.clear() diff --git a/app/views/submit_form/_submission_form.html.erb b/app/views/submit_form/_submission_form.html.erb index 0c13d8c7..b56123ff 100644 --- a/app/views/submit_form/_submission_form.html.erb +++ b/app/views/submit_form/_submission_form.html.erb @@ -2,4 +2,4 @@ <% data_fields = Submissions.filtered_conditions_fields(submitter).to_json %> <% invite_submitters = (submitter.submission.template_submitters || submitter.submission.template.submitters).select { |s| s['invite_by_uuid'] == submitter.uuid && submitter.submission.submitters.none? { |e| e.uuid == s['uuid'] } }.to_json %> <% optional_invite_submitters = (submitter.submission.template_submitters || submitter.submission.template.submitters).select { |s| s['optional_invite_by_uuid'] == submitter.uuid && submitter.submission.submitters.none? { |e| e.uuid == s['uuid'] } }.to_json %> - + diff --git a/lib/submitters/maybe_assign_default_browser_signature.rb b/lib/submitters/maybe_assign_default_browser_signature.rb index 50ad4a57..6a77b1e8 100644 --- a/lib/submitters/maybe_assign_default_browser_signature.rb +++ b/lib/submitters/maybe_assign_default_browser_signature.rb @@ -9,29 +9,13 @@ module Submitters def call(submitter, params, cookies = nil, attachments = []) attachments = attachments.select { |e| e.record_id == submitter.id && e.record_type == 'Submitter' } - if (value = params[:signature_src].presence || params[:signature].presence) - find_or_create_signature_from_value(submitter, value, attachments) - elsif params[:signed_signature_uuids].present? + if params[:signed_signature_uuids].present? find_storage_signature(submitter, params[:signed_signature_uuids], attachments) elsif cookies find_session_signature(submitter, cookies, attachments) end end - def find_or_create_signature_from_value(submitter, value, attachments) - _, attachment = Submitters::NormalizeValues.normalize_attachment_value(value, - { 'type' => 'signature' }, - submitter.account, - attachments, - for_submitter: submitter) - - attachment.record ||= submitter - - attachment.save! - - attachment - end - def sign_signature_uuid(uuid) ApplicationRecord.signed_id_verifier.generate(uuid, purpose: SIGNED_UUID_PURPPOSE) end From 2f9fc95af3390f7463ae0038cf42584c4e93b4b0 Mon Sep 17 00:00:00 2001 From: Pete Matsyburka Date: Sat, 11 Apr 2026 11:53:39 +0300 Subject: [PATCH 13/14] remove unused module --- .../maybe_assign_default_email_signature.rb | 36 ------------------- 1 file changed, 36 deletions(-) delete mode 100644 lib/submitters/maybe_assign_default_email_signature.rb diff --git a/lib/submitters/maybe_assign_default_email_signature.rb b/lib/submitters/maybe_assign_default_email_signature.rb deleted file mode 100644 index 9fabb117..00000000 --- a/lib/submitters/maybe_assign_default_email_signature.rb +++ /dev/null @@ -1,36 +0,0 @@ -# frozen_string_literal: true - -module Submitters - module MaybeAssignDefaultEmailSignature - module_function - - def call(submitter, params, attachments) - return if params[:t].present? && params[:t] != SubmissionEvents.build_tracking_param(submitter, 'click_email') - return if params[:t].blank? && !submitter.submission_events.exists?(event_type: :click_email) - - signature_attachment = find_previous_signature(submitter) - - return if signature_attachment.blank? - - existing_attachment = attachments.find do |a| - a.blob_id == signature_attachment.blob_id && submitter.id == a.record_id - end - - return existing_attachment if existing_attachment - - submitter.attachments_attachments.create_or_find_by!(blob_id: signature_attachment.blob_id) - end - - def find_previous_signature(submitter) - return if submitter.email.blank? - - submitters_query = - Submitter.where(email: submitter.email) - .where.not(completed_at: nil) - .where(SubmissionEvent.where(Submitter.arel_table[:id].eq(SubmissionEvent.arel_table[:submitter_id])) - .where(event_type: :click_email).limit(1).arel.exists) - - ActiveStorage::Attachment.where(name: :signature, record: submitters_query).order(:id).last - end - end -end From 41fedfcc40a7d30841486408b25bbc90640b806c Mon Sep 17 00:00:00 2001 From: Pete Matsyburka Date: Sun, 12 Apr 2026 13:30:13 +0300 Subject: [PATCH 14/14] show verification error --- app/javascript/submission_form/verification_step.vue | 12 +++++++++++- 1 file changed, 11 insertions(+), 1 deletion(-) diff --git a/app/javascript/submission_form/verification_step.vue b/app/javascript/submission_form/verification_step.vue index 29b3b590..0e0bb767 100644 --- a/app/javascript/submission_form/verification_step.vue +++ b/app/javascript/submission_form/verification_step.vue @@ -20,8 +20,11 @@ {{ t('complete_all_required_fields_to_proceed_with_identity_verification') }}
      +
      + {{ errorMessage }} +
      { this.eidEasyData = await resp.json() + if (this.eidEasyData.error) { + this.errorMessage = this.eidEasyData.error + + return + } + if (this.eidEasyData.check_completed) { this.$emit('submit') }